Sunday, September 10, 2006

The One Thing

"I know that limp. I know the empty ring finger. And that obsessive nature of yours, that's a big secret. You don't risk jail and your career to save somebody doesn't want to be saved unless you got something, anything, one thing. The reason normal people got wives and kids and hobbies, whatever, that's because they ain't got that one thing that hits them that hard and that true. I got music. You got this. The thing you think about all the time. Thing that keeps you south of normal. Yeah, makes us great. Makes us the best. All we miss out on is everything else. No woman waiting at home after work with a drink and a kiss; that ain't gonna happen for us."

Conversation between John Henry Giles, a musician and the patient, with Dr. Gregory House. Taken from House, Season 1 Episode 9 "DNR"

What do you want to be when you grow up?

It's easier to answer this question when we were kids. We could reply wihout thinking: a doctor, police officer, kindergarten teacher, or even the president of United States. But when we grow up, our minds start connecting between what we want to be with our current condition. Take myself as example. When I took my mechanical engineering degree, I thought becoming one of the Formula One racing technical team would be my dream job. When I built small Jet Engine as my final project in university I thought my life would be ended in Boeing or McDouglas. And when I passed my first CCIE I thought I would become one of the guys who invent the next communication protocol.

Have I found what I want to be in life?
I'm not quite sure. But obviously it's a bit late for me to switch from my current field. So for the rest of my life I may need to deal with Networking. But netwoking contains lots of area such as security, wireless, metro ethernet, MPLS and so on. And as far as I know, I can't be good in all area. I need to focus. Focus, focus and focus only in certain area. Find the 'one thing' that I really want to do and become the best on it.

For quite some time, I thought CCIE would be my one thing. It's true to some extend. During my two CCIE journey, I didn't have any interest in life other than my lab console. I kept thinking about it, I forgot any other things in this world other than it, my mind was so focus to it. But it's only for temporary. Once I passed, I got back to normal life.

So what will be my one thing in life?
Again, I'm still not sure. I have been in Networking for more than 7 years and I have spent the last 5 years in network security related field. But I know my interest is not 100% in security. I can figure this out because I know if I really want to be the best in security then I have to learn programming language in-depth and OS memory allocation since those two are the main keys to understand zero-day buffer overflow attack. But I didn't do that.
So if it's not security what would it be?

I had a chance to chat with Dmitry Bokotey, a quad CCIE and author for several Ciscopress books, yesterday and he gave me the same advice: to be the best you have to focus in one area only. Working in multiple area can destroy my career and credibility. And it's better to sacrifice my income if that's the only way to be able to specialize myself. I have been in Enterprise network for quite some time working with routing, switching, wireless, network security and all other campus network components, so he advises me to jump to Service Provider.

Becoming a specialist in Service Provider technology like MPLS or metro ethernet is not a bad idea at all. Plus I'm planning to take the CCIE SP lab so I'm still in the right track. And I have a great interest everytime I read anything related to MPLS applications such as Layer 3 VPN or Traffic Engineering. Yes, I think I can do this. The only question is: can I afford to miss all other things in life to achieve something that I believe will be my one thing?

Do you think it's a good idea to want to be the best? Sacrifice everything for one thing that can make me great? Or perhaps it's better to stay as regular person but still able to enjoy my life?

As always, the answer is: it depends. Life is a matter of preferences.
But one thing for sure, if someone can stay focus in one area and trully believe in it, he can end up in a very special place. Stand out from the crowd. Far beyond the ordinary.

So what is your 'one thing', if any?

Friday, September 01, 2006

Become a CCIE with Simulator

Update: use GNS3. It even provides one installation file that contains all the packages (dynamips, dynagen, winpcap etc). Please RTFM.

Several months ago I wrote 'How to Become a CCIE', a step-by-step for wanna-be-CCIE out there based on my own experience passing two lab exams. In point no. 3 I mentioned that it's compulsory to have a home lab to be able to practice anytime.

How if we can save some money by not buying the equipment but using simulator instead? Thanks to Christophe Fillot, the author of Dynamips - Cisco 7200 Simulator, now it's possible to have a full CCIE lab in our PC.

The idea of this simulator is to emulate Cisco 7200 environment with MIPS processor in normal PC, so we can boot the genuine IOS for Cisco 7200 with 12.2 and 12.4 version. It can simulate various type of network modules such as PA-4T or PA-TE-FX to provide enough serial and ethernet interfaces. The simulator offers virtual ATM, FR and ethernet switch too. If we can simulate 8-9 routers, with ATM, FR and ethernet switch, and put proper interconnection between those routers..voila! we have a complete CCIE lab!

Actually this simulator has been around for quite some time. But when the first time I used this simulator, I faced so many minor issues that almost made me stop thinking about the idea to simulate CCIE lab. Before I found Dynagen, the front end interface for Dynamips, I had to map the port manually between interface in one router to another interface in another router to provide interconnectivity between them. That's because each interface in this virtual router consumes 1 UDP port. So if we want to connect one router to another router with serial connection, we need to map udp port that represents the serial interface in the first router, to the udp port that represents the serial interface in the second router.

The beauty of this is: we can connect virtual routers in one PC to another virtual routers in diferent PC through normal TCP/IP connection.
But if you have to do the mapping manually for let's say 8-9 routers..hmm, it's better to do something else with our life.

So I like to share the step-by-step how to setup CCIE lab in the PC quickly, so you can join me and all my friends who already started pursuing CCIE in this new and cheap way :)

1. You need a good PC for this simulator.
I bought a new PC for this purpose. It's a Shuttle XPC SD36G5 with Intel Dual Core 3.2 GHz and 2 GB DDR memory. Small but powerful.

With Windows OS I can simulate up to 11 routers. With Linux OS in the same machine I can simulate more than 15 routers. I read it somewhere that it's because the limitation in Windows for one process, such as this Dynamips, can take only up to 2 GB memory. While in Linux the limit for one process is 3 GB. So if one virtual router uses 128 MB, multiple this number by number of routers plus additional memory usage by the process, it makes sense to have the process crashed when the number of routers reaches more than 10.

But fear not, there are so many ways to resolve this problem. Use Linux is one solution. Or just run Dynamips in two different processes.
Surely you don't have to compete with my PC. Any decent PC with lots of memory should be enough.

2. You need Cisco IOS for 7200 routers.
Don't ask me, please. I am not allowed to distribute any IOS image.
Just get it from your close friend who works in Cisco partner and can download this IOS for you.
Since IOS comes as compressed binary, we need to unzip it first and keep the .bin extension:
$unzip -p c7200-js-mz.122-25.S9.bin > image.bin

I use the enterprise feature with 12.2.29S version.

3. Download Dynagen and Dynamips.
If you want to use Windows, Dynagen in SourceForge has already provided a package with Dynamips included and all the scripts to make our life easier.

4. Find the idle-pc value to avoid 100% CPU utilization.
Without idle-pc feature, even 1 single virtual router can shoot our PC CPU to 100%. To find the idle-pc value is simple:
- run one router with Dynamips (not Dynagen)
use the same IOS, NPE and memory that you want to use for your lab. For example, I choose NPE-400 and 96 MB ram for each virtual router:
$./dynamips -t npe-400 -r 96 image.bin

- wait until the router completes the booting process and give you the prompt
- go the enable mode and save the configuration with write memory
- press “Ctrl-] + i” sequence key, and it should give you similar output like below after few seconds:
Please wait while gathering statistics...
Done. Suggested idling PC:
Restart the emulator with "--idle-pc=0x60693f8c" (for example)

- exit the simulator, you can do this by reloading the router
- run dynamips again with -idle-pc option with one of the value that you got from previous step:
$./dynamips -t npe-400 -r 96 -idle-pc=0x60693f8c image.bin

- monitor your PC CPU utilization, if it's still low than you are set to continue. If you still get 100% CPU utilization, try different value for the idle-pc option.

5. Run Dynamips in Hipervisor mode
We need to tell Dynamips to run in hipervisor mode which is basically waiting for connection in TCP port 7200 (default) for next instruction from Dynagen.
In Windows, there is a script called 'dynamips-start.cmd' to do this.
$./dynamips.exe -H 7200

Cisco 7200 Simulation Platform (version 0.2.5-RC2-x86)
Copyright (c) 2005,2006 Christophe Fillot.

Hypervisor TCP control server started.
Shutdown in progress...
Shutdown completed.

6. Create the Dynagen config file
Dynagen is awesome. The configuration is a text file that very easy to understand. It comes with sample labs and a text file, all_config_options, that explains all available options.
To practice IE Mentor and IP Expert CCIE Service Provider workbook, this is how I built my dynagen config file:

#I want to boot my routers manually
autostart = false

#I have the Dynamips in the same PC I run this Dynagen

#This is where I specify the location of IOS and options for NPE, RAM and idle-pc value
image = /home/himawan/IOS/c7200-js-mz.122-25.S9.bin
npe = npe-400
ram = 96
idlepc = 0xffffffff8075374c

#Each router's name and connectivity information, only showing some of them here
[[router CE1]]
f0/0 = CoreSW 1

[[router CE2]]
f0/0 = CoreSW 2

[[router PE1]]
f0/0 = CoreSW 10
f1/0 = CoreSW 11
a3/0 = A1 1
s2/0 = ASBR1 s1/2

[[router ASBR1]]
f0/0 = CoreSW 15
s1/0 = ASBR2 s1/0
s1/1 = ASBR2 s1/1

[[router ASBR2]]
f0/0 = CoreSW 16

#section for virtual ATM and ethernet switch, only showing few ports here
[[ETHSW CoreSW]]
1 = access 13
2 = access 23
3 = dot1q 1

[[ATMSW A1]]
1:1:100 = 2:1:100

As you can see the configuration file of Dynagen is very easy and straight forward. We can build as many routers as we want and put the interconnectivity information under each router. The good thing about Dynagen, we don't even need to specify which network module want to load, it will figure it out automatically.
For example, when I ASBR1 s1/0 is connected ASBR2 s1/0 interface, Dynagen will load PA-8T modules to those routers when I boot them. And one more thing, since I have specified it under ASBR1, under ASBR2 I don't need to specify that s1/0 needs to connect to ASBR1, Dynagen will take care of it automatically.

Under the virtual switch, we can assign either VLAN or dot1q trunk to the port. And for ATM switch, we can assign the value for VPI/VCI easily. Awesome, eh?

7. Execute Dynagen
Once you finish with the configuration, just make this file as executable in Linux or run Dynagen to use this configuration file:
C:\Program Files\Dynamips>dynagen.exe

Reading configuration file...
Network successfully started

Dynamips management console
=> list
Name Type State Server Console
CE1 c7200 stopped localhost 2000
CE2 c7200 stopped localhost 2001
CE3 c7200 stopped localhost 2002

8. Start the routers, offcourse, and start playing with it!
=> start CE1
100-C7200 'CE1' started

If you don't put the Dynamips process in the background, you should see something like this:
CPU0: carved JIT exec zone of 16 Mb into 512 pages of 32 Kb.
C7200 instance 'CE1' (id 0):
VM Status : 0
RAM size : 96 Mb
IOMEM size : 0 Mb
NVRAM size : 128 Kb
NPE model : npe-400
Midplane : vxr
IOS image : c7200-js-mz.122-25.S9.bin

Loading ELF file 'c7200-js-mz.122-25.S9.bin'...
ELF entry point: 0x80008000

C7200 'CE1': starting simulation (CPU0 PC=0xffffffffbfc00000), JIT enabled.

You can even see the booting process if you want, by connecting to the console port which is starting from TCP port 2000 by default:
=> telnet CE1
telnet 2000

Now you have your lab ready, what are you waiting for?

Two more additional steps:
9. Googling or RTFM when you have problems
Read Chris's blog, check the FAQ, read the Dynagen tutorial, googling.. don't be lazy!

10. Simulating remote lab
I have a good PC at home but I have already got used to my IBM Thinkpad keyboard to practice CCIE lab. So what I did to simulate remote lab is:
- start Dynamips in Hipervisor mode in my home PC
- start Dynagen from my notebook, with modification in the config file, instead of [localhost] I specified [homePC_IP_address]
- once I connect to Dynamips, I start any routers that I like
- create shortcuts in my notebook Windows desktop such as CE1, CE2, ASBR1, R1, R2 and so on which is basically telneting to my home PC in respectable TCP ports
CE1.cmd file: start "CE1" telnet 2000
CE2.cmd file: start "CE2" telnet 2001
and so on

Now I just need to click CE1 shortcut to connect to CE1, CE2 to connect to CE2 and so on. It gives me the same feeling like when I had my CCIE lab in Brussels.

One thing to remember: this simulator can only simulate routers with ATM, frame-relay and virtual switch. It means if you are planning to go to CCIE lab other than R&S and Service Provider, you still need to buy some equipments such as Firewall for Security track or router with E1 interface for Voice track.
And also if you have less experience with Cisco IOS behaviour, when you face some issues in your lab you may not be able to distinguish the cause of the problem whether it's because of wrong configuration or Dynamips bugs or IOS bugs or lack of faith.

I may still require to rent a rack for some equipment that can't be simulated just like Cisco 3550. But the amount of time required in renting should be reduced significantly with this simulator.
So practice with simulator at home, and rent a rack several days before the exam.
It sounds like a good plan.

My only challenge now is that my PC is so powerful for gaming, especially after I added NVidia GeForce 6800XT 512Mb PCI Express graphic card. I can play The Battle for Middle Earth, Star Wars Empire at War, Ghost Recon Advance War Fighter and my most favorit game for whole time: Battle Field 2 with highest quality.

So now my CCIE SP plan has to compete with Snowboarding and Battle Field. What a tough life!