aviate, navigate, communicate

when china wants to lead

it’s interesting to see proposal submitted by two “freedom stars” of authoritarian China - Huawei and China Telecom to ITU. on the surface the proposal clearly speaks about future societal needs and development of new, improved technologies that - in the process - would make current IP obsolete. it’s easy to see however that first of all the proposal contains a lot of old ideas that are already implemented (LISP, mobile IP and IPv6 itself just to name a few). Read more →

bored waiting for scp to complete?

if you, like me, get bored immediately after you execute copy scp x y, you’ll likely be happy to know that we’re introducing changes in the TCP/IP stack responsible for SCP operations. in NX-OS beginning in 9.3(1), while copying using scp you can add use k-stack, like this: nxos-switch#<span style="background-color: #FFFF00;">copy scp:// bootflash: use-kstack</span> in IOS-XE, starting from 17.2(1), it’s possible to achieve similar speed-up effect by enabling globally ip ssh bulk-mode. Read more →

ASA and full BGP table(s)

while I already mentioned couple of times on this blog, that handling dynamic routing on firewall is asking yourself for unexpected problems, sometimes it’s needed. as Cisco, we don’t normally recommend using ASA or FTD boxes as full table BGP routers. not because they can’t be used in this role, but because we don’t believe it’s a good networking and security practice. here’s example from my home lab testing lab cluster of two ASA 5516-X, running 9. Read more →

deploy remote access VPN at scale

due to CORVID-19 outbreak, we’ve been flooded with request to provide assistance with deploying secure connectivity for remote workers. in some organizations number of remote workers grown from 0 to 7000-10000 in week. some others are serving today over 30000, and here at Cisco, we’re working mostly out of home those days (over 100k people!). thanks to help from my fellow engineers and specialists, we were able to publish following guides, related to building and scaling out VPN headends - both hardware and virtual: Read more →

changing lanes

after last 13 years spent at Cisco Systems Poland, working in the “field” I decided it’s prime time for something new. something, that can challenge me and give back that sense of new adventure. having opportunity to spend all that time with great people, learning a lot and experiencing even more was great fun. I had also went through full country chain - from “simple” Systems Engineer, to Architecture Lead, Systems Engineer Manager, then Regional Sales Manager (driving 2/3rds of country business operations) and finally Country Systems Engineer Manager and CTO. Read more →

april musings

last couple of weeks were quite hectic. I’m working on rebuilding the BGP blackholing infrastructure (yes, that’s old site, along with old, expired certificate), along with some extras (like AS112 and RPKI services). the job is like 40% done, with scripts completely rewritten in Python, and the ‘only’ part missing being infra (virtualized and not-so-much) and WWW portal. at the same time, I’ve committed long time ago to new project with failure post-mortem analysis on our netdesign. Read more →

site migration (again)

as it’s probably not hard to notice, i did a site migration. instead of moving to WordPress however (which was original plan), I decided to go in more ambitious path, and deployed Hugo platform, supported by Go… and static page generation (yeah!). Hugo itself supports i18n, so it provides priority functionality, and secondly - this solution frees me from continuous gouging in PHP and SQL :) Read more →

SDN Affinity

thanks to Robert Pająk I’ve had an opportunity recently to speak at fall edition of Akamai Affinity. as the request was to cover the networking side of innovation, I did. that was in november last year, to be exact. quite recently we’ve released news about our 400Gbit/s switch and on the just finishing Cisco Live! at Barcelona we’ve demonstrated for the first time ACI evolution - ACI Anywhere. ACI evolves to bridge hardware and software worlds in even flexible ways, and its latest release enables the whole set of functions with pure software solutions (aka ‘cloud’). Read more →

it’s not always that everything goes well …

…and in particular, often goes very badly. not only in life in general, but in the IT world also :) you probably have dozens of stories to tell, if not hundreds. someone configured the port badly, everything worked until it stopped … and when it stopped, it dragged the whole network behind. big time. whole data center. why do we make the same mistakes all the time? automation slightly improves the situation, but sometimes it may dramatically speed up things going bad. Read more →

boost license in ISR 4000 routers

ISR 4000s have the capability to “license” throughput. the solution was built this way with clear goal in mind. previously it was hard to estimate how given router will perform under some random set of features. the CPU driven routers by themselves have a lot of challenges to address, so measuring performance and then sticking to it with each and every new software release was simply unrealistic. we published “kpps” numbers, but then got heat from our Customers, when performance was lower with each and every enabled service. Read more →

madness is not a method

i’m great fan of Jason Fried and David Heinemeier Hansson books. latest one - it doesn’t have to be crazy at work - is a great continuation of the previous pieces. all of them: rework, remote and getting real should be part of ‘must read’ for teams and their managers. the most important in what they write about is that they bring it to life. and they write about all of the important matters - including teams management and organization, the way they work, the ideas that guide them and the lack of ‘corporate bullshit stories’ typical workplaces and companies try to invent just to justify higher purpose. Read more →

wandering earth

Cixin Liu trilogy was excellent. I wrote about it before. the latest collection of stories by the same author … well. it’s a bit worse. I am sad to say that it’s almost like Abelard Giza said in one of his standups - ‘first the original idea, and then total… ‘you know the word’ … (I won’t quote - but it’s about the genesis of the title of his standup ‘people, keep hats’). Read more →

“a ja żem jej powiedziała…”

great book. short but perfect. i will not try to praise and underline my deep knowledge and uderstanding of - Nosowska works. i know her almost exclusively from ‘texan’, and by the way she writes about people like me in one of the chapters about psychotherapists. i did not even knew, that she has a feed on instagram, publishes video - and in general - as a private person. not to mention all of her works. Read more →

apple T2… and new macbook pro

it took me a few hours to figure out the new subtleties. new computers from Apple with a built-in T2 chip (i.e. new iMac Pro and Macbook Pro 2018 edition) have a dedicated operating system protection. what’s the problem? first of all, by default, they can not be booted from an external medium. it’s part of the security that Apple introduced to make it more difficult for a potential hacker. to change this setting, you have to get to the system tools that live on a special ‘recovery’ partition. Read more →

chłopaki z zaplecza

świetna, choć bardzo krótka książka o brytyjskich geekach. składa się z serii krótkich rozdziałów poświęconych różnym osiągnięciom brytyjskiej nauki - od satelitów (program Ariel), pocisków Blue Streak, przez samolot Concorde (i całą historię jego zmagań z utrzymaniem się w służbie), po takie smaczki jak grę Elite legendarnego Davida Brabena. o Elite nie znajdziecie dużo, ponieważ autor koncentruje się na zmaganiach twórców i późniejszej ekipy wydawniczej, choć można doczytać się zmagań Davida nad optymalizacją kodu na BBC Micro (całe 20kB pamięci RAM! Read more →

krew, pot i słaba książka

kupiłem ją po to, żebyście Wy już nie musieli. ‘krew, pot i piksele’ to książka dziennikarza serwisu kotaku, Jasona Schreiera. bardzo słaba książka, dodajmy od razu. co z tego, że jednym z tytułów który opisuje Jason jest nasz rodzimy ‘wiedźmin 3’? skrócę Wam mękę i stracone 30-parę złotych, streszczając schemat, jakim Jason posługuje się opisując proces powstawania każdej z gier: paru geeków (tu pada litania nazwisk, mam wrażenie, że wielokrotnie niestety nie do końca pełna) staje przed wielkim wyzwaniem. Read more →

modyfikowany węgiel

kolejna trylogia warta przeczytania, słusznie zresztą święcąca popularność w ramach (słabej jednak i boleśnie okaleczonej) ekranizacji Netflixa. cykl składa się z trzech części - ‘modyfikowany węgiel’, ‘upadłe anioły’ i w końcu ‘zbudzone furie’. wszystkie opisują losy jednego bohatera, jednak z uwagi na specyfikę modyfikowanego węgla, to prawie trzy niezależnie książki. Takeshi Kovacs to niby ta sama osoba, Emisariusz, ale jego wcielanie się w ciągle to nowe powłoki i zajęcia powoduje, że każda część jest trochę inna. Read more →

świadomość faktów

dotarłem do tej książki przez pomyłkę. tak, to nie żart. zgubiłem gdzieś swoją kopię “thinking fast and slow” (a może komuś pożyczyłem i zapomniałem? zdarza się) i po paru miesiącach ciągłego zapominania (żeby sobie dokupić), w końcu przeklikałem się przez interfejs jednego z popularnych sklepów internetowych. tą książkę dostałem jako propozycję “którą inni kupowali” i byłem przekonany, że to inna książka - kolejna Grega McKeowna po jego doskonałej “essentialism”. już po zamówieniu książek coś mnie tknęło - po wrzuceniu do google’a i znalezieniu tego nagrania wszystko było jasne - to nie to, ale i tak czekam na możliwość przeczytania! Read more →

wspomnienie o przeszłości Ziemi

te trzy książki - pojedynczo ale i jako seria to wspaniała lektura. odświeżająca i jednocześnie bardzo mi osobiście przypominająca z jednej strony twórczość Stanisława Lema (tam gdzie dotyka fizyki podróży międzygwiezdnych i generalnie, technologii) oraz coś z Asimova. wszystko dodatkowo osadzone w realiach o których dużo czytałem (w kontekście zawodowym) - kultury chińskiej. przebija w tej książce bardzo wyraźnie na wielu płaszczyznach - ale w ogólności zakłada długofalowe (naprawdę długofalowe) strategie, przeplatane taktycznym wykonaniem. Read more →