It's Never The Network

Practical Automation - mod_acl

By Brandon James on 2019-12-31 Filed Under: Route/Switch, Automation, Programming
Managing access lists is one of the more painful parts of being a network engineer. Once you've finishing working out what should or should not be allowed, you write the ACL and then paste it into all your devices. The minute you finish, the requirements change or the business lets you know what you just broke. In the future, SGTs and SDN promise to fix this problem, but you might not be there yet. `mod_acl` is a simple and fast way to manage ACLs.

Bootstrap Router Hash Function

By Brandon James on 2019-12-06 Filed Under: Route/Switch, Programming
RFC 7761 describes a hash function used to load balance multicast groups between Rendezvous Point (RP) candidates when you are using Bootstrap Router (BSR). The hash function isn't straight forward and I was unable to find a resource that described it in detail. One feature of the hash function is an adjustable hash mask length. I think it's important to understand what the function does and how adjusting the mask impacts RP selection. I do my best to describe it here and provide some resources to help you select the best hash mask length for your environment.

Never The Network

By Brandon James on 2019-11-23 Filed Under: unfiled
A month ago I decided to submit NTN to Cisco's IT Blog Awards in the Best Newcomer Category. To my surprise it got selected as a finalist. Since I don't have an about page, I wanted to briefly write about who I am, what NTN is and my plans for the future of NTN.

A Power User's Guide to the Linux CLI

By Brandon James on 2019-10-10 Filed Under: Cheatsheets, Linux
At first, I was using Linux because I'm a nerd and that's what we do, but I continue to use it because it increase my productivity.

Practical Automation - Netwatch

By Brandon James on 2019-09-12 Filed Under: Automation, Programming
In this article I give a brief introduction to my Netwatch script.

Locator/ID Separation Protocol - LISP

By Brandon James on 2019-09-04 Filed Under: Route/Switch
The Locator/ID Separation Protocol or LISP was originally designed to decrease the size of routing tables on the Internet. As the protocol matured it made it's way into the enterprise[^1] though solutions like Cisco Software Defined Access. In this article I provide a summary of the problem LISP solves and how LISP functions. The purpose of this article isn't to cover the protocol in it's entirety, but to build an awareness of how the protocol works.

How I Automate - Concurrency

By Brandon James on 2019-08-01 Filed Under: Automation, Programming
Interacting with Network Devices can often be I/O limited. A function runs, waits for a response from the device, then another function runs so on and so forth. This is made worse by the fact that scripts are often run against multiple devices. After all the purpose of scripting is to speed up repetitive tasks.

WLC CLI Cheatsheet

By Brandon James on 2019-07-30 Filed Under: Wireless, Cheatsheets
The WLC CLI can be a little less than intuitive at times. I put together this quick reference with some of my most used WLC commands.

Bitwise Operations and Subnetting

By Brandon James on 2019-07-29 Filed Under: Route/Switch, Programming
I wrote a simple subnet calculator in C. Here are my takeaways from the process and some information on how it works.

Don't use FHRPs without Authentication

By Brandon James on 2019-02-17 Filed Under: Route/Switch, Security
FHRPs have obvious benefits, but a misconfiguration could allow an attacker to MiTM your traffic.