Archive

Category Archives for "Daniels networking blog"

The New CCNP – Combining Exams

The new CCNP RS was just released. The last day to test with the old exams is
January 29, 2015.

What is usually seen is that people start to panic, they want to complete the
old exams before they are removed. There is no reason to panic though, you can
mix and match the old exams and the new exams. If you have taken the old
ROUTE and SWITCH, you can take the new TSHOOT and become a CCNP. If you have
the old SWITCH, you can take the new ROUTE and TSHOOT and become a CCNP.

All the valid combinations are available through a comparison tool from Cisco.

Which exams should you take? This depends on how far you are into your studies
and what your future plans are. If you plan to take the CCIE, the new ROUTE looks like
a good stepping stone to me. If you want to finish as quickly as possible, then take
the old exams. As mentioned above, if you don’t complete all three in time, you can take
one of the new ones to round off the CCNP.

Good luck to all the CCNP candidates out there!


CCNP RS Version 2

I woke up to the news that CCNP RS Version 2 is now live. As usual, there is no
reason to panic. If you have been studying for the old version, nothing has been
wasted. OSPF is still OSPF, EIGRP is still EIGRP. The new exams are:

Implementing Cisco IP Routing (300-101)
Implementing Cisco IP Switched Networks (300-115)
Troubleshooting and Maintaining Cisco IP Networks (300-135)

The last day to take the old exams will be January 29, 2015.

The good news with the new blueprint is that Cisco is doing what they have been
for a while now, producing more detailed blueprints on what to study. There is also
a weighting included, which shows how much weight each section holds of the entire exam.

Implementing Cisco IP Routing (300-101)

This is the new version of the ROUTE exam. The old version was 642-902. The
new blueprint is here.

The routing protocols are still there, as expected. Let’s go through the blueprint to
see what has been added or clarified from the old blueprint.

1.0 Network Principles 10%

1.1 Identify Cisco Express Forwarding concepts
1.1.a FIB
1.1.b Adjacency table
1.2 Explain general network challenges
Continue reading

Potential Issues with Multicast within a VLAN Spanning Switches

Background

I ran into an interesting issue yesterday at work. There is a new video system
being installed, which takes the video output from computers, encodes it and
sends it as multicast to a controller. The controller then displays it on
a video wall. I had been told that the network has to support multicast.
As all the devices were residing in the same VLAN, I did not expect any issues.
However, the system was not able to receive the multicast. At first we expected
it could be the virtual environment and that the vSwitch did not support multicast,
because one server was deployed on the ESX cluster. The topology was this:

Snooping1

Multicast at Layer 2

Before describing the issue, let’s think about how multicast at layer 2 works.
The source will send to a multicast destination IP. This IP is the converted to a
destination MAC address. If the group is 227.0.0.1, this would map to the MAC
address 0100.5e00.0001. Switches forward multicast and broadcast frames to all
ports in a VLAN. This is not effective in the case of multicast as the traffic
may not have been requested by the host connected to Continue reading

Routing Considerations in DDoS Protection Environments

Lately I have done some studying for the CCDE and one of the things I was
looking at is how to protect against DDoS attacks. I’m not expecting it
to be a big topic for the CCDE but it has some interesting concepts relating
to routing. Take a look at the following topology:

Main

There is an attacker at the top left. R1 is the edge device and then there are a
few more routers, all peering BGP with the RR, which is R5. The server of interest
is 100.100.100.100 and there is a scrubbing device to the far right. All routers
peer iBGP from their loopbacks to the RR, including the scrubbing device.

Normally traffic to 100.100.100.100 would flow through R1 to R4 and then to the
server.

Normal_flow

The attacker now starts to flood the server with malicious traffic. This is detected
by the DDoS scrubbing device which starts to announce via BGP a more specific route
than the one advertised by R4. R4 normally advertises 100.100.100.0/24 but the
scrubbing device advertises 100.100.100.100/32. All the other routers will start
to forward traffic to 100.100.100.100 towards Continue reading

Ethernet, STP, Topology change and the behaviour of Ethernet

Introduction

This post is inspired by a post at IEOC about Uplinkfast and TCN which
can be found here.

Before we get to those parts, let’s recap how Ethernet and STP work together.

Spanning Tree

The Spanning Tree Algorithm builds a loop free tree by comparing Bridge ID(BID) and
least cost paths to the root bridge. By doing this it blocks all links not leading
to the root.

STP1

MAC Learning

Switches learn where to forward frames by looking at the source MAC address of the frame
on the port that the frame was received on. This learning is done in the data plane
as opposed to routing where the routes are learned in control plane. I will come back
to this later in the post.

MAC learn1

S4 learns that A is located on port 1 after A has sent a frame. This is stored in
the MAC address table located in Content Addressable Memory (CAM). The CAM is a
fast memory optimized for quick lookups in the table. By default there is a 300
second aging timeout for learned MAC addressesm, meaning that if the switch
does not see any traffic from a source MAC within five minutes the entry will
Continue reading

Cisco now #1 on bladeservers in US with the Cisco UCS

Five years ago, Cisco started out on their journey to get in on the server market.
Very few people believed that Cisco would get a big share of the market.
Today, just five years later we are reached by the news that Cisco is now
the largest seller of blade servers in the US! From nothing to #1 in five
years, that is an impressive feat for sure!

This slide provides a summary of some of the statistics for UCS:

Slide2

Over 33000 customers are now using UCS and it’s growing! Cisco is still showing
significant growth at 39% The only other vendors to show growth are Dell and Hitachi.

Slide4

Cisco now has 40.9% of the blade server market in the US. Worldwide, Cisco is at #2
behind HP. I’m expecting this gap to decrease and I wouldn’t be surprised if Cisco
passes HP globally within a year or two as well.

The next slide is very interesting. Cisco went from nothing to #1 in five years.
IBM used to be a major player but now only has 10% of the market.

Slide10

Not only has UCS been selling really well, it also has a lot of performance records.
Currently UCS Continue reading

A Short Update on CML from #CLUS

Hey everyone,

I’ve been having a really good time here at Cisco Live US. Here is a short update on CML.

General Info

CML is being released end of June or beginning of July. The corporate edition with
a base license and support for up to 15 nodes will be listed at around 13000$ per year.
If you subscribe for two years, the discount is 5% and for three years it is 10%
Normally 15 nodes cost around 13000$ per year so basically you get 5 nodes for “free”
if you get the base package which has the SKU R-CML-CE-K9=.
IOS will be supported by running IOSv. Every IOSv image requires around 512 MB of memory.

System Requirements:

  • The Cisco Modeling Labs server runs on VMware ESXi 5.0, 5.1, and 5.5.
  • Recommended – Cisco UCS®
  • C220 M3 Rack Server with 16 core CPU and 128 GB memory or Cisco UCS
  • C460 M2 High-Performance Rack Server or higher model (actual memory and CPU consumption depends
    on the number of virtual nodes and virtual network OS types). To help determine the appropriate memory
    please find the Cisco Modeling Labs Calculator at http://www.cisco.com/go/cml.
  • Following are the minimum hardware Continue reading
1 12 13 14