I started preparing the materials for the SDN – 10 years later webinar, and plan to publish a series of blog posts documenting what I found on various aspects of what could be considered SDN1. I’m pretty sure I missed quite a few things; your comments are most welcome.
Let’s start with an easy one: software/hardware disaggregation in network devices.
I found several widely-used open-source2 network operating systems:
Russ White continues the discussion about BGP peering in part two of this lesson. Topics covered include: -Challenges with link-local next hop with IPv6 -How different BGP implementations handle these challenges -Promiscuous peering -Mitigating the attack surface of promiscuous peers -BGP Capabilities -Filtering before advertising/RFC 8212 You can subscribe to the Packet Pushers’ YouTube channel […]
The post Learning BGP Module 2 Lesson 2: Peering, Part 2 – Video appeared first on Packet Pushers.
The first video in this second module of Russ White’s BGP course covers peering, including why BGP uses TCP for transport, passive and active peer, multi-hop peering, collisions, and more. Russ White is a network architect, author, and instructor. You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. […]
The post Learning BGP Module 2 Lesson 1: Peering Part 1 – Video appeared first on Packet Pushers.
This lesson in Russ White’s BGP course delves into synchronization within an Autonomous System (AS) and confederation within an AS. It also discusses route reflectors, including how they prevent loops, route reflector clients, route reflector multi-path, and multi-path pros and cons. Russ White is a network architect, author, and instructor. You can subscribe to the […]
The post Learning BGP Module 1 Lesson 4: Intra-AS Models And Route Reflectors – Video appeared first on Packet Pushers.
Juniper Networks’ network virtualization software Contrail can now integrate with Kubernetes. Originally designed for OpenStack, Juniper calls this new version of Contrail “CN2.” Contrail is a Software Defined Networking (SDN) platform for spinning up, configuring, and managing virtual networks on compute nodes rather than traditional network hardware. Contrail enables virtualized routing, switching, load balancing, and […]
The post Juniper Extends Contrail To Kubernetes For Cloud-Native Virtual Networking appeared first on Packet Pushers.
This lesson in Russ White’s BGP course gets into withdrawing a route, MRAI time, implicit withdraws, BGP Hunt, graceful restart, and other topics. Russ White is a network architect, author, and instructor. You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a diverse a mix of content […]
The post Learning BGP Module 1 Lesson 3: How BGP Really Converges – Video appeared first on Packet Pushers.
First off, go watch this excellent video from Ken Duda of Arista at Networking Field Day 28. It’s the second time he’s knocked it out of the park when it comes to talking about code quality:
<iframe allowfullscreen="true" class="youtube-player" height="329" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation" src="https://www.youtube.com/embed/wDQOghDmTi8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en&autohide=2&wmode=transparent" style="border:0;" width="584"></iframe>
One of the things that Ken brings up in this video that I thought would be good to cover in a bit more depth is the idea of what happens to the culture of your organization, specifically code quality, when you acquire a new company. Every team goes through stages of development from formation through disagreement and finally to success and performance. One of the factors that can cause a high-performing team to regress back to a state of challenges is adding new team members to the group.
Let’s apply this lesson to your existing code infrastructure. Let’s say you’ve spent a lot of time building the best organization that has figured out and your dev teams are running like a well-oiled machine. You’re pushing out updates left and right and your users are happy. Then, you buy a company to get a new feature or add some new blood to the team. What happens when that new team comes on-board? Are they going to integrate into what you’ve been doing all this time? Do they have their own method for doing development? Are they even using the same tools that you have used? How much upheaval are you in for?
Over a decade ago, United Airlines bought Continental Airlines. Two years later, the companies finally merged their ticketing systems. Well, merged might be a bit of a stretch. United effectively moved all their reservations to the Continental system and named the whole thing United. There are always challenges with these kinds of integrations but one might think that part of the reason for the acquisition was to move to a more modern reservation system.
United’s system was called Apollo and built in the 1970s. How could they move to a more modern system? Was the reason for the huge purchase of another airline directly related to their desire to adopt a newer, more flexible reservation system? There have certainly been suggestions of that for a number of years. But, more importantly, they also saw the challenges faced by one of their Star Alliance partner US Airways in 2007 when they tried a different approach to merging booking systems. The two radically different code bases clashed and created issues. And that’s for something as simple as an airline reservation system!
In the modern day we have much more control over the way that code is developed. We know the process behind what we do and what we write. When we build something we control it the entire way. However, that is true of everyone that writes code. And even with a large number of “best practices” out there no two developers are going to approach the problem the same way unless they work for the same company. So when you bring someone on board to your team through acquisition you’re also bringing in their processes, procedures, and habits. You have to own what they do because now their development quirks are part of your culture.
There’s a lot of due diligence that happens when companies are purchased. There’s an army of accountants that pore over the books and find all the potential issues. I’d argue that any successful merger in today’s world also needs to include a complete and thorough code review as well. You need to know how their culture is going to integrate into what you’re doing. Never mind the intellectual property issues. How do they name variables? Do they call the same memory allocation routines? Do they use floats instead of integers because that’s how they were taught? What development tools do they use and can those tools adapt to your workflow?
It may sound like I’m being a bit pedantic when I talk about variable naming being a potential issue but when it comes to code that is not the case. You’re going to have to train someone in procedure and you need to know who that is before they start committing code to your codebase. Those little differences are going to create bugs. Those bugs are going to creep into what you’re working on and create even more problems. Pretty soon something as simple as trying to translate from one IDE to another is going to create a code quality problem. That means your team is going to spend hours solving an issue that could have been addressed up front by figuring out how things were done in two different places. If you think that’s crazy, remember NASA lost a satellite over a unit conversion problem.
You may never find yourself in the shoes of someone like Ken Duda. He’s committed to quality software and also in charge of trying to integrate acquisitions with his existing culture. However, you can contribute to a better software culture by paying attention to how things are done. If you do things a certain way you need to document everything. You need to ensure that if someone new comes into the team that they can understand your processes quickly. That way they don’t spend needless hours troubleshooting problems that were lost in translation at the start of the process. Do the hard work up front so you aren’t calling people names later.
Cisco Live US 2022 will be June 12-16 in Las Vegas. After two years of virtual conferences and being vaccinated three times against Covid-19, I’m more than motivated to go in person! However, for those who are still hesitating, there is also an online version, over two days, probably in a similar format to 2021. I am really looking forward to it and being able to talk and interact with my former colleagues, friends, and peers again. This is probably the best part about attending a conference in person: meeting…
The post Cisco Live 2022 appeared first on AboutNetworks.net.
The last part of Network Addressing section of How Networks Really Work webinar covered other addressing-related topics starting with address assignment mechanisms.
Here’s another “do these things ever disappear?” question from Enrique Vallejo:
Regarding storage, is Fibre Channel still a thing in 2022, or most people employ SATA over Ethernet and NVMe over fabrics?
TL&DR: Yes. So is COBOL.
To understand why some people still use Fibre Channel, we have to start with an observation made by Howard Marks: “Storage is different.” It’s OK to drop a packet in transit. It’s NOT OK to lose data at rest.
Here’s a short list of major goodies included in netsim-tools release 1.2.2:
More details in the release notes.
To upgrade netsim-tools, use pip3 install --upgrade netsim-tools
; if you’re starting from scratch, read the installation instructions.
Recent news from the Department of Unintended Consequences: RFC 6724 changed the IPv4/IPv6 source/destination address selection rules a decade ago, and it seems that the common interpretation of those rules makes IPv6 Unique Local Addresses (ULA) less preferred than the IPv4 addresses, at least according to the recent Unintended Operational Issues With ULA draft by Nick Buraglio, Chris Cummings and Russ White.
End result: If you use only ULA addresses in your dual-stack network1, IPv6 won’t be used at all. Even worse, if you use ULA addresses together with global IPv6 addresses (GUA) as a fallback mechanism, there might be hidden gotchas that you won’t discover until you turn off IPv4. Looks like someone did a Truly Great Job, and ULA stands for Useless Local Addresses.
A friend of mine working for a mid-sized networking vendor sent me an intriguing question:
We have a product using an old ASIC that has 12K forwarding entries, and would like to extend its lifetime. I know you were mentioning some useful tricks, would you happen to remember what they were?
This challenge has no perfect solution, but there are at least three tricks I’ve encountered so far (as always, comments are most welcome):
Erik Auerswald sent me a pointer to a blog post by Dave Taht: The state of fq_codel and sch_cake worldwide. It’s so nice to see what a huge impact Dave made since he started the Bufferbloat project.
Hint: if you have no idea what Bufferbloat or fq_codel are, you REALLY SHOULD explore Dave’s web site.
Most large content providers use some sort of egress traffic engineering on edge web proxy/caching servers to optimize the end-user experience (avoid congested transit autonomous systems) and link utilization on egress links.
I was planning to write a blog post about the tricks they use for ages, and never found time to do it… but if you don’t mind watching a video, the Source Routing on the Edge presentation Oliver Herms had at iNOG::14v does a pretty good job explaining the concepts and a particular implementation.
It’s been a great week at Networking Field Day 28 this week with some great presentations and even better discussions outside of the room. We recorded a couple of great podcasts around some fun topics, including the Full Stack Engineer.
Some random thoughts about that here before we publish the episode of the On-Premise IT Roundtable in the coming weeks:
Note that I don’t have all the answers and there are people that are a lot smarter than me out there that have talked a lot about the full stack engineering issue. My biggest fear is that this is going to become another buzzword just like 10x engineer that carries a lot of stigma about being less than useful while being a know-it-all. When the episode of the podcast comes out perhaps it will generate some good discussion on how we should be handling it.
Christopher Werny has tons of hands-on experience with IPv6 security (or lack thereof), and described some of his findings in the Practical Aspects of IPv6 Security part of IPv6 security webinar, including:
The final episode in this course reviews everything we covered. Thanks for watching! Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network Automation Nerds and has written the books Mastering Python […]
The post Practical Python For Networking: 8.0 – Conclusion – Video appeared first on Packet Pushers.
netsim-tools started as a simple tool to create virtual lab topologies (I hated creating Vagrantfiles describing complex topologies), but when it morphed into an ever-growing “configure all the boring stuff in your lab from a high-level description” thingie, it gave creative networking engineers an interesting idea: could we use this tool to do all the stuff we always hated doing in our physical labs?
My answer was always “of course, please feel free to submit a PR”, and Stefano Sasso did just that: he implemented external orchestration provider that allows you to use netsim-tools to configure IPv4, IPv6, VLANs, VRFs, LLDP, BFD, OSPFv2, OSPFv3, EIGRP, IS-IS, BGP, MPLS, BGP-LU, L3VPN (VPNv4 + VPNv6), SR-MPLS, or SRv6 on supported hardware devices.
This lesson wraps up the section on distributing packages with a full example. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network Automation Nerds and has written the books Mastering Python […]
The post Practical Python For Networking: 7.3 – Distribution Example – Video appeared first on Packet Pushers.
Nicola Modena created an interesting presentation describing IBGP designs using BGP Additional Paths and Optimal Route Reflection functionality
Hope you’ll enjoy the presentation as much as I did… and make sure you understand potential circular dependencies you might be introducing when running a route reflector as a virtual machine.
This lessons walks through preparing a package for distribution. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network Automation Nerds and has written the books Mastering Python Networking and Distributed Denial […]
The post Practical Python For Networking: 7.2 Distribution Preparation – Video appeared first on Packet Pushers.
Russ White’s BGP series continues with a discussion of building loop-free paths with the Border Gateway Protocol (BGP). Topics include AS (Autonomous System) paths, loop prevention, why loop checks are inbound, and more on IBGP and EBGP. Russ White is a network architect, author, and instructor. You can subscribe to the Packet Pushers’ YouTube channel […]
The post Learning BGP Module 1 Lesson 2: How BGP Builds Loop-Free Paths – Video appeared first on Packet Pushers.
Continuing the what happened to old technologies saga, here’s another question by Enrique Vallejo:
Are FabricPath, TRILL or SPB still alive, or has everyone moved to VXLAN? Are they worth studying?
TL&DR: Barely. Yes. No.
Layer-2 Fabric craziness exploded in 2010 with vendors playing the usual misinformation games that eventually resulted in totally fragmented market full of partial- or proprietary solutions. At one point in time, some HP data center switches supported only TRILL, and other data center switches from the same company supported only SPB.
Now for individual technologies:
Russ White kicks off a ten-video series on the Border Gateway Protocol (BGP). The series is divided into two modules, with short lessons within each module. This first video covers a brief history of BGP and then gets into the purpose of BPG, reachability vs. a route, Autonomous System (AS) rules, problems that BGP solves, […]
The post Learning BGP Module 1 Lesson 1: Why BGP? – Video appeared first on Packet Pushers.
This lesson provides an introduction to distributing Python packages. Creating packages was covered in lessons 6.1, 6.2, and 6.3. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Additional resources: https://packaging.python.org/tutorials/packaging-projects/ https://dzone.com/articles/executable-package-pip-install Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of […]
The post Practical Python For Networking: 7.1 Distributing Python Packages – Introduction – Video appeared first on Packet Pushers.
Does an IP address need to be treated like other Personally Indentifiable Information (PII)?
The post Privacy And Networking Part 3: Is An IP Address Protected Information For Privacy? appeared first on Packet Pushers.
Now that you’ve learned how to put together a package, this lesson shows you how to call that package in a script. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network […]
The post Practical Python For Networking: 6.4 – Run Package Example – Video appeared first on Packet Pushers.
It’s time for the bad part of AI/ML in Networking: Good, Bad, and Ugly webinar. After describing the potential AI/ML wins, Javier Antich walked us through the long tail of AI/ML problems.
This lesson walks through the creation of a simple package. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network Automation Nerds and has written the books Mastering Python Networking and Distributed […]
The post Practical Python For Networking: 6.3 – Making A Simple Package Example – Video appeared first on Packet Pushers.
Two week ago I described how to create a simple VRF Lite lab with netsim-tools VRF configuration module. Adding MPLS/VPN to the mix and creating a full-blown MPLS/VPN lab is a piece of cake. In this blog post we’ll build a simple topology with two VRFs (red and blue) and two PE-routers:
<figure>Lab topology
</figcaption> </figure>