Network Break 318: Cisco Unveils New Catalyst Hardware; Internet Sleuth Uncovers Global IPv4 Misuse

Today's Network Break explores new Catalyst hardware and micro switches from Cisco, a new security offering from Fortinet that combines endpoint security with cloud analytics, an Internet sleuth tracking IPv4 shenanigans, financial results from Juniper and F5, and a whopping big investment for routing startup DriveNets.

The post Network Break 318: Cisco Unveils New Catalyst Hardware; Internet Sleuth Uncovers Global IPv4 Misuse appeared first on Packet Pushers.

How-to improve Wi-Fi roaming

User satisfaction with Wi-Fi relies in part on whether the network supports smooth handoffs between access points as users and their devices roam about, and if the APs don’t do their job well, users will complain. Wi-Fi resources How-to measure enterprise Wi-Fi speeds How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for The initial tendency may be to install more APs in hopes of finding an easy fix, but doing so without careful analysis can make the situation even worse. Proper roaming requires more than just good signal strength throughout coverage areas; it takes a careful balance between the coverage of each AP on both 2.4 and 5GHz bands to make roaming work right.To read this article in full, please click here

Study finds Google has the fastest overall cloud platform

Google Cloud Platform (GCP) is the best hyperscale performer across all areas of throughput while Microsoft Azure has the best storage systems and Amazon Web Services (AWS) has the lowest network latency.Those are the findings of a series of benchmarks performed by the atrociously named Cockroach Labs, maker of a scalable, resilient database called CockroachDB that runs on all three services. The study, part of the company’s third annual Cloud Report, evaluated the performance of AWS, Microsoft Azure, and Google Cloud in online transaction processing (OLTP) applications.In total, 54 machines were assessed and almost 1,000 benchmark runs were conducted to measure CPU, network, storage I/O, and TPC-C performance, among others.To read this article in full, please click here

Thank You for All the Great Work Miha

Almost exactly a year ago Miha Markočič joined the ipSpace.net team. He was fresh out of university, fluent in Python, but with no networking or automation background… so I decided to try my traditional method of getting new team members up to speed: throw them into the deep water, observe how quickly they learn to swim, and give them a few tips if it seems like they might be drowning.

It worked out amazingly well. Miha quickly mastered the intricacies of AWS and Azure, and created full-stack automation solutions in Ansible, Terraform, CloudFormation and Azure Resource Manager to support the AWS and Azure webinars, and the public cloud networking online course.

Read more …

Thank You for All the Great Work Miha

Almost exactly a year ago Miha Markočič joined the ipSpace.net team. He was fresh out of university, fluent in Python, but with no networking or automation background… so I decided to try my traditional method of getting new team members up to speed: throw them into the deep water, observe how quickly they learn to swim, and give them a few tips if it seems like they might be drowning.

It worked out amazingly well. Miha quickly mastered the intricacies of AWS and Azure, and created full-stack automation solutions in Ansible, Terraform, CloudFormation and Azure Resource Manager to support the AWS and Azure webinars, and the public cloud networking online course.

Read more …

Juniper To MikroTik – OSPF Commands

About the Juniper to MikroTik Series

In the world of network engineering, learning a new syntax for a NOS can be daunting if you need a specific config quickly.  Juniper is a popular option for service providers/data centers and is widely deployed across the world. 

This is a continuation of the Rosetta stone for network operating systems series.  In this portion of the series we will be covering Open Shortest Path First, OSPF, version 2 which is a popular interior gateway protocol (IGP).

You can find the first article of the series Juniper to Mikrotik – BGP Commands here.

While many commands have almost the exact same information, others are as close as possible.  Since there isn’t always an exact match, sometimes you may have to run two or three commands to get the information needed. 

Using EVE-NG for testing

We conducted all testing on EVE-NG utilizing the topology seen below.

JunOS CommandMikroTik Command
show ospf neighborrouting ospf neighbor print
show ospf interfacerouting ospf interface print
show ospf overview briefrouting ospf instance print detail
show ospf databaserouting ospf lsa print
show route protocol ospfip route print where ospf=yes
show Continue reading

Worth Reading: Understanding Table Sizes on the Arista 7050QX-32

Arista published a blog post describing the details of forwarding table sizes on 7050QX-series switches. The description includes the base mode (fixed tables), unified forwarding tables and even the IPv6 LPM details, and dives deep into what happens when the switch runs out of forwarding table entries.

Too bad they’re describing an ancient Trident-2 ASIC (I last mentioned switches using it in 2017 Data Center Fabrics update). Did NDA expire on that one?

Worth Reading: Understanding Table Sizes on the Arista 7050QX-32

Arista published a blog post describing the details of forwarding table sizes on 7050QX-series switches. The description includes the base mode (fixed tables), unified forwarding tables and even the IPv6 LPM details, and dives deep into what happens when the switch runs out of forwarding table entries.

Too bad they’re describing an ancient Trident-2 ASIC (I last mentioned switches using it in 2017 Data Center Fabrics update). Did NDA expire on that one?

Automate Leaf and Spine Deployment – Part1

This series of posts will describe the process of deploying a NXOS Leaf and spine fabric in a declarative manner using Ansible. This came from my project for the IPSpace Building Network Automation Solutions course and was used in part when we were deploying leaf and spine fabrics in our Data Centers. I originally only planned to build tenants and do fabric validation but over time this has morphed into a full blown fabric deployment.

Controversial Reading 013021: Freedom of Speech

In the past, I have blended links of a more controversial nature about culture, technology, and governance into my weekend reads posts. There has been so much, however, on the situation with social media platforms blocking prominent people, and the Parler takedown, that it seemed worth setting aside an entire post containing some of the interesting things I’ve run across on these topics. I may, from time to time, gather up more controversial sets of reading into separate posts in the future, so people can skip (or read) them if they want to.


But then I think of this comment from a recent essay by Cory Doctorow: “The one entity Facebook will never, ever protect you from is Facebook.” We need to face quite clearly the fact that these recent events serve to consolidate the power of the tech giants—tech giants who quite literally have no principles to guide them other than self-interest, though they might occasionally discover reasons to act on our behalf.


Infrastructure companies much closer to the bottom of the technical “stack”— including Amazon Web Services (AWS), and Google’s Android and Apple’s iOS app stores—decided to cut off service not just to an individual but to Continue reading

Weekend Reads 013021


I recently shared at a conference how a seasoned brand and fraud expert from one of the world’s largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day.


Every now and then we hear buzzing in the news about some egregious Big Tech privacy infringement. We are also frequently notified about all the new steps our apps are taking to further protect our privacy.


Few people would seriously dispute the advantages of a zero-trust security model, particularly in a fast-changing cloud environment with business being conducted by a dispersed workforce using a wide variety of devices. The question is how best to approach zero trust.


Silicon photonics has been proving its worth in telco and communications but there is a much brighter opportunity photonics-based computing. The energy efficiency and data movement potential is promising, especially for increasingly data-laden analytics and AI/ML applications, but the road to a diverse hardware ecosystem for compute is still long.


The designers of DNSSEC, as well as academic researchers, have separately considered the answer of “negative” responses — when the domain name doesn’t exist. In this case, as I’ll explain, responding with a signed “does not exist” Continue reading

Worth Reading: AAA Deep Dive on Cisco Devices

Decades ago I understood the intricacies of AAA on Cisco IOS. These days I wing it and keep throwing spaghetti at the virtual wall until something sticks and I can log in (after all, it’s all in a lab, and I’m interested in routing protocols not interactions with TACACS+ server).

If you’re experiencing similar challenges you might appreciate AAA Deep Dive on Cisco Devices by the one and only Daniel Dib.

Worth Reading: AAA Deep Dive on Cisco Devices

Decades ago I understood the intricacies of AAA on Cisco IOS. These days I wing it and keep throwing spaghetti at the virtual wall until something sticks and I can log in (after all, it’s all in a lab, and I’m interested in routing protocols not interactions with TACACS+ server).

If you’re experiencing similar challenges you might appreciate AAA Deep Dive on Cisco Devices by the one and only Daniel Dib.

1 794 795 796 797 798 3,835