Antti Ristimäki left an interesting comment on Network Automation Considered Harmful blog post detailing why it’s suboptimal to run manually-configured modern service provider network.
I really don’t see how a network any larger and more complex than a small and simple enterprise or campus network can be developed and engineered in a consistent manner without full automation. At least routing intensive networks might have very complex configurations related to e.g. routing policies and it would be next to impossible to configure them manually, at least without errors and in a consistent way.
What I’ve covered in the previous blog post about CUE and Ansible were isolated use cases, disconnected islands in the sea of network automation. The idea behind that was to simplify the introduction of CUE into existing network automation workflows. However, this does not mean CUE is limited to those use cases and, in fact, CUE is most powerful when it’s used end-to-end — both to generate device configurations and to orchestrate interactions with external systems. In this post, I’m going to demonstrate how to use CUE for advanced network automation workflows involving fetching information from an external device inventory management system, using it to build complex hierarchical configuration values and, finally, generating and pushing intended configurations to remote network devices.
CUE was designed to be a simple, scalable and robust configuration language. This is why it includes type checking, schema and constraints validation as first-class constructs. There are some design decisions, like the lack of inheritance or value overrides, that may take new users by surprise, however over time it becomes clear that they make the language simpler and more readable. One of the most interesting features of CUE, though, is that all code Continue reading
We are excited to announce an updated version of the NSX Reference Design and the NSX Easy Adoption Design guide based on the generally available NSX-T release 3.2. NSX-T 3.2 is part of the recently released VCF 4.5 software bundle, making it a very popular release among our customers.
To support you in your network and security virtualization journey, we introduced the NSX-T reference architecture design guide on the NSX-T 2.0 release, showing how you should design your data centers with NSX-T. Over time we introduced additional design guides such as the NSX-T Multi-Location Design Guide (Federation + Multisite), the Easy Adoption Design guide, and the NSX-T Data Center and EUC Design Guide for more specific use cases.
These latest updates cover the new features included in the 3.2 versions and the design and implementation guidelines we developed working tightly with our customers on their NSX projects.
This document is the most essential document for any NSX practitioner. Whether you are just starting with NSX or have already successfully implemented NSX in your environment, the NSX Reference Design guide provides a clear and detailed description Continue reading
On today’s Tech Bytes podcast, sponsored by VMware, we explore a real-world SD-WAN deployment. A customer in the automotive industry needed a better way to share large CAD files among global sites, and its MPLS network wasn’t cutting it. The company also wanted to lower WAN costs while improving performance of business apps. We talk with Coevolve, a VMware partner, on how Coevolve helped the automotive company deploy and operate a global SD-WAN from VMware that increased bandwidth by a factor of 10 and cut costs by as much as 40 percent.
The post Tech Bytes: Boosting WAN Speeds While Cutting Costs With VMware SD-WAN (Sponsored) appeared first on Packet Pushers.
Take a Network Break! This week we cover a new continuous integration pipeline from Arista Networks to support network automation, Cisco's intention to open a new silicon design center in Spain, and Apple spending $450 million to support emergency text messaging using satellites. We also discuss Palo Alto Networks spending $195 million for Cider Security, financial results, and more.
The post Network Break 408: Arista Launches Network Automation Pipeline; Palo Alto Targets Software Supply Chain Security appeared first on Packet Pushers.
netlab release 1.4 added support for static anycast gateways and VRRP. Today we’ll use that functionality to add anycast gateways to the VLAN trunk lab:
We’ll start with the VLAN trunk lab topology and make the following changes:
gateway.id: 1
After starting the lab you’ll notice the change in node identifiers and interface IP addresses. Without the anycast gateway, netlab assigns node ID 1 (and loopback IP address 10.0.0.1) to S1. Now that the node ID 1 is reserved, S1 gets loopback address 10.0.0.2.
The only other change on the Continue reading
I have seen companies achieve great successes in the space of consumer internet and entertainment industry. I’ve been feeling less enthusiastic about the stronghold that these corporations have over my digital presence. I am the first to admit that using “free” services is convenient, but these companies are sometimes taking away my autonomy and exerting control over society. To each their own of course, but for me it’s time to take back a little bit of responsibility for my online social presence, away from centrally hosted services and to privately operated ones.
This series details my findings starting a micro blogging website, which uses a new set of super interesting open interconnect protocols to share media (text, pictures, videos, etc) between producers and their followers, using an open source project called Mastodon.
Similar to how blogging is the act of publishing updates to a website, microblogging is the act of publishing small updates to a stream of updates on your profile. You can publish text posts and optionally attach media such as pictures, audio, video, or polls. Mastodon lets you follow friends and discover new ones. It doesn’t do this in a centralized way, however.
Groups Continue reading
Geoff Huston published a lengthy article (as always) describing talks from recent OARC meeting, including resolver-less DNS and DNSSEC deployment risks.
Definitely worth reading if you’re at least vaguely interested in the technology that supposedly causes all network-related outages (unless it’s BGP, of course)