XtendISE Key Features – Simplifying Cisco ISE Management
XtendISE is a user-friendly web application integrated with Cisco ISE and designed to simplify daily tasks and common challenges related to 802.1X without requiring extensive training on Cisco ISE. XtendISE helps manage MAC addresses, troubleshoot 802.1X authentication issues, and simplify the management of switch 802.1X configurations. It also validates configurations to ensure they are set up correctly and as intended.
We covered the basics of XtendISE in a previous article linked below. In this blog post, we will explore in detail three key features that XtendISE offers.
- MAC address management
- Enhanced Troubleshooting Capabilities
- Configuration and Auditing of the network access devices
How XtendISE Helps with 802.1X Management in ISE?
XtendISE is a simple web application connected to your Cisco ISE, which helps with everyday routine tasks and common challenges related to 802.1X without the need to train everyone in Cisco ISE.
Suresh Vina
💡
Disclaimer - XtendISE sponsors my blog, and this is a sponsored post. However, I had the final say on the content and personally liked their product.
Mac Address Management
Typically, when a device doesn’t support 802.1X, we collect its MAC address and add it to a specific group in Continue reading
netlab 1.9.3: MLAG, Static Routes, Node Cloning
netlab release 1.9.3 brings these new features:
- Multi-chassis Link Aggregation (MLAG) on Arista EOS, Aruba CX, Cumulus NVUE, and Dell OS10
- VRF and VLAN groups
- Additional OSPF interface parameters (hello and dead timers, cleartext passwords, and DR priority) implemented on Arista EOS, Aruba CX, Cisco IOS/IOS-XE, Cisco Nexus OS, Cumulus Linux, Dell OS10, and FRRouting
- Static routes with direct or indirect next hops implemented on Arista EOS, Cisco IOS/IOS-XE, FRRouting, and Linux
- Node cloning plugin for users who want to build detailed digital twins of their networks.
- Consistent selection of default address pools based on the number of nodes attached to a link (this could change addressing in multi-provider topologies)
- Support for vjunos-router and Cisco NSO tool.
Other new features include:
N4N008: What Is a Default Gateway?
Today’s topic is the default gateway, essential for routing traffic between networks. We explain its purpose, configuration, and the consequences of incorrect settings. Using home networks as an example, Ethan and Holly illustrate how default gateways enable devices to communicate with external networks. The discussion also covers routing tables, subnet masks, and the differences between... Read more »Configuring IP Addresses Won’t Make You an Expert
A friend of mine recently wrote a nice post explaining how netlab helped him set up a large network topology in a reasonably short timeframe. As expected, his post attracted a wide variety of comments, from “netlab is a gamechanger” (thank you 😎) to “I prefer traditional labs.” Instead of writing a bunch of replies into a walled-garden ecosystem, I decided to address some of those concerns in a public place.
Let’s start with:
HW043: Is OFDMA Worth It?
OFDMA, or Orthogonal Frequency-Division Multiple Access, was introduced in 802.11ax. This technology allows a radio to split a single channel into multiple sub-carriers, which in turn can be used to send data to multiple devices at the same time. OFDMA is meant to reduce congestion by allowing APs to allocate resource units among, and communicate... Read more »D2DO262: The Science and Magic of Network Mapping and Measurement
Measuring network speed seems straightforward: send some traffic between two endpoints and see how long it took. But what path did the traffic take? Were wired or wireless networks involved? What intermediary devices stood between your two endpoints? Was there interference? Congestion? Are device limitations affecting your results? The fact is, there’s more to measurement... Read more »Open source all the way down: Upgrading our developer documentation
At Cloudflare, we treat developer content like a product, where we take the user and their feedback into consideration. We are constantly iterating, testing, analyzing, and refining content. Inspired by agile practices, treating developer content like an open source product means we approach our documentation the same way an open source software project is created and maintained. Open source documentation empowers the developer community because it allows anyone, anywhere, to contribute content. By making both the content and the framework of the documentation site publicly accessible, we provide developers with the opportunity to not only improve the material itself but also understand and engage with the processes that govern how the documentation is built, approved, and maintained. This transparency fosters collaboration, learning, and innovation, enabling developers to contribute their expertise and learn from others in a shared, open environment. We also provide feedback to other open source products and plugins, giving back to the same community that supports us.
Great documentation empowers users to be successful with a new product as quickly as possible, showing them how to use the product and describing its benefits. Relevant, timely, and accurate content can save Continue reading
Building Ultra Long Range TOSLINK
Building Ultra Long Range TOSLINK
This post is a textual version of a talk I gave at The 38th Chaos Computer Congress at the end of 2018
OSPFv3 on Bird Needs IPv6 LLA on the Loopback Interface
Wanted to share this “too weird to believe” SNAFU I found when running integration tests with the Bird routing daemon. It’s irrelevant unless you want Bird to advertise the IPv6 prefix configured on the main loopback interface (lo) with OSPFv3.
Late last year, I decided to run netlab integration tests with the Bird routing daemon. It passed most baseline netlab OSPFv3 integration tests but failed those that checked the loopback IPv6 prefix advertised by the tested device (test results).
AI for Network Engineers: Long Short-Term Memory (LSTM)
Introduction
As mentioned in the previous chapter, Recurrent Neural Networks (RNNs) can have hundreds or even thousands of time steps. These basic RNNs often suffer from the gradient vanishing problem, where the network struggles to retain historical information across all time steps. In other words, the network gradually "forgets" historical information as it progresses through the time steps.
One solution to address the horizontal gradient vanishing problem between time steps is the use of Long Short-Term Memory (LSTM) based RNN instead of basic RNN. LSTM cells can preserve historical information across all time steps, whether the model contains ten or several thousand time steps.
Figure 6-1 illustrates the overall architecture of an LSTM cell. It includes three gates: the Forget gate, the Input gate (a.k.a. Remember gate), and the Output gate. Each gate contains input neurons that use the Sigmoid activation function. The reason for employing the Sigmoid function, as shown in Figure 5-4 of the previous chapter, is its ability to produce outputs in the range of 0 to 1. An output of 0 indicates that the gate is "closed," meaning the information is excluded from contributing to the cell's internal state calculations. An output of Continue reading
BGP Updates in 2024
The first part of this annual report on BGP for the year 2024 looked at the size of the routing table and some projections of table growth for both IPv4 and IPv6. However, the scalability of BGP as the Internet’s routing protocol is not just dependant on the number of prefixes carried in the routing table. BGP protocol behaviour in the form of dynamic routing updates are also part of this story. If the update rate of BGP is growing faster than we can deploy processing capability to match, then the routing system will lose coherence, and at that point the network will head into periods of instability. This report looks at the profile of BGP updates across 2023 to assess whether the stability of the routing system, as measured by the level of BGP update activity, is changing.From Python to Go 009. Interfaces For Data Types In Go (Golang).
Hello my friend,
First of all, Happy New Year! We hope that you had a great festive time with your beloved ones, families and friends. That’s the one of the most important part of our lives and, in our opinion, spending some time off the grid impacts our mental well-being positively and gives us energy to move forward and achieve new heights in professional and business areas.
Talking about the topic of today blog post, we thought it will be useful to show you a concept, which is Go (Golang) specific, as there is no such a need in Python. This concept is called “interfaces”, and it is extremely helpful when you work with external data, which you will face working with external data source, e.g. retrieving data from APIs with JSON/XML encoding.
Disclaimer, we talk about interfaces only in the context of the data types in Go (Golang), as it is also used for class composition (object-oriented programming), so we put it aside for now. We may get back to it later in our blog series.
Automation and AI?
If you follow latest trends, you see that AI in various forms, whether this is agentic AI, Continue reading
Multi-Path TCP: revolutionizing connectivity, one path at a time
The Internet is designed to provide multiple paths between two endpoints. Attempts to exploit multi-path opportunities are almost as old as the Internet, culminating in RFCs documenting some of the challenges. Still, today, virtually all end-to-end communication uses only one available path at a time. Why? It turns out that in multi-path setups, even the smallest differences between paths can harm the connection quality due to packet reordering and other issues. As a result, Internet devices usually use a single path and let the routers handle the path selection.
There is another way. Enter Multi-Path TCP (MPTCP), which exploits the presence of multiple interfaces on a device, such as a mobile phone that has both Wi-Fi and cellular antennas, to achieve multi-path connectivity.
MPTCP has had a long history — see the Wikipedia article and the spec (RFC 8684) for details. It's a major extension to the TCP protocol, and historically most of the TCP changes failed to gain traction. However, MPTCP is supposed to be mostly an operating system feature, making it easy to enable. Applications should only need minor code changes to support it.
There is a caveat, however: MPTCP is still fairly immature, and while it can Continue reading
Behind the scenes with Stream Live, Cloudflare’s live streaming service
Cloudflare announced Stream Live for open beta in 2021, and in 2022 we went GA. While we talked about the experience of using it and the value it delivers to customers, we didn’t talk about how we built it. So let’s talk about Stream Live’s design, and how it leverages the distributed nature of Cloudflare’s network, rather than centralized locations as many other live services do. Ultimately, our goals are to keep our content ingest as close to broadcasters as possible, our content delivery as close to viewers as possible, and to retain our ability to handle unexpected use cases.
At a high level, Stream Live accepts audio/video content from broadcasters and makes that content available to viewers around the world in real time through the Cloudflare network, which reaches more than 330 cities in over 120 countries. Hence, there are two sides to this: ingesting data from broadcasters and delivering encoded content to viewers. Both sides are built on a combination of internal systems and Cloudflare products, including Cloudflare Workers, Durable Objects, Spectrum, and, of course, Cache.
Let’s start on the ingest side.
Broadcasters generate content in real time, as a Continue reading
BGP in 2024
At the start of each year, it’s been my habit to report on the behaviour of the Internet’s inter-domain routing system over the previous 12 months, looking in some detail at some metrics from the routing system that can show the essential shape and behaviour of the underlying interconnection fabric of the Internet.IPsec VPN between Cisco and GreenBow
In a previous tutorial, we explained how to configure a legacy Cisco 1812 router for […]
The post IPsec VPN between Cisco and GreenBow first appeared on Brezular's Blog.
A Year of Consistency, Again
2024 was a year of being busy. You probably noticed as a loyal reader because my output on this blog fell off quite a bit. I wanted to get back on track per my New Year’s Day post. How did I do? Sixteen posts for the whole year. Barely more than one a month.
That doesn’t mean I wasn’t busy. I have been working hard to bring great Tech Field Day events to the community. I’ve become more active on BlueSky as the community shifts there due to the craziness happening on Twitter/X. I have been getting more and more briefings on technology, which I’ve been writing up on LinkedIn. And of course I’ve been active on the Gestalt IT Rundown and the Tech Field Day Podcast
I also ran almost every day in 2024. I mentioned on Facebook that “consistency beats quantity”, which was a phrase that encouraged me to try and run at least one mile a day in 2024. That ended up being 901 miles of running for the year, with November and December having a LOT or running. I plan on keeping that going in 2025, where I’m aiming for 1,000 miles. It will be a Continue reading
2025 Goals
https://codingpackets.com/blog/2025-goals