Doing a network upgrade of 28 sites, 60 services and roughly 160 old devices to just 60 devices. Python has become my friend for reading configs, creating csv files and verification. Will be posting my scripts later. I’m sure there are clever people out there who can tell me where I went wrong or what I could be doing better. However time fails me to post them right now.

Tags: cisco,linkedin,migration,nortel,python
Categories: Work
Comments Off

Not posted much recently, it’s time to add some more meat…

Last week I passed the F5 BIG-IP LTM v9.0 essentials exam. Was easier than I thought, however tomorrow I may be humbled further as I go for the advanced version of the F5 BIG-IP LTM v9.0 test. Studying with the training books from 4 days worth of training but without further hands on is not what I call fun. Admittedly it’s a lot easier than CCIE so what really am I moaning about. I suppose it the fact that I’m not studying for my next lab…

Tags: exam,F5
Categories: Main blog, Work
3 Comments »

Ouch. Humility is a painful process…

I’ve just been taught a lesson in humility and authorship. My post about Cisco’s NTP authentication implementation received a comment from a certain Frank. I’ve added my comment and need to verify my statment as soon as I can manage to get some hands-on in a lab again (not got Dynamips set-up yet)…

Categories: CCIE R&S
Comments Off

Finally some news to write. Not that I haven’t been busy but just not with CCIE. Have had too much on my mind and finally I can write about it.

Today I’ve resigned from my position at Easynet and signed with nscglobal as a Consultant. First thing while writing here is to thank Easynet for the time there, the opportunities and trust given to me. Despite moving my desk from Rotterdam to Amsterdam within six months of employment, I have thoroughly enjoyed working for Easynet. Seeing it mature from a internationally fragmented company into an upcoming global enterprise player has been both challenging and inspiring.

For those who don’t know nscglobal, they’re a UK integrator and I’ll be working in one of their London offices. This means moving from The Netherlands to the United Kingdom and we’ll be doing so physically in January. We’re looking for a rental house for multiple reasons but for this site the relevant one is my CCIE. Once in the UK I need to start focussing on my CCIE again and I hope to be able to do so with the support of some of the CCIE’s nscglobal has. So be ready for some new CCIE updates starting January.

Till then I’ll probably blog about whatever technology comes my way during the move. For example the UK mobile operator 3 has an offer with free Skype calls so I might be looking into UMTS coverage in London, Hitchin and the rest of the extended North of London. Plus I’ll be looking for a hosting location for my two servers, offers are welcome. Offers for dedicated hosting too, might help the uptime of things… My VoIP setup will have to change as well, only slightly as I’ll only be adding an FXO port at home.

Anyway just keep reading and you’ll find out, the great thing is that I don’t have to keep silent any more about what is going on and that we’re looking forward to new things.

Categories: Main blog, Work
Comments Off

*Sigh* Took me an hour or two to figure this one out. Cacti now does a ping before actually polling a device for stats. I’m running a small cacti site which had been neglected for a long time. After updating cacti and cleaning up some mess I was confused why one router did get polled and the other’s graphs remained a dumb “nan”.

I debugged and pinged, even installed hping3 to do UDP pings. I don’t want to run cacti as root, especially not on a vhost. So the UDP ping had to work. The pings arrived but still no replies.

Getting sidetracked I noticed that the one router that did work was being hit by SSH login attempts and it’s cpu was spiking. An ACL took care of the break-in attempts but then I noticed that directed broadcasts were made to my server’s segment. So I nailed that down plus proxy-arps when I noticed that the router which had worked before now was causing errors in Cacti as well.

Tracking back I noticed that the UDP ping ‘replies’ were unreachables rather than ICMP replies (doh, how obvious!) . I enabled IP unreachables on both routers again and I was done. It’s amazing how blind one can be at times to the blatantly obvious…

Categories: Main blog, Networking, Work
Comments Off

Only just noticed but in effect since September 7th. The CCIE lab exam has gone up from $1250 to $1400, which results in $1694,- / €1199,30 including the 21% VAT for the Brussels lab location.

Even though it’s a 12% price increase it’s been 8 years since the previous increase. It’s been argued on Groupstudy that a 2% annual increase is not bad as it’s relatively on par with the inflation we’ve seen over the last 8 years. Never the less for those of us forced to pay for our own labs it’s a bitter pill to take.

Also note that all exams from CCNA to the CCIE written and lab have increased in price.

Categories: CCIE R&S, Main blog
Comments Off

A recent question prompted this post. I’ve noticed that my site is getting more popular, despite my silence over the past weeks. I hope to propperly break the silence soon. All I can say now is that I’m busy working out an action plan towards my next lab attempt. By no means am I giving up!

Since my last post I’ve been very busy with work related issues and as such have not had the time or the right frame of mind to study. Please bear with me as I work to get back into the game. Feel free to comment on my previous posts, or this one if you like. It really helps me to know that other find this stuff useful.

Categories: CCIE R&S, Main blog, Work
Comments Off

Since 12.3 (T?), static routes pointing to interfaces will be advertised by RIP and EIGRP as these static subnets are assumed to be part of the interfaces on which RIP and/or EIGRP is activated.

ip route prefix mask {ip-address | interface-type interface-number [ip-address]} [dhcp] [distance] [name next-hop-name] [permanent | track number] [tag tag]

Show me more… »

Categories: CCIE R&S, Main blog, Networking, Work
Comments Off

Eek, Cisco keeps tabs on page hits when checking available lab seats. I set up firefox to automatically reload the page which works fine but resulted in me being locked out. Luckily only for a day but at 28 days before my ideal lab date this is not funny.

The following advice to all who’re desperate for a lab date: Be persistent but do not over do it.

ERROR: The ‘Available Lab Seats’ activity limit for the candidate has been exceeded for today. Please try again tomorrow.

Categories: CCIE R&S, Main blog
Comments Off

Wow, I managed to spot and book the 2nd of October instead of my February 7th seat. Hopefully I’ll manage to swap this day for September 14th with someone from Vietnam. Poor guy that is a long way to come for a lab… But as you can see from my previous post swapping seats is a risky business.

[edit, 17 Aug 2007] I’ve managed to move to September 28th and I’ll stick with it for now. There’s enough to keep me busy till then, may circumstantially even have to move my date back. I’ll be diving back into the books/lab next week, too much social stuff going on this week.

[edit, 10 Sep 2007] Sadly I have cancelled my September 28th seat. There’s just too much going on right now to be able to concentrate, let alone to have enough time to commit to studying. I’m hoping I’ll ba able to move my Feb 19th date forward but for now it would be wise to keep the February date, at least until some things settle down.

Categories: CCIE R&S, Main blog
3 Comments »

As many people have found it’s rather hard to book a lab seat these days. All locations are fully booked. The occasional cancellations are snapped up in minutes.

I did manage to book a seat but it’s one of the seats that became available last Saturday, Cisco gives seats out 6 months ahead of time. They are snapped up within hours if not minutes. Many people just book anywhere in the hope they can swap later on, or figure out how to pay for the travel. Mails about swapping lab seats are becoming more and more frequent on Groupstudy.

I must admit that I’ve joined the ranks here. I’m looking for a seat on Sept 10th. Need to call Cisco today, hoping to be able to safely swap seats with someone who is willing to swap Sept 14th for my day in Feb. So my advice to anyone planning to take their lab in the next year: Plan your lab carefully.

[edit, 15 Aug 2007] Well I called Cisco (see this link) and as expected they refuse to swap lab dates. No manual database work will be done. When I argued that seats are booked within minutes after becoming available, their advise was to swap seats during off peak hours. My goodness even I considered flying out to Sao Paulo, this is a global struggle for CCIE lab seats. There are no off peak hours!

So for those planning to swap dates. My advice is get on the phone, MSN, IRC or whatever other low delay medium (this means no e-mail) and make sure you pick each others dropped seats up asap. Sadly there is no safe was of swapping seats.

Categories: CCIE R&S, Main blog
3 Comments »

Well I received my results just as I took a snapshot of the window that’s been haunting me since I got home last night. No pass this time…

So I’ll have to pick up speed and book another lab asap.

[edit] To make matters worse, Cisco has no dates available at all. I hope this is a system error but I know that the earliest people have managed to book at this time is around end of Jan 2008…:

There are no available lab dates for the selections you made. You may want to adjust your criteria to find lab dates convenient for you. Also, check back frequently in case there are cancellations.

Categories: CCIE R&S, Main blog, Work
Comments Off

Totally different from last year, I ran out of time. I’d knew it might happen as I just didn’t have the speed in my fingers and mind as I did for the first attempt and I wanted to be more thorough. I’d like to think I was more thorough but I also blanked out twice which lost me probably about half an hour in total. Stupid ‘bgp update-source’ addresses…

Oh well, in all I think I lost 14 points to unanswered questions or uncertain answers. This leaves about 6 points leeway, not a lot but just maybe enough. Also nice is that this time I don’t have the mail before I get home so I’m taking that as a good sign: at least this time I wasn’t completely hopeless.

Will post as soon as I know, checking my mail regularly and the certification page. that page is weird by the way, it lists my attempt with links for a  ‘Submit Critique’ & ‘Request for Reread’ but no real result is stated. I’ll be twiddling my thumbs a little longer I guess.

Categories: CCIE R&S, Main blog, Work
Comments Off

Well It’s Thursday evening and I’ve gone over (too?) many topics today. Time to take a break and rest before the big day. So I’ll be trying to stay away from my laptop tomorrow (fat chance I know) and get some rest, hopefully by some sleeping in the sun.

Will post here as soon as I get some time at home after the lab and of course as soon as I have my results.

Categories: CCIE R&S, Main blog
1 Comment »

A quick and dirty rip from CCO just for those who’re in a hurry:

Enabling 802.1x Authentication

To enable 802.1x port-based authentication, you must enable AAA and specify the authentication method list. A method list describes the sequence and authentication methods to be queried to authenticate a user.

The software uses the first method listed to authenticate users; if that method fails to respond, the software selects the next authentication method in the method list. This process continues until there is successful communication with a listed authentication method or until all defined methods are exhausted. If authentication fails at any point in this cycle, the authentication process stops and no other authentication methods are attempted.

SUMMARY STEPS

Configure:

1. aaa authentication dot1x {default | listname} method1 [method2...]
2. interface interface-id
3. dot1x port-control auto

Verify:

1. show dot1x

Categories: CCIE R&S, Main blog
Comments Off