6 months in, what I learned so far as a full-time automation engineer Networking

---

• 6 months in, what I learned so far as a full-time automation engineer
• Cell tower ID (CID) and location area code LAC to coordinates?
• What is ‘the edge’?
• How to create a new platform for Netmiko
• Why NOT use a Fortigate as a router?
• ISE Optimizing Profiling
• Network Framework similar to Mitre or ISO.
• Georedundant HA with VRRP in WAN
• Migrating to new IP scheme with HSRP
• How can I test ISP’s Metro Fiber network quality?

6 months in, what I learned so far as a full-time automation engineer Posted: 28 Apr 2022 05:08 AM PDT As a followup to my last post, I wanted to share some of what I learned so far, being the only network automation engineer in a fortune500. Networking roles aren't going anywhere. If you're an even half-competent networker, your job is safe. At the very least, automation isn't going to take it away, it's only going to make it easier. The more I lean into the dev side, the less I know/care/have time for actual network engineering. My neteng background was more a prerequisite for a completely different role. I'm not a 'hybrid' network engineer/software developer except in only the narrowest technical sense. I'm a software developer with (critically important) network engineering experience. I lean on our CCIE/CCNA/JNCIA engineers for all the real networking. I'm their air support. the man with the magic wand that helps make their jobs easier and bring things together so they don't drown in an ever-growing ocean of manual processes. Network engineers should stay network engineers unless you want to change roles or take on a double-major. Corollary to #1. I know this sounds like heresy on a couple levels, but hear me out. automation is its own world full of lightsabers and the Force and god help you if you don't know how to wield them properly. thinking programmatically is *critical* to not blowing your shit up, even with tools like ansible that hold your hand the whole way. Just like you wouldn't want me fucking with your BGP or vxlan, I don't want you fucking with my automation. It's just too dangerous. I used to be a fan of every engineer becoming an automation engineer. That is NOT advisable. they are two very different problem spaces with two very different ways of thinking. it takes a rare unicorn indeed to keep a CCIE-level grasp of networking and a Jedi-level grasp of automation in his head (think David Barroso, Kirk Byers, etc). Expecting every neteng to do that is not only improbable but it's inviting disaster. That said: if you *want* to learn automation to change roles, or are prepared to take it on as a double-major (not just another checkbox), I fully support that! Just be sure to learn in a safe place and take it slow. Great power / great responsibility and all that. There is huge opportunity in network automation. I guess this is obvious, but it wasn't obvious to me just how big the opportunity is. I make as much (or more) than an typical CCIE, with a CCNA background. I effectively lead my own department. Neteng jobs may not be going anywhere, but a new world of opportunity to make $$$$$ and do awesome shit is right there for those willing to build the skillset. The DevOps aspect of NetDevOps is 90% of it. It's not enough to learn python and git. That was enough to get me in the door, but it's definitely not enough to keep things rolling. Those who advised me to learn terraform and docker and CI/CD were right. That and webdev skills are almost mandatory, at the very least, a solid grasp of HTTP/REST and how to interact with it programmatically. Even better if you know html/css/js/sql. Oh and Linux skills are a must. Bottom line, this role is exactly what it sounds like: devops applied to network engineering. Somehow in my head I dismissed that, or didn't fully grasp what that meant until now. I need to become a fully competent devops engineer to succeed and I'm already feeling the growing pains of not having a solid devops background. that's all I can think of for now, cheers! -Austin submitted by /u/austindcc [link] [comments]

Cell tower ID (CID) and location area code LAC to coordinates? Posted: 28 Apr 2022 02:40 AM PDT I have been trying to do so. There are some web apps but seem to work only for US (not Germany for example). Is there a math formula or a way to map them to know where the antenna i connect to is located? I have noticed there is the Opensignal app, and it works really well but I don't like their privacy policies etc. (listed in their website). submitted by /u/mahnehsilla [link] [comments]

What is ‘the edge’? Posted: 28 Apr 2022 03:36 AM PDT I hear a lot of folks talking about javascript at 'the edge,' or compute at 'the edge.' I sort of get it…I think? But I'm confused about where the ISP fits in. After DNS resolution my request then goes where, if the resource I'm trying to access exists at the edge natively or is cached there? My understanding is 'the edge' is a network on built 'on top of' existing internet infrastructure, positioning itself as close as possible to the end user. So if I have a VM at 'the edge,' what does the 'lower level' (internal, older internet architecture) network ever have to do with my request? And how much of my ISP's infrastructure am I using to complete my requests? submitted by /u/aubreylovesyou [link] [comments]

How to create a new platform for Netmiko Posted: 28 Apr 2022 05:58 AM PDT An appliance from a vendor that my organization uses offers a text based cli over ssh instead of a standard linux shell. I tried using Paramiko to connect to it and run commands, but as many of you can guess, it didn't work. Stdout is empty after commands are run. Does anyone know of a blog or other resource that lays out the steps to finding the differences in ssh implementation for a platform vs the ssh standard so that I can create a custom module such as those found here (eg, Cisco ios, Checkpoint gaia, ...)? https://github.com/ktbyers/netmiko/blob/develop/netmiko ​ Thanks. submitted by /u/gentleitgiant [link] [comments]

Why NOT use a Fortigate as a router? Posted: 28 Apr 2022 05:05 AM PDT I've ran into this question a lot. I do understand Fortigates are built mostly for firewalling stuff, but I can't see a reason why one should not use them as a router only, without all the threat management features turned on, if need be? They are well priced, work fine with different dynamic routing protocols and most importantly perform well based on my limited experience. Of course there might be some exotic features it does not support, but it can do all the basic stuff and then some... So, why not? submitted by /u/pliit [link] [comments]

ISE Optimizing Profiling Posted: 28 Apr 2022 06:23 AM PDT Good Morning All, ​ I have been helping a customer troubleshoot there ISE deployment, what's happening is that at max load times of the day PSN1 just locks up and stops authenticating radius request. I should also add that they are running admin services one PSN1 along with radius authentication services (terrible I know) but the admin feature, while performance is iffy still remains stable. At some random point in the day PSN1 comes back and starts participating in radius authentication again. At times this isn't problem for them because PSN2 picks up the load however, when they have a high number of users on campus, the problem start to become noticeable. We have worked with TAC and their recommendation is to optimize the ISE profiling services, as that was never done before, and I'm certain all the default probes are still being used to try and identify endpoints. My question is, is this a valid solution from cisco, I know this will probably work but the main reason they are suggesting this fix is because of the load in General, this at the moment is a 3 node deployment (node 1-ADMIN/AUTH, node 2 - AUTH, Node 3 logging) that I don't think can handle the load, I'm wondering if the deployment should be updated to a 6 node deployment, even so is it still a good idea to optimize the profiling? just wounding what others have seen? submitted by /u/jdm7718 [link] [comments]

Network Framework similar to Mitre or ISO. Posted: 28 Apr 2022 05:47 AM PDT For CyberSec we have a Lot of guides and Frameworks like CIS, ISO 27..... And Mitre attack tô Guide, evaluate and measure CyberSec. There's anything like that but to the networking segment? Mainly internet and data center networks? Thank you! submitted by /u/devzeroo [link] [comments]

Georedundant HA with VRRP in WAN Posted: 28 Apr 2022 04:24 AM PDT Hi, I'm trying to create a design for two web proxys which are supposed to be georedundant. I'm trying to avoid any single point of failure. We've got Huawei NetEngine Routers in our Backbone. My problem is that I'm not sure how to give the same IP to two different machines in different locations. I know how to assign a single IP via VRRP to multiple Huawei Routers for a SINGLE Client. I also know how to assign a single IP using nginx plus to multiple web servers. But I don't know how to combine these two and I've got no idea where to start. Background: I'm a working student at a small ISP, meaning we've got our own IP Ranges, our own backbone, control over overeverything. submitted by /u/jahknem [link] [comments]

Migrating to new IP scheme with HSRP Posted: 28 Apr 2022 03:47 AM PDT Hi All, We are migrating to a new IP address scheme and have HSRP running in several locations. Is it possible to have two virtual IP's running simultaneously on HSRP? Can we add a group for the new IP scheme, migrate hosts and SVI's and then retire the original Virtual IP? or does anyone have a better way to achieve? submitted by /u/ElectronSandwich [link] [comments]

How can I test ISP’s Metro Fiber network quality? Posted: 28 Apr 2022 01:53 AM PDT Hey, I keep loosing rdp connection and ping on the ISP metro line, any idea how to test network quality between to locations? submitted by /u/iaskedmyself [link] [comments]

You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States