October 09, 2015

Networking Now (Juniper Blog)

Mobile is Here....Are you Ready?

infographic.PNGMobile data traffic is expected to grow at a CAGR of around 45 percent between 2013 and 2019, resulting in a 10-fold increase over that time span...learn more about how mobile traffic will impact your network in this new infographic.

by rajoon at October 09, 2015 05:23 PM

My Etherealmind

Basics: Explaining the Difference Between Software Defined Networking (SDN) and Network Functions Virtualization (NFV)

The next generation of networking is more complex and multi-functional compared to the networks of today. Networks are moving from “connectivity as a service” to “multi- service platform. Takeaways SDN & NFV are complementary technologies NFV depends on SDN to deliver network features that enable it. Both use controller concepts for Operations and Administration (OAM). […]

The post Basics: Explaining the Difference Between Software Defined Networking (SDN) and Network Functions Virtualization (NFV) appeared first on EtherealMind.

by Greg Ferro at October 09, 2015 05:00 PM

AWS IoT vs Cisco Fog Computing – Cloud vs Network IoT

Amazon Internet of Things PaaS platform was announced yesterday with the buzz line "Cloud Services for Connected Devices". I am comparing the strategic differences with Cisco Fog Computing.

The post AWS IoT vs Cisco Fog Computing – Cloud vs Network IoT appeared first on EtherealMind.

by Greg Ferro at October 09, 2015 11:03 AM

XKCD Comics

October 07, 2015

Networking Now (Juniper Blog)

It’s a Team Effort: Developing a Culture of Cybersecurity in the Workplace

Cyber threats today are evolving, becoming more sophisticated and making it critical for organizations to educate, implement and encourage employees to follow cyber best practices. In a recent RAND Corporation report, sponsored by Juniper Networks, it was projected that the cost to businesses in managing cybersecurity risk is set to increase 38 percent over the next 10 years.

by Sherry Ryan at October 07, 2015 01:00 PM


SSL Certificate signed by own CA

There are a lot of “how-to” on the Internet explaining the setup procedure. This is mainly a copy / paste example for those in a hurry :) How to setup your own CA Read more on SSL Certificate signed by own CA…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

by Calin at October 07, 2015 12:50 PM

XKCD Comics

October 06, 2015

The Networking Nerd

SDN Myths Revisited


I had a great time at TECHunplugged a couple of weeks ago. I learned a lot about emerging topics in technology, including a great talk about the death of disk from Chris Mellor of the Register. All in all, it was a great event. Even with a presentation from the token (ring) networking guy:

I had a great time talking about SDN myths and truths and doing some investigation behind the scenes. What we see and hear about SDN is only a small part of what people think about it.

SDN Myths

Myths emerge because people can’t understand or won’t understand something. Myths perpetuate because they are larger than life. Lumberjacks and blue oxen clearing forests. Cowboys roping tornadoes. That kind of thing. With technology, those myths exist because people don’t want to believe reality.

SDN is going to take the jobs of people that can’t face the reality that technology changes rapidly. There is a segment of the tech worker populace that just moves from new job to new job doing the same old things. We leave technology behind all the time without a care in the world. But we worry when people can’t work on that technology.

I want you to put your hands on a floppy disk. Go on, I’ll wait. Not so easy, is it? Removable disk technology is on the way out the door. Not just magnetic disk either. I had a hard time finding a CD-ROM drive the other day to read an old disc with some pictures. I’ve taken to downloading digital copies of films because my kids don’t like operating a DVD player any longer. We don’t mourn the passing of disks, we celebrate it.

Look at COBOL. It’s a venerable programming language that still runs a large percentage of insurance agency computer systems. It’s safe to say that the amount of money it would cost to migrate away from COBOL to something relatively modern would be in the millions, if not billions, of dollars. Much easier to take a green programmer and teach them an all-but-dead language and pay them several thousand dollars to maintain this out-of-date system.

It’s like the old story of buggy whip manufacturers. There’s still a market for them out there. Not as big as it was before the introduction of the automobile. But it’s there. You probably can’t break into that market and you had better be very good (or really cheap) at making them if you want to get a job doing it. The job that a new technology replaced is still available for those that need that technology to work. But most of the rest of society has moved on and the old technology fills a niche roll.

SDN Truths

I wasn’t kidding when I said that Gartner not having an SDN quadrant was the smartest thing they ever did (aside from the shot at stretched layer 2 DCI). I say this because it will finally force customers to stop asking for a magic bullet SDN solution and it will force traditional networking vendors to stop packaging a bunch of crap and selling it as a magic bullet.

When SDN becomes a part of the entire solution and not some mystical hammer that fixes all the nails in your environment, then the real transformation can happen. Then people that are obstructing real change can be marginalized and removed. And the technology can be the driver for advancement instead of someone coming down the hall complaining about things not working.

We spend so much time reacting to problems that we forgot how to solve them for good. We’re not being malicious. We just can’t get past the triage. That’s the heart of the fire fighter problem. Ivan wrote a great response to my fire fighter post and his points were spot on. Especially the ones about people standing in the way, whether it be through outright obstruction or by taking power away to affect real change. We can’t hold networking people responsible for the architecture and simultaneously keep them from solving the root issues. That’s the ham-handed kind of organizational roadblock that needs to change to move networking forward.

Tom’s Take

Talks like this don’t happen over night. They take careful planning and thought, followed by panic when you realize your 45-minute talk is actually 20-minutes. So you cut out the boring stuff and get right to the meat of the issue. In this case, that meat is the continued misperception of SDN no matter how much education we throw at the networking community. We’re not going to end up jobless programmers being lied to by silver-tongued marketing wonks. But we are going to have to face the need for organization change and process reevaluation on a scale that will take months, if not years, to implement correctly. And then do it all over again as technology evolves to fit the new mold we created when we broke the old one.

I would rather see the easy money flee to a new startup slot machine and all of the fair weather professionals move on to a new career in whatever is the hot new thing. That means those of us left behind in the newly-transformed traditional networking space will be grizzled veterans willing to learn and implement the changes we need to make to stop being blamed for the problems of IT and be a model for how it should be run. That’s a future to look forward to.


by networkingnerd at October 06, 2015 08:02 PM

Networking Now (Juniper Blog)

Junos 14.1 FIPS 140-2 Certification is Most Comprehensive Certification Yet


I am pleased to report that the National Institute of Standards and Technology (NIST) has issued a Federal Information Processing Standard (FIPS) 140-2 Certification of the following Juniper Networks devices with Junos 14.1R4 software.


EX9204, EX9208, EX9216

M7i, M10i, M120, M320

MX240, MX480, MX960, MX2010, MX2020

PTX3000, PTX5000

T640, T1600, T4000


The FIPS certification is #2451.


This is a first time FIPS certification for the EX9200 and the PTX devices and a recertification for the M, MX, and T-series devices.  This is Juniper Network’s 56th FIPS certification and this is the most comprehensive single FIPS certification completed to date.


FIPS Certification continues to be challenging as NIST requirements evolve including the deprecation of cryptographic algorithms that were once approved and increased focus on important cryptography elements like maintaining sufficient entropy and using strong deterministic random bit generators (DRBG).


by bshelton at October 06, 2015 06:39 PM

My Etherealmind

Musing: Amazon stops selling competitor products, impact on AWS ?

If you build a service on the AWS cloud, are you at risk if Amazon decides to compete with you ?

The post Musing: Amazon stops selling competitor products, impact on AWS ? appeared first on EtherealMind.

by Greg Ferro at October 06, 2015 12:29 PM

Potaroo blog

DNS OARC Fall 2015 Workshop Report

The DNS Operations, Analysis and Research Centre holds a 2 day workshop twice a year. These are my impressions of the Fall 2015 workshop, held at the start of October in Montreal.

October 06, 2015 12:00 PM

October 05, 2015


A Few Points About VMware EVO SDDC Networking

A Packet Pushers listener that heard us chatting about VMware's EVO SDDC solution raised a few concerns about the networking functionality in the current version of EVO SDDC. I was able to talk briefly with Krish Sivakumar, Director of Product Marketing, EVO SDDC & Ven Immani, Senior Technical Marketing Engineer, EVO SDDC at VMware to help clarify some of the issues.

by Ethan Banks at October 05, 2015 09:35 PM

Interop 2016: Introducing The Future of Networking Track @interop

For the last several North American Interop conferences, I have been the Infrastructure track chair or co-chair. For Interop Las Vegas 2016, I will be doing something else. Greg Ferro and I are working together to create a new premium track titled The Future of Networking.

by Ethan Banks at October 05, 2015 07:53 PM

Networking Now (Juniper Blog)

Network Security: It’s a Zero-Sum Game

Unite_Logo_nobackground.pngMake sure you win it with Juniper’s new network security solutions.


Cybercriminals. They’re inside your network perimeter. Already.


Read about Juniper's security innovations within the newly announced Juniper Unite architecture.

by rajoon at October 05, 2015 06:30 PM

Network Design and Architecture

Network Design Best Practices – Simplicity

Network Design should be simple.Simplicity is the first of the network design best practices which I want you to remember. If you are in the field for enough time, you probably heard the KISS principle. If you are a good follower of my blog , you maybe heard SUCK principle as well. KISS stands for… Read More »

The post Network Design Best Practices – Simplicity appeared first on Network Design and Architecture.

by orhanergun at October 05, 2015 05:13 PM

Networking Now (Juniper Blog)

IPv6 Dominance Will Come on a Weekend

Are you ready?

If you are not doing IPv6 today, you're probably negatively impacting your users.

by bshelton at October 05, 2015 02:19 PM

Potaroo blog

Some Thoughts on the Open Internet

I’m sure we’ve all heard about "the Open Internet." The expression builds upon a rich pedigree of term "open" in various contexts. We seem to have developed this connotation that "open" is some positive attribute, and when we use the expression of the "Open Internet" it seems that we are lauding it in some way. But in what way? So let’s ask the question: What does the "Open Internet" mean?

October 05, 2015 01:00 PM

XKCD Comics

October 02, 2015

XKCD Comics

October 01, 2015

Networking Now (Juniper Blog)

Eight Ways to Heighten Cybersecurity

As our world has become ever more connected, we’ve all learned common online safety tips. It’s now second nature to use strong passwords and antivirus software; take care when connecting to public Wi-Fi; and remain alert to social engineering scams (e.g., phishing).

by bworrall at October 01, 2015 01:00 PM

In Search of Tech

In Pursuit of the CCIE

Just a short post to let you know this blog is not dead. I have not written anything in several months. While I have several posts that are partially complete, I have not been able to finish them…..yet.

For the past several months, I have been busy studying for the CCIE Wireless lab exam. Prior to that, I was sort of working towards the CCIE Route/Switch written and lab exam. I wasn’t fully committed, so my studying was sporadic at best. My heart just wasn’t in forcing myself to learn more about IPv6, multicast, MPLS, and some of the other blueprint items.

Somewhere along the line it changed. Maybe it was having another co-worker who was serious in his pursuit of the CCIE Wireless. Maybe it was that my job working for a reseller had me doing more and more Cisco wireless work. Maybe I just liked the fact that wireless was hard. I’m not really sure. I just know that at some point, a switch flipped inside my head and I just decided to go all in on my studies. Honestly, I should have done this years ago, but the timing just didn’t seem right.

I’ve been studying most nights every week for a few months. I don’t sleep a whole lot these days. A lot of times, I fall asleep in my chair up in my office and don’t wake up until my wife comes up to check on me. On those nights when I do make it to my bed, I think about the lab blueprint until my brain finally shuts down and I drift off to dream. I have dreams about odd things like wireless authentication. My thoughts are always on the lab. Whether I am in a meeting with a client, sitting in church, or just driving down the road, it consumes me.

I’m constantly fighting off the voices in the back of my mind telling me to stop and go back to life as it was before the study urges took over. I have a wife and two kids. I have a job that demands a decent level of performance mentally. I travel a fair amount for work. I work odd hours. I am fairly active in my local church. I also make a decent living, so passing the lab doesn’t mean a massive pay raise for me. There are so many reasons I shouldn’t do this, and they almost overshadow the reasons that I should.

On the positive side, I am convinced there are doors that will not open career-wise, without the CCIE. Will I make more money after passing the lab? Probably. Will I have more recruiters and HR folks pinging me on LinkedIn? Yes. Will I have interesting career choices cross my path? Probably. I’m not planning on doing anything different work-wise after I pass, but as any of you who have CCIE digits knows, you have more options.

Those are all well and good, but if there is one reason I want to pass the lab, it is related to a quote attributed to John F. Kennedy from a speech he gave in 1962 regarding the USA’s attempts to land on the moon:

“We choose to go to the moon in this decade and do the other things, not because they are easy, but because they are hard.”

That’s it in a nutshell. I need to know if I can push myself to finish something that on the surface, seems impossible. When I was 15 years old, I ran a mile(1600 meters) in 4 minutes and 56 seconds on a dirt track in Hawaii. I had been trying to break 5 minutes for a while at that point. I remember that race vividly. I had a great running coach that trained me well. I put in a lot of miles on hills and roads leading up to that point, and I only mentioned the locale(Hawaii) to give you an idea of what kind of “hills” I was referring to. It was the end of our track season and I was in peak shape. Had it been a rubber track, I could have probably run it in 5 or 6 seconds faster. It doesn’t matter though. I broke 5 minutes. For some, that is not a big deal. For a kid who had asthma at a younger age, that was huge. It will always be one of my favorite moments in my life, taking a back seat to only the birth of my children and the marriage to my wife.

I am always telling my kids that they can be anything they want to be as long as they are willing to work hard for it. I can tell them all day long. It’s better if I show them through example. I’ll find out in 18 days when I sit the lab for the first time. I may go back several more times before I pass it, but I am prepared to do that.

Nobody ever talks to me about my sub-5 minute mile I ran. In fact, my father was the only one in my family who witnessed it. When, and it is a “when”, I pass the CCIE Wireless lab, most of the people in my day to day life, outside of work, will not even know what that is. I am perfectly fine with that. I’m not doing this for accolades or pats on the back. I’m doing this for me, and also to secure a potentially greater ability to provide for my family.

When it is over, I will take a break from studying. I’ll stop reading technical books for a few months, and not think about this stuff too much outside of my work hours. I have several hundred books I have put off reading for several years. I also have 60 years of National Geographic magazines that a friend gave me that are sitting in my office closet begging to be read. After a few months and a few dozen books and magazines, I will get back on the study “horse” and push towards the Aruba ACMX.

While I would have loved to create a bunch of blog posts documenting the technical aspects of my studies, I made the decision to devote that time to studying. Anyone who has written even one technical post knows how much time those things take. I am very grateful for people like Rasika who took the time to document all of their studies. If you are studying for the CCIE Wireless as well, you are probably already familiar with his excellent site. Much of that content applies to the version 3 lab blueprint.

Just wanted to put something up here to let you know I have not abandoned this site. I’m still around. I’m just busy studying.


by Matthew Norwood at October 01, 2015 06:52 AM

September 30, 2015

My Etherealmind
Potaroo blog

Measuring the Root KSK Keyroll

A little over five years ago the root zone of the DNS was signed with DNSSEC for the first time. At the time the Root Zone operators promised to execute a change of key in five years time. It's now that time and we are contemplating a roll of the root key of the DNS. The problem is that we believe that there are number of resolvers who are not going to follow the implicit signalling of a new key value. So for some users, for some domain names things will go dark when this key is rolled. Is there any way to predict in advance how big a problem this will be?

September 30, 2015 06:30 AM

XKCD Comics

September 29, 2015

The Networking Nerd

Premise vs. Premises


If you’ve listened to a technology presentation in the past two years that included discussion of cloud computing, you’ve probably become embroiled in the ongoing war of the usage of the word premises or the shift of people using the word premise in its stead. This battle has raged for many months now, with the premises side of the argument refusing to give ground and watch a word be totally redefined. So where is this all coming from?

The Premise of Your Premises

The etymology of these two words is actually linked, as you might expect. Premise is the first to appear in the late 14th century. It traces from the Old French premisse which is derived from the Medieval Latin premissa, which are both defined as “a previous proposition from which another follows”.

The appearance of premises comes from the use of premise in legal documents in the 15th century. In those documents, a premise was a “matter previously stated”. More often than not, that referred to some kind of property like a house or a building. Over time, that came to be known as a premises.

Where the breakdown starts happening is recently in technology. We live in a world where brevity is important. The more information we can convey in a brief period the better we can be understood by our peers. Just look at the walking briefing scenes from The West Wing to get an idea of how we must compress and rapidly deliver ideas today. In an effort to save precious syllables during a presentation, I’m sure some CTO or Senior Engineer compressed premises into premise. And as we often do in technology, this presentation style and wording was copied ad infinitum by imitators and competitors alike.

Now, we stand on the verge of premise being redefined. This has a precedent in recent linguistics. The word literally was recently been changed from the standard definition of “in a literal sense” or describing something as it actually happened into an informal usage of “emphasizing strong feeling while not being literally true”. This change has grammar nerds and linguistics people at odds. Some argue that language evolves over time to include new meanings. Others claim that changing a word to be defined as the exact opposite meaning is a perversion and is wrong.

The Site of Your Ideas

Perhaps the real solution to this problem is to get rid of the $2 words when a $.50 word will do just fine. Instead of talking about on-premises cloud deployments, how about referring to them as on-site? Instead of talking about the premise behind creating a hybrid cloud, why not refer to the idea behind it (especially when you consider that the strict definition of premise doesn’t really mean idea).

By excising these words from your vocabulary now, you lose the risk of using them improperly. You even get to save a syllable here and there. If word economy is truly the goal, the aim should be to use the most precise word with the least amount of effort. If you are parroting a presentation from Amazon or Google and keep referring to on-premise computing you are doing a disservice to people that are listening to you and will carry your message forward to new groups of listeners.

Tom’s Take

If you’re going to insist on using premises and premise, please make sure you get them right. It takes less than a second to add the missing “s” to the end of that idea and make it a real place. Otherwise you’re going to come off sounding like you don’t know what you’re talking about. Kind of like this (definitely not safe for work):

Instead, let’s move past using these terms and get back to something more simple and straightforward. Sites can never be confused for ideas. It may be more direct and less flashy to say on-site but you never have to worry about using the wrong term or getting the grammarians on your bad side. And that’s a premise worth believing in.


by networkingnerd at September 29, 2015 04:50 AM