Pica8’s White Box OS Gets a Big-Name Partner in HP
A milestone deal for the white box OS vendor.
Why You Should Adopt A Cloud-First Networking Strategy
The rise of hybrid cloud in the enterprise means that network engineers need to focus on enabling and supporting cloud in all its forms.Learn SDN with Virtual Routers and Switches
Bryan would love to get hands-on SDN experience and sent me this question:
I was recently playing around with Arista vEOS to learn some Arista CLI as well as how it operates with an SDN controller. I was wondering if you know of other free products that are available to help people learn.
Let’s try to do another what-is-out-there survey.
Read more ...Alcatel-Lucent virtual 7750 SR (vRR/vSR, TiMOS) first boot provisioning
I advertised to you recently another great virtual lab environment – Unified Networking Lab – with tools like that one I practiced the cool technologies of Alcatel-Lucent Service Routing platform and prepared to many certification exams. And I encourage you to go the same way, not just read the books and force the dumps, but actually build a topologyHappy 5th Birthday, CloudFlare!
CloudFlare customers recorded videos to celebrate our first five years
Today is September 27, 2015. It's a rare Super Blood Moon. And it's also CloudFlare's birthday. CloudFlare launched 5 years ago today. It was a Monday. While Michelle, Lee, and I had high expectations, we would never have imagined what's happened since then.
In the last five years we've stopped 7 trillion cyber attacks, saved more than 94,116 years worth of time, and served 99.4 trillion requests — nearly half of those in the last 6 months. You can learn more from this timeline of the last five years.
Celebrating by doing the impossible
Every year we like to celebrate our birthday by giving something seemingly impossible back to our users. Two years ago we enabled on our Automatic IPv6 Gateway, allowing our users to support IPv6 without having to update their own servers. Last year we made Universal SSL support available to all our customers, even those on our free plan. And this year, we announced the expansion across Mainland China, building the first truly global performance and security platform.
Internet Summit & Party
We celebrated in San Francisco last week with CloudFlare's first Internet Summit Continue reading
Closing out Projects
We put a lot of energy into new projects. We argue about the design, we plan the cutover, we execute it…and then we move on. But decommissioning the old system is critical part of any project. It’s not over until you’ve switched off the old system.
Years ago I was involved in the buildout of a new network. The new network was a thing of beauty. A clear design, the best equipment, redundant everything. It was replacing a legacy network, one that had grown organically.
The new network was built out. Late one night the key services were cut over, and things were looking good. Everyone was happy, and we had a big party to celebrate. The project group disbanded, and everyone moved on to other things. Since the project was closed out, funding & resources stopped. Success, right?
Except…the old equipment was still running. A handful of applications were left on the old network. Some annoying services used undocumented links between the networks. Even worse, disused WAN links were still in place, and still being billed for.
The problem was that the project was officially ‘over.’ Who’s responsible for finishing off that last bit of cleanup?
I’ve seen similar things in Continue reading
SDxCentral Weekly News Roundup — September 25, 2015
HP makes more negative headlines, IPv4 dries up, and AWS' outage becomes a learning opportunity.
Cloud Migration Represents a Mixed Bag for F5 & ADCs
If AWS provides its own load balancing, what happens to F5?
Skynet Barbie, Tablet Babysitters: This Week On The Internet
This Week On The Internet looks at an AI Barbie, the effect of mobile devices on young kids, how to fight surveillance, and funny cooking advice.
The post Skynet Barbie, Tablet Babysitters: This Week On The Internet appeared first on Packet Pushers.
Cisco DHCP client bummer
It looks to me like the Cisco IOS DHCP client mis-handles the DNS server option when it's working in a VRF.I'm working on an IOS 15.4 router with an empty startup-config and only the following configuration applied:
interface FastEthernet4
ip address dhcp
no shutdown
debug dhcp detail produces the following when the DHCP lease is claimed:
Sep 25 19:48:23.316: DHCP: Received a BOOTREP pkt
Sep 25 19:48:23.316: DHCP: Scan: Message type: DHCP Offer
...
Sep 25 19:48:23.316: DHCP: Scan: DNS Name Server Option: 192.168.100.4
Indeed, we can resolve DNS. We can also see that the DNS server learned from DHCP has been configured (is there a better way to see this?):
lab-C881#ping google.com
Translating "google.com"...domain server (192.168.100.4) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 205.158.11.53, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
lab-C881#show hosts summary
Default domain is fragmentationneeded.net
Name/address lookup uses domain service
Name servers are 192.168.100.4
Cache entries: 5
Cache prune timeout: 50
lab-C881#
If I put the interface into a VRF, Continue reading
Nasty Multicast VSS bug on Catalyst 4500-X
I ran into an “exciting” bug yesterday. It was seen in a 4500-X VSS pair running 3.7.0 code. When there has been a switchover meaning that the secondary switch became active, there’s a risk that information is not properly synced between the switches. What we were seeing was that this VSS pair was “eating” the packets, essentially black holing them. Any multicast that came into the VSS pair would not be properly forwarded even though the Outgoing Interface List (OIL) had been properly built. Everything else looked normal, PIM neighbors were active, OILs were good (except no S,G), routing was there, RPF check was passing and so on.
It turns out that there is a bug called CSCus13479 which requires CCO login to view. The bug is active when Portchannels are used and PIM is run over them. To see if an interface is misbehaving, use the following command:
hrn3-4500x-vss-01#sh platfo hardware rxvlan-map-table vl 200 <<< Ingress port Executing the command on VSS member switch role = VSS Active, id = 1 Vlan 200: l2LookupId: 200 srcMissIgnored: 0 ipv4UnicastEn: 1 ipv4MulticastEn: 1 <<<<< ipv6UnicastEn: 0 ipv6MulticastEn: 0 mplsUnicastEn: 0 mplsMulticastEn: 0 privateVlanMode: Normal ipv4UcastRpfMode: None ipv6UcastRpfMode: None routingTableId: 1 rpSet: 0 flcIpLookupKeyType: IpForUcastAndMcast flcOtherL3LookupKeyTypeIndex: 0 vlanFlcKeyCtrlTableIndex: 0 vlanFlcCtrl: 0 Executing the command on VSS member switch role = VSS Standby, id = 2 Vlan 200: l2LookupId: 200 srcMissIgnored: 0 ipv4UnicastEn: 1 ipv4MulticastEn: 0 <<<<< ipv6UnicastEn: 0 ipv6MulticastEn: 0 mplsUnicastEn: 0 mplsMulticastEn: 0 privateVlanMode: Normal ipv4UcastRpfMode: None ipv6UcastRpfMode: None routingTableId: 1 rpSet: 0 flcIpLookupKeyType: IpForUcastAndMcast flcOtherL3LookupKeyTypeIndex: 0 vlanFlcKeyCtrlTableIndex: 0 vlanFlcCtrl: 0
From the output you can see that "ipv4MulticastEn" is set to 1 on one switch and 0 to the other one. The state has not been properly synched or somehow misprogrammed which leads to this issue with black holing multicast. It was not an easy one to catch so I hope this post might help someone.
This also shows that there are always drawbacks to clustering so weigh the risk of running in systems in clusters and having bugs affecting both devices as opposed to running them stand alone. There's always a tradeoff between complexity, topologies and how a network can be designed depending on your choice.
Cloud Startup Avni Networks Gets a Hand from Citrix
Details of that Series A funding remain elusive, however.