The Feynman Principle


Richard Feynman

Interviews often start with softball questions like…

So why are you interested in working for our company?

This question gives the candidate an easy way to warm-up and could give the interviewer some insights into the candidate. I’ve asked this question many time and sometimes heard a reply like..

I really want to learn about large scale networks. My current network is too small and is limiting my progress.

Continue reading

East West Segmentation With ACI


dome-664000_640East/west segmentation is required in the data center to protect backend networks from each other. Segmentation is often implemented using ACLs between VLANS on your core switch. The ACLS are maintained by network or security engineers but define the flows permitted between hosts or host classes. Continue reading

Redistribution of named and tagged static routes

Redistribute named and Tagged Static routesI always name my IOS static routes as a best practise. However I hit a syntax issue last week when I tried to combine the named static with a tag, then redistributing that tagged static route into OSPF. If you have issues redistributing a ‘named and tagged static’ then this may be the post for you.

The simplified config snippet below is configured on SW1 (cisco 3750X). This config will match all static routes tagged with ‘200’ and redistribute them into OSPF. I could have avoided this whole issue if I used a prefix list to match the routes, but I think tag-and-match is a more efficient and less-error prone approach.

Continue reading

SPAN Scaling Challenge

I’m facing a mini scaling challenge with Cisco SPAN (Switched Port ANalyzer) session and thought it would be good to share it with you fine folk.

SPAN Challenge

A 3750X switch is currently SPAN-ing a 10Gbps interface to a 1Gbps egress port. A server is directly attached and is using dump cap to capture a subset (5%) of the overall traffic for analysis.

The 10G link under-utilised, but is running close to the 1Gbps traffic limit in the Rx direction. Tx traffic is very low by comparison, but the SPAN session is capturing both directions.

The aggregated flow from both directions is overrunning the SPAN destination 1Gbps port. The challenge is to ensure we can continue to capture without discarding any interesting data. Let’s explore the options together.

Continue reading