Using Ping Sweep to Find MTU Ceiling

Earlier this week I had breakfast with a very interesting group. One of those present had an extensive history with Cisco systems. We talked about his tenure and several of the projects that he had been involved in. For some reason, one that caught my attention was the sweep option that we find in the extended Ping utility. Although it is hard to believe, there was a point in time that this gem didn’t exist.

I’ve written a few articles about the challenges of path MTU discovery and the issues that arise when it misbehaves. Today’s article looks specifically at using a ping sweep and how it can be used to quickly identifying the path MTU ceiling. The topology used for testing is simple and shown below. Notice that the two top routers are connected by a link with a lowered MTU (1492).

Ping Sweep MTU Discovery

Let’s step through the process that an administrator might go through when a networked application isn’t working correctly. He or she would likely determine the endpoints and confirm reachability. For this example, I am testing a connection between 192.168.1.1 and 192.168.4.4. The ping command is the tool of choice for confirming reachability.

Basic Continue reading

Storage Primer

Storage is a very critical component in the current IT domain. Choosing the right Storage platform and software is a critical part of a good Data center whether it is internal or external cloud. Even though I understood some Storage basics, I never ventured deep to understand the different storage technologies available. I tried to … Continue reading Storage Primer

Disappointed With Check Point

I have recently started working with Check Point products again, after a 5-year break. This has given me a different perspective on how they are progressing. It has been disappointing to see that they’re still suffering from some of the same old bugs. Some of the core functionality is now showing its age, and is no longer appropriate for modern networks.

When you’re using a product or technology on a regular basis, it can be hard to accurately gauge progress. Maybe it feels like there are only incremental changes, with nothing major happening. But then you come across a 5-year old system, and you realise just how far we’ve come. If you don’t think iOS is changing much, find some videos of the first iPhones.

The opposite is when it feels like there are many regular enhancements…but when you step back you see that core product issues are not dealt with. It can be hard to see this when you’re working at the coal-face. You need to step away, work with other products and systems, then return.

That’s what I’ve done with Check Point recently. Through much of the 2000s, I did a huge amount of work with Check Point firewalls. Continue reading

Plexxi Pulse – This Week at Strata + Hadoop World

This week we joined thousands of thought leaders, analysts, vendors and end-users at the O’Reilly Strata + Hadoop World in New York. This event brings together the business and science of Big Data, allowing attendees to learn about emerging technologies through case studies and guest speakers. It’s been a busy week featuring excellent speakers from all over, including The New York Times and Cloudera. While we’re veterans of other industry events such as Interop and VMworld, we’re newbies here, so it’s exciting to experience this all for the first time. Judging by how things have gone so far, you can bet we’ll be back next year for more.

In this week’s PlexxiTube video of the week, Dan Backman highlights how Plexxi integrates with VMware.

Below are our best reads of the week – enjoy!

Data Center SDN growing 65% this year

In a recent article in Network World, Jim Duffy highlights the massive growth within the datacenter market – evidenced by a 65 percent growth in 2014 as reported by the Dell’Oro Group. Personally, I think it will be interesting to see if SDN survives as a separate feature out of the larger networking market. If the datacenter Continue reading

Congratulations on the Birth of SocketPlane!

I wanted to take a quick moment to offer up my congratulations, and share the news about SocketPlane. Their press release announcing that they had received investment from LightSpeed Venture Partners says: SAN FRANCISCO, October 15, 2014 – Today SocketPlane, an … Continue reading

If you liked this post, please do click through to the source at Congratulations on the Birth of SocketPlane! and give me a share/like. Thank you!

The FBI’s statements are Orwellian

Recently, FBI Director James Comey gave a speech at the Brookings Institute decrying crypto. It was transparently Orwellian, arguing for a police-state. In this post, I'll demonstrate why, quoting bits of the speech.


"the FBI has a sworn duty to keep every American safe from crime and terrorism"
"The people of the FBI are sworn to protect both security and liberty"

This is not true. The FBI's oath is to "defend the Constitution". Nowhere in the oath does it say "protect security" or "keep people safe".

This detail is important. Tyrants suppress civil liberties in the name of national security and public safety. This oath taken by FBI agents, military personnel, and the even the president, is designed to prevent such tyrannies.

Comey repeatedly claims that FBI agents both understand their duty and are committed to it. That Comey himself misunderstands his oath disproves both assertions. This reinforces our belief that FBI agents do not see their duty as protecting our rights, but instead see rights as an impediment in pursuit of some other duty.


Freedom is Danger

The book 1984 describes the concept of "doublethink", with political slogans as examples: "War is Peace", "Ignorance is Strength", and Continue reading

Workload Mobility and Reality: Bandwidth Constraints

People talking about long-distance workload mobility and cloudbursting often forget the physical reality documented in the fallacies of distributed computing. Today we’ll focus on bandwidth, in a follow-up blog post we’ll deal with its ugly cousin latency.

TL&DR summary: If you plan to spread application components across the network without understanding their network requirements, you’ll get the results you deserve.

Read more ...

Application Routes with onePK and the Need for Better Libraries

It’s been some time since I wrote about Cisco’s onePK.  In this post, I’ll look at some of the good and the bad of onePK and also show an example of how to add a route to a device running onePK to help make a few points along the way.
The Bad

I’ve never heard anyone speak positively about onePK and I’m not sure I 100% agree, but I’ll save the positivity for the next section.  onePK is a thick Software Development Kit (SDK).  If you are a network engineer looking to learn to program from the ground up, it may NOT be the BEST place to start.  That said, if you are looking to learn about object oriented programming, listener APIs, etc., and can spare some time, it’s a great place to start.  If you’re already a developer, it probably won’t be much different compared to learning any other SDK.

Another thing to be weary of is that onePK was not intended to be a configuration API.  I voiced my opinion on this already and I do think things are headed in the right direction, but it always helps knowing the history. Continue reading

Automating the Cabbage Patch Network Today (2014)

“Sometimes my head is a bit of an idiot” is something my daughter might say and that happens to me too, if that time is today and this article, let me know. If you don’t get the Cabbage Patch reference and its juxtaposition to automation, see here. I’ve tried to avoid sarcasm (and arrogance) but have […]

Author information

Steven Iveson

Steven Iveson

Steven Iveson, the last of four children of the seventies, was born in London and has never been too far from a shooting, bombing or riot. He's now grateful to live in a small town in East Yorkshire in the north east of England with his wife Sam and their four children.

He's worked in the IT industry for over 15 years in a variety of roles, predominantly in data centre environments. Working with switches and routers pretty much from the start he now also has a thirst for application delivery, SDN, virtualisation and related products and technologies. He's published a number of F5 Networks related books and is a regular contributor at DevCentral.

TwitterLinkedIn

The post Automating the Cabbage Patch Network Today (2014) appeared first on Packet Pushers Podcast and was written by Steven Iveson.

IOS: show tcp vty


On Cisco IOS, this is a very useful command "show tcp vty xx" to show TCP statistics of the VTY session. If you think your terminal is running slow because of packet loss or delay then this command will provide visibility. The other cause is the CPU/Memory running slow if you don't see any errors on the TCP (as you can see below).

The post IOS: show tcp vty appeared first on EtherealMind.

Cisco ACI Fabric Forwarding In A Nutshell

As I study software defined networking architectures, I’ve observed that none of them are exactly alike. There are common approaches, but once diving into the details of what’s being done and how, even the common approaches seem to have as many differences as similarities. One of the most interesting elements of SDN architectures […]

Wrapping up the Debate

What do you want to be when you grow up? Can you picture it? Close your eyes. Now give your mental self a super-hero kind of outfit. What’s emblazoned on your shirt? What job roles do you think you’d like? What technology do you think you’d like to work with?

In the past, most networkers put some cert letters or logo on their mental super-hero selfie. However, I think that the changes in the networking industry mean that we need to pay a little more attention to building that future self-image through better professional development planning. Those plans help try and reach that ideal image of where we want to be in our careers – and how we go about planning our own development has to change along with the rapid changes in the networking industry.

Wrapping the Series

This really will be the last in this series, with posts related somehow to our Interop debate about traditional certs vs. SDN skills development. Here’s a list of the other posts in the series:

Drupal 7 SA-CORE-2014-005 SQL Injection Protection

Yesterday the Drupal Security Team released a critical security patch for Drupal 7 that fixes a very serious SQL injection vulnerability. At the same time we pushed an update to our Drupal WAF rules to mitigate this problem. Any customer using the WAF and with the Drupal ruleset enabled will have received automatic protection.

Rule D0002 provides protection against this vulnerability. If you do not have that ruleset enabled and are using Drupal clicking the ON button next to CloudFlare Drupal in the WAF Settings will enable protection immediately.

CloudFlare WAF protection can help mitigate vulnerabilities like this, but it is vital that Drupal 7 users upgrade to the safe version of Drupal immediately.

The network won’t fit in your head anymore

Triggered by a discussion with a customer yesterday, it occurred to me (again?) that network engineers are creatures of habit and control. We have strong beliefs of how networks should be architected, designed and build. We have done so for long times and understand it well. We have tweaked our methods, our tools, our configuration templates. We understand our networks inside out. We have a very clear mental view of how they behave and how packets get forwarded, how they should be forwarded. It’s comfort, it’s habit, we feel (mostly) in control of the network because we have a clear model in our head.

I don’t believe this is a network engineering trait per se. Software engineers want to understand algorithms inside out, they want to understand the data modeling, types structures and relationships.

Uncomfortable

Many of us know the feeling. Something new comes around and it’s hard to put your head around it. It challenges the status quo, it changes how we do things, it changes what we (think we) know. When we are giving responsibility of something new, there is a desire to understand “it” inside out, as a mechanism to be able to control “it”.

I Continue reading

1 3,629 3,630 3,631 3,632 3,633 3,779