Wednesday, June 19, 2013

Nice Visio Draw for Dual Cluster Network Devices (Firewalls, Routers, Switches)


There are two External Firewalls and Two Internal Firewalls. Between them, there are two different zones connected, web DMZ zone and mail DMZ zone.

10 Suggestions for how to be a successful Network Consultant

Having spent over twenty years in I.T. and over seventeen years in networking, Iíve worked with a lot of Network Engineers. Career progression has always been a hot topic. Iíve always been interested in learning how people have found themselves in the job they now do.
Until the Cisco certification bandwagon really got going about twelve years ago, there was very little structure in the profession of ëNetwork Engineerí. People tended to be measured on the manufacturer courses theyíd attended and the bragging they did about the networks theyíd designed, fixed or broken. I was always more impressed with the size of the broken networks. Anyway, now, thanks to Cisco Career Certifications we have a method of ëmeasuringí peoples networking ability which other networking vendors have copied. However, speaking as someone who regularly hires Network Engineers, youíre going to need a bit more than a freshly printed CCNP certificate to convince me that you should be let loose on our customerís networks.
The goal of most Network Engineers I meet or interview is to become a Consultant. Usually their motivation is ëcareer progressioní which will lead to better salaries and enhanced recognition amongst their peers. Often, having the title ëConsultantí is more important than being a consultant. Most people understand that there is no short-cut or boot-camp that will make you a consultant; itís a combination of knowledge, experience and good judgement.
Here are ten things that Iíve learnt and that I will think will help any Network Engineer develop towards being a consultant.
1. Assume you know nothing and take time to understand your customer. Listen to your peers, listen to your customers learn from their experiences. There is always someone who knows more than you and he/she maybe across the table from you listening to your ëdrivelí. Understand your customer, understand their needs, understand their frustrations, understand their motives and understand their skills. Listen to what they have to say and try to empathise with their problems. Generally Networks are built to enable business, make sure you understand that business.
2. Develop your soft skills. Consultancy is about communicating your ideas and opinions. A lot of great ideas have been lost because of a failure to communicate them. Learn to use Visio (or whatever drawing package youíre comfortable with) time spent learning to use the many features of Visio is never wasted. Also learn to use Word, Excel and PowerPoint (please, please donít start arguing the merits of open source software and explaining that Microsoft is Satan come to Earth in a software format; youíre here as the network guru, remember). When you have to present your findings or communicate your ideas, think carefully about how you are going to do it. A picture or graph is generally better than a 100 words. Understand your audience and be aware of their attention span.
3. Learn to write Management Summaries. Why? Because managers make decisions, I’m sorry thatís generally the case in most organizations. They hold the purse strings, are very busy and donít always have time to read your 56 page analysis of why migrating to OSPF from EIGRP would be a really cool thing to do. Itís a sad fact of the ëcomputer ageí that peopleís (especially managerís) attention spans have shortened due to information overload. They tend to read the beginning and the end of a proposal and ëskim readí whatís in between. Think of the Management Summary as a trailer to a movie, a good Management Summary will get the reader interested and read more of the document. If you want to convince someone to take a course of action then the Management Summary is the place to focus onÖ.. Sad but true.
4. First impressions do count. Whilst a freshly printed CCXP certificate may impress your mates and your Mum, it wonít impress your average IT Manager whoís network is in meltdown. His first impression of you will be what you look like or what you sound like. So make it count. Listen to what they have to say and choose your first words carefully. Acting like an expert is a lot easier than sounding like an expert, try and keep the impression going for as long as possible.
5. Donít alienate anyone. Generally IT projects or major troubleshooting events involve people from various aspects of I.T. as well as the ëvictimsí from the Business. They all have an opinion and they are all generally experts in their own areas. Respect their knowledge. They may be bigoted, opinionated and anti-networking, but it is your job to gently show them the error of their ways and guide them to the path of enlightenment regarding TCP/IP. Plus the fact, it may actually be the network at fault and you may end up needing their help.
6. SNMP Management, Syslog Collectors and Packet Sniffers. Learn how to really use these tools. SNMP runs on almost everything in the network and itís just sitting there with the answer to a lot of problems. You just need to know how to pose the right question. Analysing syslog messages takes time and requires patience but it often helps uncover the cause of a problem. Having WireShark on your laptop is all very well, but do you know how to write filters, use regular expressions and follow a TCP conversation?
7. Fix the cause and not just the symptoms. When troubleshooting your goal should always to understand what caused the problem and how it can be avoided in the future. Any fool can clear up an oil leak, but it takes skill to stop the leakÖ. And even more skill to preventing it happening in the first place.
8. Document everything. When troubleshooting, if you donít fix it after your first tracert, then get out the notebook and start drawing diagrams, noting down changes and recording when things happen. When youíre designing a network make sure you get all the information together in one place. Requirements, performance information, data sheets, test results, etc. It may be you that has to come back to fix it or upgrade it.
9. Only use agencies as a last resort and write good covering letters. When you feel the need for a new job then do your research, pick the industry, location and environment carefully. Take time to write customized covering letters for your cv. Remember, to a Recruitment Agent you are worth between 12 – 20% of your Year 1 salary, so most of them would have no qualms about putting you in a Russian Gulag if they happened to be paying well. Approaching a prospective employer direct shows initiative and can save them a lump of cash. Make sure you understand their business.
10. Stick to Networking. If a customer tells you that their marketing department have decided texting is going to be the start of whole new social networking paradigm, then just agree with them and build the network. Remember, we are Networking Gods not Marketing Guruís.

Three Layer Designed vs Layer 2 MultiPath Design

 data centre designs shifting from “North-South” type designs to “East-West-North-South”

Explaining L2 Multipath in Terms of North/South, East West Bandwidth

In a number of Packet Pushers episodes, I’ve been referring to the nature of the data centre designs shifting from “North-South” type designs to “East-West-North-South”. Lets dig into this terminology a bit and show us

Spanning Tree is always North / South

I’m reasonably confident that most people who read this will comprehend how a switching network will use spanning tree to create a TREE.
North south east west 1
It will look something like this where the sore switches are configured to act as the ‘root’ of the spanning tree, and traffic flows to core to the edge. More correctly, traffic always flows from edge to core to edge and always in a fixed direction. Because we tend to draw the core at the top of the diagram, and shows connections to the distribution and access layers as connecting down the hierarchy, we tend to see a ‘top to bottom’ or north-south distribution of data traffic flows.
Where this model fails, is that bandwidth between servers that are on two branches must cross the core of the network as shown in this network diagram.
North south east west 2

The Weakness is the Core Switch Interconnect

The challenge with this is that the connection between the core switches can become heavily overloaded, especially in networks where the server fanout is large and commonly occurs in heavily virtualised network. To some extent, this is a new problem. Previously, the core switches would be interconnected with an EtherChannel that would provide multi-gigabit connectivity, and recently we saw the introduction of 10GbE ports which allowed for further increases in the core capacity.
Now that servers are connected and 10GbE, and the addition of storage data means that sustained traffic flows have increased, and not just by twenty or fifty percent. Storage data (whether iSCSI, NFS or even FCoE) means that these designs won’t last much longer.
Currently, it’s convention to locate the storage arrays close to the core network switches so as to reduce the workload in the branches of the tree which isn’t a bad strategy. But this doesn’t account for the East-West migration of virtual machines.

Layer 2 Multipath Switch Networking

Layer 2 Multipath (L2MP) refers to the recent developments in Data Centre networks where the core switch can no longer handle all the load. That is, if you have a three hundred physical servers and each physical servers hosts twenty virtual machines, then the gross data load including storage traffic will easily exceed the interconnect. We talk about the development of data centre models that support east-west traffic flows.
North south east west 3
In this type of design, we can see that a L2MP core, regardless of the type – Big Brother or Borg style, means that bandwidth does not choke around any specific point in the network. So not only does the network support the traditional North/South bandwidth alignment that we have today, which creates artificial limits on how we can locate and distribute servers inside existing data centre networks, we are now able to provide East/West bandwidth to support loads that are dynamically moved around the data centre with a lesser degree of concern for key choke points that exist in legacy designs.
This especially applies to converged network where the storage data creates new loads that increase the sustained usage of the Ethernet network.

Scale

Also, because hot spots can exist in the network core as traffic loads migrate around the network edge points, the L2MP allows for additional connections to be added as needed. Note that adding does not have the potential service impact and risk profile that making changes to spanning tree presents. Therefore, the network becomes more flexible (or less “crystalline” is the term that I use).
North south east west 4
Note that the terms Borg and Big Brother are fully described inhttp://blog.ioshints.info/2011/03/data-center-fabric-architectures.html blog post from Ivan Pepelnjak.

The EtherealMind View

It’s worth noting that these changes are key to successfully addressing the networking requirements for virtualisation. Hopefull this helps to explain some of the reason that new switch architectures from Juniper and Cisco that relate to Fabric networking are important.

Bisectional Bandwidth

It’s worth noting that this problem is also related to the topic of Bisectional Bandwidth and the measurement of the server to server bandwidth as a function of the architecture. I wrote about this in this blog post : http://etherealmind.com/bisectional-bandwidth-l2mp-trill-bridges-design-value/


Rules of Writing Designs

EtherealMind’s Rules of Writing Designs

Rule 1 – A Design Document is not an english creative writing project

  • Forget school. Your writing isn not going to be marked by your English teacher.
  • It’s a statement of fact. There is no reason for creative writing.
  • stick to the facts, just the facts, and forget style.
  • don’t use fancy words unless they are technical fancy words.

Rule 2 – A design doesn’t get “read” it gets “used”.

  • Therefore layout matters less than facts, data, details and raw information.
  • Formatting doesn’t matter. Really.
  • It shouldn’t read like a book.
  • It won’t be published.

Rule 3 – Never write a paragraph when a bullet point will do.

  • If you are writing in paragraphs, you are wasting time. Use bullet points
  • A bullet point makes you focus on the data, instead of waffling about grammar.
  • Brevity means less mistakes because of bad interpretation.
  • You spend less time typing

Rule 4 – A bullet point should always be used instead of paragraph.

  • see previous rule.
  • only exception is the introduction, where you put some business background to the project.

Rule 5 – Use Diagrams

  • a diagram is better than a bullet point ninety percent of the time.
  • it’s possible to produce an entire design in diagrams ONLY.
  • Diagrams will be used more often, and stay on peoples desk for longer than a any paragraph or document.
  • Use diagrams.

Rule 6 A good table replaces even more paragraphs.

  • for moments when all else fails, and you think you need a paragraph ? Use a table.
  • tables carry almost information as a diagram.
  • most useful for “why”. Left Column = reason, Right Column = how, why, what.
  • and bills of materials.

Rule 7 – Never use adjectives, that’s what sales people and project managers are for.

  • any words that end in “-ly” should not be used.
  • the only opinion you are allowed to express is about technology.
  • Even then, I’m dubious.
  • weasel words are not allowed.

Rule 8 – A Design never needs more than four levels of headings.

  • Really, any more than four means your document outline is faulty.
  • make sure you know how to use the outliner feature of your word processor.
  • make sure you understand why you need to outline a document before you start.

Rule 9 – The design process goes from least specific to most specific.

  • Thus the Business Plan becomes High Level Design becomes a Detailed Design becomes a Operational Document.
  • Each one contains more and more specific information, and less and less words.
  • No exceptions.
  • if what you write isn’t more explicit than the previous document, then don’t write it.

Rule 10 – Use appendixes for irrelevant information that you think is relevant.

  • If you have any doubt about whether something is completely relevant, then use an appendix.
  • better yet, use a reference to an external resource.

Rule 11 – A Big Document is a Failure

  • use references to external documents and web sites
  • assume that the reader knows something about the topic. You don’t need to explain everything.
  • You will need to explain some things, that’s the purpose of the design.
  • You don’t get paid per page.
  • People won’t review a long document, and then your errors / mistakes get missed.
  • you waste your own time editing it.
  • no one will read it.
  • don’t fall into the trap of big documents are better. They are not.

That’s it.

  • Go and Design Something.
  • Do your research and testing.
  • Always document before, during and after. Especially after.
  • make it short, simple and it will be sweet.

Network Designer vs Network Engineer = Painter vs Artist

f you were a Painter, a really good painter, you would have skills and expertise in painting. You might understand your brush, how to make one, what hair is the best type for a given finish. You might practise on using different shapes, different hair and different movements. You might also be able to make your own paint, mixing the raw materials to produce the different colours. You could grow your own herbs, gather your own minerals and grind / boil and fix them to make your own paints. Your experience knows how to apply the paint, to combine your physical movements with the nature of the paint, surface and other factors to .
But to be an Artist, you would also need to understand shape, form and colour. You would spend time thinking about composition, and relationships, and creating a narrative within the picture frame. You would consider and practice, draft and draw elements of the picture, carry out preliminary sketches and form drawings until you captured the essence, the very spirit of your art. You would also need to have a relationship with those who might buy, or display, or commission you work – you wonít be a serious artist if you canít survive, and you wonít be serious if you donít practice your art every day.
A Network Engineer, a really good engineer, should have skills that knows how to trace, to detect, to debug. You should know how the network is connected, and why data flows that way, and not this way. What is its purpose ? What are the elements that join together, that are mixed, to provide the data flow from end to end. And then, make the fix.
But to be a Network Designer, a really good designer, also needs to understand the network, the entire network, and all of the elements that make it up. You should see the form and shape of the entire system, and the external factors that make it the way it is. You should understand what the you can do, with the materials available, and how you can touch-up the picture, to change that shape, to add a little character there. The business factors that created the opportunity, and restrict the picture from being great.