Multi-Vendor OpenFlow – Myth or Reality?

NEC demonstrated multi-vendor OpenFlow network @ Interop Las Vegas, linking physical switches from Arista, Brocade, Centec, Dell, Extreme, Intel and NEC, and virtual switches in Linux (OVS) and Hyper-V (PF1000) environments in a leaf-and-spine fabric controlled by ProgrammableFlow controller (watch the video of Samrat Ganguly demonstrating the network).

Does that mean we’ve entered the era of multi-vendor OpenFlow networking? Not so fast.

Troopers 13 – a must-visit security conference

If you live in Europe and happen to be interested in security, make sure you put Troopers on the list of must-attend events. Like many things coming from Europe it’s a boutique event (limited to 200 attendees even if it means it’s sold out – that would never happen in some other parts of the world) with some great content.

Enno Rey, the mastermind behind the event, was kind enough to invite me to talk about virtual firewall architectures – you can view my presentation or watch the video – and of course I used the opportunity to visit a not-so-well-known Heidelberg attraction ;)

Expert Beginners

Erik Dietrich obviously hates the self-proclaimed (usually clueless) “experts” – he devoted a whole series of blog posts to them:

• Rise of the Expert Beginner
• Legacy of the Expert Beginner
• Language of the Expert Beginner
• Ambitions of the Expert Beginner

I’m positive you know at least a few people that would match his descriptions. Enjoy!

How Networking Is Changing – Interview with Stu Miniman

Stu Miniman kindly invited me to do an interview for the SiliconANGLE during the Interop/EMC World week. Here are the results:

More podcast and interviews

Tail-f Network Control System – the First Impressions

One of the most pleasant surprises of the recent Interop show was the Tail-f's Network Control System (NCS). I “knew” Carl Moberg (of the NETCONF and YANG fame) for a long time and had the privilege to meet him in person just before the SDN Buyer's Guide panel that I co-hosted with Kurt Marko (who did an excellent job putting the buyer's guide together). Anyhow, what Carl presented during the panel totally blew me away.

Data Has Mass and Gravity

A while ago, while listening to an interesting CloudCast podcast (my second favorite podcast - the best one out there is still the Packet Pushers), I stumbled upon an interesting idea “Data has gravity”. The podcast guest used that idea to explain how data agglomerates in larger and larger chunks and how it makes sense to move the data processing (application) closer to the data.

Build Data Center Interconnects with Enterasys Switches

Short story: Enterasys data center switches have an interesting combination of time-tested routing and bridging features that allow you to build robust data center fabrics and interconnects (including the scenarios where you migrate VMs between them if you really must do so).

I’ll describe these features and how you can use them in a free webinar sponsored by Enterasys (register here). Don’t worry, that won’t make me biased; I still think moving a running VM between data centers makes no sense.

And now for a longer story ;)

Are stateless ACLs good enough?

In one of his Open Networking Summit blog posts Jason Edelman summarized the presentation in which Goldman Sachs described its plans to replace stateful firewalls with packet filters (see also a similar post by Nick Buraglio).

These ideas are obviously not new – as Merike Kaeo succinctly said in her NANOG presentation over three years ago “stateful firewalls make absolutely no sense in front of servers, given that by definition every packet coming into the server is unsolicited.” Real life is usually a bit more complex than that.

Update: TRILL on HP Data Center Switches

A few days after I published the Interop Product Launch Craze post, Jason Edelman told me HP claims they have running TRILL implementation. Time to read their release notes.

Results: No mention of TRILL in latest release notes for 12500, 9500 or 58xx. 5900 switches support TRILL, EVB and FCoE since release 2207 (January 2013).

More about changes in the data center switching market in the Data Center Fabrics Update webinar. Now I have to catch the next plane on the way home.

Cisco IOS TCP MSS handling on IPv6

Just received an email from Trevor Warwick (Director, Cisco NOSTG Software Engineering, UK) on ipv6-ops mailing list (which you really should join if you plan to deploy IPv6) explaining the changes they made to IPv6 TCP MSS handling.

Dell Fabric Manager Explained

In the last part of Clos Fabrics Explained webinar Brad Hedlund described how you can use Dell Fabric Manager to plan, design, configure and operate leaf-and-spine Clos fabric built with Dell Force10 switches. Should we call Dell Fabric Manager an SDN solution? Who cares, it sure is useful ;)

Watch the video

Dedicated Hardware in Network Services Appliances? Meh!

Francesco made an interesting comment to my Virtual Appliance Performance blog post:

Virtual Appliance Performance is comparable to the equivalent Physical Appliance until the latter use its own ASICs (for a good reason), e.g. Palo Alto with its new generation Firewall...

Let’s do a bit of math combined with a few minutes of Googling ;)

Server Guy’s Guide to Virtual Networks

I was asked to do a short virtual networking presentation during this year’s Microsoft NT Conference in Slovenia. Most of the audience were server and virtualization administrators, having anywhere from zero to pretty decent networking knowledge; getting the right balance of basics and interesting features was a struggle.

They told me the end result wasn’t that bad. It’s a bit Microsoft-biased, but applies equally well to VMware (be it vSphere/VXLAN or Open vSwitch/NVP combo).

View the presentation

Plexxi’s Dan Backman Presenting in the Data Center Fabrics Update Webinar

Plexxi has a really interesting data center fabric solution that combines CWDM optics with L2+L3 switching. They briefed me on their product just before their public launch; I like their approach, particularly the combination of robust traditional forwarding with controller-based network optimization that you can influence from the outside, but somehow I never quite found the time to blog about them … although I did manage to solve the hard part of the problem: write a Perl script that generates Graphviz graph description to generate schematics of their CWDM inter-switch links.

Interop Product Launch Craze

As expected, we’ve experienced a product launch craze just prior to Interop Las Vegas. I try to avoid marketing announcements, but the blogosphere exploded in hard-to-ignore posts ... and as always, it was great fun separating marketing fluff from reality. Here’s a grumpy take on the above-mentioned press releases.

TCP and HTTP Improvements

In previous videos from the TCP, HTTP and SPDY webinar I described the network-related performance challenges experienced by web applications and did a deep dive into TCP and HTTP mechanisms underlying them.

Today’s video describes numerous TCP and HTTP enhancements – from increased initial congestion window (recently published as RFC 6928) and TCP fast open to persistent HTTP sessions and pipelining.

The whole webinar is also available on Udemy - it’s free but you’ll have to register (or log in with Facebook) to get access.

Watch the video