Holiday update.

Happy Holidays!

I just wanted to take the time to wish everyone a merry Christmas and a happy new year. Whatever you're celebrating have a happy one.

After my teachers finish grading my final work and hand in my grades, I will be done with my Network Specialist Associates Degree.  I am sure, given the nature of the IT field, I will be back later for more training. The IT teachers I have worked with at MATC have been amazing. If you ever go to MATC I highly recommend taking classes that Sue Kress teaches. Her classes are to the point with a strong emphases on lab work. You leave her classes feeling confident in your skills. I only had Brian Kirsch for one class, emerging technologies (VMware), but I would still recommend taking his classes as well. I don't think there is anyone who can top the experience he brings to the class. VMware is an exciting topic in of itself but the way he taught it made it more so.To be able to learn from a man who has worked so much with VMware and sits on the Board of Directors for the VMware User Group, is worth his pony tail's weight in gold.

On the flip side, I have had some bad teachers as well. Most of which were general studies classes, sociology/English and such. The only advice I can offer is to keep copies of all submitted work and take a picture of all graded work. This could save you. One teacher I had nearly failed myself and at least three other students because she lost her grade book and refused to use the Blackboard grade book. Luckily, I was able to find 90% of the work to prove I had done the assignments on time.

Another bit of advice, don't buy your books until you have verified with the teacher what is the correct book and wait until the book is actually used. There seems to be a lot of miss communication between teachers, the people who choose books, the book store, and the people who order books. So save yourself the hassle of having to return a book and wait till the teacher themselves tell you the needed book.  Also I have gotten through at least five classes where the teacher has either never or only once referred to the books. Paying $100+ for a book, only used once, for one paragraph, read in class, is a waste of money to a broke student. I saved a lot of money and still passed those classes with a high grade.

I now plan on focusing on getting my CCNA and VCP5-DCV certifications. I have bought a new book recommended by Brain Kirsch to study for the VCP, called VCP5-DCV study guide by Brain Atkinson. I will post all my study notes from the book here along with my Cisco study notes. I plan on also posting more lab write ups of both Cisco and VMware. In between I will do write ups about home and small office IT solutions. I have one entry in the works explaining home wireless router features and how to find the one that best suits your needs without over paying.

For anything I post, if any reader has a question or comment please feel free to use the comments. I am always open to pointers. If I don't know the answer to your question, I will find it.

Gaming journalism

This weeks assignment had us watch a podcast about technology and write about it. I chose a podcast from Inside Gaming. The title was about buying reboot games but the first topic, gaming journalism, is what I'm going to focus on.

I have been playing a games for a long time. In the beginning I decided what games I should buy by the cover in the Blockbuster video and what I could afford. Back then I made my money selling chicken eggs which adds up surprisingly quickly. When I got older and found other friends that played games I relayed on their referrals. After high school my friends moved out of state so I tried magazines to find good games. I quickly stopped using magazines because I had bought too many games on their referrals only to be disappointed. From then on I relayed on forums of people who played the game showing what the game was like. This eventually grew into watching Let's Plays and game play video's to make my decisions on. I stopped trusting paid video game reviewers a long time ago.

A while ago a event started called "Gamergate." It all started when a female game developer supposedly slept with five male game reviewers to give the game high ratings. After that it exploded to something about females being discriminated in video games. I'm not sure how that leap happened. I'm going to focus on the woman sleeping with five guys to increase game ratings. I thought the whole thing was ridiculous that anyone would resort to that because I along with a majority of the gaming community have long since stopped using game reviews as a source. We gamers have always known of paid reviews. As far as I know the female game developer was not forced into doing what she did. In my mind all of it was for nothing.

Game developer DoubleFine did a study and showed that let's plays boosted sales more than metacritic, a common review site. This only makes sense to me because having been involved for along time. I know that you just stop trusting the people paid to give reviews. Even if I disagree with what the guy playing the let's play says, I can at-least see the actual game for myself before I buy it.

I guess in the end I was just amazed that people found this shocking.

Assignment 6 Ted Talks

TED Talks ( http://www.ted.com/talks ) are great presentations on a variety of topics. Select and watch a TED Talk. Review the presentation. What was the topic and argument of the presentation? How were visual or other props used in the presentation? Was it effective? Were questions asked? Humor used? How was the pacing? Was there a ‘path’ through the presentation? Were you engaged or inspired? 


 I watched the TED Talk where Laurel Braitman Talked about mental disorders in animals and how it relates to humans. I selected this talk because I believe my own cats may have some mental disorders and I was hoping for some answers. My oldest cat, Bah, likes to chew plastic bags or other thin plastics and is as excited as a dog when I come home. Ralphie likes to "bury" things and is very into smells. If I leave a bowl of Chinese food unattended I will come back to him "burying" the food. He also goes in the litter box after Bah to make sure she properly buried. I believe the presentation was good at explaining that yes animals can have mental disorders and gave examples of different animals being diagnosed and treated. She used pictures of the animals she was talking about and some youtube videos that showed the habits of animals with disorders. She used some humor but didn't ask/answer questions. Her pacing was good except for a few times she paused for an odd amount of time.

Chapter 1: Hierarchical Network Designs Part 3

Evolving Network Architectures

Technology is always changing so network architecture needs to change with it. Current challenges are Bring your own device (BYOD) which allows workers to use their own phones and laptops/tablets at work, online collaboration, video collaboration, and cloud computing. These require more and different security practices along with faster network speeds to handle video streaming.

Cisco has developed three new network architectures to accommodate the new technologies.

Cisco Borderless Networks

Allows clients to connect securely, reliably, and seamlessly to the corporate network in a BYOD environment. This solution is not set but must continue changing to handle the shifting borders/changing technologies.

This architecture offers two sets of service:

• Borderless end-point/ user services allow the user to connect on any device, wires/wireless, and get the same reliable/ secure connection. Cisco recommends that smart phones and tablets should use the Cisco AnyConnect app to establish a secure, persistent, policy-based connection for a seamless user experience.... *yay marketing! I swear I only rolled my eyes once while typing*

• Borderless network services works to secure the connections to the many new devices and allows them access to network resources. It also allows the implementation of policy based architecture to us centeralized access controls. Also provides support for online video and voice. *I assume with QoS but it doesn't say*

Collaboration Architecture

 

Cisco provides products, applications, software dev kits, and APIs to support collaborative environments.

Cisco's Collaboration Architecture is composed of three layers:

• Application and Devices layer contains communications and conference applications such as!, Cisco WebEx Meetings, WebEx Social, Cisco Jabber, and TelePresence. These applications to create and maintain the connections for voice, video, web conferencing, messaging, mobile apps, and enterprise software.

• Collaboration Services layer supports collaboration applications by providing presence, location, session management, contact management, client frameworks, tagging, and policy and security management services.

• Network and computer infrastructure layer is responsible allows collaboration anytime! from anywhere! on any Device! includes virtual machines, the network, and storage! *if they are going to be silly I'm allowed to be too. Picture Billy Mays*

Data center and virtualization

Built on Cisco Data Center 3.0! Provided a set of virtualization technologies and services that bring networking, storage, and virtualization platforms together.

Consists of three components:

• Cisco Unified Management Solutions simplify and automate deploying IT infrastructure and service quickly and "Enterprise" Reliability. In plain talk they provide a central management tool for virtual and physical environments.

• Unified Fabric Solutions provide network services to servers, storage, and applications. They recommend Cisco nexus switches, Catalyst switches, Cisco Fabric manager, Cisco NX-OS Software. *VMware study* The fabric refers to the fiber network that connects to the virtual hosts. These switches/routers typically need to be set statically and considering redundancy. A failure at this step can cost big money. *VMware study*

• Unified Computing Solutions unifies computing, network, storage access, and virtualization into a cohesive system designed to reduce cost of ownership and increase business agility. The Cisco Unified Computing System (Cisco UCS) is built with blade servers, rack-mount servers, fabric interconnects, and Virtual interface cards (VICs). *VMware study* When virtualizing you pay more for hardware but need less hardware over all so you save money there. Also Licensing is either by core or processor. In a virtual environment you can set the a single processor to the speed you need even though you are using more cores/processors to get that speed virtually it is one processor/core so you can save money there. *VMware study*

Chapter 1: Hierarchical Network Designs Part 2

Cisco's Enterprise Architecture Modules

©2014 Cisco Press, Connecting Networks Companion Guide

These are different modules laid out by Cisco.

Enterprise campus module

 

consists of a building or groups of buildings on an enterprise network within a fixed geographic area.

Consists of sub-modules:

• Building Access- Same as the access layer but applies the whole building.

• Building Distribution- Same as the distribution layer but applies to the whole building.
• Campus Core- Same as the core layer but applies to the whole building.

• Server Farm/ Data Center- Data center module connected directly to the Campus core layer.

The Building access, Building Distribution, and Campus Core sub modules are collectively called the Campus Infrastructure Module. These sub-modules provide high availability, integrate IP communications/mobility/advanced security, Uses multicast traffic and QoS to optimize traffic, and provides increased security and flexibility using access control management, VLANs, and IPSec VPNs.

The Data Center module provides high capacity connectivity between server resources and users. It also includes network management services. Consists of internal email, application, file, print and Domain Name System (DNS) services.

The enterprise campus module provides; high availability with multilayer design, redundant hardware and software, automated failover, and integrated security.

Cisco Enterprise Edge Module

 

Provides connectivity for voice, data, and video services outside the enterprise. Acts as a barrier between the Enterprise Campus Module and other external modules. In plain terms it acts as the DMZ.

Consists of sub-modules:

• E-commerce networks and servers module supports E-commerce applications. Designed for high-availably. Devices in the sub module are web, application, and database servers; firewall and firewall routers; and network intrusion prevention systems (IPS). In plain terms it's a datacenter accessible on the web so it's coated in security.

• Internet connectivity and DMZ module provides secure connectivity to internet services: public servers, email and DNS. The module is able to connect using multiple ISPs. Devices included are firewalls and firewall routers, internet edge routers, FTP and HTTP servers, SMTP relay servers, and DNS servers.

• Remote access and VPN module provides remote access termination services, including authentication. Devices included are firewalls, dial-in access concentrators, Cisco Adaptive Security Appliances (ASA) and network intrusion prevention system (IPS) appliances.

• WAN module provides WAN technologies for routing traffic between remote sites and the central site. Technologies included are Multiprotocol Label Switching (MPLS), Metro Ethernet, leased lines, Synchronous Optical Network (SONET) and Synchronous Digital Hierarchy (SDH), PPP, Frame Relay, ATM, cable, digital subscriber line (DSL), and wireless.  (what this book/class teaches)

Service Provider Edge Module

 

Provides connectivity between the Enterprise Edge module and the remote enterprise data center, enterprise branch, and enterprise teleworker modules. Includes internet service providers (ISPs), WAN services, and public switched telephone network (PTSN) services. This module allows connectivity over long distances, converges voice/data/ video services over a single IP communications network, supports QoS and service level agreements, and supports security using VPNs (IPsec / MPLS) over layers 2 and 3 WANS.

Redundancy options:

• Single-homed- A single connection to a single ISP
  
• Dual-homed- Multiple connections to a single ISP
• Multihomed- A single connection to multiple ISPs
• Dual-Multihomed- Multiple connections to multiple ISPs

©2014 Cisco Press, Connecting Networks Companion Guide

©2014 Cisco Press, Connecting Networks Companion Guide

Remote Functional area

 

To try to confuse people, instead of having this area like the others where it would be called the remote module with sub modules, this is a "Functional area" that has modules in it. The remote functional area is about remote locations connecting through the SP edge module to the Enterprise Campus Module. The Enterprise Branch Module, Enterprise Teleworker Module, and the Enterprise Data Center Module are in this functional area.

Enterprise Branch Module

Allows employees at remote branches to connect securely to the Enterprise Campus. The locations are typically in charge of providing security, telephony, and mobility options to workers. Requires the SP edge module to connect to the Enterprise Campus module.

Enterprise Teleworker

Responsible for providing connectivity to workers who operate in different locations including, home offices, hotels, or client sites. Recommended to connect using local ISP or DSL. Use VPN service for security. Worker gains access to Enterprise Campus resources securely and cheaply.

Enterprise Data Center

 

Same as the campus data center but at a remote location which provides an added layer of security should disaster recovery be necessary.

This chapter will be continued in Part 3.

Chapter 1: Hierarchical Network Designs Part 1

This chapter talks about how to design and organize an enterprise network. The book likes to add a lot of "fluff" words to it's definitions so I will be streamlining it here. The book is also inconstant with its use of capitalization so it's hard to tell when they are using proprietary proper nouns.

The Basics

Good network design states that a network needs to be resilient, flexible, modular, and hierarchical.

• Resilient means that the network should be designed to stay functioning or to quickly recover in the event of a failure. 

• A flexible network should be easy to upgrade, change, or add services to without having to change much hardware.

• Modular is separating the network functions into logical and physical groups for better management and layout. This chapter is primarily about Cisco's predefined modules; enterprise campus, services block, data center, and internet edge. 
  
• Hierarchical is a network model that divides the network into two or three layers; access layer, distribution layer, and core layer. This results in a nice easy to manage design. The two or three layer designs are the standard and are used everywhere. The three idea's are used at a smaller level, whereas; the Enterprise network modules are a layout on a bigger scale (Building network layout , WAN, branch offices, teleworkers).

Three Tier Design

Consists of three layers; access layer, distribution layer, and Core layer.

©2014 Cisco Press, Connecting Networks Companion Guide

• Access layer is where users and end devices connect to the network. Generally consists of layer two switches. Services provided at the access layer are; layer two switching, high availability, port security, QoS classification and marketing and trust boundaries, Address resolution protocol (ARP) inspection, Virtual access control lists (VACLs), spanning tree, Power over Ethernet (PoE) and auxiliary VLANS for VoIP.

• Distribution layer connects the access layer to the core layer and provides policy based connectivity. It serves as a boundary between the layer two domain and the layer three router network. It aggregates the data from the layer two domain then sends the data to the core for routing. Consists of routers and layer three switches. Services provided at the distribution layer: aggregation of LAN and WAN links, Policy-based security with access control lists (ACLs) and filtering, routing between LANs/VLANs/routing domains, redundancy and load balancing, boundary for route aggregation and summarization configured on interfaces to the core layer, broadcast domain control (because routers or layer 3 switches do not forward broadcasts it acts as a demarcation point between broadcast domains).

• Core layer is the backbone of the network. Consists of high-speed network devices. Connects between Cisco's predefined Enterprise network modules. Connects the distribution layer to the WAN or Internet edge. The Core layer should be highly available, redundant, capable of forwarding large amounts of data quickly, and redundant.  

Two Tier Design

The distribution layer is combined with the core layer. This results in the two layers being the access layer and a hybrid distribution-core layer. This is often called collapsed core. This is used when the network is either small and doesn't require more expensive hardware or in a virtual database.

©2014 Cisco Press, Connecting Networks Companion Guide

*VMware study* In the instance of the virtual database the virtualization software creates a virtual router/switch/firewall and can process as fast as memory will allow instead of being limited to Mbps.  In both cases this cuts the cost of hardware and Cisco is none to happy with this. Cisco is currently working with Oracle for virtualization. *VMware study*

Modular network design

Modular network design separates the network into modules that target a specific function or place in the network. They may have different physical or logical connectivity.

The benefits of the modular network design:

• Failures in a single module are isolated from the rest of the network. This makes the network easier to troubleshoot and keeps the rest of the systems online resulting in higher availability.

• Network changes can be made in a controlled staged fashion. This results in greater flexibility.

• When a module is lacking in capacity or outdated it can be easily replaced by another module.

• Security can be implemented on a modular level resulting in better security.

Modules

• Access-distribution, aka distribution block, consists of the access layer and distribution layer. This includes the end users connecting to the backbone.

• Services module used to identify services such as centralized Lightweight Access Point Protocol wireless controllers, unified communications services, policy gateways, and others.

• Data center, or server farm, manages and maintains the data systems.

• Enterprise edge module consists of the internet edge and WAN edge (often the same thing these days). These blocks connect the enterprise campus to an external location.

The example shows the modules connecting directly to the backbone or core.
©2014 Cisco Press, Connecting Networks Companion Guide

This chapter will be continued in Part 2.

Cisco Study

These are my notes and labs from my Cisco class. I will be getting my notes from the suggested "Connecting Networks Companion Guide" book.  As I study more, the links will be added.

Cisco Connecting Networks

Chapter 1: Hierarchical Network designs

• Notes Part 1:

• The basic design properties a network should have: resiliency, flexibility, modularity, and hierarchical

• Two Tier Design / Three Tier Design

• Modular Network Design

• Notes Part 2 :

• Cisco Enterprise Architecture Modules

• Notes Part 3:

• Evolving Network Architectures

Chapter 2: Connecting to the WAN

• Notes Part 1:

• What is a WAN?
• Organization and Network co-evolution. 

• Notes Part 2:

• WAN standards and OSI Model
• Common WAN terminology and devices

• Notes Part 3: 
• Circuit Switched vs Packet Switched  
• Private vs Public WAN Infrastructures
• Service Provider Infrastructure (SONET/SDH)

• Notes Part 4: 
• Dedicated Leased Lines
• Dial-up
• ISDN
• Frame Relay
• ATM
• Ethernet WAN
• MPLS
• VSAT

• Notes Part 5: 
• DSL
• Cable
• Wireless (Municipal WIFI/WiMAX/Satellite)
• 3G/4G/LTE Cellular
• VPN 
• Selecting a WAN Service

Chapter 3: Point-to-Point Connections

• Notes Part 1: 
•  Serial connections vs Parallel connections
• Serial Standards
• TDM
• STDM
• Notes Part 2:
•  Demaraction Point
• DTE-DCE
• Serial Cables
• Smart Serial Cables
• Serial Bandwidth
• WAN encapsulation protocols
• Notes Part 3: 
• HDLC
• Notes Part 4: 
• PPP
• LCP/NCP
• PAP/Chap
• Stacker/Predictor
• PPP Lab
• Troubleshooting PPP Lab

Chapter 4: Frame Relay

• Frame Relay with subinterfaces Lab
• Troubleshooting Frame Relay

Chapter 5: Network Address Translation for IPv4

• NAT Lab
• PAT Lab
• Troubleshooting NAT

Chapter 6: Broadband Solutions

• PPPoE lab

Chapter 7: Securing Site-to-Site Connectivity

• Point-to-Point GRE Tunnel lab

Chapter 8: Monitoring the Network

• Syslog and NTP Lab
• SNMP lab
• Collecting and Analyzing NetFlow Data Lab

Chapter 9: Troubleshooting the Network

Assignment 5

"The use of social media tools, such as Facebook and Twitter are rapidly being utilized by companies. Research two organizations that are using Facebook and Twitter. Why are they using these services?  How are they using them? Who is their audience? How do they manage relationships? Are there any strategies in place for their use? Develop a report of how two companies use social media.  Use examples and/or references to support your position. Post your report your blog for others to read and comment. Read other student blog posts and make comments to continue the discussion."

	Walmart	Gamestop	Both
Why are they using these services?	-	-	To advertise while receiving feedback from their customers.
How are they using them?	To try to prove they are good. (improve image)	To  inform people of release dates and sales
Who is their audience?	Any shopper	Gamers/ parents to buy games for kids.	People with $
How do they manage relationships?			Customer service team/feedback from customers
Are there any strategies for their use?	Using old black and white photos to make them seem like an old all-American company.	Telling customers when the games they want are going t be out and when sales are.	Communicate sales events.

companies use social media tools to advertise sales and interact with their customers. Walmart seems to be trying to improve it's tarnished image by trying to look old-fashioned. As a person who has worked in manufacturing, I'm not fooled. I have heard the stories of how walmart truly gets its low prices direct from supervisors who worked with them. They call up and tell the product manufacturers how much they are going to pay. The manufacturers have to make the product cheaper to make any profit on making the product. This all leads to a cheap product and recalls. 

Summery: It's all advertising. All the advertising in the world doesn't change the facts.

Configuring a Router as a PPPoE Client for DSL Connectivity

Cabling the topology:

1 straight-through cable connecting switch to switch

2 crossover cables between the switches and routers

The basic settings:

Disable DNS lookup "no ip domain-lookup"

Set hostnames "hostname (name)"

encrypt passwords "service password-encryption"

Create a MOTD banner saying "unauthorized access is prohibited"  "banner motd # Unauthorized Access is Prohibited!#"

create passwords for EXEC mode, console, and vty. Then enable login.

set logging synchronous "line con 0" "logging synchronous"

save config "copy running-config startup-config"

I have my routers preconfigured and saved with these settings (minus the passwords) so I typically skip this part. I do set the hostnames to avoid confusion. 

Configuring the ISP router

In global config mode enter the command " username Cust1 password ciscopppoe". This creates a database entry for Cust1 with a password of ciscopppoe. This will allow the Cust1 router to connect with the ISP router using that password later. 

The ISP needs a pool of addresses to hand out to it's DSL customers. Using the command "ip local pool PPPoEPOOL 10.0.0.1 10.0.0.10" creates a range of addresses from 10.0.0.1 to 10.0.0.2 to hand out over PPPoE.

Next we are going to make a Virtual template and connect the F0/1 interface with it. This is done with these commands:

interface virtual-template 1	Creates the Virtual template
ip address 10.0.0.254 255.255.255.0	Assigns it the ip 10.0.0.254/24
mtu 1492	Sets the mtu size to 1492B
peer default ip address pool PPPoEPOOL	Assigns the previously created pool of ip addresses "PPPoEPOOL" to this template
ppp authentication chap callin	Sets the requirement to authenticate using chap to establish a connection.

Now to associate the template to the PPPoE group

bba-group pppoe global	Creates a bba (broadband aggregation) group for PPPoE
virtual-template 1	Assigns virtual-template 1 to the bba group.

Finally link the PPPoE group to the actual f0/1 interface

int f0/1	Moves to int f0/1
pppoe enable group global	Connects the PPPoE group to the interface
no shut	Activates the interface

Configuring the Cust1 router

First configure the f0/1 interface to use PPPoE

int f0/1	Moves to int f0/1
pppoe enable	Enables PPPoE on the interface
pppoe-client dial-pool-number 1	Tells the router is the client and assigns it the dial pool number of 1. The dial pool number corresponds with the dialer interface that will be created next. The dialer and the number assigned here must match to work.

Creating the interface dialer.

int dialer 1	Moves to and creates the dialer interface
mtu 1492	Sets the mtu size to 1492B
ip address negotiated	Tells the interface that the address will be negotiated
encapsulation ppp	Sets the encapsulation to ppp
dialer pool 1	Connects the dialer pool and int f0/1 to the dialer
ppp authentication chap callin	Sets the authentication encryption to chap
ppp chap hostname Cust1	Sets the chap hostname to be used as "Cust1"
ppp chap password ciscopppoe	Sets the chap password to "ciscopppoe"

Set the static default route pointing to dialer 1 and enable some debugging.

ip route 0.0.0.0 0.0.0.0 dialer 1	Sets the static default route to dialer 1
exit	Moves back to privileged mode
debug ppp authentication	Shows PPP events
debug pppoe events	Shows PPPoE events

Lastly enable interface f0/1 with the "no shut" command

To confirm PPPoE is working use "show pppoe session" and "ping 10.0.0.254". there should be an entry in the session table and ping should be successful.

Reflection

Why do ISPs who use DSL, primarily use PPPoE with their customers?

PPPoE allows easy separation of DSL subscribers connections. The means one subscriber cannot see the traffic of another subscriber. PPPoE also allows the ISP to easily track usage by a subscriber. ISP can use deep packet inspection to analyze traffic and limit users connections.