The Many Hats of the Network Engineer

November 18, 2010 8 comments

Remember when the network field wasn’t so complicated? Think back to the early 1990’s. Wireless for enterprise users was in its infancy. Firewalls seemed to be a bit easier to administer. Virtualization was limited to the mainframe community. A T-1/E-1 cost a billion dollars a month and could provide Internet connectivity for thousands of users. Voice was still confined to its own cable plant and the PBX was humming along using TDM. RIPv1 was still pretty popular. Hubs made packet captures easy to obtain, but broadcast storms constantly took down segments of the network. Storage involved connecting an external disk array to a server via a SCSI cable. ISDN was what the rich people used at home for Internet access. You know. The good old days.

Well it seems that a lot has changed since then. While I have no desire to go back to those days, I do miss the simplicity. Or at least what seems simplistic compared to today. Let’s take a look at what your typical enterprise network person has on their plate. Keep in mind that in some environments, these people also have systems related duties such as Active Directory administration, Linux/Unix administration, e-mail, database, etc.

Routing – Static, OSPF, EIGRP, and BGP

Switching – STP and its variants(RST, MST, PVST), Link aggregation(port channels/etherchannels)

Wireless – AP’s(antenna types), controllers, extras(location services, management), 802.11a/b/g/n

Circuits/WAN – T-1’s, DS-3’s/T-3’s, OC-3/12/48(SONET), Metro Ethernet, ISDN(Yes, it’s still out there), FrameRelay(Yep. That one too.), MPLS

Voice – call routing, phone(station) administration, voice mail, conferencing(audio and video), PRI’s, DID’s, signaling, codecs, voice gateways

Other Services – Multicast, load balancing, firewall, IPS, VPN, WAN optimization, content filters(web,e-mail), network management platforms, QoS, packet capture analysis(ie Wireshark,tcpdump), storage networking

Does that about sum it up? Yes, some of those things were being done back in the 90’s and in some cases, even earlier. However, a lot of them are relatively new things. Maybe you don’t have to touch all of those things. Maybe you do. For some of the service provider type things (MPLS, SONET), you may not ever have to administer that end, but if you’re buying those services, you better be familiar with them. Perhaps your organization is large enough to break out the security side of things or the voice side of things. Maybe you have a dedicated storage group that handles the storage network side. If you are lucky, you may even have a dedicated wireless engineer or two depending on the size of your wireless deployment.

It is a monumental task to become proficient in all of those areas, but wait; there’s more. For many people in the network space, they also have to become data center/facility engineers focusing on the following things:

Monitoring – temperature, humidity, water leak, smoke, power load levels

Cooling – BTU calculations, hot/cold aisle design, airflow on hardware

Power – Circuit requirements, UPS requirements, generator requirements

Cabling – Sub-floor, above the rack, CAT-5/6/7 differences, patch panel choices/locations, SM and MM fiber differences

Space Requirements – Rack deployments, 2 post, 4 post, full height, half height

Think that’s all? Well, the past few years have added some additional requirements, and more are coming. Things such as:

Virtualization – It has been around for at least 5 years now in enterprise environments. It’s not going away and without using newer hardware/software from networking vendors, you can’t see what’s going on inside the server farm.

The Return to Layer 2 in the DC – TRILL and every vendor’s particular flavor of it aim to resolve the ineffiencies of Spanning Tree and turn your network switches into an intelligent fabric. This will be similar to what storage networks have today via Fiber Channel.

Consolidation of Storage and Data/Voice Traffic – It happened to voice about 10 years ago. Now it is happening to storage. Everything will be on 1 wire in a matter of years.

Traditional Endpoint Death – No longer will the phone, desktop, and laptop rule the network. Cellular phones, tablets, and other similar compact devices will show up on the wireless networks in even greater numbers than they are today. Congratulations corporate wireless person. You just become a Google, Apple, Microsoft, Blackberry, HP, Cisco, and Avaya engineer for their mobile product set.

IPv6 – And you thought planning IPv4 deployments were interesting? The migrations to IPv6 are going to be interesting. Using NAT and 6to4/4to6 tunnels will become commonplace until the IPv4 is gone. I realize this is already happening/happened in many other parts of the world. However, in the US, there’s still a LOT of work to be done.

Now I realize that nobody is going to be an expert in all of these areas. I also know that many employers are not going to require you to even be familiar with all of these things. With things like hosted data centers, you may not ever have to deal with data center build out. Power and cooling may never be an issue for you. I also know that there are plenty of good consultants out there that specialize in one or more of these areas. Of course, nobody stays at the same company forever, so what you do at company X today doesn’t mean you won’t do a bunch of other things at company Z tomorrow. I guess the point I am trying to make is that our jobs are only going to become more complex in the years to come. The amount of hardware we use may decrease, but the functions within that hardware will increase. I can see a day in which something like WAN optimization is built into the router itself, and I don’t mean via a service module. I mean built into the processors or ASIC’s themselves. Of course, that’s assuming we’re still using TCP at that time. I don’t even want to contemplate what wireless will be like after 802.11n because it makes my head hurt just trying to understand how 802.11n works today with multiple antennas.

Start looking at the blueprint for something like a Cisco CCIE Route/Switch(Insert any other track as well) or Juniper JNCIE exam and you’ll find that it only covers a portion of what you need to know in this day and age. Anyone who has been involved in that process from start to finish knows how much information you have to know to pass. For those who don’t know, it is a TON. Yikes! Still want the job? Maybe becoming a specialist isn’t such a bad idea after all.

Advertisements

Competing With Cisco

November 11, 2010 9 comments

***Please note that these are my own thoughts and not those of my employer.

First and foremost, I have to credit Jimmy Ray Purser from Cisco for putting the idea for this post in my head. Back in late April of this year, he wrote an article for Network World entitled “The ABC’s of Anybody but Cisco.”

Like a lot of people, I work on networks that have a lot of Cisco gear. I’m very comfortable with their stuff. I’ve used CatOS, IOS, and NX-OS. Switches, routers, phones, firewalls, load balancers, access points, voice gateways, ACS, etc. It’s all familiar. Old hat. A lot like the old comfy t-shirt that Tom Hollingsworth wears. I’ve invested a lot of my time and energy into learning their product set. One could say my familiarity with their gear has been responsible for a significant portion of my earnings over the years. I don’t want to give the impression that I am a paid shill for Cisco. After all, I don’t work for a Cisco partner. I’m one of those corporate types who occupies a cubicle and acts as the caretaker for a decent sized network. Not a massive network, but big enough to have some direct support from our local Cisco office when we need it. We don’t use Cisco for every single thing on the network side, but if the various vendors on our network had voting rights, let’s just say that Cisco would be able to influence any election in their favor.

Although I use a lot of Cisco gear, I also try and keep an eye on the other vendors out there. On a given day, I probably get at least a dozen e-mails from other vendors and networking publications. Additionally, I have an ever growing RSS feed list comprised of dozens of vendor blogs and blogs from the many networking professionals I follow on Twitter or have found via word of mouth. In other words, I spend at least 10% of my day consuming information from Cisco, other vendors, and networking professionals who may or may not share my viewpoint. I feel that gives me the potential to have a very well rounded view of the networking industry. Whether or not I can process all of that information to form worthwhile opinions is another matter. Suffice to say, I am trying to put in the hours to ensure I can make the best decisions for my employer.

The challenge to vendors other than Cisco is figuring out how to pitch their product and have it SERIOUSLY considered by people who manage networks where Cisco dominates. This can be done, but it takes marketing and sales people who understand who their likely customers are. I’ve seen and read plenty of non-Cisco pitches. Some are very good and offer compelling reasons to consider their product. A lot offer nothing other than “We’re not Cisco!”.

A few years ago, I read a very interesting book about Wal-Mart called “The Wal-Mart Effect”. I thought it was a mostly balanced look at the company and how they do business. One of the most interesting parts of that book was where a retail executive was giving advice on how to beat Wal-Mart. He said that you would NEVER beat them on price. They are too big and have too much influence over their suppliers. Wal-Mart will do whatever it takes to get the lowest price possible from the supplier. You beat Wal-Mart by creating a better experience for the customer. Give them better quality. Give them better product selection. Give them nicer facilities to shop in. That’s how you beat them. If you try and take them on in a price war, you WILL lose. I think about what that person said and try and apply that to Cisco’s competitors. How do you compete with the overall networking market leader? In my mind, that requires some different thinking.

1. Don’t spend all day bashing Cisco. – If I am willingly talking to another vendor as an alternative to Cisco, it’s probably because I realize there are other options out there. You are not helping your cause any if the main thing you have to offer is that Cisco sucks and you are better. Up until July of this year, the Riverbed blog was full of posts slamming Cisco. I’m not going to say that Cisco didn’t deserve some of those. I’m not even going to make the argument that WAAS is the same or better as Riverbed when it comes to WAN optimization. Clearly Riverbed is doing some great things in WAN optimization. They’re very easy to setup and administer. Their products work very well. Sell me on those points. Sell me on the fact that it works and that you’re offering me things that the other WAN optimization vendors are not. When I have to deal with corporate arrogance be it from marketing content or sales people, I get turned off on the product real fast. Why? Well, arrogance breeds complacency. It doesn’t allow an organization to see clearly and eventually someone is going to catch up and turn your double digit market share into single digits. When competing with a company like Cisco, you are competing with a very well oiled marketing machine. Don’t ever forget that. In fairness to Riverbed, I haven’t seen that mentality lately. As a result of that, my feelings toward them have improved greatly.

2. Don’t preach to me about standards. – If there’s one thing I hear the most, it’s that vendor XYZ is a completely “standards” based company. If you have been around the Cisco community for a few years, you know how instrumental they are in driving standards. VRRP, MPLS, PoE, LLDP, 802.1q, and CAPWAP among others are a direct result of Cisco and their influence. Additionally, some of these companies that want you to use their hardware because it is standards based are producing their own variants of certain standards. I can think of a couple of vendors right off the top of my head that have their own enhancements to VRRP. Most of the Cisco gear I have been around support these “standards”. Remember, they drove the creation of quite a few of them in the first place. Yes, Cisco does make modifcations/enhancements to things like OSPF and other protocols, but so do most large vendors. My point is that everyone supports standards, or they wouldn’t be standards. What vendors are really trying to tell me when they are preaching the fact that they are standards based is that by using proprietary protocols, I am locking myself into Cisco. That, in their minds, is a bad thing. I can assure you that I am aware of the risks of running EIGRP, HSRP, or whatever proprietary protocol that Cisco puts out. It’s also not a good idea to assume that I am running any proprietary protocols just because I have Cisco gear.

3. Your presentation needs to be polished. – Please, please, please spend some time on your documentation and presentation material. Understand that people who are buying and deploying Cisco have access to very polished design guides, configuration guides, product data sheets, etc. While I am not asking you to replicate the entire Cisco documentation/support ecosystem, it would help if you ran your documentation through a spelling and grammar check before displaying it on your website. For examples of good documentation outside of Cisco, see Juniper. They have their act together.

4. Innovate – Sometimes a radical approach to the way we are used to seeing things is needed. Aerohive is doing some very interesting things in the wireless space. They’re not using controllers to manage their AP’s. The AP’s manage each other. Very different and very cool. I’m not a wireless expert. I don’t use their products. I don’t have any plans to use their products in the near future. However, I AM keeping an eye on them and if an opportunity comes up in which they would be a good fit, I won’t hesitate to reach out to them.

Juniper has completely sold me on their SA line of SSL VPN appliances. Everyone I talk to about them has the same feeling. Very feature rich!

Riverbed is the leader in WAN optimization. I use their product and am very satisified with it. It just works.

Arista has created a compelling offering in the data center switching environment. The fact that I can run numerous third party applications on their switch due to their granting me shell access is VERY interesting. Oh, and I should also mention that nobody else can give me the same amount(384) of wire speed 10Gbps ports in a chassis(7500) of their size(11RU).

Brocade and Force10 both offer an interesting alternative to the standard top of rack copper switch or Nexus 2k FEX line. They have line cards that support the MRJ21 connector system developed by Tyco Electronics. Essentially, your top of rack switch is reduced to a patch panel that connects back to a Brocade or Force10 chassis. However, this is not a 1 to 1 patch panel. Rather, a single MRJ21 cable(about the width of a pencil) connects the patch panel and chassis. Each cable supports 6 10/100/1000 connections. The patch panel is not the ordinary punch down block you are used to seeing. It’s a modular cassette or fixed 24 or 48 port 1U patch panel. None of these cassettes or patch panels require power. All management is done from the central chassis. If you are familiar with Nexus 2k administration from the Nexus 5k, this is similar. The benefits to this technology are three fold. First, there is no power consumption required in the top of rack. Second, all administration is done from the central chassis which can be located at the end of the row, middle of the row, or on the other side of the data center. Third, with the modular capabilities, you can split up the 24 or 48 ports your typical top of rack switch has. 1 logical 48 port switch being managed at the central chassis can be spread out over 2 or more racks.

————————————————————————————-

That’s it. Four simple things from my perspective. There may be more, but to me, these are the big ones. I didn’t mention pricing. I don’t usually see this as being an issue. Other vendors know what the pricing is going to be from Cisco. They can figure out based on the size of the company what the discount is probably going to be. They may not know the exact amount, but they can make a pretty good guess. Your product needs to be cheaper. That’s a great selling point for a lot of vendors. They know you are paying for the Cisco name, so they can use that as leverage. If it is not cheaper, it better have some sort of compelling reason to be chosen. There needs to be a “wow” factor and not vaporware. It needs to be legitimate.

You’ll also notice that I did not address the problems with Cisco itself. That would take another long post and there are plenty of other capable bloggers out there hammering away at them on a regular basis. My goal in this post is to focus on how to compete with Cisco.

Categories: cisco, vendors Tags: ,

What Exactly Do You Do For A Living?

November 2, 2010 4 comments

Once upon a time I wanted to grow up and be an astronaut, police officer, pilot, and cartographer. Well, as you can probably guess, I didn’t end up anywhere near those professions. Here I am neck deep in the world of information technology. Although my primary focus is on the routing and switching areas of networking, I find myself routinely pulled into other areas of networking as well. If I am at one of my employer’s remote sites, I might get asked about power and cooling needs, or even how we are going to replace a PBX with a VOIP solution. Just a few days ago, myself and several co-workers pulled an all-nighter at the data center in order to add more redundancy. That involved security as well as other services such as DNS. Although our wireless networks typically work well, if there is a problem, my group is responsible for fixing it. Basically, I get to run the full range of networking.

If you are reading this, odds are you understood everything I just wrote in the opening paragraph. You understand it because you are probably involved in the industry to some degree. The average non-IT person out there does not. That’s not to say that they are completely in the dark about IT or networking in general. It’s just that they don’t deal with this stuff every day and thus, it is a foreign world to them. One of the questions I get asked quite often is what I do for a living. I can tell people I am a network engineer/architect/janitor/technician, but I usually end up telling them I am in IT. Some people know what IT is, and for others I have to define it as “Information Technology”. I usually just mention the word computer and people understand. One of things I am quick to point out is that I don’t actually work on the computers themselves. I simply make sure they can all connect to each other and pass data back and forth. Perhaps the most frequent comparison I use is that of a road network. If you think of the various homes and buildings around your part of the world, those are the computers. The roads are the network. I take care of the roads. Whether it means building a new one, filling in potholes, or widening an overcrowded stretch of road, that’s my job. Thanks to the wonderful marketing power of Cisco, I can usually ask people if they are familiar with the “Cisco” brand and most times they are. Then it’s easy enough for me to say that about 90% of what I do revolves around that brand name. Surprisingly, nobody has asked me to help fix their Flip device yet!

Why am I mentioning all of this you ask? Well, it is simply a reminder that for those of us who are networking professionals, our job is relatively unknown outside of IT circles. Perhaps the one big exception might be those of you who focus on voice. The phone is a device everyone is familiar with. It is a tangible product that we surround ourselves with. If you tell someone you take care of the phone system, they understand that. Router, switch, firewall, access point, and load balancer are all foreign terms to most people. They hear the word computer and more often than not, assume you can remove that virus that is preventing them from getting to YouTube. That couldn’t be further from the truth.

As you grow in your networking or IT career, you’ll find that you need to constantly improve your skills and knowledge. What you know today is only a fraction of what you’ll need to know a few years from now. In the course of all this, you’ll have designs that fail and implementations that go bad. You’ll also have a lot of scars to prove it. There will be plenty of war stories that you acquire over the years. That information is of great value to others in this field. You’ll also want to hear the war stories from others. Since the average person out on the street is not involved in what you do for a living, you will have to find other people who do what you do. You need to share what you know with others. Likewise, they need to do the same. There’s a reason I chose the “therapy” theme for this blog. I can’t go home at night and talk to my wife about what I do for a living. My son and daughter are both under the age of 10. If my job doesn’t have anything to do with Barbie or Star Wars, it’s not very interesting to them. With very few exceptions, I can’t go and talk to people at church about the struggles and successes about life in corporate IT. Thus, I need an outlet. We ALL need an outlet.

Here’s a few suggestions:

1. Find a local user group. This would be a group of people who do what you do for a living and get together once a month or once a quarter and talk about various technologies, hardware, or software.

If you happen to be a predominantly Cisco shop, there are quite a few of these groups around the United States. You can find one here.

For all other types of IT related groups, this site can help.

2. Get involved online. It goes without saying that if you are reading this, you are already involved to a certain extent. However, there’s more out there than just blogs.

LinkedIn is a great way to connect with other IT professionals. There are tons of groups on LinkedIn that pertain to a certain local area and technology. Via the group discussions, you can interact with thousands and thousands of IT professionals all over the world.

Twitter is one of my favorite sites to use. It provides almost instant feedback on virtually anything you can think of. Plus, there are tons of really GOOD technical people on there. People who write books you have read. People who work on networks you dream about. With a worldwide audience, there’s always somebody online watching their Twitter feed who can help out with an issue or just listen to you rant about why you should have gone to law school instead. Not only will you learn a lot, you will get to know people you will probably never meet in person.

Forums are a great resource to ask questions or help out with other people’s problems. Cisco has a fairly large technical forum on the main cisco.com website. Another decent site to use is networking-forum.com.

There’s more things like IRC, mailing lists(NANOG comes to mind), and even sites like Facebook, but I think you get the idea.

As technology becomes a larger part of our everyday lives, people will figure out more about our networking jobs. Wireless is becoming the norm out there, so a lot of people are learning more about wireless hardware and terms. With the dangers of the Internet, the term firewall is being thrown around a lot more. While I doubt everyone out there is going to learn about the OSI model, I do think our jobs will become less esoteric and more mainstream. Until then, we have to find a way to help each other out.

Categories: career Tags:

An NDA Can Keep Bad Decisions Away

October 20, 2010 1 comment

Over the past year, I have seen some interesting presentations from vendors showing me some things that they have on their future roadmap. Some of these things have already been released to the public. I’m still waiting on the rest. All of this was a result of having non-disclosure agreements or NDA’s in place. The vendors agree to show us some of their stuff that is coming to market soon on the assumption that we will not release this information to anyone else. While I do enjoy knowing about things before they hit the market, I sometimes feel bad for companies that don’t have access to this information. Not only that, I often wish I had access to all vendor product roadmaps. Let’s face it. From the network hardware/software standpoint, we generally do business with only a handful of vendors. I say that as someone who works in a corporate environment. If you are a consultant, that doesn’t necessarily hold true as you may sell a wide variety of hardware and software.

If your dealings with companies are limited to a select few, those companies have a vested interest in making sure you stay with them. One of the ways to do that is to give you a better view into their product cycle so that you know what is coming. Look at the switch market for example. The number of vendors offering products in that space is growing and growing. I recently spent a LOT of time comparing 10Gig aggregation switches between 6 vendors. What if the vendor I use today had a platform that was average or below average in terms of 10Gig capabilities? If I had a hard requirement for a certain number of 10Gig ports and it had to be contained to 1 chassis, my choices are really going to be driven by 10Gig port density. It could be some other factor like power consumption or even chassis size. It doesn’t really matter. As long as my usual switch vendor cannot meet that requirement, I am going to go outside and look for another vendor. If I am dead set on staying with that vendor, I am going to change my requirements, To me this does not seem like a viable option unless it would cause unbelievable pain and suffering to introduce another vendor into the network. If that is the case, you probably need to re-think the whole single vendor strategy. Then again, if that single vendor works for you, then go for it. It’s your network and we each have to make the decisions that serve our company and customers best.

Back to the fictional switch problem. What if I am the incumbent vendor and I know you have a need that I cannot fill today, but will be able to fill that need in a couple of months, or even a year from now? Should I tell you even if nobody else knows about it? This is where the NDA comes into play. If you have done a bunch of research and are looking at alternatives to the incumbent, your mind might be changed if you happen to know something better is coming. Maybe it is far better than every other vendor’s current products you have been looking at. Maybe it is on par with the replacement vendor you have been looking at. Can you wait that long?

After seeing the new shiny thing that is coming out soon, you may decide to stick with your existing vendor. However, who is to say that the other vendors won’t be coming out with even better hardware/software around the same time or a month or two after? This is the point in which I find myself wishing I had access to all the vendor’s product road maps. I know some vendors will do an NDA on the notion that it will get them a sale, but I don’t know that I am going to be able to spend a bunch of time with every vendor to the point in which an NDA can be put in place. Perhaps it is best to bring in the consultants/integrators that sell products from a number of different companies. I would suspect they have some sort of idea when it comes to the future direction of certain product lines. Or maybe not. They might be in the same boat as I am.

The last thing you want to do is buy a product and have an even better solution appear a week later. I do think that most vendors will let you know that a better product is coming rather than lose the sale as long as the dollar amount is high enough. I don’t think company X is going to reveal a whole lot about their future road map if the net gain is a couple thousand dollars. Then again, if the salesperson has had a REALLY bad quarter all bets are off, but at that point you can smell the desperation in their sales pitch and I tend to be put off by that. That leads me to the thought that you really have to consider a wide range of factors when dealing with vendors. To me, the product has to meet the technical requirements above all. After that, cost is important. Right along with cost is the experience the vendor will give you. What are the hardware/software support capabilities of that vendor? What is the direction of the company? How long has the company been in business? If it is a recent startup(ie less than 2 or 3 years), who are the people running the R&D for these products? Are they known in the sector they are doing business in? In other words, if they sell security solutions, are they using experienced security professionals to develop the products or is this strictly an “academic” operation in which someone had a decent idea and got some venture capital funding? Granted, you can’t always figure all of that stuff out, but if you can, it sure helps when the decision making time comes.

To sum it all up, I think the smart vendors are going to tell their customers what is coming and when they can expect to see it for sale. It helps people like me plan for things down the road. I’m more interested in a vendor that is constantly updating their technology as opposed to one who releases new products with lesser frequency than leap years occur. When it comes to NDA’s, I don’t think the size of the customer should matter either. Small companies can get big relatively quick in this age of acquisitions and mergers. IT professionals DO talk to each other and tend to trust each other’s opinions MORE than a vendor paid “performance test” by an “independent lab”. If you are a vendor and want to show me your road map, I promise not to tell anyone outside of my company. šŸ™‚ I don’t even want you to buy me lunch. I might just put pictures of your hardware up in my cubicle and drool over it all day until I my manager lets me buy it.

Categories: vendors Tags: ,

Nexus 7010 Competitors – Part 2

October 15, 2010 5 comments

**** Please note that these are my own thoughts and observations and should not in any way be taken to be the opinion(s) of my employer. Additionally, this is a rather long post, so please bear with me. I promise not to waste your time by babbling incessantly about non relevant things.

Finally! After many hours spent sifting through vendor websites and reading various documents, I have finished my comparison. If there’s one thing I came away with in this process, it’s that some vendors are better than others at providing specifics regarding their platforms. By far, Juniper was the best at providing in depth documentation on their hardware and software. Although Cisco has a ton of information out there about the Nexus 7000, I found that a lot of it was more on the architecture/design side and less on the actual specifics of the platform itself. Some vendors still hide documentation behind a login that only works with a valid support contract. In my opinion, that’s not a good thing. I think most people research products before they decide to buy, so why hide things that are going to cause roadblocks for people like myself trying to do some initial research? I’ve read MANY brochures, white papers, data sheets, third party “independent” tests(meaning a vendor paid for a canned report that gives a big thumbs up to their product), and other marketing documents in the past couple of weeks. I did not actively seek out conversations with sales people in regards to these products. I did have a couple of conversations around these products and not all the people I talked to were straight sales people. Some were very technical. However, I wanted to go off the things that the websites were advertising. Once the list is narrowed down to 2 or 3 platforms, the REAL work begins with an even deeper dive into the platforms.

I wish I could display the whole thing on this website and have it look pretty. Unfortunately, I don’t know how to do that and make it look nice. Remember, I get paid for networking stuff and not my web skills! In consideration of that, I have attached a PDF file of my comparison chart. I have the original in Excel format, but WordPress wouldn’t allow me to upload it. If you want a copy, I can certainly e-mail it to you. You can send me your e-mail address via a direct message in Twitter. I can be found here.

What IS included in the spreadsheet.

I would love to say that I did all of this work for the benefit of my fellow network engineers, but I would be lying if I said that. I built this out of a specific need that my employer has or will have in the coming months/years. Due to that, some of the features that were important to me may not be important to you. If you find yourself wondering why I included it, just chalk it up to it being something that I considered a
requirement. Having said that, it would be selfish not to share this information with you, so take it for what it’s worth.

When it comes to the actual numbers of things like fan trays and power supplies, I tend to build out the chassis to the full amount it will hold. If it can take 8 power supplies, I will probably use 8. Same with fabric
modules. I like to plan with the belief that I will fully populate the chassis at some point, so I want to have enough power, throughput, and cooling on board to handle any new blades. All chassis examined have the
ability to run on less than the maximum number of power supplies.

When it comes to throughput rates, you have to distinguish between full duplex numbers and half duplex numbers. They don’t always specify which is which, so you have to dig through a lot of documentation to figure out what they are really saying. Thankfully marketing people tend to favor the larger numbers so more often than not, the number given is full duplex. In the case of slot bandwidth, I used the half duplex speed. The backplane numbers are all full duplex.

What IS NOT included in the spreadsheet and why.

If I were to include every single thing these switches support, the spreadsheet would be 10 times bigger than it already is. There are quite a few things that I consider to be basic requirements. These basic things
were left out of the sheet to avoid cluttering it up with things you probably already know. For example, does the switch support IPv6? This should be a resounding yes. If it doesn’t, why in the world would I even
consider it? The same can be said with routing protocols. They all should support OSPFv2 and RIPv2 at a minimum. Most, if not all support IS-IS and BGP as well. It is also worth pointing out that I may not even need this switch to run layer 3. I am looking for 10Gig aggregation and am not necessarily concerned about anything other than layer 2. All of these switches also support QoS. Perhaps they do things a little differently
between each switch, but the basics are still the basics and I don’t really need a billion different options when it comes to QoS. That may change in a few years, but for now, I am not looking at running anything
other than non-storage traffic over these switches.

I think you see my point by now. I could go on and on about what isn’t included. If it is something well known like SSH for management purposes, I don’t need to include it in the list. It’s a given.

Special note on the TOR(Top of Rack) fabric extension.

While I primarily need 10Gig aggregation, another bonus is the ability to have 1Gig copper aggregation as well. However, I don’t want it all coming back to the chassis itself. The Nexus 7010 has the ability through the Nexus 5000’s(of which I already own several) to attach Nexus 2000 series fabric extenders that function as top of rack switches(although it’s not REALLY a switch). This is a nice bonus feature as I can aggregate a lot of copper connections back to 1 chassis without all the spaghetti wiring that is commonly seen in 6500’s and 4500’s. In the case of Brocade and Force10, they actually have the TOR extensions as nothing more than MRJ-21 patch panels. With 1 cable(which is the width of a pencil) per 6 copper ports, the amount of wiring coming back to the chassis is reduced tremendously.

Additionally, there is no power consumption at the top of the rack like there is with the Nexus 2000’s and it is a direct link to the top of rack connections unlike the Nexus model where I have an intermediate 5000 series switch in between.

One final note. The HP/H3C A12508 is listed on the HP site as the A12508, but when you click into the actual product page, it is listed as the S12508. These terms can be mixed and matched and mean the same chassis. I have chosen to use A12508 as the model number as much as possible in this post, but my previous post that mentioned the various switches used the letter “S” instead of “A”.

I plan on posting a few more thoughts on this process as it pertains to specific platforms. I was awed by several of the platforms, not just by the hardware itself, but by the approach the company is taking to the data center in general. Any of these platforms will do the job I need them to do. Some will do that job a lot better than others. As for cost, I have only seen numbers on a few of the platforms. That’s something that is important, but not the most important. You can read my previous post on this for more clarification on what my thought process is.

Remember that I am not claiming to be an expert in regards to any of these platforms. I have done many hours of research on them, but there is a chance that some information in this PDF file will be wrong. If you see any glaring errors, please let me know. I promise you won’t hurt my feelings. If anything is marked “Unknown”, rest assured that I looked at every possible piece of literature on the website that I could reasonably find. If you managed to read this far in the post, the file is below. Enjoy!

Nexus 7010 Comparison – PDF File

*****Update – The Juniper 8200 series does support multi-chassis link aggregation. It just requires another piece to make it work. The XRE200 External Routing Engine gives the 8200 this capability. Thanks to Abner Germanow from Juniper for clarifying that!

Nexus 7010 Competitors

October 5, 2010 6 comments

I have an increasing need for 10Gig connectivity. Although I may have enough ports today, I have to plan for the future. While I can easily buy some more Nexus 5000 series switches, I would rather have a more capable platform. As a heavy user of Cisco hardware, the logical choice was to use the Nexus 7000 series line. It is a platform that I can grow into over time. I don’t need the big 7018, so the 7010 will suffice. My company has a great relationship with Cisco and our sales rep and local engineer are top notch. No hard selling on their part so the relationship is, in my opinion, a very good one.

Having said that, I also have to point out that I have an obligation to my company to ensure the best product is selected. It would be irresponsible of me to make a technical decision of six digit magnitude and have it come up short in features. I need to make sure the product we select is the best fit for our particular needs. That doesn’t mean the Nexus 7010 is the wrong device. For all I know it will be the best thing for us. Of course, I still have to do my due diligence.

Over the past several weeks, I have been looking over some of the competition. Granted, I still have to spend a lot more time looking at Nexus 7010 competitors, so I am nowhere near done. I’ve been really busy with other things, so I haven’t been able to dedicate as much time as I thought I would to figuring this out. What I have done so far is narrow down a list of vendors and the appropriate product that can compete with the Nexus 7010. Here’s a short list of the features I am looking to compare:

1. 10Gig port count across the entire chassis.
2. 10Gig port/blade/module oversubscription rates. (Some products may not have this issue.)
3. Size of chassis.
4. Power consumption.
5. Layer 2 features(STP, TRILL, proprietary)
6. Layer 3 features(Standard based protocols, proprietary protocols)
7. Cost(Not the main driver, but it is a factor to consider after the technical merits.)
8. Product age(Is it a new platform, or has it been around for more than a year or two?)
9. Focus of the company
10. Size of the company
11. Support structure of the company
12. Code updates(Is there a defined release cycle?)
13. Availability of documentation from the vendor.
14. Connectivity options other than 10Gig(1Gig copper ports or some type of TOR integration aka Nexus 2000’s?)

Obviously there are going to be other things to consider. I also was very vague on the L2 and L3 feature requirements. That was on purpose. As I go through this process, I will be able to elaborate more on the particular L2/3 features that are needed vs those that are available.

Here’s the models I am comparing:

Cisco Nexus 7010
Brocade NetIron MLX 16
Juniper EX8216
Force10 E1200
Arista 7500
HP S12508 – This was recently changed from the S9512E as it was recommended by someone from HP that it was a better comparison to the Nexus 7010.

It is pretty hard if not downright impossible to find competing platforms that have exactly the same specs. I tried to find the closest match in terms of 10Gig port capability since that is the main driver behind this project.

More posts to come soon on this. I am still trying to decide if I want to do a post on each platform individually or do a few posts focusing on certain features that they all have in common. Any thoughts on this are appreciated.

ACE Boot Camp ā€“ Days 3 and 4

September 28, 2010 Leave a comment

Days 3 and 4 did not disappoint! I don’t know if I stated this in the earlier posts, but the days basically consisted of lecture in the morning and labs after lunch. I REALLY, REALLY enjoyed the lecture portion. Again, I have to state that the instructor was fairly knowledgeable in regards to ACE, so he was able to actually teach instead of regurgitate a slide deck like other classes I have been in. That makes all the difference in the world. As for the labs, I guess they do some good if you have not had much experience with the ACE CLI. We did not do any labs using the built in GUI or ANM. The problem I have with labs is that they are a very canned and controlled environment. You end up just going through the motions without actually soaking up what it is that you are doing. Ideally, the labs would need to be tailored to your environment to have the greatest effect. This of course, is not realistic. Having said that, I am sure there are some people who get something out of it. My opinion was shared by others in the class in regards to the effectiveness of the labs, so I am not the only one who feels this way. However, the effectiveness of the lecture portion completely overshadowed any shortcomings of the lab portion.

In the interest of brevity, I am going to touch on the things I thought were the most interesting, but I don’t want this post to be so long it requires a coffee break to finish.

Route Health Injection – On a simplistic level, RHI allows the ACE to inject a host route into the network. You would use this to advertise the VIP(virtual IP) that clients use to connect to a server farm. If the server farm is not available due any number of issues, the host route can be automatically removed from the route table and not advertised. The alternative is to simply advertise the VIP’s as part of a regular subnet advertisement like you do with any other VLAN or subnet. Again, I am simplifying this and need to point out that this is NOT something that is specific to Cisco ACE. Other vendors implement similar technologies.

KeepAlive-Appliance Protocol(KAL-AP) – There’s a few variations of the Cisco ACE, and one of those is the Global Site Selector(GSS). Its purpose is simply to provide higher level load balancing between data centers. Basically, it is a load balancer of load balancers. By using KAL-AP, the GSS can query VIP’s at multiple data centers and determine which one is the best fit to send traffic to.

There are a couple of things that the ACE 4710 appliance does that the ACE module cannot. I asked the question as to why this is the case and was told that the ACE appliance has different architecture than the module. It has certain functionality that might come to the module at some point, but for now is restricted to the appliance. These extra functions really revolve around the ACE appliance being able to cache certain HTTP objects and speeding up the process of delivering a web page to an end user. A fair amount of detail on this can be found here.

It sure seems as if I cut back on the information from days 3 and 4 when compared to 1 and 2. I did. Although there were plenty of interesting things covered in the past 2 days of class, a lot of those things would take a while to explain and draw out via diagrams. That’s also assuming that I actually understand these things well enough to explain them in depth.

That brings to me to a more philosophical point in regards to the type of niche product that Cisco ACE is. While it would be great if you knew the CLI on ACE backwards and forwards, it really isn’t necessary. What is necessary is an understanding of what a platform like ACE is capable of. I sat in a meeting today in which some developers wanted ACE to perform health checks on a server outside of a load balance pool and use the results of that query to determine whether or not servers should be removed from a load balance pool. Basically, they wanted to do something that ACE is not really designed to do. Spending 4 days in a classroom learning all about ACE gave me the information needed to have a productive meeting with these developers today. I was able to answer their questions and give better guidance than I would have a couple of weeks ago. I don’t know all the commands for ACE. I will still have to use the configuration guides to look things up now and again. The important thing is that I understand the capabilities and limitations of the ACE load balancer a lot better today than I did prior to taking the ACE class. My main goal is to know what it can and cannot do in order to design anything requiring load balancing properly. To me that is more important than memorizing commands.

Categories: ace, cisco, learning, load balancing Tags: , ,