Denise "Fish" Fishburne

Author Archives: Denise "Fish" Fishburne

Understanding IPv6: A Sniffer Full Of 3s (Part 3 of 7)

“What the heck?” Yup, that pretty much summed up my confusion the first time I saw it. A sniffer trace full of threes.

The first thing it reminded me of was my days with Token Ring and locally administered addresses (LAAs). This was for two reasons:

  1. I could only see these MAC addresses being used as destination MACs, not as source MACs. This was the same with my experience with LAAs in token ring
  2. The MAC addresses seemed so pretty and clean, like the Token Ring LAA typically used for a 3745 IBM front-end process — 4000.3745.0001. Just look at them. Four threes, followed by a bunch of zeros, and then just one little number.

Help from Wireshark

I hope you are familiar with Wireshark; I use it all the time. It shows “reality” on the wire, which is crucial if you are a network detective trying to solve a whodunit.

If you are familiar with Wireshark then you might know that I can configure how the MAC addresses are displayed in the columns via the Wireshark preferences. As you can see below, I have set the preferences to not resolve the MAC addresses for me, Continue reading

Understanding IPv6: Link-Local ‘Magic’ (Part 2 of 7)

For those of you new to IPv6, what I am about to show you is going to look a lot like a magic trick. I’m going to bring up an IPv6 IGP neighbor relationship (OSPFv3) between two routers. This doesn’t sound like a magic trick, I know. But what if I told you I am going to do this without putting any IPv6 addresses into the configurations of either routers?

Like any true magician, I must start my magic act with letting you know I have nothing up my sleeves. So let’s review the facts:

  • IPv6 unicast routing is globally enabled on both routers
  • IPv6 OSPFv3 is enabled via the one global command, “ipv6 router ospf 6”
  • Each router has an interface in an out-of-band management network (OOB mgt.) in the subnet 14.14.14.0/24.
  • RouterA is 14.14.14.101 and RouterB is 14.14.14.102 in this OOB management network
  • The IPv4 addresses for the OOB management interfaces are the only IP addresses in the configurations
  • Gig1/0/1 on both routers only has only two IPv6 commands on it, as shown below
  • Router A is monitoring the gig1/0/1 interface and sending the traffic to a Spirent Continue reading

Understanding IPv6: The Journey Begins (Part 1 of 7)

IPv6 and I met back in the early 2000s. I really didn’t see the big deal or know what all the RFCs were about. This stuff was easy. Of course, at the time, my thoughts were barely even scratching at the surface, and I still believed IPv6 was just IPv4 with 128 bits. I was in what I now refer to as the “Checklist IPv6” phase.

“Checklist IPv6” was actually a great place for me to start. I had to remember only a few things while I was configuring the routers. Then I could kick back and let the magic of routing protocols work. Voila, IPv6 addresses would show up in the routing table of some other router in the lab. Ping to confirm, and I was done.

IPv6 “I know nothing” phase

The quote “The more you know, the more you realize how much you don’t know. The less you know, the more you think you know,” is attributed to David T. Freeman. I discovered the truth of this as I began digging deeper. The trigger to this phase was when I realized that IPv6 was clearly not IPv4 with 128 bits. When did that happen? When Continue reading

The Case of the Flapping BGP Routes: A Network Detective Ride-Along

 

Let’s go on a Network Detective Ride-Along together!  🙂   YouTube Style!   Case open to case closed in less than 15 minutes.  You ride along!  Use the 3 part BGP Table Version blog series below the YouTube to see how to use BGP table version in your Network Detecting.

Ready to hop on the case with me?  Just click below.

 

Understanding the BGP Table Version – Part 1: Introduction to BGP Table Version

Understanding the BGP Table Version – Part 2: BGP Table Version in Action

Understanding the BGP Table Version – Part 3: BGP Table Version & Troubleshooting

 

Ready for CiscoLive Barcelona? Woot! Woot! See ya there!

In less than 2 weeks CiscoLive Europe 2018 will be in full swing!  And, as usual, I am so incredibly excited!  🙂  This happens to me before every CiscoLive…. round about two weeks prior to the start of the event.  I just turn into a super excited little kid.  Like a little kid looking forward to going back to their favorite summer camp.  🙂   I’m even already mostly packed.  Teehee.

CiscoLive Barcelona – Plans and Priorities

What is my absolute #1 suggestion to anyone going to a CiscoLive event?  My #1 suggestion regardless if it is your first CiscoLive ever, or like me, your 17th.  My #1 suggestion is – “Begin with the End in Mind“.

  1. Know what your priorities are and then schedule your week accordingly.
  2. Review your priorities for the week during the week multiple times a day
    1. before the day begins
    2. at lunch
    3. at the end of the day

Begin with the End in Mind. Why?  Because, at CiscoLive, there are so many more things to do than you will have time to fit in.   I personally believe it helps to have a priorities list Continue reading

Fish Gets a New Job: “Solutions Architect”

Many of the best things that have happened in my life weren’t planned.  🙂  Becoming a “Solutions Architect” is one of those things.  I didn’t plan it.  I’ve been in CPOC (Customer Proof of Concept) for almost 17 years now.  🙂  Why?  Cause truthfully, having fun and enjoying my job is exceedingly important to me.  And I’ve never seen a job (in Cisco or outside) that would be more of an absolute perfect fit for me and what I consider “fun”.

But like I said…. Many of the best things that have happened in my life weren’t planned.  🙂

For those of you who know how very much I totally love CPOC… you might be wondering “Fish, what happened that made you decide to look for another job?”.    Uh… nothing.  Like I said… it wasn’t planned.  In fact, i didn’t even interview or apply for the job.

The new job is actually

  • a newly created position in a
  • just created team
  • reporting to an awesome leader
  • with 2 technical playmates I adore (ahem.. sorry.. co-workers)

 

Solutions Architect: What I Will Be Doing

Teehee… well the team literally just came Continue reading

Certifications: Why I Like Them, How I Use Them and My Plan for Security Learning

The other day Daniel Dib (http://lostintransit.se) asked me an interview question.  The question was about certifications.  What do I think about them…. and are they losing their “value”.

Poor certifications.  People question their value.  Of course “value” typically means for many what can the cert “do” for you once you have it.  People also get so judgemental of others for “collecting” them.  And yes… when I was younger I was, admittedly, one of those people who looked down on people I viewed as “cert collectors”.  Poor poor certifications.  In every area certifications exist they can get a bad rep.  IT industry, Scuba Diving, .. heck even in girl scouts when there was always that one girl who wanted to try to get every possible girl scout badge.  🙂

Why I Like Them and How I Use Them

In 2012 my view on certs changed.  I realized I could use them to my advantage to help me organize my learning by making goals and signing up for certs.   You see, back in 2010 I had bought a few books about Wireshark by Laura Chappel and told myself I would make Continue reading

Security with Fish: My First Couple Months

In late June I wrote Security Here I Come!  The transition wasn’t quite as fast as I thought it would be.  🙂   But for the past couple months I’ve been able to really start digging in.

My initial response after watching just 2 CiscoLive VoDs?  FEAR!

I really enjoyed these sessions a great deal!!  They were the absolute perfect eye-opener to me!

Neil Lovering had the “Verizon Data Breach Report” in his slides (below).

Its funny because I have seen it before.  To be completely honest I have seen it quite a number of times.  But it was just something about how he presented it.  He got past my not wanting to really “hear” about the risk and the danger and the reality of the security landscape in the world around us.  I paused the VoD on this slide…. paused it and just really took the time to take it all in.

My reaction to this slide?  Lol. This is when the fear began.  Two simple facts on the Continue reading

My Career Planning: A Ride-Along

About a year ago I shared with you (Thinking Out Loud: My Career Planning) a little about my yearly career planning process.  This time I’m going to bring you on a ride-along of this year’s annual Career Planning exercise.

First and foremost I must answer a common question that I was asked a lot after last year’s blog.

The Dream Job Question: 

“Why do you even bother with the yearly career planning process? You are always saying that CPOC is your dream job come true”

Yes. Without a doubt CPOC really is my absolute dream job come true!  I consider myself so truly fortunate, blessed and lucky to still be here with CPOC.  Rocking 16 1/2 years with CPOC and the CPOC family at Cisco!

So that all being said… why do I still review every year?  Like I mentioned in last year’s blog “over the years what I’ve seen is that my 1 year plan, 3 year plan, 5 year plan and 10 year plans have changed as I have changed.”  So then reviewing every year is just taking the time to “check in” that the job I’m in is not Continue reading

Woot! Passed My CCDE Recert (2nd Attempt)

Friday, August 18th was the day. Yup. Just last week.   My 2nd attempt at the CCDE written to re-certify my 3 “Es”.  To say I was nervous would very much be a decided understatement.  I don’t think I have ever been so nervous to take a Cisco written exam ever before.  Seriously ever before.

It’s funny… in all these years of taking the recert exams… I pretty much have always had the same pattern and same view on it.  My pattern usually is to take the 1st attempt 6-9 months before my 2 years is slated to be up.  My view on it has always been that of “time to refresh my broader knowledge again” and make it deep again.  There is that old adage “if you don’t use it you lose it”.   Teehee… yeah… that is typically IS-IS for me.  🙂

My view this time around was different.  And given that my first CCIE was from 1997…. this change in view was a surprise to me.  My view was more of it being something I “had to do” instead of “wanted to do”.

Why?  Because for the first Continue reading

Change in the Work Place: Attitude Can Be Everything

Change in the work place can be hard, unsettling, uncomfortable and… oh screw it… let’s just say it…. Change in the work place can just be down right scary when we are in the midst of it. 

I’m 52 so I’ve been through a lot of changes in my work environment over the years.  Since I’m a control freak it likely isn’t much of a shock that work changes like taking on a new job in a new company or new department aren’t the ones that I have the hardest time with.  I can see that this is because I feel like I’m the one who initiated the change in those situations.  I made the decision to move to that new company, job, or department.  I interviewed for it.  I felt it “called to me”.

But change in the work place is change in the work place.  Whether it is me initiating the change… or the change being “done to me”.  So why does a large re-organization in the same company feel scarier to me than me going to a new job at a new company?  They are both change.  Continue reading

“Focusing on the Gift” (aka How Fish views Presenting)

CiscoLive starts today and so do my presentations.  If you have ever wondered what I’m thinking about right prior to a presentation…. I am imagining a small and beautifully wrapped gift that I want to give to each and every person in the audience. That is what I am doing.  I am “Focusing on the Gift”.

Have I always done that?  LOL.  Uh… no.  But fortunately I don’t think my 2006 Networkers presentation on EIGRP is available on video.   Otherwise I think I’d be truly embarrassed.  Why?  Because it was my first Networkers/CiscoLive presentation and I was beyond belief nervous.  Worried if I’d do okay… worried if you were enjoying the session… oh the list goes on and on as to everything I was thinking and worried about.

And then I realized something.  You know what? It really isn’t about me at all.  I am just a vehicle.  It is all about “The Gift”.  So in 2007 I went out and bought a tiny little Christmas tree sized ornament of a perfectly wrapped gift box.  Small enough that I could hide it up on the stage Continue reading

Security Here I Come!

The announcement has been made!  It is completely official!  I can finally share the awesome great news I am so excited about.  Security will be my absolute #1 focus now. 

Security has always fascinated me.  My entire career.  ….. It’s just that the fundamentals of routing and design intrigued me even more.  🙂

But now?  Yeah baby!  Now I get to flip a switch… dive into and completely surround myself with all things Security.  And I just could not be any more tickled pink and excited.  I feel like all my years of networking have been a build up towards this.

Am I leaving my CPOC lab and job I adore so much?  Nah… I’d go through withdrawal.  LOL.  Nah… wouldn’t be pretty.  It is just my role that will be changing.

Woot woot!  Security here I come!  ROCK!

 

 

 

 

My Cisco Live 2017 Schedule

It is that time once again.  CiscoLive 2017 – Summer Camp for Geeks!  This will be my 15th CiscoLive/Networkers. What is my absolute #1 suggestion to anyone going to a CiscoLive event?  Easy – “Begin with the End in Mind“.  Know what your priorities are and then schedule your week accordingly.

So… here you go.  My CiscoLive (CLUS) priorities and schedule for the week.

  • Teach
  • Recharge
  • Learn
  • Play and Have Fun

 

CCIE/CCDE Re-certification: An Opportunity to Learn and Grow

I did not pass my CCDE re-certification last week.  Why write a blog about a “failure”?  Honestly?  Because I think we as an IT industry overly focus and give too many kudos to the passing only.  Not to the hours and hours of studying and learning… not to the lessons learned… not to the growth gained from the studying journey.  Just to the “pass/fail”.  Well damn… no wonder people cheat.  Their focus isn’t on the learning or the journey.  Just the passing.

I thoroughly believe the expression –

Sometimes you win….. Sometimes you learn.

Did I want to pass last week?  ROFL!  Are you kidding?  Of course I did!  Did I “deserve” to pass?  Well…. um…. err… not exactly.

See that 10% at the bottom of the “Written Exam Topics v2.1?”   Truth be told I didn’t quite exactly study that part very much.

So what is my plan now?

LEARN

Honestly in my job I am not doing much Cloud, SDN, or IoT.  AND I have to admit I am quite happy I am now essentially forced to learn these to a Continue reading

CCIE/CCDE Re-certification Time Again – Go for it? … or Emeritus?

It is “that” time again.  Time to start studying for one of the CCxE (CCIE/CCDE) re-certifications. Got my 1st CCIE back in 1997.  A couple years later my CCIE SNA/IP.  Then back in 2009 I passed my “favorite E” – the CCDE.  And now?   I’ll tell you a secret that I actually haven’t told anyone at all except for my wife. — I am so tired of studying for the writtens. I prefer spending my time getting my hands dirty in the lab at work in CPOC, learning new technologies, reading pcap files, technically reviewing books, writing blogs, making youtubes, CiscoLive….. Anything but studying… yet again…. just to pass a CCxE written.  Especially now with the 10% “evolving technologies” add.  For the past few months I’ve been trying so hard to get myself to sit down and do some studying.  It has really been a struggle to get myself to study and I have rescheduled my exam twice so far. It has just been really hard to find the motivation when there are so many other things I’d prefer to be doing.

To make matters worse, each and every time I actually Continue reading

Fun in the Lab: IWAN, LiveAction, Prime, UDP Director

Okay… so just some major geeky fun in the lab.  I had lots of fun doing it… so why not share it with you and let you in on some geeky fun? Thirty-eight minute YouTube with a PDF guide book. 🙂  Little bit of this… little bit of that.

geeky_fun_overview

  • Lancope UDP Director,
  • LiveAction,
  • Spirent TestCenter,
  • IWAN
  • Prime.

Pdf of slides

Breakdown of YouTube sections and corresponding approximate timestamps:

  • Overview – start til ~6 minutes in
  • IWAN Policy & Status – 6:10 til 14:20
    • Check IWAN MC Policy & Status
    • At Store1 check IWAN status
    • Check traffic – EF & CS1
  • Monitoring Traffic Flows: 14:20 til 20:20
    • In LiveAction see the traffic flows
    • In Prime’s new IWAN PfR monitoring look for traffic flows
  • Lancope UDP Director & Troubleshooting: 20:20 – 27:20
    • Troubleshoot in Lancope UDP Director
    • Find missing forwarding rules
    • Fix missing forwarding rules
    • Sniffer Capture
  • Monitoring Traffic Flows : 27:20 – 28:20
    • In Prime see the traffic flows
  • Impairment & Traffic Flows: 28:20 – 38:00
    • Cause delay on MPLS at Store 1
    • Verify LiveAction, Prime and CLI all see the same

 

 

WAN Impairment/WAN Emulator with WAN Bridge

Playing in the lab and want to impair a link with delay or loss?  🙂    I use WAN Bridge – its simple and free.

impairment

So say I’m testing an SD-WAN brownout/impairment avoidance solution in my lab.  For example, Cisco’s IWAN.  I’m going to need something to impair links with delay or loss.  I like WAN Bridge.  Why?  Because its simple, easy, and free.

There has been one thing I’ve struggled with in the past year about.  Every time I needed an impairment point this burned up 2 NICs on my UCS equipment.  Why? Cause I couldn’t seem to figure out how to load one NIC on a UCS as a trunk port with multiple VLANs on it and have multiple WAN bridges with just 1 trunk on a switch.

So that meant, for a recent CPOC that I was doing, if I really wanted 6 impairment points (red circles in diagram below) I was going to need to eat up 12 NICs on my UCS.

onetoone

There had to be a better way…..

My friend, David Prall, was convinced it “should” work. I was equally convinced that I had tried it before and Continue reading

MPLS Fun in the Lab: Troubleshooting the MVPN Cloud – Part 6

In MPLS Fun in the Lab: Add the Multicast in the Cloud – Part 5 we added the support in the cloud for multicast and for MVPN. As I mentioned in that blog, I intentionally left something out so we could have fun troubleshooting together. Please do know that what I left out is also most decidedly a very common thing forgotten by people new to configuring a cloud with MVPN/Rosen draft.

Time to play Network Detective together!

Gather the facts… collect the clues… follow the evidence.. interview the witnesses.. questions the suspects and figure out “who done it”.

mcast_nd_huh

I’ll start you off with 1 fact.

Fact – the missing configs are in the MPLS cloud offering MVPN.  There is nothing missing from the configs in the customer multicast environment. 

network_detective_checklist

Knowledge and book learning really are the key to faster troubleshooting.  I always begin here.  So we have a “who done it”. Right? I mean the multicast packets are not getting where they are supposed to go.

Before we look at what IS happening.  First we really should have the knowledge of what is supposed to happen.  So what is supposed to happen?

First Continue reading

MPLS Fun in the Lab: Add the Multicast in the Cloud – Part 5

Time to do our next blog in this “MPLS Fun in the Lab” blog series.  This time we will focus on how I had the SP cloud configured in order to be able to support the customer’s multicast the way that it did.

With MVPN (Multicast VPN) a key concept to understand and visualize is that you are looking at 2 distinct multicast environments.  The multicast that runs in the customer network and the multicast that runs over the MPLS.  Just because one is ASM (Any Source Multicast) doesn’t mean the other needs to also be ASM. They aren’t “related” that way.

mcast_domains

This seems to often confuse people.  But if we stop to think about it… the unicast is quite separate also.  Remember in MPLS Fun in the Lab: Following the Labels – Part 3 when Rogue didn’t have the IP address of the customer in its routing table? For the customer unicast to properly get across the Service Provider’s MPLS cloud we needed BGP VPNv4 and also MPLS LDP.  Right?

For MVPN there are multiple options. Instead of me writing all those options up… I think I’ll just reference my friend Daniel Dib’s Continue reading

1 2 3 5