Monday, November 30, 2015

Data Field Day Roundtable - telemetry and the impact on understanding data

I was finally able to participate in another Tech Field Day event recently, specifically Data Field Day Roundtable, and wanted to put down some thoughts on what I found interesting about it. As many folks are aware, participation in Tech Field Day isn't an endorsement of any company or product. Yes, these companies do pay to participate but for me the benefits of the event are around hearing from interesting colleagues and businesses doing innovative stuff in the market. I do encourage industry friends and colleague to watch what is put out by Stephen and crew as I really do feel it has a lot of value. Enough babble, let's jump into the one presentation that live in person at the event wasn't super engaging but after consideration merited another watch on video and some comments.

One of the challenges with lots of data is actually figuring out how to collect and process it. At huge scale the presentation that was given by Matthew Johnson with Netflix will scratch that itch for folk. Clearly designing and building systems for something as large and distributed as Netflix is complex, you just don't realize how complex until someone walks you through some of the math involved. It is an interesting presentation and worth a watch.

I found the presentation given later in the day by Phillip Liu from SignalFx to be thought provoking and this is the presentation I am referring to about being worth a second look. At first I didn't understand what SignalFx was actually providing that was different than what Splunk or DataDog might be doing. It wasn't until later in the presentation that I figured out what they had done. The online presentation is a very different experience then being there in person believe it or not. Phillip speaks very softly so most of the participants in the room really couldn't hear him well. This all changes with the video because he wore a mic for the streaming and video recording. I didn't get the light bulb moment until 41 minutes into a 54 minute presentation. Yes, I am that dim. You can hear me catch on at about 42:19 in the video.


Here in the video jumping in a little bit before I figure that out. https://youtu.be/5pXt659j8Wk?t=41m22s

In summary, SignalFx is providing math (function) as a service! You can do a variety of functional equations on data points as they are streaming into the product. This allows you to do all sort of interesting things with the data in real time that in the past you had to run large data reports on to produce. Even more impressive is that anyone with basic math skills can use the tool or leverage what SignalFx is providing out of the box with integration with other major platforms. What was really interesting is that Cisco did a demo after that showing their IOS XR routing platform being able to stream data and have SignalFx do something with that data. This effort was possible because of Cisco's work with OpenConfig. Anees Shaikh with Google also presented talking about the efforts to standardize network management and monitoring. It builds out the foundation for why this new software first world is changing what is happening in networking so profoundly.

I'm glad I was able to finally make another Tech Field Day event and I think this was a great one to be involved with as it is an area of professional interest.
- Ed




Thursday, October 08, 2015

IPv6 site local addresses - why are those still around?

There have been more than a few occasions that site local addresses (which was deprecated by RFC 3879 way back in 2004) have been brought up to me lately, specifically around a feature that Windows has had for a very long time. This feature is the automatic use of three well know site local DNS name server entries if no IPv6 name server is provided to an interface. The three IPv6 addresses are:
fec0:0:0:0:ffff::1
fec0:0:0:0:ffff::2
fec0:0:0:0:ffff::3
You can see these in use on interfaces on the Windows client or server machine, especially for interfaces you might not be aware of on a given host. For instance, you might have ISATAP tunnel interfaces or a Bluetooth interface that display these. You can check using the following PowerShell:
PS C:\> Get-DnsClientServerAddress | ft

That will display all the client DNS server information for all the interfaces on a given Windows host. From that you will see something like:
InterfaceAlias               Interface Address ServerAddresses                                                                                                          
                             Index     Family                                                                                                                           
--------------               --------- ------- ---------------                                                                                                          
Local Area Connection 2             24 IPv4    {}                                                                                                                       
Local Area Connection 2             24 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}                                                                   

isatap.{7901A47F-5E03-43A...        39 IPv4    {}                                                                                                                       
isatap.{7901A47F-5E03-43A...        39 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}                                                                                                                                                                                          Bluetooth Network Connection         6 IPv4 {}                                                                                                                       
Bluetooth Network Connection         6 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3} 


<>

There have been expressed some concerns about this being a vector of exploit because if someone sets up a DNS service on those IPv6 address space they could potentially lie to your host because you will use that as the preferred DNS resolver. This actually isn't the case and it has to do with the prefix policy table. So lets look at some more details.

One of the reason there is no concern around the misuse of site local to exploit a system is due to how the classification of site local is handled in the prefix policy table. You can view the local prefix policy table with the following PowerShell:
PS C:\> Get-NetPrefixPolicy

And the output is:
Prefix                                                       Precedence      Label
------                                                       ----------      -----
3ffe::/16                                                             1         12
fec0::/10                                                             1         11
::/96                                                                 1          3
fc00::/7                                                              3         13
2001::/32                                                             5          5
2002::/16                                                            30          2
::ffff:0:0/96                                                        35          4
::/0                                                                 40          1
::1/128                                                              50          0


The precedence of 1 means it is the least preferred, the same as the former 6bone network of 3ffe::/16 for instance which is no longer in use. The important thing to notice is that ::ffff:0:0/96 has a higher precedence based off the recommendations in RFC 6724. This means that IPv4 traffic and therefore DNS name resolver selection is preferred over site local. So if you have no IPv6 DNS server information even if you did have a site local DNS name server you would not use it if an IPv4 DNS name server option was available. This is the only use case that you might have an issue because if you are using any IPv6 and publishing an IPv6 DNS name resolver then you will prefer that IPv6 DNS name resolver right away. So the only use case where you might potentially use site local is if you actually assign a host an site local address. It makes no sense to do that at all but that is the one case where you might have a problem. So, the simple conclusion is...
Don't use site local, which is obvious, since it was depricated way back in 2004.

Hope this helps to address some concerns around this.
- Ed

Wednesday, September 30, 2015

ARIN IPv4 run out on RunAs Radio, time for IPv6! - Show 440

Super happy to have done another RunAs Radio show with Richard Campbell. We chat about what just happened with ARIN and the IPv4 run out. We cover a wide area of topics but it is hard to stay focused when chatting with a person as diverse and knowledgable as Richard!
Check out the show!
- Ed

Friday, September 25, 2015

ARIN finally ran out of IPv4 - what's next?

We have known for a long time that ARIN would be depleting their IPv4 address pool sometime this year. It happened yesterday Sept 24, 2015. So what does that really mean? Unlike some of the other RIRs around the world, ARIN chose to not have any excess reserved pool but to simply completely burn down what IPv4 address blocks they have left in inventory. This means that unlike other RIRs there is not "reserve" bucket at all to reach back into.

Honestly, while the event in very important we are still going to see IPv4 use for a long time. The reason why is that the majority of small and medium sized businesses still get their IPv4 address space from their local service provider. These ISPs still have IPv4 inventory left. I haven't seen any consolidated information about how much inventory major US providers have left but I can imagine at least several years worth. So, if a business needs IPv4 addresses they can still get them.

I do think to get them you will pay more money. Plan and simple economics come up. IPv4 is now a scarce commodity and the price per IPv4 address will only go up over time. This means that IPv6 addresses will become more common as they will be the cost effective option. Especially since that is the only way for the service providers to continue to grow and add customers. So for customers demanding IPv4 for any reason they will have to pay more and those that are willing to go IPv6 only will likely get the most cost effective service pricing.

The other impact is that a lot more folks are going to have to start getting comfortable with IPv6. How to manage it, use it and write applications that run on top of it. There is no way you can claim to be an early adopter of IPv6 at all now but you can certainly join the rapidly growing group of users who are learning and using IPv6. IPv6 is the future and the future is now!
- Ed

Wednesday, September 02, 2015

Datanauts 006 – Assessing IPv6 Readiness

I had a great time talking with Ethan Banks and Chris Wahl who are the co-hosts of the Datanauts podcast over at the Packet Pushers website. We dug into IPv6 and the state of things today. You can listen to the show and let us know what you think by hitting up the gents at @datanauts_show.
I can't recommend this podcast highly enough, it is really well done. I'm not just saying this because I was on the show. Honestly, I've listened to all the other Datanauts shows they have put out, the content is really that good. It is worth your time, trust me. Hope you enjoy it and please feel free to give feedback about what you thought about the show too. You can just hit me up on twitter @ehorley.
- Ed

Wednesday, July 15, 2015

IPv6: Introduction to the Protocol is finally available on Pluralsight

It took me forever to get this course written and recorded (sorry Don) but it is finally available up on the Pluralsight website. Many thanks to Myles Wilson for staying with me through the whole journey as my editor and to Andy Newman for thinking I was worthy of producing some content for Pluralsight (technically he was chasing me to do this since the Trainsignal days). Last but far from least is a tip of the hat and thanks to Steve Evans who first put my name in to Andy. Thanks to Steve my wife is now asking me daily why I haven't put out more content up on Pluralsight.

If you have feedback about the course don't be shy. I can do updates, revisions or fixes so let me know. Remember, this course is an introduction or beginner level course. So all my friends who are IPv6 experts, keep that in mind! You can reach out via twitter to let me know or leave a comment below.
- Ed

Monday, June 01, 2015

IPv6, Docker and building for scale

I've had some interesting conversations lately around some of my ideas about why Docker would be fundamentally better with IPv6 and IPv6 only. You can check out the podcast I did with Matt Oswalt and Jon Langemak for the ClassC Block.



Let's jump right into it. Some of the constraints around Docker is the IPv4 networking stack, how to do port forwarding, NAT and dealing with RFC 1918, even routing. There is a lot of state and management that goes into all that code to just deal with basic networking.

What if we could use a new paradigm to make Docker easier, with less state and dependencies and best of all, not having to remap any ports at all?

What if we gave every Docker host a routed /64 IPv6 address prefix and allowed it to preallocate IPv6 addresses from that /64 block to any Docker container that wanted to be run on that platform.

Better yet, let's never reuse that IPv6 address again - every (what?!? are you crazy?!?). How long would it take to burn through that /64 of public IPv6 address space?

As  Leonard Hofstadter's mom on Big Bang Theory said, "I'd like to do the math." So here we go:
Let's assume a crazy number of containers on a single host in a second, something so large no one will argue with us about it not being large enough.
  • How about 10,000,000 per second <-- yes, 10 million per second
  • A standard /64 prefix in IPv6 is 18,446,744,073,709,600,000 addresses.
 And the math:
18,446,744,073,709,600,000 IPv6 addresses / (10,000,000 IPv6 addresses/second * 60 sec/min * 60 min/hr * 24 hr/day * 365 days/yr) = 58,494 years

To consume a single /64 of address space on a single Docker host that is generating 10 million containers per second it would take more than 58 thousand years to consume all the IPv6 addresses.

A single /48 that you would allocate to a data center has 65,536 /64's in it. So, if you allocate an entire /48 to just your Docker hosts (this means you are running a data center with 65,536 servers) then you will not run out of unique IPv6 addresses on your server for (more math):
58,494 years * 65,536 /64 per /48 = 3,833,478,626

So, at a run rate of 10 million containers per second, a standard /48 that you would allocate to a data center for docker hosts it would take you 3.8 billion years to consume all the IPv6. I think that will cover almost every company that ever needs to run Docker containers and have them be unique at a point in time. Best part, we don't have to modify port numbers, they are globally unique, we can lay down a predictive algorithm for building out the lower /64 and we don't have to deal with any layer 2 at all, it is all routing! Seems like Nirvana to me.
- Ed


Tuesday, May 19, 2015

Post Interop Las Vegas - 2015 - IPv6, SanDisk and Tech Field Day - What more could you want?

I had a great time in Las Vegas at Interop and was thrilled so many folks attended my IPv6 workshop. To top it off, my workshop made the top 8 list for this year, so may thanks to those that filled out the surveys and for the positive scores too. You can see all the other great workshop presenters and topics on the InformationWeek site. They also published the top 10 session for the regular Interop conference (I did not present a session this year, only the 4 hour workshop) and that can be found on the InformationWeek site also.

In addition to all the Interop activities, I also was able to participate in some Tech Field Day fun with my friends Stephen Foskett and Tom Hollingsworth. I sat in on an interesting SanDisk presentation that you can check out on YouTube. What was particularly enlightening for me was how the storage industry is being turned upside down right now, just in a totally different way than what is happening in networking. I think this is really impactful because those are two of the three major pillars on which virtualization and cloud sit atop. What long term effect this will have is debatable but SanDisk sure does seem to be thinking ahead about how companies can change how they leverage their storage. It is worth watching, especially since they take the time to explain things so even a network engineer like me can understand what the heck is going on.

There were also a few Tech Field Day Extras - specifically Roundtables about white box switches and my favorite topic, IPv6. You can check those out on the Tech Field Day website.

Overall, I was very happy with the time I invested in attending Interop. I saw so many friends and colleagues at the event. It really has a lot of fantastic industry people attending, speaking, sponsoring and working the expo floor. I would encourage you to add Interop to your conference list if it isn't on there already. Join me in Las Vegas next year for Interop, I plan on being there!
- Ed

Wednesday, March 25, 2015

Interop - Las Vegas - How to Get Up and Running With IPv6 -- Without Destroying Your IPv4 Network!

http://www.interop.com/lasvegas/

I have been building out the content for my workshop at Interop in Las Vegas at the end of April and I am pretty excited about what I get to cover for folks attending. I will be doing a workshop titled "How to Get Up and Running With IPv6 -- Without Destroying Your IPv4 Network!" and (no surprise) it is how to really start using IPv6. I encourage you to sign up for my workshop and for Interop, it is a great show and the individuals presenting and running the event are really unique industry insiders. You can get a registration discount of 25% by using SPEAKERVIP! when registering for the event. You have until Friday, April 25th to use that code, after that you pay full price! My workshop is on Monday, April 27th from 1 to 4:30PM followed by a small reception.

To give you a taste, here are some of the items I will cover:
The Big Picture - You need an IPv6 Plan
 Assessment, Training, Planning and Design, Proof of Concept, Deployment

Worksheets for the following:
 Fundamentals, Addressing, Prefix, DHCPv6, DNS, Happy Eyeballs, Mobile and Cloud

Additional overview worksheets on:
Technical and Operational Worksheet
Planning and Design Worksheet

Also, review of key design differences between IPv6 and IPv4 covering things like:
Network address planning
Where is my NAT?
Protocol translation - transition technologies

Finally, wrap up with some demos and a limited lab (due to resource constraints)

And my Interop abstract (so you know what is published) is:
The most common IPv6 deployment is in conjunction with an existing IPv4 network. However, knowing the operational differences between IPv4 and IPv6 can be difficult, and understanding how hosts on your network will behave can be an even bigger challenge.

This workshop focuses on getting IPv6 up and working on an existing IPv4 network, including how to understand what you've deployed and how to use some common tools with IPv6. We'll look at typical frustrations such as setting the right IPv6 Router Advertisement flags, DHCPv6 settings, how ICMPv6 will impact your IPv6 deployment, and much more!

Attendees will:
  • Learn how to set up and configure IPv6
  • Determine the best operational settings for IPv6
  • Look into common dual-stack challenges
  • Review common tools to understand how IPv6 affects OS behavior

Who should attend:
  • Network, security, storage, system and virtualization administrators, architects and designers who run and maintain IPv4 infrastructure and are looking to add IPv6. Also, those looking to build labs, proof of concepts or smaller deployments with IPv6.
###

I look forward to seeing you at Interop, please don't be shy to come up and introduce yourself to me if you see me at the event. Also, I am more than happy to sign copies of my book if you happen to have it with you. I will have a few I will be giving away during my workshop too!
- Ed

Wednesday, March 11, 2015

RunAs Radio Show 411 - IPv6 in 2014

I was lucky enough to talk with Richard Campbell about IPv6 and how things had gone in 2014. We chat about a variety of things related to IPv6 and it is always and honor and great fun to be on RunAs Radio. Check out the show yourself at the RunAs Radio website.
Enjoy!
- Ed

Monday, February 16, 2015

New Posts on Infoblox IPv6 COE

I've been busy generating content for others and my blog has suffered as of late, I apologize for that. I do have some posts that might be of interest over on the Infoblox IPv6 Center of Excellence Community Blog site. Specifically, I have kicked off the year talking about what tasks you need to do for your IPv6 plan. I will update this post as the remaining blog posts come out.

The first was an overview talking about having a plan and can be found at:
https://community.infoblox.com/blogs/2014/10/28/first-steps-ipv6-adoption-having-plan

The next addresses assessments:
https://community.infoblox.com/blogs/2015/01/19/kick-2015-first-phase-your-ipv6-plan-assessment

There will be future posts that cover the following:
Training
Planning and Design
Proof of Concept
Deployment
Operate

I have also been busy developing a Pluralsight course on, surprise, IPv6. I will post a link to that once it is completed. Don't forget you can always pick up my book if you want more in-depth knowledge around IPv6 and Windows. My book is available on Amazon in print or kindle at http://tinyurl.com/Practical-IPv6 - if you like the book please leave me a review, I'm always interested in hearing back from readers.

In the mean time, I will try and add some more content around private cloud, automation and containers as I have been spending time working and exploring those topics for work.
- Ed