Category Blog
This blog is now hosted via Netlify, rather than GitHub Pages. It is still built using Jekyll, but I updated the theme to Mediumish.
I have completed migrating my website to GitHub Pages. URLs and RSS feed location should remain the same.
I have been investigating a problem where an application would install on RHEL/CentOS, but not on Ubuntu. I tracked it down to a problem with shell scripts that assumed that /bin/sh...
IPv6 has been around a fair while, and we’re constantly encouraged to learn it and use it. I agree with the sentiment, but it’s been hard for most users when...
Cisco recently announced they have invested $10M into Loggly, a Cloud-based log management service. I had vaguely heard of Loggly before, but never properly investigated it. Let’s dive in and...
The HP Communities forums offer email subscriptions for threads you’ve participated in, or all posts for a specific message board. By default these emails only contain the subject of the post,...
If you have a strong Cisco background, then you immediately think of Spanning Tree Protocol when you think of Layer 2 loop protection. Or if you’re keeping abreast of the...
Recently I’ve been doing more VMware work. It’s been a while, but it makes a nice change. At this site, we have 100+ hosts, and thousands of VMs. Recently we...
Some of you may know me from my writings at northlandboyandhisgirl.com. That site works well for my travel writing, but right now I want to do a lot more technical...
Category Study
HP is making more resources available to help with learning Comware. They’ve added free labs and courses to the already published simulators and virtual routers. This is a good resource for those looking...
A reader asked how I use OmniFocus to help with studying for certification exams. Here’s how I’m using OmniFocus to help with CCDE study. This may not be the ‘best’...
Getting a certification isn't like a degree - it expires. Each renewal cycle, you need to decide if it's worth putting in the effort to renew it. My advice: Think...
I’ve had a couple of questions come up about how I organise my life around work/study. I can’t promise all the answers, but I can relate what I’ve done over...
I recently passed the ITIL 2011 Foundation Certification. After all the stress and time-suckage that was CCIE study, this was remarkably pain-free. Ridiculously easy really - most of the study...
Category HP IMC
HP IMC 7.1 E0303P13 does not support configuration backups for Brocade MLX & VDX devices. But they do have an extensible model, so it’s easy to add support. Here’s how...
This week’s lesson: Be consistent with your vendor naming when working with HP IMC Custom Device Adapters. When you create the new adapter directory, use exactly the same vendor name...
HP IMC installation is normally a manual process, with plenty of clickey clickey clickey. This is OK for production systems, as most sites will only have one or maybe two IMC servers....
When I’m evaluating products, I’m more interested in their progression and development, than the exact feature list currently shipping. I like products that have a frequent release cycle, with a...
I was recently asked about how to start IMC on a Linux server. After the initial installation, the system had been restarted, and now IMC wasn’t running. How to start...
I’ve recently been asked about using IMC to backup newer Cisco devices, such as the 4500X, or 3850. HP has not yet validated the backup process for these devices, so...
This article is Part 7 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...
This article is Part 6 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...
This article is Part 5 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...
This article is Part 4 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...
This article is Part 3 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - This Article Part 4...
This article is Part 2 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - This Article Part 3 - IMC Compliance - Scheduling Tasks Part...
This article is Part 1 in a 7-Part Series. Part 1 - This Article Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling Tasks Part...
HP has released Version 7.0 of Intelligent Management Center. This is a significant upgrade from 5.2, and greatly modernises the interface. (In case you’re wondering, version 6 was never publicly...
HP IMC is great at backing up your switch configurations, but it can be very frustrating when it doesn’t work. Here’s a list of steps I go through when debugging...
IMC has a predefined list of over 6,000 devices. This list maps sysOIDs to devices, so when you add a new device to IMC, it will say “this is a...
The most interesting talk I attended at HP Discover in Las Vegas this year was Ken Gott’s talk on “Management of Software Defined Networks and Hybrid Environments with HP IMC.”...
I’d just like to clear up a little confusion that people have about HP IMC templates, and how they are used. Templates can be used to define credentials for different...
HP IMC has an optional add-on module for NetFlow/sFlow Analysis called “Network Traffic Analyzer (NTA).” This comes in 10-, 20- or 50-node license packs. Based on the license names, you...
Recently I was upgrading an HP 2910al switch from 14.70 to 15.08.0012. I used IMC to load the new firmware, rebooted the device, waited…and nothing. Device went offline, and never...
When developing IMC adapters, sometimes you have problems with parsing the output correctly. Adapters that use the CLI to retrieve a backup will have extra lines that creep in, such...
I’ve written basic versions of Device Adapters for IMC, to allow configuration backup of Miktrotik RouterOS-based systems, and Citrix Netscaler-based systems. I’ve also posted a modified Juniper adapter, with a...
HP Discover is HP’s showcase technology conference, bringing together speakers, presentations, partners and products from right across HP’s product line. It covers everything from laptops to servers and software. It’s...
HP IMC was originally offered in two editions - Standard and Enterprise. As of v5.2, there is also a “Basic” edition. The new “Basic” edition is feature-limited, aimed at smaller customers with...
Recently I was involved in a discussion on HP’s IMC Forum, where MohammadH needed help with IMC. One of the problems he had was switch backups not working properly. It...
I wrote a review of HP’s Intelligent Management Center (IMC), at Packetpushers.net. I like the product, but it was not all glowing:
Category Security
I made a conscious decision to move away from full-time information security work. I retain an interest, and try to keep up with developments, but I don’t want to be...
ipv6-test.com is a useful site for testing IPv4 & IPv6 connectivity. It checks that v4 & v6 are working as expected, and reports your browser v4/v6 preferences. It does have one...
Check Point Identity Awareness is problematic in environments that have multiple customers, overlapping private address space, and NAT. It can be done, if you understand the traffic flows, the connections needed,...
I have been having issues using the F5 APM client behind a Juniper SRX-110 using hide NAT. I believe I’ve tracked it down to the default timeout settings used for...
Trigger warning for Check Point haters: I’m about to say nice things about Check Point.
I got caught out by Check Point’s “Install On” column recently. Most people don’t need this setting any more, but it’s still there for legacy reasons. Time to re-evaluate.
Check Point firewall upgrades have always been painful. The loss of connection state is a big part of this. Existing connections stop working, and many applications need restart. It looks like...
The New Zealand ISP market is dominated by Spark, Vodafone & CallPus/Orcon. A side effect of this is that if one player does the Right Thing™, it really moves the...
This article is Part 8 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
Somehow I missed this when it was announced, but the Juniper SRX-110H-VA is End of Life, and is no longer supported for new software releases.
Many of the ‘security’ measures in our networks add complexity. That may be an acceptable tradeoff, if we make a meaningful difference to security. But often it feels like we...
Andrisoft Wansight and Wanguard are tools for network traffic monitoring, visibility, anomaly detection and response. I’ve used them, and think that they do a good job, for a reasonable price....
Almost every SDN vendor today talks about policy, how they make it easy to express and enforce network policies. Cisco ACI, VMware NSX, Nuage Networks, OpenStack Congress, etc. This sounds...
Shellshock was released a little over a month ago, to wide predictions of doom & gloom. But somehow the Internet survived, and we lurch on towards the next crisis. I...
I have recently started working with Check Point products again, after a 5-year break. This has given me a different perspective on how they are progressing. It has been disappointing to...
I switched this blog over to using CloudFlare a few days ago. It’s all been pretty painless, and I highly recommend it to others.
This article is Part 4 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
This article is Part 3 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
Kiwicon 7 has just wrapped up in Wellington, New Zealand. Kiwicon is “New Zealand’s own Hacker Conference.” It’s a top-notch event that’s been running for 7 years now, and highly recommended...
Microsoft patches are released on a (mostly) monthly cycle, and other vendors have started following suit. When this first happened, people treated it like a major event. But I think...
If you implement a proxy server for security reasons, you must implement SSL Intercept, or anyone can waltz on past your anti-virus, filtering, and content restrictions. For a previous employer,...
Category CCIE
I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months...
It is 6 years since I passed the CCIE Lab Exam. The dreaded email has arrived:
It came around again: CCIE renewal. Last time I renewed, I wasn’t sure if I should do it again. But I gave in, passed the CCIE R&S Written Exam, and...
This article is Part 7 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...
The problem with obtaining certifications is that you need to renew them. CCIE is no different - I first passed the lab in September 2012, and I was overdue for...
The CCIE Routing & Switching v5 blueprint introduces a new module in the lab exam: DIAG. This section does not have any direct device access, but instead uses a variety...
This article is Part 6 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...
This article is Part 5 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...
This article is Part 4 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...
This article is Part 3 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - This Article Part...
This article is Part 2 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - This Article Part 3 - CCIE Preparation: Vendors and Workbooks Part 4...
This article is Part 1 in a 7-Part Series. Part 1 - This Article Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors and...
UPDATE 4/12/13 - this is now official - see https://learningnetwork.cisco.com/docs/DOC-22703. Once I’ve had a chance to digest the changes, I’ll post some thoughts.
Today marks one year since I passed CCIE Routing and Switching, and was branded number 36708. This is supposed to be a huge achievement, bringing fame and fortune, right? You’re supposed...
Cisco made some announcements about SDN certifications at Cisco Live US, in June this year. These didn’t seem to get a lot of attention at the time, perhaps due to...
Update: We’re getting closer to an official announcement, and this post is attracting a lot of hits - you probably want to read my latest post, which contains more info....
This is from my post on northlandboy.com, shortly after passing the CCIE R&S lab on my second attempt:
From an earlier post on northlandboy.com, this was my review of the boot camp I attended as part of my CCIE study.
This is from a post on northlandboy.com, shortly after my failed first CCIE lab attempt:
Category HP Master ASE
HP has announced that HP Master ASE holders can now get VIP support. This is supposed to give me:
I’ve just passed the HP0-Y45 exam, which means I have completed the requirements for “HP ASE - Network Architect v1.”
I have just passed the HP exam “HP0-Y37: Migrating and Troubleshooting Networks.” This means I I have now passed all required exams for “HP Master ASE - Network Infrastructure 2011.”...
If you currently hold Cisco CCNA, CCNP or CCIE certification, you can use this as credit towards HP AIS, ASE and Master ASE certifications.
I have to pass two exams to complete HP Master ASE - Network Infrastructure. I recently passed the first of these, “HP0-Y32: Designing and Troubleshooting Open Standard Networks.”
As part of my preparation for the “HP0-Y32: Designing and Troubleshooting Open Standard Networks” exam, I used the official study guide from HP Press: “HP ASE Network Infrastructure Official Certification...
What is the “HP Master ASE - Network Infrastructure” certification?
For HP exams, you need a “Learner ID.” Apparently your HP Passport account is not enough, and they like to maintain separate databases. Just to confuse things. You will need...
Category NMS
Juniper routing instances are very useful when you need separate routing tables on the one device, for example to separate customers. Junos lets you configure SNMP polling of routing instances,...
Too many IXPs (and networkers in general) are using horrible outdated methods of graphing data. These are an ugly eyesore, and should be updated to something from this century. Big...
Two years ago I wrote about how to use InfluxDB & Grafana for better visualization of network statistics. I still loathe MRTG graphs, but configuring InfluxSNMP was a bit of...
Last week Savvius announced upgraded versions of its Insight network visibility appliances. These have the usual performance and capacity increases you’d expect, and fill a nice gap in the market....
SNMP was not designed with VRFs in mind. Querying the routing table via SNMP did not take into account the idea of having multiple routing tables. But clearly it’s something...
netmiko is a “Multi-vendor library to simplify Paramiko SSH connections to network devices,” written by Kirk Byers. It doesn’t solve all of your pain with dealing with CLI-only network devices,...
Brocade VDX switches have REST and NETCONF interfaces. The REST API uses the built-in HTTP server. By default, this uses plain-text HTTP. As of NOS 6.0, you can (and should!)...
Recently I wanted to look at the structure of sFlow packets. Of course I can read the specs, but it’s often easier to look at some real packets. So I set...
Brocade tightened up some SNMP settings with NOS 6.0.x. This improves security, but it also means that you will need to modify your configuration if you upgrade. If you don’t,...
I loathe MRTG graphs. They were cool in 2000, but now they’re showing their age. We have much better visualisation tools available, and we don’t need to be so aggressive...
Brocade Network Advisor (BNA) has a REST API for accessing Fibre Channel-related data. The documentation includes a sample Python script showing how to connect to the API to retrieve Fabric info....
Fluke Networks recently released TruView Live, a subscription-based service for monitoring internal & external applications. Tests can run from Fluke-managed cloud locations, your own systems, or from dedicated hardware appliances. I’ve been...
Here’s a couple of quick hacks for working with Brocade Network Advisor. It’s unsupported, but you can run BNA on Ubuntu. You can also suppress the client-side JRE version mismatch...
NetBeez presented at Network Field Day 9, where they showed us their solution for distributed network performance monitoring. They gave the delegates a NetBeez agent to take home and test....
Monitoring needs to move on from traditional fault and performance polling. It should include identifying common misconfigurations and known faults. We’re all using the same technologies, so we’ve all got the...
I’m reviewing the presenters for Network Field Day 9, in particular looking at those I’m not familiar with. NetBeez is one of those making their first Tech Field Day appearance....
HP has finally announced a migration path for Operations Manager to OMi. It’s about time too. This looks like a good path. If you want to stick with HP Software for managing...
Recently I’ve been thinking about Root Cause Analysis (RCA), and how it’s not perfect, but there may be hope for the future.
In Episode 167 of The Cloudcast - “Bringing Advanced Analytics to DevOps”, Dave Hayes brings up an interesting point about Mean Time to Resolution (MTTR). At about 8:30 in, he...
Automated Root Cause Analysis promises a lot. High-end network monitoring systems promise that they can automatically isolate network problems, and only tell you about the thing that needs fixing. This sounds...
ThousandEyes is a network monitoring company that provides application performance visibility across the Internet. They don’t just show how an application is performing, but can identify where across the Internet issues...
A year ago I asked “Has HP Abandoned Operations Manager?” There had been no significant development for a long time, and the signs were that HP was moving away from...
Packetpushers show 198 was a great episode about Network Automation. At one point, Greg asks:
Network monitoring is often a reactive process. Engineers see an alarm, and take action. Alarms mean someone broke something, and it needs attention. Deal with the alarms, and all will...
Counter data types are commonly used in SNMP monitoring. They are extremely useful, but there’s a couple of caveats around how to use them. Here’s a couple of issues I’ve...
Packet Pushers normally focuses on networking, but episode 192 covered “Logging Design and Best Practices.” I often think about logging in the context of network management, so it was good...
I use a Juniper SRX 110 at home, and my ISP is enlightened enough to offer IPv6 by default to all customers. My devices are dual-stack, and I know that a...
Earlier this year I came across Scalyr, a newer player in the cloud-based log management scene. They’re taking a slightly different approach to products like Loggly and Splunk. I’ve been...
A quick reminder - do not use the symbol ‘@’ in SNMPv1/2 community strings. I came across this again this week - it causes issues with monitoring some equipment, and...
Previously I’ve looked at the overall ScienceLogic architecture, and HA options for the Collectors and UI. This post looks at DR and HA options for the core Database layer - the...
[UPDATE 26/6/14] This code is now available as a Release Candidate.
Recently I’ve been converting a network from an agent-based monitoring system to an agentless system. One challenge was handling custom application logfiles. Most agent-based monitoring systems make it very easy...
Some Cisco routers I work with use multiple VRFs. A specific VRF is used for management, and the loopback interface is in that VRF. All SNMP + SSH access is...
Recently I’ve been thinking about Cisco Prime Infrastructure, and Cisco’s continued resistance to supporting non-Cisco equipment. I’ve been wondering if this is good for Cisco, and if they should face...
This is a quick overview of Splunk - what it is, how it works, what makes it good, and how you might use it. I like Splunk, and I think...
What is Log Management, and why should I care? Can’t I just grep through logs when I need to? Isn’t syslog on its own enough? This post will give an overview of...
This article is Part 7 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...
This article is Part 6 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...
This article is Part 5 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...
This article is Part 4 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...
This article is Part 3 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...
This article is Part 2 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - This Article Part 3 - NMS Primer 3:...
This article is Part 1 in a 7-Part Series. Part 1 - This Article Part 2 - NMS Primer 2: How Do They Work? Part 3 - NMS Primer 3:...
I’ve been reading more about OpenFlow recently, and something that was pointed out to me was that OpenFlow offers features that could give us deeper insights into our traffic flows,...
How much monitoring should I do for services that I’ve outsourced? This question comes up frequently with my clients. They’ve paid someone else to manage a service for them, and...
The default logging style for Cisco IOS-based devices is to insert the system uptime in the log entry. This makes it basically useless. Here’s some typical log output:
Timezones can be complicated things - every country has its own set of rules around how to decide what time it currently is - and those rules change, frequently. Modern...
Auto-discovery can help you populate your NMS, and keep it up to date. HP IMC supports several methods of adding devices - either by manually adding them, or getting IMC...
The Windows WMI repository can become corrupted on Windows 2008 R2 servers being used with XenApp. WMI corruption can cause problems for monitoring systems, and potentially some applications. Here's how...
HP Operations Manager has been around a long time in the Enterprise server management space. I first started working with it around 2001, and I’ve always had a soft spot...
This is a companion post to my review of the technical differences between NNMi and IMC. That one tried to stay focused on technical matters, but this post is more opinion-based....
It can be hard to understand the differences between HP's NNMi and IMC. Both offer a great range of network management capabilities. Here I outline the technical similarities and differences...
Recently I upgraded an HP SIM system from 7.1 to 7.2 on Windows 2008 R2. After the upgrade, SNMP discovery and data collection failed for all systems - servers, switches,...
Many network faults I see are quite preventable, or could have been fixed far sooner, if basic network ‘hygiene’ had been maintained. Major faults are often the result of multiple...
I’ve posted a review of ScienceLogic EM7 up at Packet Pushers: Review: ScienceLogic - One Tool to Rule Them All.
HP Software recently released 6 free network utilities and tools. Free stuff is good right? We all like free. But HP doesn’t do things out of the goodness of its...
Category Opinion
Microsoft buys GitHub, and most of the press has been pretty positive, even from those you might not expect.
I hate long support lifecycles for hardware and software. Yes, you should be able to buy a new iPhone or switch and use it for 3+ years. But some people...
I’ve seen a few Twitter threads recently about learning to live with the sudden plenty of working for tech companies. If you didn’t grow up that way, the adjustment takes...
Cloud computing is a lot more than “someone else’s computer” and it annoys the hell out of me when people keep trotting out this tired old excuse. There is much...
It takes a village to raise a child. Or so the old saying goes. Creating a product is the same. It takes more than small group of developers (or parents)...
There’s a lot of angst in the networking community about programming, SDN, automation, and what it means for networking careers. Plenty of people will tell you don’t worry about it,...
Everything comes at a cost: steak dinners & pre-sales engineering has to get paid for somehow. That should be obvious to most. Feature requests also come at a cost, both...
I am the Product Manager for StackStorm. This gives me the opportunity to attend several industry events. This year I attended SREcon in San Francisco, and devopsdays Seattle. I found...
Using proper formatting can make it much easier to read code and log samples. Yet so many people don’t bother putting proper formatting around blocks of text. Take some time...
Sky UK recently completed their rollout of IPv6. The uptake statistics are quite remarkable. If you think that people don’t have IPv6-capable devices, or that their home routers can’t handle...
If you are still using HPE Software, you should actively plan to migrate away. The recent divestiture does not look good to me - I think existing customers are going...
Stop using legacy mobile audio, especially for conference calls. There are better alternatives. You’re doing your customers and colleagues a disservice by using mobile audio. It’s time we moved on....
Google is telling us they’re serious about the cloud. They’re hiring the right people, spending the big bucks, and even (gasp!) talking to customers! (Oh how that must stick in...
Ivan’s post this week was a good reminder that other parts of IT aren’t perfect either. It’s not all roses on the other side of the fence. Networking has done...
I’ve been wondering about how we’re approaching networking change. We know we need to make things better. Are we changing the ‘right’ things? I’ve got a feeling that we’re not,...
The Docker/shipping container metaphor is overdone. I don’t think people have fully thought through what it might mean if containers do the same thing to computing as they did to shipping....
Can we broadly separate Networking into Pioneers, Settlers, and Town Planners? I’ve been thinking about how to apply Simon Wardley’s PST model to networking. This leads to thinking about how...
I get frustrated by those who take a narrow view of technology, and progress in general. They see things in terms of where they are now, and where they were....
I’m fundamentally lazy. That’s why automation appeals: less work for me. Get the machine to do it instead. But automating everything isn’t always the right answer. Sometimes you need to...
You know I’m not the biggest fan of vendor clubs (or influencer marketing programs, call them what you like). But if you’re going to do it, you might as well do...
The “consumerisation of IT” has an interesting side-effect. Historically people mainly used computers for work. But now that many people have smartphones, tablets and laptops at home, their perception and understanding of technology...
Outsourcing is complex, and there are lots of ways it can go wrong, or simply fail to deliver. I’ve put together a list of things that I see going wrong...
I’m currently reading and enjoying “The Practice of Cloud System Administration.” It doesn’t go into great depth in any one area, but it covers a range of design patterns and implementation...
We all know that IT changes rapidly, but we still don’t always accept what that means. Companies and technologies change over time, and good engineers recognise this. Poor engineers cling...
Yes, we know: Your product has an API. Yawn. Sorry for not getting excited. That’s just table stakes now. What I’m interested in is the pre-written integrations and code you...
If you’re just starting out working with ‘Enterprise’ products, you may not have come across Support Lifecycles. It’s important to know what these are, and how it affects you. They...
Utility, or Consumption-Based pricing models offer an interesting way of matching costs to revenues. But if they’re not managed well, customer costs could blow out just trying to keep the...
We all know that you’re supposed to “Know Your Audience.” Doing so improves engagement, and avoids faux pas like “Suggested Tweets.” But recently I realised that this doesn’t have to be subtle....
The term “Single Pane of Glass” became something of a running joke during Network Field Day 8. The term has become over-used & abused, and it’s time we stopped using...
Consolidation is happening in the New Zealand wholesale ISP market, with Vocus acquiring FX. Consolidation can lead to less competition, or it can strengthen it, by making players stronger and...
CPUG, a Check Point user forum, is near death. The owner has been forced to get rid of it, but rather doing a graceful handover, it has been shut down...
I’ve written before about “Why Screen Scraping Sucks.” Well, I can report that nothing has changed. It still sucks. This time I got caught out by the changed behaviour of...
Network equipment pricing has traditionally been based around hardware, even though most of the cost comes from the software. Trends such as bare-metal switching will clarify this cost/price relationship. But are we...
We don’t see as many comments on blog posts these days, as most discussion has moved to other forums, such as Twitter or Google+. But this doesn’t mean that comments...
I freely admit to not truly understanding the American political/economic system. Sure, I get the general mechanics of it, but I don’t understand the subtle plays, and why people do certain...
Cisco ACI represents a significant shift in the way we approach networking. This sort of shift will need massive customer education to explain their new vision. I’m getting the impression...
Good documentation is critical to the success of any product. Write clear deployment & configuration information, and you’ll have a higher project success rate. Detailed command references and troubleshooting information...
SDN career certifications are starting to emerge. Network engineers are well-used to certifications, and use them as a badge of marking progress. But developers prefer to focus on code, not...
Vendor ‘clubs’ or programs have troubled me for some time. They are not all bad, but I am concerned about the influence that vendors are trying to exert, and the...
Network Engineers should be embracing the idea of automating away the drudgery of running a network. They should be looking for ways to ensure the network can dynamically change its...
Companies pay a lot of money for software support. But do they always get value for it, and do vendors sometimes prolong the “supported” life of a product simply to...
HP has announced that they will only provide firmware updates to customers with a valid warranty, Care Pack or support agreement. HP says:
I have come to realise that I’ve tried to take part in too many communities, and it’s getting me down. Too many forums filled with too much noise, too many...
We needed a hosting provider that could deliver a platform to run a Virtual Appliance on. The issue was that we needed a reasonably high level of RAM, and we...
Pricing for Enterprise IT hardware and software can be a strange process, and settling on a vendor quote is a complicated dance. Junior engineers normally are more focused on technology,...
When talking about “Open” in the context of technology, most people think about Open Source, Open APIs, Open documentation, etc. But there’s another facet too: being open about where your business...
Many engineers assume that product selection is as simple as finding the product with the best combination of features that still comes in under budget. Should be easy, right? Err…so...
Strong communities can make an enormous difference to the success or failure of a product or technology. Look at Linux, or VMware as good examples of a strong community. But...
There’s a lot of over-blown talk these days about APIs. Everyone wants one, everyone’s promising one. You might ask: “What’s the difference between using an API to put a port...
Everyone talks about how moving to Cloud-based services can reduce CapEx, and that you only “pay for what you need.” People seem to assume this is a Good Thing, and...
A good customer of mine needs to replace their Service Desk system. Having a fair idea of their requirements, I asked them if they had looked at $(insert very well-known...
I attended HP Discover in Las Vegas this year as a blogger and speaker, courtesy of HP. HP Discover is HP’s main technology conference. It’s held once a year in Las...
In an age of instant world-wide communications, some might ask why we still need IT conferences. It turns out that no matter what people say, nothing beats being in the...
Greg Ferro, of Etherealmind.com fame, has published a book on blogging: “The Arse First Method of Technical Blogging.” This covers his
I’ve spent a lot of time on technical and non-technical forums over the last 10+ years. I’ve written thousands of posts on places like CPUG, CPshared, Thorntree, Packetpushers, NetOps, HP...
Years ago, I was working at a large bank. It was a large site, with a lot of employees, so there was a staff member working full-time in the mail...
A few weeks ago, I commented on Twitter that I was thinking about migrating from one product to a newly released product. It’s the sort of thing you do all the...
When Apple launched the Mac App Store, I was quite interested in how it would work out. The App Store for iOS has been hugely successful, even if it is...
Category HP NNMi
HP NNMi version 10.0 has been released. This is a good release, with many usability enhancements. I’m pleased to see continued development, as the future nirvana of all-powerful software defined networks...
HP has made some changes to the way Network Node Manager (NNMi) is licensed. These changes are a Good Thing, as they address two key pain points - license calculation,...
HP is discontinuing support for HP Route Analytics Management Software, aka RAMS. RAMS is an extremely powerful system for managing large networks, but it always struggled to fit in with...
NNMi can use LDAP for authenticating users, with or without SSL. Recently a customer changed the SSL certificate used on their LDAP server, which broke NNMi authentication. NNMi trusts one...
HP has recently released a free version of HP NNMi. This gives you a perpetual license to run NNMi, with some limitations. It’s not completely crippled freeware, and may be...
Watch out if you have HP NNMi integrated with HP Operations Manager, and you’re upgrading to the latest Operations Agent. I have a customer using HP Network Node Manager 9.22,...
Category Worklife
I have started a new role as a Network Engineer with Valve Corporation. My period of unemployment was short-lived, and I am gainfully employed once more.
We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we...
I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my...
We have left the Bay Area, and headed North. We have moved to the Greater Seattle area - specifically the Eastside, between Bellevue and Redmond. We’ve given up the old...
Microsoft buys GitHub, and most of the press has been pretty positive, even from those you might not expect.
I hate long support lifecycles for hardware and software. Yes, you should be able to buy a new iPhone or switch and use it for 3+ years. But some people...
I’ve seen a few Twitter threads recently about learning to live with the sudden plenty of working for tech companies. If you didn’t grow up that way, the adjustment takes...
It is now almost 12 months since the first announcement that Broadcom was to acquire Brocade, and sell off the IP parts of the business. It took another 6 months...
Right now, it’s an employee’s market in the Bay Area. Technology firms are growing, and they’re always trying to hire more people. So I regularly receive emails from recruiters. This...
The extremely irregular War Stories series returns, with an anecdote from 15 years ago, investigating a problem with a web app that only seemed to crash when one particular person...
We have news at last: Extreme Networks is acquiring Brocade’s Data Center Networking business. This includes the SLX, VDX and MLXe routing and switching product lines, Network Visibility and Analytics...
Dress codes are funny things. Everyone in Silicon Valley likes to make out they are super-relaxed, and you can wear whatever you like. “We don’t have a dress code.” But...
This blog has been quiet since my last post in November 2016, covering the announcement that Broadcom is acquiring Brocade, and selling off my part of the business. That was...
The news is public: Broadcom is acquiring Brocade, my employer. Official announcement here, and some (unofficial) commentary here. What’s happening, and what does it mean for me? There’s limits to...
Experienced travelers will already know this, but it bears repeating: Don’t trust your hotel to perform currency conversions for credit card transactions. They will rip you off. Leave it to...
Just a quick note to let you know that I am now based in the San Francisco Bay Area. After much preparation, and administrative hassle, everything is now sorted. My...
All frequent flyers strive to the top tier of their program. Qantas Platinum, BA Gold, KrisFlyer Elite Gold, United Premier 1K. They all want that extra level of benefits, those...
This article is Part 11 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
A reader asked “What can I do if my boss won’t let me automate my tasks?” Sadly some people still have a fear of automating even common, well-understood tasks. They’re worried about...
One of the things I struggled with when starting at a vendor was dealing with project codenames. There is no secret decoder ring - you have to learn the names the...
I work from home these days. Therefore it’s important that I have a decent desk setup. My previous setup was pretty crappy, but I only worked from home part-time. I’ve...
This article is Part 10 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
This article is Part 9 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
Let’s say you’ve been offered a new job. $70k base salary, with up to $20k per year extra for on-call duties. Great! $90k! That’s $10k more than my salary now! Sign me...
I am happy to announce that I am now a Product Manager at Brocade. This is a big move for me, and one I am very excited about. I will get to work...
Recently I’ve been musing on IT Generalists vs Specialists. We used to have more generalist roles, covering all parts of the stack. ITIL then pushed us towards greater specialisation. I...
I have used the ”Solarized” colour scheme on my Mac for several years. This is:
Recently @BobMcCouch posted a photo of the contents of his bags. He’s got a lot of gear, including a hammer, and a dent-puller. He assures us that it’s for lifting tiles, but...
We all know that “Change is Hard.” But often we, as engineers, focus on the technical aspects of that change. How do I minimise customer impact while upgrading those routers?...
As some of my readers know, I’ve done a fair bit of bike touring. Two of the challenges of bike touring are riding uphill, and riding into headwinds.
We’re approaching Christmas, and for many of us, that means we’re about to enter an extended change freeze. This means an extended period when we shouldn’t change anything, hoping to improve stability. ITIL Change Management...
It is a stereotype, but engineers really do like whiteboards. Problem is, you can’t carry one around with you. Plus there’s still a few unenlightened employers who don’t provide whiteboards....
There’s a constant tension between delivering new services, and running the existing services well. How do you figure out how to prioritise work between Operations tasks and Project work? Skewing...
Years ago a wise engineer gave me these rules for meetings:
Recently I posted about Rewarding Effort vs Results, how different contract structures can have different outcomes. This post covers Time & Materials vs Fixed-Price a little more, looking at pros & cons,...
Sometimes we confuse effort with outcome. We think that hours spent are more important than outcomes achieved. Or we unintentionally create a system where effort is rewarded, rather than outcomes....
BYOD policies sound alluring. No more forced use of a crappy old corporate laptop - “hey look, we’ll let you choose whatever you want!” But I think it is a way to...
Some people are corporate survivors, sticking with one company for decades. Some people move around when it suits, while others would like to move, but are fearful of change. Here’s...
Why is it that people will pay a lot of money for a consultant’s time and expertise, but then hobble them by limiting the tools they can use?
I periodically re-evaluate my career, and my current position, and try to decide A) Should I change, and B) What sort of change should I make? One part of evaluating...
A Miktrotik course was held in my area recently, and I thought “They make some really cool stuff, and it’s amazing value. Maybe I should go on the course?” But then...
I got angry and swore and shouted during a business meeting recently, when I felt someone was doing a poor job. Ultimately this reflected poorly on me, not the other...
Technical people often have problems with Project Managers. It doesn’t have to be this way though - if you can each recognise the other’s strengths and weaknesses, you can work...
Many engineers struggle with business writing. They get easily lost in detail, and produce tortured documents that are technically correct, but of little business value. This is classic “technician” or...
I spoke at HP Discover in Las Vegas this year, on IMC Customisation, with Chris Young, Aaron Paxson, and Rick Kauffman. Overall I felt it was OK, but we could...
Category Routing & Switching
I’ve written before about choosing a Juniper version. Juniper has a new release process. Well, two actually - the new official process, and what they’re actually doing…
I recommend always using LACP for external connections. It will make your life easier, even when you only have a single connection. Here’s why we do it.
The BGP RFCs state that external BGP peers should insert their own AS into the AS PATH advertised to eBGP peers. Some peers strip their AS, generally for commercial gain....
Picking the right Junos version is important. If you’re not familiar with Juniper, finding and downloading the right software package is confusing. Here’s some guidance on picking the right version....
Juniper has a new enhanced four-post rack mount kit “JNP-4PST-RMK-1U-E” for their 1RU datacenter devices. It works with devices like the QFX5120 and PTX10001-36MR. It is much improved over the...
The Juniper EX3400 switch series is a decent access switch. But a Product Manager chose to save $0.50 on COGS by choosing a 2GB disk. That’s just not enough space...
I’ve written before about the default ARP policer on Juniper MX. It can create some odd failure conditions when you’re connected to noisy networks such as large Internet Exchanges. Junos...
Juniper Routing Engines with VM Host need an i40e NVM firmware upgrade. The procedure is a pain in the ass, and documentation is not great. But you can’t avoid the...
Juniper routers consider a directly configured IP as a “direct” route, except when you use a /32 mask (for IPv4). Then it is a “local” route. This caused me some...
Juniper devices have a default ARP policer that drops ARP requests and responses over 150kbps. By default, this is an aggregate policer that applies to all interfaces. This can lead...
Juniper SRX 300 Series firewalls may stop forwarding traffic in some situations. The firewall says it is forwarding the traffic, but it doesn’t work. Monitoring traffic looks OK, ARP entries...
IPFIX is problematic on the Juniper QFX10K switches. Documentation is sparse, and doesn’t have a complete configuration. Behavior changes between versions in undocumented ways. Here’s a couple of things I...
Juniper changed the way they do temperature management on MX240 and MX480 chassis devices, somewhere between 15.1 and 17.3. The net result is that your chassis might run hotter after...
I came across a situation where a software upgrade failed for some members in a Juniper QFX Virtual Chassis. There is a known issue with upgrades with a certain configuration...
Native IPv6 availability continues to increase, leading to the sunset of SixXS services. But it looks like we don’t like starting any major IPv6 rollouts around Christmas/New Years, but instead...
It’s funny how you can work with something for years, but miss a small detail. This week I learnt about Skew Time for VRRP. The reason for it is completely...
A year ago I published a table of New Zealand ISP IPv6 support. At the time support was fairly poor. I’m pleased to report that things have gotten better over the...
Apple’s 2015 WWDC event included a great session on IPv6 & TCP changes coming with iOS 9. There is a related post to the IETF v6ops mailing list here. The...
PyNOS v1.1 has been published. This is a python library that simplifies automating Brocade VDX systems. It is built on top of ncclient, and uses NETCONF to communicate with the VDX...
It’s 2015. ARIN is finally out of IPv4 addresses, more than 20% of Google users in the US are using IPv6…and vendors are still doing a half-assed job with IPv6...
If you’ve visited the Brocade website recently, you’ve probably seen the “Free NFV Certification” banner. I signed up for this several months ago, but had put off completing the course. I...
Last year I wrote about the IPv4 Address Transfer Process. Recently I was involved in another IPv4 transfer. I was surprised to see that IPv4 prices have fallen in the...
Just a quick note about a problem I ran into with adding data groups to an F5 system using tmsh. I wanted to add a string data group containing a list...
IPv6 adoption has been slow. But I think it’s reaching a tipping point. I’m very close to calling 2015 “The year of IPv6.” There’s plenty of people who won’t believe...
VeloCloud was the first presenter at Network Field Day 9. They are one of the new breed of SD-WAN vendors. I’m impressed by what they’re doing, and and the potential it...
Cumulus Networks gave a great presentation at Network Field Day 9. They presented their vision of how they’re working to improve networking. But they were also clear about what they...
Software Defined WAN, or SD-WAN, looks to be a theme of Network Field Day 9, with presenters such as CloudGenix and VeloCloud showing us their offerings. At first glance, SD-WAN...
Just a quick note to say that Big Switch have updated their demo lab system. This is an entirely virtual lab environment that simulates a Big Switch network. You can...
I had a fantastic time at Network Field Day 8, and now I’ve been lucky enough to be invited back to NFD9 this February.
Review schemes are useful for identifying good consumer products and applications. But that doesn’t mean that everything needs to prompt me to leave a review. Cisco has started prompting for reviews for IOS versions, but...
Whenever you build a complex system, you need to test that it works as expected, including properly handling failures. It’s easy enough to do simple component failure testing, but harder to...
It’s pretty common practice to ‘comment out’ lines in scripts. The code stays in place, but doesn’t get executed. Perfect for testing, when you might need more debug output, or you want...
This article is Part 7 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
Recently I’ve been idly speculating about how campus networking could be shaken up, with different cost and management models. A few recent podcasts have inspired some thoughts on how Cumulus Networks might fit...
HP’s SDN App Store has finally seen the light of day. This is intended to be a common platform for users and developers, to find and distributed real-world, practical SDN applications....
The Chassis Switch is Dead. For most networks, chassis-based switches are no longer appropriate due to cost, inflexibility and risk. I see this as similar to servers, in that server...
TFTP was first defined in 1980. That is a very long time ago in IT, and while it’s had a good run, it’s time for network engineers to stop using...
This article is Part 6 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
I have an HP 2910al switch in my lab. I was running firmware version W.15.12.0012, but needed to upgrade, to fix a bug where “~” gets added to the snmp...
HP has released an updated Network Simulator. This uses VirtualBox to provide a hypervisor, as opposed to QEMU in earlier versions. When I tried it previously, it was unusably slow....
I am lucky enough to be invited to attend Network Field Day 8 this September, in Silicon Valley. For 3 days, I get to hang out with some of the smartest people...
Dobias van Ingen is working to get an HP Networking scripting community together. This is to take advantage of various HPN scripting capabilities, such as:
APNIC entered their “final /8” phase in April 2011. From that time, new and existing APNIC members could request a maximum of one IPv4 /22 prefix. Once you had requested...
This article is Part 5 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...
Proxy ARP was often used in network designs 10–15 years ago, to enable NAT. It helped get around some specific challenges, but it was always an administrative hassle, and caused...
A recent Gigaom article asks: “Will transparent caching reshape the future of video on the internet?”
SNMP may be outdated, and is definitely unloved, but it still serves a purpose. We’re moving to a new world, with new methods and data structures for interrogating and configuring...
SDN is the buzzword du jour in the networking industry, but it’s hard to make sense of what it might mean for “normal” people. Here’s my take on what SDN...
In New Zealand, one company controls the copper cabling delivered to houses. They sell access to Retail ISPs, at a fixed price. Individual customer connections are mapped through to the...
The “Best of Interop 2014 Finalists” have been announced. Pretty much all the products and technologies that you would expect, but I found the categorisation interesting. As you’d expect, there’s...
Network Field Day 7 had many interesting presentations and discussions. I’m still working through them all, but one from Dell caught my eye, where they declared that CCIEs were no...
IPv4 exhaustion is a real issue for large parts of the world. IPv6 is the long-term solution, but it doesn’t solve today’s problems facing ISPs. Alternatives are needed - either...
HP recently released “Simware”, a Comware network simulator that lets you create test networks of emulated Comware switches and routers. This can be used to create “virtual” networks, ideal for...
Cisco Meraki offers a free wireless AP to anyone who registers for a webinar about their products. I had given up on receiving my AP, but after a moan on...
When implementing HP IMC UAM, you may need to redirect users to the IMC webserver, for device registration & configuration, and obtaining user 802.1x certificates. One method of doing this...
This article is Part 2 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - This Article Part 3 - War Stories:...
Recently I posted some speculation about where HP is going with their Comware and ProCurve networking lines. But what about the wireless gear? Where’s that going? As before, I have...
HP acquired 3Com in 2009. This added a large range of routing, switching and wireless networking to HP - but they already had existing ProCurve wired and wireless hardware. Clearly...
This article is Part 1 in a 12-Part Series. Part 1 - This Article Part 2 - War Stories: Switches Lying about Duplex Mismatches Part 3 - War Stories: Check...
HP has been laying out their SDN vision over the last few months. They want to develop a complete SDN ecosystem, including an Open Standards-based network that can integrate with...
Last year I posted about my frustrations with getting the DHCPv6 client working on a Juniper SRX-110. I am pleased to report that Juniper has now released 12.1X46-D10.2, which resolves...
I’ve been thinking a lot about HP’s SDN App Store approach. In case you missed it, HP’s vision is to deliver an App Store for SDN applications, similar to Apple’s...
HP’s “VSR1000 Virtual Services Router” is now generally available. This was first announced at Interop Las Vegas in May, but it wasn’t until Interop NYC in September that it started...
Juniper recently released 12.1X45-D10 for the SRX-110. The key new feature for me was DHCPv6 Client support - finally! It’s still new, and buggy, and I wouldn’t rush it into...
Category ScienceLogic
ScienceLogic 7.5 includes many enhancements and new features. One I’m interested in is “Global Manager” which can be used to massively scale out the ScienceLogic architecture. Here’s some more detail on...
Fortinet makes an email security/anti-spam appliance called FortiMail. I wanted to collect spam and virus statistics from it, to integrate with our Network Monitoring Systems. Unfortunately the data is not exposed via SNMP or API,...
Previously I’ve looked at the overall ScienceLogic architecture, and HA options for the Collectors and UI. This post looks at DR and HA options for the core Database layer - the...
Earlier I looked at the basics of ScienceLogic EM7 architecture. I didn’t cover how to achieve HA or DR with ScienceLogic. The architecture offers a few options for doing this,...
This is a basic overview of the ScienceLogic EM7 system architecture, describing the various components, their functions, and how they can be combined or split across multiple systems. I’ve been...
Network monitoring systems poll devices periodically, and then calculate average rates across the poll interval. Selecting the right polling interval is important - too frequently, and low-end devices can’t keep...
ScienceLogic Dynamic Applications are policies that describe what data should be collected from managed systems, how it should be collected (SNMP, WMI, API, SQL, etc), how it should be presented,...
Category Open Source
I spend a lot of time poking around with code, and I can figure out most integration challenges, and simple code fixes. But I do not call myself a developer....
Something different today: Here’s something I learnt about RPM package management, and post-upgrade scripts. It turns out that they don’t work the way I thought they did. Post-uninstall commands are...
Category Automation
Using network CLI for automation has always been fragile. But it keeps surprising me with the way it breaks. This time, it was a combination of Ansible, Arista, replace: config...
We published Ansible modules for Extreme SLX devices earlier this year. Now we have modules covering all the main Extreme Switching & Routing product families - SLX, VDX, MLX, EXOS,...
This year I’ve written several Ansible modules. It wasn’t that hard, yet some people claimed they had been waiting “years” for those modules. There was nothing stopping anyone else doing...
Here’s something I’ve been working on recently: Ansible modules for Extreme SLX switches & routers. Ansible is a popular automation framework, and with good reason: it has a low barrier...
Category Coding
I have been battling to get the combination of CircleCI, Docker and systemd to play together. After much frustration, I have a workable solution. Machine Executor, privileged: true, cgroup passthrough,...
