The spring craziness is still in full swing – we’ll have three webinars this week (a first) and I was so busy I didn’t even have time to write about them. Let’s fix that.

Data Center Updates on Monday is the second part of server virtualization, virtual machines and containers update to Data Center 3.0 webinar. We covered virtual machines in the last session (April 25^th), this time we’ll talk about containers.

David Barroso (now at Fastly) will talk about NAPALM in Ansible on Tuesday.

Do you have the feeling that you should know more about network automation, but don't know where to start? I was facing that same problem in 2015, and then started exploring Ansible (plus YAML, Jinja2, Git, Puppet…), creating small playbooks, and finally came to a point where I said "now I know that you can have a small solution solving an actual problem ready in a few weeks even if you know absolutely nothing today".

One of my readers wanted to implement a large DMVPN cloud with regional Internet exit points:

We need to deploy a regional Internet exits and I’d like to centralize them.  Each location with a local Internet exit will be in a region and that location will advertise a default-route into the DMVPN domain to only those spokes in that particular region.

He wasn’t particularly happy with the idea of deploying access and core DMVPN clouds:

A great essay by Bruce Schneier about (lack of) security in IoT and why things won’t improve without some serious intervention.

One of my readers sent me a few questions about the leaf-and-spine fabric architectures webinar because (in his own words)

We have some projects 100% matching these contents and it would be really useful this extra feedback, not just from consultants and manufacturer.

When I explained the details he followed up with:

Now, I expect in one or two weeks to find some days to be able to follow this webinar in a profitable way, not just between phone calls and emails.

That’s not how it works.

Network automation and orchestration is a great idea… but how do you verify that what your automation script wants to do won’t break the network? In Episode 78 of Software Gone Wild we discussed the intricacies of testing network automation solutions with Kristian Larsson (developer of Terastream orchestration softare) and David Barroso of the NAPALM and SDN Internet Router fame.

One of my readers sent me this question:

Other than using Excel (and of course an automation tool) any suggestions for a tool to create device config for some 200 customer VRFs from a standard template?

You need three things to get the job done:

Last week a large European financial institution had a bad hair day. My friend Christoph Jaggi asked for my opinion, and I decided not to focus on the specific problem (that’s what post-mortems are for) but to point out something that’s often forgotten: don’t believe your system won’t fail, be prepared to deal with the failure.

I keep getting questions along the lines of “should I go with VMware NSX or should I deploy Cisco ACI” every single week, and as you know it’s hard to answer anything but it depends without spending hours on the topic.

That’s exactly what we plan to do in Zurich next Tuesday (May 16th) in a DIGS workshop that will run in parallel with the Data Center & Cloud Day (part of the SIGS Technology Conference).

Not long after I published the let’s drop some configuration commands rant I got a very nice email from Nicolas Delecroix, Technical Marketing Engineer in Cisco INSBU, effectively saying “Would you have time for a short WebEx call to discuss the root cause of the problem and what we did to fix it?”

Of course I agreed and here’s what they told me:

An engineer watching my IPv6 Transition Mechanisms webinar sent me this question:

We would appreciate any insight you might have as to which transitional mechanisms the ISPs are actually deploying.

All of them ;)

One of my readers sent me this question (slightly rephrased):

Assume you have A,B and C connected in a triangle (with an alternate longer path to C). What happens if C loses its links to A and B? Won’t the traffic to C loop between A and B for a while?

As always, it depends.

The awesome Troopers crew published conference videos, including my Securing Network Automation presentation (more, including slide deck).

One of my readers was considering Dell/EMC hyperconverged solutions and sent me this question:

Just wondering if you have a chance to check out VxRail.

I read the data sheet and spec sheet, but have never seen anyone using it (any real-life experience highly welcome – please write a comment).

Ansible, Puppet, Chef, Git, GitLab… the list of tools you can supposedly use to automate your network is endless, and there’s a new kid on the block every few months.

In Episode 77 of Software Gone Wild we explored Salt, its internal architecture, and how you can use it with Mircea Ulinic, a happy Salt user/contributor working for Cloudflare, and Seth House, developer @ SaltStack, the company behind Salt.