CCNA and future plans

I passed the ICND2 on Friday which means that I am now CCNA certified.

The company I am currently working for is slowly moving away from Cisco, but I think the CCNP (the next cisco cert level) is still on my to do list. For one thing I already have a ton of cisco hardware, and there is just a lot of stuff that I want to learn yet.

juniperTower

And now for something a little different..

I managed to forget about certifications for almost a whole day after passing the CCNA. I think my next target is the Juniper Networks Certified Associate-JUNOS (JNCIA-Junos). This is Juniper’s lowest level technical cert so it will be a good intro to Juniper gear and it will help me reinforce (and relearn) some of the data from the Cisco CCENT.

I’m not sure how hard the JNCIA will be. The Juniper exams aren’t quite as well known as the Cisco exams so I’m having a little trouble finding info on them. Fortunately Juniper provides a bunch of free study resources for their exams in the Juniper learning portal through their “fast track” program.

Why Juniper? I’m not really sure. We don’t have a ton of it at work. I guess it is just kind of neat to be working on some newer gear after banging away on my 10+ year old cisco hardware for so long. Plus I just think that I need a break before I dive into the CCNP material.

The Last Week

When I was in college I remember leaving studying for the night before the exam, or at most spending a couple hours on Saturday and Sunday in the library pouring over notes.

I am on the last week of a journey that started in September 2013 when I set out to get the CCNA. I decided to take what is arguably the more difficult path and separate the material into two exams (doubling the questions, but giving myself less topics on each exam).

I’ve read a 1000 page study guide and another 250 page command line guide. I’ve watched close to 100 instructional videos, and spent countless hours writing up notes on everything.

I’ve built a complete lab environment and configured every exam topic on physical hardware.

I’ve cancelled dates and skipped social obligations all in the name of studying. I’ve woken up in a cold sweat babbling to myself about OSPF routes. I got strep throat for the first time in 10 years, probably because of the stress.

All this and do I feel ready?
NOPE

I’ll write another post on the other side of hell week and let you know how it went.

 

catScreen

My cat is studying screen door technology with hopes of one day becoming screen door certified.

Elephants Are Cool

I need to memorize the SYSLOG priorities for the CCNA but I’m having trouble because.. memorizing is hard.

Sometimes an acronym helps, but I couldn’t find any on Google. I guess nobody else is bothering to memorize this stuff..

Security Level Priority Keyword Description
0 emergencies emerg, panic A panic condition. This is normally broadcast to all users
1 alerts alert Inmmediate action required. e.g.: Corrupted system database
2 critical crit Critical condition. e.g.: Hard device errors
3 errors err, error Error conditions
4 warning warning, warn Warning conditions
5 notifications notice Normal but significant conditions that need attention
6 informational info Informational messages
7 debugging debug Debugging messages

https://www.linode.com/wiki/index.php/Syslog_Howto#Priorities

Here’s the best I can come up with:

Elephants Are Cool. Elephants Want Nice Inside Dogs

Well I’m doomed. Yup.

 

There is nothing fun about getting certifications

I finished the last major portion of my studying about a week ago, and since then I have mostly been taking practice exams and working on firming up my weak areas. I don’t think I am going to do another Cisco exam after this. The points I am loosing are more to do with the retarded way they word questions than a lack of knowledge on my part. I’m also having trouble with some areas where I need to memorize all kinds of little details that you would just look up in real life. The last practice test that I took had about 5 questions on Netflow. I have no idea why Netflow is even on this exam.

I am also completely sick of the way they do simulations on the exams. One of the practice sims that I did had 8 routers and 4 switches in a window the size of a postcard. I couldn’t even fit all of the questions in the window without scrolling. Seeing as how they only give you a small whiteboard for notes you basically have to memorize all of the configs because you can only see about 1/4 of one on the screen at the time. The whiteboard marker for my last exam was so small that I could barely fit 8 numbers across the top.

Here are some Netflow notes for what it is worth. The CCNA practice exam that I am taking is going into more detail than my study book does on it. Whoever wrote the practice exam must have also invented Netflow.

Netflow has a singular purpose: to collect IP traffic statistics

Cisco developed, but not Cisco proprietary

(config-if) ip flow egress //enable outbound netflow on the port

(config-if) ip flow ingress //enable inbound netflow on the port

//setup collector

#ip flow-export destination 172.16.1.1 2055 //udp port number

//misc sh commands

#sh ip flow interface

#sh ip flow export

a flow is defined as:

-ingress interface

-source and destination ip address

-ip protocol

-source and destination port

-IP TOS (Type of Service)

A simple EIGRP config

Scenario: I have a Cisco 2600 and a Cisco 1841. They are connected with a T1 crossover cable and their serial interfaces are setup correctly so they can ping each other. I am going to run through a really basic EIGRP config.

router1 serial interface is set to 192.168.1.1 255.255.255.248

router2 serial interface is set to 192.168.1.2 255.255.255.248

EIGRP

Setting up a cross-vendor t1 between the juniper and one of the ciscos would make for a good post. maybe after i finish the CCNA

router1 configuration

(config)#router eigrp 20

(config-router)#no auto

(config-router)#network 192.168.1.0 0.0.0.7

router2 configuration (the same)

(config)#router eigrp 20

(config-router)#no auto

(config-router)#network 192.168.1.0 0.0.0.7

 

Notes:

1) In “router eigrp 20″ the number is the autonomous system number. EIGRP routers that exist in seperate autonomous systems won’t exchange routes or become neighbors, so make sure you are using the same number when you set it up.

2) The Cisco 2600 that I have is running IOS 12.0(10). It will not let you set a wildcard in the network declaration, so I guess this was added in a later version. The 1841 is on IOS 12.4 and accepted a wildcard. the two routers still formed a EIGRP neighbor relationship without any issues. Remember that for Cisco wildcards 0==exact, 255==anything, and if you don’t use one of those two you define a block by using a number that is one less than the block size. I think the general rule for Cisco exams is that they want the wildcards to be as exact as possible.

Useful commands

Now that we have a really simple EIGRP setup, here are some useful commands to check out.

#sh ip protocols //active ip protocols, including a bunch of info about your EIGRP setup

#sh ip eigrp topology  //shows the entries in the EIGRP topology table

#sh ip eigrp traffic //statistics for your EIGRP setup

#sh ip eigrp neighbors //shows the EIGRP neighbors, the interface they are connected on, and up time stats

#sh ip route // this will be blank because it does not show directly connected routes, and we have not added any routes for it to discover.

 

That is all for now. I may revisit this later and add on some more routes, but this is a good enough to go over the basics with.

Cisco Basics: Reset a router to factory defaults

I’m configuring a 2600 for my serial interface lab and I thought it would be a good chance to go over resetting a router.

1) connect a console cable and open up putty (windows) or minicom (linux)

2) turn on the router and break into rommon on startup by hitting [Ctrl]+[Break]. Note that on newer equipment the break key is usually just labeled “pause” and may be one of your function keys.

3) type in confreg 0×2142  at the rommon prompt. This sets the router to boot from flash and ignore the startup config.

4) type reset at the rommon prompt to reboot

5) enter global config mode by typing enable and then config t

6) type config-register 0×2102 to set the router back to loading the startup-config on boot.

7) exit out of global config and save your running config: copy run start

8) Enter reload to reboot the router and you should be set. Remember that you now have the factory-default settings, so make sure to setup passwords and enable ssh

Cisco switches are even easier to reset. All you have to do is hold in the mode button and in a minute or two the switch will reset. Watch where you put your hand in the network closet.. we’ve had a couple accidents with this.

cant sleep

ok it is 10:00 at night. I have the following items:

several cans of Guinness

a cable I made that i am optimistically calling a “T1 crossover”

several Cisco 1800 series routers

A 7:30 AM work meeting.

A cranky cat

—-

I’m planning on combining these items together and hoping to learn something about serial interfaces in the process.

 

—–

update: 11:05

————–

So far I’ve learned that you can’t plug a serial WIC into a 1805 router due to a software/licensing limitation.

I’ve also learned that the 1841 router that I bought off ebay won’t boot (bad flash card?).

Well that’s enough learning for one night.

 

 

work / life

I’ve been working on Cisco and Avaya network gear at work and then coming home in the evenings and jumping on my test rack to study for the CCNA. The downside of this is that when I went to work on one of my linux servers today I typed this:

config t

face palm..  :)  [for non-networking people that is a common CLI command on Ciscos and Avayas, but does not apply to linux]

I’m building a VM with encrypted LVM volumes. The idea is to have secure storage, but I’m kinda wondering how stable it will be through backups and restores. For now it is just a test, but if it is fast and reliable I will probably convert all of my storage (CIFS) VMs to encryped lvm.

I feel weighted-down by the CCNA exam. There are about a billion side projects that I want to be working on now, but I have to remind myself to focus (mostly) on studying Cisco stuff. Along that vein I decided to drop CBTNUGGETS for good. Don’t get me wrong–the training videos are great–but I just can’t afford the $100 a month subscription. Their sales people keep calling and emailing me to try and get me to sign up for a year subscription. I’m really not sure why they think I can afford to throw around money like that. I’d probably feel different if you could download the videos, or if the experience was in any way permanent. It’s probably worthwhile to do another post on study materials, maybe I will get back to the topic after the CCNA exam.

Building a Proxmox 3.1 Low-Availability Cluster

cluster

I use Intel quad port NICs on my Proxmox hosts. That’s a lot of CAT-6 cable.

I’m running out of space on my main Proxmox server so I decided it was time to bring it’s twin online.

I decided to try out a Proxmox cluster, it turned out to be reallly easy with Proxmox 3.1

I’m calling my cluster a “low-availability cluster” as a joke because I am using local storage so the cluster can’t hot-migrate VMs, or deal with a host failure automatically. It can migrate shutdown VMs, and I am really liking the ability to manage both hosts from one interface. As an added plus both hosts now use the same backup and nfs shares.

Quick instructions:

1) You can have one server with VMs on it already. This will be the master. All other servers must be empty (no VMs).

2) SSH to the master and enter this command: pvecm create YOUR-CLUSTER-NAME

I used “marmotcluster” for my cluster name.

3) SSH into each node (the other servers that you want to add to the cluster) and enter this command: pvecm add IP-ADDRESS-MASTER

Use the IP address of the master server that we already setup.

4) Log into the web management console of any server in the cluster. Under “datacenter” you will see all of the nodes in the cluster.

Here’s the full documentation: http://pve.proxmox.com/wiki/Proxmox_VE_2.0_Cluster

 

 

Thoughts from Cisco land : STP priorities

stp

The root bridge in a STP domain is decided by comparing the STP priority and MAC of each switch (lowest wins).

The default priority is 32768, which means that the root bridge will go to whichever switch has the lowest MAC address, unless if you modify the priority. Now here is where it gets weird: The priority has a range of 0-61440, and is set in increments of 4096. Oh, and for whatever reason the VLAN number is also added onto it (making it no longer a power of 4096..). There is no clear reason for all of this added complexity.

My best guess is that Cisco employs a mad mathematician to come up with a different numbering scheme for each protocol.

On the plus side it makes those of us that actually study this stuff just a tiny bit more irreplaceable.