1
00:00:05,200 --> 00:00:05,920
Now some good news.

2
00:00:05,920 --> 00:00:12,970
Before we get into the network automation section you don't have to learn python for the CCMA exam that's

3
00:00:12,970 --> 00:00:16,410
covered in the Cisco definite certification.

4
00:00:16,450 --> 00:00:20,650
I took the CCMA and definite associate exam on the same day.

5
00:00:20,650 --> 00:00:26,980
I've spoken previously about this early in the course but I'm going to replay parts of that video in

6
00:00:26,980 --> 00:00:30,180
this section just to remind you of my thoughts.

7
00:00:30,190 --> 00:00:38,230
When I took the exam the CCMA examined testing on topics such as REST API Jason formatting that's covered

8
00:00:38,620 --> 00:00:43,990
in the automation and program ability section of the blueprint.

9
00:00:43,990 --> 00:00:48,730
So as an example make sure that you know how to interpret Jason encoded data.

10
00:00:48,760 --> 00:00:56,290
Make sure that you know how to describe the characteristics of rest based APIs so as an example when

11
00:00:56,290 --> 00:01:02,980
I want to get data from a survey using a REST API that's a get if I want to delete some data it's a

12
00:01:02,980 --> 00:01:11,620
delete MAKE SURE THAT YOU KNOW THE REST API verbs but you don't have to write Python code using REST

13
00:01:11,650 --> 00:01:12,750
API.

14
00:01:13,390 --> 00:01:16,630
You don't have to learn answerable for the exam.

15
00:01:16,630 --> 00:01:19,510
Now in this section I'm going to show you python scripts.

16
00:01:19,510 --> 00:01:21,470
I'm going to show you animal scripts.

17
00:01:21,580 --> 00:01:25,740
You don't however have to learn that for the CCMA exam.

18
00:01:25,870 --> 00:01:31,240
You need to learn that for the definite exam and the developer certifications.

19
00:01:31,240 --> 00:01:33,780
Now is it recommended that you learn Python.

20
00:01:33,790 --> 00:01:34,750
Definitely.

21
00:01:34,750 --> 00:01:39,790
If you're interested in getting ahead in your career learn Python learn animal.

22
00:01:39,820 --> 00:01:42,340
I've been seeing these things for many many years.

23
00:01:42,340 --> 00:01:48,140
Years ago I was explaining the separation of the control plane and data plane.

24
00:01:48,250 --> 00:01:52,590
You can see this video on YouTube as an example made many years ago.

25
00:01:52,600 --> 00:01:55,530
This stuff has now become mainstream.

26
00:01:55,540 --> 00:02:02,500
It's important that you learn Python and sensible for the real world and to get ahead in your career.

27
00:02:02,500 --> 00:02:06,800
But for the CCMA exam you don't have to learn python scripts.

28
00:02:06,850 --> 00:02:08,700
You don't have to learn animal scripts.

29
00:02:08,890 --> 00:02:15,310
Now if I hear that this has changed that now they testing your coding ability.

30
00:02:15,310 --> 00:02:16,690
I'll update this video.

31
00:02:16,990 --> 00:02:22,240
But at the moment because I haven't heard any new updates you can assume that you don't have to learn

32
00:02:22,240 --> 00:02:25,770
python and sensible code for the exam.

33
00:02:25,900 --> 00:02:28,410
You need to understand the principles.

34
00:02:28,420 --> 00:02:35,560
So as an example here they talk about explaining how automation impacts network management.

35
00:02:35,560 --> 00:02:42,580
Let me tell you the world is changing with network automation in the same way that we had autonomous

36
00:02:42,580 --> 00:02:47,290
access points in the past and they are now managed using a controller.

37
00:02:47,290 --> 00:02:52,020
The idea here is we're going to have a controller that manages lots of devices.

38
00:02:52,120 --> 00:02:58,450
Now in the first sort of SDM or software defined networking implementation the protocol used was open

39
00:02:58,450 --> 00:02:58,870
flow.

40
00:02:59,200 --> 00:03:03,670
There's a big difference between the way open flow did things and the way network automation is done

41
00:03:03,670 --> 00:03:06,460
today in the purest form of open flow.

42
00:03:06,450 --> 00:03:10,450
The switches or devices in your network become dumb.

43
00:03:10,450 --> 00:03:16,900
The controller which would simply be a linux ubuntu server as an example controls the devices in the

44
00:03:16,900 --> 00:03:17,640
network.

45
00:03:17,830 --> 00:03:20,530
They lose their brain.

46
00:03:20,590 --> 00:03:26,680
So in the CCMA they talk about separation of control plane and data plane and northbound and southbound

47
00:03:26,710 --> 00:03:30,640
APIs as a start understand the following.

48
00:03:30,640 --> 00:03:32,240
Where is the brain.

49
00:03:32,260 --> 00:03:38,050
Where is the intelligence for the network in the purest open flow implementation.

50
00:03:38,050 --> 00:03:43,080
The brain was removed from the networking device and put into the controller.

51
00:03:43,240 --> 00:03:51,430
If we had 100 routers or 100 switches in a traditional network we have 100 brains every router every

52
00:03:51,430 --> 00:03:53,180
switch controls itself.

53
00:03:53,320 --> 00:03:58,810
It has its own data plane or forwarding plane that's how it switches traffic from wanting to face to

54
00:03:58,810 --> 00:03:59,500
another.

55
00:03:59,500 --> 00:04:01,660
It has its own control plane.

56
00:04:01,660 --> 00:04:03,760
In other words its own brain.

57
00:04:04,060 --> 00:04:09,040
When a rider using a SPF receives an update it updates its routing table.

58
00:04:09,040 --> 00:04:15,030
So the rub routing information base that's a software based table that's populated with rats learnt

59
00:04:15,070 --> 00:04:20,650
through SPF so the brain is populating the routing table with ruts.

60
00:04:20,860 --> 00:04:26,710
So the rub or writing information base is a software based writing table that's then pushed down into

61
00:04:26,710 --> 00:04:29,760
hardware or into the forwarding plane or data plane.

62
00:04:29,770 --> 00:04:33,850
In other words into the Ferb or forwarding information base.

63
00:04:34,000 --> 00:04:35,630
In other words into hardware.

64
00:04:35,680 --> 00:04:41,710
So we have the control plane which is the brain of the device or SPF is populating the writing information

65
00:04:41,710 --> 00:04:42,250
base.

66
00:04:42,250 --> 00:04:44,580
The brain determines where traffic is routed.

67
00:04:44,680 --> 00:04:49,280
Same kind of idea with spanning tree spanning tree BP the user received.

68
00:04:49,450 --> 00:04:54,080
The brain decides once again which ports affording which ports are going to be blocked.

69
00:04:54,130 --> 00:04:57,700
So the thing to remember is the device has a local intelligence.

70
00:04:57,700 --> 00:04:59,740
The brain is on the device.

71
00:04:59,740 --> 00:05:07,740
If we had 100 routers they would each have their own brain brain is localized to the device.

72
00:05:07,980 --> 00:05:15,390
But in the purest open flow example the devices became dumb and we put the brain into the controller

73
00:05:15,710 --> 00:05:20,730
so that the controller centralized controller was the brain for 100 devices.

74
00:05:20,760 --> 00:05:27,630
That's nice in a way because the controller is a central device that you can manipulate and then update

75
00:05:27,870 --> 00:05:30,160
the forwarding of 100 devices.

76
00:05:30,180 --> 00:05:35,520
It also gives the centralized device more visibility of the network so you can see the entire network

77
00:05:35,850 --> 00:05:41,460
instead of the writer just seeing its own local writing table and not having visibility of the entire

78
00:05:41,460 --> 00:05:42,150
network.

79
00:05:42,150 --> 00:05:48,960
There were advantages with with this kind of model Oh SPF uses the SPF algorithm shortest path first

80
00:05:48,990 --> 00:05:49,460
algorithm.

81
00:05:49,470 --> 00:05:50,460
Very complex.

82
00:05:50,460 --> 00:05:56,730
We have a distributed system that then somehow converges to decide which is the best path in the network.

83
00:05:56,730 --> 00:06:03,600
Much easier to put the intelligence in a centralized controller but it didn't work because as an attacker

84
00:06:03,780 --> 00:06:05,400
which device am I going to attack.

85
00:06:05,430 --> 00:06:09,990
I'm going to attack that centralized device if I can take out the controller.

86
00:06:10,100 --> 00:06:15,450
I not only just take out one router I take out 100 writers I basically can destroy your network by just

87
00:06:15,450 --> 00:06:17,160
killing the controller.

88
00:06:17,190 --> 00:06:20,640
There were other problems because Okay so ever centralized device.

89
00:06:20,640 --> 00:06:24,630
But what about redundancy if this thing dies your whole network dies.

90
00:06:24,660 --> 00:06:26,010
So that kind of sucks.

91
00:06:26,040 --> 00:06:31,440
So what you're gonna do is have more than one controller and now you back to the distributed database

92
00:06:31,440 --> 00:06:33,510
scenario or synchronization issue.

93
00:06:33,510 --> 00:06:40,440
How do I synchronize multiple databases in multiple physical controllers to have a single logical controller.

94
00:06:40,500 --> 00:06:45,930
So there were a lot of other issues with this model became a nightmare.

95
00:06:46,010 --> 00:06:50,390
What happens if the rowdies lose connectivity to the centralized controller.

96
00:06:50,390 --> 00:06:50,950
Think about it.

97
00:06:50,960 --> 00:06:56,010
The Rada has its own localized brain in a traditional networking environment.

98
00:06:56,060 --> 00:07:00,710
If it loses connectivity to another writer that's not a problem because he has his own local brain.

99
00:07:00,800 --> 00:07:02,450
That road has its own local brain.

100
00:07:02,780 --> 00:07:07,640
But if you put the brain in the controller and then the road is loose connectivity to the controller

101
00:07:07,670 --> 00:07:11,080
because a link goes down suddenly what are the riders do.

102
00:07:11,090 --> 00:07:14,810
They have no brain so the network dies or breaks.

103
00:07:14,930 --> 00:07:18,630
So a lot of problems with the pure open flow environment.

104
00:07:18,710 --> 00:07:24,350
They then came up with this hybrid approach where we had some intelligence on the devices some intelligence

105
00:07:24,440 --> 00:07:30,800
on the controller where the controller could override what a rudder was doing so we could write open

106
00:07:30,800 --> 00:07:34,590
flow rules to the rider to override traditional networking.

107
00:07:34,670 --> 00:07:39,620
So the ride as an example switch as an example would do traditional riding or traditional switching

108
00:07:39,830 --> 00:07:45,980
but then we could create extra rules here where I could manipulate the flow of traffic from a centralized

109
00:07:45,980 --> 00:07:46,930
controller.

110
00:07:46,940 --> 00:07:52,340
Now one of the cool things with the open flow model and the whole idea of a controller is these devices

111
00:07:52,670 --> 00:07:59,300
talk to the controller using what's called a southbound API so the controller is sitting over here talks

112
00:07:59,300 --> 00:08:02,120
down to the devices using southbound API.

113
00:08:02,120 --> 00:08:07,880
Notice how I've got my hand up here northbound API is southbound API.

114
00:08:07,880 --> 00:08:10,370
Just think south down North up.

115
00:08:10,520 --> 00:08:17,030
So an application developer could write an application talk to the controller using a northbound API.

116
00:08:17,030 --> 00:08:19,200
Typically these would be Rest Api wise.

117
00:08:19,220 --> 00:08:26,000
That's very common today and then a protocol would be used on the southbound API so the controller would

118
00:08:26,000 --> 00:08:31,280
talk down to the riders and switches using some kind of protocol which could be open flow.

119
00:08:31,280 --> 00:08:33,170
That was the original idea.

120
00:08:33,260 --> 00:08:34,740
Could be s an MP.

121
00:08:34,790 --> 00:08:41,030
Don't forget a simple network management protocol been used for years from management stations to networking

122
00:08:41,030 --> 00:08:44,600
devices so S&amp;P could be using the southbound API.

123
00:08:44,600 --> 00:08:52,940
We could use net conf we could use rest conf we could use multiple other options for NPR less BGP.

124
00:08:53,000 --> 00:08:59,160
Basically there were many protocols for CCN HS just have an understanding that we could use rest conf

125
00:08:59,690 --> 00:09:05,410
we could use rest api is actually we could use CLIA we could use as an MP.

126
00:09:05,510 --> 00:09:10,140
Now you don't have to use the rest api of the controller to manipulate devices.

127
00:09:10,550 --> 00:09:16,670
Typically the idea was you you were an application developer used a python script that wrote rules to

128
00:09:16,700 --> 00:09:20,350
the controller which then sent it down to the devices.

129
00:09:20,360 --> 00:09:23,880
The advantage of that was this concept of abstraction.

130
00:09:24,380 --> 00:09:26,870
Complex to write rules to devices.

131
00:09:26,870 --> 00:09:28,140
That was what they said.

132
00:09:28,250 --> 00:09:34,880
Much easier to write stuff to a rest api on the controller so you would write rules to the controller

133
00:09:34,910 --> 00:09:41,130
using the rest api so application uses a high level programming language like Python.

134
00:09:41,240 --> 00:09:47,720
Easy Rest Api in the controller which then uses multiple protocols down to the devices open flow.

135
00:09:47,840 --> 00:09:56,210
Net conf BGP unless less whole bunch of weird and wonderful protocols down to the devices you as the

136
00:09:56,210 --> 00:10:00,050
application develop are being abstracted from the networking devices.

137
00:10:00,050 --> 00:10:06,920
That's the idea but you could do away with a controller and just configure the network devices directly

138
00:10:06,920 --> 00:10:09,270
using a Python script or animal script.

139
00:10:09,290 --> 00:10:15,350
That's what I'm going to show you in the course because that's a lot easier actually to get started

140
00:10:15,350 --> 00:10:15,990
with.

141
00:10:16,030 --> 00:10:21,260
It's a lot easier to say okay let's write a simple python script that updates something on the broader

142
00:10:21,260 --> 00:10:24,440
or pulls information out of the router or switch.

143
00:10:24,470 --> 00:10:31,870
You can mimic this with physical equipment in a lab or in genus 3 or viral or even if you if you like.

144
00:10:32,200 --> 00:10:35,840
So I'm gonna show you some examples of that but just remember you don't have to learn python for the

145
00:10:35,840 --> 00:10:36,580
exam.

146
00:10:36,740 --> 00:10:42,320
You don't have to learn python or sensible programming for the exam but for the real world I'd suggest

147
00:10:42,320 --> 00:10:45,110
that you do learn both of those.

148
00:10:45,110 --> 00:10:48,300
So here they talk about separation of control plane a data plane.

149
00:10:48,350 --> 00:10:52,060
Just note where is the brain local device.

150
00:10:52,130 --> 00:10:57,680
In the old days control plane forwarding plane or data plane was in the device.

151
00:10:57,710 --> 00:11:00,720
So think of the data plane as the forwarding through the ASX.

152
00:11:00,740 --> 00:11:01,840
I've got a router.

153
00:11:01,910 --> 00:11:09,110
Traffic arrives on one interface it gets switched to another interface so data gets sent through the

154
00:11:09,110 --> 00:11:10,010
device.

155
00:11:10,010 --> 00:11:14,750
It's switched on the data plane or forwarding plane that still resides in the device.

156
00:11:14,750 --> 00:11:21,140
Typically it's done using A6 but the control plane or the brain where does it reside.

157
00:11:21,140 --> 00:11:28,460
Today we still want to have the brain in the device open flow the brain was removed and put into a separate

158
00:11:28,460 --> 00:11:29,650
controller.

159
00:11:29,690 --> 00:11:30,810
We don't want to do that.

160
00:11:30,870 --> 00:11:33,230
Cisco devices didn't really support open flow.

161
00:11:33,230 --> 00:11:34,580
They still don't.

162
00:11:34,580 --> 00:11:40,340
The idea is the brain remains on the device but we can use a centralized controller to configure the

163
00:11:40,340 --> 00:11:41,150
devices.

164
00:11:41,390 --> 00:11:46,090
So rather than making the device done we still allow them to do their forwarding still allow them to

165
00:11:46,090 --> 00:11:52,390
have their local brain but we can configure the devices either directly or through a controller which

166
00:11:52,390 --> 00:11:55,140
makes it easier to manage many devices.

167
00:11:55,690 --> 00:11:59,890
So that's one of the central ideas of a controller based network.

168
00:11:59,900 --> 00:12:05,860
Now what I haven't mentioned she has the management play actually three planes control plane or forwarding

169
00:12:05,860 --> 00:12:06,340
plane.

170
00:12:06,340 --> 00:12:08,370
It's like saying write a router.

171
00:12:08,370 --> 00:12:10,530
How is the traffic forwarded through the device.

172
00:12:10,720 --> 00:12:16,090
That always remains on the device because we want high speed switching or forwarding on the device brain

173
00:12:16,090 --> 00:12:18,550
where does it reside typically resides on the device.

174
00:12:18,550 --> 00:12:20,300
But we could have put it into a controller.

175
00:12:20,710 --> 00:12:22,300
Where's the management.

176
00:12:22,300 --> 00:12:24,130
So what's the management plan.

177
00:12:24,160 --> 00:12:31,270
We typically manage a Cisco device using a console or remotely would be telnet bad idea and SSA.

178
00:12:31,330 --> 00:12:38,110
So how do we manage the device now us as humans would use one of those interfaces to configure the device

179
00:12:38,140 --> 00:12:45,400
but to manage the device using a application we in the old days would use SMP simple network management

180
00:12:45,400 --> 00:12:48,070
protocol is an MP has issues.

181
00:12:48,190 --> 00:12:51,990
No one is an MP Virgin wanted to are insecure very easy to hack.

182
00:12:52,000 --> 00:12:55,640
Bad idea to use S&amp;P version 1 and version 2.

183
00:12:55,720 --> 00:13:02,830
It's an MP version 3 supports encryption and authentication much better but it's an MP is not easy.

184
00:13:02,860 --> 00:13:10,030
The OED and the way to extract information from a device is difficult so the rage today which has actually

185
00:13:10,030 --> 00:13:15,680
been going on for a few years is to use a API application programming interface again.

186
00:13:15,720 --> 00:13:21,490
Rest is one of the most popular API is used all over the place.

187
00:13:21,610 --> 00:13:28,060
So when we transition from being a pure network engineer to doing more programming.

188
00:13:28,060 --> 00:13:31,350
The guys from the programming world are used to rest api.

189
00:13:31,360 --> 00:13:35,020
They used all over the place once again in applications.

190
00:13:35,020 --> 00:13:41,800
So when they want to configure network devices it makes sense that that device has a rest api but just

191
00:13:41,800 --> 00:13:45,310
be aware that a lot of old devices will not have a rest api.

192
00:13:45,310 --> 00:13:49,540
You need to use a modern Cisco network device to get a rest api.

193
00:13:49,540 --> 00:13:55,480
So just because rest is cool doesn't mean that all devices are going to support rest.

194
00:13:55,480 --> 00:14:01,990
So in the examples that I'm going to show you in this course which is very much based from my original

195
00:14:01,990 --> 00:14:07,060
Python course I'm going to show you how to configure the devices using telnet and SSA.

196
00:14:07,120 --> 00:14:10,360
Because that's an easy way to get started.

197
00:14:10,360 --> 00:14:17,520
Start with the basics at CCN a level then go and do your definite associate exam.

198
00:14:17,520 --> 00:14:22,530
I highly recommend that you do the definite certification so get your definite certification so that

199
00:14:22,530 --> 00:14:29,580
you can prove to employers that you are not just a network engineer but you also understand programming.

200
00:14:29,760 --> 00:14:33,500
Now as I've said I've been talking about programming for a long time.

201
00:14:33,510 --> 00:14:36,760
I spoke about open flow more than five years ago.

202
00:14:36,930 --> 00:14:43,570
So the idea is this stuff has been bubbling up in the industry but now Cisco have formalized it.

203
00:14:43,650 --> 00:14:51,120
So my recommendation is learn Python and sensible learn the stuff for the real world not for the CCMA

204
00:14:51,450 --> 00:14:56,250
loner for the real world and for the definite certification and go and get your definite certification

205
00:14:56,250 --> 00:15:01,050
as soon as you can so that you can prove to employers that you're not just a network engineer but you

206
00:15:01,080 --> 00:15:02,640
also understand programming.

207
00:15:02,700 --> 00:15:08,640
I'm afraid that being a traditional network engineer with no understanding of programming is over you

208
00:15:08,640 --> 00:15:14,580
will need to learn programming if you wanted to have a good job in future I'm really glad that Cisco

209
00:15:14,580 --> 00:15:20,730
have done this but they've only put 10 percent of the exam being automation and programming so automation

210
00:15:20,730 --> 00:15:27,600
program ability 10 percent of the exam not very big and they use words like explain and compare.

211
00:15:27,600 --> 00:15:32,610
They don't use words like configure or troubleshoot so this is a very high level.

212
00:15:32,610 --> 00:15:38,550
This is typical Cisco way of doing it very high level but then perhaps in the next release of the CCMA

213
00:15:38,880 --> 00:15:42,360
it will become more detailed and you'll be asked more information.