the worlds gone mad

we've lost the hope we had

Posted on 8 November 2022   8 min read

Viewing palo statistics

system resources and traffic statistics

Useful commands to see general information on the firewall resources been used, interface and traffic statistics, and traffic counters.

Posted on 5 November 2022   16 min read

Palo traffic flows and sessions

application identification and following traffic flows

Information on how applications are identified by App-ID and following sessions and traffic flows through the firewall using the CLI.

Posted on 26 October 2022   12 min read

Palo commit and rollback

pushing policies and rolling back changes

Palo Alto firewalls use the concept of a running config to hold the devices live configuration and the candidate config is copy of the running config where changes are made. A Commit operation causes the running config to be overwritten by the candidate config activating the changes.

Posted on 12 October 2022   23 min read

Palo Basic Setup

palo alto firewall setup using the cli

A run through using the CLI to set up a Palo firewall at home covering the initial configuration, upgrading, BGP routing and a basic firewall policy.

Posted on 27 September 2022   16 min read

SD-WAN transport-side BGP

cisco sd-wan transport-side BGP and DIA NAT

The majority of Cisco SD-WAN guides and posts I have found use static routing rather than routing protocols on the transport-side. Static routes are all very well for SD-WAN tunnel traffic but I was wanting to understand how you equate for DIA traffic in a more real-life situation where address ranges are advertised via BGP.

Posted on 1 May 2022   13 min read


carrying label information in bgp updates

The Cisco documentation about this call it Inter-AS Option B with the use case being to extend LSPs between sites over the one link. As Option B is the only MPLS-VPN method supported by Cisco SD-WAN I wanted to get a better understanding of how it works aswell as see if it could be used to extend multi-VRF prefixes between edge routers and a core switch within the same AS (rather than using Option C with LDP).

Posted on 2 March 2022   4 min read

Pynetbox API calls using variables

using variables for netbox api urls and filters

Recently whilst using pynetbox to create NetBox environment objects I had a need to use variables in the URL of the API calls to allow for reusable functions to perform API calls based on the URL and data fed in as arguments. The reason the URL needs to be fed in as an argument when calling the function is because each NetBox element uses a different API URL.