IPv6 over AToM pseudowire

The purpose of this lab is to show the flexibility of Layer2 VPN technology AToM (Any Transport over MPLS), which allows service providers to smoothly transit the core network from legacy layer2 technologies into a single MPLS infrastructure ready for customer IPv6 transport. Customer transition from IPv4 to dual stack is as easy as adding […]

Nexgen Storage (Part 2) – Hardware Overview

Last week I did an overview of the performance-minded storage solution that Nexgen has put together. In summary, by using SSD-based read AND write caching that’s moved in and out of the cache in an intelligent way, we can get better performance than traditional disk arrays with slower disks, and fewer of them. I’d like to do a quick tour of the hardware for their low-end model, the n5-50. It’s actually pretty straightforward and the internals are interesting enough that I decided to take some pictures and discuss their role in the solution.

Nexgen Storage (Part 2) – Hardware Overview

Last week I did an overview of the performance-minded storage solution that Nexgen has put together. In summary, by using SSD-based read AND write caching that’s moved in and out of the cache in an intelligent way, we can get better performance than traditional disk arrays with slower disks, and fewer of them. I’d like to do a quick tour of the hardware for their low-end model, the n5-50. It’s actually pretty straightforward and the internals are interesting enough that I decided to take some pictures and discuss their role in the solution.

Nexgen Storage (Part 2) – Hardware Overview

Last week I did an overview of the performance-minded storage solution that Nexgen has put together. In summary, by using SSD-based read AND write caching that’s moved in and out of the cache in an intelligent way, we can get better performance than traditional disk arrays with slower disks, and fewer of them. I’d like to do a quick tour of the hardware for their low-end model, the n5-50. It’s actually pretty straightforward and the internals are interesting enough that I decided to take some pictures and discuss their role in the solution.

Quiz #4 &#8211 BGP over ISP

Your company has more offices and each of them has a separate internet connection. The default route for each office points towards the ISP. Also, within each office you run iBGP using private AS numbers. You try to establish a BGP session between two offices, but the BGP does not come up. Why ?

Troubleshooting MAC-Flushes on NX-OS

An interesting client problem in one of our multi-tenant data centers came to my attention the other day. A delay sensitive client noticed a slight increase in latency (20 ms) at very intermittent intervals from his servers in our data center to specific off-net destinations. The increase in latency was localized to the pair of Nexus […]

Blast from the past: 10 reasons why JUNOS is better than IOS

Preface

Back in late 2009 I wrote my first ever blog post. It must have been ok because I got some comments, a few RT's on twitter and it made @Etherealminds Internets of Interest. Since technicast.net is no longer I thought I would post this here for future reference.

10 Reasons JUNOS is better than IOS - 7th July 2009

Last week I started on the JNCIA Fast-Track course and I was very impressed. JUNOS is a very good platform and I was amazed at the features and felt compelled to write this down. Maybe Cisco could take some pointers for the next incarnation of IOS…

1. The Candidate Configuration – While IOS has only a running and start-up configuration, JUNOS adds a candidate configuration to the equation. When you make changes, you make them to the candidate configuration. These changes must the be committed before they take effect. This means I can review all of my changes before writing them! (No more frantic notepad copy and pasting)

2. Handling of Multiple Shell Users – The candidate configuration also offer unique ways of handling multiple users wishing to edit a config. By default all users edit a common candidate Continue reading

Baby Bro, Part 2: Conditionals, Address Types

Bro has native types for addresses and networks, making it much easier to work with network data. Today's Baby Bro script shows global variable definition, the use of the address and subnet types, and a simple conditional:



 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
# declaring global variables
# no need to put quotes around addr or subnet variable definitions
global ipv4_host:addr = 1.1.1.1; 
global ipv4_net:subnet = 1.1.0.0/16;
event bro_init()
    {   
    if (ipv4_host in ipv4_net)
        {   
        # addr and subnet types are autoconverted to strings with fmt 
        print fmt("%s is in network %s",ipv4_host,ipv4_net);
        }   
    else
        {   
        print fmt("host %s is not in network %s",ipv4_host,ipv4_net);
        }   
   }

Running this from the CLI, we get the expected output:

jswan@so12a:~/bro$ bro addr_net_types.bro
1.1.1.1 is in network 1.1.0.0/16

Bro also has several interesting built-in functions for working with network data that we'll explore in upcoming posts. For now, we'll take a look at the mask_addr function, which allows you to use Bro as an improvised subnet calculator. You can run a Bro Continue reading

Quiz #3 &#8211 NAT port redirection from inside to outside

As a network administrator, you've been requested to allow the internal clients to connect to a partner server 3.3.3.3 on port 12345. Unfortunately, you discover that your ISP blocks traffic on that TCP port 12345 and allows only some well-known ports, including 8080. How do you implement this ?

Baby Bro, Part 1: Functions Etc.

[Note: Blogger seems to have done something nasty to my new blog template, so it's back to the old one at least temporarily]

Here's my first "Baby Bro" post. Before getting into using Bro scripting for its intended use of network traffic analysis, I wanted to figure out how to accomplish basic tasks common to most programming languages:

  • Functions
  • Common types and variable definitions
  • Loops
  • Conditionals
  • Iteration of container types
  • Basic string and arithmetic operations
This is the kind of stuff that many programmers can figure out instantly by looking at a language reference sheet, but I think it helps the rest of us to have explicit examples.

I'm not sure if I'll get through all of them in this series, but here's a start: a main dish of functions, with a side of string formatting and concatenation.


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
  1 # "add one" is the function name
  2 # (i:int) is the variable and type passed into the function
  3 # the final "int" is the type returned by the return statement
  4 function add_one(received_value:int Continue reading

Basic Bro Language References

Finding simple examples of Bro language features is somewhat difficult: the scripts that come packaged with Bro are written by experts in the language and are quite idiomatic.

Here are some of the basic Bro language references I've found so far. In upcoming blog posts, I'll show some "Baby Bro" that is even more basic than these examples.

From Ryesecurity by Scott Runnels(@srunnels):
Solving Network Forensic Challenges with Bro, Part 1
Solving Network Forensic Challenges with Bro, Part 2
Solving Network Forensic Challenges with Bro, Part 3
Logging YouTube Titles with Bro

Justin Azoff's (@JustinAzoff) Bro Presentation on Github

The Official Bro Workshop 2011 Pages

The Bro Language Cheat Sheet

Frozen Menubar on Mountain Lion fix


Ever noticed how the menubar just hangs since you upgraded to Mountain Lion? It gets very frustrating when you want to access one of the application icons on your menubar and you see the Mac spinning wheel or the beach spinning wheel or the rainbow wheel of death, as Mac haters would call it.

Here's a quick and easy fix to restart your menubar. Open a terminal window and type the following to kill the menubar process.

killall -KILL SystemUIServer

SystemUIServer is the process that runs the menubar and you can see it when you do a 'top' on your terminal console:


You'll see all menubar icons disappear and reappear and you will now be able to access menubar application icons.

Changes!

Yee-haw! New blog template!

Trying to figure out how to do source code highlighting in a way that doesn't suck or rely on external JavaScript hosting.

The Unified Skillset

I began my professional career after college by starting in route/switch. Although I still do plenty of route/switch work, I have also recently taken on responsibilities focused on more datacenter-centric technologies like virtualization, and storage, in addition to the networking in the back-end that makes it all work. Much to the stress of my schedule (and my……stress), one has not trumped the other - they simply exist in parallel.

The Unified Skillset

I began my professional career after college by starting in route/switch. Although I still do plenty of route/switch work, I have also recently taken on responsibilities focused on more datacenter-centric technologies like virtualization, and storage, in addition to the networking in the back-end that makes it all work. Much to the stress of my schedule (and my……stress), one has not trumped the other - they simply exist in parallel.

Nexgen Storage (Part 1) – Solution Overview

I was given the privilege to tinker with some gear from my friends over at Nexgen Storage. For those that have not heard of them, I encourage you to head over to http://www.nexgenstorage.com/product/technology and take a peek at the solution. They are one of the “little guys”, but they’re doing some cool things with respect to performance, and providing the ability to give priority to certain tiers of applications or tenants that are using the system.

Nexgen Storage (Part 1) – Solution Overview

I was given the privilege to tinker with some gear from my friends over at Nexgen Storage. For those that have not heard of them, I encourage you to head over to http://www.nexgenstorage.com/product/technology and take a peek at the solution. They are one of the “little guys”, but they’re doing some cool things with respect to performance, and providing the ability to give priority to certain tiers of applications or tenants that are using the system.
1 3,756 3,757 3,758 3,759 3,760 3,787