Three quick things I have learned from Facebook’s Next Generation Data Center Network

Facebook published this post about their next-generation Data Center Network. Here I am noting down three quick things I have learned from it.

A view to the Pacific Ocean inside Farglory Ocean Park, Hualian County, Taiwan

A simple example explaining why we need Prefix-List in addition to simple Access-List (ACL) on Cisco IOS

My example is: assume we want to filter out "all possible subnets/prefixes inside 192.168.1.0/24" from rushing into our router.

Red House Theater, at the West Gate of Taipei Wall (西門紅樓、紅樓劇場). 

We can first visualize what subnets are to be filtered in the following, but incomplete list:

192.168.1.0/24

192.168.1.0/25
192.168.1.128/25

192.168.1.0/26
192.168.1.64/26
192.168.1.128/26
192.168.1.192/26

(and even more ...)

RFC 3021: the "/31" subnets for IPv4 Point-to-point Links

(This RFC has been there for almost 14 years. Without writing a post down about it, it would never stay in my mind as if I have never known it. Too bad for me!)

Original location of West Gate of Taipei City Walls (西門、西門町).
The gate and the walls were removed long time ago.
The bottom right is one of the entrance of  MRT Ximen (e.g. West Gate) Station.

RFC 3021: Using 31-Bit Prefixes on IPv4 Point-to-Point Links

Since this RFC is quite old, almost all of today's routers already have this feature. It is very safe today to assign "/31" subnets to any point-to-point links. We can now save 50% of IPv4 addresses for point-to-point WAN links.

New product: Cisco UCS "Mini"

Cisco has a new update few days ago to her Unified Computing System (UCS): the UCS Mini. Here is what I have known of it from the public web sites.

Sun is rising at Hualian County of Taiwan on August 30, 2014.

Cisco Exam costs "upgraded" on June 2014

Cisco upgraded her exam costs on June 2014. Basically, USD $50 is added to every exam.

This is already an old news. I just want to record it here in case you missed it.

[Original Post]
https://learningnetwork.cisco.com/docs/DOC-12825

[The following content is captured on Cisco.com.]
>>>

Last Modified:  Jun 20, 2014 2:57 PM by Madhukar: Cisco Team

What Do Exams Cost?

Computer-based certification exam (Written Exam) prices range depending on scope and exam length. Please refer to the table below.

s	PATH	ENTRY	ASSOCIATE	PROFESSIONAL	EXPERT	SPECIALIST
	Cost	$125 - $150	$150 - $295	$250	$400	$250

• CCIE Lab and CCDE Practical exams are $1,600 USD per attempt at permanent Lab Locations.   Information on Mobile CCIE labs can be found here. Travel and lodging expenses are the responsibility of the candidate and are not included in the exam price.
• Expert and Architect level Lab and Practical exam information links: CCIE Lab Exams , CCDE Practical Exams and CCAr.
• Costs may vary due to exchange rates and local taxes (VAT, GST).
• Register online at Pearson VUE for all exams except CCIE Lab exams. Payment is made directly to the authorized test delivery partner, Pearson VUE.
• You are responsible for any fees your financial institution charges to complete the payment transaction. Payment is made online via credit card or wire transfer. Price is not confirmed and subject to change until full payment is made.
• For exact pricing of your exam please register online at Pearson VUE. Exams prices vary depending on scope and exam length.

Threatening the market by “Wedge”? I don't think so.

A grass next to Taipei Botanical Garden (台北植物園), Taiwan

I just don't get it. Products such as iPhone/iPad are totally proprietary. And people still love them. Network devices are also proprietary. However, people just don't like proprietary network boxes and want them all to become as open as commodities?

Last Wednesday (June 18, 2014) Facebook announced the existence of their experimental in-house Top of Rack 40Gbps switch called “Wedge”. The basic ideas in many reports from the press (like this, this, and this) are: this would threaten existing market of network vendors such as Cisco.

Bandwidth (Throughput) is not everything about network performance

A look along the Coconut Palm Avenue (椰林大道).
National Taiwan University.

We like to compare the "bandwidth" numbers of different network systems. In my experience, bandwidth is the most asked property when I am introducing new technologies to other network workers. Bandwidth is very easy for people to understand, to do the calculations, and to compare which one is better than the others.

However, bandwidth is just not everything. Network with larger bandwidth is simply not a faster network at all.

Here I crafted an imaginary example, to show you why bandwidth is not as important as you might think of.

This imaginary example is called: "Trans-Pacific High Bandwidth Pipe".

Northbound, Southbound, and East/Westbound. What do they mean?

We hear a lot of directions when we are talking about Data Center technologies: Northbound, Southbound, and even Eastbound/Westbound. What do they mean? Why are they called this way?

Software Defined Networking (SDN)

Source: Wikipedia

For minimum discussion of SDN, three layers are defined inside an SDN. They are SDN Service Layer, Controller, and Physical Network.

Interesting Visualization: Configuring Virtual PortChannel (vPC) of Cisco NX-OS

This video from Volvo Trucks is telling exactly how I feel when I configure Virtual PortChannel (vPC).

If I configured the two powerful trucks (NX-OS devices) well, I could make them run powerfully smooth.

However, if I made just one single mistake, I could also go terribly wrong.

Default reserved VLAN numbers on Cisco IOS and NX-OS

Fire-like Kapok blossoms in Taipei City, Taiwan

To show the reserved VLAN numbers on both IOS and NX-OS, the common command is:

show vlan internal usage

Notes of PONG command on Nexus 7000

Mountain view over Devine Trees near Chilan (棲蘭), Yilan County, Taiwan. (棲蘭神木園)

We can use PONG command to measure and and analyze switch port to other switch port latency. Example of using this command can be found on PONG command reference.

My notes about Configuration Register on Cisco Routers

This page on Cisco.com defines all details about "Configuration Register" on Cisco routers.
http://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/50421-config-register-use.html

The Purpose of the Configuration Register
The configuration register can be used to change router behavior in several ways, such as:

• how the router boots (into ROMmon, NetBoot)
• options while booting (ignore configuration, disable boot messages)
• console speed (baud rate for a terminal emulation session)

Configuration registers are indeed DIP switches on most of PC motherboard.

DIP-Switch as part of a PCB from 1976, by Rainglasz.
Captured on Wikipedia.

Cisco APIC Enterprise Module provides SDN on existing Cisco routers and switches

Here is my understanding about this coming, new APIC Enterprise Module from Cisco Systems.

Fw: NTP Amplification Attacks Using CVE-2013-5211 | US-CERT

Screen capture of this alert page.

If you are running NTP Daemon, remember to upgrade to Version 4.2.7, or just disable “monlist” functionality.

What I have learned from this vulnerability: Undocumented Test Interface in Cisco Small Business Devices

"Two adult Guinea Pigs"
Photo taken by Sandos on Wikipedia.

Recently Eloi Vanderbecken discovered a security hole on his home Internet gateway. An undocumented TCP port 32764 is listened on this gateway. Intruders can use this hole to reset administrator’s password and then gain control of that Internet gateway. There is a post about how Eloi discovered this security hole and possible way for an intruder to gain control.

The brand of that Internet gateway is Linksys, which was once part of Cisco System but now is part of Belkin. That is why I look more carefully about this case. Cisco published this report about the discovered security hole.

I have learned many things about this case.