Linux is becoming more and more prominent in the networking industry. Many of us come from a mixed background and have varying levels of knowledge of Linux. I’ve been around Linux for a long time but really never got beyond the very most basic stuff. Looking back, I wish I had spent some more time learning Sed, Awk, regex, and Bash etc. I was doing some labs over at NRE Labs (great labs), and wanted to highlight some of the things I learned.
Sometimes you want to append something quickly to a file or send several lines of text to a Linux command. That can be done using “here documents“.
First, look at this small configuration:
daniel@devasc:~/DevAsc$ cat config.txt interface GigabitEthernet0/1 switchport mode access switchport access vlan 10 ! interface GigabitEthernet0/2 switchport mode access switchport access vlan 10 ! interface GigabitEthernet0/3 switchport mode access switchport access vlan 10 !
Now we want to append another interface to the end of this file. We can do that using cat:
daniel@devasc:~/DevAsc$ cat <<EOT >> config.txt > interface GigabitEthernet0/4 > switchport mode access > switchport access vlan 10 > ! > EOT
After the cat command, Continue reading
XML, or Extensible Markup Language, rounds out the usual suspects of YAML, JSON, and XML. It’s probably my least favorite of the three, but knowledge of XML is needed when working with code.
XML is, of course, related to HTML. So why didn’t we just settle for HTML? Turns out machines don’t understand HTML very well. They can parse it perfectly fine, yes, but in HTML you put information in, such an address, and you understand it’s an address because you are a human. A machine doesn’t know that Baker Street is an address, unless you tell it.
XML consists of tags, elements, and attributes. Let’s take a basic example and then go through these in more detail:
<?xml version="1.0" encoding="UTF-8"?>
<address>
<name>
<title>Mr</title>
<first-name>Sherlock</first-name>
<last-name>Holmes</last-name>
</name>
<street>221B Baker Street</street>
<city state="NA">London</city>
</address>
First, we declare that this is an XML document and the encoding used. This is called a prolog. It’s optional, but if included, should always be the first line.
The tag <address> is the root of the document. We must always have a root. The tag <address> has three children:
<name><street><city>The tag <name> has three children as well:
JSON, JavaScript Object Notation, is one of the usual suspects when it comes to network automation. YAML and XML being the other two. It’s easy for machines to parse and generate and the readability is good, better than XML, although YAML is easier for humans to read.
JSON is based on a subset of the JavaScript programming language, as the name implies.
JSON, just like YAML, supports single values, lists, and key/value pairs.
JSON is commonly used to interchange between different formats.
JSON has no requirement for indentation or white space, which YAML has. That said, to make it human readable, it still makes sense to use white space and spaces, most likely either two or four.
JSON supports the following data types:
We’ll Continue reading
YAML, previously known as Yet Another Markup Language, but now YAML Ain’t Markup Language, is a human friendly data serialization standard for programming languages.
YAML and JSON, JavaScript Object Notation, are related to each other, where YAML, according to YAML 1.2 specification, is a superset of JSON.
YAML supports using scalars, sequences, and mappings. A scalar is a string, a number, or boolean, a sequence is a list, and a mapping is a key/value pair.
YAML is commonly used by configuration files in open source tools and Ansible, a network automation tool, uses YAML to run its playbooks.
When it comes to YAML syntax, be aware of the following:
Scalars are single values. It can be a string, number, or a boolean value. Strings don’t need to be quoted, except for some special cases:
People that know me know that I like to be open on sharing thoughts, insights, things I’ve learned, and my struggles. Many people have put their trust in me and I consider it important to show that perceived leaders of the networking industry have the same thoughts and struggles as everyone else.
I wrote this tweet which gained a lot of response and positive comments (thank you).
I’ve dabbled with Python a couple of times the last couple of years. I know the very basics but I haven’t done much more beyond that. Why haven’t I done more automation? There are some different clues as to why, including the fear of not being very good at it.
Job role – I’m a Network Architect. What I enjoy the most, my passion if you will, is to engage in discussions with customers and create Continue reading
I got into some interesting discussions about IPv6 on Twitter. Then someone asked if Android is getting DHCPv6 support in version 11 of the OS.
When IPv6 was developed, initially with RFC 2460, there was this idea that:
Forget all you've learned about IPv4, and design IPv6 from the ground up
This sounds good in theory but ignores completely the lessons we’ve learned from IPv4. Not to mention, there is no such thing as greenfield. Almost all networks, are existing ones, you don’t get to start all over again. There was this very shiny view of end to end connectivity, /64 everywhere and only SLAAC allowed. I get all of that, it’s like saying “I wish there were no wars”, but unfortunately, people are stupid, so there will be wars. There’s this naivety, similar to a teenager that is growing up. You want to change the world, then you realize the world is run by money, mega corps, and dirty politicians.
This whole mess led to the holy wars of SLAAC + RDNSS vs DHCPv6. Please note that SLAAC Continue reading
Yesterday I posted a tweet on company culture that received a lot of positive feedback:
People thought this should be saved in a blog post, so this is it.
Do you want to attract and retain talent and high performers? Of course you do. Do you understand how to do that and are you willing to change your company culture?
Everything starts with culture. You may have heard the quote “Culture eats strategy for breakfast”, meaning that even the best stratety can’t compete with a company that has a great culture. Strategy without culture does not create success.
Most companies, such as the web scalers, often confuse gimmicks with culture. We have great company culture! We have ping pong tables, flipper games and even artists who play music for us! While these things can be entertaining, don’t mistake them for culture. Continue reading
People that know me know that I like to stay up to date on what’s going on in the industry, new technologies, and so on. Mostly this is because I have a passion for technology and for learning. However, there is almost certainly a part of me that also, as many people do, has the fear of missing out (FOMO). That is, you are afraid to get left behind so you keep sipping from the fire hose constantly, because you believe everyone else is doing the same.
There are many many fine podcasts out there. I used to listen to Packet Pushers, Software Gone Wild, Talk Python to Me, Clear to Send, and many more. These shows are extremely good at producing content consistently. Unfortunately, that means that you have maybe 4-5h of content to consume each week. That’s too much for me.
I’m a very analytical person. Both by nature, and in my job role as an Architect. My brain is constantly analyzing, thinking, trying to solve problems. This makes me very efficient, but it also adds stress, and can make it difficult to wind down. As Continue reading
Cisco recently announced that they are releasing CML-P, which is version two of the product formerly known as VIRL. First of all, I’ve seen the product demoed and helped with feedback on it, it looks stunning! The architecture looks great, it’s fully leveraging APIs and it’s an entirely different beast than VIRL. This is a great product and I want to see it succeed. Unfortunately, this product is never going to be as successful as it could be. Why?
CML-P, where P stands for Private, supports a maximum of 20 nodes. This is supposed to be a differentiator to the the -E version, which is for enterprises that wish to run this product at larger scale, including support. First of all, I don’t agree that a node limit is the proper way to differentiate -P from -E. That can be done through support, training and other means.
CML-P’s competition is going to be GNS3 and EVE-NG. These are freely available, but also offer paid versions with a more advanced feature set. There is no node limit with these products. You can run as much as your server can handle. If CML-P is going to compete Continue reading
I received a question on Twitter from my friend Fernando on feedback on when to give up on certifications:
First of all, not everyone will agree that you even need certifications. That’s another discussion and I think there are not many reasons to avoid them entirely, but let’s assume that you already have certifications, when do you give up on them?
That is going to be a choice each person has to make, and it will depend on a number of factors, I think. Here are some that immediately come to mind:
What’s your method for learning a new skill? People use certifications differently but for me it’s about a guided learning path. I know roughly what to study to become decently skilled at a topic. For example, when I wanted to learn more about AWS and their networking, I decided to study for the AWS Solutions Architect Associate. For me, it’s motivating to Continue reading
Other vendors such as Juniper and AWS have already started doing it, now it’s Cisco’s turn to offer online testing. This is especially welcome in Covid times where it’s difficult to go visit an on-premises Pearson/Vue test center. Starting April 15, Cisco will offer remote testing and this means you can take your test any time, any day, around the year. Almost all of the written tests will be offered, including the DevNet ones! The CCDE is one of the excluded tests.
What is required to take the test online? There are some prerequisites:
Your test will be proctored by an online proctor. Before the test starts, you will need to show your room, that there are no books or notes, that you are alone in the room and that you can close the room etc. As well that you are not wearing a watch or have access to a mobile phone. You will also need to provide a valid ID before starting the test. If you break any rules, you will of course not receive a passing score. You can find more information in Susie Wee’s Continue reading
On 27 February 2020, I took and passed the Automating Cisco Enterprise Solutions (ENAUTO) exam on my first attempt. This was the last exam I took that day, having taken DEVASC and DEVCOR in earlier. This exam was a bit different for a few reasons, which I’ll discuss shortly. Passing both DEVCOR and ENAUTO has earned me the Cisco Certified DevNet Professional certification. Like the other DevNet exams, it was fair and reasonably well-written.
I’ve been working with Cisco products for more than 10 years and earning Cisco certifications for about 8 years, and this was my first specialist exam. You can learn more about the ENAUTO exam here. About 40% of the exam is based on general programming principles and network automation techniques, most of which overlap nicely with DEVASC and DEVCOR. The remaining 60% is divided evenly between Cisco’s biggest three enterprise solutions: DNA Center, SD-WAN, and Meraki at 20% each.
Before attempting this exam, you should already have a DevNet Associate certification (not required) or comparable knowledge, plus at least 3 years of network automation experience. Those skills alone cover probably 30% of the blueprint. If you already passed the DEVCOR exam (or have comparable Continue reading
On 27 February 2020, I took and passed the Cisco Certified DevNet Professional Core (DEVCOR) exam on my first attempt. For those who like to memorize dates, yes, I did pass DEVASC and DEVCOR on the same day to cut down on trips to the test center. Like DEVASC, this exam was fair and all blueprint topics were appropriately represented. You can read about my DEVASC blog here (provide link to other blog).
I want to focus on what I did to succeed and less about the exam structure itself. You can learn more about the official certification here. This blog is focused primarily on the DEVCOR exam. Before talking about the exam, just know that you need to pass the core exam plus one concentration exam to earn the Cisco Certified DevNet Professional certification. I also passed the ENAUTO exam, which focuses on enterprise network automation. I’ll write about it in “part 2” later.
Before attempting this certification, you should already have a DevNet Associate certification (not required) or comparable knowledge, plus at least 3 years of software development/automation experience. The DEVCOR exam was no joke. It was harder than the CCIE RS and SP written exams, and about Continue reading
As COVID-19 (Corona) has spread around the world, and while we can argue how serious that is, a lot of tech conferences have been cancelled, and rightfully so. Safety always comes first.
People have suggested that virtual conferences could be a replacement, but as I’ll explain in this blog, they can never really replace a standard conference, rather just be a complement.
First, let me just clear a couple of things:
The first challenge is that we are all in different time zones. When I go to Cisco Live in the US, I adjust to the US time. If I’m staying here in Sweden, I’m not going to stay up late to watch a stream coming from the US.
When you travel to a conference, you are away from work and family, you have dedicated that time to make the Continue reading
On 27 February 2020, I took and passed the Cisco Certified DevNet Associate (DEVASC) exam on my first attempt. TLDR; it was a well-structured and fair exam. I think it was my favorite Cisco exam of all time. It had clear questions, good depth, no off-blueprint curveballs, and a great measure of candidate skill. The distribution of questions was also in accordance with the blueprint topic weights.
I’m known for being a concise and high signal-to-noise blogger, so I won’t turn this into a blueprint exploration article. You can learn more about the official certification here. Instead, I’ll focus on how I prepared for this exam.
Above all else, you need to sign up for an account at Cisco DevNet. It’s 100% free and contains many excellent resources to help you learn software-related topics. This is more than just “network automation” as you’ll be exposed to software development techniques and strategies, too. While everything on DevNet is useful, I believe the following three resources are the most important for this exam. Learning the content and passing any DevNet exam would be almost impossible without them:
Welcome to WordPress. This is your first post. Edit or delete it, then start writing!
The last couple of days, there have been a lot of tweets with messages like “You need to work tons of overtime in your 20’s to be successful in your career”. There have been also been plenty of counters to these tweets.
This kind of logic is seriously seriously flawed, and bad bad advice. As readers of this blog, you would know that I always talk about tradeoffs. Firstly though, let’s talk about blindly following others footsteps. If I do everything Russ White does, do I become as smart as Russ White? Of course not. If I do everything Warren Buffet does, do I become as rich? Of course not. If I do everything Ivan Pepelnjak does, will I become as experienced as him? Of course not. There are many many paths that can lead to success, whatever that is, and they are not always straight.
So, following in someone’s footsteps does not equal success. Therefore, blindly following advice about working your ass in your 20’s does not hold any real value. What about doing what successful people do? Some successful people wake up early, some do a lot of reading, some exercise a lot. Will you trying to repeat Continue reading
When I studied for my CCDE, I had the good fortune of receiving mentoring from Russ White. Something he taught me, that I really took to heart, is that in every design and choice you make, there is a tradeoff.
If you haven’t found the tradeoff, you haven’t looked hard enough.
From a SD-WAN perspective, in selecting your vendor of choice, what does that mean?
SD-WAN vendors, for a loose definition of SD-WAN, come mainly from three different camps:
There are also vendors that were born in the SD-WAN era and have no previous background.
Cisco of course, through the acquisition of Viptela, bought a company that was very strong in routing, control- and data plane design. A solution designed by Architects/Engineers with profound experience of large scale networking, from large enterprises and service providers. Viptela was born in the SD-WAN era, with no legacy platforms or products to take into consideration. With the background of Viptela, this means that this is a SD-WAN product where the main strength is on routing, separation of control- and data plane, and the flexibility of the product. Other vendors with the same background will also likely Continue reading
In a recent Packet Pushers Heavy Networking episode, Ethan and Greg discussed how difficult SD-WAN is, and why you shouldn’t outsource your SD-WAN to a MSP. So, how difficult is really SD-WAN?
Now, this is of course going to depend on your organization’s level of skill, as well as what vendor you go with, but there are still some conclusions that we can come to.
Most of the SD-WAN solutions are operated by cloud-hosted SDN controllers, where the vendor has setup the virtual machines running the software for you. This greatly simplifies a lot of things that have been painful in the past. From a Cisco perspective, this is some of the pain that has been removed from you:
This means Continue reading
A couple of days ago, I wrote on LinkedIn asking you what a SD-WAN solution should consist of.
https://www.linkedin.com/posts/danieldib_sdn-sdwan-wan-activity-6583614108971655168-BH8x
The post was meant to create a discussion and there were a lot of great answers. Some of the features are “must have” and some of them are “nice to have”. I’m not claiming to have all of the answers but here are some of my thoughts on the topic.
Automated VPN – There should be a mechanism to help you build the IPSec tunnels. You should not have to configure them manually. Traditionally, we often used something like DMVPN to build the tunnels for us. Consider the following:
Separation of control- and data plane – This one is debatable but there should a mechanism to influence topology of the overlay, and routing of the edge devices, using a central mechanism. With DMVPN, we had the ability to do Hub & Spoke or fully meshed, but there was no granular control. We could Continue reading