September 01, 2014

Honest Networker

Reviewing the optical vendor’s approach to management-plane security: “SSH, what’s that?”

Reviewing the optical vendor's approach to management-plane security: 'SSH, what's that?'

Reviewing the optical vendor’s approach to management-plane security: “SSH, what’s that?”

by ohseuch4aeji4xar at September 01, 2014 04:18 PM


New GNS3 1.0 Beta 1

It appears that there are some significant changes ongoing with GNS3:     As mentioned by the GNS3 CEO and co-founder Stephen Guppy on 11th of August 2014, the new GNS3 will be more polished and will migrate to a multi-vendor emulation platform. For those using this tool, it’s a well known fact that GNS3 was mainly focused to emulate Cisco platform, evolving to support vPC and VirtualBox virtual machines.   They have a new very polished website accessible at where you can also download the GNS3 1.0 Beta 1 software. Read more on New GNS3 1.0 Beta...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

September 01, 2014 02:18 PM

Packet Pushers Blog/Podcast

Show 203 – SDN Policy + Congress with Martin Casado & Tim Hinrichs

This week, the Packet Pushers chat with Martin Casado & Tim Hinrichs about policy. What's policy, you ask? In the context of the software defined data center, policy is the big idea that what an IT system needs to do can be expressed in an abstract policy language. The need for abstraction exists because human beings aren't easily able to tell machines explicitly what they need to do build a system that conforms to a given policy.

by Packet Pushers Podcast at September 01, 2014 05:00 AM

XKCD Comics

August 30, 2014

Cisco IOS Hints and Tricks

See You in Bern on September 9th

Gabi Gerber from Security Interest Group Switzerland (SIGS) is organizing an interesting data center-focused event with dozens of sessions in Bern on September 9th.

She was kind enough to invite me as the keynote speaker (it’s pretty easy to guess what I’ll talk about) and will be around for the whole day to discuss data center design challenges, SDN, network programmability, or whatever else you’d like to talk about.

I hope to see you in real life in Bern (but you do have to register first).

by Ivan Pepelnjak ( at August 30, 2014 06:26 PM

August 29, 2014

Honest Networker
Cisco IOS Hints and Tricks

Is Data Center Trilogy Package the Right Fit to Understand Long Distance vMotion Challenges?

A reader sent me this question:

My company will have 10GE dark fiber across our DCs with possibly OTV as the DCI. The VM team has also expressed interest in DC-to-DC vMotion (<4ms). Based on your blogs it looks like overall you don't recommend long-distance vMotion across DCI. Will the "Data Center trilogy" package be the right fit to help me better understand why?

Unfortunately, long-distance vMotion seems to be a persistent craze that peaks with a predicable period of approximately 12 months, and while it seems nothing can inoculate your peers against it, having technical arguments might help.

Read more ...

by Ivan Pepelnjak ( at August 29, 2014 11:53 AM

Potaroo blog

The Cost of DNNSEC

If you’re playing in the DNS game, and you haven’t done so already, then you really should be considering turning on security in your part of the DNS by enabling DNSSEC. There are various forms of insidious attack that start with perverting the DNS, and end with the misdirection of an unsuspecting user. DNSSEC certainly allows a DNS resolver to tell the difference between valid intention and misdirection. But there's no such thing as a free lunch, and the decision to turn on DNSSEC is not without some additional cost in terms of traffic load and resolution time. In this article, I'll take our observations from running a large scale DNSSEC adoption measurement experiment and apply them to the question: What’s the incremental cost when turning on DNSSEC?

August 29, 2014 06:18 AM

XKCD Comics

August 28, 2014

My Etherealmind

Tech Notes: CheckPoint Firewall Cluster XL in 2014

Notes on the CheckPoint firewall clustering solution based on a review of the documentation in August 2014.

The post Tech Notes: CheckPoint Firewall Cluster XL in 2014 appeared first on EtherealMind.

by Greg Ferro at August 28, 2014 04:18 PM

Cisco IOS Hints and Tricks

Fate Sharing in IP Networks

My good friend Tiziano complained about the fact that BGP considers next hop unreachable if there’s an entry in the IP routing table even though the router cannot even ping the next hop.

That behavior is one of the fundamental aspects of IP networks: networks built with IP routing protocols rely on fate sharing between control and data planes instead of path liveliness checks.

Read more ...

by Ivan Pepelnjak ( at August 28, 2014 04:55 PM



Today I came across an old Cisco router with original IOS image. Big surprise (at least for me) when I did check what routing protocols are supported on this router: I was out of the game, or better not even yet had discover the networking games, when the EGP was still out there and available to be configured on the Cisco routers. Read more on EGP…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Troubleshooting with Wireshark [Riverbed lab kit]

A while ago I attended a Wireshark webinar from Riverbed in which they presented the tool, some beginner and intermediate users troubleshooting scenarios and some lab kit. Now I got an e-mail that they made it available for download at Read more on Troubleshooting with Wireshark [Riverbed lab kit]…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Live digital threats

I wanted to bring these free tools to my blog to keep track of them, as most probably I will forget about, and to share with anybody interested in gathering information in the security areas. Read more on Live digital threats…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Cisco switches and smartport macros

Smartport macros are not more than some templates you can define on Cisco switches that will apply the same configuration on multiple ports. It’s not a subject that needs too many discussions, but it can be useful for your Cisco certification preparation or real life Cisco switch administration. Read more on Cisco switches and smartport macros…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Cisco STP forward-time command trick

This is more a topic for exams, like Cisco CCIE, but also it can appear in real-world environments. Consider the following simple topology: SW1 is the spanning-tree root bridge for all VLANs. Imagine that you have a request which ask you that when a port becomes active, no matter of VLAN, it should wait 10 seconds until it transition to forwarding state. Read more on Cisco STP forward-time command trick…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

EtherChannel over 802.1q Tunneling

Consider the following topology: We have one Customer with two distributed locations (SW1, R1 and SW2, R2) connected over Provider backbone. What we want to create is something like this: If Provider support 802.1q and L2 tunneling we can achieve a nice Etherchannel between our 2 remote locations with direct CDP visibility. Also STP and VTP is supported, just like when these SW1 and SW2 switches are directly connected. Read more on EtherChannel over 802.1q Tunneling…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Ubuntu OVF images for download

Lately I’m playing a lot with virtualization features and for this I needed a rapid way to deploy from scratch new instances. First I had the virtual machines converted to templates, but then I had to rebuild from zero the entire ESXi environment and those images were gone. Read more on Ubuntu OVF images for download…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

MAC address tracking with NMS

Let’s assume that I have a port open in my Cisco switch for guest users and I would like to keep track of the new mac-addresses that are added or existing mac-addresses that are removed from that port. Read more on MAC address tracking with NMS…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Cisco 2600: How many IPv4 prefixes can fit in BGP table

Today I wanted to try and see how many IPv4 prefixes can a Cisco 2600 accommodate in BGP table both global and in VRF table. I have lying around a Cisco 2621XM with 64MB of RAM, so I said to stress it a bit like in the old days when it was productive. Read more on Cisco 2600: How many IPv4 prefixes can fit in BGP table…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

CCIE Home Lab, what to do when your router has too little Flash space for IOS

I already explained in an older post my home lab for CCIE preparation. My BB1-BB3 routers are Cisco 2600 series and the rest of R1-R6 are emulated with Dynamips. The only problem is that one of the C2600 has too little Flash space to hold the required IOS. Memory is sufficient, but Flash not. Read more on CCIE Home Lab, what to do when your router has too little Flash space for IOS…

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

August 28, 2014 12:18 PM

Packet Pushers Blog/Podcast

Designing Networks for Selfish Users is Hard

‘ On Earth Day at 1990 , New York City’s Transportation Commissioner decided to close 42d Street , which as every New Yorker knows is always congested. “Many predicted it would be doomsday,” said the Commissioner, Lucius J. Riccio. “You didn’t need to be a rocket scientist or have a sophisticated computer queuing model to […]

Author information

Orhan Ergun

Orhan Ergun, CCIE, CCDE, is a network architect mostly focused on service providers, data centers, virtualization and security.

He has more than 10 years in IT, and has worked on many network design and deployment projects.

In addition, Orhan is a:

Blogger at Network Computing.
Blogger and podcaster at Packet Pushers.
Manager of Google CCDE Group.
On Twitter @OrhanErgunCCDE

The post Designing Networks for Selfish Users is Hard appeared first on Packet Pushers Podcast and was written by Orhan Ergun.

by Orhan Ergun at August 28, 2014 08:25 AM

August 27, 2014

Cisco IOS Hints and Tricks Is on CloudFlare (and IPv6)

After a week of testing, I decided to move the main web site ( as well as some of the resource servicing hostnames to CloudFlare CDN. Everything should work fine, but if you experience any problems with my web site, please let me know ASAP.

2014-08-27: Had to turn off CloudFlare (and thus IPv6). They don't seem to support HTTP range requests, which makes video startup time unacceptable. Will have to move all video URLs (where the HTTP range requests are expected coming from streaming clients) to a different host name, which will take time.

Collateral benefit: is now fully accessible over IPv6 – register for the Enterprise IPv6 101 webinar if you think that doesn’t matter ;)

by Ivan Pepelnjak ( at August 27, 2014 08:38 PM


What Does SolarWinds Know About Your Applications?

In a Tech Field Day Extra briefing held at VMworld 2014, SolarWinds chatted with the delegation about the future of their product set. If you’re thinking of SolarWinds as that little company that does red light / green light and makes pretty meters that show network bandwidth utilization, you’ve lost track of what […]

by Ethan Banks at August 27, 2014 04:11 PM

Cisco IOS Hints and Tricks

Toolsmith @ Netflix on Software Gone Wild

I first met Elisa Jasinska when she had one of the coolest job titles I ever saw: Senior Packet Herder. Her current job title is almost as cool: Senior Network Toolsmith @ Netflix – obviously an ideal guest for the Software Gone Wild podcast.

In our short chat she described some of the tools she’s working on, including an adaptation of pmacct to environments with numerous BGP exit points (more details in her NANOG presentation).

by Ivan Pepelnjak ( at August 27, 2014 08:54 AM

The Data Center Overlords

Learn what Russ Fellows Doesn’t Know

So how’s this for a condescending tweet? @tbourke @elonden @sbdewindt ; Learn what Tony doesn’t know. See why 2 * 8 != 16. (And yes, 2 * 10 < 16 also). — EGI Russ (@russtystorage) August 27, 2014 It’s from Russ Fellows, author of the infamous FCoE “study” (which has been widely debunked for its many […]

by tonybourke at August 27, 2014 07:40 AM

Packet Pushers Blog/Podcast

HTIRW: Provider Peering Types

One of the confusing aspects of Internet operation is the difference between the types of providers and the types of peering. There are three primary types of peering, and three primary types of services service providers actually provide. The figure below illustrates the three different kinds of peering. One provider can agree to provide transit […]

Author information

Russ White

Russ White

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking on Software Defined Networks at The Future Internet in Denver in Late August, and in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, and is currently working on a new book in the area of network complexity with Addison Wesley, as well as a book on innovation from within a Christian worldview.

The post HTIRW: Provider Peering Types appeared first on Packet Pushers Podcast and was written by Russ White.

by Russ White at August 27, 2014 05:06 AM


What is Prescriptive Topology Manager (PTM) & DOT?

While browsing through the blog post about the Cumulus Linux 2.2 release as well as the release notes, I noticed several references to Prescriptive Topology Manager (PTM). Having not heard of this feature before, I dug in to discover what PTM is all about. First of all, here’s a PTM summarizing quote from […]

by Ethan Banks at August 27, 2014 05:05 AM

Packet Pushers Blog/Podcast

Show 202 – Avaya & The Critical Importance of the SDN Underlay – Sponsored

"The most interesting part of building our house was choosing the brick and trim," explains Randy Cross, Director of Product Line Management at Avaya, "but in Texas with clay soils, the most IMPORTANT element was the foundation." This podcast explains that much of the SDN hype today centers on the outer elements of SDN - API’s, controllers, and SDK’s. However, Avaya’s contention is that the most important architecture element (and the greatest source of complexity) of SDN is in the underlying network. In fact, an SDN implementation that does not remove complexity simply shifts the complexity problem from the CLI jockeys to the programmers -- yeah, it sounds better, but there is no net simplicity benefit. Ethan, Greg, and Randy have a lively discussion around how Avaya’s SPB-based underlay actually removes complexity and becomes a great foundation for an SDN implementation. Take a listen, be entertained, and perhaps even learn something. About Avaya Avaya is a leading global provider of next-generation business collaboration and communications solutions, providing unified communications, real-time video collaboration, contact center, networking and related services to companies of all sizes around the world.

by Packet Pushers Podcast at August 27, 2014 12:13 AM

XKCD Comics

August 26, 2014

Honest Networker

Redistributing routes between two OSPF processes on the same router to connect distinct IGP domains

Redistributing routes between two OSPF processes on the same router to connect distinct IGP domains

by ohseuch4aeji4xar at August 26, 2014 09:20 PM

Cisco IOS Hints and Tricks

VMware EVO:RAIL – One Stop Shopping for Your Private Cloud

Building a private cloud infrastructure tends to be a cumbersome process: even if you do it right, you oft have to deal with four to six different components: orchestration system, hypervisors, servers, storage arrays, networking infrastructure, and network services appliances.

Read more ...

by Ivan Pepelnjak ( at August 26, 2014 12:25 PM

Security to the Core | Arbor Networks Security

IPv4 Is Not Enough

Last week in Chicago, at the annual SIGCOMM flagship research conference on networking, Arbor collaborators presented some exciting developments in the ongoing story of IPv6 roll out.  This joint work (full paper here) between Arbor Networks, the University of Michigan, the International Computer Science Institute, Verisign Labs, and the University of Illinois highlighted how both the pace and nature of IPv6 adoption has made a pretty dramatic shift in just the last couple of years. This study is a thorough, well-researched, effective analysis and discussion of numerous published and previously unpublished measurements focused on the state of IPv6 deployment.

The study examined a decade of data reporting twelve measures drawn from ten global-scale Internet datasets, including several years of Arbor data that represents a third to a half of all interdomain traffic.  This constitutes one of the longest and broadest published measurement of IPv6 adoption to date. Using this long and wide perspective, the University of Michigan, Arbor Networks, and their collaborators found that IPv6 adoption, relative to IPv4, varies by two orders of magnitude (100x!) depending on the measure one looks at and, because of this, care must really be taken when looking at individual measurements of IPv6.  For example, examining only the fraction of IPv6 to IPv4 traffic, which is still just shy of 1%, is misleading, since virtually all other indicators show that IPv6 is much more ready for use and able to grow very quickly.


Measurement of IPv6 Adoption (solid green line refers to Arbor Network’s ATLAS Traffic Statistics)

In the study, differences in IPv6 deployment across global regions were also apparent. This suggests that both the incentives and obstacles to adopt the new protocol vary in different parts of the world.

Most surprisingly, the team found that over the last three years the nature of IPv6 use, in terms of traffic, content, reliance on transition technology, and performance, has shifted dramatically from prior findings, showing a maturing of the protocol into production mode.  For instance, Arbor data shows that the increase in IPv6 traffic relative to IPv4 over each of 2012 and 2013 has been phenomenal, growing more than 400% in each year — a more than quintupling. Arbor data also helped show that *how* people are using IPv6 has likewise evolved immensely, to the point where IPv6 is now largely used natively and mostly for content, neither of which was the case just three years ago.


Summary of Traffic per Customer derived from Arbor Network’s ATLAS Traffic Statistics

Interestingly, this study offers a thought-provoking rationale for the high incidence of NNTP and rsync in the IPv6 application mix.  Based on the data,  the high volumes of NNTP and rsync is likely partially due to synchronization of NNTP and software distribution data between a relatively small number of IPv6-enabled servers that resided within the research and education communities. The significant increase of HTTP and HTTPS traffic in the IPv6 application mix could correlate with a much broader increase of IPv6-connected end-user computers accessing IPv6-enabled web servers.

Screen Shot 2014-08-25 at 8.46.51 AM

Comparison of IPv6 application breakdown and convergence at similar ratios as IPv4 signaling adoption,
derived from Arbor Network’s ATLAS Traffic Statistics

These changes in adoption rate and the nature of IPv6 use come on the heels of several important IPv4 exhaustion milestones (such as the IANA address depletion event), which began in 2011. Thus, the team believes that this new phase of IPv6 rollout might have been spurred, in part, by a growing shortage of IPv4 addressing.

The study’s conclusions regarding the prevalence of untunneled native IPv6 traffic in today’s Internet are significant in that they imply a level of infrastructure readiness for IPv6. Transition technologies played an important “early adopter” role in the evolution of IPv6 technology and it now appears that IPv6 deployment has entered a stage where Internet infrastructures can support native IPv6 traffic.

In closing, the team noted that, together, IPv6′s very fast recent growth and how its use has shifted signal a true quantum leap. Twenty years after it was standardized, it looks like IPv6 is finally becoming real.

For the full presentation shared at SIGCOMM, click here or on the image below to download.

Many thanks to Jakub Czyz, Scott Iekel-Johnson, Bill Cerveny and Roland Dobbins for assistance with this post!

by Marc Eisenbarth at August 26, 2014 09:00 AM

August 25, 2014

The Networking Nerd

Moscone Madness


The Moscone Center in San Francisco is a popular place for technical events.  Apple’s World Wide Developer Conference (WWDC) is an annual user of the space.  Cisco Live and VMworld also come back every few years to keep the location lively.  This year, both conferences utilized Moscone to showcase tech advances and foster community discussion.  Having attended both this year in San Francisco, I think I can finally state the following with certainty.

It’s time for tech conferences to stop using the Moscone Center.

Let’s face it.  If your conference has more than 10,000 attendees, you have outgrown Moscone.  WWDC works in Moscone because they cap the number of attendees at 5,000.  VMworld 2014 has 22,000 attendees.  Cisco Live 2014 had well over 20,000 as well.  Cramming four times the number of delegates into a cramped Moscone Center does not foster the kind of environment you want at your flagship conference.

The main keynote hall in Moscone North is too small to hold the large number of audience members.  In an age where every keynote address is streamed live, that shouldn’t be a problem.  Except that people still want to be involved and close to the event.  At both Cisco Live and VMworld, the keynote room filled up quickly and staff were directing the overflow to community spaces that were already packed too full.  Being stuffed into a crowded room with no seating or table space is frustrating.  But those are just the challenges of Moscone.  There are others as well.

I Left My Wallet In San Francisco

San Francisco isn’t cheap.  It is one of the most expensive places in the country to live.  By holding your conference in downtown San Francisco, you are forcing your 20,000+ attendees into a crowded metropolitan area with expensive hotels.  Every time I looked up a hotel room in the vicinity of VMworld or Cisco Live, I was unable to find anything for less than $300 per night.  Contrast that with Interop or Cisco Live in Las Vegas, where sub-$100 are available and $200 per night gets you into the hotel of the conference center.

Las Vegas is built for conferences.  It has adequate inexpensive hotel options.  It is designed to handle a large number of travelers arriving at once.  While spread out geographically, it is easy to navigate.  In fact, except for the lack of Uber, Las Vegas is easy to get around in than San Francisco.  I never have a problem finding a restaurant in Vegas to take a large party.  Bringing a group of 5 or 6 to a restaurant in San Francisco all but guarantees you won’t find a seat for hours.

The only real reason I can see for holding conferences at Moscone, aside from historical value, is the ease of getting materials and people into San Francisco.  Cisco and VMware both are in Silicon Valley.  Driving up to San Francisco is much easier than shipping the conference equipment to Las Vegas or Orlando.  But ease-of-transport does not make it easy on your attendees.  Add in the fact that the lower cost of setup is not reflected in additional services or reduced hotel rates and you can imagine that attendees have no real incentive to come to Moscone.

Tom’s Take

The Moscone Center is like the Cotton Bowl in Dallas.  While both have a history of producing wonderful events, both have passed their prime.  They are ill-suited for modern events.  They are cramped and crowded.  They are in unfavorable areas.  It is quickly becoming more difficult to hold events for these reasons.  But unlike the Cotton Bowl, which has almost 100 years of history, Moscone offers not real reason to stay.  Apple will always be here.  Every new iPhone, Mac, and iPad will be launched here.  But those 5,000 attendees are comfortable in one section of Moscone.  Subjecting your VMworld and Cisco Live users to these kinds of conditions is unacceptable.

It’s time for Cisco, VMware, and other large organizations to move away from Moscone.  It’s time to recognize that Moscone is not big enough for an event that tries to stuff in every user it can.  instead, conferences should be located where it makes sense.  Las Vegas, San Diego, and Orlando are conference towns.  Let’s use them as they were meant to be used.  Let’s stop the madness of trying to shoehorn 20,000 important attendees into the sardine can of the Moscone Center.

by networkingnerd at August 25, 2014 11:10 PM

Honest Networker

How To Find A Lost Article In Google’s Cache

I had moment of confusion when a 1,200+ word analytical piece I’d written on HP networking utterly disappeared from my WordPress site. I still don’t know what happened. The piece was written, published, and linked all over social media. It was picking up page views immediately after publication. I’d seen some re-tweets and […]

by Ethan Banks at August 25, 2014 05:51 PM

Missing Synergies & HP’s SDN

As someone who’s been monitoring HP’s SDN strategy for years now, news that Bethany Mayer is headed to Ixia is rather interesting. Despite HP’s networking division having had some successes and gaining small bits of market share here and there, the fact they they are leaders in the SDN space seems to go unnoticed by the […]

by Ethan Banks at August 25, 2014 05:03 PM

My Etherealmind

Rant: VMware vCheese Becomes vChAir – Logo Parody

VMware announced the vCloud Hosted Services a while back and it was mostly known as vCheese for short. This week it was rebranded as "vCloud Air Network" and that is too much of a mouthful to keep saying as well. Don't these marketing people live in the real world ? Lets me share my suggestion .......

The post Rant: VMware vCheese Becomes vChAir – Logo Parody appeared first on EtherealMind.

by Greg Ferro at August 25, 2014 01:35 PM

Packet Pushers Blog/Podcast

Community Show – CCNA Data Center Part1 with Anthony Sequeira and Orhan Ergun

In this first part of CCNA Datacenter sessions , Anthony Sequeira and Orhan Ergun are talking about the topics in the blueprint. They identify all the technologies which you should know for the CCNA Datacenter exam. Topics include : DCICN exam which is the first exam. DCICT exam which is the second exam. Datacenter Fundamentals, Unified Computing, Unified Fabric, Storage Networking, Virtualization and Datacenter Network Services sections of the exam will be explained.   They talk about the strategy for studying and the important technologies for the CCNA Datacenter exam. This talk should be considered as preparation for the many other Datacenter related session , and obviously Anthony and Orhan are planning many other podcast for the packetpushers. Let us know which topics you would like to learn from them.

by Packet Pushers Podcast at August 25, 2014 09:34 AM

Cisco IOS Hints and Tricks

Interview: Reduce Costs and Gain Efficiencies with SDDC

A few days ago I had an interesting interview with Christoph Jaggi discussing the challenges, changes in mindsets and processes, and other “minor details” one must undertake to gain something from the SDDC concepts. The German version of the interview is published on; you’ll find the English version below.

Read more ...

by Ivan Pepelnjak ( at August 25, 2014 08:26 AM

XKCD Comics

August 24, 2014

Cisco IOS Hints and Tricks

Finally: a Virtual Switch Supports BPDU Guard

Nexus 1000V release 5.2(1)SV3(1.1) was published on August 22nd (I’m positive that has nothing to do with VMworld starting tomorrow) and I found this gem in the release notes:

Enabling BPDU guard causes the Cisco Nexus 1000V to detect these spurious BPDUs and shut down the virtual machine adapters (the origination BPDUs), thereby avoiding loops.

It took them almost three years, but we finally have BPDU guard on a layer-2 virtual switch (why does it matter). Nice!

by Ivan Pepelnjak ( at August 24, 2014 11:35 AM

August 23, 2014

Honest Networker

August 22, 2014


Replacing Traditional TV & DVR with Little Streaming Boxes

After nine years with Dish Network, I’ve replaced it with an AppleTV and Roku 3 ($99 each, last time I looked). Having done that, what’s life like without traditional TV & DVR? In a nutshell, it’s just fine. My kids watch a lot of YouTube, and did before I retired Dish. I was bored […]

by Ethan Banks at August 22, 2014 10:02 PM

What is an Automatic Transfer Switch (Power)?

In response to the power redundancy article I wrote yesterday, a few comments came in. One of them (thanks, Mike!) mentioned an automatic transfer switch (ATS), a useful tool in a redundant power strategy. What is an ATS? There are many types of electrical transfer switches whose primary purpose is to divert the […]

by Ethan Banks at August 22, 2014 07:11 PM

Cisco IOS Hints and Tricks

Cloud Orchestration System Is an Ideal Controller Use Case

A while ago I explained why OpenFlow might be a wrong tool for some jobs, and why centralized control plane might not make sense, and quickly got misquoted as saying “controllers don’t scale”. Nothing could be further from the truth, properly architected controller-based architectures can reach enormous scale – Amazon VPC is the best possible example.

Read more ...

by Ivan Pepelnjak ( at August 22, 2014 09:09 AM

XKCD Comics