It’s no secret that I’m a fan of the model Arista Networks is using to make gear and provide innovative services and products. In my opinion, they’re changing the landscape of campus and data center networking gear. I’m always a fan of the little guy trying to change the world and this falls under that category. For those that don’t know, Arista Networks is a “hardware” networking company that is using merchant silicon wrapped in their custom linux based…
Lab Time
A bit of back history: I came from BSD land. I was a FreeBSD user from way back in the 1990s. BSD land is a land of secure boxes and very high uptimes. It’s also a land of arguably clunky package support, a lot of compiling by hand and these days, not nearly as encompassing package and network tuning support. I decided to move to Linux”) a while ago, reluctantly, and chose Debian as my flavor of choice. I do love debian, however, I very quiuckly realized that even debian is a bit of…
Starting from a base CentOS system with nothing configured, and referencing the CentOS wiki, here is how I like to set up a headless virtualbox environment: Disable selinux. It’s overly cumbersome and is enabled by default in CentOS. I like to permanently disable it even though the default is permissive. I ride the edge, I know.``` vi /etc/selinux/config
If you are running a network and aren’t using RANCID, you should give it a serious look. RANCID is a cross platform configuration management toolkit for backing up router configurations and certain environmental and hardware information into version control. It’s been around for as long as I can remember and supports nearly every platform I can think of, including a few modules that I cobbled together myself. There is are a few nice web based front ends for CVS and SVN, I prefer…
I have a bunch of Apple wireless gear at my house. It’s inexpensive, feature rich and easy to maintain. However, with the update to mountain lion a while ago, the ability to install the older Airport Utility stopped. This is annoying since I have what apple now considers “advanced” features like IPv6 at my home and essentially all my gear here is a lab (except for the plex server =) I’ve been spending a lot of time on cacti lately, and I wanted to test out the syslog…
It’s always annoying to me, being a convert from *BSD to Linux, that tools lke dig and host aren’t in the minimal base install. I realise that this makes me somewhat of a hypocrite, as I prefer an additive system rather than a subtractive base OS. Nevertheless, I’m continually surprised that “host” isn’t available after installing a minimal CentOS system without adding an additional package. So, since I always forget, here is a quick blog post to remind me…
Securing SSH is a form or art. It’s often debated, much like blocking all ICMP packets (which I normally disagree with). If you need good proof, read these posts by Bob Plankers. There is a camp that likes to promote moving to a non-standard port. There is a faction that likes to block it completely except from a handful of hosts. Then there are those that like to leave it open all together. Running naked in the digital jungle. I tend to err on the side of blocking except for jump…
I recently had the opportinity to work with the much-anticipated Brocade VDX “Ethernet Fabric” platform. I do admit tha tI’m intrigued by this product. I’d seen it work multiple times in demos and it worked so well and looked to easy that we actively tried to throw curve balls at the demo organizer to prove it wasn’t canned. It succeeded. The hardware hashing across the VLAGs is very slick. The VMware VSwitch integration worked well and was handy. With the…
Ryu, an openflow controller, was new to me. After doing 5 minutes of reading I knew I needed to get it up in the lab. The thing that caught my eye was that the project page was boasting support for OpenStack. Now, I don;t really have much experience with openstack, but it has a cult like following and it’s on my short list of stuff to get involved with. This seemed like a great excuse.