Sidebar

ipSpace.net Design Clinic

Home » Webinars » Networking Fundamentals » ipSpace.net Design Clinic

ipSpace.net Design Clinic is a monthly Zoom call open to ipSpace.net users with active paid subscription. The discussions are recorded, and the best bits are published as parts of relevant webinars or as a stand-alone collection.

Last modified on 2022-06-06 (release notes)

ARF PDF MP4 ZIP

ipSpace.net Design Clinic

1:36:19 June 2022

The June 2022 session focused on VXLAN and EVPN: can we use them as a DCI technology, can they replace MPLS/VPN, can we use them to build campus networks, and does it make sense to run them over SD-WAN?

We also discussed data center WAN edge equipment selection, public cloud deployment tools, and typical public cloud deployment gotchas.

VXLAN and EVPN as DCI Technology 23:35 2022-06-06
Multi-Tenant Enterprise Core Network 17:57 2022-06-06
Running VXLAN over SD-WAN 8:46 2022-06-06
Selecting Data Center WAN Edge Equipment 13:56 2022-06-06
Tools for Enterprise Public Cloud Deployments 8:53 2022-06-06

23:12 Ad-Hoc Questions

Using VXLAN with EVPN in Campus Networks 7:24 2022-06-06
Public Cloud Deployment Gotchas 15:48 2022-06-06

1:16:58 April 2022

In April 2022 we discussed Carrier Ethernet and Content Deliver Network (CDN) basics and revisited application deployment challenges in multi-cloud environments. Ad-hoc topics included DNS and DHCP in data centers, and scale-out DMZ infrastructure in public clouds.

Carrier Ethernet Basics 10:00 2022-05-30
Building Carrier Ethernet Networks 18:16 2022-05-30
Content Delivery Networks 11:18 2022-05-30
Running Applications in Multi-Cloud Environment 19:31 2022-05-30
Networking Engineers in Multi-Cloud World 11:08 2022-05-30

6:45 Ad-Hoc Questions

Using DHCP and DNS in Data Centers 2:43 2022-05-30
Scale-Out Cloud DMZ 4:02 2022-05-30

More Information

Packet Fabric
Could We Build an IXP on Top of VXLAN Infrastructure?
IS-IS in Avaya’s SPB Fabric: One Protocol to Bind Them All
Shortest Path Bridging (SPB) and Avaya Fabric

1:19:31 March 2022

March 2022 session focused on data center leaf-and-spine fabrics. Topics included inter-VRF route leaking, storage integration, migration to a new fabric, ECMP monitoring, and deployment of VXLAN/EVPN in small data centers.

We also continued the WAN encryption discussion with an overview of Data Center Interconnect encryption options.

Inter-VRF Route Leaking 17:30 2022-04-02
Integrating Storage in Leaf-and-Spine Fabrics 22:32 2022-04-02
Data Center Interconnect Encryption 16:40 2022-04-02
Migrating to a Leaf-and-Spine Fabric 6:33 2022-04-02
Monitoring ECMP Behavior in Leaf-and-Spine Fabric 12:42 2022-04-02

3:34 Ad-Hoc Questions

VXLAN and EVPN in Small Data Center 3:34 2022-04-02

Further Reading

An Update on Router Buffering

A fantastic article describing numerous aspects of network buffering, from TCP behavior and congestion control to application requirements and buffer sizing recommendations

Move Fast, Unbreak Things - NANOG NetNorad presentation by Petr Lakuphov
Facebook OpenNetNorad tool
Facebook UdpPinger
Google Backbone Monitoring, Localizing Packet Loss in a Large Complex Network
VXLAN Ping and Traceroute with Lukas Krattiger

1:38:07 January 2022

In January 2022 session we discussed Enterprise WAN design (focusing mostly on routing protocol and transport technology selection), encrypted multi-cloud connectivity, and multi-tenant public cloud networking.

Encrypted Public Cloud Connectivity 20:21 2022-03-01
Multi-Tenant Public Cloud Networking 8:51 2022-03-01

55:07 Enterprise WAN Design

Routing Protocol Selection 22:30 2022-03-01
Routing Protocol Q-A 6:58 2022-03-01
Adapting Your Design to Transport Technologies 10:56 2022-03-01
Multi-Layer Transport 14:43 2022-03-01

13:48 Ad-Hoc Topics

Impact of Transit Gateway on Application Performance 4:59 2022-03-01
Using Public Cloud as SD-WAN 5:29 2022-03-01
MACsec over Carrier Ethernet Networks 3:20 2022-03-01

More Information

IOS Classic versus IOS XE OSPF Behavior
Open-Source DMVPN Alternatives
Integrating DMVPN-based Internet VPN with MPLS/VPN WAN
BGP Routing in DMVPN Access Network
Critical Vulnerabilities in AWS
Azure's Terrible Security Posture

1:32:23 December 2021

December 2021 session was focused on VRFs -- we started with Multi-VRF designs and continued with "should one run Internet services in a VRF" (and why would we do that). We also tackled the endless dilemma: should servers connected to multiple leaf switches use link aggregation (+ LACP) or individual links?

Multi-VRF Designs 25:47 2022-01-18
Internet in a VRF 25:17 2022-01-18
Multi-Homed Servers 34:06 2022-01-18

7:13 Ad-Hoc Topics

VXLAN and EVPN on Linux Hosts 7:13 2022-01-18

1:28:31 November 2021

Topics of November 2021 session included leaf-and-spine fabrics outside of data centers, migrating application stacks into public clouds, and the differences between point-to-point and VLAN interfaces. We also continued the brownfield microsegmentation discussion from the September 2021 session.

Leaf-and-Spine Fabrics Outside of Data Centers 22:59 2021-12-27
Migrating Application Stacks into Public Clouds 16:36 2021-12-27
Point-to-Point versus VLAN Interfaces 12:17 2021-12-27

36:39 Short Questions

Unified Multi-Domain Policy 12:37 2021-12-27
Scaling VMware Private Cloud 4:16 2021-12-27
Brownfield Microsegmentation 19:46 2021-12-27

Further Reading

Could We Build an IXP on Top of VXLAN Infrastructure?
Automation Win: Recreating Cisco ACI Tenants in Public Cloud
Building an IXP with VXLAN and EVPN

1:25:55 October 2021

The session was focused on subnets and IPv6 (with a whiff of microsegmentation). We discussed the optimal subnet sizes, first steps in IPv6 deployments, IPv6 address plans and prefix delegation, and scale-out data center firewalls.

Subnet Sizing 25:11 2021-11-27
First Steps in IPv6 Deployments 29:08 2021-11-27
Scalable Data Center Firewalls 15:34 2021-11-27
IPv6 Addressing Plans and Prefix Delegation 16:02 2021-11-27

Additional Information - Subnet Sizing

Subnet sizing and heterogeneous subnets
ARP Problems in EVPN

Additional Information - IPv6 Deployments

Preparing an IPv6 Address Plan
Analyzing Dual Stack Behavior and IPv6 Quality (Geoff Huston, 2012)
Best Current Practice: IPv6 Prefix Assignment for End-users (RIPE 690)
Happy Eyeballs (RFC 8305)
Happy Eyeballs – Happiness Defined by Your Perspective
Why Does DHCPv6 Matter?
Do We Need Multiple Global IPv6 Addresses Per Interface (RFC 7934)
IPv6 Neighbor Discovery exhaustion attack and IPv6 subnet sizes
IPv6 Prefixes Longer Than /64 Might Be Harmful
Are Unnumbered Interfaces Harmful?

Additional Information - Scalable Data Center Security

I Don’t Need no Stinking Firewall ... or Do I?
Replacing the Central Firewall
Replacing Central Router with a Next-Generation Firewall?
Combine Physical and Virtual Appliances in a Private Cloud
Firewalls in a Small Private Cloud
Considerations for Host-based Firewalls (Part 1)
Considerations for Host-based Firewalls (Part 2)
Using Flow Tracking to Build Firewall Rulesets... and Halting Problem
Fixing Firewall Ruleset Problem For Good
Illumio Core Architecture

1:33:41 September 2021

In September 2021 we discussed microsegmentation (and lack of good solutions) in campus networks, how to provide IP transport to third-party suppliers across an enterprise backbone, and when and where one would use software- or hardware-based overlay virtual networks.

Ad-hoc topics included routing in public clouds, SR-IOV, eBPF, SoNIC and IPv6-only deployments.

Microsegmentation in Campus Networks 27:17 2021-10-01
IP Transport Across Enterprise IP Backbone 25:57 2021-10-01
Overlay Virtual Networking Implementation Options 17:11 2021-10-01

23:16 Ad-Hoc Topics

Subnet Routing in AWS VPC 4:25 2021-10-01
SR-IOV Resource Limitations 2:06 2021-10-01
eBPF Overview 8:18 2021-10-01
SoNIC on Whitebox Switches 2:40 2021-10-01
IPv6-only Deployments 5:47 2021-10-01
%arc%
%arc%
%arc%
You started this section on %started% Mark completed