Blog Posts in 2011

December 2011

• That’s it for 2011 (23 Dec 2011)
• Which virtual networking technology should I use? (21 Dec 2011)
• Is NAT a Security Feature? (20 Dec 2011)
• Help me plan new webinars in 2012 (19 Dec 2011)
• Large-scale L2 DCI: a true story (16 Dec 2011)
• VXLAN, IP multicast, OpenFlow and control planes (15 Dec 2011)
• FCoE and LAG – industry-wide violation of FC-BB-5? (14 Dec 2011)
• IPv6 Multihoming Without NAT: the Problem (13 Dec 2011)
• Decouple virtual networking from the physical world (09 Dec 2011)
• DHCPv6 server on Cisco IOS: making progress (08 Dec 2011)
• We Just Might Need NAT66/NPT66 (and Not LISP) (06 Dec 2011)
• VM-aware Networking Improves IaaS Cloud Scalability (05 Dec 2011)
• Interesting links (2011-12-04) (04 Dec 2011)
• Junos Day One: MPLS Behind The Scenes (02 Dec 2011)
• VMware vSwitch – the baseline of simplicity (01 Dec 2011)

November 2011

• Junos Day One: IS-IS for dummies (30 Nov 2011)
• Virtual Switches – from Simple to Scalable (29 Nov 2011)
• Sending Wake-on-LAN (WOL) packet with IOS Tcl (28 Nov 2011)
• MacBook Air – mixed feelings (or is it just me) (25 Nov 2011)
• Multi-Level IS-IS in a Single Area? Think Again! (23 Nov 2011)
• Junos Interfaces and Protocols: Now I get it (22 Nov 2011)
• Log the source ports of HTTP sessions (21 Nov 2011)
• Interesting links (2011-11-20) (20 Nov 2011)
• Junos versus Cisco IOS: Explicit versus Implicit (18 Nov 2011)
• Nexus vPC and Consistency Checker (17 Nov 2011)
• Junos Versus Cisco IOS: MPLS and LDP (16 Nov 2011)
• OpenFlow: Enterprise Use Cases (15 Nov 2011)
• LDP-IGP Synchronization in MPLS Networks (14 Nov 2011)
• Welcome to ipSpace.net (12 Nov 2011)
• Juniper’s Virtual Gateway – a Virtual Firewall Done Right (10 Nov 2011)
• IPv6 Security: Getting Bored @ BRU Airport (09 Nov 2011)
• Junos Day One: Translating Configurations The Geeky Way (08 Nov 2011)
• Big Switch Networks might actually make sense (07 Nov 2011)
• Interesting links (2011-11-06) (06 Nov 2011)
• RFC Tidbit: IPv6 in 3GPP mobile networks (05 Nov 2011)
• Virtual switches need BPDU guard (04 Nov 2011)
• RFC Tidbit: IPv6 Flow Label (03 Nov 2011)
• OpenFlow Deployment Models (02 Nov 2011)
• Busting Layer-2 Data Center Interconnect Myths (01 Nov 2011)

October 2011

• L2 or L3 switching in campus networks? (31 Oct 2011)
• I Apologize, but I’m Excited (30 Oct 2011)
• Network Field Day 2 and OpenFlow Symposium (29 Oct 2011)
• ExpertExpress – just what you need for a tough MPLS/VPN RFP (28 Oct 2011)
• Generic VLAN Design (27 Oct 2011)
• QFabric Part 4 – Spanning Tree Protocol (25 Oct 2011)
• OpenFlow and the State Explosion (24 Oct 2011)
• Net Field Day, here I come (24 Oct 2011)
• Some more OpenFlow Q&A (20 Oct 2011)
• BGP and Route Maps (19 Oct 2011)
• What is Nicira really up to? (18 Oct 2011)
• IPv6 End User Authentication on Metro Ethernet (17 Oct 2011)
• Follow-the-Sun Workload Mobility? Get Lost! (14 Oct 2011)
• IPv6 Stateless Autoconfiguration 101 (13 Oct 2011)
• MPLS is not tunneling (12 Oct 2011)
• What Is OpenFlow (Part 2)? (11 Oct 2011)
• VXLAN termination on physical devices (10 Oct 2011)
• Interesting links (2011-10-09) (09 Oct 2011)
• Do I need IPv6 in my Enterprise (again) (07 Oct 2011)
• CloudSwitch – VLAN extension done right (06 Oct 2011)
• Reliable or Unreliable Cloud Services? (03 Oct 2011)
• EuroNOG 2011 – the nerdy heaven (02 Oct 2011)

September 2011

• Long-distance vMotion for Disaster Avoidance? Do the Math First (30 Sep 2011)
• DMVPN: Spoke QoS Challenge (29 Sep 2011)
• QFabric Part 3 – Forwarding (28 Sep 2011)
• VXLAN: awesome or braindead? (27 Sep 2011)
• ExpertExpress – Online Help When and Where You Need It Most (26 Sep 2011)
• QFabric Part 2 – Control Plane Overview (23 Sep 2011)
• Quick question: IP multicast over an existing IP backbone (22 Sep 2011)
• QFabric Part 1 – Hardware Architecture (20 Sep 2011)
• NVGRE – because one standard just wouldn’t be enough (19 Sep 2011)
• Interesting links (2011-09-18) (18 Sep 2011)
• Responsible Generation of BGP Default Route (16 Sep 2011)
• Changing configuration with EEM – yes or no? (15 Sep 2011)
• OSPF-over-DMVPN Using Two Hub Routers (14 Sep 2011)
• You Don’t Need OpenFlow to Solve Every Age-Old Problem (13 Sep 2011)
• Long-distance IRF Fabric: Works Best in PowerPoint (12 Sep 2011)
• Shut Down BGP Session Based on Tracked Object (09 Sep 2011)
• IPv6 MPLS/VPN (6VPE) with PPPoE and RADIUS (07 Sep 2011)
• Large-Scale Bridging = Nuked Earth (06 Sep 2011)
• Nexus 1000V LACP offload and the dangers of in-band control (05 Sep 2011)
• TRILL goes to WAN – the bridging craze continues (02 Sep 2011)
• VXLAN, OTV and LISP (01 Sep 2011)

August 2011

• VXLAN: MAC-over-IP-based vCloud networking (30 Aug 2011)
• FCoE networking elements classification (30 Aug 2011)
• BGP Next Hop Processing (29 Aug 2011)
• Interesting links (2011-08-28) (28 Aug 2011)
• DMVPN as a Backup for MPLS/VPN (25 Aug 2011)
• IBGP or EBGP in an enterprise network? (24 Aug 2011)
• BGP/IGP Network Design Principles (23 Aug 2011)
• Soft Switching Might not Scale, but We Need It (22 Aug 2011)
• Quotes of the week (19 Aug 2011)
• DMVPN Deployment Success Story (18 Aug 2011)
• VM-FEX – not as convoluted as it looks (17 Aug 2011)
• Source MAC address spoofing DoS attack (16 Aug 2011)
• The Road to Complex Designs Is Paved with Great Recipes (15 Aug 2011)
• Interesting links (2011-08-14) (14 Aug 2011)
• More OSPF-over-DMVPN Questions (12 Aug 2011)
• Stop reinventing the wheel and look around (10 Aug 2011)
• High Availability Fallacies (08 Aug 2011)
• Interesting links (2011-08-07) (07 Aug 2011)
• VLANs used by Nexus 1000V (05 Aug 2011)
• Imagine the Ruckus When the Hypervisor Vendors Wake Up (03 Aug 2011)
• Building a Greenfield Data Center (01 Aug 2011)

July 2011

• Penultimate Hop Popping (PHP) demystified (27 Jul 2011)
• Asymmetric MPLS MTU problem (25 Jul 2011)
• vSphere 5.0 new networking features: disappointing (22 Jul 2011)
• Disaster Recovery: Lessons Learned (20 Jul 2011)
• Disasters Happen ... It’s the Recovery that Matters (18 Jul 2011)
• Interesting links (2011-07-17) (17 Jul 2011)
• The MPLS MTU Challenges (15 Jul 2011)
• Is Fibre Channel Switching Bridging or Routing? (13 Jul 2011)
• Do we need distributed switching on Nexus 2000? (11 Jul 2011)
• Monitor multiple interfaces with a single EEM applet (08 Jul 2011)
• Hypervisors use promiscuous NIC mode – does it matter? (06 Jul 2011)
• All MTUs are not the same (04 Jul 2011)
• Moving to summer schedule (01 Jul 2011)

June 2011

• Multisite Clusters Done Right... by None Other than Microsoft (30 Jun 2011)
• Brocade ServerIron ADX – NAT64 done right (29 Jun 2011)
• 6-to-4 load balancing is not NAT64 (28 Jun 2011)
• The beauties of dense-mode FCoE (27 Jun 2011)
• Soft (hypervisor) switching links (26 Jun 2011)
• vCider: climbing the virtual networking mountain (22 Jun 2011)
• Some More QoS Basics (21 Jun 2011)
• Automatic edge VLAN provisioning with VM Tracer from Arista (20 Jun 2011)
• Test your VMware networking skills (17 Jun 2011)
• Blast from the past: ATM and POS interfaces (16 Jun 2011)
• FCoE over TRILL ... this time from Juniper (15 Jun 2011)
• QoS in Large-Scale DMVPN Networks (14 Jun 2011)
• Stretched Clusters: Almost as Good as Heptagonal Wheels (10 Jun 2011)
• Random MPLS/VPN Q&A (07 Jun 2011)
• VN-Tag/802.1Qbh basics (03 Jun 2011)
• Getting ready for World IPv6 Day ... in six days (02 Jun 2011)
• Speculation: This is how I would build QFabric (01 Jun 2011)

May 2011

• EVB (802.1Qbg) – the S component (31 May 2011)
• Building CsC-enabled MPLS backbone (30 May 2011)
• For the Record: I Am Not Against OpenFlow ... (27 May 2011)
• MPLS/VPN Transport Options (26 May 2011)
• Data Center Fabric Architectures update#1 (25 May 2011)
• Scalability of Common Services MPLS/VPN topology (24 May 2011)
• Interesting links (2011-05-22) (22 May 2011)
• IPv6 Neighbor Discovery exhaustion attack and IPv6 subnet sizes (20 May 2011)
• Router reload after 15 minutes of failed pings (19 May 2011)
• Scaling IaaS network infrastructure (17 May 2011)
• Ignoring STP? Be careful, be very careful (13 May 2011)
• FlexNetwork: the first impressions (12 May 2011)
• NAT64: it’s all about the legacy content (11 May 2011)
• OpenFlow Is Like IPv6 (10 May 2011)
• Complexity Belongs to the Network Edge (09 May 2011)
• Yearly subscription: too good to be true? (06 May 2011)
• Edge Virtual Bridging (EVB; 802.1Qbg) eases VLAN configuration pains (05 May 2011)
• OSPF and Connected Networks: To Redistribute or Not? (03 May 2011)
• NHRP Convergence Issues in Multi-Hub DMVPN Networks (02 May 2011)
• Interesting links (2011-05-01) (01 May 2011)

April 2011

• OpenFlow 1.1 in hardware: I was wrong (again) (29 Apr 2011)
• DMVPN Spoke NHRP Behavior Changed in IOS Release 15.0M (28 Apr 2011)
• New Data Center switches from Force10 (26 Apr 2011)
• Virtual network appliances: benefits and drawbacks (21 Apr 2011)
• Spoke-to-Spoke IP Multicast over DMVPN? (20 Apr 2011)
• OpenFlow FAQ: Will the Hype Ever Stop? (19 Apr 2011)
• Distributed Firewalls: a Ticking Bomb (18 Apr 2011)
• Interesting links (2011-04-17) (17 Apr 2011)
• OSPF Route Selection Rules (16 Apr 2011)
• VPLS versus OTV for L2 Data Center Interconnect (DCI) (15 Apr 2011)
• MPLS/VPN in Data Center Interconnect (DCI) Designs (14 Apr 2011)
• (v)Cloud Architects, ever heard of MPLS? (13 Apr 2011)
• vCloud Director Network Isolation (vCDNI) scalability (12 Apr 2011)
• OpenFlow: BIOS Does Not a Server Make (08 Apr 2011)
• DMVPN: How to Get from Zero to Hero? (07 Apr 2011)
• What is OpenFlow? (05 Apr 2011)
• Brocade VCS fabric has almost-perfect load balancing (04 Apr 2011)
• Interesting links (2011-04-03) (03 Apr 2011)
• Cisco and Brocade working together on interoperable TRILL products (01 Apr 2011)

March 2011

• Open Networking Foundation – Fabric Craziness Reaches New Heights (31 Mar 2011)
• NAT-PT is dead! Long live NAT-64! (29 Mar 2011)
• MPLS/VPN-over-GRE-over-IPSec: Does It Really Work? (28 Mar 2011)
• VRF-aware services in Cisco IOS (25 Mar 2011)
• TRILL/Fabric Path – STP Integration (24 Mar 2011)
• IPv6-Enabling Your Legacy Applications with F5 BIG-IP LTM (23 Mar 2011)
• Don’t Try to Fake Multi-chassis Link Aggregation (MLAG) (21 Mar 2011)
• IPv6 security issues: Fixing implementation problems (17 Mar 2011)
• You can't ignore IPv6 any longer (in seven steps) (16 Mar 2011)
• Does Bridge Assurance Make UDLD Obsolete? (15 Mar 2011)
• Get the right troubleshooting tools for the job (14 Mar 2011)
• Ensuring multi-tenant security in cloud services (11 Mar 2011)
• Framed-IPv6-Prefix used as delegated DHCPv6 prefix (10 Mar 2011)
• Delegated IPv6 prefixes – RADIUS configuration (08 Mar 2011)
• Internet morons are so amazing! (05 Mar 2011)
• Don’t lie about proprietary protocols (04 Mar 2011)
• The Data Center Fabric architectures (03 Mar 2011)
• DHCPv6-RADIUS integration: the Cisco way (02 Mar 2011)
• IPv6CP+DHCPv6+SLAAC+RA = IPCP (01 Mar 2011)

February 2011

• Traffic Trombone (what it is and how you get them) (28 Feb 2011)
• What exactly makes something “mission critical”? (25 Feb 2011)
• L2 DCI with MLAG over VPLS transport? (24 Feb 2011)
• Looking for vCDNI packet traces (23 Feb 2011)
• Yearly subscription now available without a webinar registration (22 Feb 2011)
• DHCPv6+SLAAC+RA = DHCPv4 (21 Feb 2011)
• How would you use VPLS transport in L2 DCI? (18 Feb 2011)
• VEPA or vCloud Network Isolation? (17 Feb 2011)
• FCoMPLS – attack of the zombies (16 Feb 2011)
• Why would FC/FCoE scale better than iSCSI? (15 Feb 2011)
• Load sharing in MPLS/VPN networks with route reflectors (14 Feb 2011)
• Doing more with less (13 Feb 2011)
• Local Area Mobility (LAM) – the true story (11 Feb 2011)
• Changing VPNv4 route attributes within the MPLS/VPN network (10 Feb 2011)
• Layer-3 gurus: asleep at the wheel (09 Feb 2011)
• How did we ever get into this switching mess? (08 Feb 2011)
• Changing IP precedence values in router-generated pings (07 Feb 2011)
• The week of blunders (05 Feb 2011)
• EEM QA: what were they (not) doing? (04 Feb 2011)
• End-to-End QoS marking in MPLS/VPN-over-DMVPN networks (02 Feb 2011)
• IPv6 Provider Independent Addresses (01 Feb 2011)

January 2011

• Open FCoE – Software implementation of the camel jetpack (31 Jan 2011)
• Interesting links (2010-01-30) (30 Jan 2011)
• Stop accidental scheduled router reloads (28 Jan 2011)
• VMware Cluster: Up and Running in Three Hours (27 Jan 2011)
• vSwitch in Multi-chassis Link Aggregation (MLAG) environment (26 Jan 2011)
• VMware vSwitch does not support LACP (25 Jan 2011)
• Intelligent Redundant Framework (IRF) – Stacking as Usual (24 Jan 2011)
• Interesting links (2011-01-23) (23 Jan 2011)
• VPN Network Design: Selecting the Technology (20 Jan 2011)
• Configuring OSPF in a Phase 2 DMVPN network (19 Jan 2011)
• DMVPN Phase 2 Fundamentals (18 Jan 2011)
• OSPF Configuration in Phase 1 DMVPN Network (17 Jan 2011)
• DMVPN Phase 1 Fundamentals (14 Jan 2011)
• Sometimes You Need to Step Back and Change Your Design (13 Jan 2011)
• MPLS/VPN over mGRE strikes again (12 Jan 2011)
• EEM event cli command options and the _exit_status variable (11 Jan 2011)
• Interesting links (2011-01-09) (09 Jan 2011)
• The Big Picture (08 Jan 2011)
• Using BGP in Phase 1 DMVPN network (07 Jan 2011)
• Campfire: the true story of MPLS (05 Jan 2011)
• Schedule reload before configuring the router (04 Jan 2011)
• Interesting links (2011-01-02) (02 Jan 2011)