Imagine that you just stumbled upon the hammer Thor carelessly dropped, and you’re so proud of your new tool that everything looks like a nail even though it might be a lightbulb or an orange.

That happens to some people when they get the network automation epiphany: all of a sudden CLI and manual configuration should be banned, and everything can be solved by proper incantation of Git and Ansible commands or whatever other workflow you might have set up… even though the particular problem might have nothing to do with what you have just automated.

Kode Vicious (aka George V. Neville-Neil ) wrote another brilliant article on reducing risk in systems that can do serious harm. Here are just two of the gems:

The risks involved in these systems come from three major areas: marketing, accounting, and management.

There is a wealth of literature on safety-critical systems, much of which points in the same direction: toward simplicity. With increasing complexity comes increasing risk …

For whatever reason most networking- and virtualization vendors joined a lemming-like run in the opposite direction years ago.

Ben Friedman and his team (the video crew producing all the Tech Field Day events) published a number of interviews about the impact of COVID-19 on IT.

Among other things we discussed how busy networking engineers are trying to cope with unexpected demand, and how public cloud isn’t exactly infinitely elastic.

This podcast introduction was written by Nick Buraglio, the host of today’s podcast.

As private overlays are becoming more and more prevalent and as SD-WAN systems and technologies advance, it remains critical that we continue to investigate how we think about internetworking. Even with platforms such as Slack Nebula, Zerotier, or the wireguard based TailScale becoming a mainstream staple of many businesses, the question of “what is next” is being asked by an ambitious group of researchers.

A reader of my blog sent me this question:

Do you think we can trust DSCP marking on servers (whether on DC or elsewhere - Windows or Linux )?

As they say “not as far as you can throw them”.

Does that mean that the network should do application recognition and marking on the ingress network node? Absolutely not, although the switch- and router vendors adore the idea of solving all problems on their boxes.

One of the hands-on exercises in our Networking in Public Cloud Deployments online course asks the attendees to deploy a full-blown virtual networking solution with a front-end (web) server in a public subnet, and back-end (database) server in a private subnet.

The next (optional) exercise asks them to add IPv6 to the mix for a full-blown dual-stack deployment.

Two weeks ago I started with a seemingly simple question:

If a BGP speaker R is advertising a prefix A with next hop N, how does the network know that N is actually alive and can be used to reach A?

… and answered it for the case of directly-connected BGP neighbors (TL&DR: Hope for the best).

Jeff Tantsura provided an EVPN perspective, starting with “the common non-arguable logic is reachability != functionality”.

Now let’s see what happens when we add route reflectors to the mix. Here’s a simple scenario:

We started March 2020 with the second part of Cisco SD-WAN webinar by David Peñaloza Seijas, continued with Upcoming Internet Challenges update, and concluded with 400 GE presentation by Lukas Krattiger and Mark Nowell.

You can access all these webinars with Standard or Expert ipSpace.net subscription. The Cisco SD-WAN presentation is already available with free ipSpace.net subscription, which will also include the edited 400 GE videos once we get them back from our video editor.

Git is great (once you get beyond the basic recipes), and I love my new blog setup that allows me to keep track of all the changes I make with Git.

However, there’s a slight gotcha if you use Git with Markdown: whenever you change something, the whole line (and using tools like IA Writer a whole paragraph is a single line) is marked as changed, for example:

Adrian Giacometti described how he used Elastic Stack (ELK) to build a dashboard for his integration tests and network logs.

Maybe it’s time to build our own network monitoring systems from open-source components instead of paying vendors big bucks for slick PowerPoint slides.