Sharada Yeluri published an interesting overview of the evolution of network security, from packet filtering firewalls to GenAI and Quantum Computing (yeah, she works for a networking vendor ;). Definitely worth reading if you’re looking for an intro-level overview.
Sharada Yeluri published an interesting overview of the evolution of network security, from packet filtering firewalls to GenAI and Quantum Computing (yeah, she works for a networking vendor ;). Definitely worth reading if you’re looking for an intro-level overview.
Some people insist on using Excel as the ultimate source of user-supplied data (including network automation source of truth).
If you agree with me that that’s not necessarily the best idea out there, you might enjoy this rant by Nikhil Suresh.
Some people insist on using Excel as the ultimate source of user-supplied data (including network automation source of truth).
If you agree with me that that’s not necessarily the best idea out there, you might enjoy this rant by Nikhil Suresh.
RFC 4264 defines BGP wedgies as “a class of BGP configurations for which there is more than one potential outcome, and where forwarding states other than the intended state are equally stable.” Even worse, “the stable state where BGP converges may be selected by BGP in a non-deterministic manner.”
Want to know more? You can explore a real-life BGP wedgie and fix it in the latest BGP lab exercise.
RFC 4264 defines BGP wedgies as “a class of BGP configurations for which there is more than one potential outcome, and where forwarding states other than the intended state are equally stable.” Even worse, “the stable state where BGP converges may be selected by BGP in a non-deterministic manner.”
Want to know more? You can explore a real-life BGP wedgie and fix it in the latest BGP lab exercise.
I plan to add several challenge labs using multihop EBGP sessions to the BGP labs project, including:
However, I would love to start with a simple use case to help engineers unfamiliar with BGP realize when they might have to use multihop EBGP sessions. Unfortunately, I can’t find one, and the scenarios where I used multihop EBGP in the past (EBGP load balancing and using a low-end router in the EBGP path, where I was effectively using the reverse application of #2 as a customer) are mostly irrelevant.
Would you have an easy-to-understand use case that is best solved with a multihop EBGP session? Please share it in the comments. Thanks a million!
I plan to add several challenge labs using multihop EBGP sessions to the BGP labs project, including:
However, I would love to start with a simple use case to help engineers unfamiliar with BGP realize when they might have to use multihop EBGP sessions. Unfortunately, I can’t find one, and the scenarios where I used multihop EBGP in the past (EBGP load balancing and using a low-end router in the EBGP path, where I was effectively using the reverse application of #2 as a customer) are mostly irrelevant.
Would you have an easy-to-understand use case that is best solved with a multihop EBGP session? Please share it in the comments. Thanks a million!
I love open-source tools (and their GitHub repositories). Someone launches a cool idea, and you can dig through their source code to figure out how it works. It beats reading documentation or fixing AI hallucinations every day of the week ;)
Not too long ago, the containerlab team launched the ability to run containerlab within a free1 container2 running on GitHub, and that seemed like a perfect solution to run the BGP labs (Jeroen van Bemmel pointing me in the right direction was another significant step forward).
I love open-source tools (and their GitHub repositories). Someone launches a cool idea, and you can dig through their source code to figure out how it works. It beats reading documentation or fixing AI hallucinations every day of the week ;)
Not too long ago, the containerlab team launched the ability to run containerlab within a free1 container2 running on GitHub, and that seemed like a perfect solution to run the BGP labs (Jeroen van Bemmel pointing me in the right direction was another significant step forward).
I don’t think I ever created two netlab releases in a week, but last week, I stumbled upon a motherlode of goodies, and it would be a shame not to make them available.
Someone tried to use netlab with vrnetlab containers for CSR 1000v and Nexus 9300v. We got it to work, but when I started integrating his changes into the development branch, I wanted to test them, so I installed vrnetlab to create my own container images. vrnetlab is an excellent tool, and building containers is a breeze (running them is a different story), so I added support for vrnetlab containers for every device supported by that tool and netlab for which I happened to have a disk image.
I don’t think I ever created two netlab releases in a week, but last week, I stumbled upon a motherlode of goodies, and it would be a shame not to make them available.
Someone tried to use netlab with vrnetlab containers for CSR 1000v and Nexus 9300v. We got it to work, but when I started integrating his changes into the development branch, I wanted to test them, so I installed vrnetlab to create my own container images. vrnetlab is an excellent tool, and building containers is a breeze (running them is a different story), so I added support for vrnetlab containers for every device supported by that tool and netlab for which I happened to have a disk image.
Here’s another rant to spice up your weekend: focus on fixing your company’s problems instead of chanting the AI mantra. Have fun ;)
Here’s another rant to spice up your weekend: focus on fixing your company’s problems instead of chanting the AI mantra. Have fun ;)
In late 2023, I started playing with the idea of having automated validation in netlab. The early implementation was used in BGP labs, and a user liked it so much that he opened an issue saying:
I would suggest providing netlab validate for each lab.
Numerous rounds of yak-shaving later, I merged a humongous commit that adds automated validation to these lab exercises:
In late 2023, I started playing with the idea of having automated validation in netlab. The early implementation was used in BGP labs, and a user liked it so much that he opened an issue saying:
I would suggest providing netlab validate for each lab.
Numerous rounds of yak-shaving later, I merged a humongous commit that adds automated validation to these lab exercises:
During the ITNOG8 netlab presentation, I jokingly said something along the lines “all that’s missing is RIPv2 and Babel.” That’s no longer true; someone asked me how hard it would be to add RIPv2 to netlab, and I said, “give me a few days 😎”
Other new features in netlab release 1.8.3 include support for BGP route servers (and route server clients), BGP Link Bandwidth community, and OSPF/BGP validation plugins for Arista EOS, Cumulus Linux and FRR. We also fixed the installation scripts to work with Ubuntu 24.04 and Debian Bookworm.
For more details, read the release notes.
During the ITNOG8 netlab presentation, I jokingly said something along the lines “all that’s missing is RIPv2 and Babel.” That’s no longer true; someone asked me how hard it would be to add RIPv2 to netlab, and I said, “give me a few days 😎”
Other new features in netlab release 1.8.3 include support for BGP route servers (and route server clients), BGP Link Bandwidth community, and OSPF/BGP validation plugins for Arista EOS, Cumulus Linux and FRR. We also fixed the installation scripts to work with Ubuntu 24.04 and Debian Bookworm.
For more details, read the release notes.
Dan Massameno wrote a series of blog posts describing the challenges you might encounter when connecting Internet-of-Things1 devices to a Cisco SD-Access network. It is an absolute must-read if you have to deal with IoT devices.
Reading some of his caveats, you’ll quickly confirm the alternate meaning of the IoT acronym: Internet-of-Trash. ↩︎
Dan Massameno wrote a series of blog posts describing the challenges you might encounter when connecting Internet-of-Things1 devices to a Cisco SD-Access network. It is an absolute must-read if you have to deal with IoT devices.
Reading some of his caveats, you’ll quickly confirm the alternate meaning of the IoT acronym: Internet-of-Trash. ↩︎