Networkers 2009

Networkers 2009 is all over now, and things are getting back to normal.  So what did I take away from the conference?

Networking

I mean the other sort of networking: the human network.  It was good to finally meet some of my fellow bloggers: stretch and Ethereal Mind, for example. It was also good to meet marikakis again, a colleague in the NetPro discussion group.

Talking of this sort of networking: “Network Management” can mean different things to different people.  A colleague once booked into a “Network Management” seminar, then found out that the seminar was about how to manage a company by leveraging person-to-person “networks”.

802.1X Techtorial

I spent a whole day looking at 802.1X.  Actually a significant part of that time was spent looking at Cisco’s ACS (Access Control System).  The two or three days follow gave me a chance to reflect on the tool, and chat to the people on the security booth.  The more I reflected, the more I was convinced I need to do an 802.1X project.  I also bought a book about security, and I might even consider going down the security track when my CCIE comes up for renewal.

IOS Instrumentation

Two of my sessions dealt with the interesting and fun recesses of IOS.  The BoF session was really an opportunity for Cisco to brainstorm about these features.  There is a ton of stuff in IOS that is very rarely used: stuff like the EEM (Embedded Event Manager) TCL scripting.  There is a community dedicated to these features at ciscobeyond. One of the conclusions we came to was that Cisco has not made a very good job of publicizing these features.

The other session relating to this was “13 Smart Ways to Configure Your Cisco IOS Network Elements”.  This was a really fun session that, “like all bad ideas, was formulated over a beer”.  It was a bet, based around “there must be at least a dozen ways to configure a router.”   EEM is only one of them, and there are well more than the 13 the speaker listed.  I can’t wait to get back to the lab to try some of them out.

VSS and layer-2 architectures

I went to several sessions about VSS, both in campus architectures and the data centre.  I detected an interesting change of emphasis over last year’s offering.  Last year they were still pushing pure layer-3 architectures.  At the same time I was struggling with how to split a server cluster over two sites.  Over course, this is not easy to do with a layer-3 architecture; you need at least one layer-2 interconnect to carry the heartbeat.

This year, they seem to have woken up to the need for a layer-2 interconnect between the data centres.  They offer VSS as a way to provide redundancy for that interconnect.  I still stubbornly use Rapid Spanning Tree for various reasons connected with my architecture, which makes me feel a distinct minority.  I suppose you can get away with it provided there are not too many hops between the data centres.

Advanced BGP

I always try an attend a session by Russ White if he is there.  His style is eclectic, to say the least, with about 50% of the time spent on anecdote and sidelines.  That’s what makes the presentation memorable and entertaining.  Must be confusing for anyone whose native language is not English tho`!  Good guy, and what a huge knowledge base!

Other stuff

Just a few more observations:

1. The “World of Solutions” was tiny compared with previous years, so full marks to those who did attend.  Companies must really be feeling the pinch. I was impressed with SolarWinds for taking the time to show me their Orion network management centre.  No marks for Computer Associates, who I wanted to grill about my problems with their Spectrum product, but who did not attend this year.
2. I was impressed with the Nexus 1000v virtual switch.  This is an add-on to VMware and replaces the ESX virtual switch.  What it does is to make one huge virtual switch across your VMware domain, which means you can apply policies to invidual virtual machines: policies that move with the machine whenever it goes vmotion.
3. I’m getting too old for the Cisco party.  It was a bit entertaining, but a lot brash and noisy.  The best Networkers party was the one in Monte Carlo in 1995, or the one in Vienna in 1999 (?), with a group that covered a range of musical tastes, not just hip hop, punk, and rap.
4. The keynote address by Prof. Brian Cox was cool, but not very much to do with networking.  He could have tied in the theme of collaboration a bit more explicitly.

Barcelona!

I have been having so much fun at the Networkers conference in Barcelona since Monday that I have not got round to blogging anything yet. So, just to take the lead from stretch, here is my schedule:

Monday 26th January:

• 09:00-18:00 : 802.1X deployment in a campus LAN (all day session)
• 18:15-19:45 : BoF Myths and Realities of self-managing networks

Tuesday 27th January:

• 08:30-09:45 : Keynote address from John Chambers
• 10:15-12:15 : Multilayer Campus Architectures and Design Principles
• 12:30-14:00 : Understanding Network Management using the ITIL Methodology and Framework
• 14:30-15:45 : Talk by Prof. Brian Cox about the Large Hadron Collider
• 16:15-18:15 : Advanced Cisco Catalyst Virtual Switching System

Wednesday 28th January

• 08:30-10:30 : QoS Decomposed
• 11:00-11:45 : Cisco on Cisco : Inside Cisco IT
• 12:00-12:45 : Leveraging VSS for Data Center Interconnect
• 13:30-15:00 : Data Center Virtualization Overview / Concepts
• 15:30-17:30 : 13 Smart Ways to Configure Your Cisco IOS Network Elements
• 19:30 onwards : The Networkers Party !!!

Thursday 29th January

• 08:30-10:30 : Advanced New Developments in BGP
• 13:30-15:30 : Advanced Enterprise Campus Design : Leveraging VSS

Friday 30th January

• 13:40 : flying home !!

So, what do I think of it so far, as I sit here in the CCIE wireless lounge with my cup of coffee?  Well, I think I have had an object lesson in preparation.  I always enjoy the Networkers tutorials, but I am sure I would have got more ot of them if I had been better prepared, particularly for the 802.1X techtorial on Monday.  Proper preparation for such an event would have had two distinct benefits:

1. Preparation opens the mind to receive the new information.  If I don’t prepare the neuron pathways well, then I understand the talk as I hear it, but I don’t retain enough of the information.  The information just does not make the transition from hippocampus to grey matter.
2. Preparation provides a foundation on which any new information can be built.  If I spend the entire talk refreshing my existing knowledge, I cannot concentrate on adding the new stuff.

That’s it for now.  In 20 minutes I am in to “Cisco on Cisco”.  I think stretch is booked in for that session too, so I hope I identify him.

Starting a new blog – LX2KD

While I was studying for my CCIE, I found blogging was a really useful way to journal my studies.  The advantages over pen-and-paper are enormous: it is searchable, it creates social bridges with like-minded peopl, it imposes discipline, etc.

But networking is not the only thing I do that would benefit from a journal .. oh, no.  Amateur radio is another.  It wouldn’t be fair to mix my amateur radio activities with my networking stuff.  So I am starting a new blog thread: the “LX2KD / G4AZO”.

So anyone who is interested, see you over the other side. (But allow me a day or two to get started please.)

Now where was I?

Well, it’s about 6 months since I last posted anything on my blog, and it’s about time I re-activated it.  I’ve not been completely idle over the six months, but I have been doing things that don’t really relate to CCIE: scouts (Telstar troop), amateur radio (LX2KD / G4AZO), music (guitar), swimming, etc.  Not even my computer/network related activities have been directly CCIE related.

I got an e-mail from Wael Osama the other day with a pointer to a blog called “Networkers Online”.  This confused me at first because it has the same name as the Cisco conference.  But in fact this is a very interesting and competent coöperative blog, written by several engineers.  See my blogroll for the link.

BTW, talking of Networkers, I shall be going to the Cisco Networkers conference in Barcelona on the last week in January.  I have booked in for the 802.1X techtorial, which should be interesting as it is a subject I do not get to use on a daily basis yet.  Are any of my readers going?

So, we have a New Year, and a resolution to blog a bit more often.  A very Happy New Year to all my readers.

Who works for who?

It’s getting like a game of musical chairs.  First we had the announcement a couple of weeks ago that Scott Morris was moving to InternetworkExpert.  Scott had previously been the mainstay of IPexpert.

Now we have an announcement that Narbik has joined up with IPexpert:

IPexpert and Narbik Kocharians Join Forces

 It is with great excitement that we reunite with Narbik Kocharians to offer the most incredible CCIE training value available anywhere! Narbik is a well-recognized triple-CCIE with an outstanding name in the CCIE training space, known for his unique style and magnetic personality. 

Read the full story here.

There seems to be a bit of a ratings war going on between the big three: IPexpert, InternetworkExpert, and NetMasterClass.  I am gratified to see that I am on the “success stories” list of all three, having used materials from all three.  I would always recommend that any candidate should use materials from at least two vendors, otherwise you can get too used to the way a particular vendor phrases his questions.  (P.S. Sorry, I forgot CCBOOTCAMP, which should also be considered one of the “big four”.  I forgot them just because I have not used their materials yet.)

Gripes about my HP Photosmart 3210

This has nothing to do with CCIE.  I’m just using my blog to gripe about an unsatisfactory piece of software.

I have one of those HP All-in-one printer-scanners, the HP PS 3210.  Overall, it works fairly OK, but I do have a number of gripes about it, especially when used on the home network.  I would be very interested to know if these problems are still present in the more recent all-in-one models.

1. Multi-user scenarios

We have Windows XP on the family computer, and an account for each member of the family.  This doesn’t interact too well with the print driver, especially if you try printing double-sided.  The driver has a feature for printing double-sided: basically it prints the odd numbered pages first, then you turn them over manually, then it prints the even numbered pages.  (Or is it first the evens, then the odds .. ?)

Anyway, you get a pop-up telling you when to turn the pages over, and it doesn’t print the other side until you click “Continue”.  Trouble is, the pop-up comes up in the context of the first person to log in, which is not necessarily the person who asked for the print job.  (Some members of the family have the bad habit of leaving their desktops logged in.)

I tried getting support from HP on this, but they said it was too difficult to fix so they were not going to do anything about it.  Great!  Lots of wasted paper.

2. Must be always powered on

If you start the PC with the printer switched off, then you are in trouble.  The trouble occurs not when you start the PC, but when you try and shut it down.  It comes up with lots of “Program not responding” pop-ups, and does not close down until you kill the HP software by hand.  Is it unreasonable to expect them to have thought of that scenario?

3. Cannot update software any more

This is a knock-on effect from my attempts to solve the double-sided issue.  When I contacted HP support, of course, I got the usual “Are you running the latest version of the driver?”  So I downloaded and installed the very latest version I could find on the web site: 7.0.128.000.  Since then, the automatic software update does not work any more.  It seems to download the files OK, counting the bytes, but then says “Download failed”.   There are several “critical” updates I have not been able to install.

4. Default scan profile not applied to multi-page TIF documents

Being European, I have a default scan profile corresponding to A4 paper.  Definition: 1/16 m² with an aspect ratio equal to the golden ratio, ((sqrt(5)-1)/2).  When scanning a single page document, this works fine.  When scanning a multi-page document, it works fine for the first page.  But for subsequent pages, I must re-apply the profile manually to each page.  That slows me down.  (P.S. Strangely, this happens only if you enable the preview.  If you don’t preview, the profile is applied to all the pages.)

5. B/W threshold is different if previewed.

When scanning in black-and-white, you can set the B/W threshold to determine how light or dark you want the image.  The range goes from 1 (very light) to 255 (completely black).

If I preview the scan, I need a B/W of about 120 for a reasonable copy.  If I don’t do a preview, a setting of 120 gives a very light washed-out image.  Unfortunately, the only way I know to edit the profile is do do a preview, which doesn’t make the adjustment of the non-preview setting very easy.  After a lot of experimentation, I found that a B/W threshold of about 164 gave the correct result in non-preview.

Why couldn’t they make the settings behave the same in preview and non-preview modes?

6. Scanner goes into non-responsive mode.

There seems to be no rhyme nor reason to this.  Sometimes the scan software goes to sleep for up to two minutes just after it has populated the preview window, but before I can click “Accept”.  Sometimes, it gives me back control within two or three seconds.  I have no idea why the difference.  During this time, TaskManager tells me that the CPU is 99% occupied, running the process hpscnvw.exe.

Further Comments

Just in case someone comes across this blog and has the same problems, here are some more things I found out:

Issues 5 and 6 are actually related.  I found out that the “going to sleep” depended on the page being scanned.  I was scanning some old documents for the archives.  These documents were on slips of paper of format 1/3 A4: about 8″ by 4″.  These particular documents had some areas with a mid-grey background, and that was being converted to b/w dot-screen for the purposes of the preview.  That is what was taking the time.

If I ask it to scan without a preview, the whole image comes out a lot lighter, and in fact the mid-grey background gets lost.  It can therefore present the scanned slip in about 15 seconds instead of 2 minutes.  I think I can live with that – at least the printed parts are still legible.

Ethan is back!

http://www.cciecandidate.com/?p=473

It’s good to see you back on line Ethan!

 

Ha-Ha! Gotcha!

Well, they say it is good to be able to laugh at yourself …

So, I took this nice new 2960G-24TC, and I placed it front-down on the floor so I could get at the back panel easily, and I plugged in my console cable, and my power cable, and … absolutely dead!

So, I pick it up to work out what is going on, and it suddenly comes up with:

Base ethernet MAC Address: <omitted>
Xmodem file system is available.
The password-recovery mechanism is enabled.

The system has been interrupted prior to initializing the
flash filesystem.  The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
    flash_init
    load_helper
    boot

switch:

So, I unplug the power cable, and plug it back in again, and it comes up with:

Base ethernet MAC Address: <omitted>
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash...

So I put it back down on the floor …. and nothing more happens … until I pick it up again! Etc.

This went on for a good five or ten minutes.  What is going on?  I suppose it is obvious to anyone that has already fallen into this trap!

 

Microsoft NLB

This is not really a CCIE topic, but it is the sort of thing that you should be prepared for in real life.  Microsoft NLB – “Network Load Balancing”.  This allows an application to be served by multiple servers.

The way it works is by using layer-2 multicasts.  When a client wants to talk to a server, (or in this case a virtual server) it puts out an ARP request for the server’s IP address.  The server (one or both, I don’t know) responds with a multicast MAC address.  From then on each frame from the client to the application is addressed to the multicast MAC address.

There are a number of things to consider:

1. The servers generate IGMP for the IP group corresponding to the MAC multicast address.  If the switch is running IGMP snooping, then this ensures that the multicast frames are sent to the servers and nowhere else.  If the switch is not running IGMP snooping, then the frames are flooded to all ports on the VLAN – the scheme still works, but at the expense of flooding all the client-to-server traffic.
2. IGMP snooping filters only those packets that are strictly IP, i.e. the ones that have EtherType 0×0800.  There is also a keepalive between the servers, also addressed to the multicast MAC destination, at a rate of 2 packets per second per server.  The Ethertype is 0×886F.  These are flooded to all ports on the VLAN, regardless of IGMP snooping.
3. If you think about it, this is not really Network Load Balancing, but CPU load balancing.  All client frames go to both servers, and then the servers decide between themselves which packet each server is handling, and which are left to the partner.
4. It does not work too well through a router.  When a router gets a MAC address in an ARP response, it does not believe it, so it discards it.  The only way I have found to get round this is with a static ARP entry in the router.
5. Even if you do put a static ARP entry in the router, does it balance the load from the router?  I suppose it depends what algorithm the servers use to distribute the load.  If it is based on the source MAC address, then it won’t work to well through a router!   On the other hand, if it is based on the source IP address, then that means that both servers have to process all packets all the way up to layer-3.  The devil and the deep-blue sea.

“Still to do” list

Someone asked me recently what I was going to do now I have my digits … would I go for a second one?  Well, not just yet.  I may have got my digits, but there are still too many things in R&S that take me by surprise.  I have found out that you can be a CCIE and still not know everything yet. :-). So expect about a year of consolidation and blogging before I move to pastures new.

Knowing what
Thou knowest not
Is in a sense
Omniscience

Piet Hein, “Grooks”

Some of the stuff that Keith Tokash has been logging recently on the “CCIE Candidate” blog has pointed the way to some interesting investigations.  Furthermore, there have been a few questions on NetPro that have made me think.  It might even be the case to go to one of Narbik’s boot camps when he is in London.  (Or maybe I’m just looking for an excuse to go back to my home city.   So this page will be a working list of things to do.  Pian piano.

EIGRP 

1. EIGRP uses the metrics at which end of each link: the transmit end or the receive end.  Is it possible to provoke asymmetric routing by configuring different metrics at either end of a link?  Can this result in any unstable topologies?  See NetPro context.
2. Someone on the NetPro forum tells me that EIGRP uneven load balancing is always process switched.  I thought it was handled by CEF using a weighted hash algorithm.  I have to lab this.  Here is a document I based my belief on.

OSPF

1. OSPF uses the cost at which end of each link?  Actually, I already know the answer to this one: each router advertises an LSA for each network it is attached to, along with the outgoing metric of the link.  So, looking at the path of a packet from source to destination, the cost is the sum of the transmit costs on the path.
2. There are two ways of putting a link into are area: with ip ospf 100 area 0 on the interface, and with network x.x.x.x area 0 in the router section.  In the event of a conflict, which takes precedence?
3. Ask the same question of ip unnumbered interfaces.

HSRP and Routing protocols

1. I still need to understand fully the interaction between HSRP and routing protocols.  Hereis a situation where HSRP appears to cause unexpected results from a routing protocol.

LAN Control Protocols

1. When you have a dot1q trunk, which of the control protocols are send on VLAN 1 and which are sent on the native VLAN (assuming these are different).  I answered a question on NetPro about this and apparently got it wrong.  I need to lab it.

Spanning Tree

1. Spanning-Tree.  I guess I should ask the same question for Spanning-Tree, which after all is a sort of Distance-Vector algorithm.  Which end of each link is significant.

VTP

1. I keep telling people to beware that a VTP client can update a domain, and so it can.  But it is not as easy as I had once thought.  I need to write up the experiment properly.  I wonder whether the behavior is version dependant.
2. Furthermore, I really want to investigate VTP transparent.  How transparent is VTP transparent?  Can a transparent switch pass through VTP information, and if so, does the domain name need to match?  How does VTP pruning react to encountering a VTP transparent switch?

There is a load of lab work to do on this.