Home

Data Center in Network Perspective (Introduction to Data Center Networking)

Leave a comment

Kemaren pernah ngajar CCNA DC…bisa praktek langsung dengan N7k dan N9k

And before this knowledge get lost (from my head wkwkwk)

lets write it down….

Introduction

Dahulu kala…si fulan punya PC

Dia maen game, setel music, sampe nyimpen data2 pribadi (harddisk) disini…

Sampai suatu ketika, harddisk-nya penuh (music, game, atau penuh dengan video2 yang…*ehem*)

Akhirnya…Dia nambah harddisk didalam PC itu…

The questions is… how long it can hold the increasing data? How much harddisk should He bought? Sistem Storage Redudansi-nya seperti apa? RAID 0, 1, 10, 5, 6, atau apa?

Those questions lead us to our old enemies…Scalability and Availability

Klo untuk para Sales sih mungkin tepatnya gambar ini

Note: Harddisk disini means Storage (bahasa newbie: Harddisk, bahasa anak2 DaCen alias data center: Storage)

Nah, harddisk yang terhubung langsung ke device (baik secara external maupun internal) disebut DAS (Direct Attached Storage)

Keuntungan DAS? Simplicity dan speed.

And then…ketika storage di PC tidak mampu lagi untuk nampung data ato harddisk yang dibeli udah penuh, mau beli lagi juga taro di mana karena udah penuh PC-nya, belum lagi processing CPU yang tinggi…itu CPU bukan hanya process aplikasi tapi juga read-write data (yang notabene GEDE datanya)

So, akhirnya dibentuk lah suatu device…khusus untuk nyimpen data, little CPU requirement, hot-swappable (bisa dicopot-pasang/tambah/ganti baru harddisk-nya tanpa harus di restart, baca: upgradeable), daaannnn…bisa diakses dari mana saja (selama ada koneksi kesana tentunya)

Device itu disebut NAS (Network-Attached Storage)

———————————————-

NAS (Network-Attached Storage)

Figure 2. taken from buffalotech.com

Contoh NAS yang lumayan bagus adalah QNAP (bukan promosi)

Lu bisa bilang…NAS ini adalah harddisk yang terhubung ke jaringan, klo penuh bisa di tambah, buat backup, dll…tanpa harus matiin PC lu

And theeen…untuk harddisk kita punya solusi…NAS, but what about CPU??

Pernah ga kita mau nyimpen/akses/read/write data, Cuma nunggu lama gara2 CPU lagi proses hal2 tertentu…

Our concern is data transfer rate from CPU to Disk that takes too long to takes place

Jadi ketika data2 yg diproses dari CPU akan disimpan, there must be a disk tentunya (ex: Harddisk/Flash Disk/DVD/etc.)

Nah…kabel2 untuk ngirim data dari/ke CPU, Harddisk, ataupun CD-ROM yang kita kenal contohnya adalah SCSI (small computer system interface), IDE (Integrated Device Electronic, later known as Paralel Advanced Technology Attachment/PATA and then to Serial ATA/SATA)

Contoh harddisk parallel:

In SCSI, harddisk dinamakan target, Server dinamakan Initiator (di CCNA DC ini pun dibahas)

But there is a limitation about this interface (cable)…SCSI dan IDE contohnya…maximum hanya bisa konekin harddisk secara parallel sebanyak 16 buah (quite a few in Data Center view), and then 1 more concern is…range limitation, maximum cuma 25 meter (CMIIW)

This lead to the next question…bisa ga kita bikin CPU dan Harddisk pun terpisah

Jadi ada “PC A” khusus untuk calculation (processing unit) …dan “PC B” satu lagi khusus untuk naro hasil i/o (storage unit) dari “PC A”

So, finally they made something to separate Server from Storage, they made a network consist of entirely of bunch of harddisks

We call them now as (SAN) Storage Area Network

———————————————————————

(SAN) Storage Area Network

And you guess…” okay, lets place Cisco Catalyst 2960 in the center, and all the harddisk and servers are entirely connected” …you are dead wrong

Because LAN use Ethernet Technologies but SAN use Storage technologies (like SCSI remember?)

Salah satu storage technologies yang popular sekarang adalah FiberChannel (FC) Technologies (alternatively: internet SCSI/iSCSI alias SCSI via IP)

Yup, contohnya adalah Cisco MDS 9000 Series

The problem with Ethernet LAN protocol is…It is extremely “chatty”, mau konek aja harus kirim SYN dulu, nunggu SYN+ACK, trus ACK (3-way handshake anyone?!)

Kenapa gitu? Karena LAN protocol itu ngeliat koneksi per-file/per-data yang akan dikirimkan, hal ini yang membuat koneksi LAN punya masalah dalam latency

Anyways…in SAN technologies, mereka butuh koneksi yang melihat dari BIT STREAM alias per-block agar tercipta latency yang rendah

Hence, in LAN, we call protocol for sharing file is File-Based Protocol (CIFS: Common Internet File System – for Windows dan NFS: Network File System – for Linux), semua NAS pake sistem ini (soalnya ini SAN versi Desktop..alias versi murah meriah, bukan SAN versi enterprise yg I/O nya harus tinggi)

But in SAN, we call it Block-Based Protocol (in Cisco Official Course, the strategy for low latency transmission in storage technologies is called Credit-Based Strategy, because transmitter cant send anything before receiver tell transmitter that he can accept another transmission)

And then they came with another IDEA…

There goes FCoE a.k.a Fiber Channel over Ethernet

================================

Fiber Channel over Ethernet (FCoE)

sebenernya ada lagi alternatifnya, yaitu iSCSI (ada beberapa vendor lebih prefer ini, cuma jualannya Cisco adalah FCoE…so, kita bahas FCoE)

DC 1.0: semua aktifitas ada di server mainframe
DC 2.0: mulai split…client PC jalanin activity, server jalanin process yang diperintah client
DC 3.0: semenjak ada virtualisasi O/S dan SDN…mulai era Cloud alias web-based

Cloud ini apa sih? in my simple terminology…a bunch of storages connected to network, it just new name to that SAN technology to make it seems cool (marketing purposes)

Ada 3 karakteristik Data Center (jualannya sales Cisco wkwk)

  1. Virtualization: bukan hanya OS dan Storage, bahkan Switch Router pun di virtualkan

    Cisco Nexus 1000v adalah flagship Cisco untuk Data Center Virtualization Network Switch…(nyambung ke SDN ini -> SDDC: software defined DC), bayangin…klo kita bisa ngasih QoS marking, VLAN, and all the cisco switch stuffs to the VMs in the server that CANT BE DONE with VMware ESXi vSwitch (virtual switch “generic”, switch virtual-nya VMware)

  2. Unified Computing: punya server yang support untuk virtualization, Cisco UCS (Unified Computing System) adalah contoh Server Cisco

  3. Unified Fabric: support both SAN connection and LAN connection, that is…FCoE in Nexus 5000 series and above

Syarat untuk bisa FCoE ada 2…

  1. binatangnya harus hidup di 2 alam…

    Maksudnya, alat itu bisa running SAN and LAN technologies sekaligus, di Cisco ya N7K yang komplit

  2. Interface ethernet-nya minimum 10gig (masa depan data center itu di Fiber Optic medium…bukan di Copper, pake cahaya gitu loh…)

Yang pasti…harus support jumbo frames…itu kabel udah penuh sesak dengan semua protocol…ya Ethernet, VoIP, VPN Encapsulation, MPLS, ditambah lagi sama FC

Before FCoE

Tiap server “minimum” punya 2 Network adapter…satu buat LAN (NIC Card-Network Interface Card), satu lagi buat SAN (HBA – Host Bust Adapter)

Jadi klo mau koneksi ke LAN/internet…pake NIC, klo mau akses ke storage network…pake HBA

After FCoE

Dengan FCoE, kita ga perlu banyak kabel…semua Unified Fabric (jadi satu semuanya…Ethernet dan FC), klo di Cisco…paling bagus pake Nexus 7000

Trus paling servernya harus punya satu interface card yang bisa jalan 2 technology sekaligus…namanya CNA (Converged Network Adapter)

Don’t worry, rata2 server sekarang support semua…

Ada beberapa IEEE Standards untuk FCoE (klo belajar CCNA DC)

  • PFC (802.1Qbb) – Priority Flow Control, klo link congested bisa ngasi sinyal PAUSE ke sender, klo uda lengang nanti dikasi sinyal R_RDY (ready to accept transmission)
  • ETS (802.1Qaz) – Enhance Transmission Selection, ability to share bandwidth intelligently between HPC (high perf. Computing), storage, and LAN traffic

  • QCN (802.1Qau)Quantizie Congestion Notification (QoS)
  • DCBX (802.1Qab)DC Bridging eXchange, kemampuan dia untuk mengenal legacy switch (switch yang hanya bisa LAN)

Jadi kek VPN-nya DC

sama kek protocol2 lain, FCoE juga ada prosesnya…namanya FIP (FC initialization protocol), ada discoverynya (FDISC), ada loginnya (FLOGI), bahkan ada kek semacam ip addressing-nya (FPMA dan pWWn)

FCoE process from server (Enode) to Nexus (FCF):

Istilah2 FC:

  1. FIP: FC Initialization Protocol
  2. FC ULP: upper layer protocol
  3. FC LEP: link end point
  4. FCF: FC Forwarder
  5. FPMA: Fabric Provided Mac-Address
  6. FLOGI: FC Login
  7. FDISC: FC Discovery
  8. pWWn: Port World Wide Names

LAST….artikel ini hanya introduction aja, materi prakteknya harus pake Nexus, MDS, dan UCS…

which is…

=============================

References

DAS vs NAS vs SAN Cbtnugget blog @http://blog.cbtnuggets.com/2015/01/storage-mastery-das-vs-nas-vs-san/

NAS on Wiki @http://en.wikipedia.org/wiki/Network-attached_storage

Data Center on Wiki @http://en.wikipedia.org/wiki/Data_center

SCSI vs SATA vs IDE @http://www.buzzle.com/articles/scsi-vs-sata-vs-ide.html

SCSI Cable Length @http://www.tandbergdata.com/knowledge-base/index.cfm/what-is-the-maximum-scsi-cable-length-i-can-use-with-my-tape-drive-autoloader-or-library/

CNA @http://wikibon.org/wiki/v/EMC_Joins_QLogic’s_FCoE_Converged_Network_Adapter_(CNA)_Club

is QCN good for FCoE @http://blog.ipspace.net/2010/11/does-fcoe-need-qcn-8021qau.html

FCoE Initialization Protocol @http://www.cisco.com/c/en/us/products/collateral/switches/nexus-7000-series-switches/white_paper_c11-560403.html

DCICT Cbt Nuggets video by Anthony Sequiera

DCICT Official Course from Cisco Learning Partner

STP Configuration (including STP Tool Kit)

1 Comment

Baru sadar…gw pernah posting MSTP, tapi config2 STP lain engga pernah dibahas wkwkwk

Theory here… , MSTP (and FlexLinks) here…

Yang kita bahas:

  • Changing Root Bridge ID (by modifying priority or value itself) (*)
  • Changing STP modes (-)
  • Tuning STP by STP Toolkits
    • PortFast (and EdgePort) (*)
    • BPDU Guard (*)
    • UplinkFast & BackboneFast
    • BPDU Filter
    • Root Guard
    • Loop Guard & UDLD
  • Err-Disable Recovery (*)
  • Changing STP Port Cost (-)
    • Path Cost Method
  • Changing STP Port Priority (-)
  • Changing STP Link Type
  • Changing STP Timer
  • Changing STP Diameter

(*) = Lab-nya ada di Official Course CCNAv3

(-) = Only Theory Mentioned in Official Course CCNAv3

Lets start…here’s the initial topology

===========================

Changing Bridge ID

Digambar atas kita bisa liat bahwa SW1 bukan root bridge…how we change that

First Technique…changing root priority

Verifikasi

By default Root Bridge ID yang tadinya 32768 dirubah jadi 24576, klo pake command “root secondary“(buat backup primary) jadinya 28672

Disitu kok 24577 Man? Bridge ID + VLAN ID…24576 + 1 (nomor VLAN “1”) jadi 24577

Second Technique…changing the Bridge ID value itself

Hanya bisa diisi pake kelipatan 4096, why? Kelipatan 16

STP pake BPDU message yang isinya Root Bridge ID (8 byte) buat handle protocol STP, dimana 2 byte (16 bit) pertama buat bridge ID, 6 byte (48 bit) buat mac-address

1 byte = 8 bit, 2×8 = 16 bit…masa mesti gw ingetin juga

16 bit = nilainya bisa dari 0 sampe 65535, so…65536/4096 = 16…kelipatan 16 bit

Verifikasi topology

…kita liat bahwa SW1 sudah jadi root bridge (note: packet tracer v6 suka error GUI/display STP nya…kadang ijo semua X_X)

=============

Changing STP modes

Ada 3 mode yang bisa kita pilih: PVST (default), rapid-pvst, dan MST (packet tracer ga ada MST)

Sekarang kita rubah modenya jadi “spanning-tree mode rapid“, dan ketika kita show…

Spanning tree enabled protocol rstp…kok bukan rapid-pvst? Rapid itu maksudnya rapid pvst…

Klo PVST+ (default STP mode) tulisannya “spanning tree enabled protocol ieee

================

PortFast

Biasanya ketika kita colok kabel ke port switch kan “oren” dulu tuh..baru “ijo”

Ini karena ada STP timer lg ngecek BPDU yang masuk, total “waiting time”-nya 50 detik (pake PVST biasa loh ya, bukan rapid…dia mah cepet)

Nah, kita bisa bikin STP ga ngecek BPDU, alias ga ada waiting time dari oren ke ijo…

Ada 2 cara:

Nah, Pake portfast itu bikin switch “skip” BPDU checking, makanya ada “caution”…jgn coba2 dipasang itu port ke switch lain…

Bisa juga di config secara global buat semua interface…

Tes colok aja sendiri…di packet tracer pun bisa

=============

BPDU Guard

Lalu klo port yang dipasang portfast tiba2 dicolok switch lain gimana? Bisa berabe tuh…

Pasang BPDU Guard, ada 2 cara:

Important note: klo di Rapid-PVST, BPDU Guard ini ga perlu, karena begitu port yang dipasang portfast nerima BPDU, maka status portfast-nya hilang, hence named: EDGEPORT (jadi klo di Rapid PVST lu cuma ngasih konfig portfast aja…ga perlu BPDU Guard)

Kita liat config int fa1/0/1-nya

Kesimpulannya klo kita pake PVST+, portfast sama bpdu guard pasti digandeng konfig-nya

Lets verify…gw pake Kali Linux, trus kirim BPDU kesana

Hasilnya…

Kita cek pake “show interface status

Trus klo restorenya gimana? Klo ga sengaja gimana? Bisa auto recovery ga? Bisa

============

ErrDisable Recovery

Default interval untuk auto port recovery itu 300 detik, kita bisa change MINIMUM 30 detik

Apa aja yang bisa di recover selain bpduguard? Tiap seri switch mungkin beda2…

Coba ketik “show errdisable detect

Kita bisa liat tipe error apa aja yang kita setting untuk auto recover

Nyok kita liat tipe error apa aja yang kita set auto recovery…

============

UplinkFast and BackboneFast

2 tool ini HANYA dipake di PVST untuk improve convergence (di RSTP udah built-in)

UplinkFast: biar klo link ijo mati, yang oren (alternate port) langsung ijo

Backbonefast: biar klo link ke ROOT BRIDGE mati, mereka langsung kirim BPDU ke alternate/blocked port trus sama switch penerima BPDU tersebut langsung ngirim RLQ (root link query) message untuk nyari siapa yang jadi Root Bridge selanjutnya (skip 20 second of max_age timer that cause other non-Root bridge become root-bridge itself)

Verification

===========

BPDU Filter

Simple…to prevent switch generating BPDU

Why disable? Isn’t dangerous? Take a look at this design…

============

Root Guard

This configuration is to prevent Root Bridge from being changed (changing Root Bridge can change STP topology, which switchport is blocked or which switchport is forwarding)

===========

Loop Guard and UDLD (Uni-Directional Link Detection)

What if switch on the other side not sending BPDU because software problem? Loop Guard is the answer

What if switch on the other side not sending BPDU because cable mis-wiring (typically in Optical Cable)? UDLD is the answer

Recommend? Enabled them both

Or enabled them globally

Bedanya apa udld biasa sama agresif? yang biasa hanya “nge-detect” alias Cuma ngasi informasi bahwa ini link uni-directional (undetermined port state), sedangkan yang agresif begitu detect uni-directional langsung coba attempt koneksi lagi (ngirim 8 frame per detik), klo switch tetangga ga respon juga maka akan dijadiin “errdisable” itu port

Best-practices? Aggressive mode…if distruptive (switch hang/lambat/not-responding), switch into normal state (enable state), ga kuat kayaknya dijadiin enable wkwkw

And config on both side!! (udld beda mode gpp), biar sama2 bisa detect

============

STP Port Cost

STP Always calculated port cost first (baca: link bandwidth), lower the value the better priority

So…how can we change FastEthernet to lower it cost

Default cost dari STP ditentukan oleh IEEE (ya…hapalan mati…)

=================

STP Pathcost Method

1 Gbit dengan cost 4 itu pake STP short method (default), pake long-method 1 Gbit itu cost-nya 20,000

Kok bisa ada long sama short? Bandwidth makin lama makin gede value-nya…klo pake metode short…susah nanti yg 40gbit, 100gbit, atau 1terabit (short pake 16-bit, 16 bit max value kan 0-65355)

Kasus yang sama kek OSPF “auto-cost refrence-bandwidth

Taken from cisco.com:

Gantinya gimana? On all-switch (if they have any link greater than 10gbit, long mode is a must)

Note: MST use long method by default, PVST use short method

===================

STP Port Priority

Lemme show you the picture

My Question…if we didn’t configure EtherChannel, how STP can decide which port to block? The port priority (jangan kebalik2 antara port cost sama port priority)

By default…the higher the port number is, the higher chance to be blocked

Here’s the pic from SW3:

How we change it? On SW4to influence SW3 which port to be blocked (don’t do it in SW3)

SW4 interface fa0/2 konek ke SW3…change the priority there…

Kita juga bisa ketik “spanning-tree port-priority [value]” (without vlan) on interface configuration but packet tracer doesn’t have that command.

Lets see the effect

Lets see if port state changed or not

Previously on SW3 is Fa0/2 that blocked, let see now…

Fa0/1 blocked…because it heads to SW4 higher number priority number switch port

=============

STP Link Type

Theres 2 link type of STP: P2p (point-to-point) and Shr (shared)

STP determine what type of link depends on what kind of duplex other side is using

Full Duplex use P2p and Half Duplex use Shr (which is Hub kind of device)

How we can change it? For what impact we aim for?

Lets see the effect

According to Scott Morris #4713, RSTP hanya bisa “kerja cepat” klo link-nya point-to-point, jadi klo lo mau “maksa” link Shared untuk achieve rapid transition phase in RSTP environment…then do it

(Most of switches today is full duplex though)

=================

STP Timer

Hello-time: switch kirim BPDU by default tiap 2 detik, bisa kita tune jadi 1-10 detik

Forward-time: waktu yang dibutuhkan dari listening ke learning (default 15 detik), bisa kita tune jadi 4-30 detik

Max-Age: “masa hidup” BPDU yang disimpen diswitch, klo expired, dibuang…untuk hemat RAM (default 20 detik), bisa kita tune jadi 6-40 detik

But remember, Setting time too fast, although it ensure STP stability…it means more BPDU will be processed (lets say you tune STP hello from 2s into 1s), more CPU load

Set this timer in Root Bridge Switch only (all other switch will use timer from Root Bridge)

==============

STP Diameter

Biasa nge-lab STP paling 3 switch kan? Atau 4 switch?…pernah 7 ga?!? Nyambung semua jadi satu lingkaran wkwkwk

Kita bisa set maksimum “Luas” STP…max 7 switch (4 sampe 5 aja udah mabok…)

=============

References

http://www.omnisecu.com/cisco-certified-network-associate-ccna/bridge-protocol-data-unit-bpdu-frame-format.php

http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10555-15.html

https://cciepursuit.wordpress.com/2008/03/07/spanning-tree-link-type/

https://learningnetwork.cisco.com/thread/3691

https://networklessons.com/spanning-tree/spanning-tree-backbone-fast/

http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/12014-18.html

http://blog.ine.com/2008/07/05/udld-modes-of-operation/

http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/19120-122.html

https://supportforums.cisco.com/discussion/11582661/stp-timers

https://supportforums.cisco.com/discussion/10167346/pathcost-method

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/spantree.html#wp1193557

Older Entries