Get Trained on the AWS Cloud

Date: 6 December 2016
Time: 10am – 1.30pm IST
Location: Online

Python Basics – Part 2 cont…

4.Tuples

A tuple is similar to a list. The difference between the two is that we cannot change the elements of a tuple once it is assigned whereas in a list, elements can be changed. A tuple is created by placing all the items (elements) inside a parentheses ()

• We generally use tuple for different datatypes and list for homogeneous similar datatypes.
• Since tuple are immutable, means value can not be changed.
• Tuples that contain immutable elements can be used as key for a dictionary. With list, this is not possible.
• If you have data that doesn’t change, implementing it as tuple will guarantee that it remains write-protected.

Empty tuples are constructed by an empty pair of parentheses; a tuple with one item is constructed by following a value with a comma (it is not sufficient to enclose a single value in parentheses)

CODE:

OUTPUT:

5 .Dictionary

Python dictionary is an unordered set of key:value pairs , with the requirement that the keys are unique (within one dictionary). A pair of braces creates an empty dictionary: {}.Dictionary have no concept of order among elements.

Keys are unique within a dictionary while values may not be.The values Continue reading

Python Basics – Part 1

Let’s start with Python basics, with the help of program .Theory part in posts is just enough to understand the program.

Python Data Type:

• Numbers
• Strings
• List
• Tuple
• Dictionary

1. Numbers :  
   1.  Int                  1 ,10,-145, 22
   2. Float               1.1,0.9,-29.9
   3. Complex        1.4j, 4e+6j

2. Strings

Way to remember how slices work in string  is to think of the indices as pointing between characters, with the left edge of the first character numbered 0. Then the right edge of the last character of a string of n characters has index n, for example:

“Crazyouters ”  represented in indices form

Program Code : Str.py

Output

There are special operators in strings

Program Code : str1.py

Output

3. List

The list is a most versatile datatype available in Python which can be written as a list of comma-separated values (items) between square brackets. Important Continue reading

Python – Must for Network Engineer

Automation is need of Time.We as network engineers have to go with automation to simplify major chunk of the work done by us.We can not escape from automation.I will be having series of Python posts starting from basics.I  will try to put all  learning  in post in most easiest way.

Let’s start with Basics.What is Python ? As per Wiki ,Python is a widely used high-level, general-purpose, interpreted, dynamic programming language.

In layman terms , it’s one of the coding  language much simpler, easy to understand and most importantly reduces number of code lines in C++ to fewer lines.

It was created by Guido van Rossum during 1985-1990.

Installation:

Note:We will be doing coding in Python 3.

Windows:  can be installed from Site :http://www.python.org

Linux: run below mentioned  command

$ sudo apt-get install python 3.5

Failover Mechanism Part- 3

How should Fail over need to be implemented if CPE router is common for
primary and secondary link ? Answer for the same can be found in this post.
This scenario may be refer as DPDLSC (DUAL POP DUAL LAST MILE SINGLE CPE)
Just to mention that traffic control is being done from CPE,ISP is very
much transparent and is not influencing traffic in this scenario.

Considering the above Topology.

FAILOVER MECHANISM —-
1. Outgoing Traffic from CPE is controlled using Local Preference (Higher local Preference, better path)
2. Incoming Traffic to CE is controlled using As Path Prepend ( lower as path count , better path)

NORMAL SCENERIO
Primary link is up ,Local preference is high for primary link than secondry and also there is no as-prepend as in secondry

OUTGOING TRAFFIC >>> LAN>CPE>PE1
INCOMING TRAFFIC >>> PE1>CPE>LAN

PRIMARY WAN LINK DOWN(PE1-CPE link down)
OUTGOING TRAFFIC  >>> LAN>CPE>PE2
INCOMING TRAFFIC >>> PE2>CPE>LAN

RELATED CPE CONFIGURATION

router bgp 64520
bgp log-neighbor-changes
network 10.0.0.0 mask 255.255.0.0
neighbor 172.10.1.1 remote-as 9730
neighbor 172.10.1.1 description PRIMARTY
neighbor 172.10.2.1 remote-as 9730
neighbor 172.10.2.1 description SECONDRY
Continue reading

Failover Mechanism Part-2

Dual POP Dual last mile Dual CE (DPDLDC)
This is second post related to fail over Mechanism ,In first post we have configured IP SLA to track the Primary link.Here we won’t be configuring track but will be having IBGP configured between CPE-1 and CPE-2. It’s topology is also Dual POP Dual last mile Dual CE (DPDLDC).It provides redundancy both  for WAN connectivity as well as LAN connectivity.

Here we will be controlling the Traffic from CPE. ISP is very much transparent and is not influencing traffic in this scenario.

 Topology.
Here we wont’t track the WAN IP as in fail over Mechanism in last post but will have IBGP running between CPE-1 and CPE-2
Failover Mechanism —
1. Outgoing Traffic from CPE wan is controlled using Local-Preference (Higher LP preferred)
2. Incoming traffic to CPE is controlled using AS Path Prepend attribute of BGP at secondary( lower as path count , better path)
Normal Scenario
================
Primary WAN link is up .HSRP running on CPE-1 towards LAN is active state. CPE-1 has routes to other location from both EBGP and IBGP but will be preferred via PE1 (High Local Preference configured ).Whereas AS prepend is configured on CPE-2 Continue reading

Failover Mechanism Part-1

Redundancy is must for ISP in Core and also its equally important for Enterprise
to have network up always thus resulting in zero business impact due to network outage.
There are  different scenarios of failover mechanism  depending upon the  requirement.
First of its kind is Dual POP Dual last mile Dual CE (DPDLDC). It provides redundancy both for WAN connectivity as well as LAN connectivity.

DUAL POP—customer  primary and secondary link terminated on different PE router.

DUAL LAST MILE—last mile connectivity between PE and CE is different for primary and secondary

DUAL CE -Primary and secondary terminated on different CPE device.

I would be sharing Multiple Scenarios of Fail over Mechanism in coming  posts.

ISP is very much transparent in this scenario, traffic control is being done from CPE end.

Considering the below  topology

Failover Mechanism —

1. Outgoing Traffic from CPE wan is controlled using HSRP + IP SLA
2. Incoming traffic to CPE is controlled using AS Path Prepend attribute of BGP at secondary( lower as path count , better path)
Normal Scenerio
1)Primary WAN link is up .HSRP running towards LAN is active state. Secondary link is having AS-Prepend so primary link is preferred with having less number Continue reading

Access-list Vs Prefix-list

General Query about access-list and prefix list ?

ACCESS-LIST
Access-list is sequential series of filters
Action :Either deny or permit
Matching Criteria can be source address in case of standard access-list or may be source address ,destination address,protocol,port or socket in case of extended access-list.
Its Implicit Deny means that no match occur through all filter in access-list ,it will tend to automatically dropped.
Its sequential,means that filter is checked from top to bottom.If the first match is encountered,the rest of the access -list is ignored.

**Always try to put filtering line in right sequence to avoid access-list mulfunctioning.

Standard Access-list
access-list 1 permit 10.10.10.1 0.0.0.0
access-list 1 permit 10.10.10.20 0.0.0.0
OR
ip access-list standard 1
10 permit 10.10.10.1 0.0.0.0
20 permit 10.10.10.20 0.0.0.0

Extended Access-list
access-list 100 permit ip 10.10.10.10 0.0.0.0 172.16.10.0 0.0.0.255
access-list 111 permit port access-list 111 permit tcp 10.0.0.0 0.255.255.255 172.1.141.0 0.0.0.255 eq 23
access-list 112 permit udp Continue reading

CCIE SP — Experience

I have passed the CCIE SP Lab . I will share my experience here. I will only share things pertaining to the SP lab.

>Dont forget to take the config backup before starting the LAB
>Notepad is your  best friend in lab. Many configurations are repetitive. You will save time and reduce the chance of making a mistake by using it.
>Read the LAB end to end carefully before starting.
>Speed and Accuracy is imp ingrediant to pass the LAB.
>Proctator wont help you much after providing intial instruction.You need to listen carefully to protector.
>I lost access to all the device while labbing.I asked protector to help but he advised to check myself.I cleared power cycle and got the access back.
>IMP : Don’t forget to create the BGP_PASS RPL to allow eBGP routes to pass.

Questions are welcome.I would try my best to help you .

Smiles
Crazyrouter

BASICS- ICMP REDIRECTS

Redirect, ICMP type 5, is used by routers to notify hosts of another router on the data link that should be used for a particular destination.

TOPOLOGY

——————–

———-                                   ROUTER R3——|
| Internet |                                  /                 |——PC2 10.10.10.1
———                                         /
|                                               /
ROUTER R1                            ROUTER R2
172.16.10.40|                                | 172.16.10.5

|                                 |
—————-LAN——————————–
|
|
PC1
172.16.10.1
Gateway 172.16.10.40

—————————————-
Consider above topology,where PC1 has default gatway config as 172.16.10.40 .PC1 send packet to router R1 to reach remote destination  10.10.10.1.Router R1  checks its routing table and find that next-hop to reach 10.10.10.1 is Router R2.SO now the ROuter R1 has to fwd  packet througth the same interface on which it was received.Router R1 fwd packet to Router R2 and also send ICMP redirect message to PC1.This informs about the best path to reach destination 10.10.10.1 is through Continue reading

BASICS – PROXY ARP

Its very important for routing and is enabled default in IOS.

Its method by which router made himself available to the host.How ?

|——-ROuter——|
|                            |
PC1                       PC2
IP 10.10.20.1/24      10.10.40.1/24

Consider that HostA(10.10.20.1/24) want to send traffic to HostB of diff subnet (10.10.40.1/24).
Host A neither have any default gateway configured nor it knows how to reach router.It will send arp request for 10.10.40.1,local router
when receives the request and also know how to reach subnet 10.10.40.0,will reply arp with its own hardware address.
Host A will see this reply, cache it, and send future IP packets for host B to the gateway.  The gateway will forward such packets to
host B by the usual IP routing mechanisms.  The gateway is acting as an agent for host B, which is why this technique is called “Proxy ARP”; we will refer to this as a transparent subnet gateway or ARP subnet gateway.

ARP cache entries generally shows multiple ip address are mapped to single hardware addresss ,It that case proxy arp is used and single hardware addresss is of router interface and multiple ip address is of hosts.

BASICS – ARP

How the ARP works ? Basic question but very imp to know it.

ARP is address resolution protocol,used to resolve logical IP address to physical hardware address.

ROUTER

|
|
———LAN——-
|                          |
|                          |
PC1                   PC2
10.10.10.1          10.10.10.14

Consider that PC1 want to communicate with PC2.What is the actual process to communicate b/w them ?

PC want to sent traffic to PC2 ,it has got layer 3 address for source(10.10.10.1) and also destination (10.10.10.14).
It will move from upper layer down to lower layer 2 i.e data link layer.Layer 2 need to have source and destination MAC
address information to process further.PC1 has layer 3 information for source and destination but no layer 2 information for destination .
Here comes the saviour known as ARP .PC1 will send broadcast into the LAN asking that whoever owns IP 10.10.10.14 respond with its mac address.

The broadcast packet will have following info.
Source Ip             : 10.10.10.1
Destination IP      : 10.10.10.14
Source MAC        : MAC Continue reading

After CCIE SP >>>>Python

After certifying CCIE SP #44298 , I am using my time now to explore Python and seriously enjoying it…

BGP Synchronization

The Basic Question >>Why an IGP  is necessary  to support IBGP and why  SYNC is necessary b/w IGP and  IBGP .

Lets take rule of  SYNCHRONIZATION

A BGP router with synchronization enabled will not advertise its iBGP learned routes to its eBGP peers unless it  has learned or  verified this route on its routing table through an IGP.

In above Topology ,

R1 R2 R3 R4 are running OSPF as IGP

R1 and R2 are IBGP Peer

R1 R5 and R2 R6 are Ebgp peer respectively.

Lets Have the config of each router

======================================================================

CONFIGURATION

=====================R1=====================

int fas1/0
no sh
ip add 9.9.15.1 255.255.255.0
!
int fas0/0
no sh
ip add 9.9.14.1 255.255.255.0
!
int lo0
ip add 9.9.0.1 255.255.255.255
!
router ospf 9
router-id 9.9.0.1
network 9.9.14.1 0.0.0.0 area 0
network 9.9.0.1 0.0.0.0 area 0

=====================R2=====================

int fas1/0
no sh
ip add 9.9.26.2 255.255.255.0
!
int fas0/1
ip add 9.9.23.2  255.255.255.0
no sh
!
int lo0
ip Continue reading

MPLS , ATOM AND VPLS

I would love to share article by Mbong Ekwoge explaining different Flavors of MPLS ,that can help you to clear any confusion about MPLS ,ATOM and VPLS….

MPLS is the enabler of all these fancy services and applications we hear about today, such as MPLS VPNs, AToM (Any Transport over MPLS), MPLS TE (Traffic Engineering), etc.

In order to clearly understand what VPLS is, you need to understand what led to the “birth” of VPLS (Virtual Private LAN Service).  It all began with MPLS VPNs. The client had to form a peer-to-peer relationship with the Provider’s PE routers. What this means is that the provider is intricately involved with routing and forwarding the customer’s traffic and some customers did not like this idea. Also, providers had invested heavily into Layer 2 VPN techniques such as ATM, Frame Relay, etc and completely eliminating these overlay VPN techniques didn’t feel right with their financial people. Some engineers did not like the idea of having to let go of their beloved ATMs, Frame Relay PVCs for some new chap coming in.

This led Cisco and IETF to develop a solution which would let you run MPLS in the core but users Continue reading

Q-in-Q

Q-in-Q
——-
Consider a situation where service providers want to offer transparent LAN services that preserve a customers VLAN tags across your Layer-2 network.This can be done by the Q-in-Q IEEE 802.1q standard which allows us to use a single VLAN to transport multiple VLANS across the MAN or WAN. In doing so, we stack on an extra 802.1q tag to the customer’s traffic at the provider’s edge (PE). The original 802.1Q specificationallows a single VLAN header to be inserted into an Ethernet frame.A port configured to support 802.1Q tunneling is called a tunnel port. When you configure tunneling, you assign a tunnel port to a VLAN that is dedicated to tunneling. Each customer requires a separate VLAN, but that VLAN supports all of the customer’s VLANs.

How It works
——————-

Referece pic: Cisco Site

Customer Edge1——(802.1Q Trunk port having cutomer Vlan Ids)

                                 V
                                 V
                                 V

Service Provider edge switch1 —-(Packets entering the tunnel port on the service-provider edge switch, which are already 802.1Q-tagged with the appropriate VLAN IDs, are encapsulated with another layer of an 802.1Q tag that contains a VLAN ID unique to the customer).

Continue reading

Uplink Fast

Uplink Fast
___________

Cisco enhanced the original 802.1D specification with features such as Uplink Fast to speed up the convergence time of a bridged network.
The drawback is that these mechanisms are proprietary and need additional configuration.  The UplinkFast feature is a Cisco proprietary technique that reduces the recovery time further down to the order f 1 sec

Normal Scenerio without Uplink fast
————————————
Assume SW1 = Root Bridge 
                 SW3 = access switch with one of its uplinks in blocking mode 
                 Uplink from SW3 to SW2  via port A is primary and SW3 to SW2 via port B is redundant uplink

 SW1——————- SW2      
  –                              -
    –                         -
      –                    -
         –               -
             -SW3-

suppose uplink SW3 to SW1 fails,port A goes down immediatly.SW3 consider now link to SW2 as its still receiving BPDUs from root,but to get the link to forwrding state ,it will take 30 sec(learning and listening stage) Port B reaches forwarding state after 30 sec qnd network connectivity is established.

Scenerio with Uplink fast
—————————

Note: 1) The switch has only two uplinks.
           2) The switch has more than two uplinks, but the STP parameters are set in such   way, that Continue reading

2012 in review

The WordPress.com stats helper monkeys prepared a 2012 annual report for this blog.

Here’s an excerpt:

The new Boeing 787 Dreamliner can carry about 250 passengers. This blog was viewed about 1,100 times in 2012. If it were a Dreamliner, it would take about 4 trips to carry that many people.

Click here to see the complete report.