The edited videos for Scaling Overlay Virtual Networking webinar are available on ipSpace.net Content site. Nuage Networks sponsored the webinar; the videos are thus publicly available (without registration).
The Network Access Broker Conceptual Demo
Talk is cheap when it comes to SDN, but at Packet Design we’ve created a working SDN analytics and orchestration prototype that will enable network engineers to effectively manage hybrid networks. In this new demo, we outline how our Network Access Broker (NAB) – based on our core Route Explorer™ System – analyzes application requests for network resources, assesses their impact on services, and provisions them optimally using a combination of the following (if you’re already familiar with SDN and its management challenges, you can skip the intro and head straight to the demo at the 2:47 mark):
In the NAB demo, we use Continue reading
#10: The CIA coordinated the release of classified information to the media, including inaccurate information concerning the effectiveness of the CIA's enhanced interrogation techniques. The CIA's Office of Public Affairs and senior CIA officials coordinated to share classified information on the CIA's Detention and Interrogation Program to select members of the media to counter public criticism, shape public opinionOf course they did, but then so did the Senate committee itself. They've been selectively leaking bits of the report for over a year. Their description of the "CIA hacking" scandal was completely inaccurate.
Recently, I’ve heard several people suggest that the advent of IPv6 changes the requirements for data-center virtual network solutions. For instance, making the claim that network overlays are no longer necessary. The assumption made is that once an instance has a globally unique IP address that all requirements are met.
In my view, this analysis fails in two dimensions:
Neither of these assumptions hold when examined in detail.
While there are IaaS use cases of users that just want to be able to fire up a single virtual-machine and use it as a personal server, the most interesting use case for IaaS or PaaS platforms is to deploy applications.
These applications, serve content for a specific virtual IP address registered in the DNS and/or global load-balancers; that doesn’t mean that this virtual IP should be associated with any specific instance. There is layer of load-balancing that maps the virtual IP into the specific instance(s) service the content. Typically this is done with a load-balancer in proxy mode.
As an aside, enabling IPv6 in the load-balancer Continue reading
steal (since Linux 2.6.11)Keeping close track of the stolen time metric is particularly import when running managing virtual machines in a public cloud. For example, Netflix and Stolen Time includes the discussion:
(8) Stolen time, which is the time spent in other operating systems
when running in a virtualized environment
So how does Netflix handle this problem when using Amazon’s Cloud? Adrian admits that they tracked this statistic so closely that when an instance crossed a stolen time threshold the standard operating procedure at Netflix was to kill the VM and start it up on a different hypervisor. What Netflix realized over time was that once a VM was performing poorly because another VM was crashing the party, usually due to a poorly written or compute intensive application hogging the machine, it never really got any better and their best learned approach was to get off that machine.The following articles describe how to monitor public cloud instances using Host sFlow agents:
Christmas is lurking around the corner and in the spirit of Denise “Fish” Fishburne, I give you the “The Tale of the Mysterious PIM Prune”.
I have been working a lot with multicast lately which is also why I’ve blogged about it. To start off this story, let’s begin with a network topology.
The multicast source is located in AS 65000 and contains two routers that are connected to the multicast source. The routers run BFD, OSPF, iBGP, PIM internally and the RP is located on C1. There is a local receiver in AS 65000 and a remote one in AS 64512. The networks 10.0.1.0/24 and 10.0.21.0/24 come off the same physical interface. If you want to replicate this lab, all the configs are provided here.
This network requires fast convergence and I have been troubleshooting a scenario where the active multicast router (R1) has its LAN interface go down, meaning that the traffic from the source must come in on R2. In this scenario I have seen convergence in up to 60 seconds which is not acceptable. The BGP design is for R2 to still exit out via R1 if the link is Continue reading
It’s time for the Network Break! Sit back, grab a coffee, and join us for an analysis of the latest IT news, vendor moves and new product announcements. We’ll separate the signal from the noise--or at least make some noise of our own.
The post Network Break 24 appeared first on Packet Pushers Podcast and was written by Greg Ferro.
No. When compared to the operation of existing networks, SDN is much more secure.
The post Are SDN Controllers a Security Risk ? appeared first on EtherealMind.
Powerpoint doesn’t stink. Our presentation skills do. So how do we fix it?
First, you must decide: what do I want this presentation to be? We’ve all seen the brilliant TED talks about new ideas. We’ve all seen the really cool sample presentations from those online presentation sites about someone’s trip around the world. When you’re looking at those talks, though, remember this: they are selected out of millions of talks for their content, and their content fits their format. I’ve seen folks do fairly standard slideshows with Prezy. It doesn’t work. I’ve also seen people do “let me tell you about my trip” presentations with Powerpoint. Again, it doesn’t work.
So, just like network engineering, pick the right tool for the job. Since most of an engineer’s presentations aren’t going to feature exciting trips down the River of Doubt, or even up Doubtin’ Mountain, we’re probably pretty safe to stick with a fairly standard presentation package — slides, warts, and all.
Yes, it’s important to get the flow right. I once stood in for a presenter who’d lost his voice — the material was router architecture (hardware and software), so it’s a topic I know well, so I wasn’t Continue reading
In the CCIE Collaboration lab, understanding dial-peers is extremely important. Lack of knowledge in this area can yield devastating results in your lab score report since they can be found in so many different sections of the exam. We must be thoroughly prepared to tackle every aspect of this technology should we be presented with it at some point.
I recently got a great question in our forums about digit manipulation within POTS dial-peers and how they interact with translation rules and profiles. I figured that since this is such an important topic, my answer to his question bears repeating so it can reach a wider audience.
Let’s begin with the simple example of dialing the number “123” from a CUCME phone. Of course, the POTS dial-peer must be created to support the desired behavior.
When this pattern is selected, all digits will be stripped automatically since they are explicitly defined. This is due to the “automatic POTS dial-peer digit strip” feature in IOS. See below for the ISDN Q.931 debug output (no Called Party Number).
Since we are not currently sending a Called Party Number, we’ll need some way to add the digits back to the string to Continue reading
Enterprise IT supports many unprofitable applications. Microsoft Exchange, legacy databases, obsolete accounting systems, end-of-life desktop operating systems and much more. Public clouds can, and do, cancel unprofitable products. This is a brutal truth in cloud planning. Takeaways: Enterprise IT supports many applications that are unprofitable to own and maintain Executives and managers are commonly unprepared […]
The post Enterprises Have Many Unprofitable Applications, Public Clouds Do Not appeared first on EtherealMind.
In my last post on the subject of BGPSEC, I explained the basic operation of the modifications to BGP itself. In this post, I’ll begin looking at some of the properties — both good and bad — of these extensions to BGP. To being, we’ll look at the simple network illustrated here, and see what […]
The post BGPSEC: Protections Offered appeared first on Packet Pushers Podcast and was written by Russ White.
I promise engineers who renew their subscription 4-6 new webinars a year. It’s time to see whether I kept that promise in 2014.
TL&DR summary: it was a great year, but I still missed a few things.
Read more ...
