Anton Karneliuk

Author Archives: Anton Karneliuk

SEC 2. Data plane and control plane protection in the networking (Nokia, Cisco and Mellanox/Cumulus) for IPv6.

Hello my friend,

After the release of the previous article outlining the data and control plane security for IPv4 in Cisco, Nokia and Mellanox/Cumulus (link) I’ve got several requests about the security in IPv6. The requests were fair enough and with this article we close this gap.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Thanks

Special thanks for Avi Alkobi from Mellanox and Pete Crocker and Attilla de Groot from Cumulus for providing me the Mellanox switch and Cumulus license for the tests. 

Disclaimer

This is the fourth article in the series about the Mellanox/Cumulus switch. The three previous are:

Brief description

The importance of the security for the network in terms of the control and data plane protection was explained in the previous article Continue reading

SEC 1. Data plane and control plane protection in the networking (Nokia, Cisco and Mellanox/Cumulus) for IPv4.

Hello my friend,

This is the third article where we use the Mellanox SN 2010 running Cumulus Linux. And today we cover enormously important topic: network security. More precisely, we will speak about the data plane and the control plane protection. Cisco IOS XR and Nokia SR OS accompany us in this journey.

Thanks

Special thanks for Avi Alkobi from Mellanox and Pete Crocker and Attilla de Groot from Cumulus Networks for providing me the Mellanox switch and Cumulus license for the tests. 

Disclaimer

This blogpost is the continuation of the previous one, where we have brought the Mellanox SN 2010 to the operational with Cumulus Linux 3.7.9 on board. If you want to learn the details about this process, you are welcomed to read that article.

Brief description

Each week you can find the news describing the security breaches. In the modern economy, where the Internet plays already a key role, all the connected businesses (and almost all businesses are connected) are on the risk caused by casual network scanning and brood force attacks. In addition to that, big companies and governments are quite often the attack targets for other companies, governments and criminals. Therefore, Continue reading

DC 15. Segment-routing/MPLS on the data centre white box switch and VNF/PNF networking (Nokia, Cisco and Mellanox/Cumulus).

Hello my friend,

the article today would be very special because of three following points. First of all, we’ll talk about the segment routing, which is the leading technology today for building service providers and emerging for DC. Second, you will learn how to connect VNFs with the real network devices. Third, we will fork Cumulus Linux with modified FRR. Thrilled? Let’s go!

Join Network Automation Expert Course
Join Network Automation Expert Course
1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Thanks

Special thanks for Avi Alkobi from Mellanox and Pete Crocker and Attilla de Groot from Cumulus for providing me the Mellanox switch and Cumulus license for the tests. Additional thank to Anton Degtyarev from Cumulus for consulting me on FRR details.

Disclaimer

This blogpost is the continuation of the previous, where we have brought the Mellanox SN 2010 to the operational with Cumulus Linux 3.7.9 on board. If you want to learn the details about this process, you are welcomed to read that article.

Continue reading

vlog. Episode 6. Closed-loop automation [LIVE]

Hello my friend,

This vlog episode I’m alone. Eh… But I have an opportunity to share with you the talk I’ve delivered an the NetLdn #6 event two weeks ago. Now you have an opportunity to watch this talk as well!

In this episode you will see the high-level description of the Data Centre Fabric Project I’ve been doing this year with the focus on the closed-loop automation using open-source tools. Additionally, you will see LIVE DEMO of the closed-loop automation as an extension to ZTP, where the full data centre fabric running Cumulus switches will be provisioned from zero to full operational state.

If you’ve recently read about Mellanox/Cumulus, the same approach perfectly fits this pair.

But it is not only about Cumulus. Any network supplier we’ve discussed (Arista, Nokia, Cisco and much more) can be provisioned in such a way, and you can find the sample templates in the GitHub repo.

Support us





Continue reading

DC 14. Real case of using ZTP to setup Mellanox SN 2010 with Cumulus Linux.

Hello my friend,

Earlier in this year we’ve discussed zero touch provisioning using the Data Centre Fabric Enabler Infrastructure. As always in my articles, I’ve used wonderful VM images, which are freely available on the Internet. Nevertheless, when you deal with real boxes, various caveats might arise. Today we’ll review how to bring Mellanox switch SN 2010 to the operational state running Cumulus Linux using the ZTP framework I’ve already created.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Thanks

Special thanks for Avi Alkobi from Mellanox and Pete Crocker and Attilla de Groot from Cumulus for providing me the Mellanox switch and Cumulus license for the tests.

Disclaimer

It is always exciting to do something for the first time. I have never written about any particular network device. Mostly because I always separate, as far as it is possible, the relationship between my current employer, which is The Hut Group as of today, and my blog. And this is the justification, why Continue reading

vlog. Episode 5. NetLdn: Networking for Networkers

Hello my friends,

It is always cool to talk about various network technologies with the engineers from industry, and to meet some awesome chaps. I had a pleasure to attend such an event in London in the last months. Learn my findings on that.

CY2019 Episode 5 // NetLdn with James Bensley and Richard Patterson

In this episode, together with James Bensley and Richard Patterson from Sky we discuss the the NetLdn event series. The event, where you can discuss network technoligies with the peers and, perhaps, make some friends.

Don’t forget to subscribe for the channel, put likes and repost the video if you like that! 😉

Support us





P.S.

If you have further questions or you need help with your networks, I’m happy to assist you, just send me message. Also don’t forget to share the article on your social media, if you like it.

BR,
Anton Karneliuk

REST API 3. Basics cheat sheet (Ansible, Bash, Postman, and Python) for PATCH/PUT using NetBox

Hello my friend,

This is the third and the last article about REST API basics. In the previous articles, you have learned how to collect information and create/delete new entries. Today you will learn how to modify existing entries.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Disclaimer

This article is a continuation of the two previous: GET and POST/DELETE. You should start with that to get the full picture.

What are we going to test?

You will learn how to use two requests:

  1. PATCH for modifying information for existing entries
  2. PUT for modifying information for existing entries

As you might remember, the interaction with the REST API is described by CRUD model, what stands for Create, Read, Update, and Delete. In this concept, Update operation is represented by PATCH and PUT HTTP methods. Later in this article you will figure out what is the difference between PATCH and PUT. It is significant.

To put the context, we will Continue reading

REST API 2. Basics cheat sheet (Ansible, Bash, Postman, and Python) for POST/DELETE using NetBox and Docker as examples

Hello my friend,

In the previous blogpost, we started the exciting journey in the world of REST API, where you have learned how to collect the information using GET method. Today you will learn how to create the objects using POST method and remove them using DELETE.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Disclaimer

This article is a continuation of the previous one. You should start with that to get the full picture.

What are we going to test?

You will learn how to use two requests

  1. POST for adding new information
  2. DELETE for removing the entries

As you might remember, the interaction with the REST API is described by CRUD model, what stands for Create, Read, Update, and Delete. In this concept, HTTP POST method represents Create and DELETE represents Delete operaions.

To put the context, Digital Ocean NetBox and Docker are the applications, which we will manage over the REST API.

Software version

The following Continue reading

REST API 1. Basics cheat sheet (Ansible, Bash, Postman, and Python) for GET using NetBox and Docker as examples

Hello my friend,

There was a small pause with the blogposts caused by heavy load I had with the ongoing projects. However, I hope you enjoyed watching some videos I have prepared for you with the awesome guests. Today we are going to discuss some details about REST API using Digital Ocean NetBox and Docker as examples.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Brief description

The REST API was already extensively used in my previous articles about the Data Centre Fabric project such as NetBox integration with the Infrastructure Enabler Stack, monitoring of the network infrastructure using Telegraf/InfluxDB/Grafana or closed-loop automation with Kapacitor. Nevertheless, we haven’t discussed how to work with the REST API itself.

In terms of using the Web applications, there are four main action types forming CRUD abbreviation:

  • C – CREATE is an action type, which creates the entry within the application database.
  • R – READ is an action type, which extract the existing information out of the Continue reading

vlog. Episode 4. Discussion about RPKI OV (protecting routing in Internet)

Hello my friend,

In the era when Internet plays more and more crucial role in the global business, the security and the stability of Internet become to be an enormously important. So we need to protect it!

CY2019 Episode 4 // RPKI OV with Greg Hankins

In this episode, together with Greg Hankins from Nokia we discuss the protection of the BGP routing in Internet with the new framework called RPKI Origin Validation, which is one of the most tending topics these days.

Don’t forget to subscribe for the channel, put likes and repost the video if you like that! 😉

Support us





P.S.

If you have further questions or you need help with your networks, I’m happy to assist you, just send me message. Also don’t forget to share the article on your social media, if you like it.

BR,
Anton Karneliuk

vlog. Episode 3. Discussion about technical roles in vendors

Hello my friend,

Many times when I visited various conferences or had meetings with vendors, I was confused by the naming conventions of the roles they have. System engineer, pre-sales, account manager, etc… If you feel the same, watch this video!

CY2019 Episode 3 // The enginnering jobs in the vendors with Ahmed Elbornou

In this episode, together with Ahmed Elbornou from Juniper we discuss the typicall journey of the product within the company (like router, or SW product) and how various technical roles contribute to its creation

Don’t forget to subscribe for the channel, put likes and repost the video if you like that! 🙂

Support us





P.S.

If you have further questions or you need help with your networks, I’m happy to assist you, just send me message. Also don’t forget to share the article on your social media, if you like it.

BR,
Anton Karneliuk

DC/SP. Part 13/8. Real-time data analytics and closed-loop automation with InfluxData Kapacitor for the Data Centre Fabric

Hello my friend,

This article is kind of a special one for me. It doesn’t mean that everything I have written before has a little sense. Everything what I have written about the Data Centre Fabric project was steps towards fully automated data centre operation, and today we make a final step towards the closed-loop automation based using the real-time data analytics by InfluxData Kapacitor.

Join Network Automation Expert Course
1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Brief description

Read the previous article about the DC/SP naming

According to the official website, InfluxData Kapacitor is alerting system following publish-subscribe design pattern, which supports both steam and batch data processing. If we translate it from the geeks’ language, it means that Kapacitor can subscribe to a certain to topics in the data producer (e.g., time series database – InfluxDB or collector – Telegraf) and start getting information out of it:

  • Steam processing means that all the information coming to the subscribed Continue reading

Three years on air

Hello my friend,

Three years ago, on the 5th June 2016, we have posted the first article about Nokia SR OS/ Cisco IOS XR interop. We can dispute, if it was long ago or not, but what we can’t dispute the amount of information shared with you since that time on various network and automation topics!

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Over these three years we have posted 75 (seventy five!) articles about the design, configuration and implementation of the multivendor networks with Nokia SR OS, Cisco IOS XR, Arista EOS and Cumulus Linux. Out of that 75, the 21 articles were written in this third year. Thanks to the blog activity we were awarded as the CiscoChampion 2019 as a top tech influencers worldwide.

Review of the first year articles

Review of the second year articles

New format

The last year was a kind of breakthrough, not only based on the topics we were covering, about which we’ll Continue reading