By:
On:
In: automation
With: 0 Comments

Yesterday I attended a short presentation held by David Barroso introducing the NAPALM-„Validation“-Module. Configuring the Network fully automated is just half the way to go. Checking the Network-State the other half. Python-Script Had to try it out the easy-way using just python (without ansible) first: Static YAML-File Validating against the following static „validate.yaml“-File: leads to the following result Whats wrong with the Router? „nested = True“ means – the issue is downward in the datastructure. In the example, the first Object with „nested = False“ is „prefix_length“ The Prefix-Length („Subnet-Mask“) is wrong: wanted: /25-Bit configured: /24-Bit. Validate the output of commands which use additional parametersRead More →

By:
On:
In: automation, linux
With: 0 Comments

In real life an hardware-ISR/ASR-Router might be the correct choice. Create a CSR1000v-Instance with nested Virtualization support But since the CSR1000v-Router supports Service-Containers, too – this is the chance to prove the setup in a lab environment: IOS-XE 3.17 is the first supported release, i’ll go with IOS-XE 16.7.1 Option to enable unsigned containers any 3rd party KVM Libvirt based format / YAML manifest file Requires 4GB+ dedicated RAM ASR1000, ISR4000, CSR1000 5 Minutes to deploy the virtual CSR1000v-Router using COT I’ll use COT (Common OVF Tool (COT) – Automated Lab-Router Deployment) to deploy my CSR1000v-Router: Boot the Router Check the Virtualization-Environment: fail 🙁 MachineRead More →

By:
On:
In: automation, linux
With: 0 Comments

Network Hosted Kernel Virtual Machine (KVM) Many Cisco Routers allow you to host your own virtual machine directly inside a router. DevNet: Cisco IOS KVM Service-Containers CSR 1000v ISR 4000 ASR 1000 I went through the documentation, especially Service-Containers-Tutorial.pdf and Ubuntu – Building a Service Container.pdf where very helpful. But i didn’t want to go the „Ubuntu-Desktop-14.04-LTS“-way which was described. „My“ Service-Container-VM should be: Ubuntu 16.04 LTS provides longer support (April 2021) Releases – Ubuntu Wiki Ubuntu Server save some compute/cpu/dram/harddisk-ressources by not installing an Ubuntu-Desktop-Environment inside the Router. Just network services, please! The whole deployment process can be accomplished in five steps: build aRead More →

By:
On:
In: automation
With: 0 Comments

No. There’s no need to export the IOS-Config, deploy another Router-VM using an OVA and import the old IOS-Config to this new router. even, if finetuned… This strategy might lower the downtime!? VMware uses this strategy when upgrading NSX-Edge-Gateways very successfully! But this is a lab environment, i’ll have to upgrade almost ten CSR1000v-Routers and there’s no time to do it manually router-by-router. The common process is as it has been for the last decades: copy the new csr1000v-bin-File into the routers bootflash verify the file set the boot-variable reboot Upload BIN-File into the routers There might be dozens of valid possibilities to get theRead More →

By:
On:
In: automation
With: 0 Comments

Routers with more than three interfaces? Not that uncommon! It might be handy, if several devices are needed with more than three interfaces, to: not: deploy the devices with three interfaces first add the needed number of interfaces to the routers attache tne new interfaces to the correct vSphere-Portgroup but instead: create an OVA-Template with the correct number of interfaces (one time) deploy the routers and attach them during deployment to their portgroup So using vNIC Hot-Add might be not the favourite way to work. Common OVF Tool COT lets you to deploy Cisco CSR1000v routers by easy to use (linux-)commands. (Common OVF Tool (COT)Read More →

By:
On:
In: automation
With: 0 Comments

I usually use an „wr“-command-alias, an EEM-Applet or the IOS-Archive-Feature to copy the running-config to a central repository when an admin enters the „write“-command [copy running-config startup-config]. Sometimes it’s handy to pull the current running-config from a device. Following Centralized access to device-configuration and other state-information using NAPALM – NAPALM makes this very easy:Read More →

By:
On:
In: wan
With: 0 Comments

My apprehension – a weird nightmare of having to shutdown the router, add the nic and boot the router again – proved wrong. vNIC Hot-Add is supported for VMware ESXi, Citrix XenServer and KVM Not for Hyper-V, Azure, AWS today. Cisco: Virtual Machine Requirements …up to 10 vNICs for ESXi btw. Starting with three default-interfaces select the VM go to „Edit Settings“ Next, Next, Finish be patient …Hot-Remove is supported only using a special „two-step“ strategyRead More →

By:
On:
In: automation
With: 0 Comments

Is this SDN (Software defined Networking)? I think so! I really love to provision new Cisco CSR1000v lab-routers without the need to do everything manually in the graphical user interface. It’s possible to provision production-routers, too, of course: Just add your license-information to leave the 100Kbps-limit behind (which is no handicap for normal lab-usage). The Common OVF Tool (COT) (Documentation) enables me to do this by injecting an initial startup-configuration into the cisco-provided OVA-file before deploying it to an ESXi-host. Interactive Cisco CLI-Commands possible And, even better, the Cisco CSR1000V allows interactive CLI-commands within the injected configuration: building new bootflash-directories, creating a SSH-key. Injecting theRead More →

By:
On:
In: automation
With: 0 Comments

In Configure RMON Alarms&Events by script I’ve shown a short python-algorithm to to discover all Cisco class-based QoS (cbQoS) packet-/drop-counters and to generate RMON-alarms for each. The router monitors these counters every 300s, calculates the delta for the interval and raises RMON-events when there were packets/drops or when the have been before but not anymore. This RMON-event has been configured as an syslog-message to an syslog-receiver etc. The existing script just generated a list of cli-commands which had to be entered manually to the router-config. Not a valid aproach when having hundreds devices to be configured. Now i want the script to automatically configure theRead More →

By:
On:
In: automation
With: 0 Comments

Since I still want to build a centralized solution for automated configuration of RMON-alarms to monitor Cisco cbQoS-packet/drop-counters a solution to retrieve and modify device configurations was needed. The NAPALM (Network Automation and Programmability Abstraction Layer with Multivendor support) Framework seems to provide the required features. NAPALM Installation Some NAPALM-IOS dependencies have to be fulfilled first. The „partial installation“ seems to be not working anymore, the full installation uses some KB more ressources, not worth to think about the partial installation… IOS Preperation To allow remote-access to the centralized NAPALM server these features need to be enabled in each IOS device: Remote-Access via SSH, SCPRead More →