Building network automation solutions

9 module online course

Start now!

Category: network management

More Open-Source Network Management Tools on Software Gone Wild

After listening to Open-Source Network Engineer Toolbox Nick Buraglio sent me an email saying “we should do another podcast on open-source network management tools…” and so we did. In Episode 56 of Software Gone Wild Nick, Elisa Jasinska and myself discussed a whole range of network management challenges and open-source tools you can use to address them.

read more see 1 comments

Test-Driven Network Development with Michael Kashin on Software Gone Wild

Imagine you’d design your network by documenting the desired traffic flow across the network under all failure conditions, and only then do a low-level design, create configurations, and deploy the network… while being able to use the desired traffic flows as a testing tool to verify that the network still behaves as expected, both in a test lab as well as in the live network.

read more see 1 comments

Survey: Vendor NETCONF and REST API Support

Time for another fill-in-the-blanks survey: how many vendors support NETCONF and/or REST API in their data center switches, routers, firewalls and load balancers?

Please help me complete the tables by writing a comment – and do keep in mind that it only counts if it’s documented in a public configuration guide on vendor’s web site.

Also, I’m not aware of any vendor using standard NETMOD YANG models. If someone does, please let me know.

read more see 20 comments

Ever Heard of Role-Based Access Control?

During my recent SDN workshops I encountered several networking engineers who use Nexus 1000V in their data center environment, and some of them claimed their organization decided to do so to ensure the separation of responsibilities between networking and virtualization teams.

There are many good reasons one would use Nexus 1000V, but the one above is definitely not one of them.

read more see 4 comments

Use nProbe and ELK Stack to Build a Netflow Solution on Software Gone Wild

How do you capture all the flows entering or exiting a data center if your core Nexus 7000 switch cannot do it in hardware? You take an x86 server, load nProbe on it, and connect the nProbe to an analysis system built with ELK stack… at least that’s what Clay Curtis did (and documented in a blog post).

Obviously I wanted to know more about his solution and invited him to the Software Gone Wild podcast. In Episode 39 we discussed:

read more see 4 comments

Industry Thoughts in 30 seconds

A while ago someone working for an IT-focused media site approached me with a short list of high-level questions. Not sure when they’ll publish the answers, so here they are in case you might find them interesting:

What can enterprises do to ensure that their infrastructure is ready for next-gen networking technology implementations emerging in the next decade?

Next-generation networks will probably rely on existing architectures and forwarding mechanisms, while being significantly more uniform and heavily automated.

read more see 3 comments

Network Monitoring in SDN Era on Software Gone Wild

A while ago Chris Young sent me a few questions about network management in the brave new SDN world. I never focused on network management, but I know a few people who do, including Terry Slattery and Matt Oswalt. Interop brought us all together, and we sat down one evening after the presentations to chat about the challenges of monitoring and managing SDN networks.

We started with easy things like comparing monitoring results from virtual and physical switches (and why they’ll never match and do we even care), and quickly diverted into all sorts of potential oscillations caused by overly-dynamic load balancing caused by flow label-based ECMP and flowlets.

read more add comment

ntopng Deep Dive with Luca Deri on Software Gone Wild

PF_RING is a great open-source project that enables extremely fast packet processing on x86 servers, so I was more than delighted when Paolo Lucente of the pmacct fame introduced me to Luca Deri, the author of PF_RING.

When we started chatting, we couldn’t resist mentioning ntopng, another open-source project Luca is working on.

read more see 3 comments

Evaluation Guide: Encryptors for Metro and Carrier Ethernet

Christoph Jaggi, the author of Metro Ethernet and Carrier Ethernet Encryption Market Overview published an awesome follow-up document: an evaluation guide that lists most of the gotchas one has to be aware of when considering encryption gear, from deployment scenarios, network overhead and key exchange details to operational considerations. If you have to deal with any aspect of network encryption, this document is a must-read.

see 2 comments

Pmacct: the Traffic Analysis Tool with Unpronounceable Name

SDN evangelists talking about centralized traffic engineering, flow steering or bandwidth calendaring sometimes tend to gloss over the first rule of successful traffic engineering: Know Thy Traffic.

In a world ruled by OpenFlow you’d expect the OpenFlow controller to know all the traffic; in more traditional networks we use technologies like NetFlow, sFlow or IPFIX to report the traffic statistics – but regardless of the underlying mechanism, you need a tool that will collect the statistics, aggregate them in a way that makes them usable to the network operators, report them, and potentially act on the deviations.

read more add comment

Network Automation: Just Do It!

On the very same day that I published the CLI is Not the Problem post I stumbled upon an interesting discussion on the v6ops mailing list. It all started with a crazy idea to modify BGP to use 128-bit router ID to help operators that think they can manually configure large IPv6-only networks without any centralized configuration/management authority that would assign 32 bit identifiers to their routers.

The discussion quickly deteriorated into you really need a provisioning system and in one of the responses Jared Mauch provided a link to a NANOG presentation by Shawn Morris from NTT.

read more see 7 comments

Why Can't We Have Plug-and-Play Networking?

Every time I plug a new device into my Windows laptop and it automatically discovers the device type, installs the driver, configures the devices, and tells me it’s ready for use, I wonder why we can’t have get the same level of automation in networking.

Consider, for example, a well-known vSphere link failover issue: if you forget to enable portfast on server-facing switch ports, some VMs lose connectivity for up to 30 seconds every time a switch reloads.

read more see 11 comments

Network Monitoring with OpenFlow

You know how hard it is to get the network traffic statistics: interface counters are too coarse, Netflow records are too granular, Sflow is sampling… life is hard for network monitoring Goldilocks.

In the Network Monitoring video (part of Real-Life OpenFlow Use Cases webinar) I explained an interesting alternative: you could get (hardware permitting) traffic counters with ever OpenFlow flow entry, resulting in any granularity you need.

see 1 comments
Sidebar