tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
[H/W] ccie "rack" (6) 1841s, (3) 2811s, (1) 3550, (1) 3560, and (2) 2960s |
finally getting off my ass and getting my ccie. i've been pressured from the higher-ups for about two years now to get it. took my written about 16 months ago and passed. need to take the lab before april 26th so it doesn't expire. was studying in gns3 -- but finally have acquired/borrowed the last bits for my hardware lab. finally got the last cables in today. attempting it on the 27th of march. here's to studying. q. |
|
|
hardly Premium Member join:2004-02-10 USA |
hardly
Premium Member
2013-Feb-13 7:22 pm
"Nice Rack"Seems I've heard that somewhere before. |
|
RyanG1 Premium Member join:2002-02-10 San Antonio, TX |
to tubbynet
Re: [H/W] ccie "rack"good luck man! Wishing you all the best =)
Ryan |
|
|
to tubbynet
Any plan to clean up the cables and power cords? |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
nope. 5' cables were all that were left over from a previous project. the power is provided by a bunch of surge strips off a single outlet. electrical nightmare. this isn't a permanent setup. some of the kit was borrowed, etc. this is strictly for me to accomplish a task and break it down. plus -- my fiance wouldn't let me keep this up and running 24x7, anyway . q. |
|
|
to tubbynet
How loud can those three 2811 routers and one 3550 switch be when they all power up? |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ
1 recommendation |
said by aryoba:How loud can those three 2811 routers and one 3550 switch be when they all power up? preaching to the choir, here. in my single days -- i went to sleep with my 2821, a 3560g, and a powered-on dl360g4p. the white noise in my room was awesome -- but i think its because i'm a geek like that. the gear is currently in my office now -- just down the hallway from the bedroom. the door is shut. she still says that its too loud. oh well -- she's still supportive of me -- despite my lack of time spent with her during this process. she's a keeper. q. |
|
TomS_Git-r-done MVM join:2002-07-19 London, UK |
TomS_
MVM
2013-Feb-14 4:25 pm
2821's are really quiet though. I could probably sleep with one on, and indeed I left mine on accidentally for a couple of days before I realised. 2811 on the other hand ... those little fans are like banshees. They do settle down a bit once the router boots up fully and starts to control them, but they are still very noticeable. Nice lab though. I wish I had the energy to dive in to some certs. I think I have accidentally let my CCNA expire, so likely if Im going to start over it will be with Juniper certs, since that is what I work with these days. Good luck. Getting a cert is only half the battle. Holding on to it over the years is where it gets tricky IMO. |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
said by TomS_:Nice lab though. I wish I had the energy to dive in to some certs. I think I have accidentally let my CCNA expire, so likely if Im going to start over it will be with Juniper certs, since that is what I work with these days.
Good luck. Getting a cert is only half the battle. Holding on to it over the years is where it gets tricky IMO. yeah. i would like to eventually have a juniper cert or two -- but i work in cisco-land -- so any cert would be on my own dime (and time). my ccna lapsed in 2007 -- and i haven't even attempted to get anything else. i figure if i can pass the lab -- i'll be able to re-cert on the written every two years. the technology doesn't change too much and most of the concepts are pretty straight-forward. i'm hoping for only a single attempt on the lab. we'll see if i can make it a reality. thanks for the words, tom! q. |
|
|
For the lab, make sure you know MPLS inside and out, and make sure you know Multicasting inside and out too. Those protocols featured heavily in the last CCIE lab I was exposed to. No, I'm not a CCIE, but I have a friend who runs a training company who is and he did a full CCIE written and lab quite recently, and he reported back those observations. |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
i have done quite a bit of both. back when i had my n7k lab -- i was working with a poc on n7k running a split agg/pe using vdc and using current customers l3vpn as a csc connection. also -- the past four months in $day_job have dealt with nothing but mcast -- and trying to make it work through an asa (long story -- but asa suck).
q. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
So how hard is the written? |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
said by DarkLogix:So how hard is the written? i didn't find much trouble with it. passed with a 987/1000. with the ccie -- its not a 'best practice' test -- its a technology test. they test your knowledge of idiosyncrasies of the technology and the underlying bits. thats why you're still running frame-relay. its not a 'best practice' or 'current technology' showcase. you need to _understand_ the basis for switching, bridging, and routing -- not just know how to configure it. tl;dr -- its not a test you can just "study for and pass". q. |
|
|
to tubbynet
said by tubbynet:i've been pressured from the higher-ups for about two years now to get it.
i would like to eventually have a juniper cert or two -- but i work in cisco-land -- so any cert would be on my own dime (and time). Your higher-ups don't compensate you in regards of dime and time? |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
not when the cert is for a competitor if our relationship with vendor-c was less, it may be a different story. as it stands now -- i get time during slow days to study -- and they are paying all expenses related to obtaining the ccie. they wouldn't do the same if i was getting a jncie cert. q. |
|
|
to tubbynet
Haven't had any good cisco porn pics in awhile... thanks for fulfilling the "need," tubbynet.
As others have said, best of luck and let us know the CCIE #
Regards |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ
1 recommendation |
said by HELLFIRE:As others have said, best of luck and let us know the CCIE # i'll let the number out -- but it won't change anything. i'll still be the same low-life trolling these forums and acting all incompetent. ;-P q. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
DarkLogix
Premium Member
2013-Feb-16 12:38 am
I need to get into it, the current job uses juniper, so I'm not even interested in touching it.
And I feel I might be slipping on what I knew. (but one day I'd love to get a ccie.
For now atleast I have my growing cisco home network. 3745 2x NME-16ES-1g-p (with OSPF load balancing) 2960g 1242AG
and from time to time I think of something interesting to try |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
said by DarkLogix:I need to get into it, the current job uses juniper, so I'm not even interested in touching it. juniper networks are also popular. they are a niche market -- but there are many people who are ardently 'a-b-c' people. knowing both does not hurt -- moreover not having some operational experience with non-cisco network kit is an exceptional pro. i have moderate practical junos, as well as f5 and checkpoint. you have to know a little bit of everything. q. |
|
|
to tubbynet
Wanted to ask tubbynet , for the 1841 WIC cards, where are they wired into? Are they crossovers between the 1841s, or do you have one of the other routers doing frame-relay switching? Regards |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
said by HELLFIRE:Wanted to ask tubbynet , for the 1841 WIC cards, where are they wired into? Are they crossovers between the 1841s, or do you have one of the other routers doing frame-relay switching?
Regards the bottom 2811 is serving dual purpose. ine's labs use three "backbone" routers -- sp routers that you can't configure/control -- but are annoucing bits into the network via different protocols, etc. at the ine racks -- each of the racks is peered to each other to dump routes into bgp -- makes it more difficult to isolate things (you could do the same with a spare subif and a pc running quagga). the bottom 2811 is serving as the frame-switch on the 1841 facing interfaces with a full-mesh of dlci connectivity between the bottom five 1841s. the top one is running a back-to-back frame connection to the 2811. additionally -- that router has p2p connectivity via a serial link to another 2811. q. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
to tubbynet
said by tubbynet:said by DarkLogix:I need to get into it, the current job uses juniper, so I'm not even interested in touching it. juniper networks are also popular. they are a niche market -- but there are many people who are ardently 'a-b-c' people. knowing both does not hurt -- moreover not having some operational experience with non-cisco network kit is an exceptional pro. i have moderate practical junos, as well as f5 and checkpoint. you have to know a little bit of everything. q. From what I've seen cisco is more true to the tech and juniper is more aimed to remove options that aren't commonly used, and then simpilify things in a way that makes it annoying. A number of times we've had to contact juniper only to find something hidden in the code thats not ment to be touched has to be reconfigured because juniper assumed it would work. |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
said by DarkLogix:From what I've seen cisco is more true to the tech and juniper is more aimed to remove options that aren't commonly used, and then simpilify things in a way that makes it annoying. terribly skewed, and in my opinion, incorrect perception. i'll let users like TomS_ comment deeper, but juniper has a solid place in a lot of core and edge sp environments. the flexibility that is offered through their constructs far exceed what cisco has to offer in the same space. things like 'flexible-vlan-tagging' and 'ethernet-ccc' have been supported for some years now and offer flexibility that cisco is now beginning to offer on its kit. things like ng-vpn and mldp for p2mp lsp's have been common place in juniper-land for upwards of two years. cisco doesn't support ng-vpn for mcast within a vpn -- and a broad consensus of many providers has ng-vpn as the mcast vpn distribution mechanism of the future. these providers have tried things like draft-rosen -- which is supported on cisco -- and know that its insufficient. as i said earlier -- discounting a technology maker because of a single instance or experience is terribly short-sited and will help you lose credibility in the marketplace faster than almost anything. q. |
|
|
to DarkLogix
I can understand both DarkLogix and tubbynet perspectives in regards of Cisco IOS and Juniper JUNOS functionality/practicality. JUNOS was designed to be closer to a regular UNIX box (open architecture) compared to IOS (closed architecture). Juniper preferred JUNOS in such a way in order to minimize payloads and to maximize performance, while Cisco preferred IOS in such as way in order to maintain stability and simplicity from network administrative perspective which requires no UNIX background or understanding. The statement no way indicates that IOS is stable than JUNOS or other way around. I have seen both in their downs and ups in various network environment. In large environment, typically you have both IOS and JUNOS in core network as redundancy. In smaller environment, you may keep either IOS or JUNOS as core network. I do believe nevertheless that any network should benefit from the best solution any vendor can provide in regards of reliability, stability, maintenance cost, and performance. Sticking to just one vendor without doing any benchmark against other vendor may impact such benefit. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
|
to tubbynet
terribly skewed, and in my opinion, incorrect perception. IME, not entirely... if you're doing things the way Juniper expects, which in 99% of cases would be "normal", the hidden/built-in defaults work. But in those 1% fringe cases, you run into odd things to be changed -- eg. IPSec timers. (try running IPSec between junipers over a sat link!) |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ
1 recommendation |
said by cramer:terribly skewed, and in my opinion, incorrect perception. IME, not entirely... if you're doing things the way Juniper expects, which in 99% of cases would be "normal", the hidden/built-in defaults work. But in those 1% fringe cases, you run into odd things to be changed -- eg. IPSec timers. (try running IPSec between junipers over a sat link!) if you justify an opinion based on experiences seen 1% of the time -- i can't help you there. i can say the same for cisco -- if you try to run things other than the way that cisco "expects" you to, then you're stuck trying to find out issues (one needn't look much past copp and hwrl on the c6k for proof of this). there is a different thought process that goes into the design and configuration of the network. look at the differences that juniper assigns to a/d with respect to bgp as compared to cisco. look at the way that juniper handles marking of packets (egress, by the way) and compare that to how cisco marks (ingress, or egress, depending on code, platform, linecard, etc). neither one is "right" or "wrong" -- its what fits your network and the way that you engineer around things. again -- discounting juniper because of a single experience (or ~1% of experience) is a dogmatic following of vendor ideology and not what should be done in a true "best of breed" network. i'm not a juniper supporter. i work for a *very* large cisco gold partner. we make a metric $hit-ton of money hocking cisco product. if you look past marketing fluff and cisco-spin -- you'll realize that cisco, juniper, and even other vendors, have a valid place in the network depending on use case and requirements. isn't that why we all have the rfp process, after all? q. |
|
|
to cramer
JUNOS on some platforms do have hidden/built-in commands and parameters. People may not be aware that IOS also have hidden/built-in commands and parameters that will show up when you deactivate or change the values. For examples, IOS default OSPF administrative distance of 110 and JUNOS default OSPF preference of 10 (internal) and of 150 (external) do not show up in configuration unless the value is changed. My guess is that the hiding reason is the same, to simplify the configuration lines with considerations that those default settings are sufficient in most situation (and perhaps soft-force people to be single-vendor user ). |
|
|
meta
Member
2013-Feb-20 11:19 am
Thats why the show run ALL command was added for some newer platforms to show all values of the device configuration, including explicitly omitted defaults. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
to cramer
said by cramer:terribly skewed, and in my opinion, incorrect perception. IME, not entirely... if you're doing things the way Juniper expects, which in 99% of cases would be "normal", the hidden/built-in defaults work. But in those 1% fringe cases, you run into odd things to be changed -- eg. IPSec timers. (try running IPSec between junipers over a sat link!) And ALG's that break ssl, ftp, and some other things. also still I can't upload to an ESXi from my computer any large file, instead I have to copy it to a server then upload it to the esxi from the server, due to the srx's corrupting of some types of file transfers. The call to juniper support that lead to finding that an ALG needed to be turned off took forever and they wanted to blame the program. (then the latest firmware update has broken SSL to any site that does online file storage, resulting in an odd ssl error) |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
said by DarkLogix:And ALG's that break ssl, ftp, and some other things. *all* alg's are craptastic. run a standard firewall -- either through access-rules or zones. if you need additional security -- run an application-level firewall on the system in question so that it has intrinsic knowledge of ipc and sockets being created on the server. ephemeral ports are terrible news and you're relying on a device that is more 'static' to know what is 'best' for things that are in constant 'change'. evidence of suck-mazing performance of juniper alg's can be found on j-nsp. q. |
|