Imagine a life where you would be able to…

• Find all interfaces that have VRRP configured but no useful VRRP neighbor;
• Find all OSPF adjacencies that should be up but are not;
• Get an alert every time the default IP route is lost;
• Find all MTU mismatches in your network;
• List all VXLAN-to-VLAN mappings across your data center, and find if two different VLANs map into the same VXLAN VNI;
• Compare IP routes in your data center to those you had yesterday;
• Verify that IP routing tables on all spine switches contain the same prefixes;
• Do the same comparison before and after a software upgrade;
• Identify changes in IP routing tables or ARP tables that happened between yesterday evening and this morning;

… and be able to do all that in a multi-vendor environment without writing tons of Ansible playbooks or Python code.

A tweet by Corey Quinn pointed me to his hilarious riff on the you are not Google and don’t have the same problems theme. Enjoy!

Mat Jovanovic decided to follow my lead and migrate his blog from Blogger to Hugo, using Docsy theme, AWS Amplify as the CI/CD pipeline, and AWS S3 as the hosting platform.

Nice job… but he did way more than that - he documented the whole process, including tool selection, setup, and Blogger migration.

Thank you Mat! Every time I see someone publishing blog posts about open-source tools on Medium I’ll send them a link to your blog (with a comment “this is how you should blog about open-source solutions”).

It’s incredible how many people assume that The Internet is a thing. In reality, it’s a mishmash of interconnected independent operators running mostly on goodwill, misplaced trust in other people’s competence, and (sometimes) pure dumb luck.

I described a few consequences of this sad reality in the Internet Has More than One Administrator video (part of How Networks Really Work webinar), and Nick Buraglio and Elisa Jasinska provided even more details in their Surviving the Internet Default-Free Zone webinar.

The third hands-on exercise in our Networking in Public Cloud Deployments online course asks the students to deploy a web server in a public cloud of their choice using infrastructure-as-code principles.

Not surprisingly, Erik Auerswald created another fantastic writeup when solving that exercise, including exploring the problem space, detailed description of his Terraform-based solution, and testing procedures. Enjoy!

There was an obvious invisible elephant in the virtual Cloud Field Day 7 (CFD7v) event I attended in late April 2020. Most everyone was talking about AWS, how their stuff runs on AWS, how it integrates with AWS, or how it will help others leapfrog AWS (yeah, sure…).

Although you REALLY SHOULD watch my AWS Networking webinar (or something equivalent) to understand what problems vendors like VMWare or Pensando are facing or solving, I’m pretty sure a lot of people think they can get away with CliffsNotes version of it, so here they are ;)

Andrea Dainese is continuing his journey through open-source NetDevOps land. This time he decided to focus on log management systems, chose Elastic Stack, and wrote an article describing what it is, why a networking engineer should look at it, and what’s the easiest way to start.

Got mentioned in this tweet a while ago:

Watching @ApstraInc youtube stream regarding BGP in the DC with @doyleassoc and @jtantsura.Maybe BGP is getting bigger and bigger traction from big enterprise data centers but I still see an IGP being used frequently. I am eager to have @ioshints opinion on that hot subject.

Maybe I’ve missed some breaking news, but assuming I haven’t my opinion on that subject hasn’t changed.

After setting the stage clarifying the current Cisco SD-WAN deployment scenarios, David Penaloza focused on definitions and fundamentals that must be considered before dealing with solutions that hide and abstract complexity like overlays, routing, and network virtualization from the network administrator.

One of the attendees of our Building Next-Generation Data Center online course submitted a picture-perfect solution to scalable layer-2 fabric design challenge:

• VXLAN/EVPN based data center fabric;
• IGP within the fabric;
• EBGP with the WAN edge routers because they’re run by a totally different team and they want to have a policy enforcement point between the two;
• EVPN over IBGP within the fabric;
• EVPN over EBGP between the fabric and WAN edge routers.

The only seemingly weird decision he made: he decided to run the EVPN EBGP session between loopback interfaces of core switches (used as BGP route reflectors) and WAN edge routers.

Being stuck at home like most everyone else we’re continuing the increased pace of content production in May 2020:

• I’ll continue the Introduction to Containers and Docker update. We got through the basics the last time and will cover Linux namespaces and how Docker uses them on May 5th.
• We finally found an independent guest speaker familiar with Cisco ACI. Mario Rosi will start the Cisco ACI series with an introductory webinar on May 12th.
• Dinesh Dutt will continue his Network Automation Tools update on May 19th.
• Hoping to get through Introduction to Docker on May 5th, I plan to do a deep dive into Docker Networking on May 26.
• Finally, I’m positive I won’t cover all the bridging and routing material I created in today’s webinar, so we’ll continue with routing protocol basics on May 28th.

Imagine that you just stumbled upon the hammer Thor carelessly dropped, and you’re so proud of your new tool that everything looks like a nail even though it might be a lightbulb or an orange.

That happens to some people when they get the network automation epiphany: all of a sudden CLI and manual configuration should be banned, and everything can be solved by proper incantation of Git and Ansible commands or whatever other workflow you might have set up… even though the particular problem might have nothing to do with what you have just automated.

Kode Vicious (aka George V. Neville-Neil ) wrote another brilliant article on reducing risk in systems that can do serious harm. Here are just two of the gems:

The risks involved in these systems come from three major areas: marketing, accounting, and management.

There is a wealth of literature on safety-critical systems, much of which points in the same direction: toward simplicity. With increasing complexity comes increasing risk …

For whatever reason most networking- and virtualization vendors joined a lemming-like run in the opposite direction years ago.

Ben Friedman and his team (the video crew producing all the Tech Field Day events) published a number of interviews about the impact of COVID-19 on IT.

Among other things we discussed how busy networking engineers are trying to cope with unexpected demand, and how public cloud isn’t exactly infinitely elastic.

This podcast introduction was written by Nick Buraglio, the host of today’s podcast.

As private overlays are becoming more and more prevalent and as SD-WAN systems and technologies advance, it remains critical that we continue to investigate how we think about internetworking. Even with platforms such as Slack Nebula, Zerotier, or the wireguard based TailScale becoming a mainstream staple of many businesses, the question of “what is next” is being asked by an ambitious group of researchers.