All about networks

  • Programmable ASICs

    I love learning about network hardware, but I’ve always found it difficult to get detailed information on ASICS. We had a great presentation from Dave Zacks on the Cisco 3850 programmable ASIC at the Cisco Live Europe Tech Field Day event.

  • East West Segmentation With ACI

      East/west segmentation is required in the data center to protect backend networks from each other. Segmentation is often implemented using ACLs between VLANS on your core switch. The ACLS are maintained by network or security engineers but define the flows permitted between hosts or host classes.

  • Thoughts on leaving Amazon

    Hi All, I left Amazon in late 2015 to become an independent contractor. I took a contract working for a small managed service provider, which was closer to my home and offered a more family friendly schedule. It wasn’t an easy decision to make. I knew that I was going to miss some really cool colleagues,…

  • Redistribution of named and tagged static routes

    I always name my IOS static routes as a best practise. However I hit a syntax issue last week when I tried to combine the named static with a tag, then redistributing that tagged static route into OSPF. If you have issues redistributing a ‘named and tagged static’ then this may be the post for you.…

  • Basic network change control process

    Scenario: You are an engineer who runs a managed network on behalf of a customer. Your manager has asked you to create a change control process. Your customer and your manager will measure you only by the uptime or outages they experience, and don’t care what your process looks like. I’ve discussed why we need change control in a…

  • Network change – who is in control?

    Network Change Nothing sparks engineering debate quite as much as ‘network change control’. It’s one of those topics we love to hate. We feel buried by useless bureaucracy. We ask, ‘Why can’t our managers just trust us, instead of weighing us down with meaningless process and red tape’?   This may be a controversial perspective but…

  • VTY ACLs don't block HTTP/S access

    I was doing some testing on a 3750X and saw that the http and http services were enabled. I knew that you could apply an ACL to restrict HTTP access, but had assumed that the HTTP security was an optional extra on top of the VTY ACL. I tested this … and found out I was…

  • Link Utilisation Varies By Packet Size

    I said to a colleague recently, “you can’t get 100% link utilisation on an Ethernet link”. When I tried to explain myself I wished I could link to a simple blog post with a nice graph. So here’s a quick blog post with a nice graph. I have talked a little about link speed in…

  • SPAN Scaling Challenge

    I’m facing a mini scaling challenge with Cisco SPAN (Switched Port ANalyzer) session and thought it would be good to share it with you fine folk. SPAN Challenge A 3750X switch is currently SPAN-ing a 10Gbps interface to a 1Gbps egress port. A server is directly attached and is using dump cap to capture a subset (5%) of…

  • Four Trouble Ticket Survival Tips

    Sometimes the phrase ‘working the ticket queue’ is code for ‘doing meaningless work’. If you find yourself playing whack-a-mole with your ticket queue, then this is the post for you. You should strive to do meaningful work and this post discusses some ways to get more value out of the trouble ticketing process. 

Got any book recommendations?