What’s the best approach to building next-generation data center networks?

Experts are in agreement that Software Defined Networking/Network Virtualization will make the network world more efficient and more agile, but opinions vary on the best path forward. We reached out to two of the most prominent players to ask them to spell out why they think their approach is best.

The Experts

Chris King

vice president of product marketing in VMware’s Networking & Security Business Unit, argues that network virtualization – embodied in the company’s NSX product -- is the way to go because it abstracts network control from network hardware while replicating everything the application expects to see, vastly simplifying the task of building and managing complex network environments. View debate

To read this article in full or to leave a comment, please click here

Internets of Interest for 5th June 2014

  Collection of useful, relevant or just fun places on the Internets for 5th June 2014 and a bit commentary about what I’ve found interesting about them: VMware NSX, Multi-Hypervisor Capability, and FUDslinging — The Peering Introvert – An outbreak of FUD slinging from Cisco at Cisco Live last week which was poorly executed. Factually […]

The post Internets of Interest for 5th June 2014 appeared first on EtherealMind.

Musing: Cisco UCS is leading vendor for server blades, in the Americas, by revenue

There are two sides to Cisco's success with UCS announced today. It's a great achievement that has a hidden challenges.

The post Musing: Cisco UCS is leading vendor for server blades, in the Americas, by revenue appeared first on EtherealMind.

Outlier or Leader? Learning from Google’s Andromeda SDN

Outlier or Leader? Learning from Google's Andromeda SDN

A bit like how physics breaks down when you start talking about the supermassive black holes, all the conventional wisdom about best practices regarding SDN deployment goes out the window when you start talking about the outliers of the biggest companies. 

There's a very good reason that "Google" was named after a really big number. 

Google, and companies like them (Amazon, Microsoft, etc.) who have super-large, complex network infrastructures, face challenges that 99.99% of enterprises will never have. It makes financial sense for them to invest in custom technologies to address their unique challenges and give them competitive advantages. Not surprisingly then, their SDN deployments are full of unique, in-house solutions to unique, in-house problems. 

Google's SDN is codenamed Andromeda, and not only is it used with Google's own servers but also in two zones of Google’s IaaS, Compute Engine. 

As Google’s Cloud Platform Blog states, its virtual network has to compete with the physical network when it comes to performance, availability, and security. This has to be done "across virtual machines, hypervisors, operating systems, network interface Continue reading

Cisco now #1 on bladeservers in US with the Cisco UCS

Five years ago, Cisco started out on their journey to get in on the server market.
Very few people believed that Cisco would get a big share of the market.
Today, just five years later we are reached by the news that Cisco is now
the largest seller of blade servers in the US! From nothing to #1 in five
years, that is an impressive feat for sure!

This slide provides a summary of some of the statistics for UCS:

Over 33000 customers are now using UCS and it’s growing! Cisco is still showing
significant growth at 39% The only other vendors to show growth are Dell and Hitachi.

Cisco now has 40.9% of the blade server market in the US. Worldwide, Cisco is at #2
behind HP. I’m expecting this gap to decrease and I wouldn’t be surprised if Cisco
passes HP globally within a year or two as well.

The next slide is very interesting. Cisco went from nothing to #1 in five years.
IBM used to be a major player but now only has 10% of the market.

Not only has UCS been selling really well, it also has a lot of performance records.
Currently UCS Continue reading

HP Unified Wireless: AP Based (decentral) 802.1x authentication

How to build CCIE V5 Lab – with CSR 1000V

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
How to build CCIE V5 Lab using ESXi and CSR 1000v The basis of this topology is centered around the INE Hardware build which is detailed here – INE CCIE V5 Hardware Topology This post will detail how to build ccie v5 lab using Vmware and CSR 1000v routers and the issues I faced which […]

Post taken from CCIE Blog

Original post How to build CCIE V5 Lab – with CSR 1000V

Elephant Detection in Virtual Switches & Mitigation in Hardware

These are notes from a “Elephants and Mice” on elephant flow detection and mitigation in software switches. The result of tests demonstrate that integration between overlay and underlay networks has value. This solution uses low cost networking components and highlights some competitive positioning against Cisco ACI.

The post Elephant Detection in Virtual Switches & Mitigation in Hardware appeared first on EtherealMind.

[minipost] How to fix MySQL lost table description from .frm files after emergency migration of /var/lib/mysql

For best article visual quality, open [minipost] How to fix MySQL lost table description from .frm files after emergency migration of /var/lib/mysql directly at NetworkGeekStuff.

In May 2014, networkgeekstuff.com got a small problem when the hosting BeagleBone Black went dead and the old Raspberry PI environment was on that point already used for another project. I was forced to migrate quickly to a virtual server hosting company that I use. Actually it was a performance boost and quick quick, my MySQL and Apache migration scripts for backup recovery made the transition in ~2 hours. But last week I noticed that my MySQL backup system had troubles with two WordPress tables.

The MySQLdump was telling me that two tables do not exist with this message:

root@gserver:~/scripts/tachicoma_remote_backup# mysqldump -h localhost -u mysqlbackuper -p<removed> wordpressikdata > wordpressikdata.sql
mysqldump: Got error: 1146: Table ‘wordpressikdata.wp_rfr2b_options‘ doesn’t exist when using LOCK TABLES

root@gserver:~/scripts/tachicoma_remote_backup# mysqldump -h localhost -u mysqlbackuper -p<removed> wordpressikdata > wordpressikdata.sql
mysqldump: Got error: 1146: Table ‘wordpressikdata.wp_rfr2b_options‘ doesn’t exist when using LOCK TABLES

But when I looked at /var/lib/mysql/wordpressikdata, the files for these tables are there, and show tables showed these tables as well.

mysql> show  Continue reading

Relaying email with postfix + TLS through gmail

 sed -i 's/localhost.localdomain/postfix-relay.marget.com/' /etc/sysconfig/network  

 yum install -y nfs-utils wget tcpdump unzip autofs  
 service rpcbind start  
 service autofs restart  
 ln -s /net/my_nfs_server/path/to/CentOS/ /CentOS  
 cp /etc/yum.repos.d/CentOS-Media.repo  Continue reading

HP Unified Wireless: Central 802.1x configuration

Creating a Vagrant base box for RHEL with Bento

I <3 the Opscode Bento project. I use the Amazon S3 hosted images for pretty much all of my Vagrant boxes. When I started to use RHEL, I didn't want to make an exception... Fortunately Bento allows you to build your own RHEL, OSX or Windows boxes using Packer. This is how I built my RHEL 6.4 x64 box, but this process should work for any other box you want to build manually...

Creating a Vagrant base box for RHEL with Bento

I <3 the Opscode Bento project. I use the Amazon S3 hosted images for pretty much all of my Vagrant boxes. When I started to use RHEL, I didn't want to make an exception... Fortunately Bento allows you to build your own RHEL, OSX or Windows boxes using Packer. This is how I built my RHEL 6.4 x64 box, but this process should work for any other box you want to build manually...

Creating a Vagrant base box for RHEL with Bento

I <3 the Opscode Bento project. I use the Amazon S3 hosted images for pretty much all of my Vagrant boxes. When I started to use RHEL, I didn't want to make an exception... Fortunately Bento allows you to build your own RHEL, OSX or Windows boxes using Packer. This is how I built my RHEL 6.4 x64 box, but this process should work for any other box you want to build manually...

Install Packer

If you are on OSX, you can install Packer using Homebrew:

brew tap homebrew/binary
brew install packer

If not, you can follow the instructions on the Packer's website

Pre-Reqs

Clone bento and add your RHEL Server ISO

https://github.com/opscode/bento.git
cd bento/packer
mkdir iso
#cp your rhel-server iso here... it should be named rhel-server-6.5-x86_64-dvd.iso

Build your RHEL box

packer build -only=virtualbox-iso -var 'mirror=file:///`pwd`/iso' rhel-6.5-x86_64.json

This takes a little while so go and get some coffee...

Add to Vagrant

cd ..
vagrant box add rhel65x64 builds/virtualbox/opscode_rhel-6.5_chef-provisionerless.box

Then to test it, create a new Vagrant image that uses the new rhel65x64 image

cd <a tmp dir>
vagrant init
sed -i '' 's/config.vm.box = "base"/config.vm.box = "rhel65x64"/g' Vagrantfile
vagrant up
vagrant ssh
vagrant destroy

Fin.

@dave_tucker

HP Unified Wireless: Free access option on guest portal

Show 190 – The Silicon Inside Your Network Device – Part 3

The third and final episode in the very popular series on where we attempt to discover what really happens inside your network device.

Although software will be at heart of network innovation for the enxt decade, it will still run on hardware and it's time to expose the internals of our network hardware and understand the hardware architecture inside a typical device. Many people are surprised to find that CPUs, memory, storage and buses are similar to computers while the forwarding engines are rather spectacularly different.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+

The post Show 190 – The Silicon Inside Your Network Device – Part 3 appeared first on Packet Pushers Podcast and was written by Greg Ferro.

NFV – CPE vendors MUST evolve!

Customer Premises Equipment (CPE) devices have always been a pain point for the service providers. One, they need to be installed in large large numbers (surely you remember the truck rolls that need to be sent out), and second, and more importantly, they get complex and costlier with time. As services and technology evolve, these need to be replaced with something more uglier and meaner than what existed before. In a large network, managing all the CPEs — right from the configuration, activation, monitoring, upgrading and efficiently adding more services – in itself becomes a full time job (and not the one with utmost satisfaction i must add).

ETSI’s Use case #2 describes how the CPE device can be virtualized. The idea is to replace the physical CPEs with all the services it supports on an industry standard server that is and cheaper and easier to manage. Doing this can reduce the number and complexity of the CPE devices that need to be installed at the customer sites.

The jury is still out on the specific functions that can be moved out of the CPE. Clearly, what everybody agrees to is a need for a device that will physically connect the customer to the network. Continue reading

The Best Of Both Worlds – Soraya

By Matt Bing & Dave Loftus

Arbor Networks’ ASERT has recently discovered a new malware family that combines several techniques to steal payment card information. Dubbed Soraya, meaning “rich,” this malware uses memory scraping techniques similar to those found in Dexter to target point-of-sale terminals. Soraya also intercepts form data sent from web browsers, similar to the Zeus family of malware. Neither of these two techniques are new, but we have not seen them used together in the same piece of malware.

Initialization

Soraya begins by injecting itself as a thread on several system processes, including the Windows Shell explorer.exe. The malware maintains persistence by writing a copy of itself into the AppData directory with the name servhost.exe, and setting itself to execute with the registry key HKCUSOFTWAREMicrosoftWindowsCurrentVersionRunWinServHost.

New processes launched from the infected explorer.exe shell, notably web browsers, will have Soraya code injected. The malware does this by hooking calls to the ntdll.dll!NtResumeThread() function, which is responsible for process initialization. The function ntdll!NtQueryDirectoryFile() is also hooked to hide displaying the servhost.exe file. Both of these techniques are similar to functionality found in the Zeus family of malware.

Memory Scraping

One thread Continue reading

QoS Pre-Classify – Where to Apply the Service Policy ?

The OpenStack Network Node – Layer 3 Agent