JNCIA Question of the Week #6 – Commit Requirements


With a clean Juniper router (one that is using the factory default configuration), what must be set before the router will allow you to commit configuration changes? How is this option set?


Chris got it right, of course. Root passwords are required to save configuration changes in Junos. The command to do so is:
set system root-authentication plain-text-password

If you’re reading this and preparing for JNCIA-Junos, be sure you know this. Even if it’s not on the exam, it’s a pretty basic skill. Don’t use Brain Dumps!


Building a Juniper Lab with Remote Access – The Access Gateway

GNS3 is a great tool that can help us in many ways. One thing that may not be very evident, however, is how we can set up our GNS3 lab for remote access so we can practice when we’re not at home. The aim of this article is to show you how to do that.

This is part one in a series. This article describes how to install OpenBSD in a virtual machine (using VirtualBox). We go through the initial installation as well as assigning IP addresses to our interfaces. In part 2, we install Python and write a Python script that controls access to our gateway server.

This article assumes that you have already created virtual machines in VirtualBox before. If you have not, it is extremely intuitive. If you still need help, please see the VirtualBox website (here) or search Google.

Before we get started, here is our finished product in GNS3:

10 routers connected to a switch.  Two interfaces on a server connected to same switch.  Cloud connected to same switch

GNS 3 Topology

First, please create a new Virtual Machine with the OS type of BSD and OpenBSD. You can use the defaults throughout the wizard. Now open up the settings for the VM. Go to the storage tab and set the CD/DVD image to be the install50.iso you obtained from the OpenBSD website (here). Next, go to the Network tab. We need two interfaces. One will be bridged while the other will be internal.

The bridged adapter will be the one that is on our physical LAN. It is what will let us into the box. The internal adapter will get us to the actual GNS3 lab, but it will not automatically pass traffic between the GNS3 lab and our LAN (and thus the internet). In this way, although we have given ourselves remote access to the GNS3 lab (through this OpenBSD server), we have also isolated the GNS3 lab because there are no routes on the OpenBSD box. We will later use hostnames on the OpenBSD box to simplify accessing equipment, but there still will be no routes.

Next, start your VM. Press enter at the “boot>” prompt. The system will run through some internal loading and present you with the following screen:

Installation screen for OpenBSD 5.0

Installation Screen

Please accept the defaults until you get to the network configuration. For em0, we will want to use DHCP. This is our first adapter–the one that is bridged. When that is finished, you should see it ask you if you wish to configure any additional interfaces. We do. Type “em1.”

The screen for if em1

Interface em1 Configuration

Now we need to enter some information. I use the following to match the requirements of my GNS3 lab:

  • IP Address –
  • Subnet Mask – – This mask accommodates 14 interfaces total. My lab example has 11.

The installation will ask you to set a root password. Do this. Also create a new user with a password. Enable sshd by default. Disable root login for sshd.

Enter defaults until the system asks if you want to use a graphical environment, XWindows. Say no here. We don’t need a GUI.

No GUI option

Removing X Windows

Again, accept defaults until it asks you if you would like to create a new add or remove packages. YES! We want to remove all of the XWindows packages and the games package. Prepend the package name with a hyphen to remove it. So, enter the following commands:


Removing X WIndows and Games

Remove Packages

If there are more prompts, accept defaults. Finally, type reboot to restart the system. Remove the installation media.

At this point, we have a working OpenBSD system and gateway to the GNS3 network. We could stop here, but we are going to go farther in future articles because we might want to have access to this system for more than one person.

To access your network, be sure you open your firewall to the IP of your OpenBSD system. SSH to your public IP. You will be directed to your OpenBSD server. From here, ssh or telnet to your GNS3 routers.

Please ask if you have questions!

Preparing for Certification Exams


I’m going to say at least one controversial thing in this post–probably more–so be prepared! As with anything anyone else tries to tell you to apply to your life, take it with a grain of salt.

Everything I say here is my opinion. This is what works for me. I don’t guarantee that it will work for you, but it might. Take what you will away from this article.


The first is the most obvious. Take time out of your day to learn whatever it is you want to take a test on. Please see my previous article on brain dumps and why not to use them, entitled How to Trivialize a Certification in 10 Days – They’re Called Brain Dumps for a Reason.

Take at least 30 minutes to an hour out of your day to study. If you take more than thirty minutes, I suggest that you study in thirty minute blocks. So if you want to study for an hour each day, then take a 15 minute break in the middle. There are numerous scientific studies that show our ability to absorb information after twenty minutes is significantly reduced. Google them.

I usually try to fit in around two hours per day when I initially learn a topic, so my schedule tends to look like this:

  • Read for Half an Hour
  • Fifteen Minute Break
  • Watch Videos (or Read) for Half an Hour
  • Fifteen Minute Break
  • Pratice Hands-On (or Read) for Half an Hour
  • Fifteen Minute Break
  • Review Information I’ve Already Learned–CUMULATIVE!–for Half an Hour

This means that at the end of every day, I spend the last thirty minutes of every day doing a cumulative review of everything I’ve learned so far. I’m also doing labs for half an hour–if the exam requires any decent amount of hands-on activity. In effect, I am only learning new material for around an hour per day. This is my schedule, and it may not work for you.


Again, this should be expected. After you have learned all of the information, spend time every day reviewing all of it. I generally spend an hour each day at this point, but I typically don’t take the previously recommended break in the middle of reviewing, either. This is because I have already learned the information and really only need to emphasize certain points. With that being said, I still have structure to my review. I still divide my time in half–just without the break between. I spend the first thirty minutes studying a specific subject that I know I was struggling to grasp. The last half of my one hour block is spent doing a cumulative review–typically all of the Q&A from a book or practice tests (NOT BRAIN DUMPS!).

Schedule the Exam

This is one of the most important parts. Schedule your exam! If you don’t schedule it in advance, you’ll never schedule it. You’ll never crack down and really start learning.

When you do schedule it, think about work. Take the before an exam off from work. No excuses, and no reason not to. Also, read the next section about SLEEP and schedule your exam for two hours after you plan to wake up on exam day. If you are more than thirty minutes from the testing site, schedule it out farther than two hours.


I want to make a quick point. Sleep is good. We function well on sleep. I would like to make a recommendation to you. On your days off, go to sleep and don’t set an alarm. Record the time that you go to sleep. If you have kids, ask your wife/husband to take care of them until you wake up. Do not let anything interrupt your sleep! When you wake up, it will be natural. Immediately record the time! Now do a little math and find out how long you slept before your body (not outside influences) decided it was recharged.

Repeat the process above on at least three separate occasions (I recommend five). Average the time out. This should give you a decent idea of how much sleep you really need. Remember this number as we’ll be considering it very shortly.

The Day Before

Don’t study. The truth is that if you need to study the day before the exam, then you don’t know the material well enough to take the exam. If you feel you need to study the day before, just reschedule it. There’s no shame in it, but until you are confident that you no longer need to study or review the day before an exam, you are taking too much of a chance.

With that said, don’t watch T.V., either. You don’t want to do anything that is going to fill your head with nonsense. T.V. rots your brain! Engage in constructive–but trivial–activities. Go for a walk. Work out. Spend some time with your family (but don’t watch T.V.). Play a board game. Write. Anything that does not fill your head with new knowledge.

Now is also the time to plan your time before the exam.

Decide when you need to go to sleep to accommodate the previously mentioned “magic sleep number.” If you are thirty minutes or less from the test site, make sure you are awake two hours before your scheduled time while still accommodating that magic number.

For example, my magic number is around 9 – 10 hours. I live fifteen minutes from a test center. I go to sleep at 10PM and wake up at 8AM. I schedule my tests for 0945 – 1000 in the morning.

All of this time, from the moment you go to sleep until you pass the exam, is time for you. Get your significant lover to watch the kids. Before you go to sleep, lay out everything you need for the exam. Clothes, identification, keys, and your breakfast. Make sure your car has gas.

Shower the night before the exam. Eat a large, healthy dinner. Go to sleep.

Exam Day

First and foremost: you want no distractions today. Beg your spouse to take care of the children, the dog–whatever has to be done that cannot wait until you get back.

Wake up. If you drink coffee, go ahead and get your one single cup out of the way. Eat a small breakfast. You definitely do not want things sloshing around and making you sleepy while you’re testing! By the same token, you don’t want to be hungry. Find that happy medium, and eat something halfway decent.

Plan to leave your house at such a time that you can arrive at the testing center a minimum of fifteen minutes early. My center lets me start early, so I typically leave as soon as I’m ready.

Layer 1 – The Root of All Evil

The title is actually a play on the title Cabling: It Ain’t Sexy, But It’s Got Teeth!, a short but excellent post on the often-overlooked issues that can be caused by cabling. I just want to expand on it a little bit.


I work for a service provider and I monitor our data equipment. I also check all of the tickets I open and read their resolutions. I can generally determine the root cause of any problem. I work exclusively with WAN equipment. The moment something touches a LAN, I stop. I don’t work on LAN equipment. I occasionally open a ticket on a Layer 3 switch, but it’s very rare and is usually only done if the entire switch is down.

Root Causes

With the above out of the way, I can tell you that 90% of my tickets are the result of a Layer 1 problem. Layer 1 seems to be the most common trouble in any situation at our company. I can’t stress the importance of checking Layer 1 before you even look at a config. Just look at the interface and see how many errors it’s taking or the last time it went down. If it coincides with your problem, chances are you have a bad cable. Maybe it’s just working well enough to maintain service and as traffic increases it just falls apart. Maybe it’s cut, as is often the case when working for a service provider (fiber cuts all over the place!).

If your routing protocols bounce (drop and re-establish), chances are that your physical link (whether it’s fiber or copper) either went completely down or took so many errors that your routing protocols weren’t able to reliably transmit/receive hellos.


Again, I’d like to thank @JJRinehart for his original post which inspired me to basically say the same thing he did. 🙂 Thanks!

How to Trivialize a Certification in 10 Days – They’re Called Brain Dumps for a Reason

You ever know that one guy that had every certification known to man and he was still just barely brighter than a firefly? A firefly will do if you have no other source of light, but the sun and light bulbs and LEDs are a lot brighter in my book.

What Are They?

Some of you may not know what a brain dump is, or you might know it as a different name. A brain dump, simply put, is a collection of questions and answers that are lifted directly from a test. Sometimes these are provided by exam proctors who think they’re helping. Others are delivered by exam-takers who intentionally and knowingly break their NDA with a vendor. Sometimes they may be unwittingly discussed when peers are talking about their experiences. The bottom line is this: they give you the exact answers to the test.

So What?

Many people argue that they are an invaluable final preparation resource. Such claims may or may not have merit, but once again, this is cheating. Some test questions are extremely tricky and are intended to make you think. That’s the purpose of these exams: to make you think about what you’re striving for. They validate your skills. If you use a brain dump, how are you challenging yourself or validating your skills in any way? This brings us to our next point.


The proliferation of these brain dumps has, in many ways, lessened the value of all certifications in general. For those who do not use these dumps and strive to learn a vendor’s way through trial of fire, it cheapens our own worth. It makes our hard work and dedication a trivial thing compared to someone who just crammed a dump and then took the test. Yes, in the long run it will be obvious who actually knows the material and who just used a brain dump. In the short run, however, it invalidates one of the primary selling points of certification: separation of knowledge and talent.

The Result

Remember that firefly analogy I made? It wasn’t just to be cute. I have known, and will know again in the future, people who have every certification ever known to man.

How often do you think I ask these people for their expert opinions?

  • (A) Sometimes
  • (B) Purple
  • (C) Always
  • (D) lol

If you guessed (C) Always, you should probably look for crayons in your brain (a la Homer Simpson).

On a more serious note, though, these people have historically utilized brain dumps until their eyes bled (because of all of the dumping their own brains did). They didn’t actually know anything about any of the products from any of the vendors from which they held certifications. I knew one guy who had his Network+ that didn’t know what a routing protocol was and another guy with his CCNA that couldn’t tell the difference between a management IP/interface and an interface/IP meant to pass traffic–despite the fact that this information was easily available just by reading the config!

Solution Proposal

This one goes out to all of the hiring managers out there. Or to anyone involved in the hiring process, really.

If you’re going to make a certification (or “equivalent knowledge”) a requirement for a job, don’t trust what’s on the paper to make that decision.

If you require a specific certificate or equivalent knowledge, then you need to have some sort of “hands-on” test during the in-person interview that validates the skills a candidate and his certificate claim to have. If hands-on is out of the question because you can’t afford a sufficient lab or for some other reason, at least have a theory test that the candidate must answer–and in person. A test prior to submitting an application isn’t really a test–the candidate can just use the Internets! And if he can’t find it on the Internets, I guarantee you one of two things: it doesn’t exist OR the candidate will call the creator of the Internets–Al Gore himself–and ask the all-knowing personally.

If you don’t have the technical know-how to judge something like that, ask your technical lead to sit in on the interview. If you don’t have one, pick your subject matter expert. If you don’t have an SME, get one.


Look, bottom line is that brain dumps are harmful for everyone. When you use them, you’re honestly just dumping nonsense onto your test. If you don’t understand the material, why do you want to lie with a piece of paper that says you do? If you do understand the material, why cheapen yourself (and others) by cheating?


Post-Mortem Disclaimer

The views expressed here belong to me. They don’t belong to the company I work for, and they certainly don’t belong to any other being in existence. If I said it, then it’s what I feel. I’m sorry if you think that the words of an individual represent the views of a whole. You should probably go back to school for a while and learn some basic history/psychologically/math/anything.

JNCIA Question of the Week #5 – Benefits of Class of Service


Class of Service offers a number of benefits. From the list below, select 3.

  • Quicker Network Convergence
  • Eliminates Congestion
  • Prioritizes Latency-Sensitive Network Traffic, Such as VoIP
  • Allocates Bandwidth According to Service Type
  • Forces Packets Through, Eliminating Packet Loss
  • Alleviates Congestion, but Does Not Eliminate it



  • Prioritizes Latency-Sensitive Network Traffic, Such as VoIP
  • Allocates Bandwidth According to Service Type
  • Alleviates Congestion, but Does Not Eliminate it

BGP, OSPF, Spans, and Bounces – Working for a Service Provider


First, I would like to say that in general, I like my job. Second, it should be mentioned that I am in a group that is often looked down upon. Third, I am good at my job.

It should also be mentioned that anything contained in this post is my own personal opinion and does not in any way reflect the views of the company I work for, my department, my bosses, my peers, or any other organizational unit or entity within my company.

Now that the disclaimer is out of the way…


Let’s get something straight. I consider my job to be vital to the continued operations and profitability of the company I work for. I do not resolve issues on my own, but instead escalate them to the support group responsible for a particular piece of equipment. This is usually DNOC IP or DNOC ATM, although sometimes it can include our server group or applications support.

I watch Netcool. For those of you not familiar, it basically collects SNMP traps from all of the network-facing equipment in our company. By network-facing, I mean network backbone and service equipment. Customer equipment and building equipment – such as a Cisco 2960 switch – is not included. Netcool tells me when something bad happens. This could be as simple as a single IMA T1 going down or as bad as an entire market losing connectivity to the rest of the network.

I’ll say it again: I don’t resolve issues. However, that being said, I can tell you why an iBGP peer dropped and then re-established. And I can do it pretty quickly. I can generally tell you why anything that I receive an alarm for happens. I’ve been doing this for less than a year now, but I feel very confident in my abilities to narrow something down. This is where the problem comes in.

The Problem

If a routing protocol bounces for a few seconds, it is generally held for 24 hours. If it stays clear, the ticket is closed.

This is simple. Why must I send the ticket to another group for something so simple? I think I’m capable of periodically checking on an interface to see if it has remained stable. If we monitored these ourselves and escalated if necessary, we could save time for the support groups. And saving the time of people that get paid more than we do means saving the company money.

When we receive traps, I can easily find a root or common cause. Not always, but often.

I hold a NOC position and title. Why, then, does it feel like I am not a member of the NOC?

The Solution

We need to raise the standard for our group. We need to be more consistent as a group and provide better information as a group. We need to increase our knowledge as a group. Everyone needs to be on the same page.

If we can accomplish those things, perception of the group should become a little more positive. Over time, it should get to the point of trust. At that time, we should be allowed to be integrated more fully into the NOC and better fulfill our entry-level position expectations.


Working for a service provider is not all that it’s cracked up to be. If I did not have such an excellent boss, I would have jumped ship longer ago in search of greener pastures. No place is perfect, but not troubleshooting is a nightmare. Do not apply for a service provider position expecting sunshine and rainbows. You may find that it is either more than you bargained for or nowhere near as challenging as what you expected. I’m not sure if there is a happy balance anywhere in there. Unless, maybe, you want to be customer-facing.