In Matt Duggan’s blog post, you’ll find a scathing review of another attempt to throw AI spaghetti at the wall to see if they stick: the GitHub Copilot Workspace.

He also succinctly summarized everything I ever wanted to say about the idea of using AI tools to generate networking configurations:

Having a tool that makes stuff that looks right but ends up broken is worse than not having the tool at all.

Daniel Dib went on another deep dive: Why Do We Have Native VLANs? What I loved most was that he went through the whole 802.1 standard (quite an undertaking) and explained the reasoning that VLAN-aware switches behave the way they do.

You should also read the follow-up post: what happens if a VLAN-unaware switch receives an 802.1Q-tagged frame?

Brad Casemore published an interesting analysis explaining why Cisco should accept being a mature company with mature products (yeah, you have to subscribe to view it). I always loved reading his articles, but unfortunately, this time, he briefly ventured into the “I don’t think this word means what you think it means” territory:

MPLS worked – and it still works – but it provided optimal value in an earlier time when the center of gravity was not the cloud. The cloud challenged the efficacy of MPLS, and it wasn’t long before SD-WAN, cloud connects, and interconnects […] represented an implacable threat to a status quo that had once seemed unassailable.

The second part of the paragraph is (almost) true, but it had nothing to do with MPLS.

In another wonderful deep dive, Julia Evans explains why you can’t edit the command line in some Linux utilities like the ancient sh.

You’ll also figure out:

• Why does CTRL-A jump to the beginning of the line?
• How can you enable command line editing in ancient utilities?

Have fun!

Last summer, I started a long-term project to revive the BGP labs I created in the mid-1990s. I completed the original lab exercises (BGP sessions, IBGP, local preference, MED, communities) in late 2023 but then kept going. This is how far I got in a year:

• Twenty-six deploy BGP exercises, including advanced settings like AS path manipulations, MD5 passwords and BFD, and new technologies like TCP/AO and interface EBGP sessions.
• Fifteen BGP routing policies exercises, covering the basic mechanisms as well as dirty tricks like route disaggregation
• Four load balancing exercises, from EBGP ECMP to BGP Link Bandwidth and BGP Additional Paths.
• Five challenges for everyone who got bored doing the simple stuff ;)

That completes the BGP technologies I wanted to cover. I’ll keep adding the challenge labs and advanced scenarios. Here are some ideas; if you have others, please leave a comment.

Long story short: Years after migrating my blog to Hugo, I found the willpower to deal with the “interesting” way Cloudflare Pages deal with static HTML files, changed the Hugo URL scheme, and spent two days fixing broken links.

Apart from having the satisfaction of ticking off a long-outstanding project, the blog pages should load faster, and I won’t have to deal with GitLab hiccups anymore.

If you notice anything being broken, please let me know. Thank you!

Bogdan Golab sent me a link to an (open access) article in Ethics and Information Technology arguing why ChatGPT is bullshit. Straight from the introduction:

Because these programs cannot themselves be concerned with truth, and because they are designed to produce text that looks truth-apt without any actual concern for truth, it seems appropriate to call their outputs bullshit.

Have fun!

One of my readers sent me this remark (probably while trying to work on the EBGP Sessions over the IPv6 LLA Interfaces lab):

I did attempt some of your labs, like IPv6 link-local-only BGP with FRR hosts, but FRR seemed not to play ball, or I was just doing it wrong.

As he was already using netlab, I could send him a cheat code:

Yesterday, I explained how you can run netlab examples in GitHub codespaces and mentioned that they work best with vendors who understand the value of frictionless downloads. But what if you’d like to use a device from one of the good guys who provide the container images but require a registration?

It turns out the solution is trivial:

A few days ago, someone asked me about the IPv4 next-hop details of running interface EBGP sessions. I pointed him to a blog post explaining them, adding, “And of course, you can test that in netlab.” A few minutes later, it hit me: instead of asking him to set up netlab locally, I could enable him to do that in a minute with GitHub codespaces.

Setting that up was easy: copy the .devcontainer directory from the BGP labs repository into the netlab examples repository and commit the change. After a short yak-shaving exercise (writing README files and rearranging a few folders), I successfully started the codespace and was ready for this blog post. There was just one gotcha…

Sharada Yeluri published an interesting overview of the evolution of network security, from packet filtering firewalls to GenAI and Quantum Computing (yeah, she works for a networking vendor ;). Definitely worth reading if you’re looking for an intro-level overview.

Some people insist on using Excel as the ultimate source of user-supplied data (including network automation source of truth).

If you agree with me that that’s not necessarily the best idea out there, you might enjoy this rant by Nikhil Suresh.

RFC 4264 defines BGP wedgies as “a class of BGP configurations for which there is more than one potential outcome, and where forwarding states other than the intended state are equally stable.” Even worse, “the stable state where BGP converges may be selected by BGP in a non-deterministic manner.”

Want to know more? You can explore a real-life BGP wedgie and fix it in the latest BGP lab exercise.

I plan to add several challenge labs using multihop EBGP sessions to the BGP labs project, including:

1. Running BGP between VMs and central BGP route servers
2. Using multihop EBGP session to send full Internet routing table to a customer without overloading the PE-router
3. Running EBGP EVPN session between loopbacks advertised with EBGP IPv4 session (🤢)

However, I would love to start with a simple use case to help engineers unfamiliar with BGP realize when they might have to use multihop EBGP sessions. Unfortunately, I can’t find one, and the scenarios where I used multihop EBGP in the past (EBGP load balancing and using a low-end router in the EBGP path, where I was effectively using the reverse application of #2 as a customer) are mostly irrelevant.

Would you have an easy-to-understand use case that is best solved with a multihop EBGP session? Please share it in the comments. Thanks a million!

I love open-source tools (and their GitHub repositories). Someone launches a cool idea, and you can dig through their source code to figure out how it works. It beats reading documentation or fixing AI hallucinations every day of the week ;)

Not too long ago, the containerlab team launched the ability to run containerlab within a free¹ container² running on GitHub, and that seemed like a perfect solution to run the BGP labs (Jeroen van Bemmel pointing me in the right direction was another significant step forward).