Traffic School

January 31st, 2006 neteng

I’m taking a moment to wander off my usual path again to talk about my recent experiences with traffic school.

I was urged to attend my local county’s traffic school so that I could keep a speeding ticket off of my driving record and save myself a painful insurance payment increase. I chose to attend school at the Orange County courthouse. If you have any inkling whatsoever for a bit of sadomasochism, I highly recommend attending traffic school at this particular courthouse.

First of all, the rest of the lawbreakers are making a mad dash from their offices to the courthouse between 5pm & 6pm. It’s just bumper-to-bumper traffic upon leaving my office to the entrance of the courthouse parking garage. And if you’ve never even been there before, rest assured that it will be twice the fun as you try to follow the crappy Mapquest directions. Once you do make your way to the parking garage, you realized you’re screwed as they request that you pay $10 for the convenience. Wow, they have quite the racket going on here. Thanks for mentioning that before hand guys! Sure, I could park a couple blocks away at the nearest available parking meter, but I’ll just say that you’d have to pay me $10 just to park in that shady neighborhood (actually, make that $100).

Once out of the vehicle, I took a lengthy walk and arrived at the front doors of the courthouse… Or at least I could see the front doors from the back of a line about 100 people long. Two metal detectors and post-9/11 security make this a very enjoyable experience! And let me be the first to say that you’re not going to be gathered amongst the county’s finest denizens either. I’m not expecting everyone to arrive in limousines and pop out wearing Versaci gear, but if they can’t afford it, is it too much to ask that these people at least steal some soap and shampoo from the local pay-by-the-hour motel? I can be as frugal as they come when it comes to certain household items but I know that you can buy some decent toiletries in bulk at your local 99-cent store (at that price you can even treat yourself to some conditioner!). And that dude behind me with the Kurt Cobain-era plaid jacket needs to seriously look into those new-fangled breath mints.

Once in the class, I discover that some of these people are about as bright as they are clean. After about the fifth time of sign-in sheets being passed around and with each time, the instructor repeating that they sign their name on the blank line next to their printed name, there were still about 10 people who couldn’t figure it out. How in the hell did these people get the privilege to be behind a motor vehicle?? At least the instructor was really cool and witty. I really envied his position for a little while as he could get away with making fun of some of those folks. He parked in a completely different location and didn’t have to worry about the consequences afterwards.

After being fully learned on how to drive safely, we all proceeded to make a mad dash out of the courthouse and back to our vehicles. I soon discovered that the rush was in vain. The parking garage is 5 stories high and I was parked on the 4th level. It took me literally one hour to make it from that parking spot to the exit. It’s at this point in my story that I have to thank the technology gods for Texas Hold ‘Em on my cell phone. It really did get me through that hour which I’ll never get back.

And thus ends my adventure with Orange County traffic school. It’s probably like that in a lot of other places, but the OC location will definitely be on my short list of places to avoid at all costs, ever again.

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | 5 Comments »

Silent Hill - Wow

January 20th, 2006 neteng

Silent Hill on Yahoo! Movies

You must watch this trailer if you are a fan of the original Silent Hill game. I really hope it turns out to be decent.. not great, but decent. I figure that’s not asking too much for a videogame transposed into a film. They really seemed to have nailed the visuals and atmosphere down though. I will surely be there on opening night!

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | 3 Comments »

Slashdot | The Backhoe, The Internet’s Natural Enemy

January 20th, 2006 neteng

Slashdot | The Backhoe, The Internet’s Natural Enemy

Working for a business powered primarily by the Internet, you no longer take the stability (or instability) of cyberspace for granted. Sure it’s annoying when your cable modem goes out and you can’t check out the latest deals at GotApex. But when it affects your source of revenue, the magnitude of the problem explodes.

The particular Sprint outage referenced in this Slashdot article affected a large amount of our customer connectivity. And not only did this hit our Internet customers, but we have several high-profile customers connecting directly to us through Sprint VLANs in order to avoid Internet instability… I’m sure the irony is wringing your neck as you read this.

It really does spark a bit of wonder at how much of a utility the Internet has become. I know an innumerable amount of folks that would just frown and shrug their shoulders if their voice lines were down… but these same people would cry you a river with no little green lights lit up on their modems.

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | No Comments »

Newsvine - Refreshing

January 18th, 2006 neteng

Newsvine - Get Smarter Here

I’m straying from any sort of network or computer-related topic for this post, because frankly, I’m a bit burned out from work this week. So instead, I decided to share a great resource I found for interesting conversation and news. The site is Newsvine and right now it is in a private beta for which I obtained an invite. Let me tell you, if you are a news junkie and like to read analyses from various people, this is the site for you. I hope that its merits are not ruined once unleashed upon the public, with spam-filled-comments and little pubescents who think they understand the intricacies of Middle East policy (I’m 27 and I barely understand the intricacies of Middle East policy). But I don’t think that will be the case as the site seems to be filled with mantras from the creators exulting quality over quantity.

The site itself is designed rather well and the presentation is awesome. Very clean and easy to navigate. Email me and I will gladly send you an invite.

Bookmark It

Hide Sites

Posted in Uncategorized | 1 Comment »

SME Linux

January 16th, 2006 neteng

Niranjan has posted yet another interesting article about a handy linux distribution name SME Linux. Niranjan states the following:

SME Server is based on the RedHat 7.3 (current stable version is SME Server 6.0.1) which has been customized by removing unnecessary software, and by replacing some with more secure software.

I could babble on a bit more about it, but you should really check out Niranjan’s post for thorough details.

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | 1 Comment »

CCNP Preparation

January 13th, 2006 neteng

In October of 2005, I had taken my final test in the Cisco Certified Network Professional path (the 642-831 - CIT) and passed. I became a CCNP! It was a great feeling and especially great was the fact that I had received a job offer on the same day. I think it takes the cake for the best day of 2005. Anyway… I just wanted to share some of the things that I did in order to become a CCNP in about a 9 month time span.

First things first, I had gotten my CCNA about 3 months prior to cracking open the first CCNP book and so I headed over to the official CCNP Exam List and planned out which path I’d take. For someone like me, who was a rather fresh fish to the world of routing protocols and VPNs, I found that the listed order of the tests on Cisco’s website worked out pretty well. I personally could have swapped the switching exam (BCMSN) with the routing exam (BSCI) and had no problems, but the BSCI seemed to be the toughest nut to crack and I wanted to get it out of the way. Although a bit daunting to the networking newbie, it builds a necessary foundation for the following exams.

I used 3 primary methods of study when approaching the exams:

Hands-On Experience

The majority of people that I’ve run into during my lifetime have always learned best by DOING. The ability to perform rote memorization of commands and facts is a great talent, but it’s not enough. You are a rather amazing person if you can remember the correct way of configuring every type of setup that will come your way in the world of networking without ever seeing a live (or even simulated) Cisco command line. I didn’t take the step of actually purchasing a lab setup as my former employer did have some decent routing and switching equipment for me to break. I did find router simulators to be useful for my CCNA, but not so much for my CCNP. Though I did find one that was supposedly a “CCNP-designated” simulator, it didn’t quite live up to its name.

Practice Tests

While studying for my MCSE, I used the Transcender tests which worked very well. I didn’t find them quite so useful for the CCNP material. Boson was definitely my first choice as they really seemed to represent the real-world tests. Lots of simulation and drag-and-drop questions that were very relevant.

Reading Material

I found that pulling information from different texts was a vital part of making sure that all your bases were covered. I found the Cisco Press books to be feasible for the first couple of tests, but absolutely horrid for the last two (The BCRAN book in particular had a huge errata file on their website and an entry for every other page it seemed). I really wished that I had sooner discovered the greatness that is the official Cisco Student Guide. You are supposed to sign up for official Cisco curriculum to get your hands on these, but it is possible to find them on the Internet with enough searching. After reading a couple of them, it almost seems as if they were badly plagiarized for the Cisco Press books. But these were definitely key in helping me pass the exams.

Knowledge Retainability

Though this is more of an after-exam goal, I’ve found it vital if you don’t want to completely lose track of what you just worked so hard to learn. Without needing to work with every device and configuration you’ve studied for, the CramSession QOTD (Question of the Day) is a fantastic tool to help you retain what you’ve studied. It emails you a test question every weekday based on the different exams you have chosen to receive. There really is no quicker and better way to ensure that you stay on top of your networking game.

—–

I’d also like to take a quick second to point out Sean Walberg’s great CCNP Recertification site. It contains some fantastic articles that will also make sure you don’t forget a lot of the details that the CramSession questions might miss.

I hope you’ve found this piece useful. Feedback is greatly appreciated.

Thanks,

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | 4 Comments »

Oi Vey

January 12th, 2006 neteng

I’ve been sick, work’s been crazy.  Regular posting will resume in the near future though, I promise!

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | 2 Comments »

RANCID

January 10th, 2006 neteng

- RANCID

The Really Awesome New Cisco confIg Differ (man, what a stretch just so you can have an acronym) is another tool that I have come to know and love for network configuration backups. According to the website:

Rancid monitors a router’s (or device’s) configuration, including software and hardware (cards, serial numbers, etc), using CVS. Rancid currently supports Cisco routers, Juniper routers, Catalyst switches, Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd), Alteon switches, and HP procurve switches and a host of others.

Let me tell you, this is a great piece of software. You need to have a *nix box to run it (or Cygwin for you Microsoft Windows users) and it can be pretty difficult to configure if you’re just jumping into it. But once you’ve read the documentation, it’s a cinch to mold it to your needs. The installation docs are okay, but this quick HOWTO really helped out. I have it run every weekday at midnight and spit out the differentials to my email address. This has become invaluable if something is working one day and it’s broken the next. “Oh, there was a typo in that routing statement.” This makes it really easy to find something like that, especially when you’re not the only person touching the equipment.

Now this is probably overkill for those with small shops, but in my current environment, I need to monitor changes made to over 250 network devices. Before discovering this tool, I wasted time backing up (or sometimes just not backing up.. big NO-NO) and maintaining a manual change control system. It’s a godsend, no doubt!

I hope you find it useful as well,

neteng

Bookmark It

Hide Sites

Posted in Tools | 1 Comment »

Network Redundancy, Integrity and Reliability…Oh My!

January 8th, 2006 neteng

I originally started this article as a focused write-up on network redundancy. As I began to flesh things out, I realized that while redundancy is an important factor in many networks, that is all it is. Redundancy should not be seen in and of itself as a final goal, but likened more to a step in the path towards the greater aim of network reliability.

As any good systems engineer knows, servers are not the only devices worthy of a 99.99% uptime solution. They may be the treasure chest of valuable data, but that box will do you absolutely no good when you’ve lost all ability to extract information from it in a reasonable manner. Sure, SneakerNet might work for that text file you have sitting on a network share. But that is even assuming you have all means available of gaining physical access to the server (and if you’re Joe Schmoe from Accounts Payable, it’s doubtful). The network is a key agent in supporting a worthwhile technological infrastructure. While the human body can adapt and survive without a limb here or there, it’s in some major trouble without a fully-functional nervous system to transmit important messages within.

Before I dive too far into the details, I’d like to share the following definition for “Network Reliability” that I came up with:

Network reliability ensures a highly-available path that maintains data and policy integrity between communicating endpoints.

With that in mind, I’ve broken down key aspects for network stability into the two parent categories of redundancy and integrity, each housing separate child categories and so on:

Redundancy

I’d like to start with network redundancy. Before we get started, let’s figure out exactly what network redundancy isn’t. Network redundancy is not the backing up of end-station data to tape, the striping of an array of disks, or even a cold standby server loaded with cloned configuration and services. While these are all significant and important in their own right, they do not provide a stable network infrastructure, only stable and trustworthy network services.

One can restrict redundancy of a device to specific parts or to the unit as a whole.

Redundant Parts

1. Power - A usual no-brainer is to make sure that there are at least two redundant power supplies for a given unit. What most people seem to forget is to take the extra step of making sure these power supplies are being fed from separate power sources. The advantages of having an extra power supply are completely mitigated if they’re both on a single circuit which fails in the middle of the business day.
2. Interfaces - Whether it be dual-NICs on a server or multiple uplinks from access switches to distribution switches, this can also be a lifesaver in the event of equipment/link failure. Most of the time, this type of redundancy can be set up to be automated. And in a lot of cases, the additional links can have the added benefit of being utilized for load-balancing.
3. Configuration - Let’s not forget that these pieces of network equipment, which we’re so concerned about keeping functional, would just be fancy paperweights without their software configuration. It’s a very good idea to make sure backups are made of your configs. Whether you choose to do this monthly, weekly or daily, do what works to meet your business needs. You don’t have to get fancy and set up a CVS site containing text differentials (though I’ve done this at work and will talk more about it in a future article). A simple copy and paste or whatever configuration export your devices support should be sufficient. Just make sure that you keep them organized with some sort of time/date stamping.

Redundant Wholes

1. Cold Standby - A cold standby is in most cases an non-configured (or configured, but rarely updated) piece of hardware that will usually work best for non-critical network devices, especially “dumb” units such as hubs and small workgroup switches.
2. Warm Standby - A warm standby will most often have a mirror-image configuration of the primary device and require a manual switchover in case of failure. Good candidates for warm standby devices are access layer switches and anything else that is urgent to get in place, but not business-critical.
3. Hot Standby - Plain and simple, this is a necessary configuration for those devices which are at the heart of your network infrastructure. Hot standbys are automated to take over network duties as quickly as possible, should the primary unit fail. Oftentimes, a “heartbeat” connection is set up between the primary and secondary devices so that a failure is pacified almost immediately.

The standby setups vary in scale from one organization to another. Many small companies have a very modest standby model while some of the larger businesses will actually have a complete replica of their network on warm or hot standby. I’m sure it comes as no surprise that you find a lot of the latter in the financial industry.

Misc

1. Multiple ISPs - Folks, listen up. If the Internet is an integral part of your business model whatsoever, then a backup ISP is a must-have. My company uses VPN connectivity over the Internet for the majority of our customers. In the event of a major outage at our ISP, the resulting outcome would be devastating. As in, Oh-Crap-We-Just-Lost-Our-Five-Largest-Clients devastating. Make sure this potentially customer-killing hole is plugged.
2. Human Beings - We technical folk sometimes lose site of the fact that “wet systems” (i.e. human beings) are still a necessary component to operational success. Not all companies can afford to keep your clone on staff, so it is very important that you keep good documentation and maintain a system of knowledge transfer in cases of emergency where you might not be available. Try to make sure some of your most mission-critical documentation can be comprehended by the receptionist that might happen to be the only staff on-location during a meltdown.

Integrity

1. Policies and Rules - If you’ve ever had to deal with any sort of government or financial audit, you know the importance of having proper network policies and controls in place. Companies have built complete business models out of penetration testing and ethical hacking. You want to make sure that you’re running as ‘clean’ of a network as possible. This is almost always done by applying the “deny-all-but-necessary” approach with your network rules. If you’re lucky enough to get management to buy into the importance of security, you can even toss some extra goodies in there (though these are slowly becoming necessary goodies) such as IPS devices and higher-level, stateful inspection firewalls.
2. Encryption & Digital Signatures - This isn’t always necessary, but many organizations have a real need to encrypt and ensure data maintains it’s integrity across the wire. From traditional IPSec-based VPNs to the nifty little product I came across the other day, this is an area in networking where many options are abound.

Taken together, ensuring redundant connectivity and data integrity throughout the wire will provide the necessary infrastructure for what I’d call a reliable network.

I really hope that this little article has been of assistance to all of you on the other side of the screen. I’m always open to improvement, so please, if you disagree with anything written here, have suggestions for things to add, etc… Please let me know. You can leave it in the comments section or email me at neteng@humanmodem.com.

Thank you,

neteng

Bookmark It

Hide Sites

Posted in HOWTO | 4 Comments »

Productive Troubleshooting

January 7th, 2006 neteng

Niranjan Kunwar has a fantastic piece written up at Nirlog.com discussing tips and tools to assist network administrators. One of my favorite parts was about automation:

Use automated tools as much as possible. By doing so you can invest your time in more interesting projects and upgrading your skills.

This is a truth I love to hammer on. Let computers do what they do best and perform the tedious and menial tasks necessary for your job so you can concentrate on issues at a more strategic level. Not only are you improving your productivity by this, but you’re also improving your resume and providing more value to your company. Thanks for the great article Niranjan.

neteng

Bookmark It

Hide Sites

Posted in Uncategorized | 1 Comment »