Passed CCIE Data Center!
After a number of months studying and final 2 weeks full 100% dedicated preparation I passed the CCIE Data Center Lab exam last week on April 25th in Brussels at first attempt!!!
This is my fourth CCIE title and I can honestly say that this is the title means a lot to me! Currently there are so few individuals who passed the CCIE Data Center lab and many have failed it already.
Preparation
What did I use for preparation?
IPexpert CCIE Data Center Workbook
Of course I used the CCIE Data Center Workbook from IPexpert for my preparation, because I wrote the book. After writing the labs for the past couple months I really had to re-do them all to get a feeling about the entire picture again. This has been an invaluable resource with labs that are a lot harder than the actual lab tasks!
Real life experience
In my work for a Cisco Gold Partner (Telindus) I did a lot of projects with Nexus 7000, Nexus 5000, Nexus 2000, MDS switches and a ton of UCS systems. This is where I found that I learned most of the knowledge that was required for the test.
Focus Focus Focus!
The Important Question for a Technology Fresher
After spending a considerable amount of time on forums like the Cisco Learning Network, it is apparent that there are many challenges for those entering the field of technology. Freshers, as they are known in the industry, have many challenges. Some of these challenges stem from the gap between the education process and the real […]
Author information
The post The Important Question for a Technology Fresher appeared first on Packet Pushers Podcast and was written by Paul Stewart.
Cisco IOS Alias
Don't you just love the option of configuring aliases on IOS? Call it being lazy or saving time, but I can't begin a network implementation without some awesome aliases!
Switch#p alias
alias exec s show run
alias exec w write memory
alias exec si show ip int brief
alias exec sr show run interface gigabit
alias exec c config term
alias exec st show int status
alias exec p show run | include
alias exec b show run | begin
alias exec ae alias exec
Get creative!
On a related note, some MAC OS X aliases
alias flushdns='sudo killall -HUP mDNSResponder'
alias menubar='killall -Kill SystemUIServer'
alias p4='ping 4.2.2.2'
On a related note, some MAC OS X aliases
alias flushdns='sudo killall -HUP mDNSResponder'
alias menubar='killall -Kill SystemUIServer'
alias p4='ping 4.2.2.2'
Cisco AnyConnect VPN 3.1 Untrusted VPN Server Certificate Installation
If you've upgraded your Cisco AnyConnect VPN Client to 3.1, you might run into the following warning pop up when you attempt to establish a VPN connectivity.
When this pops up, if you click on 'keep me safe', it will disconnect the VPN and you will not be prompted for a username/password.
Instead, if you click on 'change setting…', it will allow you to uncheck the box which blocks connections to untrusted server. By doing this, you trust the ip address or fqdn which is the VPN server (usually a public IP address or fqdn = vpn.company.com).
After the previous image, the above pop up shows up. 'Connect anyway' will complete the VPN connection.
Why do these security warnings show up in the first place?
Cisco made some changes to their Server Certificate Verification on 3.1. Following is a relevant excerpt from this Cisco document.
"–If a Subject Alternative Name extension is present with relevant attributes, name verification is performed solely against the Subject Alternative Name. Relevant attributes include DNS Name attributes for all certificates, and additionally include IP address attributes if the connection is being performed to an IP address."
How do you make these Continue reading
Shopping at the SDN App Store: What Enterprises Really Want?
I contributed 2 pieces to a Network World “digital spotlight” on software defined networking (SDN). SDN’s all the rage with marketing teams & the industry media. I’ve been contracted to write or contribute to a total of 3 large SDN pieces, including this one, over the next few months. And of course at Interop, you couldn’t walk […]
Author information
The post Shopping at the SDN App Store: What Enterprises Really Want? appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Cisco OTV Implementation & Troubleshooting (Legacy Multicast mode)
For the details on what Overlay Transport Virtualization (OTV) is and how it works on a high-level, see my previous blog entry about OTV 101. OTV troubleshooting requires a basic understanding of Multicast, as well as ISIS. In-depth troubleshooting on these subjects are not part of the scope of this document. This document will only […]
Author information
The post Cisco OTV Implementation & Troubleshooting (Legacy Multicast mode) appeared first on Packet Pushers Podcast and was written by Ken Matlock.
Show 147 – Avaya Fabric Connect Makes Multicast Simple (Really) – Sponsored
For many network engineers, IP multicast routing is evil. Difficult to design, complicated to implement, painful to troubleshoot and challenging to scale, multicast routing is rarely implemented on a given network unless it’s absolutely required. Most engineers would just rather not bother until the issue is forced upon them. Blame PIM. Blame RPF checks. Blame […]
Author information
The post Show 147 – Avaya Fabric Connect Makes Multicast Simple (Really) – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Cisco OTV 101 (Legacy Multicast Mode): MAC Learning Process Walk
What is OTV? Overlay Transport Virtualization (OTV) is a Cisco-proprietary protocol suite that allows us to extend Layer 2 between datacenters with Layer 3 boundaries in between. It works by encapsulating the L2 packets into L3 multicast packets and sending them out to all other OTV AED’s (Authoritative Edge Devices, used for loop prevention). The […]
Author information
The post Cisco OTV 101 (Legacy Multicast Mode): MAC Learning Process Walk appeared first on Packet Pushers Podcast and was written by Ken Matlock.
Interop: Firewalls, Booth Babes and Unicorn Poop
Now that I’ve returned from the whirlwind that was Interop Las Vegas, I thought I’d share some thoughts about my experience as a speaker and attendee. First the good: The UBM staff was awesome and I appreciated the chance to pontificate on one of my favorite subjects, firewalls. Thanks to some quick thinking by the […]
Author information
The post Interop: Firewalls, Booth Babes and Unicorn Poop appeared first on Packet Pushers Podcast and was written by Mrs. Y.
When Tech Meets Business
"I have had the pleasure of having Himawan as part of my team for a total of 3 years, first two years in the Carrier Ethernet practice as an NCE, and later on as part of my Advanced Services Africa team where Himawan worked as a Solutions Architect.Himawan is unique in the way that he not only contributes with extremely good technical knowledge (for which his triple CCIE is a proof), but he also provides the combination of very good consultancy and business skills, which makes him extremely valuable not only in meetings with customer engineers, but also in meetings with customer senior management.
What I value most with Himawan is his never give up attitude, it doesn't matter how complicated problem, how challenging business environment, or how short timelines, he always jumps into the challenge and finds a way to resolve the issue.
I can strongly recommend Himawan for any position where the combination of technical and business skills is required, and if I had a position open requiring these skills I would see Himawan as the perfect hire."
- Ulf Vinneras
Director Services Strategy and Business Development at Cisco Systems
Tack så mycket, Ulf!
NAT – Order of Operation
This post represents the solution and explanation for quiz-11. A very important topic when configuring Network Address Translation (NAT) is the order of operation. Who is performed first: NAT or Routing ?
Cisco AnyConnect VPN with LDAP integration
I spent some time recently building anyconnect VPN on an ASA 5525-X and integrating it with LDAP. It could be fairly quick and simple if you have the necessary information to build out an aaa-server for LDAP and match the attribute maps for LDAP service.
Integrating VPN with LDAP involves two phases:
1. Build an aaa-server for LDAP (multiple aaa-servers for load-balancing/redundancy) and then associate the LDAP server to the VPN tunnel-group.
2. Build LDAP attribute maps for determining what AD user gets associated to what VPN Group-Policy.
Phase 1 : aaa-server
Before building your aaa-server, you need to grab some information from your AD server. This includes the following:
1. AD server IP address
2. AD server type (microsoft etc)
3. LDAP (389) or Secure LDAPS (636) port
Create aaa-server 'LDAP' that uses protocol ldap.
aaa-server LDAP protocol ldap
Assign an IP address / Server (dns resolved) name to that LDAP server.
aaa-server LDAP (inside) host dc01
Note: Here the ASA realizes the dc01 server has an IP address which is internal to the ASA, hence it puts it in the 'inside' interface.
Since we use LDAPS and require LDAP over SSL, and the AD server is a Microsoft Continue reading
The Last Question
Please find my complete interview with IT Certification Master: Why Network, Skill, Experience Matters Most. Thank you to Mirek Burnejko for the opportunity.And below is the last question from the interview:
MB: You are also a co-founder of several organizations: GEM Foundation, Jawdat Teknologi Indonesia and CCIE93. Can you describe us these new ventures?
HN: This is my problem: there are 250 million people in Indonesia, and there are only less than 200 CCIEs. I’m planning to solve that problem. And it doesn’t mean I will make everyone from my country as CCIE. Nor I will teach CCIE class. I want to do more. I want to help Indonesian students and young professionals to become globally competitive professionals. So they can compete in global market like me, or stay in Indonesia to work on challenging project currently being done by professionals from outside the country (expats). And the solution must be scalable. That’s why I founded a not-for-profit organization GEM Foundation (GEMFo) early last year with several other Indonesian professionals who work outside the country. I spent my personal time to visit schools and universities to share global view from my own experience working abroad for more than 10 Continue reading
[Humor] Virtual Routing Inception
Don’t ask me what kind of daydreaming it took to arrive at this, but….I just realized that the following was possible: Which was ALREADY terrifying enough - but then my mind went here: Have a great weekend.[Quality of Service] Part 3 – Nexus 1000v: The Servers are Doing QoS Now?!?
I’m going to talk a little bit about performing QoS functions from within the Nexus 1000v. Since it’s been awhile since I made the last post in this series, a recap is in order: In my first post, I explained what the different types of QoS policies were in the context of Cisco’s MQC In my second post, I went through the actual configuration on specific platforms like the Cisco Nexus and Unified Compute platforms, as well as a brief mention of vSphere’s participation, but less on the QoS aspects and more on MTU.[Quality of Service] Part 3 – Nexus 1000v: The Servers are Doing QoS Now?!?
I’m going to talk a little bit about performing QoS functions from within the Nexus 1000v. Since it’s been awhile since I made the last post in this series, a recap is in order: In my first post, I explained what the different types of QoS policies were in the context of Cisco’s MQC In my second post, I went through the actual configuration on specific platforms like the Cisco Nexus and Unified Compute platforms, as well as a brief mention of vSphere’s participation, but less on the QoS aspects and more on MTU.[Quality of Service] Part 3 – Nexus 1000v: The Servers are Doing QoS Now?!?
I’m going to talk a little bit about performing QoS functions from within the Nexus 1000v. Since it’s been awhile since I made the last post in this series, a recap is in order: In my first post, I explained what the different types of QoS policies were in the context of Cisco’s MQC In my second post, I went through the actual configuration on specific platforms like the Cisco Nexus and Unified Compute platforms, as well as a brief mention of vSphere’s participation, but less on the QoS aspects and more on MTU.[Humor] Virtual Routing Inception
Don’t ask me what kind of daydreaming it took to arrive at this, but….I just realized that the following was possible: Which was ALREADY terrifying enough - but then my mind went here: Have a great weekend.Identifying Introverted Tendencies
It’s no secret that our industry is full of those with interesting eccentricities. These characteristics are found in varying degrees with those we come into contact with daily. The extremes of these often manifest themselves as a general perception of those in technology. This even happens as technical characters are portrayed television. One example of this […]
Author information
The post Identifying Introverted Tendencies appeared first on Packet Pushers Podcast and was written by Paul Stewart.