May, 2008

BGP

BGP is the protocol that binds the Internet together. It is what sends one packet across the globe in a few milliseconds and allows you to send email, . Typically, you will see Cisco routers that will handle this sort of heavy lifting and that is the IOS that we will review briefly.

ASN – Starting point
In order to have a BGP connection you will need to have an ASN(Autonomous System Number). You can get one of these through ARIN (American Registry for Internet Numbers). BGP uses ASN’s like VLAN id’s or a higher level view of subnetting. There are private ASN’s if you are planning on using BGP for internal purposes only. The private BPG range is AS64512 through to AS65535.

IOS – Configuration info
Here is the basic output of two connections to two different autonomous systems from one Cisco router.

router bgp 64512
no synchronization
bgp log-neighbor-changes
bgp dampening
network 3.3.3.0
neighbor 1.1.1.1 remote-as AS64513
neighbor 1.1.1.1 description Provider 1 >>Provider 1 Support Line<<
neighbor 1.1.1.1 password 7 09823490822093482F
neighbor 1.1.1.1 update-source Loopback1
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 route-map Provider1 out
neighbor 2.2.2.2 remote-as AS64514
neighbor 2.2.2.2 description Provider 2 >>Provider 2 Support Line<<
neighbor 2.2.2.2 password 7 09823490822093482F
neighbor 2.2.2.2 update-source Loopback2
neighbor 2.2.2.2 version 4
neighbor 2.2.2.2 weight 50
Let’s walk through the configuration a bit. Here are the same commands but with comments added in at various places

! This line is telling the BGP router which ASN it should advertise.
! A Cisco BGP router can only administer one ASN at a time.
router bgp 64512

! Log the changes when the neighbor goes up and down.
! This way you can see if the other BGP router that you are peering with is stable.
bgp log-neighbor-changes

! This is the network that you are advertising via BGP
network 3.3.3.0
! This is the ASN of your ISP or peered BGP network.
neighbor 1.1.1.1 remote-as AS64513
! While you don’t technically need this line it is important that you use it
! for your own clarification
neighbor 1.1.1.1 description Provider 1 >>Provider 1 Support Line<<
! Encrypted password for transferring your BGP data back and forth with your peer.
! Encrypting your BGP data will ensure that no one hijacks you routers.
neighbor 1.1.1.1 password 7 0934099082282F8234
! Using a loop back interface will ensure that the BGP peer always sees one
! interface that is in the network that you are advertising as being up.
! This will always keep the peering with your ISP up.
neighbor 1.1.1.1 update-source Loopback1
! The version of BGP that you are using. Version 4 is the most widely used and most recent.
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 route-map Provider1 out
As a final note, BGP is a powerful protocol with lots of features and options. However, most ISP’s don’t support the full suite of options that BGP provides so don’t expect to use all of them in order to shape your traffic.

iSCSI in VMWare ESX 3

iSCSI has become a very popular way of having shared storage among several physical or virtual computers. The benefits of shared storage are even greater when combined with the abilities of VMWare such as VMotion, High Availability and Distributed Resource Scheduler.

Below are the basic (and I do emphasize basic) to configuring iSCSI storage with VMWare 3.0. Like any shared storage infrastructure there are a number of possible methods and structures that could change the way that iSCSI is installed and used.

Step 1 - Add in extra Service Console and iSCSI VMKernal
The service console and VMKernal need to be on the same physical NIC on the ESX server. The IP’s for these services need to be on the same subnet as the iSCSI storage device. The pictures below outline the end-result if your iSCSI VLAN were to be 192.168.4.0/24. Note that the service console that you is shown below is the second and therefore additional service console. The original stays unchanged.

Sample Configuration Page

Sample End Result

Step 2 - Allow iSCSI traffic through the firewall
The Software iSCSI Client for ESX needs to be allowed through the firewall which is located under the security profile section. If you don’t do this then you will not be able to use the service. I found this interface “tricky” to use. Sometimes I would make changes and they wouldn’t take effect until the server was rebooted.

Step 3 - Enable Software Initiator Properties
The iSCSI storage adapter needs to be configured. Find the newly created iSCSI Software Adapter on the Storage Adapters tab you will need to:

1. Open the properties
2. Configure and subsequently enable the iSCSI Initiator
3. On the Dynamic Discovery tab you can add in the iSCSI server IP

Step 4 - Create iSCSI targert on iSCSI device
This will depend on your iSCSI hardware as to how you do this. Each manufacturer has their own way of doing this.

Step 5 - Add LUN to target

Links:
VMWare’s design guide for iSCSI – short but good: http://www.vmware.com/pdf/vi3_iscsi_cfg.pdf
Really good blog post by David Davis about VMWare and iSCSI:
http://www.petri.co.il/connect-vmware-esx-server-iscsi-san-openflier.htm

Download Windows XP Service Pack 3 Now!

It is available on public Windows Update Servers:http://download.windowsupdate.com/msdownload/update/software/svpk/2008/04/windowsxp-kb936929-sp3-x86-enu_c81472f7eeea2eca421e116cd4c03e2300ebfde4.exe

System center Virtual Machine Manager 2008 Beta

At the Management Summit in Vegas, Microsoft announced the beta of System Center Virtual Machine Manager 2008. This version can manage Hyper-V hosts!

It should be available on connect.

Microsoft has announced the formal name and beta availability of System Center Virtual Machine Manager 2008, a member of the System Center suite of server management products. The announcements came April 29 at the Microsoft Management Summit in Las Vegas, which showcased the beta of the System Center Virtual Machine Manager 2008 (VMM), managing both Hyper-V and VMware virtual infrastructure. Additional functionality new to this version of VMM includes Performance and Resource Optimization (Pro), which dynamically tunes virtual infrastructure, simplified virtual host cluster support, and other improvements and enhancements.