Whitebox Switching at the Access Layer

Whitebox switches make use of generic and generally inexpensive hardware along with a network operating system that can be purchased and installed separately. Often the hardware and software come from different vendors, and there are several reasons this practice is becoming more common especially in the data center. What I’m interested in lately is how this is relevant to the non-webscale enterprise.

Continue reading “Whitebox Switching at the Access Layer”

BGP Default Route Failover Using Reachability

Sometimes political, financial, or logistical hurdles determine how we solve networking problems. In these tricky situations we may not be able to solve the problem the way we’d prefer, but we still need to solve the problem.

In this post I’m going to look at how we can solve a WAN failover scenario when we have a default route learned from both of our service providers and a reachability problem via our primary ISP.

Continue reading “BGP Default Route Failover Using Reachability”

Amazon S3 Outage: We’ve All Been There

I’ve been thinking a little bit about the Amazon S3 incident. Not really the incident, actually, but the responses to it. More than once I read something along the lines of “I’m sure that guy got fired” with regard to the engineer who entered the fatal command.

Sure, that’s kind of funny for a quick tweet or in the greater context of a blog post on change control, but for me, I’m not sitting at my desk shaking my head right now. Instead, I’m reminded about the times I did the exact same thing (on a much smaller scale) and will probably do it again.

Continue reading “Amazon S3 Outage: We’ve All Been There”

How Do You Know That’s True?

About a thousand years ago, rather than configure routers, I taught high school English.

One day, instead of unpacking our favorite Shakespearean sonnet, I was sidetracked by a student who asked me how we know anything about electrons and how they orbit the nucleus of an atom. Apparently he asked his physics teacher the period before and got a pithy “electrons are the essence of a negativity.”

Continue reading “How Do You Know That’s True?”

Apstra: The Intent-Driven Cure for Network Blindness

Apstra, Incorporated isn’t focused on new features, more advanced silicon, or some new widget. Instead, they’re offering a different way to look at networking. Apstra offers an early form of intent-driven networking that abstracts network programmability and allows network engineers to configure intent rather than device features. We expect the network to behave in a specific way, so we configure our intent accordingly. I was very excited to meet the Apstra team at Networking Field Day 13, and they didn’t disappoint.

Continue reading “Apstra: The Intent-Driven Cure for Network Blindness”

Network Automation: Another Tool in the Toolbox

Over the last few weeks I’ve noticed a few tweets and blog posts regarding the immaturity of network automation methods and the danger in utilizing those methods in production networks. Though I agree that processes always have room to mature and that wiggling wires in a production environment always poses some risk, I believe this new emerging narrative in social media makes several assumptions that aren’t necessarily true.

Continue reading “Network Automation: Another Tool in the Toolbox”

Fate Sharing in the Network Core

Untitled

Network engineers like redundancy. It’s not that we just want double of everything – we want the networks we design and manage to be super fast, super smart, and super resilient. In the LAN and in the data center we’ve been logically joining network switches using technologies such as Cisco StackWise, the Virtual Switching System and Virtual Port Channels with fabric extenders in order to consolidate control and data plane activities and provide greater fault tolerance, easier management and multichassis etherchannel for path redundancy. These are great benefits, but they can be reaped only by proper design. Otherwise, an engineer may introduce more risk into the network rather than make it more resilient.

Continue reading “Fate Sharing in the Network Core”

Information Security: Something Doesn’t Add Up

My experience leads me to think that information security is, in actual practice, more a matter of reacting to something bad that happened in the news shaking up the C-level enough to do something. But I don’t think the solemn promises of tighter security and subsequent actions match up. I may not be able to spot a tell like Patrick Jane, but something doesn’t seem right.

Continue reading “Information Security: Something Doesn’t Add Up”

We Work with People Just as Much as we Work with Packets

Being a good network engineer requires a strong technical skill set. In fact there’s an entire industry devoted to technical training in networking technologies. We know that persistent technical training is necessary to keep pace with constant changes in technology, so I’m sure we agree that technical proficiency is important for the network engineer. If you don’t have a deep understanding of how VPN technology works, you’ll have a very difficult time troubleshooting a site-to-site VPN without the help of some [unnamed] technical assistance center. But is that all that’s required for a successful career in networking?

Continue reading “We Work with People Just as Much as we Work with Packets”

Blog at WordPress.com.

Up ↑