It Has to Work

From time immemorial, humor has served to capture truth. This is no different in the world of computer networks. A notable example of using humor to capture truth is the April 1 RFC series published by the IETF. RFC1925, The Twelve Networking Truths, will serve as our guide.

According to RFC1925, the first fundamental truth of networking is: it has to work. While this might seem to be overly simplistic, it has proven—over the years—to be much more difficult to implement in real life than it looks like in a slide deck. Those with extensive experience with failures, however, can often make a better guess at what is possible to make work than those without such experience. The good news, however, is the experience of failure can be shared, especially through self-deprecating humor.

Consider RFC748, which is the first April First RFC published by the IETF, the TELNET RANDOMLY-LOSE Option. This RFC describes a set of additional signals in the TELNET protocol (for those too young to remember, TELNET is what people used to communicate with hosts before SSH and web browsers!) that instruct the server not to provide random losses through such things as “system crashes, lost data, Continue reading

Network Break 300: Cisco Mixes Microservices And SD-WAN; Broadcom Rolls Out Gen7 Fibre Channel Switches

Network Break dives into a new Cisco project that ties microservices to SD-WAN, a CenturyLink outage, new vulnerabilities in IOS-XR, Broadcom's new Gen7 Fibre Channel switches, and more IT news.

The post Network Break 300: Cisco Mixes Microservices And SD-WAN; Broadcom Rolls Out Gen7 Fibre Channel Switches appeared first on Packet Pushers.

NSX for vSphere to NSX-T Migration Resources at VMworld 2020

VMworld, the industry’s largest virtualization-specific event, is right around the corner! As you get ready for VMworld, this blog is your resource for key sessions around migrating from NSX for vSphere to NSX-T. And, via the comments below, this blog is also your channel to connect back with us if you have any questions, need further clarifications, or would like a follow up call on migration strategies.

NSX for vSphere to NSX-T Migration Resources at VMworld 2020

Learn from the Experts at VMworld

So, you’re on NSX for vSphere and you’ve been coming across all the use cases addressed by NSX-T. To take advantage of those use cases, you decide you want to move to NSX-T. And you’re wondering:

  1. Are there any VMware-supported built-in tools?
  2. Can I do this by myself?
  3. Is there a migration process that resembles upgrading?
  4. Can this be done without adding net-new hardware?

We Answer Those Questions At VMworld Breakout Sessions

Join us at the VMworld breakout session VCNC1150: Migrating from NSX for vSphere to NSX-T Data Center Using Migration Coordinator as we explore various migration approaches and dive into a detailed demo of Migration Coordinator. Designed to provide the simple experience of an upgrade, Migration Coordinator is a built-in tool that allows our customers Continue reading

Heavy Networking 538: Running An Open, Automated Data Center Fabric With Nokia (Sponsored)

Today's show dives into Nokia's approach for automating and operating data center fabrics. In this sponsored episode we examine key elements of Nokia's approach including the SR Linux network OS and its Fabric Services Platform. Our guest is Steve Vogelsang, CTO for IP and Optical Networks at Nokia.

The post Heavy Networking 538: Running An Open, Automated Data Center Fabric With Nokia (Sponsored) appeared first on Packet Pushers.

What is SASE? A cloud service that marries SD-WAN with security

Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.Because it’s a cloud service, SASE (pronounced “sassy”) can be readily scaled up and scaled down and billed based on usage. As a result, it can be an attractive option in a time of rapid change.[Get regularly scheduled insights by signing up for Network World newsletters.] While some vendors in this space offer hardware devices to connect at-home employees and corporate data centers to their SASE networks, most vendors handle the connections through software clients or virtual appliances.To read this article in full, please click here

What is SASE? A cloud service that marries SD-WAN with security

Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.Because it’s a cloud service, SASE (pronounced “sassy”) can be readily scaled up and scaled down and billed based on usage. As a result, it can be an attractive option in a time of rapid change.[Get regularly scheduled insights by signing up for Network World newsletters.] While some vendors in this space offer hardware devices to connect at-home employees and corporate data centers to their SASE networks, most vendors handle the connections through software clients or virtual appliances.To read this article in full, please click here

What is SASE? A cloud service that marries SD-WAN with security

Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.Because it’s a cloud service, SASE (pronounced “sassy”) can be readily scaled up and scaled down and billed based on usage. As a result, it can be an attractive option in a time of rapid change.[Get regularly scheduled insights by signing up for Network World newsletters.] While some vendors in this space offer hardware devices to connect at-home employees and corporate data centers to their SASE networks, most vendors handle the connections through software clients or virtual appliances.To read this article in full, please click here

Understandability

According to Maor Rudick, in a recent post over at Cloud Native, programming is 10% writing code and 90% understanding why it doesn’t work. This expresses the art of deploying network protocols, security, or anything that needs thought about where and how. I’m not just talking about the configuration, either—why was this filter deployed here rather than there? Why was this BGP community used rather than that one? Why was this aggregation range used rather than some other? Even in a fully automated world, the saying holds true.

So how can you improve the understandability of your network design? Maor defines understandability as “the dev who creates the software is to effortlessly … comprehend what is happening in it.” Continuing—“the more understandable a system is, the easier it becomes for the developers who created it to change it in a way that is safe and predictable.” What are the elements of understandability?

Documentation must be complete, clear, concise, and organized. The two primary failings I encounter in documentation are completeness and organization. Why something is done, when it was last changed, and why it was changed are often missing. The person making the change just assumes “I’ll remember Continue reading

DHCP Relay Issues With Microsoft Surface Pro Docks and Junos

After deploying some new Juniper EX4600 core switches, my customer complained that he was experiencing about 45 seconds of delay in getting an IP address on a Surface Pro connected to a dock. The second time of connecting, it took about 8 seconds which was more acceptable. The 45 second delay came back every time they moved the Surface Pro to a new dock.

After ruling out a few things like Spanning Tree and LLDP, we isolated it down to the core switch. An older core switch elsewhere was configured for BootP Helper rather than DHCP relay, and clients connected to that did not have the problem.

Other devices didn’t exhibit the problem either – a Macbook was given an IP in the region of 4 seconds after connecting. The Surface Pro took 8 seconds consistently to connect when using a USB dongle. So the issue seemed to centre around the dock.

If you haven’t seen one of these before, they look like this – a black brick with some ports on it, supplied with power by another black brick:

The wire to the right of the image above ends in an edge connector that is plugged on to the Continue reading

Tech Bytes: Balancing Remote Access Security And User Experience (Sponsored)

Today’s Tech Bytes sponsor is secure remote access company NetMotion Software, and we’re going to talk about how to achieve secure remote access without compromising on user experience. Our guest is Chris Edgmon, Systems Engineer at NetMotion.

The post Tech Bytes: Balancing Remote Access Security And User Experience (Sponsored) appeared first on Packet Pushers.

This Week in Internet News: India Bans 118 Apps From Chinese Companies

"In the news" text on yellow background

Eyes on you: A U.S. appeals court has ruled that a National Security Agency program that collected call data from millions of U.S. residents was illegal, The Hill reports. The call metadata collection program, exposed by Edward Snowden, was suspended in 2015. The court ruled that the bulk collection of phone records violated laws requiring agencies to seek court orders when collecting investigation-related information from private businesses.

Ban hammer strikes again: The Indian government has banned 118 apps from Chinese companies, including the popular PUBG Mobile shooter game, Indian Express says. The Indian IT ministry says the blocked apps are potential security threats. “In view of the emergent nature of threats [the ministry] has decided to block 118 mobile apps since in view of the information available they are engaged in activities which is prejudicial to sovereignty and integrity of India, defense of India, security of the state and public order,” the ministry said.

Privacy delayed: Apple has delayed a release of anti-tracking software in an iPhone operating system update after app developers raised concerns that the tool would destroy their ability to deliver targeted advertising, the Los Angeles Times reports. The new tool would have automatically blocked Continue reading

Networking, Engineering and Safety

You might remember my occasional rants about lack of engineering in networking. A long while ago David Barroso nicely summarized the situation in a tweet responding to my BGP and Car Safety blog post:

If we were in a proper engineering we’d be discussing how to regulate and add safeties to an important tech that is unsafe and hard to operate. Instead, we blog about how to do crazy shit to it or how it’s a hot mess. Let’s be honest, if BGP was a car it’d be one pulled by horses.

Read more …
1 915 916 917 918 919 3,860