Just another Cisco blog
Archive for January, 2010
Free CCNP Cert Kits
Jan 30th
Steve at Networking-Forum is giving away 4 sets of Cisco Press CCNP Kits. Here’s the info:
As many of you know already, the CCNP certification exams are changing. The old exams, BSCI (Building Scalable Cisco Internetworks), BCMSN (Building Cisco Multilayer Switched Networks), ISCW (Implementing Secure Converged WANs), and ONT (Optimizing Converged Cisco Networks), will be available through July 31, 2010. The new exams, ROUTE (Implementing Cisco IP Routing), SWITCH (Implementing Cisco Switched Networks), and TSHOOT (Troubleshooting and Maintaining Cisco IP Networks) will be available in March and April of 2010.
Cisco Press, the official publisher of Cisco, has announced their new portfolio of exam preparation materials which includes a new type of product for them called Cert Kits. The kits are considered quick reference material to be used in conjunction with the official books to prepare for the exams. Included in each kit is video, online flash cards for your mobile device or desktop, and a quick reference guide for last minute studying.
BGP Peer Groups
Jan 29th
Just a short article today on BGP Peer Groups. I’ve been using them while practice labbing for the CCIP exams, thought I’d toss up a short post.
BGP Peer Groups “reduce the load on system resources by allowing the routing table to be checked only once, and updates to be replicated to all peer group members instead of being done individually for each peer in the peer group.” (-Cisco.com) They can also greatly reduce administrative overhead. They’re somewhat self-explanatory, you specify a Peer Group for two or more neighbors, then apply config to the group instead of each individual neighbor. We’re going to use my CCIP topology, but we’ll just focus on the iBGP peers:
We see that all of our PE routers are running iBGP and they’re fully meshed. Let’s look at PE1′s config without Peer Groups:
router bgp 6500 neighbor 6.6.6.6 remote-as 6500 neighbor 6.6.6.6 update-source Loopback0 neighbor 6.6.6.6 next-hop-self neighbor 7.7.7.7 remote-as 6500 neighbor 7.7.7.7 update-source Loopback0 neighbor 7.7.7.7 next-hop-self neighbor 8.8.8.8 remote-as 6500 neighbor 8.8.8.8 update-source Loopback0 neighbor 8.8.8.8 next-hop-self |
CCIP Practice Lab #1
Jan 28th
This is the first practice lab for my CCIP BGP and MPLS preparation. I have modified the existing topology to add another customer. This lab is somewhat basic, but it incorporates many different technologies.
(click image for fullsize)
Requirements
Core
- P1, P2, P3 and P4 run only MPLS and OSPF, no BGP.
- PE1, PE2, PE3 and PE4 will support EIGRP, OSPF and L2 VPNs to customers C1, C2 and C3.
BGP
- All PE routers will have iBGP relationships with each other. Use the fewest commands possible to accomplish this. Ensure multiple paths can be taken to peer with each router.
- PE1 and PE2 will have eBGP relationships with Peer1 and Peer2.
- Peer1 and Peer2 will inject networks from several loopbacks into BGP to simulate the internet.
- Peer1 and Peer2 will have an eBGP relationship.
CCIP Practice Lab Topology
Jan 27th
I’m bored with the CCDA stuff so I’m going back to the CCIP. In preparation for this I’ve made up a new topology. Figured it couldn’t hurt to share.
(click image for fullsize)
I plan on making up some requirements for a few different labs using this topology, lots of BGP and MPLS VPNs. Hopefully I can get one posted by the end of the week or early next week. I’m considering making a new page dedicated to lab challenges.
Here’s the .net file I’ve created for this one:
CCIP Lab .net file
Tell me what you guys think. Also, if anyone has some good lab requirements to throw out, I’d love to hear them.
CCNP Changes (Finally) Announced
Jan 26th
I meant to make this yesterday, but I got too busy. Cisco has finally announced the new changes that we’ve all known about for months. If you want a proper write up (because we all know you won’t find that on this site 
), check out Wendell Odom’s post, he goes into much better detail than I could.
The new exams are ROUTE, SWITCH and TSHOOT. They’re pretty self-explanatory, ROUTE is the new BSCI and SWITCH is the new BCMSN. TSHOOT is new (though they had a similar exam a few CCNP versions ago). ISCW and ONT are gone with some of their topics moved to ROUTE and SWITCH, while some are gone all together.
Cisco IOS Firewall Tutorial
Jan 25th
Awhile ago a friend asked me for a write up on IOS Firewall/CBAC. At the time I hadn’t felt like writing about it as I don’t use it much, but I recently had to configure it, so I thought I may as well take a break from Juniper posts and do the article.
The IOS Firewall uses CBAC (Context-Based Access Control) to inspect traffic flows at the upper layers. CBAC will inspect the outgoing traffic while maintaining stateful intformation for each session. It will then open pinholes in the firewall/incoming ACL to allow appropriate traffic back in. Something I forgot to point out, CBAC can be very CPU intensive, your traffic. Keep that in mind before and do some testing before deploying it on your network. Here’s the topology:
We have our router running IOS firewall, its WAN connection is on Fa0/1 out to the internet, and its LAN connection is on Fa0/0, which connects to some servers and workstations. Let’s configure the firewall:
Recent Comments