Oh…Spanning Tree

black and white cold fog forestIt’s the “S” word we don’t like to hear, and often times it has degraded networks or even took them down entirely.  (All Systems Down – an older but classic story) It’s also one of those things that nobody really likes, we even had network companies, as well as IEEE try to replace it with something else. Remember the names like TRILL, and IEEE 802.1aq (SPB) or Cisco’s FabicPath technologies? You had all of these different flavors that showed a lot progress, but they never really took off for one reason or another. The funny part is this protocol we are all trying kill off is still alive and doing well, so let’s look at spanning tree in the meantime because you will likely run into it.

Continue reading “Oh…Spanning Tree”

Advertisements

Barracuda Load Balancer- Powershell

Great_Barracuda_off_the_Netherland_AntillesWorking on my Powershell skills, I was playing around with a Barracuda Load Balancer and noticed it supported some APIs which is kind of cool. At first I was playing around with it in postman and got to login and put some servers in maintenance mode, but then thought it would be really neat if I could get this working in Powershell, that way us humans can just run a script and even thinking in the “future” maybe have some automated process (a.k.a AI) handle this for us. 😉 So in this post I’ll talk about the script I created and some of the small challenges I had with this overall it was kind of neat putting this together. Continue reading “Barracuda Load Balancer- Powershell”

Automation Dance

people enjoying the concertI keep doing the automation dance, there are a lot of different tooling products out there. I have been trying to understand a use case around using it with network automation. Recently I have been dancing around with Ansible. My personal belief is that using any type of these tools would be helpful but it can be a steep learning curve if you really don’t have any programming knowledge. This is not something that is relatively easy to use or understand, don’t expect to have a working network automated tool in production on day one. I think this is great for learning, and using this in a network sandbox. If you don’t have programming mindset it might make your job harder on day one before it gets easier, but just like learning to dance you have to learn the steps, the moves, and maintain the rhythm. So with that let’s at least figure out the starting points, and begin learning the steps of the automation dance. 😉 Continue reading “Automation Dance”

Too Many TCP Resets

So, recently we enforced some firewall rules on a new environment, we did testing of the environment and everything was working as expected. In about 24 hours a lot of traffic from the web infrastructure was being denied and it continued, at first glance it looked like return traffic was being dropped, the web servers were sourcing at port 443 and the destination ports were using dynamic ports (RFC 6335)

No user or application problems were reported when we enforced rules, and we waited additional days to see if anything came up. Nothing came up, the only thing was a spike in amount of syslog messages of dropped traffic coming from the web servers. So from that point it really wasn’t an issue, but I thought it would be interesting to see what was going on. Continue reading “Too Many TCP Resets”

Configuring Layer Three EtherChannel

When you want more speed all you need is EtherChannel, EtherChannel can be configured as a layer three logical interface instead of just sitting at layer two. This is very helpful if we are running layer three down to the access layer switches, instead of at the distribution layer. You also could see this in a collapsed core design, we also don’t have to worry too much about STP when we configure EtherChannel’s. The only requirements to use layer three EtherChannels is your switch need is support layer three “routed” interfaces, so with that let’s get started!

Continue reading “Configuring Layer Three EtherChannel”