PSA: Global IPv4 Routing Table Hits 500k Routes

Last week, the global IPv4 routing table has surpassed the 500 thousand route benchmark, according to the CIDR Report. The graph below shows its progression since the early nineties:

plot.png

I last wrote about global IPv4 growth in August of 2009, when the table size was at a mere 300 thousand routes. While that benchmark was largely ceremonial, this one crosses a threshold which should may be of grave concern for many.

As has been pointed out on the NANOG mailing list, we are quickly approaching the hard forwarding plane capacity limits which exists on several very popular platforms, namely the Cisco 7600/6500 and RSP720/Sup720. The default TCAM partitioning scheme of these platforms allows for a maximum of 512 thousand IPv4 routes.

If you accept full Internet routes anywhere on your network, you'll want to verify the maximum table sizes for those platforms. On the 6500/7600 platform, the current partitioning scheme can be inspected with show mls cef maximum-routes:

Router# show mls cef maximum-routes
FIB TCAM maximum routes :
=======================
Current :
---------
 IPv4 + MPLS         - 512k (default)
 IPv6 + IP Multicast - 256k (default)

The good news is that it's easy to repartition the default scheme (e. Continue reading

NFV and SDN – The death knell for the huge clunky routers?

Last IETF i ran into a couple of hallway discussions where the folks were having a lively debate on whether Network Function Virtualization (NFV) and Software Defined Networking (SDN) will eventually sound the death knell for huge clunky hardware vendors like Cisco, Juniper, Alcatel-Lucent, etc. I was quickly apprised about some Wall Street analyst’s report that projected a significant drop in Cisco’s revenue over the next couple of years as service providers moved to SDN and NFV solutions . I heard claims about how physical routers (that i so lovingly build in AlaLu) will get replaced by virtual routers (vRouters) and other server based software that even small startups could build. The barrier to entry in the service provider markets had suddenly been lowered and the monopoly of the big 3 was being ominously challenged. There was talk about capex spending reduction happening in the service provider networks and how a few operators were holding on to their purchase orders to see how the SDN and NFV story unfurled. There was then a different camp that believed that while SDN and NFV promised several things, it would take time before things got really deployed and started affecting capex spending and OEM’s revenues.

So whats the deal?

Based on my conversation with several Continue reading

Netvisor powers the Rackscale Architecture from Intel/Supermicro

On May 5th, 2014, we announced that Pluribus Networks Netvisor is now powering the switch blades on the new Intel blade chassis announced by Supermicro Inc. Its creating quite a stir and is a proud moment for everyone at Pluribus Networks and Supermicro who made this possible.

There are several reasons why Netvisor is the ideal Hypervisor to power the switching blades:

  • Integrated Openstack Controller with Horizon and REST APIs as the only management that is needed – The entire Netvisor cluster-fabric and the virtual/physical switching on the compute blades is exported to Openstack via neutron plugins and extensions. Our Freedom series Server-Switches also bundle the full Openstack controller allowing the entire rack of microblades to be managed as one unit via Openstack Horizon GUI. For people wanting to manage the network layer via traditional tools, Netvisor also offers a full featured cli to manage teh cluster-fabric along with high performance and multithreaded native C and Java APIs. Netvisor also provides multiple virtualized services with H/W offload. So services like NAT, DNS/DHCP, IP-Pools, Routing, Load balancing, etc are integrated via Openstack Horizon to support multi-tenancy at scale.
  • Netvisor is a Distributed Plug and Play Hypervisor – The Supermicro blade chassis Continue reading

Artificial Intelligence, Brains, Networks, Bugs, and Complexity

As a Computer Science graduate student in the late 70s/early 80s, I often wondered what would happen if the problems that  would later come to be known as the  “AI-complete” problems, which included vision, knowledge representation, natural language, and machine learning [0], were all actually solved. Would the resultant code be self-aware (whatever that means)?  Would it […]

Author information

David Meyer

David Meyer is currently CTO and Chief Scientist at Brocade Communications, where he works on future directions for Internet technologies. Prior to joining Brocade, he was a Distinguished Engineer at Cisco Systems, where he also worked as a developer, architect, and visionary on future directions for Internet technologies. He is currently the chair of the Technical Steering Committee of the OpenDaylight Project. He has been a member of the Internet Architecture Board (IAB) of the the IETF (www.ietf.org) and the chair/co-chair of many working groups. He is also active in the operator community, where he has been a long standing member of the NANOG (www.nanog.org) program committee (and program committee chair from 2008-2011). He is also active in other standards organizations such as ETSI, ATIS, ANSI T1X1, the Open Networking Foundation, and the ITU-T.

Mr. Meyer Continue reading

You Won’t Get Better Internet Until Old One Is Broken. 500K BGP Routes Good Start.

Some people have pointed out the Internet BGP table is now at 500,000 IP Routes. I'm must say I'm disappointed. If you people don't hurry up and blow this to a million entries, we will never get decent routers and greater bandwidth in the carrier backbones.

The post You Won’t Get Better Internet Until Old One Is Broken. 500K BGP Routes Good Start. appeared first on EtherealMind.

Updated DevStack OpenDaylight VM Image for OpenStack IceHouse

Here is an updated Fedora 20 image for building OpenStack Icehouse and OpenDaylight. ODL is now merged into the upcoming OpenStack Icehouse release so now you can install ODL directly from OpenStack trunk. The updated image comes from Kyle Mestery who was primarily responsible for getting the OpenStack/OpenDaylight merge and navigating the process. Thanks also to Andrew Grimberg from the ...

...

Cisco Live San Francisco Contests!

Watching all the tweets and e-mails, Cisco Live is getting close! There are few fun updates that I wanted to share with you, and by fun I mean FUN AND GAMES! First up… Monday Night Lego Mania! On Monday night, the opening night of World of Solutions, you can collect Lego pieces from Gold Sponsors booths.  […]

Review: FireEye fights off multi-stage malware

You can't see some malware until it's too late. Sophisticated attacks arrive in pieces, each seemingly benign. Once these advanced attacks reassemble, the target is already compromised.FireEye takes a new approach to malware detection with its NX appliances. As this Clear Choice test shows, the FireEye device allows advanced malware to proceed – but only onto virtual machines running inside the appliance.In our tests, the FireEye appliance performed flawlessly. It detected all the multi-stage malware samples we threw at it, including some involving recent zero-day exploits. The top-of-the-line NX 10000 ran at speeds beyond 4Gbps in inline mode, and at better than 9Gbps in tap mode, both with and without attack traffic present.To read this article in full or to leave a comment, please click here

Unisys unveils invisibility cloak for network traffic

If you are ultra paranoid, what could be better than hiding your network traffic in such a way that no one could possibly intercept it? This is what Unisys is offering with its new Stealth appliance, which could make man-in-the-middle attacks and keylogger exploits obsolete, or at least more difficult to mount.Stealth has been around since 2005 when it was developed exclusively for the Defense Department. Several years ago Unisys took it to commercial enterprises and has paid for various independent tests to try to compromise the system, all of which have failed.This is because Stealth uses four layers of security: each packet is encrypted with AES256, then split into three separate pieces and dispersed across the network, destined for a particular group of users that have to be running its protocols.To read this article in full or to leave a comment, please click here

Open Networking User Group Conference 2014

Today I’m off to NYC for Open Networking User Group 2014. Tech Field Day was at the last ONUG back in October, 2013 and they were kind enough to invite me out to this one. Here’s a quick intro video of ONUG for those that aren’t aware of it – Tom Hollingsworth interviews ONUG creator Nick Lippis:

We have a good group of vendors lined up for similar round-table discussions. I happen to LOVE this format of conversation, especially with the smart folks we’ve seen from vendors like Nuage and Cumulus. I am really looking forward to sitting down and talking tech.

My original outsider’s perspective was that ONUG in general (not counting nerdy Tech Field Day round table discussions) wasn’t really aimed towards the technical folks, but rather at executives, and at other IT decision makers looking for additional choices in networking infrastructure. While there’s certainly a lot of that, I’d like to call out a few sessions/events that really interest the nerd in me (as if I’m not 100% nerd).

Back in February, I had the pleasure of sitting in Kyle Mestery’s presentation on integration with OpenDaylight and OpenStack at the OpenDaylight Summit:

Aside from a few Continue reading

Open Networking User Group Conference 2014

Today I’m off to NYC for Open Networking User Group 2014. Tech Field Day was at the last ONUG back in October, 2013 and they were kind enough to invite me out to this one. Here’s a quick intro video of ONUG for those that aren’t aware of it - Tom Hollingsworth interviews ONUG creator Nick Lippis: We have a good group of vendors lined up for similar round-table discussions.

Open Networking User Group Conference 2014

Today I’m off to NYC for Open Networking User Group 2014. Tech Field Day was at the last ONUG back in October, 2013 and they were kind enough to invite me out to this one. Here’s a quick intro video of ONUG for those that aren’t aware of it - Tom Hollingsworth interviews ONUG creator Nick Lippis: We have a good group of vendors lined up for similar round-table discussions.

Source-based routing in IPv4 and IPv6 networks

How does the internet work - We know what is networking

In my current studies I did some work about security inside networking data paths. In my recent work I tried to get some experiments done that needed to use source based routing in order to be completed. Like most of scientific work that tries to get from paper to experiment and then to something useful, it failed […]

Source-based routing in IPv4 and IPv6 networks

CiscoLive! Mobile App

Can you believe that it is almost time for CiscoLive! 2014 –  San Francisco?  Where has the time gone! Want to just share a couple quick updates that may be of interest. First –  if you have not had a chance (and are on Twitter), please add your name over at The Networking Nerd Cisco Live […]

The New Cool


I thought it was cool to be an MCSE.

The year was 1999. I didn't have any background in IT. I had just graduated and got my degree in Mechanical Engineering, and was struggling to get a job in that field. That's why I switched to IT, and the first thing I learned (FYI my previous computer skills were Warcraft and Doom) was Windows NT server and workstation. For someone without any IT background, Windows NT looked very interesting at that time! So I thought it was cool to be an MCSE, until I attended a CCNA course.

I thought it was cool to be a Network Engineer.

I felt in love to computer networking since the first day of CCNA training. I loved every moment during the 10-day course and in the last day I passed the CCNA exam. There were not many CCNA around during that time, so the certification landed me my first real job as network engineer early 2000. I thought OSPF was so cool, IGP redistribution was amazing, and BGP policy between different AS was an art. And I thought it was cool to be the guy who managed and monitored the corporate network, received Continue reading

PPPOE Speed Challenge

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
I have been trying to configure things faster and faster as a bit of personal challenge to myself recently. It is only when the clock is on you that you start to panic. So I have a little challenge. Configure PPPOE between two routers in under 60 seconds. This is the topology This is the […]

Other pages of interest:

Post taken from CCIE Blog

Original post PPPOE Speed Challenge

Give me one 24 port switch please !

After I get an interesting if it is not weird question about switch selection from someone couple days ago I decided to share my ideas about this specific and actually important topic.   Question was exactly like this; ‘ Which one I should buy 24 port or 48 port switch ‘. What would you give […]

Author information

Orhan Ergun

Orhan Ergun, CCIE, CCDE, is a network architect mostly focused on service providers, data centers, virtualization and security.

He has more than 10 years in IT, and has worked on many network design and deployment projects.

In addition, Orhan is a:

Blogger at Network Computing.
Blogger and podcaster at Packet Pushers.
Manager of Google CCDE Group.
On Twitter @OrhanErgunCCDE

The post Give me one 24 port switch please ! appeared first on Packet Pushers Podcast and was written by Orhan Ergun.

1 3,739 3,740 3,741 3,742 3,743 3,840