Browsed by
Author: John Harrington

Does your Wave2 AP need NBase-T?

Does your Wave2 AP need NBase-T?

Cisco recently launched the 2800 and 3800 series 802.11ac wave-2 access points. The 3800 Datasheet quotes a theoretical maximum throughput of 5.2Gbps when operating in Dual 5GHz radio mode (2 x 2.6Gbps). If you ran two cables to your AP you could use the second ethernet port to create a 2 x 1Gbps LAG. However there is still some debate about whether 2Gbps of throughput is sufficient for a single-radio Wave2 AP. Some companies may not be willing to invest the time and expense…

Read More Read More

Programmable ASICs

Programmable ASICs

I love learning about network hardware, but I’ve always found it difficult to get detailed information on ASICS. We had a great presentation from Dave Zacks on the Cisco 3850 programmable ASIC at the Cisco Live Europe Tech Field Day event.

East West Segmentation With ACI

East West Segmentation With ACI

  East/west segmentation is required in the data center to protect backend networks from each other. Segmentation is often implemented using ACLs between VLANS on your core switch. The ACLS are maintained by network or security engineers but define the flows permitted between hosts or host classes.

Thoughts on leaving Amazon

Thoughts on leaving Amazon

Hi All, I left Amazon in late 2015 to become an independent contractor. I took a contract working for a small managed service provider, which was closer to my home and offered a more family friendly schedule. It wasn’t an easy decision to make. I knew that I was going to miss some really cool colleagues, some fascinating nerdy discussions and a very tough, but massively effective thought-system. The network I’m currently working on is tiny when compared to Amazon’s but…

Read More Read More

Redistribution of named and tagged static routes

Redistribution of named and tagged static routes

I always name my IOS static routes as a best practise. However I hit a syntax issue last week when I tried to combine the named static with a tag, then redistributing that tagged static route into OSPF. If you have issues redistributing a ‘named and tagged static’ then this may be the post for you. The simplified config snippet below is configured on SW1 (cisco 3750X). This config will match all static routes tagged with ‘200’ and redistribute them into…

Read More Read More

Basic network change control process

Basic network change control process

Scenario: You are an engineer who runs a managed network on behalf of a customer. Your manager has asked you to create a change control process. Your customer and your manager will measure you only by the uptime or outages they experience, and don’t care what your process looks like. I’ve discussed why we need change control in a previous post. Knowing this, what sort of process would you create? I this post I provide a high-level template and some tips.

Network change – who is in control?

Network change – who is in control?

Network Change Nothing sparks engineering debate quite as much as ‘network change control’. It’s one of those topics we love to hate. We feel buried by useless bureaucracy. We ask, ‘Why can’t our managers just trust us, instead of weighing us down with meaningless process and red tape’?   This may be a controversial perspective but I think we’ve gotten exactly what we deserve. We endure heavyweight change control procedures because when we make network changes we break stuff. We break stuff…

Read More Read More

VTY ACLs don't block HTTP/S access

VTY ACLs don't block HTTP/S access

I was doing some testing on a 3750X and saw that the http and http services were enabled. I knew that you could apply an ACL to restrict HTTP access, but had assumed that the HTTP security was an optional extra on top of the VTY ACL. I tested this … and found out I was wrong. Although http(s) uses the same inband access path as SSH, web admin is not restricted in any way by VTY ACLS. This will be quite obvious to…

Read More Read More

Link Utilisation Varies By Packet Size

Link Utilisation Varies By Packet Size

I said to a colleague recently, “you can’t get 100% link utilisation on an Ethernet link”. When I tried to explain myself I wished I could link to a simple blog post with a nice graph. So here’s a quick blog post with a nice graph. I have talked a little about link speed in a previous post, but I wanted expand on this and add a quick graph to back up the argument.

SPAN Scaling Challenge

SPAN Scaling Challenge

I’m facing a mini scaling challenge with Cisco SPAN (Switched Port ANalyzer) session and thought it would be good to share it with you fine folk. SPAN Challenge A 3750X switch is currently SPAN-ing a 10Gbps interface to a 1Gbps egress port. A server is directly attached and is using dump cap to capture a subset (5%) of the overall traffic for analysis. The 10G link under-utilised, but is running close to the 1Gbps traffic limit in the Rx direction. Tx traffic is very…

Read More Read More