CCIE RSv5 Workbook Troubleshooting Labs Now Available

Troubleshooting Lab 1 has been added to the CCIE Routing & Switching v5 Workbook. This is in addition to Full Scale Lab 1 which was posted yesterday. More Foundation, Troubleshooting, and Full Scale Labs will be added soon to the workbook. More information about additional content and its release schedule will be available shortly.

This lab uses a 20 router topology which will be available through our rack rental system shortly.  In the meantime if you have your own lab built on CSR1000v, IOU/IOL, etc. the initial configs are available to download on the lab 1 tasks page.  For technical discussion of this lab, please visit the Troubleshooting Labs section of our Online Community here.

Utility-Based Pricing Troubles Me

Utility, or Consumption-Based pricing models offer an interesting way of matching costs to revenues. But if they’re not managed well, customer costs could blow out just trying to keep the lights on. We’ve come to expect rapidly declining hardware prices. Have vendors realised their utility prices need to decline at a similar rate?

I’ve been doing more architecture work over the last twelve months, and this has changed some of my thinking about technology. Previously I was only really interested in speeds & feeds, and technical capabilities. Scaling was only about how to add capacity – not what it would cost. When I looked at costs, it was just to shake my head at the ridiculous prices charged for things like a second power supply.

But now I find myself interested in things like cost curves, and trying to figure out how my costs will change as demand changes. The ideal is for their to be a clear relationship between costs & revenue, hopefully with costs growing at a slower rate than demand (and revenue).

Previously we had high upfront costs to buy hardware and software, and we aimed to amortise it over the life of the service. Our costs Continue reading

Cisco Adds New Routers In the ISR 4000 Family

The Cisco ISR G2 routers have been around for a while now. Roughly a year ago, Cisco released the Cisco 4451-X router which was the first ISR running IOS-XE. Cisco has now added new routers to the 4000 family, which means that the ISR G2 family will eventually go away. Don’t panic though! That will not happen for a while but if you are looking to buy new ISR routers, then take a look at the new 4000 family.

ISR4000

One great thing about the new ISR 4000 routers is that they support upgrading of the bandwidth capacity by buying a license. That means that you can keep the same router for a longer time and grow into it, rather than doing a complete replacement as your demand for bandwidth increases. The new models are ISR 4321, 4331, 4351 and 4431.

ISR4000-family

If you need a router that does 10 Mbit/s, then you can get the 4321 and you can keep using it until you reach 100 Mbit/s. The 4331 will get you from 100-300 Mbit/s which would cover a lot of customers that I currently have.

The next slide shows some of the new features of the ISR 4000:ISR4000-architecture

The ISR Continue reading

Show 207 – Cisco Nexus Unified Fabric – Sponsored

What’s new with Cisco Nexus Unified Fabric (formerly Dynamic Fabric Automation), you ask? Well, an integrated end-to-end solution that builds on four fundamental pillars is what’s new. The pillars are… Fabric management. Workload automation. Optimized networking. Virtual fabrics. These features are applicable across the Nexus product line from the Nexus 7K down to the Nexus 1K […]

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks
TwitterGoogle+LinkedIn

The post Show 207 – Cisco Nexus Unified Fabric – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Two Minutes of Hate: Marriot deauthing competing WiFi

Do you stand for principle -- even when it's against your interests? Would you defend the free-speed rights of Nazis, for example? The answer is generally "no", few people stand for principle. We see that in this morning's news story about Marriott jamming (actually deauthing) portable WiFi hotspots in order to force customers to use their own high-priced WiFi.

The principle I want to discuss here is "arbitrary and discriminator enforcement". It was the principle behind the Aaron Swartz and Andrew "weev" Auernheimer cases. The CFAA is a vague law where it is impossible to distinguish between allowed and forbidden behavior. Swartz and Weev were prosecuted under the CFAA not because what they did was "unauthorized access", but because they pissed off the powerful. Prosecutors then interpreted the laws to suite their purposes.


The same thing is true in the Marriott case. Deauthing Wifi is common practice on large campuses everywhere, at company headquarters, hospitals, and college campuses. They do this for security reasons, to prevent rogue access-points from opening up holes behind the firewall. It's also used at the DefCon conference, to prevent hostile access-points from tricking people by using "DefCon" in their name.

Section 333 of the Communications Continue reading

CCIE RSv5 Workbook Full Scale Lab 1 Now Available

Full Scale Lab 1 has been added to the CCIE Routing & Switching v5 Workbook. More Foundation, Troubleshooting, and Full Scale Labs will be coming soon, including additional updates before the end of the weekend. I will post more information about additional content and its release schedule shortly.

This lab uses a 20 router topology which will be available through our rack rental system shortly.  In the meantime if you have your own lab built on CSR1000v, IOU/IOL, etc. the initial configs are available to download on the lab 1 tasks page.  For technical discussion of this lab, please visit the Full Scale Labs section of our Online Community here.

Renesys Team Launches Dyn Research

shutterstock_128775836

Welcome to the new Dyn Research Blog!   We’re certainly glad you’re here, and we hope you like the snazzy new look.

Since the Renesys team joined Dyn in May, the number one question we’ve received is “will you keep publishing the blog?”   The answer is yes, absolutely, and we hope to bring you some diverse perspectives on Internet performance from other members of the Dyn technical team as well.    Please do let us know what you think of the new Dyn Research Blog, and feel free to suggest topics you’d like us to cover.

 

A moment for reflection

Looking back over the eight years that we’ve been publishing our observations about Internet structure and operations, I’m struck mostly by how you, our audience, have evolved and grown.    In the early days, news about Internet infrastructure appealed to a pretty narrow group of readers within the network operations community.   We never had to buy beer at conferences like NANOG, but the rest of the world was more or less content to ignore the dirty details of IPv6, peering and depeering, Net Neutrality, and the evolution of the IP wholesale transit industry.

A Continue reading

Plexxi Pulse—HadoopWorld 2014: Is your network ready for Big Data?

We are two short weeks away from HadoopWorld, one of the world’s largest Big Data conferences. October 15—17 our team will be in in New York City to demo our Big Data fabric and answer questions about preparing networks for Big Data. Stop by booth 552 to catch up with our team and pick up a pair of Plexxi Socks. We look forward to seeing you there.

hw3.2

In this week’s PlexxiTube of the week, Dan Backman describes how Plexxi manages load balancing in Big Data networks.

Check out what we’ve been up to on social media this week. Have a great weekend!

The post Plexxi Pulse—HadoopWorld 2014: Is your network ready for Big Data? appeared first on Plexxi.

Opt-in for upcoming Heartbleed results

On October 8, the 6-month anniversary of Heartbleed, I'm going to scan the Internet again for it. I should find about 250k devices are still vulnerable. These are things like webcams, NAS boxes, forgotten VM instances, development machines, and so on -- few real "web servers" will be vulnerable.

I will, of course, exclude from my scan everyone who has asked to be excluded. My scan list is down to only 3.5 billion hosts because of all the exclusions I do. However, asking for whitehats to exclude you from their scans is not a smart security strategy. Therefore, if you are on our exclude list, I suggest you do the reverse: opt back in.

I mention this because we are going to try something new: allow people to opt-in to the results. Send us an email, and we'll send the results of our Heartbleed scan for your address range to the "abuse" address registered for that address range.

IPv6 Adoption in the UK

One of my biggest annoyances for a while has been the lack of interest in IPv6 in the UK. There just isn’t a thirst for it. I’m pretty convinced it’s down to lack of sales support by out coin operated fraternity of technology touting army of salesmen (and women). Justifications like “IPv4 is running out” and “IPv6 when wielded correctly gives us huge growth potential” just isn’t enough to convince anyone that it’s here and is ready for adoption in enterprises nationally. The commoditisation of last mile circuits and consumer grade connectivity has also driven down profit and therefore as these businesses run with tightly controlled finances, the ability to invest in additional functionality with no perceivable gain is frowned upon somewhat. So, a quote that I thumbed in to Twitter was “Would you expect sparkling vitamin water to come out of the same taps as your current still cold feed? Who would pay £1 a month more?”. The answer to this somewhat pointless frustrated question is probably not of any value to anyone barring technologists who get it. Of course you wouldn’t get it out of the same tap! Whilst it would be delivered from the same set Continue reading

Arista vEOS on GNS3

EOS (Extensible Operating System) is Linux-based network operating system developed by Arista Networks that runs on all Arista switches. Virtual EOS (vEOS) is single image and can be run in a virtual machine. The article describes how to set up vEOS virtual machine and connects it to GNS3 in order to test EOS functionality.

Host Requirements
Linux x86-64
Qemu or VirtualBox installed

Virtual Machine Requirements
1024 MB RAM
IDE CD-ROM drive with mounted Aboot-veos-serial-2.0.8.iso
2GB flash IDE disk - vEOS-4.14.2F.vmdk
NICs e1000 type

1. Download Bootloader and Virtual EOS

Clik the link to create a new account. The guest account (when no corporate email is used for registration e.g. gmail.com) is sufficient to download vEOS software. Click the link and login with the credentials you entered during the registration. You have to accept License Agreement in order to download vEOS software.

Download the bootloader and a virtual disk:

Aboot-veos-serial-2.0.8.iso
vEOS-4.14.2F.vmdk

2. Arista Switch First Boot on Qemu

Use Qemu to boot Arista switch virtual machine for the first time.

$ /usr/local/bin/qemu-system-x86_64 -m 1024 -enable-kvm -cdrom ./Aboot-veos-serial-2.0.8.iso -boot d vEOS-4.14.2F.vmdk -serial telnet::3355,server,nowait

Connect to the Continue reading

Reading the Silk Road configuration

Many of us believe it wasn't the FBI who discovered the hidden Silk Road server, but the NSA (or other intelligence organization). We believe the FBI is using "parallel construction", meaning creating a plausible story of how they found the server to satisfy the courts, but a story that isn't true.

Today, Brian Krebs released data from the defense team that seems to confirm the "parallel construction" theory. I thought I'd write up a technical discussion of what was found.

The Tarbell declaration


A month ago, the FBI released a statement from the lead investigator, Christopher Tarbell, describing how he discovered the hidden server ("the Tarbell declaration"). This document had four noticeable defects.

The first is that the details are vague. It is impossible for anybody with technical skill (such as myself) to figure out what he did.

The second problem is that some of the details are impossible, such as seeing the IP address in the "packet headers".

Thirdly, his saved none of the forensics data. You'd have thought that had this been real, he would have at least captured packet logs or even screenshots of what he did. I'm a technical blogger. I document this sort Continue reading

Right-winger explains what’s wrong with ComputerCop

The EFF has a good article on ComputerCop. Police departments have lashed back, saying the EFF is an "ultra-liberal organization that is not in any way credible on this". While it's true the EFF is a bunch of leftists, I'm a right-winger -- and I agree with them in this case. Maybe they'll find my right-wing criticisms of ComputerCop more believable.


The basic issue is that this program isn't "protection", but is instead a "virus". It's the same software hackers use to spy on computers. It's the same software that jealous lovers secretly install on their partner's computer. Some of the copies the police give out will be used for the intended purpose (parents hacking their children's computers), but also some copies will end-up in the hands of evil-doers who use it for hacking. When investigating domestic abuse cases over the next few years, police will find their own software on the victim's computer, placed there by the abuser.

Monitoring your child's online activities is a good thing. Hacking your child's computers is probably a bad thing. It's not the sort of activity police departments should be encouraging.

The software maker exploits the fact that rural county sheriffs are Continue reading

Route leak incident on October 2, 2014

Today, CloudFlare suffered downtime which caused customers’ sites to be inaccessible in certain parts of the world. We take the availability of our customers’ web properties very seriously. Incidents like this get the absolute highest priority, attention, and follow up. The pain felt by our customers is also felt deeply by the CloudFlare team in London and San Francisco.

This downtime was the result of a BGP route leak by Internexa, an ISP in Latin America. Internexa accidentally directed large amounts of traffic destined for CloudFlare data centers around the world to a single data center in Medellín, Colombia. At the same time Internexa also leaked routes belonging to Telecom Argentina causing disruption in Argentina. This was the result of Internexa announcing via BGP that their network, instead of ours, handled traffic for CloudFlare. This miscommunication caused a flood of traffic to quickly overwhelm the data center in Medellín. The incident lasted 49 minutes, from 15:08UTC to 15:57UTC.

The exact impact of the route leak to our customers’ visitors depended on the geography of the Internet. Traffic to CloudFlare’s customers sites dropped by 50% in North America and 12% in Europe. The impact on our network in Asia was isolated Continue reading

Meet the new ISR Series – ISR 4000 running IOS-XE

In June of 2013 Cisco released the newest member of the ISR family, the ISR4451-X router (Cisco –  blog post).  At that time it was the only model in the ISR44xx line, but today it now has some new siblings.  Today, October 2, 2014, Cisco has introduced some companious, namely the ISR 4321, 4331, 4351, and 4431.   The […]

Announcing Docker Global Hack Day #2

DockerCon Europe is sold out! But wait…

Here, at Docker HQ, since the announcement of DockerCon Europe 2014, we have been sprinting to keep up with the overwhelming response and today, we must inform you that the conference is sold out. Tickets went faster than expected so we want to give you one last opportunity to attend.

Today, we are super excited to announce Docker Global Hack Day #2 on October 30th! The prize will be full conference passes including roundtrip airfare for all members of the winning team. Last year, the event was a big success, and we expect this year to be even more awesome with more cities and more hackers around the world involved!

The San Francisco edition will kickoff with talks by Ben Golub, CEO of Docker, and Solomon Hykes, Founder and CTO of Docker, who will demonstrate the power and new features of Docker 1.3 and how they facilitate the creation of distributed applications.  The agenda will include a number of Docker customers who are building their next generation of applications based upon our open platform. In addition, the event will have a surprise announcement to the community. The talks and demo will be Continue reading

1 3,537 3,538 3,539 3,540 3,541 3,681