THAI CPE

Control:

• if expression:
•   statement(s)
• 
  
• var1 = 100
• if var1:
•   print "1 - Got a true expression value"
•   print var1
• 
  
• var2 = 0
• if var2:
•   print "2 - Got a true expression value"
•   print var2
• print "Good bye!"
  

8. if.py

• var1 = 'area'
  if var1 == 'area':
    print 'Area = length * width'
  
  var1 = 'volume'
  if var1 == 'volume':
    print 'Volume = length & width * height'
  
  var1 = 100
  if var1:
      print "1 - true"
      print var1
  
  var2 = 0
  if var2:
      print '2 - true'
      print var2
  
  var3 = 'a'
  if var3:
      print "3 - true"
      print var3
  
  var4 = ''
  if var4:
      print "4 - true"
      print var4

C:\Python27>python if.py
Area = length * width
Volume = length & width * height
1 - true
100
3 - true
a

• if expression:
•   statement(s)
• else
•   statement(s)

9. ifelse.py

• var1= 100
  if var1:
      print ' 1 - true'
      print var1
  else:
      print ' 1 - false'
  
  var2 = 0
  if var2:
      print '2 - got true'
      print var2
  else:
      print '2 - got false'
      print var2
  
  print 'goodbye'

C:\Python27>python ifelse.py
 1 - true
100
2 - got false
0
goodbye

• if expression1:
•   statement(s)
• elif expression2:
•   statement(s)
• elif expression3:
•   statement(s)
• else:
•   statement(s)

10. ifelif.py

• var = 100
  if var == 100:
      print '1 got true'
      print var
  
  elif var == 150:
      print '2 got true'
      print var
  
  elif var == 100:
      print '3 got true'
      print var
  
  else:
      print '4 got false'
      print var
  
  print 'goodbye'

C:\Python27>python ifelif.py
1 got true
100
goodbye

Operators:

>>> a=10
>>> b=20
>>> a+b
30
>>> a-b
-10
>>> a*b
200
>>> b/a
2
>>> b%a => Modulus: / but returns remainder
0
>>> b=23
>>> b%a
3
>>> a=4
>>> b=3
>>> a**b => a^b
64
>>> 9//2 => / but the digits after the decimal point are removed
4
>>> 8//2
4
>>> 8.5//2
4.0
>>> 8.5/2
4.25

11. operators.py

• a = 100
  b = 100
  if (a == b):
      print 'True'
      print 'a =', a, '== b =', b
      print ''
  
  a = 10
  if (a != b):
      print 'True'
      print 'a =', a, '!= b =', b
      print ''
  
  a = 100
  if (a <> b):
      print 'True'
      print 'a =', a, 'b =', b
  else:
      print 'False - <>'
      print 'a =', a, 'b =', b
      print ''
  
  b = 10
  if (a > b):
      print 'True'
      print 'a =', a, '> b =', b
      print ''
  
  if (a < b):
      print 'True'
      print 'a =', a, 'b =', b
  else:
      print 'False - <'
      print 'a =', a, 'b =', b
      print ''
  
  if (a <= b):
      print 'True'
      print 'a =', a, 'b =', b
  else:
      print 'False - <='
      print 'a =', a, 'b =', b
      print ''
  
  if (a >= b):
      print 'True'
      print 'a =', a, '>= b =', b
      print ''
  
  b = 100
  if (a <= b):
      print 'True'
      print 'a =', a, '<= b =', b
  
  print 'end'

C:\Python27>python operators.py
True
a = 100 == b = 100

True
a = 10 != b = 100

False - <>
a = 100 b = 100

True
a = 100 > b = 10

False - <
a = 100 b = 10

False - <=
a = 100 b = 10

True
a = 100 >= b = 10

True
a = 100 <= b = 100
end

12. andor.py

• a = 1
  b = 1000
  
  if (a and b):
      print 'True'
      print 'a =', a, 'and b =', b
      print ''
  
  a = 0
  if (a or b):
      print 'True'
      print 'a =', a, 'or b =', b
      print ''
  
  if not(a and b):
      print 'True'
      print 'not(a =', a, 'and b =', b,')'
  print 'end'

C:\Python27>python andor.py
True
a = 1 and b = 1000

True
a = 0 or b = 1000

True
not(a = 0 and b = 1000 )
end

Function:

• def functionname( parameters ):
•   "function_docstring"
•   function_suite
•   return [expression]

13. funexamp.py

• # Function definition is here
  def print_me( str ):
      "This prints a passed string into this function"
      print str
      return;
  
  # Now you can call print_me function
  print_me("I'm the first call to user defined function!")
  
  a="Again second call to the same function"
  print_me(a)
  
  print 'stop'

C:\Python27>python funexamp.py
I'm the first call to user defined function!
Again second call to the same function
stop

14. funexamp2.py

• # Function definition is here
  def change_me( my_list ):
      "This changes a passed list into this function"
      my_list.append([1,2,3,4]);
      return;
  
  # Now you can call change_me function
  my_list = [10,20,30];
  change_me( my_list);
  print "Values the function: ", my_list

C:\Python27>python funexamp2.py
Values the function:  [10, 20, 30, [1, 2, 3, 4]]

Project 1: Change Program

You are creating software to be sold by your company to vending machine manufacturers to count and return change. You are part of a Team, more code may be required to complete the obligations to the customer but you have been given the following assignment

• Items in the vending machine have a cost value between .01 - .99
• You will use a Randomly generated value from .01 to .99 to simulate the cost of possible vending items.
• The customer chooses an item and enters some coins, the machine's electronics determine the coins to be either (Customer enters coins)
  
  

15. proj1.py
Input coins:

• quarter=25
  dime = 10
  nickel = 5
  penny = 1
  item_cost = 54
  
  print 'This item costs ', item_cost
  print ('**Enter coins in form 1,5,10,25,..')
  
  coin_value = input('enter coin values')
  
  print coin_value

C:\Python27>python proj1.py
This item costs  54
**Enter coins in form 1,5,10,25,..
enter coin values 1,5,10,25,1,1,10
(1, 5, 10, 25, 1, 1, 10)

C:\Python27>python proj1.py
This item costs  54
**Enter coins in form 1,5,10,25,..
enter coin values 1,5,10,25,1,1,10,12,17
(1, 5, 10, 25, 1, 1, 10, 12, 17)

B-)

16. proj1_g2.py

• upload.i4th.in.th:8080/th/download.php?id=593CE4151

Case: 1st, Condition: Exact Change, Change in: 2 quarters, Total coins: (2,0,0,0), Total Value: 50, Action: Take Item

C:\Python27>python proj1_g2.py

*************New Purchase****************
 This item costs  50
**Enter coins in form 1,5,10,25,..
25,25
(25, 25) 2
Is machine Being Serviced?
0 for no or 1 for yes
0
Checking for invalid coins
Checking for invalid coins
Thank you please take your item
Coin count= q,d,n,p  (2, 0, 0, 0)
Total value= 50
***********End of Purchase****************

Case: 2nd, Condition: Exact Change, Change in: 5 dimes, Total coins: (2,5,0,0), Total Value: 100, Action: Take Item

*************New Purchase****************
 This item costs  50
**Enter coins in form 1,5,10,25,..
10,10,10,10,10
(10, 10, 10, 10, 10) 5
Is machine Being Serviced?
0 for no or 1 for yes
0
Checking for invalid coins
Checking for invalid coins
Checking for invalid coins
Checking for invalid coins
Checking for invalid coins
Thank you please take your item
Coin count= q,d,n,p  (2, 5, 0, 0)
Total value= 100
***********End of Purchase****************

Case: 3rd, Condition: Too Much, Change in: 2 quarters 2 dimes, Total coins: (4,5,0,0), Total Value: 150, Action: Return change

*************New Purchase****************
 This item costs  50
**Enter coins in form 1,5,10,25,..
25,25,10,10
(25, 25, 10, 10) 4
Is machine Being Serviced?
0 for no or 1 for yes
0
Checking for invalid coins
Checking for invalid coins
Checking for invalid coins
Checking for invalid coins
Return Change (0, 2, 0, 0)
updated coin totals = q,d,n,p  (4, 5, 0, 0)
Thank you please take your item
Coin count= q,d,n,p  (4, 5, 0, 0)
Total value= 150
***********End of Purchase****************

Case: 4th, Condition: Not enough, Change in: 1 quarters 1 nickle, Total coins: (5,5,1,0), Total Value: 180, Action: Enter difference

*************New Purchase****************
 This item costs  50
**Enter coins in form 1,5,10,25,..
25,5
(25, 5) 2
Is machine Being Serviced?
0 for no or 1 for yes
0
Checking for invalid coins
Checking for invalid coins
Not enough money please enter  20
Coin count= q,d,n,p  (5, 5, 1, 0)
Total value= 180
enter coin values 10,5,5


Checking for invalid coins
Checking for invalid coins
Checking for invalid coins
Thank you please take your item
Coin count= q,d,n,p  (5, 6, 3, 0)
Total value= 200
***********End of Purchase****************

Case: 5th, Condition: Invalid Coin, Change in: 10,40, Total coins: (5,6,3,0), Total Value: 200, Action: return coin

*************New Purchase****************
 This item costs  50
**Enter coins in form 1,5,10,25,..
10,40
(10, 40) 2
Is machine Being Serviced?
0 for no or 1 for yes
0
Checking for invalid coins
Checking for invalid coins
An Invalid coin was detected please take change
Coin count is  (5, 6, 3, 0)
enter coin values 25,25
Checking for invalid coins
Checking for invalid coins
Thank you please take your item
Coin count= q,d,n,p  (7, 6, 3, 0)
Total value= 250
***********End of Purchase****************

gns3.com

17. func.py

• #Procedure 1
  def main():
      try:
          # Get a number to manipulate
          num = float(input("Please enter a number to manipulate.\n"))
          # Store the result of the value, after it has been manipulated
          # by Procedure 2
          addednum = addfive(num)
          # Store the result of the value, after it has been manipulated
          # by Procedure 3
          multipliednum = multiply(addednum)
          # Send the value to Procedure 4
          display(multipliednum)
      # Deal with exceptions from non-numeric user entry
      except ValueError:
          print("You must enter a valid number.\n")
          # Reset the value of num, to clear non-numeric data.
          num = 0
          # Call main, again.
          main()
         
  # Procedure 2
  def addfive(num):
      return num + 5
     
  # Procedure 3
  def multiply(addednum):
      return addednum * 2
     
  # Procedure 4
  def display(multi):
      # Display the final value
      print("The final value is ",multi)
     
  # Call Procedure 1
  main()

C:\Python27>python func.py
Please enter a number to manipulate.
'k'
You must enter a valid number.

Please enter a number to manipulate.
2
('The final value is ', 14.0)

18. class1.py

• class Numchange:
  
      def _int_(self):
          self._number = 0
      def addfive(self,num):
          self._number = num
          return self._number + 5
         
      def multiply(self,added):
          self._added = added
          return self._added * 2

19. op1.py

• import class1
  
  maths = class1.Numchange()
  
  def main():
  
      num = float(input("Please enter a number.\n"))
     
      added = maths.addfive(num)
     
      multip = maths.multiply(added)
     
      print("The manipulated value is ", multip)
     
  main()

C:\Python27>python op1.py
Please enter a number.
2
('The manipulated value is ', 14.0)

• Functions are reusable pieces of the program. They allow you to give a name to a block of statements, allowing you to run that block using the specified name anywhere in your program and any number of times.
  
  
• Def is a keyword used for function.
  
  
• def sayHello():
    print('Hello World!')
  sayHello()
  sayHello()
  
  Output: Hello World! Hello World!
  
  Functions are defined using the def keyword. After this keyword comes an identifier name for the function, followed by a pair of parentheses which may enclose some names of variables, and by the final colon that ends the line. Next follows the block of statements that are part of this function.
  

B-)

Is the CCIE Dead? The Automated Future of IT

Drive For Show And Putt For Dough - ลูกไดรฟ์มีไว้อวด ลูกพัตต์มีไว้เอาเงิน

GUI For Show And API For Dough

Why API?

• Automation
• Integration
• Innovation

What about networking skills?

• "A fool with a tool is still a fool"

23. TN20.py

• upload.i4th.in.th/th/download.php?id=59A27D191

C:\Python27>python TN20.py
Enter command file name and extension: ESW1cmds.txt
Enter command file name and extension: ESW2cmds.txt
Enter command file name and extension: ESW3cmds.txt
Enter command file name and extension: ESW4cmds.txt

IOS Telnet Configuration:

• ena sec cisco
  !
  line vty 0 4
   exec-timeout 5 0
   password cisco
   login

Telnet to n Number of Routers:

• get the value:
  >>> ip = '192.168.1.101'
  >>> ip
  '192.168.1.101'
  >>> len(ip)-1
  12
  >>> last_char = len(ip)-1
  >>> last_char
  12
  >>> ip[last_char]
  '1'
  
  >>> ip[10:13]
  '101'
  >>> quad = ip[len(ip)-3:len(ip)]
  >>> quad
  '101'
  >>> type(quad)
  <type 'str'>
  
  
• convert to int:
  >>> int(ip[last_char])
  1
  >>> current_int = int(ip[last_char])
  
  >>> int(quad)
  101
  >>> quad_int = int(quad)
  >>> quad_int
  101
  
  
• add 1:
  >>> current_int = current_int + 1
  >>> current_int
  2
  
  >>> quad_int = quad_int + 1
  >>> quad_int
  102
  
  
• convert to string:
  >>> quads = str(quad_int)
  >>> quads
  '102'
  
  
• ip # with the new:
  >>> temp_ip = ip[:len(ip)-3]
  >>> temp_ip
  '192.168.1.'
  >>> ip = temp_ip + quads
  >>> ip
  '192.168.1.102'
  
  
• increment through for n number of routers

24. TN24.py

• ip = '192.168.1.101'
  n = 27
  #start loop
  for router in range(1,n):
      print(router,ip)
      quad = ip[len(ip)-3:len(ip)]
      quad_int = int(quad)
      quad_int = quad_int + 1
      quads = str(quad_int)
      temp_ip = ip[:len(ip)-3] # strings immutable
      ip = temp_ip + quads

C:\Python27>python TN24.py
(1, '192.168.1.101')
(2, '192.168.1.102')
...
(26, '192.168.1.126')

25. TN25.py

• change TN20.py since:
  #loop n number times where n = the number of routers
  ip = '192.168.56.101'
  n = 3
  #start loop
  for router in range(1,n):
      telnet_gns3(ip,router)
      print(router,ip)
      quad = ip[len(ip)-3:len(ip)]
      quad_int = int(quad)
      quad_int = quad_int + 1
      quads = str(quad_int)
      temp_ip = ip[:len(ip)-3] # strings immutable
      ip = temp_ip + quads

C:\Python27>python TN25.py
Enter command file name and extension: ESW1cmds.txt
(1, '192.168.56.101')
Enter command file name and extension: ESW2cmds.txt
(2, '192.168.56.102')

26. TN1000.py

• ...
      # -Write output to a file-
      ESW = ['ESW0','ESW1','ESW2','ESW3','ESW4','ESW5']
      time.sleep(wait)
      output = connection.read_very_eager()
      ESW[router] = open("ESW" + str(router), "w")
      ESW[router].write(output)
      ESW[router].close
      # -Write output to a file-
  ...

27. TN1001.py

• ...
      # -Write output to a file-
      time.sleep(wait)
      output = connection.read_very_eager()
      ESWtemp = open("ESW" + str(router), "w")
      ESWtemp.write(output)
      ESWtemp.close
      # -Write output to a file-
  ...

>>> ip = '192.168.1.101'
>>> ip
'192.168.1.101'
>>> p3 = ip.rfind('.')
>>> p3
9
>>> temp_s = ip[:p3+1]
>>> temp_s
'192.168.1.'
>>> quad = ip[p3+1:]
>>> quad
'101'
>>> quad_int = int(quad)
>>> quad_int
101
>>> type(quad_int)
<type 'int'>

28. TN1003.py

• ip = '1.1.12.5'
  p3 = ip.rfind('.')
  temp_s = ip[:p3+1]
  quad = ip[p3+1:]
  quad_int = int(quad)
  
  n = 10
  #start loop
  for router in range(1,n):
      print(router,ip)
      quad_int = quad_int + 1
      quads = str(quad_int)
      ip = temp_s + quads

C:\Python27>python TN1003.py
(1, '1.1.12.5')
(2, '1.1.12.6')
(3, '1.1.12.7')
(4, '1.1.12.8')
(5, '1.1.12.9')
(6, '1.1.12.10')
(7, '1.1.12.11')
(8, '1.1.12.12')
(9, '1.1.12.13')

Change ESW1 & ESW2 Management IP to 192.168.x.99 - 100 respectively

29. TN2000.py

• change TN1001.py by TN1003 since:
  #loop n number times where n = the number of routers
  ip = '192.168.56.99'
  
  p3 = ip.rfind('.')
  temp_s = ip[:p3+1]
  quad = ip[p3+1:]
  quad_int = int(quad)
  
  n = 3
  #start loop
  for router in range(1,n):
      telnet_gns3(ip,router)
      print(router,ip)
      quad_int = quad_int + 1
      quads = str(quad_int)
      ip = temp_s + quads

C:\Python27>python TN2000.py
Enter command file name and extension: ESW1cmds.txt
(1, '192.168.56.99')
Enter command file name and extension: ESW2cmds.txt
(2, '192.168.56.100')

Program Your Career. Learn Network Programmability:

Network Engineer Job Role Evolution:

Digitization Is Changing The World:

• Bookstore
• Taxi
• Music
• Hotel
• Print Advertising
• Car
• Point-of-Sale

CEO Technology Investment Priorities: 2014/15: Most Important Technology-Enabled Capability Investments Over the Next Five Years

• Digital marketing 38%
• E-commerce 34%
• Customer experience management 34%
• Business analytics 32%
• Cloud business 27%
• ...
• Additive manufacturing 4%
• Gamification 4%
• Robot staffing 4%
• Neurobusiness 2%
• Salesforce automation 1%
  

www.gartner.com/doc/2704918/gartner-ceo-senior-executive-survey

www.gartner.com/smarterwithgartner/2017-ceo-survey-infographic

Emerging Jobs of the Future: College students are studying to prepare for jobs that do not exist... yet

• Business Transformation Architect
• Cloud Architects/Brokers
• Customer Outcome Evangelist
• Cyber Security Specialist
• Data Scientist
• Innovation Specialist
• Mobile Application Developer
• Network Programmer
• Process Control Engineer
• Social Scientists

www.itcareerfinder.com/brain-food/blog/entry/best-computer-jobs-for-the-future.html

www.infoworld.com/article/3160526/application-development/infoworlds-2017-technology-of-the-year-award-winners.html

www.networkworld.com/article/3158845/lan-wan/software-may-be-eating-the-world-but-cumulus-networks-is-still-keen-on-hardware.html

B-)

Network Programmability Certifications:

Evolution of Major IT Roles in the IT DevOps World: Orchestrating for Outcomes

Before > After

• Analyst:
  
  • Business support > Business transformation
  • Systems efficiency > System analysis
  • Infrastructure protection > Process optimization
• Architect:
  
  • IT segment design > Enterprise system view
  • Technology-driven > Business-driven
  • Resource avail/access > Resource optimization
• App Developer:
  
  • Single work function view > Business workflow view
  • Delivery focus > Outcome focus
  • Network agnostic > Network aware
• Administrator:
  
  • Silo view > Holistic system view
  • Hardware-centric > Software-centric
  • Deploy and operate > Innovate and optimize

Network Programmability Industry Job Roles Evolution and Certifications:

Traditional Networking Infrastructure > Network Programmability Roles > Network Programmability Certifications and Curriculum

• Business App Engineer > Business Application Engineer - network Programmability aware > 2 exams
• New > Network Programmability Developer > CCNA + 2 exams
• System Engineer/Network Designer > Network Programmability Designer > CCNP + 2 exams
• Network Engineer/Support Engineer > Network Programmability Engineer > CCNP + 2 exams
  
  
• Is the CCIE still Valuable in 2017?
  nhprice.com/the-value-of-ccie.html
  
  
• Software-defined networks (SDN): an architectural approach that optimizes and simplifies network operations by more closely binding the interaction (i.e., provisioning, messaging, and alarming) among applications and network services and devices, whether they be real or virtualized. It often is achieved by employing a point of logically centralized network control - which is often realized as an SDN controller - which then orchestrates, mediates, and facilitates communication between applications wishing to interact with network elements and network elements wishing to convey information to those applications. The controller then exposes and abstracts network functions and operations via modern, application-friendly and bidirectional programmatic interfaces.
  
  
• So, as you can see, software-defined, software-driven, and programmable networks come with a rich and complex set of historical lineage, challenges, and a variety of solutions to those problems. It is the success of the technologies that preceded software-defined, software-driven, and programmable networks that makes advancing technology based on those things possible. The fact of the matter is that most of the world's networks - including the Internet - operate on the basis of IP, BGP, MPLS, and Ethernet. Virtualization technology today is based on the technologies started by VMware years ago and continues to be the basis on which it and other products are based. Network attached storage enjoys a similarly rich history.
  
  
• I2RS has a similar future ahead of it insofar as solving the problems of the network, compute, and storage virtualization as well as those of the programmability, accessibility, location, and relocation of the applications that execute within these hyper virtualized environments.
  
  
• รู้จักกับ OpenFlow:
  virtualnetsystems.com/?p=220

Who Moved my CLI? - Coding to save network admin time:

One skill applies to many tasks:

• Writing code applies to many products in the Cisco family
• Nexus 3/5/6/7/9K:
  On-box Python
• Nexus 9K:
  Off-box Python, Bash, NX-API
• Cisco XNC:
  Java OSGi, REST
• Future - ACI / APIC / 9K:
  REST, Python, etc
• And outside...:
  All major OS'
  
  #!/usr/bin/env python
  print('Hello World!')
  
  
• One very interesting and bright one is the Open Daylight Project. Open Daylight's mission is to facilitate a community-led, industry-supported open source framework, including code and architecture, to accelerate and advance a common, robust software-defined networking platform. To this end, Open Daylight is hosted under the Linux Foundation's umbrella and will facilitate a truly game-changing, and potentially field-levelling effort around SDN controllers. This effort will also spur innovation where we think it matters most in this space: applications. While we have seen many advances in controllers over the past few years, controllers really represent the foundational infrastructure for SDN-enabled applications. In that vein, the industry has struggled to design and develop controllers over the past few years while mostly ignoring applications. We think that SDN is really about operational optimization and efficiency at the end of the day, and the best way to achieve this is through quickly checking off that infrastructure and allowing the industry to focus on innovating in the application and device layers of the SDN architecture.
  

Network Administration In most environments Today:

• Manual process using Notepad, copy/paste and patience and pain
• Some processes are automated using fixed third-party tools
• Custom expect scripts

Typo in the pasted config? Start from scratch

Challenges:

• Tasks are: manual, repetitive, error-prone
• This wastes time, talent and typing
• Manual processes are meant for machines, not men
• A majority of tasks in IT can be automated, but networking has lagged behind

New Opportunities:

• Programmability in network equipment will enable you
• Save time
• Increase efficiency
• Decrease quality leakage
  
  
• ทำความรู้จักกับ Mininet - Network Emulator รองรับการใช้งาน OpenFlow
  virtualnetsystems.com/?p=232

Use cases:

Script usage guidance:

• Scripts shown here are running on a Nexus 3064 version 5.0(3)U3(2)
• These are running on-box
  You will need to scp to scripts to bootflash: to run them
• Modifications may be needed for your environment

Simple Use Cases:

• Proactive:
  Get ahead of application issues, monitor services and gather network information in real-time
• Efficient:
  Create super-commands to encompass multiple troubleshooting steps in one command
  
• Scale:
  Execute repetitive commands without typing them all out

1. Application Monitoring:

• Application teams have their own monitoring
• The network team doesn't know about problems until they get a P1 case
• How can we code our way out of this?
• Write a script that proactively monitors a server attached to an access switch
  If it fails, run some debug commands at that very instant
  
  
• The distributed control plane and its eventual consensus model have evolved over time to try and satisfy not only the continual scale/growth of the Internet in general but to address the concerns of network operators around consistency (black-hole and loop avoidance) and fast convergence.
  

B-)

• Both of these central control points reduce the scale of the distributed control infrastructure. The route server provides programmability, but not in standardized fashion, and doesn't introduce any more flexibility or granularity of control. The same can be said for the route reflector, though many service providers use automation on top of the route reflector to influence forwarding in their networks. Though the route server has specific applications layered on top of its database (e.g., WHOIS), it doesn't directly provide additional application services to programmers (e.g., topology).
  
  
• OpenFlow (and its accompanying SDO, the ONF) is credited with starting the discussion of SDN and providing the first vestige of modern SDN control: a centralized point of control, a northbound API that exposes topology, path computation, and provisioning services to an application above the controller), as well as a standardized southbound protocol for instantiating forwarding state on a multivendor infrastructure.
  
  
• Unfortunately, the OpenFlow architecture does not provide a standardized northbound API (yet), nor does it provide a standardized east-west state distribution protocol that allows both application portability and controller vendor interoperability. Standardization may progress through the newly spawned Architecture Working Group.

Security for the SDN, by the SDN - Address Security Systematically:

Overview of SDN:

• 1) Programmable APIs:
  <- Vendor-specific APIs - Vendor Specific -> Control Plane & Data Plane
  
  
• 2a) Classic SDN:
  Controller <- Vendor Specific -> Data Plane
  
  
• 2b) Hybrid SDN:
  Controller <- OpenFlow - Vendor Specific -> Control Plane & Data Plane
  
  
• 3) Overlay Virtualization:
  Virtual Control Plane & Data Plane <-> Overlay Protocols (e.g. VXLAN) Control Plane & Data Plane

Cisco Open Network Environment (ONE):

• Applications
• Virtual Overlays
• Controllers and Agents
• Platform APIs

Industry's Most Comprehensive Networking Portfolio:

• Hardware + Software
• Physical + Virtual
• Network + Compute

Security Landscape:

Biggest Security Challenges:

• Maintain Security and Compliance with business models change (Agility)
• Stay ahead of the threat landscape
• Reduce complexity of security solutions

The Threat Landscape is evolving:

• 2000 - Worms > Antivirus (Host-Based)
• 2005 - Spyware and Rootkits > IDS/IPS (Network Perimeter)
• 2010 - APTs Cyberware > Reputation (Global) and Sandboxing
• Tomorrow - Increased Attack Surface > Intelligence and Analytics (Cloud / SDN)

Anatomy of a Modern Threat:

1. Infection entry point occurs outside
2. Advanced cyber threat bypasses perimeter defence
3. Threat spreads and attempts to exfiltrate valuable data

Network planes:

• Data Plane:
  The Data Plane of the network is made up of user and application data transiting your network infrastructure
  All Packets Forwarded Through the Platform
  
  
• Control Plane:
  The Control Plane of a network consists of the protocols that enable the network elements to function cooperatively
  ARP, BGP, OSPF, NTP ... and Other "Glue" Protocols
  
  
• Management Plane:
  The Management Plane of the network is made up of the protocols that support the operational needs of the network:
  
  • Without the Management and Control Planes, the Data Plane will cease to function
  • The resiliency of the Control Plane is vital to the success of the Management and Data Planes, it is critical that control plane resources and protocols are protected
  • Without the Management Plane, it might be impossible to return the network to a functional and secure state

  SSH, TFTP, SNMP, FTP ... and Other Mgmt Protocols

• CEF Forwarding Path - Receive/Host Path, Transit/Exception Path, Multiple Paths for Punted Packets -> Route Processor CPU

Typical DoS:

1. Attacker target multiple network devices
2. Generate invalid flow request on each device
3. Causes DoS on each device

SDN DoS:

1. Attacker target one of the network devices
2. Injects false network flow requests using data plane
3. Controller process flow requests > Controller CPU utilization goes high
4. Invalid network flows pushed by control plane to network devices
5. Invalid flows installed on all data planes and network-wide DoS

Network Programmability:

Proactive versus Reactive Applications:

Proactive:

• Human > Server > Application > Device
• Intermittent changes
• Automated configuration at scale
  
  

Proactive is a type of application sets configuration parameters for planned network changes.

Reactive:

• Events/Device > Server > Application > Device
  
• Frequent and dynamic changes
• Responding to network events

CLI versus NETCONF Applications:

CLI Applications:

• Human > Device
• Support all devices
• Made for humans

NETCONF Applications:

• Server > NETCONF Application > Device
• Support many devices
• Made for applications
  
  

CLI is a type of interface is available for almost every networking device. While NETCONF and RESTCONF are becoming more common, they are not yet available on many networking devices. XML is a structured data format, not an interface type.

YANG is a data model is used by the NETCONF protocol.

Standalone versus Controller-based Applications:

Standalone Applications:

• Server > Application > Device
• Application performs discovery, topology, device communication

Controller-based Applications:

• Application > Server > Controller > Device
• Controller performs discovery, topology, device communication, abstraction
  
  

External and internal are two varieties of controller-based applications.

Standalone is a type of application communicates directly with a device.

External Support Libraries:

Python code from other sources

• Python
• Cisco (DevNet, Learning Labs)
• External Sources:
  
  • Device communication
  • Data formats
  • Printing
    
    

Types of Network Programmability:

In general, network programmability is broken down into two high-level categories: device-level programmability and true network-level programmability. Device programmability in and of itself is prone to some of the same scalability challenges as CLI but provides a more reliable and machine-consumable interface to the devices. True network-level programmability treats the network as an object that allows for more advanced solutions that tend to veer toward business use cases. Network-level programmability is enabled by controllers such as the APIC. The APIC controller allows data centre engineers to define policies that describe how the network should function. The controller instantiates these policies in the data centre switches without the need to configure each switch separately.

CLI versus NETCONF:

CLI scripting was the primary approach to making automated configuration changes to the network prior to NETCONF. CLI scripting has several limitations including lack of transaction management, no structured error management, and ever-changing structure and syntax of commands that make scripts fragile and costly to maintain.

B-)

Software-Defined Networking is NOT:

• An easy button... [but is intended to make things easier for all!]
• A panacea or end-state
• Narrowly defined
• Designed to replace network engineers
• A mandate for all network engineers to become programmers
• A new attempt at network evolution

Traditional versus Software-Defined Networks:

The Traditional Network:

• Control plane learns/computes forwarding decisions.
• Data plane acts on the forwarding decisions.
• Control and Data Plane resides within Physical Device

The Network As It Could Be... to an SDN 'Purist':

• Control plane becomes centralized
• Physical device retains data plane functions only

The Network As It Could Be... In a 'Hybrid SDN':

• A Controller is centralized and separated from the Physical Device, but devices still retain localized Control plane intelligence.

Why Change?:

• Familiar Manual, CLI-driven, device-by-device approach is inefficient
• Increased need for programmatic interfaces which allow faster and automated execution of processes and workflows with reduced errors
• Need for a 'central source of truth' and touch-point

Current Industry Trends:

Networking Trends:

• Open Source Software
• Programmable Infrastructure
• Software Defined Networking (SDN) is set of techniques, not necessarily a technology, used to control, manage, and change the way networks are built and managed.
  
• DevOps
• Application Centric Networking

Open Source Software:

• OpenFlow:
  
  • Emerged out of Stanford
  • Low-level imperative control for FIB tables
  • Used between controllers and switches
• Contiv:
  
  • Several projects
  • Working to define operational policy for container-based applications
• .IO:
  
  • Acceleration of NFV data planes
  • Vector packet processing (VPP)
• OvS - Open vSwitch:
  
  • Open source feature rich virtual switch
  • Supports OpenFlow and OVSDB
• OpenStack - CLOUD SOFTWARE:
  
  • Open source Cloud Computing Project
  • Collection of APIs
  • Neutron is the network project and API standard to have a network plug-in
• OPEN DAYLIGHT:
  
  • Collaborative project
  • Promote community-driven SDN
    
    
• Goals:
  
  • Community involvement in continuous improvement
  • Using open APIs to interact with network devices
    

Programmable Infrastructure:

Platform specific, on-box, automation and scripting mechanisms:

• TCL
• EEM
• Power on Auto Provisioning
• Smart Install
• Smartports Macros
• Python

Characteristics of modern programmatic protocols for managing network devices:

• REST APIs
• NETCONF
• RESTCONF
• SDKs
• DevOps Tools
• Linux

Software Defined Networking:

• Control Plane and Data Plane Separation
• Software Only Network Virtualization
• Network Function Virtualization
• Disaggregation
• Device APIs
• Policy and Application Centric Infrastructure

DevOps - Best described by understanding CALMS:

• Culture
• Automation
• Lean
• Measurement
• Sharing
  
  ->
  
• Increase Deployment Frequency
• Decease Failure Rate
• Faster Time to Market
• Increase Speed and Accuracy of Bug Fixes
  
  
• Operating Systems:
  
  • Linux
  • debian
  • redhat
  • ubuntu
• Programming Languages:
  
  • Go
  • RUBY
  • python
• Configuration Management:
  
  • SALTSTACK
  • ANSIBLE
  • Chef
  • puppet
• Continuous Integration:
  
  • circleci
  • Buildbot
  • Travis CI
  • Jenkins
• Version Control:
  
  • git
  • GitHub
  • Bitbucket

Cisco ACI - Application Centric Infrastructure:

• Simplifies, optimizes, and accelerates the application deployment lifecycle.
• Employs an open-ecosystem approach integrating physical and virtual elements.
• Supports open APIs, open standards, and open source elements to enable greater flexibility for development and operations.
  
  
• APIC
  
  
• Agility and Visibility
• Simplicity
• Automation
• Scale and Performance
• Security
• Open

Network Programmability & Automation:

Current Network Operation:

• CLI was built for manual human interaction
• Configuration is one device at a time
• Copying and pasting are the standards
• Configuration is prone to error
• Tasks are not easily repeatable
• Notepad is the most common text editor

Future Network Operation:

• Version controls all configurations monitoring changes
• Version control is the source of the truth
• Automated systems perform testing before any change is made to the configuration including system, style, reachability, etc.

Uses of Network Automation:

Types of Network Automation/programmability techniques can perform:

• Common tasks:
  
  • Device Provisioning
  • Data Collection & Telemetry
  • Compliance Checks
• Reporting
• Troubleshooting

Network Automation Scenarios:

Data Collection:

• For a Cisco ISE deployment, an IT manager needs to perform an audit of network switches to gather the hostname, IP address, platform, and serial numbers from all network devices in the organization.
  
  
  
• Correlate user switchport given their IP Phone Extension

Configuration Management Scenarios:

• Due to new vulnerability, new ACLs needed to be added to Cisco ASA FWs at each branch site.
• ISE Deployment requires commands on each and every switch.
• Enterprise needs to add BGP peers frequently for business partners.
• Documented processes lend themselves to automation.

Management Plane:

NMS / End-User <- CLI, (SSH/TELNET), SNMP / NETCONF, RESTCONF, REST -> Network Device: Management Plane, Control Plane, and Data Plane

Why Is Network Automation Different Now?:

• PERL, Expect, and SSH connectivity has existed for years
• It was possible - tedious and error prone, but possible
• Manual parsing - lots of regular expressions
• Going forward:
  
  • Programmatic APIs
  • No parsing
  • Automatic failure on rollback
  • Configuration changes as a transaction

Open Source Tools and Enterprise Platforms:

Enterprise Systems Operations:

• VMware vCenter
• Microsoft System Center
• vRealize
• BMC
• HP

Enterprise Network Operations:

• Cisco Application Centric Infrastructure (ACI)
• Cisco Open SDN Controller (OSC)
• Cisco WAN Automation Engine (WAE)
• Cisco Network Services Orchestrator (NSO)
• Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)

Open Source Software:

• Linux
• ANSIBLE is an example of an off-box method network operations teams use for managing network devices.
  
• puppet
• SALTSTACK
• Chef
• RUBY
• python

B-)

Linux Processes:

Viewing Running Processes:

• top
  
  • Displays real-time processor utilization
• htop
  
  • Displays real-time processor utilization in an easier to read format
• ps
  
  • Display active processes
• ps aux
  
  • Displays an exhaustive list of all processes by all users
    
    

• kill
  
  • Ends a running process
  • Used along with the process ID (PID) to kill an individual process

  cisco@cisco: $ kill 2442

• grep
  Search the contents of a file for a specified value
  

Using the Linux Command Line:

Package Management:

• sudo apt-get install tree
  Install the Linux package called tree
  
  
• tree
  View the directory structure from current working directory
  
  
• traceroute cisco.com
  Perform a traceroute to cisco.com
  

Navigating the Filesystem:

• pwd
  Print current working directory
  
  
• ls
  View the list of files in current directory
  
  
• cd /etc
  Navigate to the /etc directory
  
  
• cd
  Back to the home directory
  
  
• cd /courses/npdesi
  Navigate to the courses/npdesi sub-directory
  
  
• cd ../..
  Go back two directories
  
  
• cd -
  Moves back to the previous working directory

Working with Files and Directories:

• mkdir -p scripts/test/switches
  Create the following tree structure: scripts/test/switches
  
  
• mkdir catalyst
  Create subdirectory that is called catalyst
  
  
• touch catalyst_3850.txt
  Create a new file catalyst_3850.txt
  
  
• mv nexus_5548.txt ../nexus
  Move the file nexus_5548.txt from the current working directory to the nexus directory
  
  
• mv catalyst_3850.txt catalyst.txt
  Re-name the file catalyst_3850.txt to catalyst.txt
  
  
• cat hq-router.txt
  Stream a file called hq-router.txt entire contents to the terminal
  
  
• less asa.txt
  Display a file called asa.txt contents one screen length at a time on the terminal and can scroll up and down within the output of a file
  
  
• diff interface_1.txt interface_2.txt
  Compare (perform a diff) interface_1.txt and interface_2.txt
  
  
• chmod
  Change a file's permission
  
  

Python Foundation for Network Engineers:

Why Learn Python?:

• Interpreted Scripting Language
• Low barrier to entry compared to other languages
• Can be used to write various types of Python Applications
• Python Execution Engine exists on most Linux distributions including network operating systems, such as NX-OS

Python 2.x:

• No longer under active development, but supported by the Python community
• Better library support
• Default on Linux and Mac
• Supported by Cisco NX-OS

Python 3.x:

• Under active development
• Designed to be easier to learn
• Fixed major issues are 2.x
• Not backward compatible

Using the Dynamic Interpreter (shell):

• cisco@cisco: $ python
  >>>
  To exit the shell, use exit() or CTRL+D
  

Writing Python Scripts:

• #!/usr/bin/env python
  
  if _name_ == "_main_":
    course = 'Designing and Implementing Cisco Network Programmability'
    print course
  
  cisco@cisco: $ python cisco.py
  Designing and Implementing Cisco Network Programmability
  

Understanding Python:

Python Helper Utilities and built-in Function:

• help() - Returns the python built-in documentation about the object
• dir() - Returns all available attributes and built-in methods of a given object or module
• type() - Returns the type of the object

>>> type('1.1.1.1')
<type 'str'>
>>> dir(str)
['replace', 'rfind', 'rindex', 'rjust', 'rpartition', 'rsplit', 'rstrip', 'split',
'splitlines', 'startswith', 'strip', 'swapcase', 'title', 'translate', 'upper', 'zfill']
## output truncated for brevity ##
>>> help(str.upper)

Writing Idiomatic Python:

• Single-Line comments
• Multi-line comments
• Whitespace
• Indentation
  
  • Spaces vs. Tabs
• Python Style Guide (PEP8)
  www.python.org/dev/peps/pep-0008

Common Python Data Types:

• String
• Numbers
• Lists
• Dictionaries
• Booleans
• Files

Variable Assignment:

• Assign a value to a variable using the equals sign ("=")
• >>> ipaddr = '10.1.10.1'
  ipaddr was assigned the value of "10.1.10.1"
  
  
• 
  
  
• The Python shell is used to write and test code in real time without having to write a full program or script.
• Python is considered a dynamic language.

Data Types: Strings:

• Sequence of characters that are surrounded by quotes
• Immutable - individual characters cannot be natively modified
• Empty string

>>> ipaddr = '10.1.10.1'
>>> hostname = 'nxos1'
>>> hostname = "nxos2"
>>> hostname[4] = '3'
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
TypeError: 'str' object does not support item assignment
>>> os_version = ''

Printing Strings:

• Using the print statement to print strings
  
  • Prints the rendered string
• Typing in the variable name on the Interpreter
  
  • Print the value as a string literal

>>> interface_config = 'interface Eth1/1\n no switchport'
>>> interface_config
'interface Eth1/1\n no switchport'
>>> print interface_config
interface Eth1/1
 no switchport

Concatenate or add one or more strings together:

>>> ipaddr = '10.1.10.1'
>>> mask = '255.255.255.0'
>>> ipmask = ipaddr + ' ' + mask
>>> ipmask
'10.1.10.1 255.255.255.0'

String Built in Methods:

• Working with common built-in methods
• Use dir() on any object to see its available built-in methods
  
  • <string>.upper()/.lower()
  • <string>.replace() - Replaces characters in a string with a given set of characters
    
  • <string>.startswith()
  • <string>.format()
  • <string>.split()

>>> hostname = 'nxos1'
>>> hostname.upper()
'NXOS1'
>>> macaddr = '00:11:22:33:44:55'
>>> macaddr.replace(':', '.')
'00.11.22.33.44.55'
>>> ipaddr.startswith('10')
True
>>> ipaddr = '10.{}.1.1'
>>> ipaddr.format('200')
'10.200.1.1'
>>> ipaddr = '10.4.8.1'
>>> ipaddr.split('.')
['10', '4', '8', '1']

Data Types: Numbers:

• Can perform mathematical operations directly in code
• Integers and Floating Point numbers
• Operators such as +, -, *, /, //, % are used

>>> 5 * 4
20
>>> 10 - 4
6
>>> 239234 + 4
239238
>>> 10 / 3
3
>>> 10.0 / 3
3.3333333333333335
>>> 10.0 // 3
3.0

B-)

• Authentication:
  
  • Determine which authentication type to use. Basic HTTP, token-based, and OAuth are common types.
  • Add the authentication credentials to the API call are preparing.
    
    
• Custom Headers:
  
  • If required, add any HTTP Headers to the API call are preparing. For example: Content-Type: application/json.
    
    
• Request Body:
  
  • If required, include a JSON- or XML-formatted request body that contains any data that is needed.

About Authentication:

Authentication controls whether a user can access a specific API endpoint and how they can it. For example, one user might have read-only privileges, which they can only make API calls that read data. Another user might have read and change (add, edit, delete) privileges to every endpoint, which means they can make an API call. These access rights are typically-based upon assigned user roles such as Administrator, which grants a user full rights to change data, and User, which grants read-only access.

REST APIs have three common methods to authenticate users:

• Basic HTTP: The username and password are passed to the server as an encoded string.
  
  
• OAuth: Open standard for HTTP authentication and session management. Creates an access token associated with a specific user that also specifies the user rights. The token identifies the user and rights when making API calls to verify access and control.
  
  

1. Token: As with OAuth, a token is created and password with each API call, but there is no session management and tracking of clients. This simplifies interaction between the server and client. APIC-EM uses this design for authentication management.

APIC-EM uses token-based authentication. So the first request need to make creates a token. In APIC-EM, this token is called a service ticket. The controller uses the service ticket to determine which endpoints can access. The service ticket must be included in every API call except the one that creates the ticket.

The steps for using the APIC-EM authentication token are:

1. Create a ticket
2. A ticket (token) is returned in the response body.
3. Include this token in the 'X-Auth-Token' header on all subsequent requests.

How to be a Network Engineer in a Programmable Age:

Meet Carl the Network Engineer:

Networking Skills:

1. Spanning-Tree
2. Routing Protocols
3. QoS
4. VPN Design
5. VoIP
6. Fibre Channel
7. Security Policy
8. MPLS

Programming Skills:

1. TCL
2. EEM
3. Expect Scripts

The Network...:

1. Router
2. Switch
3. Server
4. vSwitch
5. VM
6. Blade Switch
7. lbr
8. Cloud
9. Container
10. Load Balancer
11. Firewall
12. IPS
13. DNS
14. Gateways
15. Others...

The OSI Model of Networking...:

• L7: Application
• L6: Presentation
• L5: Session
• L4: Transport
• L3: Network
• L2: Data Link
• L1: Physical
  
  
• L2 - L4: Oh Yeah... We Got this
• L1 - L2: Black Magic
• L5 - L7: Please don't ask about this...

The Four Ages of Networking...:

1. Stone Age: Spanning Tree, VLANs
2. Bronze Age: Routing Protocols, WAN Design, IP-magedon
3. The Renaissance: SDN, OpenFlow, Controllers, Overlays, MP-BGP, VXLAN, Micro-Segmentation, White Box
4. Programmable Age: Cloud, Python, REST / APIs, NETCONF / YANG, "Fabrics", Network Function Virtualization (NFV), DevOps, Containers
   
   

• App Economy:
  User Expectations and Agility
  
  
• Internet of Things:
  If it isn't connected, don't bother ...
  
  
• Tech Unicorns:
  Low barrier to entry for disruptors

5 Stages of Grief:

• Denial
• Anger
• Bargaining
• Depression
• Acceptance

Carl's 3 Step Approach to Network Programmability:

Phase 1:

• Python
• REST APIs
• JSON/XML
• git/GitHub

Phase 2:

• Linux Skills
• Ansible
• Docker
• NETCONF/YANG

Phase 3:

• Linux Networking
• Container Networking
• NFV

As Needed:

• Network Controllers
• IOT Networking
• Cloud Networking
• NFV
• "DevOps"

Carl has Embraced Programmability! (and got himself a new shirt :-)):

Core Programming:

• Python
• REST APIs
• JSON/XML
• Linux Skills
• Ansible (Puppet/Chef/etc)
• git/GitHub
• Docker
• "DevOps

"New" Networking Stuff:

• Network Controllers
• NETCONF/YANG
• Container Networking
• Cloud Networking
• Linux Networking
• IOT Networking
• NFV

Data Formats: Understanding and using JSON, XML and YAML:

Importance of a Data Format:

Know Your Audience:

• The output of the show interfaces brief command was designed for a human to read.
• Structured data easy to break down for code to go through

Common Data Formats in Programming - A human-readable data structure that applications use to store, transfer, and read data:

• JSON:
  {
    "ietf-interfaces:interface": {
      "name": "GigabitEthernet2",
      "description": "Wide Area Network",
      "enabled": true,
      "ietf-ip:ipv4": {
        "address": [
          {
            "ip": "172.16.0.2"
            "netmask": "255.255.255.0"
          }
        ]
      }
    }
  }
  
  
• XML:
  <?xml version="1.0" encoding="UTF-8" ?>
  <interface xmls="ietf-interfaces">
    <name>GigabitEthernet2</name>
    <description>Wide Area Network</description>
    <enabled>true</enabled>
    <ipv4>
      <address>
        <ip>172.16.0.2</ip>
        <netmask>255.255.255.0</netmask>
      </address>
    </ipv4>
  </interface>
  
  
• YAML:
  ---
  ietf-interfaces:interface:
    name: GigabitEthernet2
    description: Wide Area Network
    enabled: true
    ietf-ip:ipv4"
      address:
      - ip: 172.16.0.2
        netmask: 255.255.255.0

Common Elements in a Data Format:

• Format Syntax
• Objects Representation
• Key / Value Notation
  
  • Values can be objects, lists, strings, numbers, boolean
• Arrays or List Notation
  
  
• {"priorities": [
      "fire",
      "water",
      "club"
    ]
  }

"Key" : "Value":

• "Key" identifies/labels a set of data
• Left side of the colon
• Inside of "quotes"
  
  
• {
    "name": "GigabitEthernet2",
    "description": "Wide Area Network",
    "enabled: true
  }
  
  
• "Value" is the Data
• Right side of colon
• Can be:
  
  • String
  • Integer
  • Array/List
  • Bool
  • Object

B-)

HTTP is for more than Web Browsing:

What is REST?: Just Another Use for the HTTP Protocol

• Representational state transfer (REST)
• API framework built on HTTP
• APIs often referred to as web services
• Popular due to performance, scale, simplicity, and reliability
  
  
• GET, POST, PUT, DELETE

Requests and Response, the REST API Flow:

• Human - HTTP REQUEST GET http://devvie/api/hello >
• Human < HTTP RESPONSE 200 OK JSON -

A Look Under the Hood at REST?:

The URI: What are you Requesting?:

http://maps.googleapis.com/maps/api/geocode/json?address=sanjose

• http:// or https://
  
  • Define whether secure or open http
• Server or Host: maps.googleapis.com
  
  • Resolves to the IP and port to connect to
• Resource: /maps/api/geocode/json
  
  • The location of the data or object of interest on the server
• Parameters: ?address=sanjose
  
  • Details on the scope, filter, or clarify a request. Often optional.

HTTP Methods: What to do?:

HTTP Verb  | Typical Purpose (CRUD) | Description

• POST  | Create  | Used to create a new object or resource.
  Example: Add new book to library
• GET  | Read  | Retrieve resource details from the system.
  Example: Get list of books from the library
• PUT  | Update  | Typically used to replace or update a resource. Can be used to modify or create.
  Example: Update the borrower details for a book
• PATCH  | Update  | Used to modify some details of a resource.
  Example: Change the author of a book
• DELETE | Delete  | Remove a resource from the system.
  Example: Delete a book from the library.

Response Status Codes: Did it work?:

Status Code | Status Message  | Meaning

• 200  | OK  | All looks good
• 201  | Created  | New resource created
• 400  | Bad Request  | Request was invalid
• 401  | Unauthorized  | Authentication missing or incorrect
• 403  | Forbidden  | Request was understood, but not allowed
  
• 404  | Not Found  | Resource not found
• 500  | Internal Server Error | Something wrong with the server
• 503  | Service Unavailable  | Server is unable to complete the request

Headers: Details and meta-data:

Header  | Example Value  | Purpose

• Content-Type | application/json  | Specify the format of the data in the body
• Accept  | application/json  | Specify the requested format for returned data
• Authorization | Basic dmFncmFudDp2YWdyYW50 | Provide credentials to authorize a request
• Date  | Tue, 25 Jul 2017 19:26:00 GMT  | Date and time of the message
  
  
• Used to pass information between client and server
• Included in both REQUEST and RESPONSE
• Some APIs will use custom headers for authentication or other purposes

Data: Sending and Receiving:

• Contained in the body
• POST, PUT, PATCH requests typically include data
• GET responses will include data
• The format typically JSON or XML:
  
  • Check "Content-Type" header

  {
    'title': 'Hamlet',
    'author': 'Shakespeare'
  }

HTTP Authentication and Security:

• None: the Web API resource is public, anybody can place a call.
• Basic HTTP: a username and password are passed to the server in an encoded string:
  
  • Authorization: Basic ENCODEDSTRING
• Token: a secret generally retrieved from the Web API developer portal. Keyword (ie token) is API dependent:
  
  • Authorization: Token aikasf8adf9asd9akasdf0asd
• OAuth: a Standard framework for a flow to retrieve an access token from an Identity Provider:
  
  • Authorization: Bearer 8a9af9adadf0asdf0adfa0af
• Authorization can be short-lived and require refreshing of tokens

Some REST Examples:

The Internet Chuck Norris Database:

DevNet$ curl api.icndb.com/jokes/random
{
  "type": "success",
  "value": {
    "id": 201,
    "joke": "Chuck Norris was what Willis was talkin' about.",
    "categories": [ ]
  }
}
DevNet$ curl api.icndb.com/jokes/random?limitTo=nerdy
{
  "type": "success",
  "value": {
    "id": 537,
    "joke": "Each hair in Chuck Norris's beard contributes to making the worlds largest DDOS.",
    "categories": [
      "nerdy"
    ]
  }
}

• No authentication needed
• Well constructed API with many options

Network Programmability with RESTCONF:

The Request:

DevNet$ curl -vk \
  -u root:cisco123 \
  -H 'accept: application/yang-data+json' \
https://10.10.20.21/restconf/data/ietf-interfaces:interfaces/interface=GigabitEthernet2

> GET /restconf/data/ietf-interfaces:interfaces/interface=GigabitEthernet2 HTTP/1.1
> Host: 10.10.20.21
> User-Agent: curl/7.51.0
> accept: application/yang-data+json
> authorization: Basic dmFncmFudDp2YWdyYW50

• -u provides user:password for Basic Authentication
• -H to set headers
• Lines beginning with ">" indicate Request elements
• Lines beginning with "<" indicate Response elements

The Response - Headers:

< HTTP/1.1 200 OK
< Server: nginx
< Date: Thu, 27 Jul 2017 00:01:52 GMT
< Content-Type: application/yang-data+json
< Transfer-Encoding: chunked
< Connection: close
< Last-Modified: Tue, 25 Jul 2017 19:15:57 GMT
< Cache-Control: private, no-cache, must-revalidate, proxy-revalidate
< Etag: 1501-10157-179272
< Pragma: no-cache
<

The Response - Data:

{
  "ietf-interfaces:interface": {
    "name": "GigabitEthernet2",
    "description": "Wide Area Network",
    "type": "iana-if-type:ethernetCsmacd",
    "enabled": true,
    "ietf-ip:ipv4": {
      "address": [
        {
          "ip": "172.16.0.2",
          "netmask": "255.255.255.0"
        }
      ]
    },
    "ietf-ip:ipv6": {
    }
  }
}

REST API Tools:

• curl
  
  • Linux command line application
• Postman
  
  • Chrome browser plugin and application
• Requests
  
  • Python library for scripting
• Swagger
  
  • Dynamic API Documentation
• Browser Developer Tools
  
  • View traffic and details within browser

Making REST API Calls with Postman:

Why Postman and How to Get it?:

Postman: Powerful but Simple REST API Client:

• Quickly test APIs in GUI
• Save APIs into Collections for reuse
• Manage multiple environments
• Auto-generate code from API calls
• Standalone Application or Chrome Plugin
• www.getpostman.com

Sending an API Request:

Constructing a POST Request:

• Choose method
• Enter URI
• Configure headers and authentication
• Provide data
• Send and verify status

B-)

Introduction to YANG Data Modeling:

• It's written in YANG.
• That's YANG Data.
• We use YANG Data Models.
  
  
• When first getting started with YANG, may find yourself confused because of the word "YANG" is used to refer to different things. All are related, but they are different enough to cause confusion if think there is "One YANG".
  

YANG Modeling Language:

• module ietf-interfaces {
    import ietf-yang-types {
      prefix yang;
    }
    container interfaces {
      list interface {
        key "name";
        leaf name {
          type string;
        }
        leaf enabled {
          type boolean;
          default "true";
        }
      }
  
  Example edited for simplicity and brevity
  
  
• YANG is first a language for describing data models. The YANG language could be used to describe ANY data model, but it was designed to describe networking data models.
  
  
• As a language, it is highly structured and typed, something that should be appreciated in a data modelling language. Some aspects of the language to note:
  
  • Every data model is a module that is a self-contained top-level hierarchy of nodes
  • Leverages data types that can be imported from another YANG module, or defined within a module
  • Uses containers to group related nodes
  • Leverages lists to identify nodes that are stored in sequence
  • Each individual attribute of a node is represented by a leaf
  • Every leaf must have an associated type
    
  
  

• Event Preparation for DevNet Express for DNA v2.1:
  learninglabs.cisco.com/modules/00-pre-event-preparation
  

Actual Device Data Modeled in YANG:

• To retrieve (or send) YANG data, we will leverage "NETCONF" (Transport Protocol) to communicate from a "Manager" (Client) on our workstation to an "Agent" (Server) running on a network element using "XML" (Data Format).
  
  
• This means that when we send or receive data using NETCONF, we will be working with YANG Modeled data represented in XML.

YANG and RESTCONF:

• NETCONF is just one of the Standard Transport Protocols available for leveraging YANG Data Models. Though NETCONF is the only fully standardized option so far, even in the draft from RESTCONF is becoming popular because of its REST-based foundation.
  
  
• When using RESTCONF, the developer has the option of leveraging either XML or JSON for sending and receiving data.
  
  
• It is less expensive is the main benefit of having an out-of-band management network for an infrastructure controller.
  A Reliable In-band Control In A Software-defined Network:
  www.jatit.org/volumes/Vol95No17/25Vol95No17.pdf
  
  
• NETCONF and SNMP network configuration protocols use XML as a data representation format.
  
  Data modelling language for the definition of data sent over the NETCONF network configuration protocol.
  
  Many network management protocols have associated data modelling languages. The first widely deployed Internet standard for network management was the Simple Network Management Protocol (SNMP).
  en.wikipedia.org/wiki/YANG
  wh.cs.vsb.cz/sps/images/2/23/SoftwareOrientedManagement.pdf
  
  
• VXLAN feature enables service function chaining to steer traffic to virtual network functions.
  networkop.co.uk/blog/2017/09/15/os-sfc-skydive
  www.sciencedirect.com/science/article/pii/S0920548916302458
  tools.ietf.org/id/draft-ietf-sfc-nsh-17.html

Evolution/Evolving of Service Chaining:

Architectural Requirements:

• Service deployments will be driven by applications/application policy
• Service will be built using flexible service graphs rather than linear service chains
• These services will adhere to application-centric business policies/requirements
• The service elements used to build service chains will be both physical and virtualized
• Flexible placement of service elements will require that the coupling of services to the underlying network topology be broken allowing transport agnostic service deployment
• Policy distribution through metadata exchange between service functions and the network

Service Graphs vs. Linear Service Chains:

• Flexible service creation through service graphs rather than linear service chains
• The collection of service functions in a network form a graph
• The graph is composed of possible service function options:
  
  • Directed graph
  • Weighted graph if required
• Vertices: Service Functions
• Edges: Overlay connectivity

Example: Business Policy Drives Service Deployment:

• A service is rendered based on a business policy like ...
• All traffic between the Internet & web front-end servers apply:
  
  • De/Encryption with highest throughput / low latency and least $$ cost
  • Copy all "mobile" only transactions to a Big Data analytics system
  • Perform the copy at most optimal point ($$ cost & least latency impact)
  • Send all traffic through a SLB+WAF & and IDS
• Additionally, deploy this policy with other caveats like:
  
  • Service functions are both virtual and physical and vendor neutral
  • Compute & service elasticity; compute mobility

First Steps:

• As an initial and transitional step, service chaining may be achieved through overlays that provide topological independence
• Tunnel encapsulation choices; VXLAN, GRE, MPLS, etc

Next Generation CCIE:

Ingredients of Hybrid IT:

• Application Centricity
• Programmability of:
  
  • Infrastructure
  • Controllers
  • Services
• Virtualization of:
  
  • vAF: Application Functions
  • vMF: Management Functions
  • vNF: Network Functions

  Bimodal IT Architectures to support Fast IT Business Needs

The pace of change and Networks:

• Network Expenses:
  
  • 33% CAPEX
  • 67% OPEX

  Source: Forrester

• Deployment Speed:
  
  • Computing 5 Seconds
  • Networking 1,000 Seconds

  Source: Open Computer Project

• 80% Time IT spends on operations
• 55% CMOs think IT is not responding fast enough to time-sensitive projects
• 57% CEOs are worried about IT strategy not supporting business growth
  

B-)

• ACI Types of Objects:
  
  • Logical > Resolved > Concrete > Hardware:
    
    • Logical = configured in the GUI by the user
    • Resolved = created by the APIC as a unit/object to communicate and pass information to the switches
    • Concrete = objects used by the switches to program hardware

  clnv.s3.amazonaws.com/2015/usa/pdf/BRKACI-2101.pdf
  
  

• Introduction to YANG Programming and RESTCONF on Cisco IOS XE:
  networkop.co.uk/blog/2017/02/15/restconf-yang
  
  
• Launching a VIRL Simulation with cURL:
  virl-dev-innovate.cisco.com/api.curl.launch.php
  
  
• Using Web Services - XML & JSON:
  www.pythonlearn.com/html-008/cfbook014.html
  
  
• VRF vs Bridge Domain:
  www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_010001.html#concept_8FDD3C7A35284B2E809136922D3EA02B
  
  
• Visore Managed Object Viewer:
  www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_01101.html#d30218e262a1635
  
  
• NETCONF protocol architecture:
  support.huawei.com/view/contentview!getFileStream.action?mid=SUPE_DOC&viewNid=EDOC1000178174&nid=EDOC1000178174&partNo=j00h&type=htm#dc_cfg_netconf_0004_mMcCpPsS_t01
  
  How a Traditional Network Engineer Got Started with Network Programmability:
  blogs.cisco.com/developer/how-a-traditional-network-engineer-got-started-with-network-programmability
  
  
• ONF - Certified SDN Professional Program:
  www.opennetworking.org/training-certification/skills
  en.wikipedia.org/wiki/OpenFlow
  www.opennetworking.org/member-listing
  
  
• Collision and broadcast domains: All ports of a Router are in different collision domains with different broadcast domains.
  
  
• A router forwards packets based on the destination IP address, while a switch forwards these based on the destination MAC address is the difference between a router and a switch.
  
  
• ทำความรู้จัก Cisco Digital Network Architecture (Cisco DNA) สถาปัตยกรรมเครือข่ายสำหรับ Digital Business โดยเฉพาะ:
  www.techtalkthai.com/introduces-cisco-digital-network-architecture
  
  
• Cisco เปิดตัวแนวคิดระบบเครือข่ายใหม่ เปลี่ยนแปลงตัวเองได้ด้วย AI และ Machine Learning:
  www.techtalkthai.com/cisco-intent-based-networking-by-cisco-dna
  
  
• 5 แนวทางที่ Network Engineer ควรปรับตัว ในยุคของ Cisco Intent-based Networking:
  www.techtalkthai.com/5-ways-network-engineer-should-adapt-for-cisco-intent-based-networking
  
  
• Cisco เสริมการทำ Network Assurance ลงใน Intent-based Networking เปิดตัว 3 นวัตกรรมใหม่ด้าน Network:
  www.techtalkthai.com/cisco-network-assurance-is-announced-to-make-intent-based-networking-better
  
  
• ประมวลงาน Cisco Live 2018 ณ ประเทศสหรัฐอเมริกา:
  www.techtalkthai.com/summary-cisco-live-2018-at-florida-us

B-)