GNS3 Talks: Python for Network Engineers with GNS3 (Part 16) - Netmiko, SSH, Python Cisco switches

David Bombal

ccna ccna exam ccna python cisco python gns3 gns3 python network automation network programmability python python ccna python cisco python network automation python network engineer

description

Udemy: Get the course for $10 here: https://goo.gl/QYC988 GNS3 Academy: Get the course for $10 here: https://goo.gl/vnZJhg More free Python videos here: https://www.youtube.com/playlist?list=PLhfrWIlLOoKPn7T9FtvbOWX8GxgsFFNwn

Learn Python programming with GNS3. In this series of videos, I will show you how you can quickly and easily program Cisco networks using Python. Cisco Wired LAN Design Guide: https://goo.gl/k855Vj

Script on GitHub:

https://github.com/davidbombal/pythonvideos/commit/f154a11443ed1c67b94402e4925e53a173d6ff2a

Transcription:

This is one of the multiple videos showing you how to use Python to configure Cisco networks.

In this example, we're going to use Netmiko to configure a campus network running in GNS3 based on a validated Cisco technology design guide for campus wired local area networks. Cisco has for years provided solution reference network design guides and validated designs for different networks and implementations. This guide can help you implement best practices in Wired campus networks.

So as an example, at the access layer, you need to think about a security and implementing DHCP snooping, IP source guard, port security, and dynamic ARP inspection. Different access layer platforms are discussed and lots of examples and best practices and associated explanations are provided in this guide. There are examples of how to implement quality of service for IP phones.

So very good examples of quality of service are provided in this guide. There's also a procedure for LAN switch universal settings such as configuring the host name, such as configuring VTP transparent mode and the reasons for configuring VTP transparent mode. It's recommended that you run rapid PVST, you enable UDLD, you enable recovery mechanisms to allow ports disabled as a result of errors to automatically clear error disabled status and attempt a recovery.

So we have this option error disabled recovery cause all for EtherChannels you should be using load balancing using source and destination IP addresses. You should configure a DNS server. You should configure HTTPS and disable HTTP. You should be using SSH rather than telnet. You can enable SNMP and then lock it down SNMP using an access list as well as locking down access to the vty lines.

You can configure a local username and password or better use a TACACS server. You should also be using NTP and set your time stamps.

So there's a lot of good information in this guide. I won't bore you going through the entire guide. They talk about the VLAN configuration, setting a IP default gateway or IP route enabling DHCP snooping, enabling ARP inspection, configuring BPDU guard on port fast enabled interfaces, enabling IPv6 first top security policy for host ports, configuring voice VLANs and acce ... https://www.youtube.com/watch?v=S4NtYBHb3gs

created

2021-11-19

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

80091239 Bytes