Archives For Data Center

F5′s iHealth

16 January 2011 — Leave a comment

Back in October at a F5 user group meeting I first heard about F5′s new user tool to aid in supporting BigIP devices. It is designed to be a proactive tool that users can use to resolve issues themselves or identify issues before they become a problem. Lets go through the process of checking this tool out. As with most vendors they have a command that generates everything someone from support would want to see. F5 is no exception, what they have is called a QKView. To generate one login into the GUI of a BigIP device and go to System > Support and this is page that generates a new one. Simply click start with QKview boxed checked (no need for TCPDump in this case) and a few minutes later you have your freshly generated support file. If you have an old one already generated it will instead be prompting you to download it. When the new one is done download it and head on over to iHealth.f5.com. Since this is a support tool you will need a valid support contract to access this site. Once you login you will be presented with a simple screen to upload the new QKview file. Go ahead and upload your file.

screen-capture-1.png

After time you will have a number of files listed on the front page. You also notice you can enter F5 case numbers and internal help desk ticket numbers for better tracking of what was going on with that QKview.

screen-capture-2.png

As you can see I have files going back to October. Not sure if they have a space limit but so far this is a great archive of your support files so bonus there. Now select the report you want to view and it takes you to a main info page. This is a summary of pretty much everything you would like to know at a glance. At the top it tells you how many issues it has found and classifies them into high, medium and informational. You also can see if a upgrade is recommended or not. The rest of the page is filled with general info such a hardware info, number of servers, nodes, etc configured, the current software running and the license status.

Overview

Continue Reading…

Juniper Networks

On day 2 we started the day off with a visit to Juniper’s Sunnyvale HQ. The day was organized by Abner at Juniper and he lined up some great speakers for us. We had three good presentations but I am only going talk on two of them. The 3rd was a good discussion with Dogu Arin and I may have a post down the road as a result of that talk on MAC-VPN. But now on to today’s post.

Junos

First up was Mike Bushong who is the Product Manager Core OS, which is of course Junos. This was a great session. Mike busted out the white board and asked what we wanted to know then started going to town.

IMG_1290.jpg

One of the first things Mike pointed out is that he does not like to do is a feature by feature comparison to Cisco’s IOS. The reason for this is today one of them may have a feature the other does not have but it will in 12-18 months most likely. When most of these boxes have a 5-7 year lifecycle so why buy for just a year or so of advantage? What he did focus on is what make Junos fundamentally better then traditional IOS.

Going into this meeting I had always felt Junos was a better thought OS then tradition IOS, leaving this meeting was I had a better understanding why. We all have heard that Junos is modular and tradition IOS is not. (I course keep saying traditional because the newer versions of IOS such as XR, XE, NX-OS and some 6500 versions are modular now.) This gives you a more stable product over all because processes are separated. For example, a crashed netflow process will not take down OSPF. This comes from them targeting the carrier space in the beginning and as the product line has grown they kept that focus on a highly reliable OS. Mike also talked about the separation of the control plane and forwarding plane. This again is a positive that all of us seemed to agree on. We also got very geeky on how the OS interacts with the CPU’s. Juniper has used custom silicone from day one but the OS is written so they could at anytime switch CPU’s. This is great to know as a customer. To me this means if they have to change hardware radically they can do that quickly and I won’t have to start over looking for new vendor halfway though a enterprise wide switch refresh.

Mike then talked about something has a been staple of Juniper marketing, the one OS for all devices concept. This of course does not mean one binary as each hardware will have specific needs resulting in separate binaries per platform. However this does lead to differences per platform. Clearly a SOHO firewall has no need for the code to configure an OC-192 module. I understand that different hardware has different software needs but if your going to preach one OS and have differences per platform that to me is not much different then the fact a Cisco 7600 runs a different IOS then the 1800. Clearly they are very different router you will configure them differently. Where one OS is an advantage is when going from a router to a firewall the config. On a Cisco 2800 vs an ASA the config is night and day different. However on a Juniper MX 960 vs SRX 240 it is not that different and it is easy to transition from one to the other. That is where the real advantage is to me. Most of is the group where not that sold on how great of a benefit one OS. Most of us feel that different devices have different purposes so they have different configs but maybe that is just the long term Cisco users in us. Overall the one OS is good idea and am glad Juniper is doing it, I just don’t see the benefit is a big as marketing tells us it is.

Data Center Switches

Switches are a fairly recent addition to the Juniper portfolio as result many people are still not very familiar with this product line. As a result Dave Hawley was there to explain the EX line of switch to us in detail. What Juniper recommending for data centers is top of rack EX4200’s (or 4500 if you need 10Gb) and in most cases uplinked to a MX router. This interesting for a couple of reasons, the first being the routed layer in the data center. The trend is going to all layer 2 in your DC thanks to VMware mainly. They do of course have designs showing the EX8200 as core but clearly MX was preferred. The second is those are the same switches that you would also deploy in the access layer to the users. These are of course powerful access layer switches which all run at wirespeed for the same cost as other vendors oversubscribed switches that makes them also work well in the data center.

IMG_1295.jpg

One of the features Juniper introduced with the EX switches is the Virtual Chassis idea. Now Juniper will tell you this is not stacking but pretty much all of the delegates agree this is stacking, just a different way to do it. I think it is better the Cisco StackWise method but still stacking which brings new concerns when you’re deploying them. I personally have had very little issue with stacking but when it goes wrong it really goes bad. However a number of benefits exists when running the switches in this config. Easy management is one. Since 10 4200’s can be grouped into a virtual chassis that is a lot of ports all managed from a single IP. No more having to guess switch the connection on, you know it will be on that virtual chassis. The next is a larger layer 2 network spread across a wider area. These switches can be stacked using dedicated cables up to 5m or using the 10Gb uplink ports for a distance of 70km. With that config you can essentially have switch that spans two data centers. That is a great benefit for those that need that but it is a double edged sword so make sure you have a good plan if you’re going to go down that road. Within a single data center the 5m option allows for placement several racks apart. This also gets rid of the tradition tree design in the data center which makes server-to-server traffic faster and failovers faster too. I like what Juniper is doing in trying to replicate a chassis with 1RU switches but I still would like to see a few improvements. The main one being ISSU upgrades or least a staged one member at a time upgrade. Overall I think Juniper has a done a good job with the EX switches and I am excited to see what is coming next from them.

Summary

I really like what Juniper has to offer with Junos being the core of that offering. It is a great OS and despite what I think marketing may over inflate as a benefit the one OS is a really good benefit to have on your side. Juniper is also really big on making customers and potential customers are knowledgeable on their products. They have number of free eLearning courses online, they offer a fast track program for certification and have a series of high quality free Day One books to help you get started with Juniper. This makes the transition from your current routers and switches to Juniper that much easier. We have a number of old Cisco 3550’s to replace and Juniper is high the list to replace them. I suggest you reach out to Juniper and learn more about them, they are very willing to help get you the info you need.

Disclosure: As a reminder this was part of Tech Field Day and the sponsors, which Juniper was one, did pay for all of the delegates flights, meals and hotels. However nothing was required or expected in return for this trip on my part. In addition Juniper gave us a 2gb flash drive and some of us got a Juniper book, I got Network Mergers and Migrations: Junos Design and Implementations.

If you read my post on the Tech Field Day visit to HP you know I was disappointed with the technical content and ended up being a bit too harsh on HP for that. Although I did not get what I wanted I did like the direction they are going in. The good news is HP after that provided us with some addition PDF that have more of the info we were looking for. So I decided to look into the switch myself and I have to say if your looking for a new large data center core switch you need to at least look at these switches.

HP – 3Com – H3C ?

I think most people are not that familiar with how high end HP’s switching line is. Many people thought HP bought 3Com for low end switch but the opposite is true. H3C was a wholly owned subsidiary of 3Com but was founded as a Huawei and 3Com joint venture. H3C had a very high end line of switches that HP is now calling the HP A-series outside of China. It was formally called the H3C S12500. They have a number of offerings but the main ones we saw is the A12500. It comes in two flavors the A12518 which is an 18 slot chassis and A12508 is the 8 slot version.

IMG_1281.jpg

This is the A12518 and as you can see it is a full rack. However unlike the Nexus 7018 it does not need a special rack for airflow. It also has some fairly advanced power and fan control for optimal power consumption to lower the total cost of ownership. A prime example of this is the power per 10Gb port. The A12518 its 54w and the Nexus 7018 is 112w. So it’s half the power per port as the Nexus. BTU’s are half of what the Nexus is which is major savings on cooling costs. Over the course of a year that is a real savings in your data center.

Switching Capacity

As you would expect from a modern data center switch this guy is fully redundant for key parts. The mid-plane is a CLOS architecture and today provides 360Gb per slot (and that is standard marketing math, counts both in and out.) It will support up to 720Gb with future fabrics. It has a total of 6.6Tb per second today and the architecture can double to 13.3Tb down the road. It can have 128 non-blocking 10Gb ports and 512 if your ok with 4:1 oversubscription. The buffers are pretty good too at 256Mb per non-blocking port vs ingress: 92 Mb / egress: 80 Mb on the Nexus. It also is ready for 40Gb/100Gb but I don’t have the specs on that.

Another key feature of this line is the Intelligent Resilient Framework. This sounds very familiar to Junipers virtual chassis. I have read up it some more but can not speak to it with the proper knowledge so this section is going to limited. These technologies (VSS, IRF, stacking, virtual chassis, etc) provide a great benefit in eliminating spanning tree and doubling the links bandwidth. However if you do some searching you will run into some horror stories on failures with these technologies. I would be very cautious with this if I was deploying it. I have deployed a number stackwise, VSS and VBS rings in our data centers because I have not had many issues and the increased bandwidth with the elimination of spanning tree is well worth it for me. For you, proceed with caution.

What Next?

HP has come a long with in the data center switch market with the acquisition of 3Com and has a good vision for what data centers should look like. After really looking into this line of I switches I feel if your looking at large data center projects you need to at least talk to HP about these. After all if your going to consider Cisco for your servers with UCS I think it is fair to look at HP for your networking.

Dell’s alternative to container based DC’s
Pretty cool alternative to standard shipping containers.

Packet Pushers podcast
Very high quality podcast from some senior level networking guys. Well worth your time to listen to each week. Also has shorter “runt” episodes at random times.

802.1Qbg and 802.1Qbh
May want to read up on these. Very possibly could be what your deploying in your data center sooner then you think. Will be interesting to see how these and what Cisco is doing will play out over the next year with the virtualization of the data center. VEPA, TRILL and FabricPath; get to know these terms.