Messages

so where are these functions coming from

e.g.

interface.split()
int_range.append()
start_range.append()
each.split()
etc?

I don't see the functions being defined
are you importing a module from another source?

Adding to what dlots said. It might be helpful to remember when you get to picking up classes that everything in python is an object. Strings, lists, dictionaries...all the built-in types are just objects with their own methods (like .split() and .append()) that help you do cool shit.

Strings: https://docs.python.org/3/library/stdtypes.html#string-methods
Lists: https://docs.python.org/3/tutorial/datastructures.html
Dicts: https://docs.python.org/2/library/stdtypes.html#mapping-types-dict

I have been using it for a while, its OK. Auto NetKit or whatever is cool when it works but there are more annoyances then positives for me. Example, when using FLAT newtworks you can't have static reservations for devices. So reboot CML lab and everyone gets a new IP. Annoying as thats a primary means to remote access these device outside of console. Several things like that and I wonder why we spend money on this thing. We also fight over whos lab can run. I finally gave up and just spun up my own GNS3 box.

Odd, it's just OpenStack, and you can do reservations for flat networks in neutron. You'd probably have to into the weeds on openstack though. I haven't messed with CML in over a year, but my beef was that you were paying out the nose for something that lacked parity with VIRL (iirc, missing whole platforms compared to the VIRL offering).

That is awesome.
Are there any jenkins smarts to parsing ansible stdout or python stdout? e.g. interpreting ping or traceroute or even show results. Or would you have to code the logic into your python originally?
So jealous of how everything is precanned for linux stuff but we're stuck on doing tonnes of expect style manual parsing

Haven't messed with Jenkins, but Ansible has the ability to add custom callback modules that let you return play/task results however and in whatever format you want. That'd probably make doing $magic in Jenkins feel less screen-scrapy.

Would like to hear other people's thoughts. I've never been a fan, the cost of burning front-panel ports for basically the same features as a VRF don't balance out for me.

[Takeaway]

Does this address what you're getting at?

http://blog.ipspace.net/2014/06/trident-2-chipset-and-nexus-9500.html

No routing with overlays (BRKARC-2222 slide 81). Trident 2 chipset doesn't support routing of VXLAN-encapsulated packets, and based on some other vendors' limitations it seems it has the same challenges with any overlay technology (including TRILL and potentially SPB).

It's my understanding (based on scarce information available) that the problem might lie in the structure of the forwarding pipeline – by the time the chipset figures out it's the overlay tunnel endpoint for the incoming packet, and performs the L2 lookup of the destination MAC address, it's too late for another L3 lookup.

The workaround is hinted at in the BRKARC-2222 presentation: the packet has to be recirculated through the forwarding pipeline.

Remember the front-panel cables between F2 and M1 linecards on Nexus 7000? Same idea, implemented in silicon, probably resulting in similar performance.

Cisco solved the problem with its ACI Leaf Engine (ALE) chipset. One could also implement L3 forwarding on fabric modules in modular switches, or use a second Trident 2 chipset (building a leaf-and-spine architecture within the ToR switch).

Takeaway: Trident 2 has challenges performing L3 forwarding in combination with L2 tunnels. Have a long discussion with your vendor before implementing a design that uses the two features together, even when the datasheets imply everything works just fine.

Finally, looking at the Nexus 9300 architecture (BRKARC-2222 slide 59), there are only 8 40GE lanes between Trident 2 chipset and ALE chipset on Nexus 93128TX, which means that you won't get line rate VXLAN routing on Nexus 93128TX.

I had a brief stint in the MPLS provisioning team for an international SP here in Sweden back in 2008.
From what I can remember I did quite a bit of local-as and allow-as in.
But it was a limited position, ie check these boxes, fill in these values and hit commit type of work. If something doesn't work? Escalate and move on.
So I never did get a good understanding of the whole setup and I moved after a few months.

Only been a customer, but with a handful of l3vpn providers. Local-as is what they did when a spattering of ASNs wasn't going to work or they just used private ASNs by default.

I'll add ncclient.

https://github.com/ncclient/ncclient

Graylog, ELK stack, or splunk if you're made of money.

I wouldn't worry too much about vSwitch configuration. Sounds like this is all taking place in a pre-boot environment that's as lean as possible. So no vSwitches or or any of the other fanciness in ESXi proper. It also might be why it can't handle the MLAG. I'd google around for ways to PXE boot an LACP bundle. Immediate search comes up with arista specfic info from /r/networking about port-channel lacp fallback. Maybe that helps.

https://www.reddit.com/r/networking/comments/2kslop/how_to_handle_lacpbonding_with_systems_that_need/_that_need/

I like option 1. I think availability and scale are better addressed at higher levels in the OSI. Yeah, I know that's nearly impossible for a lot of enterprises.

If you have to do L2 over a DCI, EVPN might be another option. Supposedly better than pseudowires, but I'm way out of my domain here. Just starting the uptake on it.

Wintermute I used the same website:

Bandwidth-delay Product and buffer size

BDP (100 Mbit/sec, 340.0 ms) = 4.25 MByte
required tcp buffer to reach 100 Mbps with RTT of 340.0 ms >= 4150.4 KByte
maximum throughput with a TCP window of 64 KByte and RTT of 340.0 ms <= 1.54 Mbit/sec.

so, 1540000 bit /8 = 192.5kbyte/s total bit rate.
Add on VPN headers, the odd packet loss (as some packets do get lost), as well as TCP / FTP headers I expect this is why I'm getting around 180k, roughly.

Although I have seen single connections sometimes getting quite high throughput yesterday, 400k.

What's the deciding factors to go above 64k window size? I'm going to install wireshark and see what is going on.

afaik, XP doesn't initiate window scaling by default, and from what I've read, neither does Win7 in some configurations (e.g. "Public" networks). There are registry hacks you can do for both to enable though. I've run into this exact issue with a long-fat connection where $stupidapp didn't do connection parallelization or window scaling. Easiest way to confirm is to see what's happening in wireshark but the math certainly seems to suggest that's the case.

Reminds me of the US Navy report from a few years ago on why we shouldn't build Death Star-like projects. Droids and X-wings are the way to go.

Huge carriers that are sitting ducks = Death Stars

Supersonic anti-ship missiles that can sink huge carriers = droids / x-wings.

Deathstar should've had these.

https://en.wikipedia.org/wiki/Phalanx_CIWS

@AspiringNetworker

Nope all good and valid responses. With me Im not looking for a test answer but what you just provided, a discussion on the subject.

With the past couple rounds of interviews my boss and I decided to shift from a round-robin fire of pointed questions to an open-ended whiteboard session. This keeps the candidate relaxed and fuels more discussion. Which leads to deeper visibility in what they know. The interview is based around asking them to design a network on the whiteboard with a handful of specs. Very open ended and then we throw in questions as we go. Either side of the table can take a subject as deep or shallow as they want.

Came across a really good article on this recently that cites some research done on the efficacy of various interview techniques. tl;dr of it is unstructured interviews are bad and work-sample tests and structured interviews are good.

http://www.wired.com/2015/04/hire-like-google/

They look cool, but my laptop has no bluetooth, and i don't want to give up my wireless connection when I am using a console port :-(

You can configure them to join the same wireless network you're on, assuming it's secured with a PSK. Or you can plug in the RJ45 port and it can bridge its wireless onto the wired.

Being able to google while you're consoled in was definitely something they put some thought into.

Get an airconsole, and tell any one who asks to borrow it to die in a fire.

http://www.get-console.com/airconsole/