Leveraging Cisco NX-API with Ansible to Make Your Life Easier

I had a conversation recently with someone who has more of a sysadmin background.  We started talking about the intersection of DevOps and networking and while his environment wasn’t large, there was one pain point he talked about – he doesn't have access to the network switches to ensure they are configured properly for “his” servers and to ensure packets aren't being dropped, etc. when there are issues with the application, server, or network.  And by the way, he really doesn't want access to the data center switches, because after all, many fear logging into network devices that are in production.  

Could DevOps and network automation help here?
In fact, the answer is yes.  The goal is to get the right data into the right hands as quick as possible.  An automation platform can be used to query the switch to get the exact data the admin needs.  For those that have help desks supporting large campus networks, the same philosophy can be used there as well.   Help desk, junior admins, and cross-functional team members can now get what they need in just a few seconds.

In order to test this out, I’ve Continue reading

FabricPath Multidestination Trees

    FabricPath has many advantages over the classical Spanning Tree Protocol. Mainly because it can use ECMP (Equal Cost Multi Paths) Routing. For unicast frames it uses the well known Switch-ID that is inserted in a FabricPath header. This will be explained in a future post for sure. I have been intrigued regarding how multicast […]

Load Balancing Lab setup

Virtual Loadblanacers

Nowadays, you don't need a physical load balancer to setup a lab. Almost each and every vendor offers a "virtual appliance", which is just their appliance repacked as a virtual machine:

Here is a list of few such virtual loadbalancers:

There are even opensource alternatives such as:

So building a virtual lab on a laptop is just one download away, isn't it?

No, there are to missing pieces: Network topology with a router and web servers with content which is suitable for such labs.

Luckily for you, I have just setup such a lab, and I welcome you to use it as well.

Network topology

Basic topology

The usual loadbalancer lab looks like this:

But this is not how loadbalncers are usually deployed. And its also not the best way to deploy them, as not all traffic needs to go through the loadbalancer.

Realistic topology

Topology Continue reading

Quick Take: Wider Channel Widths Are Flashy but Not Efficient

I've been thinking of writing a well-articulated blog post on why the preference for high-density Wi-Fi networks is smaller channel width over larger channel width. This post is NOT that.

Instead, I was on Twitter articulating some of the logical points why smaller channel widths provide better aggregate capacity than larger channel widths (assuming you deploy enough radios and take advantage of all the spectrum at your disposal). Here is a quick recap of those points.

You might want to reference my SNR to MCS Index Mapping Table, which shows why larger channels result in a reduction in modulation rate that can often offset the gain from using the wider bandwidth in the first place. And my 802.11ac Receiver Sensitivity charts show that you have to have a really great signal strength for wider channels to even be considered, but watch out in your design because overcompensating to achieve higher signal strength will increase co-channel interference (CCI) which travels a LONG ways! Finally, my post on 802.11ac Adjacent Channel Interference (ACI) shows that wider channels create more ACI than smaller channels, and ACI is even more detrimental and unfriendly than CCI. Therefore, radio receivers require greater adjacent channel Continue reading

Democratizing the Networking Industry beyond the Two Party System

When it comes to the networking industry and purchasing a network device, a user typically has two choices: Party D and Party R.

Sure, there are other parties out there, but they usually don’t make the ballot for one reason or another. Even when you are not a “hardcore” supporter of either party, you feel stuck in one of those camps since you cannot partially “vote,” much less mix-and-match, as both parties are incompatible with each other.

What if this doesn’t have to be the case?

In this new world democracy, what if you could apportion your vote in a piecemeal fashion? In essence, taking the bits from one party combined with those of another party to create a new candidate tailored for your needs.

For the last 18 months or so, the Open Compute Project (OCP) Networking Group has been further validating and accelerating the adoption of this new reality of a disaggregated network design where the network device is separated from the network operating system (NOS) that powers the device. At the heart of this is a little piece of OCP software called ONIE (Open Network Install Environment), a key innovation by Cumulus Networks and released Continue reading

Network Break 15

The Network Break returns with Show 15.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+

The post Network Break 15 appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Windows ISATAP Client, Part 2

In Part 1 we discussed how to turn off ISATAP on Windows host—which is a great idea.  Turning off unnecessary components of your network simplifies everything.  But ISATAP can be useful in certain scenarios.  For instance, if you want to test an application on IPv6 you clearly don’t want to turn on IPv6 everywhere and […]

Author information

Dan Massameno

Dan Massameno is the president and Chief Engineer at Leaf Point, a network engineering firm in Connecticut.

The post Windows ISATAP Client, Part 2 appeared first on Packet Pushers Podcast and was written by Dan Massameno.

802.11ac Receiver Sensitivity

Following my previous post regarding typical SNR to MCS rate mappings for Wi-Fi clients, an interesting discussion was held on Twitter regarding the effects of increased channel width on the ability of a client to decode frames at any given SNR. Long story short, wider channels increase the noise power captured by the receiving radio which reduces its SNR. For every doubling of channel width, you require 3dB better signal to achieve the same MCS rate.

George Ou created a chart showing the relative range of each MCS rate based at various channel widths:



Following up on his work, I thought it would be useful to provide some context around these coverage ranges by referencing it against a typical noise floor of -93 dBm found in many environments. Using this noise floor and the SNR to MCS rate mapping table, combined with the relative coverage ranges (based on RF signal propagation using the inverse square law) we can visualize what data rates a typical 802.11ac radio will experience at various RSSI and SNR signal levels for each channel Continue reading

Announcing DockerCon Europe 2014

Flag_of_Europe.svg

Today we are very happy to announce DockerCon Europe 2014, the first official Docker conference organized in Europe, by both Docker, Inc. and members of the community. The conference will take place in Amsterdam, at the NEMO science center, December 4th and 5th.

Nemo_Science_Center_1

We will also have a full day or training prior to the conference, led by Jérôme Petazzoni on December 3rd.

The official website is still under construction as we are finalizing the last details, but today we can announce that the Docker team will be present as well as incredible speakers from the Docker community including:

Call for papers opens today, you can submit your talk here. If you are interested in our sponsorship options, please contact us at [email protected].

We also want to give a special thanks to Pini ReznikHarm BoertienMark ColemanMaarten Dirkse and the Docker Amsterdam community, who are working with us to bring the best of Docker to Europe.

Save the dates and stay tuned for more announcements!

VRF based path selection

In this post I will be showing you how its possible to use different paths between your PE routers on a per VRF basis.

This is very useful if you have customers you want to “steer” away from your normal traffic flow between PE routers.
For example, this could be due to certain SLA’s.

I will be using the following topology to demonstrate how this can be done:

Topology

A short walkthrough of the topology is in order.

In the service provider core we have 4 routers. R3, XRv-1, XRv-2 and R4. R3 and R4 are IOS-XE based routers and XRv-1 and XRv-2 are as the name implies, IOS-XR routers. There is no significance attached to the fact that im running two XR routers. Its simply how I could build the required topology.

The service provider is running OSPF as the IGP, with R3 and R4 being the PE routers for an MPLS L3 VPN service. On top of that, LDP is being used to build the required LSP’s. The IGP has been modified to prefer the northbound path (R3 -> XRv-1 -> R4) by increasing the cost of the R3, XRv-2 and R4 to 100.

So by default, traffic between Continue reading

Pmacct: the Traffic Analysis Tool with Unpronounceable Name

SDN evangelists talking about centralized traffic engineering, flow steering or bandwidth calendaring sometimes tend to gloss over the first rule of successful traffic engineering: Know Thy Traffic.

In a world ruled by OpenFlow you’d expect the OpenFlow controller to know all the traffic; in more traditional networks we use technologies like NetFlow, sFlow or IPFIX to report the traffic statistics – but regardless of the underlying mechanism, you need a tool that will collect the statistics, aggregate them in a way that makes them usable to the network operators, report them, and potentially act on the deviations.

Read more ...

Visualizing How Wi-Fi SNR Helps Determine the Achievable MCS Data Rate

If a Wi-Fi station has a better signal, you get more throughput. Everyone knows that. Here is a handy chart to help visualize it.

This table shows the "typical" data rates that Wi-Fi stations can achieve based on their SNR (signal to noise ratio). I say "typical" because it actually varies based on the radio chipset receiver sensitivity, but these values are a good starting point for most devices.

The achievable data rate (MCS rate) varies based on a number of variables:
  1. The 802.11 protocol - really a function of the increasing maturity of chipsets over time to handle more complex modulation types even when SNR is a bit lower.
  2. The channel width - typically doubling the channel width increases the noise floor by 3 dB, which decreases SNR. So to get the same MCS rate on wider channels you need higher SNR.
  3. The complexity of the modulation - notice as you get into more complex modulations like 64-QAM and 256-QAM that it doesn't take much more SNR to move from the lower encoding rate to the higher encoding rate, and vice versa in the opposite direction.
Typical Wi-Fi SNR to MCS Data Rate Mappings
(Download for full resolution Continue reading

Automagical Deploys from Docker Hub

I want the speed and other advantages of a static site generator, but with the flexibility of a database-backed CMS.

I want performance, flexibility, and ease of maintenance.

From cars to computers, getting both flexibility and performance all too often requires a carefully weighed set of trade-offs. Generating content for your readers and fans on the web is no exception. On the one hand, techies have recently embraced static site generators such as Jekyll, and for good reason, as these systems provide a lot of advantages (e.g., deploying straight to Github pages, high performance, and ease of keeping your content in version control). However, they are not without their own challenges such as steep learning curves and slow, cumbersome workflows.

On the other hand, flexible, database-backed content management system such as WordPress can be a better choice in some situations. It’s very nice to have the flexibility to allow non-technical people to edit and update content, and for authors to edit online from anywhere without needing a special suite of software and skills. However, CMSs such as WordPress can also be slow, temperamental, and hard to optimize.

Lately, I’ve been trying to find a good balance for my website. Currently, it Continue reading

Building a router with Open vSwitch

As part of my work in OpenDaylight, we are looking at creating a router using Open vSwitch... Why? Well OpenStack requires some limited L3 capabilities and we think that we can handle those in a distributed router.

Test Topology

My test topology looks like this:

Test Topology

We have a host in an external network 172.16.1.0/24, one host in an internal network 10.10.10.0/24 and two hosts in another internal network 10.10.20.0/24.

As such, The hosts in the 10.x.x.x range should be able to speak to each other, but should not be able to speak to external hosts.

The host 10.10.10.2 has a floating IP of 172.16.1.10 and should be reachable on this address from the external 172.16.1.0/24 network. To do this, we'll use DNAT for traffic from 172.16.1.2 -> 172.16.1.10 and SNAT for traffic back from 10.10.10.2 -> 172.16.1.2

If you'd like to recreate this topology you can checkout the OpenDaylight OVSDB project source on GitHub and:

vagrant up mininet
vagrant ssh mininet
cd /vagrant/resources/mininet
sudo mn --custom  Continue reading

Bare Metal Networking, Then and Now…

What a difference a year makes.

Just last year, bare metal networking was viewed as an aspiration for only mega-scale operators. A simple solution to enable any bare metal switch to operate any networking operating system was unavailable.

Original design manufacturers (ODMs) and bare metal networking vendors were relatively unknown entities. Pricing and product availability was obscure or difficult to ascertain. The supply chain for bare metal networking was non-existent. (You can read more about The Modern Networking Supply Chain and the Death of the Multiplier Effect.) Consequently, mega-scale operators deployed solutions, procured directly from ODMs in lots of hundreds to thousands.

Today, bare metal networking is available to the mass market around the world.

The Open Network Install Environment, ONIE, is a fundamental enabler to bare metal networking. ONIE is an Open Compute Project (OCP, pioneered by Facebook) initiative facilitating any network operating system to be installed (or removed) on any ONIE-based switch. Bare metal networking vendors have adopted ONIE en masse, simplifying operations for distributors and resellers with a minimum number of hardware SKUs, in parallel, making the simplified supply chain available to a range of software suppliers. Today, there are approximately 20 ONIE-based platforms in flexible Continue reading

1 3,555 3,556 3,557 3,558 3,559 3,680