Catalyst SD-WAN – Bootstrapping a Catalyst8000v Using a File on Bootflash

Yesterday I showed how to bootstrap a Catalyst8000v from the CLI. Today, I will show how to put a file on bootflash which includes the configuration but also the root certificate and the certificate of the device. This is a bit of a more streamlined process and can also be useful if you don’t know what CLI commands to use as vManage will generate the configuration for you.

Starting out, we have a freshly booted router that is in autonomous mode (non-SD-WAN):

Router#sh ver | i operating
Router operating mode: Autonomous

To generate the bootstrap configuration, the process is to first go through the regular process of attaching a device to a template. Go to Configuration -> Templates and select Attach Devices:

Select the correct device:

Fill in the information needed:

Click Update to reflect the edits:

Then click Next:

Click Configure Devices and vManage will try to push the config but the device is offline:

Once this is done, vManage has all the information it needs to generate the bootstrap. Go to Configuration -> Devices and select the correct device and then Generate Bootstrap Configuration:

Then vManage will disply the following window. Choose Cloud-Init and have the box selected Continue reading

Heavy Networking 689: Prepping For Certification Exams With Mary Fasang

Certifications are a part of life in IT. On today's Heavy Networking we explore preparation strategies with guest Mary Fasang. Her certs run the gamut from CompTIA to MCSE to the CCNP, as well as the PMP and ITIL certs. How should you prepare for a cert in 2023 when there’s so much content, so many training options, as well as home labbing available? How do you handle failure? Which certs have been the hardest? What study materials have proved helpful? Mary shares her strategies.

Heavy Networking 689: Prepping For Certification Exams With Mary Fasang

Certifications are a part of life in IT. On today's Heavy Networking we explore preparation strategies with guest Mary Fasang. Her certs run the gamut from CompTIA to MCSE to the CCNP, as well as the PMP and ITIL certs. How should you prepare for a cert in 2023 when there’s so much content, so many training options, as well as home labbing available? How do you handle failure? Which certs have been the hardest? What study materials have proved helpful? Mary shares her strategies.

The post Heavy Networking 689: Prepping For Certification Exams With Mary Fasang appeared first on Packet Pushers.

Private 5G/LTE growing more slowly than expected

Private 5G/LTE networks for the enterprise are becoming increasingly common, but a new forecast from tech analyst firm IDC has found that several headwinds exist for the technology, which could slow its adoption over the next 18 to 24 months.The report, authored by IDC research manager Patrick Filkins, predicted that private cellular networking infrastructure sales will grow from $2.4 billion in global revenue this year to $5.3 billion in 2027.The use cases for private cellular networks are numerous and varied, according to IDC, encompassing everything from wide-area applications like grid networks for utility systems and transport networks to local networks for manufacturing facilities or warehouses.To read this article in full, please click here

PCI-Express Must Match The Cadence Of Compute Engines And Networks

When system architects sit down to design their next platforms, they start by looking at a bunch of roadmaps from suppliers of CPUs, accelerators, memory, flash, network interface cards – and PCI-Express controllers and switches.

The post PCI-Express Must Match The Cadence Of Compute Engines And Networks first appeared on The Next Platform.

PCI-Express Must Match The Cadence Of Compute Engines And Networks was written by Timothy Prickett Morgan at The Next Platform.

AI is changing server sales but paying off for enterprises

The adoption of artificial intelligence is changing the way servers are being procured while having a quick and positive impact on firms that deploy AI technologies, according to a pair of research reports from Omdia.In its upcoming cloud and data center market report, the research firm predicts a reduction in the number of server shipments for the first time since 2007. However, the server drop in 2007 was due to a global economic crisis. The current shift in server buying has a more positive spin.Omdia found that demand for compute resources remains high. However, it also reports that demand for more expensive servers with specialized hardware for AI model training (translation: GPUs) are being prioritized over the typical enterprise server with just a CPU.To read this article in full, please click here

AI is changing server sales but paying off for enterprises

The adoption of artificial intelligence is changing the way servers are being procured while having a quick and positive impact on firms that deploy AI technologies, according to a pair of research reports from Omdia.In its upcoming cloud and data center market report, the research firm predicts a reduction in the number of server shipments for the first time since 2007. However, the server drop in 2007 was due to a global economic crisis. The current shift in server buying has a more positive spin.Omdia found that demand for compute resources remains high. However, it also reports that demand for more expensive servers with specialized hardware for AI model training (translation: GPUs) are being prioritized over the typical enterprise server with just a CPU.To read this article in full, please click here

Weekend Reads 070723


To help organizations avoid the potential perils that the .zip and similarly confusing ngTLD extensions (i.e., .app, .cab, .cam, .mobi, .mov, .pub, .rip, and .win) may pose, the WhoisXML API research team scoured the DNS for such domains created between 1 January and 31 May 2023 to see if any of them should be considered suspicious and treated with caution.


When you write some code and put it on a spacecraft headed into the far reaches of space, you need to it work, no matter what. Mistakes can mean loss of mission or even loss of life.


That’s right, no need to be picky — any CA can sign any domain name, so you can pick from literally hundreds since that is the number of trusted CA root certificates baked into your browser or included in most operating systems.


Some 50 years ago, at the Palo Alto Research Centre of that renowned photocopier company Xerox, a revolutionary approach to local digital networks was born.


The proposed new European Union (EU) Artificial Intelligence Act has been extolled in the media as a bold action by a major legislative body against the perceived dangers of emerging new computer technology.


In Continue reading

Catalyst SD-WAN – Botstrapping a Catalyst8000v in a Virtual Lab

I’m rebuilding my Catalyst SD-WAN lab and thought I would give some quick pointers on how to bootstrap a Catalyst 8000v in your virtual lab. When the router first boots up, it will be in autonomous mode (non-SD-WAN mode):

Router#show version | i operating
Router operating mode: Autonomous

Configure the router to be in controller mode which will cause it to reboot:

Router#controller-mode enable
Enabling controller mode will erase the nvram filesystem, remove all configuration files, and reload the box! 
Ensure the BOOT variable points to a valid image 
Continue? [confirm]
% Warning: Bootstrap config file needed for Day-0 boot is missing
Do you want to abort? (yes/[no]): no

To bootstrap the router, the following is needed:

  • System IP
  • Site ID
  • Organization name
  • vBond name/IP
  • IP address of tunnel interface (if not using DHCP)
  • Tunnel interface name
  • DNS server (if using name resolution)
  • On-premises root cert (if using your own certificates)
  • Certificate

First, verify that the router is now in controller mode:

Router#show version | i operating
Router operating mode: Controller-Managed

Create a small bootstrap configuration with all the required parameters. Mine is below (some information redacted):

config-transaction
system
system-ip x.x.x.x
site-id xxxxxxxxxx
organization-name "sd-wan-lab-daniel"
vbond 192. Continue reading

WISP/FISP Design: Switch Centric (SWC) Topology

IP ArchiTechs switch centric core being built in the Denver DC. Dec 2018

Overview

This is an article i’ve wanted to write for a long time. In the last decade, the work that we have done at iparchitechs.com with WISPs/FISPs in network design using commodity equipment like MikroTik and FiberStore has yielded quite a few best practices and lessons learned.

While the idea of “router on a stick” isn’t new, when we first started working with WISPs/FISPs and MikroTik routers 10+ years ago, we immediately noticed a few common elements in the requests we’d get for consulting:

I’m out of ports on my router…how do I add more?”

“I started with a single router, how do I make it redundant and keep NAT/peering working properly”?

“I have high CPU on my router and I don’t know how to add capacity and split the traffic”

“I can’t afford Cisco or Juniper but I need a network that’s highly available and resilient”

Coming from a telco background where a large chassis was used pretty much everywhere for redundancy and relying on links split across multiple line cards with LACP, that was one of my first inclinations to solve the Continue reading

NXDOMAIN

The DNS is a strange and at times surprising environment. One could take a simple perspective and claim that the aim of the DNS is to translate DNS names into IP addresses. And you wouldn’t be wrong, but it's also so much more. Most of the time when we analyse the behaviour of the DNS we look at the way in which names are resolved by the DNS infrasdtructure, but there is also another view of the DNS. What do we see when we look at DNS queries for names that do not exist in the DNS?

Networking, security initiatives dominate IT spending priorities

Network connectivity and security are key areas for IT investment as well as potential barriers to global success, according to new research.Nearly half of CIOs claim that establishing and managing connectivity in new markets is the single most critical factor when it comes to ensuring successful global expansion, according to Expereo, which surveyed 650 large enterprise and mid-market CIOs across Asia, Europe and North America for its research. In addition, 49% of CIOs report that their board views global connectivity as “a business-critical asset to growth.”To read this article in full, please click here

Networking, security initiatives dominate IT spending priorities

Network connectivity and security are key areas for IT investment as well as potential barriers to global success, according to new research.Nearly half of CIOs claim that establishing and managing connectivity in new markets is the single most critical factor when it comes to ensuring successful global expansion, according to Expereo, which surveyed 650 large enterprise and mid-market CIOs across Asia, Europe and North America for its research. In addition, 49% of CIOs report that their board views global connectivity as “a business-critical asset to growth.”To read this article in full, please click here

Audit and Compliance with Calico

In this blog post, I will be talking about audit and compliance and how to implement it with Calico. Most IT organizations are asked to meet some standard of compliance, whether internal or industry-specific. However organizations are not always provided with the guidance to implement it. Furthermore, when guidance has been provided, it is usually applicable to a more traditional and static environment and doesn’t address the dynamic nature of Kubernetes. Existing compliance tools that rely on periodic snapshots do not provide accurate assessments of Kubernetes workloads against your compliance standards.

Getting started with audit and compliance for Kubernetes clusters

A good starting point is understanding what type of compliance requirements needs to be enforced and confirming that the enforcement is successful. Following this is finding a way to easily report on the current state of your environment so you can proactively ensure you are complying with the standards defined. You should also be prepared to provide a report on-demand when an audit team is investigating.

This blog is not meant to be a how-to guide to meet HIPAA, PCI-DSS or SOC. However, it will provide you with the guidance regarding these regulations so you can apply it and understand Continue reading

Hedge 185: Retrocomputing

Computers only have a history stretching back some 60 or 70 years—and yet much of that history has already been lost in this mist of time. Are we focusing so deeply on the future that we have forgotten our past? What might we learn from the past, even the recent past, and how does forgetting our past impact the future. Federico Lucifredi joins Tom Ammon and Russ White to discuss some of his projects finding, repairing, and operating old personal computers.

download

transcript will be linked in a few days

If you are interested in retrocomputing, you might want to start with this Stack Exchange, the Retrocomputing Forum, this Reddit forum.

1 215 216 217 218 219 3,788