Using the Junos Space REST API

Automation is going to be fundamental in all networking products. I’ve been working a lot on integrating Juniper products in existing and standard software. There are many different ways to automate something on a network running Junos. Using REST (or RESTful) APIs is one way of doing this. The reason I’m using REST is that it’s fairly easy to understand, but the best thing is that a large amount of existing products supports REST to integrate with it.

The goal of this blog is to explain how Junos products support REST, compatibility with older versions and how it scales.

What is REST?

REST (REpresentational State Transfer) is a simple stateless architecture that generally runs over HTTP. There are 4 commonly supported commands. When you issue a command your input data consists of a URL, HTTP headers and a body holding the data.

HTTP Headers are used for things like Authentication and a Content Type to let the application know what data format the body will contain.
The URL specifies which data you want to receive from the application or you want to change.
The body is empty in a request for data, when you want to change some data this Continue reading

Networking FAQ 1: Breaking into the Field

This post is the first in a series I plan to publish over the next few months regarding frequently asked questions in networking. Each post will cover a different subject, roughly following the outline I shared last summer. I hope people find this useful!

Continue reading · 2 comments

The Most Important Skill to learn for 2015

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
In this ever advancing world of technology there has never been a better time to be able to get things done anywhere, but there has also never been so many distractions stopping you getting things done. With the constant connectivity to the internet, facebook, twitter, etc etc we are now absorbing more information every hour... [Read More]

Other pages of interest:

Post taken from CCIE Blog

Original post The Most Important Skill to learn for 2015

Anybody can take North Korea offline

A couple days after the FBI blamed the Sony hack on North Korea, that country went offline. Many suspected the U.S. government, but the reality is that anybody can do it -- even you. I mention this because of a Vox.com story that claims "There is no way that Anonymous pulled off this scale of an attack on North Korea". That's laughably wrong, overestimating the scale of North Korea's Internet connection, and underestimating the scale of Anonymous's capabilities.

North Korea has a roughly ~10-gbps link to the Internet for it's IP addresses. That's only about ten times what Google fiber provides. In other words, 10 American households can have as much bandwidth as the entire country. Anonymous's capabilities exceed this, scaling past 1-terabit/second, or a hundred times more than needed to take down North Korea.

Attacks are made easier due to amplifiers on the Internet, which can increase the level of traffic by about 100 times. Thus, in order to overload a 10-gbps link of your target, you only need a 100-mbps link yourself. This is well within the capabilities of a single person.

Such attacks are difficult to do from your home, because your network Continue reading

The GoP pastebin hoax

Neither the FBI nor the press is terribly honest or competent when discussing "hackers". That's demonstrated by yesterday's "terrorists threaten CNN" story.

It started with Glenn Greenwald's paper The Intercept which reported:
The cyberterrorists who hacked Sony Pictures Entertainment’s computer servers have threatened to attack an American news media organization, according to an FBI bulletin obtained by The Intercept.
They were refering to this bulletin which says:
On 20 December, the GOP posted Pastebin messages that specifically taunted the FBI and USPER2 for the "quality" of their investigations and implied an additional threat. No specific consequence was mentioned in the posting.
Which was refering to this pastebin with the vague threat:
P.S. You have 24 hours to give us the Wolf.
Today, @DavidGarrettJr took credit for the Pastebin, claiming it was a hoax. He offered some evidence in the form of the following picture of his browser history:


Of course, this admission of a hoax could itself be a hoax, but it's more convincing than the original Pastebin. It demonstrates we have no reason to believe the original pastebin.

In the hacker underground, including pastebin, words get thrown around a lot. There was nothing in the pastebin that Continue reading

A Bright And Happy 2015 Ahead

Welcome to a new year finally divisible by five! This is a year devoid of extra February days, Olympics, or anything else. It’s a chance for us to take a look at technology and make things better and easier for users and IT staff. It’s also probably going to be called the year of VDI, NFV, and SDN. Again.

Rather than writing a wrap up post for the end of 2014 like so many other sites, I like to look at what I said I was going to do 365 days ago and see if I followed through on them. It’s a way to keep myself honest and also to see how the year transformed around me and my goals.

Looking at 2014

Thankfully, my goals for 2014 were modest. I wanted to get more involved with the people in the IT industry. And I did that in a big way. I went to a ton of conferences and events through the year. Cisco Live, VMworld, and HP Discover Barcelona were all on my list this year, as well as all of the Tech Field Day events I took part in as an organizer. It was a grand Continue reading

Using IPv6 to Defeat Multi-tenancy Separation

I’ve always advised my clients to  carefully plan the implementation of IPv6. The protocol opens new attack vectors on which ne’er-do-wells can assault your infrastructure. There are countless examples I’ve seen such as service providers locking down access to routers using IPv4 transport but leaving IPv6 transport completely open. About a year ago, I stumbled […]

Author information

Jeff Loughridge

Jeff Loughridge has been promoting simplicity in IP networks since 1997. In his role as principal consultant at Brooks Consulting, Jeff helps his clients design and operate large-scale wireline and wireless networks. Prior to starting his company in 2009, Jeff spent ten years at Sprint in engineer and manager positions.

The post Using IPv6 to Defeat Multi-tenancy Separation appeared first on Packet Pushers Podcast and was written by Jeff Loughridge.

Community Show – The Rash Came Back After 19 Hours

While Packet Pushers were covering the Barcelona HP Discover conference and we got together with some of the folks attending the event on the show floor. The result is non-coherent discussion about whatever topics each person wanted to raise and discuss.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+LinkedIn

The post Community Show – The Rash Came Back After 19 Hours appeared first on Packet Pushers Podcast and was written by Greg Ferro.

CloudFlare in 2014: Bigger, Faster, Securer

At the end of 2013 we posted a blog article titled 2013: Rebuild the Engine; 2014: Step on the Gas which explained how in 2013 we had been rebuilding the engine that powers CloudFlare and how we expected 2014 to be when we stepped on the gas.

In that blog post, we said that we'd be expanding our network to betters serve customers in China and Latin America (as well as continuing other global expansions), and that we'd be making a big announcement around SSL.

CC BY-ND 2.0 image by Do Hyun-Kim

Looking back at 2014, we did a whole lot more and many of those changes had a meaningful impact well beyond CloudFlare. Now when we make a change, the needles on the Internet's dials move: when we roll out support for new protocols, sites tracking those protocols see a sudden jump in usage.

Here's a month by month review of CloudFlare's 2014:

January 8: keeping our promise to Latin America, we opened our first data center there in Chile.

January 27: we published our first transparency report covering National Security Orders on the first day it became legal to discuss them.

February 13: we Continue reading

Junos PyEZ Installation & Initial Testing on Mac OS X

I am educating myself about network automation. As I spend a lot of time in the Juniper world, a natural  place to work on automation skills is by leveraging PyEZ. What is PyEZ? Juniper describes it this way in their techwiki. Junos PyEZ is a microframework for Python that enables you to remotely […]

2014 Recap and 2015 Goals

When I started this post, the following mental image popped into my head, and I found it an apt description of 2014:

Oh well…..let’s give this a try anyways.

2014 Recap

I’ll list off the goals I set in my post one year ago, and reflect upon how they were pursued in 2014:

Write Code – I knew when I made this goal that it was going to be hard to quantify; I just knew that writing code was something I had been passionate about. Though I have always maintained this skillset in some form or another, I knew I wanted more, and a year ago, I made the goal of increasing my involvement with software development.

In 2014 I made two more contributions to OpenDaylight, specifically pertaining to the Unit Testing and Integration Testing efforts of the OVSDB project (much thanks to Madhu Venugopal and Dave Tucker for their unrelenting patience while I stumbled through Junit fundamentals). I also did a lot of work on various projects, like Ansible and Schprokits extensions, as well as standalone projects, all of which are Continue reading

2014 Recap and 2015 Goals

When I started this post, the following mental image popped into my head, and I found it an apt description of 2014: Doing the year-end recap post. 2014 was all: pic.twitter.com/aXtC2sjN8l — Matt Oswalt (@Mierdin) December 30, 2014 Oh well…..let’s give this a try anyways. 2014 Recap I’ll list off the goals I set in my post one year ago, and reflect upon how they were pursued in 2014:

2014 Recap and 2015 Goals

When I started this post, the following mental image popped into my head, and I found it an apt description of 2014: Doing the year-end recap post. 2014 was all: pic.twitter.com/aXtC2sjN8l — Matt Oswalt (@Mierdin) December 30, 2014 Oh well…..let’s give this a try anyways. 2014 Recap I’ll list off the goals I set in my post one year ago, and reflect upon how they were pursued in 2014:
1 3,610 3,611 3,612 3,613 3,614 3,794