Automating VLAN Creation on Cisco Devices with Ansible

-
Image
  Automating VLAN Creation on Cisco Devices with Ansible Ansible is a powerful automation tool that simplifies network management tasks, including creating VLANs on Cisco devices. For beginners, this guide will walk you through automating VLAN creation step-by-step, from setting up Ansible to deploying VLAN configurations. What is a VLAN? A VLAN (Virtual Local Area Network) is a logical group of devices within a network that can communicate as if they were on the same physical network, regardless of their physical location. VLANs improve network efficiency and security by segmenting traffic. Why Use Ansible for VLAN Automation? Consistency: Avoid manual configuration errors. Efficiency: Configure multiple devices in seconds. Scalability: Manage large-scale networks easily. Flexibility: Supports various Cisco devices and integrates with other tools. Prerequisites Cisco Device Configuration: Ensure your Cisco devices support SSH and are configured to allow Ans...
Post a Comment

SDWAN : Software Defined Wide Area Network | IT NETWORKS

-

What is SD-WAN?


SD-WAN or Software Defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows organizations to take advantage of any combination of transport services like MPLS, LTE and broadband Internet - to connect users to applications.

 An SD-WAN uses a centralized control function to drive traffic securely and intelligently over the WAN.

This increases application performance, improving the user experience, increasing business productivity, and reducing IT costs.


computer - no copyright photo
What Problems Does SD-WAN Solve?

1) MPLS cost and constraints



Multiprotocol label switching (MPLS) has been the main used routing technique of WAN connectivity between enterprise sites, it delivers guaranteed bandwidth, predictable latency, and privacy.

Unfortunately it has it’s restrictions

 1.1 Cost

  • MPLS is very expensive and may charge enterprises additional expanses.


 1.2 Constraints

  • MPLS cannot be installed in all geographic locations.
  • MPLS is not a practical means of cloud connectivity in most scenarios.

In contrast, broadband Internet costs much less than MPLS and is available worldwide.

Although Internet connectivity is not as reliable and latency can vary depending on too many factors, the cost savings are convincing.

 >>Many companies are now using a hybrid WAN combination of these transports, in which critical application traffic is sent over MPLS and everything else is routed over Internet.<<


The software-defined WAN makes it easier to deploy a hybrid WAN and to find the balance between cost, performance, and reliability for different applications traffic.

This is largely due to the rule-based management and dynamic path selection capabilities built in SD-WAN.

2) The Management of complex networks


The management that SD-WAN brings is easier compared to classic complex networks operations and is even greater than the cost savings achieved with MPLS.
The configuration of routers, switches and firewalls on an individual basis using scripts and CLIs is inefficient and the percentage of committing errors is big.

Also productivity is reduced further when an engineer have to travel from a place to another to configure a new equipment at a branch site.
The use of obsolete methods and technologies has made it difficult for many network teams to respond to business demands.


  • SD-WAN helps IT administrators in taking control of complex networks operations and respond quickly to changing business needs.

 SD-WAN ease the design phase, deployment, and management of new production equipment from a central location. The work of an engineer is almost complete after the design phase.
In this phase, anyone with NO IT skills acquired can ship the new SD-WAN gateway to remote branch and plug it to production.
The new gateway will be automagically discovered and start showing online with zero-touch provisioning.

 After that, the new SD-WAN equipment will be fully loaded and start functioning using business-aligned policies pre-written by a network engineer.

All the operational rules automatically generate to all SD-WAN devices under management when a policy is added or modified.

SD-WAN Benefits

1) Cost savings

2)Agility

3)Application performance

4)Speed of deployment


Comments

Post a Comment

Popular Posts

Network Access Control NAC | IT NETWORKS

-
Image
Network Access Control NAC It's something that controls access to the network. And at its simplest level, this is what NAC does.  But if that's all that it was, then it wouldn't be fundamentally different from a network authentication and authorization server. Traditional authentication to the network follows the IEEE 802.1X standard that provided an authentication method to devices wishing to join a Local Area Network (LAN) or wireless LAN. 802.1X Wireless/Wired Authentication The mechanism was a port-based network access control which used agents, the software running on client devices that provide credentials to the authenticator to control access to the network. Another means to control access to a public network such as one serving a coffee shop or in a hotel, is a captive portal. If you've ever connected to a network in an airport, hotel, or coffee shop, you might recall interacting with a web page, sometimes agreeing t...
Read more

CISCO : Dynamic Multipoint Virtual Private Network (DMVPN) | ITNETWORKS

-
Image
1- Definition   DMVPN is a technology that's used in secure networks exchanging data between them without needing to redirect traffic through a  headquarter  server  or router . Dynamic Multipoint VPN ( DMVPN ) is a Cisco IOS Software solution for building reliable IPsec Virtual Private Networks (VPN). DMVPN basically is a centralized architecture that provides easier management and implementation for deployments that need very specific access controls, authorizations and restrictions for diverse branches, users, applications and partners. DMVPN + IPSEC 2- Benefits DMVPN provides the ability to create dynamic VPNs without configuring static tunnels between remote peers, including Internet Protocol (IP), IPSEC and Key Management Protocol (ISAKMP peers).   DMVPN is designed  to make HUB-AND-SPOKE   topology  by statically configuring the hub IP address on the spokes, no other changes are needed ...
Read more

Issues with CISCO WIRELESS Controller (And resolution) | IT NETWORKS

-
Image
On Cisco Wireless controller 5520, The Access POINTS try to join the Controller by bringing up a connection through the CAPWAP Tunnel, you can see these attempts through the AP log itself. The problem is that the DHCP server when trying to serve IP Addresses it shows the error BAD_ADDRESS in front of each IP assigned. So I Took a single access point, started debugging it, after that, I noticed that the CAPWAP connection was empty of errors BUT!! it was trying to resolve this name  CISCO-CAPWAP-CONTROLLER This resolution is made with DNS protocol, of course, I honestly wasn't so sure of what I was doing, so I added a new entry in my DNS server and it's corresponding IP was the Controller's after that magically all the Access Points where UP and showed UP on my controller. The controller I'm working with is the CISCO WIRELESS CONTROLLER 5520 Model:  AIR-CT5520-K9 Software Version:  8.3.150.0 Image of the controller Learn...
Read more