After discussing the basics of MPLS, MPLS-TE and LDP, and the relationship between FECs, LDP and BGP, Seamus and myself focused on another interesting topic: how MPLS protocol stack uses RSVP to implement traffic engineering.
The Alcatel-Lucent virtualized Simulator (vSim) is a virtualization-ready version of SR OS called SR OS-VM. This new operating system is designed to run in a virtual machine (VM) on a generic Intel x86 server. In control and management plane aspects, the vSim is functionally and operationally equivalent to an Alcatel-Lucent hardware-based SR OS router.The vSim is intended to be used as a laboratory tool to fully simulate the control and management plane of an SR OS node. The vSim is not intended to be used in a production network environment and the forwarding plane is limited to 250 pps per interface. Furthermore, without a license file it will run for 1 hour before reloading.
Host Software and Hardware Requirements
Virtual Machines Software and Hardware Requirements
Extract image from the zip file.
$ unzip TiMOS-SR-12.0.R6-vm.zip
$ cd vm/7xxx-i386/
Now a virtual disk sros-vm.qcow2 is extracted. To start Qemu virtual Continue reading
(yes, I know, it’s been a while… But it’s time to get back to this series) Up to this point in this series, we’ve been discussing the more technical aspects of how the Internet really works. Now I want to shift gears a little, and talk about some of the more political aspects — standards […]
The post HTIRW: Standards Bodies appeared first on Packet Pushers Podcast and was written by Russ White.
You might have noticed that blog content has been a bit sparse over the last few weeks. The reason I haven’t generated any new content is because all my spare time is taken up with preparing to migrate this site to a new hosting platform.
Sometime over the holiday season, I’ll be migrating this site from a hosted WordPress installation to Jekyll running on GitHub Pages. Given that I have 9 years of content (over 1,600 blog posts), this is a pretty fair amount of work.
Most of the “structural” work on the new site is already complete; you can get a preview of the site by visiting http://lowescott.github.io. There’s no content there yet (other than some boilerplate content), but you’ll be able to get a feel for how the new layout will look and work. As you can see, I’ll be using the Lanyon theme, which provides a nice clean layout and a good mobile as well as desktop experience.
There’s still some additional “structural” work to be done, such as adding support for comments (which will be handled via Disqus), but I hope to have that done in the next few days.
Once the Continue reading
We were proud to have DualSpark join us for a great webinar this week on automation on AWS using Ansible. Presenting from Ansible was Dave Johnson and Patrick McClory handled the discussion from the DualSpark side.
Ansible Automation on AWS: Best Practices by Battle-Hardened Experts
This week are talking about the IETF and it's inability to cope with massive change in networking around SDN and NFV. For example, there are more than 70 drafts on NETCONF models for common networking tasks that often overlap or repeat the same work. What does this means for standards development ?
The post Show 217 – IETF, YANG Proliferation and the Lack of Cooperation and Co-ordination appeared first on Packet Pushers Podcast and was written by Greg Ferro.
It is common to allocate /24 or /22 subnets to a single VLAN but William writes to ask why and whether is related to broadcasts. What is the best subnet size for VLAN allocation and why ? The answer isn't what you think.
The post How Many Hosts In An VLAN or IP Subnet and Why ? appeared first on EtherealMind.
Recently Arista released a white paper surrounding the idea that having deeper buffers running within the network can help to alleviate the incast congestion patterns that can present when a large number of many-to-one connections are happening within a network. Also known as the TCP incast problem. They pointedly targeted Hadoop clusters, as the incast problem can rear its ugly head when utilizing the Hadoop Cluster for MapReduce functions. The study used an example of 20 servers hanging off of a single ToR switch that has 40Gbps of uplink capacity within a Leaf/Spine network, presenting a 5:1 oversubscription ratio. This type of oversubscription was just seen in the recent release of the Facebook network that is used within their data centers. So its safe to assume that these types of oversubscription ratios are seen in the wild. I know I’ve run my fair share of oversubscribed networks in the past.
This particular study actually prods at what is the achilles heel of the traditional leaf/spine network design. All nodes being within 3 switch hops, (ToR <-> Spine <-> ToR), does provide a predictable pathing within the minds of the network operators of today, but I posit that Continue reading
In our next blog post, we will focus on configuring an IKEv2 VPN between the ASA and IOS.
Is there anything special about that configuration? Yes and no. It is still “just” IKEv2 that will take care of negotiating our tunnels, but there will definitely be a difference in how we configure one platform versus another. Remember – tunnel interfaces are not supported on the ASA, at least as of 8.6, and this generally means that we will not be able to use tunnels (FlexVPNs) on IOS, too (there is actually one small exception to this rule, but it will not be discussed in this article).
Let’s take a look at our simple network:
We’ll try to build a VPN tunnel between R10 and ASA3 that we will then use to protect traffic flowing between VLANs 10 and 8. I am going to start with the ASA configuration.
First and foremost – the Policy. Note that PRF must generally be the same as what you have selected for Integrity/Hashing:
crypto ikev2 policy 10
encryption aes-256
integrity sha384
prf sha384
group 14
We will authenticate the tunnel using pre-shared-keys, and since authentication method is no longer negotiated in IKEv2 we Continue reading
One of the networking engineers using my ExpertExpress to validate their network design had an interesting problem: he was building a multi-tenant VLAN-based private cloud architecture with each tenant having multiple subnets, and wanted to route within the tenant network as close to the VMs as possible (in the ToR switch).
He was using Nexus 5600 as the ToR switch, and although there’s conflicting information on the number of VRFs supported by that switch (verified topology: 25 VRFs, verified maximum: 1000 VRFs, configuration guide: 64 VRFs), he thought 25 VRFs (tenant routing domains) might be enough.
Read more ...Foundation Lab 2 has now been added to the CCIE RSv5 Workbook. This lab is great for working on your configuration speed and accuracy when combining multiple technologies together. It also has a great redistribution section that I hope you’ll all enjoy More Full Scale, Troubleshooting, and Foundation labs are in progress and will be posted soon. I’ll post another update about them when they are available.
In addition to this we’ve added some feature enhancements to the workbook in response to customer requests and feedback. First, there is a new Table of Contents for the workbook that allows you to view all tasks, and to check off tasks that you’ve already completed. This will help you track your progress as you’re going through the workbook.
You can additionally check off the progress of a task in the upper right hand portion of the individual lab page.
Multiple bookmarks are now supported, and will be added to a section under the Table of Contents. When you open the workbook it will now also prompt you to load your latest bookmark.
Lastly, configuration solutions are now hidden by default when you open a lab. This will help prevent “spoilers” in the Continue reading