Cisco..

Well not Live anymore but more Cisco than usual

Always worth starting with a bit of wisdom from Ivan Pepelnjak

• Why Is Network Automation such a Hot Topic?

One of my readers asked a very valid question when reading the Why Is Network Automation So Hard blog post:

Why was network automation ‘invented’ now? I have been working in the system development engineering for 13+ years and we have always used automation because we wanted to save time & effort for repeatable tasks.

He’s absolutely right. We had fully-automated ISP service in early 1990’s, and numerous service providers used network automation for decades.

As always - as Russ White would say - it comes down to whether you run your network because it’s bringing you money – in which case you might do whatever it takes to make it bring in more money – or because you have to – in which case you’ll cut the costs as much as possible. That explains why most enterprises never considered automation. Service providers should have fared better, but many of them evolved from traditional voice operators running static services that barely needed automating.

There were further challenges explained in more details in Network Automation 101 webinar and in introductory part of the Network Automation workshop and online course:

Networks became mission-critical, and the management didn’t trust us to get automation right;

We built unique snowflakes that were impossible to automate without heavy customization;

Core network devices have humongous blast radius;

We lacked programming skills, proper software development processes and procedures, and affordable test environment;

Finally, it was hard to work with network device CLI (more about that at some later time).

What has changed in the last few years?

The SDN brouhaha forced vendors to give an appearance of becoming “software defined”, so most of them came up with something resembling a REST API (there were notable exceptions like Junos that had a good API from day one);

Engineers who figured out that SDN means Still Does Nothing started thinking about network automation as SDN Lite thingy that could actually make their lives better;

A lot of us started evangelizing the need for automation, which might have shifted the mindset a bit;

Cloud happened for real – and once an organization starts deploying their workload in the cloud, you can either get your !!!! together and deliver services in reasonable time, or become obsolete.

Linux

• Generate Two-Factor Authentication Codes on Linux with ‘Authenticator’ - OMG! Ubuntu!
• Flatpak Cheat-Sheet PDF
• Goss - Quick and Easy Server Validation

Labs

• IT Blogtorials: Configuring EVE-NG on Google Compute Engine
• EVE-NG Cookbook PDF
• Cisco DevNet - Dig in with DevNet Sandbox – technology packed Cisco labs – today! FREE with 24x7 access!

Certification and Careers

• The network engineer: A role in transition - ITProPortal
• Nick Russo - CCIE/CCDE Evolving Technologies Study Guide (100% Free)
• Nick Russo - selection of Job Aids
• A CCIE Security Perspective – Raiders of the Lost ARP
• Junos Jump Start Series - Introductory Class Links – Steve Puluka

Cisco

• Perf by Nick Russo. Variety of Ansible Playbooks for Cisco IOS - short, midterm, and longer tests
• Cisco IOS 121 NAT manager by Nick Russo
• Watch VRF videos tutorial on YouTube - Part 1, Part 2, Part 3, and Part 4 - 8 to 15 mins each
• Watch “Webinar: Introduction to Systems Manager, Cisco’s Endpoint Management Solution” on YouTube - 56 mins
• Beginner’s Guide to NetDevOps with Cisco DevNet and Ansible
• Deploying a Virtual SteelHead with Cisco UCS-E - Riverbed Splash
• Introducing new Puppet Cisco IOS module for agentless device management
• Watch “a first-timer’s Cisco Live experience” - YouTube Playlist
• Cisco Live US - Session Catalog - Catch Up

Juniper and Junos

• Meet OneConfig, the Australian company that built Juniper’s Cisco Meraki competitor - Networking - Software - CRN Australia
• Configuring SSL for gRPC on Junos - ipengineer.net
• Dissecting IBGP and EBGP Junos Configuration « ipSpace.net by @ioshints
• Using 4-Byte BGP AS Numbers with EVPN on Junos « ipSpace.net by @ioshints
• Juniper SRX Address-Set Membership Check - Clay Haynes
• SRX Advanced Policy-Based Routing - Technical Documentation - Support - Juniper Networks
• IP Accounting Options Configuration - Technical Documentation - Support - Juniper Networks
• JUNOS - BGP over unnumbered interfaces, automated – marcelwiget

Data Centre & Whitebox

• Watch “IP Infusion OcNOS Product Overview with Shaji Ravindranathan” on YouTube - 51 mins
• Cumulus “EVPN in the Data Center” e-book PDF
• Apstra Data Sheet - AOS 2.2
• Is EBGP Really Better than OSPF in Leaf-and-Spine Fabrics? ipSpace.net by @ioshints
• Nutanix NPX Architecture How To Guide - Part 1 - Derek Seaman’s Blog
• Typical EVPN BGP Routing Designs « ipSpace.net by @ioshints
• EVPN/VXLAN for Data Centre with Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR – 5 Part series - karneliuk.com
• Watch “Whitebox Networking in 60 seconds” on YouTube - errrm…60 secs :-)
• Old but very good slide deck on EVPN - PDF
• Is OSPF or IS-IS Good Enough for My Data Center? « ipSpace.net by @ioshints
• What Is EVPN? « ipSpace.net by @ioshints
• How Data Center Interconnect Technologies Shape WAN Performance
• Type 2 and 5 EVPN EVE-NG QFX
• VRF route leaking - time to get a little more social! - Cumulus Networks Blog
• VXLAN EVPN Multihoming with Cisco Nexus 9000 Series Switches White Paper - Cisco

Service Provider

• PacketFabric’s Connectivity-as-a-Service Platform Expanding to London
• Watch “MPLSWC18 - Patrice Brissette, Cisco. A Journey into Service Provider Use Cases with EVPN” on YouTube - 15 mins
• RFC 8388 - Usage and Applicability of BGP MPLS-Based Ethernet VPN
• Foundations of MPLS: Label Switching – TomAmmon.net
• Watch UK Network Operators Forum-40 - Manchester 2018 - playlist on YouTube - 13 videos - 12 to 39 mins each
• Juniper Case Study: GCI- A Smaller Telco Emulating the Big Players
• Source Packet Routing (SPRING) Gets Real in 2018 - Light Reading

Tools and Testing

• Infection Monkey - discover security flaws in no time. Unlease the Infection Monkey! and GitHub page
• Continuous Testing - Sauce Labs
• Red Team / Adversary Simulation Toolkit
• dravetech - Network telemetry from SNMP to Prometheus
• Test data-model for a WAN deployment - GitHub page with playbooks
• Analyzing Large Packet Capture Files. Part 1, Part 2, Part 3, and Part 4 - Chris Sanders
• NAtlas - Network Atlas - Python Automated discovery and diagram tools using SNMP, CDP, and LLDP
• Detecting Microbursts Using Junos Telemetry QMON Sensor – Tech Mocha

Automation and Configuration Management

• Older but great Presentation and Video by Ivan Pepelnjak - Should I Really Program My Network? - 23 mins
• Watch “iNOG-10 2018 Network Reliability Engineering: Automation’s North Star” on YouTube - 27 mins
• Top 7 Network Automation Tools Open Source. Roger Perkin.co.uk
• Automating Cumulus Linux with Ansible - Cumulus Networks
• MPLSVPN - Moving Towards SDN and NFV Based Networks: Junos Automation: Display Static Routes With PyEZ Table and View
• Weekend Reading - Ansible - Linux Journal
• 5 Network automation tips and tricks for NetOps - Cumulus Networks Blog
• YAPT is a tool to demonstrate Juniper automation capabilities on SRX / EX / VMX / NFX platform - GitHub page
• Juniper Network and Security Automation Workshop GitHub page
• Automation of Cumulus Linux with Ansible - karneliuk.com
• Nornir is a new automation framework written in Python
• Netmiko and TextFSM - What does TextFSM and ntc-templates allow you to do? Simply stated, it allows you to take unstructured data and convert it to structured data. Or worded differently, it takes a block of text and converts it to lists and dictionaries (or some combination thereof)
• Networking + Automation with Mostafa Hassan Cisco ASR9K Configuration via Python , JINJA and YAML
• Ansible Inventory Files – AdaptingIT
• YAML Ain’t Markup Language – AdaptingIT
• Ansible Playbooks Overview – AdaptingIT
• Ansible Control and Ansible Roles. For Windows – AdaptingIT
• Hierarchical Configuration, Part 1 - NetDevOps.io
• Ansible Command Module Deep Dive for Networks
• Ansible Webinar - Ask An Expert - Networking - May 2018 - 1 hr
• Automation for Success - ipengineer.net blog post
• Dmitry Figol - Cisco Systems Engineer network programmability and automation - My presentations
• Integrating Ansible with Jenkins in a CI/CD process - RedHat

Development

• Cisco DevNet - Developer Workstation and Environment Setup
• Cisco DevNet - Learning Labs - Introduction to Model Driven Programmability
• Watch Cisco “DevNet Create 2018” - YouTube Playlist - 26 videos - 15 mins to 2.5 hrs
• Watch “Arista 7170 Series Programmable Platform Hugh Holbrook and Nick McKeown” on YouTube - 14 mins
• 10 common security gotchas in Python and how to avoid them

DevOps and NetDevOps

• Watch “How Netflix Thinks of DevOps” on YouTube - 30 mins
• Connect Ansible Tower and Jenkins in under 5 minutes

ZTP

• Great comprehensive Zero Touch Provisioning DIY Tutorial
• Scaling the Facebook backbone through Zero Touch Provisioning - Facebook

Cloud (and Ocean?)

• Why Microsoft wants to put data centers at the bottom of the ocean - TechCrunch
• How to create and configure an Azure Virtual Machine - Packt Hub
• Watch “Marrying OpenStack with Virtual & Bare Metal Cloud Networks” on YouTube - 44 mins
• Red Hat and Juniper Networks Expand Collaboration to Provide a Simplified and More Secure Path to Multicloud
• Google Compute Engine Plugin makes it easy to use Jenkins on Google Cloud Platform - Packt Hub
• Up and Running with Kubernetes and Tungsten Fabric
• Routing Innovations for the Cloud Era - J-Net Community
• Serverless SDN - Network Engineering Analysis of Appswitch (a distributed virtual networking solution) - networkop blog post
• Netflix content distribution through Open Connect CDN - APNIC Blog

Failure

• How Python helps Netflix do failovers in 7 minutes flat - Opensource.com

WiFi

• Bandwidth limit enforcement on AccessPoint - Airheads Community
• The New World of Programmability - Airheads Community

GitHub

• Git Tutorial - Try Git
• GitHub HowTo Guides

Security

• Protect your TCP tunnel by implementing AES encryption with Python Tutorial - Packt Hub
• F5 Technology Questions and Answers. TCP Traffic Path Diagram

Various

• MikroTik Router Hardening — Manito Networks
• Watch “Multicast Troubleshooting Quickie #1” on YouTube - 11 mins
• Average Network Delay and Queuing Theory basics - Packet Pushers
• Internet Edge and WAN Routing with Cumulus Linux – techbloc.net
• 10 Protocols in 20 Minutes - By Jon “The Nice Guy” Spriggs

And finally…

• Playing battleships over BGP :-)
• What’s the difference between all the Cisco IOS versions? - Reddit post :-D
• Elon Musk drafts in humans after robots slow down Tesla Model 3 production - not all your automation wishes will come true…. :-/