the worlds gone mad

we've lost the hope we had

Posted on 24 March 2025   29 min read

Lab as Code - Part2

using containerlab and netlab

This is the follow on to part1 where I was looking at how easy it is to deploy initial EVE-NG and CML lab setups from a declarative YAML file. Although both products are not really designed with that in mind I did manage to accomplish it with a relatively minimal amount of complexity in the topology file using a custom lab_builder tool. Next up is to give it a go with containerlab and netlab, I am expecting these to be a whole lot simpler as lab as code is the very ethos that they are designed for.


Posted on 28 February 2025   28 min read

Lab as Code - Part1

using eve-ng and cml

I wrote a post a while back about how the world of labbing changed during my time in networking, this is a follow on to see what options I have in terms of ‘labbing as Code’. I want a way to declaratively deploy the initial lab setup (devices, links, addressing, remote access, etc) so that I can concentrate on the features I am actually trying to lab. My idea is to try and use existing tools rather than writing my own, the following repo has all the code and files I used as part of this blog and part2.


Posted on 10 March 2023   15 min read

F5 BIG-IP HA LTM in Azure

deploying ltm ha pair in azure

This post goes through the deployment of a HA pair of F5 BIG-IP LTMs in Azure. Like with most vendors the F5 solutions is documented as part of ARM templates, I personally prefer to pick these things apart and first build them manually to better understand what is going on under the hood. A more cynical person may suggest they do this on purpose to try and hide all the fudges needed to make their solution work in a public cloud.


Posted on 27 September 2022   16 min read

SD-WAN transport-side BGP

cisco sd-wan transport-side BGP and DIA NAT

The majority of Cisco SD-WAN guides and posts I have found use static routing rather than routing protocols on the transport-side. Static routes are all very well for SD-WAN tunnel traffic but I was wanting to understand how you equate for DIA traffic in a more real-life situation where address ranges are advertised via BGP.


Posted on 1 May 2022   13 min read

BGP MPLS-VPN Option B

carrying label information in bgp updates

The Cisco documentation about this call it Inter-AS Option B with the use case being to extend LSPs between sites over the one link. As Option B is the only MPLS-VPN method supported by Cisco SD-WAN I wanted to get a better understanding of how it works aswell as see if it could be used to extend multi-VRF prefixes between edge routers and a core switch within the same AS (rather than using Option C with LDP).


Posted on 22 February 2022   10 min read

SD-WAN service-side MPLS VPN

using bgp mpls vpn for service-side cisco sd-wan connections

This post goes through how to configure MPLS VPN on the service-side of a Cisco SD-WAN edge device, so the south-side towards non-SD-WAN devices. What I am trying to achieve is to advertise the differing SD-WAN VPN (VRF, why Cisco have to call these VPNs beats me) prefixes to a core switch (using a ASR in the lab) directly connected to the SD-WAN router. This could be accomplished using per-VRF interfaces (or sub-interfaces) and BGP peerings, but a neater solution is to pass all the routing information over one the BGP MPLS VPNv4 peering.


Posted on 9 January 2022   15 min read

F5 BIG-IP DNS Express

using big-ip dns express as a local dns server

As part of a POC I deployed a pair of HA F5 LTM/GTM at home to use for all things DNS based. It is an indulgent over the top DNS solution for a 1 bed flat, but hey-ho we are in a pandemic….. This guide does not go through the HA F5 or GTM (still cant stop calling it that) configuration, it is focussed around using ZoneRunner for DNS (bind) with these zones transferred into DNS express and serviced by a listener.