Tech:Server's own NMS
Our friends in Tech:Server have their own network monitoring/management system, simply called NMS.
You can take a look for yourself: http://nms-public.tg12.gathering.org/
Tech:Server also configures and do most of the management on all of the D-Link DGS-3100 switches for us. (Thanks by the way! <3)
We have a wireless network in addition to the wired.
There are access points through the ship, so coverage should be good. Due to a large amount of devices, “rogue” networks and normal interference we recommend using 802.11a for best performance!
The network is not encrypted and the SSID is broadcasting as “TG12-WLAN”.
By the way, if you see one of these blinking – think of us. (One of our crewmembers wrote disco.pl to make them blink – and we might use it when we’re bored!)
Some of you have asked for a look at this years network design…
I’ve just updated our drawings: This is the current (and working) design for our main network.
TG12-design as of 18:00 CEST 05. April 2012
All participants are connected to either CoreNGW or CoreSGW via D-Link DGS-3100-48 switches.
(Update: I forgot some changes earlier 
We’ve been a bit busy these last days. The network is working and I’d like to present our weathermap.
TG12-weathermap
It’s available at http://stats.tg12.gathering.org
Greetings from The Ship.
We just up loaded some pictures for you to look at while waiting.
Enjoy!
Network design version 0.2a (click for big):
Gallery has been updated with some new pictures.
So today we got the equipment for TG12 – unwrapped and verified that everything has arrived!
As the most observant of you might notice; we are running Nexus7009 in the core this year!
Daniel here will provide more details on the design as soon as we can get him down from his new throne.
Looking through the feature navigator I stumbled upon the new IOS shell that has been integrated into IOS releases 15.1(4)M, 15.1(2)S and onward. Finally one might be able to do some scripting without learning TCL, trust me, this is a good thing.
Continue reading…
Part one of this series is located here
Continuing from the previous post, we will continue looking at potential scenarios we have taken into account when designing the network. Apologies for the slightly different diagrams, as this is created on a different computer.
Link aggregation towards the edge switches from the core
One would think this to be an easy process – just bundle ports on both ends, and you are good to go.
However, things get a little bit more complicated when having to deal with edge devices where “everyone” have access to the cables, and having our edge switches sort of working against us.
Our solution: Layer 3 port channels, LACP and a perl script.
Let me explain:
A normal link bundle scenario would look like this:
Configuration wise, from the Cisco side, one could use “channel group X mode on”, which bundles the ports and load balances packets over the two links. Similarly on the D-link side, one would configure a link bundle without any channel protocol.
This would work fine, if we had full control of the cabling at all times, but as you can imagine – we do not.
Lets say somebody moves one of the uplink cables to a port configured for an end host. If you do not run any channel protocol, you would end up in a scenario where mac addresses would flap between the different ports, and depending on your design might miss their VLAN tag. Needless to say, this would be BAD, and most of the time would not work at all.
To help with this, we run LACP. On a Cisco device, this is configured as “channel-group x mode active/passive” on the member interfaces (refer to the config pack for examples). The way LACP works is that one or both of the devices participating in the link bundle actively tries to form a neighbor relationship with the other device on a per-port basis. If negotiation fails, on a Layer 2 port channel, the links will come up in “stand-alone” mode. This would be equivalent to a normal Spanning-tree design with one blocking and one forwarding port:
If negotiation is successful, the switch will bundle its ports into one logical port, and load-balance between them.
Sounds all good, doesn’t it? We’ll use LACP!…
Well, there is a slight problem. Remember the D-links? They drop our BPDUs by default. Thus, both links will go forwarding if the device is reset or configured with its default config, and we would have a loop regardless.
So, what we need is a way to suspend the ports, should the switch be configured with its factory default configuration.
There is one way that we have found to be working though. Ciscos LACP implementation operate in a slightly different manner when your port-channel interface is configured with “no switchport”.
This command effectively makes the port a “router” port (or a layer 3 port), which has no understanding of spanning-tree. If spanning-tree is not available, the switch has no way of detecting a loop, thus it has to assume the worst, and keep the interfaces suspended until channel negotiation in LACP is performed and agreed upon.
Our configuration script configures all this in order:
This process, combined with clever use of the functionality provided by the Cisco switches guarantees that we will not have a loop between the core switch and the edge. Even if the D-link device breaks spanning tree in the worst way possible by default.
Note: some IOS code versions, aswell as NX-OS does this by default when configuring “channel-group x mode passive”, even for a layer 2 port channel.
—————————————-
In the next part, we will move away from ugly potential failure-scenarios and go into the layer 3 routing configuration and design.
In the meantime, please leave your questions and comments in the comment field below
© 2012 Unofficial TG12 Tech:Net Blog All Rights Reserved.
