I ran the first webinar as an independent author almost exactly fourteen years ago1, with the first ticket sold just before New Year’s Eve. I kept focusing on individual webinars until someone asked me, “Would it be possible to buy access to everything you did?” His question effectively created the ipSpace.net subscription, with the first one sold in late 2010 (I still have the email that triggered the whole process).
My video editor sent me the perfect let’s-wrap-up-this-year video:
I wish you a few quiet days disconnected from the technology and all the best in 2024!
After procrastinating for months, I finally spent a few days cleaning up and organizing OSPF blog posts (it turns out I wrote almost 100 blog posts on the topic in the 18 years of blogging).
In the Path Failure Detection on Multi-Homed Servers blog post, I mentioned running BGP on servers as one of the best ways to detect server-to-network failures. As always, things aren’t as simple as they look, as Cathal Mooney quickly pointed out:
One annoyance is what IP address gets used by default by the system for outbound traffic. It would be nice to have a generic OS-level way to say, “This IP on lo0 should be default for outbound IP traffic unless to the connected link subnet itself.”
That’s definitely a tough nut to crack, and Cathal described a few solutions he used in the past:
Here’s a challenge in case you get bored during the Christmas break: merge two networks running BGP (two autonomous systems) without changing anything but the configurations of the routers connecting them (the red BGP session in the diagram). I won’t give you any hints; you can discuss it in the comments or a GitHub discussion.
Hopefully, you won’t have to deal with something similar in real life, but then we know that crazy requirements trump good designs any day of the week.
A while ago, Chris Parker published a nice blog post explaining how to configure unnumbered interfaces with IS-IS in Junos. It’s well worth reading, but like my Unnumbered Ethernet Interfaces blog post, it only covers one network operating system. What if you want to do something similar on another platform?
How about using the collective efforts of the team developing device configuration templates for netlab? As of December 2023 netlab supports:
Eric Hoel published a spot-on analysis of AI disruptiveness, including this gem:
The easier it is to train an AI to do something, the less economically valuable that thing is. After all, the huge supply of the thing is how the AI got so good in the first place.
TL&DR: AI can easily disrupt things that are easy to generate and thus have little value. Seeing investors trying to recoup the billions pouring into the latest fad will be fun.
Gerben Wierda published another AI-buster article describing what exactly “state-of-the-art” means in AI benchmarks.
Hint: you give an AI model 32 step-by-step examples before asking a question, and it still gets it wrong 10% of the time.
After a brief introduction of how the language models fit into the AI/ML landscape, Javier Antich explained the language model basics, including auto-regression, types of language models, the specifics of large language models, and potential use cases,
TL&DR: If you’re using netlab to build labs for your personal use, you can skip this one, but if you plan to use it to create training labs (like my BGP labs project), you might want to keep reading.
Like any complex enough tool, netlab eventually had to deal with inconsistent version-specific functionality and configuration syntax (OK, topology attributes). I stumbled upon this challenge when I wanted to make labs that use two types of configurable devices.
A previous BGP lab focused on the customer side of BGP communities: adding them to BGP updates to influence upstream ISP behavior. Today’s lab focuses on the ISP side of the equation: using BGP communities in a routing policy to implement RFC 1998-style behavior.
I always said that the Trivia Pursuit certification tests (or job interviews) are nonsense and that one should focus on fundamentals.
In a recent blog post, Daniel Dib described a fantastic scenario: using a simple “why can’t I connect to a web site” question, explore everything from ARP/ND to DNS and TLS.
Obviously, you’ll never see anything that sane in a certification test. An interactive interview doesn’t scale (beyond CCDE), and using humans (and common sense judgment) creates potential legal liabilities (there were rumors that had been one of the reasons a talk with a proctor who could flunk you was dropped from the CCIE test).
Drew Conry-Murray published a excellent summary of his takeaways from the AutoCon0 event, including this one:
Most companies want vendor-supported tools that will actually help them be more efficient, reduce human error, and increase the velocity at which the network team can support new apps and services.
Yeah, that’s nothing new. Most Service Providers wanted vendors to add tons of nerd knobs to their products to adapt them to existing network designs. Obviously, it must be done for free because a vast purchase order1 is dangling in the air. We’ve seen how well that worked, yet learned nothing from that experience.
Did you find the Network Automation with GitHub Actions blog post interesting? Here are some more GitHub Self-Hosted Runner goodies from Julio Perez: Network CI and Open Source – Welcome to the World of Tomorrow. Enjoy!
Want to explore SRv6? Cisco engineers put together a repository containing scripts and configs for building SRv6 test topologies. It works with Containerlab and FRR (unless you want to beg a Cisco account team for a Cisco 8000 image or make a sandwich while the IOS XRd image is booting).
Want to use netlab? Jeroen van Bemmel implemented baseline SRv6 support for Nokia SR OS.
Did you know that netlab includes full-blown IP address management? You can define address pools (or use predefined ones) and get IPv4 and IPv6 prefixes from those pools assigned to links, interfaces, and loopbacks. You can also assign static prefixes to links, use static IP addresses, interface addresses as an offset within the link subnet, or use unnumbered interfaces.
For an overview of netlab IPAM, watch the netlab address management video (part of the Network Automation Tools webinar), for more details read the netlab addressing tutorial.
On November 22nd, 2023, AMS-IX, one of the largest Internet exchanges in Europe, experienced a significant performance drop lasting more than four hours. While its peak performance is around 10 Tbps, it dropped to about 2.1 Tbps during the outage.
AMS-IX published a very sanitized and diplomatic post-mortem incident summary in which they explained the outage was caused by LACP leakage. That phrase should be a red flag, but let’s dig deeper into the details.
In the previous BGP labs, we built a network with two adjacent BGP routers and a larger transit network using IBGP. Now let’s make our transit network scalable with BGP route reflectors, this time using a slightly larger network:
It’s been a while since the last netlab release. Most of that time was spent refactoring stuff that you don’t care about, but you might like these features:
As always, we also improved the platform support:
Kristijan Taskovski asked an interesting question related to my BGP AS-prepending lab:
I’ve never personally done this on the net but….wouldn’t the BGP origin code also work with moving one’s ingress traffic similarly to AS PATH?
TL&DR: Sort of, but not exactly. Also, just because you can climb up ropes using shoelaces instead of jumars doesn’t mean you should.
Let’s deal with the moving traffic bit first.