ONIE and the Hammer of Thor
Someone left a comment on my Zero-Touch Provisioning post claiming how Big Switch Networks solved ZTP challenge using just IPv6 Link-Local Address and Neighbor Discovery instead of the complicated DHCP/TFTP/whatever sequence.
Here’s what he wrote:
Read more ...HCI, Storage Revenue, and HPE Next Cost Cuts Boost HPE’s Bottom Line
The company saved about $83 million over the first half of fiscal 2018 though its HPE Next cost-cutting initiative.
Cato Networks Adds Threat Hunting Capability To Its SD-WAN Service
Cato Networks adds a threat-hunting capability to its SD-WAN service to detect compromised devices on customer networks.EMA Report: Network Management Teams Shift Focus to SD-WAN, SDN, and SDDC
SD-WAN is priority for enterprises that want to make their networks more automated.
Kata Containers 1.0 Launch Hones In On Security, Interoperability Fears
The project claims greater security than traditional containers by tapping into virtual machine schema but remains compatible with Docker and Kubernetes in the container ecosystem.
Regular Expression for Network Engineer Part-2
This post is continuation of the Regular Expression for Network Engineer Part-1 , here we have a look for the different methods to find out the pattern in string.
Findall() – returns list of all the matches the pattern in a string without overlapping
- EXAMPLE
[code language = “Python”]
re.findall(pattern, string[, flags])
In [118]: ip
Out[118]: ‘10.10.1.10,29.10.1.10,10.10.1.20,192.168.1.0,172.16.10.1,10.10.10.121’
In [119]: out= re.findall(r'(10.10.10.\d+)’ ,ip)
In [120]: out
Out[120]: [‘10,10.10.1’, ‘10.10.10.121’]
#Above example help us to find out all the IP’s of subnet 10.10.10.0/24 from group of ip’s.
[/code]
Match()-return a match object when pattern is found at the beginning of string, if no pattern is found ,result in None.
- EXAMPLE
[code language = “Python”]
In [189]: text
Out[189]: ‘Cisco IOS Software, 7200 Software (C7200-SPSERVICESK9-M), Version 12.2(33)SRE, RELEASE SOFTWARE (fc1)’
In [190]: out = re.match(r”Cisco”,text)
In [191]: out
Out[191]: <_sre.SRE_Match object; span=(0, 5), match=’Cisco’>
In [192]: out = re.match(r” Software”,text)
In [193]: out
In [194]: out = re.search(r” Software”,text)
In [195]: out
Out[195]: <_sre.SRE_Match object; span=(9, 18), Continue reading
Regular Expression for Network Engineer Part-2
This post is continuation of the Regular Expression for Network Engineer Part-1 , here we have a look for the different methods to find out the pattern in string. Findall() – returns list of all the matches the pattern in a string without overlapping EXAMPLE Match()-return a match object when pattern is found at the […]Automating Cumulus Linux with Ansible
Automating your network can seem like a daunting task. But the truth is that automating Cumulus Linux with Ansible can be easier than many of the things you’re probably already automating.
In this post, I’ll show you how to get started on your network automation journey using a simple, four-step process:
- Pick one small network task to automate
- Configure it manually on a small scale
- Mimic the manual configuration in Ansible
- Expand the automation to additional network devices
To illustrate, I’ll be using the following simple, bare-bones topology based on the Cumulus Reference topology. You can follow along by spinning up your own virtual data center for free using Cumulus in the Cloud.
Pick one network task to automate
The first step is to pick one thing to automate. Just one! The only caveat is that it needs to be something you understand and are comfortable with. Trying to automate a feature you’ve never used is sure to scare you away from automation forever, unless of course you have someone guiding you through the process.
Preferably, pick something that’s quick and simple when done manually. Configuring the OSPF routing protocol between two switches falls into this category. When done manually, Continue reading
Cisco Warns Massive Russian Malware Attack Hit 500k Routers Globally
Security researchers tied the malware to a Russian group responsible for hacking incidents during the 2016 U.S. presidential campaign.
Service Providers Grapple With ‘VNF Islands’
Newly released SDxCentral 2018 report on the VNF Ecosystem finds SD-WAN and vCPE are top use cases for NFV and the driving force behind service providers virtualizing their networks.
Verizon Study: 15% of Enterprises Surveyed Are Deploying SDN
Many companies are looking at ways to accelerate their SDN adoption so they don’t risk falling behind.
Dustin’s Internet Community Roadtrip: In the Bay Area, The People Who Make the Internet Ecosystem Thrive
Dustin Phillips, Co-Executive Director of ICANNWiki, is traveling across the United States in his red Toyota Corolla, making connections with the people who are making their communities – and the Internet – a better place. He visited the Bay Area, first making a stop at the Redwood National and State Parks, where he learned about redwood communities and how their survival is dependent on interconnection, a metaphor for the Internet itself.
What is the Internet Ecosystem?
The Internet affects nearly every aspect of society, creating an extremely wide range of stakeholders. There is still a community of stakeholders engaged directly with the Internet’s policymaking processes, but increasingly there are Internet-related discussions occurring at what would traditionally be considered unlikely venues.
CITRIS and the Banatao Institute
Meeting with Dr. Brandie Nonnecke at the University of California, Berkley’s Center for Information Technology Research in the Interest of Society (CITRIS) and the Banatao Institute was a fitting way to kick off my time in the Bay Area. We had a great discussion on the important role of civic participation and collaborative processes for informed decision-making in key issue areas.
Like the incredibly diverse plant life that grows in the understory Continue reading
Configuring SSL for gRPC on Junos
This is a short article on creating a self-signed root certificate which can be used to self-sign certificates for the purposes of treating our telemetry and instrumentation exploration with the security love it deserves. I also cover configuration of mutual SSL for gRPC on Junos. An article of dual purposes!
One of the things I see far too often is clear-text transport being used in demonstrations, labs and even production. This isn’t acceptable. We live in a world where security has to be woven in from the ground up. How do you really know your system works if you leave out all of the security controls?
I hear your teeth grinding. Why do you want to do this? First of all, even though we can bypass security on gRPC with Junos by going for insecure connectivity with clear-text, we shouldn’t. The world we live in is all about the data and the smallest amount of it can give the ‘bad guys’ a lead.
Now we’re done with the why, we need to deal with the how. There are three approaches to PKI that are common:
- Run around with your hair on fire rambling nonsense
- Create your own Certificate Authority (CA) Continue reading
Short Take: Security as a Tradeoff
We often treat security as an absolute, “that which must be done, and done perfectly, or is of no value at all.” It’s time to take this myth head on, and think about how we should really think about security.
Pica8 Guns for Cisco With PicaPilot White Box Software Platform
The software is targeted at large-scale enterprises looking to make the jump from legacy or proprietary systems like those from Cisco.