Building Network Automation Solutions
6 week online course starting in September 2017

Response: Firefighters and Fire Marshals

In a recent blog post Tom Hollingsworth made a great point: we should refocus from fighting one fire at a time to preventing fires.

I completely agree with him. However…

Learn SDN with Virtual Routers and Switches

Bryan would love to get hands-on SDN experience and sent me this question:

I was recently playing around with Arista vEOS to learn some Arista CLI as well as how it operates with an SDN controller. I was wondering if you know of other free products that are available to help people learn.

Let’s try to do another what-is-out-there survey.

Cumulus Linux Base Technologies

Dinesh Dutt started his part of the Data Center Fabrics Update webinar with “what is Cumulus Linux all about” and “what data center architectures does it support” and then quickly jumped into details about the base technologies used by Cumulus Linux: MLAG and IP routing.

Not surprisingly, the MLAG part generated tons of questions, and Dinesh answered all of them, even when he had to say “we don’t do that”.

DHCP Details You Didn’t Know

If you’ve been a networking engineer (or a sysadmin) for a few years, you must be pretty familiar with DHCP and might think you know everything there is to know about this venerable protocol. So did I… until I read the article by Chris Marget in which he answers two interesting questions:

  • How does the DHCP server (or relay) send DHCP offer to the client that doesn’t have an IP address (and doesn’t respond to ARP)?
  • How does the DHCP client receive the DHCP responses if it doesn’t have an IP address?

VSAN: As Always, Latency Is the Real Killer

When I wrote my stretched VSAN post, I thought VSAN uses asynchronous replication across WAN. Duncan Epping quickly pointed out that it uses synchronous replication, and I fixed the blog post.

The “What about latency?” question immediately arose somewhere in my subconscious, but before I could add that thought to the blog post (because travel), Anders Henke wrote a lengthy comment that totally captured what I was thinking, so I’m including it in its entirety:

Renewing Subscription before It Expires

One of my subscribers asked me: “My subscription is valid till early December. How could I renew it now (due to budgetary reasons)?

While I already had the process to do just that, there was no link that one could use (you had to know the correct URL). I’ve fixed that – you’ll find the renewal link on the first page of

Response: SDN is eating vendors’ lunch

Another week, another story from the SDN land, this time The Register reporting on AT&T plans. Even though there are almost no details in the story, the headline boasts that “SDN is eating vendors’ lunch”, prompting SDN hopefuls on LinkedIn groups to claim that “the promise of SDN is fast coming to fruition.”

Not so fast.

DLSP – QoS-Aware Routing Protocol on Software Gone Wild

When I asked “Are there any truly QoS-aware routing protocols out there?” in one of my SD-WAN posts, Marcelo Spohn from ADARA Networks quickly pointed out that they have one – Dynamic Link-State Routing Protocol.

He also claimed that DLSP has no scalability concerns – more than enough reasons to schedule an online chat, resulting in Episode 40 of Software Gone Wild. We didn’t go too deep this time, but you should get a nice overview of what DLSP is and how it works.

VMware VSAN Can Stretch – Should It?

Pirmin Sidler read the stretched VSAN blog posts by Duncan Epping (intro, HA/DRS considerations, demo) and asked me what I think about stretched VSAN considering my opinions on long-distance vMotion.

TL&DR answer: it makes way more sense than long-distance vMotion. However…

Why It's Hard to Deploy SDN-Like Functionality Today

Whenever I talk about the various definitions of SDN (ending with the “SDN provides an abstraction layer”), old-timers sitting quickly realize that the SDN products that you can deploy in real life aren’t that different from what we did in the past – an SDN controller is often just an overhyped glorified network services orchestration system.

OK, so why didn’t we have that same functionality for the last 20 years?

The Autumn Cloud/SDN Roadtrip

One of my kids recently asked me whether I plan to travel somewhere during the autumn. The answer was “a bit” surprising: Boston (just got back), Zurich, Bern, Stockholm, Ljubljana, Heidelberg, Nuremberg, Rome, Miami, Ljubljana, Helsinki, and maybe Munich and/or another trip to Zurich… so I might not be able to blog as frequently as usual.

Most of those trips are public events (hyperlinked). If you’re anywhere close one of those cities, check them out and drop by.

VXLAN Hardware Gateway Overview

One of my readers stumbled upon a 4-year-old blog post explaining the potential implementations of VXLAN hardware gateways, and asked me if that information is still relevant.

I knew that I’d included tons of information in the Data Center Fabrics and VXLAN Deep Dive webinars, but couldn’t find anything on the web, so let’s fix that.

Basics of IPv6 Addressing

Another Friday, another short IPv6 video (didn’t have time to create anything more substantial this week). This one describes the basics of IPv6 addressing – I know most of you don’t need it, but do forward the link to friends who are still struggling with IPv6 basics.

Lego Bricks and Network Operating Systems

One of the comments I got on my Lego Bricks & BFT blog post was “well, how small should those modular Lego bricks be?

The only correct answer is “It should be Lego bricks all the way down” or (more formally) “Modularity is a concept that should be applied at every level of the architecture.

Today let’s focus on how much easier the life would be if we could take apart the network operating systems instead of just watching them as glued-together Death Stars.

Blessed by Gartner: Stretched VLANs Make Little Sense

One of my readers recently pointed me to a blog post written by Andrew Lerner from Gartner describing the drawbacks of stretched VLANs.

TL&DR: He’s saying more-or-less the same things I’ve been preaching for years. Now I can put Blessed by Gartner logo on my blog posts ;), and you can use the report to sway your CIO.

See You in Bern on September 16th

TL;DR: Gabi Gerber from Data Center Interest Group Switzerland (DIGS) is organizing a day-long Data Center event on September 16th, and invited me (again) as the keynote speaker. Do drop by to discuss data center design and automation challenges.

Use nProbe and ELK Stack to Build a Netflow Solution on Software Gone Wild

How do you capture all the flows entering or exiting a data center if your core Nexus 7000 switch cannot do it in hardware? You take an x86 server, load nProbe on it, and connect the nProbe to an analysis system built with ELK stack… at least that’s what Clay Curtis did (and documented in a blog post).

Obviously I wanted to know more about his solution and invited him to the Software Gone Wild podcast. In Episode 39 we discussed:

How Complex Is Your Data Center?

Sometimes it seems like the networking vendors try to (A) create solutions in search of problems, (B) boil the ocean, (C) solve the scalability problems of Google or Amazon instead of focusing on real-life scenarios or (D) all of the above.

Bryan Stiekes from HP decided to do a step in the right direction: let’s ask the customers how complex their data centers really are. He created a data center complexity survey and promised to share the results with me (and you), so please do spend a few minutes of your time filling it in. Thank you!

Private and Public Clouds, and the Mistakes You Can Make

A few days ago I had a nice chat with Christoph Jaggi about private and public clouds, and the mistakes you can make when building a private cloud – the topics we’ll be discussing in the Designing Infrastructure for Private Clouds workshop @ Data Center Day in Berne in mid-September.

The German version of our talk has been published on Inside-IT; those of you not fluent in German will find the English version below.

Path MTU Discovery Doesn’t Work with IP Multicast

A friend of mine sent me an interesting problem:

I noticed recently that my IOS routers aren't sending ICMP (unreachable; frag needed) messages in response to too-big IPv4 multicast packets with DF-bit set. They're just dropping these packets silently, breaking PMTUD.

Unfortunately, that’s not a bug but a FAD (Functions-as-Designed).