the worlds gone mad

we've lost the hope we had

Posted on 27 September 2022   16 min read

SD-WAN transport-side BGP

cisco sd-wan transport-side BGP and DIA NAT

The majority of Cisco SD-WAN guides and posts I have found use static routing rather than routing protocols on the transport-side. Static routes are all very well for SD-WAN tunnel traffic but I was wanting to understand how you equate for DIA traffic in a more real-life situation where address ranges are advertised via BGP.

Posted on 1 May 2022   13 min read

BGP MPLS-VPN Option B

carrying label information in bgp updates

The Cisco documentation about this call it Inter-AS Option B with the use case being to extend LSPs between sites over the one link. As Option B is the only MPLS-VPN method supported by Cisco SD-WAN I wanted to get a better understanding of how it works aswell as see if it could be used to extend multi-VRF prefixes between edge routers and a core switch within the same AS (rather than using Option C with LDP).

Posted on 22 February 2022   10 min read

SD-WAN service-side MPLS VPN

using bgp mpls vpn for service-side cisco sd-wan connections

This post goes through how to configure MPLS VPN on the service-side of a Cisco SD-WAN edge device, so the south-side towards non-SD-WAN devices. What I am trying to achieve is to advertise the differing SD-WAN VPN (VRF, why Cisco have to call these VPNs beats me) prefixes to a core switch (using a ASR in the lab) directly connected to the SD-WAN router. This could be accomplished using per-VRF interfaces (or sub-interfaces) and BGP peerings, but a neater solution is to pass all the routing information over one the BGP MPLS VPNv4 peering.

Posted on 9 January 2022   15 min read

F5 BIG-IP DNS Express

using big-ip dns express as a local dns server

As part of a POC I deployed a pair of HA F5 LTM/GTM at home to use for all things DNS based. It is an indulgent over the top DNS solution for a 1 bed flat, but hey-ho we are in a pandemic….. This guide does not go through the HA F5 or GTM (still cant stop calling it that) configuration, it is focussed around using ZoneRunner for DNS (bind) with these zones transferred into DNS express and serviced by a listener.

Posted on 9 October 2021   13 min read

Nornir: Tasks, Plugins and Templates

building and running tasks

Nornir tasks are run against all or a subset of inventory members with the result formatted into a framework structured to show what was run against whom and the results. Tasks can be custom built python code or pre-built plugins that have been installed and imported.

Posted on 3 October 2021   10 min read

Nornir: Inventory Structure and Filtering

updating and filtering the inventory

The inventory is at the core of Nornir holding all the hosts that tasks will be run against and the variables that will be used by those tasks. Before any tasks can be run by Nornir the inventory has to be initialised.

Posted on 28 September 2021   12 min read

Nornir - The Basics

general nornir information to get started

If you have an understanding of Python and have been working with Ansible it is likely at some point you will get to the stage where you ask yourself ‘there has to be something better’. For network automation that better could well be Nornir.
FEATURED TAGS
ansible checkpoint cisco eve-ng firewall napalm nornir palo-alto python routing sd-wan switching vmware vpn
ABOUT ME
about_me_image

old school + new school = no school

UNSOCIAL MEDIA
BOOKMARKS
ARCHIVES
2022 (10)
2021 (12)
2020 (2)
2019 (2)
2018 (5)
2017 (11)