Inspired by Chris Wahls blog post “Building a New Network Design for the Lab”, I want to describe how my lab network designs looks like.
The requirements My lab is separated from my home network, and it’s focused on the needs of a lab. A detailed overview about my lab can be found here. My lab is a lab and therefore I divided it into a lab, and an infrastructure part.
A customer contacted me, because he had trouble to move a VM between two clusters. The hosts in the source cluster used vNetwork Standard Switches (vSS), the hosts in the destination cluster vNetwork Distributed Switch (dVS). Because of this, a host in the destionation cluster had an additional vSS with the same port groups, that were used in the source cluster. This configuration allowed the customer to do vMotion without shared storage between the two clusters.
The developtment of the Intelligent Resilient Framework (IRF) goes back to H3C, a joint venture between Huawai and 3COM. With the acquisition of 3COM by HP, IRF capable products were integrated into the HP Networking product portfolio.
What is IRF? IRF is a software-based solution to connect multiple switches together and create a logical switching devices. The idea behind IRF is to create a logical device with one control and multiple data planes.
Sometimes it’s necessary to limit specific traffic in terms of bandwidth. Today I like to show you how to manage bandwidth limits using QoS and firewall policies. Especially if you have only limited bandwidth, e.g. a DSL connection, it can be useful to manage the used bandwidth for specific hosts or protocols. I use a really simple setup to show you, how you can manage bandwidth using CoS on a Juniper SRX.
Sophos offers a free license of their UTM firewall for private use. The product was originally developed by Astaro and since these days I use it at home. After the merger with Sophos I switched to the new Sophos UTM 9, still using my old license. I use it to seperate my test VLAN from my normal VLAN, and I use it as proxy with antivirus scanning for all my devices (iPhone, iPad, laptop etc.
I faced today a really nasty problem. I have four HP ProLiant DL360 G6 in my lab. This server type has two 1 GbE NICs with the Broadcom NetXtreme II BCM5709 chip onboard, which are usually claimed by the bnx2 driver. While applying a host profile to three of the hosts, one hosts reported an error. Supposedly the host hasn’t a vmnic0 and because of this the host profile couldn’t be applied.
One strength of Juniper Junos is the config file management. The concept of different configurations is nothing special. For example Cisco uses two configuration files to reflect the current configuration in the RAM (running configuration), and the configuration used on startup (startup configuration). HP is doing the same on their networking gear. If you are new to Juniper Junos, the concept of an active configuration and a candidate config, which holds the current changes but isn’t active, maybe confuses you.
The Cisco Discovery Protocol (CDP) is used to discover and advertise the identity and capabilities of a network component to other networking components. CDP a proprietary protocol developed by Cisco, so it’s often used on Cisco switches and routers. The Link Layer Discovery Protocol (LLDP) is a vendor-neutral discovery protocol, which is used e.g. by Hewlett-Packard. With CDP or LLDP you can easily get an overview over a network topology. You can quickly check, e.
Sometimes it’s necessary to backup system, that are behind a firewall. A good example for this are servers in a DMZ. When using HP Data Protector there are some things to know and consider, before you can backup systems behind a firewall. Lets start with some basics.
The components Cell Manager: The Cell Manager (CM) is the backup server itself. It controls the whole enviroments, stores the licenses, clients, media, devices, backup specifications etc.
I’m a big fan of Juniper Networks! I work mainly with the SSG (ScreenOS) and SRX (Junos) series. The Juniper SRX is a network security solution, which can be positioned in the data center or at the branch. You will surely agree, that virtualization and cloud computing changed a lot from the network perspective. This demands security solutions that are not bound to hardware boundaries. Juniper Firefly Perimeter addresses this demands.
