Category: Data Center

The next session of the Network Automation Use Cases series will take place on January 24th. Dinesh Dutt will explain describe how you can use Ansible and Jinja2 to automate data center fabric deployments, and I’ll have a few things to say about automating network security.

If you think that what Dinesh will talk about applies only to startups you’re totally wrong. UBS is using the exact same approach to roll out their new data centers; Thomas Wacker will share the details in his guest presentation in the next Building Next-Generation Data Centers online course.

I rarely get OpenFlow questions these days; here’s one I got not so long ago:

I've just spent the last 2 days of my life consuming the ONF 1.3.3 white paper in addition to the $vendor SDN guide to try and reconcile what features it does or does not support and have come away disappointed...

You’re not the only one ;)

One of my readers designing a new data center fabric that has to provide L2 transport across the data center sent me this observation:

While we don’t have plans to seek an open solution in our DC we are considering ACI or VXLAN with EVPN. Our systems integrator partner expressed a view that VXLAN is still very new. Would you share that view?

Assuming he wants to stay with Cisco, what are the other options?

Dinesh Dutt was the guest speaker in the second Leaf-and-Spine Fabric Design session. After I explained how you can use ARP/ND information to build a layer-3-only data center fabric that still supports IP address mobility Dinesh described the details of Cumulus Linux redistribute ARP functionality and demoed how it works in a live data center.

Got this comment to one of my L2-over-VXLAN blog posts:

I found the Avaya SPBM solution "right on the money" to build that L2+ fabric. Would you deploy Avaya SPBM?

Interestingly, I got that same question during one of the ExpertExpress engagements and here’s what I told that customer:

One of my readers was watching the Building Active-Active Data Centers webinar and sent me this question:

I’m wondering if you have additional info on how to address the ingress traffic flow issue? The egress is well explained but the ingress issue wasn’t as well explained.

There’s a reason for that: there’s no good answer.

Got this set of questions from one of my readers:

I just met up with DELL guys for Big Switch SDN. They claim there is no routing running on leaf switches, the BCF is purely OpenFlow.

Almost true. It is based on OpenFlow, but they use tons of their own OpenFlow extensions to get stuff to work. That’s also why you have to install their agent on the switches.

After introducing the fundamentals of Docker networking, Dinesh Dutt focused on various Docker networking options, including multi-host networking with overlays.

After watching the video, you might also want to listen to Episode 49 of Software Gone Wild with Brent Salisbury, Dave Tucker and Madhu Venugopal.

A while ago I wrote:

I haven’t seen any hard data, but intuition suggests that apart from hardware failures a standalone firewall might be more stable than a state-sharing firewall cluster.

Guillaume Sachot (working for a web hosting company) sent me his first-hand experience on this topic:

One of my readers sent me an interesting question a while ago:

Isn’t IS-IS a better fit for building L3-only networks than BGP, particularly considering that IS-IS already has a protocol to communicate with the end systems (ES-IS)?

In theory, he’s correct (see also this blog post).