The Network Hub


August 27, 2010  10:28 AM

MPLS inside your data center … really?

rivkalittle Rivka Little Profile: rivkalittle

Data center MPLS was a hot topic earlier this week at a Juniper Networks Data Center Design workshop in NYC. In this video, Juniper Networks MX Series product manager Rameshbabu Prabagaran explains that some companies are turning to MPLS inside the data center as a means to implement network segmentation that is more scalable than alternatives.

[kml_flashembed movie="http://www.youtube.com/v/Mrg6ki1gYR4" width="425" height="350" wmode="transparent" /]

August 16, 2010  2:30 PM

Are you still feeling pain from the Cisco supply chain?

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

During his latest earnings call with Wall Street analysts, Cisco CEO John Chambers put a good spin on the supply chain issues that have plagued his company and many other IT vendors for more than a year as component manufacturers have struggled to meet demand. (On a side note, I’m still waiting for someone to explain to me why suppliers aren’t able to ramp up production to meet demands from Cisco and other vendors. Are they struggling to find raw materials? Are they afraid to expand capacity for fear of another downturn gutting demand and forcing them to make extraordinary cuts a second time since the recession began?)

Chambers said Cisco’s supply chain constraints are improving but remain challenging, with supplier lead times stabilized but still longer than ideal. He said Cisco has made significant progress with this and product lead times are now within a normal range for the majority of the company’s products.  Note that he said the majority of products are within normal lead times now, but not all. Chambers didn’t specify which products still have long lead times… whether or not they include the high volume products that networking pros have been griping about such as the Adaptive Security Appliance (ASA) 5000 series devices.

Chambers said the number of components that are scarce in Cisco’s supply chain has decreased. At the beginning of the last quarter Cisco was “chasing” 550 parts that were hard to acquire in its supply chain, he said. By the end of the quarter that number was down to around 300. Chambers noted that in normal times Cisco chases about 100 components in its supply chain.

Also, Cisco has clearly taken extraordinary steps to get products into the hands of its customers faster. Chambers admitted that profit margins have suffered as the company has spent money on speeding up its supply chain with more use of airfreight and other unspecified methods.

Despite chasing parts and trying to grease the wheels of supply chain, customers still have gripes. As we reported recently, some networking pros have turned to Cisco competitors rather than wait for Cisco to deliver. They aren’t willing to leave Cisco behind, but for some parts of the network they are willing to try a new vendor. Of course, if they like what they see from these new vendors, their use of Cisco alternatives could increase if the supply chain issues get worse again.

So are customers seeing improvement? It’s not just Chambers saying this. I’ve heard from networking pros who say the delays aren’t as bad as they were on many products.

If you’re still feeling the pinch, let us know in the comments section.


August 12, 2010  4:30 PM

Fibre Channel over Token Ring: Converged storage dilemma solved

rivkalittle Rivka Little Profile: rivkalittle

The FCoE debate is over. At last there is an answer to converged storage networking that leaves tiresome Ethernet behind: Fibre Channel over Token Ring (FCoTR).

The newly launched FCoTR Alliance is working feverishly to develop the 802.5qZ standard, which will soon be submitted to a standards body.

The alliance “is responding to growing industry pressure from a diverse group of networking and storage professionals” with the primary goal of furthering “the awareness, adoption, and commercial support of FCoTR.”

More importantly, the alliance aims to prevent storage professionals from ever having to learn burdensome Ethernet technology while enabling long-time networking admins to remain comfortable in a technology they know and love – Token Ring.

“The adoption of Fibre Channel technology means an opportunity for network convergence. Leveraging my existing Proteus token ring network for use with storage is a very desirable proposition,” said Jose Chavez, director of information technology for Superannuated Systems, Inc.

FCoTR also enables both storage and networking purists to keep the Ethernet gene pool clean.

“Many Fibre Channel gurus balk at the idea of Ethernet being capable of guaranteeing the right level of lossless delivery and performance required for the SCSI data their disks need. IP Junkies like Greg Ferro ofEthereal Mind balk at the idea of changing Ethernet in any way and insist that IP can solve all the world’s problems including world hunger (Sally Struthers over IP SSoIP.) Additionally there is a fear from some storage professionals of having to learn Ethernet networks or being displaced by their Network counterparts,” writes esteemed Define the Cloud blogger Joe Onisick.

Ferro – who is one of a team engineers drafting the standard – is only attempting to help storage professionals maintain their Fibre Channel investment.

“For all those Storage Nut Jobs who can’t imagine their precious FibreChannel frames crossing an Ethernet network, we are proposing the development of FibreChannel over Token Ring. That’s right, the second best networking protocol ever invented (after FDDI), offers everything you sad, attention deficit ridden, storage losers ever wanted in shared network. Deterministic delivery, over engineered cabling, layer 2 troubleshooting. We can even improve the FC protocol by isochronous transmission for serial clocking performance and guaranteed delivery,” writes Ferro. “Last known Token Ring standards were developed to Gigabit performance, and it shouldn’t be too hard to dust them off and ramp them to 10Gigabit and more.”

Once the 802.5qZ standard is established, it is very likely vendors will launch a series of product (most of which promise not to be interoperable, but will be launched with lavish press events, maybe even one on the New York Stock Exchange floor). Here are some predicted product launches:

· EMC SLOW (It’s the version of FAST that supports Token Ring)

· NetApp SMTR (SnapManager for Token Ring)

· HDS UPS (It is to USP what UPS is to FedEX)

· 3PAR HeyNow! (3Par requires each disk to say “Hey Now!” if they want the token)

· Compellent Frozen Data (It’s the Fluid Data line slowed down so much it freezes)

· IBM WHU (The Prequel to XIV)

· HP StorageDoesntWork (Just saying)

 

Learn more about the lossless storage over token ring in this in-depth and well-explained video on FCoTR.

[kml_flashembed movie="http://vimeo.com/moogaloop.swf?clip_id=13399464" width="400" height="225" wmode="transparent" /]


August 9, 2010  1:07 PM

VMware to make serious network virtualization news at VMworld?

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

A nice find by Stu Miniman at Wikibon. He dug up this video in which VMware’s director of research and development Howie Xu previews his session at VMworld, “The Future Direction of Networking Virtualization.

In the video below, Xu talks about VMware’s plans to announce an “open, extensible networking virtual chassis platform so that anyone can develop the on-demand networking service on top of vSphere.”

[kml_flashembed movie="http://www.youtube.com/v/8xCFmGmRwAs" width="425" height="350" wmode="transparent" /]

Hit pause at the beginning of that video and look at the white board. As Stu pointed out in his blog, you’ll see the term “vFabric” at the top, to the right. Stu thinks this could be the name of a new virtual networking OS from VMware.


August 9, 2010  11:59 AM

HP CEO transition: Media hand-wringing and internal HP morale

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

When something like the Mark Hurd scandal happens, we in the media spend a lot of time quoting pundits about what impact the event could have on the markets we cover. For instance, ITWorld Canada quotes Rick Sturm, CEO of Enterprise Management Associates, about how Hurd’s departure could throw a wrench in the integration of 3Com into the company.

If [HP] brings in someone who says, ‘I’m not so sure [3Com] was a smart idea,’ they could have a few bumps in the road.

That’s for sure. Of course, given the amount of money laid out this year for the 3Com deal and the Palm acquisition, I think the board of directors will want to hire a new CEO who is committed to making those investments work. At the same time, a new CEO will probably be more willing to cut his losses with an acquisition that isn’t working if said acquisition didn’t happen on his watch.

So the board will probably hire a CEO who will commit to HP Networking’s 3Com/H3C/TippingPoint integration at least for a few years. But what about the rest of the company?

Over at CTOEdge, Mike Vizard pointed out that HP employees were suffering from low morale even before this Hurd scandal hit. He points to Glassdoor.com, a site where employees rate their CEOs and review what it’s like to work at their companies. HP has a Glassdoor rating of 2.4 on a scale of 1 to 5, based on 1,353 ratings. Hurd has an approval rating of just 34%. Employees tell the site that executives focus too much on numbers.

HP has enjoyed a lot of success under Hurd’s leadership. It has solidified its position as the #2 enterprise networking vendor, grown its share of server sales and made a lot of money on services with its EDS acquisition. But whispers of poor morale combined with this dramatic loss of its CEO certainly justifies some hand-wringing — by the media and by HP customers — especially since Cisco is being so aggressive in competing directly with it on networking and servers. As Vizard asks in his CTOEdge column: “Can an HP that is already pretty divided internally come together to drive the innovations needed to compete across a range of business segments that to one degree or another are under siege?”


August 6, 2010  4:39 PM

HP loses its CEO in a scandal just as networking business is poised for war

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

Yikes, multiple publications, including BusinessWeek, are reporting that HP CEO Mark Hurd has abruptly resigned following an internal investigation into whether he had violated the company’s sexual-harassment policy. Hurd (Update: Hurd’s bio has been scrubbed from HP.com. Now he’s on a page which lists former HP CEOs) was reportedly cleared in the sexual harassment allegation but had violated a personal conduct policy.

HP’s CFO Cathie Lesjak will act as CEO on an interim basis while the company looks for a replacement.

I’m not going to bother looking into the details of what Hurd allegedly did. He’s gone now. And that’s huge. This is one of the biggest technology companies in the world. It is poised to compete for a huge share of the networking market. And suddenly the CEO who is credited with turning HP around after some years of struggle under mediocre leadership (*cough* Carly Fiorina *cough*) is gone.

What happens now?

HP ProCurve has long been a niche, low-cost networking vendor popular among small and midsized businesses and enterprise campus networks. Under Hurd’s leadership, the ProCurve business became the number two enterprise networking vendor, and took an even bigger leap forward earlier this year when it closed a deal to acquire 3Com and its promising H3C networking and TippingPoint network security brands.

Now Hurd is gone. There is no way of knowing what direction a new CEO would take the company. It’s probably safe to say HP’s board of directors will expects a new CEO to maintain a commitment to networking, given the sizable investment HP made in 3Com. HP has a lot of momentum in that area, but will we see some shifts in strategy under new leadership? Who knows?

It will be important to watch how other key HP executives respond to this scandal. Senior Vice President Marius Haas, general manager of HP Networking, has been widely credited with the rise of HP’s networking business. Above him is Executive Vice President Dave Donatelli, general manager of HP’s Enterprise Servers, Storage and Networking. If either of those guys jump ship, take note.

Also, HP is a public company. When a public company has a leadership shakeup in the midst of a run of success, Wall Street balks. If the stock price stumbles badly, HP’s leadership may be forced to make some short-range scrambling in response.


August 5, 2010  1:45 PM

Catalyst to Nexus data center migration

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

Are you at the point where you need to update the old Cisco Catalyst 6509s in the core of your data center? If you are, you’re probably looking at the Nexus line of data center switches that Cisco has been promoting for the last couple years. Many enterprises are trying to decide whether to migrate from Catalyst to Nexus or to look at Cisco alternatives — either one of the newly risen big guys like Juniper and HP Networking or some of the long time data center networking specialists like Force10 or Brocade (formerly Foundry).

Jeremy Filliben, CCIE @3851 just blogged about his experience in migrating from Catalyst to Nexus in his data center. Basically he built a new Nexus LAN, with dual Nexus 7010s in his core, alongside his legacy Catalyst LAN and interconnected them before cutting over the Layer 3 Functionality in his network from his old core Catalyst 6509s to his new Nexus 7010s.

Jeremy goes into detail about the problems he’s encountered during this project, including some glitches with extranet BGP peering and spanning tree root migration. The BGP issue was caused by a overlapping third-party BGP Autonomous System (AS) numbers, which in Catalyst he had always handled by enabling the “allowas-in” knob on his internal routers. The feature isn’t available on Nexus yet.  He traced the spanning tree issue to the fact that Nexus switches handle Bridge Protocol Data Units (BPDUs) in a way that is different from how Catalyst handles them.  The issue will force him to keep the Catalyst 6509s in production longer than he wanted.  Check out his blog about the Catalyst-Nexus migration to find out how he fixed these issues and learn about some other minor but annoying things he has discovered during the project.

Jeremy also pointed out a nice resource by Carole Warner Reece on her blog at Chesapeake Netcraftsmen which provides side-by-side comparison of the differences between IOS and NX-OS command line interface.


July 30, 2010  4:35 PM

New WPA2 vulnerability a wireless version of ARP spoofing, says Wi-Fi Alliance

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

When researchers say they’ve found a vulnerability in WPA2 (WiFi Protected Access) security standard, wireless LAN administrators stand up and take notice. Md. Sohail Ahmad, a researcher with wireless security vendor Airtight Networks, presented a WPA2 vulnerability dubbed Hole 196 at Black Hat yesterday and DEFCON 18 this weekend.

Details on the vulnerability remain somewhat fuzzy, but the Wi-Fi Alliance says Hole 196 appears to be a wireless version of ARP spoofing, the exploit in Address Resolution Protocol that allows hackers to perpetrate man-in-the-middle attacks.

Matthew Gast, chairman of the Wi-Fi Alliance’s Security Task Group (and director of product management for Aerohive Networks), said Hole 196 is an exploit that only authorized network users can use to bypass WPA2 encryption.

An insider on the network can set up a hack to trick a client into perceiving the hacker’s client devices as an access point. The victim will send its data to the hacker, who can observe it while forwarding it on to the access point.

“Since this is a vulnerability that’s been around since the beginning of Ethernet, network admins are already accustomed to dealing with it,” Gast said.

Gast said network performance monitoring can detect the latency caused by the extra hops associated with the attack.  Also, network admins can enable the client isolation filter found on most LAN infrastructure, which won’t be fooled by an ARP spoofing attack. An AP will look directly at the destination MAC address, recognize the problem and cut the connection. The victim’s client device will immediately experience a loss of connectivity. The user will call help desk and it’s only a matter of time before a network admin tracks down the MAC address of the hacker.


July 23, 2010  4:11 PM

CCIE Emeritus: Did Cisco give into complaints from CIOs and product managers?

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

When I set out to write about Cisco’s new CCIE Emeritus program a few weeks ago, I spoke to three CCIE-certified engineers, all at different stages of their career, to get a variety of perspectives on the program. CCIE Emeritus is a program for CCIE-certified engineers who are no longer working closely with networking technology on a daily basis and don’t have the up-to-date technical skills required for passing the biannual recertification exam. Instead, if they’ve been in the CCIE program for at least 10 years, they can opt into the Emeritus program, which allows them to maintain a connection to the CCIE program without being fully certified. Instead, they demonstrate that they’ve taken on more of a leadership role in the industry, as technology executives, authors, lecturers or mentors. they keep the CCIE badge on their resumes, but potential employers know that these people are no longer living in the network on a daily basis. Instead they’ve advanced into other types of careers.

Mostly the engineers I talked to thought it was a nice option for Cisco to offer to people and they could see scenarios in which going in this Emeritus program would work for them. No one seemed to object to it.

However, i got some reader feedback recently that presented a different view. Robert DuBell (CCIE#9105), a consulting systems engineer with World Wide Technology Inc., had this to say:

The written recertification test is definitely not a “hands on” test like the lab is. The written test can purely be passed simply by studying the material written in the study material listed on the Cisco CCIE written prep suggestions. You don’t have to be in the CLI all day every day in order to complete the recertification. Simply spend a few hours of your free time studying the proper material and you can recert. If you want to keep your CCIE valid, then you should have no problem keeping up with the technology.

Just because you have moved into a management position does not mean you should let your knowledge of cutting edge technology slip! I have completed the recertification test four times and I have taken different track tests to broaden my working knowledge of the different technologies. I think I have done the Routing and Switching CCIE recert test once since achieving my CCIE.

The CCIE is the best cert out there because Cisco has not given into rules changes on how they run their program. I think this is a shame that they have given into the CIOs and PMs [product managers] so they can keep their number active.


July 21, 2010  2:20 PM

HP’s old ProCurve lifetime warranties extend to just a few 3Com/H3C gear

Shamus McGillicuddy Shamus McGillicuddy Profile: Shamus McGillicuddy

HP Networking recently posted this handy little warranty chart (PDF) to help customers understand the warranties on all its products, both the old ProCurve-branded gear and the recently acquired H3C and TippingPoint products that came over in the 3Com acquisition.

Historically, the major appeal of the HP ProCurve line was its low total cost of ownership. The lifetime warranty that HP applied to most of the ProCurve products was very straightforward. You buy it, we guarantee the thing will work for as long as you own it and will provide technical support forever. No need for expensive support contracts. I’ve heard from more than one network manager who said they switched from Cisco to HP ProCurve because the lower TCO was too tempting to pass up.

When HP bought 3Com and its young but promising sub-brand of H3C, it was hard to imagine that all of the high end 3Com products would find their way under the umbrella of HP’s lifetime warranty approach. And judging from this chart, that’s exactly the case.

You’ll find that the fixed-configuration H3C switches have been moved into the lifetime warranty program, including the A5810, A5800, A5500, A3600 and A3100 switches (Back in their H3C days, these switches started with the letter “S” rather than “A”).

The modular H3C switches are a different story. The big A12500 and A9500 chassis switches and the smaller A7500 and A5820 modular switches all have one-year warranties, with lifetime software and OS maintenance coverage and one year of free technical support.

The 3Com fixed-configuration switches, such as the E5500, E4800G, E4500G and E4200G are all covered under the lifetime warranty.

It looks like most of the TippingPoint network security products (IPS appliances, gateways and firewalls) will have one-year warranties.

Some folks worried that the old ProCurve lifetime warranty would disappear with the 3Com acquisition. It appears to remain in effect for the most part. It’s just not as broad as it used to be.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: