The cat is out of the bag. I am going for my 2nd CCIE. This time its in the Service Provider track. For a while i have felt something missing. And what is missing is a clear cut direction on what i want to learn more about in my professional life.

There’s news on INE’s Service Provider material. Updated workbooks for the SPv3 will be arriving “soon”. Hopefully that means within a month or two. If you are interested, you can read more and even get a peak into a sample lab.

Below are my findings regarding CAR. Please be advised that this is work in progress. CAR is the ancient way of doing policing. It is not configured using any of the new and fancy MQC style configuration. It is an interface-based command set.

Update: By most examinations, this seems to be a bug. A clever guy at the Cisco support forums might offer the reason why this happens. Thanks to everyone for clearing this up! (https://supportforums.cisco.com/message/3519430) I was trying someting out the other day concerning EIGRP when i ran into an issue i still cant explain, so i would like to put it out there for scrutiny.

I have finally decided to clean up my Routing & Switching notes and more importantly moving them from Microsoft OneNote to Microsoft Word. I know, I know, its still Microsoft, but even though OneNote has been okay for my needs, the lack of the program for Mac OS is annoying the crap out of me.

In this post i will shed some light on some spanning-tree info that has been floating around. But also an explanation why i choose a non-obvious answer to an IPexpert question. Specifically 2 things. The first one is the selection of ports and what _exactly_ selects the root port.

Lately theres been some fuzz in the corners about the need for NAT in the new world order of IPv6. I think its a poor design choice and ill give my reason below. One of the reasons why people seem to feel like they need NAT, is accessibility to IPv4 only content.

It seems like every day, there are some vulnerability or crack announced on the geek news-outlets. For some reason, the recent publication of an exploit of a flaw in the SSL/TLS implementation in some versions, made me extra curious and it made me think a little harder about this whole security business.

Flex Links, otherwise known as the devil for your L2 network. In all fairness, lets actually figure out what this feature is used for. The most important thing you need to know is the fact that Flex links disable your spanning-tree process.

I just watched this great lecture from INE on multicast. Well worth sharing:

Using L2 tunnel protocol version 3, you can accomplish what so many scientists are working on. A Wormhole! Granted, this wormhole is just through your L3 network, so it might not raise as many eyebrows, but its still a nifty tool in your toolbox.

In this small post i want to clarify the use of the “ip verify” command. There has been some confusion on the usage of this command, especially in conjunction with the access-list parameter. I would like to clarify this here.

Hi everyone, I am happy to announce that this week i passed the R&S CCIE lab exam. CCIE #29189. Its been a long journey for me. Working full time, not taking any dedicated time off work to do so, has been challenging.

In this article i will try and setup a very simple example using Cisco IOS IPS (Intrusion Prevention System). As before, a simple topology consisting of 3 routers will suffice. They are configured as follows: Topology for IPS example. R1 will act as our source host.

I am going through the detailed blueprint, one item at a time and verifying that there are no surprises. Especially IP services and security is something i havent paid enough attention to in the past. Anyways, there are lots of items on that darn list and going through them all takes alot of time.

Link optimization on frame-relay. Using frame-relay, bandwidth is especially a concern. It is possible to optimize this bandwidth in several ways. I will concentrate this post about compression and fragmentation. First off, with compression on frame-relay there several methods of accomplishing this.

As promised, here is a couple of photos of the final layout.

 

 

 

Thats all there is to it 🙂

 

So I modified the previous layout a bit. The concern i voiced about the 3640 was enough to make me figure out a way to have that one as the bottom piece of equipment. This is what i ended up with:

I need to start cabling all of this gear into place. I have made a layout which i think i will try out. The only thing that concerns me is the weight of the 3640 router. Its a heavy baby.

I have received the rest of my routers (1841s), I have also received the memory and flash upgrades for them all (256meg memory and 64mb flash). The guy who sold them to me was very helpful and it turned out he had the cables that i needed as well (some Smart-serial to Smart-serial, as well as some DB60 ones).

So i have decided to extend my rack functionality. I have the nessecary switching capacity, but what i need are the “correct” routers. Because of that, i have so far purchased 4x 1841 + a 2811. I still need 3 more before its in order.

NTP is one of those things that really keeps messing with my head. To break it down, what does it do for us? Simple. It provides the correct time of the day. How does it accomplish this? Now this is where it gets interesting.

I want to point everyones attention at this blog post made by Marko over at IPX. Its a good read and i think you will all enjoy it!

 

http://blog.ipexpert.com/2011/01/19/old-ccie-myths-vlan-1/

Welcome to 2011. I hope that you have had time to enjoy the holidays and all the festivities that come with it. Personally i have been doing alot of work stuff. Moving data centers is no small task when the customers want constant uptime.

The month of December has been crazy for me. A ton of work related stuff has been going on. Our HQ move has taken its toll on everybody. Ive been working through every weekend, putting in some 20 odd hours on some days.

My understanding of IRB: I did another Volume 1 lab yesterday. Again i hit my head against the infamous IRB feature. IRB stands for Integrated Routing and Bridging. Below is my understanding of the technology. I could be very wrong about this, so please correct me if i state something completely incorrect.

Its been just over two weeks since my lab attempt. I have basically done no studying at all during that time. Time has come to get back in the game. I do have alot of work to do in the near future, but i will still try and do all the studying i can squeeze in.

I had a bit of spare time yesterday, and i stumbled across a great video walkthrough of the Cisco documenation by Internetwork Expert (INE), and i thought i would share it with you in case you hadnt already discovered it:

First shot = Failure. So i had my first lab attempt on tuesday the 2nd of November. Boy was it hard 🙂 Unfortunally i didnt pass this time around. I did very well in the troubleshooting part, but the configuration part, got the best of me.

This was all written yesterday 🙂 Airport fun! So right now (im sitting in London Stansted Airport after having attended the last of Narbiks bootcamp. Its going to be good to get home to the girlfriend and my puppy. He had a guest with him this time around.

As you may have noticed from my inexcusable lack of posts, ive been very busy. I have been finishing up IPexperts volume 1 workbooks and now going through volume 2. Still lots of interesting details to learn about. I have also managed to get most of my video-on-demand material onto my iPad so i have easier access to it.

I wanted to point your attention to gns3vault.com. Alot of students use GNS3 (front end for dynamips) to do alot of their lab work. Rene Molenaar created this site, which is basically a site with free labs that you can download and practice on.

Im back from vacation. I can now with convinction state that hotels in Spain are not up to par with other places. I have been to Spain twice now, and they NEVER have an internet connection in the rooms. You had Wifi in the lobby, 2€ for an hour, and it barely worked.

Awesome. Got alot of EEM ground covered today. Seems like a very powerful scripting engine that stands out, by having the ability to be triggered under certain circumstances. Lets check out an example using the topology below: EEM Topology R1 is connected to an ethernet segment.

I have started doing IPexpert Vol 1. technology labs. They are pretty challeging. They make you think out of the box. Almost none of it is vanilla configuration. I dont know how closely these labs reflect the real one. Ofcourse these are Vol.

Woke up early this morning to get a head-start on the Video-on-Demand courses. I do it by looking at the PDF’s thats covered on each configuration section, and try and replicate the topology as well as solving all the tasks.

Update 11-08-2010: I can now create RMON alarms and events. It seems the command set for RMON is pretty limited. Not much around the net as to how deep to go into this. Hope its enough. I just looked over the detailed blueprint which is authored by cisco.

I have vented about this topic before and will do so once again. I am doing this because i believe its very important. Students who are studying for Cisco exams or engineers who are trying to lab up a technology before deploying it, have found Dynamips and used Cisco hardware very useful in the past.

Troubleshooting. An artform in itself. I have been doing trouble-shooting labs for the last week and its not going the way i want it to. In all fairness, its very good practice! having all the components in one lab, with all sorts of technologies interconnected really makes life interesting.

I am in the process of figuring out how to get to another bootcamp (Narbik). Unfortunally alot of classes in Europe have been cancelled due to lack of students. This pretty much leaves me with going to the US at some point.