New Juniper Networks Videos Covering Segment Routing

Juniper recently posted some new videos on their YouTube channel covering Segment Routing. These videos feature my former colleague Ron Bonica as he provides a basic overview of Segment Routing (SR) including key concepts such as paths and segments before diving into how SR simplifies traffic engineering.

I definitely recommend checking these out for anyone interested in learning more about this emerging technology that is generating a lot of interest amongst the the Service Provider community.

For more information about segment routing, visit: http://www.juniper.net/sr

Juniper Lightboard Series – Intro to Juniper Routing – Part 2

Just released the second video in my “Introduction to Juniper Routing” Lightboard Series. In this video, I cover more details around the functions and role of the Packet Forwarding Engine (PFE), and describe the difference between transit traffic and exception traffic.

In my next video, I’ll cover how routes are added to the routing table, describe the role of route preference, and briefly discuss the active route selection process.

Hope you enjoy and please don’t forget to check out my YouTube channel and like and subscribe for future videos!

https://www.youtube.com/c/ShortestPathFirst

Juniper Lightboard Series – Intro to Juniper Routing – Part 1

Very excited to share with you my very first official lightboard video, and what better way to kick things off than to dive into one of my favorite topics — an Intro to Juniper Routing. In this first part, I cover the separation between the Control Plane and the Forwarding Plane, and introduce concepts such as the Routing Engine and the Packet Forwarding Engine (PFE).

In my next video, I’ll cover the PFE in more detail and discuss the difference between transit traffic and exception traffic, followed by more videos on topics such as static routing vs. dynamic routing protocols. I will also separately introduce several companion series videos which will cover topics such as Data Center Architectures, Multicast, Class of Service, as well as emerging trends such as HyperConverged Infrastructure (HCI), Docker containers, and Kubernetes.

Hope you enjoy and please don’t forget to check out my YouTube channel and like and subscribe for future videos!

https://www.youtube.com/c/ShortestPathFirst

What’s a Steiner Tree?

Any of you who have worked with VPLS or NG-MVPNs are likely already familiar with using Point-to-Multipoint (P2MP) LSPs to get traffic from a single ingress PE to multiple egress PEs.  The reason that P2MP LSPs are desired in these cases is that it can reduce unnecessary replication by doing so only where absolutely required, for example where a given P2MP LSP must diverge in order to reach two different PEs.

However, typically the sub-LSPs which are part of a given P2MP LSP traverse the shortest-path from ingress to egress based on whatever user defined constraints have been configured.  While this is fine for many applications, additional optimizations might be required such that additional bandwidth savings can be realized.

We will take a look at something called a Steiner-Tree which can help the network operator to realize these additional savings, when warranted, reducing the overall bandwidth used in the network and fundamentally changing the way in which paths are computed. Continue reading “What’s a Steiner Tree?”

Black Hat OSPF Vulnerabilities: Much Ado About Nothing

Imagine a group of researchers planning to speak at a conference regarding a previously undiscovered vulnerability present in most homes that would allow a thief to rob your home of its valuables with complete ease.  You would probably be interested in hearing what they had to say so you could take the necessary precautions to protect your home.

Now imagine when they presented their findings, they went on to state that it was incredibly easy to do, so long as you left your front door open and also provided them with the security code for any alarm systems.  You would probably find this implausible and simply the proliferation of fear, uncertainty, and doubt.

That’s precisely what happened last week at the well-respected Black Hat security conference in Las Vegas when researchers from the Israel Institute of Technology and Advanced Defense Systems, Ltd. presented their findings of a serious vulnerability present in OSPF.  So serious in fact, the researchers stated the only way to properly mitigate the threat, short of fixing the protocol, is to switch to another routing protocol such as RIP or IS-IS. Continue reading “Black Hat OSPF Vulnerabilities: Much Ado About Nothing”

JNCIE Tips from the Field :: Summarization Made Easy

Today we’ll start with a series of articles covering tips and techniques that might be utilized by JNCIE candidates, whether pursuing the JNCIE-SP, JNCIE-ENT, or even the JNCIE-SEC.  The tips and techniques I will be covering might prove to be useful during a lab attempt but could also be used in real-world scenarios to save time and minimize configuration burden in addition to eliminating mistakes that might otherwise be made.  I want everyone to understand that what I am about to write is simply a technique.  I am not divulging any materials or topics which are covered under NDA.

Continue reading “JNCIE Tips from the Field :: Summarization Made Easy”

IETF Provides New Guidance on IPv6 End-Site Addressing

I’ve always been at odds with the recommendation in RFC 3177 towards allocating /48 IPv6 prefixes to end-sites.  To me this seemed rather short-sighted, akin to saying that 640K of memory should be enough for anybody.  It’s essentially equivalent to giving out /12s in the IPv4 world which in this day and age might seem completely ridiculous, but let us not forget that in the early days of IPv4 it wasn’t uncommon to get a /16 or even a /8 in some cases.

Granted, I know there are quite a few more usable bits in IPv6 than there are in IPv4, but allocating huge swaths of address space simply because it’s there and we haven’t thought of all the myriad ways it could be used in the future just seems outright wasteful. Continue reading “IETF Provides New Guidance on IPv6 End-Site Addressing”