After moving my blog to https://garywong.pro, this is my first technical article under the new branding. Instead of migrating the old post 1:1, I rebuilt the entire SR-MPLS lab from scratch — this time using Containerlab, version control, and documented architecture decisions. Why I rebuilt this lab I originally built this topology on EVE-NG back in 2023. It worked, but it also had typical issues: No version control Risk of silent config drift Hard to reproduce environments CLI screenshots instead of structured notes On Containerlab, things changed: Topology as YAML (Infrastructure as Code) All configs tracked in GitHub Topology image embedded in README Fast teardown / rebuild cycle This is closer to how real network testing should be done in 2026. ...
The Project That Triggered This Post Recently, I was assigned to a mid-scale network migration spanning three data centers. The architecture was straightforward but labor-intensive: dozens of VRFs, hundreds of point-to-point BGP sessions in a BGP fabric, and a VMware NSX overlay. Despite this modern setup, I was asked to manually write all of the configuration changes as CLI. After coding over 6,000 lines of CLI that night, I paused to reflect: ...
In a recent project, I had the opportunity to work with something “new” yet familiar. During a customer data center refresh project, one of the key tasks was upgrading their aging Nexus 5000 to the new Nexus 9000 series. The model in play? N93360YC-FX2, a powerhouse with enhanced capabilities — but with a few nuances. At first glance, porting over configurations from the N5K seemed straightforward. No FCoE, no zoning, no fancy storage integrations. ...
As networks scale and new software updates become available, keeping Cisco devices up to date is crucial for maintaining optimal performance, security, and functionality. However, manually upgrading multiple devices can be time-consuming and prone to errors. That’s where Ansible comes into play, allowing us to automate and streamline the entire upgrade process for Cisco IOS/IOS-XE devices. Over the past few weeks, I’ve been working on a series of Ansible playbooks to automate this task efficiently. ...
I have been working on a project recently to assist a customer in upgrading thousands of devices in their network. Managing such a large-scale upgrade requires automation to ensure consistency, efficiency, and reduced manual intervention. For this project, AWX was selected as the automation UI platform, providing a powerful interface for managing Ansible playbooks, job templates, inventories, and credentials. What is AWX? AWX is the upstream open-source project for Red Hat Ansible Tower. It provides an intuitive web UI for: ...
In previous posts, I discussed the construction of an EVPN-VXLAN fabric using Cisco NDFC. A critical aspect often overlooked — and the focus of this post — is the transition from a traditional 3-tier data centre architecture to an EVPN-VXLAN setup. One notable challenge in this transition is the configuration of the DHCP relay. Why DHCP Relay Behaves Differently in EVPN-VXLAN Traditionally, DHCP relays are configured to identify the default gateway using link-selection (DHCP Option 82 sub-option 5), ensuring IP addresses are allocated from the correct scope. ...
Welcome to my blog! I’m Gary Wong, and I’m thrilled to share with you my experiences and insights from a career that intertwines the rapidly evolving world of Information Technology with the timeless melodies of ancient Chinese music. A Glimpse into My Professional World As a Senior Network Architect, my journey through the realms of IT has been both challenging and rewarding. With over 23 years in the industry, I’ve witnessed firsthand the incredible evolution of technology. My expertise spans a diverse array of areas, including networking, cloud computing, data center management, and cybersecurity. These fields, though distinct, are interconnected in fascinating ways, and I’ve had the privilege of exploring these interconnections throughout my career. ...