Monthly Archives: February 2014

Server Brawn + Switch Brains = Infrastructure Fabric

Last week I attended Networking Field Day 7, and was introduced to Pluribus Networks. Pluribus is taking an interesting approach to building the data center fabric, by combining high-performance data center top-of-rack (ToR) switching with powerful server internals in a platform they’ve dubbed the Freedom Server-Switch.



The Freedom platform can be loaded to bare with RAM and storage along with some pretty powerful CPUs (this data sheet provides all the details), which enables embedding various network (and not-so-network) services right in the network at every edge. The platform runs the NetVisor operating system, based on BSD. This software can be had in various feature levels:


Various services that can be enabled beyond typical L2/L3 network services include DHCP, DNS, PXE, load balancing, CDN functions, NAT, NAS (yes, really), and traffic analytics. Since these switches are designed for deployment as leaf nodes in leaf-spine architecture datacenters, this embeds these services right at the network ingress point for each connected device.
You may be thinking about the potential administrative overhead included with performing advanced network services on each ToR switch, but that burden is eased with fabric-wide management features that allow an administrator to interact with any node in the fabric and issue commands that can affect a subset of fabric nodes, or the entire fabric at once.
During the NFD7 demonstration, Pluribus Networks CTO Sunay Tripathi showed us the ease with which the entire fabric (the Fabric Cluster, as they called it) could be programmed to single out a specific traffic flow (based on any number of parameters), and perform some operation on it such as redirecting it to a specific port, a service running on the Freedom platform, or copy the traffic to local storage. With a couple commands, he was able to intercept and store traffic matching the flow parameters from anywhere on the network the flow may appear. This was powerful stuff. And of course, since Pluribus exposes APIs for accessing these features, one can imagine the ability to automate various network service functions from external applications. In fact, Pluribus provides an SDK for “bare metal” access to the switch so that future applications could potentially extend functions beyond anything that’s been thought up so far. Additionally, VMs can actually run on the platform, so perhaps other functions traditionally centralized in the network (IDS/IPS, anyone?) can be embedded right at the network edge.
Something that really struck me about the Pluribus NetVisor software was that the fabric was equally manageable from a Unix command line, a rich switch CLI (although the syntax looked quite a bit different from anything I’ve ever used, so there’d be some learning curve there), a web-based GUI called vManage, and a variety of API interfaces. Lately, the industry has been laser-focused on APIs, APIs, APIs. I thought Pluribus struck a good balance with their approach recognizing that the CLI is not dead, and APIs provide another, but not exclusive, vector for network management. These various tools could be leveraged by network administrators that are comfortable and adept with different administration models and none appears to be handicapped by their choice.
More than that, though, what I saw in Pluribus’ platform was a bold attempt to move toward what may well be an inevitable future. I’ve been thinking for some time about how in the not-so-distant future as network, compute, and storage facilities coagulate we’ll not have many “network engineers” or “server engineers”, but rather “infrastructure engineers” who know how to work everything. Sure, we may still retain a focus or specialty, but it’s going to become very difficult to claim “I’m a network engineer. I just provide the network. Servers and storage aren’t my thing.” At least, if you want to stay relevant and have a job, it will be difficult.
The Pluribus Freedom Server-Switch really embodied that notion. Rather than building a high-speed switching fabric that has services blocks hanging off of it to provide network services, application services, storage, security, monitoring, and even applications themselves, the Pluribus solution struck me as an infrastructure fabric, providing many of those services right in the fabric, at every point of ingress and egress. Surely Pluribus is not trying to replace enterprise or tenant servers themselves, but moving the various utility services into that infrastructure fabric consolidates the deployment, administration, and management of those infrastructure support services allowing the servers and storage attached to the fabric to be used for what they’re intended for — applications.
While I saw a lot of promise in the Pluribus Networks offering, I do think they will have a bit of an uphill battle in many shops that have not yet moved to a more consolidated “infrastructure team” approach (which is most environments I see), as the server and storage teams may feel threatened by the idea of “the network” running various services and even hosting storage. I suspect this technology will be a better fit in more agile environments that have embraced a holistic approach to infrastructure services.
I strongly recommend watching these videos from Networking Field Day 7 as they really demonstrate the fascinating approach Pluribus Networks has brought to the table. Pluribus Networks also has some good whitepapers sprinkled around their site that are worth a read as they present some good technical detail rather than just marketing fluff.
Pluribus Networks was a sponsor of Networking Field Day 7. At no time did they ask for, nor where they promised any kind of consideration in the writing of this review. The opinions and analysis provided within are my own and any errors or omissions are mine and mine alone.
Tagged , ,

Faking an ASA as a DNS Forwarder

I came across a good tip the other day that was very helpful during a small site firewall migration. Here’s the back story:

I was migrating a small single-site customer that had, up to this point, been using a FIOS-provided consumer-type router/firewall/access point to some Cisco gear including an ASA firewall for better firewall/VPN capabilities. This is fairly common with small businesses that start out with essentially consumer-style connectivity and finally begin to grow to a point of needing business-grade capabilities. My preparation went fine, and when the time came I swapped the ASA firewall in place of the FIOS-provided one. Then everything broke.

Continue reading

Tagged , , ,

Goodbye Snowpocalypse, Hello Networking Field Day 7!

Snowpoc Resized

It’s been a long winter here in Pennsylvania. Near record-breaking for snowfall. But yesterday I traveled to beautiful and temperate San Jose to attend Networking Field Day 7!
I’m honored to have been selected as a delegate for another Tech Field Day event, as these events are a fantastic opportunity to engage with vendors and industry peers. I use the term “peers” only because we work in the same industry. Everyone else is smarter than me.

I’m excited to rub elbows and network with the exceptional delegate list. I have met nearly all of this event’s delegates before and I respect the expertise and experience of every single participant. I feel I have learned so much and made so many valuable connections through TFD events and I’m grateful to Gestalt IT and the TFD community for another opportunity to participate.

Most of all, I’m excited for the opportunity to represent you, the networking/IT community at large. Asking the questions you would ask. I will be live Tweeting during the presentations, so direct your questions my way and I’ll do my best to ask your questions if I miss something you want to know about.


I was going to mention each of the presenting vendors and what of theirs I was interested in learning more about, but after reviewing the list I realized I’m very exited to hear from each of them. Some of these vendors hadn’t struck me as big SDN players, but really each of the “traditional” network equipment vendors (that includes Avaya, Brocade, Dell, Extreme, and Juniper) touts a complete SDN strategy on their website. I’m looking forward to learning more about each vendor’s strategy and what differentiates their approaches.

There will also be a couple of the startup vendors, Plexxi which is on the leading edge of cloud-scale data center networks and automation, and Pluribus Networks who will be giving us detail on their NetVisor network virtualization platform and their Freedom Server-Switch product line. Both should prove very interesting.

Finally, we’ll hear from Tail-F Systems about their vendor-agnostic network controller product, and the recently re-branded LiveAction to talk to us about network monitoring and quality measurement.
I do hope to see at least some discussion of non-datacenter networking as well. SDN can have applicability outside the datacenter, and I build more general enterprise networks with small/medium data center blocks than I do large-scale data centers that fully implement an end-to-end automated, SDN architecture.

My Perspective

Like many in the networking field, I’m looking toward the future (SDN, cloud, automation, and the like) but I’m also mindful of the gap we need to bridge to get there. I work on real networks every day, most of which are not greenfield, pie-in-the-sky SDN datacenters, so I want to learn how the new technologies these vendors are bringing forward are applicable to the real world of grey-field operational networks.
I work on mostly small to mid-sized enterprise networks with anything from very simplistic to moderately complex data center needs. I don’t build cloud-scale data centers or work on huge Internet property environments so my focus is on using technology to help businesses of all sizes gain a competitive advantage whether it’s through new feature/function or reduced operational burden. I’ll be considering the sponsor presentations through that lens all week.
Overall, I’m looking forward to a great and exhausting week. Please be sure to tune into the live streams of the NFD presentations and watch the #NFD7 hashtag on Twitter to join in the conversation.

Using the Cisco CSR1000V in GNS3 With VirtualBox

The better part of a year ago when the Cisco CSR1000V was publicly released, I quickly tested the notion of running the Cloud Services Router in VMWare Fusion on the Mac, rather than on a full vSphere server. Since then, I occasionally see that some readers land on my blog after searching for the terms “CSR1000V GNS3” looking for assistance in integrating the CSR with the popular networking simulation platform. The CSR1000V is attractive as it provides a means to run IOS-XE, the same variant as on the ASR-series routers, and unlike Dynamips, Cisco has blessed use of the CSR with the 2.5 Mb/s throughput-limited trial license as a legitimate labbing platform. Last night I decided to see if it could be done. Turns out, it’s easy.

Continue reading

Tagged , , ,

Application Monitoring with ThousandEyes

In a prior post, I showed off ThousandEyes and how one of my clients uses it to monitor the BGP routing of their IP prefix. The same client also uses ThousandEyes for monitoring the web apps they host for their customers. Read on to see more about what ThousandEyes does for them!

Continue reading

Tagged , ,

Virtualization, Storage, and other techy stuff

The Stupid Engineer

I ask those questions you're too clever to.

Sunay Tripathi's Blog

Pluribus Networks Founder's Blog on OS, Networking, Virtualization, Cloud Computing, Solaris Architecture, etc

Ed Koehler's Blog

Just another weblog

Data networking, stray thoughts, nerdy fun...

Network Heresy

Tales of the network reformation

The Borg Queen

Jottings on the intersection of tech and humanness

Networking From The Trenches

Ramblings about my thoughts, experiences, and ideas.

Networking 40,000

Attaining my CCIE with the help of Warhammer 40k

Network Shenanigans

Making Packets Do Silly Things

It must be the network...

Ramblings of JD (@subnetwork)

Not Another Network Blog

Musings from yet another IT nerd

rsts11 - Robert Novak on system administration

Resource sharing, time sharing, (20)11 and beyond. A retired sysadmin's blog.