Screencast-Logo-1

Screencast: Knowledge Management in Technology – Part 3

Network Engineers have to manage a lot of information. Products, technologies, textbooks, study notes and research material as well as new protocols and features. Just simple tasks like keeping product manuals handy for 40 or 50 products is a real problem. How do you keep the information organised, referenced, accessible and useful ? Your employer […]

Screencast-Logo-1

Screencast: Knowledge Management in Technology – Part 2

Network Engineers have to manage a lot of information. Products, technologies, textbooks, study notes and research material as well as new protocols and features. Just simple tasks like keeping product manuals handy for 40 or 50 products is a real problem. How do you keep the information organised, referenced, accessible and useful ? Your employer […]

Screencast-Logo-1

Screencast: Knowledge Management in Technology – Part 1

Network Engineers have to manage a lot of information. Products, technologies, textbooks, study notes and research material as well as new protocols and features. Just simple tasks like keeping product manuals handy for 40 or 50 products is a real problem. How do you keep the information organised, referenced, accessible and useful ?

This three part screencast is about how I manage all the “inputs” so I don’t feel lost in information after many, many people asked.

SafariScreenSnapz001.jpg

Service Models – “Pets and Cattle”

Two types of servers “pets” & “cattle” to denote service levels. Human oriented service models.

1126962_cheshire_matterhorn_2.jpg

Rant: Our Vendor Partners Dont Have an SDN Vision

There is an old saying “A man with his eyes fixed on Heaven doesn’t see where he is going”. It’s an almost perfect description of how the major vendors are bringing Software Defined Networking to the market.

The consistent message from all the vendors and especially the Cisco, Juniper and Brocade is that there are “no use cases for SDN”. In the last three months, this has been a constantly repeated statement both publicly and privately. This beggars belief that vendors can’t see immediate needs that deliver long term gains.

I suspect that the root of this problem is the big companies want to solve big problems. And by solving big problems they figure that they can make big revenue. Alright, I get that. It’s understandable that large organisations need a constant revenue stream to feed the insatiable maws of their shareholders. However, the vendors re also missing the most real and immediate problem of networking today. Simply, Networking is too hard.

Vendors haven’t developed tools that keep the complexity of networking under control. Complexity can be reduced to this: “I don’t have big problems, I have lots of small problems.” You can have debates about addressing complexity and how to attack it, but it nearly always boils down to this: start small.

Basics: Cisco VLAN Trunking Protocol – Transparent discard and passing VTP Packets

It’s a common discussion about when Cisco VTP protocol is actually forwarded through Cisco switches and when it’s isn’t. I’ve always gotten it somewhat confused and when I stumbled across some old notes on the topic I had an ah-hah moment. I’m answering the equation about when using VTP in your network, which versions are risky – that’s risky is terms of how do you prevent VTP updates from ‘crossing’ a switch.

bug

My Way of Selecting a Cisco IOS Release with a Bug Scrub

Cisco is known for shipping products early to deliver new features quickly. But this leads to a reputation for buggy code which has customers report bugs (and Cisco fixing them). This means that you should never buy a newly released Cisco product unless you are willing to take this risk. This post looks a my process for analysing this risk and then selecting an IOS version by performing a bug scrub. In this case, I’ve been asked whether the Cisco C3750-X switches are ready for live deployment.

ASA 5520 and ASA 5540 with only one DIMM Memory Socket – Counterfeit Hardware

There is a significant numbers of ASA5110 chassis that have been reworked to look and act like ASA5520 or ASA5540 firewalls. Refer this bug toolkit for more details.

Ethernet Jumbo Frames, Full Duplex and Why Jumbo Frames are 9000 bytes)

I’ve been doing some research into Ethernet and the use of Jumbo frames for some content I’ve been writing and come across something interesting. The documents state that Jumbo frames can only be used on Full Duplex Ethernet connections.

Routing Protocols and Computation in Silicon

I got this question and I guess it may not be obvious to everyone so I’ll have a shot at answering it.

Technology advances in ASIC hardware have resulted in substantial improvements in switching performances of routers and switches. However, the routing processes are still dependent on CPU speeds. What are the existing limitations in router/switch models which prevent route computations from being performed in hardware?

Modular Data Centre – on the highway

Saw this modular data centre rolling down the highway today.

HP abolishes software licensing for Wired Ethernet Switches

HP Networking has announced no more software licenses on their networking kit.

Fibre Connectors

A short summary of the Fibre Cable Connectors, description and some notes on usage. This is summary notes and intended for reference.

Those non-IOS Files on the Flash. Are they useful ?

When you first receive a router from a Cisco warehouse, it comes with a complete collection of IOS add ons. A common question is whether these files are used for anything ?

Cisco IOS: What is VLAN 1002 – 1005 used for ?

Why does a Cisco IOS SX switch not let you use VLANs 1002 − 1005 ?

EIGRP Goodbye Message

Found this in the Cisco IOS 15.1M manuals today

IP Routing: EIGRP Configuration Guide, Cisco IOS Release 15.1M&T

Goodbye Message

The goodbye message is a feature designed to improve EIGRP network convergence. The goodbye message is broadcast when an EIGRP routing process is shut down to inform adjacent peers about the impending topology change. This feature allows supporting EIGRP peers to synchronize and recalculate neighbor relationships more efficiently than would occur if the peers discovered the topology change after the hold timer expired.

show ip eigrp topology all

Once upon a time the command was “show ip eigrp topology” to show EIGRP topology, now it’s “show ip eigrp topology all” and the old command show only Feasible Successors.

PacketShaper and Flow Directions

I stumbled across an old diagram I made a long time ago about the direction of flows on a BlueCoat PacketShaper. Since I’ve been looking for it for about three years, I’ve diagrammed it quickly so that it is here for future reference when I’m working PacketWise in the future. PacketShaper PacketWise is one of my very favourite tools for managing traffic flows, and much preferable to PHB QoS aka DiffServ for many types of use cases.

An TCP flow has four possible directional attribute related to the use of a inside and outside networks, and whether the flow was initiated from the client to server which sets the “direction” of the flow relative to the Packeteer. The flow is determined by who initiated the three way handshake. For purposes here, the Client always initiates the TCP connection, and the Server terminates the connection.

TCP Session and Direction

Most people understand the three way handshake, but not many consider the direction of the session.
Packet shaper flow directions 0

The connection from the client to the server is outbound, but is inbound on the server. And vice versa, the server outbound session is inbound on the client.

Packet shaper flow directions 0 1
That’s not very useful for being able to define the direction of flows.

Why is direction important ?

Direction of flows is important if you want to configure asymmetric rules. That is, not all protocols require symmetic bandwidth. For example, HTTP traffic is usually a 10:1 ratio for reply to request. That is, a request for this webpage is about 10KB, but the reply with the data, images and javascript is more than 100KB.

Packet shaper flow directions 0 2

For an FTP upload server, you might have the reverse condition where the inbound traffic is far more than the outbound.

To make the most of your Internet connection for this case, you could configure the inbound bandwidth on your Internet connection to be 80% FTP, 20% HTTP and the outbound bandwidth to be 20% FTP and 80% HTTP. This gives a far better utilisation, especially in regards to better TCP Windowing and overall TCP goodput.

Why firewalls don’t have Telnet or SSH Clients

I found this on Cyber Corner blog:

Another missing ASA-feature: telnet and ssh client: ” Every single decent Cisco-device on earth has the ability to make an CLI-user jump to another device with telnet or ssh. Except the ASA. I really wish that this feature could be added. Right now I am troubleshooting a firewall and from where I am right now the only way in is to SSH to the ASA. I can do whatever I want inside the firewall from my SSH-window, but I need to access a router inside of that firewall, and if this feature wasn´t missing i could simply run ‘ssh ip-address’ to jump to the switch´s CLI.

Am I the last CLI-.guy on this planet? Please, Cisco? 

Fate Sharing, Failure Domains and why VTP is awesome

A lot of people regard Virtual Trunking Protocol(VTP) as nothing but trouble. Indeed, it’s hard to find many people who will implement it on their network. I find this baffling – it’s a great tool that dramatically reduces time, errors, and troubleshooting is something that we should all embrace and use wherever we can. Naturally, with great power comes great evil. So, lets be clever instead.

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.