Skip Links

Windows XP: Goodbye and Good Riddance

If you are still running Windows XP, your organization has bigger problems
Submitted by Scott Hogg on Mon, 03/31/14 - 6:37pm.

There has been much written recently about the end of support for Windows XP on April 8, 2014.  There are concerns about security vulnerabilities that will be used after Microsoft stops patching the operating system.  However, if your organizations is still using Windows XP 13 years after its initial release, you have some more serious issues to address.  The hardware XP computers have could not support

Read more

Not your Father’s Flow Export Protocol (Part 2)

What is AppFlow and how does it differ from other flow analysis protocols?
Submitted by Scott Hogg on Wed, 03/19/14 - 6:52pm.

In the previous article we covered how NetFlow, IPFIX and the variety of other flow export protocols can be used to give us some application traffic visibility.  However, nothing gives as much detail as raw packet decode.  A new protocol called AppFlow may hold some promise of giving administrators the data they need while still working in a hybrid topology environment.  AppFlow, which if compatible with IPFIX, provides those appl

Read more

Your Father’s Flow Export Protocol (Part 1)

History of flow analysis protocols and how we use them
Submitted by Scott Hogg on Fri, 03/14/14 - 10:34am.

You may be familiar with NetFlow, IPFIX and other similar protocols like J-Flow and sFlow.  These protocols provide useful insight into traffic mix and communities of interest.  However, these protocols do not contain the application-layer details that some administrators desire.  IT administrators need more application-level visibility to be able to perform Application Performance Management (

Read more

The erosion of IT's middle class

Evolve your career with the changing face of IT, or risk getting left behind
Submitted by Scott Hogg on Tue, 02/18/14 - 11:46am.

As new technologies continue to emerge in the network, the need for highly skilled IT administration resources will grow just as well.

However, the advent of Software Defined Networking (SDN), cloud systems, and orchestration software means many mundane tasks will become automated. If your day is mainly made up of those mundane tasks, then you should be worried about the future of your career.

Read more

Clos Networks: What's Old Is New Again

What goes around, comes around – Clos Networks are back
Submitted by Scott Hogg on Sat, 01/11/14 - 1:29pm.

Clos networks were first created in the mid-1950s as a method to switch telephone calls. Clos networks evolved into crossbar topologies and eventually into chassis-based Ethernet switches using a crossbar switching fabric. Now Clos networks are being used in modern data center networking architectures to achieve high performance and resiliency. This concept has been around for many years and it is now a key architectural model for data center networking. It is fascinating how concepts reemerge again and again in the history of networking.

Read more

Using SDN to Create a Packet Monitoring System

Packet-level Monitoring Use Case with Cisco XNC and Monitor Manager
Submitted by Scott Hogg on Sun, 12/15/13 - 9:31am.

Because of the limitations of SPAN/monitor ports on switches, organizations have turned to using taps and packet monitoring switches.  These solutions can be expensive which has lead companies to look for alternatives.  Establishing a packet monitoring system is one of the use cases for Software-Defined Networking (SDN).  This solution uses lowe

Read more

gogoNET LIVE 4! IPv6 Conference Recap

IPv6 conference provide information to both physical and virtual attendees
Submitted by Scott Hogg on Sun, 11/17/13 - 6:55pm.

There have been many IPv6-related conferences, seminars, and events over the past decade. These events have aimed to educate the attendees about IPv6 and the potential of the maturing Internet protocol. This year’s gogoNET IPv6 conference shows just how far these events have come. The gogoNET LIVE! events have also evolved into a hybrid on-site and virtual event that brings the conference proceedings to the widest audience.

Read more

Dual-Protocol Routing with Raspberry Pi

Using a Raspberry Pi as a low-cost dual-protocol router
Submitted by Scott Hogg on Tue, 11/12/13 - 12:04am.

Network Engineers are always looking for new ways to gain some low-cost network testing capabilities.  Few companies sufficiently fund networking labs for their networking teams to learn on prior to deployment.  Many have use Cisco IOS hypervisors on laptops using the Graphical Network Simulator (GNS3), Dynagen and Dynamips that allow experimentation and learning.  While you wait for Cisco’s

Read more

Raspberry Pi as a Network Monitoring Node

Using an inexpensive Raspberry Pi system for remote network troubleshooting
Submitted by Scott Hogg on Wed, 10/30/13 - 3:07pm.

Read more

Understand and Obey the Laws of Networking

Ignorance of the laws of networking is no excuse.
Submitted by Scott Hogg on Sat, 10/05/13 - 3:09pm.

There are several universal laws in the networking world that we must all abide by. Understanding these laws gives us deeper insight into the connected world we live in. Like civil law, in some cases these laws are not necessarily meant to be broken. Other laws just beg to be broken in an attempt to innovate network technologies. Here are the laws of the physical networking universe that is continually expanding.

Metcalfe's Law

Read more

OSPFv3 for IPv4 and IPv6

Cisco IOS support for OSPFv3 for multiple address families
Submitted by Scott Hogg on Mon, 09/02/13 - 10:17am.

Many enterprises use OSPF version 2 for their internal IPv4 routing protocol. OSPF has gone through changes over the years and the protocol has been adapted to work with IPv6. As organizations start to contemplate how they will deploy IPv6 at their Internet perimeters and within their enterprise networks they should be aware of OSPF version 3 and how it differs from what they are familiar with.

Read more

IPv6 Network Management

Consider how you will manage IPv6 as you prepare to deploy it
Submitted by Scott Hogg on Wed, 07/24/13 - 12:41pm.

Good engineering practices dictate that when we prepare to build something we must plan for the long-term operations. Having the ability to properly manage the technology after it is deployed will ensure its longevity. If the system is neglected, it will become unreliable and eventually fail. There are many organizations that have deployed IPv6 at their Internet perimeters, yet they lack the ability to manage the usage of this new protocol.

Read more

Mobile Devices and BYOD are Driving IPv6 Adoption

A mobile population needs IP addresses to communicate
Submitted by Scott Hogg on Mon, 06/24/13 - 11:50am.

In 2013, it is expected that the number of mobile devices will exceed the number of people. Each of these devices will need an IP address to reach content on the Internet. The Bring Your Own Device (BYOD) movement is driving the need for more ubiquitous connectivity to support a mobile workforce. Even though some content providers have deployed IPv6, the vast majority of content remains reachable over IPv4-only.

Read more

Jumbo Frames

Does your network support Jumbo Frames and should you enable it?
Submitted by Scott Hogg on Mon, 06/03/13 - 11:51am.

Many networks use 1500-byte MTU size, but the MTU size can be reduced by encapsulation, tunneling or other overlay network protocols. These situations reduce the end-to-end effective MTU size which reduces throughput and network efficiency and sometimes causes application problems. Many network devices now support larger sizes of Ethernet frames and use of Jumbo Frames is becoming more common. This article covers how to determine if your network is capable of using Jumbo Frames and if you should enable this feature.

Read more

MTU Size Issues

Issues related to MTU size, PMTUD and packet fragmentation
Submitted by Scott Hogg on Sat, 05/18/13 - 1:07pm.

The Maximum Transmission Unit (MTU) is the largest number of bytes an individual datagram can have on a particular data communications link. When encapsulation, encryption or overlay network protocols are used the end-to-end effective MTU size is reduced. Some applications may not work well with the reduced MTU size and fail to perform Path MTU Discovery. In response, it would be nice to be able to increase the MTU size of the network links.


MTU Size

Read more

Life in a Dual Stack World

What life might be like when we are using two Internet protocols?
Submitted by Scott Hogg on Tue, 04/23/13 - 8:47pm.

Last week was the 2013 North American IPv6 Summit conference. This was the 6th year of the IPv6 conference held in Denver, CO. One of the items that all attendees received at the registration booth was an IPv6 Buddy keypad. This got people thinking about what other changes we might expect to experience as we move into a dual-protocol Internet world.

Picture of my new little IPv6 Buddy.

Read more

Kali Linux: The Next BackTrack

The most popular open source pen testing distribution just got better
Submitted by Scott Hogg on Sun, 03/24/13 - 1:53pm.

Security professionals have been relying on the BackTrack security distribution for many years to help them perform their assessments. The industry has been waiting for the next major release of BackTrack. However, the creators of BackTrack have gone in a new direction and created Kali Linux.

RELATED: A visual history of Linux

Read more

Using Dual Protocol for SIEMs Evasion

Attackers using IPv4 and IPv6 can avoid detection by IPS, SIEMs, reputation filtering, and more
Submitted by Scott Hogg on Sun, 02/24/13 - 12:51pm.

It is just a fact of life that attackers and defenders are now operating in a dual-protocol world. With the addition of IPv6, attackers are learning new tricks and defenders will need to anticipate and protect against those new attacks. Attackers will try to use IPv4 and IPv6, each alone or in combination, for their exploits. We can predict that attacks will use a combination of IPv4 and IPv6 in a way that could allow an attacker to avoid detection by today's protection mechanisms.

Read more

Core Networking and Security 100th Blog Post

Four years of blogging about Core Networking and Security (and IPv6)
Submitted by Scott Hogg on Sun, 02/03/13 - 6:34pm.

This is my 100th blog post for the Network World Cisco Subnet community. As I reflect on the last four years of writing this blog, I think about the fun I've had sharing ideas with you and hearing your feedback. In this blog I list the most popular articles and review how IPv6 adoption has changed over the years. I share with you my writing process and ask for your input on future blogs.

Most Popular Blog Topics

Read more

IPv6 Certifications

If you are pursuing an IT certification in 2013, IPv6 questions may be on the test
Submitted by Scott Hogg on Sat, 01/26/13 - 10:48am.

Many networking, systems and security engineers have been studying IPv6-related topics for many years. You may be wondering if you can get a certification to show for all the time and effort you have spent learning IPv6. IPv6 has been incorporated into vendor certifications and other non-vendor IPv6-specific certifications. You can work toward attaining these certifications to show your current or future employer that you possess IPv6 knowledge and skills.

Vendor-Specific IPv6 Certifications:

Read more

Blog Roll
Hogg Networking