A Markov chain or Markov process is a stochastic model describing a sequence of possible events in which the probability of each event depends only on the state attained in the previous event. It is named after the Russian mathematician Andrey Markov.
Markov chains help model many real-word processes, such as queues of customers arriving at the airport, queues of packets arriving at a Router, population dynamics. Please refer to this link for a quick intro to Markov chains.
Let’s use a simple example to illustrate the use of Markov Chains. Assume that you own a barber shop, and You notice that Customers don’t wait if there is no room in the waiting room and will take their business elsewhere. You want to invest to avoid this, and you have the following info in hand:
You have finite space in the shop, so add two more chairs in the waiting room or add another barber. Now Continue reading
TL;DR
Never trust show commit changes diff
on Cisco IOS XR.
Cisco IOS XR is the operating system running for the Cisco ASR, NCS, and
8000 routers. Compared to Cisco IOS, it features a candidate
configuration and a running configuration. In configuration mode, you can
modify the first one and issue the commit
command to apply it to the running
configuration.1 This is a common concept for many NOS.
Before committing the candidate configuration to the running configuration, you
may want to check the changes that have accumulated until now. That’s where the
show commit changes diff
command2 comes up. Its goal is to show the
difference between the running configuration (show running-configuration
) and
the candidate configuration (show configuration merge
). How hard can it be?
Let’s put an interface down on IOS XR 7.6.2 (released in August 2022):
RP/0/RP0/CPU0:router(config)#int Hu0/1/0/1 shut RP/0/RP0/CPU0:router(config)#show commit changes diff Wed Nov 23 11:08:30.275 CET Building configuration... !! IOS XR Configuration 7.6.2 + interface HundredGigE0/1/0/1 + shutdown ! end
The +
sign before interface HundredGigE0/1/0/1
makes it look like you did
create a new interface. Maybe there was a typo? No, the diff is just broken. If
you Continue reading
Cloudflare has been using ingress anycast (advertising the same set of prefixes from all data centers) for ages. Now they did a giant leap forward and implemented another “this thing can never work” technology: egress anycast. Servers from multiple data centers use source addresses from the prefix that’s advertised by all data centers.
Not only that, in the long-established tradition they described their implementation in enough details that someone determined enough could go and implement it (as opposed to the typical look how awesome our secret sauce is approach from Google).
Today on Heavy Networking, modeling your network with Batfish. Batfish is an open-source project that builds a model of your production network based on a snapshot of your network and device configurations. Engineers can then test and validate changes against this model before making those changes to the production network. Guest Rick Donato walks us through how Batfish works, use cases, and more.
The post Heavy Networking 658: Using Batfish To Model And Test Your Network appeared first on Packet Pushers.
Time for another netlab video: after explaining how netlab fits into the virtual lab orchestration picture, let’s answer the next question: what exactly can netlab do?
The post IPv6 Link-Local Next Hop Capability for BGP appeared first on Noction.
The post IPv6 Link-Local Next Hop Capability for BGP appeared first on Noction.
In a previous post, we have discussed how to decrypt TLS traffic using a transparent […]
The post Capturing Decrypted TLS Traffic with Arkime first appeared on Brezular's Blog.
Modularization is a crucial part of network design because it supports interchangeability, reduces the size of failure domains, and controls security domains. One critical aspect of modularization is functional separation, which argues for separating services onto specific physical and logical resources. Kevin Myers joins Tom Ammon and Russ White on this episode of the Hedge to discuss the theory and importance of functional separation in network design.
In today's episode of Kubernetes Unpacked, Michael catches up with Steve Buchanan, Principal Program Manager at Microsoft, to talk about using GitOps and Azure Kubernetes Service (AKS) to automate the building and deployment of applications. Microsoft has been working incredibly hard on AKS, including integrating different tools and platforms to make the lives of DevOps and Platform Engineers easier.
The post Kubernetes Unpacked 014: Using GitOps And AKS To Build And Deploy Applications appeared first on Packet Pushers.
In this episode, Ed, Scott, and Tom talk about DNS and IPv6. We cover legacy IPv6 brokeness and DNS, how DNS performs over v6, and how DNS works with v6-only networks.
The post IPv6 Buzz 115: DNS And IPv6 appeared first on Packet Pushers.
CONTAINERlab is a Docker orchestration tool for creating virtual network topologies. The sflow-rt/containerlab project contains a number of topologies demonstrating industry standard streaming sFlow telemetry with realistic data center topologies. This article extends the examples in Real-time telemetry from a 5 stage Clos fabric and Real-time EVPN fabric visibility to demonstrate visibility into IPv6 traffic flows.
docker run --rm -it --privileged --network host --pid="host" \
-v /var/run/docker.sock:/var/run/docker.sock -v /run/netns:/run/netns \
-v $(pwd):$(pwd) -w $(pwd) \
ghcr.io/srl-labs/clab bash
Run the above command to start Containerlab if you already have Docker installed. Otherwise, Installation provides detailed instructions for a variety of platforms.
curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/clos5.yml
Download the topology file for the 5 stage Clos fabric shown above.
containerlab deploy -t clos5.yml
Finally, deploy the topology.
The screen capture shows a real-time view of traffic flowing across the network during an iperf3 test. Click on the sFlow-RT Apps menu and select the browse-flows application, or click here for a direct link to a chart with the settings shown above.docker exec -it clab-clos5-h1 iperf3 -c 2001:172:16:4::2
Each of the hosts in the network has an iperf3 server, so running the above command will test bandwidth between Continue reading