SSH for Python – In search of API perfection

My mission is simple: Establish an SSH connection to a device and run some commands in as few lines as possible. The contenders? Paramiko, Spur and Fabric.

The Scenario

I have a network device, 192.168.1.254. I want to log in via SSH with a username of dave and password of p@ssword123. Once logged in, I want to execute the command display version and print the result.

Now to the code...

The Code

Paramiko

Paramiko is the go to SSH library in Python. Let's see how it shapes up in the simple scenario:

import paramiko
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy())
client.connect("192.168.1.254", username="dave", password="p@ssword123")
stdin, stdout, stderr = client.exec_command('display version')
for line in stdout:
    print line.strip('n')
client.close()

8 lines of code. The API here is very powerful, but requires me to put up some scaffolding code (Key Management) before I actually get around to connecting an executing my command. That said, it gets the job done.

Spur

Spur is a wrapper around Continue reading

ONS 2014: Looking at Programmable NFV, Google, MSFT, Embrane, and Big Switch

It’s been two weeks since I attended my 3rd consecutive Open Networking Summit (ONS) and I’m glad to say, I finally found some time to get some notes and thoughts on paper about the conference.  Here are some on SDN at Google and Microsoft, and how they compare and contrast to industry incumbents’ solutions, but also how programmable NFV can be game changing in the Enterprise.  I also include thoughts on how Embrane and Big Switch play into this.
Enter Andromeda

Google talked about their [home grown] network virtualization solution.  It leverages a custom SDN controller called Andromeda that controls physical switches, virtual switches, programmable NFV devices, and also ties into the storage platforms deployed.  Google talked about how they have showed industry leadership with technologies such as GFS, MapReduce, B4 WAN, etc.  If I extrapolate, they expect Andromeda to do for data center networking what GFS is doing for distributed scale out storage.  Who will be the Nutanix of networking?

Google, like few others, still define SDN as the separation of the control plane and data plane.  Google states, “logically centralized/ hierarchical control plane with peer to peer data plane beats full Continue reading

Tourist trip to MX fabric

Tourist, because it's mostly original research so quality may be dubious.

You can infer lot about the fabric by looking at 'show hsl2 ...' commands. Let's start.

NPC0(test13nqe1-re1.dk vty)# show hsl2 asic mqchip(0) serdes MQCHIP(0) serdes table : MQCHIP(0)-Avago 65NM-0 [0xf300000]: 24 links 0 - 23 MQCHIP(0)-Avago 65NM-1 [0xf304000]: 24 links 24 - 47 MQCHIP(0)-Avago 65NM-2 [0xf308000]: 8 links 48 - 55 MQCHIP(0)-Avago 65NM-3 [0xf309000]: 8 links 56 - 63 MQCHIP(0)-Avago 65NM-4 [0xf30a000]: 8 links 64 - 71 MQCHIP(0)-Avago 65NM-5 [0xf30b000]: 8 links 72 - 79 MQCHIP(0)-Avago 65NM-6 [0xf30c000]: 8 links 80 - 87 MQCHIP(0)-Avago 65NM-7 [0xf30d000]: 8 links 88 - 95 MQCHIP(0)-Avago 65NM-8 [0xf30e000]: 8 links 96 - 103 MQCHIP(0)-Avago 65NM-9 [0xf30f000]: 8 links 104 - 111 MQCHIP(0)-Avago 65NM-10 [0xf310000]: 8 links 112 - 119 MQCHIP(0)-Avago 65NM-11 [0xf311000]: 8 links 120 - 127 MQCHIP(0)-Avago 65NM-12 [0xf312000]: 8 links 128 - 135 MQCHIP(0)-Avago 65NM-13 [0xf313000]: 8 links 136 - 143 MQCHIP(0)-Avago 65NM-14 [0xf318000]: 2 links 144 - 145 MQCHIP(0)-Avago 65NM-15 [0xf31a000]: 2 links 146 - 147

Avago is well known manufacturer of SerDes (SERialization / DESerialization), 65NM probably means Avago's 65nm lithography line of products. SerDes presentation here is unidirectional. But that is still quite large number of SerDes Continue reading

Using Next Generation MVPN to optimize your MPLS core – Part 1

Like many network engineers I have had difficulties with multicast, the logic is all messed up right!? The only implementation of mVPN I had seen in test or production was Draft Rosen (RFC6037). Now I know Draft Rosen works well but it does have its limitations and I’m a firm believer in getting unnecessary junk […]

Author information

Keith Humphreys

Keith Humphreys

Keith is a network architect and CCIE #40869 working for the Irish arm of a global service provider. His main focus is on IP/MPLS design and he is a big fan of Alcatel-Lucent SR-OS. Follow him on Twitter and check out his blog over at iamjeffvader.com

The post Using Next Generation MVPN to optimize your MPLS core – Part 1 appeared first on Packet Pushers Podcast and was written by Keith Humphreys.

Capture your fancy, part two, Trio

Like with 7600/PFC3, it is possible to capture transit traffic on Juniper Trio (MPC, MX80, MX104, FPC5 etc). First decide what you know about the packet and convert that data to hex, it can be pretty much anywhere in the packet in the first 320B or so.

[[email protected] ~]% pry [1] pry(main)> '194.100.7.227'.split('.').map{|e|"%02x" % [e.to_i]}.join => "c26407e3" [2] pry(main)> '91.198.120.24'.split('.').map{|e|"%02x" % [e.to_i]}.join => "5bc67818"

I'm using boringly IPv4 addresses but I could have used anything. Unlike in PFC3 you do not need tell the location in the packet where the pattern must occur, you just tell pattern and any packet having that pattern anywhere is triggered, let's try it:

[email protected]> start shell pfe network tfeb0 TFEB platform (1000Mhz MPC 8544 processor, 1024MB memory, 512KB flash) TAZ-TBB-0(mec-pe1-re0.hel.fi vty)# test jnh 0 packet-via-dmem enable TAZ-TBB-0(mec-pe1-re0.hel.fi vty)# test jnh 0 packet-via-dmem capture 0x3 5bc67818c26407e3 TAZ-TBB-0(mec-pe1-re0.hel.fi vty)# test jnh 0 packet-via-dmem dump Received 116 byte parcel: Dispatch cookie: 0x0074000000000000 0x00 0x08 0x80 0xf0 0x80 0x08 0x5c 0x5e 0xab 0x0b 0x6e 0x60 0xb0 0xa8 0x6e 0x7c 0x60 0x52 0x88 0x47 Continue reading

NETCONF, YANG, RESTCONF and NetOps in an SDN World

I've had some great discussion with the OpenDaylight OVSDB team around NETCONF, YANG, RESTCONF and what network operations will look like in an SDN world. This post summarizes where my head is at on this subject.

Background Info

What is NETCONF

NETCONF is defined in RFC 6241 which describes it as follows:

The Network Configuration Protocol (NETCONF) defined in this document provides mechanisms to install, manipulate, and delete the configuration of network devices. It uses an Extensible Markup Language (XML)-based data encoding for the configuration data as well as the protocol messages. The NETCONF protocol operations are realized as remote procedure calls (RPCs).

It's not a new technology, as work started on this approximately 10 years ago, but what it gives us is an extensible and robust mechanism for managing network devices.

NETCONF understands the difference between configuration data and state data. As somebody who has been bitten by trying to perform a create operation and faced validation issues as I've mistakenly sent (or worse, edited) a read-only field in a request, I feel this is really valuable.

Another great thing from an operations perspective is the ability to test/validate configuration before it's applied to the device. NETCONF allows you Continue reading

MPLS , ATOM AND VPLS

I would love to share article by Mbong Ekwoge explaining different Flavors of MPLS ,that can help you to clear any confusion about MPLS ,ATOM and VPLS….

MPLS is the enabler of all these fancy services and applications we hear about today, such as MPLS VPNs, AToM (Any Transport over MPLS), MPLS TE (Traffic Engineering), etc.

In order to clearly understand what VPLS is, you need to understand what led to the “birth” of VPLS (Virtual Private LAN Service).  It all began with MPLS VPNs. The client had to form a peer-to-peer relationship with the Provider’s PE routers. What this means is that the provider is intricately involved with routing and forwarding the customer’s traffic and some customers did not like this idea. Also, providers had invested heavily into Layer 2 VPN techniques such as ATM, Frame Relay, etc and completely eliminating these overlay VPN techniques didn’t feel right with their financial people. Some engineers did not like the idea of having to let go of their beloved ATMs, Frame Relay PVCs for some new chap coming in.

This led Cisco and IETF to develop a solution which would let you run MPLS in the core but users Continue reading

Blogs of Interests 2014-03-14

Working from home? Useful insights from Ethan Banks on his methodology and process of working from home. You can find ethan on Twitter @ecbanks. Deploying VXLAN or any type of overlay? Maybe just...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Blogs of Interests 2014-03-14

THE BITS Working from home? Useful insights from Ethan Banks on his methodology and process of working from home. You can find ethan on Twitter @ecbanks. Deploying VXLAN or any type of overlay?...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

WLAN Professionals Conference Videos Posted

Videos of presentations from the WLAN Professionals Conference that occurred Feb. 10-12th in Austin, TX have now been posted by Keith Parsons and the Prime Image Media team. The conference was chalk-full of great content, both technical and business focused, by some of the best experts in the industry!

I had the honor of presenting a session titled "Going Beyond RF Coverage: Designing for Capacity." The topic is about how to define, measure, and plan for capacity needs for ALL wireless networks (not just high-density environments - for which no commonly accepted definition even exits). I provided a bit of background on why I decided to give my presentation on this topic in my previous blog "Mind the Gap in Your WLAN Design" and you can download the full presentation and related material.

Check it out!


WLAN Pros Summit 2014 | Andrew Von Nagy Beyond RF Coverage 1 from Keith R. Parsons on Vimeo.

Be sure to check out all of the great presentations from the event on the WLAN Pros website and Keith's Vimeo channel!

Cheers,
Andrew

Coffee Break – Show 5

Our attendance at the Open Networking Symposium promotes a discussion of events there.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+

The post Coffee Break – Show 5 appeared first on Packet Pushers Podcast and was written by Greg Ferro.

phpipam version 1.0 released

Dear all, I am happy to announce new version of phpipam IP address management – version 1.0. Subnet details

New features, like changelog, favourite subnets, upgraded UI with bootstrap3 and other were introduced, and also lots of improvements and bug fixes are included. Most important are:

  • IP address changelog, subnet and section changelogs with full changelog under tools;
  • Favourite subnets for quick access;
  • Bootstrap 3 with UI enhancements;
  • Widgets can be reordered (dragged) directly on dashboard;
  • Mail settings can now be set on gui (localhost / smtp);

If you find phpIPAM useful for your company donations would be highly appreciated :)

You can demo it here: http://demo.phpipam.net/
You can download it on sourceforge site: phpipam-1.0.

Special thanks to all the people submitting bug reports, translators and feature testers!

Screenshots:

Dashboard Subnet scanning Subnet details Subnet editing Settings IP address editing

Full changelog for this release is:

New features:
----------------------------
+ IP address page with IP address details and IP history (Changelog);
+ IP address changelog, subnet and section changelogs with full changelog under tools;
+ Favourite subnets for quick access;
+ Adding subnets from free space with automatic mask provided;
+ Automatic database validity check after upgrading and automatic field/table fix under administration;
+ Automatic weekly check for new phpipam Continue reading

IPv4 and IPv6 dual-stack PPPoE

The lab covers a scenario of adding basic IPv6 access to an existing PPPoE (PPP for IPv4). PPPoE is established between CPE (Client Premise Equipment) the PPPoE client and the PPPoE server also known as BNG (Broadband Network Gateway). PPPoE server plays the role of the authenticator (local AAA) as well as the authentication and […]

Read This if You’re Going to Cisco Live in May!

Do not tell anyone I told you, but I heard a rumor today.  It looks like the attendees will be in for quite a treat for the 25th Anniversary of the Customer Appreciate Event.  It seems that we’re all going to be shipped off to AT&T Park for the show!  It’s the home of the San Francisco Giants and a beautiful stadium.  And guess who’s going to be there?  Yes, me.  And my wife.  And about 984572 of my friends.  But so will Lenny Kravitz and Imagine Dragons!

AT&T Park  I can’t imagine a better place to spend the evening with your friends than here.  McCovey Cove.  The Giants Wall of Fame.  The 1927 Glove.  The Willie Mays statue.  Ballpark food.  And, for the network angle, it boasts one of the largest public hotspots in the world.

ATT Park

AT&T Park in San Francisco

Lenny Kravitz  We all know he plays Cinna in the Hunger Games, but did you know he actually plays music on the side?  I had no idea!  Ok…maybe I did.  And maybe I’m a fan.  And maybe I’ve never read Hunger Games.  (All are true, by the way.)

Lenny’s a Grammy winner.  Four of them, to Continue reading

1 3,744 3,745 3,746 3,747 3,748 3,835