Last Week on ipSpace.net (2019W7)
Last Tuesday we continued the deep dive into new Ansible networking modules functionality introduced in recent software releases (up to 2.7), including a demonstration of a few simple playbooks that collect printouts from network devices and check software version or end-to-end connectivity.
In the second half of the live session we started digging into the intricacies of device configuration management, ending with the truly “fun part”: changing access control lists on Cisco IOS.
The Ansible for Networking Engineers webinar is part of standard ipSpace.net subscription and Building Network Automation Solutions online course.
Connecting Python To Slack For Testing, Development, and Chat
Plugging Python Code Into Slack, Maybe For A Chatbot
The scripting language Python can retrieve information from or publish information to the messaging app Slack. This means you can write a chatbot that puts info into Slack for you, or accepts your queries using Slack as the interface. This is useful if you spend a lot of time in Slack, as I do.
The hard work of integrating Slack and Python has been done already. Slack offers an API, and there are at least two open source Python libraries that make leveraging these APIs in your Python code easy.
When searching for Slack projects using Python, most of the top hits are using Slack’s official python-slackclient. Github reveals that python-slackclient is an active project, with recent commits. In addition, most code examples I turned up are using python-slackclient. But it’s not a preference borne of experience. Maybe you’d prefer an alternate library like slacker.
Securing The Slack App Security Token
The slackclient library is security-conscious. Some other library sample code shows putting the Slack access token right in the source code as a static variable assignment, which is a terrible, horrible, no good, very bad idea. Why? If you publish Continue reading
Juniper AAA
Junos has a robust authentication, authorization and accounting (AAA) system ensuring authenticated users have access to only the things their permissions allow. Authentication Junos supports two categories of user authentication. Local - On box user database Remote -...continue reading
Cloud Notes: AWS S3
"Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance". At a high level S3 has the following characteristics: Object based storage for static files that do not change. EG: JPEG,...continue reading
Juniper iBGP
8 steps to configure iBGP. Configure a router-id Configure an autonomous system number Configure transport routing protocol Configure a BGP group and define the peer type Configure a BGP group local address Add neighbors to the peer group Define a routing policy to...continue reading
Juniper OSPFv3
3 steps to configure OSPFv3. Create a router-id (optional) Assign OSPF neighbor facing interfaces to OSPF area Inject routes into OSPF via passive interfaces Configuration Create a router-id. cmd set routing-options router-id 10.255.1.1 Assign OSPF neighbor facing...continue reading
Worth Reading: Blockchain and Trust
One of the rules of sane social media presence should be don’t ever engage with evangelists believing in a particular technology religion, more so if their funding depends on them spreading the gospel. I was called old-school networking guru from ivory tower when pointing out the drawbacks of TRILL, and clueless incompetent (in more polite words) when retweeting a tweet pointing out the realities of carbon footprint of proof-of-work technologies.
Interestingly, just a few days after that Bruce Schneier published a lengthy essay on blockchain and trust, and even the evangelists find it a bit hard to call him incompetent on security topics. Please read what he wrote every time someone comes along explaining how blockchains will save the world (or solve whatever networking problems like VTEP-to-MAC mappings).
The Week in Internet News: Researchers Develop AI Writing App but Worry about Fake News
Too easy to fake: OpenAI, a research institute in San Francisco, has developed an Artificial Intelligence program to write news articles, but has declined to release a full-featured version of it because of fears that the AI could easily produce fake news, the MIT Technology Review says. OpenAI, associated with AI skeptic Elon Musk, will make only a simplified version publicly available. The institute will publish a research paper outlining its work.
Secure your IoT: Eleven organizations, including the Internet Society and Mozilla, have asked retailers to stop selling Internet-connected devices that don’t meet minimum security and privacy requirements, Techbizweb reports. A letter from the organizations, sent to Target, Walmart, Best Buy, and Amazon, asks them to publicly endorse minimum security and privacy guidelines for Internet of Things devices.
Competing in AI: U.S. President Donald Trump has signed an executive order meant to boost AI development in the country, The Hill reports. The order comes as some AI experts fear the U.S. is losing ground to China. Trump’s order directs federal agencies to prioritize and set aside funding for AI programs.
Broadband for all: Botetourt County in Virginia, where only about 70 percent of residents have access to Internet Continue reading
Learn More about IXPs at the Middle East Network Operators Group
Internet Exchange Points are now considered to be an integral part of the Internet infrastructure worldwide. In very simple terms they are layer 2 switches that are used to route traffic that can be kept local instead of sending that traffic to the nearest major Internet node (usually located in Europe) and back. None of the countries of the Middle East contain enough globally-connected major Internet infrastructure so basically, all Internet traffic generated and terminated in the same country has to be routed through Europe. With well-implemented Internet Exchange Points, local Internet traffic stays local. Examples of local Internet traffic are financial transactions with your bank through online banking, requesting copies of your birth record from an e-government service, or any interaction with locally-hosted content.
Internet Exchange Points have three main benefits: lower latency, better cost efficiency, and control-of-traffic-sovereignty.
In the day and age of instant gratification and communications through social media and videos, latency, or the time it takes to fetch a web page, needs to be minimal and under 10ms as per industry standard (every 100km causes 1ms delay). In order to optimize the user experience, content providers have built their own global networks and spread their servers Continue reading
Introducing Cf-Terraforming
Ever since we implemented support for configuring Cloudflare via Terraform, we’ve been steadily expanding the set of features and services you can manage via this popular open-source tool.
If you're unfamiliar with how Terraform works with Cloudflare, check out our developer docs.
We are Terraform users ourselves, and we believe in the stability and reproducibility that can be achieved by defining your infrastructure as code.
What is Terraform?
Terraform is an open-source tool that allows you to describe your infrastructure and cloud services (think virtual machines, servers, databases, network configurations, Cloudflare API resources, and more) as human-readable configurations.
Once you’ve done this, you can run the Terraform command-line tool and it will figure out the difference between your desired state and your current state, and make the API calls in the background necessary to reconcile the two.
Unlike other solutions, Terraform does not require you to run software on your hosts, and instead of spending time manually configuring machines, creating DNS records, and specifying Page Rules, you can simply run:
terraform apply
and the state described in your configuration files will be built for you.
Enter Cloudflare Terraforming
Terraform is a tremendous time-saver once you have your configuration files Continue reading
SDxCentral Weekly Wrap: Google Pledges $13B for US Data Centers and Offices
SDxCentral Weekly Wrap for Feb. 15, 2019: Google's plan will include geographic and workforce...
