Aug 1, 2009

RCSP Study Guide - In-path Networks

In-path Networks

The Steelhead appliance can be physically connected to access both ports and trunks. When the Steelhead appliance is placed on a trunk, the In-path interface has to be able to tag its traffic with the correct VLAN number. The supported trunking protocol is 802.1q (“Dot1Q”).

A tag can be assigned via the GUI or the CLI. The CLI command for this is:

HOSTNAME (config) # in-path interface inpathx_x vlan

RCSP Study Guide - Interface Naming Conventions

Interface Naming Conventions

The interface names for the bypass cards are a combination of the slot number and the port pairs
(_, _).

For example, if a four-port bypass card is located in slot 0 of your appliance, the interface names are: lan0_0, wan0_0, lan0_1, and wan0_1 respectively.

Alternatively, if the bypass card is located in slot 1 of your appliance, the interface names are: lan1_0, wan1_0, lan1_1, and wan1_1 respectively.

RCSP Study Guide - Peering Rules

Peering Rules

Configuring peering rules defines what to do when a Steelhead appliance receives an autodiscovery
probe from another Steelhead appliance. As such, the scope of a peering rule is limited to a server-side Steelhead appliance (the one receiving the probe). Note that peering rules on an intermediary Steelhead appliance (or server-side) will have no effect in preventing optimization with a client-side Steelhead appliance if it is using a fixed-target rule designating the intermediary Steelhead appliance as its destination (since there is no auto-discovery probe in a fixed-target rule).

RCSP Study Guide - In-path Rules

Different Types and Their Function

• Pass Through.
Pass through rules identify traffic that is passed through the network unoptimized. For example, you may define pass through rules to exclude subnets from optimization. Traffic is also passed through when the Steelhead appliance is in bypass mode.(Passthrough might occur because of in-path rules, because the connection was established before the Steelhead appliance was put in place, or before the Steelhead service was

• Fixed-Target.
Fixed-target rules specify out-of-path Steelhead appliances near the target server that you want to optimize. Determine which servers you want the Steelhead appliance to optimize (and, optionally which ports), and add rules to specify the network of servers, ports, port labels, and out-of-path Steelhead appliances to use. Fixed-target rules can also be used for in-path deployments for Steelhead appliances not using EAD.

• Auto Discover.
Auto-discovery is the process by which the Steelhead appliance automatically intercepts and optimizes traffic on all IP addresses and ports. By default, autodiscovery is applied to all IP addresses and the ports which are not secure, interactive, or default Riverbed ports. Defining in-path rules modifies this default setting.

• Discard.
Packets for the connection that match the rule are dropped silently. The Steelhead appliance filters out traffic that matches the discard rules. This process is similar to how routers and firewalls drop disallowed packets; the connection-initiating device has no knowledge of the fact that its packets were dropped until the connection times out.

• Deny.
When packets for connections match the deny rule, the Steelhead appliance actively tries to reset the connection. With deny rules, the Steelhead appliance actively tries to reset the TCP connection being attempted. Using an active reset process rather than a silent discard allows the connection initiator to know that its connection is disallowed.

RCSP Study Guide - Common Ports Ports Used by RiOS

Common Ports
Ports Used by RiOS

Port Type
7744 Data store sync port
7800 In-path port
7801 NAT port
7810 Out-of-path port
7820 Failover port for redundant appliances
7830 Exchange traffic port
7840 Exchange Director NSPI traffic port
7850 Connection Forwarding (neighbor) port
7860 Interceptor Appliance
7870 Steelhead Mobile

RCSP Study Guide - NFS

NFS Optimization

You can configure Steelhead appliances to use Transaction Prediction to perform application level latency optimization on NFS. Application-level latency optimization improves NFS performance over high latency WANs.

NFS latency optimization optimizes TCP connections and is only supported for NFS v3.

You can configure NFS settings globally for all servers and volumes, or you can configure NFS settings that are specific to particular servers or volumes. When you configure NFS settings for a server, the settings are applied to all volumes on that server unless you override settings for specific volumes.

• Read-ahead and read caching (checks freshness with modify date)
• Write-behind
• Metadata prefetching and caching
• Convert multiple requests into one larger request
• Special symbolic link handling

Jul 31, 2009

天外飛來一張"CCNA Voice證書"

自2009年6月24日開始,CCNA Voice認證分為兩種選項。一個叫做commercial option,另一個則是enterprise option。

CCNA Voice Certification enterprise option
只要你擁有CCNA認證並且通過CVOICE 6.0考試(642-436)就可以取得CCNA Voice認證資料。

CCNA Voice Certification commcerical option
只要你擁有CCNA認證並且通過IIUC考試(640-460)就可以取得CCNA Voice認證資料。

所以…如果各位有心要取得CCVP認證的話,事實上是可以不用先考CCNA Voice(IIUC)的,因此我就無緣無故地突然收到了Cisco寄來的CCNA Voice證書(之前考過CVOICE 6.0)。

On June 24th, 2009, Learning@Cisco announced program changes to the CCNA Voice certification. There are now two options available for candidates wishing to achieve their CCNA Voice certification: A commercial option and an enterprise option.

The new CCNA Voice Certification enterprise option assesses skills/knowledge related to the Cisco Unified Communications Manager 6.0 (CUCM 6.0). It is typically employed by large organizations such as governments, large companies, and colleges. Passing the CVOICE #642-436 exam will meet the requirements for this option.

The CCNA Voice Certification commercial option continues to use the IIUC #640-460 exam and assesses skills and knowledge related to the Cisco Unified Communications Manager Express 4.1 (Cisco UME) and Cisco Unity Express (CUE), solutions typically used by medium & small organizations such as companies with less than 2,000 employees, retail businesses, and small school districts.

The new CCNA Voice enterprise and commercial options became available on June 24th, 2009. For further information, access the FAQs at the CCNA Voice home page on the Cisco Learning Network.

Jul 29, 2009

Nagle's algorithm

Nagle's algorithm

From Wikipedia, the free encyclopedia

Nagle's algorithm, named after John Nagle, is a means of improving the efficiency of TCP/IP networks by reducing the number of packets that need to be sent over the network.

Nagle's document, Congestion Control in IP/TCP Internetworks (RFC896) describes what he called the 'small packet problem', where an application repeatedly emits data in small chunks, frequently only 1 byte in size. Since TCP packets have a 40 byte header (20 bytes for TCP, 20 bytes for IPv4), this results in a 41 byte packet for 1 byte of useful information, a huge overhead. This situation often occurs in Telnetsessions, where most keypresses generate a single byte of data which is transmitted immediately. Worse, over slow links, many such packets can be in transit at the same time, potentially leading to congestion collapse.

Nagle's algorithm works by coalescing a number of small outgoing messages, and sending them all at once. Specifically, as long as there is a sent packet for which the sender has received no acknowledgment, the sender should keep buffering its output until it has a full packet's worth of output, so that output can be sent all at once.

WiMAX 大陸 新興市場捧場

  • 2009-07-28
  • 工商時報
  • 【林淑惠】

 一直以來,市場對於WiMAX前景,始終不抱樂觀,甚至對於政府推動M台灣,想讓台灣藉由WiMAX、在國際電信市場建構特有的優勢產業、都不見得認 同,但幾年下來,透過政府主動搭橋、民間團體從旁協助,確實也讓台廠掙得不少不少從WiMAX湧出的訂單及商機,尤其是大陸及新興市場,隱藏的商機更為可 觀。




Half Open connections vs Half closed connections

Half Open connections
Connections that haven’t been completely established yet are in the "Half-open" state. Every new connection starts off in the half open state but quickly transitions to the established/flowing state if there are no errors in connecting to the peer SH and endpoint server. Thus, this count should typically be low.

However in the case of a SYN or probe attack, the SFE times out (TCP connection establishment timeout) attempting to connect to the fictitious endpoint server, the half open connections will exist for the duration of the connection attempt. The same holds true when there is a network partition between the SFE and server or when the server fails to respond.

If the Half-Open connection count on a Steelhead are consistently high and an issue is suspected, please provide a sysdump to help facilitate investigating the issue.

Half closed connections
Intercepted connections that are tearing down or where the client/server has performed a TCP half-close are in the "Half-Closed" state. A TCP half-close occurs when either endpoint (client or server) sends a TCP FIN indicating that it will not be writing anymore data, just reading data.

This behavior is common in the case of web browsers: The web browser sends the HTTP GET request and then TCP halfcloses the connection as it does not intend to send another request or any more data. It then reads data that is sent by the web server in this state. In the case of some other applications, one end may do a TCP half-close and the connection lasts for a while after that (the application is designed for data flow in one direction only).

Thus its fairly common to have a non-zero "Half Closed" connection count on the Steelheads. Once again, provide the sysdump to support if an issue is suspected.