Fetching Pcap Files and running Wireshark – Junos Pyez

As a part of some content development and revision on MPLS, I was trying to capture some MPLS Pcap Files from the Vmx Router. The problem was that every time I capture a file, I had to first scp or sftp into the device and then after successful import, I had to run Wireshark on it.

The Aim of the post is to fetch the pcap file and run Wireshark on it. Am not a decent programmer by any stretch of the imagination, anyone can see that from my code 😉 but the point that matters is that it works and you should give it a try too.

https://github.com/yukthr/auts/blob/master/junos_pyez/getfile_executewireshark.py– Is the file

 

 

When I run this program to fetch a non-existent Pcap file

 

And when I query for an existent file

 

 

-Rakesh

 

Advertisements

Raspberry Pi and AWS IOT – First steps

Hi All,

I have slightly changed this to networking, but the intention and my current use is to measure the water level of a sump, since that deviates from the network blog writing, i have extended the same to a Router.

Purpose – Have a Router and also a Syslog Server which monitors my internal network (This can easily be extended to a Car / Moisture Sensor or a Temperature/Humidity Sensor), what we want to do is to make sure if any anomaly is seen in Log Messages, it logs to IOT service. We can then take this up as a Part-2 writing to perform a specific action / automated on what action can be taken to mitigate

Discussion about configuring a Linux device is out of scope, so lets think that we all have that setup. What happens next ?

Lets quickly see our python script, which parses for a anomaly, in this lets say when someone runs a ping command, well its not a anomaly but will do for our use-case.

 

 

logparse.py is our program, so i have imported it into the readily available sample program provided by AWSIOT Kit, so you dont have to know much of programming to do this, just to incorporate your code into the program.

Now lets start the program

 

Now, Finally if we observe the IOT Console, we can see the messages, based on this we can then continue the program to design a automatic response, storage and analysis of log messages and so on.

 

The main aim of the post was to introduce the IOT for someone starting with it. You can do the entire IOT example experience using a free-tier linux instance as well, you dont have to have a Hardware device to actually do a IOT if you really want to test it out.

 

You may extend it to anything which outputs the value and then can be sent to AWS IOT / S3 for further actions.

 

-Rakesh

 

 

 

Revisiting – Why IGP sync with LDP is required ?

Hi All,

I was preparing some content on MPLS for a training session  and as a part of it, was going through LDP. The interesting aspect is very obvious

-> LDP is dependent on IGP

-> What ever Draw-backs IGP has will be inherited by LDP

-> LDP has to be enabled on the Interface to exchange Labels, else it wont consider the exit-interface from IGP and hence there will be no LSP’s

So far so good and makes sense as well

 

I will not be boring with command line outputs in this case

-> I have disabled the interface between R3/R4 so if R3 Has to reach R1, it will use R3-R2-R1 path

All good, Am going to just tweak the metric of the interface on R3 -> R2 before I enable back the R3 – R4

Now let me enabled the interface between R3-R4

-> It has a Better cost

-> It has not been enabled for LDP

 

 

If we go back to R3, to examine the result

This is dangerously familiar for me 🙂 , There is a LDP neighbor, but No routes are present in Inet.3 (neither for R1 or R2) as Routes are learned from R4 for its best path but since R4 is not exchanging labels, R3 will not have any Inet.3 LSP’s inspite of having LDP neighbor.

What to do. ?

-> Troubleshoot – Obvious

-> Tie LDP to IGP

-> T-LDP Session

We all know the reason why LDP is no there – I have not explicitly not enabled it

We will explore the second option

What this does – Well, it simply increases the cost of the interface if the LDP adjacency is not seen on the interface while you have IGP on the interface.

R3—-no ldp -Yes IGP —- R4

As we see above, since there was NO LDP on R3—-R4, the metric is increased so that the other available path is choosen by Router which in-turn let LDP choose it

-Rakesh

Book Review – How SRE Relates to Devops

Link – https://www.safaribooksonline.com/library/view/how-sre-relates/9781492030645

Quick Read – Few Pages
Other Books which are related to SRE
-> Site Reliability Engineering: How Google Runs Production Systems

Few Points that I liked

– Quick read , hardly an hour
– Intro on how Devops got introduced
– what needs to be improved – Key Idea “No More Silos”
– stress on non-localization of knowledge, lack of collaboration
– New Job Role called SRE – Site Reliability Engineering
– Operations is a Software problem and Work to minimize Toil are some best examples of productivity and how we should view
– Key Idea – “Automate This Year’s Job Away” and “It’s Better to fix-it over-selves than blame someone else”

Good Read to understand the over picture of SRE Role and some of the
work Discipline Ideas.

-Rakesh

Analyzing data with Pandas Package – An Intro to Pandas

Hi,

Title may sound extremely Hitech for someone who never heard about pandas ;), but what I have written is a simple hello world equivalent  program, which I guess should start to help my day to day analysis, as always the aim is to let anyone know the advantage of something than hammering with some theory !

I was going through various python packages available to analyze data and came across pandas package along with numpy package. These are not there by default in Python installation and if you like them to be on your system, you should install them via PIP, I have them installed already hence you can see that it complains in the below image.

 

Note :

Understand why you need to have something like Pandas / Numpy even if you have never heard of them, that’s the point of this tiny program

Imagine, how you would solve this if you never knew Pandas/Numpy and you will see the power of these

packages, again you don’t have to know these to realize their full power.

 

Now coming to the requirement, here is a sample spreadsheet that I have below, its a CSV Sheet which contains certain values as RMA_Status and device names etc., a cooked-up sheet as you can clearly see

You can find it here as well

https://github.com/yukthr/auts/blob/master/random_programs/rma_status.csv

Requirement : Pretty simple, have the list of all Devices which are marked for RMA_Status Yes, well most of the times we can do via a GREP/Egrep, but it gets touch when you have lot of fields and when most of the tools already gives us a csv, this should be handy way to analyze or make a Cron-job to do it on a daily basis

Its a very simple program, nothing complicated (not even remotely capable of 😉 )

Below we are importing Pandas and Numpy, If you are not aware about these packages I would suggest to know their basic Intro, youtube is full of it, their use cases can save you a lots of time.

Have one Boolean Numpy Array created which has True and False Values out of your own, Data

Conditions. Here, we are seeing for the word ‘yes’, basically doing the below code is the crucial part and once we have the below, we are as good as printing the values which have ‘True’ vs leaving the values with ‘False’

Finally, we will take the Boolean Array and supply it back to our DataFrame, and it would return all the values which has appropriate ‘True’

 

Code for this – https://github.com/yukthr/auts/blob/master/random_programs/pandas_rma_analysis.py

This can be extended to whatever use case we can think off, people good in excel will do this in jiffy, but am not an expert in Excel.

 

-Rakesh

 

Cleared JNCIS-Devops

Last week I went to write JNCIS-Devops exam, I was under an impression that I may not be able to clear it but good did happen!

First and Foremost

-> I had the official training for JAUTcourse – The course is extremetly helpful as it provides the precise material and also the structured lab environment for you to explore and study, nothing beats a class-room study and training environment

But, after appearing I can tell you that you dont really require the offiicial training (if that is the only thing stopping you to think about the exam), the exam will test you for your understanding of automation philosophy and also how Juniper Implements it.

Topics of Interest

– Juniper  pyez – understand how everything helps in Pyez

Dayone Books Helps – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/

– Juniper ansible – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/

-Book – Network Programmability and Automation

https://www.safaribooksonline.com/library/view/network-programmability-and/9781491931240/

— Jsnapy – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/using-jsnap-automate-network-verifications/

All you need to have are couple of VMX devices a Linux machine and you should be able to deploy all of the automation efforts discussed in above books.

You dont have to know the code in your head or how to write a program, you need to havea good idea on the ideology of the code, what gets used where to get most of the exam.

 

Few Tips :

• Prepare for it in linear fasion than leraning everything on day
• Make use of the git repositories from Juniper
  • https://github.com/Juniper/py-junos-eznc
• I have been writing some simple Ansible and PYEZ scripts, Good for anyone who is starting with automation.
  • https://github.com/yukthr/auts

 

let me know if you have any queries, always happy to help.

 

-Rakesh

 

 

 

Plotting the interface flap – That’s some analysis

Hi,

What started to be a exploration project is now turning out to be pretty useful for me in day to day analysis. Back in days when I worked in support, there was nothing to predict or really worry about historical events for any future work, just grep for logs and you are done with the last flap and analysis.

Customers / Networks now look for more data, while there are systems which do the telemetry and prediction, from an analysis point of view, as an engineer I want to know if the device or a circuit over an interface is stable over a period of time or even if it flaps what is the likely time and day it flaps in a week for a smoother migration.

Requirement : Plot a simple graph analyzing the interface flaps over a period of one week for a  specific interface and decide the actions next from the log messages.[in this case i used a junos device]

Well grepping the logs is not something new for a seasoned engineer but having visual data will prove to be useful for a cutover or migration.

There are systems which can do this work on a day to day basis, most of us have them installed, I never used them to come to a conclusion that if it would be helpful for a migration or upgrade , I dont want to see a traffic dip and count or use a bash script which counts the flaps by cutting with complicated awk/sed and regular expressions , its a way and this is a another way.

Let me first give you the github link, if anyone wants to view or try out the code.

https://github.com/yukthr/auts/blob/master/random_programs/plot_graph_interface_flap.py

 

There are 3 parts to this requirement

 

-> I dont have logs from the  production device , so have written a small program which can mimic the data randomly, i used random module for this from python.

-> Analyse the logs and convert to a list for easier plotting, I used a cStringio module for this

-> Finally, I used matplotlib to plot the interface flap.

Here is the screenshot, I upload screenshots for two reasons, first its way too colorful than boring git paage 😉 and second its easy to review

When I use cstring in the program, this is what i see out of the logs which I parsed, so that we take index[1] which represent Date from the list.

Finally, we see the plot like this

From the flap its quite evident that any migration planned for this interface is not safe and it needs to be fixed as the frequency is way too high, we can extend this to any thing even to plot flap  in a hour to get an idea, there are many things that graphs can give us in NMS systems, but am planning to analyze data directly from the device for my needs instead of digging through the whole lot of graphs, in that way its easy.

 

Regards

Rakesh M