Using Ansible to deploy Juniper configurations

Ansible_plus_Juniper
Automation is a growing technology in enterprise IT departments.  The ability to automate hundreds of steps for developing, building, deploying, and scaling applications and servers is a huge win for many of our fellow engineers.  Both DevOps and SysOps are loving the new power that it brings.  But, what about NetOps?  Is there any love there?  Well, there is now, thanks to a few developers at Juniper Networks, Ansible, and others. In this video, I will show you how to deploy a configuration to Junos devices using Ansible.  The configuration is just a simple single-line configuration, but I...
More

Using Python for Juniper on a Mac

stock_175px-juniper-networks
Juniper Networks has developed a python library to manage their devices.  The library is called "junos-eznc" hosted at GitHub.  This library is meant to be able to handle commands programmatically that you would usually do at a CLI.  In order to use it, you will need to also install "ncclient" which implements NETCONF in python.  The easiest way to install is to use PIP. MacPro:~ aaronpaxson$  sudo pip install ncclient MacPro:~ aaronpaxson$  sudo pip install junos-eznc If you receive an error regarding "error: 'cc' failed with exit status 1", this is because you don't have the C compiler in...
More

Cisco OnePK Topology

OnePK-AllInOne-Topology
In my last post, I showed you how to get Cisco's free OnePK all-in-one VM to run inside Parallels for your testing.  I needed an easy-to-read topology map for quick reference as I do my tests.  The topology map that Cisco put in their documentation is less than ideal.  Below is my diagram.  Some quick notes: The brown ethernet segment (10.10.10.0/24) is the VM Guest segment.  This allows you to access the routers from within the VM using the static IP's assigned to the interfaces. The red ethernet segment (ETH1 / DHCP) is a DHCP-based segment for the VM Host.  This allow you to access th...
More

Cisco OnePK VM in Parallels

cisco-onepk-logo
Over the last couple of weeks, I've been bit by the "Automation Bug".  I want to automate everything.  Why?  Well, there are two reasons why I want to automate everything I can: Remove tedious, mundane, and repetitive tasks.  If I can do the same task over and over again, not only do I save time, but I remove any human errors from the equation. Abstract the complexities of the tasks at hand.  This is very useful when delegating the tasks to personnel who may not fully understand or know the intricacies of the steps. This week, I've started to learn about Cisco's OnePK software develop...
More

Facebook offering network switches?

Cat5 Cable
Well, maybe not Facebook, itself, but with the community it has spawned. The news is sparking again with SDN buzz, as Facebook’s OCP project (Open Compute Project) has signed up a network hardware manufacturer to build and sell the ‘Wedge’, as Facebook calls it. The Wedge started as a design idea built on an open-source community to build and weave different pieces of hardware to accomplish a task. It could be a web server, or, as you may have guessed, a network switch, with SDN being a core-concept in it’s use. As such, specific software-defined interfaces are built into the design. On ...
More

Starting Juniper Certs? There’s an app for that!

Junos-Genius-Icon
For those starting on your Juniper journey into certifications, Juniper Networks has created a fantastic app for your Apple Devices to help you prepare for your entry-level exams.  But, you droid users out there aren't left out.  Called "JUNOS GENIUS", this app helps you determine if you are ready for entry-level exams.  JNCIA is the base exam that all other certifications require, building on concepts and foundations of the Junos Operating System.  Building up from that, are the "Specialist" exams.  In Cisco parlance, they would be the equivalent to the CCNA certifications. Juniper release...
More

DNS Doctoring

DNS-Icon
DNS Doctoring is a very useful tool, if your firewall supports it.  It does pretty much what the title says, it "doctors" the responses of DNS.  I use it alot in my existing infrastructure using my Cisco ASA firewalls.  Recently, we are migrating away from Cisco ASA, and I needed to know how to preform DNS Doctoring on Juniper SRX's.  Google to the rescue. While Juniper does an 'ok' job documenting this, in my searches, I ran across this blog post from Bart Jansens, where he gave his opinions about DNS Doctoring on a Juniper SRX.  The author made this comment, which I do not necessarily agr...
More

Upgrade HP Switch using Intelligent Management Center

stock_IMC_mgmt
Earlier this year, I had a need to upgrade 2 HP 5406's.  These switches (commonly used as aggregate switches) are used as a central core for an office of approx 500 nodes.  These switches are used in redundancy using MSTP and OSPF.  The below video shows how easy it was to upgrade the equipment. [youtube]http://www.youtube.com/watch?v=yeiGpfmj8BM[/youtube]
More

Why the stupid C15 power cord!

      It never fails. You have a failure, and it will be faster to replace now, and deal with repairing/replacement later. You have a network switch sitting in a cabinet. Maybe it was removed from an old wiring closet, or possibly set there as a hot spare to be used somewhere else. In either case, you now have a need for that switch. You rush to grab the switch, set it down on your desk or bench, and grab a system to console in and get it ready. Console port? Check. Config of the failed switch? Check. Now, let’s power her up! Wait…. What the…. C16 Po...
More

Juniper 2200EX-C Fanless switch

stock_175px-juniper-networks
A few weeks ago, we had a small project to get a remote desk location setup.  This location is 1000' from the nearest IDF, so we had to come up with a new demarc.  Since only 2 computers will be running here, there was not a need for an expensive cabinet with high-density switch.  Instead, I decided to just run fiber to a smaller switch.  So, I purchased the Juniper 2200EX-C 16-port PoE fanless switch. Once you take it out of the box, the first thing you'll notice is the weight.  For something so small, you'll be surprised how much weight it has.  Once you pull it out of the anti-static ba...
More