Archive for the ‘ Junos ’ Category

Juniper Exams vs Cisco Exams

Juniper exams are interesting.  I’ve written before that they expect you to understand a lot of the underlying concepts before you take the exam.

The exams are entirely written.  They’re multiple choice, single answer and multiple choice, multiple answer.  This format works well, and even with this format they’re extremely difficult questions.  I, for one, am glad there are no labs or drag and drop questions.  Why?

I took a Cisco exam, the ICND1 or CCENT exam.  On this exam was a simulator.  In this simulator a question was asked inquiring about a connectivity issue.  Using the show interface <if-name> command revealed that the interface was up and up.  The problem is that this wasn’t an option in the answers.  And none of the other options were valid, either.  I was at an impasse.  Four options, none of them valid answers.  In desperation, I issued the show ip interface brief command.  I was shocked and amazed to discover that this command showed a different status for the interfaces than the show interface command.  I had my answer, but I almost missed a question because show interface and show ip interface brief showed two completely different statuses for an interface.  They should have had the same output, regardless of what Cisco was looking for.  This question was extremely unfair and very poorly designed and executed.

Because Juniper doesn’t use simulators, it doesn’t suffer from this problem.  Whether these potential bugs or “features” are the reasons for them not using simulators or not, I applaud them.  I cannot praise the simplicity of the Juniper Networks certification exams enough.  Without the complexities, there are fewer potential bugs or issues.  Yet their exams are still difficult enough to ensure their own validity and to validate the knowledge and skills of their candidates.

Juniper, please learn from this post and keep these points in mind.  I fully believe that simulators and the like can, will, and have prevented otherwise successful candidates from passing their exams.  I am even more displeased with Cisco after taking their exams.  And I’m more impressed by Juniper for avoiding the pitfalls that Cisco suffers from.

For the Love of Networking or How I Learned to Stop Worrying and Love the Bomb

People usually tell you to do what you love. What they may not tell you is that you probably shouldn’t do something unless you love it.

There are obviously exceptions to this. If you need the work and can’t get anything else, you have to do what you have to do. However, with IT, the rule of “do what you love” seems particularly harsh.

I realize more and more that, with IT in general, if you don’t love what you do, you won’t get very far. You’ll probably work at a Tier I help desk for the rest of your life. While someone has to do it (and while it can be an art itself), I think most people aspire for more. Unfortunately, if you don’t love it, you won’t get any further.

As I study for my JNCIS, I have realized more and more that if I didn’t really want this, there’s no way I could pass it honestly. Sure, I could use a brain dump (read here for why not to) and pass, but that wouldn’t get me very far. I would either bomb every interview or get lucky, get hired, and then get fired within 30 days as my employer realizes I cheated on the test.

This stuff isn’t extremely simple. It’s not overly difficult, but you’re going to hate it if you don’t crave it. And if you hate it, how far do you realistically expect to get?

If you love it, don’t worry. It will all come with perseverance and dedication. Just study, ask questions, and delve deeper and deeper.

JNCIS-ENT Question of the Week #1 –


Aggregate Routes and Generated Routes are very similar. What is one of the biggest differences between the two?


Generated routes have a next-hop value of the first contributing route, whereas aggregate routes have a next-hop value of reject. Chris has it.

JNCIA Question of the Week #6 – Commit Requirements


With a clean Juniper router (one that is using the factory default configuration), what must be set before the router will allow you to commit configuration changes? How is this option set?


Chris got it right, of course. Root passwords are required to save configuration changes in Junos. The command to do so is:
set system root-authentication plain-text-password

If you’re reading this and preparing for JNCIA-Junos, be sure you know this. Even if it’s not on the exam, it’s a pretty basic skill. Don’t use Brain Dumps!

Building a Juniper Lab with Remote Access – The Access Gateway

GNS3 is a great tool that can help us in many ways. One thing that may not be very evident, however, is how we can set up our GNS3 lab for remote access so we can practice when we’re not at home. The aim of this article is to show you how to do that.

This is part one in a series. This article describes how to install OpenBSD in a virtual machine (using VirtualBox). We go through the initial installation as well as assigning IP addresses to our interfaces. In part 2, we install Python and write a Python script that controls access to our gateway server.

This article assumes that you have already created virtual machines in VirtualBox before. If you have not, it is extremely intuitive. If you still need help, please see the VirtualBox website (here) or search Google.

Before we get started, here is our finished product in GNS3:

10 routers connected to a switch.  Two interfaces on a server connected to same switch.  Cloud connected to same switch

GNS 3 Topology

First, please create a new Virtual Machine with the OS type of BSD and OpenBSD. You can use the defaults throughout the wizard. Now open up the settings for the VM. Go to the storage tab and set the CD/DVD image to be the install50.iso you obtained from the OpenBSD website (here). Next, go to the Network tab. We need two interfaces. One will be bridged while the other will be internal.

The bridged adapter will be the one that is on our physical LAN. It is what will let us into the box. The internal adapter will get us to the actual GNS3 lab, but it will not automatically pass traffic between the GNS3 lab and our LAN (and thus the internet). In this way, although we have given ourselves remote access to the GNS3 lab (through this OpenBSD server), we have also isolated the GNS3 lab because there are no routes on the OpenBSD box. We will later use hostnames on the OpenBSD box to simplify accessing equipment, but there still will be no routes.

Next, start your VM. Press enter at the “boot>” prompt. The system will run through some internal loading and present you with the following screen:

Installation screen for OpenBSD 5.0

Installation Screen

Please accept the defaults until you get to the network configuration. For em0, we will want to use DHCP. This is our first adapter–the one that is bridged. When that is finished, you should see it ask you if you wish to configure any additional interfaces. We do. Type “em1.”

The screen for if em1

Interface em1 Configuration

Now we need to enter some information. I use the following to match the requirements of my GNS3 lab:

  • IP Address –
  • Subnet Mask – – This mask accommodates 14 interfaces total. My lab example has 11.

The installation will ask you to set a root password. Do this. Also create a new user with a password. Enable sshd by default. Disable root login for sshd.

Enter defaults until the system asks if you want to use a graphical environment, XWindows. Say no here. We don’t need a GUI.

No GUI option

Removing X Windows

Again, accept defaults until it asks you if you would like to create a new add or remove packages. YES! We want to remove all of the XWindows packages and the games package. Prepend the package name with a hyphen to remove it. So, enter the following commands:


Removing X WIndows and Games

Remove Packages

If there are more prompts, accept defaults. Finally, type reboot to restart the system. Remove the installation media.

At this point, we have a working OpenBSD system and gateway to the GNS3 network. We could stop here, but we are going to go farther in future articles because we might want to have access to this system for more than one person.

To access your network, be sure you open your firewall to the IP of your OpenBSD system. SSH to your public IP. You will be directed to your OpenBSD server. From here, ssh or telnet to your GNS3 routers.

Please ask if you have questions!

JNCIA Question of the Week #5 – Benefits of Class of Service


Class of Service offers a number of benefits. From the list below, select 3.

  • Quicker Network Convergence
  • Eliminates Congestion
  • Prioritizes Latency-Sensitive Network Traffic, Such as VoIP
  • Allocates Bandwidth According to Service Type
  • Forces Packets Through, Eliminating Packet Loss
  • Alleviates Congestion, but Does Not Eliminate it



  • Prioritizes Latency-Sensitive Network Traffic, Such as VoIP
  • Allocates Bandwidth According to Service Type
  • Alleviates Congestion, but Does Not Eliminate it

Certification Future

2012 – The Year of Certifications.

This month alone, I plan on taking three certification exams. I’m waiting on a voucher to be e-mailed to me by the company, and if I get it in time, I’ll be taking my Network+ on Friday, January 13th.

I’ve scheduled my CCENT for Friday, January 20th.

I plan on taking my CCNA SP Ops (SSPO) on Friday, January 27th.

My JNCIS-ENT exam should be on Friday, February 10th.

Wish me luck!