Reserved Internal Address Ranges
I’ve added a new question to my own network integration checklist, specifically when integrating chassis-based or integrated solutions: Does the system use any reserved internal address ranges?
Programmable ASICs
I love learning about network hardware, but I’ve always found it difficult to get detailed information on ASICS. We had a great presentation from Dave Zacks on the Cisco 3850 programmable ASIC at the Cisco Live Europe Tech Field Day event.
East West Segmentation With ACI
East/west segmentation is required in the data center to protect backend networks from each other. Segmentation is often implemented using ACLs between VLANS on your core switch. The ACLS are maintained by network or security engineers but define the flows permitted between hosts or host classes.
Redistribution of named and tagged static routes
I always name my IOS static routes as a best practise. However I hit a syntax issue last week when I tried to combine the named static with a tag, then redistributing that tagged static route into OSPF. If you have issues redistributing a ‘named and tagged static’ then this may be the post for you. The simplified config snippet below is configured on SW1 (cisco 3750X). This config will match all static routes tagged with ‘200’ and redistribute them into…
SPAN Scaling Challenge
I’m facing a mini scaling challenge with Cisco SPAN (Switched Port ANalyzer) session and thought it would be good to share it with you fine folk. SPAN Challenge A 3750X switch is currently SPAN-ing a 10Gbps interface to a 1Gbps egress port. A server is directly attached and is using dump cap to capture a subset (5%) of the overall traffic for analysis. The 10G link under-utilised, but is running close to the 1Gbps traffic limit in the Rx direction. Tx traffic is very…
Planning projects instead of burning benjamins
Engineers are often unstuck by poor planning and get hit with large financial penalties as a result. Projects can become mired in delays and complications due to unforeseen costs and expenses. There are some unavoidable bumps in the road, but most could be foreseen and eliminated in advance. I want to share a few tips based on some experiences I’ve had over the years.
Design – Security involvement in design and audit stage
Designed to fail Security audits are a fantastic way to improve the security of your network. A good auditor can highlight critical flaws in your design and configuration before they are launched into the big bad world. However I think there is a massive issue with security audits; they are designed to fail.
Career – The network rockstar and the checklist
We’re in the midst of a networking boom at the moment and new technologies are being released at a rapid pace. So much so that network engineers need a suite of knowledge management tools to navigate the daily deluge of articles, documents, twikis and notes. That said, how much of your day-to-day activities are markedly different than they were two years ago? As I see it, the role of the network engineer is largely unchanged. One still has to gather…
Design – Pushing for true network requirements
All too often we engineers end up blindly actioning tasks without questioning the true requirements driving the request. Even if you are ‘efficient’ at deployment, doing the wrong task well is not ‘effectiveness’. Picture the scene when a project manager walks into your workspace. “Hey junior-engineer-I’ve-never-seen-before, I need to you to install a 3750E-48TS in the Phoenix branch office. It’s a straighforward task, so I expect it complete by Friday.”
Cut-through, corruption and CRC-stomping
Corrupted frames are the devils spawn. A few noisy links causing frame corruption can quickly degrade network performance, and troubleshooting them is getting harder. These integrity errors generally occur when signal noise causes a binary ‘1’ to be mistaken for a binary ‘0’ or vice-versa. This post takes a look at integrity errors and the impacts of corrupted frames in a cut-through switched network. Throughout this post I’ll use the term ‘CRC errors’ term to refer to frame integrity errors which…