segunda-feira, 22 de maio de 2017

FRRouting project



Fala galera beleza?

Em abril, foi lançado o primeiro release official do projeto FRRouting, que na verdade é um roteador Open-source baseado no Quagga e é desenvolvido/suportado pelos grandes players Open-Source e grandes comunidades linux da web (além do Linux Foundations):



 O roteador suporta diversos protocolos de roteamento (RIP, OSPF, ISIS, BGP, LDP etc.) além de diversas features de um roteador comum (route-map, ACLs, SNMP,  Zebra, Route-Server etc.) na versão atual, porém a equipe está trabalhando na compatibilidade com o protocolo MPLS para o próximo release:



 A CLI do roteador é baseada na IOS da Cisco, tornando muito mais simples a migração para essa nova plataforma:

 % telnet localhost 2601
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

Hello, this is frr (version 2.0)
Copyright © 1999-2005 Kunihiro Ishiguro, et al.

User Access Verification

Password: XXXXX
Router> ?
  enable            Turn on privileged commands
  exit              Exit current mode and down to previous mode
  help              Description of the interactive help system
  list              Print command list
  show              Show running system information
  who               Display who is on a vty
Router> enable
Password: XXXXX
Router# configure terminal
Router(config)# interface eth0
Router(config-if)# ip address 10.0.0.1/8
Router(config-if)# ^Z
Router#

Link:
https://frrouting.org/

Download:
https://github.com/FRRouting/frr/releases/tag/frr-2.0

O projeto é bem interessante e vale a pena conferir, até porque daqui a algum tempo provavelmente você irá se deparar com ele em algum roteador por ai, além da provável integração com redes SDN que ele irá trazer.

Abraços Pessoal

terça-feira, 9 de maio de 2017

Próximos cursos Nic.BR


Fala galera, o Nic.BR está abrindo inscrições para os cursos de Boas Práticas Operacionais para Sistemas Autônomos (final de Maio) e  também o curso de Curso Intensivo da Escola de Governança da Internet no Brasil (Agosto):

Conteúdo:
Introdução à Internet e aos Sistemas Autônomos
Governança
Endereços e plano de endereçamento
Introdução ao roteamento
Boas práticas para o roteamento
Tópicos avançados de roteamento
Gerenciamento de redes
Segurança
IX Fórum Regional

Um dos principais desafios do Curso Intensivo é a definição do programa. Com o avanço da Internet nas mais diversas atividades do nosso cotidiano a amplitude dos temas relacionados à Governança da Internet tem crescido e se complexificado. Para facilitar a abordagem desse extenso rol de conteúdos, o programa prevê um momento de atividades prévias, em que os alunos já terão acesso, por meio de ambiente online, a um conjunto de materiais e atividades estruturados com o objetivo de embasá-los para o acompanhamento da etapa presencial. As atividades prévias serão realizadas nas três semanas anteriores ao momento presencial.

Atividades prévias:

Consistem em um grupo de atividades a serem realizadas a distância abrangendo:

Leitura de bibliografia recomendada;
Acompanhamento de vídeo aulas sobre os assuntos a serem abordados no curso;
Aulas virtuais com os instrutores do curso para esclarecimento de dúvidas e debates orientados das leituras.
As atividades prévias são obrigatórias para todos os alunos.

As atividades prévias permitirão aos alunos terem acesso, por meio de ambiente online, a um conjunto de materiais e atividades estruturados com o objetivo de preparar os participantes para o acompanhamento da etapa presencial. As atividades prévias são obrigatórias para todos os alunos.

Momento presencial:

Estruturado com aulas expositivas, painéis, debates e outras atividades planejadas e preparadas pelo Corpo Docente e pela Equipe da Assessoria ao CGI.br. A carga horária, de 40 horas, compreende a realização do curso em uma semana.


Link:
https://cursoseventos.nic.br/turmas/

Já realizei o curso de boas práticas, vale a pena galera, o de governança também tenho ótimas recomendações.

Atualizando pessoal, abriram também inscrições para o curso à distância de IPv6 com ínicio no dia 25/05:

http://saladeaula.nic.br/courses/course-v1:NIC.br+IPV6-001+T001/about

Abraços pessoal.

quarta-feira, 3 de maio de 2017

GNS3 2.0 Stable release



Fala galera beleza?

O GNS3 acaba de lançar a atualização da sua versão estável do GNS3 com algumas mudanças interessantes como o  “save as you go” que salva automaticamente os seus projetos enquanto trabalha, smart packet capture, VPCS/clouds/switches templates, um novo  "cloud node", um novo  NAT node e muito mais, além dos novos vendors que a ferramenta suporta: Arista vEOS, Cumulus VX, Brocade Virtual ADX, Checkpoint GAiA, A10 vThunder, Alcatel 7750, NetScaler VPX, F5 BIG-IP LTM VE, MikroTik CHR, Juniper vMX e mais.

Acredito que o pessoal do GNS3 esteja correndo atrás do projeto EVE (os dois parecem competir a cada novo release qual o melhor emulador de redes), então segue as atualizações da nova versão:


What’s new in GNS3 version 2.0

Version 2.0 is a new major release of GNS3 which brings major architectural changes and also  new features.

GNS3 was only a desktop application from the first version up to version 0.8.3. With the more recent 1.x versions, GNS3 has the possibility to use remote servers. Now, in version 2.0, multiple clients could control GNS3 at the same time, also all the “application intelligence” has  been moved to the GNS3 server.

What does it mean?

Third parties can make applications controlling GNS3.
Multiple users can be connected to the same project and see each other modifications in real time.
No need to duplicate your settings on different computers if they connect to the same central server.
Easier to contribute to GNS3, the separation between the graphical user interface and the server/backend is a lot clearer.
All the complexity of connecting multiple emulators has been abstracted in what we call the controller (part of GNS3 server). From a user point of view, it means that it is possible to start a packet capture on any link, connect anything to a cloud etc.

Finally, by using the NAT object in GNS3, connections to Internet work out of the box. Please note this is only available with the GNS3 VM or a Linux OS with libvirt installed.

NEW FEATURES

Save as you go

Your projects are automatically saved as you make changes to them, there is no need to press any save button anymore. An additional benefit is this will avoid synchronisation issues between the emulators’ virtual disks and projects.

Multiple users can be connected to the same project

Multiple user can be connected to the same project and see each other changes in real time and collaborate. If you open a console to a router you will see the commands send by other users.

Smart packet capture



Now starting a packet capture is just as easy as clicking on a link and asking for new capture. GNS3 will guess the pick the best interface where to capture from.

The packet capture dialog has also been redesigned to allow changing the name of the output file or to prevent automatically starting Wireshark:

Capture on any link between any nodes

There is no longer any restriction on what kind of node can be used for a packet capture. Previously VPCS and Qemu were not supported.

Select where to run a VPCS node

Like for hubs and switches, it is possible to select which server to use when VPCS node is dropped into a project .

Delete a project from the GUI



Now you can delete a project from the file menu. All files will be deleted from your hard drive and remote servers.

Or via the project dialog



Project options

There are now multiple options allowing you to load a project with GNS3 in background and even to auto start the nodes.



The cloud is a real node

In previous versions of GNS3, the cloud was in fact a direct usage of the emulator capabilities to connect to external networks. In version 2.0, the cloud is a real node, this means:

Possibility to connect anything to any cloud
All links to a cloud support packet capture
There is no need to run emulators as root to connect to a cloud (only uBridge requires admin permission).
Cloud templates

You can create cloud templates with your favorite interfaces and symbols.

New cloud interface

The cloud interface is simpler with a unique select dialog for ethernet interfaces. We also merged host object into the cloud since the difference between the 2 objects was not clear for most users.



VPCS / Ethernet Switch / Ethernet Hub templates

You can create template for these nodes just like other nodes.

Search OS images in multiple locations

OS images can be stored in selected folder and used without providing the full path. GNS3 will scan these folders in order to find the correct images.



VM wizards offer a list of images available locally or remotely. GNS3 will upload an image for you if it can only be found locally.

Periodic extraction of startup configs for Dynamips and IOU

Startup configs are extracted at regular interval to avoid configuration loss if Dynamips or IOU crashes.

Custom cloud, Ethernet hub and Ethernet switch templates

It is possible to create custom templates (symbol, name format etc.)

Snap to grid for all objects

In version 1.5, we introduced the snap to grid feature. Now you can use it for rectangles, ellipses, images etc.

Synchronize the node templates when using multiple GUI

Node templates are sync between all the GUIs.

Link label style

The style of link labels can be changed just like labels for nodes (color, font, orientation etc.)

New place holders in command line for opening consoles

%I WILL BE REPLACED BY THE PROJECT UUID

When you open a console to a node you can pass %i to the console command line, this will be replaced by the project UUID allowing scripts to interact with your project.

%C WILL BE REPLACED BY THE CONNECTION STRING

When you open a console to a node you can pass %c to the console command line, this will be replaced by the connection string to the GNS3 server allowing your scripts to know how to connect to the GNS3 API.

Export a portable project from multiple remote servers

It is possible to export a project and reimport it to a single GNS3 VM if you a have a project running on multiple remote servers.

Note: You cannot re-import a project to the original multiple remotes or non GNS3 VM server. This a limitation of the export file format.

New save as

The old “save as” has been replaced by a project duplication feature. This feature will duplicate not just the .gns3 but also the disk data from all GNS3 servers.

With evolution of emulators, the complexity of the tasks to duplicate was bigger and we could no longer just duplicate the raw data. Behind the scene the import / export system introduced in version 1.5 using .gns3project extension is now used for duplicated projects.

Snapshots with remote servers

Snapshots are not supported when using remote servers. Behind the scene the import / export system introduced in version 1.5 is used for snapshots.

Better start / stop / suspend all nodes

Start / stop / suspend all nodes feature will limit the amount of process starting at the same time to optimize CPU usage.

Edit config

Dynamips, VPCS and IOU nodes support configuration editing from within GNS3. Note: this feature doesn’t automatically reload the config in the node.

NAT node

NAT node can be used to connect GNS3 nodes to the Internet without any configuration, this requires the GNS3 VM or Linux. This node uses the libvirt nat interface.

This also replaces the Internet VM, the conversion will be automatic for internet VM users. An additional benefit is that this will consume less RAM and CPU.

Support for colorblind users

The stop symbol is now a square in order to help colorblind users to see the differences with running devices.



Support for non local server

In previous version, disabling the local server was not officially supported.

Now if you disable the local server you can put settings for a remote server that will replace your local server.

Support for profiles

GNS3 can be started with the parameter --profile PROFILNAME in order to have different settings applied. This can be useful if one needs different settings for different usage of GNS3 (home vs office).

Or enable a dialog at startup



Suspend the GNS3VM when closing GNS3

For fastest exit and restart of GNS3 you can now suspend the VM. This works well with an SSD disk. For instance, it takes less than 4 seconds on an old macbook when previously the start time was 30 seconds.

Edit the scene size

The scene size can be changed if your project is bigger than the standard one.

IOU licence improved

Instead of the old licence file system. Now you can import the IOU licence and it will be sync across your devices.

BIOS image support for Qemu

You can now use custom bios image when running Qemu machines. This allow to use appliance with custom UEFI bios.

NEW API

Developers can find out how to control GNS3 using an API here: http://api.gns3.net/en/2.0/

Thanks to our controller, it is no longer required to deal with multiple GNS3 servers since most of the information is available in the API.

All the visual objects are exposed as SVG.

This API is quite complete, the only major missing part at the moment is creation and use of node templates.


sábado, 29 de abril de 2017

Passei na prova do CCIE 5.1 Written

Fala galera, hoje pela manhã realizei a prova do CCIE WR 5.1 e passei com o score de 854/1000 (foram 100 questões, vários Drag and Drops, muitas questões de multipla escolha, e muitas questões com várias tecnologias):



Cisco Career Certifications & Training
www.cisco.com/go/ccie
www.cisco.com/go/certsupport
Preliminary Examination Score ReportCCIE Routing and Switching Written Exam
Date Tested:
29-Apr-2017
Candidate:
Diego L Cesar
Candidate ID:

Registration ID:
Validation ID:

Testing Site:
53227
Exam Number:
400-101
Passing Score:
804
Your Score:
854
Grade:
Pass
The official score is based on a scale of 300 to 1000 points.
Cisco policy requires that you wait a minimum of 180 days before retaking a passed exam (with an identical exam number).
The following report shows your performance in each section of the exam:
The Certification Exam Policies webpage (www.cisco.com/go/exampolicy) provides a single resource giving key certification policies, agreements, and the CCIE policy page for information specific to the CCIE program. Consult this section for current information on program policies for Cisco Career Certifications exams.
The scores below are not cumulative.
Network Principles
89%
Layer 2 Technologies
92%
Layer 3 Technologies
76%
VPN Technologies
45%
Infrastructure Security
100%
Infrastructure Services
91%
Evolving Technologies
70%
















Se
Foi umas das provas mais diversificadas que já fiz, caiu de tudo praticamente (L2, roteamento, roteamento dinâmico, VPNs, MPLS, evolve technologies etc);

Segue algumas dicas para prova:

- Decore os tipos de atributos BGP pois cai um drag and drop com eles:


- Tipos de LSA e pra que servem (em redes NSSA, STUB etc) e um DnD das mensagens de OSPFv2 SA (essa chutei total);
- HSRP states;
- QOS,DSCP, ;
- STP, MSTP e RSTP;
- Redistribuição;
- ISIS;
- EIGRP DnD (mensagens, sucessor, feasible distance etc);
- Diferenã entre IGMP snooping, filter,
- DnD dos termos de MPLS (implicit-Null, explicite-Null, FEC etc);
- Drag and Drop de NAT (passo a passo como funciona, ex. primeiro ele checa a acl de entrada, etc);
- Tipos de IPV6 e de mensagens (Router advertise, neighbor soliciation etc, caiu um DnD);
- DnD de roteamento (BGP, OSPF, ISIS e RIPv2), além de DnD
- Estude SDN, IOT etc (evolve technologies), pois caiu umas 7 ou 8 questões sobre o tema (uma sobre segurança em IOT, outra sobre exemplos de protocolos southbound e northbond, outra sobre com qual ferramenta uma linha de script estava escrita - NETCONF, um drag and drop sobre pra que serve NOVA, CINDER, NEUTRON e GLANCE), DnD sobre mensagens NETCONF, o link abaixo deve cuidar desse assunto:
https://drive.google.com/file/d/0B7VR2pl2LSobRXpRZFl3OHRPMmM/view

Bom pessoal isso foi o que eu lembrei mais ou menos, boa sorte pra quem está estudando pra prova e cuidado pois a prova está se atualizando quase toda semana, abraços.