Introduction to Arista PyeAPI
The Python Client for eAPI (pyeapi) is a Python library that simplifies working with Arista eAPI, removing the need to deal with the specifics of its implementation. It's straightforward to configure and use. In this blog post, we'll look at how to install pyeapi and go through some examples.
If you're familiar with Arista's eAPI, you know that you can browse to the device's IP in a browser, run commands, and get the output directly. You can also achieve the same result using Python, but it typically requires understanding which libraries to use and how to construct the REST API requests.
However, pyeapi simplifies all of this. You don't need to worry about what's happening behind the scenes. Below is a screenshot of running show vlan command via the REST API, and in the following examples, we'll see how to get the same output using pyeapi.
PyeAPI Installation
To install pyeapi, you can use pip, which is the standard package manager for Python. It's a good practice to use a virtual environment (venv) to keep your dependencies isolated and avoid conflicts with other projects. First, create and activate a virtual environment. Once your virtual Continue reading
TNO008: Demystifying AI: Essential Concepts for Network Operators
AI can support network operations, but it can also be complex, mysterious, and steeped in vendor hype. On today’s episode, guest Phil Gervasi clarifies some of the terminology and concepts of AI, including distinctions among concepts like generative AI, general AI, and large language models (LLMs). Phil shares tips for getting beyond the hype to... Read more »Hedge 250: Reacting to the Hype
It’s roundtable time! Tom, Eyvonne, and Russ discuss several different topics, including the broader market implications for the changes going on at Broadcom and VMWare, balancing the cloud (they float!), reacting to the hype, and whether IP addresses will even be important in ten years.
IPB164: Getting a Fresh Start with IPv6
When you start fresh with IPv6, you have a lot to gain in terms of routing, reputation and security. Today’s show focuses on the differences between provider-assigned (PA) and provider-independent (PI) address spaces. The team discusses the benefits of PI space and the clean slate it offers for address reputation and security. As always, strategic... Read more »N4N003: What’s a VLAN?
Today we explore Virtual Local Area Networks (VLANs). This topic was prompted by a question from college student Douglas. We’ll explain the fundamental concepts of VLANs, such as their role in segmenting and managing network traffic, and the technical details for implementation. We’ll also address key topics including VLAN tags, access and trunk ports, and... Read more »What’s new in Cloudflare: Account Owned Tokens and Zaraz Automated Actions
In October 2024, we started publishing roundup blog posts to share the latest features and updates from our teams. Today, we are announcing general availability for Account Owned Tokens, which allow organizations to improve access control for their Cloudflare services. Additionally, we are launching Zaraz Automated Actions, which is a new feature designed to streamline event tracking and tool integration when setting up third-party tools. By automating common actions like pageviews, custom events, and e-commerce tracking, it removes the need for manual configurations.
Cloudflare is critical infrastructure for the Internet, and we understand that many of the organizations that build on Cloudflare rely on apps and integrations outside the platform to make their lives easier. In order to allow access to Cloudflare resources, these apps and integrations interact with Cloudflare via our API, enabled by access tokens and API keys. Today, the API Access Tokens and API keys on the Cloudflare platform are owned by individual users, which can lead to some difficulty representing services, and adds an additional dependency on managing users alongside token permissions.
First, a little explanation because the terms can Continue reading
AI for Network Engineers: Convolutional Neural Network
Introduction
The previous chapter explained how Feed-forward Neural Networks (FNNs) can be used for multi-class classification of 28 x 28 pixel handwritten digits from the MNIST dataset. While FNNs work well for this type of task, they have significant limitations when dealing with larger, high-resolution color images.
In neural network terminology, each RGB value of an image is treated as an input feature. For instance, a high-resolution 600 dpi RGB color image with dimensions 3.937 x 3.937 inches contains approximately 5.58 million pixels, resulting in roughly 17 million RGB values.
If we use a fully connected FNN for training, all these 17 million input values are fed into every neuron in the first hidden layer. Each neuron must compute a weighted sum based on these 17 million inputs. The memory required for storing the weights depends on the numerical precision format used. For example, using the 16-bit floating-point (FP16) format, each weight requires 2 bytes. Thus, the memory requirement per neuron would be approximately 32 MB. If the first hidden layer has 10,000 neurons, the total memory required for storing the weights in this layer would be around 316 GB.
In contrast, Convolutional Neural Networks (CNNs) use Continue reading
D2DO257: Love is in the Firmware
With the current cultural emphasis on AI and how that is changing our world, we often forget the human element of individuals and teams when building an effective software development team. On today’s Day Two DevOps, we explore the psychology behind software teams, psychological safety for those teams and how the advent of AI plays... Read more »PP039: Securing Active Directory from a Pen Tester’s Perspective
Microsoft’s Active Directory and Entra ID are valuable targets for attackers because they store critical identity information. On today’s Packet Protector, we talk with penetration tester and security consultant Eric Kuehn about how he approaches compromising AD/Entra ID, common problems he sees during client engagements, quick wins for administrators and security pros to fortify their... Read more »Worldwide deployment of real-time flow analytics
Industry standard sFlow telemetry is widely supported by network equipment vendors and network management platforms. However, the advent of real-time sFlow analytics has opened up a range of new applications for sFlow. The map above shows the proportion of sFlow-RT instances running in each of the over 70 countries in which it is deployed.
The following use cases are driving current deployments:
- Augmenting observability dashboards with real-time network analytics, see Flow metrics with Prometheus and Grafana
- Monitoring Internet Exchange Points, see Internet eXchange Provider (IXP) Metrics
- Automated DDoS mitigation, see DDoS protection quickstart guide
Addressing the challenge of operating AI / ML clusters is the emerging application for sFlow visibility. High speed (400/800G) data center switches needed to handle machine learning traffic flows include sFlow agents and real-time analytics are essential to optimize the network so that expensive GPU and compute resources are fully utilized, see Leveraging open technologies to monitor packet drops in AI cluster fabrics.
If you would like to see how real-time network analytics can transform network operations, Getting Started describes how to download and configure sFlow-RT analytics software for use in your network, or how to try it out using an emulator, or pre-captured data.
HW040: Unpacking Wi-Fi 7’s Multi-Link Operation (MLO)
Multi-Link Operation (MLO) is a major feature of Wi-Fi 7. At a high level, MLO allows a client and an AP to communicate using multiple radios and frequencies simultaneously. The result is an increase in throughput and resiliency. Today’s Heavy Wireless podcast dives into MLO with guest Jim Palmer, who presented on the topic at... Read more »NB503: Apple Buys Stake in Satellite Telecom Company; Arista Enjoys AI Revenue Bump
Take a Network Break! This week we cover a serious Cisco vulnerability, SonicWall offering a firewall warranty, and a security advisory from ID provider Okta. Apple buys a stake in a satellite telecommunications company, Lumen and Google team up on a joint networking/AI deal, and we check on financial results from Arista Networks, Extreme Networks,... Read more »Tech Bytes: Why Autodesk Swapped VPNs for Prisma SASE (Sponsored)
Today on the Tech Bytes podcast, sponsored by Palo Alto Networks, we talk with Palo Alto Networks customer Autodesk about how it migrated from SD-WAN and traditional remote access VPNs to SASE, or Secure Access Service Edge. We’ll talk about the trends that drove Autodesk’s migration and the results of their SASE adoption. Our guests... Read more »Lab: Using IS-IS Metrics
It’s time for another “the vendor IS-IS defaults are all wrong” blog post. Wide IS-IS metrics were standardized in RFC 3784 in June 2004, yet most vendors still use the ancient narrow metrics as the default setting.
Want to know more? The Using IS-IS Metrics lab exercise provides all the gory details.
Customize Caddy’s plugins with Nix
Caddy is an open-source web server written in Go. It handles TLS certificates automatically and comes with a simple configuration syntax. Users can extend its functionality through plugins1 to add features like rate limiting, caching, and Docker integration.
While Caddy is available in Nixpkgs, adding extra plugins is not
simple.2 The compilation process needs Internet access, which Nix
denies during build to ensure reproducibility. When trying to build the
following derivation using xcaddy, a tool for building Caddy with plugins,
it fails with this error: dial tcp: lookup proxy.golang.org on [::1]:53:
connection refused.
{ pkgs }: pkgs.stdenv.mkDerivation { name = "caddy-with-xcaddy"; nativeBuildInputs = with pkgs; [ go xcaddy cacert ]; unpackPhase = "true"; buildPhase = '' xcaddy build --with github.com/caddy-dns/[email protected] ''; installPhase = '' mkdir -p $out/bin cp caddy $out/bin ''; }
Fixed-output derivations are an exception to this rule and get network access
during build. They need to specify their output hash. For example, the
fetchurl function produces a fixed-output derivation:
{ stdenv, fetchurl }: stdenv.mkDerivation rec { pname = "hello"; version = "2.12.1"; src Continue reading
How We Measure: ISP User Counts
At APNIC Labs we generate, on a daily ongoing basis, our estimate of the number of users per ISP for every ISP that we see on the Internet through the ad-based measurement platform. This report is published at the URL: https://stats.labs.apnic.net/aspop. As far as we are aware this is the only such public data set that encompasses the entirety of the public Internet. Here I would like to explain how we calculate this data, and provide some responses to a recent presentation at the RIPE 89 meeting on this data set.From Python To Go 002. Basic Data Types (Numeric, Boolean, String) and Variables.
Hello my friend,
We continue our blog series about learning Go (Golang) as second programming language, which you can use for network and IT infrastructure automation. Today we’ll talk about the basic data types and variables both in Python and Go
How To Start Automating?
Any programming language, whether it is Python or Go (Golang), is a tool to implement your business logic. Whilst it is very important to be experienced with the tool, it is important also to understand the wide context of network automation, and this is where our trainings will kick start you:
We offer the following training programs in network automation for you:
- Zero-to-Hero Network Automation Training
- High-scale automation with Nornir
- Ansible Automation Orchestration with Ansble Tower / AWX
- Expert-level training: Closed-loop Automation and Next-generation Monitoring
During these trainings you will learn the following topics:
- Success and failure strategies to build the automation tools.
- Principles of software developments and the most useful and convenient tools.
- Data encoding (free-text, XML, JSON, YAML, Protobuf).
- Model-driven network automation with YANG, NETCONF, RESTCONF, GNMI.
- Full configuration templating with Jinja2 based on the source of truth (NetBox).
- Best programming languages (Python, Bash) for developing automation
- The most rock-solid and Continue reading