CCNP

I am finally done. ONT was passed today, and with a pretty good score as well. I am very happy. Now it is time for some relaxing, and get on with my training schedule. I really wish we had a testing center somewhere closer that was actually worth going to. It is a 2 hour drive for me to goto each exam, which I think is a long time.

I am in the process of reviewing and labbing from the lab portfolio. I need to have the verification commands down, so I can troubleshoot different QoS scenarios. I find it very hard to do much configuration though.

Also, the wireless section is kind of hard to get good hands-on experience with since I dont have access to any WCS (Wireless Control System). At work, we only have WLC (Wireless Lan Controllers) that I can get some practical hands-on experience with. How does everyone else go about getting enough “dirt-under-the-nails” with these technologies? Buying them is obviously out of the question, since I dont have that kind of budget to do these things on. I have already used all of the strings I have to borrow equipment, so I doubt my hands-on experience will get much better than it is.

So I am almost done with the wireless section, but alot of things still needs to click in, especially regarding the security aspect of it all. Some more reading on that is needed next. QoS in wireless is done by basically lowering the back-off time in CSMA/CA for higher priority traffic. The Wifi Alliance released an interim solution based on 4 categories. Platinum, Gold, Silver and Bronze. Platinum is used for voice, Gold for video, Silver is best effort, and Bronze is “background” stuff, I guess thats your typical P2P applications along with random non-categorized stuff.

I am finishing up on chapters regarding WRED and LFI.

WRED is a congestion avoidance mechanism. What that means, is that when congestion occurs, you try and avoid filling up the buffers completely by dropping some packets. Normally the standard queueing for fast interfaces (>E1) is FIFO, with the congestion avoidance of tail dropping. That means whenever the buffers are full, any new packets to the queue, gets dropped. This has a nasty habbit of producing TCP synchronization.

So im studying about congestion management, namely the use of queuing and the different discplines of queuing.

FIFO = First In First Out. This is a straight forward queue which doesnt take any priority, delay or bandwidth into account. This is the default on Cisco equipment for interfaces > 2.048 Mbps (E1 lines or slower).

So today I have spent some time reading up on voip codecs, and how to calculate bandwidth requirements for a single call with a certain codec.

Take for example. G.711 (PCM), which is uncompressed voice data. Its specification says 64kbps raw data output from the codec. We want to use a packetization period of 20ms. That means two digital voice samples pr. voip packet.

So today I watched some material on nbar (Network Based Application Recognition), which is a feature originally used for classification of data, used in QoS to mark packets.

It uses very deep packet inspection, to figure out what data is being transfered over the network. It goes up to Layer 7 to figure out what is truly being transfered. This is especially useful for many new applications which uses protocol tunneling to “get through” a firewall. An application that uses this is Skype, which uses port 80, which we all know as web traffic, to carry voip packets. In this case, a regular ACL will not prevent this type of traffic, since we might only block the “skype” port.

So, so far ONT seems alot like its brother-acronym QoS. Watched a few videos today, solidifying knowledge from BCMSN about CoS only being for L2 trunk links and ToS/DSCP being for Layer 3. Figured out the DE bit provides a somewhat rudimentary QoS for frame-relay. Throw away, or dont :). It is used when CIR (Commited Information Rate) is in effect. You can basically use it to determine on your own which packets to be Discard Eligible or not. This is better than just leaving the decision to your service provider.

I skimmed over the ONT blueprint, and it sure seems like alot of voice. I am not quite sure howcome theres that much voice material on there. It bothers me quite frankly, because I dont find the voice part particularly interesting. But alas, I digress, theres just one way to the CCNP, and thats through ONT.

I just passed ISCW. Im really glad this one is over with. But I have ALOT of reviewing for the material in this one, when i finish the rest of the CCNP track. I could especially feel that not having access to the FW and IPS parts really hurt me. Unfortunally I cant afford any of the very pricy IOS images, for any of my devices, that will support the FW and IPS feature set.

Okay, Xmas is over and so is new years as Im writing this.

Im behind regular postings, I know, which is frustrating.

I am done with the preliminary reading and lab work for ISCW, but I dont feel prepared for it at all. Its even worse than it was for BCMSN. I think the lack of an official study guide really got me off track. I will have to investigate further how to create a study plan on the topics on the blueprint and then come to a full understanding and assurance I got the topics down. The way im doing it now is spreading it too thin, thats my feeling at least. Also, motivation has become a factor at the moment. Maybe its because its the holidays, and you are “supposed” to relax, chill out, I dont know, but I need to get it sorted. Its cutting into my focus.

Im studying IPSec VPN’s at the moment. There’s alot of terms, protocols and exchanges taking place, and they all use names thats really hard to tie together with what they are doing 🙂

Isakmp for example, what does that do? well, it stands for Internet Security Association and Key Management Protocol. Its the first phase of the IKE (Internet Key Exchange). Basically its sets up a baseline (encryption, hashing (authentication), Key-material, and Diffie-Hellman group), for management traffic. DH uses assymetric encryption to make a secure channel, to send a symmetric key through, which is used for the isakmp SA (Security Association).

So I just started work toward the ISCW. The lab book for this is huge, so I think its going to be alot of lab work, and alot of lookups on Cisco’s doc site for further information. My reason for this thinking is the lack of a self-study guide for the ISCW exam. Its a shame really, since Ive enjoyed the self-study guides so far.

Thankfully I passed BCMSN. Thank god. It was driving me nuts.

Passed with an 864, which im satisfied with.

I am thinking about my study technique for the ISCW. I need to see if I can structure it somewhat better than BCMSN, where I ended up reading some topics over and over again. I think one of the things I will do better is to lab every chapter out more throughly to get it under my nails. Security has not been my strong side so far, and I need to ramp that up for the ISCW.

I am trying to get some reading done, even though its extremely hard when im still sick.

However, I only got about 5 chapters left in the examination guide. hopefully I can finish them soon, and do some of the last case studies in the lab book. I really want to get this BCMSN out of the way, its starting to get on my nerves. I dont feel prepared enough for the exam though, I dont know why. Ive read almost all the material available, and can sketch out switched networks and stuff. I guess there are just some details thats missing here and there.

I now need to do the remaining labs in the lab portfolio. There are especially some case studies that bridge all the knowledge together (or so it looks like, we’ll see). I do know however, that wireless is a huge area in and by itself.

I have a sneaking suspecion that I better pay alot of attention towards the wireless section of the BCMSN. It seems like its “out-of-scope” of the BCMSN, but Im quite confident that Cisco will really smack me on it for some reason. The whole gain/loss/radio frequency stuff is not a topic I have paid much attention to in the past, so its quite new for me.

Lately I have been in the need of the right equipment for quite a few labs.

What I really need is some equipment that is able to do both Dynamic Arp Inspection (DAI) and IP Source Guard (IPSG). The dynamic arp part is supported on 3550’s as far as I can see, but IPSG is not. It is only available on 4500’s and 6500’s, and I dont think playing on the core 4507R’s at work would be a wise choice 🙂

Been reading the study guide about L2 security. You can really mess up a whole network very simply, and you can basically take down the whole thing pretty easily if your switches are not configured correctly. There was also alot of things about IP spoofing and ARP spoofing. Pretty nifty stuff, and you can all secure your network alot by making some pretty basic choices, and execute them all over your network.

Well, I broke the spanning-tree topology at work today. It was not one of my proudest moments 🙂 I was playing around with the very delicate portfast command, which states in all its glory:

“%Warning: portfast should only be enabled on ports connected to a single

So im studying redundancy features, especially gateway redundancy features. I think this is some impressing technology. Basically there are three versions, HSRP (cisco proprietary), VRRP (IEEE Standard) and GLBP (cisco proprietary). HSRP was introduced in 1994, and VRRP in 1999, GLBP is alot newer, introduced in 2005.

Been reading about CEF yesterday. It doesnt take up much of the exam blueprint, nor CBT nuggets coverage of it. However, it seems that theres more to this than what meets the eye.

I also need to figure out what CEF is doing in routers. My assumption is that its being implemented in IOS and where support for hardware is available, it downloads the FIB and adjacency tables from the control plane to the data plane for fast switching. I doubt all routers have asic hardware, capable of CEF operations, and i know CEF is running on some of my IOS 3640 dynamips boxes.

Today I have spent about 2,5 hours studying different features that enhances the switched network. This includes labbing up BPDU guard, Loop guard, UDLD Aggressive mode, BPDU filtering. Also I find the automatic error recovery feature very interesting.

You can set certain causes to put an interface into the errdisabled state. For example if you enable BPDU guard, and a BPDU is “heard” on the interface, it puts the interface into errdisabled. But you can set a timer to “wake” the interface back up again, so its not a permanently state that an administrator must take action to remedy, namely sh/no sh the interface.

I have been working my a** off trying to understand STP just fairly well. Its a hard topic, especially with Rapid STP. I have struggled with the synchronisation/proposal/agreement thing. It has helped seeing it on the equipment though.

An alternate port can be switched to immediately. If the root port goes down and the switch has a designated port, it performs the proposal/agreement bit, and another switch becomes a designated bridge for it. Nifty stuff.

Sorry about the lack of posting/progress reports. Also the server has been down for a while.

In the meantime, I’ve passed the BSCI exam with an 833 score. Really got my ass kicked on some topics I didnt expect (IS-IS), and ofcourse multicasting which has turned out to be my arch-enemy. I should have done some more labs on ISIS, but I didnt since it didnt take up too much space according to the exam blueprint.

Well, at least some of it. Adjacencies and how IS’s update other IS’s is the thing that nobody can give me an answer to. According to all the material IS’s maintain adjacencies to all others, but still elect a DIS.

Alright, I am done with reading about EIGRP. I am now skimming through the chapter, and taking notes. I have an okay understanding of how EIGRP works, and I am looking forward to the labs to nail out unknowns.

I am not 100% convinced about taking notes, or rather doing it in the order im doing (reading first, then skimming and taking notes, then going to the lab).

Today, I am continuing reading about EIGRP.

My goal for today is to get at least 40 pages of EIGRP reading done. Lots of nitty gritty details such as unequal-load balancing and route authentication.

To understand and process the material, 10 pages takes up 30 minutes of reading time. This includes reading the material, looking at the topologies being presented and thinking it through (in case of metrics and bandwidth calculate a bit to see where the authors are getting at).

Chapter 3, EIGRP.

Started reading about the inner workings of EIGRP today. EIGRP is an improved distance vector protocol provided by Cisco themselves. It is an improved distance vector protocol, because it passes updates directly to its neighbours. It is more advanced than traditional distance vector protocols, because it supports VLSM and it does not use periodic updates. It uses hello packets like link-state protocols.

Okay. I will try and document some information regarding my study to attain the BSCI (Building Scalable Cisco Internetworks) exam.

This is by many considered the hardest exam on the CCNP track (1 of 4 exams). I will tackle this one first, and then continue forward to the other exams knowing they will be easier.

Okay, so its been a while since my last post.

Been having some issues to deal with, which has taken quite alot of energy.

I am going for the CCNP, starting with the BSCI exam. Ive got the books for it, and started studying. There’s alot of detailed information, and lots of labs to do. Chapter 2 is 40 pages long, and its taken me two days to reach the end of the information in the book, now im starting the labs in the end of the chapter 🙂