NFV – CPE vendors MUST evolve!

Customer Premises Equipment (CPE) devices have always been a pain point for the service providers. One, they need to be installed in large large numbers (surely you remember the truck rolls that need to be sent out), and second, and more importantly, they get complex and costlier with time. As services and technology evolve, these need to be replaced with something more uglier and meaner than what existed before. In a large network, managing all the CPEs — right from the configuration, activation, monitoring, upgrading and efficiently adding more services – in itself becomes a full time job (and not the one with utmost satisfaction i must add).

Hate CPEs

ETSI’s Use case #2 describes how the CPE device can be virtualized. The idea is to replace the physical CPEs with all the services it supports on an industry standard server that is and cheaper and easier to manage. Doing this can reduce the number and complexity of the CPE devices that need to be installed at the customer sites.

The jury is still out on the specific functions that can be moved out of the CPE. Clearly, what everybody agrees to is a need for a device that will physically connect the customer to the network. Continue reading

The Best Of Both Worlds – Soraya

By Matt Bing & Dave Loftus

Arbor Networks’ ASERT has recently discovered a new malware family that combines several techniques to steal payment card information. Dubbed Soraya, meaning “rich,” this malware uses memory scraping techniques similar to those found in Dexter to target point-of-sale terminals. Soraya also intercepts form data sent from web browsers, similar to the Zeus family of malware. Neither of these two techniques are new, but we have not seen them used together in the same piece of malware.

Initialization

Soraya begins by injecting itself as a thread on several system processes, including the Windows Shell explorer.exe. The malware maintains persistence by writing a copy of itself into the AppData directory with the name servhost.exe, and setting itself to execute with the registry key HKCUSOFTWAREMicrosoftWindowsCurrentVersionRunWinServHost.

New processes launched from the infected explorer.exe shell, notably web browsers, will have Soraya code injected. The malware does this by hooking calls to the ntdll.dll!NtResumeThread() function, which is responsible for process initialization. The function ntdll!NtQueryDirectoryFile() is also hooked to hide displaying the servhost.exe file. Both of these techniques are similar to functionality found in the Zeus family of malware.

Memory Scraping

One thread Continue reading

QoS Pre-Classify – Where to Apply the Service Policy ?

This post represents the solution and explanation for quiz #23. Quiz Review This quiz shows a scenario where the network engineer has to configure Low Latency Queuing (LLQ) for some traffic that will be encrypted into an IPsec tunnel. The configuration of the policy-map is given but it has not been applied yet anywhere, as shown below: The final question is “what is missing to finish this task ?” giving... [read more]

The OpenStack Network Node – Layer 3 Agent

When networks are deployed in a box by box model, network admins know exactly what, where, and how something is being configured.  In highly dynamic environments, this may not be the case.  This is why it’s crucial to understand what is really going on behind the scenes.  In OpenStack, there are several components that together are comprised to make OpenStack Networking (aka Neutron).  These include the Neutron server, dhcp agent, metadata agent, L3 agent, and then the agents that would reside in the infrastructure to be programmed (on either physical and/or virtual switches).  For example, in Open vSwitch deployments, there would be a Neutron OVS agent on each host/server.  And this could vary based on which particular vendor plugin is being used too!
In this post, I’m going to mainly focus on the Neutron Layer 3 agent because I had a hard time grasping this one at first.  It turns out that it’s not so bad after all.

When I first started reading about Neutron, I saw many references that there was only one (1) layer 3 agent supported in a given deployment.  That just didn’t seem to make sense because that Continue reading

PQ Show 31 – Dell, Cumulus Networks and the Open Networking Revolution – Sponsored

Packet Pushers Greg Ferro and Ethan Banks recently sat down with Arpit Joshipura, VP of Product Management for Dell Networking and J.R. Rivers, CEO of Cumulus Networks, to discuss their recent historic announcement to make Open Networking solutions available to consumers worldwide.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+

The post PQ Show 31 – Dell, Cumulus Networks and the Open Networking Revolution – Sponsored appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Recap – Cisco Live US 2014

I don’t think I’m going to give a direct review of Cisco Live US this year.  The conference was great with lots of stuff going on, but I really can’t contribute any more than the vast library of other posts on the subject.  What I will do, though, is give my take on where I think the conference is headed.  These are all my thoughts and have little to do with reality in some cases.

Social Events Passes.  My wife had one of these this year, and it worked very well for meatspace networking and seeing the sites.  So did Bob.  And many others.  This was the trendy thing to do this year, and it was successful for sure.  I didn’t hear a single “I wish I could have seen that session” at all thanks to everything being available online afterward.  Next year, I predict that a good number of attendees in my circles will opt for the cheaper pass; I would say 40% or so of the group will do so.  After all, we go to see people and exchange ideas.  Traditional learning can come when you get home.

Host City.  San Francisco’s a great city (as others say…not me) Continue reading

SDN fabric controller for commodity data center switches

Figure 1: Rise of merchant silicon
Figure 1 illustrates the rapid transition to merchant silicon among leading data center network vendors, including: Alcatel-Lucent, Arista, Cisco, Cumulus, Dell, Extreme, Juniper, Hewlett-Packard, and IBM.

This article will examine some of the factors leading to commoditization of network hardware and the role that software defined networking (SDN) plays in coordinating hardware resources to deliver increased network efficiency.
Figure 2: Fabric: A Retrospective on Evolving SDN
The article, Fabric: A Retrospective on Evolving SDN by Martin Casado, Teemu Koponen, Scott Shenker, and Amin Tootoonchian, makes the case for a two tier SDN architecture; comprising a smart edge and an efficient core.
Table 1: Edge vs Fabric Functionality
Virtualization and advances in the networking capability of x86 based servers are drivers behind this separation. Virtual machines are connected to each other and to the physical network using a software virtual switch. The software switch provides the flexibility to quickly develop and deploy advanced features like network virtualization, tenant isolation, distributed firewalls, etc. Network function virtualization (NFV) is moving firewall, load balancing, routing, etc. functions from dedicated appliances to virtual machines or embedding them within the virtual switches. The increased importance of network centric software has Continue reading

BGP Synchronization

 

The Basic Question >>Why an IGP  is necessary  to support IBGP and why  SYNC is necessary b/w IGP and  IBGP .

Lets take rule of  SYNCHRONIZATION

A BGP router with synchronization enabled will not advertise its iBGP learned routes to its eBGP peers unless it  has learned or  verified this route on its routing table through an IGP.

sync

 

 

In above Topology ,

R1 R2 R3 R4 are running OSPF as IGP

R1 and R2 are IBGP Peer

R1 R5 and R2 R6 are Ebgp peer respectively.

Lets Have the config of each router

======================================================================

CONFIGURATION

=====================R1=====================

int fas1/0
no sh
ip add 9.9.15.1 255.255.255.0
!
int fas0/0
no sh
ip add 9.9.14.1 255.255.255.0
!
int lo0
ip add 9.9.0.1 255.255.255.255
!
router ospf 9
router-id 9.9.0.1
network 9.9.14.1 0.0.0.0 area 0
network 9.9.0.1 0.0.0.0 area 0

=====================R2=====================

int fas1/0
no sh
ip add 9.9.26.2 255.255.255.0
!
int fas0/1
ip add 9.9.23.2  255.255.255.0
no sh
!
int lo0
ip Continue reading

NANOG 61 – My first!

I have been meaning to write a post about my upcoming NANOG 61 trip, just have not had the time to. Between Cisco Live, Kindergarten graduation, pool installation planning, and life –  time was focused on other things. So, here is the post! I have been a member of the NANOG mailing list for a […]

Why Cisco Live is awesome!

Having just got back from my second Cisco Live, I couldn’t help but think about what an amazing event it really is. After all 7+ hours on a plane provided me A LOT of time to think. (Now, If only I thought about typing up this blog post on the plane instead of just thinking about […]

Mastering Switching topics in CCIE Version 5

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
With the new version 5 blueprint there are a lot of version 4 students who are trying to work out what has changed, what is new and what has gone. For new students to Version 5 it is probably just as confusing. One of the changes is the jump to 15 code and the use […]

Other pages of interest:

Post taken from CCIE Blog

Original post Mastering Switching topics in CCIE Version 5

The enterprise virtualization market

I’m often asked by some of my colleagues at Juniper as well as potential customers about whether OpenContrail is applicable to the enterprise virtualization market. This market is today dominated by VMWare while OpenContrail has chosen to focus its energy at OpenStack. The question often comes in the form as to whether I see enterprise adopting OpenStack for virtualization. The answer is, of course, “no”.

To quote an analyst report, “The shift to SaaS is the leading agent of change” in enterprise I.T. This is the main driver of transformation, not OpenStack. While the traditional approach used to be for enterprises to buy software packages and install them on premise, this is now becoming a quaint approach to doing business. I.T. management and operations, like just about everything else, is more efficient at scale. It is simple to understand that it is cheaper to administer 1000 instances of a CRM application “as-a-service” than for 1000 enterprises to do so themselves.

It is also intuitive to understand that the organization that developed a particular software application is then one that can most effectively administer, manage it and maintain it. From an economical perspective, safe some exceptions, if an Continue reading

CCIE Video – from Alexandre Vasseur

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
I do not know anything about Alexandre Vasseur except for the fact that he has passed his CCIE Lab exam and has made this amazing video to celebrate that fact. We all need small things to keep us motivated along the journey and this video is one of those. Watch the video and feel empowered […]

Other pages of interest:

Post taken from CCIE Blog

Original post CCIE Video – from Alexandre Vasseur

Cisco Live 2014 – One for the books!

Cisco Live 2014, San Francisco, CA is a wrap.  In case you did not know, this was the 25th  Anniversary of Networkers / Cisco Live! I have taken some time and documented the CAE Hats over the past 25 years and you can see them here –  http://www.fryguy.net/2014/03/25/cisco-live-hats-over-the-years/.  That post will be updated as the […]

SDN: Where Everything is a Honeypot

Beware the honeypot army!
HP Networking introduced one of their SDN App Store partners to the Tech Field Day crowd at the ONUG spring conference a few weeks ago. If you don't know about ONUG, but you're interested in real-world SDN options and operator experience free of vendor lies, you should probably check out the upcoming fall ONUG conference.1 

GuardiCore's Active Honeypot SDN offering really captured my imagination in ways that other SDN demonstrations have failed to do.

The objective is to detect/ensnare an intruder who has already compromised an asset in your datacenter and is now attempting to move on from there. Honeypots are one way of doing this, but the likelihood of an attacker finding the honeypot, rather than a real server with real vulnerabilities is pretty low in a large data center. How can we improve the odds?

The solution assumes that during normal operations, clients know where servers are and don't waste time attempting to connect to services which don't exist. An attacker, on the other hand, will be looking to find vulnerable services, and will probably attempt lots of connections to services that don't exist.

Because the attacker doesn't know where Continue reading

Pervasive Monitoring

In May, the IETF published RFC7258, Pervasive Monitoring Is an Attack. No matter where you stand in regards to the IETF process (observer, confused, or, like the pig making breakfast for the farmer — completely committed), this is an odd RFC. In fact, it was probably the single most discussed RFC draft in recent history, […]

Author information

Russ White

Russ White
Principle Engineer at Ericsson

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, is currently working on a new book in the area Continue reading

CCIE Version 5 here I come

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
Well I am sad to say that I did not get my digits at my last attempt at the CCIE Lab exam. Everything was in place I had prepared well, I went to the NH Airport Hotel a day early so had an extra nights sleep. But on the day the TS got me again […]

Other pages of interest:

Post taken from CCIE Blog

Original post CCIE Version 5 here I come

1 3,686 3,687 3,688 3,689 3,690 3,791