Tony’s Discount Switch Emporium

Random Acts of (dis)Connectivity

Summer time is busy time.  July and August, when all the staff and students are out enjoying their vacation, the IT department for a public school division is hard at work.  It’s one of the rare opportunities I’m allowed to unplug, replace, upgrade, reboot, and/or generally break our infrastructure, because nobody is using it.  So with a full plate of projects to complete before the end of August – when random things break “on their own” it sometimes causes some confusion.

Last week I had two wireless access points stop communicating to the controller at one of my sites.  Now, had there been people in the building I could have initially chalked this up to someone playing around in the wiring closet (we have switches in the weirdest, least secure places) or some kids throwing basketballs at them (yes, we have AP’s in the gyms), but I knew for a fact that this building was empty.  Our Facilities guys generally let us know if there is going to be some work done that is going to involve power going down, and this definitely wasn’t the case because the switch these 2 AP’s were on was up and running.

Strange Behaviour

I checked the switch and the ports that the AP’s were on showed up/up.  I could even ping their IP addresses.  What was strange was I could not ping the controller from that switch, nor could I ping the site gateway.  While the switch appeared up and functional for all intents and purposes, it appeared as though it was simply refusing to forward any traffic.  Then I checked the logs:

Aug  9 13:11:48: %ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco’s authorization.  This product may contain software that was copied in violation of Cisco’s license terms.  If your use of this product is the cause of a support issue, Cisco may deny operation of the product, support under your warranty or under a Cisco technical support program such as Smartnet.  Please contact Cisco’s Technical Assistance Center for more information.

Dammit!  I knew that guy selling Cisco gear off the back of his unmarked white truck in the back alley was too good to be true!  His prices were so reasonable, even compared to our educational discount.  You know it’s so hard to work within an ever-decreasing hardware budget these days.

Alright in reality this batch of switches was bought from a legitimate Cisco Partner, one of Canada’s largest, and I hadn’t touched them since rolling them out a couple of summers ago.  They had the out of the box IOS 12.2(22)SE that they had shipped with, and I had about 30 of them around.  These were a batch of 2960S switches that were replacing some aging 2950 units that had calcified and grown long grey beards.

I started checking several others and quickly realized this was an isolated issue, limited to this one switch.

Licensing, Contracts, Smartnet, Oh My!

As part of our ongoing efforts to reduce expenses and save what little budget we have, we don’t get Smartnet on our access switches.  Ultimately all of the current 2xxx and 3xxx switches (sometimes referred to as the DSBU or Desktop Switching Business Unit switches) come with Cisco’s Enhanced Limited Lifetime Warranty which includes free IOS software updates.  The lifetime warranty is arguably Cisco’s response to pressure from HP’s long-standing lifetime warranty on their Procurve switches, and free IOS updates are always nice:

Software Update

Q. Can I obtain a “no additional cost” Cisco IOS® Software update for the Cisco Catalyst 2960 Series?
A. Yes. Cisco offers ongoing Cisco IOS Software updates for certain fixed-configuration and stackable Cisco Catalyst switches at no additional cost. For the life of the product, updates within the Cisco IOS Software package purchased (LAN Lite and LAN Base) will be made available.
Note that upgrades are different from updates. For example, an upgrade from the IP Base package to IP Services package provides significant new function; therefore, this upgrade requires the purchase of a software license upgrade. Updates are incremental software features and bug fixes that are released within a licensed Cisco IOS Software package.
This statement supersedes any previous warranty or software statement and is subject to change without notice.
Q. How do I get a “no additional cost” Cisco IOS Software update for the Cisco Catalyst 2960 Series?
A. Visit, click “Downloads,” and select “Switch Software.” Downloading software requires a username and password. If you do not have a username, you can obtain one by clicking “Register” at the top of any Webpage.

Since we also keep a couple of spare switches around we don’t need overnight or next-business-day hardware replacement, Smartnet is an expense we can live without.  This sometimes causes issues when trying to RMA a product…

Someone Tell TAC

I found a few posts in the Cisco Support Community from folks who had run into this same issue.  It seemed a general consensus that there was no real solution.  It appears a small batch of 2xxx and 3xxx series switches were having this issue as far back as March of 2010.  There had been a Bug ID for the issue but the workaround had been to update the IOS to 12.2(44)SE or later, with no other workaround.  Since I was already past that update, I decided it would be easier to just call TAC.

Apparently nobody tells TAC about lifetime warranties or free software.  It always seems to turn into an argument with the front line support agents because as soon as they see there is no support contract, they won’t open a case.  It’s pretty binary in their world…no contract equals no support.

So how do you get support for a lifetime warranty product?  Just tell them you want to RMA the device.  Cisco is more than happy to simply drop ship a new switch than to waste time troubleshooting and that’s fine by me. I’m not a CCIE so I don’t get bumped up to a level 2 engineer right away, and I’d rather not waste time on the phone or via email with a level 1 engineer.  It’s in the best interest of everyone involved to just send me a replacement.

Good Experience

I’d have to say all of my experiences with Cisco’s RMA process have been excellent.  Even without 8×5 or NBD service, they are quick and painless to deal with.  A box arrives with a pre-paid UPS waybill and I happily ship the dead product back to them in the same box the replacement came in.  They even have a Canadian location I can ship to so I don’t have to fill out reams of Customs paperwork (I’m looking at you, Ruckus Wireless) or pay brokerage fees.

Thanks for reading.  As always feedback or comments are welcome.  I have to run, Tony is here with some deeply discounted UCS servers and Rolex watches I need to take a look at.

Wearing Many Hats

Jack Of All Trades

If you’ve read my bio you’ll know I am part of a 4 person IT department for a small rural public school division in northern Alberta.  Technically there are 5 of us, but does Management count?  No, I didn’t think so.

This brings some interesting challenges, one of which is perfecting the lost art of the IT Generalist.  The person who can do a little bit of everything.  The guy or gal who, even if they’ve never seen that particular problem before, has a fundamental base skill set that will let them logically and efficiently troubleshoot and bring the issue to resolution.

I like to think that’s me.  Although my primary passion has always been networking, I don’t always get to pick and choose my assignments.  I have a primary responsibility to ensure that all of the technology in our schools are working, first and foremost.  That means general help desk type work fixing the mundane….printers, wireless mice with dead batteries, staff and student logins, turning it off and on again, etc.  On top of that each of us within the department has a niche area that we specialize in.

The Network Guy

Let me introduce the team.  We have “Server Guy” who handles a wide gamete of tasks such as managing our Exchange environment, our VMware cluster, our SAN…  We have “Linux Guy” who really has several things he takes care of but they all run on Linux so I don’t know what those are.  He’s also kind of “Security Guy” because he handles things like our content filter and likes to port scan everything to try to find “attack vectors”, when he isn’t lamenting our lack of password complexity rules, or stringing together video cards to brute-force passwords using rainbow tables.  Right now we also have “New Guy” who we haven’t quite assigned any niche responsibilities to as we haven’t fully evaluated his skill set yet.  For now he’s a good minion and we make him climb ladders and run cable.

Of course there is also “Network Guy”.  That’s me.  In this environment that means LAN, WAN, voice and wireless, all of it.  I (try) to do it all. I work closely with “Server Guy” when we’re adding a new VMware host to our cluster ensuring we have switchports and VLANs ready for his needs, connecting the iSCSI SAN where it needs to go, etc. I work with “Linux Guy” when there are firewall changes that need to be made.  It’s often said that you can be great at one thing or good  mediocre at several things.  It begs the question “Can you know everything?”.  I certainly don’t, nor do I expect I ever will.  It absolutely makes it difficult to focus on a particular area of expertise though.

Don’t Make Me Pick

I love it all.  Well, for the most part.  Sometimes there are those really nit-picky problems with a certain networking technology that drives you nuts and if it wasn’t for that one thing you’d spend 100% of your time working on that discipline, right?  As technophiles/nerds/geeks we all have a certain amount of attention deficit, it’s a trait that is almost required to be able to keep up with the ever-changing landscape of the technology world.  This is a blessing and a curse.  After I’ve spent a week working on a nasty voice issue with Callmanager or Unity you can bet I’m feeling like a voice god and oh yeah I’m going to start on my CCIE-Voice right away!  Next week after spending several dozen hours with a spectrum analyzer and site survey tools trying to figure out why this one classroom has a large wi-fi black hole, I might be ready to challenge the CWNE, because clearly, 802.11 is what I was meant to do.  When you are forced to handle a variety of subjects like this it can be a daunting task to narrow the field when it comes to sitting down at your study desk or home lab and really deciding what you want to do.

Don’t get me wrong, I love the exposure and variety that comes with this territory.  Ultimately I have to be disciplined enough to focus on specializing in one area, without losing tough with the rest.  From my perspective, at least from my networking perspective, Routing and Switching is the base from which all the other technologies flow.  Being great at that fundamental level, I believe allows you to thrive in any subset of networking.  For me, that’s why I have renewed focus in working towards my CCIE R&S.

4 x CCIE

You’ve seen them, the folks sporting two or three, or even four CCIE certifications.  Will that ever be me?  No.  At least I don’t think so, not while I’m still married.  I have one goal and that is to get my CCIE R&S before I turn 40. I’m not going to tell you how long that is but I’ve got a long way to go since all I have right now is the CCNA and CCNA-Voice. I am about ready to write the 642-813 SWITCH exam towards the CCNP and will then move onto ROUTE and TSHOOT.


For several reasons that I won’t get into with this post, I’m very motivated right now.  I have a plan, and I am slowly working towards it.  This blog is one piece in that puzzle and I hope to use it as a tool and resource to study and push towards my goal.  It’s a great community of people in this industry and I plan to leverage all of the resources at my disposal towards the task at hand.  Feedback, comments, advice are always welcome, and thanks for reading!


That’s it, I’ve done it.  I’ve added another time sink to a rather busy schedule.  *sigh*

I have two very simple objectives for this endeavor:

First – As a repository for the day-to-day tedium that I face as a jack-of-all-trades networker.  Let’s face it, I’m not getting any younger and sometimes I forget things.  It’ll be nice to have somewhere I can come and rediscover issues that might resurface on occasion. It should be entertaining when I Google something and my own blog post comes up and I don’t recognize it.

Second – I want my CCIE, dammit.  I’ve long been of the opinion that it was out of reach.  I didn’t feel I had the time or the energy to put into it (or the finances) and I’ve been content slowly studying here and there towards whatever certification seemed to be the most interesting at the time. Because I’m not really able to focus on one discipline (more on that in another post) I have a bit of ADD when it comes to networking and technology.  I’ll spend a week on a particular problem and decide that is where I want to focus my professional development.  For various reasons (also to be highlighted in another post, I have to stretch the limited content!) I’ve decided to stick with the fundamentals for now, and focus all effort on the CCIE R&S track.  This blog will serve as a study tool as I progress and take notes and blog about whatever it is I may have learned that day.  I’ve seen it done and heard it recommended as a great way to ensure learning retention, so I’ll try it out.

Most of what I post here will be for me, but perhaps I’ll work may way into the blogosphere a little at a time and gain some exposure for my random ramblings and incoherent jabber.

The good news is nobody can make fun of how I say ‘roof’ or ‘about’ in a blog, eh.

Why doesn’t anyone bug Greg Ferro over at for saying ‘rooter’?