Contact us
Join Community
Contact us

Exciting Announcement! In celebration of launching our AI Certification, we’re thrilled to offer a 50% discount exclusively. Seize this unique chance—don’t let it slip by!

Learn more

Author: Nisha Syed Ali

Categories
All

Unveiling Enhanced Use Cases: What’s New in Network Copilot™ v1.1

We are thrilled to unveil Aviz Network Copilot™ v1.1.0, packed with innovative features and enhancements. This cutting-edge AI-driven network analysis tool is crafted to help network operators, executives, and stakeholders pinpoint performance bottlenecks and optimize resource utilization via a highly intuitive chat interface.Prepare to dive into the capabilities of Network Copilot™ and explore how its latest updates can significantly improve your network operations’ efficiency.

Data Ingestion Capabilities

Network Copilot™ has expanded its capabilities to include device telemetry ingestion through gNMI, sFlow, and API, in addition to the existing SNMP & Aviz ONES telemetry agent. These enhancements broaden its compatibility across multi-vendor NOS using SNMP, gNMI, and other protocols, facilitating effortless multi-vendor deployments with Network Copilot. The metrics gathered from on-premises networks now encompass Inventory, System Resources, Platform Health, Counters, and Flow Records

Use Cases

In this release, We have introduced several new use cases to provide more comprehensive insights and visibility into your network.

1. Network Upgrade Compliance

Network upgrades are inevitable and crucial for any network to ensure security, performance and reliability. Network Copilot can now assist the Network Administrators with the repetitive task of verifying network upgrades and ensuring the network is restored to its original state post-upgrade, even in a multi-vendor environment.

2. Security Audit Reports

Maintaining IT compliance is crucial for any organization and regular security audits play a vital role in this process. Network Copilot can assist you in ensuring your configuration and security protocols meet the required standards. With Network Copilot, you can verify various aspects like ACL, SSH, TACACS, RADIUS+ & Control plane policing etc..

3. Outbound Network Performance Monitoring

Network Copilot can help you monitor your outbound network performance by analysing network traffic, examining QOS and monitoring bandwidth, it provides insights into your SD-WAN & MPLS networks. This ensures you have a clear understanding of your network’s performance, enabling you to optimize and maintain efficient network operations.

4. Application Visibility and Real-time Network Insights

Network Copilot can analyze the network traffic to identify the applications generating the traffic and its purpose. Utilizing flow data such as sFlow and NetFlow, Network Copilot monitors and analyzes traffic patterns and application behavior, providing detailed insights into the data traffic.

5. Network Troubleshooting

Network Copilot can help Network Administrators effectively diagnose network issues by analyzing past traffic patterns and drops networks.

6. Enhanced Japanese Support

Network Copilot now has enhanced support for the Japanese language.

UI Enhancements

To enhance user-friendliness and simplify interactions with Network Copilot UI, the following improvements have been made:
  • Streaming responses
  • Exporting conversations
  • Import user context
  • Timestamps
  • Regenerating responses
  • User feedback on the responses for improvements
  • Dark and Light Mode
In conclusion, Aviz Network CopilotTM v1.1.0 brings a suite of exciting new features designed to revolutionize the way to monitor and analyze your network. With its advanced generative AI assistant, the latest release enhances network operations through a user-friendly chat interface, offering capabilities such as dark mode for visual comfort, expanded telemetry ingestion methods for seamless multi-vendor deployment, and new use cases to ensure network upgrade compliance, security audit standards, monitoring outbound network performance, application visibility, and real-time network insights. Network Copilot v1.1.0 is poised to set a new standard in network monitoring & analysis, empowering network operators, executives, and stakeholders to optimize and maintain efficient network operations effortlessly.
Contact us today because with Network Copilot™ v1.1, you’re not just upgrading your software — you’re transforming your network infrastructure strategy to be smarter, faster, and more reliable
Categories
All

Boosting Network Trust: Unveil AI TRiSM with Network Copilot™

Introduction to AI-TRiSM (Trust, Risk & Security Management)

As AI reshapes the world, its transformative power drives revolutionary innovations across every sector. The benefits are immense, offering businesses a competitive edge and optimizing operations. However, to harness this potential responsibly, we must prioritize ethical and trustworthy AI development and usage.

This is where the concept of AI-TRiSM, a framework conceptualized by Gartner, emerges as a cornerstone for responsible AI development. It emphasizes three crucial concepts: Trust, Risk, and Security Management (TRiSM) in AI systems. By focusing on these key principles, AI TRiSM aims to build user confidence and ensure ethical and responsible use of technology that impacts everyone.

The Framework of AI TRISM

By embracing AI TRISM, organizations can navigate the exciting world of AI with confidence, maximizing its benefits while ensuring responsible and ethical use.
  • 1. AI Trust: This cornerstone emphasizes transparency and explainability. By ensuring AI models provide clear explanations for their decisions, users gain confidence and trust in the technology.
  • 2. AI Risk: This pillar focuses on mitigating potential risks associated with AI. By implementing strict governance practices, organizations can manage risks during development, deployment, and operation stages, ensuring compliance and integrity.
  • 3. AI Security Management: This crucial aspect focuses on safeguarding AI models from unauthorized access, manipulation, and misuse. By integrating security measures throughout the entire AI lifecycle, organizations can protect their models, maintain data privacy, and foster operational stability.

4 Pillars of AI TRiSM Framework

This framework relies on five key pillars to ensure responsible and ethical implementation of AI:
  • 1. Explainability and Model Monitoring: This pillar combines two crucial elements. Explainability ensures transparency in how AI models arrive at their decisions, building user trust and facilitating performance improvement. Model monitoring involves continuously tracking the model's behavior, identifying any biases or issues impacting its accuracy and effectiveness.
  • 2. ModelOps: This pillar focuses on establishing a well-defined lifecycle management for AI models. It encompasses the entire journey, from development and deployment to ongoing monitoring, maintenance, and updating. Robust ModelOps practices ensure the continued reliability and effectiveness of AI models over time.
  • 3. AI Application Security: This pillar safeguards the integrity and functionality of AI models and their applications. It involves implementing security measures throughout the AI lifecycle to protect against unauthorized access, manipulation, and misuse. This ensures the reliability of the model's outputs and protects sensitive data.
  • 4. Privacy: This pillar emphasizes the responsible handling of data used in AI models. It involves ensuring compliance with relevant data protection regulations and implementing appropriate security controls. By prioritizing data privacy, organizations can build user trust, minimize the risk of data breaches, and ensure responsible AI development and deployment.

Adopting AI TRiSM Methodology for Network CopilotTM

Network Copilot transcends the typical tech offering. It’s a conversational AI crafted to meet the complex demands of modern network infrastructures. Its design is LLM agnostic, ensuring seamless integration without disrupting your current systems, and doesn’t demand a PhD in data science to get started. Engineered with enterprise-grade compliance at its core, it offers not just power but also reliability and security.

Dive deeper today because with Network Copilot™, you’re getting seamless integration, enterprise-grade reliability, and enhanced security—all with ease

1. Documentation of AI Model and Monitoring:

To ensure the successful use and management of the Aviz Network Copilot, comprehensive and up-to-date user manuals, technical documentation, and training materials are created. This includes detailed documentation explaining how the AI model makes decisions. Additionally, a clear privacy statement is provided guaranteeing that Network Copilot will not access, transfer, or manipulate sensitive information such as passwords.

2. Well-defined Life Cycle Management:

A well-defined life cycle management process is established for the Aviz Network Copilot product, encompassing all stages from its Building to Deployment. This process will involve defining clear criteria for use case identification, dataset identification, model training, Model selection, Model deploy, Monitor and re-train, a communication plan in place to effectively inform users about any product changes and updates.

3. System Checks and Bias Balancing:

To mitigate potential biases in the Aviz Network Copilot product, regular system checks are conducted such as Gaurdrails. This involves testing the product with diverse datasets and user groups to identify and address any bias that may arise. A bias mitigation strategy is developed and implemented, incorporating techniques such as data normalization, algorithm adjustments, or fairness checks. Furthermore, the performance of the Aviz Network Copilot product is continuously monitored to identify any emerging biases or fairness issues.

4. Responsible Handling of Data:

To ensure responsible data handling practices, robust security measures are implemented for the Aviz Network Copilot product. These measures include encryption, access controls, and regular security audits. Furthermore, clear guidelines are established to define how user data will be collected, stored, used, and shared. Additionally, informed consent will be obtained from users before collecting and using their data. Finally, users will be provided with clear and accessible information about their data privacy rights and how they can exercise those rights.

Conclusion

Aviz Network Copilot prioritizes responsible AI practices through its commitment to the AI TRiSM framework, emphasizing Trust, Risk, and Security Management (TRiSM) throughout its lifecycle. This ensures transparency by providing clear explanations for the AI model’s decisions, fostering user trust. The potential for bias is mitigated through regular system checks and a dedicated bias mitigation strategy. Additionally, robust security measures safeguard the model and user data, further demonstrating Aviz Network Copilot’s commitment to responsible AI development and user confidence.

Start your Network Copilot journey: Contact us

Categories
All

My Unique Learnings with Aviz Networks: Developing ONES Stack to Empower SONiC Adaptation & Supportability

Today, the open source and network communities recognize SONiC as the next ‘big thing’ to accelerate innovation and growth. And that’s undoubtedly true. SONiC is fundamental in building next-generation networks. However, deploying and monitoring a SONiC network is not a cakewalk that simply requires a “download, install and complete” approach.

Through this article, I, Krupakar Annam, would like to share my journey with SONiC, and how it can empower enterprises across the globe.

With a burning passion for innovation and a drive to make a real impact, I eagerly took on the challenge of leading the development team. And let me tell you, it has been an exhilarating journey. What sets our product ideas apart is that we’re not building yet another SONiC Distro or a yet another NetOps solution. In fact, making a Distro has never been a part of our plan. Our main focus is to enable customers to migrate and manage SONiC at a reasonable cost along with a lightning-fast speed. It’s a win-win situation for them, isn’t it?

Pioneering the Future of Networking with ONES

As I delved deeper into the world of SONiC, I became more confident about its untapped opportunities to transform the networking landscape. Most importantly, the power of open-source, the flexibility of disaggregated networks, and the promise of cost-effective scalability—all aligned perfectly with Aviz Networks’ vision.

And as my journey continued with this company, we went the extra mile together to understand the challenges and came up with an industry-leading solution. Here are the details:

- Pain Points of SONiC Adaptation and Management

Though SONiC is open-source, there is no single NetOps-like tool that can support multi-vendor environments. On the other hand, the available solutions are tied to specific vendors.

The pain points do not end here. There is no unified solution to handle the pre-deployment process for a multi-vendor DC fabric, whether it involves re-validating use case scenarios or creating a unified solution to bring vendors together for support.

Furthermore, there is also a lack of an all-in-one solution for multi-vendor visibility, orchestration, and supportability that makes it easier to manage DC and make more accurate decisions quickly.

We also realized many customers who are using SONiC or willing to adopt it, ultimately end up with ad hoc solutions by putting together in-house or open-source tools. These solutions are bound by specific use cases and may have limitations in pulling in-depth metrics offered by SONiC—leading to a painful process while transforming the DC fabrics.

- The Game Changer Solution

They say it right, understanding the challenges is the key to better innovations. And that’s what drove us to create ONES (Open Networking Enterprise Suite).

It’s a comprehensive, flexible, and unified stack solution. ONES can support multi-vendor SONiC platforms while adapting to or managing SONiC-based networks’ pre-deployment, orchestration, visibility, and supportability aspects of their DC network.

Our approach is centered on streamlining Day 1, and Day 2 operations of the DC network with the belief that our stack solution can run on any SONiC platform (regardless of the underlying hardware) and cater to diverse customer use cases. Whether it’s through a user-friendly GUI or robust APIs, it should be a rock-solid supportability tool for SONiC-based DC fabrics.

Challenges and Achievements in Implementing ONES Stack for SONiC Platforms and Beyond

- Unifying Network Configuration for Multi-Vendor Environment

The challenge here was to accommodate all vendor-specific configuration methods in a single go.

To address this, our solution has a common intent-based template that takes the fabric-level configurations, and the ONES orchestration layer with the intelligence to split that into vendor-specific configurations. The ONES orchestration agent running on the specific device will take care of pushing the right config to the device using CLIs and ConfigDB.

The SONiC CLI is incomplete or not a unified way of configuring and managing all available features on a device. So we have come up with FMCLI (Fabric Manager Command Line Interface), which is far more flexible and easier to adapt than SONiC CLI.

It wasn’t an easy task as we needed to decode each unique use case of many customers and include all of them without disrupting the intent of the solution we were building. What started with one or two community SONiC support has kept expanding orchestration via intent-based configuration for large networks (IPCLOS, L2 VXLAN MCLAG, L3 VXLAN MCLAG, FRR, etc.).

Furthermore, the network configuration APIs of ONES are exposed with an easily usable Python SDK to help the current infrastructure of DC adapt to ONES easily.

- Normalizing Multi-Vendor Deep Metrics for Visibility

The challenge was to pull in deep metrics at regular intervals and normalize them for unified visibility. We developed a telemetry layer that pulls 200+ metrics using gNMI and normalizes them. For deep metrics data, we have gone beyond RedisDB. Our goal is to provide maximum metrics in a presentable format to help network operators correlate and diagnose issues to make quicker decisions.

We have open sourced ONES Valdiated Designs (https://ovd.ai/), they can help to integrate ONES seemlessly into your existing infrastructure.

- Accommodating Multi-NOS Environment

We cannot expect DC fabrics to run on SONiC alone. For customers looking for migration to SONiC, they might choose to go in a phased manner. As a result, we may end up in a situation where SONiC and non-SONiC devices coexist in the same fabric. This presents a unique challenge since non-SONiC devices are proprietary, and well-established vendor-specific NetOps tools are available to manage them.

So with ONES, customers can visualize non-SONIC devices in the same fabric and limited metrics along with SONiC devices. This is achieved by using eAPIs, NVAPIs and of course, normalized metrics for visualization.

Furthermore, we have devised a distinct method to display the entire fabric in its topology while also enhancing it with alerts, rules, and other capabilities.

Transforming ONES into a Complete Deployment Solution

Our goal of supporting the Day 1/Day 2 (pre-deployment/deployment/post-deployment) operation of DC fabric was complete when we integrated ONES with FTAS (Fabric Test Automation Suite). It is a continuous automation test suite designed for multi-vendor SONiC validation. FTAS can help with a quicker turnaround time for the pre-deployment phase. It is also integrated with ONES which gives complete visibility during the pre-deployment. You can find more information about FTAS here.

Orchestration functionality of ONES takes care of the deployment phase. Intent-based configuration YAML templates are tested and can be used for reference.

All these cutting-edge innovations only mark the initial stride towards Aviz Networks’ vision, and more is yet to come. With our strong team of support engineers, we are well-equipped to empower customers with a seamless SONiC journey using the ONES stack.

For further insights into ONES, please visit our website.

If you wish to get in touch with me, feel free to connect on LinkedIn here

Categories
All

ONES Rule Engine: Enhanced Monitoring and Alerting for AI-Fabric

The ONES Rule Engine is a sophisticated feature that enhances your network management capabilities by incorporating an integrated alert and notification system. It delivers detailed monitoring metrics and facilitates easy creation of rules at both device and interface levels. The latest update to the ONES Rule Engine has broadened its capabilities to monitor AI-Fabric metrics such as queue counters, PFC, traffic rates, and link and node failures. This enhancement allows administrators to achieve better visibility into network performance, pinpoint potential issues, and proactively maintain optimal conditions for RoCE-based applications and workloads.

Anomaly Detection and Alerting on AI-Fabric

The following AI fabric counters help DCOs identify and prevent network congestion and data loss.

Queue Counters

  • Packet Transmit Rate: This counter tracks the rate at which packets are transmitted from the RoCE queue. A high transmit rate could indicate potential congestion or oversubscription.
  • Packet Receive Rate: This counter measures the rate at which packets are received on the RoCE queue. Monitoring this rate can help identify potential bottlenecks or overloaded receivers.
  • Dropped Packets: This counter tracks the number of packets dropped due to queue overflows or other reasons. Excessive packet drops can severely impact RoCE performance and should be investigated.
  • ECN Marked Packets: Explicit Congestion Notification (ECN) is a mechanism used by RoCE to signal congestion. Monitoring ECN marked packets can help identify and mitigate congestion before it becomes severe.

Performance Counters

  • PFC (Priority Flow Control): PFC is a mechanism used by RoCE to pause traffic temporarily to prevent packet loss. Monitoring PFC events can help identify potential congestion hotspots in the network.

ONES 2.1 Rule Engine for Anomalies & Alerting

PFC Receive and Transmit Counters

Priority Flow Control (PFC) is a mechanism that prevents frame loss due to congestion. It operates by sending priority pause frames (per traffic class) to the sender when buffer thresholds are exceeded due to congestion. The count of priority pause frames sent/received by the device is available in the PFC counters.With the active monitoring of PFC counters, the ONES rule engine’s can create alerts Data center operators and administrators on potential congestion and hotspots. Customers have the flexibility to set their desired congestion threshold for alerting using the various attribute available:
  • Time Interval: 5 min, 10 min, 15 min , 30 min, 1 hr
  • Conditions: Threshold breach (Greater/Lesser/Equal)
  • Count Occurrences: 1 to as high as millions

Figure 1: Rule Configuration -Interface PFC receive counters

When conditions are met, the ONES rule engine dispatches alerts through configured channels such as Slack and Zendesk, as well as on the Watcher – Alerts page. These alerts provide essential information about the generated alert, including details on the device, interface, and queue.

Queue Drop Counters:

When setting up a network for lossless applications such as RoCE, it’s crucial to also monitor flows that may become lossy. Egress queue drop counters are vital for identifying congestion and traffic drops on outbound ports. Analyzing these egress queue drops helps customers troubleshoot network congestion and resolve performance issues. Furthermore, queue drop counters can be activated at the device level, allowing for an overall assessment of queue drops across all queues on every interface of a device.

  Figure 2: Rule for Queue drops
Figure 3: Filter options for interface Queue Drop counters rule

Failure Detection: Link Flap

“Link Failure” is another critical metric which needs to be monitored in AI-Fabric. Bad links due to improper cabling and transceivers can significantly affect the lossless requirement for RoCE traffic. It is critical to alert and take corrective action to avoid traffic loss and performance degradation. Corrective actions could include replacing bad optics or adjust the control plane policies to re-route the traffic towards a better path. ONES rule engine performs the continuous monitoring of links over a specific interval and automatically creates alerts with necessary payload including the device, Optics information, details, device location and layer etc. This can help the DCOs have all the necessary data to take the corrective action.
Figure 4: Alert payload – link down
Categories
All

ONES 2.1: Advancements in Network Visibility with Multi-NOS Telemetry, AI-Fabric Anomaly Detection, and Data Lake Integration

We’re thrilled to unveil ONES 2.1, a revolutionary network management and operations solution that redefines the benchmarks for Visibility, Orchestration, and Support. This release marks a monumental stride in our unwavering dedication to pushing the boundaries of network management capabilities and orchestration. Packed with cutting-edge features, ONES 2.1 introduces a groundbreaking ONE Data Lake which integrates with AWS S3 and Splunk, addition of multi-vendor NOS (NXOS, EOS, Cumulus) visibility, extended platform metrics (SSD Health, Device Failure detection, etc and enhanced anomaly and alerting mechanism for AI-Fabric.
Prepare to embark on a journey where innovation intersects with excellence, as ONES 2.1 empowers your network endeavors with unparalleled sophistication and efficiency. It’s more than just a tool; it’s a paradigm-shifting innovation meticulously designed to enhance your network experience to levels never seen before.

ONE-DL with AWS S3 and Splunk:

In the 2.1 release of ONES, a cloud data lake has been introduced, featuring integration with AWS S3 and Splunk. This integration enables seamless migration of ONES telemetry data to the customer defined storage nodes hosted either in Cloud or On-Prem, paving the way for custom data analytics use cases. By leveraging cloud infrastructure and analytics tools, ONES users can unlock deeper insights from their network data, enhancing decision-making and operational efficiency.

Multi-NOS Telemetry

ONES now supports Multi-NOS network telemetry including Cisco NX-OS, Arista EOS and Cumulus NOS. This addition expands ONES capabilities to manage networks with diverse non-SONiC Network Operating Systems (NOS), establishing ONES as a versatile multi-vendor platform tool. Users can now benefit from centralized network management across various vendor environments, enhancing efficiency and flexibility in network operations.

Advanced Telemetry for SONiC Support

SSD Health: SSDs are considered reliable, with a mean time to failure of one to 1.5 million hours indicating a low annual failure rate. Despite this, they are often the most frequently replaced component in large-scale IT infrastructures and data centers, where many failures are attributed to SSD malfunctions. It is crucial to use comprehensive monitoring to detect failing SSDs, ensuring data availability and preventing data loss.
AI-Fabric Anomaly Detection & Alerting: RoCE-related metrics have been incorporated into our rule engine service, enhancing the ability of our support team to automatically troubleshoot and alert for anomalies in the network fabric used by GPUs. This integration includes interface, queue, and PFC counters, in addition to existing metrics for detecting failures such as link and device failures. These enhancements make ONES an all-encompassing tool for our support team to diagnose and optimize AI-Fabric deployments.

Enhanced Orchestration Capabilities

Network Config Illustrator: The Network Config Illustrator is a specialized tool crafted to generate visual representations of network topologies using input configuration files. Its core objective is to offer users a tangible depiction of their network structure, offering a glimpse into how the real network diagram might appear. This aids users in comprehending and analyzing their network setups more effectively.

Over 70+ Pre-Validated Templates: Pre-validated templates, meticulously crafted to simplify network management across various use cases. These templates are designed to empower network professionals with ready-to-use configurations, reducing deployment time, minimizing errors, and enhancing overall efficiency. Access the templates here: Aviz Networks GitHub – YAML Templates 2.1

Improvised Fabric Manager CLI: FMCLI now offers extended support for multi-vendor environments, accommodating both x86 and ARM devices. Multi-session Support, ensuring that each session maintains its integrity avoiding accidental overrides and empowers users to work confidently, knowing that their configurations are protected and their workflow remains uninterrupted.
Discover the unparalleled capabilities of ONES 2.1 tailored for SONiC, featuring a suite of innovative functionalities and enhanced user interface. Revolutionize your network orchestration and management with these cutting-edge advancements!
Embark on your path to seamless network monitoring and orchestration today.
Categories
All

FTAS 2.3 and SONiC: Elevating Data Center Interconnect Quality with EVPN and VXLAN

Fabric Test Automation Suite (FTAS) – a solid set of test cases designed with precision to assess SONiC’s readiness for deployment is ever evolving. Our ongoing dedication to getting better has shaped FTAS, growing with valuable customer input and incorporating new features in sync with the latest SONiC releases.

Exciting news on our journey – FTAS 2.3 is now live! This version comes with a bunch of improvements, all geared towards making SONiC assessment even better and smoothing out pre-deployment testing. Let’s dive into what’s new and how it can elevate your testing experience!

Let’s delve into the key enhancements introduced in FTAS 2.3

Data Center Interconnect

Data Center Interconnect (DCI) harmonizes a sophisticated integration of advanced technologies. EVPN (Ethernet VPN), VXLAN (Virtual Extensible LAN), and MCLAG (Multi-Chassis Link Aggregation Group) collectively contribute to the intricate network orchestration. EVPN dynamically manages control plane operations, VXLAN extends virtual networks seamlessly, and MCLAG ensures redundancy and load balancing. This technical synergy within DCI forms a robust infrastructure, addressing the challenges of interconnected data centers. Each technology plays a pivotal role in achieving fluidity and resilience in the overall network composition.

Based upon the customer deployments, the FTAS latest release is packed with new test cases to enhance the existing coverage.

BGP-EVPN with VXLAN

VXLAN EVPN facilitates seamless communication in data centers by extending Layer 2 connectivity over a Layer 3 network. This technology ensures efficient management of virtualized workloads, enabling dynamic learning and distribution of MAC and IP addresses. With its scalable and flexible approach, VXLAN EVPN is instrumental in modern data center deployments, providing a reliable solution for network virtualization and resource optimization.

EVPN/VXLAN Topology

Here are the VXLAN EVPN scenarios covered in FTAS 2.3

Feature Test Scenario
BGP-EVPN-VXLAN EVPN VXLAN Configuration and verification
EVPN VXLAN for known unicast, BUM traffic (eBGP) with RIF
EVPN VXLAN for known unicast, BUM traffic (eBGP) with SVI
EVPN VXLAN for known unicast traffic (eBGP) with link events and router failure - RIF
EVPN VXLAN for known unicast traffic (eBGP) with link events and router failure - SVI
EVPN VXLAN for known unicast traffic (eBGP) with link events and router failure - RPCH
Symmetric IRB with EVPN eBGP-RIF (eBGP)
Symmetric IRB with EVPN iBGP-RIF (iBGP)
Symmetric IRB with EVPN iBGP-SVI
Symmetric IRB with EVPN eBGP-RPCH
Symmetric IRB with EVPN iBGP-RPCH
Asymmetric IRB with EVPN eBGP
Asymmetric IRB with EVPN iBGP

MCLAG

MCLAG (Multi-Chassis Link Aggregation) enhances data center reliability by creating a resilient, redundant network. In the event of a switch failure, MCLAG seamlessly transfers traffic to a backup switch, preventing downtime. This technology ensures high availability, load balancing, and simplified network design, making it indispensable for critical applications where continuous connectivity is paramount.

L2 MCLAG
L3 MCLAG

FTAS 2.3 covers following MCLAG use cases based upon the customer deployments.

Deployment Test Scenario
L2 MCLAG MCLAG-L2 Steadystate with portchannel and vlan on peer link
MCLAG-L2 Member Link Down
MCLAG-L2 Peer Link Down
MCLAG-L2 Active Reboot
MCLAG-L2 Standby Reboot
L3 MCLAG MC-LAG L3 validation using portchannel configuration
MC-LAG L3 validation, Bring down the member link of Spine1
MC-LAG L3 keepalive link down
MCLAG-L3 Active Reboot
MCLAG-L3 Standby Reboot

ECMP Scaling & Resilience

ECMP (Equal-Cost Multipath) optimizes network performance by distributing traffic across multiple paths of equal cost. In data center scenarios, ECMP enhances load balancing, increases bandwidth utilization, and ensures fault tolerance. This technology is particularly valuable in modern, dynamic environments where efficient resource utilization and high availability are crucial for delivering reliable and responsive services.

The support for ECMP scalability was added in FTAS 2.2. Based upon further customer use cases, FTAS 2.3 adds the support for eBGP to ECMP scalability. 

Here is the list of ECMP eBGP scalability scenarios added in FTAS 2.3

Test Scenario Description
ECMP Scalability - eBGP support Scalability to 16 ECMP paths and 32K eBGP routes
Scalability to 32 ECMP paths and 64K eBGP routes
Scalability to 64 ECMP paths and 128K eBGP routes
Scalability to &lt number of leaf1 ports > ECMP paths and 1K eBGP routes per path

Summary

FTAS 2.3 is here, packed with enhancements for seamless SONiC assessment. The latest release introduces new VXLAN EVPN scenarios, covering various test cases for efficient data center communication. Additionally, MCLAG use cases ensure resilient, redundant networks for critical applications, preventing downtime during switch failures. 

FTAS 2.3 also extends support for ECMP scalability with eBGP, enhancing network performance and fault tolerance. Explore the specifics of these upgrades, from VXLAN EVPN configurations to MCLAG and ECMP eBGP scalability scenarios. Elevate your testing experience with FTAS 2.3’s comprehensive coverage and improved capabilities.

Schedule a Call with Our Team to Delve into FTAS. For comprehensive information before the scheduled call, visit our FTAS product page.

Categories
All

Deep packet inspection through User Defined Filtering (UDF) with Open Packet Broker

Indeed, in enterprise environments where traditional network monitoring and filtering methods may not provide the desired level of accuracy or granularity, Deep Packet Inspection (DPI) can be a valuable solution. DPI goes a step further by analyzing the entire content of data packets. This allows for a more comprehensive understanding of the data being transmitted.

Why do we need Deep Packet Inspection?

Customization and Specific Offset Inspection: DPI can be tailored to meet the specific needs of the enterprise. Network administrators can define the offsets within data packets that they want to inspect. This level of customization enables precise filtering and monitoring based on the exact location and values within the packet.

Enhanced Accuracy: By focusing on specific offsets and values within data packets, DPI can provide enhanced accuracy in identifying and classifying traffic. This is particularly valuable when dealing with complex or non-standard protocols and applications.

Security and Threat Detection: DPI’s ability to inspect specific offsets allows for the detection of specific patterns, signatures, or anomalies within data packets. This is instrumental in identifying and mitigating security threats, including advanced and zero-day attacks.

Custom Policy Enforcement: Enterprises can enforce custom policies based on the content found at specific offsets. For example, they can filter out sensitive data, block certain types of content, or prioritize specific applications or services.

Data Loss Prevention (DLP): DPI can be used for data loss prevention by monitoring data packets for sensitive information, such as proprietary company data, and preventing their unauthorized transmission.

How does User Defined Filtering work in Aviz OPB?

User Defined Filtering (UDF) as implemented in the Aviz Open Packet Broker (OPB) built over the open-source Software for Open Networking in the Cloud (SoNiC) is a powerful and customizable network packet processing solution. This combination allows network administrators to perform deep packet inspection and filtering based on specific offsets within data packets, offering fine-grained control and flexibility.

Key aspect of User Defined filter:

  • High level of granularity: Users can specify precisely what they want to filter or monitor, whether it's blocking access to certain websites, prioritizing specific applications or services, or monitoring traffic for specific keywords or patterns.
  • Use cases: UDF with deep packet inspection is valuable for various use cases, including security threat detection, application recognition, content filtering, and compliance enforcement. For example, administrators can use it to block malicious payloads, prioritize or de-prioritize specific application traffic, or enforce content policies.
  • Flexibility and Adaptability: UDF in Aviz OPB provides flexibility and adaptability, allowing organizations to respond to evolving network conditions and security threats. Administrators can modify filtering rules as needed to address changing requirements.
  • Monitoring and Reporting: Aviz OPB often includes monitoring and reporting capabilities. Administrators can monitor network activity, generate reports on traffic patterns, and gain insights into network behavior.

Figure 1: UDF – flow diagram via OPBNOS

Using UDF, users can configure a rule to match specific bytes in the ingress packet based on a given offset to permit or deny matched packets

  • Offset for the L3 packet starts from the IP header in the packet
  • Offset for the L2 packet starts from EtherType in the packet 
				
					flow flow1
network-ports Ethernet12/1
tool-ports Ethernet14/1
rule 1 permit description "UDF" udf-data 0xb166 udf-extraction-group l2 udf-offset 2 counters enable
rule 2 permit description "UDF" udf-data 0x4500 udf-extraction-group l3 udf-extraction-point ipv4 udf-offset 0 counters enable

Figure 2: UDF based rule configuration

Figure 3: Flow configure through API’s

Aviz OPB and UDF: The Ultimate Solution for Precise Network Traffic Control

Overall, the combination of Aviz OPB and UDF offers advanced network packet processing capabilities with deep packet inspection and filtering based on specific offsets defined by network administrators. This level of customization is valuable for organizations that require precise control over their network traffic to meet security, compliance, and performance objectives with minimal cost using SONiC.

Ready to Experience the Power of Aviz OPB? Contact Us Today!

Categories
All

Visibility for SONiC Fabrics: The Evolutionary Advancement of Network Monitoring

The field of network monitoring and visibility has experienced a remarkable evolution, driven by the increasing complexity of computer networks and advancements in data handling and processing. This article explores the journey of network monitoring and visibility, from its early days of collecting basic metrics to its current state of providing intelligent insights and proactive network management for the SONiC fabric. Let’s first delve into how network monitoring and visibility have become indispensable aspects of modern-day networking, enabling organizations to gain valuable insights and make informed decisions.

Traditional Network Monitoring:  Early network monitoring used Simple Network Management Protocol (SNMP) to gather basic metrics like bandwidth, packet loss, and latency. It aids in fault detection, performance tracking, proactive issue identification, troubleshooting, and compliance assurance. Despite scalability limitations, it’s still popular in large on-prem legacy networks.

Flow-based Monitoring: NetFlow and sFlow introduced flow-based monitoring, analyzing network traffic patterns by collecting comprehensive communication session data. It provides comprehensive network traffic insights, identifying usage patterns, bottlenecks, and anomalies for efficient network management.

Performance Monitoring and Analysis: Advanced performance monitoring tools evolved to provide real-time analysis, historical data, customizable dashboards, and insights into network traffic, application performance, and user behavior. They were designed to optimize network efficiency, identify potential issues, improve troubleshooting, and enhance user experience.

Alerting and Event Correlation: Alerting and event correlation mechanisms were then created by grouping related events with the intent to streamline network management, reduce response times, prevent system overloads, and enhance security by detecting anomalies quickly.

Network Visualization and Topology Mapping: Network visualization tools started providing graphical representations of network components, connections, and traffic flows. These tools helped enhance network understanding, simplify troubleshooting, improve planning, and boost operational efficiency through clear infrastructure representation.

Application-Aware Monitoring: Monitoring tool eventually started to include application-specific metrics and insights such as deep packet inspection and performance tracking, enhancing user experience, and aligning network monitoring with business goals for optimal application performance.

Security and Threat Monitoring: Network monitoring soon started to include security measures like intrusion detection, and threat detection tools, facilitating early detection of breaches through real-time surveillance and anomaly detection to ensure regulatory compliance.

Unified Network Monitoring: With the rise of cloud computing and mobile devices, unified network monitoring emerged, providing comprehensive visibility via a single dashboard for monitoring network performance and security across different environments.

Packet-based Monitoring: Packet-based monitoring became prevalent, capturing and analyzing data packets to gain detailed insights into network traffic, especially from security and application performance perspectives.

Intelligent Insights and Predictive Analytics: Finally, artificial intelligence and machine learning are now enabling real-time network data analysis enabling proactive troubleshooting, optimizing network performance, predicting potential issues, and aid in strategic decision-making.

At Aviz, we are at the forefront of the Open Networking revolution, enabling SONiC (Software for Open Networking in the Cloud), the open-source network operating system for enterprises, so you can not only leverage the flexibility of open-source to innovate but also optimize on the cost of their network infrastructure investments. We realize that network visibility is critical for the enterprise to effectively manage and secure its network infrastructure. Hence, we have taken a comprehensive and inclusive approach to delivering the ultimate network monitoring and visibility solution; one that not only covers all the traditional aspects of network visibility but is also future looking to address the needs of modern network infrastructures. 

Our SONiC fabric visibility solution, Open Networking Enterprise Suite (ONES) offers a multi-vendor, multi-NOS (Network OS) platform that enables efficient management and security of the modern-day network infrastructure. By using ONES, enterprises of all sizes can benefit from the deep visibility it delivers, in particular for deployments involving SONiC on any hardware with any underlying ASIC.

ONES brings a range of essential features and capabilities that support extensive and effective visibility (figure 1). ONES telemetry agents collect and stream network telemetry data in near real-time to ensure administrators have the latest information for proactive monitoring and troubleshooting. User-friendly network topology visualization provides actionable insights for the entire network in a single unified view.

Aviz ONES Network Topology Visualization
Figure 1: Aviz ONES Network Topology Visualization

ONES dashboards are designed to provide deep insights into devices, software running on those devices, including peripherals such as transceivers connecting those devices. Version tracking for software, firmware, patches, and updates help stay compliant with security requirements and licensing policies (figure 2).

Aviz ONES Compliance Analytics
Figure 2: Aviz ONES Compliance Analytics

Continuous tracking of metrics for system health with customizable thresholds for alerting ensure smooth operations and proactive management of possible hardware failures (figure 3).

Aviz ONES System Health Tracking
Figure 3: Aviz ONES System Health Tracking

Real-time data analysis for bandwidth utilization and traffic errors provide meaningful insights for performance optimization and capacity planning (figure 4).

Aviz ONES Traffic Monitoring

Figure 4: Aviz ONES Traffic Monitoring

Above are just a few examples of the comprehensive visibility ONES brings for SONiC fabric monitoring. More information on Aviz ONES can be found on our website and we are always happy to schedule a demo for any one interested in learning about ONES.

Conclusion

As SONiC deployments continue to gain momentum, the need for extensive monitoring and visibility along with proactive network management is getting more and more crucial for network operators. At Aviz, we strive to set the standards for SONiC fabric visibility, and provide the most comprehensive solution with deep insights regardless of the underlying hardware SONiC is running on. Our goal is to deliver a seamless experience for enterprises that are transitioning to the open-source NOS that not only lowers their network infrastructure TCO, but also delivers the flexibility to collaborate and innovate for the next-generation networks.

Categories
All

Aviz Welcomes Justin Dustzadeh to Its Technical Advisory Board

Welcome To The Team Justin

Aviz Networks is excited to announce that Justin Dustzadeh, Chief Technology Officer at Equinix, has joined our Technical Advisory Board. Dustzadeh is an industry-recognized thought leader in software-defined, cloud-native infrastructure with a strong track record in driving innovations and leveraging disruptive technologies to deliver sustained business impact. His hands-on expertise in building, managing, and scaling modern software platforms and global networks, and continuously trailblazing new technologies, makes him one of the top voices in the industry. Dustzadeh’s position on the Aviz Technical Advisory Board will help shape a new innovation-focused technology roadmap for Aviz Networks’ existing and future offerings. Dustzadeh’s technical depth and vision make him a great addition to the team and will act as a catalyst to drive the scale, performance and reliability of Aviz’s products to new heights.

“It is exciting to join the Aviz Technical Advisory Board to help accelerate the industry adoption of open networking, and in particular, SONiC-based solutions that will push the boundaries of open-source networking capabilities. Aviz is well positioned to advance the vision of a new era of networking, based on open-source, cloud-native and AI technologies, and driven by developer communities. I look forward to advising  Aviz on delivering innovative capabilities that will  best serve both the builders and users of the network as well as the broader ecosystems.”

Justin Dustzadeh, CTO, Equinix

Aviz is the partner of choice for SONiC enablement for the enterprise, who is looking to replicate what hyper-scalers have done, and benefit from the open-source NOS in terms of hardware choices, cost savings, and control they can exert on their network when compared to proprietary stacks. Aviz ONES, a key pillar of our multi-vendor SONiC stack, brings new capabilities for enterprises on top of the NOS for orchestration and visibility to utilize information and automation across their entire fabric.

“Justin’s expertise in large scale networks and technological transformation will multiply our team’s ever growing expertise in open source networking and increase our focus on delivering excellent solutions and support to our customers. We’re thrilled to have him on the team and to gain his vision and insights to better our performance and fulfillment of our mission. Welcome, Justin!”

Vishal Shukla, CEO, Aviz Networks
Categories
All

Aviz Welcomes Parantap Lahiri to Its Technical Advisory Board

Aviz Welcomes Parantap Lahiri to Its Technical Advisory Board (1)

Aviz unlocks the power and potential of multi-vendor networks with ONES, the stack for SONiC (Software for Open Networking in the Cloud) helping enterprises globally to transition to the open-source NOS. Aviz Networks is proud to announce the appointment of Parantap Lahiri, VP, Network and Datacenter Engineering at eBay to its Technical Advisory Board. Lahiri is a renowned expert in networking and network technologies and has emerged as a thought leader in the future of cloud networks. With his extensive experience and knowledge in deploying SONiC at scale in a large enterprise environment, Lahiri’s appointment is a significant step forward in Aviz Networks’ commitment to innovation in the industry and excellence in customer success. Lahiri’s rare blend of technical expertise, strategic leadership, and people skills make him a valuable addition to the team, and his involvement will undoubtedly help Aviz Networks to continue providing cutting-edge solutions to its customers.

“It’s a pleasure to join the Aviz Technical Advisory Board to help steer development of solutions that immediately suit the needs of customers and ensure their success with SONiC and advancement in open source networking. Putting the needs and wants of the customer first is paramount – in innovation – but also in business models for procurement, pricing, and support. In advising Aviz, I will focus them on putting their customers first and guaranteeing the greatest results for their customer’s SONiC journeys.”

Parantap Lahiri, VP, Network and Datacenter Engineering at eBay

Aviz is the partner of choice for SONiC enablement for the enterprise, who is looking to replicate what hyper-scalers have done, and benefit from the open-source NOS in terms of hardware choices, cost savings, and control they can exert on their network when compared to proprietary stacks. Aviz ONES, a key pillar of our multi-vendor SONiC stack, brings new capabilities for enterprises on top of the NOS for orchestration and visibility to utilize information and automation across their entire fabric.

“Parantap’s experience with SONiC in the large scale enterprise environment will add to our team’s ever growing expertise in open source networking and focus our efforts on delivering high value solutions and support to our customers. We’re excited to have him on board and to have his guidance to better create enormous value and excellent experiences for our customers. Welcome, Parantap!”

Vishal Shukla, CEO, Aviz Networks
Aviz Welcomes Parantap Lahiri to Its Technical Advisory Board (1)

Aviz Welcomes Parantap Lahiri to Its Technical Advisory Board

Aviz unlocks the power and potential of multi-vendor networks with ONES, the stack for SONiC (Software for Open Networking in the Cloud) helping enterprises globally to transition to the open-source NOS. Aviz Networks is proud to announce the appointment of Parantap Lahiri, VP, Network and Datacenter Engineering at eBay to its Technical Advisory Board. Lahiri is a renowned […]