VMware ESXi vSwitch settings for INE lab

1. Configuration > Hardware > Networking
2. Select the vSwitch which the GigabitEthernet1 are attached to, click on Properties
3. Select the vSwitch and click Edit
4. Select All (4095) from the VLAN ID downdown

Cisco TCL Ping script

TCL scripting is a useful tool during the lab and it be use to perform connectivity test by creating a simple ping script.

Go into the TCL shell by issuing the command

tclsh

Script

R1(tcl)#foreach address {
+>(tcl)#192.168.1.1
+>(tcl)#192.168.2.2
+>(tcl)#192.168.3.3
+>(tcl)#10.1.1.1
+>(tcl)#10.1.2.2
+>(tcl)#} { ping $address
+>(tcl)#}

Results

Please create RSA keys (of atleast 768 bits size) to enable SSH v2

When the router booted up it already had a key pair generated, but our newly created keypair (1024) has a different name.

The ip ssh rsa keypair-name command was also introduced in Cisco IOS Release 12.3(4)T so that you can enable an SSH connection using the RSA keys that you have configured. Previously, SSH was linked to the first RSA keys that were generated (that is, SSH was enabled when the first RSA key pair was generated). The behavior still exists, but by using the ip ssh rsa keypair-name command, you can overcome that behavior. If you configure the ip ssh rsa keypair-name command with a key pair name, SSH is enabled if the key pair exists, or SSH will be enabled if the key pair is generated later. If you use this command to enable SSH, you are not forced to configure a hostname and a domain name, which was required in SSH Version 1 of the Cisco IOS software.

R1#sh crypto key mypubkey rsa
% Key pair was generated at: 00:02:15 UTC Mar 1 2002
Key name: R1.mydomain.com
Storage Device: private-config
Usage: General Purpose Key
Key is not exportable.
Key Data:
<--- ommited --->
% Key pair was generated at: 00:00:05 UTC Mar 1 2002
Key name: R1.mydomain.com.server
Temporary key
Usage: Encryption Key
Key is not exportable.
Key Data:
<--- ommited --->
% Key pair was generated at: 00:03:28 UTC Mar 1 2002
Key name: R1.gns3.com
Storage Device: not specified
Usage: General Purpose Key
Key is not exportable.
Key Data:
<--- ommited --->

R1(config)#ip ssh rsa keypair-name R1.gns3.com
R1(config)#
*Mar  1 00:05:09.039: %SSH-5-DISABLED: SSH 1.5 has been disabled
*Mar  1 00:05:09.055: %SSH-5-ENABLED: SSH 1.99 has been enabled
R1(config)#ip ssh version 2
R1(config)#do sh ip ssh
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3

Rebuild python-vmcloud from source

The information found here are mainly my own personal technical notes, whatever/however you use it is solely you decision !

Rebuild the python-vmcloud from source

/var/lib/dpkg/info/python-vmcloud.*

Create a working directory named "python-vmcloud", the folder structure will be as below

*** copy all the file listed in python-vmcloud.list !
*** cp -a --- copying of subfolders
*** mkdir -p --- create directory with subdirectory

python-vmcloud/
----DEBIAN/
--------control
--------postinst
--------postrm
--------prerm
----etc/
----usr/
----var/

the files under DEBIAN folder are plain text files. "control" file content is as below but without the "###"

### start of control file ####
Package: python-vmcloud
Priority: optional
Section: python
Installed-Size: 307948
Maintainer: vmcloud-dev <vmcloud-dev@cisco.com>
Architecture: all
Source: vmcloud
Version: 0.5.4-1
Replaces: python-vmcloud-st
Depends: python2.7, python (>= 2.7.1-0ubuntu2), python (<< 2.8), python-pexpect, python-lxml, python-libxml2,
virtinst, libvirt-bin, qemu-kvm, mkisofs, genisoimage, python-bottle, python-paste
Conflicts: python-vmcloud-st
Conffiles:
/etc/vmcloud/internal_config f038aed945325df744cd2d68c35b4705
/etc/vmcloud/vmcloudrc dcd847aae42f25b9982735701c45071b
/etc/init/vmcwebsvc.conf aea48c35713d76fb1894e7ae4385d2d7
 
Description: Cisco Network Device Emulator Orchestration Tool
### end of control file ####

When all the files/folders are ready, execute the command to rebuild the .deb

# dpkg-deb -b python-vmcloud

Installation of VMcloud

# dpkg -i python-vmcloud.deb

because there are some dependencies, run the command to auto install them

# sudo apt-get -f install

Redo the dpkg installation again

# dpkg -i python-vmcloud

Set the SUID for the file /usr/bin/vmcnet
# sudo chmod 4775 /usr/bin/vmcnet

*** This allow the application to run as root.

Change the ownership to "root"
# chown root:root /usr/bin/vmcloud
# chown root:root /usr/bin/vmcnet
# chown root:root /usr/bin/vmcwebsvc

Testing the installation

Edit the VIRL configuration (3node.virl) to remove out below parameters

# nano /usr/share/vmcloud/data/examples/3node/3node.virl

<entry key="import files" type="String">/usr/share/vmcloud/data/examples/3node/router1.p12</entry>

Run the topology from the template

# vmcloud netcreate -v /usr/share/vmcloud/data/examples/3node/3node.virl 3NODE

Using default configuration: /etc/vmcloud/vmcloudrc
Launching NDE network ...
Created domain: labguide.3NODE.router1 (console=127.0.0.1 3533, aux=127.0.0.1 3534)
Created domain: labguide.3NODE.router2 (console=127.0.0.1 3535, aux=127.0.0.1 3536)
Created domain: labguide.3NODE.router3 (console=127.0.0.1 3537, aux=127.0.0.1 3538)
NDE network launch: Success

VTP protocol user notification: MD5 digest checksum mismatch on receipt of equal revision summary on trunk

Error Message

VTP protocol user notification: MD5 digest checksum mismatch on receipt of equal revision summary on trunk

The domain was changed from NULL to CCNA but VTP client has a different MD5 digest which causing the error to prompt out.

MD5 after changing the VTP domain (VTP Server)

MD5 after changing the VTP domain (VTP Client)

Solution

Create a temporary VLAN and then removing it will cause the VTP server to send out updates hence clearing this issue.

config t
vlan 99
exit
no vlan 99

Dual-boot Windows 7 with SafeBoot and Ubuntu

Environment :
Windows 7
Ubuntu 12.04
SafeBoot aka McAfee Endpoint Encryption

Description :
What is SafeBoot ?
SafeBoot is a McAfee product which defunct back in 2009. Cooperate are using McAfee Endpoint Encryption nowadays (2012). McAfee Endpoint Encryption provide full disk encryption prevents exposure of sensitive data on laptops and desktop computers (especially in the event of PC loss or theft) with transparent encryption; enforce strong access control with two- and three-factor, pre-boot authentication.

This document the step I used to install McAfee Endpoint Encryption and got it to dual boot Windows 7 and Ubuntu.

1. To install Windows 7 on a computer without an operating system
2. Resize Windows 7 partition size to prepare space for Ubuntu
3. Install Ubuntu alongside Windows 7
4. Prepare bootloader for Safeboot
5. Install McAfee Endpoint Encryption
6. Testing dual boot setting
7. Final tweaks

Final tweaks:
1. Boot into Ubuntu
2. Bring the Terminal
3. Issue command "sudo gedit /etc/default/grub"

Make sure the GRUB settings below are followed. This settings is for hidding the GRUB selection, else you need to select twice in order to get into Ubuntu.

GRUB_DEFAULT=0
GRUB_HIDDEN_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=0
GRUB_DISABLE_OS_PROBER=true

Prepare bootloader for Safeboot

Environment :
Windows 7
Ubuntu

Installation / Usage :
This would be the most critical part in getting the dual boot to work properly with SafeBoot/McAfee Endpoint Encryption installed. We are using a method called "chain loading".

Pre-requisite:
A) Windows 7 installed (Without SafeBoot/McAfee Endpoint Encryption)
B) Ubuntu installed (During boot, GRUB is the boot manager)

The following step is to backup the Ubuntu bootloader:
1. Login Ubuntu
2. Issue the command "df" without quotes and note down the entry which says "Mounted on "/" .. what is the /dev/sda?
3. Issue the command "sudo grub-install --force /dev/sda?" .. where sda? is referring from result from step #2
4. Backup the bootloader, issue the command "dd if=/dev/sda of=grub.bin bs=512 count=1" (you can specify the thumbdrive at the 'of' paramenter)

The following step is to default the bootloader back to the original Windows 7 bootloader:
1. Boot PC
2. Press F8 after BIOS and Before Windows logo (Bring up the recovery console)
3. Select "Command Prompt"
4. Issue the command "bootrec /fixmbr"
5. Reboot

Upon reboot you should see the generic Window boot selection and GRUB is missing. This is expected.

6. Boot into Windows 7
7. Copy the grub.bin file from the thumbdrive into C:\Windows\System32

The following step is to update the Windows 7 boot menu to add the entry for Ubuntu:

9. Open a command prompt (Run > cmd)
10. Issue the following command to update the boot menu

BcdEdit commands:

    10a. Create a ID for the entry "Ubuntu"
    bcdedit /create /d "Ubuntu" /application BOOTSECTOR
    The entry {5a9684fa-9ec0-11e1-a7c3-00137290c993} was successfully created.
   
    * eg. ID -> {5a9684fa-9ec0-11e1-a7c3-00137290c993}
    * Copy the ID generated from this command as it will be reference in the following commands
   
    10b. Specifying which partition contains the bootloader (grub.bin)
    bcdedit /set {5a9684fa-9ec0-11e1-a7c3-00137290c993} device partition=c:
   
    10c. Specifying the path to the bootloader (grub.bin)
    bcdedit /set {5a9684fa-9ec0-11e1-a7c3-00137290c993} path \Windows\System32\grub.bin
   
    10d. Add the entry to the boot menu
    bcdedit /displayorder {5a9684fa-9ec0-11e1-a7c3-00137290c993} /addlast
   
    10e. Specifying menu display time
    bcdedit /timeout 10

11. Verify the Window 7 boot menu has the entry
Right-click "Computer" > Advanced system settings > Advanced > Startup and Recovery > Settings >
Under the drop down of "Default operating system", you should see Ubuntu.

12. Reboot and Choose the "Ubuntu" entry
13. GRUB should be loaded if all had been done properly
14. Allow it to boot into Ubuntu to see if it working properly

! For Windows XP users, you can edit the Boot.ini file and specify the path to the Linux bootloader
! For Windows 7 users, you can download a software called EasyBCD which is free and edit the boot menu entries via a GUI. It also has an option to default the boot loader back to Windows 7 original.

Install Ubuntu alongside Windows 7

Environment :
Windows 7
Ubuntu 12.04 (LTS)

Installation / Usage :
This guide covers the installation of the Ubuntu AFTER installing Windows 7. Because Windows OS installation will replace the Master Boot Record (MBR) with its and replace GRUB.

Prior to install Ubuntu, make sure you prepare enough harddisk space for the installation.

1. Download Ubuntu 32/64bit [LINK]
2. Burn ISO onto DVD or Create a Ubuntu bootable USB drive
3. Boot the Ubuntu installer
4. Select English
4. Select the option "Install Ubuntu"
5. Select English > Continue
6. Needs atleast 4.4GB harddisk space / Connection to internet (optional)
7. Install Ubuntu alongside Windows 7
8. Select Timezone
9. Select Keyboard layout English (US)
10. Choose a computer name
11. Account to import - NO
12. Installation done, restart the machine

Resize Windows 7 partition size to prepare space for Ubuntu

Environment :
Windows 7
Ubuntu

Installation / Usage :
Because you are preparing space for installing Ubuntu alongside with Windows 7, you can choose to use either

1. Windows build in disk management tool
2. Bootable Ubuntu DVD with GParted

Option 1 - Windows Disk Management:
* You would need to defrag the harddisk before shrinking it.
Settings -> Control Panel -> Administrative Tools -> Computer Management -> Storage -> Disk Management -> Shrink Volume

Option 2 - Bootable Ubuntu DVD with GParted:
1. Boot into Ubuntu Live (Test Ubuntu)
2. On the Left Top Most Upper icon (Dash Home)
3. under Search, key in "gparted" and press ENTER
4. Right click on the partion and Select "Resize/Move"
5. Using the slider, adjust the amount of space you wish to allocate for Ubuntu installation
6. Click resize
7. You will see "unallocated" space available for Ubuntu installation later.
8. Save the changes by Edit > Apply All Operations (or click the Green Check icon)
9. Reboot

! Remember to reboot and boot back into Windows 7 and make sure its still running properly.

To install Windows 7 on a computer without an operating system

Environment :
Clean install of Windows 7

Installation / Usage :
To do this, you'll need to start, or boot, your computer using the Windows 7 :

1. Installation disc
    1a. Go to the Microsoft Store website and complete your purchase.
    1b. On the Order Receipt webpage, click the Additional Download Options drop-down list, click either Download 32/64bit ISO and then click Download.
   
2. USB flash drive
    2a. Download the Windows 7 USB/DVD Download Tool [LINK]
    2b. Under Installation, follow the instructions to download and install the tool on your PC.

Windows 7 installation steps:

1. Turn on your computer, insert the Windows 7 installation disc or USB flash drive, and then shut down your computer.
2. Restart your computer.
3. Press any key when prompted, and then follow the instructions that appear.
4. On the Install Windows page, enter your language and other preferences, and then click Next.
5. If the Install Windows page doesn't appear, and you're not asked to press any key, you might need to change some system settings.
6. On the Please read the license terms page, if you accept the license terms, click I accept the license terms, and then click Next.
7. On the Which type of installation do you want? page, click Custom.
8. On the Where do you want to install Windows? page, choose the partition that you want to install Windows 7 on, or click Unallocated Space if no partitions are listed, and then click Next.
9. If a dialog box appears saying that Windows might create additional partitions for system files, or that the partition you chose might contain recovery files or other types of files from your computer manufacturer, click OK.
10. Follow the instructions to finish installing Windows 7, which include naming your computer and setting up an initial user account.

How to study for the CCIE exan

"How" is normally follow after "What". After we figure out what we want to achieve and defined the "GOAL", next step would be looking at the options on "HOW".

Because the CCIE exam cover a myriad technology, so it is time consuming to study for it without a proper strategy. I haven't taken the exam before but after reading tons of war stories, I have choose the following :

1. INE as the training vendor
2. Build a hybrid CCIE rack with GNS3
3. Install and configure GNS3 for "LABBING-ON-THE-GO"

The plan is to stick to a workbook and strategically go through all the technology. Although I'll be building a hybrib lab, because lighting and electrical bill I won't be making it remotely accessible. There is where the "LABBING-ON-THE-GO" comes in, practice most of the routing topic while at office.

Now with the exercise guide (INE workbook), threadmill (Hybrid Lab) ... what left is only determination and persistence to stick the to plan.

Reference:
How to study for your CCIE by INE - [LINK]
How to Pass the Routing & Switching CCIE Lab Exam by INE - [LINK]
How to pass the CCIE R&S with INE’s 4.0 Training Program by INE - [LINK]

Setting a goal and making sure you are on track

"The difference between a GOAL and a DREAM, is a DEADLINE"

Setting a goal is easy as we do it yearly during New Year Eve ... aka New Year Resolutions ! But how many of the NYR do we push behind our mind after March :) Defining SMART goal will help you getting to it with a more strategic plan.

S - Specific (or Significant)
M - Measurable (or Meaningful)
A - Attainable (or Action-Oriented)
R - Relevant (or Rewarding)
T - Time-bound (or Trackable)

eg: Attaining CCIE certification before age 35 by studying/understanding all the technology listed under the exam blueprint and practicing each technology using the lab workbook.

Give yourself a realistic time frame you can achieve the goal. CCIE in 3 month (Are you joking with me ?)

"besides those 3 months of dedication, there were many years of working experience. I just wanted to make clear that it's very difficult (if not impossible) to get the CCIE with only 3 months of preparation." - Tassos (CCIE™ #19858)

Putting your goal in writing is very powerful, write it down and stick it where you'll see it often to remind yourself about it. 

How to make sure you ain't deviating from your goal ?
You need to track your progress ! Write them down on the calendar to remind yourself and see your progress. Google Calendar is a free and great service that allow you to keep track your progress. [LINK]

Unofficial CCIE Candidate FAQ

What is CCIE ?
The Cisco Certified Internetwork Expert (CCIE) certification is accepted worldwide as the most prestigious networking certification in the industry. Network Engineers holding an active Cisco CCIE certification are recognized for their expert network engineering skills and mastery of Cisco products and solutions.

What is the prerequisites for CCIE certification ?
There are no formal prerequisites for CCIE certification. Other professional certifications or training courses are not required.

The CCIE certification consist of two part :

Part one : Pass a two-hour, written qualification exam which covers networking concepts and some equipment commands before you are eligible to schedule the lab exam. [#350-001]

1a : Take the exam at Pearson VUE testing facility [LINK]

1b : Cost for the #350-001 exam [LINK]

Part two : Pass a eight-hour lab exam tests your ability to configure actual equipment and troubleshoot the network in a timed test situation. Candidates require to attempt of the CCIE lab exam within 18 months of passing the CCIE written exam. Candidates has three years to pass the lab exam (multiple attempts) from the date passing the written exam.

The eight-hour lab exam is further broken into two part :

2a : two-hour troubleshooting section, a series of trouble tickets for preconfigured networks and need to diagnose and resolve the network fault or faults. Candidates who finish the troubleshooting section early may proceed on to the configuration section, but they will not be allowed to go back to troubleshooting since their equipment will need to be reinitialized for the configuration portion.

2b : six-hour Configuration section, anything on the CCIE blueprint is fair game and maybe be tested on.

What would be provided at the lab exam ?
1. Please refer to the "Lab Equipment and IOS List" for the device list [LINK]
2. During the lab exam, the only reference you have is the Cisco documentation CD and search function has been disabled. [LINK]
2. Terminal is PuTTY and you have access to all Windows Calculator functions.
3. Everything is digital. No printed material is provided.
4. Plenty of paper and pens to use during the lab.

CCIE R&S v4.0 Lab Exam Demo
This demo will familiarize candidates with the online interface that has replaced paper exams, which presents the virtual topology, test questions, documentation and tools. [LINK]