Loopback Filter with Truman Boyes

The trip to China and Hong Kong was quick but a lot was accomplished. The trip to South Korea was canceled as the meetings were not finalized. In any case this worked out well, stayed an extra day in Beijing with a friend, and got to see a local perspective on eats and checked the local area. It was a good trip to China.

I presented some ideas on large DC designs, primarily discussing some ideas around linking large IDCs together. MPLS VPNs (L3VPNs and L2VPNS) are usually the most straight-forward. You get the things you want on costly transit links such as QoS, Traffic Engineering, Load Balancing (ECMP, etc), and you also have the ability to handle overlapping address spaces in the event that you want to use the same addresses on machines in the production and staging areas of the provider network. Now what if there is only Internet connectivity between the DCs in either a primary or backup sense, is there still a way to deploy MPLS to link the DCs? Yes, it is quite feasible to use MPLS over GRE, and if you really needed encryption, you could even have MPLS over GRE, over IPSEC. The overhead is not nice, but it works.

It is worth pointing out that QoS and Traffic Engineering are not really feasible in an end-to-end approach when the tunnel is over GRE tunnels since the traffic will pass over a pure IP network that works in a best-effort basis.

We also discussed the use of Hadoop as a means to perform distributed computing on a large scale. All the big boys use Hadoop including Baidu, AWS, Alibaba, AOL, etc. The ideas that Hadoop presents are quite impressive. Take for example that they wrote a filesystem (HDFS) that is fully distributed across hundreds or even thousands of nodes, and uses the stock standard disks inside each machine because the IOPS are much higher than using a SAN. The idea is that it is easier to move the computation than it is to move data. I couldn’t agree more.

The web is an interesting organic creature that becomes every more complex and interactive, requiring accounts, registrations, API credentials, DNS names, and we need to remember all the steps that we take or have taken to “make something happen”. Take for example blogging; if you are a do-it-yourself sort of person then you likely have a copy of wordpress running on a virtual private server somewhere where you download plugins and themes, and with these plugins that allow you to talk to other sites you need to provide API credentials to use these other “application” or service sites. It takes time in making it all work. I am not complaining in the least. I do however find it interesting to take a step back and think about how many layers to this onion we are creating, and it is quite magical to see in the forums that everyday people are getting it. They are using services like bit.ly and wordpress.com stats or google analytics and google adsense, and possibly registering with Amazon Web Services so they can have automatic product and ISBN lookups and associations with their affiliate IDs so they make a few bucks when someone buys the book that they recommend in their book review.

In other news, I ate some of the best sushi today from Ginger Sushi in Fanwood, NJ. Absolutely fantastic sushi and sashimi; and the octopus was quite tasty.

What else is happening, well I have been looking at the Python framework called libcloud which is a unified framework for connecting and controlling instances in the cloud. It works on many of the large cloud providers including AWS EC2 and many of the white label cloud providers as well. Why would you want to use this? Well it would provide a provider agnostic way to orchestrate your services across numerous different environments and allow you as an engineer to focus on creating services at the abstraction layer instead of at the driver level where there are plenty of complexities that are not worth the time to understand when you need to get services up. Simply put, this is a tool and I think it will get a lot of traction.

Tomorrow we are doing a dinner party to help my sister and my future brother in law to select the wines that they will choose for their wedding reception. It’s going to be a good time tomorrow as we make it through the 6+ bottles of vino.

I have always been a fan of vi, but now I am loving getting back into it with macvim. Because it has a GUI and allows for all the vim key mappings, it really is the best of both worlds. I am working on getting content written for a Juniper Day One booklet that will discuss running JUNOS in the cloud. It’s awesome.