Damien/Notebook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit with submodule PaperMod

Browse Source
This commit is contained in:
darnodo
2025-01-22 19:59:18 +01:00
commit 4fa2c08e47
23 changed files with 1021 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
content/en/posts/Documentation/NetOps.md Normal file
View File

@@ -0,0 +1,38 @@
---
title: "NetOps"
date: 2024-08-01T15:19:38+02:00
draft: false
categories: "Documentations"
UseHugoToc: true
TocOpen: false
showToc: true
weight: 1
---
## Job and Missions of a NetDevOps 🖥️🛠️📡
NetDevOps is a relatively new job in the IT industry. It combines the skills of developers and network operations to provide agile and robust network infrastructure, and improve the quality of the user experience. In this article, we will explore the missions and skills of a NetDevOps.
NetDevOps, or Network Development Operations, is a concept that is based on the integration of the DevOps culture into the management and maintenance of computer networks. It involves applying DevOps practices to network management, such as automation, collaboration, and continuous improvement.
## Missions 🎯
The missions of a NetDevOps are multiple and varied. Here are some of them:
1. Development and deployment of network infrastructures 🏗️: The NetDevOps develops scalable and flexible network infrastructures. They work closely with development and operations teams to implement solutions that meet the needs of the business. The NetDevOps is also responsible for configuring and deploying network equipment.
2. Automation of network tasks 🤖: Automation is a key element of the NetDevOps job. They use automation tools to simplify and speed up repetitive tasks such as configuration, updating, monitoring, and maintenance of the network.
3. Network security management 🔒: Security is a major concern for businesses. NetDevOps works collaboratively with security teams to implement solutions that protect the network from cyberattacks. They also establish security protocols to ensure the confidentiality and integrity of data.
4. Monitor network performance 🕵️: The NetDevOps continuously monitors network performance to identify any potential issues and take necessary actions to resolve them. They analyze performance data to optimize network performance.
## Skills 🤹
The skills of a NetDevOps are varied and include:
1. In-depth knowledge of network technologies 📚: The NetDevOps must have an in-depth knowledge of network technologies such as routing protocols, VLANs, VPNs, firewalls, etc.
2. Development skills 🧑‍💻: The NetDevOps must have development skills to create scripts and automate network tasks.
3. Project management skills 📅: The NetDevOps must have project management skills to manage network infrastructure development and deployment projects.
4. Communication skills 🗣️: The NetDevOps must have good communication skills to collaborate with development and operations teams, as well as stakeholders in the business.
## Conclusion 📝
In conclusion, the NetDevOps job is essential to providing an agile and robust network infrastructure that meets the needs of the business. NetDevOps must have an in-depth knowledge of network technologies, development skills, project management skills, and communication skills to succeed in this field. 🌟

168
content/en/posts/Documentation/VXLAN/index.md Normal file
View File

@@ -0,0 +1,168 @@
---
title: "VXLAN for Beginners"
date: 2024-08-02T20:00:00+02:00
draft: false
categories: "Documentations"
tags:
- Network
- VXLAN
- Architecture
UseHugoToc: true
TocOpen: false
showToc: true
cover:
image: "/img/cover_vxlan_dummies.webp"
caption: "Building the Future of Networking: Exploring VLANs and VXLANs Across Scalable Digital Landscapes"
---
## Understanding VLAN and VXLAN: Simplified for Non-Techies
In todays fast-paced tech world, understanding networking concepts can feel intimidating, especially if you're not an expert.
Let's break down two important networking concepts: **VLAN** and **VXLAN**, using simple analogies and clear explanations.
Well also discuss their limitations, real-world use cases, and some technical details for the curious ones.
Lets dive in! 🚀
---
## What is a VLAN? 🏢
A **VLAN (Virtual Local Area Network)** is like organizing a large office building with multiple departments: Marketing, Sales, HR, and IT. To maintain order, each department gets its own floor. This way, Marketing stays on its floor, Sales on theirs, and so on.
A **VLAN** works similarly for computer networks. It divides a large physical network into smaller, isolated networks. Each VLAN is like a separate floor for a department, allowing devices within the same VLAN to communicate easily while keeping traffic isolated from other VLANs.
### Key Points About VLANs ✅
- **Separation:** Keeps different groups (like departments) apart.
- **Efficiency:** Reduces unnecessary traffic and potential network issues.
- **Security:** Enhances security by isolating groups.
### VLAN Limitations ⚠️
- **ID Limit:** Historically, a VLAN is identified by 12 bits, allowing up to 4094 VLANs (from 1 to 4094). For large enterprises or data centers, this might be insufficient.
- **Local Isolation:** VLANs are designed for local use (a single site or connected switches). Expanding this concept across multiple sites requires advanced solutions.
---
## What is VXLAN? 🌆
**VXLAN (Virtual Extensible LAN)** takes things further. Imagine your business grows and spreads across multiple buildings in the city. You still want departments to feel like theyre on their own floors, even if theyre in different locations. To achieve this, you create a virtual system that connects all the floors across buildings, so Marketing on the 3rd floor of one building remains virtually connected to Marketing on the 3rd floor of another.
**VXLAN** does this for networks. It extends VLANs across multiple physical locations using a technique called **tunneling**. This way, devices in the same VLAN can communicate as if theyre on the same local network, even when geographically separated.
### Key Points About VXLAN ⭐
- **Scalability:** Extends networks to different locations and exceeds the 4094 VLAN limit.
- **Flexibility:** Enables larger and more dynamic network designs.
- **Connectivity:** Ensures smooth communication across dispersed networks.
---
## Technical Dive into VXLAN 🔍
**VXLAN** was developed to overcome the limitations of traditional VLANs (scalability, geographic scope). It uses a VXLAN Network Identifier (**VNI**) of 24 bits to identify up to **16 million** logical segments, far surpassing the 4094 VLAN limit.
In virtualized environments, MAC address tables in data centers can become very large, while physical switches have limited capacity. VXLAN addresses this challenge by using **MAC-in-UDP encapsulation**, transporting Ethernet frames (Layer 2) over an IP network (Layer 3).
### How It Works 🤔
The goal of **VXLAN** is to **extend Layer 2** over a Layer 3 (IP) network. Its like “tricking” Layer 3 into thinking the user or virtual machine is still on the same local network (Layer 2).
> **Simply put:** Ethernet frames (Layer 2) are encapsulated inside a UDP packet (Layer 4), which is then transported over IP (Layer 3).
---
![OSI Layers](media_layers.png#center)
> ✏️ **The "Hardware" Layers**
>
> - **Layer 2 (Data Link):** Typically managed by switches.
> - **Layer 3 (Network):** Typically managed by routers.
By encapsulating Layer 2 within Layer 3, you benefit from IP routings flexibility and scalability while maintaining the isolation and simplicity of Layer 2 for applications and virtual machines.
---
### Analogy: Container Transport 🚚 🚂
- **Lower Layers (trucks):** Transport data (containers) from point A to point B.
- **VXLAN (train):** Loads these trucks (Ethernet packets) onto a train (VXLAN tunnel) to travel longer distances across Layer 3.
- **Railways (IP network):** Are already “converged” and determine the best route for the trains (VXLAN tunnels).
![Container transport analogy](transports.png#center)
---
## Real-World Use Cases 🏭
- **Multi-Data Center:** Connect geographically dispersed data centers while maintaining the feel of a single Layer 2 network.
- **Hybrid Cloud:** Extend a corporate network to a public or private cloud without reconfiguring the entire IP plan.
- **Virtual Machine Migration:** Enable VM mobility between distant sites without losing Layer 2 connectivity.
- **Massive Virtualization:** In highly dense environments (e.g., hundreds of thousands of virtual machines), the 24-bit VNI is essential.
---
## VXLAN Control: BGP EVPN and Other Protocols 🤝
In modern deployments, especially in data centers, VXLAN isnt configured manually. Its often paired with a **control plane** using the **BGP EVPN (Ethernet VPN)** protocol.
- **BGP EVPN:** Exchanges MAC and IP table information between devices, enabling automation and scalability.
- **Other Technologies:** Historically, other overlay protocols (e.g., NVGRE, STT) existed, but VXLAN has become the de facto standard.
---
## Performance Considerations ⚙️
- **Encapsulation Overhead:** VXLAN adds extra headers (8 bytes + UDP/IP header). This can impact the **Maximum Transmission Unit (MTU)**, and its common to configure **Jumbo MTU** (usually 9000 bytes) to avoid packet fragmentation.
- **IP Network Resilience:** The reliability of VXLAN tunnels depends on the quality of the underlying IP network (routes, congestion, etc.).
---
## Example Configuration (For the Curious) 💡
Heres a **simplified example** of VXLAN configuration on Cisco NX-OS (syntax varies by vendor):
```plaintext
interface nve1
no shutdown
source-interface loopback1
member vni 5001
ingress-replication protocol static
mcast-group 239.1.1.1
```
- **interface nve1:** Creates an “NVE” (Network Virtualization Endpoint) interface for VXLAN encapsulation.
- **source-interface loopback1:** The IP address of the loopback1 interface is used to establish tunnels.
- **member vni 5001:** Associates a VNI (VXLAN Network Identifier) with the overlay network.
*Note:* In more complex environments, a control plane (e.g., BGP EVPN) is also configured.
---
## Summary 🎯
- **VLAN**
Like having separate floors for different departments in a building, keeping activities isolated. 🏢
- **Main Limitation:** 4094 VLANs maximum, often limited to a single site.
- **VXLAN**
Like connecting these separate floors across multiple buildings while keeping the illusion theyre in the same building. 🌆
- **Key Advantages:** Massive address capacity (16 million segments), Layer 2 over Layer 3 extension, flexibility for virtualization and multi-site connectivity.
VXLAN addresses the need for large-scale isolation, surpasses MAC address table limits on switches, and enables flexible service deployment. Combined with an efficient control plane (BGP EVPN), it simplifies the management of modern overlay networks.
---
### Conclusion 🏁
In short, if you need **basic segmentation** for your local network, a **VLAN** is sufficient. But when connecting multiple sites, creating a highly virtualized network, or exceeding the traditional VLAN limit, **VXLAN** becomes essential.
Whether youre a **network lab enthusiast**, a NetOps engineer, or simply curious about the infrastructure magic that allows your data to travel seamlessly across distances, understanding these concepts will give you a better appreciation for the illusion of being "at home" on the same local network!
---
> **Want to Go Further?**
>
> - Explore **BGP EVPN** for VXLAN control plane management.
> - Learn about **Jumbo MTU configuration** to optimize performance.
> - Compare VXLAN with other protocols (NVGRE, GENEVE) to understand design choices.

BIN
content/en/posts/Documentation/VXLAN/media_layers.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
content/en/posts/Documentation/VXLAN/transports.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 29 KiB

71
content/en/posts/NetLab/index.md Normal file
View File

@@ -0,0 +1,71 @@
---
title: "Introduction to NetLabs"
date: 2024-08-25T15:19:00+02:00
draft: false
categories: "NetLab"
UseHugoToc: true
TocOpen: false
showToc: true
weight: 1
---
## Introduction
📡 In a world where computer networks play an increasingly significant role in our daily lives, understanding the principles and logic that drive them becomes more and more essential.
Virtual Network Labs (commonly referred to as "NetLab" or "Virtual Network Lab") are an ideal approach for teaching these concepts, allowing us to simulate complex network environments and experiment without risks.
I would like to share with you how my "NetLabs" work, which will be regularly linked to documentary articles (in the category: **documentation**). They will allow us to practice, observe, or understand the operation of concepts explained theoretically beforehand.
In the context of NetLabs, they will primarily be deployed via the ContainerLab tool. For more complex architectures, we will use GNS3.
## What is ContainerLab? 🛠️
ContainerLab is a powerful open-source tool that enables the creation of complete virtual network labs. By using it, one can simulate a multitude of complex network architectures, with equipment such as routers, switches, servers, and other network devices.
This platform offers great flexibility in designing exercises, allowing the exploration of various topics such as learning network protocols, security, or configuring equipment. Users can thus focus on analysis and problem-solving without worrying about the underlying technical details.
The installation of ContainerLab will not be presented here, but all information is available on the official website [here](https://containerlab.dev/install/).
## What is GNS3? 💻
GNS3, or Graphical Network Simulator-3, is an open-source software primarily used for the **simulation** and **emulation** of computer networks. It allows network engineers, students, and professionals to design, test, and troubleshoot complex networks in a virtual environment before deploying them in the real world. GNS3 is particularly appreciated for its ability to integrate various network hardware and software, such as Cisco routers and switches, as well as virtual machines to create realistic network topologies.
As previously mentioned, the installation of GNS3 will not be discussed here. For more information, the documentation is available [here](https://docs.gns3.com/docs/).
## GNS3 vs ContainerLab ⚔️
GNS3 and ContainerLab are two powerful tools for network simulation and emulation, but they differ in their approach, features, and primary use cases. Here is a quick comparison between the two:
### GNS3
**Advantages:**
1. **Intuitive Graphical Interface:** GNS3 offers a user-friendly graphical interface that allows users to drag and drop components to create network topologies.
2. **Multivendor Support:** It supports a wide range of network hardware and software, including Cisco routers and switches, as well as virtual machines.
3. **Flexibility:** GNS3 can be used on Windows, macOS, and Linux, and it integrates well with other tools like Wireshark for traffic analysis.
4. **Active Community:** A large community of users and developers provides extensive support and a wealth of online resources.
**Disadvantages:**
1. **System Resources:** GNS3 can be resource-intensive, especially when emulating complex devices or large topologies.
2. **Configuration Complexity:** The initial setup can be complex, particularly for new users.
### ContainerLab
**Advantages:**
1. **Lightweight and Performance:** ContainerLab uses containers to emulate network devices, making it more lightweight and performant than solutions based on virtual machines.
2. **Automation and DevOps:** It integrates well with DevOps and automation tools like Ansible, facilitating automated deployment and network management.
3. **Simplified Configuration:** Topologies are defined via YAML files, making the configuration simpler and scriptable.
4. **Support for Modern Technologies:** It supports modern technologies like Docker and Kubernetes, offering greater flexibility for cloud-native environments.
**Disadvantages:**
1. **Less Multivendor Support:** Although ContainerLab supports several types of network containers, it may not have the same level of multivendor support as GNS3.
2. **Learning Curve:** For those unfamiliar with containerization concepts, the learning curve can be steeper.
## Conclusion 📊
**GNS3** is ideal for those looking for an intuitive graphical interface and broad support for network devices, particularly useful for students and traditional network engineers. **ContainerLab**, on the other hand, is more suited to modern environments and DevOps practices, offering a lightweight and scriptable solution for network simulation.
The choice between GNS3 and ContainerLab thus primarily depends on the specific needs of the user in terms of flexibility, performance, and integration with other tools and technologies.