Archive

Category Archives for "Networking with FISH"

CCIE/CCDE Re-certification: An Opportunity to Learn and Grow

I did not pass my CCDE re-certification last week.  Why write a blog about a “failure”?  Honestly?  Because I think we as an IT industry overly focus and give too many kudos to the passing only.  Not to the hours and hours of studying and learning… not to the lessons learned… not to the growth gained from the studying journey.  Just to the “pass/fail”.  Well damn… no wonder people cheat.  Their focus isn’t on the learning or the journey.  Just the passing.

I thoroughly believe the expression –

Sometimes you win….. Sometimes you learn.

Did I want to pass last week?  ROFL!  Are you kidding?  Of course I did!  Did I “deserve” to pass?  Well…. um…. err… not exactly.

See that 10% at the bottom of the “Written Exam Topics v2.1?”   Truth be told I didn’t quite exactly study that part very much.

So what is my plan now?

LEARN

Honestly in my job I am not doing much Cloud, SDN, or IoT.  AND I have to admit I am quite happy I am now essentially forced to learn these to a Continue reading

CCIE/CCDE Re-certification Time Again – Go for it? … or Emeritus?

It is “that” time again.  Time to start studying for one of the CCxE (CCIE/CCDE) re-certifications. Got my 1st CCIE back in 1997.  A couple years later my CCIE SNA/IP.  Then back in 2009 I passed my “favorite E” – the CCDE.  And now?   I’ll tell you a secret that I actually haven’t told anyone at all except for my wife. — I am so tired of studying for the writtens. I prefer spending my time getting my hands dirty in the lab at work in CPOC, learning new technologies, reading pcap files, technically reviewing books, writing blogs, making youtubes, CiscoLive….. Anything but studying… yet again…. just to pass a CCxE written.  Especially now with the 10% “evolving technologies” add.  For the past few months I’ve been trying so hard to get myself to sit down and do some studying.  It has really been a struggle to get myself to study and I have rescheduled my exam twice so far. It has just been really hard to find the motivation when there are so many other things I’d prefer to be doing.

To make matters worse, each and every time I actually Continue reading

Fun in the Lab: IWAN, LiveAction, Prime, UDP Director

Okay… so just some major geeky fun in the lab.  I had lots of fun doing it… so why not share it with you and let you in on some geeky fun? Thirty-eight minute YouTube with a PDF guide book. ?  Little bit of this… little bit of that.

geeky_fun_overview

  • Lancope UDP Director,
  • LiveAction,
  • Spirent TestCenter,
  • IWAN
  • Prime.

Pdf of slides

Breakdown of YouTube sections and corresponding approximate timestamps:

  • Overview – start til ~6 minutes in
  • IWAN Policy & Status – 6:10 til 14:20
    • Check IWAN MC Policy & Status
    • At Store1 check IWAN status
    • Check traffic – EF & CS1
  • Monitoring Traffic Flows: 14:20 til 20:20
    • In LiveAction see the traffic flows
    • In Prime’s new IWAN PfR monitoring look for traffic flows
  • Lancope UDP Director & Troubleshooting: 20:20 – 27:20
    • Troubleshoot in Lancope UDP Director
    • Find missing forwarding rules
    • Fix missing forwarding rules
    • Sniffer Capture
  • Monitoring Traffic Flows : 27:20 – 28:20
    • In Prime see the traffic flows
  • Impairment & Traffic Flows: 28:20 – 38:00
    • Cause delay on MPLS at Store 1
    • Verify LiveAction, Prime and CLI all see the same

 

 

WAN Impairment/WAN Emulator with WAN Bridge

Playing in the lab and want to impair a link with delay or loss?  ?    I use WAN Bridge – its simple and free.

impairment

So say I’m testing an SD-WAN brownout/impairment avoidance solution in my lab.  For example, Cisco’s IWAN.  I’m going to need something to impair links with delay or loss.  I like WAN Bridge.  Why?  Because its simple, easy, and free.

There has been one thing I’ve struggled with in the past year about.  Every time I needed an impairment point this burned up 2 NICs on my UCS equipment.  Why? Cause I couldn’t seem to figure out how to load one NIC on a UCS as a trunk port with multiple VLANs on it and have multiple WAN bridges with just 1 trunk on a switch.

So that meant, for a recent CPOC that I was doing, if I really wanted 6 impairment points (red circles in diagram below) I was going to need to eat up 12 NICs on my UCS.

onetoone

There had to be a better way…..

My friend, David Prall, was convinced it “should” work. I was equally convinced that I had tried it before and Continue reading

MPLS Fun in the Lab: Building a MPLS L3VPN Unicast and Multicast Cloud (6 Part Blog Series)

Hope you have TONS of fun with this blog series! I needed to build a full MPLS cloud with L3VPN unicast and multicast for a CPOC.  ?   Figured what the heck… bring y’all along for a “knowledge sharing ride-along”. Ultimately... Read More ›

The post MPLS Fun in the Lab: Building a MPLS L3VPN Unicast and Multicast Cloud (6 Part Blog Series) appeared first on Networking with FISH.

Fun in the Lab: Setting up 3 Phones – Part 2 Licensing

When we left me at the end of  Fun in the Lab: Setting up 3 Phones – Part 1 Prep Work …. (1) I had cloned an already existing CUCM VM and (2) I was stuck on the CUCM Licensing portion.

Today’s Mission

Today’s Mission (should I choose to accept it) is to license my CUCM.

mission_topo_licensed_cucm

My mission will involve –

  • Learning how to get a license for a CUCM internally within Cisco for lab use
  • Cleaning up my CUCM VM since it was a cloned VM

I’m still hoping I will eventually come across some cookies.  Why?  Because all my UC friends keep telling me I should “check out the dark side (UC)” and that “they have cookies”.  Just in case they are telling you this.  I need to let you know I have found NONE so far and I think they aren’t telling the truth.

PLAY TIME!

The licensing error message that came up on the CUCM said 2 things

license

  1. “Install sufficient licenses in the Cisco Prime License Manager for this system”
  2. “If licenses for this system are not already being managed by a Cisco Prime License Manager server, the system must first be Continue reading

Fun in the Lab: Setting up 3 Phones – Part 1 Prep Work

For those of you who know me I always kid that I’m afraid of UC.  But a few things conspired together to make me decide to attempt the plunge.

 

  • IWAN PreBuilt ReBuilt  ?  I completely tore down and destroyed the original IWAN PreBuilt Testbed so I could rebuild it.  Which meant I also lost my CallMgr and my voice/video phone setup I had inherited.
  • Voice/Video is typically in either 1st place or 2nd place as the most business critical application for the majority of customers i talk with.
  • NBAR2 interests me and I’d like to learn about and play some with QoS classification based on NBAR2 application recognition coming in.  Just finished reviewing a QoS chapter for the upcoming CiscoPress IWAN book and I just want to see, touch, and play.  ?
  • Documentation – I’m so incredibly tired of not knowing how to do this.  Voice/Video is such a perfect application and visual to help me knowledge share with co-workers and customer so very many concepts – QoS, AV, AVC, Application Recognition, business critical traffic, impairment avoidance… the list goes on and on.  I need to know how to build up a simple and Continue reading

Thinking Out Loud: My Career Planning

On average I usually think about my career at least 1 time every year and do an honest and deep “career inventory taking”.  More often (sometimes 2-3 times a year) if my job or environment is changing a lot. Are the questions I ask myself each time the same?  No.  Why?  Well cause time has passed.  What do I mean by this?  This means that over the years what I’ve seen is that my 1 year plan, 3 year plan, 5 year plan and 10 year plans have changed as I have changed.

For example ~26 years ago (when I was 25 years old) my plan was to become CEO of IBM by the time I was 35.  LOL!   (But that is a whole other blog: What’s at the “Top” of Your Ladder?)   Obviously, between then (when I was 25) and now my annual “career planning inventory” questions and my focus on what I want as the “wins” in a job for me….. have radically changed.   ?

What do I mean by “my focus on what I want as the ‘wins’ in a job?”    Well, again, when I was Continue reading

Fun in the Lab: DMVPN: Per-Tunnel QoS and High Availability

Went on an customer “ride-along” with Advanced Services this week.  Customer’s requirement was that the DMVPN headend have 2 physical interfaces for High Availability.  These 2 interfaces need to be the same subnet because they are going into 2 firewalls: one active/one standby.  So now what?

2fws

Tom Kunath (Advanced Services) thought “Well…. what about using backup interface command?”  Hmmmm that does seem to be the perfect tool in the Cisco CLI toolbox for this very situation.

Time to play in the lab!!!  ?

backup

interfaces

So now let’s try it and see how per-tunnel QoS will work with it.

Class-Maps and Policy-Maps

policy

policy1

NOTE: Snuck these configs from the QoS Chapter of the upcoming CiscoPress IWAN book a super dear friend of mine (David Prall) is co-authoring.

Apply to Tunnels

hote17_tunnel100_qos

hotel16_tunnel100

pt_qos

Okay…. so far so good.  Now let’s run some traffic.  I’ll send EF and AF41.

Send Traffic

hotel17_basic

Kay… so far so good.  I also have both being sent at the same bps from the traffic generator so I wanted to check this also.

Time to Fail Primary Link! 

fail_primary

Before I congest and see if the applied PerTunnel QoS can also drop.  Let’s make sure Continue reading

2016 Cisco Live, US – Geeks for life. — Just another day at the office…

CiscoLive 2016 LasVegas was my absolute favorite CiscoLive EVER!  They just keep getting better and better and better every year!  I so adore my “Nerd Herd” friends.

I was going to write a blog.. but I just couldn’t find the words……

So please enjoy my friend’s blog (@amyengineer) reblogged here. ?

Fish  ?

Putting together a wrap up post on Cisco Live US always makes me smile, and 2016 is no exception. As many of you know, this CLUS marked 5 years since Tom and a small group of engineers first bonded over networking nerdiness and an addiction to 140 characters. We’ve followed and helped each other through […]

via 2016 Cisco Live, US – Geeks for life. — Just another day at the office…

The Case of the Failed IPv6 Ping – Part 2: The Solution

Put your detective hat on your head and your Network Detective badge on your lapel.   It is time to SOLVE for the Case of the Failed IPv6 Ping.

Review the Facts and Clues Again

Let’s review where we left off in our Part 1 of this case — “Case of the Failed IPv6 Ping – Part1: Facts and Clues“.  At the end of Part 1…..we were ON R1 and unable to ping the IPv6 address of our directly connected interface gig0/0/3, 2001:db8:14:1::1.

R1_only

As you recall the facts were as below. Interface up/up, OSPFv3 configured properly, proper IPv6 address configured on interface gig0/0/3.  Still, we cannot ping R1’s directly connected IPv6 address from anywhere including from R1 itself.

2nd_checkList_59523931

Totally confused.  Time to just stare at the list above, absorb the oddness, and think.

Wait one second!!!! “No valid route for destination” ???   Even the ping from R1 said that?

pingR1_2

That can’t be true“, I think to myself while I type show ipv6 route connected.

showipv6routeconnected

What the????….. Why don’t I have R1’s gig0/0/3 interface in the routing table? It is up/up and with the proper IPv6 address configured.  Now Continue reading

The Case of the Failed IPv6 Ping – Part 1: The Facts and Clues

Put your detective hat on your head and your Network Detective badge on your lapel.   It is time for the Case of the Failed IPv6 Ping.

 

Part #1 –  We hit the crime scene together and we work methodically together to

  • Gather the Facts
  • Collect the Clues
  • Follow the Evidence
  • Interview the Witnesses
  • Question the Suspects

Part #2 – I give you what the problem ended up being.

Ready?  ?  Let’s PLAY!

It all started when I was going to do a post on IPv6 Multicasting. I grabbed 3 ASR1K and got them all prepped: cards, code, cables, configurations. Name the routers R1, R2, and R3. Add a couple Spirent TestCenter ports for traffic and sniffing , configure them, and we are good to go.

ipv6_1

Time for “pre-flight check”, as it were.

  1. PIM neighbors up and running between the routers – CHECK
  2. Make sure that the R3 can ping 2001:db8:14:1::1 – Um……

Oh… crap… that didn’t work.

Let’s go to the active crime scene!

Make sure that the R3 can ping 2001:db8:14:1::

ipv6 ping

ping

no_ping

Well that didn’t work did it? Let’s check the routing table on R3.

ipv6_R3

From R3’s IPv6 routing table we see

  1. R3 Continue reading
1 3 4 5 6 7 8