“Thou Shalt Have No Chokepoints” is one of those simple scalability rules that are pretty hard to implement in real-life products. In the Distributed Data Plane part of Scaling Overlay Networks webinar I listed data plane components that can be easily distributed (layer-2 and layer-3 switching), some that are harder to implement but still doable (firewalling) and a few that are close to mission-impossible (NAT and load balancing).

I’ll be speaking at two conferences in March: SDN event in Zurich organized by fantastic Gabi Gerber, and the best boutique security conference – Troopers 15 in Heidelberg. If you’ll be attending one of these events, just grab me, drag me to the nearest coffee table, and throw some interesting questions my way ;) … and if you happen to be near one of these locations, let me know and we might figure out how to meet somewhere.

Late last year David Gee and I wanted to test another interesting gizmo: an online virtual whiteboard. David was pondering some interesting aspect of Cisco ACI and they seemed like a perfect topic for an impromptu discussion.

During a great conversation I had with Terry Slattery during Interop New York, he said “well, I don’t think anyone should be configuring VLANs and asking ‘How to configure a VLAN on a switch’ – we should be focused on providing end-to-end connectivity”, and there’s absolutely nothing in that statement that one could disagree with.

In the final part of our MPLS-focused discussion (now part of MPLS Essentials webinar), Seamus wanted to know how one could combine MPLS/VPN, MPLS-TE and QoS (for example, sending VoIP traffic for one customer over a different path).

Short answer: don’t even think about doing that. The added complexity is not worth whatever extra money you’ll be charging the customer (or not).

I expect to hear a lot about the “wonderful” idea of moving running VMs 100 msec away (across the continent) in the upcoming weeks. I would recommend you read a few of my older blog posts before considering it… and don’t waste time trying to persuade the true believers with technical arguments – talk with whoever will foot the bill or walk away.

I’m still convinced that architectures with centralized control planes (and that includes solutions relying on OpenFlow controllers) cannot scale. On the other hand, Big Switch Networks is shipping Big Cloud Fabric, and they claim they solved the problem. Obviously I wanted to figure out what’s going on and Andy Shaw and Rob Sherwood were kind enough to explain the interesting details of their solution.

Long story short: Big Switch Networks significantly extended OpenFlow.

A few days ago I completed the last chapter in the Data Center Design Case Studies book: building disaster recovery and active-active data centers. It focuses on application behavior and business needs, not on the underlying technologies; the networking technology part tends to be way easier to solve than the oft-ignored application-level challenges.

When we started planning a VMware NSX-focused podcast episode with Dmitri Kalintsev, I asked my readers what topics they’d like to see covered. Two comments that we really liked were “how do I get started with VMware NSX?” and “how do I troubleshoot this stuff?”

Cloud builders are often using my ExpertExpress service to validate their designs. Tenant onboarding into a multi-tenant (private or public) cloud infrastructure is a common problem, and tenants frequently want to retain the existing network services appliances (firewalls and load balancers).

The Combine Physical and Virtual Appliances in a Private Cloud case study describes a typical solution that combines per-tenant virtual appliances with frontend physical appliances.

Listening to some SDN pundits one gets an impression that SDN brings peace to Earth, solves all networking problems and makes networking engineers obsolete.

Cynical jokes aside, and ignoring inevitable bugs, is controller-based networking really more reliable than what we do today?

Last spring I ran an IPv6 High Availability webinar which started (not surprisingly) with a simple question: “which network components affect availability in IPv6 world, and how is a dual-stack or an IPv6-only environment different from what we had in the IPv4 world?”

This part of the webinar is now available with Free Subscription. Enjoy the video, and don't forget to explore other IPv6 resources on ipSpace net.

In one of the discussions on v6ops mailing list Matthew Petach wrote:

The probability of us figuring out how to scale the routing table to handle 40 billion prefixes is orders of magnitude more likely than solving the headaches associated with dynamic host renumbering. That ship has done gone and sailed, hit the proverbial iceberg, and is gathering barnacles at the bottom of the ocean.

Is it really that bad? Is simple renumbering in IPv6 world just another myth? It depends.

In the last video from the Network Programmability webinar Matt Oswalt answered numerous questions from the audience.

Load sharing in MPLS networks is always an interesting topic, and we couldn’t possibly avoid it during our MPLS-focused Tech Talks – watch the video.

After discussing the load sharing intricacies we briefly dabbled with the concept of entropy labels.