An EIGRP Scaling Puzzle

This last week I received an email from a friend asking about scaling. The situation is this: a particular company has well over 100 EIGRP routers on a single L2 service from a provider. Will this scale? What’s more interesting than simply asking about scale, though, is to ask the “why” question — no matter […]

Cisco FlexVPN DMVPN, Part 1 – Overview and Design

This post will introduce a new type of DMVPN – FlexVPN, unofficially called “DMVPN phase 4″ .  We will go through the basic building blocks of Cisco FlexVPN DMVPN and some of the design best practices for a typical enterprise WAN network.

Looking at IS-IS Security

Engineers hardly ever think of the control plane as an attack surface — from the new/old wave of centralized controllers (Rule 11!) to the middle term wave of distributed routing protocols, the control plane just hums along in the background without many people thinking about it from a security perspective. That is, until a big […]

Yet Another new BGP NLRI: BGP-LS

Fig.2 BGP-LS

Yes, that’s right, we have another new BGP NLRI: BGP-LS. In this post we will be looking at BGP with Link State (LS) extension which is an integral part of the Carrier SDN strategy. We will look at why we need BGP-LS, its internals and its applications. What I won’t cover is things like do we need SDN?, […]

SDN Controller Benchmarking

There’s been a lot of talk of late on the performance of centralized network controllers (such an odd thing to say when you think about it, but there it is). Ethan recently had a post up on the topic of scaling and SDNs that overlaps with this topic, and SDN Testing ran some interesting tests […]