With January 6th the Christmas/New Year holidays are over even for most European countries, so it’s time to restart my blog and set some goals for 2017.
2015 was year of SDN, 2016 was year of network automation, and 2017 is shaping up to be the year of the cloud.
Read more ...Here’s a trick question:
To implement this request you use the following configuration commands (plenty of other commands removed because they don’t impact the results):
router bgp 64500
address-family ipv4
maximum-paths ibgp 32
maximum-paths 32
neighbor 192.168.0.4 next-hop-self
neighbor 192.168.0.1 next-hop-self
address-family vpnv4
maximum-paths ibgp 32
maximum-paths 32
no neighbor 192.168.0.4 next-hop-self
no neighbor 192.168.0.1 next-hop-self
Try to figure out what the end-result will be without connecting to a router or reading the rest of this blog post.
Ok, here’s what totally threw me off (and wasted an hour of my life): next-hop-self is removed from neighbors in the IPv4 address family. Here’s why:
No wonder David Barroso named his library NAPALM (you’ll find the full story in this or this podcast).
If you're a networking engineer, sysadmin, or NetDevOps guru preferring the power of CLI over carpal-syndrome-inducing GUI you might like the My Looking Glass tool developed by Mehrdad Arshad Rad. Haven't tried it out, but the intro on GitHub page looks promising.
If you decide to try it out (or already did) please share your experience in a comment. Thank you!
As I was trying to automate configuration deployment in a multi-router Cisco IOS lab, I got to a point where the only way of figuring out what was going on was to log commands on Cisco IOS devices. Not a big deal, but I hate logging into a dozen boxes and configuring the same few lines on all of them (or removing them afterwards).
Time for another playbook: this one can push one of many (configurable) configuration snippets to a group of Cisco IOS devices defined in an Ansible inventory file.
Interesting? Want to do something more complex? Join the Network Automation online course.
Over a month ago I decided to create a lab network to figure out how to solve an interesting Inter-AS MPLS/VPN routing challenge. Instead of configuring half a dozen routers I decided to develop a fully-automated deployment because it will make my life easier.
I finally got to a point where OSPF, LDP, BGP (IPv4 and VPNv4) and MPLS/VPN configurations are created, deployed and verified automatically.
Read more ...While it’s relatively easy to create an Ansible inventory file to support a Vagrant-created virtual networking lab, it’s also utterly boring – a perfect job for an automation script. I’m positive there are a zillion solutions out there, but I decided to reinvent the wheel and get a bit of Python hands-on practice.
One of my readers sent me a simple question: “Do you plan to have a Python for Networking Engineers webinar?”
Short answer: no immediate plans.
Here are just a few reasons:
Read more ...Most network automation tutorials out there assume you’re running Ansible on your workstation and accessing virtual machines via SSH ports mapped by Vagrant. That’s great if you’re an experienced Ansible/Python user; for a clunky beginner like myself it’s safer to run Ansible within a VM that can be destroyed and recreated in seconds.
Another year swooshed by… it’s time for another what have we been doing in this year blog post.
Most important bit first: ipSpace.net is slowly morphing from a personal project into a (hopefully interesting) learning platform with almost 30 authors creating or participating in ipSpace.net webinars or online courses.
Read more ...During the Monitoring Software-Defined Networks webinar Terry Slattery addressed an interesting question: what happens if you run an SDN controller in a virtual machine and the virtual network crashes?
Want to know his take on the problem? Watch this free video on ipSpace.net content site.
I rarely get OpenFlow questions these days; here’s one I got not so long ago:
I've just spent the last 2 days of my life consuming the ONF 1.3.3 white paper in addition to the $vendor SDN guide to try and reconcile what features it does or does not support and have come away disappointed...
You’re not the only one ;)
Read more ...High-speed scale-out load balancing is a Mission Impossible. You can get the correct abstraction at the wrong cost or another layer of indirection (to paraphrase the authors of Fastly load balancing solution).
However, once every third blue moon you might get a team of smart engineers focused on optimal solutions to real-life problems. The result: a layer of misdirection, a combination of hardware ECMP and server-level traffic redirection. Enjoy!
The featured webinar in December 2016 is the Network Automation Tools webinar, and in the featured videos you'll find in-depth description of automation frameworks (focusing on Ansible) and open-source IPAM tools (including NSoT recently released by Dropbox).
To view the videos, log into my.ipspace.net, select the webinar from the first page, and watch the videos marked with star.
Read more ...In Software Gone Wild Episode 52 Katerina Barone-Adesi explained how Igalia implemented 4-over-6 tunnel termination (lwAFTR) with Snabb Switch. Their solution focused on very fast data plane and had no real control plane.
No problem – there are plenty of stable control planes on the market, all we need is some glue.
Read more ...I got several questions along the lines of “Do I need programming skills to attend the Building Network Automation Solutions course?”
Short answer: No.
Read more ...One of my readers designing a new data center fabric that has to provide L2 transport across the data center sent me this observation:
While we don’t have plans to seek an open solution in our DC we are considering ACI or VXLAN with EVPN. Our systems integrator partner expressed a view that VXLAN is still very new. Would you share that view?
Assuming he wants to stay with Cisco, what are the other options?
Read more ...On November 7th SDx Central published an article saying “OpenFlow is virtually dead.” There’s a first time for everything, and it’s a real fun reading a marketing blurb on a site sponsored by SDN vendors claiming the shiny SDN parade unicorn is dead.
On a more serious note, Tom Hollingsworth wrote a blog post in which he effectively said “OpenFlow is just a tool. Can we please find the right problem for it?”
Read more ...A few days after I published the blog post describing why it might make sense to attend the Building Network Automation Solutions course even when you’re already using a $vendor network management system/platform, I got a surprising email from one of my friends working for a major networking vendor:
Read more ...Dinesh Dutt was the guest speaker in the second Leaf-and-Spine Fabric Design session. After I explained how you can use ARP/ND information to build a layer-3-only data center fabric that still support IP address mobility Dinesh described the details of Cumulus Linux redistribute ARP functionality and demoed how it works in a live data center.
Got this comment to one of my L2-over-VXLAN blog posts:
I found the Avaya SPBM solution "right on the money" to build that L2+ fabric. Would you deploy Avaya SPBM?
Interestingly, I got that same question during one of the ExpertExpress engagements and here’s what I told that customer:
Read more ...