Ivan Pepelnjak

Author Archives: Ivan Pepelnjak

Setting Source IP Address on Traffic Started by a Multihomed Host

In the Path Failure Detection on Multi-Homed Servers blog post, I mentioned running BGP on servers as one of the best ways to detect server-to-network failures. As always, things aren’t as simple as they look, as Cathal Mooney quickly pointed out:

One annoyance is what IP address gets used by default by the system for outbound traffic. It would be nice to have a generic OS-level way to say, “This IP on lo0 should be default for outbound IP traffic unless to the connected link subnet itself.”

That’s definitely a tough nut to crack, and Cathal described a few solutions he used in the past:

Setting Source IP Address on Traffic Started by a Multihomed Host

In the Path Failure Detection on Multi-Homed Servers blog post, I mentioned running BGP on servers as one of the best ways to detect server-to-network failures. As always, things aren’t as simple as they look, as Cathal Mooney quickly pointed out:

One annoyance is what IP address gets used by default by the system for outbound traffic. It would be nice to have a generic OS-level way to say, “This IP on lo0 should be default for outbound IP traffic unless to the connected link subnet itself.”

That’s definitely a tough nut to crack, and Cathal described a few solutions he used in the past:

BGP Challenge: Merge Autonomous Systems

Here’s a challenge in case you get bored during the Christmas break: merge two networks running BGP (two autonomous systems) without changing anything but the configurations of the routers connecting them (the red BGP session in the diagram). I won’t give you any hints; you can discuss it in the comments or a GitHub discussion.

Hopefully, you won’t have to deal with something similar in real life, but then we know that crazy requirements trump good designs any day of the week.

BGP Challenge: Merge Autonomous Systems

Here’s a challenge in case you get bored during the Christmas break: merge two networks running BGP (two autonomous systems) without changing anything but the configurations of the routers connecting them (the red BGP session in the diagram). I won’t give you any hints; you can discuss it in the comments or a GitHub discussion.

Hopefully, you won’t have to deal with something similar in real life, but then we know that crazy requirements trump good designs any day of the week.

Review: Unnumbered Interfaces in netlab

A while ago, Chris Parker published a nice blog post explaining how to configure unnumbered interfaces with IS-IS in Junos. It’s well worth reading, but like my Unnumbered Ethernet Interfaces blog post, it only covers one network operating system. What if you want to do something similar on another platform?

How about using the collective efforts of the team developing device configuration templates for netlab? As of December 2023 netlab supports:

Review: Unnumbered Interfaces in netlab

A while ago, Chris Parker published a nice blog post explaining how to configure unnumbered interfaces with IS-IS in Junos. It’s well worth reading, but like my Unnumbered Ethernet Interfaces blog post, it only covers one network operating system. What if you want to do something similar on another platform?

How about using the collective efforts of the team developing device configuration templates for netlab? As of December 2023 netlab supports:

Worth Reading: The AI Supply Paradox

Eric Hoel published a spot-on analysis of AI disruptiveness, including this gem:

The easier it is to train an AI to do something, the less economically valuable that thing is. After all, the huge supply of the thing is how the AI got so good in the first place.

TL&DR: AI can easily disrupt things that are easy to generate and thus have little value. Seeing investors trying to recoup the billions pouring into the latest fad will be fun.

Worth Reading: The AI Supply Paradox

Eric Hoel published a spot-on analysis of AI disruptiveness, including this gem:

The easier it is to train an AI to do something, the less economically valuable that thing is. After all, the huge supply of the thing is how the AI got so good in the first place.

TL&DR: AI can easily disrupt things that are easy to generate and thus have little value. Seeing investors trying to recoup the billions pouring into the latest fad will be fun.

netlab: Version-Specific Topology Files

TL&DR: If you’re using netlab to build labs for your personal use, you can skip this one, but if you plan to use it to create training labs (like my BGP labs project), you might want to keep reading.

Like any complex enough tool, netlab eventually had to deal with inconsistent version-specific functionality and configuration syntax (OK, topology attributes). I stumbled upon this challenge when I wanted to make labs that use two types of configurable devices.

netlab: Version-Specific Topology Files

TL&DR: If you’re using netlab to build labs for your personal use, you can skip this one, but if you plan to use it to create training labs (like my BGP labs project), you might want to keep reading.

Like any complex enough tool, netlab eventually had to deal with inconsistent version-specific functionality and configuration syntax (OK, topology attributes). I stumbled upon this challenge when I wanted to make labs that use two types of configurable devices.

Interviewing a Network Engineer Using a Single Scenario

I always said that the Trivia Pursuit certification tests (or job interviews) are nonsense and that one should focus on fundamentals.

In a recent blog post, Daniel Dib described a fantastic scenario: using a simple “why can’t I connect to a web site” question, explore everything from ARP/ND to DNS and TLS.

Obviously, you’ll never see anything that sane in a certification test. An interactive interview doesn’t scale (beyond CCDE), and using humans (and common sense judgment) creates potential legal liabilities (there were rumors that had been one of the reasons a talk with a proctor who could flunk you was dropped from the CCIE test).

Interviewing a Network Engineer Using a Single Scenario

I always said that the Trivia Pursuit certification tests (or job interviews) are nonsense and that one should focus on fundamentals.

In a recent blog post, Daniel Dib described a fantastic scenario: using a simple “why can’t I connect to a web site” question, explore everything from ARP/ND to DNS and TLS.

Obviously, you’ll never see anything that sane in a certification test. An interactive interview doesn’t scale (beyond CCDE), and using humans (and common sense judgment) creates potential legal liabilities (there were rumors that had been one of the reasons a talk with a proctor who could flunk you was dropped from the CCIE test).

1 20 21 22 23 24 182