This is how I planned out what the network will look like during our classes. As you can see on the left handside, I plan to have 5 routers, 3 switches, 1 console server and 2 power strips. In case we need more devices, we can insert them into the empty slots (it’s a 19U rack). There will be 5 routers in each rack so that we can do VPN tunnels between R1 and R3, where R2, R4, and R5 will simulate ISPs. 3 switches will represent a standard office network; they’re interconnected so that we can practise spanning tree and portchannels.
On the right handside I quickly sketched the bird’s eye view on the entire network (there can be more than 3 racks if needed for larger groups, of course). Home users will be able to vpn into their racks, while classroom users will be divided into groups. Each group will connect to their separate wifi network, which will allow them to connect to their console server.
Additionally, I can power up and down each rack remotely using Gembird power strips (not in the picture), because each power strip is connected to a managed power slot on the Gembird (two racks per one Gembird only even though Gembirds have 4 managed power slots because my walls are getting strangely warm 🙂
I spent the whole day putting more memory into the 1841 routers, checking flash cards, IOS etc. I fixed one fan and discovered that something must have eaten one of the fans in a 1841 router.
My homework is rather obnoxious in that I need to make some 2ocm crossover cables and patchcords and I’m a bit clumsy. More than a bit, actually.
That’s all folks!
As i’ve said, I’m currently building a new lab that I will be using to teach Cisco courses. This is an ongoing project so some things may still change.
First, I’ll start with the racks. We’ve decided we’re going to use silent cupboards from ZPAS:
I’ve bought two sets, together with the power strips, wheelsets, and shelves. What was missing from the set was the M6 mount screws (40 PLN for 100 screws from allegro), the fan power plug was not made, but overall I love it! It’s really silent when I close the door and it actually looks nice in the living room a.k.a. my interim lab.
It’s been a hectic few months but it’s been worth it.
- We now have a new website http://humanity.pl where you can buy our IT courses. This is something that I’ve been working on for the last 18 months but I never had time to actually make it real. Now me and my new business partner Dariusz Fedyk are working hard to get everything ready in time. If you buy now, you get a huge discount (>50%) so hurry up while stocks last 🙂
- We will be doing Cisco courses at WSB in Wroclaw. The first course starts in January but there’s also a demo that you can come and see still in December, see more details at http://www.wsb.pl/wroclaw/kandydaci/szkolenia/lista-szkolen/podstawy-sieci-komputerowych-kursy-dla-poczatkujacych?schedule=0
- We’re building a larger lab for our students: this is such a cool project and I will be posting more about the progress soon.
- I’ve passed CCNP Security! this took me about 18 months and while the exams themselves are not particularly well written, the experience overall was very good. I learnt a lot and I feel ready to take on CCDP in March next year (just before Junior is born.. which is even better news than this whole blog post put together)
- I quit my previous full-time job in June, which wasn’t surprising for anyone who knows me. My new job gives me much more freedom and the network is huge with 1000+ routers that I’m directly responsible for and which gives me plenty of room for self-improvement.
If your routers/switches send useless but high-level messages to your syslog server, you can use a logging discriminator to eliminate some unwanted log messages.
This is an example of a cisco bug message on a Cisco 881 router. It doesn’t mean anything and can only be fixed with an ios upgrade. You can also choose not to do anything about it because nothing is actually broken, but the syslog has a critical class and looks ugly in your kiwi logs.
734605: Jul 15 12:33:26.295 CEST: %SYS-2-CHUNKINVALIDHDR: Invalid chunk header type 1 for chunk 8419EBA4, data 8419FEEC -Process= „Net Background”, ipl= 3, pid= 27, -Traceback= 0x8084F720 0x80037078 0x8034D438 0x8170FA3C 0x8170D6AC 0x8170D978 0x816E6BD0 0x8190F7CC 0x8190FDC0 0x80C13514 0x8144F354 0x803241D4 0x80C1370C 0x8144F354 0x80B3B538 0x81450CC8
To eliminate this critical syslog entry, use a logging discriminator.
logging discriminator NOCHUNK severity drops 2 facility drops SYS mnemonics drops CHUNKINVALIDHDR
logging console discriminator NOCHUNK
logging monitor discriminator NOCHUNK
logging trap warnings
logging host 10.0.0.1 discriminator NOCHUNK
On firewalls, you need a different approach, because the discriminator has not been implemented on ASA.Therefore, you need to add messages on top of a specific logging level.
Logging message 111111 level errors (find message number in cisco documentation)
or use lists:
logging list my_critical_messages level 1
logging list my_critical_messages message 611101-611323
logging trap my_critical_messages
Today just a list of things you should never do as a network engineer
- putting guests on the corporate network
- having the same preshared keys for 5 years
- not having descriptions on interfaces
- not having labels on patch panels
- not having any network documentation
- using swearwords as passwords
- whole datacenter connected with one cable to the core switch
- core switch with CPU spiking to 100% hundred times a day
- terminal server connecting to that almost-dead core switch
- having no change management
Much as i hate these things, fixing them makes me feel like a superman / wise rabbi figure. I give myself extra points if i manage to stay calm, too.
Been a bit busy with my home lab. Here’s what i’ve managed so far:
- got a public IP from Polkomtel
- installed the sim card in a Huawei 593s
- used an old 48 port Dell switch to connect to the Huawei router
- created a basic 10-router, 6 switch topology to practise configurations for my new job
- plugged all equipment into my new wonderful GemBird IP PDUs so that I can power on my equipment from the Internet
- installed two new Cisco terminal servers 2509
- ordered a second-hand 2621xm + NM-32 terminal server to plug in more devices in the future
I’m still missing a rack (cashflow!) but September looks promising.
Other than that, I’ve been preparing my crowdfunding campaign at http://www.polakpotrafi.pl. It will take a while to cook cause of all the account verifications, but I might be able to actually launch the campaign late July / early August. Leaflets and posters are ready for printing, so this, too, waits for my next salary. Doesn’t everything…
Exam update: I’ve passed JNCIS-ENT. I’m taking SISAS on Wednesday. SITCS needs to wait until end of September or until I do more paid overtime 🙂
Tomorrow I’m finishing the lab so you may expect some diagrams and basic configs.
Been a while since the last update but things have never been busier. I’ve passed CCDA and SIMOS, the latter was especially difficult. I’m still taking JNCIS-ENT soon, so I don’t think the courses will start in April as planned before. My current employer is sending me to Norway for a few weeks to launch a new maintenance contract so most likely the first course won’t start until September. But it’s for the better – I will have had more time to get everything ready by then.
As to SIMOS – can’t reveal much without violating NDA, but the exam is definitely more difficult than it would transpire from the exam scope on official exam pages. You need to really dig deep into the official documentation, plus the passmark is rather high. The quality of the exam is typically low and quite embarassing.
With SIMOS passed, I’m halfway through my CCNP security path so two more to go in 2016. I’m also planning to do my JNCIP and CCDP so that I can focus on CCIE entirely in 2017. Ambitious but doable.
Once back from Norway, I should be able to get the first remote rack running. I’ve found a place to run it from so it’s now just a question of assembling and configuring everything.
I’ll try to write a bit more next week after my next exam.
The website is finally ready together with the final version of our commercial!
Watch it at https://www.youtube.com/watch?v=KsX8E6oC_iQ
Course-wise, it looks like April 2 is still on! Leaflets are almost ready to be printed, some hardware testing has been done already, too. First customers are starting to ask about the company, which is surprising if you take into account that i haven’t done any marketing yet. Cool!
From March onwards I’ll start posting network-related materials. I’m thinking a combined Cisco-Juniper course for beginners. We’ll see.
Today just a short update. I’m super excited creating a fun-packed learning plan for the first course in April. I’m really interested to see how much can be taught (and internalized) in 6 days. Ideally this should be a flexible plan with CCENT core material + some CCNA and even CCNP stuff on top if there’s enough time after 5pm each day. So those of you who see BGP – do not fear. This only covers the basics and is only there for completeness sake. I don’t want anybody who has attended my course to be unfamiliar with crucial routing concepts, but I cannot possibly expect anybody to be a BGP expert after a 6 days CCENT course. BGP is there so that you’re not afraid of your senior colleagues when they’re discussing their more expert-level stuff.
I expect I’ll finish the bird’s-eye view of the curriculum tomorrow and I’ll get down to detailed activity plans, which should take me around 2-3 months. I’ll keep you updated!
A friend of mine saw my website today and she was like: ”ok, but why would I need a CCENT cert in the first place? Tell them why they need your course”. And I realized that she’s spot on – why does anybody need a CCENT?
So what does doing a CCENT course give you?
First of all, this is an important step towards your future career. CCENT is like putting your foot in the door to say: hey, I could be a junior network admin in the future.
Also, it’s a way of finding out if this is something you might enjoy doing. How can you know if you like networks if you’ve never attended a cisco course? 6 days (that’s the duration of my CCENT course) is definitely worth it because this might be a beginning of a great adventure.
Finally, because it’s such a brave new world. Once you’ve mastered the basics, you can move on to new IT learning paths: virtualization, data center, software defined networks, you name it. CCENT can give you a solid foundation that you can build on while exploring technologies like voice, wireless, design etc. It’s a universal key that you will be using over and over and over again. If you speak English, hold a CCENT/CCNA certificate plus you decide to learn a bit about Linux, the world is your oyster.
What do you need to do,then?
- take my 6 day course
- read a Cisco official guide
- watch any CCENT online course
- use a simulator or buy real gear to lab up what you’ve learnt
- register at Pearson Vue
- make an appointment (exam fee is roughly $250)
- take the CCENT test
- give yourself a present (a new Cisco router, perhaps?)
So on to Step 1: email me at email@example.com or call 601079955 between 5 and 8p.m.