February 24, 2015

Cisco IOS Hints and Tricks

Let’s Get Rid of the Thick Yellow Cable

Whenever I write about the crazy things vendors are trying to sell us, and the kludges we have to live with, I keep wondering, “Is it just me, or is the whole industry really as ridiculous as it seems?” It’s so nice to see someone else coming to the same conclusions, like Mark Burgess (the author of CFEngine and the Promise Theory) did in a lengthy essay on whether SDN makes sense.

Read more ...

by Ivan Pepelnjak (noreply@blogger.com) at February 24, 2015 02:39 PM

February 23, 2015

Packet Pushers Blog/Podcast

Show 225 – SolarWinds on The Cost of Monitoring + NPM 11.5 – Sponsored

SolarWinds' Head Geek Leon Adato joins Packet Pushers co-hosts Ethan Banks and Greg Ferro for a discussion about the cost of (not) doing proper network monitoring. We also get an update on the new features found in the NPM 11.5 release including wireless heat maps, web-based alerting, auto-discovery of application types for DPI, automatic dependency mapping, integrated capacity planning, and duplex mismatch detection.

by Packet Pushers Podcast at February 23, 2015 11:10 PM

The Networking Nerd

Cumulus Networks Could Be The New Microsoft


When I was at HP Discover last December, I noticed a few people running around wearing Cumulus Networks shirts. That had me a bit curious, as Cumulus isn’t usually on the best of terms with traditional networking vendors unless they have a partnership. After some digging, I found out that HP would be announcing a “britebox” branded whitebox switch soon running Cumulus Linux. I wrote a post vaguely hinting about this in as much detail as I dared leak out.

No surprise that HP has formally announced their partnership with Cumulus. This is a great win for HP in the long run, as it gives customers the option to work with an up-and-coming network operating system (NOS) along side HP support and hardware. Note that the article mentions a hardware manufacturing deal with Accton, but I wouldn’t at all be surprised to learn that Accton had been making a large portion of their switching line already. Just a different sticker on this box.

Written Once, Runs Everywhere

The real winner here is Cumulus. They have partnered with Dell and HP to bring their NOS to some very popular traditional network vendor hardware. Given that they continue to push Cumulus Linux on traditional whitebox hardware, they are positioning themselves the same way that Microsoft did back in the 1980s when the IBM Clone PC market really started to take off.

Microsoft’s master stroke wasn’t building an empire around a GUI. It was creating software that ran on almost every variation of devices in the market. That common platform provided consistency for programmers the world over. You never had to worry about what OS was running on an IBM Clone. You could be almost certain it was MS-DOS. In fact, that commonality of platform is what enabled Microsoft to build their GUI interface on top. While DOS was eventually phased out in favor of WinNT kernels in Windows the legacy of DOS still remains on the command line.

Hardware comes and goes every year. Even with device vendors that are very tied to their hardware, like Apple. Look at the hardware differences between the first iPhone and the latest iPhone 6+. They are almost totally alien. Then look at the operating system running on each of them. They are remarkably similar, especially amazing given the eight year gap between them. That consistency of experience has allowed app developers to be comfortable writing apps that will work for more than one generation of hardware.

Bash Brothers

Cumulus is positioning themselves to do something very similar. They are creating a universal NOS interface to switches. Rather than pinning their hopes on the aging Cisco IOS CLI (and avoiding a potential lawsuit in the process), Cumulus has decided to go with Bash. Bash is almost universal for those that work on Linux, and if you’re an old school UNIX admin it doesn’t take long to adapt to Bash either. That common platform means that you have a legion of trained engineers and architects that know how to use your system.

More importantly, you have a legion of people that know how to write software to extend your system. You can create Bash scripts and programs to do many things. Cumulus even created ifupdown to help network admins with simplifying network interface administration. If you can extend the interface of a networking device with relative ease, you’ve started unlocking the key to unlimited expansion.

Think about the number of appliances you use every day that you never know are running Linux. I said previously that Linux won the server war because it is everywhere now and yet you don’t know it’s Linux. In the same way, I can see Cumulus negotiating to get the software offered as an option for both whitebox and britebox switches in the future. Once that happens, you can start to see the implications. If developers are writing apps and programs to extend Cumulus Linux and not the traditional switch OS, consumers will choose the more extensible option if everything else is equal. That means more demand for Cumulus. Which pours more resources into development. Which is how MS-DOS took over the world and led to Windows domination, while OS/2 died a quiet, protracted death.

Tom’s Take

When I first tweeted my thoughts about Cumulus Networks and their potential rise like the folks in Redmond, there was a lot of pushback. People told me to think of them more like Red Hat instead of Microsoft. While their business model does indeed track more closely with Red Hat, I think much of this pushback comes from the negative connotations we have with Windows. Microsoft has essentially been the only game in the x86 market for a very long time. People forget what it was like to run BeOS or early versions of Slackware. Microsoft had almost total domination outside the hobby market.

Cumulus doesn’t have to unseat Cisco to win. They don’t even have to displace the second or third place vendor. By signing deals with as many people as possible to bring Cumulus Linux to the masses, they will win in the long run by being the foundation for where networking will be going in the future.


by networkingnerd at February 23, 2015 10:29 PM

Cisco IOS Hints and Tricks

BGP Configuration Made Simple with Cumulus Linux

BGP is without doubt the most scalable routing protocol, which made it a popular choice for large-scale deployments from service provider networks to enterprise WAN/VPN networks and even data centers. Its only significant drawback is the tedious configuration process (which almost reminds me of writing COBOL programs decades ago).

Read more ...

by Ivan Pepelnjak (noreply@blogger.com) at February 23, 2015 09:02 AM

XKCD Comics

February 22, 2015

SNOsoft Research Team

0-Day Exploit Acquisition Program Update

We are writing this quick blog entry to let people know that we’ve made some significant changes to our Exploit Acquisition Program.  Those changes include the creation of an on-line registration form, online exploit submission form, the introduction of additional buyers to our program, and faster turnaround for each item submitted by registered developers.  Another change is that we’ve created a referral program.  If you refer someone to our program and their item is purchased by one of our buyers then we will provide you with a percentage of the total sale value.

If you are interested in registering for our program please click here:


If you have general questions please contact us at : eap@netragard.com

The post 0-Day Exploit Acquisition Program Update appeared first on "We protect you from people like us.".

by simon at February 22, 2015 07:55 PM

February 20, 2015

Packet Pushers Blog/Podcast

Python and Jinja2 Tutorial

“How should I get started with Network Automation?” I am often asked this question by network engineers looking to develop new programming skills.  If you are brand new to writing Python scripts and are looking for an easy on-ramp to the network automation superhighway, I’d suggest starting with Jinja2 – the de-facto python template engine.  Template building is […]

Author information

Jeremy Schulman

Jeremy Schulman
Making network automation humanly possible

20 year networking industry veteran. Field sales, automation solution architect, technical business development and software engineer by trade. Open-source contributor to Ansible, Puppet and Chef. I enjoy empowering others to be successful with network automation.

The post Python and Jinja2 Tutorial appeared first on Packet Pushers Podcast and was written by Jeremy Schulman.

by Jeremy Schulman at February 20, 2015 07:45 PM

Network Break 28

Coffee, doughnuts and networking. A perfect combination.

by Packet Pushers Podcast at February 20, 2015 06:00 PM

CCDE and CCAr Certificates – FAQ

CCDE is the de facto expert level, vendor neutral, and infrastructure network design certification in the industry.   I have been helping to CCDE community for a while through my packet pushers articles and podcasts. I started couple months before to write about network design and CCDE related articles on my blog http://orhanergun.net as well. […]

Author information

Orhan Ergun

Orhan Ergun, CCIE, CCDE, is a network architect mostly focused on service providers, data centers, virtualization and security.

He has more than 10 years in IT, and has worked on many network design and deployment projects. Host on the packetpushers community channel.

The post CCDE and CCAr Certificates – FAQ appeared first on Packet Pushers Podcast and was written by Orhan Ergun.

by Orhan Ergun at February 20, 2015 02:03 PM

Cisco IOS Hints and Tricks

RFC 7454: BGP Operations and Security

After almost exactly three years of struggles our BGP Operations and Security draft became RFC 7454 – a cluebat (as Gert Doering put it) you can use on your customers and peers to help them fix their BGP setup.

Without Jerome Durand this document would probably remain forever stuck in the draft phase. It’s amazing how many hurdles one has to jump over to get something published within IETF. Thanks a million Jerome, you did a fantastic job!

by Ivan Pepelnjak (noreply@blogger.com) at February 20, 2015 01:18 PM

XKCD Comics

February 19, 2015


Let’s Meet at Interop Las Vegas 2015

I will be at Interop Las Vegas this year from Tuesday, April 28 through Thursday, April 30. If you are a vendor who would like to brief me, someone who would like to explore consulting opportunities, or if you just want a word, let's connect. I'd be happy to swing by your booth, meet for coffee, or simply hang out.

by Ethan Banks at February 19, 2015 07:04 PM

Packet Pushers Blog/Podcast

Show 224 – HTTP2. Its The Biggest (Network) Thing Happening on the Internet Today – Repost

HTTP/2 is now submitted to the RFC Editor and will bring major changes to networking. Efficient design means smaller firewalls, less bandwidth and faster response times for users. And the default to encryption means that transparent caches, proxies, IDS/IPS and other network security systems will be seriously impacted.

by Packet Pushers Podcast at February 19, 2015 05:30 PM

My Etherealmind

Network Dictionary – Whitebrand Ethernet

Whitebrand is a term used to describe a type of Ethernet switch that is a whitebox or generic manufacture but sold by a known IT brand. Juniper OCX1100, HP Open Network Switches are example. White-Box Switching + Vendor Branding = Whitebrand switching.  The other term used is “britebox” but this sounds like dishwashing liquid or something you […]

The post Network Dictionary – Whitebrand Ethernet appeared first on EtherealMind.

by Greg Ferro at February 19, 2015 04:19 PM

Cisco IOS Hints and Tricks

Performance of Hypervisor-Based Overlay Virtual Networking

Years ago I managed to saturate a 10GE uplink on a vSphere server I tested with a single Linux VM using less than one vCPU. On the other hand, squeezing 1 Gbps out of Open vSwitch using GRE encapsulation was called ludicrous speed not so long ago. Implementing overlay virtual networking in the hypervisor obviously carries a huge performance penalty, right? Not so fast…

Read more ...

by Ivan Pepelnjak (noreply@blogger.com) at February 19, 2015 11:10 AM

February 18, 2015

My Etherealmind

Can Network Startups Stay Small and Survive ?

A client recently asked me about startups in the networking space and how to pick the one whose products be around for five years. After some research and reflection, I am beginning to realise that size doesn’t matter like it used to. While big companies selling hardware have big costs, small companies selling software can […]

The post Can Network Startups Stay Small and Survive ? appeared first on EtherealMind.

by Greg Ferro at February 18, 2015 08:02 PM

Packet Pushers Blog/Podcast

Show 224 – HTTP2. Its The Biggest (Network) Thing Happening on the Internet Today

HTTP/2 is now submitted to the RFC Editor and will bring major changes to networking. Efficient design means smaller firewalls, less bandwidth and faster response times for users. And the default to encryption means that transparent caches, proxies, IDS/IPS and other network security systems will be seriously impacted.

by Packet Pushers Podcast at February 18, 2015 11:32 AM

Cisco IOS Hints and Tricks

Update: Performance of Hash Table Lookups

In the Myths That Refuse to Die: Scalability of Overlay Virtual Networking blog post I wrote “number of MAC addresses has absolutely no impact on the forwarding performance until the MAC hash table overflows”, which happens to be almost true.

Read more ...

by Ivan Pepelnjak (noreply@blogger.com) at February 18, 2015 07:49 AM

XKCD Comics

February 17, 2015

Cisco IOS Hints and Tricks

February 16, 2015

Cisco IOS Hints and Tricks

Myths That Refuse to Die: Scalability of Overlay Virtual Networking

If you watched the Network Field Day videos, you might have noticed an interesting (somewhat one-sided) argument I had with Sunay Tripathi, CTO and co-founder of Pluribus Networks (start watching at around 32:00 to get the context). Let’s try to get the record straight.

Read more ...

by Ivan Pepelnjak (noreply@blogger.com) at February 16, 2015 08:37 PM

My Etherealmind
Networking Now (Juniper Blog)

10 steps to deter and defeat Cyber Hackers

Turn on the television news, listen to the radio or open the newspaper and there's a high probability you'll see, listen to or read a Cyber Security story. Here are 10 suggestions to help ensure your organization is not hacked.

by johnfdp at February 16, 2015 05:02 PM

My Etherealmind

Tech Notes: Audio Ping Response From The Terminal / CLI

The following command line will use the Text to Speech converter in *nix to say the word "pingtastic" every time a successful icmp response message is received using the ping command.

The post Tech Notes: Audio Ping Response From The Terminal / CLI appeared first on EtherealMind.

by Greg Ferro at February 16, 2015 11:58 AM

Packet Pushers Blog/Podcast

IP FRR and Micro-loops Part 2

This is a continuation from Part 1 Remote LFA At this point we already know that simple LFA doesn’t always provide full coverage and its very topology dependent. Reason is simple i.e.in many cases backup next hop best path goes through the router calculating the backup next hop.  This problem can be solved if we […]

Author information

Diptanshu Singh

Diptanshu Singh

Diptanshu Singh,(3xCCIE,CCDE) is a Sr. Engineer mostly focused on service providers , data center and security. He is a network enthusiast passionate about network technologies so not only is it his profession, but something of a hobby as well.

The post IP FRR and Micro-loops Part 2 appeared first on Packet Pushers Podcast and was written by Diptanshu Singh.

by Diptanshu Singh at February 16, 2015 09:29 AM

IP FRR and Micro-loops Part 1

Introduction In this post we will take a look at IP FRR and Micro-loops. If the reader already doesn’t have some kind of basic familiarity with IP FRR and Micro-loops, then I would highly recommend the reader go through below post series by Russ as he introduces various concepts in a very clear way. This post […]

Author information

Diptanshu Singh

Diptanshu Singh

Diptanshu Singh,(3xCCIE,CCDE) is a Sr. Engineer mostly focused on service providers , data center and security. He is a network enthusiast passionate about network technologies so not only is it his profession, but something of a hobby as well.

The post IP FRR and Micro-loops Part 1 appeared first on Packet Pushers Podcast and was written by Diptanshu Singh.

by Diptanshu Singh at February 16, 2015 09:27 AM

XKCD Comics

February 15, 2015

Peter's CCIE Musings and Rants

Understanding SNR and RSSI values

Hi Guys

I saw this post on a forum while investigating other issues and had to note it down for you and for my own reference! Finally a definitive answer easily understood to a question I have had for ages regarding determining wireless performance

SNR (Signal-to-Noise Ratio) is a ratio based value that evaluates your signal based on the noise being seen. So let's look at the components of the SNR and they see how to determine it.  SNR is comprised of 2 values and is measured as a positive value between 0db and 120db and the closer it is to 120db the better: Signal Value and Noise Value typically these are expressed in decibels (db).
     So we will look at the Signal (Also known as RSSI) first this value is measured in decibels from 0 (zero) to -120 (minus 120) now when looking at this value the closer to 0 (zero) the stronger the signal is which means it's better, typically voice networks require a -65db or better signal level while a data network needs -80db or better.  Normal range in a network would be -45db to -87db depending on power levels and design; since the Signal is affected by the APs transmit power & antenna aswell as the clients antenna.

Great stuff, found the post here:

 Also worth pointing out as per his post that the 7925g handsets can actually be used to perform site surveys! Another handy trick!

 For more information

by peter_revill (noreply@blogger.com) at February 15, 2015 10:35 PM

The Networking Nerd

Hypermyopia In The World Of Networking


The more debate I hear over protocols and product positioning in the networking market today, the more I realize that networking has a very big problem with myopia when it comes to building products. Sometimes that’s good. But when you can’t even see the trees for the bark, let alone the forest, then it’s time to reassess what’s going on.

Way Too Close

Sit down in a bar in Silicon Valley and you’ll hear all kinds of debates about which protocols you should be using in your startup’s project. OpenFlow has its favorite backers. Others say things like Stateless Transport Tunneling (STT) are the way to go. Still others have backed a new favorite draft protocol that’s being fast-tracked at the IETF meetings. The debates go on and on. It ends up looking a lot like this famous video.

But what does this have to do with the product? In the end, do the users really care which transport protocol you used? Is the forward table population mechanism of critical importance to them? Or are they more concerned with how the system works? How easy it is to install? How effective it is at letting them do their jobs?

The hypermyopia problem makes the architecture and engineering people on these projects focus on the wrong set of issues. They think that an elegant and perfect solution to a simple technical problem will be the magical panacea that will sell their product by the truckload. They focus on such minute sets of challenges that they often block out the real problems that their product is going to face.

Think back to IBM in the early days of the Internet. Does anyone remember Blue Lightning? How about the even older MCA Bus? I bet if I said OS/2 I’d get someone’s attention. These were all products that IBM put out that were superior to their counterparts in many ways. Faster speeds, better software architecture, and even revolutionary ideas about peripheral connection. And yet all of them failed miserably in one way or another. Was it because they weren’t technically complete? Or was it because IBM had a notorious problem with marketing and execution when it came to non-mainframe computing?

Take A Step Back

Every writer in technology uses Apple as a comparison company at some point. In this case, you should take a look at their simplicity. What protocol does FaceTime use? Is it SIP? Or H.264? Does it even matter? FaceTime works. Users like that it works. They don’t want to worry about traversing firewalls or having supernodes available. They don’t want to fiddle with settings and tweak timers to make a video call work.

Enterprise customers are very similar. Think about WAN technologies for a moment. Entire careers have been built around finding easy ways to connect multiple sites together. We debate Frame Relay versus ATM. Should we use MPLS? What routing protocol should we use? The debates go on and on. Yet the customer wants connectivity, plain and simple.

At the recent Networking Field Day 9, two companies that specialize in software defined WAN (SD-WAN) had a chance to present. Velocloud and CloudGenix both showcased their methods for creating WANs with very little need for user configuration. The delegates were impressed that the respective company’s technologies “just worked”. No tuning timers. No titanic arguments about MPLS. Just simple wizards and easy configuration.

That’s what enterprise technology should be. It shouldn’t involve a need to get so close to the technology that you lose the big picture. It shouldn’t be a series of debates about which small technology choice to make. It should just work. Users that spend less time implementing technology spend more time using it. They spend more time happy with it. And they’re more likely to buy from you again.

Tom’s Take

If I hear one more person arguing the merits of their technology favorite again, I may throw up. Every time someone comes to me and tells me that I should bet on their horse in the race because it is better or faster or more elegant, I want to grab them by the shoulders and shake some sense into them. People don’t buy complicated things. People hate elegant but overly difficult systems. They just want things to work at the end of the day. They want to put as little thought into a system as they can to maximize the return they get from it. If product managers spent the next iteration of design focusing on ease-of-use instead of picking the perfect tunneling protocol, I think they would see a huge return on their investment in the long run. And that’s something you can see no matter how close you are.


by networkingnerd at February 15, 2015 06:29 PM

Cisco IOS Hints and Tricks

Must bookmark: NSX Link-o-Rama

Brad Hedlund sent me a link to a fantastic list of NSX resources, from design and troubleshooting guides to videos and blog posts. A must-bookmark page if you're even remotely interested in VMware NSX.

by Ivan Pepelnjak (noreply@blogger.com) at February 15, 2015 03:03 PM

February 14, 2015

Packet Pushers Blog/Podcast

NAT, Security, and Repeating Myself

In a former post I pointed out that we need to think of obscurity as a tool in network security — that we shouldn’t try to apply rules that are perfectly logical in terms of algorithms to networks as a system. While I’m not normally one to repeat myself, this topic needs a little more […]

Author information

Russ White

Principal Engineer at Ericsson

Russ White has scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, nibbled and noodled at a lot of networks, and done a lot of other stuff you either already know about — or don't really care about. You can find Russ at 'net Work, the Internet Protocol Journal, and his author page on Amazon.

The post NAT, Security, and Repeating Myself appeared first on Packet Pushers Podcast and was written by Russ White.

by Russ White at February 14, 2015 06:16 PM

Cisco IOS Hints and Tricks

Networking Field Day 9: Brief Recap

I’m sitting in the San Francisco airport with nothing better to do than writing blog posts, so let’s see what we’ve seen and learned during the Networking Field Day 9.

Most videos recorded during the week are already online. You’ll find links to them in the Presentation Calendar section.

Read more ...

by Ivan Pepelnjak (noreply@blogger.com) at February 14, 2015 04:19 AM

Router Jockey

Cisco Live 2015 – Mike Rowe Announced as Keynote Speaker

mike-rowe-life-adviceCisco just announced to the Cisco Champion community that the guest speaker for the keynote is going to be none other than …… Mike Rowe!! In case you don’t know, Mike Rowe is an American TV host, narrator, actor, and former opera singer. He is best-known for his extensive work on the Discovery Channel. He has starred on the shows Dirty Jobs, and narrated many shows including Deadliest Catch, American Hot Rod, and Ghost Hunters. He also did a quick stint on the QVC Shopping Network where he was hired after talking about a pencil for nearly eight minutes. According to his bio,  he worked the graveyard shift for just three years, until he was ultimately fired for making fun of products and belittling viewers. I’ve included one of my favorite videos from his time at QVC down below, be sure to check out some of the other ones if you haven’t seen them.

Mike also founded the mikeroweWORKS Foundation, which promotes hard work. Mike has long been a supporter of the skilled trades and his foundation works hard at awarding scholarships to men and women who demonstrate an aptitude for doing the work that America needs. He is also closely associated with the Future Farmers of America, Skills USA, and the Boy Scouts of America, who honored him as a Distinguished Eagle Scout. And Forbes has identified him as one of the country’s 10 Most Trustworthy Celebrities in 2010, 2011 and 2012.

I am so excited about this years event. Aerosmith? Mike Rowe? What’s going to be next!? If you want to hear Mike speak, you have to come to Cisco Live. So if you haven’t already registered for CLUS15,  it’s not too late, so do it NOW!!!

Oh, and it seems that Jeff finally got his wish… and it only took 4 years =)

2015-02-13 at 11.29 PM

The post Cisco Live 2015 – Mike Rowe Announced as Keynote Speaker appeared first on Router Jockey.

by Tony Mattke at February 14, 2015 01:15 AM

February 13, 2015


News Analysis: CloudGenix, LightCyber, VMware, Meru

This week, Greg and I decided to do a review of some of the briefings we received via an audio recording. We published the audio on the Packet Pushers Community Show feed, which you can subscribe to specifically on iTunes or access via the Packet Pushers Fat Pipe iTunes feed. Here's a summary of my take on these briefings.

by Ethan Banks at February 13, 2015 08:35 PM