RE: Comparison of freeware open source switch software?

2018-01-11 Thread 7riw77 

> My understanding is the same as Ricky's. At least in the Broadcom word, you
> have to license the SDK from Broadcom in order to develop against it and, more
> importantly, have documentation of which register does what. I don't know if
> you need to license it to program the ASIC (assuming you can do it without SDK
> in a sensible fashion).

If you can live within SAI's capabilities, SAI is freely available for 
Broadcom. This is what SONiC uses to communicate to the Broadcom chipset, and 
it works well.

If you really want a rundown, please ping me off list; I have a good bit of 
information I could share from prior presentations... You can also look up my 
presentations at nanog/lacnog on the topic, but I'm glad to fill in what I know 
beyond what's there if it's helpful.



Russ

Re: Blockchain and Networking

2018-01-11 Thread William Herrin 
On Thu, Jan 11, 2018 at 2:44 PM, Miles Fidelman 
wrote:

> Transferring log files, used as forensic evidence, comes to mind.
>

Blockchain is no better at transferring log files than regular PKI.

Blockchain could be used to authenticate that forensic evidence presented
later is the same evidence that was originally logged by the individual who
collected it where the agency responsible for custody of the evidence is
not trusted or where there have been claims evidence tampering. Interesting
law enforcement application. Dubious utility in networking where the
networking staff are a trusted authority.


Any kind of paperwork, tables, etc. associated with network configuration -
> particularly if you're trying to preserve changes.


AFAICT, blockchain is no better at this than regular PKI and regular PKI is
much less expensive to operate.


On Thu, Jan 11, 2018 at 2:46 PM, Dale W. Carder  wrote:
>
> Traceroute or any other path diagnostics comes to mind.


That's not obvious to me. Assuming the time-exceeded message was modified
to include the necessary data, how would blockchain authenticate the
responding router?

Regards,
Bill Herrin



-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web:

Re: Blockchain and Networking

2018-01-11 Thread Dale W. Carder 

Traceroute or any other path diagnostics comes to mind.

Dale

Thus spake Tom Beecher (beec...@beecher.cc) on Thu, Jan 11, 2018 at 12:22:43PM 
-0500:
> "Blockchain is great at proving chain of custody, but when do you need to do
> that in computer networking?"
> 
> This is the most important question to ask. Everything else is just
> buzzwordy shenanigans.
> 
> On Mon, Jan 8, 2018 at 12:52 AM, William Herrin  wrote:
> 
> > On Mon, Jan 8, 2018 at 12:26 AM, Glen Kent  wrote:
> >
> > > Do folks on this list see blockchain technology making inroads into the
> > > networking? I can see blockchain being used to secure the SDN environment
> > > where blockchain will allow encrypted data transfers between nodes (ones
> > > hosting different applications, the SDN controller, the data plane
> > devices)
> > > regardless of the network size or its geographical distribution.
> > >
> >
> > Hi Glen,
> >
> > I'm having trouble envisioning a scenario where blockchain does that any
> > better than plain old PKI.
> >
> > Blockchain is great at proving chain of custody, but when do you need to do
> > that in computer networking?
> >
> > Regards,
> > Bill Herrin
> >
> >
> > --
> > William Herrin  her...@dirtside.com  b...@herrin.us
> > Dirtside Systems . Web: 
> >

Re: Blockchain and Networking

2018-01-11 Thread Miles Fidelman 

Transferring log files, used as forensic evidence, comes to mind.

Any kind of paperwork, tables, etc. associated with network 
configuration - particularly if you're trying to preserve changes.



On 1/11/18 10:22 AM, Tom Beecher wrote:

"Blockchain is great at proving chain of custody, but when do you need to do
that in computer networking?"

This is the most important question to ask. Everything else is just
buzzwordy shenanigans.

On Mon, Jan 8, 2018 at 12:52 AM, William Herrin  wrote:


On Mon, Jan 8, 2018 at 12:26 AM, Glen Kent  wrote:


Do folks on this list see blockchain technology making inroads into the
networking? I can see blockchain being used to secure the SDN environment
where blockchain will allow encrypted data transfers between nodes (ones
hosting different applications, the SDN controller, the data plane

devices)

regardless of the network size or its geographical distribution.


Hi Glen,

I'm having trouble envisioning a scenario where blockchain does that any
better than plain old PKI.

Blockchain is great at proving chain of custody, but when do you need to do
that in computer networking?

Regards,
Bill Herrin


--
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Blockchain and Networking

2018-01-11 Thread Tom Beecher 
"Blockchain is great at proving chain of custody, but when do you need to do
that in computer networking?"

This is the most important question to ask. Everything else is just
buzzwordy shenanigans.

On Mon, Jan 8, 2018 at 12:52 AM, William Herrin  wrote:

> On Mon, Jan 8, 2018 at 12:26 AM, Glen Kent  wrote:
>
> > Do folks on this list see blockchain technology making inroads into the
> > networking? I can see blockchain being used to secure the SDN environment
> > where blockchain will allow encrypted data transfers between nodes (ones
> > hosting different applications, the SDN controller, the data plane
> devices)
> > regardless of the network size or its geographical distribution.
> >
>
> Hi Glen,
>
> I'm having trouble envisioning a scenario where blockchain does that any
> better than plain old PKI.
>
> Blockchain is great at proving chain of custody, but when do you need to do
> that in computer networking?
>
> Regards,
> Bill Herrin
>
>
> --
> William Herrin  her...@dirtside.com  b...@herrin.us
> Dirtside Systems . Web: 
>

Re: Cisco switch recommendations

2018-01-11 Thread Blake Hudson 
The 38xx, 37xx, 36xx, 35xx, etc line have generally not been wirespeed 
on all ports and have had smaller buffers. For applications where we 
wanted to guarantee wirespeed I've generally stuck to the 4948 lineup or 
a switch based on the 4500 family. Any reason you don't mention the 
4948E(-F) 
 
(4x 10gig ports) or 4500-X (all ports 10gig) as these are Cisco's 
replacement for the model you currently have in use and have been happy 
with?




Jorg Bielak wrote on 1/10/2018 5:06 PM:

I’m currently using Cisco WS-4948-10GE switches on some of my sites.
Since I need more than two 10-Gig ports the Cisco 4948s have reached 
end-of-life for me.
The current Cisco 4948 switches are doing my OSPF and BGP routing, as well as 
some ACLs and actually work great for us….
I’m looking to replace the current switches with Cisco 3850-12XS switches 
(using the IP Services OS).
Does anyone have experience with the Cisco 3850-12XS switches, in comparison to 
the WS-4948-10GE switches? Or other recommendations?

Thanks
JB