Skip to main content

Posts

Showing posts from 2008

MPLS Deployment reasons

1) Faster convergence, in the old days that was a valid reason due to the relatively complex forwarding task that required more resources then Label forwarding. Today non relevant 2) RFC 1483 the newer 2684 AAL5 ATM Adaptation Layer 5 the implementation of IP over ATM 3) BGP Core Free on the SP network, as with MPLS lookup is done based on Labels and not destination address there is no need to have the BGP table in the Core for external prefixes lookup's. this is a massive change from the requirement that Every router in the core must have BGP enabled (cpu and memory intensive load) to only the edge router have BGP enabled mean higher performance and capability. Note: edge routers still need to have the BGP routing tables, edge routers are translating between ip routing decision to label based decisions. 4) Deployment scalability, when we face with large scale client to deploy (client that connect with 50 - 300 sites and more) we need to have under the consideration the deployment…

JUNIPER JNCIA-ER SCORE 90

Well I know this is not Cisco but I have just passed 30 min ago my JNCIA-ER exam with score of 90, to be honest that was one of the shortest test's I have ever had, usually I stay no meter what to the last minute but because I was pretty sure on my answers I have left after ~20 min.The resources provided from the www.juniper.net/fasttrack/ site are excellent and answer 100% to the test questions. almost to good to be true.I must say that the last 3 weeks I have been playing with the junos (under my vmware setup) it seem to be realy nice and powerful OS.So for you professionals and experts I think it should be very nice knowledge edition, I am still thinking if I want to proceed with the JNCIS-ER exam or stop here with juniper, I will update you later.All of you have a nice weekend :-)

Spanning Tree Basics

Spanning Tree is one of the topics that most people a really scared as it is almost fully automatic feature People don’t bother to dig into it; my idea here is to give you a simple way to understand the protocol basics And also get a glance on its complex. First thing when I learn a new protocol I would like to look how it is working on the low level, so here I have drown you the BPDU structure, you can see that all implementations have a common ground and thus there is full backward support: Filed Description: PID = Protocol ID Always 0x0000 VID = Version ID 1) STP 0x00 2) R-PVST 0x02 BT = BPDU Type 1) STP 0x00 2) R-PVST / MST 0x02 TCN / TCN Ack is used only with IEEE 802.1D or with interoperation with RSTP. Proposal and agreement handshake are bits used to prevent loops, proposal sent from a designated port And agreement is sent from the root port. Unlike IEEE 802.1D in which any transition between the blocking and the forwarding state causes a topology change, Only transitions…

10 CCIE LAB TIPS

Read the entire exam – now I know everyone is saying that and even Cisco it advising that in there site, but this is one of the important things you need to do before you start configuring as when you start configuring, your mind is set to different mode and you will miss important details. Take Notes - In addition to step 1 you must know to take notes, what I mean you ask yourself?! Well when you read the exam you will probably be thinking "am I wasting my time reading when other are typing and almost finishing their exam" I say NO you are not but because you all stress and your brain is speeding in almost 200mph you will not remember if you will not take notes. Work Your Way UP – After first two steps are done you are probably 30 min – 40 min into your exam do not panic, work in a step by step layer 2 to layer 3… Ask The Proctor – there was in my lab a real nice person that I am sorry I didn't ask for his name but for me his name was Mr. Proctor and whenever I had a qu…

CCIE LAB Learn Process

I will separate the LAB study process from the Written Exam as they are 2 different process from my point of view, so my study to the lab started at the end of 2006 after I passed my Written Exam, first my plan was to study for 4 months using Rack Rental but as I progressed I saw that this target was not realistic and I had a lot more to practice and to study before I will attempt to go to the lab so I scheduled my lab for mid August 2007, I rented almost 600 hours of rack time and scheduled almost every day a lab session, very important detail I forgot to mention is that I purchased the IEWB from Internetworkexpert. At first stage of my study the version that was available of the Work Book was 3 that was according to the old LAB format with 2 Catalysts only later they released version 4 and 4.1 according to the updated format of 4 Catalysts, but never mind that, at first few months I had a lot of mess in my brain as I didn't had any structured plan on how to approach the lab, th…

CCIE #20572

That is one happy weekend for me, I posting this from my room Residence Inn in Milpitas City an hour after I recived one of the best news after a very long year and half of studying and one failiur, I passed my CCIE of R&S in San Jose Apr 18 2008.Wonderful feeling, please forgive me for the short story.Thank you all for the support especialy to my wife, son and parents that suffered my moods and my busy schedual.

IPSec Basics

IPSec is an suit of protocols designed to provide interopable and high secure data transfer service. to understand IPSec we need to go to the basics and see some defenitions and protocols used by IPSec and start from there to build our understanding on IPSec, after we know what is IPSec and what he need to provide us we can go over to the practical usage and some configuration samples. so as I have said we have some basics to cover and we will start with: Authentication - is how the units verify they are who they say they are Data Integrity - making sure that the data that was sent it what was recived in the other side with no change Confidentiality - it the Encription of the data Anti-Replay - preventing play back attack, if this mechanizem was not enable then a potential attacker could capture a stream of data and replay it to the box this stream was sent and potentialy could log into the network even if the data is hashed it dosent metter as the other side need to know to unpa…

New Job

Hi Guys, Sorry I don’t have much time as I started a week ago new job in Expand Networks as one of the 3rd level Support Team, our product is the answer to Cisco WAAS, currently I am only learning trying to catch up some huge amount of information on a product that I was never familiar before and in between still studying and preparing for My CCIE. so wish me luck I hope soon I will be able to catch a breath and give you some nice articles :-)

Juniper start here

Ok although I am a fan of Cisco you cant go around and not see that Juniper is there and slow but safely moving up and up, I remembered that I heard the name Juniper in 2001 I said yes yes... and thought to my self another one of thus companies... Today I cant ignore them anymore, and why I saw today the first (I think, as I never saw before) online rack rental and workbook for Juniper http://www.routertricks.com/ this I think is the first but many will follow after, as the demand and the deployments of Juniper in the world today are growing and I do not think there is an ISP or any SP (Wireless / Mobile / Others) in the Industry today that do not have Juniper some where in his network, now I do not think it is bad for Cisco (other then sales), I think that good competitors bring the best in you, when I was in school if some one tried had better grades then me then I always tried to do harder and if I was the better one I always made sure that it would stay that way (I was very compe…

CCIE R&S CBAC FireWall

One of my major weakness until recently was security, security is the one topic that can kill you if you do not know what you are doing or if you are not careful enough to lookinto the small details. in the past when I came to a task I would attack it straight ahead and not thinking what it can do to other things I did before or what I need to do in the next task, I worked in a task by task strategy, today as I grown :-) I learned that nothing especially in real life is not presented to you in a step by step manner, you always need to gather all the information and sort it your self like a puzzle, some time the puzzle is small and easy some time you cant find the middle piece to complete your puzzle. so my advice to you is take the exam as a puzzle put all the parts in front of you (mean read all and draw basic topology accordingly) and build your puzzle from bottom up (piece by piece) if you cant find a piece then skip you will find it later. Now with that analogy the Security is one…

CCIE Lab San Jose 16 Jan 2008

Ok, I wished to tell you my number after that date but unfurtunetly for me I will need to hold on with that post. so for now I will tell you my expireance, I traveled from Israel to San Francisco California on Jan 12 2008 arrived after painful 18hr flight with a connection in London. Days before the exam I have taken the liberty to relax and sleep as much as I can. The lab Day I have arrived as early as I could at 7am to Tasman Drive 150 bldg C waiting for them to open the doors (yes I am that freek). at about 7:30 they have opened the doors and I waited for the other candidates to arrive, at about 8:15 we where guided to the Lab...(now I cant tell you what happen there as I am obligated to the NDA). What I can tell you is that it was hard but not impossiable I have actually had no problem with the core topics and but I did found the security and qos to be confusing enough to fail me. I certenly learned from this expireance (it was expensive lesson) and hope to not fail on that a…