Iwan Hoogendoorn

Hi,

I’ve come to the part that I need to gather a lot of information on the CCIE voice blueprint specifics.
This in order to pass the OEQ part of the exam …
This is what I am using to study:

I am thinking of buying the INE CCIE Voice Core Knowledge Simulation package for $99 but I first need to know how big the pool is of questions they are offering.

I also created my own set of questions that is based in the content that can be found in the SRND guides…

When I have the feeling rhat I know enough to pass the OEQ part I am going to review the Cisco Networkers (Live) 2009 CCIE Voice Techtorial PDF.

There is also a very important document from Cisco with the ports that are used for the voice applications … I am sure that I don’t need to memmorize all the ports from the document. It;s important to read trough it and I highlighted the importand ports that I REALLY should know for the OEQ training…
You can download the document here –> Cisco Unified Callmanager TCP and UDP Port Usage (234)

I hope this is enough …

Hi,

Today I managed to get CME working on a GNS3/Dynamips router.
The steps that I followed:

- Create a new GNS3 Project
- Get the IOS version “c3725-adventerprisek9_ivs-mz.124-15.T6.bin”
- Get the CME files “cme-full-4.3.0.0.tar”
- Create a new 3700 router
- Edit the properties and change the PCMCI disk0 space to 99MB

- Create a cloud with a breakout to your real network with the Ethernet NIO interface

- When that is done connect 1 of the router interfaces to the NIO Cloud interface

- Start the Router
- Assign an IP address to the routers interface (the one that is connected to the NIO/LAN breakout interface) and if neccesary also put in a default gateway.
- Set up an TFTP server where you will put the “cme-full-4.3.0.0.tar” file on
- Make sure you can ping the TFTP server from the router (so that the TFTP server is accesable from the router)
- Do a “erase flash:” on the router
- Do a “format flash:” on the router in order to create a DOS filesystem
- Issue the follwing command

(X = TFTP server IP address or DNS name)
- From this moment on all files will be extractes into the routers flash.
- Before you can start you need to issue the following commands on the router

When this is done you can access the CME trough the browser with http://router-ip/telephony-service.html

Iwan Hoogendoorn

Hi blog readers,

In my last post I told you about the CCIE Voice 3.0 lab that I am building.

Well as I will keep refering to this diagram–>   ccie-voice-vmware-gns3-diagram-1.0 just make a print of this and keep this as a hardcopy.

Today I will be showing you my configuration for all of the sites that are in the diagram. Because my sources (Blindhog & jayanm) did not posted full configuration examples for this lab and their setup is kind of outdated (as from the day I am writing this) I will post some full configuration with some explanation added to it, so it will be easier for you to set this up more easaly without loosing time.

HQ – hq-3725

host hq-3725
!this router is configured as a gateway on the callmanager itself
voice service voip
allow-connections h323 to h323
!
interface Loopback0
ip address 10.11.1.254 255.255.255.255
h323-gateway voip interface
h323-gateway voip bind srcaddr 10.11.1.254
!
interface FastEthernet0/0
ip address 10.11.11.135 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 10.255.255.135 255.255.255.0
speed 100
full-duplex
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 clock rate 2000000
!
interface Serial0/0.1 point-to-point
 ip address 10.254.254.1 255.255.255.252
 snmp trap link-status
 frame-relay interface-dlci 101
!
interface Serial0/0.2 point-to-point
 ip address 10.254.254.5 255.255.255.252
 snmp trap link-status
 frame-relay interface-dlci 102
!
router ospf 1
!Frame relay links are advertised in OSPF
network 10.200.1.0 0.0.0.255 area 0
network 10.200.2.0 0.0.0.255 area 0
!also specify the LAN network in OSPF
network 10.11.11.0 0.0.0.255 area 0
!
!all numbers that not known from the headquarter are routed to the PSTN router
!because this site is comfigured as a peer within the callmanager all known numbers will router automatically to the callmanager
dial-peer voice 1 voip
destination-pattern .T
session target ipv4:10.255.255.254
incoming called-number .
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
!if you call 1011111... this number will be directed to the callmanager
dial-peer voice 2010 voip
destination-pattern 1011111...
!this is callmanagers IP address
session target ipv4:10.11.11.137
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
gateway

RS1 – rs1-3725

host rs1-3725
!this router is configured as a gateway on the callmanager itself
voice service voip
allow-connections h323 to h323
!
interface Loopback0
ip address 10.12.1.254 255.255.255.255
h323-gateway voip interface
h323-gateway voip bind srcaddr 10.12.1.254
!
interface FastEthernet0/0
ip address 10.11.12.254 255.255.255.0
speed 100
full-duplex
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 clock rate 2000000
!
interface Serial0/0.1 point-to-point
 ip address 10.254.254.2 255.255.255.252
 snmp trap link-status
 frame-relay interface-dlci 202
!
router ospf 1
!Frame relay link are advertised in OSPF
network 10.200.1.0 0.0.0.255 area 0
!
!also specify the LAN network in OSPF
network 10.11.12.0 0.0.0.255 area 0
!
!all numbers that not known from the headquarter are routed to the PSTN router
!because this site is configured as a peer within the callmanager all known numbers will router automatically to the callmanager
dial-peer voice 1 voip
destination-pattern .T
session target ipv4:10.255.255.254
incoming called-number .
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad

RS2 - rs2-3725 

host rs2-3725
!this router is configured as a gateway on the callmanager itself
voice service voip
allow-connections h323 to h323
!
interface Loopback0
ip address 10.13.1.254 255.255.255.255
h323-gateway voip interface
h323-gateway voip bind srcaddr 10.13.1.254
!
interface FastEthernet0/0
ip address 10.11.13.254 255.255.255.0
speed 100
full-duplex
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 clock rate 2000000
!
interface Serial0/0.1 point-to-point
 ip address 10.254.254.6 255.255.255.252
 snmp trap link-status
 frame-relay interface-dlci 203
!
router ospf 1
!Frame relay link are advertised in OSPF
network 10.200.1.0 0.0.0.255 area 0
!also specify the LAN network in OSPF
network 10.13.1.0 0.0.0.255 area 0
!
!all numbers that not known from the headquarter are routed to the PSTN router
!because this site is configured as a peer within the callmanager all known numbers will router automatically to the callmanager
dial-peer voice 1 voip
destination-pattern .T
!this is the PSTNSIM IP address
session target ipv4:10.255.255.254
incoming called-number .
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad

PSTN - pstn-3725 

host pstn-3725
!make sure all the sites are in the same VLANS for PSTN communication
interface FastEthernet0/0
 switchport
 switchport mode access
 switchport access vlan 20
 no shut
!
!make sure all the sites are in the same VLANS for PSTN communication
interface FastEthernet0/1
 switchport
 switchport mode access
 switchport access vlan 20
 no shut
!
!make sure all the sites are in the same VLANS for PSTN communication
interface FastEthernet0/2
 switchport
 switchport mode access
 switchport access vlan 20
 no shut
!
interface vlan 20
 ip address 10.255.255.254 255.255.255.0
 h323-gateway voip interface
 h323-gateway voip bind srcaddr 10.255.255.254
 no shut
!
tftp-server flash:P00307020200.bin
tftp-server flash:P00307020200.loads
tftp-server flash:P00307020200.sb2
tftp-server flash:P00307020200.sbn
!
ip route 10.11.11.0 255.255.255.0 10.255.255.135
ip route 10.11.12.0 255.255.255.0 10.255.255.11
ip route 10.11.13.0 255.255.255.0 10.255.255.12
!
!
!When someone calls from the PSTN phone to 1011111...the call is directed to the HQ and the HQ will send it to the Callmanager
dial-peer voice 1000 voip
destination-pattern 1011111...
session target ipv4:10.11.1.254
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
!When someone calls from the PSTN phone to 2022222...the call is directed to the RS1 and a phone will be configured on this site to handle
calls
dial-peer voice 2000 voip
destination-pattern 2022222...
session target ipv4:10.12.1.254
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
!When someone calls from the PSTN phone to 3033333... the call is directed to the RS2 and a phone will be configured on this site to handle calls
dial-peer voice 3000 voip
destination-pattern 3033333...
session target ipv4:10.13.1.254
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
!This is where you say this is a IP network (for PSTN it would be POTS)
dial-peer voice 1 voip
!this is that all incomming numbers will be forwarded to the pstn phone
incoming called-number .
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
!
telephony-service
load 7960-7940 P00307020200
max-ephones 1
max-dn 5
ip source-address 10.255.255.254 port 2000
!
!these are the 5 numbers that are going to be terminated at the PSTN PHONE
ephone-dn 1 dual-line
number 911
!
ephone-dn 2 dual-line
number 1015551111
!
ephone-dn 3 dual-line
number 2025552222
!
ephone-dn 4 dual-line
number 3035553333
!
ephone-dn 5 dual-line
number 55987654321
!
!This is the PSTN phone itself
ephone 1
mac-address 0000.0000.0000
type 7960
button 1:1 2:2 3:3 4:4 5:5
!
gateway

Next time I will show you a video with a demonstration of how everything is set up and how it´s working together.

This means that we are actually going to make some real calls accross with the softphones and the dynamips routers in combination with the Callmanager that is running on VMware.

Have fun with the configuration and if you have questions or remarks please contact me… I would be more than happy to help you!

Hey folks,

This is my first step in preperation of the CCIE Voice 3.0 Lab Exam.

I’ve created a diagram for the lab that I am building based on Vmware and Dynamips/GNS3.

This setup is based on the tutorial of the various blog posts that the guys behind BLINDHOG has been writing.

I will write more in detail  (in the feature) what my twist is on this setup and how you can set this up.

The Diagram:

You can download the full diagram here –>  ccie-voice-vmware-gns3-diagram-1.0.

Good luck and have fun studying it …

Hi,

Well this is my first Blog post in service op IPExpert enjoy reading it on:

IPSEC and High Availability by Iwan Hoogendoorn

Have fun reading it!

Hi networking blog readers,

Today I am going to explain how you can use 1 public IP address on two different sites with 2 complete different ISP’s.

Why do you want to do this …? Well …..

Have you ever tried to share a Usenet account with one of your buddies and came to the conclusion the this is not working because the Usenet provider is only permitting 1 login with 1 IP address?  Well same here .

 You can do 4 things …

• you can find a Usenet Provider that allows account sharing
• you can use a paid VPN service (with multiple VPN accounts) (this can be expensive when you the data you transfer is of high volume)
• you could try to work for this Usenet Provider and change the settings
•  or you can try to find another way (network related) to work around this

Because I want to use 1 of the best Usenet providers (and this provider does not allow account sharing at all) I had to go for the last option.

So I was thinking how I could actually share 1 Usenet account and come from the same IP address.

Well I managed to fool the system and share an account of my favorite Usenet provider and share the cost with a friend of mine named John (We will use his account in this example).

 Here is what we briefly used to accomplish this:

• 1 x Internet connection (DSL, 10MB down/1MB up) – John
• 1 x Internet connection (Fibre, 50MB up/down) – Iwan
• 1 x PIX 525 firewall – John
• 1 x ASA 5505 – Iwan

 This is how the situation looked like before sharing the account:

What I actually wanted to accomplish is that we can use the same useraccount “johnxyz” of  the usenetprovider  “UsenetXYZ” on both locations.

Now the situation above is that we both have the same Usenet provider but I can only login with my own account “iwanxyz” and I want to use the account of John (“johnxyz”)

 Network details John:

• LAN segment = 10.10.10.0/24
• Using Cisco PIX 525 firewall
• Public IP PIX = 1.1.1.1

 Network details Iwan:

• LAN segment = 10.10.20.0/24
• Using Cisco ASA 5505 Firewall
• Public IP ASA = 2.2.2.2

 The IP addresses used in this blog article are sample IP addresses and not used in my own production environment

On both sites the PIX and the ASA have the public IP address of their ISP directly configured on the outside interface.

This is the configuration we used to set up a simple IPSEC tunnel which only permits accessing each others LAN segment. So I am able to access John’s 10.10.10.0/24 LAN segment and he is able to access mine 10.10.20.0/24 LAN segment.

 PIX config:

hostname pixfirewall
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address 1.1.1.1 255.255.255.0
!
interface Ethernet1
 nameif inside
 security-level 10
 ip address 10.10.10.254 255.255.255.0
!
access-list outside_1_cryptomap extended permit ip 10.10.10.0 255.255.255.0 10.10.20.0 255.255.255.0
!
access-list inside_nat0_outbound extended permit ip 10.10.10.0 255.255.255.0 10.10.20.0 255.255.255.0
!
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 10.10.10.0 255.255.255.0
!
crypto ipsec transform-set ESP-MD5-HMAC esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto ipsec df-bit clear-df outside
!
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer 2.2.2.2
crypto map outside_map 1 set transform-set ESP-MD5-HMAC
crypto map outside_map 1 set security-association lifetime seconds 3600
crypto map outside_map 1 set security-association lifetime kilobytes 4608000
crypto map outside_map interface outside
crypto isakmp enable outside
!
crypto isakmp policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400
!
tunnel-group 2.2.2.2 type ipsec-l2l
tunnel-group 2.2.2.2 ipsec-attributes
 pre-shared-key KEYFORTUNNEL
!
end

ASA config:

hostname ASA5505
!
interface Vlan10
 description OUTSIDE
 nameif outside
 security-level 0
 ip address 2.2.2.2 255.255.255.0
!
interface Vlan20
 description INSIDE
 nameif inside
 security-level 100
 ip address 10.11.11.254 255.255.255.0
!
interface Ethernet0/0
 description OUTSIDE
 switchport access vlan 10
!
interface Ethernet0/1
 description INSIDE
 switchport access vlan 20
!
access-list NoNAT_ACL extended permit ip 10.10.20.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list crypto extended permit ip 10.10.20.0 255.255.255.0 10.10.10.0 255.255.255.0
!
global (outside) 1 interface
nat (inside) 0 access-list NoNAT_ACL
!
crypto ipsec transform-set ESP-MD5-HMAC esp-3des esp-md5-hmac
!
crypto ipsec df-bit clear-df outside
!
crypto map vpn 10 match address crypto
crypto map vpn 10 set pfs
crypto map vpn 10 set peer 1.1.1.1
crypto map vpn 10 set transform-set ESP-MD5-HMAC
!
crypto map vpn interface outside
crypto isakmp enable outside
!
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 20
 authentication pre-share
 encryption 3des
 hash md5
 group 2
 lifetime 86400
!
group-policy GP-site-2-site-john internal
group-policy GP-site-2-site-john attributes
 vpn-tunnel-protocol IPSec l2tp-ipsec
!
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 general-attributes
 default-group-policy GP-site-2-site-john
tunnel-group 1.1.1.1 ipsec-attributes
 pre-shared-key KEYFORTUNNEL
!
end

 The configuration above is just the plain configuration to get the PIX and ASA working with an internet connection and to make the IPSEC VPN tunnel working.

Once this is done I am able to access my John’s 10.10.10.0/24 LAN segment and he is able to access mine 10.10.20.0/24 LAN segment.

 Because I (Iwan) am the one with a better internet connection (50MB up/down fibre) we are going to use John’s Usenet account and I am going to let him use my public IP address to download binary articles with his own account which he will share with me. I already have my public IP address so I don’t have to worry about that

 The trick is to route the IP address that the news Provider is using trough the tunnel (from John’s side to Iwan side) and translate this on the ASA to my (Iwan) public IP address.

 To test if the method is actually going to work we can try to test this with a website first.

A website like http://whatismyipaddress.com/ shows the public IP address you are coming from.

 To translate this domain name  to a IP address we use the nslookup tool:

C:\>nslookup whatismyipaddress.com
Server:  dns-server
Address:  10.10.20.20

Non-authoritative answer:
Name:    whatismyipaddress.com
Address:  140.239.191.10

To accomplish that John can access http://whatismyipaddress.com we are going:

• to route the IP address 140.239.191.10 trough the IPSEC tunnel
• translate this traffic to my public IP address

 Here is the config to accomplish this with a little explanation:

 PIX config:

 !<-- SEND THIS IP ADDRESS TROUGH THE TUNNEL -->
access-list outside_1_cryptomap extended permit ip 10.10.10.0 255.255.255.0 host 140.239.191.10
!<-- NONAT THIS TRAFFIC BECAUSE IT’S GOING TROUG THE TUNNEL -->
access-list inside_nat0_outbound extended permit ip 10.10.10.0 255.255.255.0 host 140.239.191.10

ASA config:

 <--ENABLE HAIRPINNING>
same-security-traffic permit intra-interface
!<-- SEND THIS IP ADDRESS BACK TROUGH THE TUNNEL -->
access-list crypto extended permit ip host 140.239.191.10 10.10.10.0 255.255.255.0
!
<-- NAT ACL FOR NATTING TO IWAN’S PUBLIC IP ADDRESS -->
access-list NEWSPROVIDER-NAT-RULE extended permit ip 10.10.10.0 255.255.255.0 host 140.239.191.10
!
<-- THE ACTUAL NAT COMMAND -->
nat (outside) 1 access-list NEWSPROVIDER-NAT-RULE

 This is a small explanation about the harpinning feature:

 Same-security-traffic permit intra-interface:

The security appliance includes a feature that lets a VPN client send IPSec-protected traffic to another VPN user by allowing such traffic in and out of the same interface. Also called “hairpinning”, this feature can be thought of as VPN spokes (clients) connecting through a VPN hub (Security appliance).

 Once all of this is configured John can go to an internet browser and type in http://whatismyipaddress.com he will now see that his ISP IP address is 2.2.2.2 in stead of 1.1.1.1. This means he is accessing this website trough my internet connection.

 Once this works you can also replace the 140.239.191.10 ip address for other hosts for example to 1 of your newsgroup providers. (Which does not permit account sharing)

You can use this trick on all Newsgroup providers that are not allowing account sharing.

 The final drawing will look like this:

 I would like to thanks you again for reading my blog post and if you have any questions just ask these below or contact me.

Hi blog readers,

I’ve done a small project last week for a customer and the customer was complaining about not getting the speed that he actually ordered at the ISP where I am working for. A lot of network engineers are getting the question very often to measure the troughput/speed because a customer is just unsatisfied with the speeds he is getting.

Well I don’t have to tell you that speedproblems can be the cause of a lot of things … like for example an interface that is not configured correctly in terms of speed or duplex, a faulty cable, a lot of congestion in the LAN network, well I think I can go on for a little while, but what if all those things you checked are OK and the customer is still having speed/toughput problems?

It’s important to first see what the customer is actually trying to do and what he is actualy testing …

My customer for example had a SAN system of HP and he was trying to do a SAN SYNC session with another SAN system based on another loaction.

This SAN application only used 1 TCP session (stream) to do the actual syncronisation… If you don’t know how TCP/IP is actually working you would say that this customer is using the full 200MB  fibre line for his SAN syncronisation session.

But nothing is less true ….

The facts are as following:

• The customer has 2 sites (SITE A and SITE B) (see drawing below)
• Between those sites the customer has a 200MB fibre connection
• The customer is trying to do a SAN Sync between those sites
• The SAN application is using a TCP Window Size of 32k
• The Round Trip Latency (RTT) is 8 milliseconds

When a TCP data transfer happens 2 elements are very important for the transfer, the TCP Window Size AND the round trip latency. If you know these 2 values (as we do) we can calculate the maximum troughput what you can get with 1 TCP stream regardless what speed line you have .

The theory behind this is that in our case here 32kb of data is sent to the other side (SITE B) and after each 32kb of data TCP has to send a ACK of 8 milliseconds, after this ACK is received another 32kb of data is send and after this is received an ACK is send again from SITE B to SITE A after 8 milliseconds … this process is repeated over and over again untill the total data is sent. This 32kb is called the WINDOW SIZE.

We can see our TCP Window Size and our Round Trip Latency values above. With this we can now calculate the maximum troughput with the following formula:

TCP-Window-Size-in-bits / Latency-in-seconds = Bits-per-second-of-throughput

32kb = 32000 bytes
32000 bytes * 8 = 256000 bit (a conversion from bytyes to bits)
256000 / 0.008 (8 miliseconds) = 32000000 bits per second of troughput = 32Mbps maximum throughput per TCP session

So the maximum troughput that we can actually get on this link of 200MB is only 32Mbps.

Possible solutions for this is to either 1) Increase the Window Size that the system is using or 2) try to decrease the Round Trip Latency values. Decreasing the Round Trip Latency values is going to be a pain if these values are already good (in our case the distance between SITE A and SITE B is only 150 km and a RTT of 8 ms is just fine) so our only option is trying to increase the TCP Window Size of the system. This can only be done if the System/Application lets you change this and this is not always the case…

There is also a formule to calculate the ideal Window Size if you know the line speed

Bandwidth-in-bits-per-second * Round-trip-latency-in-seconds = TCP window size in bits / 8 = TCP window size in bytes

The bandwidth of this line was 200MB as we’ve seen before.

200 Mb = 200 000 000 bits per second *  0.008 = 1600000 bits / 8 = 200000 Bytes = 200kb

Your ideal TCP Window Size is in this case 200kb (factor 6 of what the Window Size is now)

drawing-troughput-calculation

Just keep 1 thing in mind … THIS IS ONLY FOR 1 TCP SESSION … so if you would start 4 or 5 extra FTP sessions with a FTP file copy you will see the total bandwidth if being used of this line because all those sessions for example 5 will result in 5 * 32Mbps = 160Mbps wich will make the customer somehow happy with understanding the theory behind this.

There are also a some WAN accelerators available these days like Cisco WAAS for example wich can take these kinds of problems in terms of latency and appication data compression away for you but these technologies cost money and is a whole different BLOG story.

Hope I’ve teaced you guys something and if you have any questions just contact me

I always get the question how I became a CCIE and how long it took me and what my future goals are after achieving the highest certification in networking… my always that I don’t really know … maybe another CCIE track but I have no concrete plans …

Well after the 29 of June CCIE is no longer the highest certification in the field … and has to bow for the new Cisco certification track “Cisco Certified Architect” 

I now think that this will be my new ultimate goal forthe future …

But where will that put me in terms of certifications and job roles and the work related expierience now?

After looking for the answer I found a nice article about the Cisco certifications and those related to a current job role and I kind of agreed with it.

The different levels are explained below and here and are written by Himawan Nugroho.

Level 1: Configurator
The other name for this level is Config T engineer, where ones only know how to put the configuration without having deep understanding about the concept and the reason behind it. What it takes just the ability to copy paste the configuration from Cisco website to enable the protocols or features.
If I may compare it with Cisco certification program, this level can be considered as CCNA.

Level 2: Troubleshooter
Those who don’t know the concept won’t be able to troubleshoot. At this level ones know how to configure the protocols/features, and the concept behind it in order to troubleshoot when there is any issue during implementation.
If I may compare it with Cisco certification program, this level shall be the CCNP or other mid-level certifications.

Level 3: Specialist
At this level, the engineers are willing to focus on a particular area in networking. This is not a pure specialist role since most probably those still have to do the common routing and switching stuff, but now they are capable to work on other technology too where they put more focus to learn.
I shall put CCIE at this level. Even those who have CCIE in Routing & Switching track can fall to this level since they put their focus on the scope of the track.

Level 4: Designer
After focusing on one particular area at the previous level, at this level ones must learn more general and broad knowledge again. The other name of this level is System Integrator, where it is required to possess the ability to combine different technology solutions, sometime it even requires to combine the products from different vendors. As a network designer, one must be able to build a complete infrastructure solution from routing and switching, security, voice, wireless etc. And it is normal for a designer to have the knowledge beyond networking: Server Operating System, Database, physical Data Center and so on.
I don’t think there is certification for this level. Well, CCDE may provide the foundation of the knowledge for this. But I would say it’s like CCIE with project experiences to build a complete infrastructure.

Level 5: Architect
This is the next level of System Integrator, where ones know how to build a complete infrastructure, and understand the customer business requirements, and can make sure the technology and solution provided to answer the requirements incorporate the customer business model. From technical perspective, the architects understand hardware architecture and the way the protocols work in detail, in order to know the limitation of solution can be provided. They know the standard of the protocols and fully aware about different implementation from different vendors, so they are able to fully interop the products from multiple vendors.
This is like a CCIE who likes to read the protocol standards, understand the hardware architecture, able to interop products from multiple vendors, and has extensive project experiences with important role in both technical and non-technical aspect.

Level 6: Expert
The last transformation is to the expert level, after being the architect with extensive project experience, capable to build a complex and complete infrastructure from different vendors, and understand customer business requirements and the linkage to the technology and solution provided. At this level, ones are getting specialized again. Having extensive experiences and broad knowledge, the experts now can focus on one or a few particular technology in order to contribute to the development of that technology. Experts communicate to each other to develop the standard of networking, translate a difficult concept into the words that can be understood by ordinary people, and share the knowledge and information to the others.
At this level, the possession of any certification doesn’t matter anymore. The most important is to have all what the Architect level has, with focus on one of few technology in deep detail, willing to contribute to the development of the technology, and share the knowledge and information to the others.

He folks,

Last year I did a project for school about IPv6 and the IPv6 dynamic routing protocols and redistributing these.

Before you read this article or going to try the stuff on dynamips later on it is wise to know a little bit about IPv6 and it’s background. Maybe a wise thing is to read THIS  and THIS  and THIS  before actually going any further.

Lets start with the diagram first… if the diagram is not clear below please download it >> ipv6-dynamic-routing-diagram.pdf

You can see that we have the ISP core consisting of 2 routers. Keep in mind that this is just a setup to test the technologies and normally this is not a correct way of designing real networks, because there is no redundacy here and later on you will see that I haven’t used OSPF area 0 in the CORE, but that is something for later.

Besides the 2 routers in the core you will see 4 routers at the edges which will represent the 4 different sites, SITE A, B, C and D.

All the routers of the sites have a loopback interface where I configured multiple IP addresses on, these loopback interfaces start with the router number. All IP addresses that I’ve used are organised per interface in a small IP numbering plan in an Excel document which you can find later on in this article.

Back to the loopback networks, below you will find the actual IP addresses (a.k.a. networks) that I used as networks to distribute dynamically with the routing protocols and redistributing them using those same network protocols.

This means that R1 will contain the networks starting with 1111: R2 will have the networks starting with 2222: etc. etc.

Within SITE B and SITE D we have a computer wich will run a Linux distribution. The end goal is that the 2 PC’s (which are in 2 complete different IPv6 networks can transfer data to eachother. We will test this later on after doing some more explanation with ping tests.

SITE A and SITE C will only be used to prove that the redistribution between the different IPv6 networks using RIPv3 and OSPFv3 is actually working. All networks will eventually be advertised and shown in each routing table of each router.

In the next diagram you will see what routing protocol is used where.

You can see that:

• R1 is running OSPFv3 (area 0) with R3
• R2 is running RIPng with R3
• R3 is running OSPFv3 (area 100) with R6
• R4 is running RIPng with R6
• R5 is running OSPFv3 (area 200) with R6

I hope you can still keep yourself focussed because when I was designing this with all the long IPv6 IP addresses I made alot of little mistakes that where driving me crazy in the evening while troubleshooting them

Ok now everything is explained and everything is kind of clear I will now show the portions of configuration that I used to achieve what I wanted. After that I will also use the verify commands in the routers to see that it’s actually working.

First of all we configure the CORE (R3 & R6)  with OSPFv3 area 100 ( I know the core should be area 0, but in this design it’s not needed at all to prove my point)

After configured the core we will work from the CORE twards the edges or the networks.

The configuration per router is shown below:

R3

hostname R3
!
ip cef
ip domain name local.home
!        
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 3333:610:6CC:10::/64
 ipv6 address 3333:610:6CC:20::/64
 ipv6 address 3333:610:6CC:30::/64
 ipv6 address 3333:610:6CC:40::/64
 ipv6 address 3333:610:6CC:50::/64
 ipv6 enable
 ipv6 rip process1 enable
 ipv6 ospf 1 area 100
!
interface Ethernet0/0
 ip address 10.10.36.3 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:36::3/64
 ipv6 enable
 ipv6 ospf 1 area 100
!
interface Ethernet0/1
 ip address 10.10.13.3 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:13::3/64
 ipv6 enable
 ipv6 ospf 1 area 0
!
interface Ethernet0/2
 ip address 10.10.23.3 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:23::3/64
 ipv6 enable
 ipv6 rip process1 enable
!
interface Ethernet0/3
 ip address 192.168.52.103 255.255.255.0
 full-duplex
 ipv6 address 2001:610:6CC:52::103/64
 ipv6 enable
!
ip forward-protocol nd
ip route 192.168.50.0 255.255.255.0 192.168.52.1
!
ipv6 router ospf 1
 log-adjacency-changes
 area 100 virtual-link 10.10.56.6
 redistribute rip process1 include-connected
!
ipv6 router rip process1
 redistribute ospf 1 metric 1 match internal external 1 external 2 include-connected

R6

hostname R6
!
ip cef
ip domain name local.home
!       
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 6666:610:6CC:10::/64
 ipv6 address 6666:610:6CC:20::/64
 ipv6 address 6666:610:6CC:30::/64
 ipv6 address 6666:610:6CC:40::/64
 ipv6 address 6666:610:6CC:50::/64
 ipv6 enable
 ipv6 rip process1 enable
 ipv6 ospf 1 area 100
!
interface Ethernet0/0
 ip address 10.10.36.6 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:36::6/64
 ipv6 enable
 ipv6 ospf 1 area 100
!
interface Ethernet0/1
 ip address 10.10.46.6 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:46::6/64
 ipv6 enable
 ipv6 rip process1 enable
!
interface Ethernet0/2
 ip address 10.10.56.6 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:56::6/64
 ipv6 enable
 ipv6 ospf 1 area 200
!
interface Ethernet0/3
 ip address 192.168.52.106 255.255.255.0
 full-duplex
 ipv6 address 2001:610:6CC:52::106/64
 ipv6 enable
!
ip forward-protocol nd
ip route 192.168.50.0 255.255.255.0 192.168.52.1
!
ipv6 router ospf 1
 log-adjacency-changes
 area 100 virtual-link 10.10.36.3
 redistribute rip process1 include-connected
!
ipv6 router rip process1
 redistribute ospf 1 metric 1 match internal external 1 external 2 include-connected
!
end

R1

hostname R1
!
ip cef
ip domain name local.home
!       
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 1111:610:6CC:10::/64
 ipv6 address 1111:610:6CC:20::/64
 ipv6 address 1111:610:6CC:30::/64
 ipv6 address 1111:610:6CC:40::/64
 ipv6 address 1111:610:6CC:50::/64
 ipv6 enable
 ipv6 ospf 1 area 0
!
interface Ethernet0/0
 ip address 10.10.13.1 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:13::1/64
 ipv6 enable
 ipv6 ospf 1 area 0
!
interface Ethernet0/3
 ip address 192.168.52.101 255.255.255.0
 full-duplex
 ipv6 address 2001:610:6CC:52::101/64
 ipv6 enable
!
ip forward-protocol nd
ip route 192.168.50.0 255.255.255.0 192.168.52.1
!
ipv6 route 2001:610:6CC:50::/64 2001:610:6CC:52::1
ipv6 route 2001:610:6CC:52::/64 Ethernet0/3
ipv6 router ospf 1
!
end

R2

hostname R2
!
ip cef
ip domain name local.home!        
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 2222:610:6CC:10::/64
 ipv6 address 2222:610:6CC:20::/64
 ipv6 address 2222:610:6CC:30::/64
 ipv6 address 2222:610:6CC:40::/64
 ipv6 address 2222:610:6CC:50::/64
 ipv6 enable
 ipv6 rip process1 enable
!
interface Ethernet0/0
 ip address 10.10.23.2 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:23::2/64
 ipv6 enable
 ipv6 rip process1 enable
!
interface Ethernet0/1
 ip address 20.20.20.2 255.255.255.0
 half-duplex
 ipv6 address 2020:610:6CC:20::2/64
 ipv6 enable
 ipv6 nd prefix 2020:610:6CC:20::/64
 ipv6 rip process1 enable
!
interface Ethernet0/3
 ip address 192.168.52.102 255.255.255.0
 full-duplex
 ipv6 address 2001:610:6CC:52::102/64
 ipv6 enable
!
ip forward-protocol nd
ip route 192.168.50.0 255.255.255.0 192.168.52.1
!
ipv6 router rip process1
!
end 

R4

 
hostname R4
!
ip cef
ip domain name local.home!        
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 4444:610:6CC:10::/64
 ipv6 address 4444:610:6CC:20::/64
 ipv6 address 4444:610:6CC:30::/64
 ipv6 address 4444:610:6CC:40::/64
 ipv6 address 4444:610:6CC:50::/64
 ipv6 enable
 ipv6 rip process1 enable
!
interface Ethernet0/0
 ip address 10.10.46.4 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:46::4/64
 ipv6 enable
 ipv6 rip process1 enable
!
interface Ethernet0/3
 ip address 192.168.52.104 255.255.255.0
 full-duplex
 ipv6 address 2001:610:6CC:52::104/64
 ipv6 enable
!
ip forward-protocol nd
ip route 192.168.50.0 255.255.255.0 192.168.52.1
!
ipv6 router rip process1
!
end

R5

hostname R5
!
ip cef
ip domain name local.home!       
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 5555:610:6CC:10::/64
 ipv6 address 5555:610:6CC:20::/64
 ipv6 address 5555:610:6CC:30::/64
 ipv6 address 5555:610:6CC:40::/64
 ipv6 address 5555:610:6CC:50::/64
 ipv6 enable
 ipv6 ospf 1 area 200
!
interface Ethernet0/0
 ip address 10.10.56.5 255.255.255.0
 half-duplex
 ipv6 address 2001:610:6CC:56::5/64
 ipv6 enable
 ipv6 ospf 1 area 200
!
interface Ethernet0/1
 ip address 50.50.50.5 255.255.255.0
 half-duplex
 ipv6 address 5050:610:6CC:50::5/64
 ipv6 enable
 ipv6 nd prefix 5050:610:6CC:50::/64
 ipv6 ospf 1 area 200
!
interface Ethernet0/3
 ip address 192.168.52.105 255.255.255.0
 full-duplex
 ipv6 address 2001:610:6CC:52::105/64
 ipv6 enable
!
ip forward-protocol nd
ip route 192.168.50.0 255.255.255.0 192.168.52.1
!
ipv6 router ospf 1
 log-adjacency-changes
!
end

I’ve made the actual IPv6 commands blue so you can see what is IPv6 related and what’s not.

Once configured this on the routers (and you see the OSPF adjacencies form) you can check the routing tables.

For now I will just show you the routing tables of 2 edge routers, R2 and R5 where you can see that the routing information is learned dynamically from the other router(s). This article will be too long if I just post all the outputs in.

R2#sh ipv6 route
IPv6 Routing Table - 48 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
R   1111:610:6CC:10::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   1111:610:6CC:20::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   1111:610:6CC:30::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   1111:610:6CC:40::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   1111:610:6CC:50::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   2001:610:6CC:13::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
C   2001:610:6CC:23::/64 [0/0]
     via ::, Ethernet0/0
L   2001:610:6CC:23::2/128 [0/0]
     via ::, Ethernet0/0
R   2001:610:6CC:36::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   2001:610:6CC:46::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
C   2001:610:6CC:52::/64 [0/0]
     via ::, Ethernet0/3
L   2001:610:6CC:52::102/128 [0/0]
     via ::, Ethernet0/3
R   2001:610:6CC:56::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
C   2020:610:6CC:20::/64 [0/0]
     via ::, Ethernet0/1
L   2020:610:6CC:20::2/128 [0/0]
     via ::, Ethernet0/1
C   2222:610:6CC:10::/64 [0/0]
     via ::, Loopback0
L   2222:610:6CC:10::/128 [0/0]
     via ::, Loopback0
C   2222:610:6CC:20::/64 [0/0]
     via ::, Loopback0
L   2222:610:6CC:20::/128 [0/0]
     via ::, Loopback0
C   2222:610:6CC:30::/64 [0/0]
     via ::, Loopback0
L   2222:610:6CC:30::/128 [0/0]
     via ::, Loopback0
C   2222:610:6CC:40::/64 [0/0]
     via ::, Loopback0
L   2222:610:6CC:40::/128 [0/0]
     via ::, Loopback0
C   2222:610:6CC:50::/64 [0/0]
     via ::, Loopback0
L   2222:610:6CC:50::/128 [0/0]
     via ::, Loopback0
R   3333:610:6CC:10::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   3333:610:6CC:20::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   3333:610:6CC:30::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   3333:610:6CC:40::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   3333:610:6CC:50::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   4444:610:6CC:10::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   4444:610:6CC:20::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   4444:610:6CC:30::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   4444:610:6CC:40::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   4444:610:6CC:50::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   5050:610:6CC:50::/64 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   5555:610:6CC:10::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   5555:610:6CC:20::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   5555:610:6CC:30::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   5555:610:6CC:40::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   5555:610:6CC:50::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   6666:610:6CC:10::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   6666:610:6CC:20::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   6666:610:6CC:30::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   6666:610:6CC:40::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
R   6666:610:6CC:50::/128 [120/2]
     via FE80::CE02:54FF:FEFF:2, Ethernet0/0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0

R5#sh ipv6 route
IPv6 Routing Table - 48 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI  1111:610:6CC:10::/128 [110/30]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  1111:610:6CC:20::/128 [110/30]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  1111:610:6CC:30::/128 [110/30]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  1111:610:6CC:40::/128 [110/30]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  1111:610:6CC:50::/128 [110/30]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  2001:610:6CC:13::/64 [110/30]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2001:610:6CC:23::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  2001:610:6CC:36::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2001:610:6CC:46::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
C   2001:610:6CC:52::/64 [0/0]
     via ::, Ethernet0/3
L   2001:610:6CC:52::105/128 [0/0]
     via ::, Ethernet0/3
C   2001:610:6CC:56::/64 [0/0]
     via ::, Ethernet0/0
L   2001:610:6CC:56::5/128 [0/0]
     via ::, Ethernet0/0
OE2  2020:610:6CC:20::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2222:610:6CC:10::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2222:610:6CC:20::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2222:610:6CC:30::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2222:610:6CC:40::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  2222:610:6CC:50::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  3333:610:6CC:10::/128 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  3333:610:6CC:20::/128 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  3333:610:6CC:30::/128 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  3333:610:6CC:40::/128 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  3333:610:6CC:50::/128 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  4444:610:6CC:10::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  4444:610:6CC:20::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  4444:610:6CC:30::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  4444:610:6CC:40::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OE2  4444:610:6CC:50::/64 [110/20]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
C   5050:610:6CC:50::/64 [0/0]
     via ::, Ethernet0/1
L   5050:610:6CC:50::5/128 [0/0]
     via ::, Ethernet0/1
C   5555:610:6CC:10::/64 [0/0]
     via ::, Loopback0
L   5555:610:6CC:10::/128 [0/0]
     via ::, Loopback0
C   5555:610:6CC:20::/64 [0/0]
     via ::, Loopback0
L   5555:610:6CC:20::/128 [0/0]
     via ::, Loopback0
C   5555:610:6CC:30::/64 [0/0]
     via ::, Loopback0
L   5555:610:6CC:30::/128 [0/0]
     via ::, Loopback0
C   5555:610:6CC:40::/64 [0/0]
     via ::, Loopback0
L   5555:610:6CC:40::/128 [0/0]
     via ::, Loopback0
C   5555:610:6CC:50::/64 [0/0]
     via ::, Loopback0
L   5555:610:6CC:50::/128 [0/0]
     via ::, Loopback0
OI  6666:610:6CC:10::/128 [110/10]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  6666:610:6CC:20::/128 [110/10]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  6666:610:6CC:30::/128 [110/10]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  6666:610:6CC:40::/128 [110/10]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
OI  6666:610:6CC:50::/128 [110/10]
     via FE80::CE05:54FF:FEFF:2, Ethernet0/0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0

If you analyse the routingtable you see that I only marked the Loopback networks of the routers to highlight the networks are received (either trough a direct dynamic routing protocol or trough the redistribution of a dynamic routing protocol) that where advertised either trough OSPFv3 or RIPng.

The full configuration files can be found here below:

• R1.log
• R2.log
• R3.log
• R4.log
• R5.log
• R6.log
• all config-files.rar

The .net file (to make this properly work you need to alter the paths towards the IOS files and the startup configs needed):

>> ipv6-dynamic-routing.net

The actual network drawings can also be downloaden in PDF format:

>> ipv6-dynamic-routing-diagram.pdf

The last document will be the IP sheet with an overview of all the complex long IPv6 addresses:

>> ipv6-number-plan.xls

The IOS version that I used is “c3640-ik9o3s-mz.124-17.bin” (uncompressed = c3640-ik9o3s-mz.124-17.image)  which I can not share due to copyright rules.
I hope this post has been informative and fun to read and good luck with trying this at home!

If you have any questions or remarks please leave a comment or CONTACT  me, I like to be challenged in what I do and I like compliments  it keeps me sharp and updated.

Take care and I wish you a happy IPv6 Routing Experience …

Hi Cisco gangsters,

Yesterday evening I could not spleep because of the heat … so I decided to shoot some pictures with my Iphone of my CCIE Plaques.

I know the quality is poor of the pictures but they are good enough to see them   (you can also view the pictures by clicking on PHOTO’S.

My CCIE Plaques

These are my plaques that I received from Cisco after passing my CCIE LAB exams

6 Photos