Why network fails

(and you cannot blame it)

About me

Network and Security Architect

Cisco CCIE #38620 (R&S)

VMware VCP/Red Hat RHCE

andrea.dainese@gmail.com

andrea.dainese@infocert.it

www.routereflector.com

@adainese

www.linkedin.com/in/adainese

Developer (UNetLab)

VMware vExpert since 2014

Cisco Champion since 2014

Lossless

Storage networks (designed to carry data between server and disks) do not loose data.

Examples of storage networks are:

  • SCSI
  • Fibre-Channel
  • FCoE

Lossy

Data networks (designed especially for IP) admit data loss by design.

IP based application or protocols are:

  • Web
  • Database
  • VoIP/Video
  • (almost everything)

Data networks

  • Cables and NICs
  • Ethernet
  • STP
  • IP, TCP/UDP
  • Operating Systems
  • Firewalls and Load Balancers
  • HA Clusters

Cables and NICs

  • totally broken
  • partially broken
  • unidirectional link
  • buffers (NICs only)

Ethernet

  • standard for wired networks
  • standard for wireless networks
  • data sent without acknowledgements
  • broadcast network with some optimizations
  • flat (non-hierarchical) network
  • CSMA/CD or CSMA/CA
  • buffers
  • CoS for priority traffic

 

Tipical address: 00-50-56-C0-00-08

Spanning Tree Protocol

  • avoid loops on Ethernet (wired) networks
  • convergence is disruptive (30-60 seconds)
  • active-backup uplinks
  • tree-topology
  • limited diameter (7)

TCP/IP

  • "reliable" (acknowledg.)
  • "ordered" (retransm.)
  • "flow control" (window.)
  • buffers

UDP/IP

  • unreliable
  • unordered
  • buffers

Operating Systems

  • NIC drivers
  • Kernel
  • Applications
  • Input/Output queues
  • IRQs

Firewalls and Load Balancers

  • NAT tables (with timeouts)
  • Stateful ACL tables (with timeouts)
  • Stateless ACL tables (with no timeouts)
Router#show ip nat translations

Pro Inside global        Inside local       Outside local      Outside global
udp 171.69.233.209:1220  192.168.1.95:1220  171.69.2.132:53    171.69.2.132:53
tcp 171.69.233.209:11012 192.168.1.89:11012 171.69.1.220:23    171.69.1.220:23
tcp 171.69.233.209:1067  192.168.1.95:1067  171.69.1.161:23    171.69.1.161:23

HA Clusters

  • VMware HA
  • Oracle
  • Stateless clusters
  • Stateful clusters

Lossless protocols over lossy networks

  • FCIP
  • iSCSI
  • ATA over Ethernet
  • FCoE

Conclusions

  • Ethernet networks fail by design
  • Failure is inevitable, deal with It