0

Riverbed’s Take On SD-WAN

The software-defined WAN market is hopping. WAN optimization specialist Riverbed tackles the space from a different angle.

0

How to push security earlier into the dev process

A new crop of products is emerging that aim to implant security best practices and compliance checks as early and often as possible when new infrastructure is spun up in the cloud or when new applications are launched in a rapid development environment.The idea behind these products is that security should be incorporated into the entire life cycle of resources being used or applications being developed. Some vendors contend that too often security assessments are either not performed, or they’re done too late in the process of managing resources and apps. Tools from companies like Amazon Web Services, Microsoft and Chef are all aiming to ensure security best practices are automatically enforced as early on in the process as possible.To read this article in full or to leave a comment, please click here

0

1000 VM per Rack Is Perfectly Realistic

Last year I claimed that you don’t need more than two switches in your data center (I’ll run a presentation on the same topic in a few days), but focused exclusively on the networking side of the equation.

Iwan Rahabok recently published a great blog post describing the compute- and storage parts of it. His conclusion: 1000 VM per rack is perfectly realistic.

0

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination. The capability to confirm that an […]

0

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination.

The capability to confirm that an end user in a network will correctly receive the packet-too-big ICMPv6 message has been added to the test-ipv6 mirrors, including http://test-ipv6.arbor.net. This new capability allows a user to identify if the packet-too-big message is being discarded between the user’s computer and the web site.

In the “Tests Run” tab of the main test-ipv6 mirror page, the “Test IPv6 large packet” test documents the IPv6 fragmentation behavior. If further information is desired, one can click on the “Technical Info” link.

If the “Test IPv6 large packet” test is failing, the packet-too-big ICMPv6 message is likely being dropped. This indicates issues within the user’s computer, enterprise network or elsewhere along the path to the test-ipv6 mirror.  The problematic device may be a router or firewall device, although it may even be the “firewall” software configured on the user’s computer.

Any device in the Continue reading

0

Computer Networking Forum and Live Chat

Would you like to be a member of  Computer Networking Forum which has many senior level network designer hanging out. It would be nice , right ? I have received [CONTINUE READING]

The post Computer Networking Forum and Live Chat appeared first on Network Design and Architecture.

0

It’s a Switch! It’s a Router! It’s a Server! It’s a new product platform – NFX250

Today marks a very special day for me at Juniper. A brand new product line that I’ve managed from the very beginning has been announced. The NFX250 is a unique platform that actualizes the concepts of Network Functions Virtualization we’ve all heard so much about, but hardly see encompassed in an end-to-end solution. The NFX250 is a Distributed … Continue reading It’s a Switch! It’s a Router! It’s a Server! It’s a new product platform – NFX250 →

0

CCIE Recertification + Certification News 2015

The last time I re-certified, it took me three times to pass the CCIE R&S written exam. While that exam is a challenge that many people fail to pass the first time out, I felt like I was getting rusty on some fundamentals. Three times was not the end of the world, but the effort felt forced. I wanted a refresher.

0

ONUG Fall 2015 Live Blog – Ethan Banks

I'll be live blogging from ONUG for this fall 2015 session. I'm in Manhattan already, looking forward to the event that starts on Wednesday. Refresh this page periodically to see the latest updates as I glean technical data from the presentations in real-time.

The post ONUG Fall 2015 Live Blog – Ethan Banks appeared first on Packet Pushers.

0

Worth Reading: IETF Yokohama Day 3

Post on Packet Pushers here.

The post Worth Reading: IETF Yokohama Day 3 appeared first on 'net work.

0

Juniper Lets Other Vendors Ride its CPE

A Cisco router on a Juniper box? Blasphemy!

0

Many US enterprises still running XcodeGhost-infected Apple apps, FireEye says

Dozens of U.S. enterprises are still using Apple mobile apps seeded with malware for a clever hacking scheme revealed last month known as XcodeGhost.The computer security firm FireEye said Tuesday it has detected that 210 enterprises that are still using infected apps, showing that the XcodeGhost malware "is a persistent security risk," according to a blog post.Last month, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, which is an application development tool from Apple.To read this article in full or to leave a comment, please click here

0

IETF Yokohama: Day 3

Interesting observation about Japan of the day: when you press the elevator call button, the light over the elevator that will be coming next lights up. When the elevator comes, the light flashes as the doors open. Minor thing, I know, but I’m easily amused. Today I went to the SPRING, or source packet routing […]

The post IETF Yokohama: Day 3 appeared first on Packet Pushers.

0

Announcing Docker 1.9: Production-ready Swarm and Multi-host Networking

Today we’re releasing Docker 1.9 – and it’s a big one. Docker Swarm and multi-host networking are production-ready, Docker Engine has a new volume management system, and Docker Compose has much better support for multiple environments. These in combination establish the … Continued

0

Announcing Swarm 1.0: Production-ready clustering at any scale

Today is a big milestone for Swarm: we’re taking it out of beta and releasing version 1.0, ready for running your apps in production. Swarm is the easiest way to run Docker applications at scale on a cluster. It turns … Continued

0

Multi-Host Docker Networking is now ready for production

At DockerCon in June, we first introduced experimental support for Docker Networking. In Docker 1.9, we are excited to announce that Networking is ready to use in production and works with Swarm and Compose. Networking is a feature of Docker … Continued

0

Live Blogging ONUG Fall 2015 Conference

I'm in New York City this week to live blog the Open Networking User Group (ONUG) Fall 2015 conference and cover a Tech Field Day Extra.

The post Live Blogging ONUG Fall 2015 Conference appeared first on Packet Pushers.

0

Speaking Notes: The Data Center Network Evolution

I will be presenting at the Cisco Connect Canada tour in Edmonton and Calgary on November 3rd and 5th, respectively. My presentation is about that three letter acronym that everyone loves to hate: SDN :-)

I will talk about SDN in general terms and describe what it really means; what we’re really doing in the network when we say that it’s “software defined”. No unicorns or fairy tales here, just engineering.

Next I’ll talk about three areas where Cisco is introducing programmability into its data center solutions:

• Application Centric Infrastructure
• Virtual Topology System
• Open NX-OS

Below are the notes I made for myself while researching these topics and preparing for the presentation. At the bottom of this post is a Q&A section with some frequently asked questions.

Continue reading

0

Basic L3VPN (BGP/MPLS VPN or VPRN) configuration. Alcatel-Lucent & Juniper

This time I will cover in details basic Layer 3 VPN (L3VPN or VPRN) configuration, and I decided to kill two birds with one stone by inviting Juniper vMX (read here on how to add vMX to Unetlab) to our cozy Alcatel-Lucent environment. In this post we will configure BGP/MPLS VPN [RFC 4364] including: PE-PE relationship configuration with

0

How to use application-defined automation tools to successfully deploy cloud apps

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

The cost and scalability benefits of cloud computing are appealing, but cloud applications are complex. This is because they typically have multiple tiers and components that utilize numerous technologies; as a result, applications can end up scattered across a variety of execution environments. To ensure successful cloud application deployment and management, the key is to use application-defined automation tools.

To read this article in full or to leave a comment, please click here