CSI Cyber – drinking game

Introduction

I was a big fan of the original CSI TV series set in Las Vegas, my spiritual home town. CSI Miami had some of the cheesiest lines ever spoken on a TV show, probably on account of David Caruso being one of the producers. The New York spin-off never really grabbed my imagination and eventually, the ‘quality’ of the others dropped enough for me to drop them.

Enter CSI Cyber. The name alone was enough to make me realise the car crash that was coming but the fact is, two episodes in and I’m hooked. It’s awful, but it’s so bloody awful, its good. There is something, however, that can make it better; a drinking game. So without further ado, let’s get down to business.

Requirement

You will need booze. Lots of it. Preferably beer, spirits and shots and suitable glasses for each. Otherwise you simply aren’t playing properly.

Rules

  • There is no 1st player, everybody has to follow the rules below until there is just one person still able to code ‘Hello World’ in assembly
  • Every time somebody on the show says one of the following, drink 1 shot
    • ‘It can happen to you’. This is just to limber you up for the ride ahead
    • ‘Cyber’
    • anycolour-‘hat’, double shot where anycolour is not black, white or grey
    • description-‘web’, where description is dark, deep, dingy, dangerous or anything similar
    • ‘Firewall’
    • ‘Glitch’
    • ‘Bleach’
  • Every time one of the following happens, drink two fingers of your favourite spirit or beer
    • Somebody uses their mobile phone, with a lovely HUD shown for our convenience
    • A dramatic change in the music
    • Somebody gives away a tell to Patricia Arquette’s character
    • Text on a screen morphs in some way
    • Main theme plays. Everybody needs a top up
    • Somebody gets killed
  • Every time somebody watching who isn’t involved in IT comments on Patricia Arquette’s hair, finish all remaining drinks. At this point, you have the option to send this person out of the room for the remainder of the show, but it’s more fun if you don’t

I’ll possibly update these as the series progresses, assuming I have the staying power to watch any more of this drivel.

Summary

Vegaskid takes no responsibility for anything that happens as a result of you playing this game. But I’d love to hear the stories. Drink responsibly…

Till the next time.

Know the technology, know the business

Introduction

As I progress through my career, I can’t help but find myself drawn to learning more about business, both as a general topic and specifically related to the company I work for and the customers I work with. This post covers some reasons why you should start learning some key business skills.

Cross pollinate

In my 10 Tenets of working in IT series, I blogged about cross pollinating although it was specifically referring to expanding one’s technical knowledge base.

At the end of the day, IT is a service that the business consumes and so it would be naive to think you could offer that service without better understanding the consumer.

The starting point should be to learn about the business you work in. Look at the org chart, determine how each of the business units interface with each other, what services do each of them provide to each other and to the business as a whole? Don’t get dragged in, but try to understand the office politics as this can offer a wealth of information you won’t find documented anywhere. Try and spend time working with each team to get a deeper understanding.

I’m not suggesting you spend a week on secondment with the janitor but some key functions to understand are:

  • Finance/accounts
  • Procurement
  • Sales/marketing
  • Project team

to name but a few of the non-technical ones. Once you get a good understanding of how your team fits in with all of the others, you should be looking to understand your customer’s companies too, although you will most likely be far more limited with regards to access.

As well as learning what other team’s and customer’s expectations are, you should learn their language too. For example, despite doing an accounting course at college back in the days of the abacus, the terminology used by the finance ‘speakers’ within the company was as much jargon to me as OSPF was to them. A couple attempts to try and get an explanation tended to muddy the waters and so I found it best to simply buy one of those ‘finance for non-financial types’ books which was far more helpful. The key is I can sit in on more senior meetings and grasp all aspects of the discussion as well as converting my technical knowledge to layman’s terms as required.

I think IT folks can sometimes become isolated from the rest of the business by their own perceptions and experiences but I think that is a mistake. To really progress beyond a certain level in IT, you need to better understand your customer, whether that is internal or external.

Summary

There comes a certain point in a techie’s career where understanding the business that the technology you work with supports becomes critical for you to offer any added value. Don’t be afraid to learn things you perceive as being outside your comfort zone. It will be a worthwhile investment.

Till the next time.

Preparing for failure in IT

Introduction

Question: what does a £5 USB pen drive have in common with a multi billion pound IT contract?

Answer: both will fail at some time, at some level.

As IT professionals and as organisations, a strong measure of our success should be how we both prepare for and deal with any such failures and everything in between.

Embracing failure

All too often over my career, I’ve seen individuals and companies go in to panic mode when something fails, even more so when it leads to a service outage. This usually exhibits itself through some/all of the following:

  • People asking questions during the outage that should be reserved for the post mortem
  • Fingers being pointed and voices being raised
  • People terrified to admit what they did, which prolongs the incident
  • Any resemblance of an incident management process being completely ignored
  • At the other end of the spectrum, an over engineered IM process crippling the repair effort
  • Incessant hovering by ‘do-gooders’ over the person trying to fix the problem

These should be familiar to most IT professionals with anything more than a couple of incidents under their belt even if, like me, you are lucky enough to currently be at a company that has a culture of embracing failure.

What do I mean when I say embracing failure? If I was to list some of the behaviours associated with that mindset, it would include the following:

  • Proactive monitoring
  • Capacity planning
  • Good documentation sets in place
  • Mock incident scenarios
  • Open, no blame culture

More importantly than anything else is that any failure, regardless of whether it causes an incident or not, should be nurtured as an opportunity to learn. Improve individual knowledge, find the holes in your processes, firm up your monitoring, help build confidence and relationships, etc.

Post mortem

The port mortem is perhaps the most important part of the entire process. You can get a tricky issue resolved in record time, get a pat on the back from the customer and senior management and then see the whole thing ruined by some prat who thinks the key requirement of the port mortem is determining which poor numpty is to blame. Inevitably, you end up with people’s confidence and willingness to take on more risky tasks nose dive.

The post mortem should be a relaxed affair where everybody’s main goal is to learn. Learn exactly what went wrong, learn how the process to deal with the issue could be improved, learn how to reduce the risk of the issue recurring, learn how to address other peripheral risks, learn where the knowledge gaps are in your team, learn what makes your colleagues tick…the list goes on.

Summary

Whether you like it or not, failure is something you will experience whilst working in IT. The key thing that should separate you from the headless chickens is how you prepare for, deal with and learn from failure when it inevitably happens.

Till the next time.

Exam pass: 640-911 DCICN

Introduction

Over the last few months, in between a busy work schedule, I have been covering off the CCIE Written blueprint topics, the aim being to pass the written exam to renew my Professional level exams but more importantly, to refresh my routing and switching knowledge.

Progress has been slower than I would have liked, having only really covered off the layer 2 topics, but I’m not discouraged as I’ve been spending more time on other topics, including Python and Nexus.

Learning curve

It has only been in the last few months that I’ve had more exposure to the Cisco Nexus line of switches. My company’s new data centre that will be opening in Aberdeen, UK later this year will have a healthy Nexus footprint and we are bringing more customers on-line who utilise Nexus switching. With that in mind, I arranged for all members of my team to attend a suitable course and we all agreed that getting certified on that track makes sense.

Guinea pig

The CCNA Data Centre certification is made up of two exams:

The links above take you to the relevant Cisco page. I’m a little disappointed with the exam topics, which look like they’ve been typed up by somebody who has never sat an exam in their life.

The 640-911 exam is portrayed as a subset of the CCNA R&S and so I volunteered to be the team guinea pig and sit it first, without any studying to see if my current knowledge was sufficient.

The exam

This is the first time I’ve done an IT exam with no studying whatsoever, having only decided to do it the day before I sat it. It was more of a challenge just to see exactly where this exam sat. I was pleasantly surprised, but not with Cisco’s exam topic list, which is inaccurate and misleading.

Firstly, the number of questions and the time limit was quite challenging. I swear they add more questions and knock minutes off with each iteration. Another thing that quickly became apparent in the first few questions was that my Nexus knowledge needed to be better than the exam topic list suggested. Thankfully, Cisco were asking some silly Nexus based questions in this exam that I had asked the trainer in my Nexus course only a couple of weeks ago and so I’m happy to say I got a good pass mark. Looking at the Cisco website, you might be forgiven for thinking that a CCNA R&S will allow you to fly through this exam and that Nexus knowledge is only required for the 640-916 exam. My advice would be to be more prudent and ensure your basic Nexus knowledge is in place for 640-911 too.

I have already pre-ordered the Cisco Press book for the 640-916 exam and will be going through the INE Nexus video course before booking myself in for that one to ensure my knowledge is sound. At that point, I will also have had more hands on experience, my preferred method for increasing knowledge.

Summary

I had decided quite some time ago that certification for the sake of it was not something I was interested in but with me having more and more exposure to Cisco’s data centre product line, including Nexus, MDS and UCS, I think using the CCNA DC and maybe eventually the CCNP DC certification tracks to help me focus my learning makes perfect sense.

Till the next time.

A single glass of pain – IT management tools

Introduction

The title of this post more accurately reflects the state of play with many current IT management tools. Below, I cover my main gripes with the tools that IT engineers try to squeeze for usefulness every day.

My cup floweth over

Firstly, I am disappointed that the WordPress spell checker does not include archaic English and is trying to change floweth to flowerpot.

Now, have a think about how long you have worked in IT. Now think about how you manage your estate today compared to how you did it when you started out. Sure, there may be improvements you can point out but how many of those are based on budget increases or moving to a new company, for example?

I’ve been in the industry for 10+ years (I will only ever change this figure from this point onwards for each 5 years, then when I hit 100 years, increments will be in 25’s) and I can honestly say that IT management tools have progressed at a rate that frustrates me.

I will concede that virtualisation has brought improvements with the associated toolset, but not in line with the complexity that the technology has brought with it. I remember working on a contract back in 2002 (when the servers were all bare metal) that used a Computer Associates product that allowed me to monitor a national IT estate of over 400 sites with 10000+ users and multiple data centres, deploy patches and desktop/server applications. However, the software suite was composed of several different applications all under the same badge and utilised different back end databases. They had no common interface to them. Several other tools were used to fill in some gaps. Anything that couldn’t be done with the software got scripted.

Fast forward 13 years and I’m not sure the tools we use as an industry have made 13 years worth of progress. OK, so some tools can abstract the layers beneath e.g. Microsoft VMM can now manage VMware and Hyper-V, but if these hypervisors sit on Cisco’s UCS for example, or indeed any other vendor, you have another tool for managing the hardware, a different GUI for managing backups, monitoring to any real level of usefulness will usually require a number of tools (that may or may not be available in the same GUI, with a uniform feel) that quite often come with a hefty price tag if you don’t want to spend all of your remaining life getting the thing installed, configured and maintained.

You still end up having to script the things that all these tools still fail to deliver on. What is the root of the problem? I blame the vendors. Until they start agreeing on and offering standards based management interfaces for applications to be built on, we will always have a mix and match requirement to improve our operational visibility and control.

Summary

The year is 2015 and the ecosystem is still a fragmented mess. The single pane of glass model appears to still be way over the horizon.

There are some great management tools out there, don’t get me wrong. The fact is however, that there is nothing that comes even close to being a single pane of glass that we can use to manage our estate, end to end.

I implore vendors to start standing next to each other, bang heads a few times and start working together to create the tools that will allow us, the customers, to spend less time fire fighting and flicking from one tool to another and add real value for our customers.

Till the next time.

Introduction to Python

Introduction

Over the course of my IT career, I have used a few different platforms to create tools that help me in my day to day work. Initially, VBScript used to be my scripting tool of choice when I was a Sysadmin. When PowerShell was released, I quickly embraced it and really liked it’s human readable verb-noun structure. It saved my bacon on many an Exchange deployment/migration. I’ve also dabbled in various flavours of Visual Basic over the years to create some small applications but I am no developer, by any stretch of the imagination.

Over the last 18 months or so, I’ve been looking to learn a tool that was more cross platform, easy to pick up and could be used across the board for not only my networking tasks, but anywhere I could save time and do things more consistently. I probably spent far too long dwelling on the options but about this time last year settled on Python.

This discussion is about Python but that assumes that you have chosen Python yourself as a language you wish to learn. If that isn’t yet the case, the discussion below on which version of Python to use could also be applied to which language you should settle on and the sections further below apply to any programming language you finally set out to learn.

Version

Don’t get hung up on whether to use Python 2 or 3 (or Java, Go, Ruby, C, etc. for that matter). Whilst 2.x fans will argue it has a larger support base including more modules and libraries, more deployed code etc. it is well known that 2.7 was the last version that will be released on that track and the creator of Python, Guido Van Rossum seems to be committed to the 3.x train. I have been learning 3.x because I found that everything I set out to do in my first months learning Python had suitable modules available.

The key is not to spend too much time on this decision though. Take a look at them both, read up on some of the arguments in favour of each and then pick one and stick to it. Most modern Linux distros seem to have both versions installed so if you are really unable to flip a coin, learn both…but learn at least one of them!

As a quick note on why I chose Python over other options I would have to say:

  1. It’s relatively easy to learn
  2. There are loads of on-line resources
  3. It is well supported across many different areas and vendors
  4. I can use it to create the most basic of scripts up to the most elegant of object oriented applications and everything in between
  5. It’s fun!

Tool kit

When I say tool kit, I’m talking about setting up your environment to make working with Python and the code you create more enjoyable. There is nothing worse than trying to learn something new and having to jump through a load of hoops before you get to the good stuff. Take GNS3 back in the early days. I can remember spending up to an hour on some occasions just to get my lab up without crashing. Not fun. The bullet points below briefly cover off the main points you should be getting in place:

  • Platform. I come from a Microsoft background and initially started playing with Python on Windows. I quickly realised that Linux was the way to go. Not only is it better supported and comes already installed on many popular distros, it has the added benefit of upping my Nix skills at the same time. Hoorah!
  • Editor. For me, there are two options here. Either Notepad++ or a Python specific Integrated Development Environment (IDE) and I use both of them depending on my needs. Notepad++ has syntax decoders built in for most languages in use and if you save your file with a .py extension, it will get recognised as a Python file, with nice colour coding to highlight your syntax. An IDE adds better file management and will also have intelligent help systems that can give you pointers on the usage of certain features and syntax. I use Jetbrains Pycharm as an IDE, but most of my scripting is done in Notepad++ at the moment. Make sure you set both of these up in a way that suits your workflow. As an example, I have got my Notepad++ configured to insert four spaces when I press the TAB key as it’s easier to do but Python convention dictates that indents are spaces and not tabs
  • Code repository. You will quickly find that keeping track of your different scripts and the various versions of each of those becomes a time consuming task so you will want to utilise something like Git, which is what GitHub uses. You can get an account for free but just be aware that if you want to keep any of your code private (e.g. it contains database connection strings, or IP address information), then you will need to pay for a private account, which isn’t extortionate. Another option if you are feeling daring is to install your own version of Git

Training materials

The best resources are to be found on-line and there are countless websites that have great content relating to Python on them, with the Python homepage being a great starting place. I haven’t found any really good video based training to date that would pass as a course as such but there are lots of books available on the subject. My favourites so far have been:

  • Python Cookbook (latest edition for Python 3)
  • Hacking Secret Ciphers with Python
  • Python 3 Object Oriented Programming

Read the reviews, use Amazon’s ‘Look Inside’ feature to see if the style suits and start building a reference library to consolidate that knowledge.

Get yourself a project and play, play, play

All those tools and all that knowledge will still make your journey a tedious one if you don’t apply it to the real world. Find a project that could use your Python skills and put them to the test. I initially struggled trying to learn Python from a network engineer perspective as it involved ugly screen scraping techniques on kit without APIs. What I found really useful was when we started using a dashboard application in house that is built on Ruby and converted all the Ruby scripts to Python. I now feel much more confident about tackling  more difficult tasks. The key is not just to type up the scripts you find on-line or in a book but to create something that you needed anyway. This will be so much more rewarding for you in the short term, which will motivate you further in the long term. If you are struggling to find a project, buy a Raspberry Pi and a related project book to get your teeth in to.

Summary

Regardless of what field you work in, if you use a computer on a regular basis and have a number of tasks you repeat, I strongly suggest you look at Python as a great tool to help you get those tasks done quickly and more consistently. You’ll soon start seeing that you can use these skills all over to help make life easier.

[sourcecode language=”python”]
print("Till the next time")
[/sourcecode]

The year of automation, 2015

Introduction

2014 was a slightly strange year for me in some respects. I moved in to a new leadership role, delivered some big projects successfully with the help of my team and got lots of the smaller jobs off my plate, but it still felt like I could have achieved a lot more. The good news is that I’ve been tracking everything that needs addressing so have a good idea of what my team’s priorities are for the coming year already.

My own priorities

My aim is to make 2015 the year of automation. Not in any one area anywhere I think I will hit my two key goals, those being to get a ROI on my time and to standardise as much as possible and I will be using those goals to measure where to focus my efforts. I am already familiar with PowerShell from my SysAdmin days and have built a number of tools in Visual Basic over the years but will be taking what I have learnt about Python over the last few months to a new level. I have already started taking related scripts and creating my own modules and already have ideas on how I want start making bigger applications that are more object oriented.

I also plan on blogging more about my automation journey so expect some Python posts in particular.

Summary

2014 was the year of steadying the ship, ensuring nothing critical fell through the cracks and hopefully helping my team develop personally. I’ve heard people across the industry quote how 2015 will be the year of SDN, IPv6, NFV, blah, blah, blah. I make no such claims, although out of those, I would put my money on NFV and maybe blah. For me though, this year will be about brushing down some old and not recently used skills and giving them a high polish. I won’t need to become a fully blown developer but the skills I intend on picking up will be useful in many areas of my life, both at work and otherwise.

Till the next time.

TV shows need to fire their IT consultants

Introduction

It’s the pet hate of any self-respecting geek. Technology referenced on a TV show or film that at best is misinformed, at worst blatantly disregards any sense of reality. If you are reading this post, I would be willing to bet you are familiar with that blank look you get from a friend or family member when you try to explain that .342 in an IP address is “wrong, just wrong”.

Bit of fun

Below are some videos that, whilst hilarious in isolation, are enough to prevent me watching a full episode.

In video 1, we see two of the leads from NCIS carefully coordinating key presses on a keyboard to try and thwart a pesky hacker.

 

Video 2 shows some amazingly agile DevOps skillz to entrap what is possibly the same skilled hacker from NCIS (yes, I deliberately wrote that to increase the comment count on this post, even if they are hateful).

 

Video 3 is my favourite. I haven’t seen the episode itself so when I saw this the first time, I thought it was a mash up of two different clips. Alas, no. So sit back and enjoy the virtual magic mushrooms.

Summary

This has been a slight deviation from my usual post, but I hope you enjoy the clips. There are dozens more out there so I may well return to this theme again. I just need to upgrade my blog to IPv7.2b in order to support the new encrypted video codecs.

Till the next time.

PyCharm Educational Edition

Introduction

PyCharm is a Python IDE created by Jetbrains. When I decided to go beyond Notepad++ for my Python scripting, I used the free Community Edition of PyCharm to help me with the structuring of my projects. There is also a Professional Edition which essentially adds web development frameworks such as Django and Flask to the mix, but these are currently beyond my requirements

PyCharm Educational Edition

A recent announcement brought the good news that a new Educational Edition was being released. This is basically the Community Edition, but with built in training that uses the IDE features to build up your knowledge. The screenshot below gives an idea of how this works (click it to make it bigger in  new window). The top left window shows the different lessons and tasks within, which come in the form of real Python scripts. Above the script editing window on the right is a brief and to the point explanation of a different concept with instructions on how to update the presented script further below.

Pycharm Educational Edition

I love a hands on approach to learning new topics and this fits the bill rather well. You read the information, you follow the instructions and then click the tick box for feedback on if you have done it correctly or what you have done wrong so you can have another go or move on to the next topic.

I am also excited about the concept of other people creating learning courses that are available to the entire community using this tool so knowledge can be shared openly and freely, and usable offline too.

You can download this version of PyCharm here.

Summary

PyCharm is a very user friendly IDE for Python programmers. The Educational Edition is a brilliant way of giving people professional tools to learn a subject on which should help them progress to Python Jedi in a much shorter time frame.

Till the next time.

Multipath TCP

Introduction

In a bid to make networks more redundant, we’ve traditionally thrown more paths in to the mix so should one of them go down, traffic can still flow. In a basic layer 2 network, this would utilise Spanning Tree Protocol (STP) to ensure a loop free topology,meaning some links went unused, wasting available bandwidth. Etherchannels using stacked switches, VSS or vPC on pairs of Nexus switches allow all links to be used. Equal Cost Multipath (ECMP) can do a similar thing at layer 3, allowing multiple equal cost paths to be selected for routing.

Multipath TCP is a backwards compatible modification to TCP that allows multiple connections between hosts at layer 4. Because this is at the transport layer, these connections can be sourced from different IP addresses e.g. your wired and wireless NICs simultaneously.

Multipath TCP

A key benefit of this approach is that you can have multiple links being used for the same TCP connection, increasing overall throughput for the same TCP flow. Links can be added or removed without affecting the overall TCP connection, which makes it ideal for mobile use, combining a Wi-Fi and mobile network.

It has uses elsewhere too. As opposed to an Etherchannel, which will only allow a TCP flow across a single link, Multipath TCP will allow a single flow across multiple interfaces, so this will likely become more popular in the data centre.

Summary

Multipath TCP is one of those “why didn’t we always do it that way” technologies but it will also be interesting to see if it sees wider adoption than the use cases outlined above.

See here for the RFC.

Till the next time.

CCIE Routing and Switching v5 Preparation

Introduction

I recently made a full commitment to study towards the CCIE Routing and Switching v5 written exam. The primary reasons for this are to refresh my certifications but far more importantly, to update and build upon my current skill set. It is key to me that I don’t just pass the exam but deep dive in to each and every subject on the blueprint. If I am successful in both these goals, I will then have a decision to make on whether to go for the lab, but that isn’t on the road map at this stage.

CCIE Routing and Switching v5 Preparation

This post isn’t about the exam itself or even the material in the blueprint. Rather it breaks down what came prior to starting the very first ‘official’ study session as I feel that this will have an important impact on my success and general enjoyment of the learning ahead.

Timing

This is critical. Studying for the CCIE requires such a large commitment in terms of time, effort and in many cases money, you need to be ready to take this challenge on. Diving in without giving serious consideration to the things listed below will likely make your journey a difficult one. Some key areas to think about:

  • Certification level. There are no prerequisites to pass your CCIE. To sit the lab, you need to have passed the written exam and that is it. My advice would be to not take that path however. I would recommend that you do both the CCNA and CCNP level certifications for the particular CCIE path you are hoping to achieve. This will serve several functions. Firstly, the studying required to pass each level will build your foundational knowledge up, making the CCIE content less of a shock to the system. Secondly, sitting those exams will get you used to the way Cisco ask questions and the exam process in general. Thirdly, whether deserved or not, many people will be weary of CCIEs that took the direct route, bypassing NA and NP exams
  • Career. There are two key factors here for me. One is experience and is naturally related to my previous bullet point. A CCIE with only two years networking experience will raise a red flag with some people. Not to say that every engineer with 10+ years under their belt is the best thing since sliced bread, but, in addition to lower level certs, a minimum of five years or so experience says to me that you’re more likely to have seen a good range of tech and worked on more networks. Regardless, this isn’t about job interviews, so on a person by person basis, more experience should mean you are better prepared to do the CCIE than when you were less experienced.The second factor is based on whether your current role will allow you to commit to your CCIE studies. If you’ve stepped in to a completely non-technical management role, or it involves a lot of travelling, or you are doing a six month contract pulling 60+ hour weeks, it might not be the best time to start this journey. That’s just me, you might relish the extra challenge, but I think success will be much more likely if you have the time in your week to put the extra studying time in, without burning out. Working in a relevant technical hands on role will help supplement your training. A role that you also enjoy will be far more likely to motivate you to study than a role that does not inspire you in any way
  • Personal life. This is the one I hear takes a lot of people by surprise. You might be lucky in that you can do all the studying you want at work or you might have so much spare time that fitting in 10-20 hours of study a week only impacts your TV watching schedule but most people will have to make some serious compromises. You will certainly need to consider cutting right back on your social life, even giving up going out at all for a period of time. There will also be a toll on those close to you so make sure you have the full support of your family and friends. Especially with family, make sure you explain to them just what lies ahead so that they can adjust too.
    From a health point of view, you probably don’t want to start a CCIE track if you are recovering from a serious illness, or if you have a medical operation due in what would be your study period. You most likely don’t need that kind of extra stress in your life.
  • The same goes for your finances. Make sure you are at a reasonable level of financial stability before you begin the commitment. This will be a relative decision for each of you, but I personally wouldn’t want to have working overtime to pay off debts in the back of my mind, or thinking about where I was going to get all the money to pay for the exams and training materials. Which brings me to my next point

Materials

You need to ensure that you have all the relevant training materials to hand, maybe not at the outset but certainly as you get to the section of your training that requires them! What those materials are will depend on a number of factors including your preferred learning style, budget and current knowledge.  Some people love text books, workbooks, videos, labs, online resources, classroom training or any combination of these.

Whilst it is important to have the right materials, I would be cautious of having too many. You need to review the blueprint for both the written and the lab and work out what materials will give you the best chance of understanding the topics on each and passing the relevant part as comfortably as possible. Reading five multicast books may give you an unprecedented understanding of the subject or it may waste valuable time when you largely read the same topics written in different styles, where one really good book on the topic might suffice.

Read what other people are saying about their materials and if you can, actually speak to people who have gone through this before you.

Plan

Some people like to set a date in their head from the outset e.g. “I will pass the written in three months and sit the lab 12 months later”. For me, I am happy to be a little more relaxed. Remember from my opening comments that I am initially only studying for the written at this time and the primary reason is to renew my knowledge, so I have no specific deadlines. Having said that, I still have a rough plan outlined for getting through each of the six modules, have all the official materials which I will be supplementing with online resources as I tackle them and have set expectations with my family. I am aiming to do between 10 and 15 hours a week.

Summary

I’ve spent a long time thinking about the CCIE. When I first passed my CCNA, it was at the forefront of my mind and remained so for quite some time afterwards. Having moved about in my career since then and gained a wealth of experience in different technologies, I think I’ve done the right thing waiting until now. All the things listed above have come together at the right time. I will review whether I will take a shot at the lab at a later date.

I would love to hear from readers who are either thinking about doing their CCIE, are currently on the path or have already achieved their digits. Leave your comments below, hit me up on Twitter, or send me an email.

Till the next time.

Trouble Ticket #4: Unable to download NAT policy for ACE

Introduction

This was a fun one. Coming in to work on a Friday morning for what you hope is an uneventful segue in to the weekend and your colleague looks up from his fast scrolling terminal screen and says “we may have a problem”.

Unable to download NAT policy for ACE

The change he had implemented was simple enough. Add a couple of new sub-interfaces to the Cisco ASA firewall, add the required security ACLs and configure the NAT and no-NAT (NAT0) rules. The firewall code was still pre 8.3 on 8.0(4), so used the older NAT syntax.

The problem arose when the no-NAT config was applied, specifically adding ACE entries to the ACL that the no-NAT applied to the new interfaces referenced. The firewall threw up the following message:

[sourcecode language=”plain”]
Unable to download NAT policy for ACE
[/sourcecode]

In the context of the above sequence of events, this message isn’t actually that obscure. Pre version 8.3, the Cisco ASA uses policy based NAT. For the no-NAT, it uses an ACL to decide which traffic should not be NAT’d as it comes in to an interface. As the new ACEs were being put in to the firewall, the above message is effectively telling us that the firewall was unable to apply this to the no-NAT policy. So the ACE shows up in the config, but it isn’t having any effect.

In addition to this, we had also lost management access to certain networks through the firewall as part of this change.

The fix

The config was rolled back as a matter of course but the issue remained. Running packet tracer on the firewall showed that the issue was down to the no-NAT, although comparing the config with a backup showed no differences.

Based on our gut feelings and the message we saw, the NAT0 statement was removed and re-added and the issue vanished. Searching Cisco.com brought up this bug (CSCsl46310). Cisco recommend reloading the firewall as a workaround prior to reapplying the NAT0 statement, but that wasn’t required in our case.

Known fixed releases are supposedly 8.2(0.79), 8.0(3.2) and 8.1(0.130), although on the download site, 8.2.5 is a recommended version so I think that will be my first stop.

Summary

It is actually a pleasant surprise when a bug at least produces behaviour and a system message that can be used to troubleshoot without too much effort.

Till the next time.

10 tenets of working in IT – Tenet 10, Review

Introduction

The 10 tenets of working in IT series originally started with a post on PacketPushers back in 2012. I got a good response to that and when I was writing it, I had envisioned breaking out each tenet to its own post.

This final post in the series covers off how to review. Not just reviewing the other tenets from time to time but review your tasks, your career and your life.

Review

Reviewing is all about taking a look at where you are in your big plan. This will only be effective if you have set yourself goals. Whilst these targets can move and change based on circumstances, both within and outside your control, adapting to these changes is going to be more effective if you go through a regular review process.

Don’t micromanage yourself though, which will usually end up being counter-productive. I find that setting goals, breaking them down in to tasks and putting time scales against them makes it an easier job for me to keep on top of them and setting a regular review session, the frequency of which is usually determined by a combination of the end date and priority.

It’s also important to review your career progress. Have you been so heavily focussed on your current role for such a long period of time that you’ve missed opportunities to progress, either upwards or outwards? It is important to take a look down from a higher altitude to see what is on the horizon and potentially beyond.

The same goes for keeping a track on life in general. How many workaholics, highly successful career people, have sub-optimal personal lives because they apply all their energy to their careers and come home with nothing left in the tank? Sure, there are times when you know giving it 110% at work is going to pay off down the line e.g. pulling a project out of the disaster bin, and a compromise at home can be agreed with all parties, but if these periods extend for too long unchecked, things can go awry over time.

Treat your career and your personal life like a prized network; monitor, be proactive, tweak, capacity plan and get feedback from its users. The last thing you need is an outage.

Summary

It’s all very well having a solid plan of action with the skills and behaviours to see that plan through but if you don’t take a step back every now and again and review what you do, what needs throwing out and what can be improved, you may find yourself not achieving your full potential. Keep challenging yourself, measuring progress and moving forward.

I hope this series has been useful to you, at least in parts if not in its entirety. Feel free to get in touch or drop a comment in on the blog.

Till the next time

10 tenets of working in IT – Tenet 9, Know Your Place

Introduction

We all serve a purpose in life. Some people spend their entire life never questioning what theirs is, whilst others waste a lot of effort comparing the situation they find themselves in to others, in particular those they perceive as better off by one measure or another. This post looks at a few tips to try and help you find your purpose.

Know your place

Consider the bullet points below lifted directly from my original 10 Tenets of IT post on Packetpushers:

  1. Do not get depressed with not knowing everything
  2. Know what you don’t know; decide from that what you need to learn
  3. Don’t get bogged down comparing your abilities to others. You’ll either spend your life kicking yourself because you can’t emulate your heroes, or you’ll justify treading water because you are at least better than the guy sat next to you
  4. Be the best you can be
  5. Aspire to improve
  6. Drop things that you no longer need
  7. Fine tune that which you do

There are two key themes that compliment each other here. The first can be summarised as “Don’t beat yourself up” and the other is “Control your own destiny”. You shouldn’t waste time worrying about what you don’t know or what other people are up to. Decide what it is you want to be, plan how to get there and make it happen. A particularly well matched tenet here is tenet 8, focus.

Summary

In the introduction to this post, I wrote that we all serve a purpose in life. One of the key things that separates the get-bys from the successful people is the former allow themselves to be told what their purpose is and the latter define it for themselves.

Till the next time.

10 tenets of working in IT – Tenet 8, Focus

Introduction

In keeping with the topic of this post, I’ll try and keep it brief and to the point. What is it that separates the winners from the losers? The people who seem to be continuously increasing their knowledge from those who struggle to keep up? Those that seem to climb the career ladder with ease from those retiring from the helpdesk after an ‘illustrious’ 30 year career. This post looks at a key differentiator.

Focus

The ability to focus is a skill that takes both time and commitment to learn. Think of it like a leaky bucket, you can fill it up quickly but every now and again, you will have to top it up to stop it emptying.

If I were to list some of the key points relevant to being focussed on any task I set my mind to, it would include the following as a starter for ten:

  1. Understand exactly where you are right now. If you aren’t truthful with yourself, you won’t be able to plan your journey to success accordingly
  2. Understand clearly what success looks like. You should hit your goals with the sound of angels/ticker-tape parade/(insert appropriate analogy here). If you don’t nail this down, you run the risk of hitting your target without even realising it or worse still never achieving it
  3. In between where you are now and where you want to be is a journey. It could be a metaphorical walk in the park or it could be a inter-continental saga. Depending on how big a task you have set yourself, you need to plan accordingly. What will you need to get to the end, what milestones can you use to keep yourself on track, how will you measure your success?

In the interest of brevity, that is basically it. Make sure steps 1 and 2 give you a true understanding of where you are and need to be. This is the cornerstone to good planning. Step 3 is a recursive step to keep yourself right as you head towards your final destination.

Other things to bear in mind:

  1. Whether this is a mental goal e.g. learning a new skill, or a physical goal e.g. running a 10K, don’t neglect the other side. In particular, when going undercover studying for a new certification, don’t neglect your body. Eat, drink and exercise responsibly
  2. Use the other tenets in this series to keep a good balance. They should work together as a system, rather than being individual concepts
  3. Take a good look around once in a while. Have you become too focussed and let other things slip?
  4. Make sure you enjoy the journey too. This will naturally increase your chances of success
  5. Avoid the dreaded distractions that are focus killers. They differ from person to person but usually TV, social media, gaming and food are near the top of the list
  6. The art of focussing itself is circular. You have to tune it every now and again else run the risk of drifting off track

Summary

I’ll be the first to admit that I sometimes take my foot of the gas, or get drawn away by distractions. Having said that, when I want something or I need to get something done, I know how to focus and apply myself for sustained periods of time and when to take a break to maximise results.

Till the next time.