Taken from the H-REAP deployment guide:
The CAPWAP, on which Cisco's Unified Wireless Network architecture is based, specifies two different primary modes of wireless access point operation:
Split-MAC—In Split-MAC mode, the system shares key functions of the 802.11 specification between the access point and the controller. In such a configuration, the controller is not only responsible for much of the processing of things such as 802.11 authentications and associations, it also acts as the single point of ingress and egress for all user traffic. Split-MAC access points tunnel all client traffic to the controller via an CAPWAP data tunnel (CAPWAP control also follows the same path.).
Local MAC—Local MAC, in implementing full 802.11 functionality at the access point, allows for the decoupling of the data plane from the control path by terminating all client traffic at the wired port of the access point. This allows not only for direct wireless access to resources local to the access point, but it provides link resiliency by allowing the CAPWAP control path (the link between AP and controller) to be down while wireless service persists. This functionality is particularly useful in small remote and branch offices across WAN links where only a handful of access points are needed and the cost of a local controller is not justified.
H REAP WAN Considerations
Because the H REAP has been designed specifically to operate across WAN links, it has been optimized for such installations. Though H REAP is flexible when it comes to these remote network design scenarios, there are still a few guidelines that need to be honored when architecting a network with H REAP functionality.
Hybrid REAP supports up to four fragmented packets or a minimum 500-byte maximum transmission unit (MTU) WAN link.
Roundtrip latency must not exceed 300 milliseconds (ms) for data and 100 ms for voice and data between the access point and the controller, and CAPWAP control packets must be prioritized over all other traffic.
The controller can send multicast packets in the form of unicast or multicast packets to the access point. In hybrid-REAP mode, the access point can receive multicast packets only in unicast form.
In order to use CCKM fast roaming with hybrid-REAP access points, you need to configure hybrid-REAP groups.
Hybrid-REAP access points support multiple SSIDs.
NAC out-of-band integration is supported only on WLANs configured for hybrid-REAP central switching. It is not supported for use on WLANs configured for hybrid-REAP local switching.
Note: During an upgrade, each AP needs to retrieve a 4 MB code update across the WAN link. Plan upgrades and change windows accordingly.
In order to ensure that support for this stated latency limitation is in place, it is strongly recommended that between the access point and controller, priority be configured in the intermediary infrastructure to elevate CAPWAP (UDP port 5246) to the highest priority queue available. Without priority placed on CAPWAP control, spikes in other network traffic can very likely cause H REAP access points to frequently shift from connected to Standalone modes as WAN link congestion prevents access point/controller messages (and keep-alives) from being delivered. It is highly recommended to Network designers, who plan to deploy HREAP AP over WAN links, to test all their applications.
Frequent H REAP flapping causes serious connectivity issues. Without proper network prioritization in place, it is prudent to place controllers at remote sites to ensure consistent and stable wireless access.
Note: Whether H REAP is configured to tunnel client traffic back to the controller or not, the CAPWAP data path is used to forward all 802.11 client probes and authentication/association requests, RRM neighbor messages, and EAP and web authentication requests back to the controller. As such, ensure that CAPWAP data (UDP port 5247) is not blocked anywhere between the access point and controller.
Hybrid REAP groups
In order to better organize and manage your hybrid REAP access points, you can create hybrid REAP groups and assign specific access points to them. All of the hybrid REAP access points in a group share the same CCKM, WLAN, and backup RADIUS server configuration information. This feature is helpful if you have multiple hybrid REAP access points in a remote office or on the floor of a building and you want to configure them all at once. For example, you can configure a backup RADIUS server for a hybrid REAP group rather than having to configure the same server on each access point. For each controller, you can configure up to 20 hybrid REAP groups with up to 25 access points per group.
To Trunk or not to Trunk
H REAP access points may be connected to 802.1Q trunk links or untagged access links. When connected to a trunk link, H REAP access points send their CAPWAP control and data traffic back to the controller via the native VLAN. Locally switched WLANs may then have their traffic dropped on any available VLANs (native, or otherwise). When set to operate on an access link (with no 802.1Q visibility), H REAP s forward all CAPWAP messages and locally switched user data out to the single, untagged subnet to which it is connected.
General guidelines for the selection of the switchport mode for H REAPs are as follows:
Use a trunk link if more than one WLAN is configured for local switching and if traffic on these SSIDs needs to be dropped on different subnets. Both the access point and the upstream switchport need to be configured for 802.1Q trunking. The configuration of H REAPs for 802.1Q trunking is the most common configuration and provides the most flexibility. Native VLAN also needs to be configured on the switchport that the H REAP is connected to as all CAPWAP communication between the AP and the WLC is on the native VLAN.
Use an access link when H REAPs either do not have more than a single locally switched WLAN or have multiple locally switched WLANs that do not require wired-side separation. Be aware that a trunk link can still be desirable under these conditions if separation between CAPWAP messaging and user data is desired. But, this is neither a configuration requirement, nor a security risk.
Note: H REAP access points default to operate on untagged, access link interfaces.
Radio Resource Management (RRM)
Transmit Power Control (TPC) algorithms in RRM are not triggered until four or more access points are within range of each other. So, some H REAP installations might never power their radios down. As such, without ever being able to power down their radios in the first place, H REAPs do not adjust transmit power upward to compensate in the event of a coverage hole detection.
In Standalone mode, RRM functions on H REAPs that require controller processing are not supported.
Note: H REAP was not designed to provide location services. Therefore Cisco cannot support stated location accuracy claims in H REAP deployments.
L2 and L3 Mobility
Roaming events between H REAPs on locally switched WLANs may take between 50 ms and 1500 ms, which depend on WAN latency, RF designs and environmental characteristics, as well as security types and client-specific roaming implementations.
Layer 3 roaming is not supported for locally switched WLANs but is supported for centrally switched WLANs.
Other H REAP Limitations
H REAPs do not support WGB.
If you have configured a locally switched WLAN, then Access Control Lists (ACLs) do not work and is not supported. On a centrally switched WLAN, ACLs is supported.
Any changes to a locally switched WLAN configuration on the Controller cause a temporary loss in connectivity as the new configuration is applied to the H REAP. As such any clients on these locally switched WLAN get temporarily disconnected. The WLAN is enabled right away and the clients re-associate back.
The controller can send multicast packets in the form of unicast or multicast packets to the access point. In hybrid-REAP mode, the access point can receive multicast packets only in unicast form.
Per @samuel_clements there is no limit to the number of H-REAP APs that are supported in newer versions of controller code. Seconded by @revolutionwifi & link to a good discussion on H-REAP provided by @IndTechTalk
The H-REAP feature matrix document is also quite useful.
Monday, November 22, 2010
Sunday, November 21, 2010
Comparing 802.1x Authentication Methods
I could have sworn I'd already linked to this image. This is the chart I frequently refer to when I get asked 'What is the best security method for us'. This chart will help you decide how secure a WLAN can be depending on the security mechanisms currently at your disposal (read: no additional spending required). This chart is a bit old, and doesn't list new OSes like Windows 7, but you get the idea.
Thursday, October 21, 2010
WCS CleanAir mini video tutorials
My pal @revolutionwifi (Andrew VonNagy) wrote up a great post about Cisco CleanAir and his real world experiences with it, so I thought I'd follow up with a couple of little videos of some demo gear I'd been working with for a couple of weeks.
In the first video, I go through the configuration steps outlined in the Cisco CleanAir Deployment Guide. At first I didn't realize that when I set the Air Quality Alarm Threshold way down at 35 that i was effectively removing all the sources of interference that had been displayed on the WCS map. I figured out what was wrong, and when the interference sources were again displayed in WCS I picked back up where I left off.
Of course, there is more to CleanAir than what I put in this video given the 10 minute limitation - but I thought it covered most of the basics.
The second video shows putting a 3500 series AP into SE-Connect mode. SE-Connect mode is where you use Cisco Spectrum Expert to connect to a remote AP and monitor the RF spectrum analysis information it is sensing from the Cisco Spectrum Expert application on your laptop/PC. This ability to be where the interference is happening can save you a trip across town or possibly farther than that. It allows you to get an immediate view into what is in the RF environment and not just hope that it is still happening when you get to the site so you can try to fix it then.
The third video is a side by side by side comparison of Cisco Spectrum Expert, AirMagnet Spectrum XT and Metageek's Wi-Spy dBx Chanalyzer 4 application. I showed them one after another so you can get an idea of what the default settings for each application shows you. Here's a picture of the mess of adapters/tools.
Friday, September 24, 2010
The Impossible Project
The Impossible Project is a group of people dedicated to creating a new instant analog film product designed to be used in Polaroid cameras. The first type of film they created is a black & white/sepia tone film called Silver Shade. Just recently they've launched the first new color film for Polaroid cameras called Color Shade.
When I found out that The Impossible Project finally had film available for purchase I quickly placed an order. At the time the only Polaroid camera I had was the 600 model, so I began an eBay quest to find cameras to fit the film I'd bought.
So, now with a few more cameras in my arsenal, I could pick & choose which one I was going to take to Tech Field Day. I opted for the Spectra (on the right) because it is the widest film format Polaroid made, it is auto focus (sonar!), has a flash and is compact for traveling.
During the three days I was in San Jose for Tech Field Day, I was excited to be able to introduce The Impossible Project film for Polaroid cameras to a large group of people. I imagined that a lot of people weren't aware you could buy film for Polaroids anymore - and I was right.
Tech Field Day gave me an opportunity to gain access to cutting-edge data centers and networking hardware. I thought it was wonderfully fitting to contrast the high tech with the analogue lo-tech Polaroid camera. I brought along some deadstock Polaroid film, and a pack of the PZ 600 Silver Shade film by TIP.
The first cutting-edge gear/analogue picture was of the new HP A12500 Data Center switch. This bad boy is nicknamed "The Widowmaker" cause it took 6 men to lift it into the data center rack. This bad boy can have up to 512 10G ports or 864Gt ports - moving 6.6 Terabytes of data PER SECOND.
I took a Polaroid of it & tweeted it before it was done developing. Sure enough, someone thought it was an old picture!
The visit to the Juniper data center was equally exiting - the room was filled with the din of cooling fans. There's just something about a room crammed to the rafters with white noise and blinking machinery. A certain je ne se quoi if you will.
The second picture I took was of the Juniper T1600. It supports 160 10G ports, 16 40G ports or 8 100G ports. Capable of moving 1.6 Terabytes per second..
Now granted, the picture on the left doesn't match up with the switch in the rack, but they're both T1600s.
The real photographic joy of Tech Field Day was the trip to the Computer History Museum. How cool is it to take Polaroids of the first mouse, the Cray-1, the Babbage Difference Engine and the first hard drive?!
I was giddy I tell you.
I was giddy I tell you.
The full set of museum Polaroids is on my Polanoid.net page. http://bit.ly/CHMPolaroids
The main link to my Polanoid.net page is http://bit.ly/MyPolaroids
At the final Tech Field Day dinner I cracked open the PZ 600 Silver Shade film. I hadn't used any of the Silver Shade film by The Impossible Project yet, but I'd read that the film exposure was temperature sensitive. The sweet spot for proper exposure is around 72° F and I figured that most of San Jose inside and out is about that temperature in mid-September.
All of the dinner pictures turned out great, especially considering that I was using a flash indoors. I covered one shot with my hands while it was developing to test the warm temperature overexposures I'd read about - it's true. The warmer the picture when it is developing the more overexposed it will turn out.
I am very pleased with the quality of the Silver Shade film by The Impossible Project - I've already lined up my next film purchase. I hope I was able to spark the curiosity of a few people to try film from The Impossible Project. I think what they're doing is pretty amazing. They bought the last Polaroid factory in the Netherlands, and they've had to reverse engineer Polaroid film and use less chemicals and materials in the process.
Before you even ask - no, I'm not a paid sponsor or anything like that. I like taking pictures, and I'm glad that I'm still able to get film for my Polaroid cameras. There's nothing quite like a Polaroid.
Polaroids make people smile.
Thursday, September 23, 2010
Would you be interested in a Wireless Tech Field Day?
The question has been asked: Is there enough demand to support a Wireless Tech Field Day?
I know I can count at least 15 ~ 19 wireless people on Twitter that might like to participate as delegates, and at least 27 or so companies that could participate as event sponsors..
So, I'm throwing this survey out there to find out what companies you'd be interested in meeting with and to see how many interested parties actually fill out the survey! Once we can identify the demand, it may make it easier to find event sponsors.
http://www.surveymonkey.com/s/GKM2W6Q
I know I can count at least 15 ~ 19 wireless people on Twitter that might like to participate as delegates, and at least 27 or so companies that could participate as event sponsors..
So, I'm throwing this survey out there to find out what companies you'd be interested in meeting with and to see how many interested parties actually fill out the survey! Once we can identify the demand, it may make it easier to find event sponsors.
http://www.surveymonkey.com/s/GKM2W6Q
Wednesday, September 22, 2010
The Cisco 1040 Access Point
Today I viewed a pre-recorded webinar put together by Fred Niehaus (TME Cisco Wireless Business Unit) regarding the new Cisco 1040 Access Point. The link is to the 'MyCiscoCommunity' page which you may or may not have access to, so I'll summarize the best bits of the webinar.
The 1040 is a stripped down low cost offering from Cisco - designed for customers that don't require advanced features like ClientLink, Bandselect and Videostream. The 1040 is a 2x2 with 2 spatial streams, and its TCP performance is 20-25% lower than the 1140 AP. It is supported in controller code 7.0.98 and above. It uses the same mounting hardware as the 1140, 1260, and 3500 series APs. It cannot be upgraded to an 1140, the differences between the two are in the hardware.
The 1040 has its own VCI string - Cisco AP c1040 for DHCP Option 43 entries.
It was mentioned that the AP should not be opened as there is a conductive RF gasket installed at the factory with a specific torque.
Visually the difference between the 1040, 1140 and 3500 are - the 1040 has a dimpled radome, the 1140 has a silk screened Cisco logo, and the 3500 has an embossed Cisco logo.
New part numbers:
AIR-PWR-B= - Energy Star rated power supply (identical to AIR-PWR-A)
AIR=PWRINJ4 - New power injector for 1040 AP, only draws 12.95 Watts, but is capable of providing higher power to the 1250 AP. Compatible with 1140, 1040, 3500 and 1250 APs
AIR-PWR-SPLY1 - Power Supply for the AP-1250
114XFLSHMNT= - Mounting kit to install AP inside the ceiling tile
114XFLSHMNT110= - 10 Pack of Flush Mount Kits
AIR-AP-T-RAIL-F - Ceiling Grid Clip - Flush
AIR-AP-T-RAIL-R - Ceiling Grid Clip - Recessed
AIR-CHNL-ADAPTER - Accessory clip for channel and beam rails
AIR-AP-BRACKET-1 - AP Bracket - Low Profile
AIR-AP-BRACKET-2 - AP Bracket - Universal
A new disclaimer about vertical AP mounts has been added in the Quick Start Guide - The access point's integrated antennas perform best when the access point is mounted on horizontal surfaces such as a table top or ceiling. For advanced features such as voice, location and rogue access point detection, ceiling mounting is strongly recommended. However, for smaller areas such as conference rooms, kiosks, transportation environments, or hot-spot usage where data coverage is the primary concern, the unit may be wall mounted.
The different types of ceiling tile structures have been addressed through a variety of ceiling clips that are available. Recessed ceiling tiles have a special clip AIR-AP-T-RAIL-R. Flush ceiling tiles have a different clip AIR-AP-T-RAIL-F. By default, the 1040 will ship with a low profile bracket AIR-AP-BRACKET-1 unless a different bracket is specified when ordering. For wall mount, power box and other hard ceiling installations - there is a new bracket with more mounting holes AIR-AP-BRACKET-2.
Sometimes ceiling tile supports are not flat pieces of metal. There are mounting solutions for channel rails and beam rails. AIR-CHNL-ADAPTER comes in a quantity of 2 - enough to mount a single access point, and can be attached to the channel rail or beam rail before using the AIR-AP-T-RAIL-R or the AIR-AP-T-RAIL-F clip to mount the AIR-AP-BRACKET-1 or AIR-AP-BRACKET-2
The 1040 is a stripped down low cost offering from Cisco - designed for customers that don't require advanced features like ClientLink, Bandselect and Videostream. The 1040 is a 2x2 with 2 spatial streams, and its TCP performance is 20-25% lower than the 1140 AP. It is supported in controller code 7.0.98 and above. It uses the same mounting hardware as the 1140, 1260, and 3500 series APs. It cannot be upgraded to an 1140, the differences between the two are in the hardware.
The 1040 has its own VCI string - Cisco AP c1040 for DHCP Option 43 entries.
It was mentioned that the AP should not be opened as there is a conductive RF gasket installed at the factory with a specific torque.
Visually the difference between the 1040, 1140 and 3500 are - the 1040 has a dimpled radome, the 1140 has a silk screened Cisco logo, and the 3500 has an embossed Cisco logo.
New part numbers:
AIR-PWR-B= - Energy Star rated power supply (identical to AIR-PWR-A)
AIR=PWRINJ4 - New power injector for 1040 AP, only draws 12.95 Watts, but is capable of providing higher power to the 1250 AP. Compatible with 1140, 1040, 3500 and 1250 APs
AIR-PWR-SPLY1 - Power Supply for the AP-1250
114XFLSHMNT= - Mounting kit to install AP inside the ceiling tile
114XFLSHMNT110= - 10 Pack of Flush Mount Kits
AIR-AP-T-RAIL-F - Ceiling Grid Clip - Flush
AIR-AP-T-RAIL-R - Ceiling Grid Clip - Recessed
AIR-CHNL-ADAPTER - Accessory clip for channel and beam rails
AIR-AP-BRACKET-1 - AP Bracket - Low Profile
AIR-AP-BRACKET-2 - AP Bracket - Universal
A new disclaimer about vertical AP mounts has been added in the Quick Start Guide - The access point's integrated antennas perform best when the access point is mounted on horizontal surfaces such as a table top or ceiling. For advanced features such as voice, location and rogue access point detection, ceiling mounting is strongly recommended. However, for smaller areas such as conference rooms, kiosks, transportation environments, or hot-spot usage where data coverage is the primary concern, the unit may be wall mounted.
The different types of ceiling tile structures have been addressed through a variety of ceiling clips that are available. Recessed ceiling tiles have a special clip AIR-AP-T-RAIL-R. Flush ceiling tiles have a different clip AIR-AP-T-RAIL-F. By default, the 1040 will ship with a low profile bracket AIR-AP-BRACKET-1 unless a different bracket is specified when ordering. For wall mount, power box and other hard ceiling installations - there is a new bracket with more mounting holes AIR-AP-BRACKET-2.
Sometimes ceiling tile supports are not flat pieces of metal. There are mounting solutions for channel rails and beam rails. AIR-CHNL-ADAPTER comes in a quantity of 2 - enough to mount a single access point, and can be attached to the channel rail or beam rail before using the AIR-AP-T-RAIL-R or the AIR-AP-T-RAIL-F clip to mount the AIR-AP-BRACKET-1 or AIR-AP-BRACKET-2
Monday, September 20, 2010
Tech Field Day - wrap up
Last week I took part in a unique meeting of the minds - now I freely admit that I didn't get everything that was discussed, but neither did @plankers. He was (and is) The Lone Sysadmin, and I was the only wireless person in attendance. I did learn a lot, and took a lot of notes. It seems to me that large companies have a hard time dialing back the sales pitch, or the back story of how they came to be. I think they just can't help it - I think this gets written into their source code once they've been assimilated into the corporation.
The event was called Tech Field Day, organized by Gestalt IT (Stephen Foskett & Claire Chaplais). This was the first networking focused Tech Field Day, and the list of vendors that presented to our group was: HP, SolarWinds, Cradlepoint, Force10 - for the second day: Juniper, Arista Networks, Xsigo.
HP delved into the future of network virtualization with Jay Mellman Sr. Director WW Marketing, then had Les Stuart talk about the HP Intelligent Management Center, but I'll just provide a link to Jeremy Gaddis' blog post which covers the event in much greater detail. The recurring theme of the switching vendors was that nobody had a supported switch emulator for testing proof of concepts for change management needs - HP currently does not have a solution to enable the Network Admin to prove to the rest of enterprise that a planned configuration change would not take out the network..
SolarWinds crew was pleased to hear that they were free to dive into the nuts and bolts since we were all fully aware of the basics of how their software worked. I was not aware that SolarWinds can monitor/manage multiple vendors' wireless devices out of the box.
Cradlepoint's offering of 3G and 4G wireless hotspot devices was very interesting. Their new pre-paid 4G wireless device called the Rover, and was shaped like the thing you're handed when you have to wait for a table at Macaroni Grill.
I can see the beauty of the pre-paid feature, but man are these things gonna cause problems if they become prolific. I say cause problems, because just imagine a dozen people firing up their Rover to surf the net at the same time. Each one may have its own 4G uplink, but the local hostpot is still 802.11B/G, and there are still only three channels that are non-overlapping. I looked through the Rover FAQ, but didn't see anything indicating you can change the 802.11 operating channel, or how you'd even know there was interference. There are strong business drivers for this type of localized wi-fi hotspot capability since not everywhere has free wifi (yet). I can see this type of networking device with cellular backhaul, local 802.11 wireless connectivity being used at events like Bonnaroo, Lollapalooza or other outdoor events with sales tents where hard wiring the tents isn't feasible. Their product comparison sheet shows which devices have ethernet ports, and which ones support 802.11n. Now WPA2 with a random string of 63 characters for the PSK doesn't meet PCI compliance unless you throw a firewall in there, but that probably wouldn't stop a small independent merchant from using something like this at a mobile event.
Force10 - Company started in 1999 to build around emerging standard of 10 gig ethernet. In 2002, they first shipped a 1/2 rack with 28 10GB (line rate fully non blocking) ports. Today they ship 1/2 rack systems with 140 10GB LR ports. Their technology is used by the majority of the large portals based in Silicon Valley. Also of note, Force10 is powers 2 of the 10 fastest systems in the world.
Juniper - The general overview of how Juniper started was useful to me, since I only know about their switching products from the Juniper as a Second Language online course that I've never gotten around to studying. We got into the real meat and potatoes of Juniper when Dan Backman sat down with us for the Round Table discussion. Dan is ridiculously smart, and has been hip-deep in Juniper for many, many years. Until the video of the roundtable is up, I found a 2006 Interop podcast where you can see what I mean.. I'm looking forward to learning Juniper once I've passed the CCIE wireless. Make a note to yourself to tune back in once all the Tech Field Day videos are up on Vimeo - the Juniper Round Table should not be missed. The unsupported Juniper emulator - Olive is JUNOS software running on an PC rather than a Juniper router. They would not say if they were working on a supported switch emulator, and deferred the conversation to be discussed at a later date. There are a million online how-to guides for installing Olive/JUNOS, hopefully Juniper got the message from us that a supported implementation is greatly desirable.
Arista Networks - I had not put two and two together to associate @dgourlay with the Packet Pushers Runt Podcast Arista Networks and Data Centre Switching. I wish I'd listened to the podcast before this preso. In any case, my takeaway from Arista is that their gear is installed in places where you absolutely cannot lose a packet, or accept a delayed packet. Think high-frequency trading, biomedical research, cloud networking. From what I understood, their OS is basically a linux kernel, with a few modifications to offset the different traffic flows from the main switching functions - and basically anything you'd do with bash/perl/python is possible at the CLI of an Arista switch. Now, I'm no coder, and I'm sure that when Jeremy G. or Ivan P. writes up a synopsis of Arista it'll be a comprehensive overview. I did get that "If you can code it, it can happen" is a very powerful statement to make to people with a deep understanding of Unix/Linux/BSD etc.. Arista commented that if you wanted to run their code on any pc/laptop etc to test configuration designs or proof of concepts you can, with the vEOS download.
Xsigo - This is the preso where @plankers got excited, because Xsigo was speaking his language. Bob was able to explain a few things from the server side perspective when questions came up from the networking side of the table. The jist of Xsigo is they provide a virtual I/O that connects to servers via standard Ethernet server ports -- no add-on cards needed. I thought of their solution as a patch bay of sorts between the server front end and the backend hardware. The configuration was all done through a java based web interface, and it was pretty simple to set up. We spent about 10 minutes setting up a couple of servers to a cloud in their lab/classroom. Things have changed a lot since I was unboxing HP fans to build DL380s in 2004.
All in all, the Tech Field Day was a unique opportunity to visit so many organizations in person - and have in depth technical conversations about their products (once you beat the marketing out of them). My next goal is to reach out to the contacts I have at wireless vendors to see if we can't set up a wireless-specific Tech Field Day sometime soon. Are you listening vendors? We want to ask you tough questions, and talk with the people that have the direct answers.
Naturally, I took a lot of pictures - not nearly as many as Stephen, but nothing beats the Polaroid I took of him. period.
My Tech Field Day Picasa Slideshow:
----------------------
Full disclosure - the Tech Field Day event was made possible by contributions from the sponsors, and I did not incur any travel or lodging costs. The schwag I went home with was a t-shirt from Solarwinds, a 4gb usb key from Juniper and HP and a Cradlepoint MBR900 except I forgot the MBR900 at Juniper - so Abner is shipping it to me :)
The event was called Tech Field Day, organized by Gestalt IT (Stephen Foskett & Claire Chaplais). This was the first networking focused Tech Field Day, and the list of vendors that presented to our group was: HP, SolarWinds, Cradlepoint, Force10 - for the second day: Juniper, Arista Networks, Xsigo.
HP delved into the future of network virtualization with Jay Mellman Sr. Director WW Marketing, then had Les Stuart talk about the HP Intelligent Management Center, but I'll just provide a link to Jeremy Gaddis' blog post which covers the event in much greater detail. The recurring theme of the switching vendors was that nobody had a supported switch emulator for testing proof of concepts for change management needs - HP currently does not have a solution to enable the Network Admin to prove to the rest of enterprise that a planned configuration change would not take out the network..
SolarWinds crew was pleased to hear that they were free to dive into the nuts and bolts since we were all fully aware of the basics of how their software worked. I was not aware that SolarWinds can monitor/manage multiple vendors' wireless devices out of the box.
Cradlepoint's offering of 3G and 4G wireless hotspot devices was very interesting. Their new pre-paid 4G wireless device called the Rover, and was shaped like the thing you're handed when you have to wait for a table at Macaroni Grill.
I can see the beauty of the pre-paid feature, but man are these things gonna cause problems if they become prolific. I say cause problems, because just imagine a dozen people firing up their Rover to surf the net at the same time. Each one may have its own 4G uplink, but the local hostpot is still 802.11B/G, and there are still only three channels that are non-overlapping. I looked through the Rover FAQ, but didn't see anything indicating you can change the 802.11 operating channel, or how you'd even know there was interference. There are strong business drivers for this type of localized wi-fi hotspot capability since not everywhere has free wifi (yet). I can see this type of networking device with cellular backhaul, local 802.11 wireless connectivity being used at events like Bonnaroo, Lollapalooza or other outdoor events with sales tents where hard wiring the tents isn't feasible. Their product comparison sheet shows which devices have ethernet ports, and which ones support 802.11n. Now WPA2 with a random string of 63 characters for the PSK doesn't meet PCI compliance unless you throw a firewall in there, but that probably wouldn't stop a small independent merchant from using something like this at a mobile event.
Force10 - Company started in 1999 to build around emerging standard of 10 gig ethernet. In 2002, they first shipped a 1/2 rack with 28 10GB (line rate fully non blocking) ports. Today they ship 1/2 rack systems with 140 10GB LR ports. Their technology is used by the majority of the large portals based in Silicon Valley. Also of note, Force10 is powers 2 of the 10 fastest systems in the world.
Juniper - The general overview of how Juniper started was useful to me, since I only know about their switching products from the Juniper as a Second Language online course that I've never gotten around to studying. We got into the real meat and potatoes of Juniper when Dan Backman sat down with us for the Round Table discussion. Dan is ridiculously smart, and has been hip-deep in Juniper for many, many years. Until the video of the roundtable is up, I found a 2006 Interop podcast where you can see what I mean.. I'm looking forward to learning Juniper once I've passed the CCIE wireless. Make a note to yourself to tune back in once all the Tech Field Day videos are up on Vimeo - the Juniper Round Table should not be missed. The unsupported Juniper emulator - Olive is JUNOS software running on an PC rather than a Juniper router. They would not say if they were working on a supported switch emulator, and deferred the conversation to be discussed at a later date. There are a million online how-to guides for installing Olive/JUNOS, hopefully Juniper got the message from us that a supported implementation is greatly desirable.
Arista Networks - I had not put two and two together to associate @dgourlay with the Packet Pushers Runt Podcast Arista Networks and Data Centre Switching. I wish I'd listened to the podcast before this preso. In any case, my takeaway from Arista is that their gear is installed in places where you absolutely cannot lose a packet, or accept a delayed packet. Think high-frequency trading, biomedical research, cloud networking. From what I understood, their OS is basically a linux kernel, with a few modifications to offset the different traffic flows from the main switching functions - and basically anything you'd do with bash/perl/python is possible at the CLI of an Arista switch. Now, I'm no coder, and I'm sure that when Jeremy G. or Ivan P. writes up a synopsis of Arista it'll be a comprehensive overview. I did get that "If you can code it, it can happen" is a very powerful statement to make to people with a deep understanding of Unix/Linux/BSD etc.. Arista commented that if you wanted to run their code on any pc/laptop etc to test configuration designs or proof of concepts you can, with the vEOS download.
Xsigo - This is the preso where @plankers got excited, because Xsigo was speaking his language. Bob was able to explain a few things from the server side perspective when questions came up from the networking side of the table. The jist of Xsigo is they provide a virtual I/O that connects to servers via standard Ethernet server ports -- no add-on cards needed. I thought of their solution as a patch bay of sorts between the server front end and the backend hardware. The configuration was all done through a java based web interface, and it was pretty simple to set up. We spent about 10 minutes setting up a couple of servers to a cloud in their lab/classroom. Things have changed a lot since I was unboxing HP fans to build DL380s in 2004.
All in all, the Tech Field Day was a unique opportunity to visit so many organizations in person - and have in depth technical conversations about their products (once you beat the marketing out of them). My next goal is to reach out to the contacts I have at wireless vendors to see if we can't set up a wireless-specific Tech Field Day sometime soon. Are you listening vendors? We want to ask you tough questions, and talk with the people that have the direct answers.
Naturally, I took a lot of pictures - not nearly as many as Stephen, but nothing beats the Polaroid I took of him. period.
My Tech Field Day Picasa Slideshow:
----------------------
Full disclosure - the Tech Field Day event was made possible by contributions from the sponsors, and I did not incur any travel or lodging costs. The schwag I went home with was a t-shirt from Solarwinds, a 4gb usb key from Juniper and HP and a Cradlepoint MBR900 except I forgot the MBR900 at Juniper - so Abner is shipping it to me :)
Subscribe to:
Posts (Atom)