the worlds gone mad

Author Archives: the worlds gone mad

Boat build phase – Part1

Now I had a design and a half empty shell it was time to get work. The biggest problem with working on a boat is space, you are forever moving things and constantly tidying up. All the materials had to be orderd to arrive just in time for when they were needed as there is no space on the boat to store them. The remoteness of the marina and not having a car didn’t help, I wasted a lot of hours getting local buses to go hire a van or waiting on deliveries.

Boat design phase

I purposely bought a boat that needed work so that I could customise it to my needs and learn how everything works. The wooden interior was dated and gloomy, it only had 1 DC socket, no working AC (no fuse board or inverter), no hot water (water heater broken) and a rusted up stove with 1 radiator run off it. After 5 months of hardship and an ever decreasing bank balance whether that was a good idea is debatable…..

Life is Life

The initial idea behind this blog was to have a medium to store and share notes on the different technologies I worked on in an searchable manner. I have decided to step back from work and take a year out so this new life tab of the blog will be for all things non-IT related. I still plan to write technology based blogs over this time (got a few automation projects and Azure tips to share), however this is unlikely to start happening until later into next year.

who me?

This blog is to share knowledge and experiences I come across within the trials and tribulations of networking and automation. As we all know the Internet is built on plagiarism. I do try and mention any sources I use, but if I do miss you out please don’t get offended, feel less important or come after me. Plagiarism is just confirmation of your superior knowledge. Some of the information maybe wrong, I am certain the grammar is wrong, but it is written with the best interests at heart.

Palo commit and rollback

Palo Alto firewalls use the concept of a running config to hold the devices live configuration and the candidate config is copy of the running config where changes are made. A Commit operation causes the running config to be overwritten by the candidate config activating the changes.

SD-WAN transport-side BGP

The majority of Cisco SD-WAN guides and posts I have found use static routing rather than routing protocols on the transport-side. Static routes are all very well for SD-WAN tunnel traffic but I was wanting to understand how you equate for DIA traffic in a more real-life situation where address ranges are advertised via BGP.


The Cisco documentation about this call it Inter-AS Option B with the use case being to extend LSPs between sites over the one link. As Option B is the only MPLS-VPN method supported by Cisco SD-WAN I wanted to get a better understanding of how it works aswell as see if it could be used to extend multi-VRF prefixes between edge routers and a core switch within the same AS (rather than using Option C with LDP).

SD-WAN service-side MPLS VPN

This post goes through how to configure MPLS VPN on the service-side of a Cisco SD-WAN edge device, so the south-side towards non-SD-WAN devices. What I am trying to achieve is to advertise the differing SD-WAN VPN (VRF, why Cisco have to call these VPNs beats me) prefixes to a core switch (using a ASR in the lab) directly connected to the SD-WAN router. This could be accomplished using per-VRF interfaces (or sub-interfaces) and BGP peerings, but a neater solution is to pass all the routing information over one the BGP MPLS VPNv4 peering.

F5 BIG-IP DNS Express

As part of a POC I deployed a pair of HA F5 LTM/GTM at home to use for all things DNS based. It is an indulgent over the top DNS solution for a 1 bed flat, but hey-ho we are in a pandemic….. This guide does not go through the HA F5 or GTM (still cant stop calling it that) configuration, it is focussed around using ZoneRunner for DNS (bind) with these zones transferred into DNS express and serviced by a listener.

Nornir – The Basics

If you have an understanding of Python and have been working with Ansible it is likely at some point you will get to the stage where you ask yourself ‘there has to be something better’. For network automation that better could well be Nornir.

1 2 3