Enterprise Cloud Computing - Build Your Own With Cisco VFrame - Why Wait ?

I can see some value in external Cloud Computing, but why not just build your own with Cisco ? Take a bunch of leftover machines, that old storage system and get a demo version and make your own. Read more

Autonegotiation on Ethernet - It Works, It Should Be Mandatory!

EVERYONE - Autosensing on ethernet works just fine, and all manufacturers recommend using autosensing. Why aren’t you !

Lets look at how it works and why you should be using it.

Read more

Configuring Windows 2003 / XP SP2 to Use IOS NTP Server

In certain networks, it is difficult to get the time on your servers to be exactly the same as the NTP time on your network equipment. In this case, you want to force the Windows servers to use the same NTP Network time source as your routers and switches. But Microsoft Windows doesn’t understand NTP by default, it has its own ‘way’ of setting up NTP so you need a little tweak to make it compatible.
Read more

Fast Introduction to SOCKS Proxy

Introduction

In the Blue Coat forums I often see people ask questions about SOCKS that show they haven’t taken the time to learn what it is. This is a fast introduction to what SOCKS is.
Read more

Article: The Future of Storage - Seven Fundamental Reasons Why FCoE Will Fail

An article I wrote on concerns about FCoE adoption has been posted at The Future of Storage and reviews seven reasons why FCoE might not achieve critical mass in the marketplace.

Feedback appreciated. Is anyone considering using FCoE in real life ?

Read more

iSCSI Network Designs: Part 5 - iSCSI Multipathing, Host Bus Adapters, High Availability and Redundancy

In iSCSI Part 3 - Server Side - iSCSI Host Bus Adapters and IP Performance I looked at how server side issues would affect the traffic generated on a per server basis. I recommended that you use iSCSI HBAs for high intensity servers to meet the high levels of performance.

The next level is evaluate how the server should connect to the network, specifically, this means how many ethernet ports you need, and what configuration is needed to support them to deliver high availability / redundancy and increased bandwidth.

Read more

Don’t Tell Me iSCSI Is Complicated if Fibrechannel Looks Like This

I am working my way through the next couple of articles on iSCSI Network Design. Its getting complicated is some ways. I noticed this article todayhttp://vinf.net/2008/04/09/how-does-an-hp-fibre-channel-virtual-connect-module-work/ explaining how Fibrechannel failover work for a HP Fibrechannel Virtual Connect in a blade server chassis. It is all rather confusing, and seemingly no more complex that the iSCSI network design.

Read more

iSCSI Network Designs: Part 4 - Fibrechannel Integration

Its possible that you would already have some Fibrechannel in your estate. Perhaps the cost of Fibrechannel for some new servers is too much when you calculate the HBA and Fibrechannel switch port costs, or you don’t need the complexity of Fibrechannel for a simple server setup. Lets look at options for connecting to the Fibrechannel nteworks.
Read more

Nerdgasm: Cisco ACE Web Application Firewall Announced

Cisco announces the Web Application Features for the ACE module

Read more

iSCSI Network Designs: Part 3 - Server Side - iSCSI Host Bus Adapters and IP Performance

I have been researching iSCSI impementations on the server to try and understand the dfference between them and to come to grips with how they work. This article looks to compare the various methods of connecting to a iSCSI network.

It seems that many people do not know or understand that the generation and transmission of IP packets is CPU intensive process. In some operating systems, it can also be very latent since there are many transfers across the memory bus and the PCI bus before the data is actually transmitted.

Read more

Data Networks - More Reliable to Than Storage Networks ?

I was participating in a storage design discussion and a Storage person threw up their most common complaint about networking - “we don’t know how to build reliable networks”. Let me take a shot at that. Read more

iSCSI Network Designs: Part 2 - Simple Scaling

We have looked at a simple iSCSI network solution in iSCSI Network Designs Part 1. We have kept the storage traffic separated from our data for operational reasons. But we are limited to 1GB/s and the port density of the switch.
Read more

iSCSI Network Designs: Part 1 - Introduction and Basics

I am working on a Data Centre that has more than 500 servers and we are considering what our storage strategy should be. This is why I have been looking at FCoE and iSCSI and establishing the benefits (or not).

My next few posts will be a “stream of consciousness” on possible designs for an iSCSI infrastructure.

Read more

Fixing the Unfairness of TCP Congestion Control | George Ou | ZDNet.Com

You MUST READ the excellent piece of technical journalism. Includes real diagrams and accurate technology on fixing TCP flow control now that the VJ fix isn’t working. Also relates to the Net Neutrality debate.

Fixing the unfairness of TCP congestion control | George Ou | ZDNet.com

Bob Briscoe is now the person I would like most to meet and have beer with. Look at the papers he has published. These are worth studying if you are CCIE or a candidate.

Why Use Two Routing Processes in a Firewall ?

In a recent post on Two OSPF Processes on an ASA firewall Christian asked why you would want to do this. Here is one case of a design that needs secure routing :

Read more

Single Internet Connection but HA Infrastructure - Using Bridging Instead of Routing

Introduction - The Design Constraint

The customer had decided to build a hosting platform, but could only arrange for a single internet connection to that site due to location. However, all other hardware was duplicated for high availability. After considering the options the following diagram was prepared showing the first pass at the design. This was the Internet Connection (100Mb Ethernet) connected to the router, then connected to a switch, which was interconnected by trunk to a second switch. The first layer of firewalls is then connected.

In this design, the router and the first switch are single points of failure as shown on the diagram

Read more

ICANN | IPv6 Address Added for Root Servers in the Root Zone

IANA — IPv6 Addresses for the Root Servers:

And all that IPV6 that you have been learning over the last four years or so, will start being useful outside of the lab. This is a quiet start to IPV6 rollout on the Internet.

At the moment, I don’t believe that we will be using IPV6 inside enterprise networks because there is no ROI or even desire to do so at moment, but for firewalls and internet gateways I think we will see IPV6 being the pushed by the service providers for our Internet Gateways and possibly MPLS networks.

Reserved IP Address Range for Testing - RFC 2544

I have been looking at a multi host data centre and am using MPLS to securely share certain resources and considering what architecture considerations for Network Management.

Lets define the problem. Network Management is software and servers that collect data from my network equipment and presents it to me in some useful form. Add to this some documentation and process support tools such as a wiki that holds documentation or a service such as helpdesk package.

The servers have to have IP addresses but what addresses to allocate ? If I use something from the RFC1918 addressing then it is possible that a given VRF might need to use that range. I don’t need the hassle of buying and maintaining routable addresses (although for a very large data centre this would be easy enough to do).

So I spent some time researching the RFC’s and found this little gem.

Read more

Next Page »