The Resolvers We Use
The Internet's Domain Name System is a modern day miracle. It may not represent the largest database that has ever been built, but nevertheless it's truly massive. The DNS is consulted every time we head to a web page, every time we send an email message, or in fact every time we initiate almost any transaction on the Internet. We assume a lot about the DNS. For example, content distribution networks are observed to make use of the location of the DNS resolver as being also the same location as the user. How robust is this assumption of co-locality of users and their resolvers? Are users always located "close" to their resolvers? More generally, what is the relationship between the end user, and the DNS resolvers that they use? Are they in fact closely related? Or is there widespread use of distant resolvers?HP Networking and Cisco CLI Reference Guide
New to HP Networking products? Know Cisco IOS CLI and now work with HPN products? Or know Comware (from previous 3Com/H3C days) and now also work with HPN ProVision products? Or know HPN ProVision and now work with Comware? And … Continue reading
The changing of the guard: Telecom Style-Part 1
The sale of a incumbent local exchange carrier (ILEC) aka the local telephone company can be much more complicated than one might think, ordinary folks anyway. Networking & IT professionals most likely have a different viewpoint as migrations are a fundamental part of the IT field. Such a transaction becomes more complicated when triple play […]
Author information
The Linux ip Command – An Ostensive Overview
It came to my attention and I was rather surprised to learn a while back that the Linux ifconfig command has been deprecated for quite some time by the Linux ip command set. The ip command isn’t new to me and I’ve recognised its advantages for some time but considering its ‘elevated’ status I thought […]
Author information
The post The Linux ip Command – An Ostensive Overview appeared first on Packet Pushers Podcast and was written by Steven Iveson.
Stop Doing Post Mortems & Root Cause Analysis With indeni
Indeni has technology that can predict known types of network failures using pre-mortem analysis.
Author information
The post Stop Doing Post Mortems & Root Cause Analysis With indeni appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.
Wipebook – A Portable Whiteboard
It is a stereotype, but engineers really do like whiteboards. Problem is, you can’t carry one around with you. Plus there’s still a few unenlightened employers who don’t provide whiteboards. Enter the Wipebook, a spiral-bound notebook made of whiteboard-like pages:
I normally carry a notebook for scratching out notes while talking to customers, sketching diagrams, working through problems, etc. I don’t archive these notes – most are just short-term things, and I shred them. Important stuff gets turned into OmniFocus tasks/emails/etc.
So the Wipebook looks perfect for me. My wife bought one for me recently, and I’ve started using it at work. So far, it’s working as expected. I can quickly scribble notes, sketch a diagram, make corrections, etc. When I’m done with it, I wipe the page down.
It’s not perfect – the pages don’t always wipe down perfectly, and obviously it gets bumped around in my bag. So it won’t last forever. But it’s a nice touch that I can open & close the bindings, so I can easily get rid of any pages that are too beaten up.
The pens have a small eraser on the end, but it’s only suitable for very minor corrections. I have a Continue reading
The Proof Is in The Facebook Data Center Pudding
In case you missed it, Wired just exposed the elephant in the room with last week’s article on the next generation Facebook data center.
For years, anyone who’s had to build out or run a network has handed over large sums of money to the networking hardware titans, without the freedom to choose what to run on that hardware. But I’m sure if you’re someone who placed one of those orders, the thought crossed your mind if this was always going to be the norm.
Every time before you clicked or signed on that dotted line, you wondered whether it’s worth buying from the incumbents and playing in their locked-in world. Maybe deep down you had some burning desire to break away, but were afraid to stray from the blue chip way of life.
I feel your pain and it’s okay because we all want to maximize the value of our dollar. That’s why we all shop for the best choice and at the best price point; otherwise, we will just wait and buy another day.
I mean, you have the freedom to buy the servers you want, so why not have the freedom to buy the network gear that Continue reading
Just Published: PCI DSS Videos
The edited videos of the fantastic PCI DSS webinar Michele Chubirka presented in early July have finally been published (yes, there’s a huge backlog that’s getting cleaned up). Enjoy!
Net Neutrality: It’s regulation for the public good, not government takeover
My good friend Chuck Papageorgiou recently wrote a post on his blog he titled Net Neutrality – Policies or Politics in which he argued:
… as a capitalist and free-marketer, I have a hard time reconciling the notion that the Government should just take over privately deployed and owned assets without fairly compensating the TelCo’s and their shareholders for the investment they have made, and continue to make, in internet infrastructure.
Despite the fact that yesterday was Chuck’s birthday I’m going to disagree strongly with my friend.
To read this article in full or to leave a comment, please click here
IT’s march towards mass customization
[Unbeknownst to me, Matt Oswalt (@mierden on Twitter) posted a thematically similar post a few days before me. While I did not see that post, it seems disingenuous not to reference it, so please read his thoughts here: http://keepingitclassless.net/2014/11/mass-customization/]
IT is constantly evolving, from mainframes to disaggregated components to an integrated set of infrastructure elements working in support of applications. But that description is more about how individual infrastructure is packaged and less about the role that these solutions play. There is a more subtle but perhaps more profound change in IT that is simultaneously taking place: a shift in how IT architectures are actually being designed.
So what is at the heart of this change?
Single purpose infrastructure
IT was born with the mainframe. Mainframes were basically entire IT ecosystems in a box. They included compute, storage, networking and applications. But what is most notable about these solutions is that the entire system was aimed at providing a single outcome. That is to say that the mainframe itself was a composed system that was designed with a single purpose in mind: deliver some application.
In the early days of IT, there was no need for systems to run different Continue reading
Coping with Byzantine Routing Failures
One of my readers sent me an interesting challenge:
We have two MPLS providers sending us default routes and it seems like whenever we have problem with SP1 our failover is not happening properly and actually we have to go in manually and influence our traffic to forward via another path.
Welcome to the wondrous world of byzantine routing failures ;)
Read more ...CCIE Data Center Lab Preparation :: Notable Documentation CD Locations
It never fails … every class I teach I am asked the question “Where do I find topic X in the documentation?” Usually at the top of the lists are the topics that generally have longer configurations surrounding them that are sometimes hard to remember. Topics like FHRP isolation when using OTV, iSCSI gateway configuration on the MDS, Fibre channel zoning, and so on. So I wanted to compile a quick list of the top 3 that I am always being asked about.
The most popular topic is first-hop redundancy protocol isolation when using OTV. This can be a tricky one, as it contains MAC ACLs referencing the VMAC (virtual MACs) for the protocol you are trying to filter, access-list identifying the FHRPs multicast hello address, route-maps, route-redistribution filters, and VACLs. I will have to admit, it is one that I definitely had trouble remembering! The easiest way to find it is by locating the white paper outlining its use! Follow me!
Our famous starting point will always be here, we will call it “root”:
http://www.cisco.com/cisco/web/psa/default.html?mode=prod
From here we want to drill down:
Switches >> Data Center Switches >> Nexus 7000 Series Switches Continue reading
My Federal Communication Conniption
My Federal Communication Conniption
by Brian Boyko, Contributor - November 19, 2014
The Political Problem
The President of the United States called for the FCC to reclassify ISPs under Title II of the Communications Act as “common carriers.”
Your telephone company is a common carrier. It is illegal for, say, Telephone Company A to degrade service quality for calls to your grandmother, who uses Telephone Company B, or charge you more to connect to Telephone Company B.
What’s problematic is that FCC chairman, Tom Wheeler, is avoiding Title II regulation. And as Wheeler was a former lobbyist for the telecommunications industry, President Obama knew that Wheeler would probably not be for reclassifying ISPs as common carriers when he appointed him chair of the FCC back in November of 2013.
In fact, Wheeler is opposing Obama’s proposals. Naturally. Instead of putting the ISPs under Title II of the Communications Act of 1934, he wants to classify them under the Section 706 of the Telecommunications Act of 1996. However, courts have ruled that the FCC doesn’t have regulatory oversight of Section 706.
So, the President publically says one should classify ISPs as common carriers, but took the Continue reading
Show 213 – What’s Next for Avaya Enterprise Wireless – Sponsored
Unlike Gen Z’ers, who have never known a world without Wi-Fi (or Minecraft), some of us get to see technology come full circle. Join Alan Hase, VP of Avaya Networking, and the Packet Pushers as they outline (and relish and pontificate) how this phenomenon is playing out in WLAN and Mobility today. Alan highlights how […]
Author information
The post Show 213 – What’s Next for Avaya Enterprise Wireless – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.
iRules/Tcl – Watch the Comments
It’s pretty common practice to ‘comment out’ lines in scripts. The code stays in place, but doesn’t get executed. Perfect for testing, when you might need more debug output, or you want to run a slightly different set of actions. But you have to be careful when commenting out lines – it might catch you out, and the F5 iRules editor won’t save you.
Normally it’s pretty simple to comment out a line. Here’s a quick Bash example:
#!/bin/bash
FILECOUNT=`ls /tmp|wc -l`
if [ $FILECOUNT -lt 7 ]
then
echo "There are fewer than 7 files in /tmp"
run_command
fi
...
When I’m testing the script, I might not want to actually run that command. So I’ll quickly comment it out like this:
#!/bin/bash
FILECOUNT=`ls /tmp|wc -l`
if [ $FILECOUNT -lt 7 ]
then
echo "There are fewer than 7 files in /tmp"
#run_command
fi
...
The ‘#’ tells the shell to ignore anything else on that line. All pretty straightforward.
Today I was debugging an F5 synchronisation issue, where I got this message on synchronisation:
BIGpipe parsing error (/config/bigip.conf Line 333): 012e0054:3: The braced list of attributes is not closed for 'rule'.
The offending section looked like this:
when Continue reading
Wires Are The Exception
Last week I went to go talk to a group of vocational students about networking. While I was there, I needed to send a couple of emails. I prefer to write emails from my laptop, so I pulled it out of my bag between talks and did the first thing that came to mind: I asked for the wireless SSID and password. Afterwards, I started thinking about how far we’ve come with connectivity.
I can still remember working with a wireless card back in 2001 trying to get the drivers to play nice with Windows 2000. Now, wireless cards are the rule and wired ports are the exception. My primary laptop needs a dongle to have a wired port. My new Mac Mini is happily churning along halfway across the room connected to my network as a server over wireless. It would appear that the user edge quietly became wireless and no tears were shed for the wire.
It’s also funny that a lot of the big security features like 802.1x and port security became less and less of an issue once open ports started disappearing in common areas. 802.1x for wired connections is barely even talked about Continue reading
Using New Relic Server Monitoring With Cumulus Linux
One of the most visible trends on the Web today is the “SaaS-ification” of the enterprise. Major productivity functions like email and calendaring, customer relationship management (CRM), and IT systems management are gaining greater value by being deployed as cloud-based services. IT and systems monitoring companies like New Relic are thriving in the cloud as well.
Another major trend, one that Cumulus Networks is at the forefront of, is the transformation of the “switch as a server.” If you aren’t familiar, check out Cumulus Networks engineer Leslie Carr’s excellent PuppetConf 2014 presentation. Since Cumulus Linux supports Debian-based packages out of the box, we decided to take New Relic’s Server Monitoring product for a spin. We wanted to see how Cumulus Linux extends Server Monitoring’s functionality to monitoring switches.
Once logged into Cumulus Linux, installing the server agent takes just a few minutes, as expected. Leveraging the documentation and installation guide allowed us to get up and running in minutes.
Since it’s SaaS, there is obviously no server deployment required, so all you have to do is to log in to your New Relic account and start looking at the performance data that is automagically pushed to your dashboard. Here’s Continue reading
Python: Building a Simple NETCONF RPC Tool
Python: Building a simple NETCONF RPC Tool
For a while now I’ve been playing with NETCONF primarily with Cisco Nexus devices. It’s struck me how difficult it is to get good information on doing trivial things like building a simple NETCONF RPC wrapper
How would this be generated for instance? This is wrapper that can be submitted to the ‘xmlagent’ or ‘netconf’ subsystem on a Cisco Nexus device. Note the use of namespaces (nf:rpc, nxos:cmd) where nxos is a namespace? XML is easy for the most part. Namespaces on a personal level meant learning something new and how to deal with that knowledge programmatically.
<?xml version='1.0' encoding='ISO-8859-1'?>
<nf:rpc xmlns:nxos="http://www.cisco.com/nxos:1.0" xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="42">
<nxos:exec-command>
<nxos:cmd>interface ethernet 2/1; shutdown</nxos:cmd>
</nxos:exec-command>
</nf:rpc>
]]>]]>
Other than generating it via a text string and formatting placeholders with “%s”, there has to be a better way! Indeed there is!
NETCONF 101
The IPEngineer definition: NETCONF is an IETF standardizsed RFC (6241) defined mechanism to configure network devices over some kind of channel using XML encoded data over a secure layer such as SSH. When the channel is opened, a NETCONF ‘Hello’ exchange takes place between the client and Continue reading
See Schprokits Dance! Demo of Unreleased Code
My second “Secret Sunday” post back in August introduced Schprokits, a company founded by Jeremy Schulman, previously the Director of Network Automation at Juniper.
I was truly flattered when Jeremy invited me to be part of a small team testing early Schprokits code (and trust me, I am way outclassed by the rest of the testers!), and having had a chance to try out what is probably only a small proportion of the code, I thought I would take the opportunity to share some early impressions of the software.
TLDR: I’m having fun!
What Is Schprokits?
The Schprokits website says that it is “Inspired By DevOps. Built For NetOps.” Jeremy is trying to take the principals behind DevOps and apply them to something that’s usable by people who don’t program every day but want to automate their networks nonetheless. And so it does. Schprokits “coding” is based around Workbooks and those workbooks contain a number of Actions. Workbooks are written in YAML which is probably one of the easier formats to learn as it’s very human-readable. In case you haven’t seen YAML before, what do you think is going on in the code below?
actions:
- info: Continue reading