Python Network Programming

4 (1 reviews total)
By Abhishek Ratan , Eric Chou , Pradeeban Kathiravelu and 1 more
    Advance your knowledge in tech with a Packt subscription

  • Instant online access to over 7,500+ books and videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Fundamental Concepts

About this book

This Learning Path highlights major aspects of Python network programming such as writing simple networking clients, creating and deploying SDN and NFV systems, and extending your network with Mininet. You’ll also learn how to automate legacy and the latest network devices. As you progress through the chapters, you’ll use Python for DevOps and open source tools to test, secure, and analyze your network. Toward the end, you'll develop client-side applications, such as web API clients, email clients, SSH, and FTP, using socket programming.

By the end of this Learning Path, you will have learned how to analyze a network's security vulnerabilities using advanced network packet capture and analysis techniques.

This Learning Path includes content from the following Packt products:

• Practical Network Automation by Abhishek Ratan

• Mastering Python Networking by Eric Chou

• Python Network Programming Cookbook, Second Edition by Pradeeban Kathiravelu, Dr. M. O. Faruque Sarker

Publication date:
January 2019


Chapter 1. Fundamental Concepts

This chapter introduces the concept of network automation and familiarizes you with the keywords that are part of the automation framework. Before we dive into the details of network automation, it is important to understand why we need network automation and what we can achieve if we embrace the automation concepts and framework. This chapter also provides an insight into the traditional model of engineer and support operations, and shows how network automation can help bridge that gap for better efficiency and reliability.

Some of the topics covered in this chapter are as follows:

  • What is network automation?
  • DevOps
  • Software-defined networking
  • Basics of OpenFlow
  • Basic programming concepts
  • Programming language choices for automation
  • Introduction to REST framework

Network automation

Automation, as the word suggests, is a framework of automating a particular task by understanding, interpreting, and creating logic. This includes enhancing the current capabilities of the tasks that are done manually and reducing the error rate of those tasks while focusing on scaling the task with reduced effort.

As an example, imagine we need to upgrade the IOS image of a Cisco router. This can involve multiple tasks, such as loading the image on the router, validating the checksum of the image, offloading traffic (if it's a production router), modifying the boot variable, and finally, reloading the router with the new image.



All of this is feasible if we have only one router to upgrade. Now take a similar scenario and try to implement it for around 1,000 routers.

Let's say we take 30 minutes getting each router to perform the aforementioned tasks. It's an easy calculation of 1000*30=30,000 minutes of manual effort.

Also, if we are performing tasks on each router manually, think of the errors that can creep in.

Network automation would be helpful in this scenario, as it can take care of all the preceding aspects and perform the tasks in parallel. Hence, if it takes 30 minutes of manual effort for one router, and in the worst case scenario the same 30 minutes for automation to perform the same task, then parallel execution would result in all 1,000 routers being upgraded within the same 30 minutes.

Hence, final amount of time will be only 30 minutes, irrespective of the number of routers you throw at the automation framework. This also drastically reduces the need for manual work, and an engineer can focus on any failures in the 1,000 network devices.

In the upcoming sections, I will introduce you to some of the concepts, tools, and examples that will get you started with building automation frameworks and effectively using them in network scenarios to perform network-related activities.

This also assumes that you have an idea of network concepts and common terminology used in networking.

Some of the examples that I will provide assume familiarity with syslog, TACACS, basic router configs such as hostnames, iOS image loading, basic routing and switching concepts, and Simple Network Management Protocol (SNMP).



Historically, there have been two specific teams in every networking department. One of the teams is the engineering team, which is responsible for conceiving new ideas to improve the network and designing, deploying, and optimizing the current infrastructure. This team is primarily responsible for performing tasks such as configuration and cabling from scratch.

The other team is the support team. This team, also known as the operations team, ensures the current deployed infrastructure is up and running and focuses on performing day-to-day activities such as upgrades, quick fixes, and support to any consumers of that network infrastructure. In a traditional model, there are hand-offs and knowledge transfers from the engineering team to the operations team for support of the current deployed infrastructure. Because of the segregation of the two teams, the engineer team members do not focus on writing clear documentation, or sometimes do not even provide adequate information to operations team members, causing delays in troubleshooting and fixing issues. This could even lead to a simple solution scaling to a bigger problem because of the different approach that a engineering team member would take compared to an operations team member.

Nowadays, to solve this problem, the DevOps model was conceived, which brings the best from both teams. Rather than being a fancy designation, a DevOps model is a culture that needs to be created among the current teams. In a DevOps model, an engineer from any team is responsible for the complete life cycle of a specific project. This includes creating part of the infrastructure and supporting it by themselves. A big benefit of this model is that because a person has created a part of the system and supports it, they know all the aspects of that part and can work on it again to make it better by understanding the challenges that arise from customer or user experiences. A DevOps engineer should understand the engineering and operations for the part of the infrastructure that they have created. By adding an automation skill set to the DevOps experience, an engineer can manage complex tasks with ease and focus on reliability and scalability in a better manner than engineers who are distributed in different domains in the traditional model.


Software-defined networking

As you may be aware, there have been multiple proprietary networking devices, such as firewalls, switches, and routers, that were made by different network vendors. However, owing to the proprietary information from each different vendor, multiple network devices might not exist in a single network infrastructure environment. Even if they exist together, network engineers have to focus their effort on ensuring that each vendor device can exist in a network path without any hiccups. There might be times when one routing protocol might not be compatible with all the network devices in a multi-vendor environment, and a lot of time is wasted ensuring either the removal of that protocol, or the removal of the vendor which that does not support that protocol. This can waste effort and time, which could be better spent improving the infrastructure.

To solve this type of issue, software-defined networking (SDN) has been introduced. In an SDN scenario, a packet flow is defined from a central controller that in turn interacts with multi-vendor equipment to create/define rules based upon the required packet flow. This shifts the focus of a network engineer entirely to how the traffic flows, which path the packet takes, to even responding to link down situations through automated routing of packets by configuring some rules or policies on the controllers. Another advantage of SDN is that the multi-vendor equipment is now not the center piece of infrastructure. The focus shifts to how optimally the routing and traffic shaping (the process to identify the optimal path of traffic flow) is occurring. As part of Software driven tasks, there are pieces of code that are specifically written to control a specific task or goal (similar to functions or methods in programming). This piece of code is triggered by controller decisions or rules, which in turn adds, modifies, or deletes configs on the multi-vendor device to ensure the rule set on the controller is adhered to. SDN even has the ability to completely isolate a failure domain, through the identification of a physical link down or even a total device failure without affecting the flow of traffic in real time. For example, a switch can issue a request to the controller if it gets a packet destined for a network that it does not know. This would be a packet drop or route not found in a traditional network model, but with SDN, it is the task of a controller to provide the destination or path information to the switches to correctly route the packet.

This ensures the troubleshooting becomes much easier, since a network engineer now has full control of each path/packet flow, irrespective of the vendor-specific protocol or technology support. Additionally, since now we are following a standard set of protocols, we can even lower our costs by removing more expensive proprietary network devices and replacing them with open standards network gear.



OpenFlow is a communication protocol that is used for communication between different vendor's equipment for the packet flow. This standard is maintained by a group called Open Network Foundation (ONF). OpenFlow, as the name suggests, is used to control the flow of packets in a network layer through a mix of Access Control Lists (ACLs) and routing protocols.

OpenFlow primarily has two components—controllers and switches. Controllers are used to take decisions in terms of creating a path for the packet to flow across the different connected devices, and switches (or network equipment) are dynamically configured from the controller based upon the path that a packet needs to take.

Going a little more in-depth, OpenFlow controllers control the routing of packets in OpenFlow switch forwarding tables through the modification, addition, or deletion of packet matching rules as decided by the controller.

As OpenFlow is another protocol, it runs over TCP and works on port 6653 on controllers. At the time of writing, OpenFlow standard 1.4 is currently active and being widely used in the SDN framework. OpenFlow is an additional service that proprietary network vendors run alongside their custom software. This, in general, ensures that the data forwarding or data packet handling is still part of proprietary switch, but the data flow or control plane tasks is now taken over by OpenFlow controllers. As part of SDN framework, if a participating switch receives a packet and does not know where to send it, it communicates with the OpenFlow controller for an answer. The controller, based upon its preconfigured logic, decides what action to take for that unknown packet and can get switches that it is controlling to create a separate or a specific path for that packet to flow across the network. Because of this behavior, this is the protocol that is currently being deployed across all deployments where SDN is being introduced.


Program concepts

Now, as we start working upon our practical approach to automation, we need to understand the basics of what a program is and how to write one.

Simply explained, a program is a set of instructions that is passed to the system to perform a specific task. This set of instructions is based upon real-life challenges and tasks that need to be accomplished in an automated method. Small sets of programs can be combined to create an application that can be installed, deployed, and configured for individual or organizational requirements. Some of the key concepts and programming techniques that we will discuss from this point onward will be PowerShell and Python. These are the two most popular scripting languages that are used to create quick, effective, and result-oriented automation.

These are some of the key concepts that I would like to introduce while creating a program:

  • Variables
  • Data types
  • Decision makers
  • Loops
  • Arrays
  • Functions
  • Best practices


These are predefined, human-readable, and understandable words or letters that are used to store some values. At the very basis of writing a program we need a variable in which we will store the data or information, and based upon the variables, we can further enhance the programming logic. As we can see in the first line, an important part of creating a variable is that it should be human-readable and understandable.

Let us take an example: Suppose I want to store a number 2 in a variable. We can choose any name for a variable and define it:

Option 1: x=2
Option 2: number=2

The correct answer will be Option 2, as we know by the variable name (number) that this variable contains a specific number. As we can see in the preceding example, if we keep on using random ways of defining variables as we would when creating a big program, the complexity would be increased substantially because of the unclear meanings of the variables.

Different programming languages have different ways to define a variable, but the underlying concept of ensuring a variable is human-readable should be the top-most priority of the programmer or program author.

Data types

As the name suggests, these are the classifications of the values that we pass on to the variable. A variable can be defined to store a specific type of value that can be declared based upon the data type.

There are multiple data types, but for our initial discussion there are primarily four data types that need to be understood:

  • String: This is a catch-all data type. Any value defined as a string is as simple as saying the value is plain English with characters, alphabets, special characters, and so on. I have referred to it as a catch-all data type because nearly all other data types can be converted to string format keeping the same values intact during conversion to string.

Consider the following example:


This defines that a variable named number has a value of 2. Similarly, if we declare:


This is same as saying that a value of 2 has been now defined as string and stored in a variable named string_value.

  • Integer: This specifies that any value that is a number needs to be defined with this data type. The key thing to note here is that an integer value will contain a whole number and not a decimal value:

Consider an example as follows:


This defines that a variable named as integernumber has a value of the number 2. An incorrect assignation here would be something like:


This would give an error in some programming languages as an integer needs to be interpreted as a whole number and not a decimal value.

  • Float: This data type removes the restriction that we saw earlier with integer. It simply means we can have a decimal number and can perform mathematical calculations and storage of decimal values in a float data type.
  • Datetime: This is an extended data type found in a lot of modern scripting languages. This data type ensures that the values that are being stored or retrieved are in date format. This is typically useful if we need to create a program that uses some time or date calculations. As an example, perhaps we need to find out how many syslogs were generated from a router in the last seven days. The last seven days will be stored by this data type.

Decision makers

These are one of the very critical components of a program and they can define the flow of the program. As the name suggests, a decision maker decides a certain action based upon a certain condition.

Simply put, if you wanted to buy an ice cream you would go to an ice-cream shop, but for a coffee you would go to a coffee shop. In this case, the condition was whether you wanted ice cream or coffee. The action was based upon the result of the condition: you went to that specific shop.

These decision makers, also called conditions, are defined in a different manner in different scripting languages, but the result of each of the conditions decides the future flow of the program.

Generally, in a condition, two or more values are compared and either a true or a false is returned. Depending on the value returned, a specific set of instructions are executed.

Consider the following example:

if (2 is greater than 3), then
Proceed to perform Option 1
Proceed to perform Option 2

As we see in the preceding example, a condition is evaluated and if 2 is greater than 3, then the flow of program will be performed based upon Option 1, and in case of a false (which means 2 is not greater than 3), Option 2 would be chosen.

If we want a bit more complexity, we can add multiple decision-making statements or conditions to granulize the flow of a program.

Let us take an example:

if (Car is of red color), then
  if (Car is Automatic), then
    if (Car is a sedan), then
      Option 1 (Purchase the car)
    else (Option 2, ask for a sedan car from dealer)
  else (Option 3, ask for an Automatic car from dealer)
else (Option 4, ask for a red car from dealer)

As we can see in this complex condition, we can easily decide the flow of a program based upon additional checks. In this case, I only want to buy a Car that is red, Automatic, and a sedan. If any of those conditions are not met, then I ask the dealer to meet that specific condition.

Another thing to notice in the preceding example is that the conditions are nested within each other, hence they are shown as nested with spaces deciding the sub-conditions from its parent condition. This is usually depicted within brackets or with simple indentation based upon the scripting language used.

Sometimes, it is necessary to evaluate a value against multiple conditions and perform an action if it matches any of the conditions. This is called a switch case in programming.

Consider an example as follows:

Carcolor="Red" (Here we define a variable if the value of string as Red)
switch (Carcolor)
Case (Red) (Perform Option 1)
Case (Blue) (Perform Option 2)
Case (Green) (Perform Option 3)

Here we see that depending upon the variable's value, a certain type of action can be performed. In this case, option 1 will be performed. If we change the value of the Carcolor variable to Blue, then option 2 will be performed.

An important component of conditions are the comparison operators that we use to compare two values for the result. Some example operators are equal to, greater than, less than, and not equal to. Depending on which comparison operator we use, the results can vary.

Let us take an example:


if (greaternumber 'greater than' lessernumber)
Perform Option 1
Perform Option 2

We declare two variables named greaternumber and lessernumber and compare them in a condition. The conditional operator we use is greater than, which would result in option 1 if the condition is true (greaternumber is greater than lessernumber), or would result in option 2 if the condition is false (greaternumber is not greater than lessernumber).

Additionally, we also have operators that are called logical operators, such as AND, OR, or NOT. We can combine more than one condition by using these logical operators. They have a similar meaning in English, which means that if, for example, we use the AND operator, we want condition 1 AND condition 2 both to be true before we perform an action.

Consider an example: I want to buy a car only when the car is redautomatic, and a sedan:

if (car is 'red') AND (car is 'automatic') AND (car is 'sedan')
Perform action 'buy car'
Perform action 'do not buy'

This simply means I would evaluate all the three conditions and only if all of them are true, then I would perform the action buy car. In this case, if any of the conditions do not meet the values, such as the car is blue, then the do not buy action will be performed.


A loop, as we know in common language, is circling the same path over and over again. In other words, if I am asked to fetch five ice creams from the ice cream store, and I can carry only one ice cream at a time, I will repeat the process of going to the ice cream shop to purchase ice cream five times. Correlating this with programming, if the same set of instructions need to be performed multiple times, then we put those instructions inside a loop.

A very basic loop is generally depicted as an iteration of a variable as many times as we want the instructions to be carried out.

Let's take an example:

Start the loop from one, until the loop has been repeated sixty times, adding a value of 1 to the loop:
Perform action

If you see the instructions being passed, there are three separate segments that are depicted in a loop:

  1. Start the loop from one: This means that the loop should start with a value of one.
  2. until the loop has been repeated sixty times: This means perform the same set of tasks until the loop has completed sixty turns of execution.
  3. adding a value of 1 to the loop: This means that we dictate that after completion of each round of loop, increment the loop count by 1.

The result will be the same action performed sixty times, until the loop count reaches sixty. Additionally, a loop can used to iterate through multiple values stored in a variable irrespective of whether it is an integer, string, or any other data type.


An array (or list in some scripting languages) is used to store a similar set of multiple values inside a single variable. This helps to ensure all data types with similar meanings are stored in a single variable, and also we can easily loop through these array objects to fetch the values stored in an array.

Consider the following example:

for specific country in countries 
 Perform action

As we can see in the variable declaration, now we are declaring a similar data type with a similar context or meaning by grouping them together and assigning them into a single variable. In our example, it's the country names all assigned to an array variable named countries. In the next line, we are now iterating using the loop method, and for every specific country in the list or array of countries, we will perform the action. In this case, the loop will be executed to perform the action for each country, from the country name India to the end of the country name UK.

Each value stored in an array is referred to as an element of the array. Additionally, an array can be easily sorted, which means irrespective of the order of the elements in the array, we can get a sorted list or array by calling some additional programming tasks.

Let's consider an example:

countries=["India", "China", "USA","UK"]
Sort (countries)

The result will be as follows:


The sort functionality ensured that all the elements inside the array are sorted alphabetically and stored in the sorted order.


Functions or methods are a pre-written small set of instructions that result in a specific task being performed when they are called. The functions can also be defined as a single name for a group of programming instructions written together to achieve a common task.

Taking an example, think of driving as a function. In driving, there are multiple things that need to be taken care of, such as understanding traffic signals, running a car, and driving the car in traffic and on the road.

All these tasks are grouped in a function named driving. Now, let's say we have two people, example 1 and example 2, who want to learn to drive. From a programming perspective, once we define a function, we need to call it whenever we want to perform the same set of tasks. Hence, we would call driving(example 1) and then driving (example 2), which would ensure that both people would become a driver after going through the set of instructions in the driving function.

Let us look at another example:


function hellocountry(countryname)
 Return "hello " countryname

for each country in countries:
     hellocountry(each country)

In the first line, we declare an array with country names as elements. Next, we define a function named hellocountry that accepts an input of countryname. In the function itself, we simply return the value of the countryname that was passed to the function as input, preceding by the work hello.

Now all that remains is to iterate through all the elements of countries and pass each countryname as input to the hellocountry function. As we can see, we called the same function for each element, and based upon the instructions declared inside the function, that specific task was now performed for each element in the array.

Best practices

As we have now looked at the basics of some of the key components of a program, there is another important aspect of how to write a good program that we will consider.

From a machine's perspective, there is no understanding of how a program is written, as long as the instructions given in the program are in the right format or syntax and the machine is able to interpret each of the instructions correctly. For an end user, again the way the program is written might not be important as long as the end user gets the desired result. The person concerned with how a program is written is a programmer who is writing their own program, or a programmer or developer who needs to interpret another programmer's program.

There may be multiple reasons why a programmer might need to interpret a program that's not been written by them. It may be to support the program while the programmer who wrote the program is not available, or to enhance the program by adding their own piece of code or programming instructions. Another reason for code readability is fixing bugs. Any program or set of instructions may malfunction due to incorrect input or incorrect logic, which can result in unexpected behavior or unexpected results. This is called a bug, and bugs need to be fixed to ensure the program does what it was written for originally.

Every programmer has their own set of best practices, but some of the key aspects of a program are readability, support information, and indentation.

Readability of a program

This is one of the most important aspects of writing a good program. A program needs to be written in such a way that even a layman or a first-time reader of the program should be able to interpret the basics of what is happening.

Variables need to be declared properly so that each variable makes it clear what it stores:


could have been written better like this:


Here's another example:


It could be written like this:


As we can see in the preceding example, if we write a two- or three-line program, we can easily declare the variables in a random way, but things become much more complex, even for a programmer writing their own program, when these random variables are used in a longer program. Just imagine if you have declared the variables as a, b, c, and so on, and later, after using even 10 or 15 more variables, you need to go back to each line of the program to understand what value was declared in a, b, or c.

Another aspect of writing a good program is commenting. Different scripting languages provide different ways of commenting a program. Comments are necessary to ensure we break the flow of each program into sections, with each section having a comment explaining the use of that section. A very good example is if you declare a function. A function named Cooking, for example, and another function named CookingPractice might sound confusing because of their names. Now, if we add a comment to the Cooking method saying this function is to master the art of cooking when you have learned how to cook, and add a comment to CookingPractice saying this method is to learn cooking, this can make things very easy for someone reading through the program.

A programmer now can easily interpret that whenever he wants to learn to cook, he has to call CookingPractice and not the Cooking method. Comments don't have any special meaning in any programming language, and they are ignored when the machine is trying to convert the programming language to machine instructions. Hence, comments are only for programmers and to make readers aware of what is happening in a program. A comment should also be placed with every complex condition, loop, and so on, to clarify the usage of that specific condition or loop.

Support information

This, as the name suggests, is additional information, preferably added as comments, containing details about the program and author. As a suggestion, at the minimum a program should have the author info (that is, the person who created the program), contact details such as phone number and email address, basic usage of the program or the purpose of the program, and the version of the program.

The version is specific such as starting from 1.0 and as and when we enhance the program or add new features, we can change it to version 1.1 (for minor changes) or a newer version such as version 2.0 (for major changes).

Consider an example:

Program start
Comment: Author: Myself
Comment: Contact: [email protected]
Comment: Phone: 12345
Comment: Version: 1.0
Comment: Purpose: This program is to demo the comments for support info
Comment: Execution method: Open the Command Prompt and run this program by calling this program.
Comment: Any extra additional info (if needed)

Program end

This approach ensures that everyone knows which is the latest version of the script and how to execute the program or script. Also, this has info about the contact details of the author, so if anything breaks in production, the author can be easily reached to rectify or fix the scripts in production.


This is similar to what we do when we write in plain English. Indenting a program is mandatory in some scripting languages, but as a best practice it should be followed for any program that we write in any programming language. Indentation improves the readability of a program because it helps the programmer or someone else reading the program to quickly understand the flow of the program.

Let's see an example where we have a nested condition in which we check if a Car is Red and if it is a Sedan and if it is Automatic. A bad way of writing this would be as follows:

if (Car is 'Red')
if (Car is 'Sedan')
if (Car is 'Automatic')
do something

Now, think of adding multiple lines like this to a long program, and you will get easily confused by the flow of program as you read through it. A better and recommended way to write this is as follows:

if (Car is 'Red')
    if (Car is 'Sedan')
        if (Car is 'Automatic')
           do something

This provides a clear flow of the program. Only check the other conditions if the Car is Red; otherwise, don't check for the other conditions. This is where we say we are nesting the conditions inside each other, which is also called nested conditions.

This also clears a lot of confusion while troubleshooting a complex program. We can easily identify the problematic code or instructions by quickly parsing through the program and understanding the flow for each segment of the program.

Sample best practice example

This example summarizes the best practices using all the elements that we have learned so far, by creating a basic program.


Problem statement: Parse all the countries declared in an array and only print the names of those countries that contain the letter I or letter U in their names:

Program begin:

Comment: This is a sample program to explain best practice
Comment: Author name: Programmer
Comment: Email: [email protected]
Version: 1.0

Comment: The following section declares the list of countries in array countrylist

function validatecountryname(countryname)
   Comment: This function takes the input of countryname, checks if it contains I or U and returns value based upon the result.
   if ((countryname contains 'I') OR (countryname contains 'U')
         return "Countryname contains I or U"
       return "Countryname does not contain I our U"

Comment: This is a loop that parses each countryname from the countrylist one by one and sends the variable 'countryname' as input to function validatecoutryname

foreach countryname in countrylist
     validatecountryname (countryname)

Comment: Program ends here

The program is self-explanatory, but it is worth noting the support comments such as author, email, and so on. The indentation ensures that any reader has a clear idea of the flow of program.

Additionally, another thing to observe is the use of names that clearly depict the usage of the variable or name. Each variable and function name clearly specifies what it is being used for. The additional comment lines in between add clarity on what each segment is doing and the purpose of the statement or function.


Language choices (Python/PowerShell)

Moving ahead, armed with the knowledge of how to write a program and an understanding best practices, we will now look at some scripting languages that suffice for our automation scripts. A basic difference between a scripting language and a programming language (such as C and C++) is that a scripting language is not compiled but interpreted through the underlying environment in which it is executed (in other words, a converter is required to convert the commands written in human-readable format to machine format by parsing one line at a time), whereas the programming language is primarily compiled and hence can be executed in multiple environments without the use of any specific underlying environment or requirements.

What this means is if I write a script in Python, PowerShell, or even Perl, I need to install that specific language in order to run the program or script that I have written. C or C++ code can be compiled to make an executable file (.exe) , and can run independently without the installation of any language. Additionally, a scripting language is less code-intensive, which means that it can automatically interpret some of the code written in a program depending on how it is called.

Let's consider an example. Here's how we declare a variable in scripting language:






Whereas in a programming language, the same type of declaration would be made like this:

integer x=5
String x="author"
Float x=3.5

This states that depending on the value we assign to the variable, the variable type is automatically identified in an scripting language, whereas in a programming language the declarations are tightly controlled. In this case, if we declare a variable as a String, this clearly means that we cannot declare any other type of value in that variable unless we explicitly change the data type of that variable.

We have primarily three types of scripting language that are popular for creating programs and are mainly used for automation scripting or programming. These are Perl, Python, and PowerShell.

With support for the oldest language, Perl, diminishing, the focus is now on Python because of its open source support and on PowerShell because of its Microsoft, or .NET environment. Comparing both languages is not ideal because it's up to the reader which programming language they use to write their programs. As we have more than 70% of computers running Windows, and with a growing market of Microsoft Azure as a cloud operating system from Microsoft, PowerShell is the preferred language owing to the underlying .NET environment. As we create a program in PowerShell, it is easy to port that program and execute it on another machine running Windows without any special settings.

Python, on the other hand, is growing in popularity because of its open source approach. There are thousands of developers who contribute to enhancing Python by adding special functions for specific tasks. For example, there is a function or sub-program, called Paramiko, that is used to log into network routers. Another one is Netmiko, which is an enhanced version of Paramiko that is used to log into network devices based upon network hardware vendor and operating systems (such as Cisco iOS or Cisco NXOS). Python needs to be installed before writing a Python program and successfully executing it.

Going forward, our focus will be on Python, with additional tips and tricks on how to perform the same tasks using PowerShell instead of Python.

Writing your first program

Now, because we are starting from fresh, we need to understand how to write our first program and execute it. PowerShell comes pre-installed on a Windows machine. But we need to install Python by downloading it from the web ( and choosing the right version for your operating system. Once downloaded, it can installed just like any other application that is installed on a Windows machine.

On a Linux machine, the same holds true, but because of the .NET requirement, PowerShell will not be supported on Linux or Unix environments. Hence, if we are using a Unix or Linux environment, Python or Perl remain our preferences for scripting.

There are multiple Integrated Development Environments (IDEs) for both Python and PowerShell, but the default ones that come with these languages are also pretty helpful.


There are multiple versions of PowerShell and Python being used. When writing programs in higher versions, generally the backwards support is not very good, so make sure you note the users and environment before choosing a version. In our case, we will be using PowerShell 4 and Python 3 onwards for writing programs. Some commands might not run in older versions of PowerShell and Python, and some syntax or commands are different in older versions.

PowerShell IDE

This can be invoked by clicking on the Startbutton and searching for Windows PowerShell ISE. Once invoked, the initial screen will look like this:

As we can see in the preceding screenshot, a PowerShell script is saved with a .ps1 extension. Once we write something in the IDE (or ISE, as it is called with PowerShell), it needs to be saved as somefilename.ps1 and then executed to see the result.

Let's take write a program called Hello World:

  • As we can see in our first program, we write two lines to print Hello World. In the ISE, we pass the commands to declare a variable (a variable is denoted by a dollar sign, $, in front of the variable in PowerShell), assigning the value Hello World to it. The next line is simply printing that variable by calling a method or function called Write-host, which is used to print values onscreen in PowerShell.
  • Once we write the program and save it, the next step is execution to see our result.
  • The green button at the top of the ISE is used to execute the script, and the result of the script is shown at the bottom of the screen. In this case, it was a simple Hello World output.

PowerShell scripts can also be invoked directly by the command line. As PowerShell is a scripting language and needs to be installed on a machine, we can directly call PowerShell from the Windows Command Prompt and execute the scripts and individual scripting commands from the PowerShell console itself.




This is how we can find out the version of PowerShell:

As we can see in the preceding screenshot, PowerShell is invoked by calling powershell directly from the Command Prompt in Windows. When PowerShell is invoked, we see PS before the command line, which confirms that we are now inside the PowerShell console. To see the version, we call a system variable, $psversiontable, which shows the version of PowerShell.

We can see that this is version 2.x (as shown in CLRVersion). System variables are special variables that have predefined values based upon the installation types. These special variables can be called at any time in our script to fetch their values and perform actions based upon the returned values.

The following example shows that we are using a higher version of PowerShell:

As we can see, the same variable now returns a value of 4.0 for PSVersion, which confirms that this is version 4 of PowerShell.


PowerShell 4.0 is the default installation from Windows 8.1 onwards on client operating system, and Windows Server 2012 R2 in a Server environment.

Python IDE

Similar to PowerShell, once Python is installed, it has its own IDE. It can be invoked by typing or calling IDLE (Python) from the Start menu:

The Python IDE, called IDLE, looks similar to the preceding screenshot when it is opened. The heading bar depicts the version of Python (which is 3.6.1 in this case) and the three greater than signs (>>>) show the command line, which is ready to accept Python commands and execute them. To write a program, we click on File | New File, which opens up a notepad in which we can write the program.

Lets see a similar hello world program in Python:

As we write a new program, the variable used is newvalue, and the value assigned to it is hello world. The next line is simply calling Python's print function to print the value inside the variable during the execution of the script.

Once we have written the program, we click on File | Save As in the window where we wrote the program, and save the script. The script is saved as, with the .py extension denoting a Python script. Once it is saved, we can press the F5 button on the keyboard or select Run | Run Module in the script window to run that specific script. The following window is the same window that was invoked when we first called the IDLE application from the Start menu, but now it has the output of that script that we wrote.

The output of hello world is now seen in the IDLE window. Once we are done with writing the script or Python commands, we can simply close the open command windows to close the application or Python interpreter.

Similar to PowerShell, we can also call python from the command line, as follows:

One additional thing to notice here is that to exit the Python interpreter, we call the exit() function. This tells Python to stop the execution and exit to the Command Prompt in Windows.


Representational State Transfer (REST) framework

One of the most important aspects of network automation is to understand and leverage tools that are currently available for specific tasks. For example, this could be Splunk for data mining, SolarWinds for network monitoring, syslog servers, or even any custom applications to perform various tasks.

Another important aspect of writing an application is how we can utilize the same application for additional tasks without altering the application itself. In other words, let's say we buy a car for our personal use, but an enhancement of this would be using the same car as a taxi or in some other role.

This is we introduce the Application Program Interface(API). APIs are used to expose some aspect of an already written application to merge with the programs that we are writing so that we can easily call that specific task using a specific API. For example, as SolarWinds is a specialized application that is used for network monitoring and other purposes, we can call the API of SolarWinds to get the network device list in our script. Hence, we leave the specialized task of discovering the network devices on the network to SolarWinds, but we utilize its expertise in our script through the API of that application.

Getting a bit deeper, the API is nothing more than a function (similar to the functions that we write in our scripts); the only difference is what values those functions return. An API function generally returns the values in Extended Markup Language (XML) or JavaScript Object Notation (JSON) format, which are industry standards of cross-environment and cross-machine information exchange. Think of this as similar to how we communicate with each other using English as a common language. Although we may have been born in different cultures, in different countries, we can use English to communicate with each other effectively, since English is the industry standard of human interaction. Similarly, irrespective of how a program is written, in whatever language (such as C, C++, Java, VB, C#, and so on), each program can talk to another program by calling its APIs and the results come in either XML or JSON.

XML is a standard way of encoding results and sending them across to the requestor and, using the same standard, the requestor can decode the results. JSON is another way in which data interactions can happen across applications.

Here is sample XML:

<?xml version="1.0" encoding="UTF-8"?>
  <body>Read this for more knowledge</body>

The first line in the preceding content depicts that whatever follows after that line is in XML format. The XML files are saved with extension of .xml.

Now as we can see, if we count the number of characters returned from an XML result, if we add the characters, such as <heading>Reminder</heading>, it returns results within the starting tag and ending tag of <heading>. This means that the size of an XML file is greatly increased owing to the overhead character counts of additional closing tags.

Here's the same example in JSON:

 "note": {
 "to": "Tove",
 "from": "Jani",
 "heading": "Reminder",
 "body": "Don't forget me this weekend!"

As we can see, we have got rid of those extra bulky opening and closing tags that we saw earlier in XML. What this means is if we are calling an API to return a huge amount of data in XML format, it would certainly take a longer time to fetch that data from the application and more consumption of resources such as memory and storage to temporarily or permanently store that data. To overcome this situation, the JSON format is now preferred to XML to exchange data through APIs. JSON is lightweight and less resource-intensive than XML because of differences in the way the data is returned. JSON files are saved with the extension.json.

This functionality of working with APIs, back end methods, and functions written in a particular programming language to be called APIs, and functions returning values in XML or JSON format, all of which is running over web protocols such as HTTP or HTTPS, is cumulatively called the REST framework. The REST framework is the same industry standard of interacting using XML or JSON that were referenced earlier, with the addition of GET, POST, and other interactions happening over the web protocols. The HTTP requests to APIs can be GET or POST requests that the REST framework recognizes and, similar to HTTP GET and POST requests, interacts with underlying applications to perform the requested actions.

Scripting languages rely heavily on API calls, and applications that need to provide the API's functionality adhere to REST framework requirements to ensure they extend their capabilities to the scripts that are called to fetch or save data in their choice of scripting language. A big benefit of this is that cross-platform communication is now happening with neither party (the caller of API or the application providing the API's functionality) knowing which language or environment the other are running. Hence, a Windows application can easily work with a Unix environment and vice versa using this approach, with HTTP being the standard communication language for calling APIs, and parsing the results with industry standard XML or JSON formats.

The sample API REST call in PowerShell is as follows:

As we can see in the preceding screenshot, we call the Invoke-RestMethod function in PowerShell, which is used to call the API method of the application with the default communication and interactions using JSON.

The application called is in a REST framework, with access to the API with the URL This uses the HTTPS protocol to communicate with the application.

format-table is a function of PowerShell that specifies that however the result comes, display the title property of each record/result returned from the API call. If we had not used that command, the display would have shown all the properties returned for each record.

Here's an example REST call in Python:

In this example, we call a standard function called requests. The first line, import requests, means that we are referencing the requests function or library to call in our Python script. On the next line, we are calling the Google Map API with JSON using a requests.get method. In other words, we are ensuring a HTTP GET call to the Google API URL. Once we get the result, we call the json() method to store the value in the variable r.


Sometimes, when we call a custom function or library of Python using import, it may give an error stating that the module has not been found. This means that it does not come with the standard Python installation and needs to be installed separately. To fix this, we can install the module manually using the pip or easy_install commands, which we will see in detail in upcoming chapters.





In this chapter, we covered the basics of various terminology that we will use while performing network automation. This chapter also introduced the readers to some basic aspects of programming to help build the logic of a program.

This chapter also explained why to write a good program and how to write one, along with some reference points for scripting languages. There was also a brief discussion about the current scripting languages, their basic usage, and writing a very basic program in two of the most popular scripting languages (Python and PowerShell).

Finally, we summed it all up by introducing the REST framework, which included a discussion about APIs, how to call them, and an explanation of XML and JSON as inter-platform data exchange languages.

The next chapter will go deeper into how to write scripts using Python, with relevant examples in PowerShell to ensure the reader becomes familiar with both Python and PowerShell. There will be tips and best practices as well.

About the Authors

  • Abhishek Ratan

    Abhishek Ratan has around 15 years of technical experience in networking, automation, and various ITIL processes, and has worked in various roles in different organizations. As a network engineer, security engineer, automation engineer, TAC engineer, tech lead, and content writer, he has gained a wealth of experience during the 15 years of his career. Abhishek also has a deep interest in strategy game playing, and if he is not working on technical stuff, he is busy spending time on his strategy games. He is currently working as a Sr. Automation Engineer at ServiceNow, learning, and expanding his automation skills in the ServiceNow platform. His earlier experience includes working for companies such as Microsoft, Symantec, and Navisite,which has given him exposure to various environments.

    Browse publications by this author
  • Eric Chou

    Eric Chou is a seasoned technologist with over 20 years of experience. He has worked on some of the largest networks in the industry while working at Amazon, Azure, and other Fortune 500 companies. Eric is passionate about network automation, Python, and helping companies build better security postures.

    In addition to being the author of Mastering Python Networking (Packt), he is also the co-author of Distributed Denial of Service (DDoS): Practical Detection and Defense, (O'Reilly Media).

    Eric is also the primary inventor for two U.S. patents in IP telephony. He shares his deep interest in technology through his books, classes, and blog, and contributes to some of the popular Python open source projects.

    Browse publications by this author
  • Pradeeban Kathiravelu

    Pradeeban Kathiravelu is an open source evangelist. He is a Ph.D. researcher at INESC-ID Lisboa/Instituto Superior Tecnico, Universidade de Lisboa, Portugal, and Universite Catholique de Louvain, Belgium. He is a Fellow of Erasmus Mundus Joint Degree in Distributed Computing (EMJD-DC), researching a software-defined approach to quality of service and data quality in multi-tenant clouds. Pradeeban holds a master of science degree, Erasmus Mundus European Master in Distributed Computing (EMDC), from Instituto Superior Tecnico, Portugal and KTH Royal Institute of Technology, Sweden. He also holds a first class bachelor of science in engineering (Hons) degree, majoring in computer science and engineering, from the University of Moratuwa, Sri Lanka. His research interests include Software-Defined Networking (SDN), distributed systems, cloud computing, web services, big data in biomedical informatics, Network Functions Virtualizations (NFV), and data mining. He is very interested in free and open source software development and has been an active participant in the Google Summer of Code (GSoC) program since 2009, as a student and as a mentor. Pradeeban has published several conference papers and co-authored a few book chapters. He has also worked on OpenDaylight Cookbook and Learning OpenDaylight as a technical reviewer. Python Network Programming Cookbook, Second Edition (2017) is his first book as an author, and he is quite excited about it.

    Browse publications by this author
  • Dr. M. O. Faruque Sarker

    Dr. M. O. Faruque Sarker is a software architect based in London; he has shaped various Linux and open source software solutions mainly on cloud computing platforms for various institutions. Over the past 10 years, he has led numerous Python software development and cloud infrastructure automation projects. In 2009, he started using Python and shepherded a fleet of miniature E-puck robots at the University of South Wales, Newport, UK. Later, he was invited to work on the Google Summer of Code (2009/2010) programs to contribute to the BlueZ and Tahoe-LAFS open source projects. He is the author of Python Network Programming Cookbook, Packt Publishing and received his PhD in multirobot systems at the University of South Wales.

    Browse publications by this author

Latest Reviews

(1 reviews total)
Very Informative

Recommended For You

Python Network Programming
Unlock this book and the full library for $5 a month*
Start now