IPv6 transition lab with NAT64

NAT64: Stateful NAT64, defined in RFC 6146, is a stateful translation mechanism for translating IPv6 addresses to IPv4 addresses, and IPv4 addresses to IPv6 addresses. It is called stateful because it creates or modifies bindings or session state while performing translation. It supports both IPv6-initiated and IPv4-initiated communications using static or manual mappings.

DNS64: DNS64 is used together with NAT64 and works as an addition to the standard DNS server. When DNS64 is asked for an AAAA record (IPv6 address for a hostname) but finds (or receives from an upstream DNS) only an A record, it synthesizes the AAAA record from the A record. The first part of the synthesized AAAA record is a well-known or service provider assigned IPv6 prefix, which is also used with NAT64. The second part of the AAAA record is an IPv4 address of the IPv4 host that is found in the A record.

Lab topology for IPv6 NAT64
Lab topology for IPv6 NAT64
Continue reading IPv6 transition lab with NAT64

RESTCONF

What is RESTCONF?

RESTCONF is a network management protocol that provides a programmatic interface for accessing configuration data, state data, RPC operations, and event notifications defined in YANG within a networking device.

What is the relationship between RESTCONF and NETCONF?

RESTCONF uses HTTP methods to implement the equivalent of NETCONF CRUD operations (Create, Read, Update, Delete) on a conceptual datastore containing data defined in YANG. RESTCONF does not need to mirror the full functionality of the NETCONF protocol, but it does need to be compatible with NETCONF.

RESTCONF is not intended to replace NETCONF, but rather to provide an HTTP interface that follows Representational State Transfer (REST) principles and is compatible with the NETCONF datastore model.

Continue reading RESTCONF

NETCONF

What is NETCONF?

NETCONF is a network management protocol for configuration management and retrieving configuration and operational state data from network devices.

NETCONF uses a simple Remote Procedure Call (RPC) based mechanism to facilitate communication between a client and a server and uses XML for encoding the configuration data as well as the protocol messages. It uses Secure Shell (SSH) as the transport layer across network devices. It uses SSH port number 830 as the default port.

NETCONF also supports capability discovery and model downloads.

Continue reading NETCONF

YANG – Data Modeling Language

What is a Data Model?

A data model is a description of how data must be encoded for information exchange between two entities.

What is YANG?

YANG is a text-based data modeling language designed for use with any network management protocol including NETCONF and RESTCONF. YANG is used to model [semantics and constraints of] configuration and operational state data as well as general RPC data.

Continue reading YANG – Data Modeling Language

Ethernet Connectivity Fault Management (CFM) – IEEE 802.1ag

Ethernet Connectivity Fault Management – CFM, is an end-to-end per-service-instance Ethernet operation, administration, and management (OAM) protocol. CFM provides an equivalent of the ping and traceroute commands at layer 2 for large Ethernet metropolitan-area networks (MANs) and WANs.

CFM has its own Ether type (0x8902) and destination MAC address (for multicast messages). CFM employs regular Ethernet frames that travel in-band with the customer traffic so devices that cannot interpret CFM Messages forward them as normal data frames.

Continue reading Ethernet Connectivity Fault Management (CFM) – IEEE 802.1ag

Introduction to IS-IS

IS-IS was developed by the International Organization for Standardization (ISO) as part of their Open Systems Interconnection (OSI) model as a dynamic routing protocol for ISO CLNP. IS-IS was adapted to carry IP prefixes in addition to CLNP known as Integrated or Dual IS-IS.

ISO terminology

  • Router = Intermediate System (IS)
  • Host = End system

In the OSI context, an intermediate system refers to a router, as opposed to an end system (ES), which refers to a node. ES-IS protocols allow routers and nodes to identify each other; IS-IS performs the same service between nodes for routing purposes.

IS-IS

  • Interior Gateway Protocol (IGP)
  • link-state routing protocol
  • supports variable-length subnet mask addressing (VLSM)
  • supports classless Inter-Domain Routing (CIDR)
  • multi-path
  • forms neighbor adjacencies
  • has areas
  • exchanges link-state packets
  • builds a link-state database
  • runs the Dijkstra SPF algorithm to find the best path
  • runs directly on the data link layer (Layer 2)
  • doesn’t use IP addresses

Continue reading Introduction to IS-IS

Batch network configuration/ verification with Python.

This simple Python code reads a configuration/ commands file (script.txt) and a CSV formatted inventory file (inventory.csv) and then apply the configuration/ commands to the devices in the inventory file and finally generates a simple output file (output.txt).

Here is the CSV formatted inventory file:

ip,hostname,type,category,folder,username,password,telnet_port,ssh_port,netconf_port
192.168.240.201,IOSXRv-1,cisco_ios,csr,default,automation,P@ssw0rd,23,22,830
192.168.240.202,IOSXRv-2,cisco_ios,csr,default,automation,P@ssw0rd,23,22,830

And this is the Python script:

import csv
from netmiko import ConnectHandler
import sys

devices = []
response = ""

with open("inventory.csv", "r") as file_h:
    for record in csv.DictReader(file_h):
        devices.append(record)

with open("script.txt", "r") as file_h:
    script = file_h.readlines()

for device in devices:
    response = response + \
               "{HOSTNAME}[{IP}]:\n".format(HOSTNAME=device["hostname"],IP=device["ip"])
    try:
        with ConnectHandler(ip=device["ip"],
                            port=device["ssh_port"],
                            username=device["username"],
                            password=device["password"],
                            device_type=device["type"]) as connect_h:

            for line in script:
                response = response + connect_h.send_command_expect(line) + "\n\n"
                
    except:
        response = response + str(sys.exc_info()[0])

with open("output.txt", "w") as file_h:
    file_h.write(response)

Read more about network automation here:

Network Programmability and Automation: Skills for the Next-Generation Network Engineer

Read more about netmiko here: https://github.com/ktbyers/netmiko