Blog Posts in August 2018

Traditional Leaf-and-Spine Fabric Versus Cisco ACI

One of my subscribers wondered whether it would make sense to build a traditional leaf-and-spine fabric or go for Cisco ACI. He started his email with:

One option is a "standalone" Spine/Leaf VXLAN-with EVPN deployment based on Nexus equipment. This approach could probably be accompanied by some kind of automation like Ansible to ease operation/maintenance of the network.

This is what I would do these days if the customer feels comfortable investing at least the minimum amount of work into an automation solution. Having simpler technology + well-understood automation solution is (in my biased opinion) better than having a complex black box.

read more see 9 comments

Interview: Benefits of Network Automation (Part 2)

As promised, here’s the second part of my Benefits of Network Automation interview with Christoph Jaggi published in German on Inside-IT last Friday (part 1 is here).

What are some of the challenges?

The biggest challenge everyone faces when starting the network automation is the snowflake nature of most enterprise networks and the million one-off exceptions we had to make in the past to cope with badly-designed applications or unrealistic user requirements. Remember: you cannot automate what you cannot describe in enough details.

read more add comment

Updated: Networking Modules in Building Next-Generation Data Centers Online Course

We migrated the self-study materials for the network infrastructure and services module of the Building Next-Generation Data Centers online course into the new format, and split the largest module of the course into manageable chunks: data center fabrics 101, designing leaf-and-spine fabrics, overlay virtual networking, IPv6 and network services.

Feedback on the new format is obviously highly welcome. Thank you!

add comment

Security Aspects of SD-WAN Solutions

Christoph Jaggi, the author of Transport and Network Security Primer and Ethernet Encryption webinars published a high-level introductory article in Inside-IT online magazine describing security deficiencies of SD-WAN solutions based on the work he did analyzing them for a large multinational corporation.

As the topic might be interesting to a wider audience, I asked him to translate the article into English. Here it is…

read more see 7 comments

Reality Check: Self-Driving Networks

I stumbled upon an article with an interesting title (and worth reading): To Make Self-Driving Cars Safe, We Also Need Better Roads and Infrastructure… and thought about the claims along the lines of “if they managed to solve the self-driving cars challenge, it’s realistic to expect self-driving networks” made in Self-Driving Networks podcast episode. Turns out the self-driving cars problem is far far away from being solved.

read more see 2 comments

Upcoming Webinars and Events: Autumn 2018

The summer break is over, and we’ve already scheduled a half-dozen events and webinars in August and September:

We’ll run an event or webinar in almost every single week in September:

read more add comment

Worth Reading: The Cargo Cult of Google Tools

Tom Hollingsworth published a great blog post summarizing Cloud Field Day presentation by Ben Sigelman.

TL&DR: You’re not Google, you don’t have their problems, and so you’re probably not a good match for their tools.

While this shouldn’t come as a surprise to regular readers of my blog (here’s what I wrote on the topic in 2016), it’s refreshing to see it spelled out so eloquently (and by an ex-Googler).

add comment

GitOps in Networking

This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.

Tom Limoncelli published a must-read article in ACM Queue describing GitOps – the idea of using Pull Requests together with CI/CD pipeline to give your users the ability to request changes to infrastructure configuration.

Using GitOps in networking is nothing new – Leslie Carr talked about this concept almost three years ago @ RIPE 71, and I described some of the workflows you could use in Network Automation 101 webinar.

read more see 1 comments

Updated: First Set of Building Next-Generation Data Centers Self-Study Materials

When I started the Building Next-Generation Data Centers online course, I didn’t have the automated infrastructure to support it, so I had to go with the next best solution: a reasonably-flexible Content Management System, and Mediawiki turned out to be a pretty good option.

In the meantime, we developed a full-blown course support system, included guided self-paced study (available with most ipSpace.net online course), and progress tracking. It was time to migrate the data center material into the same format.

read more add comment

Another Benefit of Open-Source Networking Software

You probably know my opinion on nerd knobs and the resulting complexity, but sometimes you desperately need something to get the job done.

In traditional vendor-driven networking world, you might be able to persuade your vendor to implement the knob (you think) you need in 3 years by making it a mandatory requirement for a $10M purchase order. In open-source world you implement the knob, write the unit tests, and submit a pull request.

read more add comment
Sidebar