• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Standard Disclaimers
  • Resume/Curriculum Vitae
  • Why Blog?
  • About
  • (Somewhat Recent) Publication List

packetqueue.net

Musings on computer stuff, and things... and other stuff.

Cisco

July 31, 2011 Cisco

Cisco Live Sunday Labtorial

Read­ing Time: 4 min­utes

This post is late in com­ing, con­sid­er­ing that I’ve been back from Cis­co Live for a good cou­ple of weeks now. Nev­er­the­less I’m post­ing it now, so hope­ful­ly some­one finds the infor­ma­tion use­ful.

With­out going into the details of the entire Cis­co Live expe­ri­ence, I’d just like to talk about the class I took on the first Sun­day of the show–or the day before the show offi­cial­ly starts, depend­ing on who you talk to.

On Sun­day I attend­ed a full-day mock CCIE R&S lab (Ses­sion LTRCCIE-3001). This was an instruc­tor-led affair, with Bruce Pin­sky (Dis­tin­guished Engi­neer) and Bruno van de Werve (Prod­uct Man­ag­er) act­ing as facil­i­ta­tors and proc­tors. Con­sid­er­ing Bruno’s expe­ri­ence as both a proc­tor for the actu­al R&S lab, and now the head of the R&S pro­gram, this was an expe­ri­ence well-worth hav­ing if only for the abil­i­ty to ask ques­tions.

Unfor­tu­nate­ly for all of us, and through no fault of either Bruce or Bruno, the in-class net­work was crashed from the moment we all got there. There were a num­ber of fail­ures, includ­ing some bad cables (how do you miss that in test­ing) which result­ed in all of us essen­tial­ly sit­ting around for over an hour.

To make up for the delay in get­ting start­ed, some­one from Cis­co came in and apol­o­gized and hand­ed out gift cards to Man­dalay Bay. It was a nice ges­ture, but con­sid­er­ing the gift cards had a face val­ue of five dol­lars, it might have been bet­ter to not hand out any­thing. It had the affect of actu­al­ly irri­tat­ing sev­er­al stu­dents, and giv­ing the rest of us some­thing to joke about for a while. The class cost $1000 (or 10 Cis­co Learn­ing Cred­its) so the val­ue of even an hour should have been clos­er to $125 or so.

After that sna­fu, and a brief pre­sen­ta­tion by Bruno and Bruce on num­bers of CCIE in the world, with break­downs by region, we got start­ed with the meat of the class: the labs them­selves. We were all look­ing for­ward to this, since it was being run by Cis­co and had the smell of real-world vs. some of the third-par­ty labs (note that I use third par­ty labs for train­ing, and have no prob­lems with them, but this was offi­cial­ly sanc­tioned and so had a lit­tle some­thing extra, at least in “feel.”)

The trou­bleshoot­ing sec­tion came first, and used the same sys­tem as the real lab so that was a nice touch. In our case we had only five trou­ble tick­ets to com­plete in one hour vs. the real lab which has ten in two hours. I believe this was done to facil­i­tate the “instruc­tor led” nature of the class, and allow us to ask plen­ty of ques­tions. Bruce and Bruno were stel­lar in this regard, com­ing around to any stu­dent with a ques­tion and help­ing them to under­stand the prob­lem or just pass­ing out hints to those who still want­ed to fig­ure it out on their own.

I learned a lot about myself and my trou­bleshoot­ing tech­niques dur­ing this por­tion of the day, as I got bogged down on the first tick­et and blew the rest of my time. It was a rel­a­tive­ly straight­for­ward tick­et where a par­tic­u­lar address was­n’t answer­ing an ICMP Echo to anoth­er device. It was a few routers togeth­er, with BGP. I spent the entire hour re-archi­tect­ing the BGP–down to bare met­al and rebuild­ing the con­fig from scratch–and almost was done when time expired. As it turned out, it was a sim­ple address state­ment that was miss­ing.

Bruno got a chuck­le out of this and point­ed out that the lab is not intend­ed as a “best prac­tices” lab. He said that in most cas­es you won’t be remov­ing con­fig­u­ra­tion at all dur­ing the TS sec­tion; you’ll sim­ply be adding some­thing miss­ing or cor­rect­ing route state­ments, etc. It was help­ful for me to hear this and to go through the expe­ri­ence, because it taught me that I real­ly need to focus on find­ing the sim­ple prob­lem quick­ly and not rebuild­ing things the way I think they ought to be built. After 17 years in the indus­try, that’s a dif­fi­cult habit to change, but one I’ll have to in order to be suc­cess­ful on the real lab.

After a brief recap and break, we moved on to the con­fig­u­ra­tion sec­tion. For the most part there were no sur­pris­es here, and I had my Layer‑2 (Frame, Span­ning-tree, VTP, etc.) and IGP (RIP, OSPF, and EIGRP here) set up quick­ly enough. Redis­tri­b­u­tion was what you’d expect, with a lot of every­thing going every which way. Again, no one in their right mind would ever design that net­work, but it’s what you can expect to see in the lab.

The one thing I did miss and had to have Bruno point out to me, is in a redis­tri­b­u­tion task regard­ing OSPF. The task want­ed a route from one area to show up in area 0. I got the route there, but Bruno said that I had it wrong. Rea­son? The area where the route orig­i­nat­ed was dis­con­tigu­ous, or detached from area 0. We all know that typ­i­cal­ly means you want a vir­tu­al link, but since the task did­n’t spec­i­fy this I sim­ply brought the route into area 0 as an exter­nal. Bruno said that the task “implied” a vir­tu­al link, and while I dis­agree with the word­ing of the task and the nature of implied con­fig­u­ra­tions, it was help­ful to hear since this is like­ly the same kind of thing I’ll see in the real lab.

Where I slowed down–and I knew I would–is on the MPLS and BGP con­fig­u­ra­tion sec­tions. As a long-time enter­prise engi­neer, I sim­ply don’t touch either of these tech­nolo­gies in the real-world, and I haven’t spent enough time with them in the lab to feel com­fort­able. I still mud­dled my way through some of it, but with the amount of time it took I’d nev­er make it through the real lab. The mes­sage for me here is that I real­ly need to take some time with these tech­nolo­gies until I not only under­stand them well, but can con­fig­ure them quick­ly.

Over­all, this was a very valu­able expe­ri­ence and one I would hearti­ly rec­om­mend to any­one look­ing to take the R&S lab. It gave valu­able insight into the time pres­sures you’ll face, as well as the num­ber of tasks, the word­ing, and the lev­el of dif­fi­cul­ty you can expect to see. This is just one more rea­son that Cis­co Live is where you want to be every year if you’re at all seri­ous about your net­work­ing career.

Share

July 8, 2011 Cisco

Cisco Live 2010 Photos

Read­ing Time: 1 minute

Just a brief recap of Cis­co Live 2010 in pho­tos:

Cis­co Live 2010
Share

July 8, 2011 Cisco

Cisco Live!

Read­ing Time: 1 minute

I just want­ed to drop a quick note here to let every­one know that I plan on blog­ging a lit­tle more fre­quent­ly this week, as I’ll be in Las Vegas for the annu­al North Amer­i­can Cis­co con­fer­ence: Cis­co Networkers/Live. I can’t promise I’ll be in my room slav­ing over long, elab­o­rate break­downs of technology–maybe an in depth review of whiskey selec­tions by bar–but I will try to post some pic­tures and infor­ma­tion about what I’m see­ing and hear­ing dur­ing the show. In years where I haven’t been able to attend the show, I always liked see­ing and hear­ing from folks who did. Now it’s my turn to give back some­thing, so watch this space…

Oh, and keep up with real-time infor­ma­tion on twit­ter where I hide behind the han­dle @someclown, or G+ where I can be found at: http://gplus.to/someclown.

Share

June 11, 2011 Cisco

IPv6 Half-truths

Read­ing Time: 2 min­utes

This post will be a short one, and most­ly just comes from a dis­cus­sion I had the oth­er day with anoth­er engi­neer.  It turns out that even among peo­ple who are com­fort­able with IPv6, and maybe even have expe­ri­ence deploy­ing it, a lot of mis­in­for­ma­tion still per­sists.  Hope­ful­ly I can cor­rect a cou­ple of those today.  I also tossed in a hot-pota­to at the end just to see how many folks get hopped up.  Dis­cus­sion is wel­come, and in addi­tion to com­ments here I can be found on twit­ter hid­ing behind the han­dle: @someclown.

You must turn on IPv6 by using the IPv6 uni­cast-rout­ing com­mand.

Not true.  This is one of the more per­sis­tent, yet wild­ly incor­rect, pieces of infor­ma­tion regard­ing IPv6.  I have even seen many train­ing cen­ters and instruc­tors at the CCIE lev­el get this one wrong and it falls into the cat­e­go­ry of atten­tion to detail.  What this com­mand actu­al­ly does is enable uni­cast rout­ing for IPv6, just as it says.  To actu­al­ly enable IPv6 you sim­ply need to go to any inter­face and use the ipv6 enable com­mand.  And yes, you can enable IPv6 on the inter­face with­out enabling uni­cast rout­ing.  Of course, it would be help­ful to have an address on the inter­face as well.

Yes, but if you don’t turn on uni­cast rout­ing you can’t route IPv6 traf­fic.

Not strict­ly speak­ing true.  You can still set up a default route for IPv6 traf­fic and get it off of your sys­tem.  To the extent that you want to argue whether or not this is actu­al­ly rout­ing is fine, but you can move IPv6 traf­fic off of your local device using a default route, and nev­er have enabled rout­ing for IPv6.

Using a /127 address on point-to-point links is wrong, wrong, wrong.

This is an inter­est­ing one, and usu­al­ly sparks a fair amount of debate.  Up until very recent­ly, the rec­om­men­da­tion across the board (RFC 4291) was to use /64 address­es even on point-to-point links, osten­si­bly because the IPv6 space is so big any­how, and because sev­er­al pro­to­cols will break (notably sub­net-router any­cast, spec­i­fied in RFC 3627).  While I’m not dis­put­ing that this is what the cur­rent best-prac­tices reflect, I will say that RFC 6164 which has a sta­tus of Pro­posed Stan­dard makes a fair­ly com­pelling case for using /127 on point-to-point links.  I’m sure this won’t be resolved any­time soon, stan­dards or no, but I would say that if you have a com­pelling rea­son for using /127 and know what you’re doing it for, go for it.  Just be aware that stan­dards can change, and you don’t want to leave a steam­ing pile for the poor per­son who has to fol­low you.

Share

June 4, 2011 Cisco

Home CCIE Study Lab

Read­ing Time: 2 min­utes
So, a lot of peo­ple who are work­ing towards their CCIE cer­ti­fi­ca­tions end up build­ing home labs for study­ing.  The rea­sons are many and var­ied, but mine boiled down to two pri­ma­ry ones:

 

(1) My study hours don’t always match well with what slots the online rack ven­dors have avail­able.

(2) I just like phys­i­cal equip­ment and the flex­i­bil­i­ty it pro­vides in both study­ing and in research.

Also, I just wan­na.

With that said, one of the next things peo­ple want to know is what gear it is that I have, and how do I have it con­fig­ured.  There­fore, with the recent post­ing fre­quen­cy here severe­ly lack­ing, writ­ing about my lab is a nice way to get some­thing fresh on the blog and hope­ful­ly it pro­vides some­thing use­ful to some­one out there.  I’m going to break this down into two gen­er­al cat­e­gories: equip­ment that I have pure­ly for my Cis­co CCIE lab, and oth­er equip­ment that I have either for my home net­work or for ran­dom rea­sons.

Ran­dom Non-Lab Spe­cif­ic Equip­ment List:

  1. WS-2950T-24 switch
  2. Two 1142N access points
  3. Wire­less Con­troller Mod­ule (NME-AIR-WLC6-K9) which is pret­ty fun, but breaks bon­jour and so is the bane of my exis­tence (see pre­vi­ous post here.)
  4. ASA 5505 with IPS mod­ule, run­ning bot-net fil­ter and some oth­er things.  This is also the main gate­way for the home net­work, con­nect­ing up to the cable modem.  It’s also the IPsec end­point for my always-on con­nec­tion to the office and seg­ments my home net­work, lab net­work, work net­work, etc.
  5. Com­cast Cable Modem, made by Motorol­la
  6. Ran­dom doohick­ey for my “Whole-Home DVR” with DirecTV
  7. Sun Sun­Fire v240 Serv­er with StorEdge 3300 stor­age array

Non-plugged in Equip­ment

  1. Sun Enter­prise 3500
  2. Two Cis­co 3550 switch­es
  3. Two PIX 501

Com­put­er stor­age:

  1. Sea­gate 750GB exter­nal dri­ve (USB)
  2. Iomega 1TB exter­nal (eSA­TA)
  3. Drobo S with 5 2TB dri­ves for 10TB raw (eSA­TA)

Cis­co Lab Equip­ment:

  1. Four 3560‑X switch­es, with four-gig uplink mod­ules (might still get the 10 at some point), ful­ly licensed with IPSer­vices and run­ning 12.2(53) SE2.
  2. Eight 2801 routers, all run­ning 12.4(22)T5 Advanced Enter­prise, and all with at least one Wic-2T smart ser­i­al card which pro­vides two smart ser­i­al con­nec­tions.  Four of the 2801 have two Wic-2T cards, and a cou­ple oth­ers have a mix­ture of 1‑Wic-DSU-T1 cards, FXO cards, and FXS cards (most­ly left­overs and hand-me downs, but there are some inter­est­ing pos­si­bil­i­ties.)
  3. One 2811 run­ning the same IOS as the 2801 routers, used as a back­bone router for inject­ing routes and some oth­er misc. stuff.
  4. One 2621 run­ning some­thing-or-oth­er and act­ing as anoth­er back­bone router.
  5. One 3845 run­ning the same Advanced Enter­prise as the oth­ers.  This has five Wic-2T cards and acts as the frame switch. It also has an HWIC-16A card and does reverse-tel­net to every­thing else (ter­mi­nal serv­er).  It also hous­es some ran­dom stuff includ­ing the wire­less con­troller men­tioned above.

All of this is cabled and wired almost iden­ti­cal­ly to the CCBoot­Camp lab topol­o­gy.  This is because I have all of their work­books and want­ed to be able to study with my own equip­ment.  A cou­ple of the details are dif­fer­ent, most­ly around inter­face num­bers and the specifics of the back­bone routers and such.  Also, the switch­es I have are way overkill but sat­is­fy the lab require­ments.  Giv­en the actu­al topol­o­gy from just about any main­stream train­ing provider, I can copy it with the equip­ment I have, and that’s exact­ly what I want­ed to be able to do.  As always, con­tact me here or on twit­ter with ques­tions and com­ments.

Pic­tures of the lab and sun­dries are includ­ed below.

ASA and misc. non lab gear
CCIE Lab
CCIE Lab

CCIE Lab
CCIE Lab
Non plugged in gear — for now

Apple IIc — Mine since I was 8
Home Stor­age

Share

April 29, 2011 Cisco

Cisco Live 11 Schedule

Read­ing Time: 1 minute

Every­one has been post­ing their sched­ules for Cis­co Live to Twit­ter, Face­book and wher­ev­er else, so I thought I’d bet­ter jump in with the cool kids and pub­lish mine as well.  I can’t guar­an­tee this won’t change, but for now it stands as my best guess and cur­rent planned sched­ule.

Share
  • « Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Next Page »

Copyright© 2023 · by Shay Bocks