Human Infrastructure 360: Can Cisco Be Fixed?

AuthorAuthor

Drew Conry-Murray & Ethan Banks
June 27, 2024

THIS WEEK’S MUST-READ BLOGS 🤓

This is a detailed analysis of why Cisco’s share value hasn’t grown and why the company has lost the command and prestige it once had in the broader tech sector. The TL;DR is that Cisco is spending a lot of money on acquisitions that bloat the company’s portfolio without driving significant growth. The post also argues that Cisco has no vision or strategy—other than financial engineering and squeezing customers for all they’re worth. Recommendations include: reduce the number of network OSs on offer, streamline licensing, and provide more value to customers. It’s hard to find fault with that list.

That said, Cisco’s major competitors in the networking sector also aren’t demonstrating significant growth, particularly when compared to tech titans including Microsoft, Apple, and Nvidia. The build-out of the Internet and enterprise networking in the 90s and early 2000s, which drove the networking industry’s fortunes, is behind us. Cisco and its networking brethren are pinning their hopes on an AI tide to lift their boats. The reality is that these companies are sailing on a becalmed networking market, and likely will be for the foreseeable future. - Drew

Daniel asks and answers this question about not having anycast gateways before VXLAN. The blog is part design exercise and part history lesson, as the answer has to do with the differences between older core-distribution-access designs (and Spanning Tree Protocol) and today’s leaf-spine designs.  - Drew

This post is like a shot of whiskey: it burns all the way down. I’m bookmarking it to use as a corrective whenever I find myself falling under the influence of GenAI hype. You may want to do the same. As you might guess from the title, there are lots of swear words in use, so don’t have AI read it aloud to you at the office or in the car with your kids. - Drew

Allow me to needlessly add on that this piece is fantastic! A glorious, well-defended rant. - Ethan

Kaon Thana discusses the network design challenge around multi-cloud—resources in one cloud needing to talk to resources in another cloud. While your first response to this challenge might be “IPSEC tunnel across the Internet”, Kaon points out that common solution won’t work for all organizations. Kaon wanted a more nuanced answer.

“Can we architect a solution that:

  1. Decreases cloud egress costs

  2. Improves security posture by reducing the amount of public endpoints that don’t need to be exposed

  3. Integrates with the existing on premises data center network

  4. Improves network latency

While still maintaining the performance, reliability and agility of hosting workloads in the cloud…”

Look for an upcoming Heavy Networking podcast episode with Kaon where we dive into this post in more detail with him. - Ethan

Markku Leiniö discusses byte ordering and the significance of big- vs. little-endian. If these terms are new to you, they come up regularly when reviewing how data is encoded for transport between systems. This quick read will tell you what you need to know. - Ethan

Geoff Huston offers a tidy history of the DNS protocol. He explains the shortcomings of the simplistic early iterations and subsequent bolt-ons that have attempted to address those issues. He covers privacy, authenticity, query mechanisms, and delegation records. He also touches on other naming solutions, pointing out that DNS isn’t the only way to translate human-readable names into machine-friendly addresses. - Ethan

REMINDER: The Fat Pipe Is Going On A Diet!

We created the Fat Pipe podcast feed for listeners who wanted ALL THE PODCASTS! This made sense when we had three or four shows. Now that we’re up to eight podcasts and counting, the Fat Pipe has become overwhelming.

So we’re putting it on a diet. By September, this feed will carry Heavy Networking, Network Break, and Day Two Cloud. If a podcast you like isn’t on that list, we encourage you to subscribe individually at packetpushers.net or in your favorite podcatcher. Here’s the schedule for the Fat Pipe diet:

TECH NEWS 📣

The “Move fast, break stuff” ethos of Silicon Valley should not be applied to generative AI. Setting aside GenAI’s cavalier ingestion and regurgitation of copyrighted material without acknowledgement of or compensation for copyright holders, the possibilities for mischief, misuse, and harm with tools like voice cloning are too great to be guided solely by the moral compasses of blitzscalers and disruptors.

Proof News surveyed eight voice cloning tools and found that most of them “make little or no effort to ensure the voices being cloned belong to consenting adult humans. While many of the companies have terms of service that explicitly prohibit copyright infringement and misuse, in many cases there are few — if any — practical hurdles preventing someone from cloning a voice nonconsensually.”

Voice cloning makes it easy to spoof the voices of actors, musicians, politicians, and public figures to misinform and deceive people. As for regular citizens, non-consensual voice cloning could easily become a tool for scammers, stalkers, and abusers. I suppose there may be a handful of positive use cases for this technology, but it’s a lot easier to see the negative ones. Given that, these companies should be much more responsible with their services.  - Drew

Microsoft’s Project Natick placed giant tubes under the North Sea off the Scottish coast. The project was less about the feasibility of running data centers underwater, and more about seeing what could be learned running compute in such a novel environment. For instance, MS experimented with filling the tubes with nitrogen instead of oxygen to reduce component degradation. MS also observed a failure rate about an eighth of a typical data center. - Ethan

The story here is one of fighting between KT Corporation, a large telecom in South Korea, and Korean cloud provider Webhard. Webhard provides the Grid Program, a bittorrent file sharing program popular with lots of folks. If you know the bittorrent model, you know that all torrent participants share pieces of files with each other, distributing the load instead of consolidating file distribution from a central server. This was Webgrid’s intent - to avoid having to build out centralized server infrastructure.

Since Grid Program traffic was causing significant load for KT, KT had in the past taken Webhard to court…and won a judgment against Webhard. KT was allowed to block Grid Program traffic. But that’s not what KT did. Instead, KT went full nuclear, installing malware on the systems of Grid Program users that not only disabled Grid, but also damaged their PCs.

“The authorities say that KT may have violated South Korean laws, including the Protection of Communications Secrets Act and the Information and Communications Network Act. They’ve since identified and charged 13 individuals, including KT employees and subcontractors directly connected to the malware attack last November, but the investigations continue today.” - Ethan

FOR THE LULZ 🤣

RESEARCH & RESOURCES 📒

Mason made a thing and is sharing it with the community. He says, “My free SD-Access workbook will take you from beginner to feeling comfortable with SDA. The workbook challenges you to build the fabric yourself by giving each step of building the fabric as a lab task for you to complete with a complete answer key at the end of the book.

A prerequisite to the workbook is having CML, DNA, and ISE installed. You can also use EVE-NG but there are some odd performance issues I’ve experienced, and you will have to manually build the topology from the workbook.”

You’re also going to need a chonkin’ big system to run the SDA lab on. Mason says the requirements are about “380GB of RAM, 80 CPU cores, and 3TB of SSD storage.” Oh my! - Ethan

Wendell spends 30 minutes explaining spanning-tree protocol to you. He says that this lecture corresponds to the Cisco Press CCNA Cert Guide, Volume 1 - Chapter 9 - Section 1. If you’re not aware of Wendell Odom, he’s been a networking trainer for as long as I can remember. His YouTube videos are an outstanding resource using slides and diagrams to accompany his lecture. - Ethan

Ivan Pepelnjak has made 2 quick releases of netlab this month.

  • 1.83 adds RIPv2 support as well as “support for BGP route servers (and route server clients), BGP Link Bandwidth community, and OSPF/BGP validation plugins for Arista EOS, Cumulus Linux and FRR.”

  • 1.84 adds support for vrnetlab containers and the Cisco Catalyst 8000v image.

More detail in the netlab 1.8 release notes page. - Ethan

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

A forthcoming version of Juniper’s JunOS (23.4R2) will include a new ability to convey port speeds and make that information known to network devices via BGP. From the post: “The BGP protocol lacks a built-in mechanism to factor in link bandwidth when calculating paths, unlike IGP protocols such as ISIS and OSPF. While internal networks can utilize underlay protocols like RSVP/SR for traffic engineering, connections between ISPs rely solely on eBGP. This presents challenges when managing multiple links with varying speeds and multipath configurations, resulting in uneven traffic distribution across links and potential packet loss. The goal is to address this issue locally and establish a method to communicate link speeds to remote peers, enabling better optimization of traffic distribution for load balancing.” - Drew

Seagate opened a storefront on eBay to sell refurbished gear. I found it here. And yep, you can get refurb 22TB drives for $311.99USD. The model is “Exos X22 ST22000NM001E 22TB 512E SATA 6Gb/s 3.5" Enterprise Hard Drive”. As best as I can tell, not having spec’d drives for a while (old builds still running strong), the Exos X series is among the best spinning rust Seagate offers.

That said, it looks like the HDD price per TB across the industry is more compelling for 18TB or 20TB HDDs, which Seagate also offers. - Ethan

The Cisco Certified Design Expert - AI comes in February 2025 and tackles the unique requirements of networks supporting AI workloads. Ross Heintzkill reports, “The CCDE-AI Infrastructure will have four main domains:

  • AI, Machine Learning, Compliance and Governance: This will cover different use cases for AI and how a network can be designed to accommodate them. It will also look at regulations related to data sovereignty and data locality, as well as energy use and cost optimization concerns.

  • Network: Mostly focusing on the properties and functions that an AI-optimized network provides, this section will also touch on connectivity models and ensuring sufficient bandwidth.

  • Security: The especially complex nature of AI networks means security has to be built into the infrastructure from the design stage, not implemented later on. This section covers the skills, techniques and tools that can keep AI networks safe.

  • Hardware and Environment: This section will cover the different hardware configurations that can run AI, how to differentiate between them, and how to choose the best one for different business needs. This section will also cover storage options, log analysis, and correlation tools.”

Supposedly, this will be a vendor-neutral cert, something Cisco has steered away from in recent years in their cert programs. If CCDE-AI is indeed vendor-agnostic, it would be a welcome return to the original intent of the DE program. - Ethan

LAST LAUGH 😆