Build a Lab!

Working for a VAR means that I’m quickly moving from customer to customer, from project to project, and from technology to technology. Often there’s an expectation that I’m able to configure anything and everything on the fly, and with little to no knowledge of a customer’s network. However, moving at this pace and having to touch so many technologies means that I’m sometimes working with tech I’m only vaguely familiar with and without enough hours to dig into training.

Continue reading “Build a Lab!”

Advertisements

Making A Change on Secondary Cisco ISE Server Broke Application Service

Recently I was in the midst of setting up a simple two node Cisco ISE 2.3.0.298 cluster and got to the stage when I registered the secondary node through the GUI of the primary. At that point, things wouldn’t work.

Continue reading “Making A Change on Secondary Cisco ISE Server Broke Application Service”

Engage with the Networking Community

I’ve been an active part of the networking community on social media for only a few years. Before that I was a passive consumer of tweets, blogs, and videos. A previous manager inspired me to be more active, and very quickly after engaging directly with bloggers, podcasters, and engineers, the value of being an active participant became very clear to me.

Continue reading “Engage with the Networking Community”

Simplifying Network Security with Context-Aware Micro-Segmentation

I spent about a year completely focused on network security, and one thing I learned was that spending all my time focused on securing the perimeter to the neglect of intra-LAN traffic was a recipe for disaster.

Most of the traffic in our data centers is east-west, with only a small fraction actually being northbound out to the rest of the world. The cost of massive firewall appliance clusters operating at line-rate is astronomical, and it doesn’t make sense to punt traffic all over the place if there’s a better way.

Continue reading “Simplifying Network Security with Context-Aware Micro-Segmentation”

Locating Wireless Clients and Location History in Cisco Prime with CMX

Locating a wireless client in real time and viewing its location history in Cisco Prime Infrastructure is a little bit different with CMX than with MSE. In this post we’ll walk through the few steps to locate a wireless client among all your maps and then view its location history.

Continue reading “Locating Wireless Clients and Location History in Cisco Prime with CMX”

Networking is Finally Catching Up

Servers, especially Linux servers, have been managed programmatically for years. Today, it goes almost without saying that a decent IT department is running Chef, Ansible, or some other tool to manage their servers as pools of resources.

What strikes me as odd is that this didn’t catch on in the network side of the house. Of course, there are always exceptions. A look at networking forums from years ago will showcase a few ambitious engineers arguing over using Expect or Perl scripts to manage their switches, but this was the exception in the networking industry, not the norm.

At Networking Field Day 17, several vendors that have long embraced network programmability turned their gaze from the data center to enterprise networking, and it seems as if networking may be finally ready to catch up to what we’ve been doing with servers for decades.

Continue reading “Networking is Finally Catching Up”

Helpful Mnemonic Devices for Networking

When I was a new high school English teacher I sat through a class on grammar my department chair taught to her 7th graders explaining a preposition is a word that describes anywhere a mouse can go. I’ve never forgotten that.

A few years later I changed careers to IT and found some very helpful mnemonic devices and acronyms that helped me remember various aspects of networking.

Here are a few that I used over the years:

Continue reading “Helpful Mnemonic Devices for Networking”

Dual WAN Router with Dual ISP Using BGP and OSPF

There are a small variety of methods to implement failover of your WAN perimeter between two ISPs. In this post we’ll look at one way to accomplish this goal with a few technical requirements.

Keep in mind that there are several ways to accomplish this same goal depending on the hardware available, the flexibility of the ISPs, and the skill level or preference of the engineer.

This topology utilizes two edge routers and two ISPs instead of the single edge router design I wrote about recently (you can read that here). For this post we’re using Cisco routers, but the concepts apply universally. Our requirements are that we maintain connectivity from our inside host to the internet in the event one of the company routers fails or one of the ISPs fails. Failover and fail-back must be automatic with no manual intervention.

Continue reading “Dual WAN Router with Dual ISP Using BGP and OSPF”

Whitebox Switching at the Access Layer

Whitebox switches make use of generic and generally inexpensive hardware along with a network operating system that can be purchased and installed separately. Often the hardware and software come from different vendors, and there are several reasons this practice is becoming more common especially in the data center. What I’m interested in lately is how this is relevant to the non-webscale enterprise.

Continue reading “Whitebox Switching at the Access Layer”

SD-WAN as a Service: Just Give Me an Ethernet Handoff

SD-WAN as a Service is coming to the marketplace as something to be be consumed, not owned. IT decision makers just want an ethernet handoff, and a managed WAN is already a common professional service, so for the typical IT manager, the case for SD-WAN as a Service is ease of use and cost savings. Very little else.

Continue reading “SD-WAN as a Service: Just Give Me an Ethernet Handoff”

By Engineers, For Engineers

If you haven’t heard, the networking community is awesome. I’ve made some great friends, developed strong new relationships, and I’ve had the incredible luxury to bounce ideas off some seriously talented people. However, whether it’s through various Slack groups, Google hangouts, or private email chains, it’s all been relatively private. Not much makes its way onto Twitter, and not as much as I’d like makes it into blog posts.

Continue reading “By Engineers, For Engineers”

Create a free website or blog at WordPress.com.

Up ↑