VMware VCA – Hit or Miss?

VCA-DCV Logo

9/16/13 Update – VMware is now offering these exams for *free* using the discount code VCA501 until September 30th.

On August 26th, VMware announced their new Associate level certifications. These consist of:

  • VMware Certified Associate – Data Center Virtualization
  • VMware Certified Associate – Cloud
  • VMware Certified Associate – Workforce Mobility
  • VMware Certified Associate – Network Virtualization*

To date, VMware’s primary certification has been the VMware Certified Professional – or VCP. A longstanding contention with the VCP has been the requirement to attend an approved and official VMware training course.

There are several options available to meet the course requirement:

The least expensive of these courses is $3845 USD. As Tom Hollingsworth (@Networkingnerd) has pointed out, this is almost the same cost as two CCIE lab attempts. For those working for a VMware partner or an organization with a robust training budget, this might not be a burden. For those (like myself) who bear the majority of the cost associated with certification and training, this is a requirement that makes pursuing the VCP near impossible.

These new VCA certifications on the other hand do not have any required class. In fact, the recommended training is available completely free through the VMware training portal in the form of e-learning videos that run about 3 hours in length. Combined with some hands-on experience with vSphere, these new certifications are readily attainable.

Heck, why not?

My studies are primarily focused on networking, as are the contents of this blog, however I do have some interest and experience with virtualization. It’s practically a requirement if you want to delve deep into networking because of the current trend towards virtualization and Stuff-As-A-Service™ (StaaS). If you want to stay relevant as a network administrator, designer, or engineer, you need to know and understand VMware and virtualization technologies in general.

I’d love to have my VCP certification, but I simply don’t have the funds to attend the requisite class. VMware appears to have been listening to those vocal about the cost of the class and the requirements for the VCP. Perhaps the VCA might be a step in the right direction.

VMware is also offering a 50% discount on the VCA exams as a launch promotion, and $60 is a reasonable price for an exam. I quickly decided to give one of the VCA certifications a test run and added the VCA – Data Center Virtualization to my VMware training enrollments and proceeded to watch the video.

The e-learning video was fairly well done, paced evenly and concise. That being said it was fairly short – only one 3 hour video. It covered features and fundamentals of vSphere, but didn’t go into a lot of detail technically. It seemed to have more of a marketing spin, and generally came across as very basic, touching only the surface of many of the key features of vSphere. I wondered if I might need some additional self-study to take the exam.

The “What’s Next” section of the training video explained all that would be needed after the video was some hands-on experience with VMware – which I already had both at my day job and at home in my lab.

The exam itself is available through Pearson and is a web-based exam. No traveling to the nearest exam center required.

The exam consists of 50 questions and timed at 75 minutes. It is scored on a scale of 200-500 with a passing score of 300. Unlike Cisco exams, you can go back to prior questions.

I completed the exam in about 35 minutes, having gone back to the beginning to review the entire exam from question 1, and was rewarded with a passing score of 420.

Disappointed

I can’t speak for the entirety of the VCA line of certifications, but the Data Center Virtualization track at least seemed to me a high-level, and very basic view of VMware and vSphere in particular. It has very little technical content to be honest, and the simple fact that I was able to pass it with only a 3 hour video, along with a minor amount of hands-on experience with VMware, says a lot about the simplicity of this certification.

I don’t see these certifications gaining much traction, nor do I see them becoming viable options for those who cannot afford the VCP training. They may become a quick and inexpensive way to pad your resume with some certification logos to at least show potential employers that you have a basic understanding of VMware, but I wouldn’t suggest that someone with a VCA would even be proficient at installing ESXi on bare-metal hardware, let alone actually implementing some of the more detailed options that vSphere offers.

Ultimately at first glance, these certs do nothing to resolve the issue of the overpriced training required by VMware, nor do they truly represent a technical certification in the virtualization arena. They aren’t even prerequisites for the VCP, so they truly stand alone as Associate level certifications. Contrast this to most of the certifications with Cisco, Microsoft, HP and Juniper, where Associate level certifications are step one towards higher offerings.

I don’t truly understand what purpose they serve.

VMware Certification – Still Broken

While the new line of VCA certifications will allow candidates to demonstrate some fundamental understanding of virtualization and VMware products, VMware has not addressed the core issue with their primary certification program, the VCP. The cost for the requisite training course remains prohibitive for potential candidates who are not fortunate enough to have an employer who is willing to pay for the training.

VMware needs to address this or continue to lose out on a large potential crop of VMware proponents and evangelists.

Troubleshooting MTU size over IPSEC VPN

I recently deployed a couple of wireless access points to two sites that connect to our main office over IPSEC VPN. After a recent firmware update to the wireless controller both access points got stuck in a provisioning loop and appeared to have difficulty communicating with the controller. Both AP’s repeatedly disconnected due to a “heartbeats lost” error.

Connectivity between the main office and the remote sites appeared fine. Both access points were reachable via ping and ssh. I set up a packet debug on both sites’ firewalls and saw traffic going back and forth between the access points and the controller, and both access points appeared on the controller status window, alternating between “Provisioning” and “Disconnected”.

Needless to say I was slightly baffled.

I opened a ticket with the wireless vendor and (very quickly) received an answer. The MTU for CAPWAP traffic between the access points and the controller is hard set by the controller to 1500*. With these sites connected via IPSEC, that was going to cause some fragmentation due to the overhead that IPSEC was going to add onto the traffic going between sites.

I needed to lower the MTU size on the controller, but to what value? IPSEC doesn’t seem to have a ‘fixed’ header size due to the different encryption options that can be used. So how do I find out exactly how much our particular IPSEC configuration is adding?

ping -f

The -f flag from a Windows command prompt prevents an ICMP packet from being fragmented. This, combined with the -l flag allows you to set the size of the ICMP packet being sent.

So, assuming a standard ethernet MTU of 1500, and accounting for an 8-byte ICMP header, and 20-byte IP header, I should be able to send an ICMP packet sized to 1472 bytes, but 1473 should be too large:

C:\Users\netcanuck>ping 172.16.32.1 -f -l 1472

Pinging 172.16.32.1 with 1472 bytes of data:
Reply from 172.16.32.1: bytes=1472 time=3ms TTL=251
Reply from 172.16.32.1: bytes=1472 time=4ms TTL=251
Reply from 172.16.32.1: bytes=1472 time=4ms TTL=251
Reply from 172.16.32.1: bytes=1472 time=3ms TTL=251

C:\Users\netcanuck>ping 172.16.32.1 -f -l 1473

Pinging 172.16.32.1 with 1473 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

Excellent! So now to test across our IPSEC tunnel:

C:\Users\netcanuck>ping 172.16.68.1 -f -l 1472

Pinging 172.16.68.1 with 1472 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

Now this makes sense. The MTU size does not account for the IPSEC overhead.

After some testing with different packet sizes I hit on the magic number: 1384 bytes. At 1385 the packets were again rejected as being too large. So some quick math:

ICMP payload: 1384 bytes

ICMP header: 8 bytes

IP header: 20 bytes

Subtotal: 1412 bytes

This leaves 88 bytes as the IPSEC header. I should be able to set the MTU size on the controller to 1412 and the access points should resume functioning normally.

I did in fact set the MTU to 1400 – I like nice, round numbers – and sure enough both access points resumed proper communication with the controller.

What I Learned Today

Sometimes the simple tools are easy to overlook. Using a standard Windows command prompt and ping using the -f  flag is a quick and easy way to diagnose MTU and fragmentation issues across a VPN tunnel.

* It appears from the support documentation for this particular wireless vendor that the MTU size should be 1450 by default which should take into account at least some overhead and explains why these access points were working fine until now. The firmware update seems to have changed this to 1500.

The Problem With “Free”.

It’s rare to have a day go by during which I don’t hear or read about some product that a vendor is now ‘giving away’ or moving to a ‘freemium’ model. In some of the more contentious verticals in the IT industry this seems to be a key tactic for winning new customers and providing value-add for existing ones.

I’m not in marketing or sales, so I can only assume here that the premise behind these gratuitous offerings is to have new, potential customers try the product, fall in love with it, and want to then add more of that company’s products to their infrastructure. There is also a tiny voice in my head that suggests perhaps these organizations might also want their ‘free’ product to become so critical to your operation, that should they decide to charge a fee or licensing for said product at some point in the future, that you’d be forced to pay because it has become something you simply couldn’t live without.

Ultimately the short or long-term goal of offering these products doesn’t really matter. What matters is there is a very big problem with these free products:

They’re free.

They don’t generate revenue, at least directly, for the vendor providing them. This means they are, in all aspects, simply a cost center…a money sink. An expense that perhaps proves the old saying that “you have to spend money to make money”. But the real issue here for you or I as a potential user, or implementer of these products, is that it is very difficult to get any support.

Hello, Bonjour

This particular rant blog post is centered around one such product that everybody seems to be racing to give away. If you, like me, work in an environment that is moving to support the BYOD craze and have anything other than one large, flat network, then Apple’s Bonjour is probably driving you nuts and causing you to sprout gray hair, if you have any left.

Because this particular protocol and all of it’s relatives (mDNS, Zeroconf) can’t communicate across layer 3 boundaries (they have a TTL of 1) when someone on your BYOD wifi wants to talk to the Apple TV on your corporate wifi, you need something to broker that connection.  Enter the Bonjour Gateway (BG).

Aerohive was first to announce and make available their BG product in early 2012. It is built into their HiveOS on any Aerohive access point, or as a virtual machine that will run on VMware. It’s free up to 2 instances of the virtual appliance. I don’t know what the cost might be for anyone wishing to use more than 2, but I would imagine this is an opportunity to sell actual Aerohive hardware to a potential customer.

Cisco has included it as part of their Wireless Lan Controller (WLC) software beginning with version 7.4.  This isn’t free, per se, but is obviously a valuable addition for any existing customer.

Ruckus announced in January 2013 their SmartWay™ technology as “beyond bonjour bridging”, and would be available Q2. Again, this is only free in the sense that existing customers would not have to pay for the software upgrade to their existing controllers.

A quick Google search at some other vendor offerings show that pretty much everyone in the wireless space is offering support for Bonjour in some way.

I may be wrong about this but it seems to me that providing a solution for this issue in enterprise networks is/was a priority for each of these vendors. Why then has my experience with getting one of these platforms working been such a disaster?

Aerohive

If you don’t already follow Andrew von Nagy on Twitter (@revolutionwifi), you should. He is a true wifi evangelist and an excellent resource for keeping up-to-date on all things 802.11. His twitter feed was very active with the announcement of the release of Aerohive’s BG.

Working in a K-12 education environment we had already identified this as a need. Staff and students wanted to take advantage of AirPrint and AirPlay and we had to find a solution. I quickly signed up for my free Aerohive BG and HiveManager account.  Installation was easy as it comes in the form of an OVA. It’s pretty much ‘drop it into VMware’ and you are ready to go.

I had some problems with devices being able to see the AirPrint and AirPlay services across subnets. After some tinkering I decided to email Aerohive at the provided “free_bonjour_support@aerohive.com” address with my issue. That email must have ended up in the bit bucket because I received no reply.  I sent out a tweet about a week later asking @Aerohive how long one could expect to wait for support for the BG.  That too was met with silence. Two weeks later I was rather frustrated and sent out another tweet, this one a little more vitriolic:

“Going nowhere fast with Aerohive’s free bonjour gateway. Anyone have alternative suggestions? (That work)”

Now it should be noted that I’m in Canada and this tweet was sent out on November 22nd, 2012 – US Thanksgiving.

Andrew von Nagy responded via twitter and helped me out with some troubleshooting. I have to throw out a big thanks to him for taking the time on a holiday to offer some support.

On that same day, I received a reply to my original email (unsure if Andrew had anything to do with this) and began working with the online support to get the BG working.

A short 10 weeks later, I had resolved the issue (on my own) and closed the support request with Aerohive.  From the original email on November 5th to resolution on January 10th….granted there are a few holidays in there…but that’s a long time to get an issue with an initial configuration resolved.

Ruckus

Just around the same time (January 2013) I managed to get that first BG working, we received word from our current wireless vendor, Ruckus, that they too were working on a BG solution. This was direct from David Callisch, VP of Marketing for Ruckus Wireless. He even offered to let us beta test the new firmware. This is great news! Being able to implement this solution on infrastructure we already own and manage should be quick and easy, right?

It’s mid May, and we still haven’t received the beta firmware.

Also, Ruckus recently pulled their latest 9.6 firmware off their support site, so I have a feeling 9.7 and SmartWay™ are going to miss their targeted Q2 release.

“Ruckus    Wireless    has    decided    to    remove    the    9.6.0.0.264    release    for    ZoneDirector    while    we    investigate    an    issue    that    was    discovered    after    the    release.”

Aerohive Revisited

In April I received an email from Aerohive that outlined some major bug fixes and enhancements to their free BG.  While I had been able to get it working with AirPlay somewhat in my previous attempt we had never been able to get AirPrint to work properly. I hoped that this news would mean we could get both pieces to function properly.

Having deleted the VM for the original installation of Aerohive’s BG, attempted to reinstall it, only to be told that my serial # had already been activated and that I could not reactivate it.  Ok, easy fix, right?  I  fired off an email to “free_bonjour_support@aerohive.com” and explained my situation and asked if I could have a new key or the original key re-enabled.

That email went out April 19th, and I have yet to get any sort of reply.

Free Should Not Mean “free from support”

If these value-added features, or in some cases, fully ‘free’ products are meant to drive potential customers to become paying customers and/or if these products are meant to keep existing customers as loyal, long-term customers with an existing vendor, then I would expect support be as agile and attentive as it would be for any other product or offering from these same vendors.

I shouldn’t be left waiting for an email that never comes, and I certainly shouldn’t have to resort to social media shaming to get action from a vendor. Sadly it seems to be the most effective method of getting things moving, but it should be a last resort not the primary method of seeking resolution.

Perhaps I’m expecting too much from a free product or feature, and I may be misinterpreting the purpose of these add-ons as marketing/sales tools. I might be naive in believing that any truly ‘free’ product is going to become a key part of my infrastructure and solve a major technical hurdle for my users. I can only hope there is actually some sort of benevolent, beneficial reason for vendors to offer these solutions, and hope that they are able to provide some better support in the future.

Otherwise, there are truly free and open products like Avahi that are able to quickly and easily deploy mDNS service discovery options across subnets. If you know a little Linux…

Note: During the writing of this post I had been contacted by our local Aerohive rep who caught wind of a Tweet I sent out yesterday about my BG issue.  He’s managed to get me a new serial # for our BG so I can happily reinstall it and give it another go.  Social media wins again!

Back On Track

passed

There nothing quite like seeing the word “Pass” come up on the screen after you finish answering that last question.  There are a few moments of tension, waiting for the computer to spit out your results;  Did I study hard enough?  Did I truly learn the material for this exam?  Did I just blow a couple hundred bucks on a failed attempt?

Then the score report validates everything you’ve done over the last few months with a nice four-letter-word:

Pass

It’s hard to maintain dignity and consideration for the other exam writers in the room, and knowing everything is on camera and in view of the stern watchful eyes of the exam proctor, you know you have to hold in that real celebration until you’ve gotten outside the building, or at least into the elevator.  A few fist pumps maybe, and probably a fairly Cheshire-Cat-Esque grin on your face.

642-813 – Implementing Cisco IP Switched Networks (SWITCH) – done!

Procrastination

I know I’m not alone out there. There are plenty of us studying towards certifications or other academic achievements who know they should be putting in more time reading or doing labs. In my progress towards the CCNP I could have probably passed all three exams by now had I focused a little more and spent more time learning and less time doing other things. Sometimes life gets in the way, right? It’s not an excuse, I recognize that it’s a choice for me, and it’s also something I’ll have to really think about and decide how I want to approach the next exam. Like many out there I have a job, a wife, a kid, and many other things in life that limit the amount of time that can be dedicated to studying or labbing.  If I truly plan on achieving my long term goal of “CCIE by 40” some sacrifices will have to be made.

I left Cisco Live last year truly motivated to continue my studies. Spending a week surrounded by other networkers who have multiple certifications and great careers will do that to you. Looking back it’s hard to tell exactly how motivated I was since that was June and here it is in April with the first of three CCNP exams finally passed. It has been a good 9 months in other areas that’s for sure, and perhaps I can’t measure the success of the past 9 months by looking only at my certification progress.

As an example, I’ve also taken great strides in my health and fitness.  I’ve lost 50 pounds since July of 2012. Nothing special here really, just diet and exercise. I didn’t cut out carbs, or take any weird mail-order supplement that was the “fad diet du jour”, I simply started counting calories, got a personal trainer to kick my ass 5-6 hours a week and work out on my own 1-2 hours a week on top of that.  I feel awesome.  Clothes shopping isn’t a total hassle, and I’m finally going to be able to wear that Speedo this summer.

It’s all about the big picture, right?

What’s Next

642-902 – Implementing Cisco IP Routing (ROUTE) – is next on the agenda. I’m truly hoping to take the momentum from this pass and carry it forward into an awesome study plan for this one.  I don’t do a lot of layer 3 work in my day job so there is going to be some real fundamental learning happening here, and I’m looking forward to it.

CCNP R&S Progress-O-Meter:

SWITCH – 4/6/2013

ROUTE – In progress…(again)

TSHOOT – 1/24/2015

Tony’s Discount Switch Emporium

Random Acts of (dis)Connectivity

Summer time is busy time.  July and August, when all the staff and students are out enjoying their vacation, the IT department for a public school division is hard at work.  It’s one of the rare opportunities I’m allowed to unplug, replace, upgrade, reboot, and/or generally break our infrastructure, because nobody is using it.  So with a full plate of projects to complete before the end of August – when random things break “on their own” it sometimes causes some confusion.

Last week I had two wireless access points stop communicating to the controller at one of my sites.  Now, had there been people in the building I could have initially chalked this up to someone playing around in the wiring closet (we have switches in the weirdest, least secure places) or some kids throwing basketballs at them (yes, we have AP’s in the gyms), but I knew for a fact that this building was empty.  Our Facilities guys generally let us know if there is going to be some work done that is going to involve power going down, and this definitely wasn’t the case because the switch these 2 AP’s were on was up and running.

Strange Behaviour

I checked the switch and the ports that the AP’s were on showed up/up.  I could even ping their IP addresses.  What was strange was I could not ping the controller from that switch, nor could I ping the site gateway.  While the switch appeared up and functional for all intents and purposes, it appeared as though it was simply refusing to forward any traffic.  Then I checked the logs:

Aug  9 13:11:48: %ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco’s authorization.  This product may contain software that was copied in violation of Cisco’s license terms.  If your use of this product is the cause of a support issue, Cisco may deny operation of the product, support under your warranty or under a Cisco technical support program such as Smartnet.  Please contact Cisco’s Technical Assistance Center for more information.

Dammit!  I knew that guy selling Cisco gear off the back of his unmarked white truck in the back alley was too good to be true!  His prices were so reasonable, even compared to our educational discount.  You know it’s so hard to work within an ever-decreasing hardware budget these days.

Alright in reality this batch of switches was bought from a legitimate Cisco Partner, one of Canada’s largest, and I hadn’t touched them since rolling them out a couple of summers ago.  They had the out of the box IOS 12.2(22)SE that they had shipped with, and I had about 30 of them around.  These were a batch of 2960S switches that were replacing some aging 2950 units that had calcified and grown long grey beards.

I started checking several others and quickly realized this was an isolated issue, limited to this one switch.

Licensing, Contracts, Smartnet, Oh My!

As part of our ongoing efforts to reduce expenses and save what little budget we have, we don’t get Smartnet on our access switches.  Ultimately all of the current 2xxx and 3xxx switches (sometimes referred to as the DSBU or Desktop Switching Business Unit switches) come with Cisco’s Enhanced Limited Lifetime Warranty which includes free IOS software updates.  The lifetime warranty is arguably Cisco’s response to pressure from HP’s long-standing lifetime warranty on their Procurve switches, and free IOS updates are always nice:

Software Update

Q. Can I obtain a “no additional cost” Cisco IOS® Software update for the Cisco Catalyst 2960 Series?
A. Yes. Cisco offers ongoing Cisco IOS Software updates for certain fixed-configuration and stackable Cisco Catalyst switches at no additional cost. For the life of the product, updates within the Cisco IOS Software package purchased (LAN Lite and LAN Base) will be made available.
Note that upgrades are different from updates. For example, an upgrade from the IP Base package to IP Services package provides significant new function; therefore, this upgrade requires the purchase of a software license upgrade. Updates are incremental software features and bug fixes that are released within a licensed Cisco IOS Software package.
This statement supersedes any previous warranty or software statement and is subject to change without notice.
Q. How do I get a “no additional cost” Cisco IOS Software update for the Cisco Catalyst 2960 Series?
A. Visit http://www.cisco.com, click “Downloads,” and select “Switch Software.” Downloading software requires a Cisco.com username and password. If you do not have a Cisco.com username, you can obtain one by clicking “Register” at the top of any Cisco.com Webpage.

Since we also keep a couple of spare switches around we don’t need overnight or next-business-day hardware replacement, Smartnet is an expense we can live without.  This sometimes causes issues when trying to RMA a product…

Someone Tell TAC

I found a few posts in the Cisco Support Community from folks who had run into this same issue.  It seemed a general consensus that there was no real solution.  It appears a small batch of 2xxx and 3xxx series switches were having this issue as far back as March of 2010.  There had been a Bug ID for the issue but the workaround had been to update the IOS to 12.2(44)SE or later, with no other workaround.  Since I was already past that update, I decided it would be easier to just call TAC.

Apparently nobody tells TAC about lifetime warranties or free software.  It always seems to turn into an argument with the front line support agents because as soon as they see there is no support contract, they won’t open a case.  It’s pretty binary in their world…no contract equals no support.

So how do you get support for a lifetime warranty product?  Just tell them you want to RMA the device.  Cisco is more than happy to simply drop ship a new switch than to waste time troubleshooting and that’s fine by me. I’m not a CCIE so I don’t get bumped up to a level 2 engineer right away, and I’d rather not waste time on the phone or via email with a level 1 engineer.  It’s in the best interest of everyone involved to just send me a replacement.

Good Experience

I’d have to say all of my experiences with Cisco’s RMA process have been excellent.  Even without 8×5 or NBD service, they are quick and painless to deal with.  A box arrives with a pre-paid UPS waybill and I happily ship the dead product back to them in the same box the replacement came in.  They even have a Canadian location I can ship to so I don’t have to fill out reams of Customs paperwork (I’m looking at you, Ruckus Wireless) or pay brokerage fees.

Thanks for reading.  As always feedback or comments are welcome.  I have to run, Tony is here with some deeply discounted UCS servers and Rolex watches I need to take a look at.

Wearing Many Hats

Jack Of All Trades

If you’ve read my bio you’ll know I am part of a 4 person IT department for a small rural public school division in northern Alberta.  Technically there are 5 of us, but does Management count?  No, I didn’t think so.

This brings some interesting challenges, one of which is perfecting the lost art of the IT Generalist.  The person who can do a little bit of everything.  The guy or gal who, even if they’ve never seen that particular problem before, has a fundamental base skill set that will let them logically and efficiently troubleshoot and bring the issue to resolution.

I like to think that’s me.  Although my primary passion has always been networking, I don’t always get to pick and choose my assignments.  I have a primary responsibility to ensure that all of the technology in our schools are working, first and foremost.  That means general help desk type work fixing the mundane….printers, wireless mice with dead batteries, staff and student logins, turning it off and on again, etc.  On top of that each of us within the department has a niche area that we specialize in.

The Network Guy

Let me introduce the team.  We have “Server Guy” who handles a wide gamete of tasks such as managing our Exchange environment, our VMware cluster, our SAN…  We have “Linux Guy” who really has several things he takes care of but they all run on Linux so I don’t know what those are.  He’s also kind of “Security Guy” because he handles things like our content filter and likes to port scan everything to try to find “attack vectors”, when he isn’t lamenting our lack of password complexity rules, or stringing together video cards to brute-force passwords using rainbow tables.  Right now we also have “New Guy” who we haven’t quite assigned any niche responsibilities to as we haven’t fully evaluated his skill set yet.  For now he’s a good minion and we make him climb ladders and run cable.

Of course there is also “Network Guy”.  That’s me.  In this environment that means LAN, WAN, voice and wireless, all of it.  I (try) to do it all. I work closely with “Server Guy” when we’re adding a new VMware host to our cluster ensuring we have switchports and VLANs ready for his needs, connecting the iSCSI SAN where it needs to go, etc. I work with “Linux Guy” when there are firewall changes that need to be made.  It’s often said that you can be great at one thing or good  mediocre at several things.  It begs the question “Can you know everything?”.  I certainly don’t, nor do I expect I ever will.  It absolutely makes it difficult to focus on a particular area of expertise though.

Don’t Make Me Pick

I love it all.  Well, for the most part.  Sometimes there are those really nit-picky problems with a certain networking technology that drives you nuts and if it wasn’t for that one thing you’d spend 100% of your time working on that discipline, right?  As technophiles/nerds/geeks we all have a certain amount of attention deficit, it’s a trait that is almost required to be able to keep up with the ever-changing landscape of the technology world.  This is a blessing and a curse.  After I’ve spent a week working on a nasty voice issue with Callmanager or Unity you can bet I’m feeling like a voice god and oh yeah I’m going to start on my CCIE-Voice right away!  Next week after spending several dozen hours with a spectrum analyzer and site survey tools trying to figure out why this one classroom has a large wi-fi black hole, I might be ready to challenge the CWNE, because clearly, 802.11 is what I was meant to do.  When you are forced to handle a variety of subjects like this it can be a daunting task to narrow the field when it comes to sitting down at your study desk or home lab and really deciding what you want to do.

Don’t get me wrong, I love the exposure and variety that comes with this territory.  Ultimately I have to be disciplined enough to focus on specializing in one area, without losing tough with the rest.  From my perspective, at least from my networking perspective, Routing and Switching is the base from which all the other technologies flow.  Being great at that fundamental level, I believe allows you to thrive in any subset of networking.  For me, that’s why I have renewed focus in working towards my CCIE R&S.

4 x CCIE

You’ve seen them, the folks sporting two or three, or even four CCIE certifications.  Will that ever be me?  No.  At least I don’t think so, not while I’m still married.  I have one goal and that is to get my CCIE R&S before I turn 40. I’m not going to tell you how long that is but I’ve got a long way to go since all I have right now is the CCNA and CCNA-Voice. I am about ready to write the 642-813 SWITCH exam towards the CCNP and will then move onto ROUTE and TSHOOT.

Fueled

For several reasons that I won’t get into with this post, I’m very motivated right now.  I have a plan, and I am slowly working towards it.  This blog is one piece in that puzzle and I hope to use it as a tool and resource to study and push towards my goal.  It’s a great community of people in this industry and I plan to leverage all of the resources at my disposal towards the task at hand.  Feedback, comments, advice are always welcome, and thanks for reading!

Origins

That’s it, I’ve done it.  I’ve added another time sink to a rather busy schedule.  *sigh*

I have two very simple objectives for this endeavor:

First – As a repository for the day-to-day tedium that I face as a jack-of-all-trades networker.  Let’s face it, I’m not getting any younger and sometimes I forget things.  It’ll be nice to have somewhere I can come and rediscover issues that might resurface on occasion. It should be entertaining when I Google something and my own blog post comes up and I don’t recognize it.

Second – I want my CCIE, dammit.  I’ve long been of the opinion that it was out of reach.  I didn’t feel I had the time or the energy to put into it (or the finances) and I’ve been content slowly studying here and there towards whatever certification seemed to be the most interesting at the time. Because I’m not really able to focus on one discipline (more on that in another post) I have a bit of ADD when it comes to networking and technology.  I’ll spend a week on a particular problem and decide that is where I want to focus my professional development.  For various reasons (also to be highlighted in another post, I have to stretch the limited content!) I’ve decided to stick with the fundamentals for now, and focus all effort on the CCIE R&S track.  This blog will serve as a study tool as I progress and take notes and blog about whatever it is I may have learned that day.  I’ve seen it done and heard it recommended as a great way to ensure learning retention, so I’ll try it out.

Most of what I post here will be for me, but perhaps I’ll work may way into the blogosphere a little at a time and gain some exposure for my random ramblings and incoherent jabber.

The good news is nobody can make fun of how I say ‘roof’ or ‘about’ in a blog, eh.

Why doesn’t anyone bug Greg Ferro over at http://packetpushers.net for saying ‘rooter’?