NetworkingNexus.net

Simple Python Syslog Counter

Recently I did a Packet Pushers episode about log management. In it, I mentioned some of the custom Python scripts that I run to do basic syslog analysis, and someone asked about them in the comments.

The script I'm presenting here isn't one of the actual ones that I run in production, but it's close. The real one sends emails, does DNS lookups, keeps a "rare messages" database using sqlite3, and a few other things, but I wanted to keep this simple.

One of the problems I see with getting started with log analysis is that people tend to approach it like a typical vendor RFP project: list some requirements, survey the market, evaluate and buy a product to fit your requirements. Sounds good, right? The problem with log analysis is that often you don't know what your requirements really are until you start looking at data.

A simple message counting script like this lets you look at your data, and provides a simple platform on which you can start to iterate to find your specific needs. It also lets us look at some cool Python features.

I don't recommend pushing this too far: once you have a decent idea Continue reading

Simple Python Syslog Counter

Article Archives

Here are some of the most popular posts on Revolution Wi-Fi, grouped by topic.

Note - This is NOT a comprehensive archive of articles on this blog.

802.11ac Gigabit Wi-Fi Series:

High-Density Wi-Fi Design Series:

Wi-Fi Quality of Service Series:

Wi-Fi Roaming Analysis Series:

Hot Potatoes and Network Neutrality

Hot Potatoes and Network Neutrality

by Cengiz Alaettinoglu, CTO - July 1, 2014

If you are reading this blog, you probably know what I mean by hot potatoes. The routing in the Internet is often referred to as hot potato routing. This analogy comes from how BGP and IGP work together so that incoming IP packets to an Autonomous System (AS) are treated like hot potatoes. If someone hands you a hot potato, what do you do? You pass it to the next person as soon as possible. This is what BGP and IGP routing do. When IP packets enter a network, they are delivered to the next AS as soon as possible.

Since most of the network neutrality debate is regarding Netflix, Comcast and Verizon these days, let’s see how hot potato routing works in this scenario. Netflix buys transit services from Cogent, another service provider (see our related white paper on peering relationships). Their agreement is that Cogent will deliver Netflix’s IP packets to their destinations. I, as a consumer, buy “Internet service” from Time Warner. My agreement with them is for all-I-can-eat Internet access with up to 30Mbps download speeds for about $80 a month. Continue reading

Dock Dock. Who’s there?

In my previous post about Docker, I focused on an introduction to networking with Docker. That post had a fair amount of traction mainly due to it being #dockercon the week it was published, and seemingly, people had an interest in learning more about it. Following the post, there were a few folks (@hartley and others) that pointed me to some great links about more advanced concepts in Docker and a site that validated what I was speculating with leveraging overlay tunnels as means for connectivity between nodes running Docker.

After reading through a few posts and the links about libswarm and libchan, it was on my mental to-do list to learn more about them and test more advanced designs. In the meantime, the friendly folks at Digital Ocean let me know about a local meetup where James Turnbull, VP of Services at Docker, was presenting. The meetup was tonight. It was a short presentation, but for me, it was eye opening (it may be because I’ve been *mostly* focused on networking). So, you won’t find a deep dive here like the last post, but rather, some general thoughts on Docker motivated from Continue reading

The Impact of White Box on Cloud Networking

The adoption of cloud networking architectures by both the hyper-scale cloud companies and increasingly enterprise networks proves the need for open standards and modern networking software to gain the benefits of agility, programmability and resiliency. These architectures are all driven by the move to standardized topologies and container-scale deployment to achieve cloud economics.

The recent Facebook introduction of a reference design to align to the OCP (Open Compute Platform) server project with a network switch (“Wedge”) based on a Linux OS is a good benchmark for the use of open standards, control and merchant silicon. While many may view this as a threat to legacy proprietary networking, to me it’s a welcome validation of Arista’s approach to building modern software that is open and programmable as opposed to a proprietary, bloated and complex legacy OS. It is also a symbol of Arista’s co-development of APIs offering access for specific application control in Facebook’s network. This is a fitting example of how “white box” technology could be applied to a specific SDN use case. It is not trying to address broad data center use with multiple applications and mobile workloads.

Arista EOS for Universal Workloads and Workflows

Two factors are driving Continue reading

Internets of Interest for 30th June 2014

Collection of useful, relevant or just fun places on the Internets for 30th June 2014 and a bit commentary about what I’ve found interesting about them: Minimum Viable Bureaucracy, June 2014 Edition // Speaker Deck – Enjoyed this presentation on “Minimum Viable Bureauracy” – some stimulating ideas on how to build better managers of […]

The post Internets of Interest for 30th June 2014 appeared first on EtherealMind.

Always wanting to join new HPN Scripting GitHub community!!!!

Dear network community, Last week HP had great ETSS event. As promised after my HPN Scripting session at ETSS I would launch the HPN-Scripting repository on GitHub (https://github.com/networkingdvi/HPN-Scripting). All the example scripts from the presentation are uploaded and scripts I … Continue reading →

Spine/Leaf Topology Explorer with Ansible

I’ve mentioned before the need for networks to be addressed in a very programmatic way. Very often, I’ve found the discussion is actually a lot less about “programming language” details and more about getting rid of the methodology of addressing the network as a mere “collection of boxes” (see “Box Mentality“).

Instead, we have the ability to address the network as any developer would address the distributed components of an application. We acknowledge that networks are a distributed system – it’s what makes them as scalable as they have been. However, it’s important to understand we can address configuration and troubleshooting needs in a unified, automated way as well.

My goal in this post is to explore one particular application of such a methodology. I will use Ansible to first create a dataset that represents a spine/leaf network topology – also demonstrating how it might scale beyond my small lab implementation – then I will move into some kind of network task based on this information.

I have access to a few Cisco Nexus 9000 switches in the lab, and I wanted to be able to model a spine/leaf topology in a very elegant way that would (theoretically) scale as Continue reading

Show 194 – SDN Northbound Interfaces with Sarwar Raza + Colin Dixon

At a conference I attended in late 2013 or early 2014 (I’ve forgetten which one), I was privileged to hear Sarwar Raza (HP, ONF) discuss the challenge of creating and implementing SDN northbound interfaces (NBI). Then at the Open Daylight Summit in February 2014, I found myself in a conversation with Colin Dixon (Brocade, formerly […]

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post Show 194 – SDN Northbound Interfaces with Sarwar Raza + Colin Dixon appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Spine/Leaf Topology Explorer with Ansible

DNS Packet

The Naked DNS Packet

The above shows the DNS Opcodes in a DNS request.

Additional insight into the packet - As you can see that the DNS server responding was not authoritative and supported recursion.

IP Subnetting Part 2: Simple Subnetting Examples

Subnetting is a foundational concept in IP networking. Although it is often misunderstood and even dreaded, this is a simple concept if we could look at things from the perspective of binary. However the combination of binary concepts, IP addressing and subnet masking is a lot to attempt to understand at once.

In this article, we will look at some simple examples that are meant to illustrate the process of IPv4 subnetting. This is not meant to be a comprehensive study. It is meant to build my previous subnetting article and should introduce only basic concepts. In future articles, we will delve into more complex and complete examples of IP subnetting.

In an earlier article, I outlined the concept of Classful IP Addressing. That knowledge is a fundamental starting point for the IP Subnetting discussed here. In that article, I outlined three classes of unicast IP addresses. The class an IP address belongs to determines what part of the address is the network and what part is the host. That assumption can be overridden when by applying a subnet mask to the configuration of a modern IP stack.

Example IP Addresses

Address           Class           Network           Continue reading

Docker Essentials – The docker file

So we’ve done quite a bit with docker up to this point. If you’ve missed the earlier posts, take a look at them here…

Getting Started with Docker
Docker essentials – Images and Containers
Docker essentials – More work with images

So I’d like to take us to the next step and talk about how to use docker files. As we do that, we’ll also get our first exposure to how docker handles networking. So let’s jump right in!

We saw earlier that when working with images that the primary method for modifying images was to commit your container changes to an image. This works, but it’s a bit clunky since you’re essentially starting a docker container, making changes, exiting out of it, and then committing the changes. What if we could just run a script that would build the image for us? Enter docker files!

Docker has the ability to build an image based on a set of instructions referred to as a docker file. Using the docker run command, we can rather easily build a custom image and then spin up containers based upon the image. Docker files use a Continue reading

Choosing Sides In Technology

Sometimes There Is Too Much Choice

I started out the evening writing a post on Aruba ClearPass, but this has been weighing on my mind lately, so I figured Aruba ClearPass can wait.

It seems that the Internet is filled with all sorts of opinions as it relates to all things IT. Shocking, isn’t it?

We squabble over all sorts of technical things that mean a great deal to us as IT folks, but probably not a whole lot to the people who actually benefit from the use of those systems. Yes, I am referring to the end users. What do they care about? They care about their systems working. That’s it. They have their own jobs to worry about. This can be confirmed by the fact that end users almost never call up the IT department or fire off an e-mail unless there is a problem. Consider exhibit A:

1. Does it work? Great. I can do my job. The IT department isn’t even on my mental radar.

2. Is it broken? Uh oh. Now I can’t do my job as effective, or quite possibly, at all. Time to notify IT to get this thing back up and running.

EIGRP and OSPF – Are We Connected?

For both OSPF and EIGRP routers to become neighbors, their interface’s primary IP address must be on the same subnet. That statement is true. There is a difference in the definition of “same subnet”, though.

In OSPF, both routers have to be configured to be on the same subnet with the same mask or else they won’t neighbor up. When an hello packet is sent, the subnet mask is sent embedded in there. The router does a quick look to be sure the subnets are defined the same way on both ends. If everything doesn’t match, they don’t neighbor. Here’s a Wireshark screenshot to show you the OSPF hello. Note: See edit below.

In EIGRP,the subnet mask isn’t sent in the hello packet, so that doesn’t come into play. Each router does a subnet calculation on the source address of the potential suitor, and, if that guy falls within the connected network, the peering magic happens. Here’s another Wireshark shot for you to enjoy.

Send any ~~Wireshark certification vouchers~~ questions my way.

Edit: I did some further research on Julius’s comment about point-to-point links in OSPF. It is absolutely true that point-to-point links do indeed ignore the subnet Continue reading

Docker performance monitoring

IT’S HERE: DOCKER 1.0 recently announced the first production release of the Docker Linux container platform. Docker is seeing explosive growth and has already been embraced by IBM, RedHat and RackSpace. Today the open source Host sFlow project released support for Docker, exporting standard sFlow performance metrics for Linux containers and unifying Linux containers with the broader sFlow ecosystem.

Visibility and the software defined data center

Host sFlow Docker support simplifies data center performance management by unifying monitoring of Linux containers with monitoring of virtual machines (Hyper-V, KVM/libvirt, Xen/XCP/XenServer), virtual switches (Open vSwitch, Hyper-V Virtual Switch, IBM Distributed Virtual Switch, HP FlexFabric Virtual Switch), servers (Linux, Windows, Solaris, AIX, FreeBSD), and physical networks (over 40 vendors, including: A10, Arista, Alcatel-Lucent, Arista, Brocade, Cisco, Cumulus, Extreme, F5, Hewlett-Packard, Hitachi, Huawei, IBM, Juniper, Mellanox, NEC, ZTE). In addition, standardizing metrics allows allows measurements to be shared among different tools, further reducing operational complexity.

The talk provides additional background on the sFlow standard and case studies. The remainder of this article describes how to use Host sFlow to monitor a Docker server pool.

First, download, compile and install the Host sFlow agent on a Docker host (Note: The agent needs to Continue reading

Musing: Flexpod at $2B Run Rate, VCE at $1.8B – Thats Unexpected

I'm completing a report for InformationWeek where the results suggest that customer have declining interest in converged hardware platforms. Then I noticed this post from Cisco on sales of FlexPod.

The post Musing: Flexpod at $2B Run Rate, VCE at $1.8B – Thats Unexpected appeared first on EtherealMind.

ERSPAN – My New Favorite Packet Capturing Trick

When I first looked at the documentation for ERSPAN I could imagine some uses for it. In some cases it could replace RSPAN, but since it’s only available on Cisco Nexus switches, newer Catalyst 6500s, Cisco ASR routers, and other “high end” devices, I determined that it really had limited uses. But I was wrong. […]

Author information

Gary Sckolnick

Gary is a Senior Network Engineer at a large academic medical center. Gary has over 17 years of networking and IT experience primarily in healthcare, manufacturing, and as a networking consultant both in Europe and in the U.S. Although a networking jack-of-all-trades, Gary’s primary focus is data center networking and network security. Gary blogs periodically at PacketPushers.net.

The post ERSPAN – My New Favorite Packet Capturing Trick appeared first on Packet Pushers Podcast and was written by Gary Sckolnick.

« Previous 1 … 3,671 3,672 3,673 3,674 3,675 … 3,783 Next »