BGP is one of the most complex topics you'll study when pursuing your CCNP, if not the most complex. I know from personal experience that when I was earning my CCNP, BGP is the topic that gave me the most trouble at first. One thing I keep reminding today's CCNP candidates about, though, is that no Cisco technology is impossible to understand if you just break it down and understand the basics before you start trying to understand the more complex configurations.
BGP attributes are one such topic. You've got well-known mandatory, well-known discretionary, transitive, and non-transitive. Then you've got each individual BGP attribute to remember, and the order in which BGP considers attributes, and what attributes even are... and a lot more! As with any other Cisco topic, we have to walk before we can run. Let's take a look at what attributes are and what they do in BGP.
BGP attributes are much like what metrics are to OSPF, RIP, IGRP, and EIGRP. You won't see them listed in a routing table, but attributes are what BGP considers when choosing the best path to a destination when multiple valid (loop-free) paths exist.
When BGP has to decide between such paths, there is an order in which BGP considers the path attributes. For success on the CCNP exams, you need to know this order. BGP looks at path attributes in this order:
Highest weight (Cisco-proprietary BGP value)
Highest local preference (LOCAL_PREF)
Prefer locally originated route.
Shortest AS_PATH is preferred.
Choose route with lowest origin code. Internal paths are preferred over external paths, and external paths are preferred over paths with an origin of "incomplete".
Lowest multi-exit discriminator (MED)
External BGP routes preferred over Internal BGP routes.
If no external route, select path with lowest IGP cost to the next-hop router for iBGP.
Choose most recent route.
Choose lowest BGP RID (Router ID).
If you don't know what these values are, or how they're configured, don't panic! The next several parts of this BGP tutorial will explain it all. So spend some time studying this order, and in part II of this free BGP tutorial, we'll look at each of these values in detail. Keep studying!
Monday, December 22, 2008
Cisco CCNA / CCNP / BCMSN Exam Review: Trunking And Trunking Protocols
To earn your CCNA or CCNP certification, you've got to understand the basics of trunking. This isn't just a CCNA topic - you must have an advanced understanding of trunking and etherchannels to pass the BCMSN exam and earn your CCNP as well. Before we address those advanced topics, though, you need to master the fundamentals!
A trunk allows inter-VLAN traffic to flow between directly connected switches. By default, a trunk port is a member of all VLANs, so traffic for any and all VLANs can travel across this trunk. That includes broadcast traffic!
The default mode of a switch port does differ between models, so always check your documentation. On Cisco 2950 switches, every single port is in dynamic desirable mode by default, meaning that every port is actively attempting to trunk. On these switches, the only action needed from us is to physically connect them with a crossover cable. In just a few seconds, the port light turns green and the trunk is up and running. The command show interface trunk will verify trunking.
How does the receiving switch know what VLAN the frame belongs to? The frames are tagged by the transmitting switch with a VLAN ID, reflecting the number of the VLAN whose member ports should receive this frame. When the frame arrives at the remote switch, that switch will examine this ID and then forward the frame appropriately.
There are two major trunking protocols you must understand and compare successfully, those being ISL and IEEE 802.1Q. Let's take a look at the details of ISL first.
ISL is a Cisco-proprietary trunking protocol, making it unsuitable for a multivendor environment. That's one drawback, but there are others. ISL will place both a header and trailer onto the frame, encapsulating it. This increases the overhead on the trunk line.
You know that the default VLAN is also known as the "native VLAN", and another drawback to ISL is that ISL does not use the concept of the native VLAN. This means that every single frame transmitted across the trunk will be encapsulated.
The 26-byte header that is added to the frame by ISL contains the VLAN ID; the 4-byte trailer contains a Cyclical Redundancy Check (CRC) value. The CRC is a frame validity scheme that checks the frame's integrity.
In turn, this encapsulation leads to another potential issue. ISL encapsulation adds 30 bytes total to the size of the frame, potentially making them too large for the switch to handle. (The maximum size for an Ethernet frame is 1518 bytes.)
IEEE 802.1q differs substantially from ISL. In contrast to ISL, dot1q does not encapsulate frames. A 4-byte header is added to the frame, resulting in less overhead than ISL. If the frame is destined for hosts residing in the native VLAN, that header isn't added. Since the header is only 4 bytes in size, and isn't even placed on every frame, using dot1q lessens the chance of oversized frames. When the remote port receives an untagged frame, the switch knows that these untagged frames are destined for the native VLAN.
Knowing the details is the difference between passing and failing your CCNA and CCNP exams. Keep studying, get some hands-on practice, and you’re on your way to Cisco certification success!
A trunk allows inter-VLAN traffic to flow between directly connected switches. By default, a trunk port is a member of all VLANs, so traffic for any and all VLANs can travel across this trunk. That includes broadcast traffic!
The default mode of a switch port does differ between models, so always check your documentation. On Cisco 2950 switches, every single port is in dynamic desirable mode by default, meaning that every port is actively attempting to trunk. On these switches, the only action needed from us is to physically connect them with a crossover cable. In just a few seconds, the port light turns green and the trunk is up and running. The command show interface trunk will verify trunking.
How does the receiving switch know what VLAN the frame belongs to? The frames are tagged by the transmitting switch with a VLAN ID, reflecting the number of the VLAN whose member ports should receive this frame. When the frame arrives at the remote switch, that switch will examine this ID and then forward the frame appropriately.
There are two major trunking protocols you must understand and compare successfully, those being ISL and IEEE 802.1Q. Let's take a look at the details of ISL first.
ISL is a Cisco-proprietary trunking protocol, making it unsuitable for a multivendor environment. That's one drawback, but there are others. ISL will place both a header and trailer onto the frame, encapsulating it. This increases the overhead on the trunk line.
You know that the default VLAN is also known as the "native VLAN", and another drawback to ISL is that ISL does not use the concept of the native VLAN. This means that every single frame transmitted across the trunk will be encapsulated.
The 26-byte header that is added to the frame by ISL contains the VLAN ID; the 4-byte trailer contains a Cyclical Redundancy Check (CRC) value. The CRC is a frame validity scheme that checks the frame's integrity.
In turn, this encapsulation leads to another potential issue. ISL encapsulation adds 30 bytes total to the size of the frame, potentially making them too large for the switch to handle. (The maximum size for an Ethernet frame is 1518 bytes.)
IEEE 802.1q differs substantially from ISL. In contrast to ISL, dot1q does not encapsulate frames. A 4-byte header is added to the frame, resulting in less overhead than ISL. If the frame is destined for hosts residing in the native VLAN, that header isn't added. Since the header is only 4 bytes in size, and isn't even placed on every frame, using dot1q lessens the chance of oversized frames. When the remote port receives an untagged frame, the switch knows that these untagged frames are destined for the native VLAN.
Knowing the details is the difference between passing and failing your CCNA and CCNP exams. Keep studying, get some hands-on practice, and you’re on your way to Cisco certification success!
Cisco CCNA / CCNP Certification Exam Tutorial: Floating Static Routes
To pass the Cisco CCNA and CCNP certification exams, as well as becoming a world-class networker, you've got to know how and when to use floating static routes. And if you're wondering what makes them "float" -- read on!
In this example, R1 and R2 are running OSPF over a Frame Relay network, 172.12.123.0 /24. They're also connected by a BRI ISDN link, 172.12.12.0 /24. R1 is advertising a loopback network, 1.1.1.1 /32, via OSPF. We want R2 to have a route to that loopback even if the frame goes down - and here, we'll use a floating static route to make that happen.
R2 sees the route to the loopback interface via OSPF, and can ping that interface successfully.
R2#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 172.12.123.1, 00:00:02, Serial0
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/68/68 ms
This is when it's important to know your administrative distances.... or at least know where to look to see them! The AD of OSPF is 110, which means we can configure a static route to 1.1.1.1 /32, and as long as the AD of the static route is higher than 110, it won't be used unless the OSPF route leaves the routing table. That's why this kind of route is called a "floating" static route - the route "floats" in the routing table and isn't seen unless the primary route leaves the table.
You learned how to write a static route in your CCNA studies, but you also remember that the default AD of a static route is either 1 or 0... and both of those values are less than 110! To change the AD of a static route, configure the desired distance at the end of the ip route command.
R2(config)#ip route 1.1.1.1 255.255.255.255 bri0 ?
<1-255> Distance metric for this route
A.B.C.D Forwarding router's address
name Specify name of the next hop
permanent permanent route
tag Set tag for this route
R2(config)#ip route 1.1.1.1 255.255.255.255 bri0 111
The static route has an AD that's only one higher than that of the OSPF route, but that's enough to make the route "float" and not yet be seen in the routing table.
R2#show ip route
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 172.12.123.1, 00:06:44, Serial0
172.12.0.0/24 is subnetted, 2 subnets
C 172.12.12.0 is directly connected, BRI0
C 172.12.123.0 is directly connected, Serial0
Let's see the effect on the routing table when the Serial0 interface is closed.
R2(config)#int s0
R2(config-if)#shutdown
12:04:53: %OSPF-5-ADJCHG: Process 1, Nbr 172.12.123.1 on Serial0 from FULL to DOWN, Neighbor Down: Interface down or detached
12:04:55: %SYS-5-CONFIG_I: Configured from console by console
12:04:55: %LINK-5-CHANGED: Interface Serial0, changed state to administratively down
12:04:56: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down
R2#show ip route
1.0.0.0/32 is subnetted, 1 subnets
S 1.1.1.1 is directly connected, BRI0
172.12.0.0/24 is subnetted, 1 subnets
C 172.12.12.0 is directly connected, BRI0
The floating static route appears in the table, but the ISDN link will not come up until the BRI interface has traffic to send. Let's ping 1.1.1.1 and see what happens. debug dialer was configured on R2 before sending the ping.
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
12:16:01: BR0 DDR: Dialing cause ip (s=172.12.12.2, d=1.1.1.1)
12:16:01: BR0 DDR: Attempting to dial 8358661
12:16:01: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up.!!
12:16:01: BR0:1 DDR: dialer protocol up!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 36/37/40 ms
The link comes up and traffic can still reach 1.1.1.1. Once R2 becomes an OSPF neighbor of R1 again, the OSPF route will again become the primary path and the floating static route leaves the routing table.
R2(config)#int s0
R2(config-if)#no shut
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.12.123.1 1 FULL/DR 00:01:57 172.12.123.1 Serial0
R2#show ip route
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 172.12.123.1, 00:00:16, Serial0
172.12.0.0/24 is subnetted, 2 subnets
C 172.12.12.0 is directly connected, BRI0
C 172.12.123.0 is directly connected, Serial0
A floating static route is an excellent "back door" that will keep the ISDN link down while allowing that link to serve as a backup route. Just make sure the ISDN link comes down when you expect it to - always check that with show isdn status!
In this example, R1 and R2 are running OSPF over a Frame Relay network, 172.12.123.0 /24. They're also connected by a BRI ISDN link, 172.12.12.0 /24. R1 is advertising a loopback network, 1.1.1.1 /32, via OSPF. We want R2 to have a route to that loopback even if the frame goes down - and here, we'll use a floating static route to make that happen.
R2 sees the route to the loopback interface via OSPF, and can ping that interface successfully.
R2#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 172.12.123.1, 00:00:02, Serial0
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/68/68 ms
This is when it's important to know your administrative distances.... or at least know where to look to see them! The AD of OSPF is 110, which means we can configure a static route to 1.1.1.1 /32, and as long as the AD of the static route is higher than 110, it won't be used unless the OSPF route leaves the routing table. That's why this kind of route is called a "floating" static route - the route "floats" in the routing table and isn't seen unless the primary route leaves the table.
You learned how to write a static route in your CCNA studies, but you also remember that the default AD of a static route is either 1 or 0... and both of those values are less than 110! To change the AD of a static route, configure the desired distance at the end of the ip route command.
R2(config)#ip route 1.1.1.1 255.255.255.255 bri0 ?
<1-255> Distance metric for this route
A.B.C.D Forwarding router's address
name Specify name of the next hop
permanent permanent route
tag Set tag for this route
R2(config)#ip route 1.1.1.1 255.255.255.255 bri0 111
The static route has an AD that's only one higher than that of the OSPF route, but that's enough to make the route "float" and not yet be seen in the routing table.
R2#show ip route
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 172.12.123.1, 00:06:44, Serial0
172.12.0.0/24 is subnetted, 2 subnets
C 172.12.12.0 is directly connected, BRI0
C 172.12.123.0 is directly connected, Serial0
Let's see the effect on the routing table when the Serial0 interface is closed.
R2(config)#int s0
R2(config-if)#shutdown
12:04:53: %OSPF-5-ADJCHG: Process 1, Nbr 172.12.123.1 on Serial0 from FULL to DOWN, Neighbor Down: Interface down or detached
12:04:55: %SYS-5-CONFIG_I: Configured from console by console
12:04:55: %LINK-5-CHANGED: Interface Serial0, changed state to administratively down
12:04:56: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down
R2#show ip route
1.0.0.0/32 is subnetted, 1 subnets
S 1.1.1.1 is directly connected, BRI0
172.12.0.0/24 is subnetted, 1 subnets
C 172.12.12.0 is directly connected, BRI0
The floating static route appears in the table, but the ISDN link will not come up until the BRI interface has traffic to send. Let's ping 1.1.1.1 and see what happens. debug dialer was configured on R2 before sending the ping.
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
12:16:01: BR0 DDR: Dialing cause ip (s=172.12.12.2, d=1.1.1.1)
12:16:01: BR0 DDR: Attempting to dial 8358661
12:16:01: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up.!!
12:16:01: BR0:1 DDR: dialer protocol up!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 36/37/40 ms
The link comes up and traffic can still reach 1.1.1.1. Once R2 becomes an OSPF neighbor of R1 again, the OSPF route will again become the primary path and the floating static route leaves the routing table.
R2(config)#int s0
R2(config-if)#no shut
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.12.123.1 1 FULL/DR 00:01:57 172.12.123.1 Serial0
R2#show ip route
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 172.12.123.1, 00:00:16, Serial0
172.12.0.0/24 is subnetted, 2 subnets
C 172.12.12.0 is directly connected, BRI0
C 172.12.123.0 is directly connected, Serial0
A floating static route is an excellent "back door" that will keep the ISDN link down while allowing that link to serve as a backup route. Just make sure the ISDN link comes down when you expect it to - always check that with show isdn status!
Cisco / Microsoft Computer Certification: Be Ready For Your Opportunity
I was reading The Big Moo: Stop Trying To Be Perfect and Start Being Remarkable this morning, and I’d recommend a copy of this to anyone who wants to improve their career and their future. And that’s all of us, right?
There was one particular line that really stood out to me: Betting on change is always the safest bet available. That describes life perfectly, but it also describes a career in Information Technology perfectly as well. There is no field in the world that has the constant and never-ending changes that IT does. And every single one of us can look at this as a massive opportunity for personal and professional growth.
Is that how you’re looking at it? I remember when I passed my first certification exam, the Novell CAN, back in 1997. Man, I thought I knew it all then! But I quickly learned that you’ve got to keep learning in IT. I also learned that if you’re willing to put in the work and make the sacrifices, there’s no other field with the limitless potential for growth and excellence.
Like everyone else, my career has had its ups and downs, but I always kept learning and growing. Today, I’ve got my dream job, working with studI was reading The Big Moo: Stop Trying To Be Perfect and Start Being Remarkable this morning, and I’d recommend a copy of this to anyone who wants to improve their career and their future. And that’s all of us, right?
There was one particular line that really stood out to me: Betting on change is always the safest bet available. That describes life perfectly, but it also describes a career in Information Technology perfectly as well. There is no field in the world that has the constant and never-ending changes that IT does. And every single one of us can look at this as a massive opportunity for personal and professional growth.
Is that how you’re looking at it? I remember when I passed my first certification exam, the Novell CAN, back in 1997. Man, I thought I knew it all then! But I quickly learned that you’ve got to keep learning in IT. I also learned that if you’re willing to put in the work and make the sacrifices, there’s no other field with the limitless potential for growth and excellence.
Like everyone else, my career has had its ups and downs, but I always kept learning and growing. Today, I’ve got my dream job, working with students and customers just like you – to help you create your own future.
The next 18 months are filled with endless possibilities, particularly with the rapid growth of VoIP and Microsoft Vista on the horizon. There will be those who rationalize their inertia, saying “I’ll never have to support those, so I don’t need to learn them."
There will also be those who see VoIP and Vista as enormous opportunities to learn and advance in their careers and their lives. These people will get started today, learning the fundamentals of Cisco and advancing their networking knowledge in order to be ready for opportunities as they come along.
You can’t start studying and learning when the opportunity arrives – you’ve got to be ready when opportunity knocks. If you’ve been putting off studying for a Cisco or other computer certification – and I know the summer is a really good time for putting off studying – get back on track today.
Because you never know what opportunities are going to come along – but you do know that when they do, you’ve got to be ready to take advantage. After all, opportunity really does knock only once!
ents and customers just like you – to help you create your own future.
The next 18 months are filled with endless possibilities, particularly with the rapid growth of VoIP and Microsoft Vista on the horizon. There will be those who rationalize their inertia, saying “I’ll never have to support those, so I don’t need to learn them."
There will also be those who see VoIP and Vista as enormous opportunities to learn and advance in their careers and their lives. These people will get started today, learning the fundamentals of Cisco and advancing their networking knowledge in order to be ready for opportunities as they come along.
You can’t start studying and learning when the opportunity arrives – you’ve got to be ready when opportunity knocks. If you’ve been putting off studying for a Cisco or other computer certification – and I know the summer is a really good time for putting off studying – get back on track today.
Because you never know what opportunities are going to come along – but you do know that when they do, you’ve got to be ready to take advantage. After all, opportunity really does knock only once!
There was one particular line that really stood out to me: Betting on change is always the safest bet available. That describes life perfectly, but it also describes a career in Information Technology perfectly as well. There is no field in the world that has the constant and never-ending changes that IT does. And every single one of us can look at this as a massive opportunity for personal and professional growth.
Is that how you’re looking at it? I remember when I passed my first certification exam, the Novell CAN, back in 1997. Man, I thought I knew it all then! But I quickly learned that you’ve got to keep learning in IT. I also learned that if you’re willing to put in the work and make the sacrifices, there’s no other field with the limitless potential for growth and excellence.
Like everyone else, my career has had its ups and downs, but I always kept learning and growing. Today, I’ve got my dream job, working with studI was reading The Big Moo: Stop Trying To Be Perfect and Start Being Remarkable this morning, and I’d recommend a copy of this to anyone who wants to improve their career and their future. And that’s all of us, right?
There was one particular line that really stood out to me: Betting on change is always the safest bet available. That describes life perfectly, but it also describes a career in Information Technology perfectly as well. There is no field in the world that has the constant and never-ending changes that IT does. And every single one of us can look at this as a massive opportunity for personal and professional growth.
Is that how you’re looking at it? I remember when I passed my first certification exam, the Novell CAN, back in 1997. Man, I thought I knew it all then! But I quickly learned that you’ve got to keep learning in IT. I also learned that if you’re willing to put in the work and make the sacrifices, there’s no other field with the limitless potential for growth and excellence.
Like everyone else, my career has had its ups and downs, but I always kept learning and growing. Today, I’ve got my dream job, working with students and customers just like you – to help you create your own future.
The next 18 months are filled with endless possibilities, particularly with the rapid growth of VoIP and Microsoft Vista on the horizon. There will be those who rationalize their inertia, saying “I’ll never have to support those, so I don’t need to learn them."
There will also be those who see VoIP and Vista as enormous opportunities to learn and advance in their careers and their lives. These people will get started today, learning the fundamentals of Cisco and advancing their networking knowledge in order to be ready for opportunities as they come along.
You can’t start studying and learning when the opportunity arrives – you’ve got to be ready when opportunity knocks. If you’ve been putting off studying for a Cisco or other computer certification – and I know the summer is a really good time for putting off studying – get back on track today.
Because you never know what opportunities are going to come along – but you do know that when they do, you’ve got to be ready to take advantage. After all, opportunity really does knock only once!
ents and customers just like you – to help you create your own future.
The next 18 months are filled with endless possibilities, particularly with the rapid growth of VoIP and Microsoft Vista on the horizon. There will be those who rationalize their inertia, saying “I’ll never have to support those, so I don’t need to learn them."
There will also be those who see VoIP and Vista as enormous opportunities to learn and advance in their careers and their lives. These people will get started today, learning the fundamentals of Cisco and advancing their networking knowledge in order to be ready for opportunities as they come along.
You can’t start studying and learning when the opportunity arrives – you’ve got to be ready when opportunity knocks. If you’ve been putting off studying for a Cisco or other computer certification – and I know the summer is a really good time for putting off studying – get back on track today.
Because you never know what opportunities are going to come along – but you do know that when they do, you’ve got to be ready to take advantage. After all, opportunity really does knock only once!
Cisco / MCSE Exam Study: Creating A Road Map To Success
Planning for success on the CCNA, CCNP, and other Cisco exams is much like taking a trip in your car. You've got to plan ahead, accept the occasional detour, and just keep on going until you get there. But what do you do before you get started?
Create a road map - for success.
If you were driving from one side of the country to another, you certainly wouldn't just get in your car and start driving, would you? No. You would plan the trip out ahead of time. What would happen if you just got in the car and started driving in the hope that you would someday arrive at your final destination? You would never get there, and you'd spend a lot of time wandering aimlessly.
Don't spend your study time and slow your progress by studying for a Cisco exam without planning the trip. Schedule your study time as you would an appointment with a client, and keep that appointment. Make sure that your study time is quality study - turn your TV, iPod, and cell off. If you hit a bump in the road and don't get your certification the first time you take the exam, regroup and create another plan. Study until you get to the point that on exam day, you know that you are already a CCNA or CCNP and you’re just there at the testing center to make it official.
The journey to success is not a straight line. When you look at a chart that shows a company's financial progress, the line never goes straight up. there are some ups and downs, but the overall result is success. The path to your eventual career and certification exam success may not be a direct one, but the important part is to get started - and to get any journey started, you've got to create a road map for a successful arrival at your destination.
Create a road map - for success.
If you were driving from one side of the country to another, you certainly wouldn't just get in your car and start driving, would you? No. You would plan the trip out ahead of time. What would happen if you just got in the car and started driving in the hope that you would someday arrive at your final destination? You would never get there, and you'd spend a lot of time wandering aimlessly.
Don't spend your study time and slow your progress by studying for a Cisco exam without planning the trip. Schedule your study time as you would an appointment with a client, and keep that appointment. Make sure that your study time is quality study - turn your TV, iPod, and cell off. If you hit a bump in the road and don't get your certification the first time you take the exam, regroup and create another plan. Study until you get to the point that on exam day, you know that you are already a CCNA or CCNP and you’re just there at the testing center to make it official.
The journey to success is not a straight line. When you look at a chart that shows a company's financial progress, the line never goes straight up. there are some ups and downs, but the overall result is success. The path to your eventual career and certification exam success may not be a direct one, but the important part is to get started - and to get any journey started, you've got to create a road map for a successful arrival at your destination.
Certification Q&A: Types Of Certifications To Consider For Computer-Related Careers
* What kinds of certifications should I consider for a PC Specialist career?
As a PC Specialist, people will rely on your specialized computer training and skills to keep the office running smoothly. You must have the following certifications:
• PC Specialist Certificate
• Microsoft Certified Systems Engineer
• Microsoft Certified Professional
* What kinds of certifications should I consider for a Software Engineer career?
The software engineer designs and develops systems to control and automate manufacturing, business, or management processes. To obtain a position as a Software Engineer, you must have:
• A four-year degree in a computer-related discipline is required for most software engineering positions.
• Certification in various software applications is suggested.
• Training programs are available at community colleges, vocational schools, technical institutes and in the Armed Forces.
Earning and maintaining computer certification is a good way for software engineers to keep their skills up to date. In addition to Microsoft, Novell, Cisco and other high-tech companies, the Institute of Electrical and Electronics Engineers (IEEE) Computer Society offers relevant computer certifications.
* What kinds of certifications should I consider for a Systems Analyst career?
These workers figure out how to use computers to get things done. They tell businesses and other organizations which computers and software to buy, and they decide how to get those tools to work together. To qualify on this position, you must have:
• A four-year college degree in computer science, information science, or management information systems.
• Microsoft Certification and Microsoft Certified Professional (MCP)
* What kinds of certifications should I consider for a Systems Engineer career?
Systems engineering is like putting together a puzzle, matching varied pieces together to make one cohesive whole. Here are some certifications you need to comply:
• BS in systems engineering or other related engineering discipline or an equivalent combination of education and work related experience.
• Novell certifications
Earning computer certification at a prestigious educational institution is impressive. But, if you don't have that kind of money, you may take computer certification training courses anywhere and anyway you wish and then pay to take the exams. Passing the exams is what earns computer certification.
* What kinds of certifications should I consider for a Technical Instructor career?
As a technical instructor, you need to be mature and very oriented towards people. To be considered, you must have the following certifications:
• A four-year degree in a computer-related discipline is required for most software engineering positions.
• CompTIA’s Certified Technical Trainer (CTT+) certification.
* What kinds of certifications should I consider for a Wireless Specialist career?
Career certification programs are critical for aspiring Wireless Specialists. Many are looking for programs that have a complete engineering curriculum that concentrates entirely on wireless application. Some of these are the following:
• Certified Wireless Professional includes application for wireless development, its networking elements and security, and embedded systems. Number of hours needed to complete the certification depends on the institution offering the program, but in most cases these certifications requires minimum of 200 hours lecture in class room and an average of 200 hours in laboratory practice.
• Cisco Security Professional Design Certifications merely concentrates on the perimeter security of the data in the web site, largely to avoid being hacked. Different versions of Web security courses such as DVS 1.0 and DPS 1.0 are available for reference.
As a PC Specialist, people will rely on your specialized computer training and skills to keep the office running smoothly. You must have the following certifications:
• PC Specialist Certificate
• Microsoft Certified Systems Engineer
• Microsoft Certified Professional
* What kinds of certifications should I consider for a Software Engineer career?
The software engineer designs and develops systems to control and automate manufacturing, business, or management processes. To obtain a position as a Software Engineer, you must have:
• A four-year degree in a computer-related discipline is required for most software engineering positions.
• Certification in various software applications is suggested.
• Training programs are available at community colleges, vocational schools, technical institutes and in the Armed Forces.
Earning and maintaining computer certification is a good way for software engineers to keep their skills up to date. In addition to Microsoft, Novell, Cisco and other high-tech companies, the Institute of Electrical and Electronics Engineers (IEEE) Computer Society offers relevant computer certifications.
* What kinds of certifications should I consider for a Systems Analyst career?
These workers figure out how to use computers to get things done. They tell businesses and other organizations which computers and software to buy, and they decide how to get those tools to work together. To qualify on this position, you must have:
• A four-year college degree in computer science, information science, or management information systems.
• Microsoft Certification and Microsoft Certified Professional (MCP)
* What kinds of certifications should I consider for a Systems Engineer career?
Systems engineering is like putting together a puzzle, matching varied pieces together to make one cohesive whole. Here are some certifications you need to comply:
• BS in systems engineering or other related engineering discipline or an equivalent combination of education and work related experience.
• Novell certifications
Earning computer certification at a prestigious educational institution is impressive. But, if you don't have that kind of money, you may take computer certification training courses anywhere and anyway you wish and then pay to take the exams. Passing the exams is what earns computer certification.
* What kinds of certifications should I consider for a Technical Instructor career?
As a technical instructor, you need to be mature and very oriented towards people. To be considered, you must have the following certifications:
• A four-year degree in a computer-related discipline is required for most software engineering positions.
• CompTIA’s Certified Technical Trainer (CTT+) certification.
* What kinds of certifications should I consider for a Wireless Specialist career?
Career certification programs are critical for aspiring Wireless Specialists. Many are looking for programs that have a complete engineering curriculum that concentrates entirely on wireless application. Some of these are the following:
• Certified Wireless Professional includes application for wireless development, its networking elements and security, and embedded systems. Number of hours needed to complete the certification depends on the institution offering the program, but in most cases these certifications requires minimum of 200 hours lecture in class room and an average of 200 hours in laboratory practice.
• Cisco Security Professional Design Certifications merely concentrates on the perimeter security of the data in the web site, largely to avoid being hacked. Different versions of Web security courses such as DVS 1.0 and DPS 1.0 are available for reference.
Certification Q&A: The Basics Of Certification
* What does certified mean?
There are four accepted meanings of the adjective “certified” but only two of which satisfy the needed meaning. To be certified means to be endorsed with authority by an institution or a person with higher position after one successfully meets certain requirements. Another meaning is that a person is qualified to do a certain job as supported by an appropriate document better known and regarded as a Certification.
* What certifications are there?
If you are pertaining to online certifications, there are lots to be traced. To help you find one best certification that fits your ability and interest, you may log on to reliable sites in the internet. For now, the following are the basic IT certifications:
• IT Auditing
• Document Imaging
• E-Commerce
• Internet/Intranet
• Linux
• Networking
• Printing
• Project Management
• IT Security
• Servers
• Service Technician
• Technical Trainer
• Webmaster
* Who benefits from certification?
Primarily the one given a certification benefits more. Being certified means one can properly function on a certain job. This means, companies will easily hire a person with certification especially when certifications come from a reliable learning institution.
In some ways, the company to which a certified person intends to apply for work will also benefit since the performance of the applying employee is being supported with a certification.
* Is certification better than experience?
The answer for that is a big "No." Certification means training. It is impossible for a person to send himself training without experiencing what it is he intends to do. For this reason, we cannot equate certification from experience since they do not share the same purpose. However, if you already have work experience, a certification is a big help for promotion, recognition and pay raises.
On the other hand, companies are not solely after experience but after educational attainments and performances. In other words, having completed a course as proved by a certification is a chance to be hired.
* Which certification program is best for me?
The best certification program for you is the one that fits your interests and capabilities. Those two factors should be considered above all ese when finding the right and best certification program for you.
* How much will getting certified cost?
Almost all training packages from different training institutions are cost effective. The training cost will depend on the training you want to pursue and in which training institution you intend to enroll. Generally, a trainee should prepare to pay between $100 and $400 for each training program.
* How long will certification take?
There are training institutions that offer a 6-month online training program. The usual training timeframe is one year. This length of training may exceed to a maximum of 2 years depending on the program conducted.
* Do I need a college degree to be certified?
You do not need a college degree to be certified. Some certification programs require one to have at least finished high school upon enrolling in a certain course.
* Will certification really help my career?
A certification may help your career. Nowadays, competition in the jobs is getting tougher. For one to stay in his or her job or to be promoted to a higher position, one factor to consider is his or her educational achievements. That is one reason why mastering your field of work by means of studying and training can be a great boost for your career. That is where a certification program can make or break your career advancement.
* Will I have to go somewhere for my certification training?
While you can find local institutions where you can take classes and tests, most training is done online now. You do not need to go somewhere else for your training. You do not even need to attend classes personally for your lessons. Not only is training done mostly online now, but examinations for certification are also given online.
There are four accepted meanings of the adjective “certified” but only two of which satisfy the needed meaning. To be certified means to be endorsed with authority by an institution or a person with higher position after one successfully meets certain requirements. Another meaning is that a person is qualified to do a certain job as supported by an appropriate document better known and regarded as a Certification.
* What certifications are there?
If you are pertaining to online certifications, there are lots to be traced. To help you find one best certification that fits your ability and interest, you may log on to reliable sites in the internet. For now, the following are the basic IT certifications:
• IT Auditing
• Document Imaging
• E-Commerce
• Internet/Intranet
• Linux
• Networking
• Printing
• Project Management
• IT Security
• Servers
• Service Technician
• Technical Trainer
• Webmaster
* Who benefits from certification?
Primarily the one given a certification benefits more. Being certified means one can properly function on a certain job. This means, companies will easily hire a person with certification especially when certifications come from a reliable learning institution.
In some ways, the company to which a certified person intends to apply for work will also benefit since the performance of the applying employee is being supported with a certification.
* Is certification better than experience?
The answer for that is a big "No." Certification means training. It is impossible for a person to send himself training without experiencing what it is he intends to do. For this reason, we cannot equate certification from experience since they do not share the same purpose. However, if you already have work experience, a certification is a big help for promotion, recognition and pay raises.
On the other hand, companies are not solely after experience but after educational attainments and performances. In other words, having completed a course as proved by a certification is a chance to be hired.
* Which certification program is best for me?
The best certification program for you is the one that fits your interests and capabilities. Those two factors should be considered above all ese when finding the right and best certification program for you.
* How much will getting certified cost?
Almost all training packages from different training institutions are cost effective. The training cost will depend on the training you want to pursue and in which training institution you intend to enroll. Generally, a trainee should prepare to pay between $100 and $400 for each training program.
* How long will certification take?
There are training institutions that offer a 6-month online training program. The usual training timeframe is one year. This length of training may exceed to a maximum of 2 years depending on the program conducted.
* Do I need a college degree to be certified?
You do not need a college degree to be certified. Some certification programs require one to have at least finished high school upon enrolling in a certain course.
* Will certification really help my career?
A certification may help your career. Nowadays, competition in the jobs is getting tougher. For one to stay in his or her job or to be promoted to a higher position, one factor to consider is his or her educational achievements. That is one reason why mastering your field of work by means of studying and training can be a great boost for your career. That is where a certification program can make or break your career advancement.
* Will I have to go somewhere for my certification training?
While you can find local institutions where you can take classes and tests, most training is done online now. You do not need to go somewhere else for your training. You do not even need to attend classes personally for your lessons. Not only is training done mostly online now, but examinations for certification are also given online.
CCNP Certification / BSCI Exam Tutorial: The BGP Neighbor Process
Like TCP, BGP is connection-oriented. An underlying connection between two BGP speakers is established before any routing information is exchanged. This connection takes place on TCP port 179. As with EIGRP and OSPF, keepalive messages are sent out by the BGP speakers in order to keep this relationship alive.
Once the connection is established, the BGP speakers exchange routes and synchronize their tables. After this initial exchange, a BGP speaker will only send further updates upon a change in the network topology.
The IGP protocols that use Autonomous Systems, IGRP and EIGRP, require prospective neighbors to be in the same AS. This is not true with BGP. Routers can be in different Autonomous Systems and still exchange routes. The BGP neighbors do not have to be directly connected, and often are not, but do need to be able to reach the IP addresses they use in their neighbor statements.
A BGP peer that is in the same AS is referred to as an Internal BGP (iBGP) Peer, where a BGP peer in another AS is an External BGP (eBGP) Peer.
A sample iBGP configuration:
Router bgp 100
Neighbor 10.1.1.2 remote-as 100
A sample eBGP configuration:
Router bgp 100
Neighbor 10.1.1.2 remote-as 200
Cisco recommends that eBGP peers be directly connected, where iBGP peers generally will not be.
Before we get too much farther into BGP theory, let’s get a configuration started. You’ll use the router bgp command to configure a router as a BGP speaker. Right after that, the neighbor command will be used to identify this BGP speaker’s potential neighbors. (The terms "peer" and "neighbor" are interchangeable in BGP, but it's the neighbor statement that is used to statically define neighbors. BGP is not capable of discovering neighbors dynamically.)
R1(config-router)#neighbor 172.12.123.3 remote-as 200
While almost all of the neighbor options are just that -- optional -- you do have to specify the BGP AS of the remote router. BGP has no mechanism to dynamically discover neighbors. Remember, BGP speakers do not have to be in the same AS to become peers. To verify that the remote BGP speaker has become a peer, run show ip bgp neighbor.
R1#show ip bgp neighbor
BGP neighbor is 172.12.123.3, remote AS 200, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:01:39, hold time is 180, keepalive interval is 60 seconds
Received 0 messages, 0 notifications, 0 in queue
Sent 0 messages, 0 notifications, 0 in queue
Route refresh request: received 0, sent 0
Default minimum time between advertisement runs is 30 seconds
The output here can be a little misleading the first time you read it. The first highlighted line shows 172.12.123.3 is a BGP neighbor, is located in AS 200, and is an external link, indicating that the neighbor is in another AS entirely. The second highlighted line shows the BGP state as Active. This sounds great, but it actually means that a BGP peer connection does not yet exist with the prospective neighbor.
So even though the show ip bgp neighbor output indicated that this is an Active neighbor relationship, that’s not as good as it sounds. Of course, the reason the peer relationship hasn’t been established is that we haven’t configured R3 yet!
R3(config)#router bgp 200
R3(config-router)#neighbor 172.12.123.1 remote-as 100
Verify the peer establishment with show ip bgp neighbor:
R3#show ip bgp neighbor
BGP neighbor is 172.12.123.1, remote AS 100, external link
BGP version 4, remote router ID 172.12.123.1
BGP state = Established, up for 00:01:18
Last read 00:00:17, hold time is 180, keepalive interval is 60 seconds
Local host: 172.12.123.3, Local port: 179 (BGP uses TCP Port 179)
Foreign host: 172.12.123.1, Foreign port: 11007
The peer relationship between R1 and R3 has been established.
Now that you know how the neighbor relationship itself is built, you need to start learning the many options of the neighbor command. You’ll have to master these to become a CCNP and CCIE!
Once the connection is established, the BGP speakers exchange routes and synchronize their tables. After this initial exchange, a BGP speaker will only send further updates upon a change in the network topology.
The IGP protocols that use Autonomous Systems, IGRP and EIGRP, require prospective neighbors to be in the same AS. This is not true with BGP. Routers can be in different Autonomous Systems and still exchange routes. The BGP neighbors do not have to be directly connected, and often are not, but do need to be able to reach the IP addresses they use in their neighbor statements.
A BGP peer that is in the same AS is referred to as an Internal BGP (iBGP) Peer, where a BGP peer in another AS is an External BGP (eBGP) Peer.
A sample iBGP configuration:
Router bgp 100
Neighbor 10.1.1.2 remote-as 100
A sample eBGP configuration:
Router bgp 100
Neighbor 10.1.1.2 remote-as 200
Cisco recommends that eBGP peers be directly connected, where iBGP peers generally will not be.
Before we get too much farther into BGP theory, let’s get a configuration started. You’ll use the router bgp command to configure a router as a BGP speaker. Right after that, the neighbor command will be used to identify this BGP speaker’s potential neighbors. (The terms "peer" and "neighbor" are interchangeable in BGP, but it's the neighbor statement that is used to statically define neighbors. BGP is not capable of discovering neighbors dynamically.)
R1(config-router)#neighbor 172.12.123.3 remote-as 200
While almost all of the neighbor options are just that -- optional -- you do have to specify the BGP AS of the remote router. BGP has no mechanism to dynamically discover neighbors. Remember, BGP speakers do not have to be in the same AS to become peers. To verify that the remote BGP speaker has become a peer, run show ip bgp neighbor.
R1#show ip bgp neighbor
BGP neighbor is 172.12.123.3, remote AS 200, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:01:39, hold time is 180, keepalive interval is 60 seconds
Received 0 messages, 0 notifications, 0 in queue
Sent 0 messages, 0 notifications, 0 in queue
Route refresh request: received 0, sent 0
Default minimum time between advertisement runs is 30 seconds
The output here can be a little misleading the first time you read it. The first highlighted line shows 172.12.123.3 is a BGP neighbor, is located in AS 200, and is an external link, indicating that the neighbor is in another AS entirely. The second highlighted line shows the BGP state as Active. This sounds great, but it actually means that a BGP peer connection does not yet exist with the prospective neighbor.
So even though the show ip bgp neighbor output indicated that this is an Active neighbor relationship, that’s not as good as it sounds. Of course, the reason the peer relationship hasn’t been established is that we haven’t configured R3 yet!
R3(config)#router bgp 200
R3(config-router)#neighbor 172.12.123.1 remote-as 100
Verify the peer establishment with show ip bgp neighbor:
R3#show ip bgp neighbor
BGP neighbor is 172.12.123.1, remote AS 100, external link
BGP version 4, remote router ID 172.12.123.1
BGP state = Established, up for 00:01:18
Last read 00:00:17, hold time is 180, keepalive interval is 60 seconds
Local host: 172.12.123.3, Local port: 179 (BGP uses TCP Port 179)
Foreign host: 172.12.123.1, Foreign port: 11007
The peer relationship between R1 and R3 has been established.
Now that you know how the neighbor relationship itself is built, you need to start learning the many options of the neighbor command. You’ll have to master these to become a CCNP and CCIE!
CCNP Certification / BSCI Exam Tutorial: EIGRP Stuck-In-Active Routes
Passing the BSCI exam and earning your CCNP is all about knowing the details, and when it comes to EIGRP SIA routes, there are plenty of details to know. A quick check in a search engine for "troubleshoot SIA" will bring up quite a few matches. Troubleshooting SIA routes is very challengin in that there's no one reason they occur.
View the EIGRP topology table with the show ip eigrp topology command, and you'll see a code next to every successor and feasible successor. A popular misconception is that we want these routes to have an "A" next to them - so they're active. That's what we want, right? Active routes sound good, right?
Well, they sound good, but they're not. If a route shows as Active in the EIGRP topology table, that means that DUAL is currently calculating that route, and it's currently unusable. When a route is Passive ("P), that means it's not being recalculated and it's a usable route.
Generally, a route shown as Active is going to be there for a very short period of time by the time you repeat the command, hopefully that Active route has gone Passive. Sometimes that doesn't happen, though, and the route becomes SIA - Stuck In Active.
A route becomes SIA when a query goes unanswered for so long that the neighbor relationship is reset. From experience, I can tell you that troubleshooting SIA routes is more of an art form than a science, but there are four main reasons a route becomes SIA:
The link is unidirectional, so the query can't possibly be answered.
The queried router's resources are unavailable, generally due to high CPU utilization.
The queried router's memory is corrupt or otherwise unable to allow the router to answer the query.
The link between the two routers is of low quality, allowing just enough packets through to keep the neighbor relationship intact, but not good enough to allow the replies through.
To sum it up, routes generally become SIA when a neighbor either doesn't answer a query, or either the query or reply took a wrong turn somewhere. I told you it wasn't the easiest thing to troubleshoot!
View the EIGRP topology table with the show ip eigrp topology command, and you'll see a code next to every successor and feasible successor. A popular misconception is that we want these routes to have an "A" next to them - so they're active. That's what we want, right? Active routes sound good, right?
Well, they sound good, but they're not. If a route shows as Active in the EIGRP topology table, that means that DUAL is currently calculating that route, and it's currently unusable. When a route is Passive ("P), that means it's not being recalculated and it's a usable route.
Generally, a route shown as Active is going to be there for a very short period of time by the time you repeat the command, hopefully that Active route has gone Passive. Sometimes that doesn't happen, though, and the route becomes SIA - Stuck In Active.
A route becomes SIA when a query goes unanswered for so long that the neighbor relationship is reset. From experience, I can tell you that troubleshooting SIA routes is more of an art form than a science, but there are four main reasons a route becomes SIA:
The link is unidirectional, so the query can't possibly be answered.
The queried router's resources are unavailable, generally due to high CPU utilization.
The queried router's memory is corrupt or otherwise unable to allow the router to answer the query.
The link between the two routers is of low quality, allowing just enough packets through to keep the neighbor relationship intact, but not good enough to allow the replies through.
To sum it up, routes generally become SIA when a neighbor either doesn't answer a query, or either the query or reply took a wrong turn somewhere. I told you it wasn't the easiest thing to troubleshoot!
CCNP Certification / BCMSN Exam Tutorial: Server Load Balancing (SLB)
When you're working on your BCMSN exam on your way to CCNP certification, you'll read at length about how Cisco routers and multilayer switches can work to provide router redundancy - but there's another helpful service, Server Load Balancing, that does the same for servers. While HSRP, VRRP, and CLBP all represent multiple physical routers to hosts as a single virtual router, SLB represents multiple physical servers to hosts as a single virtual server.
In the following example, three physical servers have been placed into the SRB group ServFarm. They're represented to the hosts as the virtual server 210.1.1.14.
The hosts will seek to communicate with the server at 210.1.1.14, not knowing that they're actually communicating with the routers in ServFarm. This allows quick cutover if one of the physical servers goes down, and also serves to hide the actual IP addresses of the servers in ServFarm.
The basic operations of SLB involves creating the server farm, followed by creating the virtual server. We'll first add 210.1.1.11 to the server farm:
MLS(config)# ip slb serverfarm ServFarm
MLS(config-slb-sfarm)# real 210.1.1.11
MLS(config-slb-real)# inservice
The first command creates the server farm, with the real command specifying the IP address of the real server. The inservice command is required by SLB to consider the server as ready to handle the server farm's workload. The real and inservice commands should be repeated for each server in the server farm.
To create the virtual server:
MLS(config)# ip slb vserver VIRTUAL_SERVER
MLS(config-slb-vserver)# serverfarm ServFarm
MLS(config-slb-vserver)# virtual 210.1.1.14
MLS(config-slb-vserver)# inservice
From the top down, the vserver was named VIRTUAL_SERVER, which represents the server farm ServFarm. The virtual server is assigned the IP address 210.1.1.14, and connections are allowed once the inservice command is applied.
You may also want to control which of your network hosts can connect to the virtual server. If hosts or subnets are named with the client command, those will be the only clients that can connect to the virtual server. Note that this command uses wildcard masks. The following configuration would allow only the hosts on the subnet 210.1.1.0 /24 to connect to the virtual server.
MLS(config-slb-vserver)# client 210.1.1.0 0.0.0.255
SLB is the server end's answer to HSRP, VRRP, and GLBP - but you still need to know it to become a CCNP! Knowing redundancy strategies and protocols is vital in today's networks, so make sure you're comfortable with SLB before taking on the exam.
In the following example, three physical servers have been placed into the SRB group ServFarm. They're represented to the hosts as the virtual server 210.1.1.14.
The hosts will seek to communicate with the server at 210.1.1.14, not knowing that they're actually communicating with the routers in ServFarm. This allows quick cutover if one of the physical servers goes down, and also serves to hide the actual IP addresses of the servers in ServFarm.
The basic operations of SLB involves creating the server farm, followed by creating the virtual server. We'll first add 210.1.1.11 to the server farm:
MLS(config)# ip slb serverfarm ServFarm
MLS(config-slb-sfarm)# real 210.1.1.11
MLS(config-slb-real)# inservice
The first command creates the server farm, with the real command specifying the IP address of the real server. The inservice command is required by SLB to consider the server as ready to handle the server farm's workload. The real and inservice commands should be repeated for each server in the server farm.
To create the virtual server:
MLS(config)# ip slb vserver VIRTUAL_SERVER
MLS(config-slb-vserver)# serverfarm ServFarm
MLS(config-slb-vserver)# virtual 210.1.1.14
MLS(config-slb-vserver)# inservice
From the top down, the vserver was named VIRTUAL_SERVER, which represents the server farm ServFarm. The virtual server is assigned the IP address 210.1.1.14, and connections are allowed once the inservice command is applied.
You may also want to control which of your network hosts can connect to the virtual server. If hosts or subnets are named with the client command, those will be the only clients that can connect to the virtual server. Note that this command uses wildcard masks. The following configuration would allow only the hosts on the subnet 210.1.1.0 /24 to connect to the virtual server.
MLS(config-slb-vserver)# client 210.1.1.0 0.0.0.255
SLB is the server end's answer to HSRP, VRRP, and GLBP - but you still need to know it to become a CCNP! Knowing redundancy strategies and protocols is vital in today's networks, so make sure you're comfortable with SLB before taking on the exam.
CCNP Certification / BCMSN Exam Tutorial: QoS Service Types
To pass the CCNP exams, you’ve got to master Quality of Service, and the first step in doing so is knowing the differences between the different QoS types.
Now this being Cisco, we can't just have one kind of QoS! We've got best-effort delivery, Integrated Services, and Differentiated Services. Let's take a quick look at all three.
Best-effort is just what it sounds like - routers and switches making their "best effort" to deliver data. This is considered QoS, but it's kind of a "default QoS". Best effort is strictly "first in, first out" (FIFO).
An entire path from Point A to Point B will be defined in advance when Integrated Services are in effect. Integrated Services is much like the High-Occupancy Vehicle lanes found in many larger cities. If your car has three or more people in it, you're considered a "priority vehicle" and you can drive in a special lane with much less congestion than regular lanes. Integrated Services will create this lane in advance for "priority traffic", and when that traffic comes along, the path already exists. Integrated Services uses the Resource Reservation Protocol (RSVP) to create these paths. RSVP guarantees a quality rate of service, since this "priority path" is created in advance.
Integrated Services is defined in RFC 1613. Use your favorite search engine to locate a copy online and read more about this topic. It's a good idea to get into the habit of reading RFCs!
Of course, if you've got a lot of different dedicated paths being created that may or not be used very often, that's a lot of wasted bandwidth. That leads us to the third QoS model, the Differentiated Services model. Generally referred to as DiffServ, there are no advance path reservations and there's no RSVP. The QoS policies are written on the routers and switches, and they take action dynamically as needed. Since each router and switch can have a different QoS policy, DiffServ takes effect on a per-hop basis rather than the per-flow basis of Integrated Services. A packet can be considered "high priority" by one router and "normal priority" by the next.
Believe me, this is just the beginning when it comes to Quality of Service. It's a huge topic on your exams and in the real world's production networks, and as with all other Cisco topics, just master the fundamentals and build from there - and you're on your way to CCNP exam success!
Now this being Cisco, we can't just have one kind of QoS! We've got best-effort delivery, Integrated Services, and Differentiated Services. Let's take a quick look at all three.
Best-effort is just what it sounds like - routers and switches making their "best effort" to deliver data. This is considered QoS, but it's kind of a "default QoS". Best effort is strictly "first in, first out" (FIFO).
An entire path from Point A to Point B will be defined in advance when Integrated Services are in effect. Integrated Services is much like the High-Occupancy Vehicle lanes found in many larger cities. If your car has three or more people in it, you're considered a "priority vehicle" and you can drive in a special lane with much less congestion than regular lanes. Integrated Services will create this lane in advance for "priority traffic", and when that traffic comes along, the path already exists. Integrated Services uses the Resource Reservation Protocol (RSVP) to create these paths. RSVP guarantees a quality rate of service, since this "priority path" is created in advance.
Integrated Services is defined in RFC 1613. Use your favorite search engine to locate a copy online and read more about this topic. It's a good idea to get into the habit of reading RFCs!
Of course, if you've got a lot of different dedicated paths being created that may or not be used very often, that's a lot of wasted bandwidth. That leads us to the third QoS model, the Differentiated Services model. Generally referred to as DiffServ, there are no advance path reservations and there's no RSVP. The QoS policies are written on the routers and switches, and they take action dynamically as needed. Since each router and switch can have a different QoS policy, DiffServ takes effect on a per-hop basis rather than the per-flow basis of Integrated Services. A packet can be considered "high priority" by one router and "normal priority" by the next.
Believe me, this is just the beginning when it comes to Quality of Service. It's a huge topic on your exams and in the real world's production networks, and as with all other Cisco topics, just master the fundamentals and build from there - and you're on your way to CCNP exam success!
CCNP Certification / BCMSN Exam Tutorial: HSRP MAC Addresses And Timers
To earn your CCNP certification and pass the BCMSN exam, you've got to know what HSRP does and the many configurable options. While the operation of HSRP is quite simple (and covered in a previous tutorial), you also need to know how HSRP arrives at the MAC address for the virtual router - as well as how to configure a new MAC for this virtual router. This puts us in the unusual position of creating a physical address for a router that doesn't exist!
The output of show standby for a two-router HSRP configuration is shown below.
R2#show standby
Ethernet0 - Group 5
Local state is Standby, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 0.776
Virtual IP address is 172.12.23.10 configured
Active router is 172.12.23.3, priority 100 expires in 9.568
Standby router is local
1 state changes, last state change 00:00:22
R3#show standby
Ethernet0 - Group 5
Local state is Active, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 2.592
Virtual IP address is 172.12.23.10 configured
Active router is local
Standby router is 172.12.23.2 expires in 8.020
Virtual mac address is 0000.0c07.ac05
2 state changes, last state change 00:02:08
R3 is in Active state, while R2 is in Standby. The hosts are using the 172.12.123.10 address as their gateway, but R3 is actually handling the workload. R2 will take over if R3 becomes unavailable.
An IP address was assigned to the virtual router during the HSRP configuration process, but not a MAC address. However, there is a MAC address under the show standby output on R3, the active router. How did the HSRP process arrive at a MAC of 00-00-0c-07-ac-05?
Well, most of the work is already done before the configuration is even begun. The MAC address 00-00-0c-07-ac-xx is reserved for HSRP, and xx is the group number in hexadecimal. That's a good skill to have for the exam, so make sure you're comfortable with hex conversions. The group number is 5, which is expressed as 05 with a two-bit hex character. If the group number had been 17, we'd see 11 at the end of the MAC address - one unit of 16, one unit of 1.
The output of the show standby command also tells us that the HSRP speakers are sending Hellos every 3 seconds, with a 10-second holdtime. These values can be changed with the standby command, but HSRP speakers in the same group should have the same timers. You can even tie down the hello time to the millisecond, but it's doubtful you'll ever need to do that.
R3(config-if)#standby 5 timers ?
<1-254> Hello interval in seconds
msec Specify hello interval in milliseconds
R3(config-if)#standby 5 timers 4 ?
<5-255> Hold time in seconds
R3(config-if)#standby 5 timers 4 12
Another important HSRP skill is knowing how to change the Active router assignment. I'll show you how to do that, and how to configure HSRP interface tracking, in the next part of my CCNP / BCMSN exam tutorial!
The output of show standby for a two-router HSRP configuration is shown below.
R2#show standby
Ethernet0 - Group 5
Local state is Standby, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 0.776
Virtual IP address is 172.12.23.10 configured
Active router is 172.12.23.3, priority 100 expires in 9.568
Standby router is local
1 state changes, last state change 00:00:22
R3#show standby
Ethernet0 - Group 5
Local state is Active, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 2.592
Virtual IP address is 172.12.23.10 configured
Active router is local
Standby router is 172.12.23.2 expires in 8.020
Virtual mac address is 0000.0c07.ac05
2 state changes, last state change 00:02:08
R3 is in Active state, while R2 is in Standby. The hosts are using the 172.12.123.10 address as their gateway, but R3 is actually handling the workload. R2 will take over if R3 becomes unavailable.
An IP address was assigned to the virtual router during the HSRP configuration process, but not a MAC address. However, there is a MAC address under the show standby output on R3, the active router. How did the HSRP process arrive at a MAC of 00-00-0c-07-ac-05?
Well, most of the work is already done before the configuration is even begun. The MAC address 00-00-0c-07-ac-xx is reserved for HSRP, and xx is the group number in hexadecimal. That's a good skill to have for the exam, so make sure you're comfortable with hex conversions. The group number is 5, which is expressed as 05 with a two-bit hex character. If the group number had been 17, we'd see 11 at the end of the MAC address - one unit of 16, one unit of 1.
The output of the show standby command also tells us that the HSRP speakers are sending Hellos every 3 seconds, with a 10-second holdtime. These values can be changed with the standby command, but HSRP speakers in the same group should have the same timers. You can even tie down the hello time to the millisecond, but it's doubtful you'll ever need to do that.
R3(config-if)#standby 5 timers ?
<1-254> Hello interval in seconds
msec Specify hello interval in milliseconds
R3(config-if)#standby 5 timers 4 ?
<5-255> Hold time in seconds
R3(config-if)#standby 5 timers 4 12
Another important HSRP skill is knowing how to change the Active router assignment. I'll show you how to do that, and how to configure HSRP interface tracking, in the next part of my CCNP / BCMSN exam tutorial!
CCNP Certification / BCMSN Exam Tutorial: Getting Started With HSRP
Defined in RFC 2281, HSRP is a Cisco-proprietary protocol in which routers are put into an HSRP router group. Along with dynamic routing protocols and STP, HSRP is considered a high-availability network service, since all three have an almost immediate cutover to a secondary path when the primary path is unavailable.
One of the routers will be selected as the primary ("Active", in HSRP terminology), and that primary will handle the routing while the other routers are in standby, ready to handle the load if the primary router becomes unavailable. In this fashion, HSRP ensures a high network uptime, since it routes IP traffic without relying on a single router.
The hosts using HSRP as a gateway don't know the actual IP or MAC addresses of the routers in the group. They're communicating with a pseudorouter, a "virtual router" created by the HSRP configuration. This virtual router will have a virtual MAC and IP adddress as well.
The standby routers aren't just going to be sitting there, though! By configuring multiple HSRP groups on a single interface, HSRP load balancing can be achieved.
Before we get to the more advanced HSRP configuration, we better get a basic one started! We'll be using a two-router topology here, and keep in mind that one or both of these routers could be multilayer switches as well. For ease of reading, I'm going to refer to them only as routers.
R2 and R3 will both be configured to be in standby group 5. The virtual router will have an IP address of 172.12.23.10 /24. All hosts in VLAN 100 should use this address as their default gateway.
R2(config)#interface ethernet0
R2(config-if)#standby 5 ip 172.12.23.10
R3(config)#interface ethernet0
R3(config-if)#standby 5 ip 172.12.23.10
The show command for HSRP is show standby, and it's the first command you should run while configuring and troubleshooting HSRP. Let's run it on both routers and compare results.
R2#show standby
Ethernet0 - Group 5
Local state is Standby, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 0.776
Virtual IP address is 172.12.23.10 configured
Active router is 172.12.23.3, priority 100 expires in 9.568
Standby router is local
1 state changes, last state change 00:00:22
R3#show standby
Ethernet0 - Group 5
Local state is Active, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 2.592
Virtual IP address is 172.12.23.10 configured
Active router is local
Standby router is 172.12.23.2 expires in 8.020
Virtual mac address is 0000.0c07.ac05
2 state changes, last state change 00:02:08
We can see that R3 has been selected as the Active router ("local state is Active"), the virtual router's IP is 172.12.23.10, and R2 is the standby router.
There are some HSRP values that you'll need to change from time to time. What if we want R2 to be the Active router instead? Can we change the MAC address of the virtual router? I'll answer those questions in the next part of this HSRP tutorial!
One of the routers will be selected as the primary ("Active", in HSRP terminology), and that primary will handle the routing while the other routers are in standby, ready to handle the load if the primary router becomes unavailable. In this fashion, HSRP ensures a high network uptime, since it routes IP traffic without relying on a single router.
The hosts using HSRP as a gateway don't know the actual IP or MAC addresses of the routers in the group. They're communicating with a pseudorouter, a "virtual router" created by the HSRP configuration. This virtual router will have a virtual MAC and IP adddress as well.
The standby routers aren't just going to be sitting there, though! By configuring multiple HSRP groups on a single interface, HSRP load balancing can be achieved.
Before we get to the more advanced HSRP configuration, we better get a basic one started! We'll be using a two-router topology here, and keep in mind that one or both of these routers could be multilayer switches as well. For ease of reading, I'm going to refer to them only as routers.
R2 and R3 will both be configured to be in standby group 5. The virtual router will have an IP address of 172.12.23.10 /24. All hosts in VLAN 100 should use this address as their default gateway.
R2(config)#interface ethernet0
R2(config-if)#standby 5 ip 172.12.23.10
R3(config)#interface ethernet0
R3(config-if)#standby 5 ip 172.12.23.10
The show command for HSRP is show standby, and it's the first command you should run while configuring and troubleshooting HSRP. Let's run it on both routers and compare results.
R2#show standby
Ethernet0 - Group 5
Local state is Standby, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 0.776
Virtual IP address is 172.12.23.10 configured
Active router is 172.12.23.3, priority 100 expires in 9.568
Standby router is local
1 state changes, last state change 00:00:22
R3#show standby
Ethernet0 - Group 5
Local state is Active, priority 100
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 2.592
Virtual IP address is 172.12.23.10 configured
Active router is local
Standby router is 172.12.23.2 expires in 8.020
Virtual mac address is 0000.0c07.ac05
2 state changes, last state change 00:02:08
We can see that R3 has been selected as the Active router ("local state is Active"), the virtual router's IP is 172.12.23.10, and R2 is the standby router.
There are some HSRP values that you'll need to change from time to time. What if we want R2 to be the Active router instead? Can we change the MAC address of the virtual router? I'll answer those questions in the next part of this HSRP tutorial!
CCNP / BSCI Exam Tutorial: Route Summarization And The OSPF Null Interface
CCNP exam success, particularly on the BSCI exam, demands you understand the details of route summarization. This skill not only requires that you have a comfort level with binary conversions, but you have to know how and where to apply route summarization with each individual protocol.
You also have to know the "side effects" of route summarization. With OSPF, there will actually be an extra interface created at the point of summarization, and this catches a lot of CCNP candidates by surprise. Let's take a look at the null0 interface and how it relates to OSPF summarization.
On R1, the following networks are redistributed into OSPF, and then summarized.
interface Loopback16
ip address 16.16.16.16 255.0.0.0
interface Loopback17
ip address 17.17.17.17 255.0.0.0
interface Loopback18
ip address 18.18.18.18 255.0.0.0
interface Loopback19
ip address 19.19.19.19 255.0.0.0
R1(config)#router ospf 1
R1(config-router)#redistribute connected subnets
R1(config-router)#summary-address 16.0.0.0 252.0.0.0
The summary address appears on R2, a downstream router.
R2#show ip route ospf
O E2 16.0.0.0/6 [110/20] via 172.12.123.1, 00:00:05, Serial0
Let's go back to R1 and look at its OSPF table.
R1#show ip route ospf
O 16.0.0.0/6 is a summary, 00:01:51, Null0
Where did the null0 interface come from, and why is it there? Packets sent to the null interface are dropped, and in this case, that's a good thing.
When you configure summary routes in OSPF, a route to null0 will be installed into the OSPF routing table. This helps to prevent routing loops. Any packets destined for the routes that have been summarized will have a longer match in the routing table, as shown below...
C 17.0.0.0/8 is directly connected, Loopback17
C 16.0.0.0/8 is directly connected, Loopback16
C 19.0.0.0/8 is directly connected, Loopback19
C 18.0.0.0/8 is directly connected, Loopback18
O 16.0.0.0/6 is a summary, 00:01:51, Null0
.. and packets that do not match one of the summarized routes but do match the summary route will be dropped.
Preventing routing loops when performing route redistribution and summarization is vital. OSPF gives us a little help in that regard in this situation, and as you study more complex redistribution scenarios on your way to the CCNP and CCIE, you'll realize that we'll take all the help we can get!
You also have to know the "side effects" of route summarization. With OSPF, there will actually be an extra interface created at the point of summarization, and this catches a lot of CCNP candidates by surprise. Let's take a look at the null0 interface and how it relates to OSPF summarization.
On R1, the following networks are redistributed into OSPF, and then summarized.
interface Loopback16
ip address 16.16.16.16 255.0.0.0
interface Loopback17
ip address 17.17.17.17 255.0.0.0
interface Loopback18
ip address 18.18.18.18 255.0.0.0
interface Loopback19
ip address 19.19.19.19 255.0.0.0
R1(config)#router ospf 1
R1(config-router)#redistribute connected subnets
R1(config-router)#summary-address 16.0.0.0 252.0.0.0
The summary address appears on R2, a downstream router.
R2#show ip route ospf
O E2 16.0.0.0/6 [110/20] via 172.12.123.1, 00:00:05, Serial0
Let's go back to R1 and look at its OSPF table.
R1#show ip route ospf
O 16.0.0.0/6 is a summary, 00:01:51, Null0
Where did the null0 interface come from, and why is it there? Packets sent to the null interface are dropped, and in this case, that's a good thing.
When you configure summary routes in OSPF, a route to null0 will be installed into the OSPF routing table. This helps to prevent routing loops. Any packets destined for the routes that have been summarized will have a longer match in the routing table, as shown below...
C 17.0.0.0/8 is directly connected, Loopback17
C 16.0.0.0/8 is directly connected, Loopback16
C 19.0.0.0/8 is directly connected, Loopback19
C 18.0.0.0/8 is directly connected, Loopback18
O 16.0.0.0/6 is a summary, 00:01:51, Null0
.. and packets that do not match one of the summarized routes but do match the summary route will be dropped.
Preventing routing loops when performing route redistribution and summarization is vital. OSPF gives us a little help in that regard in this situation, and as you study more complex redistribution scenarios on your way to the CCNP and CCIE, you'll realize that we'll take all the help we can get!
CCNP / BCMSN Exam Tutorial: VLAN Trunking Protocol (VTP)
Passing the BCMSN exam and getting one step closer to the CCNP certification means learning and noticing details that you were not presented with in your CCNA studies. (Yes, I know – you had more than enough details then, right?) One protocol you’ve got to learn more details about is VTP, which seemed simple enough in your CCNA studies! Part of learning the details is mastering the fundamentals, so in this tutorial we’ll review the basics of VTP.
In show vtp status readouts, the "VTP Operating Mode" is set to "Server" by default. The more familiar term for VTP Operating Mode is simply VTP Mode, and Server is the default. It's through the usage of VTP modes that we can place limits on which switches can delete and create VLANs.
In Server mode, a VTP switch can be used to create, modify, and delete VLANs. This means that a VTP deployment has to have at least one switch in Server mode, or VLAN creation will not be possible. Again, this is the default setting for Cisco switches.
Switches running in Client mode cannot be used to create, modify, or delete VLANs. Clients do listen for VTP advertisements and act accordingly when VTP advertisements notify the Client of VLAN changes.
VTP Transparent mode actually means that the switch isn't participating in the VTP domain as Servers and Clients do. (Bear with me here.) Transparent VTP switches don't synchronize their VTP databases with other VTP speakers. They don't even advertise their own VLAN information! Therefore, any VLANs created on a Transparent VTP switch will not be advertised to other VTP speakers in the domain, making them locally significant only. (I know you remember that phrase from your CCNA studies!)
Devices running VTP Transparent mode do have a little something to do with the other switches in the VTP domain, though. When a switch running in Transparent mode receives a VTP advertisement, that switch will forward that advertisement to other switches in that VTP domain.
Configuring switches as VTP Clients is a great way to “tie down” VLAN creation capabilities to switches that are under your physical control. However, this occasionally leads to a situation where only the VTP clients will have ports that belong to a given VLAN, but the VLAN still has to be created on the VTP server. (VLANs can be created and deleted in transparent mode, but those changes aren't advertised to other switches in the VTP domain.)
In the next BCMSN tutorial, we’ll take a look at the details of VTP.
In show vtp status readouts, the "VTP Operating Mode" is set to "Server" by default. The more familiar term for VTP Operating Mode is simply VTP Mode, and Server is the default. It's through the usage of VTP modes that we can place limits on which switches can delete and create VLANs.
In Server mode, a VTP switch can be used to create, modify, and delete VLANs. This means that a VTP deployment has to have at least one switch in Server mode, or VLAN creation will not be possible. Again, this is the default setting for Cisco switches.
Switches running in Client mode cannot be used to create, modify, or delete VLANs. Clients do listen for VTP advertisements and act accordingly when VTP advertisements notify the Client of VLAN changes.
VTP Transparent mode actually means that the switch isn't participating in the VTP domain as Servers and Clients do. (Bear with me here.) Transparent VTP switches don't synchronize their VTP databases with other VTP speakers. They don't even advertise their own VLAN information! Therefore, any VLANs created on a Transparent VTP switch will not be advertised to other VTP speakers in the domain, making them locally significant only. (I know you remember that phrase from your CCNA studies!)
Devices running VTP Transparent mode do have a little something to do with the other switches in the VTP domain, though. When a switch running in Transparent mode receives a VTP advertisement, that switch will forward that advertisement to other switches in that VTP domain.
Configuring switches as VTP Clients is a great way to “tie down” VLAN creation capabilities to switches that are under your physical control. However, this occasionally leads to a situation where only the VTP clients will have ports that belong to a given VLAN, but the VLAN still has to be created on the VTP server. (VLANs can be created and deleted in transparent mode, but those changes aren't advertised to other switches in the VTP domain.)
In the next BCMSN tutorial, we’ll take a look at the details of VTP.
CCNA Certification Exam Tutorial: Cisco Switching Modes
To pass the CCNA exam and earn this important certification, you’ve got to know switching inside and out. While you’re learning all the basic switching theory, make sure to spend some time with the one of three switching modes Cisco routers can use.
Store-and-Forward is exactly what it sounds like. The entire frame will be stored before it is forwarded. This mode allows for the greatest amount of error checking, since a CRC (Cyclical Redundancy Check) is run against the frame before it is forwarded. If the frame contains an error, it is discarded. If there’s no problem with the frame, the frame is then forwarded to its proper destination.
While store-and-forward does perform error checking, the delay in processing the frame while this error check is run results in higher latency than the other modes you’re about to read about. The latency time can also vary, since not all frames are the same size.
Cut-through switching copies only the destination MAC address into its memory before beginning to forward the frame. Since the frame is being forwarded as soon as the destination MAC is read, there is less latency than store-and-forward. The drawback is that there is no error checking.
There is a middle ground, fragment-free switching. Only part of the frame is copied to memory before it is forwarded, but it’s the first 64 bytes of the frame, not just the destination MAC. (Why? Because if there is a problem with the frame, it’s most likely in the first 64 bytes.) There is a little more error checking than cut-through, but not as much latency as with store-and-forward.
Note that the latency of both cut-through and fragment-free is fixed; these modes always look at the first six or 64 bytes, respectively. Store-and-forward's latency depends on the size of the frame.
Learning the similarities and differences between these modes is an often-overlooked part of CCNA studies. Spend some time studying this important CCNA topic – you’ll be glad you did!
Store-and-Forward is exactly what it sounds like. The entire frame will be stored before it is forwarded. This mode allows for the greatest amount of error checking, since a CRC (Cyclical Redundancy Check) is run against the frame before it is forwarded. If the frame contains an error, it is discarded. If there’s no problem with the frame, the frame is then forwarded to its proper destination.
While store-and-forward does perform error checking, the delay in processing the frame while this error check is run results in higher latency than the other modes you’re about to read about. The latency time can also vary, since not all frames are the same size.
Cut-through switching copies only the destination MAC address into its memory before beginning to forward the frame. Since the frame is being forwarded as soon as the destination MAC is read, there is less latency than store-and-forward. The drawback is that there is no error checking.
There is a middle ground, fragment-free switching. Only part of the frame is copied to memory before it is forwarded, but it’s the first 64 bytes of the frame, not just the destination MAC. (Why? Because if there is a problem with the frame, it’s most likely in the first 64 bytes.) There is a little more error checking than cut-through, but not as much latency as with store-and-forward.
Note that the latency of both cut-through and fragment-free is fixed; these modes always look at the first six or 64 bytes, respectively. Store-and-forward's latency depends on the size of the frame.
Learning the similarities and differences between these modes is an often-overlooked part of CCNA studies. Spend some time studying this important CCNA topic – you’ll be glad you did!
CCNA / MCSE / CCNP Certification: Making Failure Work For You
Whether you're on the road to the CCNA, CCNP, MCSE, or you're on any other computer certification track, the odds are that sooner or later, you're going to fail an exam. It's happened to almost all of us, yours truly included. What you have to keep in mind in these times is that success is not a straight line. You've probably seen charts showing the growth of an industry or a business -- you know, the ones that go from left to right, and look kind of jagged. The line goes up for a while, then down a bit, then up some more, then down a little.
The key? While every business has its setbacks, the net result is that the line goes up and progress is made. That's how you want your certification pursuit and your career to go as well - upward!
I'm not asking you to be happy about failing an exam. You're allowed to get mad for a few minutes, vow to never take another exam again, and be disappointed. What you're not allowed to do is stay that way.
If you put your books away in a fit of anger, get them out. If you took some time off, it's time to get back to work. Again, there's nothing wrong with being unhappy about failing an exam. It's how you handle that failure that counts. No inventor, executive, or entrepreneur has ever been right 100% of the time. Learn something from your failure. Was your study time quality study time? Did you get some hands-on practice with the technology you're studying? Asking yourself these questions can be tough, but it can be highly valuable in making sure you don't fail the next time. And there must be a next time - because the one thing you cannot do is quit.
Besides, take it from someone who's been there - your temporary failure makes your eventual success that much sweeter.
The key? While every business has its setbacks, the net result is that the line goes up and progress is made. That's how you want your certification pursuit and your career to go as well - upward!
I'm not asking you to be happy about failing an exam. You're allowed to get mad for a few minutes, vow to never take another exam again, and be disappointed. What you're not allowed to do is stay that way.
If you put your books away in a fit of anger, get them out. If you took some time off, it's time to get back to work. Again, there's nothing wrong with being unhappy about failing an exam. It's how you handle that failure that counts. No inventor, executive, or entrepreneur has ever been right 100% of the time. Learn something from your failure. Was your study time quality study time? Did you get some hands-on practice with the technology you're studying? Asking yourself these questions can be tough, but it can be highly valuable in making sure you don't fail the next time. And there must be a next time - because the one thing you cannot do is quit.
Besides, take it from someone who's been there - your temporary failure makes your eventual success that much sweeter.
CCNA / CCNP Home Lab Tutorial: The VLAN.DAT File
CCNA and CCNP candidates who have their own Cisco home labs often email me about an odd situation that occurs when they erase a switch's configuration. Their startup configuration is gone, as they expect, but the VLAN and VTP information is still there!
Sounds strange, doesn't it? Let's look at an example. On SW1, we run show vlan brief and see in this abbreviated output that there are three additional vlans in use:
SW1#show vlan br
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
We want to totally erase the router's startup configuration, so we use the write erase command, confirm it, and reload without saving the running config:
SW1#write erase
Erasing the nvram filesystem will remove all configuration files! Continue?
[confirm]
[OK]
Erase of nvram: complete
00:06:00: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
SW1#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]
The router reloads, and after exiting setup mode, we run show vlan brief again. And even though the startup configuration was erased, the vlans are still there!
Switch#show vlan br
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
The reason is that this vlan and VTP information is actually kept in the VLAN.DAT file in Flash memory, and the contents of Flash are kept on a reload. The file has to be deleted manually.
There's a little trick to deleting this file. The switch will prompt you twice to ask if you really want to get rid of this file. Don't type "y" or "yes"; just accept the defaults by hitting the return key. If you type "y", the router attempts to delete a file named "y", as shown here:
Switch#delete vlan.dat
Delete filename [vlan.dat]? y
Delete flash:y? [confirm]
%Error deleting flash:y (No such file or directory)
Switch#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#
The best way to prepare for CCNA and CCNP exam success is by working on real Cisco equipment, and by performing lab tasks over and over. Repetition is the mother of skill, and by truly erasing your VLAN and VTP information by deleting the vlan.dat file from Flash, you'll be building your Cisco skills to the point where your CCNA and CCNP exam success is a certainty.
Sounds strange, doesn't it? Let's look at an example. On SW1, we run show vlan brief and see in this abbreviated output that there are three additional vlans in use:
SW1#show vlan br
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
We want to totally erase the router's startup configuration, so we use the write erase command, confirm it, and reload without saving the running config:
SW1#write erase
Erasing the nvram filesystem will remove all configuration files! Continue?
[confirm]
[OK]
Erase of nvram: complete
00:06:00: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
SW1#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]
The router reloads, and after exiting setup mode, we run show vlan brief again. And even though the startup configuration was erased, the vlans are still there!
Switch#show vlan br
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
The reason is that this vlan and VTP information is actually kept in the VLAN.DAT file in Flash memory, and the contents of Flash are kept on a reload. The file has to be deleted manually.
There's a little trick to deleting this file. The switch will prompt you twice to ask if you really want to get rid of this file. Don't type "y" or "yes"; just accept the defaults by hitting the return key. If you type "y", the router attempts to delete a file named "y", as shown here:
Switch#delete vlan.dat
Delete filename [vlan.dat]? y
Delete flash:y? [confirm]
%Error deleting flash:y (No such file or directory)
Switch#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#
The best way to prepare for CCNA and CCNP exam success is by working on real Cisco equipment, and by performing lab tasks over and over. Repetition is the mother of skill, and by truly erasing your VLAN and VTP information by deleting the vlan.dat file from Flash, you'll be building your Cisco skills to the point where your CCNA and CCNP exam success is a certainty.
CCNA / CCNP Home Lab Tutorial: Assembling Your Cisco Home Lab
A CCNA or CCNP candidate who wants to be totally prepared for their exams is going to put together a home lab to practice on. With used Cisco routers and switches more affordable and plentiful then ever before, there's really no excuse to not have one!
With the many different models available, there is some understandable confusion among future CCNAs and CCNPs about which routers to buy and which ones to avoid. You can take almost any set of Cisco routers and put together a home lab; part of the learning process is taking what equipment you have available and putting together your own lab! For those of you preparing to start your home lab or add to your existing one, this article will list the routers I use in my Cisco pods. You certainly don't have to have all this equipment, but this will give you some good ideas on how to get started.
The most versatile router you can get for your CCNA / CCNP home lab is a 2520. These routers come with four serial ports, one ethernet port, and one BRI interface for ISDN practice. This mix of interfaces means you can actually use it as a frame relay switch while using the ethernet and BRI ports for routing. (There is no problem with using a lab router as both your frame relay switch and a practice router; for a frame relay switch sample configuration, visit my website!)
My pods consist of five routers and two switches, and three of the five routers are 2520s, due to their versatility. A recent ebay search showed these routers selling for $99 - $125, an outstanding value for the practice you're going to get.
I also use 2501s in my home labs. These have fewer interfaces, but the combination of two serial interfaces and one ethernet interface allows you to get plenty of practice.
A combination that works very well is using three 2520s; one as my dedicated frame relay switch, one as R1, and another as R2. Add a 2501 as R3, and you can have a frame cloud connecting R1, R2, and R3, a direct serial connection between R1 and R3, an Ethernet segment that includes all three routers, and an ISDN connection between R1 and R2 if you have an ISDN simulator. That combination will allow you to get a tremendous amount of practice for the exams, and you can always sell it when you're done!
2501s are very affordable, with many in the $50 range on ebay. It's quite possible to get three 2520s and one 2501 for less than $500 total, and you can get most of that money back if you choose to sell it when you're done.
With four routers to work with, you're probably going to get tired of moving that console cable around. An access server (actually a Cisco router, not the white boxes we tend to think of when we hear "server") will help you out with that. An access server allows you to set up a connection with each of your other routers via an octal cable, which prevents you from moving that console cable around continually. For an example of an access server configuration, just visit my website and look in the "Free Training" section.
Access server prices vary quite a bit; don't panic if you do an ebay search and see them costing thousands of dollars. You do NOT need an expensive access server for your CCNA / CCNP home lab. 2511s are great routers to get for your access server.
One question I get often from CCNA / CCNP candidates is "What routers should I buy that I can still use when I'm ready to study for the CCNP?" The CCIE lab changes regularly and sometimes drastically when it comes to the equipment you'll need. During my CCIE lab studies, I found that renting time from online rack rental providers was actually the best way to go. Don't hesitate when putting your CCNA / CCNP home lab together, wondering what will be acceptable for the CCIE lab a year or so from now. None of us know what's going to be on that equipment list, so get the CCNA and CCNP first - by building your own Cisco home lab!
With the many different models available, there is some understandable confusion among future CCNAs and CCNPs about which routers to buy and which ones to avoid. You can take almost any set of Cisco routers and put together a home lab; part of the learning process is taking what equipment you have available and putting together your own lab! For those of you preparing to start your home lab or add to your existing one, this article will list the routers I use in my Cisco pods. You certainly don't have to have all this equipment, but this will give you some good ideas on how to get started.
The most versatile router you can get for your CCNA / CCNP home lab is a 2520. These routers come with four serial ports, one ethernet port, and one BRI interface for ISDN practice. This mix of interfaces means you can actually use it as a frame relay switch while using the ethernet and BRI ports for routing. (There is no problem with using a lab router as both your frame relay switch and a practice router; for a frame relay switch sample configuration, visit my website!)
My pods consist of five routers and two switches, and three of the five routers are 2520s, due to their versatility. A recent ebay search showed these routers selling for $99 - $125, an outstanding value for the practice you're going to get.
I also use 2501s in my home labs. These have fewer interfaces, but the combination of two serial interfaces and one ethernet interface allows you to get plenty of practice.
A combination that works very well is using three 2520s; one as my dedicated frame relay switch, one as R1, and another as R2. Add a 2501 as R3, and you can have a frame cloud connecting R1, R2, and R3, a direct serial connection between R1 and R3, an Ethernet segment that includes all three routers, and an ISDN connection between R1 and R2 if you have an ISDN simulator. That combination will allow you to get a tremendous amount of practice for the exams, and you can always sell it when you're done!
2501s are very affordable, with many in the $50 range on ebay. It's quite possible to get three 2520s and one 2501 for less than $500 total, and you can get most of that money back if you choose to sell it when you're done.
With four routers to work with, you're probably going to get tired of moving that console cable around. An access server (actually a Cisco router, not the white boxes we tend to think of when we hear "server") will help you out with that. An access server allows you to set up a connection with each of your other routers via an octal cable, which prevents you from moving that console cable around continually. For an example of an access server configuration, just visit my website and look in the "Free Training" section.
Access server prices vary quite a bit; don't panic if you do an ebay search and see them costing thousands of dollars. You do NOT need an expensive access server for your CCNA / CCNP home lab. 2511s are great routers to get for your access server.
One question I get often from CCNA / CCNP candidates is "What routers should I buy that I can still use when I'm ready to study for the CCNP?" The CCIE lab changes regularly and sometimes drastically when it comes to the equipment you'll need. During my CCIE lab studies, I found that renting time from online rack rental providers was actually the best way to go. Don't hesitate when putting your CCNA / CCNP home lab together, wondering what will be acceptable for the CCIE lab a year or so from now. None of us know what's going to be on that equipment list, so get the CCNA and CCNP first - by building your own Cisco home lab!
CCNA
CCNA stands for Cisco Certified Network Associate - a certification for IT professionals that is issued by Cisco Systems, Inc., one of the most successful computer networking companies. Cisco manufactures and markets a wide range of devices for both enterprises and telecommunications carriers. Cisco is an abbreviation of San FranCISCO.
The Cisco Certified Network Associate is an apprentice, or foundation level (along with Cisco Certified Design Associate), within the three levels of certification that include Associate, Professional, and Expert. Basically, CCNA professionals are certified to install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not exclusive to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, and Access Lists. The certification is valid for three years, after which recertification may be sought.
In order to hold a CCNA certification, a candidate has to pass either the Cisco Certified Network Associate Exam or a combination of Introduction to Cisco Networking Technologies Exam and Interconnecting Cisco Networking Devices Exam. Main topics for these three exams include Planning and Designing; Design and Support; Implementation and Operation; Troubleshooting; and Technology. Other related topics may also appear on any specific delivery of the exam.
There are also some recommended training programs that may be taken before the above-mentioned examinations. These programs include Introduction to Cisco Networking Technologies (INTRO), Interconnecting Cisco Network Devices (ICND), and Additional Training (CCNA Prep Center Pilot). These trainings incorporate topics such as fundamental knowledge and comprehension of networking; how to select, connect, configure, and troubleshoot the various Cisco networking devices; sample questions, simulations, e-learning modules, labs, tips, etc.
The Cisco Certified Network Associate is an apprentice, or foundation level (along with Cisco Certified Design Associate), within the three levels of certification that include Associate, Professional, and Expert. Basically, CCNA professionals are certified to install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not exclusive to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, and Access Lists. The certification is valid for three years, after which recertification may be sought.
In order to hold a CCNA certification, a candidate has to pass either the Cisco Certified Network Associate Exam or a combination of Introduction to Cisco Networking Technologies Exam and Interconnecting Cisco Networking Devices Exam. Main topics for these three exams include Planning and Designing; Design and Support; Implementation and Operation; Troubleshooting; and Technology. Other related topics may also appear on any specific delivery of the exam.
There are also some recommended training programs that may be taken before the above-mentioned examinations. These programs include Introduction to Cisco Networking Technologies (INTRO), Interconnecting Cisco Network Devices (ICND), and Additional Training (CCNA Prep Center Pilot). These trainings incorporate topics such as fundamental knowledge and comprehension of networking; how to select, connect, configure, and troubleshoot the various Cisco networking devices; sample questions, simulations, e-learning modules, labs, tips, etc.
Boost Your Career And Benefit From A Microsoft Certification Or Two Or Three!
You went to college and thought you were prepared for the job market. If you are going for entry-level work, yeah, you are prepared. However, to really get ahead, you need Microsoft certification, whether it is an MCP, MCSA, MCSE or any other string of letters. Quite a few people will go for multiple certifications to broaden their experience and scope of possible job opportunities.
Some of the Microsoft certifications require you have to have at least one year of practical experience in order to pursue a certification, namely an MCSE or Microsoft Certified Systems Engineer. It is important to have that experience that these certain certifications require because the training, like the MCSE training and the MCSE exams that follow, are very intense. In fact, some people will not only partake of the standard MCSE training, but also MCSE boot camps for more in-depth studies into their certification.
One standard benefit to having a Microsoft certification is that it is a great basic means of analyzing the aptitude of an employee. If you are a manager or owner in a business, you want some way to evaluate that employee’s skills. And if you are the employee, you know that your boss recognizes your abilities.
If you are on the hunt for a new job, then potential hiring managers and employers have a basis in which to assess your qualifications. Without that Microsoft certification on your resume, these employers would have no idea about your skills and most likely would consider someone else, someone with a certification, for the position you were aiming for.
If you do not have much hands-on experience in your field, but you do have the Microsoft certification to prove that you know the material, you would also have a leg up on anyone else applying for the same position that may have more hands-on experience, but no certification. For some reason, that certification, those little string of letters like MCP or MCSE, hold a lot of power.
Yet another benefit to holding a Microsoft certification or two is the money aspect of it all. Sure, you shelled out some major bucks to fund your education in those MCP courses or that MCSE training, but consider it an investment in yourself. With certification, you can bargain a higher salary and even reimbursement for your training!
Many professionals in the IT field or in a company in which you work in an IT department could benefit from Microsoft certification. Do you work as an Administrator for a network, mail or web server? Are you involved in the security of networks and the internet? Any of those positions and much more benefit with additional training and certification. Just think money! It is the biggest motivator. The more you know and can bring to a position, the more money you stand to make.
So think about going for your MCSE or MCP certification or any number of others available. More training; more knowledge; more money ... sounds like a no-brainer! Go nuts and get certified today!
Some of the Microsoft certifications require you have to have at least one year of practical experience in order to pursue a certification, namely an MCSE or Microsoft Certified Systems Engineer. It is important to have that experience that these certain certifications require because the training, like the MCSE training and the MCSE exams that follow, are very intense. In fact, some people will not only partake of the standard MCSE training, but also MCSE boot camps for more in-depth studies into their certification.
One standard benefit to having a Microsoft certification is that it is a great basic means of analyzing the aptitude of an employee. If you are a manager or owner in a business, you want some way to evaluate that employee’s skills. And if you are the employee, you know that your boss recognizes your abilities.
If you are on the hunt for a new job, then potential hiring managers and employers have a basis in which to assess your qualifications. Without that Microsoft certification on your resume, these employers would have no idea about your skills and most likely would consider someone else, someone with a certification, for the position you were aiming for.
If you do not have much hands-on experience in your field, but you do have the Microsoft certification to prove that you know the material, you would also have a leg up on anyone else applying for the same position that may have more hands-on experience, but no certification. For some reason, that certification, those little string of letters like MCP or MCSE, hold a lot of power.
Yet another benefit to holding a Microsoft certification or two is the money aspect of it all. Sure, you shelled out some major bucks to fund your education in those MCP courses or that MCSE training, but consider it an investment in yourself. With certification, you can bargain a higher salary and even reimbursement for your training!
Many professionals in the IT field or in a company in which you work in an IT department could benefit from Microsoft certification. Do you work as an Administrator for a network, mail or web server? Are you involved in the security of networks and the internet? Any of those positions and much more benefit with additional training and certification. Just think money! It is the biggest motivator. The more you know and can bring to a position, the more money you stand to make.
So think about going for your MCSE or MCP certification or any number of others available. More training; more knowledge; more money ... sounds like a no-brainer! Go nuts and get certified today!
Be Certifiable! The Basics Of MCSE And MCP
It is not always who you know, but what you know. That is why obtaining Microsoft certification can be a valuable asset to your career. Of course, it does depend on what career path you want to take as to whether you want to get either MCSE training or MCP training or anything else for that matter. So what do those abbreviations MCSE and MCP stand for anyway?
MCP stands for Microsoft Certified Professional and MCSE is an abbreviation for Microsoft Certified Systems Engineer. What exactly does having a Microsoft certification mean anyway? We know that it looks good on a resume and opens new doors in your career. Did you know that being certifiable - in Microsoft anyway - sometimes will also boost your pay? Experience counts for a lot, but having a Microsoft certification or two does not hurt either!
So what does it take to be and MCP or MCSE? Lots of studying! The MCP courses and MCP exams are geared toward a more rounded technical professional. Candidates for MCP must pass one current certification test from Microsoft. Passing one of the exams demonstrates that the candidate has a consistent level of technical expertise.
With the Microsoft Certified Systems Engineer path, there are MCSE boot camps that help prepare candidates for the MCSE exams. These MCSE boot camps are intense classes often packed into a full two week period instead of the traditional weekly MCSE training classes in preparation for the MCSE exams. This path is more involved. MCSE certification is standard in the IT field and prepares you for anything from the design of a system’s infrastructure to analyzing the company’s needs before implementing a design.
Unlike those individuals who take the MCP training to prepare for MCP exams, students of MCSE have a course of study that is more intense. Instead of one test to prepare for, they have seven tests that they are required to pass to get their Microsoft certification. Yikes! Seven! They have five main exams to take as well as two electives. The five required MCSE exams are broken down into four operating system exams and one design exam. The two electives typically deal with other issues in design and implementation not covered in the five core tests.
After learning a few basics, it is easy to see that the MCP or Microsoft Certified Professional is really just a stepping stone to bigger and greater things in the world of Microsoft certification. The individuals who go for the MCP have a leg up on those peers who have no technical experience. They will have a better grasp on technical issues and usually stay a step ahead of trends. The MCSE is more specialized and appeals to the techno geek with a penchant for design and implementation. They like knowing how stuff works. So market yourself and become certifiable!
MCP stands for Microsoft Certified Professional and MCSE is an abbreviation for Microsoft Certified Systems Engineer. What exactly does having a Microsoft certification mean anyway? We know that it looks good on a resume and opens new doors in your career. Did you know that being certifiable - in Microsoft anyway - sometimes will also boost your pay? Experience counts for a lot, but having a Microsoft certification or two does not hurt either!
So what does it take to be and MCP or MCSE? Lots of studying! The MCP courses and MCP exams are geared toward a more rounded technical professional. Candidates for MCP must pass one current certification test from Microsoft. Passing one of the exams demonstrates that the candidate has a consistent level of technical expertise.
With the Microsoft Certified Systems Engineer path, there are MCSE boot camps that help prepare candidates for the MCSE exams. These MCSE boot camps are intense classes often packed into a full two week period instead of the traditional weekly MCSE training classes in preparation for the MCSE exams. This path is more involved. MCSE certification is standard in the IT field and prepares you for anything from the design of a system’s infrastructure to analyzing the company’s needs before implementing a design.
Unlike those individuals who take the MCP training to prepare for MCP exams, students of MCSE have a course of study that is more intense. Instead of one test to prepare for, they have seven tests that they are required to pass to get their Microsoft certification. Yikes! Seven! They have five main exams to take as well as two electives. The five required MCSE exams are broken down into four operating system exams and one design exam. The two electives typically deal with other issues in design and implementation not covered in the five core tests.
After learning a few basics, it is easy to see that the MCP or Microsoft Certified Professional is really just a stepping stone to bigger and greater things in the world of Microsoft certification. The individuals who go for the MCP have a leg up on those peers who have no technical experience. They will have a better grasp on technical issues and usually stay a step ahead of trends. The MCSE is more specialized and appeals to the techno geek with a penchant for design and implementation. They like knowing how stuff works. So market yourself and become certifiable!
Cisco CCNP / BSCI Exam Tutorial: Not All Static Routes Are Created Equal
As a CCNP candidate, as a CCNA, and in getting ready to pass the BSCI exam, you may be tempted to breeze through your static route studies, or even skip them! That's because static routes are easy enough to configure, and as long as you remember the syntax of the ip route command, you're in good shape.
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
Subscribe to:
Posts (Atom)