Sunday Mar 26

Posts Tagged ‘networking’

Great Service from Network World
Last Updated on Tuesday, 12 August 2008 04:14
Written by JJ
Friday, March 28th, 2008

I was so impressed by the personal attention and quick response from Network World’s customer service department, I feel compelled to acknowledge it publicly and send a ‘thank you’ to their team.

Monday morning, just one business day after my pining post last Thursday night (remember Friday was a holiday), I received a call from an extremely helpful and courteous lady in the customer service department. Evidently someone does actually read my blog and had forwarded the post to NWW.

Not only did she help me get fixed up with my regular delivery, she placed the current week’s edition in the mail for me- special delivery!

And I’m greatly thankful, since this week’s cover is sporting the 10Gig Shootout, which highlights the HP ProCurve 3500 stackables. Although, I have to note, on the print cover, the photos aren’t next to the vendor descriptions. Just in case you were wondering, the ProCurve switch came in a very strong second, .03 of a point off I believe, and about half the price (and lifetime warranty). Sorry had to slip that in there too. Check out the scorecard at NWW.

So, thanks to whomever forwarded the post to NWW, and a special thanks for the quick help from their customer support!

# # #

Layer 1: Mr Bump and the Bad Wire
Last Updated on Tuesday, 12 August 2008 03:52
Written by JJ
Wednesday, March 19th, 2008

No, not a bad Mr Bump, or a bad Bump in the Wire… But one of the Bumpster’s recent posts brings about a good topic for mention- bad cable (or wire, as is more appropriate for his post).

In his friendly KISS-it note, he shares a story to remind us of our Layer 1 woes. I can’t TELL you how many times there’s a mystery problem… which almost always later surfaces as a physical dis-connect or mis-connect along the way.

In fact, just last night a certain someone called me from the road while setting up a demo… after hours of agony (and fixing some other issues) the final problem was- YEP- a cable in the wrong spot.

It’s something that happens to all of us- certainly nothing to be ashamed of. And it doesn’t always work out to be a misplaced cable… quite frequently we see bad cables, older cheap Cat 5 that’s not behaving well, home-made ends that corrode or break and even the occasional patching mis-match (see my previous post on 568A vs B).

Don’t we feel stupid after hours (or days) of puzzling, only to find out there’s a piece of metal, plastic or fiber to blame?

Here are a few Tips & Tricks to check Layer 1 and possibly eliminate frustration when you have your next ‘mystery’ problem:

  • Cable placement. Obvious one, but check and double-check, then have someone else check. It’s like proof-reading your own writing.
  • Cable REplacement. If you’re not sure- just replace the cable when possible with a known good. (Note the ‘known good’, I’ve seen batches of lemons more than once).
  • Ditch Home Mades. This little gem comes from my father- many years ago, he started noticing home-made cable ends (even those made with the BEST crimping tools) would eventually deteriorate. It may be fatigue, corrosion or little aliens- you can’t always be 100% sure of the cause, but it happens more often than not.
  • Don’t Bend It. If you are working with fiber, be nice to the fiber… wrap it gently in loose coils. Don’t bend it, squish it or let it get crimped in the cable management. You may know this, but others rummaging in your closet may not.
  • Check Negotiation. Hop in the switch or device interface and see what speed and duplex it auto-negotiated to. This culprit is probably a close 2nd behind finding bad cables.
  • Check Neighbors. A good way to dig around and investigate a possible Layer 1 issue is to jump back in that switch interface and do a show arp or show neighbors (clear old first) and see if you what you think should be there is actually there.( Pings can work too, but it’s possible ICMP is disabled, so I prefer the former method personally.)
  • Check Patching Termination. Instead of repeating myself, I’ll direct you to the recent post on 568A vs B. You’ll usually see this when you upgrade from 10/100 to Gig.

Layer 1 is the FIRST thing we check for when doing a site survey or network migration plan. If you don’t get that one right, the others are surely to fail… which may take you to Layers 8 & 9… and as we know- we like to stay a 7 and below. ;)

# # #

Why Chassis is Chic
Last Updated on Tuesday, 12 August 2008 03:39
Written by JJ
Tuesday, February 5th, 2008

After a recent post, I received an email from a respected friend of mine about my reference to the advantages of a chassis (or modular) switch platform. He didn’t feel any special love towards chassis based switches, and he’s a pretty smart guy and been around the IT block a few times. It got me thinking, so I though I’d share my Top 10 reasons why Chassis is Chic.

Everyone calls them different things, so in case you’re not familiar with the terminology I’m throwing around- I refer to fixed form factor switches (usually 1U, 24-48 ports) as stackables and the blade-based or larger modular switches with 4-20ish slots as chassis.

10. Price & TCO. Let’s start at the bottom and work our way up. I can’t in good faith tell you that you can always fit more edge ports in a 4U or 7U chassis switch than you could with 4 or 7 48-port stackables. What I can tell you is the per port cost and TCO is usually much less in a chassis. The per-port up front cost is about 18-22% more on a stackable than on the chassis, plus you lose some performance and may have other space and resource consumption. You can run (for example) 288 ports in a chassis while taking up only 2 outlets in your closet, vs 7 outlets for 7 stackables with a max of about 330 ports (more space and outlets required if you’re using external or redundant power supplies on the stackables for PoE).

9. Fiber Aggregation. Inter-building and intra-campus connections are usually fiber runs, so there’s a growing need to support additions of fibers aggregating in the core. There are a few specialty ‘aggregation’ stackable switches from various vendors, but they’re still fixed form, and often have a max of ~30 ports of those connections (1000-SX, 1000-LX/LH). In a standard 6- or 12-slot chassis, you can support up to 288 fiber uplinks in one switch. If you get one of Cisco’s Big Honkers, you can have over 600 SFP ports in one switch. You’d need about 20 of their stackables to match that.

8. The 10 Gig Craze. Over the past 18 months or so, we’re seeing a huge boom in 10GbE demand. Customers are using 10GbE copper (CX4) for high-speed server links and 10GbE fiber (usually over single mode) for connecting to other buildings, and for interlinks between primary and backup sites. The switch manufacturers are offering stackables with options for a 10GbE uplink or two, usually to connect the stackable back upstream. But they’re not really designed to, nor capable of, offering multiple 10GbE interlinks, either up or down stream. The 10 Gig story ties into our next item, fabric speed.

7. Fabric Speed. Here’s something most people don’t stop to think about. Because the chassis based systems can support a higher port density per switch, the fabric speed is much higher, giving a chassis much more performance potential. In fact, it can vary 700% from a stackable to a chassis in the same product family. Whether you are, or aren’t using all the modules/ports on a chassis, you’re probably getting much better throughput since manufacturers shoot for ‘non-blocking architecture’ in chassis- meaning they support wire speed throughout, so as not to over-subscribe the switch. Of course, if you fill that sucker up with 10GbE links… well that’s another story.

6. Power Consumption. There’s a certain amount of overhead for running a system- if you can share that overhead and distribute it over more ports, then you’re getting more bang for your power buck. If you just need a few ports in a remote closet, then you’re surely doing yourself a favor with a small stackable. However, if you’re talking about stacking (physically and virtually) and interconnecting a bunch of lil’uns to make a big’un, then just start with the big’un.

5. Management & Maintenance. I know what you’re going to say… and yes… I know you can stack almost any brand of switches to create a virtual switch stack, manageable by a single IP. But, there’s still an increase in management (and maintenance) overhead. Someone has to connect all those things and keep any updates and changes well documented. Personally, for whatever reason, I just don’t get that warm and fuzzy feeling from virtual stacks. When a stackable goes down, you have to disconnect it, de-rack it all, replace and reverse. With chassis, we generally provision a spare module for critical connections (uplinks, servers) already prepared with the proper VLANs and port attributes. So, if a module goes, the connections can be relocated to the provisioned spare in a matter of minutes, giving you minimal down time.

4. Expansion Flexibility. It happens to everyone. You just needed 34 10/100 ports there last year…. then six months later you needed at least 20 PoE ports, for VoIP phones and a couple of APs. Another nine months rolled by before you added another building, bringing your fiber port requirements to 5. Yesterday you acquired a company and the additional drops for the adopted employees brings your edge port count to 120… again, with more PoE needed for the additional phones. See where I’m going with this? You could have started with a 48-port 10/100 stackable, added on a 24-port PoE switch, thrown on a link aggregation switch and then stacked up a few more to give you 120 edge ports… orrrrrrrr… you could have started with a chassis and just added modules as needed.

3. Integrated Redundancy. I touched on a piece of this in number 5- Management, but there’s more to it. Chassis are designed to give you more flexibility and are therefore, a more suitable platform for incorporating a certain amount of integrated redundancy. Talk to your current switch rep and see if they have a chassis with options for dual fabric modules, redundant management or system modules- I bet they do. Now, ask them if you can get that in any of the stackables. Aside from a hot-swapable power supply and maybe a field-replaceable fan tray, I don’t think you’re going to find much in the way of native redundancy in your stackable.

2. Advanced R&D. A stackable is a fixed-form switch. You may have options for a couple of uplinks, and maybe even 10GbE, but that’s about it. It’s a WYHIWYG – what you Have is what you get- not much more thought and development is going into that switch. For a chassis on the other hand, manufacturers are usually pouring the majority of their switch R&D resources into thinking up new and amazing modules to make your mouth water and your wallet burst open with joy. Just wait- I bet these next couple of years will bring a rainbow of crazy and innovative switch modules… I can’t wait.

      and the Number 1 reason Chassis is Chic

1. They’re Hot! C’mon – just look at a little stackable next to a nice, 7U chassis with blinky lights brimming and multiple modules churning away at all the passing packets. Really- can you beat that? I sure don’t think so.

# # #

Tags: , , , ,   |  Posted under Network Niblets  |  Comments  No Comments
Juniper Switches: Refrigerator Art?
Last Updated on Saturday, 28 January 2012 07:09
Written by JJ
Thursday, January 31st, 2008

I’ve been reading, listening and collecting my thoughts on Juniper’s latest addition to their happy hardware family and I’ve reached a few conclusions. I’d have to give it all a B+… for Blown, way out of proportion (that’s the + part). (more…)

ProCurve PCM+ Quick Start Tips
Last Updated on Tuesday, 12 August 2008 03:35
Written by JJ
Wednesday, January 30th, 2008

Tips & Tricks: HP ProCurve PCM+ (ProCurve Manager Plus)

Occasionally I like to throw something useful out there- so here goes! Included are some tips and tricks for getting started with ProCurve’s PCM+. PCM is the management software for ProCurve Networking devices, switches, wireless and security. I’ll give you a brief overview of the available options and plug-ins at the end.

What to Install. When you install PCM+, other plug-ins are included in the install package, so you’ll be prompted to select which components to install. My advice- start with PCM+ only. Once you layer in the other plug-ins, the menus, options and views become intertwined and it’s hard to tell what’s a native PCM+ option, or something included in IDM, NIM or PMM (see end for plug in details). If you’ve already purchased licenses for one or more of the others, go ahead and install them. Otherwise, load PCM+, get used to it, then add a plug in. It’s the only way you’ll know if you want/need the additional features from the plug in.

Selecting a Start From Device. When you first install PCM or PCM+, it will ask for a ‘start from’ device, which is exactly what it sounds like- it’s a starting or seed device from which the network sweep will start. Generally, you want something close to the ‘root’ of the network tree- something in the center. Most likely, you have a mixed environment, with other equipment in the WAN or core area of the network. In these cases, we suggest you use a start from device that’s the ProCurve device closest to the core/WAN area, even if it’s a hop or two out from what you consider your core. If the management server you’re loading PCM on is directly attached to a ProCurve switch, that’s another good place to start. You can change this setting later under Preferences if your first choice isn’t working well for you.

Connecting PCM to You may have a reason you don’t want to do this, but barring that, I recommend customers select the option to link PCM+ to their MyProCurve account. MyProCurve provides some asset management and is how you download software and generate license keys for purchased software. If it’s linked to your PCM, it makes the transfer one step easier, keeps a correct inventory of your network devices and lets you set alerts when new software updates are available for your switch types.

Structure. Understanding the general structure will give you a good feel for where to find things. There are a variety of menus, each available in a variety of contexts. You can view information for a) the entire network, b) a group of switch series, c) a custom defined group, d) a specific switch and even e) a specific port (where applicable). If you’re looking for specific information, be sure you’re where you want to be in the left navigation pane- on the overview, on the group, or on a single switch.

Initial Configuration Scan. PCM will give you nice dashboard views of your switches at a glance, from the main dashboard, or a series of sub-boards. The information used for these tallies is incomplete until the device has undergone an initial Configuration Scan. Your pie charts may display unscanned switches as ‘other’. The Scan Device option is available from drop-down menus when you right click on device(s) and in the main tool menu (look for the wrench). You can set an optional comment for the scan- not required and not necessary for initial scans, but may be helpful when scanning after config changes. The Scan Device tool will pull down the current software version and all the configuration details. You can then see if all switches are up to current (or your preferred) firmware version and see a side by side comparison of the most recent configurations. You can perform a manual scan, or schedule scans for a single device or group of devices.

Network Map View. Click Network Map in the left navigation pane for an overall Network Map View. This view is a good ‘default view’ for checking out your network. Switches appear with green backgrounds when all is good. If you see yellow or red- you’ve got problems. When you’re in the Network Map view, you see the default option to the immediate left to view health based on Ping Status. If you have NIM loaded, you’ll see other security-related options in the drop down. In that same area, you can also select to view the switch connections based on other parameters, such as VLANs and link traffic. Other check boxes let you select to display labels for Port Numbers, Link Speed and Discovery Protocol (usually LLDP). Another nice option is the ‘save layout’ checkbox at the top of the screen. Use this to preserve your arrangement of switches in the view. (Note, each view will have its own saved version).

Checking Out the Switches. The best screens to start familiarizing yourself with PCM and the switch views would be under the device Dashboard tab. Dashboards are available in several contexts, your PCM main dashboard displays a variety of network information (and security details if NIM is installed). To view details for a particular switch, click on the switch (IP/name) from the left navigation pane and view the Dashboard tab. The main screen here will give you basic switch info, the friendly name you assigned it, it’s IP, serial number, firmware, etc. At the bottom of the Dashboard, you’ll see a generic photo of the switch model. You can click on this photo to connect directly to the switch’s Web GUI interface in a browser window. In that photo area in the PCM Dashboard is also a ‘Live View’ tab. Click this tab for a current look at active ports and an overview of which are drawing PoE. You can click on ports to view the assigned port name and properties. Note, the Live View requires Java, so if the image doesn’t display that’s the first thing to check.

VLAN Views. It’s easy to miss an uplink tag here or there along the way. A great way to check your VLANs at a glance is to use the Network Map > VLANs view. You can select an individual VLAN and look for any inter-switch links missing. There’s also a tab available at the top for Port Properties- which will show you all the tagged and untagged ports in that VLAN. A great troubleshooting tool if you have multiple VLANs and several switches.

Using Find Neighbors Of. I love the Find Neighbors tool- look for the binoculars icon. This lets you enter an IP or MAC address and find directly connected devices- whether they’re other switches, servers, desktops or other devices (APs, Phones, etc). It’s an easy way to view the connected devices, or map edge ports, such as servers, on a switch. The results will give you (among other things), port number, IP and DNS name (if applicable).

Traffic Views. Use the traffic views, either for the entire network under the main dashboards, or for a specific switch or group, to track down Ports Behaving Badly (maybe Ports Gone Wild?) anyway- it’s a great troubleshooting tool for finding traffic problems, oversubscribed links and even chatty NICs. You can drill down to specific ports and get some very detailed information on Tx, Rx and types of traffic- broadcast, multicast, protocol and such.

Managing from Your Desktop. PCM+ comes with a desktop agent that can be installed to operate PCM+ from your desktop (vs the server it’s installed on). Many customers choose to RDP into the server, but that’s not always the most reasonable solution, especially if multiple users are accessing PCM. Installing the desktop agent is easy- you simply download it by browsing to the secure web GUI. There is a trick though- you need to add your desktop to the list of allowed management PCs in PCM+. This is done in a basic text file (.txt) located in the PCM+ directory. Think of it as an allowed managers IP list on a switch. 

Troubleshooting. Software is never perfect. If you get pages hanging, you might try to just close and restart PCM+. If you start PCM+ and it “can’t find the PCM Server”, stop and restart the PCM-related services in Windows. If it appears new devices aren’t appearing or updating, go to Preferences > Discovery and stop, then start each of the discovery methods. If your switches aren’t connected in the Network Map, there are probably non-ProCurve devices between them that are hindering the discovery protocol(s) (ie ICMP may be turned off).


Plug-ins for PCM+. There are some pretty nifty options available for PCM+. All the software add-ins from ProCurve run as plug-ins to PCM+, offering a ‘single pane of glass’ view for network management. I’m giving you the 20-second drive-by version of each- feel free to find more at ProCurve’s site.

I’ll start with my favourite- Network Immunity Manager (NIM), which is a security add-in that collects and uses sFlow data for a network-wide analysis of traffic to identify anomalous behaviour actually take action at the port level. NIM can also interact with 3rd party security devices (firewalls) for more in-depth analysis. Next, check out ProCurve Mobility Manager (PMM) if you’re running ProCurve wireless solutions- including their light (WESM/Radio Port) or heavy AP (420/530) solutions. If you were using PMM 1.X, you’ll be delighted at several new features in the new 2.0 release. Last, but definitely not least is Identity Driven Manager (IDM), which installs and latches an agent to your RADIUS to offer a truly unique and full-featured user management solution. Set specific ACLs and QoS per user and enforce them throughout the network, instead of at a central point. You can get a free 30-day trial of any or all of these from ProCurve’s site. \

# # #

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- SearchSecurity
- TechTarget

Get Social



Enter your email address:

Delivered by FeedBurner