A blog post on the Cisco’s website announces Cisco joins Open Compute Project as a Gold member: To that list, I am pleased to announce that we recently joined the Open Compute Project as a Gold member. The motivation behind our membership is similar to our involvement in the aforementioned open networking projects: we see […]
The post Response: Cisco Announces Membership of Open Compute Project appeared first on EtherealMind.
If you’re used to configuring f5 LTM load balancers, you’re probably used to the idea that you normally set two health checks for each VIP you have. The first is at the node level, often just an ICMP ping, which … Continue reading
If you liked this post, please do click through to the source at The A10 Health Monitor You Didn’t Know About and give me a share/like. Thank you!
How does the internet work - We know what is networking
Few days ago I added an article with Config GNS3 topology for newly published INE Routing and Switching Workbook v5 Full-Scale LAB1. Here’s now the topology with starting config of TS section for LAB1. I will not insert here any of my stories today as the same article was published before but with other topology files so if you would like more info, just go to previous post INE R&Sv5 Workbook Full-Scale Practice Lab1 made in GNS3 DOWNLOAD Everything should work fine in this lab except OSPF Loop-Free Alternate Fast Reroute which is not supported so you will be unable
In the third part of MPLS Tech Talks we focused on the role of label distribution protocol (LDP) and its operation in frame-mode MPLS. You can watch the video on the ipSpace.net Tech Talks web page.
When docker launches a linux container it will, by default, assign it a private IP address out of RFC 1918 space. It connects this container to the host OS using a bridged interface (docker0). Connectivity between the outside world and the container depends on NAT.
Outbound traffic is NATed using the host’s IP address. Inbound traffic requires explicit port mapping rules that map a port on the host to a port in the container. Given that typically one runs multiple containers in the same host there needs to be a map between a host port (in the dynamic port range) and a service port on the container.
For example, the HTTP service port (80) in container-1 will be mapped to port 49153 while container-2 would see its HTTP port mapped to host port 49154. Ports that are not explicitly mapped cannot receive incoming traffic. Also containers within the same host will see different IP address ports than containers across different hosts (not very ‘cloudy’).
This is the reason why using a network virtualization solution such as OpenContrail is so appealing. OpenContrail, replaces docker’s networking implementation which can be disabled by using –net=none. It provides each container its own IP address in Continue reading
This is my current goto code snippet for using the BASH command line to perform a ping sweep through an IPv4 subnet. for i in `seq 1 255`; do ping -c 1 192.168.1.$i | tr \n ' ' | awk '/1 received/ {print $2}'; done This script is deliberately simple, only works for /24 subnets but […]
The post Tech Notes: Ping Sweep an IP Subnet appeared first on EtherealMind.
In a previous post I whined that the A10 load balancers by default only need to see a single successful health check from a service in order to mark it as up. I argued that that’s not a good idea, … Continue reading
If you liked this post, please do click through to the source at A10 – That Global Health Monitor Warning and give me a share/like. Thank you!
You have probably realized we are having a Big Data kind of week here at the Plexxi blog. And for good reason. The amount of development and change in this big bucket of applications we conveniently label “Big Data”, is astonishing.
Walking around at Hadoopworld in New York last week, I initially felt somewhat lost as a “networking guy”. But that feeling of “not belonging” is only superficial, the network has a tremendously important role in these applications. The challenge is that many “networking” folks don’t quite understand or realize that yet, but contrary to what I believed not too long ago, Big Data Application folks have a pretty good understanding of the role of the network in their overall application and its performance.
As an industry we have been talking about the increase in east-west traffic for quite a few years now. For your typical datacenter infrastructure today this is based on loosely coupled applications and semi-distributed storage. A web based application has many components that together make up the application we see as users. There are application load balancers, web server front ends, application back ends that in turn have databases for their data storage. And those databases Continue reading
EMC announced during it’s quarterly results that it was taking a larger position in VCE. VCE was always an EMC asset, co-operation with partners Cisco, Intel and VMware has never been strong and this simply closes out the current chapter. The end result positions EMC to also be a “IBM style” company with a full […]
The post Thoughts of My Day: VCE Always Was An EMC Property appeared first on EtherealMind.
More than a year ago I wrote a response to a comment Pascal wrote on my Predicting the IPv6 BGP table size blog post. I recently rediscovered it and figured out that it’s (unfortunately) as relevant as it was almost 18 months ago.
Other people have realized we have this problem in the meantime, and are still being told to stop yammering because the problem is not real. Let’s see what happens in a few years.
Read more ...
Are you interested in speaking or sponsoring AnsibleFest London? Simply visit our AnsibleFest London page to learn how you can do both.
Speakers and sponsors of previous AnsibleFests have included Google, Linode, Cisco, Big Panda, Rackspace, Cumulus Networks, Twitter, Telescope, and others. AnsibleFest London will be scheduled for early 2015. We'll announce more details soon.
Continue readingTalking about Network Management get mixed reactions in the network industry with a rich history of products that didn't match our expectations or needs. In today's sponsored podcast, HP Networking continues their mission to change the way network engineers feel about their NMS's through the HP Intelligent Management Center.
The post Show 209 – HP Networks and Network Management – Sponsored appeared first on Packet Pushers Podcast and was written by Greg Ferro.
Rack Rentals for INE’s CCIE RSv5 Workbook’s Troubleshooting Labs and Full Scale Labs are now available via the Members Site. To access them login to http://members.ine.com, click “Rack Rentals” on the dashboard on the left, and then click “Schedule” under “CCIE Routing & Switching v5 Full Scale.”
This topology uses 20 routers and 4 switches and is for both Troubleshooting and Full Scale Labs. The topology above it, “CCIE Routing & Switching v5″, uses 10 routers and 4 switches, and supports all the Advanced Technology Labs and Foundation Labs.
The loading and saving of initial configs is supported through the Rack Control Panel, which can greatly save you time in your studies, especially with very large topologies such as those used in the Troubleshooting and Full Scale Labs.
Additionally, Full Scale Lab 2 and Troubleshooting Lab 2 have been posted to the CCIE RSv5 Workbook. More Foundation, Troubleshooting, and Full Scale Labs are currently in development and will be posted soon. For discussion on these new labs please visit the CCIE RSv5 Workbook section of IEOC, our online community.
At times when I look at the tools available for server admins today I long for the times when I didn’t work in networking. Sure we can use tools like Puppet and Ansible for networking too. However the tools are made for servers. Of course there are tie-ins into network automation, but the functionality is rudimentary at best. The current problem as I see it is the lack of decent APIs, granted some vendors are better than others. And I haven’t had the pleasure of working with those who understand XML. Sometime in a not too distant future when we have flying skateboards, SDN and nano bots these problems will disappear, but we’re not there yet. Before I take a deep dive to see what’s actually possible to do with onePK, OpenDaylight and all that good stuff I wanted to see how much is possible to do today. So this post is about Ansible which is really simple to learn and SNMP, where one of the words in the acronym is “simple”. It should be a perfect match, right?
Continue reading
In this post, I’ll describe a technique I found for simplifying the use of multi-machine Vagrantfiles by extracting configuration data into a separate YAML file. This technique is by no means something that I invented or created, so I can’t take any credit whatsoever; this is an idea I first saw here. I wanted to share it here in the hopes that it might prove useful to a larger audience.
If you aren’t familiar with Vagrant and Vagrantfiles, you might start with my quick introduction to Vagrant.
I found this technique after trying to find a way to simplify the creation of multiple machines using Vagrant. Specifically, I was trying to create multiple instances of CoreOS along with an Ubuntu instance for testing things like etcd, fleet, Docker, etc. The Vagrantfile was getting more and more complex, and making changes (to add another CoreOS node, for example) wasn’t as straightforward as I would have liked.
So what’s the fix? As with other DSLs (domain-specific languages) such as Puppet, the fix was found in separating the data from the code. In Puppet, that means parameterizing the module or class, and I needed to use a similar technique here with Vagrant. So, Continue reading
A quick post today, about how the A10 load balancer handles the recovery of a server based on health checks. Kind of a warning actually. A10 Health Monitor Configuration In order to determine when a service should be considered “up” … Continue reading
If you liked this post, please do click through to the source at A10 Service Failure Recovery and give me a share/like. Thank you!
I spent last week at the Strata + Hadoop World Conference in New York City with 5000 other “big data” customers, vendors, and enthusiasts. In the last 6 months we’ve seen demand for a “big data” based network infrastructure really start to take off, and I’ve spent a lot of time recently trying to better understand the evolving market and technology landscape and use cases. I’m particularly interested in how network infrastructure can drive a better experience for users of big data applications, or networking/infrastructure teams that need to support these applications, but ultimately I want to know what do businesses get out of these investments in data, analytics, and infrastructure.
[On a related note, as part of our efforts to provide the best “Big Data Fabric” we recently brought on @networkn3rd (Ed Henry) to Plexxi to fully define our reference architecture. Ed will be demo’ing the first fruits of his labor this Friday on SDN’s Central’s Demo Friday - Register Here].
Hadoop World was a really great experience. As a relative newbie to Big Data, I have a lot to learn and this was a great place to soak up actual customer use cases. While there was certainly Continue reading
In this post, I’ll describe a technique I found for simplifying the use of multi-machine Vagrantfiles by extracting configuration data into a separate YAML file. This technique is by no means something that I invented or created, so I can’t take any credit whatsoever; this is an idea I first saw here. I wanted to share it here in the hopes that it might prove useful to a larger audience.
If you aren’t familiar with Vagrant and Vagrantfiles, you might start with my quick introduction to Vagrant.
I found this technique after trying to find a way to simplify the creation of multiple machines using Vagrant. Specifically, I was trying to create multiple instances of CoreOS along with an Ubuntu instance for testing things like etcd, fleet, Docker, etc. The Vagrantfile was getting more and more complex, and making changes (to add another CoreOS node, for example) wasn’t as straightforward as I would have liked.
So what’s the fix? As with other DSLs (domain-specific languages) such as Puppet, the fix was found in separating the data from the code. In Puppet, that means parameterizing the module or class, and I needed to use a similar technique here with Vagrant. So, Continue reading
Every time I’m running a classroom version of my Designing the Cloud Infrastructure workshop, I start with a simple question: “Who has more than 2000 VMs or bare-metal servers in the data center?”
I might see three hands on a good day; 90-95% of the audience have smaller data centers… and some of them get disappointed when I tell them they don’t need more than two ToR switches in their data center.
Read more ...Earlier today, I was listening to Risky Business show #341. In this show Matt Solnik discussed vulnerabilities that he attempted to share at BlackHat. I say attempted, because it sounds like they may have had some issues with audio/video during critical times of the presentation. Nonetheless, it seems like there are many vulnerable implementations of the open mobile administration device management (OMA-DM). I took a minute to dig up some of the videos published by Accuvant that makes this stuff real.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may not reflect the position of past, present or future employers.
The post Vulnerable OMA-DM Implementations and Over the Air Hacks appeared first on PacketU.
