Archive

Category Archives for "Networking"

Grafana and Influx – Infrastructure Engineers Language

If you want to understand what Infra engineer speaks and use a tool provided by them you need to have some exposure to the tool itself, you don’t have to be an expert.

 

Monitoring systems that I see nowadays are mostly centric around Prometheus while the Database used for storing any time-series events is InfluxDB. How do you actually map beautifully, its via Grafana

Grafana – https://grafana.com/

Influxdb – https://www.influxdata.com/

Prometheus – https://prometheus.io/

Now the problem here is that many tools are programmed on a daily basis, from a Network Engineer point of view I understood a few things. 

Not everything you need to know the end to end like an Expert for that tool and some choices is purely based on Cost than anything else. 

How would you really understand this? I set up a BME680 sensor in my home and will precisely use Grafana and Influx to map the recordings

Tools Used 

https://learn.adafruit.com/adafruit-bme680-humidity-temperature-barometic-pressure-voc-gas

Raspberry Pi 3

Docker Images – Grafana and Influx

Sample Influx Script – https://github.com/yukthr/auts/blob/master/random_programs/influx-test.py

And finally Beautiful Grafana

All of this is open source and are not hard after the invent of Docker. Give Continue reading

Know Thy Environment Before Redesigning It

A while ago I had an interesting consulting engagement: a multinational organization wanted to migrate off global Carrier Ethernet VPN (with routers at the edges) to MPLS/VPN.

While that sounds like the right thing to do (after all, L3 must be better than L2, right?) in that particular case they wanted to combine the provider VPN with Internet-based IPsec VPN… and doing that in parallel with MPLS/VPN tends to become an interesting exercise in “how convoluted can I make my design before I give up and migrate to BGP”.

Read more ...

MultiCloud… flare

If you want to start an intense conversation in the halls of Cloudflare, try describing us as a "CDN". CDNs don't generally provide you with Load Balancing, they don't allow you to deploy Serverless Applications, and they certainly don't get installed onto your phone. One of the costs of that confusion is many people don't realize everything Cloudflare can do for people who want to operate in multiple public clouds, or want to operate in both the cloud and on their own hardware.

Load Balancing

Cloudflare has countless servers located in 180 data centers around the world. Each one is capable of acting as a Layer 7 load balancer, directing incoming traffic between origins wherever they may be. You could, for example, add load balancing between a set of machines you have in AWS' EC2, and another set you keep in Google Cloud.

This load balancing isn't just round-robining traffic. It supports weighting to allow you to control how much traffic goes to each cluster. It supports latency-based routing to automatically route traffic to the cluster which is closer (so adding geographic distribution can be as simple as spinning up machines). It even supports health checks, allowing it Continue reading

IoT Roundup: New research on IoT security, Microsoft leans into IoT

As with any technology whose use is expanding at such speed, it can be tough to track exactly what’s going on in the IoT world – everything from basic usage numbers to customer attitudes to more in-depth slices of the market is constantly changing. Fortunately, the month of May brought several new pieces of research to light, which should help provide at least a partial outline of what’s really happening in IoT.To read this article in full, please click here(Insider Story)

Just Write Code: Improving Developer Experience for Cloudflare Workers

Just Write Code: Improving Developer Experience for Cloudflare Workers
Just Write Code: Improving Developer Experience for Cloudflare Workers

We’re excited to announce that starting today, Cloudflare Workers® gets a CLI, new and improved docs, multiple scripts for everyone, the ability to run applications on workers.dev without bringing your own domain, and a free tier to make experimentation easier than ever. We are building the serverless platform of the future, and want you to build your application on it, today. In this post, we’ll elaborate on what a serverless platform of the future looks like, how it changes today’s paradigms, and our commitment to making building on it a great experience.

Three years ago, I was interviewing with Cloudflare for a Solutions Engineering role. As a part of an interview assignment, I had to set up an origin behind Cloudflare on my own  domain. I spent my weekend, frustrated and lost in configurations, trying to figure out how to set up an EC2 instance, connect to it over IPv6, and install NGINX on Ubuntu 16.4 just so I could end up with a static site with a picture of my cat on it. I have a computer science degree, and spent my career up until that point as a software engineer — building this simple app was Continue reading

Cisco SDWAN Self Hosted Lab Part 1

One of the posts I get contacted about the most is this one on how the setup a self hosted Viptela control plane. Since Cisco acquired Viptela the process has changed and is now (IMO) a bit simpler. With the release of SDWAN software version 19.1.0 it is now possible to use virtual...

CCIE Renewed Once More – Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months to spare. But it’s done, for another year. Here’s some quick notes on my prep, and thoughts on the exam.

Preparation

I decided to sit the CCIE R&S Written Exam to renew. This was the easiest route for me. I don’t use Cisco products on a day to day basis, so certifying with a different track would be very hard for me.

The version hasn’t changed since the last time I sat it. It’s still 400-100, v5.1. The only difference is that the “Evolving Technologies” section has been tweaked a little. Think Automation toolsets, Cloud concepts, etc.

I used the study guide I purchased last time from “CCIE in 8 Weeks”. I also re-subscribed to their online practice exams. I meant to only subscribe for 3 months, but…I couldn’t get motivated to do this exam. I ended up paying for another 3 months access, before I finally knuckled down and did the study while I was on vacation. I flicked through my old CCIE flashcards a few times too.

Continue reading

CCIE Renewed Once More – Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months to spare. But it’s done, for another year. Here’s some quick notes on my prep, and thoughts on the exam.

Preparation

I decided to sit the CCIE R&S Written Exam to renew. This was the easiest route for me. I don’t use Cisco products on a day to day basis, so certifying with a different track would be very hard for me.

The version hasn’t changed since the last time I sat it. It’s still 400-100, v5.1. The only difference is that the “Evolving Technologies” section has been tweaked a little. Think Automation toolsets, Cloud concepts, etc.

I used the study guide I purchased last time from “CCIE in 8 Weeks”. I also re-subscribed to their online practice exams. I meant to only subscribe for 3 months, but…I couldn’t get motivated to do this exam. I ended up paying for another 3 months access, before I finally knuckled down and did the study while I was on vacation. I flicked through my old CCIE flashcards a few times too.

Continue reading

CCIE Renewed Once More – Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months to spare. But it’s done, for another year. Here’s some quick notes on my prep, and thoughts on the exam.

Preparation

I decided to sit the CCIE R&S Written Exam to renew. This was the easiest route for me. I don’t use Cisco products on a day to day basis, so certifying with a different track would be very hard for me.

The version hasn’t changed since the last time I sat it. It’s still 400-100, v5.1. The only difference is that the “Evolving Technologies” section has been tweaked a little. Think Automation toolsets, Cloud concepts, etc.

I used the study guide I purchased last time from “CCIE in 8 Weeks”. I also re-subscribed to their online practice exams. I meant to only subscribe for 3 months, but…I couldn’t get motivated to do this exam. I ended up paying for another 3 months access, before I finally knuckled down and did the study while I was on vacation. I flicked through my old CCIE flashcards a few times too.

Continue reading

CCIE Renewed Once More – Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months to spare. But it’s done, for another year. Here’s some quick notes on my prep, and thoughts on the exam.

Preparation

I decided to sit the CCIE R&S Written Exam to renew. This was the easiest route for me. I don’t use Cisco products on a day to day basis, so certifying with a different track would be very hard for me.

The version hasn’t changed since the last time I sat it. It’s still 400-100, v5.1. The only difference is that the “Evolving Technologies” section has been tweaked a little. Think Automation toolsets, Cloud concepts, etc.

I used the study guide I purchased last time from “CCIE in 8 Weeks”. I also re-subscribed to their online practice exams. I meant to only subscribe for 3 months, but…I couldn’t get motivated to do this exam. I ended up paying for another 3 months access, before I finally knuckled down and did the study while I was on vacation. I flicked through my old CCIE flashcards a few times too.

Continue reading

L2TP/IPSec Remote Access VPN on VyOS

Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). It does not provide any encryption or confidentiality by itself. Therefore, it is often combined with IPSec that is used for encapsulation of L2TP packets between the endpoints. Securing L2TP using IPsec is standardized in RFC3193. The tutorial provides remote Access L2TP/IPsec configuration for VyOS network OS.

So far, I have tested L2TP/IPSec configuration on VyOS 1.2.0 with an Android phone as configured as L2TP/IPSec client. However, I have not been successful, ended with the error message below. The same L2TP/IPSec configuration works for the legacy 64-bits Vyatta 6.6, therefore, it is used in our lab, instead of VyOS.

xl2tpd[1809]: Maximum retries exceeded for tunnel

We employ Cisco vIOS-L3 in order to simulate a SOHO router. The router is connected to the Wifi router Access_Point (172.17.100.1/26) with an associated wireless client (Android phone IP 172.17.100.5/16). The L2TP/IPSec client is running on the phone. The client is configured to connect to the VPN gateway running on Vyatta (10.0.1.1/24) in order to reach the server LAN subnet (10.0.0.0/24) within L2TP/IPSec VPN tunnel Continue reading

How HPE Greenlake Flex Capacity Enables Pay-Per-Use IT

HPE GreenLake takes IT consumption in a new direction. It offers a catalog of pre-designed, end-to-end solutions, such as Big Data, Backup, and Database with EDB Postgres, that simplify the IT experience by delivering a cloud-like consumption model managed for your on-premises environment.Outcome-based IT consumption delivers a range of benefits that you can’t get from solutions solely built from scratch or bought from the public cloud. Delivering the best of both worlds, HPE GreenLake enables: Faster time to value with solutions that are ready quickly and evolve ahead of your needs Better economics with a flexible, pay-per-use model that offers simplicity and financial clarity On-premises for proper control over compliance, performance, and security Simplified IT that’s operated for you to free up resources and add business value Because pre-designed workload solutions do not fit every business, HPE also offers fully customizable infrastructure modules that deliver greater technology choice depending on IT preferences. With HPE GreenLake Flex Capacity, you design your own infrastructure solutions, selecting from a broad range of HPE and partner technologies, as well as optional services that span your infrastructure to your apps and workloads.To read this article in full, please click here