blog Archives - NETRAVNEN BLOGGING

The BGP Multi-Exit Discriminator (MED) Saga « ipSpace.net blog

Martijn Van Overbeek left this comment on my LinkedIn post announcing the BGP MED lab: It might be fixed, but I can recall in the past that there was a lot of quirkiness in multi-vendor environments, especially in how different vendors use it and deal with the setting when the attribute does exist or does not have to exist. TL&DR: He’s right. It has been fixed (mostly), but the nerd knobs never went away. In case you’re wondering about the root cause, it was the vagueness of RFC 1771. Now for the full story 😉

Source: The BGP Multi-Exit Discriminator (MED) Saga « ipSpace.net blog

EVPN Learning Ressources – WIP

RFC’s
- Drafts
YouTube
- Playlists
Routing Daemons
Linux Hypervisors
Commercial Vendors
Blog Posts
Side notes
- VXLAN Packet
- PBB Packet Format

RFC’s

Drafts

YouTube

Revisiting BGP Data Center Design – 2023-08-31
EVPN multi-homing: an open alternative to MLAG (Nokia TechTalks) – 2023-05-15
EVPN Route Types (Nokia TechTalks) – 2023-05-15
EVPN Multi-homing in 10 (Nokia TechTalks) – 2023-04-12
EVPN Route Types in 10 (Nokia TechTalks) – 2023-04-12
Using Gateways for SRv6 and MPLS Interworking (Nokia) – 2022-04-21
Seamless Data Center Interconnect options using EVPN & various tunnel stitching {NANOG} – 2022-10-26
EVPN Deep Dive – All EVPN Route Types explained by Orhan Ergun and Toni Pasanen – 2020-04-28
Understanding ASICs for Network Engineers (Pete Lumbis) {NANOG} – 2020-02-21
SONiC: Open Source NOS in Data Center {NANOG} – 2019-11-05
Understanding ASICs For Network Engineers (Pete Lumbis) {Packet Pushers} – 2019-06-17

Playlists

Intro To EVPN With Tony Bourke – 2021-06-26
EVPN MPLS on Cisco IOS-XE and Cisco IOS-XR – 2023-05-11
Between 0x2 Nerds – Several EVPN episodes (Podcast format)

Routing Daemons

Linux Hypervisors

Proxmox Docs: SDN

Commercial Vendors

Blog Posts

Side notes

Bird2 does not (yet) have EVPN SAFI support on the ROADMAP
MikroTik RouterOS has no support. Unknown if it will ever be implemented.
IANA – Address Family Numbers (AFI’s)
IANA – Subsequent Address Family Identifiers (SAFI) Parameters

VXLAN Packet

PBB Packet Format

They didn’t learn their history lesson … :/

As one of the leading blog platforms, WordPress.com receives thousands of DMCA takedown requests every year, but nearly half of these are rejected. Parent company Automattic is known to inspect all notices carefully, and has a track record of defending its users against DMCA abuse. In addition, it occasionally highlights the worst offenders in its…

via City of Abbotsford Enters WordPress’ DMCA “Hall of Shame” — TorrentFreak

“Switching” to IP fabrics – Namex Bits

At the beginning of 2021, Namex IXP has started the rollout of its next-generation peering platform, the active infrastructure which is at the core of its network interconnection facility. This new platform relies on an IP fabric design with VXLAN as the overlay network and BGP EVPN as the control plane protocol. The development of this project started back in March 2020 and saw Mellanox and Cumulus Networks (both parts of NVIDIA corporation now) as major technological partners.

Before diving into the details, a brief historical note may help to understand the drivers and motivations behind such technical choices.

More at “Switching” to IP fabrics – Namex Bits – https://blog.namex.it/2021/04/switching-to-ip-fabrics/

WireGuard on pfSense

Netgate has “just” published their first blog post, describing official WireGuard support in the latest development snapshot of pfSense 2.5.0.

As a network engineer, routing enthusiast, technical supporter, and DN42 participant. Hearing about the upcoming WireGuard support for pfSense has me very excited due to the ease of use. And simplistic configuration. Making it – in my opinion – the most attractive VPN solution for P2P-mesh VPN network(s) and Road Warrior access on-the-go. Plus the support for WireGuard is close to ubiquitously supported on *most* major platforms via direct development support (& 3rd party software solutions).

Netgate mentioning – in their blog post – they have been a sponsor for the development needed to get WireGuard supported on FreeBSD has me thankful, even thou I am not a paying customer of theirs (i.e. a prosumer #wfh).

pfSense not having WireGuard support. When OPNsense introduced WireGuard (& ZeroTier) support months ago. Have had me seriously consider over the Christmas period to switching my prosumer firewall solution to OPNsense. Just for the VPN support of WireGuard & ZeroTier alone. Now, however… I am convinced to stick with pfSense for more years to come. And excitedly looking forward to the next stable release that will very hopefully include the recently announced WireGuard support. (/^▽^)/

Summary by Phoronix:
https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-pfSense-Introduced
Netgate blog post:
https://www.netgate.com/blog/wireguard-for-pfsense-software.html
Latest Docs:
https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/index.html
WireGuard commits to pfSense repo:
https://github.com/pfsense/pfsense/search?q=wireguard&type=commits

10 gigabit inter-VLAN with a Mikrotik RB4011 – blog.kroy.io

Something I see pop up fairly regularly on a few of the forums, Discords, and subreddits that I hang out on is that the RB4011 is not capable of 10 gigabit routing

Guess what?

THAT’S WRONG

I’d be lying if I said that this xkcd wasn’t me sometimes:

Of course, whenever this pops up I’m not in a position to demonstrate the proof. It definitely can go almost full 10Gb.

But you say, it’s only got a single SFP+ port!

That’s what full-duplex is for!

I’ve got a number of these devices and have tested them extensively. The RB4011 is definitely capable of 10 gigabit routing, in a router-on-a-stick fashion.

Continue reading

Impostor Syndrome and Loser DNA – Daniels Networking Blog

Most of you are probably already familiar with impostor syndrome. Wikipedia defines it as: Despite external evidence of their competence, those experiencing this phenomenon remain convinced that they are frauds, and do not deserve all they have achieved. Individuals with impostorism incorrectly

Source: Impostor Syndrome and Loser DNA – Daniels Networking Blog

Nanog76: IPv4 prisoner

20190610_Howard_Prisoner_Of_Ipv4_v1.pdf
Video will be up in a week, I’m sure.
Summary:
ISPs are motivated to promote IPv6 to avoid CGN.
Content providers are motivated to promote IPv6 because it’s faster, and faster means (they say) they increase user engagement/sales/ad views.
So e-commerce sites should dual-stack and only sell IPv6 capable equipment. Maybe ISPs can test it for them.
If everyone works together, everyone can make more money. Complementary blog post with more detail at www.retevia.net/prisoner

/r/ipv6/comments/bz7ias/well_that_was_fun/

Tag: blog