Thursday, December 31, 2015

FreeCCNAWorkbook.com in Packet Tracer - Section 4

 on  with No comments 
In ,  
In this previous post, I began to look into working through the Free CCNA Workbook in Packet Tracer.  I had worked through the first three sections, and found that while there were some unsupported commands here and there, there was not anything missing that I would consider to be a show stopper so far.  So moving along, I have worked through Section 4 tonight and here's what I found. For reference, I am using the latest version of Packet Tracer for Linux available from the NetAcad website at the time of this writing, which is version 6.2.  Your results may vary on the Windows version, but I doubt it.

Share:

Wednesday, December 30, 2015

FreeCCNAWorkbook.com in Packet Tracer Through Section 3

 on  with No comments 
In ,  
I had a discussion with somebody on line a while back on the feasibility of working through the labs at freeccnaworkbook.com using Cisco Packet Tracer. After a little back and forth and a lot of thought on the matter, I decided to give it a try rather than continue to speculate. Since I haven't used the program in years, I logged into my NetAcad account and downloaded the latest version (6.2.0.0052) and installed it on my desktop. And no, I will not provide you with a copy, so don't bother asking.
Share:

Saturday, December 19, 2015

Using the GNS3 IOU VM on Hyper-V

 on  with No comments 
In ,  
I wanted to install GNS3 on one of my VM hosts because I leave those running and it would be convenient to have my topology always running.  Unfortunately for this idea, the VM hosts are already running Hyper-V, and as we all know, Hyper-V and VirtualBox do not play together nicely. So I started thinking about how I could get the IOU VM running in Hyper-V rather than VirtualBox. The problem is that every time I tried to put the VM on anything but a host-only network, IOU devices would not pass traffic to or from any non-IOU device. Normally I just use VirtualBox because it works, and it integrates nicely with GNS3. So after a lot of tinkering, here's how I got it working.
Share:

Tuesday, December 1, 2015

Windows 2000 Guest on Hyper-V 2012

 on  with 1 comment 
In ,  
I've got a few Windows 2000 Server virtual machines that were running on VirtualBox that I wanted to move to Hyper-V on a Server 2012R2 host. Of course there are no drivers included in a stock install of Windows 2000, and the Guest Additions CD that comes with 2012R2 no longer has Windows 2000 drivers. So what to do?

A number of forum posts suggested getting a hold of a Server 2008R2 Guest Additions CD and installing the drivers off of that.  I have a Server 2008R2 box, so it wasn't much trouble to install the Hyper-V role and then grab the .iso out of c:\windows\system32. Unfortunately, the drivers would not properly install and rebooting lead to an immediate blue screen, even when attempting to boot into Safe Mode. This was a test VM that I broke, and I don't care about it enough to troubleshoot. On to plan 2 for the next one.

For the second attempt, I exported the VM and moved it over to the Server 2008R2 box. Once there, I was able to attach the Guest Additions CD and the drivers installed fine. And for the final piece, moving the VM (with 2008R2 guest additions installed) back to the 2012R2 host did not appear to break anything, though there are a ton of unknown devices listed in the device manager now. Mouse, keyboard, video, and network are all good, so I'm not going to bother with the unidentified hardware at this point. So the bottom line is that the legacy 2008R2 guest additions work fine on 2012R2, you just can't install them while the guest is still sitting on 2012R2.

So why Windows 2000? I've got a couple of older apps that don't run well on 2008 or higher. If I'm going with an unsupported OS, I might as well go with the one that I can run comfortably in 128MB of RAM and probably less. There's just never enough RAM to go around when you're virtualizing.
Share:

Wednesday, November 25, 2015

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.

 on  with No comments 
In ,  
I encountered this problem today on a server running SCVMM 2012. I found a lot of things online suggesting a lot of different possible solutions, but none of them worked for me. Most of the possible solutions involved configuration errors with authentication, but this has worked fine for some time, and only today started giving this problem. Besides that, this server hosts the databases for a number of other apps, and none of those stopped working today, so after a quick check over the SQL Server settings I was left scratching my head.
Share:

Saturday, November 14, 2015

Yast2 Modules Not Loading in OpenSUSE Leap

 on  with 2 comments 
In  
I finally upgraded my system from 13.2 to Leap 42.1. There were a few problems along the way, but overall it was a smooth upgrade. I remembered to remove the nVidia drivers, but forgot to disable the nVidia repository so it installed a driver that no longer supports my trusty 8600GT. After figuring that out, networking wasn't working but just needed quickly reconfigured, same for sound. But the one thing that was stumping me was yast2 failing to load any module in GUI mode. No matter which I loaded, I would get the error:


Run command: /sbin/yast2 sound &
terminate called after throwing an instance of 'YUIPluginException'
 what():  Couldn't load plug-in qt
YaST got signal 6 at file /usr/share/YaST2/modules/Wizard.rb:782
 sender PID: 3605
/sbin/yast2: line 440:  3605 Aborted                 $ybindir/y2base $module "$@" "$SELECTED_GUI" $Y2_GEOMETRY $Y2


A quick visit to Google resulted in multiple posts stating that yast2-gtk was needed but isn't getting installed. I use KDE but let's give that a try. zypper in yast2-gtk and nothing changes. So let's try zypper in yast2-qt. This results in libyui-qt6 providing yast2-qt is already installed. I forget why now, but I did a rpm -qa | grep libyui and saw libyui6, libyui-qt-pkg6, etc. So logic would dictate at this point I need libyui-qt7 as well, so I installed that and bingo, it installed a couple of libraries and the sound module now loads. Software management started to load, but then threw up an error that qt-pkg could not be loaded. So zypper in libyui-qt-pkg7 (another package that I had the corresponding version 6 of I overlooked the first time) and I appear to be back in business.

Hope this helps someone. There's a lot of posts stating you need newer version of one package or another, but none that really specify exactly what to install.
Share:

Saturday, November 7, 2015

Wednesday, October 28, 2015

AlwaysOn Availability Groups and User Accounts

 on  with No comments 
In  

I recently built a AlwaysOn Availablity Group for my companies database server on SQL Server 2012. With three databases for mission critical applications running on the database server, we needed a little more protection than a weekly backup that we can restore.  So I took two fresh servers, installed Windows Server 2012 Standard and SQL Server 2012 Enterprise on each and found this link, which is a great place to start when building an AlwaysOn Availability group.  There's a couple points that were either missing or noted so briefly that I missed them, but it pretty much covers everything from end to end.  There's also an ebook called "High Availability Solutions" downloadable from Microsoft with a lot more information and detail.
Share:

Wednesday, October 14, 2015

Exchange Server component Mailbox role: Mailbox service failed.

 on  with No comments 
In ,  
The short version of this story is READ THE LOGS!  Now here's the long version.

I was trying to install Exchange 2013 in my lab environment and kept running into this error consistently. I scoured the Internet and tried everything that was suggested for anything even similar, with no success. At one point I even scrapped the VM and built a new Server 2012R2 VM from scratch, and the same thing happened. The Exchange setup wizard would fail at about 97% into the Mailbox role installation with the following output. It's not all here, because its ultimately wasn't of much use.
Share:

Saturday, October 3, 2015

Saturday, September 26, 2015

Password Reuse

 on  with No comments 
In ,  
I listen to a lot of MLB Network on XM Radio during my drive to and from work each day. So one of the big stories that I've heard a lot about recently is the case of St. Louis Cardinal personnel hacking into a database owned by the Houston Astros, allowing them to see proprietary data about player evaluations, amateur draft strategy, and potential trades with other teams. In other words, the keys to the Astros kingdom. At first it sounded like a front office person moved from Houston to St. Louis and continued to use their login credentials that had not been disabled. So like every time I see someone's Facebook status changed to "HA HA I Hacked Your Facebook!" my initial reaction was WTF? that's not hacking.

However, what really happened is that Jeff Luhnow left St. Louis for Houston, taking a number of staffers with him. Not long after arriving in Houston, the database in question (known internally as Ground Control) was built, which looked suspiciously like one in use in St. Louis (known as Redbird). Enough so that Correa did not believe it was coincidental. So the story goes that Chris Correa, who was the scouting director at the time of his termination (however it's not clear exactly what position he held during the time of these events) became suspicious of this new Astros database and wanted to investigate further. Using a master list of passwords left behind by Luhnow and the others who left, Correa and others were able to gain access to the Astros network.

Correa just recently plead guilty to five counts of unauthorized access to computer information, each charge carrying a maximum penalty of five years imprisonment and a $250,000 fine. Despite the light amount of access he plead guilty to, some reports are saying that Correa and/or other Cardinals front office staff were in the Astros database repeatedly for well over a year and saw pretty much everything.

So what's the point of all of this. Simple, good password security could have prevented this whole thing. The personnel who moved over to the Astros reused passwords, knowing that they were on a list given to the Cardinals when they left. Don't reuse passwords. Don't reuse passwords ESPECIALLY if someone has a list of your previously used passwords, which probably shows you have a history of password reuse. Me personally, I like to let Keepass generate good 15 - 20 character passwords for me (upper case, lower case, numbers, symbols, all random) and then I just need to remember the password to the computer, the password to my dropbox account where the keepass file is, and the password to the keepass file. There's even Keepass apps for Android and iOS.

Note: After rereading this post, I feel like it looks a bit like a paid advertisement for XM radio and/or Keepass. That is not the case, really.
Share:

Tuesday, September 15, 2015

Empty the Kaseya Email Queue

 on  with No comments 
In ,  
One of the problems I've seen with Kaseya is that when it is offline or loses it's network connectivity for a significant amount of time, it will assume that every machine with an agent is offline rather than it being the one that was offline. Depending on your configuration, this could result in dozens, or hundreds of emails being sent out once connectivity has been restored. This used to be easily solved by deleting the contents of a single folder on the Kaseya server, but it's not quite that simple any more. Here's what you can do. It's unsupported by Kaseya, but its worked fine for me a number of times.

First you'll need to open up SQL Server Management Studio on the server that hosts the ksubscribers database. Once this is up and you've logged into your database instance, on the left side of the screen, highlight the ksubscribers database and then press the button for "New Query" along the top. Enter these two lines into the query window that comes up, and then press "Execute."

TRUNCATE TABLE emailstatus;
DELETE FROM email;



It'll run for a few minutes, depending on the size of your database, and then that's it. Ideally you should run this before starting up the Kaseya core services to avoid any emails going out, but the sooner you can run it, the fewer emails there will be. Remember, Kaseya doesn't send them all out in one big bulk operation, it sends them in batches.
Share:

Sunday, September 6, 2015

White Noise

 on  with No comments 
In ,  

Today I started reading Kevin Wallace's "Your route to Cisco Career Success," and this passage really struck me.  In Chapter one, while discussing short-term and long-term career goals, he gives this little hint.  "If your creative juices just don't seem to be flowing, a shower might help.  (Seriously!)  I've heard and read different explanations for this phenomenon (everything from a chemical being released in your brain to the white noise created by the water), but whatever the scientific basis, taking a shower does seem to stimulate creative thinking for many people (including me)."
Share:

Tuesday, August 25, 2015

Saturday, August 15, 2015

Create lots of files quickly

 on  with No comments 
In ,  
Ever needed to create a lot of files in Windows?  I was testing a security control that was supposed to monitor the filesystem for a large number of file changes in a short amount of time, a tell tale sign of some variety of ransomware.  So after quickly consulting Google, the subject matter expert of all things, I hacked together this quick one liner.  In this example, it will create 100 directories, each containing 500 files with the single word "data" in c:\temp. There's no reason why you can't nest a few more for loops to create as many levels of directories as needed.
Share:

Wednesday, August 5, 2015

Securing Your DNS

 on  with No comments 
In , ,  
There's been a lot of talk around the Internet recently about DNS. Much like SMTP traffic, it's becoming something that requires more and more attention. Between various ransomware programs that utilize various types of DNS hijacking techniques, to recent malware programs that embed communication with their Control and Command servers inside of innocent looking DNS packets, security your DNS will go a long way towards keeping your clients safe. I'm not going to discuss internal matters such as using DNSSEC to secure your zones or the relative merits of only allowing secure dynamic updates, those are topics for another (though very necessary) discussion. I'm going to focus here on measures that I'm implementing, or considering implementing, for outgoing DNS queries. This is in addition to, not as opposed to, any content filtering in your firewall that seems to accomplish the same end goal at first glance.
Share:

Friday, July 31, 2015

DAG Replication Woes

 on  with No comments 
In  
I recently noticed that one of the hosts in my Exchange 2010 Database Availability Group was not properly replicating. Under each Mailbox, that host would show as failed. Based on what few errors were actually showing in the event log (The Microsoft Exchange Replication Service encountered a transient error while attempting to start a replication instance for Mailbox Database abcdefg\mail1. The copy will be set to failed. Error: The NetworkManager has not yet been initialized. Check the event logs to determine the cause.). Going to the logs just showed many logged instances of this exact message and not much else.
Share:

Monday, July 13, 2015

Contacting server and signing in...

 on  with No comments 
In , ,  
Apparently Skype for Business (formerly Lync Online) has this neat feature where your password expires but it doesn't want you to know. This morning I logged into my computer, grabbed my first cup of coffee of the day and sat down.  About 30 minutes later I got an email informing me that I was not signed into Lync.  And sure enough, the client is sitting there still saying "Contacting server and signing in..."
Share:

Wednesday, July 8, 2015

Free CCNA Resources 2.0

 on  with 7 comments 
In  
Do you want to become a CCNA with little or no cost out of pocket beyond taking the exam(s)? Between my own attempt at the CCNA and my association with forums and blogs where we eat, sleep and breathe Cisco networking, I have collected a number of free resources that I have collected together here in once place in hopes that it will be of help. I'll try to keep this list up to date as I find new material. Feel free to add a link in the comments or let me know if a link no longer works. Most importantly, PLEASE let me know if I was fooled and listed something here that is less than reputable. Happy Studying!

The exam hasn't changed real drastically from the 640-802 version, some tweaks but nothing drastic. So don't be scared away from anything written specifically to that exam.

Share:

Saturday, July 4, 2015

The Rack is up and Partially Populated

 on  with No comments 
In ,  
So here's how I spent the 4th of July. The rack has been sitting in a corner of the garage in pieces since we moved, and the gear has been in a pile in a corner of the basement. I spent the afternoon putting it up, and I've got half of the gear racked. None of my good switches (1x 3750, 1x2960, 1x3550) are in it yet, but it's getting there.

Some of this equipment was purchased for the CCNA many moons ago, much of it was picked up on the job (both from my company and from clients) when it became destined for recycling after an upgrade. The good switches get some love in the lab, but the rest is mostly sentimental at this point.
Share:

Tuesday, June 30, 2015

Non Functioning Start Menu in Windows 10 Technical Preview

 on  with No comments 
In  
Recently I was looking at a previous build of Windows 10 Technical Preview in a virtual machine, just trying to get a feel for the new OS. After running Windows Update and rebooting, I found that I no longer had a working start menu.  After attempting to troubleshoot, I discovered that pretty much everything on the taskbar wasn't working as expected.  So I rebooted again, and got an explorer.exe error (something along the lines of a hard error).

I played around with it a little bit and eventually discovered that just about every service was set to disabled and not running. I could have brought up services.msc in a different computer and gone through them one by one changing them back to their original start-up type, but thankfully I came across this utility from Major Geeks that can be used to set all Windows services back to their default state.

Share:

Wednesday, June 10, 2015

Friday, May 22, 2015

Unsupported Ethernet Driver

 on  with 1 comment 
In  
This story comes from a couple of years ago while I was working on the 70-640 exam.  When I work on a cert, I go all in.  So during this time I had Windows Server 2008 (32-bit in hopes that it would use just a little less memory since my motherboard couldn't handle more than 2GB) installed on my main workstation at home and was using it pretty much exclusively for all my day to day computer usage. While I don't think Intel 82550 drivers are going to be a problem today with a more recent OS, the technique used here can be applied to other driver installers.
Share:

Wednesday, May 13, 2015

Stuck Disc in Nintendo Wii

 on  with No comments 
In ,  
My daughter has friends over today and they wanted to play an old Nintendo Gamecube game on the Wii as there is no working Gamecube in the house. Naturally it wasn't reading, and it wouldn't eject either. These are the little 2 inch mini CDs. She thought she remembered us putting a second disc in there last time this happened, but that one got pulled in as well, and now we have two discs in the Wii.

I grabbed a putty knife out of the garage and pushed it in, on the right side of the disc slot as you're looking at it. I pressed the eject button a few times, and the first disc came out. Grab it immediately or it will get pulled back in. Same process and the second disc came out as well. They're both a bit scratched up from the ordeal, but they should be fine.

The Savior 
Share:

Friday, May 8, 2015

Hyper-V replication across the WAN

 on  with No comments 
In ,  
I've recently been working on Hyper-V replication across the Internet to give our clients the option of maintaining an offsite copy of their server in our data center. Everything was going smoothly up to a point. I set up a site-to-site VPN connection between them and us, built an Active Directory two way trust between their domain and ours, and then tried to enter their Hyper-V host into our System Center Virtual Machine Manager system.  This is where I ran into a road block.
Share:

Thursday, April 30, 2015

Workstation Unable to Join Domain

 on  with No comments 
In ,  
I had a computer that would not join a domain. No matter what I tried, it would come back with "The following error has occurred when trying to join the "abcdefg.com" domain: network path not found."  I tried just about everything I came across while searching on Google:
  • Disable Windows Firewall
  • Run ipconfig /registerdns
  • Run dcdiag on the domain controller
  • Verify FSMO roles of the domain controller
  • Verify reverse lookup zone in DNS
  • Ping domain.com 
  • Verify _ldap._tcp.dc._mscds.domain.com in DNS
Share:

Wednesday, April 22, 2015

Free Speech Rights in the Workplace

 on  with No comments 
In , ,  
I recently came across the following while looking through some old homework from my undergraduate days. It was a piece on First Amendment protection of free speech in the workplace. A lot of people try to cite the First Amendment in cases where an employer has attempted to silence an employee, and it simply does not apply in that case. The government has not passed any bill restricting your speech, your boss told you to shut up. What I had forgotten about was the amount of case law showing that the First Amendment does not necessarily apply against your employer even in the instance where your employer is the Federal Government.

This was written in November 2010, so take the part about the "Don't ask, don't tell" policy with a grain of salt today.

Free speech rights are established by the First Amendment to the United States Constitution, which is a part of the Bill of Rights. This amendment prohibits Congress from making any law which infringes on a citizens right to free speech, as well as providing the same protection towards religion, press, peaceful assembly, and petitioning the government. Some of the most distasteful speech, that of the Ku Klux Klan, has been protected. While there are legal limits to free speech, there must be a legitimate reason. For example, you cannot walk into a crowded room and scream fire, as this can pose a great safety concern to everyone in the room. Noise ordinances also continue to stand in many communities.

So does the First Amendment protect your free speech rights against your employer? The simple answer is no, it is not relevant at all to your employer as long as your employer is not guilty of discrimination against any protected group. In the majority of states, employment is considered to be “At Will” unless otherwise stated in writing, for example, in an employment contract. What this means is that your employer may terminate you at any time, for any reason. The only protection that you have is that you cannot be fired for reasons that have been made illegal under state or federal law. Examples would be being fired based on your religion or race.

Even if your employer is the United States government, your free speech is not protected against your employer. For example, Army Regulation 530-1 requires all blog posts or documents being posted on-line by military personnel to first be cleared by a commanding officer before being posted (Shachtman, 2007). In the case of Connick v. Myers, the Supreme court ruled that the government may fire an employee for speech at work, in this case distributing a questionnaire regarding an internal office topic (UMKC School of Law, 2001). And in the well known “Don't ask, don't tell” policy, any openly gay or lesbian person is subject to immediate discharge from the United States military.

And in the private sector, the courts have defended employers restricting the speech of their employees. In Smyth v. Pillsbury, Michael Smyth was fired for statements made to his supervisor regarding the company and sued for wrongful termination. The court found in favor of Pillsbury (Darrell, 2010). In the case of Bourke v. Nissan, the court found in favor of Nissan terminating both Bonita Bourke and Rhonda Hall for comments made by the two over company email. Interestingly, Mr. Smyth's email comments were made on his own time (Darrell, 2010). While both of these cases were brought for invasion of privacy, the issue was statements made in both of them. And in another example, long time NPR News commentator Juan Williams was fired after comments he made about Muslims while a guest on the Fox News Channel (Folkenflik, 2010).

Your First Amendment rights are not protected against your employer. While the First Amendment does indeed protect your free speech rights, it only protects them against laws passed by the United States Congress. Even if your employer is the United States government, your free speech rights may be limited at work. Michael Smyth, Bonita Bourke, and Rhonda Hall were all terminated for statements that they made, and the courts have sided with the employers.
Share:

Wednesday, April 8, 2015

Importing a VM with Snapshots into Hyper-V

 on  with No comments 
In ,  
Here's a quick post on a virtual machine that I was unable to directly import into Hyper-V, but wasn't ready to let go of just yet. Knowing that I've had issue with getting Exchange 2010 installed and/or running correctly in the past, I took a snapshot of the VM before starting the Exchange installation.  Since I had forgotten to export the VM before blowing out the host computer's operating system installation, I had a VHD and an AVHD (snapshot file) for this VM to try to get back up and running.  Since there's no way that I could find to just import the AVHD file, I had to resort to some trickery.  This was on Windows Server 2008R2, I wonder if 2012 or 2012R2 have any new features that would help?  Maybe next time I'm in a Hyper-V console at work I'll check.
Share:

Saturday, March 28, 2015

Install Microsoft Security Essentials on Windows Server 2012

 on  with No comments 
In ,  
Microsoft Security Essentials, commonly referred to as MSE, is an anti-virus and anti-spyware package for the Windows platform.  It's free of charge for home users and for businesses with up to 10 PC's, and available as part of Microsoft System Center 2012 to deploy in environments with more than 10 PC's.  It can leave a lot to be desired at times with it's ability to detect and remove every infection on your PC, but for it's price point it's a pretty good product, especially when combined with a regular scan with Malwarebytes.

I don't use Windows a lot at home, pretty much only in the lab.   But in the lab, I go with MSE.  However, there is one problem in that that it simply refuses to install on Windows Server 2012 and later.  But with a little effort, you can get around that.  Here's the process, in 9 simple steps.

  1. Download a copy of MSE. 
  2. Right Click on the mseinstall.exe.
  3. Click on Properties.
  4. Click on the Compatibility tab.
  5. Check Run this program in compatibility mode for:
  6. Select From the drop down menu Windows 7.
  7. Open a Command Prompt as Administrator.
  8. Navigate to your Downloads folder (ie. cd C:\Users\%username%\Downloads).
  9. Run mseinstall /disableoslimit and follow the installer prompts.
When you update the program, you won't be able to automatically update the scanning engine, only the definitions.  
Share:

Friday, March 6, 2015

Making a Case for EIGRP

 on  with No comments 
In , , ,  
The following is a position paper written for a technical writing class. The views reflected in this paper do not necessarily reflect those that I hold, I often like arguing in favor of something that I do not agree with for the purpose of assignments such as this. Enjoy. Once the routers, and switches have been selected, the basic network layout has been drawn out on every physical and logical level, and the Internet connection has been chosen and ordered, there is still one crucial decision to be made. The network still needs to standardize on a routing protocol. For any network with more than a handful of devices capable of routing network traffic, this is yet another decision that is going to make or break the network. If the wrong protocol is selected, or it is not configured optimally, those expensive Cisco routers will perform more like the Netgear devices that can be found at Best Buy. For most enterprise networks, EIGRP should be logical choice for the routing protocol. A routing protocol is a means for routers to share information about where networks are. When a router first comes online, it knows only the networks that it is directly connected to. A routing protocol allows that router to share the information about those networks with it's direct neighbors, and its neighbors to share their routes with it. The router will then take the neighbor routers networks and add them to its routing table, along with how to reach them, and then shares the newer, larger table with it's neighbors. This process repeats until every router knows about every single reachable network. Each routing protocol's purpose is to accomplish this basic task, however there are many differences is in how the protocols communicate this information with other routers and the methods used to determine the best path to every reachable network where multiple paths exist. The routing protocol must also determine when a route is no longer valid and should be removed from the routing table (Odom, 2005). The two most prevalent routing protocols used in enterprise networks today are EIGRP (Enhanced Interior Gateway Routing Protocol) and OSPF (Open Shortest Path First). While RIP and Integrated IS-IS are still available as potential choices, those are typically only used for the smallest and largest of networks, respectively. EIGRP is a Cisco proprietary protocol, meaning that it only runs on Cisco routers and switches. OSPF is an open standard, which means that you will find it available to run on nearly all modern network devices. Both of these protocols have their own strengths and weaknesses, and both are candidates for nearly all types and sizes of networks. So if both of these protocols will work on your network, then which is the right routing protocol for you? Proponents of OSPF are quick to point out that EIGRP is a Cisco proprietary protocol and therefore should not be relied upon in a production network. The proprietary nature of EIGRP presents two major problems, they'll tell you. The first problem is that it because it runs only on Cisco equipment, it can only be used in networks that are built completely from Cisco equipment and will always be built completely (or nearly completely) from Cisco equipment. Next, because EIGRP is Cisco proprietary, it is not properly documented via Internet RFCs like an open standard such as OSPF is. An RFC is an open document maintained by the Internet Engineering Task Force (IETF) which define the standards that the Internet and other network technologies are based on (Winer, 2000). Complete and understandable documentation of a protocol is vital as an administrator must understand the protocol quite throughly in order to deploy it. Recent numbers indicate that Cisco is still on top of the market for both routers and switches, and their lead continues to grow. According to Infometrics Research, Cisco's sales of Ethernet switches accounted for 68.5 percent of the market in the first quarter of 2010, which is up from the 64.5 percent it held a year ago. Cisco's sales of routers accounted for 52.9 percent of the market in the first quarter, up from 45.6 the previous year (Burt, 2010). While this is far from the near 100% market share that would be required to indicate that the majority of networks are entirely Cisco, it does indicate that a significant number of such networks exist. It would be correct to state that not all devices currently used in the enterprise support EIGRP, but it would be unfair to not acknowledge the same is true about OSPF. An odd device here or there that does not support EIGRP can still have it's routes redistributed into EIGRP. And while it is true that Cisco's proprietary protocols are not documented via the common RFC series of documents that open standards such as OSPF are, that is not to say that EIGRP is not properly documented. Those of us who have spent time studying for Cisco certifications are very familiar with Cisco's online documentation, often referred to as the “Doc CD” from the days when the Internet was not as wide-spread and you would receive a copy of this documentation on a CD in the mail. EIGRP is documented here quite well, and it is trivial to search and navigate this documentation. If the online “Doc CD” is not for you, then Cisco Press may be. From books covering the most basic of Cisco Certifications, the CCNA (Cisco Certified Network Associate), all the way to specialized titles such as EIGRP Network Design Solutions, Cisco Press also documents the EIGRP protocol extensively. Proprietary protocols have earned an often deserved bad reputation over the years with companies such as Microsoft refusing to disclose how their technologies work. However Cisco has been quite open with it's protocols, and not just EIGRP. Now that we've established what EIGRP is not, let's focus on what EIGRP actually is. EIGRP is classified as either a hybrid protocol, or an advanced Distance Vector Protocol, depending on who is describing it. It shares the simplicity of Distance Vector Protocols such as RIP or IGRP, while it's performance more closely matches advanced Link State Protocols such as OSPF or Integrated IS-IS. In fact, EIGRP is based on IGRP, hence the name, Enhanced IGRP. And this is the first big selling feature of EIGRP, just how simple it is to deploy and maintain. EIGRP can be enabled on a router with fewer than 10 commands, and no knowledge of the network beyond that router is required. The same cannot be said for OSPF which requires advanced knowledge of the entire network and careful planning of it's deployment. To properly design an OSPF network, one must first divide the network into smaller areas. Different vendors have different recommendations on the number of routers that should be in a single area ranging from as few as 50 to as many as 200, though it's not often that high (Moy, 1998). This limit may require the network to be divided in ways that are not logical in relation to the actual operation of the network. These areas must contain network addresses that can be summarized, which is required to share routing information between areas (Moy, 1998). If you are migrating an existing network to OSPF, this may require a substantial portion of the network to be readdressed. Devices which are assigned static addresses will have to be assigned new addresses, and DHCP pools will have to be adjusted. Finally, on a subnet with more than 2 routers, OSPF requires one of these routers to be elected a Designated Router, and a second to become the Backup Designated Router. This again requires prior planning of every router's configuration as well as potentially moving routers to ensure that the Designated Router on each link is one that is up to the task. EIGRP on the other hand does not require a network to be split into areas, summarization can be implemented anywhere that the administrator chooses, or even not at all, and it's neighbor relationship do not require any elections. There is also no artificial limitation on the number of routers that can be involved in an EIGRP network, the only limitation is how many routes your routers available memory can store and process. Besides the simplicity of it's configuration, the next big selling feature of EIGRP is it's support of unequal cost load balancing. Other routing protocols are only able to load balance traffic across multiple links if all of those links are of equal cost, or in other words, the links share the same speed, distance, latency and any other characteristic used to determine the cost. Only the fastest link(s) out of all the possibilities will be inserted into the routing table to be used as valid paths for traffic, while the slower routes will go unused (Doyle, 2005). An administrator can cheat and modify the cost of all the links so that they are equal, but then the faster links will be underutilized. So in a network with multiple redundant links that are of varying cost, only EIGRP can properly utilize all of the bandwidth available. In a network or nearly any size, multiple redundant links to every location is advisable. But why would an administrator want to install all of these redundant links and then not have an optimal amount of traffic flowing over them? One final capability of EIGRP, though admittedly not as useful in today's primarily IP only world, is the ability to route IPv4, IPv6, Appletalk and IPX traffic all with one single routing protocol. EIGRP is the only routing protocol that supports routing all of these types of traffic, and in a multiple protocol environment, this makes it the only logical choice. The only alternative is to choose OSPF for IPv4 and IPv6, IPX RIP for IPX, and RTMP for Appletalk traffic. Running three different routing protocols on a single router would use a significant percentage of that routers resources for overhead tasks, significantly lowering the amount of actual data that can flow through. Furthermore, EIGRP is compatible with legacy routers and servers that run the standard IPX RIP and Appletalk RTMP protocols as well as legacy TCP/IP routers running the older IGRP (Doyle, 2005). For a proprietary protocol, EIGRP plays quite nicely with others. When choosing a routing protocol for an enterprise network, there are a lot of factors to consider. Once a routing protocol has been selected and deployed, it is not likely that another change will be allowed or even possible, so an administrator has to make the correct choice the first time. In the right hands, EIGRP and OSPF will both do the job well. In the wrong hands, EIGRP will still do the job well, while OSPF will drag along as if the network is running on a handful of consumer grade routers and switches that were bought off the shelf at Best Buy. EIGRP is much simpler to configure than OSPF, but yet it converges (reaches the point where all routers know about all reachable networks) just as fast, and in some cases faster. For any network that does not rival the entire Internet in both size and complexity, EIGRP is the obvious choice for routing protocol.
Share:

Wednesday, February 11, 2015

Discovering Your Brain Dominance and It's Relevance to Creative Thinking

 on  with No comments 
In ,  
Another classic homework assignment. I honestly don't even remember writing this, but found it interesting to revisit nonetheless.  It's my take on Mary Forehand's interpretation of Bloom's Taxonomy.

The Cognitive Domain of the New Millennium is a 6 level pyramid which shows the different types of learning. The six levels are Remembering, Understanding, Applying, Analyzing, Evaluating and Creating. Remembering is the ability to recall previously memorized data. Understanding is the ability to apply meaning to what is remembered. Applying is the ability to use your understanding in different ways. Analyzing is the ability to make decisions based on that data and justify ones position. And finally, Creating is the ability to bring it all together into a coherent whole and develop a concept or point of view.

Forehand gives the following example, based on the Familiar Goldilocks and the Three Bears story to demonstrate these six levels:
  • Remember: Describe where Goldilocks lived.
  • Understand: Summarize what the Goldilocks story was about.
  • Apply: Construct a theory as to why Goldilocks went into the house.
  • Analyze: Differentiate between how Goldilocks reacted and how you would react in each story event.
  • Evaluate: Assess whether or not you think this really happened to Goldilocks.
  • Create: Compose a song, skit, poem, or rap to convey the Goldilocks story in a new form (p. 1).
In primary education, we often do not move higher than the Remembering level. This is also true for most education gained through a two year institution. In many subjects such as history or early science classes, we learn and are expected to memorize lists of facts or orders of events and have instant recall of those lists. We often do not reach the Understanding level in these classes. In other subjects such as mathematics and literature, we do reach into the Understanding level of learning, but this is the peak.

To me it’s the top two levels where it really all comes together. In the Goldilocks example, this is deciding whether or not she really visited the home of the three bears, and then being able to create a new work featuring the character of Goldilocks. If you can do this, then you really know the characters of Goldilocks and the three bears inside and out. It’s not simply memorizing the story and being able to answer questions as to what happened and when it happened, it’s getting inside the head of the characters and really knowing what makes them tick. What happened to Goldilocks that lead her to the doorstep of the bears and why she thought it would be acceptable to enter their home?

This approach to research is definitely more challenging than any other research that I’ve done before. It’s not simply gathering the facts and being able to conclude what they all add up to. It’s finding meaning that is not spelled out for you. It’s going beyond stating that “x number of people think y” and instead finding why when nobody has specifically told you why. It’s deciding whether or not the story told by your research is plausible. It’s being able to put your findings in general terms that can be applied to other situations and circumstances. Then you are using both sides of your brain together to attack a problem.
Share: