Earlier this September, I attended the Tech Field Day Networking Field Day 8 event. Over the course of three days, we saw presentations from many very interesting vendors including a mix of startups and established market leaders. One trend that really stuck out to me more this time around than at any previous NFD event was a nearly ubiquitous emphasis on data center network fabric management. In other words, truly managing an entire data center network (or at least a sub-block of it) as a single unit.
Herding Packets
Days in the life of a professional packet shepherd.
Cisco Live – The Minimalist Packing List
Cisco Live 2014 is right around the corner! It’s almost time to start packing. The other day, Keith Miller (@packetologist), a first-time Cisco Live attendee, asked me on Twitter:
@BobMcCouch Since you are the king of being prepared, what is your travel pack consisting of to CLUS?
— Keith Miller (@packetologist) May 11, 2014
I have a bit of a reputation among some of my consulting clients as being ready for just about anything. Normally, that means my laptop bag weighs about 50 lbs. But for Cisco Live, I choose to travel light. I’ve seen people in the airport on the way to, and from, the event with a LOT of stuff. Sure, some folks are presenters or carrying company stuff but for the rest, you probably just have too much stuff.
Using EEM to Remotely Change a WAN IP – Part 2
In my last EEM post I provided a simple means to change an IP address and default route of a Cisco router using a script that makes the change without requiring interactive user input. This is helpful if you are remotely changing a device’s WAN/Internet IP and waiting for some on-site hands to move a cable over to a new ISP or WAN SP connection. That first script, however, would make the change and then exit. What would happen if the new Internet connection had a problem, or the on-site help couldn’t move the cable for some reason? Proper testing and preparation should help you avoid most of those issues but you just never know.
Using EEM to Remotely Change a WAN IP – Part 1
I often work remotely on customers’ infrastructures with their remote hands on-site. When a small office or branch changes ISPs or IP blocks, I occasionally find myself in a position where I have to change the only public IP address of a device like a branch office router or firewall, with no out-of-band management. The trouble with this is fairly obvious (on a Cisco device): by changing the IP address via which I am accessing the device over SSH, I will lose my own management session to it. Once the management session is lost, I can’t update the default route, and now the device is broken and I get to walk the on-site hands (who are often not very Cisco-literate) through changing a default route.
Dell Aims for the Clouds with Z9500 Spine
While at Networking Field Day 7, we got a small preview of a new switch Dell Networking has just announced, the Z9500. At some point I’ll have another post coming discussing more of Dell’s presentation at NFD7, but I wanted to briefly talk about this new product and what it brings to the table for Dell.
Taking a New Approach to Cisco Live 2014
It’s getting to be that time of year again when geeks across North America (and beyond) start getting excited for Cisco Live! The buzz is starting a bit early this year, but that’s because Cisco Live is about a month earlier this year (May 18-22) than it has been in recent years.
Weighing AWS VPN Options
Earlier this week, a client asked for some assistance in building a VPN from their corporate office to Amazon Web Services for a project they were doing. I’ve done this a few times before, a few different ways, so I proceeded to give my client some pros and cons of the two most common methods I’ve used. After putting that analysis together, I realized it could be helpful for others so here it is (with the addition of a few snazzy diagrams!).
Server Brawn + Switch Brains = Infrastructure Fabric
Last week I attended Networking Field Day 7, and was introduced to Pluribus Networks. Pluribus is taking an interesting approach to building the data center fabric, by combining high-performance data center top-of-rack (ToR) switching with powerful server internals in a platform they’ve dubbed the Freedom Server-Switch.
Source: pluribusnetworks.com
The Freedom platform can be loaded to bare with RAM and storage along with some pretty powerful CPUs (this data sheet provides all the details), which enables embedding various network (and not-so-network) services right in the network at every edge. The platform runs the NetVisor operating system, based on BSD. This software can be had in various feature levels:
Source: pluribusnetworks.com
Various services that can be enabled beyond typical L2/L3 network services include DHCP, DNS, PXE, load balancing, CDN functions, NAT, NAS (yes, really), and traffic analytics. Since these switches are designed for deployment as leaf nodes in leaf-spine architecture datacenters, this embeds these services right at the network ingress point for each connected device.
You may be thinking about the potential administrative overhead included with performing advanced network services on each ToR switch, but that burden is eased with fabric-wide management features that allow an administrator to interact with any node in the fabric and issue commands that can affect a subset of fabric nodes, or the entire fabric at once.
During the NFD7 demonstration, Pluribus Networks CTO Sunay Tripathi showed us the ease with which the entire fabric (the Fabric Cluster, as they called it) could be programmed to single out a specific traffic flow (based on any number of parameters), and perform some operation on it such as redirecting it to a specific port, a service running on the Freedom platform, or copy the traffic to local storage. With a couple commands, he was able to intercept and store traffic matching the flow parameters from anywhere on the network the flow may appear. This was powerful stuff. And of course, since Pluribus exposes APIs for accessing these features, one can imagine the ability to automate various network service functions from external applications. In fact, Pluribus provides an SDK for “bare metal” access to the switch so that future applications could potentially extend functions beyond anything that’s been thought up so far. Additionally, VMs can actually run on the platform, so perhaps other functions traditionally centralized in the network (IDS/IPS, anyone?) can be embedded right at the network edge.
Something that really struck me about the Pluribus NetVisor software was that the fabric was equally manageable from a Unix command line, a rich switch CLI (although the syntax looked quite a bit different from anything I’ve ever used, so there’d be some learning curve there), a web-based GUI called vManage, and a variety of API interfaces. Lately, the industry has been laser-focused on APIs, APIs, APIs. I thought Pluribus struck a good balance with their approach recognizing that the CLI is not dead, and APIs provide another, but not exclusive, vector for network management. These various tools could be leveraged by network administrators that are comfortable and adept with different administration models and none appears to be handicapped by their choice.
More than that, though, what I saw in Pluribus’ platform was a bold attempt to move toward what may well be an inevitable future. I’ve been thinking for some time about how in the not-so-distant future as network, compute, and storage facilities coagulate we’ll not have many “network engineers” or “server engineers”, but rather “infrastructure engineers” who know how to work everything. Sure, we may still retain a focus or specialty, but it’s going to become very difficult to claim “I’m a network engineer. I just provide the network. Servers and storage aren’t my thing.” At least, if you want to stay relevant and have a job, it will be difficult.
The Pluribus Freedom Server-Switch really embodied that notion. Rather than building a high-speed switching fabric that has services blocks hanging off of it to provide network services, application services, storage, security, monitoring, and even applications themselves, the Pluribus solution struck me as an infrastructure fabric, providing many of those services right in the fabric, at every point of ingress and egress. Surely Pluribus is not trying to replace enterprise or tenant servers themselves, but moving the various utility services into that infrastructure fabric consolidates the deployment, administration, and management of those infrastructure support services allowing the servers and storage attached to the fabric to be used for what they’re intended for — applications.
While I saw a lot of promise in the Pluribus Networks offering, I do think they will have a bit of an uphill battle in many shops that have not yet moved to a more consolidated “infrastructure team” approach (which is most environments I see), as the server and storage teams may feel threatened by the idea of “the network” running various services and even hosting storage. I suspect this technology will be a better fit in more agile environments that have embraced a holistic approach to infrastructure services.
I strongly recommend watching these videos from Networking Field Day 7 as they really demonstrate the fascinating approach Pluribus Networks has brought to the table. Pluribus Networks also has some good whitepapers sprinkled around their site that are worth a read as they present some good technical detail rather than just marketing fluff.
Disclaimer:
Pluribus Networks was a sponsor of Networking Field Day 7. At no time did they ask for, nor where they promised any kind of consideration in the writing of this review. The opinions and analysis provided within are my own and any errors or omissions are mine and mine alone.
Faking an ASA as a DNS Forwarder
I came across a good tip the other day that was very helpful during a small site firewall migration. Here’s the back story:
I was migrating a small single-site customer that had, up to this point, been using a FIOS-provided consumer-type router/firewall/access point to some Cisco gear including an ASA firewall for better firewall/VPN capabilities. This is fairly common with small businesses that start out with essentially consumer-style connectivity and finally begin to grow to a point of needing business-grade capabilities. My preparation went fine, and when the time came I swapped the ASA firewall in place of the FIOS-provided one. Then everything broke.
Goodbye Snowpocalypse, Hello Networking Field Day 7!
It’s been a long winter here in Pennsylvania. Near record-breaking for snowfall. But yesterday I traveled to beautiful and temperate San Jose to attend Networking Field Day 7!
I’m honored to have been selected as a delegate for another Tech Field Day event, as these events are a fantastic opportunity to engage with vendors and industry peers. I use the term “peers” only because we work in the same industry. Everyone else is smarter than me.
I’m excited to rub elbows and network with the exceptional delegate list. I have met nearly all of this event’s delegates before and I respect the expertise and experience of every single participant. I feel I have learned so much and made so many valuable connections through TFD events and I’m grateful to Gestalt IT and the TFD community for another opportunity to participate.
Most of all, I’m excited for the opportunity to represent you, the networking/IT community at large. Asking the questions you would ask. I will be live Tweeting during the presentations, so direct your questions my way and I’ll do my best to ask your questions if I miss something you want to know about.
Sponsors
I was going to mention each of the presenting vendors and what of theirs I was interested in learning more about, but after reviewing the list I realized I’m very exited to hear from each of them. Some of these vendors hadn’t struck me as big SDN players, but really each of the “traditional” network equipment vendors (that includes Avaya, Brocade, Dell, Extreme, and Juniper) touts a complete SDN strategy on their website. I’m looking forward to learning more about each vendor’s strategy and what differentiates their approaches.
There will also be a couple of the startup vendors, Plexxi which is on the leading edge of cloud-scale data center networks and automation, and Pluribus Networks who will be giving us detail on their NetVisor network virtualization platform and their Freedom Server-Switch product line. Both should prove very interesting.
Finally, we’ll hear from Tail-F Systems about their vendor-agnostic network controller product, and the recently re-branded LiveAction to talk to us about network monitoring and quality measurement.
I do hope to see at least some discussion of non-datacenter networking as well. SDN can have applicability outside the datacenter, and I build more general enterprise networks with small/medium data center blocks than I do large-scale data centers that fully implement an end-to-end automated, SDN architecture.
My Perspective
Like many in the networking field, I’m looking toward the future (SDN, cloud, automation, and the like) but I’m also mindful of the gap we need to bridge to get there. I work on real networks every day, most of which are not greenfield, pie-in-the-sky SDN datacenters, so I want to learn how the new technologies these vendors are bringing forward are applicable to the real world of grey-field operational networks.
I work on mostly small to mid-sized enterprise networks with anything from very simplistic to moderately complex data center needs. I don’t build cloud-scale data centers or work on huge Internet property environments so my focus is on using technology to help businesses of all sizes gain a competitive advantage whether it’s through new feature/function or reduced operational burden. I’ll be considering the sponsor presentations through that lens all week.
Overall, I’m looking forward to a great and exhausting week. Please be sure to tune into the live streams of the NFD presentations and watch the #NFD7 hashtag on Twitter to join in the conversation.
Herding Packets 