netsim-tools Release 1.0
It looks like netsim-tools reached a somewhat stable state, so it was time to do a cleanup and publish release 1.0 (also available on PyPi, use pip3 install –upgrade netsim-tools to fetch it).
During the cleanup, I removed all references to the obsolete scripts, leaving only the netlab command. I also found an old bash script that enabled LLDP passthrough on Linux bridges and made it part of netlab up process; your libvirt-based labs will have LLDP enabled by default.
Interested? Install the tools and follow the tutorials to get started.
netsim-tools Release 1.0
It looks like netsim-tools reached a somewhat stable state, so it was time to do a cleanup and publish release 1.0 (also available on PyPi, use pip3 install –upgrade netsim-tools to fetch it).
During the cleanup, I removed all references to the obsolete scripts, leaving only the netlab command. I also found an old bash script that enabled LLDP passthrough on Linux bridges and made it part of netlab up process; your libvirt-based labs will have LLDP enabled by default.
Interested? Install the tools and follow the tutorials to get started.
Python Script Pulling AWS IP Prefixes – Part 2
In the previous post I described some of the design considerations for this script and what modules I use. In this post, we will look at using YAML to collect data and use it in Python in the form of a dictionary. Why YAML? YAML is commonly used as a readable way of storing configuration data and there are modules for Python to read that data.
The YAML file is a very basic one containing these mappings:
--- outside_interface: outside aws_service: s3 aws_region: eu-north-1 asa_ip: 192.168.255.241 ...
The three dashes indicate the start of the file and the three dots indicate the end of the file. We have configured what service we are interested in (S3) and in what region (eu-north-1). The outside interface in our Cisco ASA is named outside.
The natural fit to work with mappings in Python is a dictionary. We need to get the data from the file named aws_prefix.yml into a dictionary. To do that, we will use the following code:
def get_yaml_data() -> dict:
"""Gets the interface name, ASA IP address AWS service, and region
from the YAML file and returns a dictionary"""
try:
with open("aws_prefix.yml") Continue reading
Worth Reading: Operators and the IETF
Long long time ago (seven years to be precise), ISOC naively tried to bridge the gap between network operators and Internet Vendor Engineering Task Force1. They started with a widespread survey asking operators why they’re hesitant to participate in IETF mailing lists and meetings.
The result: Operators and the IETF draft that never moved beyond -00 version. A quick glimpse into the Potential Challenges will tell you why IETF preferred to kill the messenger (and why I published this blog post on Halloween).
Worth Reading: Operators and the IETF
Long long time ago (seven years to be precise), ISOC naively tried to bridge the gap between network operators and Internet Vendor Engineering Task Force1. They started with a widespread survey asking operators why they’re hesitant to participate in IETF mailing lists and meetings.
The result: Operators and the IETF draft that never moved beyond -00 version. A quick glimpse into the Potential Challenges will tell you why IETF preferred to kill the messenger (and why I published this blog post on Halloween).
Automation 3. Configuring of Nokia SROS via NETCONF/YANG with pySROS and Python
Hello my friend,
we continue the review and tutorial of pySROS, the Nokia Python library to manage the Nokia SR OS based routers via NETCONF/YANG. In previous blogposts we’ve covered how to poll the configuration and operational data and how to structure the received data and explore its YANG modules. Today we’ll take a look how to configure Nokia SR OS based devices.
2
3
4
5
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.
I Have Software Developers in My Company. Why Should I Do Automation?
This is one of the trickiest questions, which doesn’t have a simple answer. Really, why should you, network or security engineer, bother yourself and step into completely new and unknown world of automation and development? The reason for that very simple: network and security automation (and infrastructure automation in general) requires detailed knowledge of the network and security infrastructure first of all. We always say at our trainings: automation is automation of your knowledge and skills. So
On top of that, Continue reading
Worth Reading: Programming Sucks
Just FYI: if you’re wondering about the wisdom of every networking engineer should become a programmer religion, you might benefit from the Programming Sucks reality check. I had just enough exposure to programming to realize how spot-on it is (and couldn’t decide whether to laugh or cry).
Worth Reading: Programming Sucks
Just FYI: if you’re wondering about the wisdom of every networking engineer should become a programmer religion, you might benefit from the Programming Sucks reality check. I had just enough exposure to programming to realize how spot-on it is (and couldn’t decide whether to laugh or cry).
Calico is celebrating 5 years
October marks the five-year anniversary of Calico Open Source, the most widely adopted solution for container networking and security. Calico Open Source was born out of Project Calico, an open-source project with an active development and user community, and has grown to power 1.5M+ nodes daily across 166 countries.
When Calico was introduced 5 years ago, the world—and technology—was much different from what it is today. The march toward distributed applications and microservices had just begun. Today, open-source projects like Project Calico are enabling the large-scale adoption of a modern architecture that is ultimately responsible for the wholesale transition to digital transformations that we are witnessing.
As part of our celebration, we’ve compiled a few comments from people who have worked on the project over the years.
“Calico works well out of the box. It scales well, rarely has bugs, and is feature rich. Tigera does a good job supporting its customers also.” —Network engineer“[Calico is] the industry standard [for] networking for Kubernetes.” —Platform engineer“The support for a lot of K8s distributions (either on-prem or cloud managed) is great with Calico.” —Platform architect“[Calico helped us learn] about network segmentation in cloud-native environments.” Continue reading
A Word of Warning for Remote IT Infrastructure Workforces
To continue to support a remote IT workforce, due diligence must be performed to both reduce the number of hardware components that must be managed and the steps to be taken when outages occur.Heavy Networking 604: Taking A Systems Approach To Networking With Bruce Davie
Today's Heavy Networking discusses the notion of looking at, and learning about, networking via a systems approach. Our guest is Dr. Bruce Davie who's had a long career in networking, has written numerous IETF RFCs, and is the author of a new set of free books on networking and computer systems.
The post Heavy Networking 604: Taking A Systems Approach To Networking With Bruce Davie appeared first on Packet Pushers.
Heavy Networking 604: Taking A Systems Approach To Networking With Bruce Davie
Today's Heavy Networking discusses the notion of looking at, and learning about, networking via a systems approach. Our guest is Dr. Bruce Davie who's had a long career in networking, has written numerous IETF RFCs, and is the author of a new set of free books on networking and computer systems.Getting In Front of Future Regret
Yesterday I sat in on the keynote from Commvault Connections21 and participated in a live blog of it on Gestalt IT. There was a lot of interesting info around security, especially related to how backup and disaster recovery companies are trying to add value to the growing ransomware issue in global commerce. One thing that I did take away from the conversation wasn’t specifically related to security though and I wanted to dive into a bit more.
Reza Morakabati, CIO for Commvault, was asked what he thought teams needed to do to advance their data strategy. And his response was very insightful:
Ask your team to imagine waking up to hear some major incident has happened. What would their biggest regret be? Now, go to work tomorrow and fix it.
It’s a short, sweet, and powerful sentence. Technology professionals are usually focused on implementing new things to improve productivity or introduce new features to users and customers. We focus on moving fast and making people happy. Security is often seen as running counter to this ideal. Security wants to keep people safe and secure. It’s not unlike the parents that hold on to their child’s bicycle after the training wheels Continue reading
Nonlinear Effects of Optimization-Induced Complexity
We have school holidays this week, so I’m reposting wonderful comments that would otherwise be lost somewhere in the page margins. Today: Minh Ha on recent Facebook failure and overly complex systems (slightly edited).
I incidentally commented on your NSF post some 3 weeks before […the Facebook outage…] happened, on the unpredictable nature of nonlinear effects resulting from optimization-induced complexity. Their outage just drives home the point that optimization is a dumb process and leads to combinations of circular dependency that no one can account for and test.
Nonlinear Effects of Optimization-Induced Complexity
We have school holidays this week, so I’m reposting wonderful comments that would otherwise be lost somewhere in the page margins. Today: Minh Ha on recent Facebook failure and overly complex systems (slightly edited).
I incidentally commented on your NSF post some 3 weeks before […the Facebook outage…] happened, on the unpredictable nature of nonlinear effects resulting from optimization-induced complexity. Their outage just drives home the point that optimization is a dumb process and leads to combinations of circular dependency that no one can account for and test.