My CCIE Security V6 Home Lab Overview
So I have had some time to put everything together in my small CCIE Security V6 lab.
I want to spend a few moments explaining how everything is put together so others can benefit from it.
At the core of the whole thing is my new server, which is running great!
Forward Networks - The Sequel
This is the sequel to what was my first introduction to Forward Networks a year ago at Cisco Live Barcelona 2019. No surprise that, since I put their presentation among the highest rated during that time, that I was really looking forward to an update on their technology.
Attending Networking Field Day #22
I am very happy to announce, that I have been invited to attend “Networking Field Day #22”.
As you might know, the Tech Field Day events are all about getting a bunch of people together to figure out what the presenting companies are all about, with the products they bring to the table.
The Concept: In legacy site to site (S2S) VPN’s we are used to defining crypto maps and applying them to a physical interface. However, since these does not utilize GRE, you have no way of supporting multicast and routing protocols.
Thoughts on Hard Work
I am catching up on my RSS feeds and fell upon Ivan’s post on “Hard Work”. The article references Seth Godins post Hard Work, which examines 3 types of work being carried out.
In summary we have the following types:
ASA Lessons: Failover
In this post I will go through an example of setting up redundancy between a pair of ASA’s using one of the two methods of accomplishing this. The 2 methods are:
Failover Clustering This post is exclusively about the failover option.
So I have further evidence that I might be crazy:
I have decided to abandon any and all CCIE DC studies. Why you might ask? Simple: I dont have access to the required equipment continually so I can practice and reinforce any knowledge.
Enterprise Networking PVT
This week, I am attending Cisco’s EMEAR Enterprise Networking PVT in Amsterdam and I wanted to highlight some key takeaways.
Cisco is really doubling down on getting its software strategy in place. Everything, and I mean everything gets a mention in regards to what sort of software is enabling it (DNA Center/SD-Access/SD-WAN etc.
ASA Lessons: Static PAT
I decided a while back I would spend a bit of time learning about the Cisco ASA firewall. This is the first post surrounding some technologies I have explored during that time.
For some of you it might be easy stuff, but for others, including myself, might find it interesting for reference.
TFDx – Forward Networks
Forward Networks was one of the top presenters at TFDx at Cisco Live 2019 in Barcelona in my opinion. I really didn’t know much about what they were all about before we had the presentation. One thing I did notice was that they were really organized, even handing out agendas before beginning the presentation.
Time to say goodbye to Barcelona
As im sitting here in the hotel, waiting to leave for the airport, the only thing on my mind is: Wow.. what an amazing week this has been.
I have met so many old friends and made a bunch of new ones.
Thoughts before CLEUR 2019
In just 3 days time I will be leaving for Cisco Live 2019 in Barcelona. Im thinking about what sort of event it will be and what to expect in term of announcements.
Especially one thought keeps reappearing and thats the thought of the transformation of Cisco.
Tech Field Day @ CiscoLive Europe 2019
I am honoured to have been selected as a delegate for Tech Field Day during Cisco Live Europe 2019 in Barcelona!
Cisco Live Europe will take place from the 27th of January until Friday 1st.
I am really looking forward to this opportunity.
Cisco Champion 2019
I was fortunate enough to be selected as a Cisco Champion for 2019. Looking forward to alot of good information and cooperation from the program! 🙂
This post is all about OTV (Overlay Transport Virtualization) on the CSR1000v.
I wanted to create the post because there are alot of acronyms and terminology involved.
A secondary objective was to have a “real” multicast network in the middle, as the examples I have seen around the web, have used a direct P2P network for the DCI.
Useful links for Observium + Rancid
I recently decided that i would like to utilize Observium as well as rancid for configuration backups on my home network. To that effect, the following links really helped me out getting it all setup correctly:
Let me know if you run into anything i might help out with.
A quote from an Ex-Googler
I really like this paragraph, because almost everyone wants to imitate google. Why? well, the answer to that questions seems to be what everyone is missing!
Google’s solutions were built for scale that basically doesn’t exist outside of a maybe a handful of companies with a trillion dollar valuation.
Complicated Vs. Complexity
I am currently reading Team of Teams, an excellent book!
In it, it highlights an interesting fact that I think is very relevant for the networking world and that is the difference between something that is complicated versus something that is complex.
I recently completed the entry level Juniper certification. I thought it would be a good idea to study for something other than the mighty Cisco, so Juniper’s JNCIA-Junos seemed like a good choice.
It was a very fair exam I can highly recommend.
VxLAN on the CSR1Kv
By now, VxLAN is becoming the standard way of tunneling in the Datacenter.
Using VxLAN, i will show how to use the CSR1Kv to extend your Datacenter L2 reach between sites as well.
First off, what is VxLAN?
It stands for Virtual Extensible LAN.
ISIS Authentication types (packet captures)
In this post i would like to highlight a couple of “features” of ISIS.
More specifically the authentication mechanism used and how it looks in the data plane.
I will do this by configuring a couple of routers and configure the 2 authentication types available.
Progress update – 10/07-2017
Im currently going through the INE DC videos and learning a lot about fabrics and how they work along with a fair bit of UCS information on top of that!
Im spending an average of 2.5 hours on weekdays for study and a bit more in the weekends when time permits.
New Lab Server & random updates
So I just completed a purchase off eBay for a new server for my lab purposes.
For a while now I’ve been limited to 32Gb of memory on my old ESXi server, which is really more like 20Gb when my regular servers have had their share.
A look at Auto-Tunnel Mesh Groups
In this post I would like to give a demonstration of using the Auto-Tunnel Mesh group feature.
As you may know, manual MPLS-TE tunnels are first and foremost unidirectional, meaning that if you do them between two PE nodes, you have to do a tunnel in each direction with the local PE node being the headend.
Practical DMVPN Example
In this post, I will put together a variety of different technologies involved in a real-life DMVPN deployment. This includes things such as the correct tunnel configuration, routing-configuration using BGP as the protocol of choice, as well as NAT toward an upstream provider and front-door VRF’s in order to implement a default-route on both the Hub and the Spokes and last, but not least a newer feature, namely Per-Tunnel QoS using NHRP.
Cisco Live US! 2016
I am fortunate enough, to be able to goto Cisco Live US! again this year.
Last year was such an experience, that my hopes are really high for this year as well.
I will be arriving on Friday the 8th and leaving on the 15th.
February – A busy month indeed!
Wow, what a busy month this has been!
So I started my new job on February 1st and thus far, everything has been really great.
My new coworkers are very friendly and helpful.
I’ve spent the better part of february, trying to get to grips with the SP network I will be focusing on from now on.
Doing right in the VAR role!
This post is my follow-up on a recent discussion on twitter.
Working for a VAR (Value Added Reseller) is not always the glamours life some make it out to be.
Working as a consultant, what you are really doing, is being the CEO of your own service company.
My first Cisco Live!
Even though im still in San Diego, Cisco Live! US 2015 is but a memory.
But what a memory it is! It being my first time attending a Cisco Live conference, I didn’t really know what to expect.
What I was met with, was a conference full of really sharp and nice people.
MPLS VPN's over mGRE
This blog post outlines what “MPLS VPNs over mGRE” is all about as well as provide an example of such a configuration.
So what is “MPLS VPNs over mGRE”? – Well, basically its taking regular MPLS VPN’s and using it over an IP only core network.
Cisco Live US 2015 – Session Schedule
This is my current schedule for the Cisco Live US 2015 event.
Most are related to my CCDE studies and a few are with technologies and products that im interested in in general.
08:00 – 09:30 BRKSAN-2101 FCoE for small and mid size enterprises.
Upcoming webinar with Daniel Dib
Just wanted to let you know that Daniel from lostintransit.se is doing a webinar on network design. I will be attending and helping out any way i can.
Go here to learn more: https://learningnetwork.cisco.com/blogs/community_cafe/2015/01/21/network-design-fundamentals-webinar-with-ciscovip-daniel-dib
Woke up to a very nice email today.
I have been selected as a Cisco Champion for 2015! – Now i get to see what all the fuzz is about and hopefully be able to contribute something.
EIGRP OTP example
In this post id like to provide an example of a fairly new development to EIGRP which is called EIGRP Over The Top (OTP).
In all its simplicity it establish an EIGRP multihop adjacency using LISP as the encapsulation method for transport through the WAN network.
Using the OSPF Forwarding Address for traffic-steering
In this fairly short post, id like to address a topic that came up on IRC (#cciestudy @ freenode.net). Its about how you select a route thats being redistributed into an OSPF NSSA area and comes into the OSPF backbone area 0.
Using LISP for IPv6 tunnelling.
In this post I would like to show how its possible to use a fairly new protocol, LISP, to interconnect IPv6 islands over an IPv4 backbone/core network.
LISP stands for Locator ID Seperation Protocol. As the name suggest, its actually meant to decouple location from identity.
EIGRP Query bounding.
In the process of restudying EIGRP as a protocol, and more specifically as to how it converges, you can’t avoid running into the saying “Remember to bound your queries!”.
From a conceptual point of view its fairly easy to understand that the further out you ask for a prefix the longer the convergence process will take.
Passed the CCIE SP Lab exam.
Well, a short update. I managed to pass the CCIE Service Provider lab exam on March 14th.
I am quite exhausted from the experience, but very happy 🙂
ESXi Server Build
With the release of the IOS XRv router, along with CSR (Cloud Services Router), its time that I go ahead and build myself a virtualization solution.
To that effect, I have just ordered the components for a home build server, which was the cheapest, not to mention most silent option available.
Its been a long time since my last update. I apologise for this. It wasnt my intention, it just sort of happened.
In the meantime I have tried the CCIE SP lab and didnt pass it, so I am still studying for my next attempt which is comming up shortly.