Moving On…

Today is my penultimate day with my current company; I am moving on to bigger and (hopefully!) better things.

It’s a weird feeling leaving a job, especially one where you have made so many changes. There is only a small network here (~700 users, ~200 servers) but when I started it had been badly neglected for several years – There wasn’t really anyone with sufficient experience to manage a network, so things had just been left and fingers crossed that nothing would go wrong…

Read more of this post


MP-BGP for IPv6

I recently passed the CCNP SWITCH exam, so now Spanning-tree is out the window, and I am firmly concentrated on all things layer 3 in preparation for the CCNP ROUTE exam.

One of the areas I have not really had much exposure too is IPv6.  So I have spent the last few days going over the theory behind it, and trying to put it into practice.
Read more of this post

IP SLA and Object Tracking

I’ve recently been doing some work with our HSRP setup around our network. Like most people, we use HSRP as a first hop redundancy mechanism to provide clients attached to the network with a virtual default gateway. HSRP will, be default, fail from Active to Standby, should the routers lose the ability to talk to one another on the subnet the HSRP for.

But what if something “down the line” fails…

Read more of this post

Using interface bandwidth to influence EIGRP routing decisions

Now we have our wireless bridge in place, we wanted to configure EIGRP to seamlessly converge over that link in the event of a fiber failure between sites.

We currently have 4 cores (2 at each site) with a full mesh connectivity between them. Each link comprises of 2x 1Gbps fibers bundled together into 2Gbps etherchannels.  There is also layer2 connectivity between cores at each site (allowing cores within a site to be EIGRP neighbors.

Read more of this post

Site to Site WIFI Part 2

Data cabling was installed at the end of last week. And we finished configuring the AP’s yesterday.Setup was pretty easy really. You can connect the AP’s to any type of switch port, so they will take tagged and untagged traffic.

By default the management addresses of the AP’s will be on the native VLAN, however there is an option to enable a management VLAN so that management traffic (HTTP, SNMP, SSH etc…) will be tagged with the appropriate VLAN ID.

Now the big question – Speed.
Read more of this post

Site to Site WIFI

The company I work at has two sites; the offices and a warehouse. The sites are about 500ft apart, separated by some council owned woodland. We have a couple of 24x core fibers running between the sites. However we recently realized that all the fibers went via the some underground conduit – part of which goes under the council woodland – so given that we have no control over some council worker in a digger sticking is bucket into our fiber, we decided a backup was required!!

Someone previously had installed a laser Line of Sight system, which delivered about 10Mbps, however what they neglected to realize when it was installed (maybe 6 years ago) was that trees grow. The woodland is green belt so we couldn’t touch the trees, and what use is 10Mbps anyway!! we push around 300Mbps between sites at any one time, going up to 500-600Mbps at peak times.

Read more of this post


The eternal question…what cert to do next??

A few months ago, I was sure that i was going to be going straight on to CCNP R&S. However, since then, I have done 0 studying for it! having a 7 month old baby girl means my time is somewhat limited.

My CCNA expires in January next year (3 years already!??!??!!??) so rather than re-sit I really want to do another certification. My thoughts – CCDA – the syllabus looks pretty easy, it’s mostly common sense from what I’ve heard. I did most of the studying for it about 12 months ago, so I think I just need a bit of a refresher and I should be good to go.

this way i get another 3 years to do at least one of the CCNP modules, which I’m sure I will, maybe SWITCH, I spend 80% of my time dealing with switching issues, so I don’t think it will be too complicated. It’s the ROUTE and TSHOOT that worry me slightly. ROUTE isn’t too bad, but TSHOOT is still a bit of an unknown quantity. Maybe I will have to save my pennies and go on a course rather than the self-study route.

The Recabling = Completed!

Following on from my last post, we have completed the recabling of our upstairs comms room. We had 4 days to complete the work, and managed to complete it after around 55 hours working around the clock – well ahead of schedule!

We still have a few little things to troubleshoot – namely some patch panel that got damaged and need to be re-terminated on new panels – awaiting for our cabling contractor to get back to us on that, and I’m heading back in tomorrow to sort out some printers that are on the wrong VLAN etc…

Other than that, it all went very well, all the hours of planing ensured we had minimal issues.

We had a web cam running capturing a picture every 10 seconds, here’s the time-lapse video;

Read more of this post

Recabling Project

Before I even started at my current job, I had heard rumours of the “upstairs comms room”.

Imagine, if you will, 8 – 10 years of poor cable management, poor cabinet layout, and cables 10x too long for the job at hand. Whatever you now have in your head, double it, and you might be getting close to our upstairs comms room.

This mass of cables to the right is comprised of around 2000 floor ports and 19 1u 18 port switches, and a whole heap of cable! I would say at least 50% of the cable is not actually in use, but has become so tangled and matted, it’s easier for the guys to run a new cable than move the old one – which obviously only serves to compound the problem!!

This single room has around 60% off our office space and 30% of our warehouse space patched into it. So downtime windows long enough to tackle this mess are few and far between.

But, thanks to Kate and Wills, we have been graced with an extra 4 day weekend this year. So we are going to take the opportunity to recable the entire room. Several codenodes for the projects have been suggested, including “project subu”, but we eventually settled on “The Big Weekend”

Read more of this post

Using Active Directory for Radius Authentication

When i started at my current job about 12 months ago, there was no means of centralized authentication. All the equipment used generic logins, and every device was different, so you need a spreadsheet of logins just to do the simplest of tasks!

My initial idea was to deploy a TACACS+ server, but no one wanted to spend on Cisco’s ACS and I couldn’t find a decent free one, so i looked at using Radius with Active Directory.

It turns out it’s actually quite easy to set up and administer!

Firstly, if you have more than 50 devices, you will need Windows Server Enterprise or Datacentre (2k3 or 2k8), or several servers, because Server Standard only supports 50 radius clients.

Read more of this post