Packet Pushers Podcast

The conversation starts discussing Nexus 5K as a small/mid-size core. Yep, it works. Then Greg gets his Unicorn Riding outfit on and saddles up to run SDN race once again. This results in extensive yelling that "MPLS in the Data Centre is dead, SDN will win". Promptly followed by cool discussion that SDN/OpenFlow changes very little in networking. If that's confusing, you need to listen in.

Hybrid Switching is the next evolution in the OpenFlow/SDN market and focusses on the "How do we get from today's network to tomorrows infrastrucutre". We've been talking about OpenFlow for some time now, and more recently the HOW of configuring OpenFlow has been discussed more and more with the title of Software Defined Networkling. To some extent, we have answers to those questions and we are moving to implementation and we realise that most networks will need to run OpenFlow, SDN and programmable networking on their existing topologies. That's Hybrid Switching.

This week's podcast features Cisco Fellow & Senior Software Engineer Dino Farinacci and Distinguished Engineer Victor Moreno in a discussion of LISP - Locator/ID Separation Protocol. Ethan Banks and Greg Ferro host. The Packet Pushers talked with Victor back in show 54 about LISP. Show 123 is focused less on the mechanics of the protocol, and more on the use cases. In other words, what can we do with yet another routing protocol that hasn't already been done with others? The answer is rather a lot. LISP isn't simply a routing protocol; it's a way of decoupling an endpoint (something you're trying to communicate with) from a physical location. Therefore, an endpoint can be stationary or mobile, and LISP will sort that out in way that scales to Internet-size and beyond. What We Discuss Quick review: what is LISP? How is LISP different from legacy tunneling protocols? What Cisco platforms run LISP? Where does a LISP mapping database run? LISP Use Case: L2 DCI & vMotion. LISP Use Case: Changing the Notion of Subnetting. Explaining LISP RLOCs & EIDs. The LISP future vs. current reality. How extensible are the LISP forwarding tuples? LISP Use Case: The Internet of Things. LISP Use Case: Mobility Across Cloud Providers. How does LISP scale? Will LISP be standardized and adopted by other vendors? Other LISP use cases (including IPv6 transition). LISP as a programmable API.  

Travel into another dimension  - a dimension of wireless networking. That's right, Healthy Paranoia takes on the subject of 802.11 with the challenges facing a secure deployment. You'll find out why you should never use WEP (aka wireless equals pwned), that SSID cloaking is a waste of time, and how Greg really feels about Microsoft XP. Joining us on this journey: Blake Krone, Cisco CCIE (wireless), blogger and host of the No Strings Attached podcast Thomas d'Otreppe, Security researcher and author of open source wireless security suite Aircrack-NG Mike Kershaw, Security researcher and author of open source wireless security suite Kismet Andrew von Nagy, Cisco CCIE, CWNE, and blogger @ Revolutionwifi Show Notes: Aircrack -NG Kismet WiFi Security or Descending Into Depression and Drink by Mike Kershaw MDK3 Metasploit Moxie Marlinspike and ChapCrack and Andrew von Nagy's analysis  

In this "part 2" podcast (show 119 was part 1), co-hosts Ethan Banks and Greg Ferro are joined by Tom Hollingsworth, Tony Bourke, Kurt Bales, Ivan Pepelnjak and Michele Chubirka aka Mrs. Y. As the show continues, we ramble on about the following: What We Discuss The future of WAN acceleration. Greg was writing this report and started to read up on some things, and then there were all these opinions...you know how it goes on this show. Check Point's not feeling the love from this crew. Perhaps a little warmth...the amount of heat you'd feel from a match struck six feet away. But then the discussion morphs into firewalls in general, where the heartfelt admiration of those chattering into their microphones is still really hard to find. The security ramble continues into firewall management platforms, followed up by just how we should be securing virtualized environments. Closing it out are some bits about overlay networks and how they are impacting data center design. Fun show to record - we hope you enjoy!

In this Network Field Day episode of the Packet Pushers, we talk about the happenings of the first two days. Because there were so many of us in the room we used a room mike and the audio isn't great but it's definitely worth listening to. Discussion Topics Spirent and the upcoming Axon test unit and iTest Lab management product. Brocade Fabric and VCS Brocade & the OpenFlow and SDN Openstack and Quantum We also covered a few news topics. The announcement of the Nexus 1000V Freemium product Chambers declaring competition with VMware and, by extension, EMC but forgetting that customers are not financial analysts Chambers To VMware, Competitors: 'You Compete Against Cisco, You Will Lose' Attendees Anthony Burke @Pandom_ Bob Plankers @Plankers Brent Salisbury @NetworkStatic Chris Marget @ChrisMarget Colin McNamara @ColinMcNamara Greg Ferro @EtherealMind John Harrington @NetworkSherpa John Herbert @MrTugs Michael McNamara @mfMcNamara Paul Stewart @PacketU Tom Hollingsworth @NetworkingNerd

We had some time following the Statseeker presentation to talk about reactions to Statseeker.

Dave Ward, CTO & Chief Architect of the Service Provider Division at Cisco and Lauren Cooney, Senior Director of Software Market Strategy at Cisco join Packet Pushers hosts Greg Ferro and Ethan Banks for a discussion about software defined networking and the evolution of onePK & APIs. Not to put too fine a point on it, we consider this to be an important show. A lot of what Dave and Lauren discuss on this program is future-thinking stuff, but with real meat on the bones. Dave isn't just dreaming; he's doing. Dave is right down in the guts of API development and IETF standards formation. He's got a very good idea of where software defined networking should be taking the networking industry and how APIs can get us there. What We Discuss Cisco onePK - a software development toolkit providing a common data model, common object model, and common API across Cisco platforms running IOS, IOS-XR, and NX-OS. OnePK is a foundation technology providing an abstraction layer. It enables programmatic interfaces. The notion of a "network programming interface". How code you've written interacts with onePK agents, and ultimately with the end device. How interaction with legacy SNMP and onePK is different. What a "full duplex" interface is in the context of network programmability, and why it's really, really important. It's not just about logs & events when it comes to our devices telling us things. It's also about topology discovery, device capabilities, state, etc. Where are we at with standardization of APIs? That's going to drive SDN & network programmability further along if there's industry agreement of baseline functionality. IETF is working on IRS: Interfaces to the Routing System. Why OpenFlow is limiting in the long-term vision of network programmability. The CLI isn't the magic. Getting the job done quickly and correctly is. Why building an ecosystem around apps that can program the network is key. The five modules Dave is working on to enable third parties to integrate with a variety of underlying network services. The API layer cake: published APIs at the device, virtualization, and orchestration layers. An emerging open ecosystem that drives API development. Quotes "Things don't begin and end with OpenFlow by any stretch of the imagination." - Dave Ward "The whole goal is not just basic connectivity - it's engineered connectivity." - Dave Ward "IT professionals need to be able to interact in a heterogeneous network in a standardized way and issue one command across the network to get something done." - Dave Ward Links Cisco onePK RFC5440: Path Computation Element (PCE) Communication Protocol (PCEP) IRS: Interfaces to the Routing System mailing list Ask the Expert: Network Embedded Automation and Programmability (from the Cisco Support Community) Dave's blog article we referred to: Programmatic Interfaces Are Not Taxing OnePK Show with Richard Pruss

In this free-for-all hootenanny, the Packet Pushers virtual workbench assembles a team of talking heads for a podcast that was so long, we had to split it into two parts. Ethan Banks accepts the impossible mission from Mrs. Y of hosting the show, and is joined by the following folks: Greg Ferro, exposer of hyperbole & fluff; Tom Hollingsworth, Kentucky-fried lie detector; Tony Bourke, part-time pilot, permanent skeptic; Kurt Bales, an Aussie who leaves no stone unturned, no kangaroo pouch unprobed; Ivan Pepelnjak, memorizer of RFCs; and the esoteric and ever dubious Mrs. Y. What do we talk about? Why, I'm glad you asked! The death of the VMware vTax. Or did they just shift the revenue source somewhere else? Kurt talks about his new job and just how smitten he is with Juniper's QFabric. And then we follow a rabbit obediently down the hole of musk sticks. We pontificate about the Apple vs. Samsung ruling, and what it means for patent law. VMware Fusion 5 gets discussed. Is it a trap? Greg rants as only he can about the zombiefied Catalyst 6500, the switch that won't die. No one cares about IPv6. Well, okay. WE care, and we think you should too. So why is there STILL such a slow uptake? Lots of reasons, really... P.S. Oh. So you're probably wondering what a musk stick tastes like after our discussion on the show. Yeah...here's a picture Tony Bourke captured of Tom Hollingsworth after he tried a musk stick. That help? Tom Hollingsworth tries a musk stick. Picture credit: Tony Bourke.

Join Healthy Paranoia for The Matchup of the Century: The IPv6 Security Smackdown! Where builders and breakers wrestle with some of the most difficult security challenges surrounding the protocol. We discuss some of the common vulnerabilities, make recommendations for getting started (safely) and even find time to lament the evils of Carrier-grade NAT (CGN). Michele and Ethan are joined by a cast of luminaries, including: Fernando Gont, security researcher* Eric Vyncke, Cisco Distinguished Consulting Engineer and author Joe Klein, security researcher* TJ Evans, IPv6 instructor and engineer Jim Small, Sr. Consultant - Network/Security Architecture and Engineering, CDW Scott Hogg, Cisco Press author and Director of Technology Solutions for RMv6TF Show notes: NIST Guidelines for the Secure Deployment of IPv6 Planning Guide/Roadmap Toward IPv6 Adoption within the U.S. Government NSA: Firewall Design Considerations for IPv6  NSA: A Filtering Strategy for Mobile IPv6  NSA: Router Security Configuration Guide Supplement - Security for IPv6 Routers  IPv6 Fact Sheet  Internet Society | IPv6  NIST: Estimating IPv6 & DNSSEC External Service Deployment Status  Controversial ZDNET article Hurricane Electric Global IPv6 Deployment Progress Report Arbor Networks Worldwide Infrastructure Security Report 2011 Volume VII  SI6 IPv6 Toolkit IPv6 Hackers Mailing List  The Hacker's Choice IPv6 Attack Tool Kit IPv6 Security Lab:Veripy  IPv6 Security, by Scott Hogg and Eric Vyncke gogoNET Live! 3 , Event for professionals to go v6 UPDATE: check out Ivan Pepelnjak's upcoming webinar on IPv6 security. Wish I had enough hours in the day to view them all. I think this requires an xkcd comic. * Security researcher is really just a nice way of saying hacker or breaker.

In today's sponsored show we cover the Juniper MX; it's a platform that's build from the ground up to support high-density Ethernet services that can be used in both enterprise and service provider core, aggregation, and edge as well as broadband and mobile backhaul. The Juniper MX line up is as follows: MX5, MX10, MX40, MX80, MX240, MX480, and the MX960. The Juniper MX features custom built silicon called Trio which focuses on high-scale, line-rate performance, and inline services such as port mirroring, IPFIX, NAT, and GRE. There are three different categories of line cards: switching only, routing plus switching, and all of the above plus hierarchal queuing. As we say, "the line cards are full of awesome"!

Ethan and I haven't had enough spare time to organise these events lately but here is the recording from the last Packet Party where we opened up the laptop microphone to anyone who wanted to ask questions.

Cisco vPath 2.0 is part of the Nexus 1000v software switching architecture and it's important part of the Nexus 1000V purpose and product architecture. In this sponsored podcast, Prashant Ghandi talks about the latest vPath 2.0 feature in the Nexus 1000v and what it means for customers. And we are deep diving......

Sue Hares - Long term Internet and IETF person plus BGP RFC author joins us to talk about routing protocols and life when developing routing protocols like BGP. In a wide ranging discussion we talk about software defined networking and impact on routing protocols. Sue is art of the IDR Working Group and particularly involved with the IRS (Interface to the Routing System) and joined us at 1am local time after travelling for many ours. Thanks to Sue talking with us. People on the show where Russ White, Sue Hares, Ethan Banks and Greg Ferro.   Show Notes Interface to the Routing System Framework http://datatracker.ietf.org/doc/draft-ward-irs-framework/ Interface to the Routing System Problem Statement http://datatracker.ietf.org/doc/draft-atlas-irs-problem-statement/ A Policy Framework for the Interface to the Routing System - http://tools.ietf.org/html/draft-atlas-irs-policy-framework-00 https://www.ietf.org/mailman/listinfo/irs-discuss    

This is a recording of a talk I gave at Appsec DC 2012, "Security Is Like An Onion, That's Why It Makes You Cry." Okay, busted, I'm recycling. You can blame Greg. He seemed to think there was value in releasing it as a podcast episode. But in all seriousness, I'm a big proponent of applied neuroscience and the benefits of emotional intelligence in the workplace. As an engineer, when I started to figure out how the  human machinery works, things got much easier for me. But don't worry, that doesn't mean I've been replaced by one of those HR zombies that give you a four-color personality test to find out where you fit in the rainbow of a politically correct workforce. Oh no, I feel a quickmeme coming on....   If you want to view the slides with the talk, you can access them here.