Recently I found a Cisco blog explaining how you can automate the creation of labs using AI, MCP, and Cisco CML. Though the blog post links to the components used to make it happen, it does not offer a “getting started guide” to make it work. In this post I will show you what I did in my environment to get it working.

Claude Desktop

Claude Desktop is an app you run on your computer. It allows you to use Claude AI assistant which gives you access to the underlaying LLM hosted in the cloud.

Continuing from my previous and first post on EVPN on Catalyst - Layer 2 we’re looking in to multihoming with EVPN on Catalyst. This post will only show the multihoming related configuration. For full EVPN L2 config check out my first post.

Redundancy is essential to ensuring business continuity in today’s infrastructures. EVPN has the ability to provide link and node redundancy for both devices and networks. It comes in two flavors:

For decades we’ve used MPLS layer 3 VPNs for building overlays in the enterprise networks. Although MPLS layer 3 VPN is a proven technology it lacks important security features that are requested of todays networks. Also, building layer 2 overlays using MPLS never scaled and worked best for P2P connections with no involvement of a control plane. EVPN addresses both these shortcomings of MPLS services and this post focusses on the workings of an EVPN layer 3 service using a simple example. For this the below topology has been built.

Things change. Especially in the realm of infrastructure. We tend to continuously focus on optimizing and redesigning our networks to support the business goals. Or you might simple need to repurpose hardware. Whatever the reason might be we need to know the “how” and “what” of such changes. Take StackWise Virtual, for example. If we want to break up the StackWise Virtual switch pair, you can find this official documentation:

NIS 2 er et direktiv fra EU som har til formål at sikre et højt niveau af cybersikkerhed for alle medlemslandene. En disciplin, der sikrer, at samfundskritiske services som el, vand, varme, transport, medicin og fødevareproduktion (m.fl.) har styr på tingene, hvis uheldet er ude. Netop ordet “kritisk” er en betegnelse, der anvendes om de virksomheder (eller enheder, hvis man bruger NIS 2-sprog) som er væsentlige for vores samfund. Det er jo en rar ting, at man kan betale for sine madvarer, når man er ude at handle, så vi er fri for at plyndre bankerne som… nåh ja, alligevel ikke ligger inde med kontanter i dag. Alt det vi i dag tager for givet og først skænker en tanke, når der er problemer i leverancen.

Often times when I design secure infrastructure solutions, I find dependencies. Typically, we aim for independent solutions to ensure reliable and stable environments to keep our business running and customers happy. This is particularly important when working with critical infrastructure providers in the electricity, water, and heating sectors which we all rely on and depend upon ourselves.

Island mode often refers to a state in which a system is disconnected from the Internet or the IT network, particularly from an OT perspective. The key concept is identifying the bare minimum required to keep the business and its services operational. This, of course, places an extraordinary burden on the company’s operational resources. The question is whether such a situation is acceptable, or if investments should be made to reduce this burden before deciding to enter island mode. Perhaps some tooling and automation could help here. Know, though, that in order to find the perfect balance between running everything manually vs. building “what-if” solutions, you’ll need to make some tough choices, because:

Fabric-based networks are no longer exclusive to the data center or service provider networks. Today we use fabric-based networks all over to provide the network services needed to support our business. I like to define a fabric-based network by two things:

• A network of devices (typically switches) that optimally inter-connect in a strict uniform way (think physical topology here)
• A robust network built to support L2 and L3 services on top of it using the concepts of underlay and overlays

Roughly speaking the underlay is nothing but a L3 network responsible for providing reachability between the devices that hold our endpoints (be they users or servers). The overlay(s) on the other hand consist of the payload of the endpoints which is tunneled (encapsulated) between the devices that hold the endpoints. When we speak of “network services” we’re commonly referring to the overlays of our network. And as you might have figured out by now, all these fancy words are just ways we address and talk about network virtualization.

It has become imperative to prioritize network design as part of a solid business strategy. This post zooms in on the workings of network design and what it’s all about. The goal is to broaden stakeholder’s perspective on the elements that are in play with network design.

Network Design - Why

Taking control of the network in a responsible way to keep things relevant and on track in accordance to the business requirements is key to being successful when it comes to network design. Failure to take network design seriously is a recipe for trouble down the line. So, why is it so extremely necessary to spend time and resources with network design?

This post delves into the pros and cons of another classical enterprise LAN design. Focus is on detailing why you might choose such a design and the workings of it. A few optimizations are shown, too.

For Part I check out Classical Enterprise LAN Design - Part I

Topology

Below topology is the starting point. Some choices have been taken as described in the green boxes.

SW1 and SW2 are distribution switches that mark the demarcation between L2/L3 from access to the rest of the network (core). An FHRP is needed to provide gateway redundancy for the access layer. Without it we’d either not have the needed redundancy or overlapping IPs since the two switches see each other on the same L2 segment.

Many enterprises still have what is considered a classical network. This post deals with one such design. Focus is on highlighting the reasons why a network is built this way and reveal its shortcomings. Lastly some suggestions on how to optimize the logical design are shown.

Topology

Below topology is the starting point. Some choices have been taken as described in the green boxes.

SW1 and SW2 function as the boundary between L2 and L3. They run HSRP with SW1 being the STP root and having the HSRP active state.