FRRouting RIB and FIB

This is how we described the interactions between routing protocol tables, RIB, and FIB in the ancient times:

  • Routing protocols compute the best paths to all known prefixes.
  • These paths compete for entry in the routing table. The path(s) with the lowest administrative distance win.
  • The entries from the routing table are fully evaluated (in particular, their next hops) and entered in the forwarding table.

Let’s use a simple BGP+OSPF network to illustrate what I’m talking about:

Read more …

FRRouting RIB and FIB

This is how we described the interactions between routing protocol tables, RIB, and FIB in the ancient times:

  • Routing protocols compute the best paths to all known prefixes.
  • These paths compete for entry in the routing table. The path(s) with the lowest administrative distance win.
  • The entries from the routing table are fully evaluated (in particular, their next hops) and entered in the forwarding table.

Let’s use a simple BGP+OSPF network to illustrate what I’m talking about:

Read more …

My Experience with IP Fabric Automated Network Assurance Platform

My Experience with IP Fabric Automated Network Assurance Platform

I've been following IP Fabric for some time now, checking out their updates and reading their blog posts. It made me curious to want to give their platform a try myself. So, I did just that and thought it'd be helpful to share my thoughts and experiences with you.

If you're curious about IP Fabric too, they offer a 90-day lab license, which is a great way to get hands-on with the platform. The nice people over at IP Fabric set me up with a trial license and I found the setup process to be very straightforward. In fact, it took me less than an hour to get everything up and running.

💡
Please note that this post is not sponsored by IP Fabric. I reached out to them to request a lab license so I could test their platform in my own lab environment. All the insights and findings shared in this post are based on my personal research and experience with the tool.

What we will cover?

  • What is IP Fabric?
  • Installation
  • Automated Network Discovery
  • What is a Snapshot?
  • Topology Visualization
  • Intent-based Verification
  • Compliance and Security Checks
  • Other Useful Features
  • Closing thoughts

What is 'IP Fabric Automated Continue reading

Interface EBGP Sessions on Arista EOS

Arista EOS and Cisco Nexus OS got interface EBGP sessions years after Cumulus Linux. While they’re trivially easy to configure on FRRouting (the routing daemon used by Cumulus Linux), getting them to work on Arista EOS is a bit tricky.

To make matters worse, my Google-Fu failed me when I tried to find a decent step-by-step configuration guide; all I got was a 12-minute video full of YouTube ads. Let’s fix that.

Read more …

Interface EBGP Sessions on Arista EOS

Arista EOS and Cisco Nexus OS got interface EBGP sessions years after Cumulus Linux. While they’re trivially easy to configure on FRRouting (the routing daemon used by Cumulus Linux), getting them to work on Arista EOS is a bit tricky.

To make matters worse, my Google-Fu failed me when I tried to find a decent step-by-step configuration guide; all I got was a 12-minute video full of YouTube ads. Let’s fix that.

Read more …

Tech Bytes: Protecting Connected Medical Devices With Palo Alto Networks IoT Security (Sponsored)

Medical devices are an essential element of patient care. They’re also network-connected devices that need resilient connectivity and security. On today’s Tech Bytes we examine the challenges of supporting and securing connected medical devices, including threats, vulnerabilities, and regulatory frameworks. We’ll also discuss strategies and best practices to manage medical device risks and ensure the... Read more »

NB470: NetBox Labs Adds On-Prem Support; ASML Vs. The Netherlands

This week on Network Break we discuss a new on-prem version of NetBox Labs’ source-of-truth software with enterprise support, why Selector AI is adding an LLM to its operations and observability product, and whether a new Web application firewall from Cloudflare can protect LLMs against malicious prompts. Viavi Solutions consolidates the network testing space with... Read more »

AI Assistants

I have written elsewhere about the danger of AI assistants leading to mediocrity. Humans tend to rely on authority figures rather strongly (see Obedience to Authority by Stanley Milgram as one example), and we often treat “the computer” as an authority figure.

The problem is, of course, Large Language Models—and AI of all kinds—are mostly pattern-matching machines or Chinese Rooms. A pattern-matching machine can be pretty effective at many interesting things, but it will always be, in essence, a summary of “what a lot of people think.” If you choose the right people to summarize, you might get close to the truth. Finding the right people to summarize, however, is beyond the powers of a pattern-matching machine.

Just because many “experts” say the same thing does not mean the thing is true, valid, or useful.

AI assistants can make people more productive, at least in terms of sheer output. Someone using an AI assistant will write more words per minute than someone who is not. Someone using an AI assistant will write more code daily than someone who is not.

But is it just more, or is it better?

Measuring the mediocratic effect of using AI systems, even as Continue reading

Running netlab and BGP Labs on Apple Silicon

I usually say that you cannot run netlab on Apple silicon because the vendors don’t provide ARM images. However, when I saw an ARM version of the FRRouting container, I started wondering whether I could run the BGP labs (admittedly only on FRR containers) on my M2 MacBook Pro.

TL&DR: Yes, you can do that.

Now for the recipe:

Read more …

Containerlab – Creating Network Labs Can’t Be Any Easier

Containerlab - Creating Network Labs Can't Be Any Easier

What if I tell you that all you need is just a YAML file with just a bunch of lines to create a Network Lab that can run easily on your laptop? You'd call me crazy, right?

Well, in this blog post, I'll walk you through what Containerlab is and how it can simplify creating and managing your labs with ease. Let's dive in.

What we will cover?

  • What is containerlab?
  • Comparing EVE-NG/GNS3 to Containerlab
  • Installation and initial setup
  • Lab images (Arista cEOS)
  • Containerlab terminology
  • Lab example
  • Cleaning up
  • Closing thoughts
Cisco Restconf - Get Operational Data
In this blog post, we’ll use Restconf to pull operational data from a Cisco switch. So far in our previous posts, we’ve looked at getting and changing configuration data.
Containerlab - Creating Network Labs Can't Be Any EasierPacketswitchSuresh Vina
Containerlab - Creating Network Labs Can't Be Any Easier

What is Containerlab?

The official definition is "Containerlab provides a CLI for orchestrating and managing container-based networking labs. It starts the containers, builds a virtual wiring between them to create lab topologies of users choice and manages labs lifecycle."

Simply put, containerlab is a Lab-as-a-code tool that helps you set up and manage your network labs easily. Instead of dealing with complex setups and configurations, containerlab simplifies everything for you. Continue reading

Weekend Reads 031524


Of all the problems with electric cars, perhaps the least expected was the revelation that some home charging points provide a potential point of weakness for malign foreign powers to interfere with our National Grid.


More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization.


MWC Qualcomm is going big on AI at MWC, where it’s showing off a 7 billion parameter large language model running on an Android phone, along with an online hub to help mobile devs blend models into their apps, and AI infused into its latest 5G modem and Wi-Fi 7 silicon.


In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017.


Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019.


Use of the Rust programming language has been on the rise but is only expected to continue to gather steam as more security-focused organizations call for Rust developers Continue reading

How Observability Is Different for Web3 Apps

Web3 represents the next evolutionary step in building web applications. Web3 combines blockchain technology, decentralized protocols and peer-to-peer interactions to give birth to a new standard for transparency and security through decentralized applications (dApps). The dApps rely on decentralized servers instead of traditional (Web2) applications based on a centralized server. However, this new paradigm presents challenges for logging, tracing — in a Django-based Web3 application using Scout APM. How Is Observability Different in Decentralized Apps? Observability in Web3 dApps poses several unique challenges that need to be resolved. Immutable Transactions Web3 dApps rely heavily on blockchain technology. Generally speaking, once a blockchain transaction has been confirmed, it cannot be changed, even if there has been a mistake. This makes it extremely important to have close monitoring and observability to detect and prevent issues before data is written to the blockchain. Distributed Data Traditional web applications rely on centralized servers while Web3 dApps rely on a globally distributed and decentralized network of nodes. A robust observability solution is therefore required to aggregate and analyze data across this complex network. Variable Continue reading

1 110 111 112 113 114 3,793