Nokia Lab | LAB 3 IS-IS |
Hello everyone!
It's the next Nokia lab. Today we will review routing protocol widely spread across service providers networks.
Please check my first lab for input information.
Topology example
Lab tasks and questions:
- Basic IS-IS
- configure IS-IS between R1 and R2 (use P2P interface type, Level 2 only, "system" interface as passive, area 49.01)
- check neighbors state
- examine IS-IS control plane PDUs (You can use debug or packet capture)
- describe all IS-IS PDU and their purpose
- What transport does IS-IS use for control plane PDU delivery? Any difference with OSPF?
- Examine destination MAC address of control plane PDU
- examine LSP in detail
- What TLV types does it contain? Examine every TLV
- What is the default preference of IS-IS routes?
- What is max-metric of IS-IS routes (default configuration)?
- How to change behavior? How to take into account link bandwidth?
- Multi-area IS-IS
- configure R3 and R4 as L1/L2 IS-IS routers (use P2P interface type, area 49.02)
- configure R5 and R6 as L1-only IS-IS routers (use P2P interface type, area 49.02)
- check IS-IS adjacency on R3
- What adjacency types do you see?
- make attention to LSP attributes
- Is there ATT Continue reading
Must Read: Automate Nexus-OS Fabric Deployment
Some networking engineers breeze through our Network Automation online course, others disappear after a while… and a few of those come back years later with a spectacular production-grade solution.
Stephen Harding is one of those. He attended the automation course in spring 2019 and I haven’t heard from him in almost two years… until he submitted one of the most mature data center fabric automation solutions I’ve seen.
Not only that, he documented the solution in a long series of must-read blog posts. Hope you’ll find them useful; I liked them so much I immediately saved them to Internet Archive (just in case).
Must Read: Automate Nexus-OS Fabric Deployment
Some networking engineers breeze through our Network Automation online course, others disappear after a while… and a few of those come back years later with a spectacular production-grade solution.
Stephen Harding is one of those. He attended the automation course in spring 2019 and I haven’t heard from him in almost two years… until he submitted one of the most mature data center fabric automation solutions I’ve seen.
Not only that, he documented the solution in a long series of must-read blog posts. Hope you’ll find them useful; I liked them so much I immediately saved them to Internet Archive (just in case).
Modernizing Configuration Management to Address Net Complexities
Proper configuration management will help mitigate network complexity and properly prepare organizations for the future in an increasingly connected world.First look: new O’Reilly eBook on Kubernetes security and observability *early release chapters*
We are excited to announce the early release of a new O’Reilly eBook on Kubernetes security and observability!
This practical book introduces new cloud-native approaches for Kubernetes practitioners who care about the security and observability of mission-critical microservices. Through practical guidance and best practice recommendations, this book helps you understand why cloud-native applications require a modern approach to security and observability practices and how to implement them.
You should read this book if you want to:
- learn why you need a security and observability strategy for cloud-native applications, and determine your scope of coverage;
- understand key concepts behind Kubernetes’s security and observability approach;
- discover how to split security responsibilities across multiple teams or roles; and/or
- learn how to architect Kubernetes security and observability for multi-cloud and hybrid environments.
Whether you want to know how to secure and troubleshoot your cloud-native applications, or are exploring Kubernetes for your organization and would like to solve security and observability challenges before making a decision, you will find that this book provides valuable insight.
Get your early release copy here!
The post First look: new O’Reilly eBook on Kubernetes security and observability *early release chapters* appeared first on Tigera.
Tech Bytes: New Prisma SD-WAN Features Improve Operations, Analytics (Sponsored)
Today’s Tech Bytes podcast explores new features in Prisma SD-WAN 5.5 from Palo Alto Networks, our sponsor for this episode. New features include event correlation and analysis, improved stats and analytics dashboards, and the ability to export telemetry to third-party devices and services. Our guest is Bill Pruitt, Sr. Product Manager, SD-WAN.Tech Bytes: New Prisma SD-WAN Features Improve Operations, Analytics (Sponsored)
Today’s Tech Bytes podcast explores new features in Prisma SD-WAN 5.5 from Palo Alto Networks, our sponsor for this episode. New features include event correlation and analysis, improved stats and analytics dashboards, and the ability to export telemetry to third-party devices and services. Our guest is Bill Pruitt, Sr. Product Manager, SD-WAN.
The post Tech Bytes: New Prisma SD-WAN Features Improve Operations, Analytics (Sponsored) appeared first on Packet Pushers.
Complexity Of Networking Architecture In The 2020’s
Get the parts of network strategy right today is a daunting task when you think about it
The post Complexity Of Networking Architecture In The 2020’s appeared first on Packet Pushers.
Calico Cloud now available on AWS Marketplace
We are pleased to announce that Calico Cloud, our software as a service (SaaS) for Kubernetes security and observability, is now available on AWS Marketplace! AWS users can now use Kubernetes security and observability as services along with managed Kubernetes services, all with a single click. For more information, see our official press release.
Can’t wait to jump right in? Subscribe and deploy Calico Cloud on AWS Marketplace here.
The post Calico Cloud now available on AWS Marketplace appeared first on Tigera.
4 Data Center Security Issues That Will Make You Rethink Firewalling
Recall what was happening a decade ago? While 2011 doesn’t seem that long ago (you remember, the Royal Wedding, Kim Kardashian’s divorce, and of course Charlie Sheen’s infamous meltdown), a lot has changed in 10 years. Back then, most data centers were just starting to experiment with virtualization. Remember when it was considered safe for only a handful of non-essential workloads to go virtual? Well, today about half of the servers globally have become virtualized, and we’ve moved well beyond just virtualization. Nearly every enterprise data center has become a hybrid environment, with a mix of physical and virtual storage and compute resources. Containerization and the technologies supporting it are starting to take hold. And of course, cloud computing has become pervasive in all aspects of enterprise computing.
Now, the business benefits of today’s software-defined data center are many, especially in terms of resource efficiency and cost savings. But there’s no denying that complexity has also increased, because all the same resources are still needed—compute, storage, switching, routing—but now any number of these resources may be on-prem or in the Continue reading
Loose Lips
When I was in the military we were constantly drilled about the problem of Essential Elements of Friendly Information, or EEFIs. What are EEFis? If an adversary can cast a wide net of surveillance, they can often find multiple clues about what you are planning to do, or who is making which decisions. For instance, if several people married to military members all make plans to be without their spouses for a long period of time, the adversary can be certain a unit is about to be deployed. If the unit of each member can be determined, then the strength, positioning, and other facts about what action you are taking can be guessed.
Given enough broad information, an adversary can often guess at details that you really do not want them to know.
What brings all of this to mind is a recent article in Dark Reading about how attackers take advantage of publicly available information to form Spear Phishing attacks—
Going back further Continue reading
The Week in Internet News: Encryption Faces Serious Threats
Encryption in danger: Encryption is essential, but a number of countries are trying to weaken its protections, Wired.com says. Recent attempts to weaken encryption have happened in Germany, Brazil, India, and other countries. “Technical as encryption can be, it is really about something at the very core of how we live our lives today: Should […]
The post The Week in Internet News: Encryption Faces Serious Threats appeared first on Internet Society.
Network Break 328: Arista CloudVision Adds Config Workflow Automation; Innovium ASICs Embrace SONiC
On this week's Network Break we cover Arista's careful steps into automation, new support for SONiC from Innovium, a cash injection for whitebox NOS maker Pica8, a startup tackling cloud infrastructure and application experience, and why you can blame cosmic rays the next time there's a network problem.
The post Network Break 328: Arista CloudVision Adds Config Workflow Automation; Innovium ASICs Embrace SONiC appeared first on Packet Pushers.