2012-03-28 03:13:52 +0000
Introduction
This is the first post in a series as I work through the CCNA syllabus. The introduction to the series can be found here.
I will be pretty much following the CCNA Composite Exam Blueprint point for point. One post per bullet point. I'm using Version 11 (640-802).
Purpose and Function
The bullet reads: Describe the Purpose and Function of Various network devices
Various isn't too well defined, but at least for this purpose we know that we are dealing with devices found in a small office or branch office networks. So, what devices do we have?
First we have the networking devices:
* Hubs
* Switches
* Routers
* Access Points
* Hardware firewall devices
These are the devices that make up the network itself.
Client Devices:
* Desktop and laptop computers
* Tablets
* Smart Phones
These are the devices that the network exists for, the devices that access the network and utilise it.
Finally we have service devices:
* Printers
* Servers
* Storage units
These are the focus of the network, the devices the users are trying to access.
These are very arbitrary groups, and I have picked them because that is how I think of them. Printers for example work very much more like a client in reverse, receiving data rather than requesting or sending it. In a SAN, servers act as client devices for the storage.
Broadly speaking though, the client devices connect either using wired, or wireless (more on both later) connections to the network devices. The network devices provide a transport system, usually with security in mind, for the clients to the server devices such that the clients can make a request, and the server devices can fulfil the request.
A small example of this? Why not. A user sat at a computer would like to be sure the computer has the correct time. The computer is connected to a switch, which is connected to a server which is running NTPd. The user sends a request, picked up by the switch and forwarded to the server. The server sends back the correct time, using the reverse route.
Now, lets take those network devices in a little more detail.
First we have the hub. Don't see many of these, and I've never seen one in production use! A good place to start then. A hub is basically a repeater, like a parrot, everything it hears, it repeats. Any data in to any port is immediately sent out of all other ports. This means that each port on a hub is within the same segment, and collisions are more and more likely with more ports.
Hub, 1 segment, 1 collision domain.
Next the switch. A switch starts off like a hub, but for every request it receives, it remembers the MAC address of the requester, and the port the request came in on. That way, once a request destined for that MAC is seen, it only needs to be sent out of one port, not many.
Switch, 1 segment, many collision domains.
Routers work at the level above switches, effectively moving packets based on IP address, rather than MAC address. This makes each port on a router a separate segment, and by virtue of that a separate collision domain.
Router, many segments, many collision domains.
Access points are effectively hubs for wireless devices. Using the shared medium of the same "channel" of the spectrum each client device shares the bandwidth of the access point.
AP 1 segment, 1 collision domain.
I've rambled a bit there, and I haven't touched on how full duplex cabling effects the collision domain with modern switches, or fun things like VTP and how to avoid switching loops.Fortunately, they come later in the blueprint.
2012-03-23 00:00:00 +0000
What a depressing title for a blog. Why? That's a good question. Why did I fail it? Why am I blogging about it? Showing the world what I can't do? Well let's start with the first question, and see if it takes us to an answer to them all.
Why did I fail it? Because I didn't know the stuff. It's that brutally simple.
I don't think I'm that stupid. I've been "in the game" for a good 10 years. I've been responsible for networks for SMEs from 30 users and a single site, up to 400 users over 25 sites. I've done dialup in the US, and HSRP in the core. I've done all that whilst having to troubleshoot Linux, and Windows and AWS instances, and .... It goes on. It's not special. Thousands of people like me do this every day.
But I should have had a CCNA years ago. I wanted a CCNA years ago, and never got around to it. Recently I got the chance, and I jumped at it. I jumped too quickly. I picked the date. I perused some websites, and kidded myself I know what I was doing. Did you hear the thud this morning as I hit the ground?
Remember that guy in high school, who finished the exam in half the allotted time, and spent the rest doodling and writing out guitar tab? Then got an A? That was me. Not today it wasn't. 5 questions left with 00:00:00 on the clock. You can't argue with a computer's time keeping, but jeepers, did someone turn the clocks back early? I've read plenty of times about Cisco exams and time management. Nothing brings that home like checking how long you have to do this question, and seeing 10 bright red seconds turn to 9.....
What about the questions, surely I could answer them? Right? Well, almost it seems. The blueprint doesn't give any idea of the depth these questions go into. You really need to know this stuff backwards. That is the biggest, most important lesson I've learned today. I thought I knew this stuff. I've barely scratched the surface.
So now we are back to why I'm blogging about it. Einstein famously said that if you can't teach something to a 5 year old, you don't really know it. I do have a 5 year old test subject. But he'd get pretty bored of sub-netting, pretty damned quick (don't we all?). So I'm going for the next best thing: I intend to take the blueprint. I intend to take the topics one at a time and blog about them. If I can't make a sensible post about the point. I don't know it well enough. I intend to do the posts "blind", off line, closed book. Then check them after words and see where I went wrong. Finally I'm going to ask you. My imaginary friends who I hope read this to do me a favour. Pick the posts apart. Show me the nuance I'm missing, tell me when I'm outright wrong and haven't even noticed it, and hey, maybe we'll all learn something.
2011-09-13 19:48:51 +0000
Due to some not great clicking, and a ridiculously slow Internet connection in the office. I am left with one one way to get XenApp running, and not a lot of time. I have a .vhd, but no Hyper-V machine to test on... Time for some nesting.
Starting with William Lam's instructions on virtuallyGhetto I spun up a Windows Server 2008R2 VM, installed and swapped over to the ESXi5.0 virtual hardware. Once I'd gotten past forgetting to make the Host config change:
echo "vhv.allow = \"TRUE\"" >> /etc/vmware/config
I had a booting windows box and a happy feeling. I installed the Hyper-V role, and rebooted. Then I realized I didn't have any NICs and the fun started. Lots of black screens later I realized that if I boot the VM with NICs added, but not "Connected" everything is fine, and once I get the proper video feed from Windows, I can connect the BICs, and Hyper-V is happy. If I leave the NICs connected at boot though, I get a black screen. Very, very odd.
So, spwan a VM, attach the VHD, boot, and we have a XenApp virtual machine. Add it to DNS, and then....Hmmm... Getting a random error.
Perhaps I'll be back later...
2011-03-22 22:42:59 +0000
I've been playing around with creating HA Load Balancing Proxy servers with Apache on top of Pacemaker today.
Since Gentoo does it's configuration a little differently than most distributions, this hit a hurdle.
Gentoo puts some Apache command line options in a file /etc/conf.d/apache2 these decide the vohosts that start and other "-D" values. Without these apache will fail to start.
As Pacemaker doesn't know about this file, or these values, apache was failing to spawn, and I was getting an error.
Simply copying the -D values, into the HTTPOPTS variable in the /usr/lib/ocf/resource.d/heartbeat/apache file fixed the problem:
HTTPDOPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE -D STATUS -D PROXY"
Now I have two load balancers, running in an active/passive configuration...
2011-03-10 00:49:26 +0000
Hopefully this will be the first in a series of posts exploring the testing and implementation of IPv6 in the network I administer. My ultimate goal is to have our public facing web servers dual stack, and accessible by both IPv4 and IPv6.
For the moment, I have a request in to our ISP for a /56 block which should be actioned in the next couple of days.
Wish me luck!