Cisco VIRL is the ideal testing environment when you want to test your Ansible playbooks with various Cisco network operating systems (IOS, IOS XE, NX-OS or IOS XR). The “only” gotcha: how do you reach those devices from the outside world?

It was always possible to reach the management interface of devices running with VIRL, and it got even simpler with VIRL release 1.2.

Russ White wrote a great blog post about our failure to predict the future. The part I love most:

If the definition of insanity is doing the same things over and over again, each time expecting different results, what does that say about the world of network engineering?

Enjoy!

Got this set of questions from one of my readers:

I just met up with DELL guys for Big Switch SDN. They claim there is no routing running on leaf switches, the BCF is purely OpenFlow.

Almost true. It is based on OpenFlow, but they use tons of their own OpenFlow extensions to get stuff to work. That’s also why you have to install their agent on the switches.

Like with the Next-Generation Data Center course, the live sessions in the Building Network Automation Solutions course include guest speakers, Q&A discussions, and solutions to sample challenges that you’ll be able to use to complete your homework assignments.

The guest speakers for the January 2016 course include:

After introducing the fundamentals of Docker networking, Dinesh Dutt focused on various Docker networking options, including multi-host networking with overlays.

After watching the video, you might also want to listen to Episode 49 of Software Gone Wild with Brent Salisbury, Dave Tucker and Madhu Venugopal.

I got a long list of VXLAN-related questions from one of my subscribers. It started with an easy one:

Does Cisco ACI use VXLAN inside the fabric or is something else used instead of VXLAN?

ACI uses VXLAN but not in a way that would be (AFAIK) interoperable with any non-Cisco product. While they do use some proprietary tagging bits, the real challenge is the control plane.

One of my readers wondered whether it makes sense to attend my Building Network Automation Solution course even if they plan to deploy a $Vendor platform.

It depends, this time on how fast and how far you want to proceed with network automation.

Another great blog post by Russ White: DNS is part of the TCP/IP stack, get used to it.

You might also want to tell application developers hard-coding IP addresses or anyone else believing in using /etc/hosts files instead of DNS that those things stopped being sexy around 1980.

A while ago I wrote:

I haven’t seen any hard data, but intuition suggests that apart from hardware failures a standalone firewall might be more stable than a state-sharing firewall cluster.

Guillaume Sachot (working for a web hosting company) sent me his first-hand experience on this topic:

During our summer team-building podcast we agreed it would be fun to record a few episodes along the “how do I become a programmer” theme and figured out that Elisa Jasinska would be a perfect first candidate.

A few weeks ago we finally got together and started our chat with campfire stories remembering how we got started with networking and programming.

I got into an interesting discussion with Johannes Luther on the need for VRFs and he wrote:

If VRF = L3 virtualization technologies, then I saw that link. However, VRFs are again just a tiny piece of the whole story.

Of course he’s right, but it turns out that VRFs are the fundamental building block of most L3 virtualization technologies using a shared infrastructure.

One of the challenges traditional networking engineers face when starting their network automation journey is the “build or buy” decision: should I use a plethora of small open-source or commercial tools and components and build my own solution, or should I buy a humongous platform from a reassuringly-expensive $vendor.

Most of us were used to buying platforms ranging from CiscoWorks to HP OpenView (oops, Business Technology Optimization Software) or now Cisco’s NSO, so it’s natural that we’re trying to map this confusing new world into old patterns, leading to interesting discussions like the one I had during one of my workshops:

In June 2016 I got an interesting idea: let’s create a webinar series with numerous guest speakers that would describe several widely-used network automation use cases.

It took me almost half a year to get there, but finally the first session is scheduled for November 22nd.

One of my readers sent me an interesting question a while ago:

Isn’t IS-IS a better fit for building L3-only networks than BGP, particularly considering that IS-IS already has a protocol to communicate with the end systems (ES-IS)?

In theory, he’s correct (see also this blog post).

Our Data Center optimization journey has finished. We virtualized the workload, got rid of legacy technologies, reduced the number of server uplinks, replaced storage arrays with distributed file system and replaced physical firewalls and load balancers with virtual appliances.

Let’s see what’s left: it turns out you really don’t need more than two switches in most data centers.