Author Archives: @mfp

As I sit here on a wonderful summer’s eve somewhere in the middle of Sweden I realize that I’m just a few days short of my 14th anniversary as a full time employee within the IT-business. I add my years as self employed teenage enthusiast before that and I reach a second realization: I’m a veteran. Sure, it’s not a lot compared to other industries but one must also remember that the IT-business is somewhat different to others. Everything moves so fast. Innovations happens every day. New buzz words frequently pops up. Some dies out soon but some move on to become some sort of standard in a world where standards are out dated before they are agreed upon.

Ok, I may be a bit over dramatic and just a wee bit over the top nostalgic. But at the same time there’s no denying it, things are moving so fast and to stay updated one must spend a very significant amount of time keeping up. As you move up the ladder, unwillingly or not, you get less and less time for tech. I find that to be quite sad and I intend to do something about it.

Screenshot of a cure for headache

A follow up to my previous post. After a total of three different support cases as well as probably around 20 people involved the issue is finally resolved. After EXCELLENT Customer Care from the last TAC Engineer and an escalation to the Business Unit I today finally received a working license file.

I am not very happy about the tone in some of my own correspondence. I’ve been on the receiving end of support calls enough times to know how frustrating it can be for the support engineer. But on the other hand, I’ve never before experience such poor handling of a customer so I must say that it was warranted. Truth be told I could have been much harsher.

Screen Shot 2013-02-21 at 18.13.17

 

Customer Care.. or the lack of it

Those who know me and/or follows me on Twitter knows that I’m an Apple and Cisco fanboy. Here’s a summary of a week with three events that put a serious dent in my until now flawless marriage with Cisco.

1) Internal issues or just broken Cisco Databases?

Customer #1 runs LMS 4.0. They want to upgrade to LMS 4.2 as well as start looking at Prime Infrastructure. To be able to upgrade licenses their Service Contract number needs to be connected to their CCO account. For some reason this can’t be done. I can’t really put the blame on Cisco as it might very well be internal processes at my own company. But I do believe that there is actually something wrong with Cisco databases. I have been trying to get this working for a month with no success. How hard can it be?
Continue reading

Design your network BEFORE you buy it

How would you go about building a house? Would you buy building materials and the equipment you think you will need and then start building hoping that it will turn out ok? Or possibly even make some drawings based on what you have purchased before picking up the hammer? If the drawings shows that you have forgotten something important, would you then buy the missing parts even though you have spent your budget? Or maybe just try to build around it?
Continue reading

Laser in ze eyes – EPI-LASIK

Here’s description of my experience from yesterdays eye surgery. It’s in swedish because right now I can’t be ar*ed to rewrite it in english. Pardon my laziness as well as my inability stay on-topic in this blog 😉

Innan jag bestämde mig för att göra detta kollade jag runt bland vänner och bekanta. I efterhand upplever jag att jag inte riktigt fick en rättvisande beskrivning av hur det kunde vara så här kommer min beskrivning.
Continue reading

Multicast PIM-DM Acrobatics

Imagine a network looking like this:

Green boxes symbolize a small portion of two different MANs under the same management. Each city is running PIM-SM with their own RP. The cities interconnect with BGP and MSDP.
City1-R1 is directly attached to an IP-TV Service Provider. There is no PIM neighborship, the SP is just flooding all their streams out the interface connected to City1-R1.
Everything is working just fine in City1. The streams are visible in the Multicast routing table and customers all over the city can view the different channels. The MAN operator now wants customers in City 2 to be able to watch the same channels. This should be possible since they have a working MSDP connection. But of course it doesn’t work because that’s how it is in our wonderful world. Things don’t work(tm). City2-R1 (RP) lacks the SAs from the Service Provider. Looking at the mroute table on City1-R1 reveals the following sample

#sh ip mroute 233.x.y.z

IP Multicast Routing Table

Flags: D – Dense, S – Sparse, B – Bidir Group, s – SSM Group, C – Connected,

       L – Local, P – Pruned, R – RP-bit set, F – Register flag,
       T – SPT-bit set, J – Join SPT, M – MSDP created entry, E – Extranet,
       X – Proxy Join Timer Running, A – Candidate for MSDP Advertisement,
       U – URD, I – Received Source Specific Host Report,
       Z – Multicast Tunnel, z – MDT-data group sender,
       Y – Joined MDT-data group, y – Sending to MDT-data group
       V – RD & Vector, v – Vector
Outgoing interface flags: H – Hardware switched, A – Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 233.x.y.z), 7w0d/00:02:34, RP 10.x.y.z, flags: SJC
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    Vlan42, Forward/Sparse, 00:41:21/00:02:30
    Port-channel70, Forward/Sparse, 11w0d/00:02:34
(a.valid.source.1.1.1.1, 233.x.y.z), 1w5d/00:03:27, flags: T
  Incoming interface: Vlan42, RPF nbr validNbr, RPF-MFD
  Outgoing interface list:
    Port-channel70, Forward/Sparse, 1w5d/00:02:40, 

Spot the flags for the S,G entry.  We are missing the A or M flags. This entry will not be propagated using MSDP. The first solution seems to be to just ask to get a MSDP connection with the Provider (will give the M-flag = propagation will occur) but this was not possible. The provider gave an explanation with some acceptable (..weeell..) arguments so we had to find a different solution.

This is when it becomes painfully obvious that Multicast is a bit of a black hole. There’s not a lot of resources out there. Well that’s not entirely true. There are resources but there’s not a lot of real world examples. The solution finally seems to appear when an operator of the MAN remembers that he saw something about dense-mode during an Advanced Multicast session at CLEUR2012. After some digging we find that there’s an add-on to ip pim dense-mode. Proxy register! From documentation:

Dense Mode with Proxy Registering
For a router in a PIM sparse mode (PIM-SM) domain configured to operate in sparse mode or sparse-dense mode, the ip pim dense-mode proxy-register command must be configured on the interface leading toward the bordering dense mode region. This configuration will enable the router to register traffic from the dense mode region with the rendezvous point (RP) in the sparse mode domain.

So we change from ip pim sparse-mode to ip pim dense-mode proxy-register on the interface facing the provider and whoop. A new show ip mroute:

#sh ip mroute 233.x.y.z

IP Multicast Routing Table

Flags: D – Dense, S – Sparse, B – Bidir Group, s – SSM Group, C – Connected,

       L – Local, P – Pruned, R – RP-bit set, F – Register flag,

       T – SPT-bit set, J – Join SPT, M – MSDP created entry, E – Extranet,
       X – Proxy Join Timer Running, A – Candidate for MSDP Advertisement,
       U – URD, I – Received Source Specific Host Report,
       Z – Multicast Tunnel, z – MDT-data group sender,
       Y – Joined MDT-data group, y – Sending to MDT-data group
       V – RD & Vector, v – Vector

 

Outgoing interface flags: H – Hardware switched, A – Assert winner

Timers: Uptime/Expires

Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 233.x.y.z), 7w0d/00:02:51, RP 10.x.y.z, flags: SJC
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    Vlan42, Forward/Dense, 10:35:15/00:00:00
    Port-channel70, Forward/Sparse, 5w0d/00:02:51

(a.valid.source.1.1.1.1, 233.x.y.z), 5d23h/00:03:23, flags: TA  Incoming interface: Vlan42, RPF nbr validNbr, Mroute, RPF-MFD
  Outgoing interface list:
    Port-channel70, Forward/Sparse, 5d23h/00:03:01, H

Spot the flags. We now have an A which means that it will be sent to MSDP peers and verification on City2-R1 shows:

#sh ip msdp sa-cache 233.x.y.zMSDP Source-Active Cache – 1 entries for 233.x.y.z(validsource.1.1.1, 233.x.y.z), RP 10.11.254.2, BGP/AS 65001, 00:01:40/00:05:16, Peer 10.x.y.z 

 


#sh ip mroute 233.x.y.z

 

 

(*, 233.x.y.z), 00:02:53/00:02:36, RP 10.x.y.z, flags: S  Incoming interface: Null, RPF nbr 0.0.0.0  Outgoing interface list:    GigabitEthernet1/36, Forward/Sparse, 00:02:53/00:02:36
 

(validsource.1.1.1.1, 233.x.y.z), 00:02:53/00:03:21, flags: MT  Incoming interface: Vlan2002, RPF nbr validNbr, Mroute, RPF-MFD   

Outgoing interface list:    GigabitEthernet1/36, Forward/Sparse, 00:02:53/00:02:36, H

There we go. dense-mode proxy-register solved the issue and customers in City2 can now view the channels. Note that this is a workaround solution implemented while waiting for the provider to be able to setup MSDP connections.

Cisco Live Europe 2012

The Event

CLEUR 2012 was a LOT better than 2011. They had redone the entire venue from last year. Last year the venue felt extremely large (which it is) because there was so much walking about and while walking between different areas there were no real sense of continuity. For 2012 they had obviously given it more thought. Everything felt more like one (extremely) large area instead of several different islands who just happened to be in the same (extremely) large building.

CLEUR 2011 also left a lot of people hungry because quite frankly, the food was utterly worthless. I’m sorry England but you have no sense of taste what so ever. I’m guessing that quite a few people expressed this in the event review afterwards. This year they had given it more effort and I have to say that none of the lunches attached themselves in my memory. That might not sound good but remember that we’re talking about lunch for oh I don’t know how many, around 7k? It’s impossible to serve something that anyone will remember as one of the top 5, 10 or even 100 experiences of their lives. Look at it from the other angle instead, if I don’t remember the lunches they can’t have been bad, right? Well done! 

But same as last year, there’s just not enough coffee available. I realize that they don’t want to serve coffee outside of the breakout rooms because they of course want the people to move down to the World of Solutions. They need to have people there or no one will pay for a booth next year. That’s all understandable and acceptable. BUT! With only one escalator going each way to/from the breakouts and World of Solutions as well as a pretty damn long walk it takes better part of a 30 min break to just do a coffee raid. And what’s with not even having coffee in the World of Solutions at the lunch break? Official response from @CiscoLiveEurope was that there would be Coffee at 3 pm. Guys, seriously. We swedes need our own coffee container!

Keynotes

I barely remember what Padmasree Warrior talked about. The entire speech felt more like something aimed at management and not the more technical types who I am sure makes up at least 98% of the attendees. We’re not interested in fluff. Fluff is for those who don’t understand what’s really going on. Yes, I’m talking about management.

Dave Evans gave the second keynote. It was slightly more interesting but I think he left his charisma in some sort of jet lag or something. Don’t look at the floor! Change your tone now and then! And be more prepared when you “interview” the guest speaker.

Richard Noble from Bloodhound Project was guest speaker during the second keynote. Excellent! He was way more charismatic than Dave and I would really have liked to hear more about the Bloodhound project!

So in summary: this years keynotes lands at the bottom in the list of Live’s I’ve attended (only 3 so still Bronze, I guess).

Breakouts


It was much harder to schedule my breakouts this year. Probably because it was my third time in four years. I skipped a lot of sessions because they felt like something I’ve heard before. But as always there were a couple of good sessions. I especially liked the session about IPv6 security. I wish I hadn’t changed form Advanced LISP to Carrier Ethernet as techtorial. I’ve been to three techtorials now and the best one was my first. It was about Datacenter and they did about 60 min (?) of talking followed by 15 min of demo about what they had just talked about and then on to the next subject. The other two were pretty much 98% talk and 2% demo. That’s not a good setup for a 9 hour day. It needs to be more alive. I will have to think very hard about a techtorial next year. It’s not worth the 500 extra quid for about as many extra slides.

Summary


All in all I’m happy with the week. 8.5 routers out of 10. I can’t really think of anything they could do to make it better. At least not something that is likely. More escalators would be a nice surprise, I guess. I feel a bit Cisco-Live-saturated and as it is right now I don’t feel like going next year. But I know that will change I will most likely be back in London this time next year.

So yeah, apart from not having coffee CLEUR 2012 was a VERY well planned and designed. Well done!