Ivan Pepelnjak
Author Archives: Ivan Pepelnjak
- Home → Author's archive:
Ivan Pepelnjak
Worth Reading: New Linux Command Line Tools
Julia Evans published a long list of new(ish) Linux command line tools. For example, did you ever want to have directory listing in nicely formatted JSON? How about ls -l | jc --ls | jq .?
Quite a few of these tools also work on Mac and can be installed with HomeBrew. Some are written in a scripting language, so you could (in theory) also use them on Windows (without WSL).
Worth Reading: New Linux Command Line Tools
Julia Evans published a long list of new(ish) Linux command line tools. For example, did you ever want to have directory listing in nicely formatted JSON? How about ls -l | jc --ls | jq .?
Quite a few of these tools also work on Mac and can be installed with HomeBrew. Some are written in a scripting language, so you could (in theory) also use them on Windows (without WSL).
Video: Challenges of Managed SD-WAN Services
When I published a link to the Is MPLS/VPN Too Complex? blog post to LinkedIn, someone asked whether I’m skeptical about service provider SD-WAN services due to lack of skills, and Kristijan Taskovski quickly identified the root cause in his reply:
The argument of a lack of skill is only one that is perpetuated by businesses. It’s not perpetuated by engineers. People that are trained, honed, and knowledgeable are expensive. Expense is the number one enemy for a business.
That’s exactly why I think most managed SD-WAN services will be a dismal failure.
Video: Challenges of Managed SD-WAN Services
When I published a link to the Is MPLS/VPN Too Complex? blog post to LinkedIn, someone asked whether I’m skeptical about service provider SD-WAN services due to lack of skills, and Kristijan Taskovski quickly identified the root cause in his reply:
The argument of a lack of skill is only one that is perpetuated by businesses. It’s not perpetuated by engineers. People that are trained, honed, and knowledgeable are expensive. Expense is the number one enemy for a business.
That’s exactly why I think most managed SD-WAN services will be a dismal failure.
Telephone System Is a Bad Example of Hierarchical Addresses
Networking engineers proposing strict hierarchical addressing scheme as a solution to global BGP table explosion often cite the international telephone system numbering plan (E.164) as a perfect example of an addressing plan that uses hierarchy to minimize routing table sizes. Even more, widespread mobile roaming and local number portability indicate that we could solve IP mobility and multihoming if only insert-your-favorite-opinion-here.
Telephone System Is a Bad Example of Hierarchical Addresses
Networking engineers proposing strict hierarchical addressing scheme as a solution to global BGP table explosion often cite the international telephone system numbering plan (E.164) as a perfect example of an addressing plan that uses hierarchy to minimize routing table sizes. Even more, widespread mobile roaming and local number portability indicate that we could solve IP mobility and multihoming if only insert-your-favorite-opinion-here.
AWS Automatic EC2 Instance Recovery
On March 30th 2022, AWS announced automatic recovery of EC2 instances. Does that mean that AWS got feature-parity with VMware High Availability, or that VMware got it right from the very start? No and No.
Automatic Instance Recover Is Not High Availability
Reading the AWS documentation (as opposed to the feature announcement) quickly reveals a caveat or two. The automatic recovery is performed if an instance becomes impaired because of an underlying hardware failure or a problem that requires AWS involvement to repair.
AWS Automatic EC2 Instance Recovery
On March 30th 2022, AWS announced automatic recovery of EC2 instances. Does that mean that AWS got feature-parity with VMware High Availability, or that VMware got it right from the very start? No and No.
Automatic Instance Recover Is Not High Availability
Reading the AWS documentation (as opposed to the feature announcement) quickly reveals a caveat or two. The automatic recovery is performed if an instance becomes impaired because of an underlying hardware failure or a problem that requires AWS involvement to repair.
Keep Blogging, Some of Us Still Read
I stumbled upon a sad tweet a few days ago…
… and not surprisingly, a lot of people chimed in saying “don’t give up, we still prefer reading”. Unfortunately, it does seem like the amount of worthy content is constantly decreasing, and way too many quality blogs disappeared over the years, so I’ll try to lift the veil of depression a bit ;)
Keep Blogging, Some of Us Still Read
I stumbled upon a sad tweet a few days ago…
… and not surprisingly, a lot of people chimed in saying “don’t give up, we still prefer reading”. Unfortunately, it does seem like the amount of worthy content is constantly decreasing, and way too many quality blogs disappeared over the years, so I’ll try to lift the veil of depression a bit ;)
Creating VRF Lite Labs With netsim-tools
I always found VRF lab setups a chore. On top of the usual IPAM tasks you have to create VRFs, assign route targets and route distinguishers, do that on every PE-router in your lab… before you can start working on interesting things.
I tried to remove as much friction as I could with the netsim-tools VRF configuration module – let me walk you through a few simple examples1 which will also serve to illustrate the VRF configuration differences between Cisco IOS and Arista EOS.
Creating VRF Lite Labs With netlab
I always found VRF lab setups a chore. On top of the usual IPAM tasks you have to create VRFs, assign route targets and route distinguishers, do that on every PE-router in your lab… before you can start working on interesting things.
I tried to remove as much friction as I could with the netlab VRF configuration module – let me walk you through a few simple examples1 which will also serve to illustrate the VRF configuration differences between Cisco IOS and Arista EOS.
Worth Reading: Full-Stack Network Automation
Lívio Zanol Puppim published a series of blog posts describing a full-stack network automation, including GitOps with GitLab, handling secrets with Hashicorp Vault, using Ansible and AWX to run automation scripts, continuous integration with Gitlab CI Runner, and topped it off with a REST API and React-based user interface.
You might not want to use the exact same components, but it’s probably worthwhile going through his solution and explore the source code. He’s also looking for any comments or feedback you might have on how to improve what he did.
Worth Reading: Full-Stack Network Automation
Lívio Zanol Puppim published a series of blog posts describing a full-stack network automation, including GitOps with GitLab, handling secrets with Hashicorp Vault, using Ansible and AWX to run automation scripts, continuous integration with Gitlab CI Runner, and topped it off with a REST API and React-based user interface.
You might not want to use the exact same components, but it’s probably worthwhile going through his solution and explore the source code. He’s also looking for any comments or feedback you might have on how to improve what he did.
Worth Reading: The AI Illusion
Russ White’s Weekend Reads are full of gems, including a recent pointer to the AI Illusion – State-of-the-Art Chatbots Aren’t What They Seem article. It starts with “Artificial intelligence is an oxymoron. Despite all the incredible things computers can do, they are still not intelligent in any meaningful sense of the word.” and it only gets better.
While the article focuses on natural language processing (GPT-3 model), I see no reason why we should expect better performance from AI in networking (see also: AI/ML in Networking – The Good, the Bad, and the Ugly).
Worth Reading: The AI Illusion
Russ White’s Weekend Reads are full of gems, including a recent pointer to the AI Illusion – State-of-the-Art Chatbots Aren’t What They Seem article. It starts with “Artificial intelligence is an oxymoron. Despite all the incredible things computers can do, they are still not intelligent in any meaningful sense of the word.” and it only gets better.
While the article focuses on natural language processing (GPT-3 model), I see no reason why we should expect better performance from AI in networking (see also: AI/ML in Networking – The Good, the Bad, and the Ugly).
Video: IPv6 Trust Model
After discussing the basics of IPv6 security in the hands-on part of IPv6 security webinar webinar, Christopher Werny focused on the IPv6 trust model (aka “we’re all brothers and sisters on link-local").
You need Free ipSpace.net Subscription to watch the video.
Video: IPv6 Trust Model
After discussing the basics of IPv6 security in the hands-on part of IPv6 security webinar webinar, Christopher Werny focused on the IPv6 trust model (aka “we’re all brothers and sisters on link-local”).
You need Free ipSpace.net Subscription to watch the video.
Next Hops of BGP Routes Reflected by Arista EOS
Imagine a suboptimal design in which:
- A BGP route reflector also servers as an AS edge (PE) router1;
- You want to use next-hop-self on AS edge routers.
Being exposed to Cisco IOS for decades, I considered that to be a no-brainer. After all, section 10 of RFC 4456 is pretty specific:
In addition, when a RR reflects a route, it SHOULD NOT modify the following path attributes: NEXT_HOP, AS_PATH, LOCAL_PREF, and MED.
Arista EOS is different – a route reflector happily modifies NEXT_HOP on reflected routes (but then, did you notice the “SHOULD NOT” wording?2)
Next Hops of BGP Routes Reflected by Arista EOS
Imagine a suboptimal design in which:
- A BGP route reflector also servers as an AS edge (PE) router1;
- You want to use next-hop-self on AS edge routers.
Being exposed to Cisco IOS for decades, I considered that to be a no-brainer. After all, section 10 of RFC 4456 is pretty specific:
In addition, when a RR reflects a route, it SHOULD NOT modify the following path attributes: NEXT_HOP, AS_PATH, LOCAL_PREF, and MED.
Arista EOS is different – a route reflector happily modifies NEXT_HOP on reflected routes (but then, did you notice the “SHOULD NOT” wording?2)