On-going BGP Hijack Targets Palestinian ISP

It’s a new year, but some things never change. In the past few days we have observed a spate of incidents of routing misbehavior including two man-in-the-middle routing hijacks conducted in the past couple of days by A2B Internet out of the Netherlands.

Beginning at 00:33:44 UTC on Thursday, 8 January, we began observing a routing hijack of IP address space normally announced by Mada Telecom (AS51047), a Palestinian ISP with presence in both Gaza and the West Bank. Beginning at that time, A2B Internet B.V. (AS51088) began announcing 46.244.81.0/24, which is a more-specific route of 46.244.80.0/23, normally announced by Mada.

Traceroutes directed to this address space are presently being re-directed to A2B Internet’s network in the Netherlands before continuing on to Palestine. For example:



trace from Cyberjava, Malaysia to Mada Telecom, PS on Jan 09, 2015

1                                                              *

2  x.x.x.x         (Cyberjaya, Malaysia)                   3.442

3  113.23.163.57   (Extreme Broadband, Malaysia)           0.696

4  113.23.190.109  (Extreme Broadband, Malaysia)           1.222

5  218.189.12.101  global.hgc.com.hk                      35.854

6  218.189.8.102   global.hgc.com.hk                      36.742

7  118.143.224.243 (Hutchison, Singapore)                 41.628

8  218.189.8.142   (Hutchison, Amsterdam)                190.787

9  195.219.150.6   (Tata, Amsterdam, NL)                 213.494

10 46.244.0.4      (A2B Internet, NL)                    200.990

11 141.136.97.5    (GTT, Amsterdam)                      268.366

12 4.68.70.97      xe-5-0-1.edge3.Amsterdam.Level3.net   300.909

13 4. Continue reading

iPexpert’s Newest “CCIE Wall of Fame” Additions 1/09/2015

Please Join us in congratulating the following iPexpert client who has passed his CCIE lab!

This Week’s CCIE Success Stories

Srikanth Navuluri, CCIE #45896 (Routing & Switching)
Rodrick Burke, CCIE #46154 (Wireless)
Bradley Lierman, CCIE #46093 (Collaboration)
Lee Ramirez, CCIE #46113 (Wireless)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

Plexxi Pulse—Networking Predictions: 2015 Edition

Happy New Year! The year is off to a great start and we are excited to see what 2015 will bring to the networking space. I have a few predictions of my own (think policy and disaggregation) that were recently published in Network World. What are your networking predictions for 2015? Below are our top picks for networking stories this week.

In this week’s PlexxiTube #FBF (Flashback Friday) video of the week, Dan Backman interviews VMworld 2014 attendees and asks what they’ve done to help their networks accommodate to Big Data.

Network World: SDN, data center predictions for 2015
By Jim Duffy
The predictions for data center and SDN in 2015 are still rolling in. Technology Business Research says software will pervade the data center while start-up Plexxi believes policy and disaggregation will be front and center. Here’s the link to TBR’s 2015 Data Center Predictions. Some of the more interesting prognostications in it are the acceleration of SDN in the enterprise and the ability of hyperconvergence to converge.

Network Computing: 10 SDN Startups On The Cutting Edge
By Marcia Savage
Small companies flush with VC money have led the way in software-defined networking. Here are 10 of the hottest Continue reading

Mikrotik L2TP with IPsec for mobile clients

I got some questions about how to configure Mikrotik to act as L2TP Server with IPsec encryption for mobile clients. I know this is not exactly in the line of this blog oriented on enterprise networks, but it’s network technology in the end so I’ll try to cover it here.

CCIE R&S,SP,Wireless,Collaboration,Datacenter,Security Preparation Recommendations

Orhan Ergun and Neil Moore talked about CCIE Preparation on the packetpushers podcast. Neil Moore is only 8xCCIE in the world and well known geek and HP fellow. Which exam is the hardest ? What are their advises ? Which certification should be received first, what should be the order ? CCIE vs […]

The post CCIE R&S,SP,Wireless,Collaboration,Datacenter,Security Preparation Recommendations appeared first on Network Design and Architecture.

Palo Alto Virtual Firewalls on Software Gone Wild

One of the interesting challenges in the Software-Defined Data Center world is the integration of network and security services with the compute infrastructure and network virtualization. Palo Alto claims to have tightly integrated their firewalls with VMware NSX and numerous cloud orchestration platforms - it was time to figure out how that’s done, so we decided to go on a field trip into the scary world of security.

Book Review – End-to-End QoS Network Design: Quality of Service for Rich-Media & Cloud Networks, Second Edition

As part of my CCDE studies, I needed a good resource on QoS. There have basically been two good books on QoS before, the first edition of End to End Qos Network Design and Qos-Enabled Networks: Tools and Foundations. The first edition of this book is good but very dated, it was released back in 2004. Qos-Enabled Networks is a great book but it’s written to not be vendor specific, so you will not get details on platforms or configuration snippets.

In my opinion, earlier books gave a good foundation to understand QoS concepts but there were too few design cases, they were lacking platform information and not enough examples to be able to act as a reference. Since the first edition of this book, a lot has happened, new products and new Places In the Network (PIN) such as Datacenter, Wireless and to some degree MPLS.

The book is written by Tim Szigeti, Christina Hattingh, Robert Barton and Kenneth Briley Jr. Tim is a long time CCIE, technical leader at Cisco. He is the QoS gury responsible for a lot of the Cisco Validated Designs (CVDs) and a frequent presenter at Cisco Live. Christina is a former Technical Marketing Continue reading

Networking FAQ 2: Certifications

Continue reading · No comments

Problems with kvm-ok in VIRL with VMWare Player

I'm installing Cisco VIRL, and despite following the instructions regarding nested virtualization settings, the kvm-ok command was still complaining. I needed to edit the .vmx file for the VIRL VM and add/edit the following:

monitor.virtual_mmu = "hardware"
monitor.virtual_exec = "hardware"
vhv.enable = "TRUE"
monitor_control.restrict_backdoor = "true"

Problems with kvm-ok in VIRL with VMWare Player

monitor.virtual_mmu = "hardware"
monitor.virtual_exec = "hardware"
vhv.enable = "TRUE"
monitor_control.restrict_backdoor = "true"

It’s the logical flow that matters!

Yes, kind of like the phrase “It’s the economy stupid” from the 1992 presidential campaign. As we ramp up to the

Inside AT&T’s grand plans for SDN

AT&T spends some $20 billion per year on capital expenditures, the bulk of that on its massive network, and recently announced a bold plan to adopt Software Defined Networking and Network Function Virtualization in a big way. Network World Editor in Chief John Dix caught up with AT&T Senior Vice President of Architecture & Design Andre Fuetsch for a deeper dive on the grand plan. Let’s start with some background on your role. As I understand it you lead a team of 2,000 engineers and computer scientists. Basically I’m over the architecture and design organization and that includes AT&T’s advanced research organization, AT&T Labs. Our Foundry is also under my purview, which is basically an innovation program where we invite select vendors to come play in our sandbox and innovate new ideas. The bulk of my organization is architecture and design, as well as development. What we do is take the architectures we’re working on, prototype them, build them out, test them, and, if they look viable, scale them and put them into production.To read this article in full or to leave a comment, please click here

No VMware NSX manager connected

If the VMware vSphere Web Client shows no connected NSX Manager, try to restart the NSX Manager service. The issue can happen if the vCenter is restarted or starts after the NSX Manager. Connect to the NSX Manager and in the summary view stop and restart the NSX Management Service : After a while the vCenter […]

IPsec VPN Mikrotik to Cisco

Not long ago I wrote an article on how to configure an IPsec VPN using Mikrotik and Linux devices. For today, I will replace the Linux device with a Cisco. I did test the entire construct in GNS3 integrated with Mikrotik.

Moving a powered off VM from CLI

In this short post we’ll see how to move a powered off VM from one host to another one using CLI commands. The first step is list the required VM: ~ # vim-cmd vmsvc/getallvms Vmid Name File Guest OS Version 4 vcenter1 [esx1_datastore] vcenter1/vcenter1.vmx windows7Server64Guest vmx-08 The VM ID is 4. Let’s check the power […]

GNS3 Jungle Reaches More Than 125,000 Members Inside 60 Days

Today we are extremely excited to announce a major milestone in the GNS3 Community. Since launching over two months ago we have

Converting URLs to Jekyll References

In my post about the story behind the migration, I mentioned that I made extensive use of regular expressions (“regexes”) to help reformat portions of the Markdown documents that are used by Jekyll to build this site. In this post, I wanted to briefly share one of the regexes I used (and am still using) to convert URLs to Jekyll references.

First, let me clarify what I mean by Jekyll references. Jekyll offers a tag (not to be confused with content tags, more like a function) named post_url that will automatically build the correct URL when passed the filename of a content source. For example, if my _posts directory had a Markdown file named 2015-01-02-my-first-blog-post-of-2015.md, then I could use the filename (2015-01-02-my-first-blog-post-of-2015) inside a post_url tag, and Jekyll would automatically convert that to the appropriate permalink (URL) for that blog post. If the permalink ever changed for whatever reason, whenever the site is regenerated Jekyll would convert that tag to the new permalink. This helps you ensure that every time you update your site (which, when used on GitHub Pages like I’m doing, means every time you push commits to GitHub using git push origin Continue reading

Latency: the Killer of Spread-Out Application Stack Ideas

A few months ago I described how bandwidth limitations shatter the dreams of spread-out application stacks with elements residing (or being dynamically migrated) between data centers. Today let’s focus on bandwidth’s ugly cousin: latency.

TL&DR Summary: Spreading the server components of an application across multiple locations (multiple data centers or hybrid cloud deployments) can easily result in dismal performance even when there’s plenty of bandwidth available.

Ansible Tower 2.1 Released

Tower2.1_BlogHeader

Today we're excited to release Ansible Tower 2.1, the next version of the UI, Server, and REST endpoint for Ansible Tower. This release adds several major new features:

Surveys may now be created with our easy form builder and can be attached to any job template in Ansible Tower. When launching a job with an attached survey, the system will prompt the user to answer any number of questions - multiple choice, numeric, text, etc. The results of these questions will then be available as variables in Ansible Tower jobs. Surveys are graphically constructed from within the interface with no programming required.

Portal Mode is a simplified view into Ansible Tower. If you have users who are not Ansible experts that need to run Ansible jobs, Portal Mode presents a simple two column view. On one side, there's a list of all the job templates they can launch. On the other side, there's a list of all the completed or in-progress jobs they can view, to know how their job is running.

Combined, these two features provide solid options for users that want to provide self-service features to others. For instance, admins can let developers or QA departments provision Continue reading

Bare Metal For the Rest of Us

Bare metal switching technology fueled the world’s big cloud data centers, with a simplified supply chain as the economic driver. Now the technology and economics are hitting the mainstream in open networking solutions for the rest of us.

Bare metal servers changed the world of compute. The same thing is happening in networking: bare metal switches are the foundation for an inevitable shift in data center networking. The movement is called “open networking” but at it’s core, it’s really just about great physical networks with the additional benefits of a rich ecosystem, broad support for automation and monitoring tools, and improved economics.

The big players in bare metal switching – including Accton and Quanta – leverage best-in-class components to deliver high performance switches, and they do it fast. Add an OS (more on that later) and you’ve got a disaggregated model that enables networking that fulfills the vision of the software-defined data center. If SDDC doesn’t matter so much to you, then think of this: bare metal may fulfill your vision of a more affordable, manageable network that gives you the time and funding for more projects that really help your business.

(For comparisons on pricing and shipping speed versus Continue reading

« Previous 1 … 3,653 3,654 3,655 3,656 3,657 … 3,841 Next »