I’ve been so busy lately that I hardly have time left to make a decent blog post. It might be best to stand still for a moment, take a deep breath, and recapitulate what has happened in the past months. By the end of 2011, I got CCNP certified, and around the same time, I got my first job in the networking field as a Network and Security Engineer in a data center. However, the fact that I’ve done little blog posts and haven’t studied much doesn’t mean that I haven’t learned. I’m now starting to have some basic experience with real world network situations, both by successful troubleshooting and, unfortunately, trial and error.

One of the questions that I asked myself recently is ‘Did my CCNP actually help in all this? Can I really use that knowledge in the field?’. Short answer: yes. Long answer: it depends. Since a data center generally puts emphasis on large layer 2 domains, and one of my projects involved a campus network for end users, I’ve mostly used my knowledge from the CCNP SWITCH course so far (I even have the book on my desk and consult it regularly). Port-channels, STP, and security features like 802.1x and DHCP Snooping have proven their worth already. My BPDU Guard implementation even stopped a loop when a few days after my configuration, an end-user connected both ports of a IP Phone to the wall plugs (and thus to the switch). Layer 3 (CCNP ROUTE) has been of less use to me, but that’s mainly because of the job I do. I can imagine working in a layer 3 infrastructure such as an ISP would certainly benefit from it.

What did provide me with an unexpected great help was my knowledge of VPN, which I got entirely from the CCNA Security course. Although it does not cover all possible VPN scenarios, it certainly helped understanding the fundamentals, the encryption mechanisms, and the tunnel creation. I’m sure it saved me days of looking through guides and documentation in an effort to understand it.
Lastly, I do have to add that while CCNP gave me an excellent start, it does not cover anything. A lot of devices I didn’t know yet when I started (see my post on networking-forum.com). Luckily, all these devices rely on the same basics and comply to the OSI model (most of the time).

Second question: ‘Did my lab prepare me for the real world?’ Well, this one is a bit of both. In most regards, it didn’t prepare me at all. There’s a vast difference between troubleshooting something in a lab environment, compared to a live environment. There’s a much higher risk that a command will impact traffic on the device you’re troubleshooting. Downtime is not an option. The situations also differ, as do the symptoms because a network under stress reacts different. It’s easy to do a packet capture in the lab, but finding that one meaningful packet in a sea of data on a live network is a whole different thing.
On the other hand, repeatedly typing all those commands, seeing the changes and output, and doing it over and over again, made me fast with the IOS. I don’t have to look for commands and I know which ‘show’ command gives me the required information. Originally I used the lab this way to do the CCNP exams fast and with confidence, but I can now use this in the real world too. In the middle of troubleshooting, it’s a skill that saves time.

And the third question that came to mind lately was: ‘Did I learn from my mistakes?’. I hope I did. I’m going to be fair and list my failures here, but also what I’ve learned from it:

  • Crashing a core switch on a campus LAN during ping and bandwidth tests.
    What I’ve learned: this one was a bug and in hindsight I couldn’t have known. Still, it did raise my awareness of the impact of bugs, and I try to make sure that everything I do, however small, will impact as few users as possible if something does go wrong.
  • Creating a loop on a campus LAN.
    What I’ve learned: double-check everything. While not directly due to my misconfiguration, I did miss a BPDU Filter command left on the switch a long time ago. If you’re going to make changes, check the ports. If you add/delete/move just one port in a port-channel, recheck all ports of the port-channel.
  • A switch not booting properly after an IOS upgrade.
    What I’ve learned: that I was right taking backups of the existing IOS and running-config right before the upgrade. So no failure here, but still good advice to anyone out there.

So this is how the ride has been so far. Did I have fun? Yes, it was very stressful at times, but I’m liking my job and I’m still learning a lot. Stay tuned, because I’m taking an IPv6 course at Cisco Systems in Brussels (yes, virtually next to the CCIE lab) and my next blog post will be IPv6 related!

Advertisements