One of my users was complaining about error messages he's getting from Google Wallet when trying to buy the yearly subscription. He wrote "When I try to login with my Google credentials I get some kind of error page where I can't do anything unless I supply them with scan copies of an ID." Is anyone else experiencing problems? Thank you!
Did you rush to try OSPF Loop Free Alternate on a Cisco 7200 after reading my LFA blog post ... and disappointedly discovered that it only works on Cisco 7600? The reason is simple: while LFA does add feasible-successor-like behavior to OSPF, its primary mission is to improve RIB-to-FIB convergence time.
Assume we have a simple triangular network:
Now imagine the A-to-C link fails. How will OSPF react to the link failure as compared to EIGRP? Which one will converge faster? Try to answer the questions before pressing the Read more link ;)
Scott Lowe asked a very good question in his Technology Short Take #20:
VXLAN uses UDP for its encapsulation. What about dropped packets, lack of sequencing, etc., that is possible with UDP? What impact is that going to have on the “inner protocol” that’s wrapped inside the VXLAN UDP packets? Or is this not an issue in modern networks any longer?
Short answer: No problem.
In the Redundant DMVPN Design, Part 1 I described the options you have when you want to connect non-redundant spokes to more than one hub. In this article, we’ll go a step further and design hub and spoke sites with multiple uplinks.
Public IP addressing
Fact: DMVPN tunnel endpoints have to use public IP addresses or the hub/spoke routers wouldn’t be able to send GRE/IPsec packets across the public backbone.
One of my readers couldn’t figure out which IPv6 webinar to buy. He wrote:
I bought your Service Provider IPv6 Introduction webinar. I’m also interested in Building IPv6 Service Provider Core and Building Large IPv6 Access Networks. I realized that the second training is not released yet and it says that it's an update session for the first training, so do I need to buy both? I would like to download all the material related to the trainings so I would watch them whenever I need.
It seems I did overcomplicate a few things, so I’ll try to clear up the confusion I created.
According to Google Analytics these were the most popular posts I wrote in December 2011:
- Is NAT a security feature?
- Decouple virtual networking from the physical world
- Large-scale L2 DCI: a true story
- We just might need NAT66
- VMware vSwitch – the baseline of simplicity
- Junos Day One: MPLS Behind The Scenes
- VXLAN, IP multicast, OpenFlow and control planes
- Which virtual networking technology should I use?
- Nexus 1000V and vMotion
- IPv6 multihoming without NAT: the problem
- VM-aware Networking Improves IaaS Cloud Scalability
It’s hard for me to admit, but there just might be a corner use case for split subnets and inter-DC bridging: even if you move a cold VM between data centers in a controlled disaster avoidance process (moving live VMs rarely makes sense), you might not be able to change its IP address due to hard-coded IP addresses, be it in application code or configuration files.
Disaster recovery is a different beast: if you’ve lost the primary DC, it doesn’t hurt if you instantiate the same subnet in the backup DC.
A while ago I described the pre-standard way Cisco IOS used to get delegated IPv6 prefixes from a RADIUS server. Cisco’s documentation always claimed that Cisco IOS implements RFC 4818, but you simply couldn’t get it to work in IOS releases 12.4T or 15.0M. In December I wrote about the progress Cisco is making on the DHCPv6 front and iord@intracom.com commented that IOS 15.1S does support RFC 4818. You know I absolutely had to test that claim ... and it’s true!
2012-01-19: The initial version of this post contained a serious error: Cisco IOS DHCPv6 server does not create host routes; without on-link prefix, the router cannot forward the packets to the attached end-hosts.
IPv6 hosts can use stateless or stateful autoconfiguration. Stateless address autoconfiguration (SLAAC) uses IPv6 prefixes from Router Advertisement (RA) messages; stateful autoconfiguration uses DHCPv6. The routers can use two flags in RA messages to tell the attached end hosts which method to use:
Most of the DMVPN-related questions I get are a variant of the “how many tunnels/hubs/interfaces/areas do I need for a redundant DMVPN design?” As always, the right answer is “it depends” (and I can always help you with your design if you’d like to get a second opinion), but here’s what I’ve learned so far.
I got plenty of responses to the How could we filter extraneous BGP prefixes post, some of them referring to emerging technologies and clean-slate ideas, others describing down-to-earth approaches. Thank you all, you’re fantastic!
Lots of interesting links accumulated in my Evernote notebook during the last two weeks. Let's start with a design masterpiece — Historical Thursday: The Other Manhattan Project: Almost as good as stretched clusters ... and almost as useful ;)
And here are the other links in somewhat random order:
I’ve been blogging regularly for over five years, accumulating almost 1500 posts. It must be quite tasking and time-consuming to leaf through the older posts (not sure anyone ever did that ;), so I decided to use my brand-new Google Analytics add-on to find out which of the old posts are still attracting some attention.
In January 2007, I focused on CEF and wrote about CEF punted packets, CEF punt adjacency and Per-port CEF load sharing.
Hot topics in January 2009 included DHCP (Decent DNS, DHCP and HTTP server on an ISR router and Flash-based DHCP database) and load sharing (EBGP multipath load sharing and CEF).
Every so often I get a question along the lines of “could I see a sample of your webinars before I buy them?” To answer the question, I created a new web site that includes the videos I previously published on YouTube, as well as plenty of information on what exactly you get when you buy a recording or the yearly subscription. Your feedback on site outline/design and its contents is highly appreciated!
Visit demo.ipSpace.net
Did you know that approximately 40% of BGP prefixes polluting your RIB and FIB are not needed, as they could be either aggregated or suppressed (because an aggregate is already announced)? We definitely need “driver’s license for the Internet”, but that’s not likely to happen, and in the meantime everyone has to keep buying larger boxes to cope with people who cannot configure their BGP routing correctly.
Posts
