Sunday, October 30, 2011

Cisco Launches Industry's First Integrated Wireless TV Solution

Today Cisco announced the launch of the industry's first wireless IPTV service with AT&T. Cisco is the sole provider of this advanced wireless IPTV solution featuring new wireless receivers and wireless access points (WAPs), available across the entire AT&T U-verse TV footprint beginning Monday, October 31.

Consumers can now rely on wireless technology to deliver high-quality video services throughout the home without the need for cables or wires. With this new technology, you can watch TV in virtually any room in the home, even rooms not wired for TV -- like the kitchen, basement or indoor garage. TV content is sent from the Cisco wireless access point via in-home Wi-Fi to the Cisco(R) wireless receiver next to the TV. It's as easy as plugging the TV into a power source, attaching high-definition multimedia interface (HDMI) cables or other audiovisual connection to the TV and pressing two buttons to establish the wireless connection.

Highlights: The Wireless TV Solution:


--  Cisco's wireless TV solution is the first of its kind to deliver both standard definition (SD) and high definition (HD) programming to multiple receivers with "built-in" or integrated Wi-Fi. Just one wireless access point per home can support two wireless receivers connected to TVs.

--  Cisco's wireless TV solution features the ISB7005 wireless receiver and the VEN401 Wireless Access Point, now part of the Cisco Videoscape(TM) portfolio.

--  Cisco's wireless receiver delivers live TV channels and interactive services -- and functions as a Total Home HD DVR, allowing consumers to view and manage DVR recordings wirelessly from a wired DVR in the home.
       
       
       

Video Operator Benefits:


--  Wi-Fi-delivered video gives service providers the unique advantage of offering consumers new freedom to watch TV wherever they want in the home.

--  With no added wiring required, Cisco's wireless TV solution offers service providers the means for faster service activations and consumer self-installation with easy-to-use WiFi kits.

--  Integrating WiFi technology into the receiver is a more cost-effective option for service providers, as it gives technicians the ability to install receivers without running new wires. The integrated WiFi receiver also offers service providers the ability to monitor the device's performance via the network, as the receiver comes equipped with remote diagnostics.

--  Cisco's solution is based on the 802.11n standard, and includes enhancements to manage the demanding requirements of delivering high-quality, highly secure video over Wi-Fi.

Embedded Videos:


        
        --  Cisco Demos Industry's First Integrated Wireless TV Solution



        
 
http://www.youtube.com/v/QbuosyYIdew


                    
 
http://www.youtube.com/v/lSodIFjgzt8



     

Saturday, October 29, 2011

STUN & TURN

STUN

STUN - Session Traversal Utilities for NAT (RFC 5389) - used in NAT Traversal for applications real-time video, voice, messaging and other IP communications that are interactive.

STUN works with the following types of NAT -

- Full cone NAT
- Restricted cone NAT
- Part Restricted cone NAT

STUN does not work with bi-directional NAT (Symmetric NAT). TURN works better with this type of NAT

STUN works as follows:-

- Client (OS or application) on a private network sends a "binding request" to the STUN server on the public internet.
- STUN Server sends "success response" that contains an IP address and PORT as observed from the the STUN servers. (After the Client has been natted)

Once the client is aware of its external IP address and port number it uses this external IP address and port number when communicating to its peers. This allows its peers to establish communications to the device which would otherwise not be accomplished since the client is on a private IP network.

Standard Ports for STUN
UDP/TCP 3478
TLS 5349

TURN

TURN - Traversal Using Relay NAT - allows a device that is behind a firewall or NAT (Symmetric NAT or better known as Bi Directional NAT) device to receive incoming data leveraging TCP or UDP. TURN will most likely provide connectivity to the client but it does come at a high price to the provider. STUN is generally used first and TURN is used as a last resort.

The host sitting behind the NAT device is called a TURN client which connects the the TURN server on the public internet which acts as a relay. The TURN client communicates and arranges with the TURN server to have the server relay the packets to the desired peer. When the TURN client and peer want to communicate, the communication from the TURN client to the TURN Server is encapsulated within a TURN MESSAGE. The communication between the peer and the TURN server is not encapsulated.

TURN - RFC 5766

Thursday, October 27, 2011

Benefits of VSS

 
 
 
VSS Benefits
  • Single Configuration
  • Single Node to manage
  • Only 1 gateway IP address needed
  • No need for HSRP/VRRP/GLBP
  • MEC (Multi-chassis Etherchannel) simplified loop-free topologies
  • Physical switches can be located provided they do not exceed to 10Gb Ethernet distance requirements
  • Nonstop communications, Inter-chassis stateful fail-over, Eliminate L2/L3 protocol re-convergence if a VSS member switch fails
  • Deterministic sub-second VSS recovery
  • 802.3ad and PagP for deterministic sub-second L2 recovery
  • Scales to 1.4Tbps
 
 
VSS offers superior benefits compared to traditional Layer 2/Layer 3 network design. Benefits can be grouped into four main categories:
 
1. VSS increases operational efficiency by simplifying the network, reducing switch management overhead by at least 50 percent.

• Single point of management, IP address, and routing instance for the Cisco Catalyst 6500 virtual switch
– Single configuration file and node to manage. Removes the need to configure redundant switches twice with identical policies.
– Only one gateway IP address is required per VLAN, instead of the three IP addresses per VLAN used today.
– Removes the need for Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP)
– CiscoWorks LAN Management System (LMS) 3.0 can be used to centrally manage a Cisco Catalyst 6500 virtual switch as a single entity.

• Multichassis EtherChannel® (MEC) is a Layer 2 multipathing technology that creates simplified loop-free topologies, eliminating the dependency on Spanning Tree Protocol, which can still be activated to protect strictly against any user misconfiguration.

• Flexible deployment options. The underlying physical switches do not have to be colocated. The two physical switches are connected with standard 10 Gigabit Ethernet interfaces and as such can be located any distance based on the distance limitation of the chosen 10 Gigabit Ethernet optics. For example, with X2-10GB-ER 10 Gigabit Ethernet optics, the switches can be located up to 40 km apart.

2. VSS boosts nonstop communications.

• Interchassis stateful failover results in no disruption to applications that rely on network state information (for example, forwarding table info, NetFlow, Network Address Translation [NAT], authentication, and authorization). VSS eliminates L2/L3 protocol reconvergence if a virtual switch member fails, resulting in deterministic subsecond virtual switch recovery.

• Utilizes EtherChannel (802.3ad or Port Aggregation Protocol (PAgP) for deterministic subsecond Layer 2 link recovery, removing the dependency on Spanning Tree Protocol for link recovery.

3. VSS scales system bandwidth capacity to 1.4 Tbps.

• Activates all available Layer 2 bandwidth across redundant Cisco Catalyst 6500 Series Switches with automatic, even load sharing. Link load sharing is optimized because it is based on more granular information, such as L2/L3/L4 parameters, unlike virtual LAN (VLAN)-based load balancing in Spanning Tree Protocol configuration.

• Enables standards-based link aggregation for server network interface card (NIC) teaming across redundant data center switches, maximizing server bandwidth throughput and increasing the number of standards-based components in the data center (that is, server NICs) with needing to configure proprietary NIC vendor mechanisms.

• Maximizes the utilization of all (132) 10 Gigabit Ethernet ports in a Cisco Catalyst 6500 virtual switch.

• Conserves bandwidth by:
– Eliminating unicast flooding caused by asymmetrical routing in traditional campus designs.
– Optimizing the number of hops for intracampus traffic using multichassis EtherChannel enhancements.

4. VSS utilizes existing multilayer switching architecture.

• VSS enhances existing multilayer switching architecture using simplification of architecture without fundamentally changing the architecture resulting in easy of adoption of the technology.

• Uses existing Cisco Catalyst 6500 investments, easing the deployment of VSS. The VSS is supported on non-E and E series Catalyst 6500 Series Switches chassis and supports all Cisco Catalyst 6500 series 6700 series modules.

• VSS uses standards-based 10 Gigabit Ethernet connectivity between the Cisco Catalyst 6500 virtual switch members, allowing for flexible distance options. The underlying physical switches do not have to be collocated.

Wednesday, October 26, 2011

Cisco unveils routers, takes swipe at Juniper

Cisco this week unveiled three service provider edge routers, along with an aggressive marketing campaign against rival Juniper.

Cisco added three platforms to its ASR 9000 line of edge routers, all designed to better support mobile Internet services and devices such as tablets, smartphones and connected appliances. The new routers support Cisco's nV network virtualization technology, which is intended to scale the service provider edge, aggregation and access networks into a 96Tbps system optimized for IPv6.

These new routers bring the nV technology to the access layer, where service providers can further virtualize their infrastructure for resource consolidation, and operational and cost efficiencies, Cisco says. Cisco nV is a software upgrade to the ASR 9000 line that the company says can lower operating costs by up to 74% when compared with competing edge platforms, due to its ability to support low power usage, zero-touch configurations, single-click upgrades and single touch-point management.

The routers will go up against Juniper's MX 3D line and Alcatel-Lucent's 7210, 7450, 7705 and 7710 Ethernet services switches and routers. Against Juniper, Cisco also launched an aggressive marketing campaign designed to call attention to what Cisco alleges are broken promises and missed product shipment deadlines.
Calling out a competitor by name in an advertising or marketing campaign is a departure for Cisco, but recent challenges in its core switching and routing businesses have prompted a new strategy. At Interop in May, Cisco also called out HP specifically when introducing an upgrade to its Catalyst 6500 switch line.
Juniper declined to comment on the Cisco campaign with this stinging retort from its PR department: "We're not going to comment on a competitor's publicity stunt. Customers tell us they want an alternative to the legacy approach, and we're focused on delivering innovation for them. It appears as if Cisco has once again lost focus."

Speeds and feeds

The three new routers include: the ASR 901 cell site router, for 2G, 3G and 4G mobile cell sites; the ASR 903 unified Ethernet access router, an Ethernet access device for business, residential and mobile applications; and the ASR 9001, a smaller version of the Cisco ASR 9000 series edge router for smaller deployments.

The 901 is an environmentally hardened 1RU router with four 100/1000 RJ-45, four Gigabit Ethernet SFP, and four Gigabit Ethernet "combo" ports -- a mixture of RJ-45 and SFP. It also features 16 T-1/E-1 WAN connections.

The 901 is able to withstand temperatures as low as 40 degrees below zero Fahrenheit, and altitudes of 13,000 feet at temperatures of 104 degrees Fahrenheit. It supports Ethernet virtual connections for IEEE 802.1Q VLAN tagging, 802.1ad or "QinQ," Resilient Ethernet Protocol, 802.3ad Link Aggregation Bundles, Layer 2 Protocol Tunneling (L2PT), and Ethernet over MPLS (EoMPLS), among other features.

The 903 is a 3RU device with six interface module slots and two route/switch processors slots. Two RSPs are available for the router: one supports 2GB of memory and the other 4GB.

Interface modules include a one-port 10G Ethernet XFP card, eight-port 10/100/1000Mbps Ethernet and Gigabit Ethernet SFP, four-port OC-3/STM-1 or one-port OC-12/STM-4, and 16-port T-1/E-1. The router also supports three different Cisco IOS software licenses: The Metro Services license offers advanced QoS, Carrier Ethernet Layer 2 features, synchronous Ethernet and Ethernet OAM capability; the Metro IP Services license offers all capabilities of the Metro Services license with the addition of Bidirectional Forwarding Detection, Layer 3 routing protocols, multi-VPN routing and Layer 3 Multicast and Forwarding Customer Edge capabilities; and the Metro Aggregation Services license includes all of the above, plus MPLS and Circuit Emulation.

The 903 also include four additional optional licenses -- two for enabling ATM and IEEE 1588-2008 Boundary Clock or Master Clock capabilities; and two to enable ports on the multi-rate OC-3 and OC-12 interface module.

The 9001 supports 120Gbps of throughput in a 2RU form factor. It has an integrated RSP and two modular bays that support 20-port Gigabit Ethernet, two- and four-port 10G Ethernet and future 40G Ethernet port adapters. The base chassis also has four integrated 10G Ethernet SFP+ ports.

The integrated RSP has 8GB of RAM and is capable of holding several million routes, Cisco says.

Cisco says the routers will help service providers address the growth in network-connected devices and traffic. Citing its own internal research, Cisco says there will be nearly 15 billion network connections, twice the world's population, by 2015.

Cisco says more than 500 service providers worldwide have deployed the ASR 9000.
Pricing and availability of the ASR 901, 903 and 9001 were not disclosed.

Tuesday, October 25, 2011

CCIE R/S: Troubleshooting Returns, Oct 18th

Yep, it's official. The CCIE R/S lab will now have a specific troubleshooting component at the cutover date. Oct 17th is the last day with the old blueprint and old format lab, and Oct 18th begins the new era with the return of troubleshooting.

Now to the longer version. Cisco announced today a change to the CCIE Routing and Switching Certification Standards (formerly called the blueprint). This revised set of criteria, numbered as version 4.0, has some interesting changes. I've listed a few links at the bottom of the post to get you to Cisco's pages on the announcement. Today I'll give you a quick overview, and talk about the big change on the lab: Troubleshooting:

  • Larger Technology topics added: EIGRPv6, Optimized Edge Routing/Performance Routing, IPv6 multicast, MPLS VPN, RSVP.
  • Technology removed: nothing big enough to notice
  • More focus on the skills to prepare R/S infrastructure for "advanced technology" traffic (includes prep for voice, video, security, wireless, etc)
  • Routers with 12.4T Advanced IP Services, switches with IOS 12.2 Advanced IP Services
  • New lab exam format, in order:

The Core Knowledge section (aka, open-ended questions), appx. 30 minutes
The Troubleshooting section, appx. 2 hours
The Configuration section, appx 5.5 hours

  • Lab vs Written: much improved alignment on technologies
  • Lab vs Written: continue to have a different focus in what they assess, eg, the Written assesses monitoring and theory skills on written, the lab assesses config skills. However, these are not exclusive.
Enough overview -let's talk troubleshooting! Curses? Hoorah? Who cares, it's can't be any tougher than it was? Oh crap, I gotta pass before Oct 17th? Whatta ya think?

For those of you say under age 30, here's a bit of history that may help. When Cisco first offered CCIE back in 1993, up through 2001, the lab exam was two days long. You spent 1.5 days on the build, which basically worked like the Configuration Section of today's lab exam. Then you went to lunch on the 2nd day, and while at lunch, they broke a bunch of stuff in your lab pod, mostly by changing the config. After lunch you got 3 hours to fix as much as you could. (For example, on my CCIE R/S lab attempt back in 1995, there were 33 specific problems introduced.)

Then, back around 2001, Cisco changed the lab to be a single day, build only, with no troubleshooting, with the idea that a well-written lab exam requires a fair amount of troubleshooting due to the interaction of different features. So, in the last 8 years or so, troubleshooting has not been separately assessed on the lab exam.

Fast Forward to Oct 17th 2009. That's the last day, at least per plan, for an R/S lab to have only two components: A 4-5 open-ended written questions (max 30 minutes, appx.), with about 7.5 hours max for the configuration section. (Note that the open-ended question section was added not long ago, but it exists in the lab exam today.) As of Oct 18th, the configuration section shrinks by 2 hours to 5.5 hours (appx), with a 2 hour troubleshooting section. Important items of note:

  • The troubleshooting section will present a large scenario. You spend the two hours understanding the scenario, and fixing problems in the lab pod relative to the scenario.
  • The troubleshooting scenario is not related to the configuration scenario that follows.
  • You can move on to the config section once you finish the troubleshooting section, but you can't go back and work on troubleshooting.
  • To pass, you must have a passing score on each of the three sections of the lab exam.

So, what do you think about the changes to CCIE? Especially the changes to add troubleshooting back into the lab? Write comments, click the surveys, click the links.

Note from Wendell, Tuesday, May 5th, 6:20AM - the surveys are having trouble - working on gettng them fixed. Sorry... Didn't want to delay the post, though.

CRS - Interface Naming

Interface Naming

r/s/m/p naming
rack/slot/module/port

show platform

RP/0/RP0/CPU0:router# show platform

Node                 Type                  PLIM                           State                  Config State
-------------------------------------------------------------------------------------------------------
0/0/SP                MSC(SP)         N/A                             IOS-XR RUN      PWR,NSHUT,MON
0/0/CPU0           MSC             16OC48-POS/DPT        IOS-XR RUN      PWR,NSHUT,MON
0/2/SP                MSC(SP)         N/A                             IOS-XR RUN      PWR,NSHUT,MON
0/2/CPU0           MSC             16OC48-POS/DPT        IOS-XR RUN      PWR,NSHUT,MON
0/RP0/CPU0      RP(Standby)    N/A                              IOS-XR RUN      PWR,NSHUT,MON
0/RP1/CPU0      RP(Active)       N/A                              IOS-XR RUN      PWR,NSHUT,MON
0/SM0/SP           FC/S(SP)         N/A                              IOS-XR RUN      PWR,NSHUT,MON

Note: FC=Fan Card
SM=Switch Module
AM=Alarm Module

Node0/0/SP - Rack0, Slot0, Module Service Processor
0/0/CPU0 - Rack0, Slot0, CPU0 - Interfaces with the PLIM 16OC48-POS/DPT
0/RP0/CPU0  - Rack0, Route Processor, CPU0

Type
Type of Card

PLIM
Idenifies Physical Layer Interface Module

State
shows the state of the node

Config State
PWR- Power
SHUT-Shut
MON-Monitor
NPWR- No Power
NSHUT-No Shut
UMON- Un Monitor


RP/0/RP0/CPU0:CRS-19(config)#show ipv4 interface brief

Interface                      IP-Address      Status                Protocol
POS0/1/0/0                     10.0.0.1        UP                    UP
TenGigE0/3/0/0                 unassigned      Shutdown              Down
TenGigE0/3/0/2                 unassigned      Shutdown              Down
MgmtEth0/RP0/CPU0/0            unassigned      Shutdown              Dow

Loopacks do not follow the r/s/m/p naming

POS0/1/0/0  - Rack0, Slot1, Module0, port 0
MgmtEth0/RP0/CPU0/0 - RP0, CPU0, Port0
TenGigE0/3/0/2 - Rack0, Slot3, Module0, Port2

Monday, October 24, 2011

Cisco injects new life into Catalyst 6500 switch

Yet another landmark in the Switching, Cisco Systems introduced the a new Supervisor Engine for their most widely deployed Cisco Catalyst 6500 Series Switch, yeah a new Supervisor Engine 2T is born.

The new innovation provides the customers of Cisco Catalyst 6500 Series Switch with enormous capabilities. This decade witnessed the growth of video traffic, cloud computing is popularizing, to meet all these business demands in upcoming years Cisco Systems are ready with the Supervisor Engine 2T.

We all know the legacy and popularity of Cisco Catalyst 6500 Series Switches, a de facto industry standard switching platform at the heart of the world’s campus, data center, WAN, and Metro Ethernet networks.

The Catalyst 6500 led the industry’s port transition first from Fast Ethernet speeds to Gigabit Ethernet and then to 10 Gigabit Ethernet.

With introduction of Nexus Series of Switches I was bit afraid what Cisco is going to with the introduction of a new Supervisor Engine for Cisco Catalyst 6500 Series Switch? The introduction of Cisco Catalyst 6500 Series Supervisor Engine 2T on July 12th 2011 eased my curiosity.

The Cisco Catalyst 6500 Series Supervisor Engine 2T has lot to offer, a state of art 2-terabit card that unlocks 80 gigabits per second per slot, new feature-rich 10-gigabit and 10-Gigabit Ethernet line cards, and next-generation borderless services that provide customers with new mobility, security, network analysis and load balancing capabilities.

The Cisco Catalyst 6500 Series Supervisor Engine 2T is compatible with all Cisco E-Series chassis models, offering minimal intervention to the existing Catalyst 6500 E-Series infrastructure. The new Catalyst 6500 Series is available now and the SUP2T has a list price of $38,000.

Some of the features of the Cisco Catalyst 6500 Series Supervisor Engine 2T are as follows
  • Maintain investment protection through backward compatibility
  • Deliver scalability and performance improvements such as distributed forwarding (dCEF) 720Mpps with the fourth-generation Policy Feature Card (PFC4)
  • Support future 40Gbps interface and nonblocking 10Gbps modules
  • Enable new applications and services with hardware accelerated VPLS, Layer 2 over mGRE for Network Virtualization
  • Take advantage of integrated Connectivity Management Processor (CMP) for improved out-of-band management.
The Supervisor Engine 2T maintains backward compatibility with released line cards, chassis, and power supplies.

Network Availability - All About 9's

Some engineers and administrators claim that their systems are available 100% of the time. Just to ensure that there is a clear understanding on what 100% availability means. Up-time does not equal availability; you can have a system that is up but the services may not be available. You also need to consider maintenance windows as this impacts your overall availability. If you do not have the ability to do maintenance without impacting the services that you are providing then your overall availability percentages take a hit. Other things that may impact your ability of achieving 100% availability includes environmental's such as power, cooling, etc and other services that are required to provide access to the very services that you are providing such as internet connectivity, WAN, LAN, SAN, etc....

Below is a chart showing the availability percentages and the expected downtime per year based on these percentages

Saturday, October 22, 2011

Best Practices Part 1 - Layer 2 Spanning-Tree

The topology depicted in the diagrams is used to help demonstrate data flow during failure and to provide discussion around best practices and may not be necessarily be configured as optimal as possible. The examples below will provide alternate technical solutions that follow best practice guidelines.

Topology Image



Normal Data Path Flow

 Data Path Flow Root Fail




Data Path Flow-Access Trunk Fail

Data Path Flow Router Fail





Spanning-Tree mode Rapid-PVST (802.1w) or MST (802.1s) - This will show more about load balancing techniques leveraging each of these technologies in "Layer 2 Spanning-Tree Best Practices Part-2" Deterministic blocked ports - in this example we know exactly which ports are going to be blocked by STP. All redundant connections to the secondary root bridge will be blocked. Cisco also recommends that you do not exceed STP diameter of seven hops. Ensure that you hard configure your Root and Secondary Root bridges. Ensure that you only allow required VLAN's over the trunks to ensure you are not running unnecessary STP instances.

Features to leverage include:
Access Layer
-portfast
-bdpuguard
-disable DTP
-loopguard
-etherchannel Guard

Distribution Layer
-root and secondary root placement
-root guard
-disable DTP
-etherchannel Guard

Leverage EtherChannel to reduce the number of ports that need to transition from blocking to forwarding state when leveraging multiple links.

EtherChannel Ports
-EtherChannel Guard



Example:
Access Switch
spanning-tree mode rapid-pvst
spanning-tree priority vlan 1-4094 61440
spanning-tree portfast bpduguard default
spanning-tree loopguard default

interface gig x/x
description Link-to-RootBridge
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 10,11
switchport nonegotiate

interface gig x/x
description Link-to-SecondaryBridge
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 10,11
switchport nonnegotiate

interface gig x/x
description Link-to-Server
switchport mode access
switchport access vlan 10
switchport nonnegotiate
spanning-tree portfast

Distribution Switch
spanning-tree etherchannel guard misconfig
spanning-tree mode rapid-pvst
spanning-tree priority vlan 1-4094 0
spanning-tree portfast bpduguard default

interface gig x/x
description Link-to-AccessSwitch
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 10,11
switchport nonnegotiate
spanning-tree guard root

interface port-channel 1
description Link-to-SecondaryRoot
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 10,11,12,13,14
switchport nonegotiate
spanning-tree guard root

interface gig x/x
description Link-to-SecondaryRoot-1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 10,11,12,13,14
spanning-tree guard root
switchport nonegotiate
channel-group 1 mode active

interface gig x/x
description Link-to-SecondaryRoot-2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 10,11,12,13,14
spanning-tree guard root
switchport nonegotiate
channel-group 1 mode active

Thursday, October 20, 2011

Cisco girds Nexus switches for data center battle

Networking giant Cisco Systems has been under attack for the past several years, and the company gearing up its high-end, converged Nexus switches to defend its data-center turf from encroachment by HP, Dell, Arista Networks, Juniper Networks, Brocade Communications, and others.

Picking up the offensive pace and doing better defense is particularly important for Cisco now that the 10GE ramp is accelerating – 10GE ports will soon be standard on servers – and the 40GE ramp is starting. Any transition in networking technology in the data center is always a chance to unseat the incumbent, which is often Cisco.

This time around, Cisco is focusing on the Nexus line of switches, which run the company's NX-OS operating system and which support server and storage traffic over a single backbone. Shashi Kiran, director of marketing for Data Center Solutions at Cisco, tells El Reg that the company has been able to command the lion's share of switching revenue thus far during the 10GE cycle. It is still early, however, and Cisco can't make any assumptions. Hence the bolstering of the Nexus lineup.

Gartner reckons that Cisco's 10GE switching business grew by 255 per cent last year and gave Cisco a commanding 73.8 per cent share of worldwide revenues. HP garnered 17.6 per cent thanks to its acquisition of 3Com, and IBM got 2.4 per cent thanks to its acquisition of Blade Network Technologies. Juniper only pulled in 1.4 per cent of revenues and Brocade only 1.3 per cent, leaving all the other players chasing the remaining 3.4 per cent slice of the pie.

Kiran says that as 2010 was coming to a close, the company had 15,000 customers using its Nexus switches (that number includes the Multilayer Director Switch core switches that run NX-OS as well as the top-of-rack Nexus 2000, 3000, and 5000 switches and the end-of-row, modular Nexus7000 switches). By the end of 2011, Cisco hopes to have added another 4,000 to 5,000 more customers for its Nexus products.

The 64-port Nexus 3064 ultra-low latency 10GE switch that was announced back in March for speed freaks (like the kind that run hedge fund and risk analysis applications) is getting some company. The Nexus 3048 is a 48-porter that runs at Gigabit Ethernet speeds, while the Nexus 3016 is a 16-porter that will support either 10GE or 40GE speeds.

The Nexus 3048 is a Layer 2/3 switch with 176Gb/sec of switching capacity and a message forwarding rate of 132 million packets per second, enabled in part by its 9MB shared buffer. In addition to the 48 Gigabit ports, it also has four 10GE uplinks. The Nexus 3048 is shipping now and costs $14,000 for an entry configuration.
The Nexus 3016 is also a Layer 2/3 switch, sports 1.2Tb/sec of switching capacity, and can handle 950 million packets per second; hence, it has enough capacity to drive 16 ports running at 40GE speeds. Customers can use the ports running at that 40GE speed, or use special cables that break them down into four 10GE ports, which gets you to a total of 64 ports running at 10GE – exactly what the Nexus 3064 does. If you like this dense and fast 40GE switch, it will cost you: $65,800 in a base configuration.
The Nexus 5000s were updated back in March and were largely left alone this time around. But as promised a year ago, the Nexus 5500s now support an NX-OS tweak that enables these top-of-rackers to support FabricPath network-flattening and traffic optimization software that debuted in June 2010 on the high-end Nexus 7000 switches. Kiran says that Cisco has more than 500 customers using FabricPath on the Nexus 7000s.

Protecting the data center core

Speaking of the Nexus 7000 modular switches, there's a new entry chassis coming called the Nexus 7009 that is aimed at smaller data centers and as a core network for campus networks. Here's how it stacks up against the current Nexus 7010 and 7018 data center switches:
The Nexus 7009 chassis has almost as many ports as the larger Nexus 7010 using the new Fabric 2 switch modules – 336 as opposed to 384 – but crams it into 14 rack units instead of 21. Cisco is mounting the seven line cards in the Nexus 7009 horizontally and removing a whole lot of what is apparently extraneous cooling space in the larger Nexus switch chassis. – the Nexus 7009 has side-to-side cooling, which is how it can be packed tighter.
The new F2 Series line card has 48 10GE ports that burn less than 9 watts per port, and the Fabric 2 switch modules can deliver 550Gb/sec in switching bandwidth per module, considerably more than the 230Gb/sec in the Fabric 1 modules. You add line cards in the front and switch modules in the rear of the chassis, which can scale between 5 to 11.5 billion packets per second of message handling and between 8.8Tb/sec and 18.7Tb/sec of non-blocked switching capacity, depending on the model, when fully loaded.

The Nexus 7000 module switch chassis



The new Nexus 7009, which has been shipping quietly since August, costs $20,000. The Fabric 2 modules cost $12,000 a pop for the Nexus 7009 and 7010 chassis and $18,000 for the Nexus 7018 enclosure. These Fabric 2 modules are shipping now for the Nexus 7009 chassis and won't ship until November for the two larger modular switches. The Nexus 7000 F2-Series I/O modules will ship in November as well, and cost $44,000 each.

That sounds like a lot of money, but here is how Ram Velaga, vice president of product management for Cisco's Data Center Solutions division, does the competitive math:


How Cisco stacks up the Nexus 7000 against the competition

Those comparisons are for getting 768 ports running at 10GE speeds in a non-blocking manner – Cisco clearly thinks it has a competitive winner.

Cisco made a number of other tweaks as part of the Nexus sweep. One was adding a 32MB buffer to its Nexus 2248TP-E switch so it can handle buffering of bursty traffic, such as video streams, better.

Another is a promise to make its Adaptive Security Appliance (ASA) firewall appliance, which is sold as a piece of hardware or a plug-in module for Catalyst switches and which has sold over 1 million units to date, available as a virtual appliance. It will be called the ASA 1000V and will complement the Nexus 1000V virtual switch for ESXi hypervisors (and soon Hyper-V) and the Virtual Security Gateway, which came out a year ago as virtual appliance. ®

Wednesday, October 12, 2011

Juniper, Cisco Add Router Ammo

Cisco Systems Inc. (Nasdaq: CSCO) and Juniper Networks Inc. (NYSE: JNPR) made different kinds of router announcements Monday.

The timing is partly coincidental; both companies are holding events for Wall Street analysts this week and probably want something new to talk about. But it's happening with some extra drama in the background, thanks to Cisco's attack against what it says are unfairly sunny market perceptions of Juniper. (See Cisco Starts Totally Ragging on Juniper.)

Juniper (we literally flipped a coin to pick which company would go first in this story) announced a new switch fabric for its MX960 edge router, bringing its theoretical per-slot capacity to 240 Gbit/s. Juniper doesn't yet have line cards to fill that capacity; the largest announced card carries 16 ports of 10Gbit/s Ethernet.

A card with two 100Gbit/s ports is on its way, says Alan Sardella, a Juniper senior product marketing manager. That card would be based on a 100Gbit/s version of the company's Trio chipset, now in field trials. (The original Trio chips handle only 40 Gbit/s of traffic, meaning three sets of Trios would be needed in order to handle a 100Gbit/s feed.)

Cisco is adding to its ASR line of edge routers, pushing the family closer to the edge:

ASR 901 -- Intended for cell sites.
ASR 903 -- For cell-site aggregation, a space also occupied by some of Cisco's ME switches. The MEs are fixed-configuration, whereas the 903 is modular.
ASR 9001 -- A smaller version of the ASR 9922 announced in June.


The new routers all have the network virtualization capability that Cisco discussed in June.

Why this matters

The MX upgrade gives Juniper more ammo in the battle over edge-router stats. Cisco has claimed the ASR 9000 line can handle 400 Gbit/s per slot -- which might be true, but the company has yet to produce an interface using all 400Gbit/s.

Density is going to be important for both companies as they face edge-router competition not just from each other, but from Alcatel-Lucent (NYSE: ALU) and Huawei Technologies Co. Ltd.

Speaking of which -- Cisco's new ASRs are essentially a strike not at Juniper, but at AlcaLu, says analyst Ray Mota of ACG Research . "If you were to look at where Alcatel-Lucent's been strong, it's selling into cell sites and cell aggregation. Now Cisco's flexing its muscle in those areas," he says. 

Monday, October 10, 2011

Cisco, VMware Collaborate on Network Virtualization

Network Virtualization: VXLAN

As a major step towards on-demand networks, VXLAN (Virtual eXtensible Local Area Network was introduced as a breakthrough in network virtualization. VXLAN is a collaborative effort for an Internet Engineering Task Force (IETF) draft as a framework for overlaying virtualized layer 2 networks over layer 3 networks. It is a networking group Internet draft released August 26th, with participating companies including Cisco, VMware, Arista Networks, Broadcom, Citrix and Red Hat. VMware CTO Steve Herrod discussed VXLAN in his VMworld keynote Tuesday and in a blog post described it as a “model that enables the efficient and fluid movement of virtual resources across shared cloud infrastructures both within and across datacenters.” VXLAN will offer a network encapsulation technique with segment identifiers for creating millions of logical networks and for enabling workloads to seamlessly move across datacenters and cloud infrastructures.

While Cisco’s Overlay Transport Virtualization was an interconnect technology extending Layer 2, VXLAN is for creating more logical networks in a cloud environment. Cisco released this white paper for creating a Scalable Cloud Network with Cisco Nexus 1000V Series Switches and VXLAN.

“Together with VMware, Cisco has unlocked the power of the network to extend virtual machines beyond the confines of a single stack to the entire data center and cloud infrastructure from different locations,” said Soni Jiandani, senior vice president, Server, Access, Virtualization Technology Group for Cisco. “VXLAN will provide the ability to scale networking segments to millions of VMs to ease the deployment of applications in the cloud. Also, by segmenting these VMs and applications via highly secure virtual networks, customers will be able to achieve the security required for multi-tenant cloud environments.” VXLAN technology in Cisco Nexus 1000V will be available for beta in September 2011.

Desktop Virtualization expansion

Expanding on the 2010 Virtualization Experience Infrastructure (VXI) system and VMware vSphere 5, Cisco and VMware are expanding VXI to support VMware View 5 and the Cisco suite of collaboration solutions. One such integration is click-to-call, where users running WebEx Connect inside of VMware View virtual desktops can use click-to-call communication. VMware View and Cisco UCS provide a a collaborative workspace and VMware View 5 will be available on the Cisco Cius and Cisco Virtualization Experience Clients (VXC) 2100 and 220 endpoints.

IT as a Service

Building a strong foundation for the cloud vSphere 5 and UCS 2.0 are enhanced to offer better cloud management capabilities to virtualize the most demanding business-critical applications and workloads. The VXLAN technology will be supported in VMware vSphere 5, VMware vCloud® Director 1.5 and Cisco Nexus 1000V virtual switch to deliver an on-demand cloud infrastructure to enhance the end-user experience. Cisco demonstrated a Virtual ASA firewall for Nexus 1000V and will integrate it with VMware vCloud Director.

Sunday, October 9, 2011

Cisco experiments cloud-based remote class near Bangalore


Cisco is experimenting its remote education system in government schools using the Cisco Education Enabled Development (CEED) platform under its Inclusive Growth initiative. The pilot will deploy specialized remote supplementary teaching for five government schools in Hoskote Taluk, Bangalore Rural District in the state of Karnataka. AN MoU has been signed with the government of Karnataka.

“Using the CEED platform, it is possible to impart training to school teachers as well. We envision our solutions will exponentially enhance the quality of education imparted in government schools. It gives me great satisfaction to embark upon this new project as we surge ahead with our goal towards using technology as the enabler in ensuring inclusive growth,” said Aravind Sitaraman, president, Inclusive Growth, Cisco.

B.N. Bache Gowda, state labour minister has inaugurated the remote education project at Bendiganahalli Government Higher Primary School in Hoskote. The project will be on a public-private partnership model where Cisco will deploy its solution and maintain it as a service that includes remote access and support. The schools that are part of the pilot are Kumbalahalli GHPS, Sulibele GMPS, Bendiganahalli GHPS, Muthasandra GHPS and Devangundi GHPS. The government of Karnataka will provide the basic school infrastructure.

Using the CEED platform, more than 750 students from classes five to eight in these five schools will receive supplementary teaching in English, mathematics, science and social sciences. Children’s Lovecastles Trust will deliver high-quality supplementary courses remotely through the CEED platform to students of class five to eight in these schools.

More than a thousand students in Raichur and Shimoga have already received the remote education enabled by the CEED platform, said a company statement. The CEED platform facilitates a virtual classroom scenario where teachers impart interactive learning to students located several kilometers away. This is part of the Cisco Inclusive Growth program, which provides technology in an affordable and consumable form. The solutions use network collaboration tools delivered over video out of a secure cloud.

“Cisco’s innovative technology will help the government of Karnataka to achieve its goal of making education accessible to everyone, and fulfill the Sarva Shiksha Abhiyan’s vision of education for all. Quality education will not only help our students learn better but also empower them to build a better future for themselves and the nation. Districts like Hoskote are challenged by the lack of teachers, and technology is helping us address this. I am confident that our collaborative efforts today will bear the desired results of bringing prosperity and bridging the gap between urban and rural areas,” said B.N. Bache Gowda, karnataka Labour minister.

The paucity of trained, qualified teachers is one of the major challenges being faced by rural India today and Cisco hopes to bridge the gap.

Saturday, October 8, 2011

Juniper Rents Networks in the Cloud

Juniper Networks (JNPR) announced the availability of Junosphere Lab, a new virtual environment that lets companies “rent” networks for as little as $50 per day. The lab lets network operators create and run networks on-demand, enabling network modeling, testing and planning at a large scale. Operators can create and model virtual networks running the Junos operating system as a substitute for or supplement to physical test labs, eliminating significant power, cooling and space requirements.

“Junosphere Lab allows us to test new prototypes in a virtual environment and enable modeling at a level of scale that is often impossible in the physical world, while significantly reducing risk and costs,” said David Roy, network engineer, France Telecom / Orange.

The pricing approach follows a similar announcement from Brocade, which last month began offering subscription plans for network equipment, allowing customers to shift hardware costs from up-front capital expenditures to the operating budget.

Junosphere Connector

Juniper also introduced Junosphere Connector, an optional application that enables users to connect its Junosphere networks to physical networks or lab environments. ”Because the Junosphere virtual environment is hosted in the cloud and generates no demand for power, space or cooling resources, it is capable of testing a full scale network without any capital expenditures and in less time than a physical test lab,” said Michael Kennedy, principal analyst, ACG Research. “The full scale network test has greater power, enabling it to discover the actual behavior of the operational network and reduce the number of risks and unknowns because no compromises are made in the test scale. All of these factors make Junosphere Lab a very compelling offer.”

Cariden’s MATE available for Junosphere Lab

Cariden Technologies announced availability of a special version of its Cariden MATE software for users of the new Junosphere Lab service. Through the joint solution service providers and other network operators can plan, model, and test changes to their networks and understand the full impact those changes will have before implementing them. MATE software running inside a virtual machine within the lab can allow a user to import an IGP database from an operational network. The model can then be used to plan changes to topology, deployed protocols, capacity, and the routing of traffic flow. The completed design can be used for simulation to qualify the Junos operating system and validate operational procedures.

Junosphere also includes and interoperates with applications and products from partners like Mu Dynamics, Packet Design, Spirent Communications and WANDL. The new lab service is available immediately and starts at $5 per virtual machine image per day.