IPB199: Developing IPv6-Friendly Code

Tom Coffeen and Nick Buraglio welcome Chris Cummings to talk about developing code for IPv6. Chris argues that moving to IPv6 restores end-to-end connectivity, which reduces complexity for developers without the need for “ridiculous hacks” caused by IPv4 NAT. The discussion offers practical advice on avoiding common developer traps, and covers financial benefits such as... Read more »

Agents can now create Cloudflare accounts, buy domains, and deploy

Coding agents are great at building software. But to deploy to production they need three things from the cloud they want to host their app — an account, a way to pay, and an API token. Until now these have been tasks that humans handle directly. Increasingly, agents handle them on the user’s behalf. The agent needs to perform all the tasks a human customer can. They’re given higher-order problems to solve and choose to use Cloudflare and call Cloudflare APIs.

Starting today, agents can provision Cloudflare on behalf of their users. They can create a Cloudflare account, start a paid subscription, register a domain, and get back an API token to deploy code right away. Humans can be in the loop to grant permission, but no human steps are required from start to finish. There’s no need to go to the dashboard, copy and paste API tokens, or enter credit card details. Without any extra setup, agents have everything they need to deploy a new production application in one shot. And with Cloudflare’s Code Mode MCP server and Agent Skills, they’re even better at it.

This all works via a new protocol that we’ve co-designed with Stripe as part Continue reading

Pytest for Automated Network Testing (I)

Pytest for Automated Network Testing (I)

Pytest is a Python testing framework. It is primarily used by developers to test their code and make sure it behaves as expected. For example, if you write a function that adds two numbers, you can write a test to verify that the function returns the correct result. If it does, the test passes. If not, the test fails, and pytest tells you exactly where things went wrong.

That is the traditional use case, but pytest is not limited to testing code. You can use it to test anything that can be scripted in Python, and that includes testing your network.

In this series, we will use pytest to write tests that connect to network devices and verify their state. For example, we can write a test that connects to a router and checks whether BGP is up. If BGP is up, the test passes. If not, the test fails. We can also check things like interface states, routing table entries, OSPF neighbours, or really anything else you can pull from a device.

💡
Pytest is not the only testing framework available in Python. unittest is another popular option and is actually built into the Python standard library, so you Continue reading

D2DO301: Actually Implementing AI

Kyler and Ned are joined by Enrico Teotti, an independent consultant with over 25 years of experience. Enrico has worked with clients on real-world AI implementations, and he’s here talk about what he’s learned, including using AI to query databases, and for debugging and performance analysis. They also touch on the importance of using AI... Read more »

VM Migration to Kubernetes: What Breaks and How to Prevent It

Here is what nobody putting together the business case for a VM migration to Kubernetes will tell you upfront: the compute is the easy part.

Moving workloads off vSphere and onto Kubernetes is conceptually straightforward. The tooling has matured. The architecture is proven. Compute moves, storage remaps, and the platform team has a plan.

The network is where projects quietly stall.

Not because the technology does not work. Because nobody scoped the network properly before the project started. A platform migration turned into a multi-team coordination exercise. The firewall team needed a change window. The security team needed to review a network placement that changed when it should not have needed to. The application team discovered hardcoded IPs that nobody documented.

Six months later, half the VMs are still on vSphere and the project is technically “in progress.”

This is not a skills gap. It happens at the most mature organisations with capable teams. It is a scoping problem, and it has a specific cause: the gap between how VM networking works and how Kubernetes networking works is wider than it looks on a migration plan.

This post is for the people who approve these projects. Here is what Continue reading

SONiC Part 1: SONiC Lab Setup on Windows (Step-by-Step)

 

Introduction

 

This chapter explains how to build a SONiC virtual test environment on a Windows computer. First, we enable the required Windows features for WSL 2 and update and verify the WSL installation. Next, we install an Ubuntu distribution and validate that the Linux environment is working correctly, including basic resource checks (CPU, memory, and disk). After the Linux environment is ready, we install Docker Engine from Docker’s official repository and complete the required post-installation steps to run containers. We then install Containerlab, download the SONiC virtual switch image (docker-sonic-vs.gz), copy it into WSL, and load it into Docker. Finally, we install Visual Studio Code on Windows and connect it to WSL to make creating and editing the YAML topology files easier. The next chapter uses this environment to define and deploy a simple SONiC-based topology.



Phase 1: Enable Features for WSL



WSL 2 requires two Windows features to be enabled. The first feature, Microsoft-Windows-Subsystem-Linux (Example 1-1), enables WSL. The second feature, VirtualMachinePlatform (Example 1-2), is required to run WSL 2.

In this example, both features are enabled using Microsoft PowerShell (Run as Administrator) with the dism.exe command. The options used are:

·         Continue reading

From system of record to system of control: How NetBox Labs is making network engineers “masters of intent.”

Early internet networks were small enough that a single engineer could hold the entire system in their head. You didn’t need a system of record — you were the system of record. As networks expanded into the cloud, that model broke down. Infrastructure now sprawls across regions, providers, and services. The live state of the network became both impossible to understand and critical to get right fully. Network infrastructure is now the backbone of the business, and configuration errors are no longer nuisances; they are business-critical events. AI agents are further pressuring network infrastructure to the extreme — so how are network engineers to keep it all running flawlessly? Bespoke tracking doesn’t scale Excel spreadsheets and cloud dashboards are no longer going to cut it. Running modern infrastructure requires a reliable representation of what the network should be — what systems and services exist, where they live, and how they connect. Without that, managing the network becomes high-risk. In the past, your mapping might have fit into an Excel spreadsheet, and everything could be configured in the terminal. But today’s networks need more than a wizard at the terminal; they need architects who can look at the big picture and Continue reading

Shutdowns, power outages, and conflict: a review of Q1 2026 Internet disruptions

In the first quarter of 2026, government-directed shutdowns figured prominently, with prolonged Internet blackouts in both Uganda and Iran, a stark contrast to the lack of observed government-directed shutdowns in the same quarter a year prior. This quarter, we also observed a number of Internet disruptions caused by power outages, including three separate collapses of Cuba's national electrical grid. Military action continued to disrupt connectivity in Ukraine and also impacted hyperscaler cloud infrastructure in the Middle East. Severe weather knocked out Internet connectivity in Portugal, while cable damage disrupted connectivity in the Republic of Congo. A technical problem hit Verizon Wireless in the United States, and unknown issues briefly disrupted connectivity for customers of providers in Guinea and the United Kingdom.

This post is intended as a summary overview of observed and confirmed disruptions and is not an exhaustive or complete list of issues that have occurred during the quarter. A larger list of detected traffic anomalies is available in the Cloudflare Radar Outage Center. Note that both bytes-based and request-based traffic graphs are used within this post to illustrate the impact of the observed disruptions, with the choice of metric generally made based on which better illustrates the Continue reading

NB572: Quantum Switches and Flying Cars

Take a Network Break! We start with follow up on Anthropic’s Project Glasswing and Linux 7.0. On the news side, Cisco announces a prototype quantum switch that promises to support multiple quantum encoding modalities, Cato Networks adds an enterprise browser to its security offerings, and Mozilla validates the bug-finding powers of Anthropic’s Mythos model. Anthropic... Read more »
1 2 3 3,866