Python Virtual ENVironment – venv

Posted on 15 April 2025 by Robert

VENV, short for Virtual ENVironment, helps you to create a a virtual environment in which you can install python and modules. Without disrupting the system-wide python installation with its modules.Commands issued are for a linux system.

Installation is very straight forward.

python3 -m venv .venv

Activation: 

source .venv/bin/activate

After activation you’ll see a slight change in the prompt. It is prepended with (venv)

Installation of modules needs to be done within venv.

Deactivation of venv:

deactivate

Source : (where did I get all this wisdom from)

First of all a colleague pointed out the exsistance of venv; Thank you Tijs. After that I found the following manuals : https://packaging.python.org/en/latest/guides/installing-using-pip-and-virtual-environments/

Posted in Programming-Scripting, Python | Comments Off on Python Virtual ENVironment – venv

Create hosts file for script on linux

Posted on 9 October 2024 by Robert

When creating a script to retrieve information from network nodes, you need a list of node to retrieve information from. Maintaining a hostfile manually is tedious and cumbersome work.

Therefore I choose to get information from dns. Provided dns is a information source which can be trusted to be up-to-date.

The code that I used is : 

#!/bin/bash

function syntax() {
        echo "syntax $(basename $0) <no parameters>"
        echo "parameters are;"
        echo "- ups"
        echo "- xs"
        echo " "
        exit
}

action="help"
[[ $1 == "--help" || $1 == "-h" || $# -eq 0 ]] && action="help"
[[ $1 == "ups" ]] && action="ups"
[[ $1 == "xs" ]] && action="xs"

case $action in
        "help")
                syntax
                ;;

        "xs")   echo "- creating hosts file for : XS switches"
                host -l net.domain.bla |
                        egrep "^xs" |
                        grep -v IPv6 |
                        grep -v "\-test\-" |
                        grep -v "server" |
                        awk '{print $1}' > hosts_xs_${timestamp2}.txt
                ;;
        "ups")
                echo "- creating hosts file for : UPS's"
                # omit information as many information to create a clean list.
                host -l watt.domain.bla |
                        egrep "^ups" |
                        grep -v mer |
                        grep -v "server" |
                        awk '{print $4}' > hosts_ups_${timestamp}.txt

                        # 1st field = hostname
                        # 4th field = ip adres
                ;;
esac

The hostfile created has a timestamp included in the filename. So I know the validity of the hostfile. This file can be used for other bash/tcl scripts.

Posted in CCNP | Comments Off on Create hosts file for script on linux

Unlocking the Power of Juniper MistAI: Cloud-Based Management

Posted on 1 June 2024 by Robert

Juniper Mist Access-points are used. The management platform is very much straight forward.

The management platform is webbased and cloudbased and uses API’s in the core. To put it in other words; All rrm/alerting/config/management magic is managed in the cloud. And here lies the power op MistAI. Trending/Lessons learned of all customers can be applied to all customers.

Whereas Cisco likes to install a CNC (Cisco Network Collector) to gather configurations, routes tables, arp entries and such. After interpretation you as customer receive a report with items to address with in the network. With Juniper MistAI you do not have to wait for that report.

On the downside: as a consequence that MistAI stores all of the data in the cloud, data retrieval is limited to a number of days.

From a network management perpective: Information presented in MistAI is way beyond sufficient. If you want to do some advanced reporting get familiar with API, Python and purhaps Grafana.

My next post will be on the subject of a quit simple python script to retrieve AP notes of a Mist Site.

Posted in Juniper | Tagged , | Comments Off on Unlocking the Power of Juniper MistAI: Cloud-Based Management

Intel Wifi Killer card in Dell XPS15

Posted on 26 February 2024 by Robert

My employer bought me a new laptop. All bells and whistles are present. A hefty processor, a decent amount of memory. I am very very satisfied.

But….network connections are dropped from time to time. When working with ssh/telnet is major part of the day, this becomes a major annoyance.

I asked by friend McGoogle. He found a number of threads where people wonder why a Intel Wifi killer card is used. On my old Dell Latitude 7490 the wifi card can be replaced for a newer model when the demand arises.

Dell XPS 15 9530 model 2023 is a different beast. Some product developer didn’t listen to the questions/plea/comments of their customer to dump the Wifi Killer. And secondly the wifi card (AX211D2W) isn’t a M 2 card. It is more or less chip soldered on the mainboard.

I thought the use cases for solder-on wifi card were for prototyping/iot/proprietary hardware. Not for a generic laptop. So when you are looking for a new laptop, scrutinize the specification sheet. Whenever wifi 6 is outdated, so is this laptop. No way you can upgrade your wifi. Unless you master your kung-fu soldering skills…

Posted in Laptop | Tagged | Comments Off on Intel Wifi Killer card in Dell XPS15

Fietsen in Amsterdam

Posted on 15 July 2023 by Robert

Fietsen in Amsterdam, dan heb je een deathwish. Mensen ‘uit de polder’ zijn gemakkelijk te herkennen die stoppen voor stoplichten. Amsterdamse kamikaze fietsers weten dat ze voor de wet de meeste bescherming genieten.

Om van ebike’s nog te zwijgen. De VanMoof heeft de zelfde status als een iPhone en een Gaastra jas; het is functioneel maar laat vooral de diepte van de portomonee zie.

Als je het mij vraagt een fiets is een fiets, ook al heeft de trapondersteuning. Wanneer een fiets volledig aangedreven wordt door de hulpmotor (lees : bewegingssensor); is dit voertuig geen fiets maar gelijk aan een brommer, scooter of brommobiel. En dus alleen te besturen door bestuurders met rijbewijs am.

Heb je je ebike opgevoerd dan mag oom agent dit gelijk stellen aan een (speed) pedelec. En mogen de volgende bekeuringen uitgedeeld worden : 1 niet voeren van een kenteken, 2 geen spiegel, 3 geen helm. Hier mag de politie structureel op handhaven. Er zal voldoende inkomsten gegenereerd worden om een aantal nieuwe collega’s van te betalen.

Wellicht vraag je, je nu af: ik deze gast tegen de ebike? Nee helemaal niet. Een fiets is een fiets! Als ik veel moeite doe om 25 km/u te fietsen en ik wordt fluitend (30++km/u) in gehaald door een verwende puber die alleen een trapbeweging maakt om de maximale snelheid te behalen, zie ik een maas in de wet.

En inderdaad mijn kinderen vragen af en toe voor een ebike. Zolang de fietstijd naar school minder dan 45 minuten is, zie ik geen reden om ze een ebike te geven. En het argument “ja maar ik ben de enige in de klas zonder ebike” is dan ook aan dovemansoren gericht.

Hopelijk leest een wetgever om bovenstaande in een wet te gieten. Mag ook eentje zijn van de “daar heb ik geen actieve herinnering aan”-partij zijn.

Posted in CCNP | 1 Comment

SFP Optic values on Juniper

Posted on 28 June 2023 by Robert 
ninja@someswitch> show interfaces diagnostics optics ge-1/2/0  
Physical interface: ge-1/2/0
   Laser bias current                        :  8.132 mA
   Laser output power                        :  1.0960 mW / 0.40 dBm
   Module temperature                        :  26 degrees C / 78 degrees F
   Module voltage                            :  3.3800 V
   Laser receiver power                      :  0.2578 mW / -5.89 dBm
   Laser bias current high alarm             :  Off
   Laser bias current low alarm              :  Off
   Laser bias current high warning           :  Off
   Laser bias current low warning            :  Off
   Laser output power high alarm             :  Off
   Laser output power low alarm              :  Off
   Laser output power high warning           :  Off
   Laser output power low warning            :  Off
   Module temperature high alarm             :  Off
   Module temperature low alarm              :  Off
   Module temperature high warning           :  Off
   Module temperature low warning            :  Off
   Module voltage high alarm                 :  Off
   Module voltage low alarm                  :  Off
   Module voltage high warning               :  Off
   Module voltage low warning                :  Off
   Laser rx power high alarm                 :  Off
   Laser rx power low alarm                  :  Off
   Laser rx power high warning               :  Off
   Laser rx power low warning                :  Off
   Laser bias current high alarm threshold   :  70.000 mA
   Laser bias current low alarm threshold    :  0.100 mA
   Laser bias current high warning threshold :  60.000 mA
   Laser bias current low warning threshold  :  0.500 mA
   Laser output power high alarm threshold   :  3.9810 mW / 6.00 dBm
   Laser output power low alarm threshold    :  0.3160 mW / -5.00 dBm
   Laser output power high warning threshold :  2.5110 mW / 4.00 dBm
   Laser output power low warning threshold  :  0.5010 mW / -3.00 dBm
   Module temperature high alarm threshold   :  105 degrees C / 221 degrees F
   Module temperature low alarm threshold    :  -45 degrees C / -49 degrees F
   Module temperature high warning threshold :  80 degrees C / 176 degrees F
   Module temperature low warning threshold  :  -15 degrees C / 5 degrees F
   Module voltage high alarm threshold       :  4.000 V
   Module voltage low alarm threshold        :  2.800 V
   Module voltage high warning threshold     :  3.600 V
   Module voltage low warning threshold      :  3.000 V
   Laser rx power high alarm threshold       :  1.0000 mW / 0.00 dBm
   Laser rx power low alarm threshold        :  0.0032 mW / -24.95 dBm
   Laser rx power high warning threshold     :  1.0000 mW / 0.00 dBm
   Laser rx power low warning threshold      :  0.0040 mW / -23.98 dBm
Posted in CCNP | Comments Off on SFP Optic values on Juniper

Session logout Juniper

Posted on 17 April 2023 by Robert

Once in a while a run in to an orphaned tty session. Somebody logged on by means of serial cable, and left while forgeeting to log out.

ninja@someswitch> show system users  
fpc0:
--------------------------------------------------------------------------
11:47PM  up 252 days, 14:55, 2 users, load averages: 0.69, 0.58, 0.57
USER     TTY      FROM                              LOGIN@  IDLE WHAT
root     u0       -                                08Aug22 252days cl             
ninja   pts/0     somejump-host   11:47PM     - -cl            

The way to get rid of this is easy. But beware this might take some time. 30 seconds to a minute.

ninja@someswitch> request system logout terminal u0

And check if the phantom user is gone;

ninja@someswitch> show system users  
fpc0:
--------------------------------------------------------------------------
11:49PM  up 252 days, 14:56, 1 users, load averages: 0.53, 0.55, 0.56
USER     TTY      FROM                              LOGIN@  IDLE WHAT
ninja   pts/0     somejump-host    11:47PM     - -cl            

Posted in Commands, Juniper | Comments Off on Session logout Juniper

Wireshark on a juniper interface

Posted on 3 February 2023 by Robert

Once in a while you are in need of analyzing traffic on a specific interface using Wireshark. Junos being a unix ( derived from Research Unix ) offers several ways to perform this task. I will focus now on the method you will use most frequent.

First of all identify the port you need to analyze. Second you need to indentify a free port to attach you laptop to. Lets use xe-0/0/0 as interface to analyze and use xe-0/0/47 as ‘output’-interface to attach your computer. Both must be switching capable;

set interfaces xe-0/0/0 unit 0 family ethernet-switching
set interfaces xe-0/0/47 unit 0 family ethernet-switching

Determine the which traffic flows you need to analyze; ingress, egress or both. Usually you want to ‘see’ both flows. Now configure the ‘source’ traffic flows.

set forwarding-options analyzer SPAN-port input ingress interface xe-0/0/0
set forwarding-options analyzer SPAN-port input egress interface xe-0/0/0

And the only thing that is left to do, is to direct source traffic to the monitor/destination interface.

set forwarding-options analyzer SPAN-port output interface xe-0/0/0

There are several ways to send mirrored packet towards a destination;

  • ip-address
  • vlan
  • routing-instance

But thats for you now to figure out 😉

Keep in mind that output interface carries both flows. When you monitor an interface, the destination interface must be capable to carry both traffic flows. Or you run into a congestion situation. So first determine the size of the traffic flows. Using “monitor interface xe-0/0/0” or “show interface xe-0/0/0 | match bps”

During the monitoring, your configuration visible for your colleagues. After monitoring traces of the config are left in the rollback buffers. So for lawfull intercept this might not be the best approach.

Posted in Juniper | Tagged , , | Comments Off on Wireshark on a juniper interface

TCL/Expect read from file (executing custom config in bulk)

Posted on 16 June 2022 by Robert

At this point in time I need a nifty little tool to configure some ports on network devices. But the challenge is that the ports differ from device to device.

In order to do this I have to create a script to harvest data out of the network. Output files will be parsed through combination of bash/grep/awk.

The main thing I could not get my head around was how to read a file and hand data over to a spawned ssh session.

As a proof of concept I created a file with commands to execute on another node. And also a tiny tcl script to open a ssh session, logon, read the commands file, close the ssh session.

Contents of my commands.txt file is below, nothing fancy just to get the proof of concept.

du -h
uname

Open a file to read , read into $file_data, close the file.

set fp [open "commands.txt" r]
set file_data [ read $fp ]
close $fp

Split the $file_data into usable chunks.

set dataln [ split $file_data "\n"]

Walkthrough the $dataln and give the data to the ssh session. 

# loop through $dataln and store data in $line
foreach line $dataln {
  # just an obvisous expectation.
  expect ">" {
   # send the $line to ssh  session..
   send "$line\r"
   }
}

Complete test.tcl (awesome name right 😉 )

#!/usr/bin/expect  

set nethost [lindex $argv 0]
set netuser [lindex $argv 1]
set netpass [lindex $argv 2]

# -- file open magic here    
set fp [open "commands.txt" r]
set file_data [ read $fp ]
close $fp

# -- file_data read here , split to dataln
set dataln [ split $file_data"\n"]

spawn ssh "$netuser@$nethost"

expect "assword"{
   send "$netpass\r"
}

# -- walk through $dataln
foreach line $dataln{
   expect ">"{
   send "$line\r"
   }
}

expect ">"{
   send "exit\r"
}

# in case exit fails...
interact

This is the final result; 

$ ./test.tcl  DS 1user SecRet
spawn ssh 1user@DS
1user@ds's password:  


BusyBox xxxxxxxxxxx
Enter 'help' for a list of built-in commands.

DiskStation> du -h
8.0K    ./.ssh
--//output omited for brevity//--
408.0K  ./script-test
496.0K  .
DiskStation> uname
Linux
DiskStation> exit
Connection to ds closed.

As you can imagine a little work still has to be done. Like creating a several files with configuration. While executing the bash/tcl wrapper handing over the config file as an argument. But that shouldn’t be to hard. Maybe something thing like this; (of course some sanity check have to be build in) 

ls *config.txt |
while read file 
do 
   echo "./wrapper.tcl ${file%_*} user pass $file"
done
Posted in CCNP | Tagged , | Comments Off on TCL/Expect read from file (executing custom config in bulk)

PDF tools on Ubuntu

Posted on 4 May 2022 by Robert

Ubuntu is my preferred operating system. I even use this OS on my work computer. This choice has some minor down sides. Most business software is developed for windows environments. But fortunately most commercial software on windows has an opensource alternative. This is also the case for tools for handling pdf files.

A little line up of tools that I frequently use;

Document Viewer – gui

This is the default pdf viewer on ubuntu 20.04lts. It does the job splendidly.

PDFArranger – gui

This is my go-to tool for merging pdf’s together. rotate or discarding pages.

PDFinfo – commandline

Also a ubuntu standard application. This shows the basic information of the pdf including page dimensions in points and standardized page formats ( A0, LEGAL etc.).

pdfposter – command line

This is a little harder to explain in one sentence. Lets say you want to print a A3. But all you have access to is an A4 printer. With pdfposter you can create a ‘poster’ pdf file according to your requested dimensions.

The command would look like ; 

pdfposter -mA4 -pA3 source.pdf destination.pdf

Be sure to set the -p (postersize) otherwise the pdf page dimension is used.

It would be nice if a tool exsisted that would combine PDFArranger, pdfposter and document viewer. Until than, I have to switch between those tools.

Posted in CCNP | Comments Off on PDF tools on Ubuntu