Category Blog

Netlify Migration

This blog is now hosted via Netlify, rather than GitHub Pages. It is still built using Jekyll, but I updated the theme to Mediumish.

Website Migration Complete

I have completed migrating my website to GitHub Pages. URLs and RSS feed location should remain the same.

/bin/sh - checking for bash vs dash incompatibilities

I have been investigating a problem where an application would install on RHEL/CentOS, but not on Ubuntu. I tracked it down to a problem with shell scripts that assumed that /bin/sh...

IPv6 availability in New Zealand

IPv6 has been around a fair while, and we’re constantly encouraged to learn it and use it. I agree with the sentiment, but it’s been hard for most users when...

Loggly - Responsive Log Management

Cisco recently announced they have invested $10M into Loggly, a Cloud-based log management service. I had vaguely heard of Loggly before, but never properly investigated it. Let’s dive in and...

HP Communities - Enabling Full Post Content Email

The HP Communities forums offer email subscriptions for threads you’ve participated in, or all posts for a specific message board. By default these emails only contain the subject of the post,...

Loop detection - without STP

If you have a strong Cisco background, then you immediately think of Spanning Tree Protocol when you think of Layer 2 loop protection. Or if you’re keeping abreast of the...

VMware EVC Mode

Recently I’ve been doing more VMware work. It’s been a while, but it makes a nice change. At this site, we have 100+ hosts, and thousands of VMs. Recently we...

Technical Writing Home

Some of you may know me from my writings at northlandboyandhisgirl.com. That site works well for my travel writing, but right now I want to do a lot more technical...

Category Study

Resources for learning HP Comware

HP is making more resources available to help with learning Comware. They’ve added free labs and courses to the already published simulators and virtual routers. This is a good resource for those looking...

Using OmniFocus for CCDE Study

A reader asked how I use OmniFocus to help with studying for certification exams. Here’s how I’m using OmniFocus to help with CCDE study. This may not be the ‘best’...

Certifications - Should I Renew Them?

Getting a certification isn't like a degree - it expires. Each renewal cycle, you need to decide if it's worth putting in the effort to renew it. My advice: Think...

Maintaining Order: Tools and Tips

I’ve had a couple of questions come up about how I organise my life around work/study. I can’t promise all the answers, but I can relate what I’ve done over...

ITIL 2011 Foundation Certification

I recently passed the ITIL 2011 Foundation Certification. After all the stress and time-suckage that was CCIE study, this was remarkably pain-free. Ridiculously easy really - most of the study...

Category HP IMC

Add Brocade MLX & VDX Support to HP IMC

HP IMC 7.1 E0303P13 does not support configuration backups for Brocade MLX & VDX devices. But they do have an extensible model, so it’s easy to add support. Here’s how...

HP IMC Adapter Directory Naming

This week’s lesson: Be consistent with your vendor naming when working with HP IMC Custom Device Adapters. When you create the new adapter directory, use exactly the same vendor name...

HP IMC Silent Installation

HP IMC installation is normally a manual process, with plenty of clickey clickey clickey. This is OK for production systems, as most sites will only have one or maybe two IMC servers....

HP IMC 7.0 E0202: Steady Improvements

When I’m evaluating products, I’m more interested in their progression and development, than the exact feature list currently shipping. I like products that have a frequent release cycle, with a...

Can't Start HP IMC on Linux?

I was recently asked about how to start IMC on a Linux server. After the initial installation, the system had been restarted, and now IMC wasn’t running. How to start...

Help: IMC Doesn't Support My New Cisco Switch!

I’ve recently been asked about using IMC to backup newer Cisco devices, such as the 4500X, or 3850. HP has not yet validated the backup process for these devices, so...

IMC Compliance - Testing Rules

This article is Part 7 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...

IMC Compliance - Display Commands

This article is Part 6 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...

IMC Compliance - Recovery Commands

This article is Part 5 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...

IMC Compliance - Advanced Policies

This article is Part 4 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling...

IMC Compliance - Scheduling Tasks

This article is Part 3 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - IMC Compliance - Walkthrough Part 3 - This Article Part 4...

IMC Compliance - Walkthrough

This article is Part 2 in a 7-Part Series. Part 1 - IMC Compliance - Overview Part 2 - This Article Part 3 - IMC Compliance - Scheduling Tasks Part...

IMC Compliance - Overview

This article is Part 1 in a 7-Part Series. Part 1 - This Article Part 2 - IMC Compliance - Walkthrough Part 3 - IMC Compliance - Scheduling Tasks Part...

HP IMC 7.0 New Features Roundup

HP has released Version 7.0 of Intelligent Management Center. This is a significant upgrade from 5.2, and greatly modernises the interface. (In case you’re wondering, version 6 was never publicly...

HP IMC: Troubleshooting Device Backup Problems

HP IMC is great at backing up your switch configurations, but it can be very frustrating when it doesn’t work. Here’s a list of steps I go through when debugging...

IMC - Changing Predefined Device Model Definitions

IMC has a predefined list of over 6,000 devices. This list maps sysOIDs to devices, so when you add a new device to IMC, it will say “this is a...

Managing Hybrid Networks

The most interesting talk I attended at HP Discover in Las Vegas this year was Ken Gott’s talk on “Management of Software Defined Networks and Hybrid Environments with HP IMC.”...

IMC - Clearing up Misconceptions about Templates

I’d just like to clear up a little confusion that people have about HP IMC templates, and how they are used. Templates can be used to define credentials for different...

IMC NTA Licensing - Watch the Fine Print

HP IMC has an optional add-on module for NetFlow/sFlow Analysis called “Network Traffic Analyzer (NTA).” This comes in 10-, 20- or 50-node license packs. Based on the license names, you...

HP2910al - fails to boot due to corrupt boot.ini

Recently I was upgrading an HP 2910al switch from 14.70 to 15.08.0012. I used IMC to load the new firmware, rebooted the device, waited…and nothing. Device went offline, and never...

IMC - test script for Cleanup_Parser

When developing IMC adapters, sometimes you have problems with parsing the output correctly. Adapters that use the CLI to retrieve a backup will have extra lines that creep in, such...

IMC - Device Adapters for Mikrotik and Netscaler

I’ve written basic versions of Device Adapters for IMC, to allow configuration backup of Miktrotik RouterOS-based systems, and Citrix Netscaler-based systems. I’ve also posted a modified Juniper adapter, with a...

Speaking at HP Discover 2013

HP Discover is HP’s showcase technology conference, bringing together speakers, presentations, partners and products from right across HP’s product line. It covers everything from laptops to servers and software. It’s...

HP IMC - Edition Comparison

HP IMC was originally offered in two editions - Standard and Enterprise. As of v5.2, there is also a “Basic” edition. The new “Basic” edition is feature-limited, aimed at smaller customers with...

IMC - Backups not working via Telnet?

Recently I was involved in a discussion on HP’s IMC Forum, where MohammadH needed help with IMC. One of the problems he had was switch backups not working properly. It...

HP IMC 5.1 Review

I wrote a review of HP’s Intelligent Management Center (IMC), at Packetpushers.net. I like the product, but it was not all glowing:

Category Security

Security - Just Another Risk

I made a conscious decision to move away from full-time information security work. I retain an interest, and try to keep up with developments, but I don’t want to be...

IPv6-test.com and SRX firewall policies

ipv6-test.com is a useful site for testing IPv4 & IPv6 connectivity. It checks that v4 & v6 are working as expected, and reports your browser v4/v6 preferences. It does have one...

Using Check Point Identity Awareness with NAT

Check Point Identity Awareness is problematic in environments that have multiple customers, overlapping private address space, and NAT. It can be done, if you understand the traffic flows, the connections needed,...

F5 APM, SRX and DTLS NAT Timeout

I have been having issues using the F5 APM client behind a Juniper SRX-110 using hide NAT. I believe I’ve tracked it down to the default timeout settings used for...

Check Point SmartLog - Recommended

Trigger warning for Check Point haters: I’m about to say nice things about Check Point.

Check Point - Don't Use the 'Install On' Column

I got caught out by Check Point’s “Install On” column recently. Most people don’t need this setting any more, but it’s still there for legacy reasons. Time to re-evaluate.

Check Point - Upgrade Without Dropping Connections

Check Point firewall upgrades have always been painful. The loss of connection state is a big part of this. Existing connections stop working, and many applications need restart. It looks like...

DNSSEC - Moving the Needle

The New Zealand ISP market is dominated by Spark, Vodafone & CallPus/Orcon. A side effect of this is that if one player does the Right Thing™, it really moves the...

War Stories: Unix Security

This article is Part 8 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

Juniper SRX-110H EoL

Somehow I missed this when it was announced, but the Juniper SRX-110H-VA is End of Life, and is no longer supported for new software releases.

Complexity vs Security

Many of the ‘security’ measures in our networks add complexity. That may be an acceptable tradeoff, if we make a meaningful difference to security. But often it feels like we...

Andrisoft Wanguard: Cost-Effective Network Visibility

Andrisoft Wansight and Wanguard are tools for network traffic monitoring, visibility, anomaly detection and response. I’ve used them, and think that they do a good job, for a reasonable price....

Using Firewalls for Policy Has Been a Disaster

Almost every SDN vendor today talks about policy, how they make it easy to express and enforce network policies. Cisco ACI, VMware NSX, Nuage Networks, OpenStack Congress, etc. This sounds...

Shellshock: One Month On

Shellshock was released a little over a month ago, to wide predictions of doom & gloom. But somehow the Internet survived, and we lurch on towards the next crisis. I...

Disappointed With Check Point

I have recently started working with Check Point products again, after a 5-year break. This has given me a different perspective on how they are progressing. It has been disappointing to...

CloudFlare: That Was Easy

I switched this blog over to using CloudFlare a few days ago. It’s all been pretty painless, and I highly recommend it to others.

War Stories: Dual-Vendor Firewall Strategy

This article is Part 4 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

War Stories: Check Point Meltdown

This article is Part 3 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

Kiwicon 7

Kiwicon 7 has just wrapped up in Wellington, New Zealand. Kiwicon is “New Zealand’s own Hacker Conference.” It’s a top-notch event that’s been running for 7 years now, and highly recommended...

'Black Tuesday' - Isn't it Just Business as Usual?

Microsoft patches are released on a (mostly) monthly cycle, and other vendors have started following suit. When this first happened, people treated it like a major event. But I think...

Squid with Dynamic SSL Cert and Kerberos Authentication

If you implement a proxy server for security reasons, you must implement SSL Intercept, or anyone can waltz on past your anti-virus, filtering, and content restrictions. For a previous employer,...

Category CCIE

CCIE Renewed Once More - Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months...

CCIE - Should I Renew?

It is 6 years since I passed the CCIE Lab Exam. The dreaded email has arrived:

CCIE Renewed Again - Exam 400-101 v5.1

It came around again: CCIE renewal. Last time I renewed, I wasn’t sure if I should do it again. But I gave in, passed the CCIE R&S Written Exam, and...

You can't put the future on hold

This article is Part 7 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...

CCIE Renewed - Exam 400-101

The problem with obtaining certifications is that you need to renew them. CCIE is no different - I first passed the lab in September 2012, and I was overdue for...

CCIEv5 DIAG Thoughts

The CCIE Routing & Switching v5 blueprint introduces a new module in the lab exam: DIAG. This section does not have any direct device access, but instead uses a variety...

CCIE Preparation: How Deep Do I Go?

This article is Part 6 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...

CCIE Preparation: Bootcamps

This article is Part 5 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...

CCIE Preparation: Lab Equipment

This article is Part 4 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors...

CCIE Preparation: Vendors and Workbooks

This article is Part 3 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - This Article Part...

CCIE Preparation: Study Processes and Scheduling

This article is Part 2 in a 7-Part Series. Part 1 - CCIE Preparation: Commitment Part 2 - This Article Part 3 - CCIE Preparation: Vendors and Workbooks Part 4...

CCIE Preparation: Commitment

This article is Part 1 in a 7-Part Series. Part 1 - This Article Part 2 - CCIE Preparation: Study Processes and Scheduling Part 3 - CCIE Preparation: Vendors and...

CCIE Version 5 Update

UPDATE 4/12/13 - this is now official - see https://learningnetwork.cisco.com/docs/DOC-22703. Once I’ve had a chance to digest the changes, I’ll post some thoughts.

CCIE: One Year On

Today marks one year since I passed CCIE Routing and Switching, and was branded number 36708. This is supposed to be a huge achievement, bringing fame and fortune, right? You’re supposed...

How Long Before CCIE SDN?

Cisco made some announcements about SDN certifications at Cisco Live US, in June this year. These didn’t seem to get a lot of attention at the time, perhaps due to...

CCIE R&S v5 Rumours and Speculation

Update: We’re getting closer to an official announcement, and this post is attracting a lot of hits - you probably want to read my latest post, which contains more info....

CCIE: Success!

This is from my post on northlandboy.com, shortly after passing the CCIE R&S lab on my second attempt:

CCIE Study: Narbik Bootcamp

From an earlier post on northlandboy.com, this was my review of the boot camp I attended as part of my CCIE study.

CCIE - First Lab Attempt Experience

This is from a post on northlandboy.com, shortly after my failed first CCIE lab attempt:

Category HP Master ASE

HP Master ASE VIP Support

HP has announced that HP Master ASE holders can now get VIP support. This is supposed to give me:

HP ASE - Network Architect v1

I’ve just passed the HP0-Y45 exam, which means I have completed the requirements for “HP ASE - Network Architect v1.”

HP Master ASE: HP0-Y37

I have just passed the HP exam “HP0-Y37: Migrating and Troubleshooting Networks.” This means I I have now passed all required exams for “HP Master ASE - Network Infrastructure 2011.”...

HP: Submit Proof of Certification

If you currently hold Cisco CCNA, CCNP or CCIE certification, you can use this as credit towards HP AIS, ASE and Master ASE certifications.

HP0-Y32 Exam Review

I have to pass two exams to complete HP Master ASE - Network Infrastructure. I recently passed the first of these, “HP0-Y32: Designing and Troubleshooting Open Standard Networks.”

HP0-Y32 Study Guide - Review and Errata

As part of my preparation for the “HP0-Y32: Designing and Troubleshooting Open Standard Networks” exam, I used the official study guide from HP Press: “HP ASE Network Infrastructure Official Certification...

HP Master ASE - Network Infrastructure

What is the “HP Master ASE - Network Infrastructure” certification?

HP Learner ID

For HP exams, you need a “Learner ID.” Apparently your HP Passport account is not enough, and they like to maintain separate databases. Just to confuse things. You will need...

Category NMS

Junos SNMP via Routing Instance

Juniper routing instances are very useful when you need separate routing tables on the one device, for example to separate customers. Junos lets you configure SNMP polling of routing instances,...

IXP Graphs are an Eyesore

Too many IXPs (and networkers in general) are using horrible outdated methods of graphing data. These are an ugly eyesore, and should be updated to something from this century. Big...

Using Telegraf, InfluxDB and Grafana to Monitor Network Statistics

Two years ago I wrote about how to use InfluxDB & Grafana for better visualization of network statistics. I still loathe MRTG graphs, but configuring InfluxSNMP was a bit of...

Savvius Insight and the use of Elastic

Last week Savvius announced upgraded versions of its Insight network visibility appliances. These have the usual performance and capacity increases you’d expect, and fill a nice gap in the market....

VRF-Aware SNMP on Brocade VDX

SNMP was not designed with VRFs in mind. Querying the routing table via SNMP did not take into account the idea of having multiple routing tables. But clearly it’s something...

netmiko support for Brocade ICX and MLXe

netmiko is a “Multi-vendor library to simplify Paramiko SSH connections to network devices,” written by Kirk Byers. It doesn’t solve all of your pain with dealing with CLI-only network devices,...

Configure the Brocade NOS REST API to use HTTPS

Brocade VDX switches have REST and NETCONF interfaces. The REST API uses the built-in HTTP server. By default, this uses plain-text HTTP. As of NOS 6.0, you can (and should!)...

Modifying Packet Captures with tcprewrite

Recently I wanted to look at the structure of sFlow packets. Of course I can read the specs, but it’s often easier to look at some real packets. So I set...

Brocade VDX SNMP Changes

Brocade tightened up some SNMP settings with NOS 6.0.x. This improves security, but it also means that you will need to modify your configuration if you upgrade. If you don’t,...

Using InfluxDB + Grafana to Display Network Statistics

I loathe MRTG graphs. They were cool in 2000, but now they’re showing their age. We have much better visualisation tools available, and we don’t need to be so aggressive...

Brocade BNA API

Brocade Network Advisor (BNA) has a REST API for accessing Fibre Channel-related data. The documentation includes a sample Python script showing how to connect to the API to retrieve Fabric info....

TruView Live Application Monitoring

Fluke Networks recently released TruView Live, a subscription-based service for monitoring internal & external applications. Tests can run from Fluke-managed cloud locations, your own systems, or from dedicated hardware appliances. I’ve been...

Unsupported BNA Hacks

Here’s a couple of quick hacks for working with Brocade Network Advisor. It’s unsupported, but you can run BNA on Ubuntu. You can also suppress the client-side JRE version mismatch...

NetBeez Review

NetBeez presented at Network Field Day 9, where they showed us their solution for distributed network performance monitoring. They gave the delegates a NetBeez agent to take home and test....

Indeni, Smart Advisors and Crowd-Sourcing

Monitoring needs to move on from traditional fault and performance polling. It should include identifying common misconfigurations and known faults. We’re all using the same technologies, so we’ve all got the...

NFD9 Prep: NetBeez

I’m reviewing the presenters for Network Field Day 9, in particular looking at those I’m not familiar with. NetBeez is one of those making their first Tech Field Day appearance....

Operations Manager to OMi Migration Path

HP has finally announced a migration path for Operations Manager to OMi. It’s about time too. This looks like a good path. If you want to stick with HP Software for managing...

Accurate Dependency Mapping - One Day?

Recently I’ve been thinking about Root Cause Analysis (RCA), and how it’s not perfect, but there may be hope for the future.

Increased MTTR is Good?

In Episode 167 of The Cloudcast - “Bringing Advanced Analytics to DevOps”, Dave Hayes brings up an interesting point about Mean Time to Resolution (MTTR). At about 8:30 in, he...

Root Cause Analysis - It's Not Perfect

Automated Root Cause Analysis promises a lot. High-end network monitoring systems promise that they can automatically isolate network problems, and only tell you about the thing that needs fixing. This sounds...

ThousandEyes - NOC for the Internet?

ThousandEyes is a network monitoring company that provides application performance visibility across the Internet. They don’t just show how an application is performing, but can identify where across the Internet issues...

HP OMW: Still Kicking, But Only Just

A year ago I asked “Has HP Abandoned Operations Manager?” There had been no significant development for a long time, and the signs were that HP was moving away from...

What Happens When 20 Programs Poll The Network?

Packetpushers show 198 was a great episode about Network Automation. At one point, Greg asks:

No Alarms May Not Mean No Problems

Network monitoring is often a reactive process. Engineers see an alarm, and take action. Alarms mean someone broke something, and it needs attention. Deal with the alarms, and all will...

SNMP Counters - Collection Interval Variation

Counter data types are commonly used in SNMP monitoring. They are extremely useful, but there’s a couple of caveats around how to use them. Here’s a couple of issues I’ve...

Getting More Information From Your Logs

Packet Pushers normally focuses on networking, but episode 192 covered “Logging Design and Best Practices.”  I often think about logging in the context of network management, so it was good...

Monitoring IPv6 vs IPv4 Traffic on Juniper SRX

I use a Juniper SRX 110 at home, and my ISP is enlightened enough to offer IPv6 by default to all customers. My devices are dual-stack, and I know that a...

Scalyr - More than Just Logs

Earlier this year I came across Scalyr, a newer player in the cloud-based log management scene. They’re taking a slightly different approach to products like Loggly and Splunk. I’ve been...

SNMP Community Strings - Don't Use '@'

A quick reminder - do not use the symbol ‘@’ in SNMPv1/2 community strings. I came across this again this week - it causes issues with monitoring some equipment, and...

ScienceLogic Database HA & DR

Previously I’ve looked at the overall ScienceLogic architecture, and HA options for the Collectors and UI. This post looks at DR and HA options for the core Database layer - the...

SolarWinds DPI - Looks Interesting

[UPDATE 26/6/14] This code is now available as a Release Candidate.

nxlog - Convert any text file to Syslog

Recently I’ve been converting a network from an agent-based monitoring system to an agentless system. One challenge was handling custom application logfiles. Most agent-based monitoring systems make it very easy...

Logging source-interface with VRFs

Some Cisco routers I work with use multiple VRFs. A specific VRF is used for management, and the loopback interface is in that VRF. All SNMP + SSH access is...

Cisco Prime Lack of Multivendor Support: Who Loses?

Recently I’ve been thinking about Cisco Prime Infrastructure, and Cisco’s continued resistance to supporting non-Cisco equipment. I’ve been wondering if this is good for Cisco, and if they should face...

Splunk Overview

This is a quick overview of Splunk - what it is, how it works, what makes it good, and how you might use it. I like Splunk, and I think...

Log Management - Overview

What is Log Management, and why should I care? Can’t I just grep through logs when I need to? Isn’t syslog on its own enough? This post will give an overview of...

NMS Primer 7: Going Beyond

This article is Part 7 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...

NMS Primer 6: Ongoing Feeding

This article is Part 6 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...

NMS Primer 5: Implementation

This article is Part 5 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...

NMS Primer 4: Main NMS Players

This article is Part 4 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...

NMS Primer 3: Choosing an NMS

This article is Part 3 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - NMS Primer 2: How Do They Work? Part...

NMS Primer 2: How Do They Work?

This article is Part 2 in a 7-Part Series. Part 1 - NMS Primer 1: What is an NMS? Part 2 - This Article Part 3 - NMS Primer 3:...

NMS Primer 1: What is an NMS?

This article is Part 1 in a 7-Part Series. Part 1 - This Article Part 2 - NMS Primer 2: How Do They Work? Part 3 - NMS Primer 3:...

OpenFlow implications for network monitoring

I’ve been reading more about OpenFlow recently, and something that was pointed out to me was that OpenFlow offers features that could give us deeper insights into our traffic flows,...

Should I Monitor My Service Provider?

How much monitoring should I do for services that I’ve outsourced? This question comes up frequently with my clients. They’ve paid someone else to manage a service for them, and...

Service Timestamps - make your log timestamps readable

The default logging style for Cisco IOS-based devices is to insert the system uptime in the log entry. This makes it basically useless. Here’s some typical log output:

Configuring Timezones on IOS, ProVision and Comware

Timezones can be complicated things - every country has its own set of rules around how to decide what time it currently is - and those rules change, frequently. Modern...

IMC - Network Discovery Methods

Auto-discovery can help you populate your NMS, and keep it up to date. HP IMC supports several methods of adding devices - either by manually adding them, or getting IMC...

WMI Corruption on Citrix XenApp Servers

The Windows WMI repository can become corrupted on Windows 2008 R2 servers being used with XenApp. WMI corruption can cause problems for monitoring systems, and potentially some applications. Here's how...

Has HP Abandoned Operations Manager?

HP Operations Manager has been around a long time in the Enterprise server management space. I first started working with it around 2001, and I’ve always had a soft spot...

IMC or NNMi - Which One is For Me?

This is a companion post to my review of the technical differences between NNMi and IMC. That one tried to stay focused on technical matters, but this post is more opinion-based....

HP IMC vs HP NNMi - Technical Differences

It can be hard to understand the differences between HP's NNMi and IMC. Both offer a great range of network management capabilities. Here I outline the technical similarities and differences...

HP SIM 7.2 Upgrade - SNMP polling fails

Recently I upgraded an HP SIM system from 7.1 to 7.2 on Windows 2008 R2. After the upgrade, SNMP discovery and data collection failed for all systems - servers, switches,...

Top 10 tips for Network Management

Many network faults I see are quite preventable, or could have been fixed far sooner, if basic network ‘hygiene’ had been maintained. Major faults are often the result of multiple...

Review: ScienceLogic

I’ve posted a review of ScienceLogic EM7 up at Packet Pushers: Review: ScienceLogic - One Tool to Rule Them All.

HP's Free Network Utilities - Why?

HP Software recently released 6 free network utilities and tools. Free stuff is good right? We all like free. But HP doesn’t do things out of the goodness of its...

Category Opinion

GitHub & Microsoft - It's OK

Microsoft buys GitHub, and most of the press has been pretty positive, even from those you might not expect.

Don't Rely on Long Support Lifecycles

I hate long support lifecycles for hardware and software. Yes, you should be able to buy a new iPhone or switch and use it for 3+ years. But some people...

Culture Shifts and Work Travel Learnings

I’ve seen a few Twitter threads recently about learning to live with the sudden plenty of working for tech companies. If you didn’t grow up that way, the adjustment takes...

Cloud: Not Just Someone Else's Computer

Cloud computing is a lot more than “someone else’s computer” and it annoys the hell out of me when people keep trotting out this tired old excuse. There is much...

It Takes a Village to Raise a Child

It takes a village to raise a child. Or so the old saying goes. Creating a product is the same. It takes more than small group of developers (or parents)...

Sorry, Network Jobs Are Changing

There’s a lot of angst in the networking community about programming, SDN, automation, and what it means for networking careers. Plenty of people will tell you don’t worry about it,...

Everything Has a Cost

Everything comes at a cost: steak dinners & pre-sales engineering has to get paid for somehow. That should be obvious to most. Feature requests also come at a cost, both...

SREcon, DevOpsDays and Seattle vs Sillicon Valley

I am the Product Manager for StackStorm. This gives me the opportunity to attend several industry events. This year I attended SREcon in San Francisco, and devopsdays Seattle. I found...

Formatting Matters

Using proper formatting can make it much easier to read code and log samples. Yet so many people don’t bother putting proper formatting around blocks of text. Take some time...

When the IPv6 Data Changes, so Should Your Opinion

Sky UK recently completed their rollout of IPv6. The uptake statistics are quite remarkable. If you think that people don’t have IPv6-capable devices, or that their home routers can’t handle...

Time to move away from HPE Software

If you are still using HPE Software, you should actively plan to migrate away. The recent divestiture does not look good to me - I think existing customers are going...

Stop using mobiles for conference calls

Stop using legacy mobile audio, especially for conference calls. There are better alternatives. You’re doing your customers and colleagues a disservice by using mobile audio. It’s time we moved on....

GCP, and Regaining Trust

Google is telling us they’re serious about the cloud. They’re hiring the right people, spending the big bucks, and even (gasp!) talking to customers! (Oh how that must stick in...

Networking's not so bad

Ivan’s post this week was a good reminder that other parts of IT aren’t perfect either. It’s not all roses on the other side of the fence. Networking has done...

Efficiency vs Effectiveness

I’ve been wondering about how we’re approaching networking change. We know we need to make things better. Are we changing the ‘right’ things? I’ve got a feeling that we’re not,...

Stretching the Container Metaphor

The Docker/shipping container metaphor is overdone. I don’t think people have fully thought through what it might mean if containers do the same thing to computing as they did to shipping....

Networking Pioneers, Settlers and Town Planners

Can we broadly separate Networking into Pioneers, Settlers, and Town Planners? I’ve been thinking about how to apply Simon Wardley’s PST model to networking. This leads to thinking about how...

Think Bigger

I get frustrated by those who take a narrow view of technology, and progress in general. They see things in terms of where they are now, and where they were....

Automate All The Things? Maybe Not

I’m fundamentally lazy. That’s why automation appeals: less work for me. Get the machine to do it instead. But automating everything isn’t always the right answer. Sometimes you need to...

Doing Community Programs Right

You know I’m not the biggest fan of vendor clubs (or influencer marketing programs, call them what you like). But if you’re going to do it, you might as well do...

Don't Underestimate Your Users

The “consumerisation of IT” has an interesting side-effect. Historically people mainly used computers for work. But now that many people have smartphones, tablets and laptops at home, their perception and understanding of technology...

Outsourcing Mistakes

Outsourcing is complex, and there are lots of ways it can go wrong, or simply fail to deliver. I’ve put together a list of things that I see going wrong...

Non-Functional Requirements

I’m currently reading and enjoying “The Practice of Cloud System Administration.” It doesn’t go into great depth in any one area, but it covers a range of design patterns and implementation...

Keep an Open Mind

We all know that IT changes rapidly, but we still don’t always accept what that means. Companies and technologies change over time, and good engineers recognise this. Poor engineers cling...

APIs Alone Aren't Enough

Yes, we know: Your product has an API. Yawn. Sorry for not getting excited. That’s just table stakes now. What I’m interested in is the pre-written integrations and code you...

In Praise of Support Lifecycles

If you’re just starting out working with ‘Enterprise’ products, you may not have come across Support Lifecycles. It’s important to know what these are, and how it affects you. They...

Utility-Based Pricing Troubles Me

Utility, or Consumption-Based pricing models offer an interesting way of matching costs to revenues. But if they’re not managed well, customer costs could blow out just trying to keep the...

Knowing Your Audience...and Showing It

We all know that you’re supposed to “Know Your Audience.” Doing so improves engagement, and avoids faux pas like “Suggested Tweets.” But recently I realised that this doesn’t have to be subtle....

No More Single Panes of Glass

The term “Single Pane of Glass” became something of a running joke during Network Field Day 8. The term has become over-used & abused, and it’s time we stopped using...

Vocus Acquisition of FX: Good for Customers?

Consolidation is happening in the New Zealand wholesale ISP market, with Vocus acquiring FX. Consolidation can lead to less competition, or it can strengthen it, by making players stronger and...

CPUG, and The Risk of Single-Admin Communities

CPUG, a Check Point user forum, is near death. The owner has been forced to get rid of it, but rather doing a graceful handover, it has been shut down...

Screen Scraping: Still Sucks

I’ve written before about “Why Screen Scraping Sucks.” Well, I can report that nothing has changed. It still sucks. This time I got caught out by the changed behaviour of...

Network Gear Pricing - Software vs Hardware

Network equipment pricing has traditionally been based around hardware, even though most of the cost comes from the software. Trends such as bare-metal switching will clarify this cost/price relationship. But are we...

Who Said Comments Are Dead?

We don’t see as many comments on blog posts these days, as most discussion has moved to other forums, such as Twitter or Google+. But this doesn’t mean that comments...

Cisco Political Comments - Why?

I freely admit to not truly understanding the American political/economic system. Sure, I get the general mechanics of it, but I don’t understand the subtle plays, and why people do certain...

Is Cisco Struggling with Their ACI Messaging?

Cisco ACI represents a significant shift in the way we approach networking. This sort of shift will need massive customer education to explain their new vision. I’m getting the impression...

How Not to Publish Documentation

Good documentation is critical to the success of any product. Write clear deployment & configuration information, and you’ll have a higher project success rate. Detailed command references and troubleshooting information...

Certs vs Code: SDN Culture Clash?

SDN career certifications are starting to emerge. Network engineers are well-used to certifications, and use them as a badge of marking progress. But developers prefer to focus on code, not...

Vendor Clubs: Watch Your Independence

Vendor ‘clubs’ or programs have troubled me for some time. They are not all bad, but I am concerned about the influence that vendors are trying to exert, and the...

Network Automation - Stop Fighting It

Network Engineers should be embracing the idea of automating away the drudgery of running a network. They should be looking for ways to ensure the network can dynamically change its...

Software Support - Are You Getting Value?

Companies pay a lot of money for software support. But do they always get value for it, and do vendors sometimes prolong the “supported” life of a product simply to...

HP Restricting Access to Server Firmware Updates

HP has announced that they will only provide firmware updates to customers with a valid warranty, Care Pack or support agreement. HP says:

Too Many Communities

I have come to realise that I’ve tried to take part in too many communities, and it’s getting me down. Too many forums filled with too much noise, too many...

SiteHost - Top-Notch Service

We needed a hosting provider that could deliver a platform to run a Virtual Appliance on. The issue was that we needed a reasonably high level of RAM, and we...

Pricing, Discounts and Support Costs

Pricing for Enterprise IT hardware and software can be a strange process, and settling on a vendor quote is a complicated dance. Junior engineers normally are more focused on technology,...

Openness Isn't Just About Code

When talking about “Open” in the context of technology, most people think about Open Source, Open APIs, Open documentation, etc. But there’s another facet too: being open about where your business...

Product Selection: It's Not Always The Best Technology

Many engineers assume that product selection is as simple as finding the product with the best combination of features that still comes in under budget. Should be easy, right? Err…so...

Building Strong Product Communities

Strong communities can make an enormous difference to the success or failure of a product or technology. Look at Linux, or VMware as good examples of a strong community. But...

Why Screen Scraping Sucks

There’s a lot of over-blown talk these days about APIs. Everyone wants one, everyone’s promising one. You might ask: “What’s the difference between using an API to put a port...

Accounting Models and Cloud Service

Everyone talks about how moving to Cloud-based services can reduce CapEx, and that you only “pay for what you need.” People seem to assume this is a Good Thing, and...

Help Me Do Business With You

A good customer of mine needs to replace their Service Desk system. Having a fair idea of their requirements, I asked them if they had looked at $(insert very well-known...

HP Discover Thoughts

I attended HP Discover in Las Vegas this year as a blogger and speaker, courtesy of HP. HP Discover is HP’s main technology conference. It’s held once a year in Las...

The Right People

In an age of instant world-wide communications, some might ask why we still need IT conferences. It turns out that no matter what people say, nothing beats being in the...

Review: Arse First Guide to Technical Blogging

Greg Ferro, of Etherealmind.com fame, has published a book on blogging: “The Arse First Method of Technical Blogging.” This covers his

Asking Questions on Forums the Right Way

I’ve spent a lot of time on technical and non-technical forums over the last 10+ years. I’ve written thousands of posts on places like CPUG, CPshared, Thorntree, Packetpushers, NetOps, HP...

Website Survey Popups - Please Make it Stop

Years ago, I was working at a large bank. It was a large site, with a lot of employees, so there was a staff member working full-time in the mail...

You Are Being Watched

A few weeks ago, I commented on Twitter that I was thinking about migrating from one product to a newly released product. It’s the sort of thing you do all the...

Apple's Mac App Store - Change Needed

When Apple launched the Mac App Store, I was quite interested in how it would work out. The App Store for iOS has been hugely successful, even if it is...

Category HP NNMi

HP NNMi 10.00 Released

HP NNMi version 10.0 has been released. This is a good release, with many usability enhancements. I’m pleased to see continued development, as the future nirvana of all-powerful software defined networks...

HP NNMi Licensing Changes

HP has made some changes to the way Network Node Manager (NNMi) is licensed. These changes are a Good Thing, as they address two key pain points - license calculation,...

HP-RAMS Relationship Ending

HP is discontinuing support for HP Route Analytics Management Software, aka RAMS. RAMS is an extremely powerful system for managing large networks, but it always struggled to fit in with...

NNMi - replacing LDAP SSL Certificate

NNMi can use LDAP for authenticating users, with or without SSL. Recently a customer changed the SSL certificate used on their LDAP server, which broke NNMi authentication. NNMi trusts one...

NNMi Free Edition

HP has recently released a free version of HP NNMi. This gives you a perpetual license to run NNMi, with some limitations. It’s not completely crippled freeware, and may be...

NNMi and Operations Manager integration issues

Watch out if you have HP NNMi integrated with HP Operations Manager, and you’re upgrading to the latest Operations Agent. I have a customer using HP Network Node Manager 9.22,...

Category Worklife

New Role with Valve

I have started a new role as a Network Engineer with Valve Corporation. My period of unemployment was short-lived, and I am gainfully employed once more.

Our Green Card Journey

We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we...

Replacement Strips for Screen Privacy Filter

I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my...

New Year, New Home

We have left the Bay Area, and headed North. We have moved to the Greater Seattle area - specifically the Eastside, between Bellevue and Redmond. We’ve given up the old...

GitHub & Microsoft - It's OK

Microsoft buys GitHub, and most of the press has been pretty positive, even from those you might not expect.

Don't Rely on Long Support Lifecycles

I hate long support lifecycles for hardware and software. Yes, you should be able to buy a new iPhone or switch and use it for 3+ years. But some people...

Culture Shifts and Work Travel Learnings

I’ve seen a few Twitter threads recently about learning to live with the sudden plenty of working for tech companies. If you didn’t grow up that way, the adjustment takes...

Extreme Transition At Last

It is now almost 12 months since the first announcement that Broadcom was to acquire Brocade, and sell off the IP parts of the business. It took another 6 months...

Recruiters: Must Try Harder

Right now, it’s an employee’s market in the Bay Area. Technology firms are growing, and they’re always trying to hire more people. So I regularly receive emails from recruiters. This...

War Stories: Always Check Your Inputs

The extremely irregular War Stories series returns, with an anecdote from 15 years ago, investigating a problem with a web app that only seemed to crash when one particular person...

News at Last: It's Extreme

We have news at last: Extreme Networks is acquiring Brocade’s Data Center Networking business. This includes the SLX, VDX and MLXe routing and switching product lines, Network Visibility and Analytics...

No Dress Code? AHAHAHAHAHA

Dress codes are funny things. Everyone in Silicon Valley likes to make out they are super-relaxed, and you can wear whatever you like. “We don’t have a dress code.” But...

Brocade Update: No Update

This blog has been quiet since my last post in November 2016, covering the announcement that Broadcom is acquiring Brocade, and selling off my part of the business. That was...

Brocadecom

The news is public: Broadcom is acquiring Brocade, my employer. Official announcement here, and some (unofficial) commentary here. What’s happening, and what does it mean for me? There’s limits to...

Don't Trust Hotel Currency Conversion

Experienced travelers will already know this, but it bears repeating: Don’t trust your hotel to perform currency conversions for credit card transactions. They will rip you off. Leave it to...

Relocated at last

Just a quick note to let you know that I am now based in the San Francisco Bay Area. After much preparation, and administrative hassle, everything is now sorted. My...

Travel Badge of Shame

All frequent flyers strive to the top tier of their program. Qantas Platinum, BA Gold, KrisFlyer Elite Gold, United Premier 1K. They all want that extra level of benefits, those...

War Stories: Backup NICs, DNS and AD

This article is Part 11 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

Help! My Boss is Scared of Automation!!!

A reader asked “What can I do if my boss won’t let me automate my tasks?” Sadly some people still have a fear of automating even common, well-understood tasks. They’re worried about...

Learning to Love Codenames

One of the things I struggled with when starting at a vendor was dealing with project codenames. There is no secret decoder ring - you have to learn the names the...

Sit Stand Desk Setup

I work from home these days. Therefore it’s important that I have a decent desk setup. My previous setup was pretty crappy, but I only worked from home part-time. I’ve...

War Stories: Closing out Projects

This article is Part 10 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

War Stories: ITIL Process vs Practice

This article is Part 9 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

Considering On-Call Pay

Let’s say you’ve been offered a new job. $70k base salary, with up to $20k per year extra for on-call duties. Great! $90k! That’s $10k more than my salary now! Sign me...

The Next Step: Brocade

I am happy to announce that I am now a Product Manager at Brocade. This is a big move for me, and one I am very excited about. I will get to work...

Musing: Generalist to Specialist and Back Again

Recently I’ve been musing on IT Generalists vs Specialists. We used to have more generalist roles, covering all parts of the stack. ITIL then pushed us towards greater specialisation. I...

Reminder: Solarized for Better Terminals

I have used the ”Solarized” colour scheme on my Mac for several years. This is:

What's In My Bag (Hint: not much)

Recently @BobMcCouch posted a photo of the contents of his bags. He’s got a lot of gear, including a hammer, and a dent-puller. He assures us that it’s for lifting tiles, but...

Rolling out Change

We all know that “Change is Hard.” But often we, as engineers, focus on the technical aspects of that change. How do I minimise customer impact while upgrading those routers?...

Headwinds, or Uphill?

As some of my readers know, I’ve done a fair bit of bike touring. Two of the challenges of bike touring are riding uphill, and riding into headwinds.

Christmas Change Freeze - Good or Bad?

We’re approaching Christmas, and for many of us, that means we’re about to enter an extended change freeze. This means an extended period when we shouldn’t change anything, hoping to improve stability. ITIL Change Management...

Wipebook - A Portable Whiteboard

It is a stereotype, but engineers really do like whiteboards. Problem is, you can’t carry one around with you. Plus there’s still a few unenlightened employers who don’t provide whiteboards....

Ops Work vs Project Work

There’s a constant tension between delivering new services, and running the existing services well. How do you figure out how to prioritise work between Operations tasks and Project work? Skewing...

Meeting Rules

Years ago a wise engineer gave me these rules for meetings:

Fixed-Price, or T&M?

Recently I posted about Rewarding Effort vs Results, how different contract structures can have different outcomes. This post covers Time & Materials vs Fixed-Price a little more, looking at pros & cons,...

Rewarding Effort vs Results

Sometimes we confuse effort with outcome. We think that hours spent are more important than outcomes achieved. Or we unintentionally create a system where effort is rewarded, rather than outcomes....

BYOD: Just another money-grab?

BYOD policies sound alluring. No more forced use of a crappy old corporate laptop - “hey look, we’ll let you choose whatever you want!” But I think it is a way to...

Don't Be Afraid of Changing Jobs

Some people are corporate survivors, sticking with one company for decades. Some people move around when it suits, while others would like to move, but are fearful of change. Here’s...

Let People Choose Their Own Tools

Why is it that people will pay a lot of money for a consultant’s time and expertise, but then hobble them by limiting the tools they can use?

Comparing Employment Relationships

I periodically re-evaluate my career, and my current position, and try to decide A) Should I change, and B) What sort of change should I make? One part of evaluating...

Choosing the Best Product for the Client or the Best for Me?

A Miktrotik course was held in my area recently, and I thought “They make some really cool stuff, and it’s amazing value. Maybe I should go on the course?” But then...

Keeping Calm: Don't Lose Face

I got angry and swore and shouted during a business meeting recently, when I felt someone was doing a poor job. Ultimately this reflected poorly on me, not the other...

Working with Project Managers

Technical people often have problems with Project Managers. It doesn’t have to be this way though - if you can each recognise the other’s strengths and weaknesses, you can work...

Technician vs Consultant Writing

Many engineers struggle with business writing. They get easily lost in detail, and produce tortured documents that are technically correct, but of little business value. This is classic “technician” or...

Public Speaking - Could Do Better

I spoke at HP Discover in Las Vegas this year, on IMC Customisation, with Chris Young, Aaron Paxson, and Rick Kauffman. Overall I felt it was OK, but we could...

Category Routing & Switching

Why Single-Port LAGs?

I recommend always using LACP for external connections. It will make your life easier, even when you only have a single connection. Here’s why we do it.

Enforcing First AS in BGP

The BGP RFCs state that external BGP peers should insert their own AS into the AS PATH advertised to eBGP peers. Some peers strip their AS, generally for commercial gain....

Juniper Version Selection

Picking the right Junos version is important. If you’re not familiar with Juniper, finding and downloading the right software package is confusing. Here’s some guidance on picking the right version....

New Juniper Rack Mount Kit

Juniper has a new enhanced four-post rack mount kit “JNP-4PST-RMK-1U-E” for their 1RU datacenter devices. It works with devices like the QFX5120 and PTX10001-36MR. It is much improved over the...

EX3400 Disk Space and Upgrades

The Juniper EX3400 switch series is a decent access switch. But a Product Manager chose to save $0.50 on COGS by choosing a 2GB disk. That’s just not enough space...

Juniper ARP Policer on PTX

I’ve written before about the default ARP policer on Juniper MX. It can create some odd failure conditions when you’re connected to noisy networks such as large Internet Exchanges. Junos...

Juniper i40e NVM Firmware Upgrade

Juniper Routing Engines with VM Host need an i40e NVM firmware upgrade. The procedure is a pain in the ass, and documentation is not great. But you can’t avoid the...

Juniper Direct vs Local Routes

Juniper routers consider a directly configured IP as a “direct” route, except when you use a /32 mask (for IPv4). Then it is a “local” route. This caused me some...

Juniper Default ARP Policer

Juniper devices have a default ARP policer that drops ARP requests and responses over 150kbps. By default, this is an aggregate policer that applies to all interfaces. This can lead...

Juniper Branch SRX LACP Weirdness

Juniper SRX 300 Series firewalls may stop forwarding traffic in some situations. The firewall says it is forwarding the traffic, but it doesn’t work. Monitoring traffic looks OK, ARP entries...

Juniper QFX10K IPFIX Gotchas

IPFIX is problematic on the Juniper QFX10K switches. Documentation is sparse, and doesn’t have a complete configuration. Behavior changes between versions in undocumented ways. Here’s a couple of things I...

Juniper MX Upgrades Causing Overheating

Juniper changed the way they do temperature management on MX240 and MX480 chassis devices, somewhere between 15.1 and 17.3. The net result is that your chassis might run hotter after...

QFX Upgrades - Check Host Version

I came across a situation where a software upgrade failed for some members in a Juniper QFX Virtual Chassis. There is a known issue with upgrades with a certain configuration...

IPv6 Trends, SixXS Sunset and Project Planning

Native IPv6 availability continues to increase, leading to the sunset of SixXS services. But it looks like we don’t like starting any major IPv6 rollouts around Christmas/New Years, but instead...

VRRP Skew Time (and always be learning...)

It’s funny how you can work with something for years, but miss a small detail. This week I learnt about Skew Time for VRRP. The reason for it is completely...

NZ IPv6 & DNSSEC Update

A year ago I published a table of New Zealand ISP IPv6 support. At the time support was fairly poor. I’m pleased to report that things have gotten better over the...

IPv6-based Wi-Fi Hotspots

Apple’s 2015 WWDC event included a great session on IPv6 & TCP changes coming with iOS 9. There is a related post to the IETF v6ops mailing list here. The...

Brocade PyNOS Python Libraries

PyNOS v1.1 has been published. This is a python library that simplifies automating Brocade VDX systems. It is built on top of ncclient, and uses NETCONF to communicate with the VDX...

It's 2015: 'Supports IPv6' should mean full support

It’s 2015. ARIN is finally out of IPv4 addresses, more than 20% of Google users in the US are using IPv6…and vendors are still doing a half-assed job with IPv6...

Brocade Certified vRouter Engineer

If you’ve visited the Brocade website recently, you’ve probably seen the “Free NFV Certification” banner. I signed up for this several months ago, but had put off completing the course. I...

IPv4 Address Transfer Prices Down?

Last year I wrote about the IPv4 Address Transfer Process. Recently I was involved in another IPv4 transfer. I was surprised to see that IPv4 prices have fallen in the...

F5 Data Groups, Wildcards and tmsh

Just a quick note about a problem I ran into with adding data groups to an F5 system using tmsh. I wanted to add a string data group containing a list...

The Year of IPv6?

IPv6 adoption has been slow. But I think it’s reaching a tipping point. I’m very close to calling 2015 “The year of IPv6.” There’s plenty of people who won’t believe...

VeloCloud & Information Brokerage

VeloCloud was the first presenter at Network Field Day 9. They are one of the new breed of SD-WAN vendors. I’m impressed by what they’re doing, and and the potential it...

NFD9: Cumulus Networks

Cumulus Networks gave a great presentation at Network Field Day 9. They presented their vision of how they’re working to improve networking. But they were also clear about what they...

NFD9 Prep: SD-WAN

Software Defined WAN, or SD-WAN, looks to be a theme of Network Field Day 9, with presenters such as CloudGenix and VeloCloud showing us their offerings. At first glance, SD-WAN...

Updated Big Switch Labs

Just a quick note to say that Big Switch have updated their demo lab system. This is an entirely virtual lab environment that simulates a Big Switch network. You can...

Network Field Day 9

I had a fantastic time at Network Field Day 8, and now I’ve been lucky enough to be invited back to NFD9 this February.

Rate my IOS?

Review schemes are useful for identifying good consumer products and applications. But that doesn’t mean that everything needs to prompt me to leave a review. Cisco has started prompting for reviews for IOS versions, but...

Big Switch Chaos Monkey Network Testing

Whenever you build a complex system, you need to test that it works as expected, including properly handling failures. It’s easy enough to do simple component failure testing, but harder to...

iRules/Tcl - Watch the Comments

It’s pretty common practice to ‘comment out’ lines in scripts. The code stays in place, but doesn’t get executed. Perfect for testing, when you might need more debug output, or you want...

War Stories: Cursed VLANs

This article is Part 7 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

Cumulus in the Campus?

Recently I’ve been idly speculating about how campus networking could be shaken up, with different cost and management models. A few recent podcasts have inspired some thoughts on how Cumulus Networks might fit...

HP SDN App Store Launches

HP’s SDN App Store has finally seen the light of day. This is intended to be a common platform for users and developers, to find and distributed real-world, practical SDN applications....

The Chassis Switch is Dead

The Chassis Switch is Dead. For most networks, chassis-based switches are no longer appropriate due to cost, inflexibility and risk. I see this as similar to servers, in that server...

Rant: Just stop it with the TFTP

TFTP was first defined in 1980. That is a very long time ago in IT, and while it’s had a good run, it’s time for network engineers to stop using...

War Stories: Gratuitous ARP and VRRP

This article is Part 6 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

HP2910al - Memory Leak with W.15.14.0007?

I have an HP 2910al switch in my lab. I was running firmware version W.15.12.0012, but needed to upgrade, to fix a bug where “~” gets added to the snmp...

HP Network Simulator - VirtualBox Version Issue

HP has released an updated Network Simulator. This uses VirtualBox to provide a hypervisor, as opposed to QEMU in earlier versions. When I tried it previously, it was unusably slow....

Network Field Day 8 - I'm Going!

I am lucky enough to be invited to attend Network Field Day 8 this September, in Silicon Valley. For 3 days, I get to hang out with some of the smartest people...

HPN Script Repository on GitHub

Dobias van Ingen is working to get an HP Networking scripting community together. This is to take advantage of various HPN scripting capabilities, such as:

APNIC - final 'final' /22 now available

APNIC entered their “final /8” phase in April 2011. From that time, new and existing APNIC members could request a maximum of one IPv4 /22 prefix. Once you had requested...

War Stories: Proxy ARP Auto-Configuration

This article is Part 5 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - War Stories: Switches Lying about Duplex Mismatches...

Proxy ARP Sucks

Proxy ARP was often used in network designs 10–15 years ago, to enable NAT. It helped get around some specific challenges, but it was always an administrative hassle, and caused...

Transparent Caching Won't Save Us

A recent Gigaom article asks: “Will transparent caching reshape the future of video on the internet?”

IOS-XR: Stuck between SNMP and SDN

SNMP may be outdated, and is definitely unloved, but it still serves a purpose. We’re moving to a new world, with new methods and data structures for interrogating and configuring...

SDN for Enterprise

SDN is the buzzword du jour in the networking industry, but it’s hard to make sense of what it might mean for “normal” people. Here’s my take on what SDN...

The Fibre Future is Coming

In New Zealand, one company controls the copper cabling delivered to houses. They sell access to Retail ISPs, at a fixed price. Individual customer connections are mapped through to the...

Best of Interop - Look at the Categorisation

The “Best of Interop 2014 Finalists” have been announced. Pretty much all the products and technologies that you would expect, but I found the categorisation interesting. As you’d expect, there’s...

Dell Fabric Manager & The Future for CCIEs

Network Field Day 7 had many interesting presentations and discussions. I’m still working through them all, but one from Dell caught my eye, where they declared that CCIEs were no...

IPv4 Address Transfer Process

IPv4 exhaustion is a real issue for large parts of the world. IPv6 is the long-term solution, but it doesn’t solve today’s problems facing ISPs. Alternatives are needed - either...

HP Simware - Comware OS Simulator

HP recently released “Simware”, a Comware network simulator that lets you create test networks of emulated Comware switches and routers. This can be used to create “virtual” networks, ideal for...

Meraki AP Trial

Cisco Meraki offers a free wireless AP to anyone who registers for a webinar about their products. I had given up on receiving my AP, but after a moan on...

HP VSR Portal Redirection

When implementing HP IMC UAM, you may need to redirect users to the IMC webserver, for device registration & configuration, and obtaining user 802.1x certificates. One method of doing this...

War Stories: Switches Lying about Duplex Mismatches

This article is Part 2 in a 12-Part Series. Part 1 - War Stories: Loops that Permanently Broke the Network Part 2 - This Article Part 3 - War Stories:...

HP Wireless Future: Reading the Tea Leaves

Recently I posted some speculation about where HP is going with their Comware and ProCurve networking lines. But what about the wireless gear? Where’s that going? As before, I have...

HP Comware vs ProCurve: Reading the Tea-Leaves

HP acquired 3Com in 2009. This added a large range of routing, switching and wireless networking to HP - but they already had existing ProCurve wired and wireless hardware. Clearly...

War Stories: Loops that Permanently Broke the Network

This article is Part 1 in a 12-Part Series. Part 1 - This Article Part 2 - War Stories: Switches Lying about Duplex Mismatches Part 3 - War Stories: Check...

The HP SDN APP Store - It Might Just Work

HP has been laying out their SDN vision over the last few months. They want to develop a complete SDN ecosystem, including an Open Standards-based network that can integrate with...

DHCPv6 on Juniper SRX-110 - Progress

Last year I posted about my frustrations with getting the DHCPv6 client working on a Juniper SRX-110. I am pleased to report that Juniper has now released 12.1X46-D10.2, which resolves...

SDN App Stores - My Network is not a Phone

I’ve been thinking a lot about HP’s SDN App Store approach. In case you missed it, HP’s vision is to deliver an App Store for SDN applications, similar to Apple’s...

HP VSR1000 - Getting Started

HP’s “VSR1000 Virtual Services Router” is now generally available. This was first announced at Interop Las Vegas in May, but it wasn’t until Interop NYC in September that it started...

DHCPv6 Client on Juniper SRX-110

Juniper recently released 12.1X45-D10 for the SRX-110. The key new feature for me was DHCPv6 Client support - finally! It’s still new, and buggy, and I wouldn’t rush it into...

Category ScienceLogic

ScienceLogic Global Network Manager

ScienceLogic 7.5 includes many enhancements and new features. One I’m interested in is “Global Manager” which can be used to massively scale out the ScienceLogic architecture. Here’s some more detail on...

Using Paramiko/Python with FortiMail

Fortinet makes an email security/anti-spam appliance called FortiMail. I wanted to collect spam and virus statistics from it, to integrate with our Network Monitoring Systems. Unfortunately the data is not exposed via SNMP or API,...

ScienceLogic Database HA & DR

Previously I’ve looked at the overall ScienceLogic architecture, and HA options for the Collectors and UI. This post looks at DR and HA options for the core Database layer - the...

ScienceLogic - Collector and UI HA

Earlier I looked at the basics of ScienceLogic EM7 architecture. I didn’t cover how to achieve HA or DR with ScienceLogic. The architecture offers a few options for doing this,...

ScienceLogic Architecture Overview

This is a basic overview of the ScienceLogic EM7 system architecture, describing the various components, their functions, and how they can be combined or split across multiple systems. I’ve been...

Network Monitoring Design Choices - Polling Distribution

Network monitoring systems poll devices periodically, and then calculate average rates across the poll interval. Selecting the right polling interval is important - too frequently, and low-end devices can’t keep...

ScienceLogic: Manually Running Dynamic Apps

ScienceLogic Dynamic Applications are policies that describe what data should be collected from managed systems, how it should be collected (SNMP, WMI, API, SQL, etc), how it should be presented,...

Category Open Source

The Difference Between Proper Devs and Me

I spend a lot of time poking around with code, and I can figure out most integration challenges, and simple code fixes. But I do not call myself a developer....

RPM Post-Upgrade Scripts

Something different today: Here’s something I learnt about RPM package management, and post-upgrade scripts. It turns out that they don’t work the way I thought they did. Post-uninstall commands are...

Category Automation

CLI Still Sucks for Automation

Using network CLI for automation has always been fragile. But it keeps surprising me with the way it breaks. This time, it was a combination of Ansible, Arista, replace: config...

More Ansible Modules for Extreme

We published Ansible modules for Extreme SLX devices earlier this year. Now we have modules covering all the main Extreme Switching & Routing product families - SLX, VDX, MLX, EXOS,...

Ansible - Don't be Afraid of a Little Python

This year I’ve written several Ansible modules. It wasn’t that hard, yet some people claimed they had been waiting “years” for those modules. There was nothing stopping anyone else doing...

Ansible for Extreme Devices

Here’s something I’ve been working on recently: Ansible modules for Extreme SLX switches & routers. Ansible is a popular automation framework, and with good reason: it has a low barrier...

Category Coding

CircleCI, Docker and Systemd

I have been battling to get the combination of CircleCI, Docker and systemd to play together. After much frustration, I have a workable solution. Machine Executor, privileged: true, cgroup passthrough,...