IOSHints

The OpenFlow zealots are quick to point out the beauties of the centralized control plane, and the huge savings you can expect from using commodity hardware and open-source software. What they usually forget to tell you is that you also have to reinvent all the wheels the networking industry has invented in the last 30 years.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Did you know Ethernet turned 40 today? I didn't (I was never good at tracking anniversaries), but Kris Amundson (the engineer keeping his network up and running in pitch dark Antarctica) quickly brought it to my attention with wonderful photos of South Pole Ethernet network built @ -69C (that's -92F if you're still ignoring the metric system).

Even better, they still have a thick coax cable with transceiver screwed into it!

Thanks for sharing, Kris! Really appreciated ;)

Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

I was sitting next to a really nice security engineer during the fantastic dinner-in-a-wine-cellar @ Troopers 13 and as we started talking about security implications of ignoring IPv6, I was quickly able to persuade him that it's dangerous to pretend IPv6 doesn't exist and that even though you might choose not to deploy it, you still have to acknowledge it exists and take protective measures.

It’s always great fun to explain the dangers of ignoring IPv6 to a networking or security audience, and see some people muttering “oh, ****”

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

NEC demonstrated multi-vendor OpenFlow network @ Interop Las Vegas, linking physical switches from Arista, Brocade, Centec, Dell, Extreme, Intel and NEC, and virtual switches in Linux (OVS) and Hyper-V (PF1000) environments in a leaf-and-spine fabric controlled by ProgrammableFlow controller (watch the video of Samrat Ganguly demonstrating the network).

Does that mean we’ve entered the era of multi-vendor OpenFlow networking? Not so fast.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

If you live in Europe and happen to be interested in security, make sure you put Troopers on the list of must-attend events. Like many things coming from Europe it’s a boutique event (limited to 200 attendees even if it means it’s sold out – that would never happen in some other parts of the world) with some great content.

Enno Rey, the mastermind behind the event, was kind enough to invite me to talk about virtual firewall architectures – you can view my presentation or watch the video – and of course I used the opportunity to visit a not-so-well-known Heidelberg attraction ;)

Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Erik Dietrich obviously hates the self-proclaimed (usually clueless) “experts” – he devoted a whole series of blog posts to them:

• Rise of the Expert Beginner
• Legacy of the Expert Beginner
• Language of the Expert Beginner
• Ambitions of the Expert Beginner

I’m positive you know at least a few people that would match his descriptions. Enjoy!

Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Stu Miniman kindly invited me to do an interview for the SiliconANGLE during the Interop/EMC World week. Here are the results:

More podcast and interviews
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

One of the most pleasant surprises of the recent Interop show was the Tail-f's Network Control System (NCS). I “knew” Carl Moberg (of the NETCONF and YANG fame) for a long time and had the privilege to meet him in person just before the SDN Buyer's Guide panel that I co-hosted with Kurt Marko (who did an excellent job putting the buyer's guide together). Anyhow, what Carl presented during the panel totally blew me away.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

A while ago, while listening to an interesting CloudCast podcast (my second favorite podcast - the best one out there is still the Packet Pushers), I stumbled upon an interesting idea “Data has gravity”. The podcast guest used that idea to explain how data agglomerates in larger and larger chunks and how it makes sense to move the data processing (application) closer to the data.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Short story: Enterasys data center switches have an interesting combination of time-tested routing and bridging features that allow you to build robust data center fabrics and interconnects (including the scenarios where you migrate VMs between them if you really must do so).

I’ll describe these features and how you can use them in a free webinar sponsored by Enterasys (register here). Don’t worry, that won’t make me biased; I still think moving a running VM between data centers makes no sense.

And now for a longer story ;)

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

In one of his Open Networking Summit blog posts Jason Edelman summarized the presentation in which Goldman Sachs described its plans to replace stateful firewalls with packet filters (see also a similar post by Nick Buraglio).

These ideas are obviously not new – as Merike Kaeo succinctly said in her NANOG presentation over three years ago “stateful firewalls make absolutely no sense in front of servers, given that by definition every packet coming into the server is unsolicited.” Real life is usually a bit more complex than that.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

A few days after I published the Interop Product Launch Craze post, Jason Edelman told me HP claims they have running TRILL implementation. Time to read their release notes.

Results: No mention of TRILL in latest release notes for A12500, A9500 or A58xx. A5900 switches support TRILL, EVB and FCoE since release 2207 (January 2013).

More about changes in the data center switching market in the Data Center Fabrics Update webinar. Now I have to catch the next plane on the way home.

Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Just received an email from Trevor Warwick (Director, Cisco NOSTG Software Engineering, UK) on ipv6-ops mailing list (which you really should join if you plan to deploy IPv6) explaining the changes they made to IPv6 TCP MSS handling.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

In the last part of Clos Fabrics Explained webinar Brad Hedlund described how you can use Dell Fabric Manager to plan, design, configure and operate leaf-and-spine Clos fabric built with Dell Force10 switches. Should we call Dell Fabric Manager an SDN solution? Who cares, it sure is useful ;)

Watch the video
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Francesco made an interesting comment to my Virtual Appliance Performance blog post:

Virtual Appliance Performance is comparable to the equivalent Physical Appliance until the latter use its own ASICs (for a good reason), e.g. Palo Alto with its new generation Firewall...

Let’s do a bit of math combined with a few minutes of Googling ;)

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

I was asked to do a short virtual networking presentation during this year’s Microsoft NT Conference in Slovenia. Most of the audience were server and virtualization administrators, having anywhere from zero to pretty decent networking knowledge; getting the right balance of basics and interesting features was a struggle.

They told me the end result wasn’t that bad. It’s a bit Microsoft-biased, but applies equally well to VMware (be it vSphere/VXLAN or Open vSwitch/NVP combo).

View the presentation
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

Plexxi has a really interesting data center fabric solution that combines CWDM optics with L2+L3 switching. They briefed me on their product just before their public launch; I like their approach, particularly the combination of robust traditional forwarding with controller-based network optimization that you can influence from the outside, but somehow I never quite found the time to blog about them … although I did manage to solve the hard part of the problem: write a Perl script that generates Graphviz graph description to generate schematics of their CWDM inter-switch links.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

As expected, we’ve experienced a product launch craze just prior to Interop Las Vegas. I try to avoid marketing announcements, but the blogosphere exploded in hard-to-ignore posts ... and as always, it was great fun separating marketing fluff from reality. Here’s a grumpy take on the above-mentioned press releases.

Read more ...
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

In previous videos from the TCP, HTTP and SPDY webinar I described the network-related performance challenges experienced by web applications and did a deep dive into TCP and HTTP mechanisms underlying them.

Today’s video describes numerous TCP and HTTP enhancements – from increased initial congestion window (recently published as RFC 6928) and TCP fast open to persistent HTTP sessions and pipelining.

The whole webinar is also available on Udemy - it’s free but you’ll have to register (or log in with Facebook) to get access.

Watch the video
Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.

If you’re attending Interop Las Vegas next week, do drop by my Network Infrastructure for Cloud Computing workshop on Monday or one of the networking track sessions on Wednesday: Overlay Networking Explained in late morning and IPv6 – It’s High Time to Get Started in the afternoon. I’ve reserved plenty of time after each one for follow-up questions and discussions.

Other fine sessions you shouldn’t miss: Beware the Firewall, My Son! by Network Security Princess, Chopping Down the Fat Tree by venerable Ethan Banks, Death to Spanning Tree by Data Center Overlord Tony Bourke and How to Keep Video from Blowing Up Your Network by the very first CCIE Terry Slattery.

Have you already subscribed to my podcast (or is it screencast)? It's easy, just click here.