Thursday, April 17, 2014

Dubai Was a Blast!

 

During the week of March 30, 2014 I traveled to Dubai to deliver my CCDE Practical Bootcamp class. The above picture is our class photo from the week (I need to remember to do this for future classes). From left-to-right: Asad, Jeriel, Jeremy (me), Evgeny, Alexander, Hamed and Mazin. Only Hamed is a local… thank you for your hospitality! The rest traveled from Europe, Africa and the Middle East region to immerse themselves in a week of network design concepts, case studies and practice exams.

I had such a great time delivering the class that I am already planning to return to Dubai in early 2015 to teach it again. According to those who live in the area, the winter and early spring months are the best time to visit; the weather can get quite unbearable beginning in May. We hit highs of 90 degrees Fahrenheit (32 C) while I was in town, which was quite a departure from the snow and ice of my hometown in the US. I couldn’t imagine trying to walk outside during the summer highs of 120 degrees F! If you are interested in attending my next Dubai class (likely January 18-23 or February 1-5, 2015) please email me and I will provide details as they become available.

As for leisure, I was able to find a bit of time in the evenings to visit the world’s largest mall and travel to the observation deck of the world’s tallest building. The Burj Khalifa is remarkably tall; I worked for some time in New York City and became accustomed to living among the skyscrapers. Even the new Liberty Tower in Manhattan does not tower over neighboring buildings in quite the same way as the Burj Khalifa. I was also able visit the Madinat Jumeirah resort and meet up with Sam, a previous student and active CCDE who lives in Dubai. Dubai is an impressive location to hold a class; I am looking forward to returning!

Thank you once more to those who attended this class, and good luck to all my friends and students who are planning to take the CCDE practical exam in May! If you’d like to learn more about my online training, please visit http://www.jeremyfilliben.com/p/self-paced-ccde-practice-exam-training.html. If you would like to attend my next CCDE bootcamp in the US, visit http://www.jeremyfilliben.com/p/ccde-practical-bootcamp.html.

Thursday, December 5, 2013

CCDE Training Schedule for 2014


Congratulations to my seven students who successfully completed the CCDE Practical exam on November 22nd! I am honored to have trained 31 of the world’s CCDEs. Thank you for allowing me to be a part of your success. Passing this exam is quite an accomplish; you should be very proud of your effort.

Interest in the CCDE program has increased considerably since I started training network engineers and architects for this certification in 2010. I’m trying my best to increase my training offerings to meet candidates needs. To that end I have opened registration for the following CCDE training classes. If you are interested in attending, please click on the links below. If you have any questions, please don’t hesitate to ask.

April CCDE Practice Exams

My next online CCDE practice exams are scheduled for Saturday April 5th and 12th, 2014. Registrants for these sessions will receive four CCDE Practice exam scenarios, as well as my CCDE overview presentation and guidance documents. The review sessions will take place on consecutive Saturdays and are expected to last from 9am ET until approximately 1pm ET. Registration for these sessions in available at Eventbrite.



Self-Paced CCDE Practice Exams


My CCDE practice exams are available in a self-paced offering. Once you register you will receive the exam content within 24 hours. Registrations for the self-paced class are always invited to attend any subsequent live sessions as well, including the February 1st CCDE overview presentation and question & answer session. Registration for the self-paced class is available at Eventbrite. I have updated my content to reflect the most recent changes in the CCDE program, including the flexible lunch breaks and day-before registration for any Pearson Professional Center.

CCDE Bootcamp in Philadelphia, Pennsylvania - January 27-31, 2014


My next scheduled live CCDE Practical bootcamp class is coming up at the end of January. It will be held at the University of Pennsylvania campus in Philadelphia, PA. My live class content has been updated to incorporate the latest CCDE updates. I have also added a new section comparing/contrasting GETVPN and DMVPN, based on feedback from recent class attendees. Registration is open at Eventbrite.

CCDE Bootcamp in Celebration, Florida - July 28-August 1, 2014

Last year’s Celebration, Florida class was quite successful. Feedback about the town (located near Orlando in Central Florida) and the Stetson University facilities was overwhelmingly positive. I have decided to bring my class back to the same location this coming July. Registration is open at Eventbrite. The course description can be found by clicking on the title above.


CCDE Bootcamp in Dubai, UAE March 30 - April 3, 2014

I am also offering my week-long class in Dubai during the week of March 30th, 2014. Registration is available in at Eventbrite. The class will be held at City Seasons Suites in Dubai. If you have any questions about this class please let me know. I am also considering a European class the month of November, 2014. If you are interested in attending a class in London or Frankfurt, please let me know. I am still trying to gauge the interest level before committing to this class.

As always, if you have any questions about my training classes or the CCDE program please write me an email at jeremy@filliben.com. I look forward to helping candidates succeed at this certification in the coming year.

Tuesday, October 1, 2013

Python Scripting and the Blackjack "In Bet"ween Bet

I recently spent an hour or so at the local casino (Delaware Park) playing blackjack with my father-in-law. The table we chose had a side bet called “IN BETween”, which compares the player’s two cards to the dealer’s up card. If all three cards match, the player is paid a 30-1 return. If the dealer’s card is in between the two player cards (hence the name of the game), the player is paid based on a pay table. At Delaware Park, the current pay table is:

Result Pay Ratio Example Winning Hand
All Cards Match 30-1 7-7-7
One Card Spread 10-1 3-4-5
Two Card Spread 6-1 8-T-J
Three Card Spread 4-1 2-5-6
All Other Spreads 1-1 3-7-T
For comparison purposes, Aces are the highest possible card.

After watching this side bet for awhile, I began to wonder what the house odds were for this game. Sure, I can just look it up (h/t to the State of Washington - http://www.wsgc.wa.gov/docs/game_rules/in_between.pdf), but this seemed like a perfect excuse to spend a few minutes with Python. So I dusted off my old Poker python script and modified it to simulate this game. No one actually starts a Python script with an empty notepad file, right? Smile

If you are interested in playing with this script, it takes two parameters. The first is the number of decks used. The number of decks is an important factor in this wager, as the majority of the value in the bet is due to the frequency of 30-1 payouts. Seeing three matching cards on a random draw from a single deck only happens .235% of the time (3/51 * 2/50), while the same result from eight decks happens .541% of the time, more than twice as often (31/415 * 30/414).

The second parameter is the number of iterations. Monte Carlo simulations benefit from many iterations. I’ve found that 1,000,000 iterations convergences on the mathematical results that the State of Washington has in their reference document.

Without further explanation, here is the script. If you notice any errors or anything I’ve done that is wildly inefficient please let me know; I always like improving my programming skills. If you want to improve this one suggestion would be to add the other pay tables listed in the State of Washington document. My local casino only seems to use the payouts I have listed, and since I rarely go to a casino (even the local one) these are the only payouts I was interested in.

#
# inbetween.py - Runs Monte Carlo simulation of In BETween bet
#       with user-specified number of decks and iterations
#
# Reference URL - http://www.wsgc.wa.gov/docs/game_rules/in_between.pdf
#
#
import sys
import random
def inbetween(cards):
#
# Takes array of three cards
# Returns win multiple based on standard pay table
#   return value includes original wager, if successful
#
  if cards[0][0] > cards[2][0]:
    cards[0], cards[2] = cards[2], cards[0]
  if cards[0][0] == cards[1][0] == cards[2][0]: return 30+1
  if cards[0][0] < cards[1][0] < cards[2][0]:
    if cards[2][0] - cards[0][0] == 2: return 10+1
    elif cards[2][0] - cards[0][0] == 3: return 6+1
    elif cards[2][0] - cards[0][0] == 4: return 4+1
    return 1+1
  return 0

def card_gen(num_decks):
#
# Takes number of decks (1 - 8)
# Returns three cards in array
# cards[0] = Player Card 1
# cards[1] = Dealer card 1
# cards[2] = Player Card 2
#
  card1 = []
  card2 = []
  card3 = []
  card1 = [random.randrange(0,13), random.randrange(0,4), random.randrange(0, num_decks)]
  card2 = [random.randrange(0,13), random.randrange(0,4), random.randrange(0, num_decks)]
  while card2 == card1:
#    print "Collision! " + str(card1) + " " + str(card2)
    card2 = [random.randrange(0,13), random.randrange(0,4), random.randrange(0, num_decks)]
  card3 = [random.randrange(0,13), random.randrange(0,4), random.randrange(0, num_decks)]
  while (card3 == card1) or (card3 == card2):
#    print "Collision! " + str(card1) + " " + str(card2) + " " + str(card3)
    card3 = [random.randrange(0,13), random.randrange(0,4), random.randrange(0, num_decks)]
  cards = []
  cards.append(card1)
  cards.append(card2)
  cards.append(card3)
  return cards

def readable_hand(cards):
#
# Returns a readable version of a set of cards
#
  rank_refstring = "X23456789TJQKA"
  suit_refstring = "xcdhs"
  string = ""
  for i, v in enumerate(cards):
    string += rank_refstring[v[0]+1] + suit_refstring[v[1]+1] + str(v[2]+1)
  return string
#
# Main Program Body
#
#
# Initialization
#
iterations = 0
num_decks = 0
cards = []
total_won = 0
result = 0
#
# Process command-line arguments
#
if (len(sys.argv) < 3) or (sys.argv[1] in ("-h", "--help")):
        sys.exit("\n\
First input is number of decks to be used (1 - 8)\n\
Second input is number of iterations to run the Monte Carlo simulation\n\n\
--help: This message\n")
else:
    num_decks = int(sys.argv[1])
    iterations = int(sys.argv[2])
    if iterations < 1: iterations = 1
for n in range(1, iterations+1):
  cards = card_gen(num_decks)
  result = inbetween(cards)
  total_won += result
#  print "Result[" + str(n) + "]: $" + str(result) + " Hand = " + readable_hand(cards)
print "Total Wagered = $" + str(iterations)
print "Total Returned = $" + str(total_won)
print "Total Profit = $" + str(total_won - iterations)
print "Win / Loss Percentage = %.2f" % \
  (100*float(total_won - iterations) / iterations) + "%"

Friday, September 13, 2013

CCDE Study Resources Update

It’s been a while since I have updated my CCDE Study Resources list. Below is a list of resources that I recommend CCDE Practical candidates use to prepare for the exam. But first… who should be attempting this exam?

Cisco recommends 7+ years of network design experience before tackling this certification program. I would like to add that 7+ years designing the same small network is unlikely to cut it. Candidates will want to have spent time in a variety of network design challenges; preferably split between service provider and enterprise networks. I agree with the CCDE program team that many technologies have made the jump between these two traditional network types, but not all of them have. For example, I haven’t run into an Enterprise running IS-IS. I know they’re out there, but they are still rare.

 

Recommended Reading List

I highly recommend that CCDE candidates read the following Cisco Press books. Remember, you can skip the configuration syntax, although I often find it helpful to review configs to bolster my understanding of technology:

  • Optimal Routing Design
  • MPLS Fundamentals
  • End-to-End QoS Network Design (a new version is due out in November 22, 2013)
  • BGP Design and Implementation
  • Definitive MPLS Network Designs

I also suggest that CCDE candidates familiarize themselves with the technologies covered in these books. Whether you actually read them, or use their tables of content to guide you online learning, that’s your call:

  • Layer 2 VPN Architectures
  • IPv6 Fundamentals
  • Network Management: Accounting and Performance Strategies
  • Developing IP Multicast Networks (terribly dated, so I suggest researching this on your own)

Cisco Live 365

Cisco Live 365 is an incredibly valuable CCDE preparation resource. Himawan Nugroho wrote an excellent blog post on preparing for the CCDE where he covered the presentations that he used to pass the exam. My own list is similar to his, so I’ll only list my ‘must watch’ sessions here.

  • BRKRST-2042 Highly Available Wide Area Network Design
  • BRKSEC-4054 DMVPN Deployment Model
  • BRKRST-2335 IS-IS Network Design and Deployment
  • BRKRST-2310 Deploying OSPF in a Large Scale Network
  • BRKRST-2336 - EIGRP Deployment in Modern Networks
  • BRKRST-3051 - Core Network Design: Minimizing Packet Loss with IGPs and MPLS

As a bonus, here are a couple that look highly relevant to the CCDE Practical exam, but I haven’t watched yet:

  • BRKIPM-3010 - Which Routing Protocol? - IPv4 and IPv6 Perspective
  • BRKRST-2044 - Enterprise Multi-Homed Internet Edge Architectures
  • BRKCRS-3036 - Enterprise Campus Design: Routed Access

 

Online Discussion Boards

There are two great online resources for CCDE preparation. The first is Cisco’s own Cisco Learning Network. The CCDE section of this site is the definitive source for test dates and official exam blueprints. There is also an online discussion board that is monitored by Cisco and several current CCDEs and CCDE candidates. On topic questions are generally answered quickly. You can even find a CCDE overview video that I participated in on the main page on the site.

The second resource is Ethan Bank’s CCDE Group Study Google group. Ethan is a prospective CCDE candidate who created this Google group. It currently has over 100 members, including several current CCDEs (myself included) and several of Cisco’s CCDE Practical content developers. My favorite part of the Google group is the ability to opt-in to daily email updates. Message traffic is light, but with so many participants, any questions are quickly answered.

 

Training

I provide two forms of training for the CCDE Practical exam:

 

CCDE Practical Bootcamp Classes

These are five day in person classes where we cover the technologies candidates will need to know for the CCDE Practical exam. My next class is hosted by CCBootcamp in Las Vegas, NV the week of November 11, 2013. I am tentatively scheduling my first CCDE bootcamp of 2014 for the week of January 27th in Philadelphia, PA. If you are interested in attending either of these classes, please email me at jeremy@filliben.com and I can provide registration information. Also, if you have a suggestion for a European location for 2014, please let me know. I’d like to take my class on the road next year… let me know where you’d like it to be.

Details on the format of the classes can be found at http://www.jeremyfilliben.com/p/ccde-practical-bootcamp.html.

 

Online CCDE Practice Exams

For those candidates who cannot take a week off for training, or have difficulty traveling to the US, I also offer an online CCDE training option. This event utilizes my CCDE practice exams to prepare candidates for the type of questions and format of the CCDE Practical exam. Participants receive four CCDE exam scenarios with a total of 80 questions. I review the exams via WebEx with candidates on two consecutive Saturdays (two scenarios per review session). Candidates are invited to attend the WebEx review sessions in real-time to ask questions, or they can choose the self-paced option and watch the review sessions on-demand. Registration for the self-paced option is always available. The next live review sessions are scheduled for November 2nd and 9th.

 

If you have any questions about these resources, please let me know. And if I have missed anything please send me an email so I can update this page.

Monday, June 3, 2013

Don’t Let Twitter Distract You From Your Goals

First, congratulations to the five students of mine who successfully completed the CCDE Practical Exam on May 30th. For students (and others) who were unsuccessful, please let me know what I can do to help you achieve your goal. This is a difficult exam program, so don't get discouraged!

Everyone knows Twitter and blog reading can be a huge distraction. It is easy to 'jump on Twitter' after your morning coffee and before you know it, it's time to go grab lunch. Where did the time go?!? That's just the obvious way that 'the web' can distract you from achieving your goals. The more insidious type of distraction is how what we read on Twitter and our favorite blogs causes us to question our goals. How many times have you read a particularly insightful 140-character post from @etherealmind or @ioshints and thought to yourself 'Wow! I've got it all wrong; I need to drop my pursuit of <Technology A> and start studying <Technology B>, now!' (as an aside... how do these folks make salient points in 140 characters? My initial Twitter posts are always witty and insightful, but they're also 300+ characters. Once I distill them down to 140 characters they all end up saying the equivalent of "Yeah, me too" or "Ntwkring is imprtnt!!!")

Don't get me wrong -- These Twitter and blog posts can (and should) be a source of great inspiration for your career and life goals. The problem is that constantly churning your goals is self-defeating. You will never get anywhere if keep changing your destination. My strategy for dealing with these sorts of distractions is to reserve a couple of hours every few months to evaluate my written goals and determine if I have learned anything new over the preceding months that require me to modify my goals. Often I do make adjustments because facts have changed or because I have achieved one or more goals. In fact, I'm quite surprised on the rare occasion where my goals remain intact after a review.

BTW, you did write down your goals, didn't you? If you didn't, minimize this browser window or put down your smartphone/tablet and spend 15 minutes writing down your professional goals. I can't think of a single person who has told me that they were better off for not having written down their goals, once they've done it.

What is the downside to this strategy? Well, infrequently I will find that a course correction is necessary, and I could have saved myself some unnecessary work if I had modified my goal earlier. On the flip side, I have more often found that the shiny object that drew my attention in a blog post isn't quite as brilliant with the passage of a few weeks' time. Or it may still be hugely important, but isn't worth my time yet based on the items already on my plate. It's surprising how slowly technology develops... There is almost always time to defer to others for the initial exploration. Once they figure it out, sweep in and grab the benefit of their knowledge-sharing. You shouldn't feel bad about this either; it is more efficient for the industry as a whole. The whole thing is reciprocal, if you are publicly sharing the knowledge that you are gaining in pursuit of your own goals!

Next time you see something that seems valuable on Twitter or in a blog post, write it down or clip it in Evernote. Then review all these scraps of paper at your next 'Goal Review' meeting with yourself. If the information is going to change your life, it's okay to put it off for a few weeks. After all, you'll have decades to reap the benefits. Delaying for a month is not going to matter much in hindsight.

Thursday, May 2, 2013

My Experiences with IPv6

I finally cleared enough time on my calendar to start thinking about IPv6 for my corporate network. It’s been quite a while since I last considered implementing IPv6. Fortunately we haven’t had a reason to move forward, so my procrastination has not caused us any grief.
I spent a couple of hours reviewing Ivan Pepelnjak’s Enterprise IPv6 First Steps webinar. Great stuff! It hit on many of the topics I was interested in, including end host address assignments, native IPv6 DNS servers and transition techniques. Armed with a bit of knowledge (always dangerous), I decided to activate IPv6 on my home LAN.
At first I thought my ISP, Comcast, did not support IPv6. I looked for awhile on Comcast’s website to find a rollout schedule, but every link took me back to www.comcast6.net. It was not helpful. I finally broke down and called Comcast support. I was told that IPv6 is enabled in my area, and pretty much everywhere in the Comcast network. My issue turned out to be an old Comcast-provided cable modem. The key to figuring this out is to visit the following web page - http://mydeviceinfo.comcast.net/. This page has an easy-to-use chart of approved devices and whether they support IPv6. I printed this out and took it to my local Comcast office, where they fortunately had a replacement modem available. Be warned, the folks at the Comcast office had never heard of IPv6, but they were able to find a modem on my printed out list. So if you are going to try this yourself, bring the list!
Basic IPv6 Configuration
At home I use a Cisco 1811W router, currently running IOS Advanced IP Services 15.1(4)M6. The following configuration got me up and running on the IPv6 Internet:
ipv6 unicast-routing
ipv6 cef
!
interface FastEthernet0
description ISP Link
ipv6 address autoconfig default
ipv6 enable
ipv6 dhcp client pd comcast-ipv6 rapid-commit
!
interface BVI254
description Home
ipv6 address FE80::1 link-local
ipv6 address comcast-ipv6 ::1/64
ipv6 enable

Adding Security
Of course, the above configuration is wide-open to the Internet, which likely isn’t to be your preferred configuration. I chose to implement Cisco’s Zone Based Firewall solution, using the following configuration (hat tip to Jeremy Stretch for a fine overview):
zone security Trusted
zone security Internet
zone-pair security Trusted->Internet source Trusted destination Internet
service-policy type inspect Trusted_to_Internet
zone-pair security Internet->Trusted source Internet destination Trusted
service-policy type inspect Internet_to_Trusted

! Inside to Outside
class-map type inspect match-any All_Protocols
match protocol tcp
match protocol udp
class-map type inspect match-any Specific_Protocols
match protocol icmp
match protocol http
match protocol https
match protocol ftp
match protocol dns
match protocol ntp
policy-map type inspect Trusted_to_Internet
class type inspect Specific_Protocols
  inspect
class type inspect All_Protocols
  inspect
class class-default
  drop


interface BVI254

 zone-member security Trusted
interface FastEthernet0
 zone-member security Internet




! Outside to Inside (I only allow DNS resolution from OpenDNS servers for content-filtering. I added specific ‘denies’ for domain so I can see if anyone locally is trying to circumvent my security.
ip access-list extended ISP_IN
permit udp host 208.67.222.222 eq domain any
permit udp host 208.67.220.220 eq domain any
deny   udp any eq domain any
ipv6 access-list ISPv6_IN
sequence 21 permit udp host 2620:0:CCD::2 eq domain any
deny udp any eq domain any
class-map type inspect match-any From_Internet
match access-group name ISP_IN
match access-group name ISPv6_IN
policy-map type inspect Internet_to_Trusted
class type inspect From_Internet
  inspect
class class-default
  drop

Overall Thoughts
It’s really not too difficult to get this working, if your ISP supports it. I ran into a lot of trouble trying to implement on an unsupported modem, and then working to determine if this was worthwhile. If your ISP does not support IPv6, you can register with Hurricane Electric’s tunnelbroker.net service and use their templates to configure your router. I went down this path briefly, with nice success, but I ultimately didn’t need to use this service.
Whether this is worthwhile or not depends on your perspective. Enabling IPv6 does not get you any new features or Internet capabilities at this time. I wish that were not the case. I’d love to see companies like Netflix release certain shows earlier on IPv6 servers or something similar. It would drive user adoption and increase pressure on the ISPs to provide this service. The business case for doing something like this is unclear, so it is unlikely to happen.
I was surprised to discover that when the kids are home we have somewhere between 8 – 12 active IPv6 devices on the home network. All of the iPods, iPhones, Kindles, home PCs, etc are IPv6-enabled. The site http://test-ipv6.com/ confirms that each of these devices is fully IPv6 ready (10/10 rating).
So what is out there on the IPv6 Internet? Not too much, in terms of distinct sites. The big ones (Facebook, Google/Youtube, Microsoft) are ready though. Surprisingly, while www.cisco.com is enabled, most of the other Cisco.com URLs do not seem to work. I am also disappointed to learn that OpenDNS’s IPv6 resolvers do not support content filtering. This makes them basically unusable for me, as I count on that service to keep the younger kids out of inappropriate web content.
One final technical issue I found is that it is practically impossible to host a server on IPv6 without opening up that port in your firewall for all IPv6 hosts. For example, if I want to host a web server on 2001:db8::1, I must add an entry in my screening ACL for ::/0 port 80. This is necessary because I cannot guarantee that my provider-assigned prefix will always by 2001:db8::/64. This could be solved with one of two enhancements to IOS:
  1. Allowing address wildcards in IPv6 (such as *::1/128, which could be implemented using a bitmask, as in ‘permit tcp ::1 FF:FF:FF:FF:FF:00:00:00:00 eq 80’
  2. Allowing the delegated-prefix to be used in ACLs (such as ‘permit tcp comcast-prefix::1/128 eq 80’)
This is a nice-to-have, and not a necessity for my personal usage.

Wednesday, May 1, 2013

Goals Update

In the spirit of accountability, here are a couple of updates on my stated goals:

 

1) Assist in developing the careers of my co-workers – I never feel terribly confident about meeting this goal. I did recently complete a set of ‘checkpoint’ meetings with my team to get an update on all active projects. That’s a new wrinkle for me; I am generally much more hands-off with my team. I believe this was well-received by the team. I am also attending Cisco Live 2013 with two of my colleagues, as well as guiding the 2013 training choices of my other teammates.

2) Continue offering industry-leading training for the Cisco Certified Design Expert program – I am proud to announce that fifteen active CCDEs took part in my training since I began in 2010. That’s approximately 20% of all certified engineers. I have also completed practice exam review sessions in January and April. I have also opened registration for the July review sessions.

My CCDE Bootcamp in Cairo, originally scheduled for May 2013, has been postponed due to the difficulty in convincing candidates to travel to Egypt. I am hopeful that we will be able to reboot this training in 2014. Lastly, my CCDE Practical Bootcamp scheduled for July 29 – Aug 2 in Orlando, Florida is now guaranteed to run.

3) Spend at least 40% of my professional time creating – This goal has been difficult to meet, and was probably a bit too much of a stretch. I am considering relaxing this goal to 25% moving forward, although no specific decision has been made. I’ve spent quite a bit of time on content creation, especially as it relates to the CCDE program. My current plan is to add additional practice exam questions for my CCDE Practical Bootcamp training, as well as supplement some of my other bootcamp content with more technical details.

4) Get healthier – This is the goal I’ve been most successful in achieving. I successfully completed a 5K run in March. My goal was 30:00 and I completed it in 28:33, without walking. I’ve also lost a significant (for me) amount of body weight. I am extending this goal to lose more body weight and to complete a 5K in 25:00. I may add an endurance-type goal for the fall (10K?), depending on how things go over the next few months.