Archive for April, 2013
Over the past 4 or 5 months with the Security CCIE lab change to version 4 the second most popular CCIE track behind Routing & Switching is now the Service Provider CCIE. The Voice CCIE is still very close but the Service Provider CCIE is really starting to edge it out. Below are just some of the Service Provider CCIE’s submitted to our success list for their free personalized CCIE polo shirt from INE in the past few weeks:
Dario Barinic, CCIE 25071
Rachit Gupta, CCIE 29824
Tim Gregory, CCIE 38334
Azam Poulatov, CCIE 19024
Rajinder Singh, CCIE 35062
Alexey Sannikov, CCIE 38671
Aaron Foss, CCIE 18761
Mahinder Singh, CCIE 27485
Sajjad Akram, CCIE 38675
Nuno Marques, CCIE 38295
Osama Saeed Abdelmonem Aboelfath, CCIE 38590
In addition to the increased passing rate for the SP CCIE our current SP CCIE Bootcamps in the US are sold out as of this weekend. We’ll add another SP Bootcamp in Chicago to the schedule sometime this week. We’ve increased capacity to 16 for the SP bootcamps which should help with the demand. Also we’ll be adding more Voice CCIE bootcamps as the next two are also sold out.
For those who maybe unfamiliar with the SP CCIE the track is really one of the best tracks out there and it a logical step after the Routing & Switching CCIE. Most Routing & Switching CCIE’s that continue onto the SP CCIE after a short break seem to be able to obtain it within 5 or 6 months. Excluding the IOS XR routers, the hardware is cheap and nearly 80% can be done either in GNS3, IOU or on the new CSR1000v (preferred option). The best part of the Service Provider CCIE is that it doesn’t focus on peripheral topics like QoS, Security, System Management, IP Services, etc. A couple SP CCIE workbooks on the market include these topics that aren’t cover in the SP lab exam as the material appears to be repackaged R&S lab material so just ignore those topics when preparing for the SP.
Lastly the topics that are covered in the lab are not just for service providers but for most large enterprise networks today. This is another reason for the increased demand as enterprise networks today are run more like service provider networks (VRFs, Dot1q tunnels, MPLS VPNs, L2TPv3, etc). 70% of the students in the bootcamps are from large enterprise networks and not service providers.
Monday May 6th at 11am PDT after the current 10 Day R&S CCIE Bootcamp here in Bellevue has concluded, I’ll be holding the second part of the PfR vSeminar. This second part will cover PfR in newer IOS versions. In particular I’ll be using the same topology but with a mixture of ISR G2′s, ASR1001′s and CSR1000v’s. The ISR G2′s are running 15.3T, the ASR1001′s are running 3.9S and the CSR1000v’s are also running 3.9S. Additionally I have two of the new 3850′s in my topology. They won’t be providing anything other than L2 switching for this vSeminar but if there is enough interest I can do 1 or 2 hour short vSeminar covering them. These are really nice switches and we’re starting to replace our current switches with them.
I’ll be making another post tomorrow in regards to doing another vSeminar the same week (May 6th week) before I head to my 10 Day R&S CCIE Bootcamp and 5 Day R&S CCIE Troubleshooting Bootcamp in San Jose, CA. I’m considering doing the vSeminar on IPv4 multicast, MPLS L3 VPNs or a full scale troubleshooting lab breakdown. If anyone has any ideas or preferences for a topic let me know.
Cisco Nexus, Cisco Unified Computing Systemn (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities:
Multiple Cisco Discovery Protocol Vulnerabilities in Cisco NX-OS-Based Products
Cisco NX-OS Software SNMP and License Manager Buffer Overflow Vulnerability
Cisco NX-OS Software SNMP Buffer Overflow Vulnerability
Cisco NX-OS Software Jumbo Packet Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities.
This advisory is available at the following link:
Normally we don’t post many individual congratulations to new CCIEs, not at all because we don’t wish to recognize them, rather simply because the shear number of passers would overwhelm our blog. In fact we do recognize ever single CCIE passer with a very nice custom polo shirt with their name, number and CCIE logo on it. However, today we felt it important to recognize the first CCIE Data Center having passed using our materials. He talks quite openly about the preparation and his experience taking the lab in Brussels, here on his blog. In passing, Iwan mentions on his blog that he used our CCIE Data Center – Video Courses and our CCIE Data Center – Workbook, along with the myriad of reading material required to pass the exam. Iwan is no stranger to the CCIE exam, this being his 5th CCIE, along with Routing and Switching, Security, Service Provider and Voice, so for him to say this exam was difficult and that he was working up to the last moment is actually saying quite a lot.
Also to note, we recently put on our schedule our brand new CCIE Data Center 10-Day Bootcamps with 2 locations in both Los Angeles and Seattle.
Last week we quietly snuck into the All Access Pass the recordings of the live UC on UCS and Nexus 1000v on UCS classes that I ran just a few weeks back. If you have never run Unified Communications in a virtual environment or have never worked with a distributed virtual switch in a VMware environment, these classes will certainly aid you in preparing for that first deployment. If you have worked with either product for a little while, these classes will deepen your understanding of what’s needed and what’s really going on behind the scenes. The Nexus 1000v class is also very useful for the Unified Communications engineer, as most deployments these days are virtual machines, and the Nexus 1000v is the recommended L2 switch to run them on, since the UCS can only match/mark at L2 CoS, whereas the Nexus 1000v allows you to match the L3 DSCP that the UC servers are natively sending and map them to a L2 CoS value, which is currently the only value seen and honored by any of your UCS or Nexus switches in your modern data centers.
I will be furthering this series with classes on the VSG with VNMC, the ASA 1000v, and later with the InterCloud 1000v as well as possibly more virtual devices in the weeks to come.
Here is our updated and simplified CCIE bootcamp reseat policy:
Bootcamp Retake Policy
INE invites all students to retake a Bootcamp course for only a $500-per-week rack rental fee. Routing & Switching Bootcamps are excluded from the fee and are free of charge. How do you know whether seats are available for a Bootcamp retake? It’s simple! As long as the Bootcamp is not labeled “Sold Out” on our website, you can retake it. Unlike other training companies, we do not limit the number of seats for students retaking a course.
It really doesn’t get any better and simpler than this. For the non-R&S CCIE bootcamps if you calculate the reseat fee out the $500 is cheaper than you renting the rack yourself for a week especially for our Service Provider bootcamps and new Data Center Bootcamps.
Below is the topology that I will be using for tomorrow’s PfR vSeminar. This should work on just about any rack setup as I only used one Ethernet interface on each router. Additionally all of the switches are acting as the hosts (SW1 Host A, SW2 Host B, etc).
The initial configurations are available in the rack control panel for the R&S rental racks (PfR vSeminar Initial Configs) and available below. R1 and R2 are the “external” routers and they are running BGP with each other as later in the vSeminar they will peer with R4 and R5 via eBGP. R4 and R5 have static default routes and are originating a default into OSPF with R5′s default having a lower cost making R5 the primary egress router to reach the external networks. Also at the bottom is basic ping script you can use to test your initial configurations.
Below are the steps needed to get the CSR1000v working in VMware Fusion on a Mac. Before we look at the steps here is the hardware and software I used:
Basically you need a quad core machine with a hypervisor (VMware, Virtual Box, KVM, etc). I just used VMware Fusion as it’s a commonly used hypervisor. Additionally I used two USB NICs to map to the GigabitEthernet1 and GigabitEthernet2 interfaces inside the CSR1000v. You could use any NICs or even subinterfaces if you are using Linux (Mac OS does support VLANs but I personally have not tried it with VMware Fusion). The GigabitEthernet0 is the management interface that is associated with the “Mgmt-intf” VRF so I didn’t want to use it for the internal and internet facing interfaces.
INE’s CCIE Data Center Rack Rentals are now available for public beta testing. During this beta testing period, racks are 100% free to book for CCIE DC Workbook customers. Simply login to your http://members.ine.com account, click the Rack Rentals option on the left, and you will see the CCIE Data Center racks listed, as seen below:
Click on “Schedule/Cancel Session” and the calendar will appear as below:
I will start off with an introduction to PfR. Then I will cover the basics of PfR. Next I will cover advanced PfR configuration along with troubleshooting. The session will start off using 12.4(15)T to cover the basics and around the second break I will switch the IOS to 15.1T and lastly switch over to IOS XE 3.9 using the CSR1000v. I will cover how PfR is used in production and how PfR can be used in your network today.
A standard topology will be followed throughout the session and all of the scenario configurations, diagrams, etc will be available after the session for you to either do on your own rack or our rental racks. I’ll publish the topology on Friday in the event you want to follow along with the live session. I’ve structured this session differently in that when the recordings are released you’ll be able to follow along with the videos which I think is key to learning a technology like this.
The previous session that I did covering PfR will be replaced with this session. The new session will be available for download on the 25th of April. This PfR session will be better than my previous PfR session but the jokes maybe the same.
Lastly this vSeminar is a great chance for everyone to see the style of bootcamps we run here at INE if you are looking for a training solution.