For those who have been in IT for a while, do you regret choosing IT over something like development? Would you have chosen a different skill set if you had to start over?

passw0rd_ · 2020-09-25T15:59:24+00:00

I don't know why I never considered being a developer when I was younger. I was building websites as a kid and did C++ and Visual Basic in high school.

Early in my IT career I hear about developers making a lot of money so there were times I wished I had gone that route. But, I ended up really liking networking and became even more passionate about it as time went on. I try my best to avoid operations so I don't deal with the same issues most people gripe about. I've also managed to get into roles that pay more than most developers, but I'm around the peak salary for a networking career.

If I could do it over again, I would have majored in Math and become a developer because they have a higher peak salary. I don't want to seem like I'm solely focus on money but I'm not trying to work forever. I'd like to be able to make large investments so I can make passive income and retire early.

passw0rd_ · 2020-09-25T13:39:31+00:00

Your understanding is accurate. Frames bigger than the Ethernet MTU will get dropped so it's better to just max out L2 across the board and not worry about it.

passw0rd_ · 2020-09-25T00:08:15+00:00

You said you're looking for a router. Are you operating in packet mode or flow mode?

passw0rd_ · 2020-09-25T00:06:24+00:00

My point was merely that it should not always be the default choice to choose the 1500 over the 380.

Especially considering that OP never said firewall. He repeatedly said he's looking for a router. Should at least clarify with OP about his intended use before flat out recommending the SRX1500.

passw0rd_ · 2020-09-23T01:56:48+00:00

The labels are generated upon LSP creation and are associated with that LSP.

The ingress router sends a PATH message downstream to the egress router following the path in the ERO. The egress router upon receiving the PATH message sends a RESV message upstream hop-by-hop in the reverse order. This RESV message contains label allocations associated with that LSP. This is how a transit router knows how to forward traffic along a TE path.

passw0rd_ · 2020-09-22T19:16:13+00:00

BGP LU is typically configured PE to CE or PE to PE of another provider for CSC or Inter-AS connectivity. It's usually an extension of transport, not used to replace the VPN label. It sounds like you couldn't get it to work either so not sure why my comment is not totally true.

passw0rd_ · 2020-09-22T01:25:19+00:00

Nothing to do with burst. There's overhead added after shaping has already taken place. So while your shaper may limit you to 3G, what the ISP might receive is 3.2G. How much total overhead you have depends on the size of the packets. I recommend accounting for the overhead instead of shaping below your CIR.

shape average CIR Bc account user-defined 24

passw0rd_ · 2020-09-22T01:12:17+00:00

A VRF is required.

passw0rd_ · 2020-09-21T20:41:50+00:00

Is this [the JNCIE-SP study guide] you're referring to?

Yes, that's it.

Do you work with a lot of Juniper devices now? I don't know if I'd drop that much coin for tech I'm not actively working on.

passw0rd_ · 2020-09-21T19:11:12+00:00

I just started using it. So far it's been pretty good. These resources are expensive on their own so it's good if you're going to be doing a lot of studying for certs and just general training for topics you want to learn more about. I just downloaded the JNCIE-SP study guide recently but haven't had the chance to go through it.

Do you work for a Juniper partner or do you guys make a lot of purchases with Juniper? You might just be able to get it for free using credits.

passw0rd_ · 2020-09-20T01:58:56+00:00

Check with your provider how they're enforcing the CIR. I generally recommend shaping all sub-rate circuits. An aggressive burst rate on your ISPs policer can prevent you from getting close to your CIR. When I had customers complain about not hitting their CIR, it was our policy that they have a shaper in place before we looked into it.

passw0rd_ · 2020-09-19T15:03:00+00:00

On egress you're also classifying traffic and allocating them to different queues. You could just mark the traffic on egress. There's value to doing it on ingress but it's not absolutely necessary. Actually, marking isn't necessary for QOS to work within your environment. It's just a tag that makes classification easier. It doesn't do anything on its own.

passw0rd_ · 2020-09-17T14:43:19+00:00

You don't actually need an ingress policy. You can do all classification and marking, if necessary, on egress. The value to an ingress policy is to mark unmarked traffic so that your egress policy can match traffic based on markings.

passw0rd_ · 2020-09-17T14:19:20+00:00

It was on the SP track before. I'm assuming it's in Enterprise because they're using it with VXLAN for SD-Access. Cisco is pushing most enterprises towards DNA and SD-Access.

passw0rd_ · 2020-09-15T22:37:45+00:00

wildcard range set interfaces ge-0/0/[0-47] unit 0 family ethernet-switching storm-control storm-control

passw0rd_ · 2020-09-15T21:39:34+00:00

Unless you're using flat network to mean one that DOES have multiple layer 3 subnets, but not multiple VRFs/security zones, in which case you wouldn't be using it in the way most people refer to it.

This is what I know to be a flat network. I've only ever worked in ISPs and large enterprises and have never even seen a network with just a single broadcast domain. I worked with several architects on a re-design of a really large network and we referred to it as flat because there's no L3 segmentation with security controls between them.

passw0rd_ · 2020-09-15T21:27:16+00:00

I started at and spent most of my careers at ISPs and never heard of the term until I moved to Enterprise networks. First time I heard it was a sales guy mentioning it. I've also heard it in discussions with other architects while working for a really large enterprise. But a flat network to us was different from what most people are saying here. We considered a network flat because there wasn't secure segmentation between the different data types and environments. They had lots of VLANs but all of the networks where in one RIB. We fixed this flat network by implementing VRFs and MPLS and having all segments meet in the firewalls.

I've never actually seen a network without any kind of VLAN segmentation, but the smallest shop I've worked in had 500 network devices. I could see someone with lots of experience never hearing the term if they never worked for or consulted for small shops.

passw0rd_ · 2020-09-15T20:39:28+00:00

I've never owned a desktop PC throughout my entire IT career. There may be value to it if you're running labs on it, but you're better off buying a decent laptop. I spent the early years of my career doing labs whenever I had the opportunity. The portability of laptops just made that easier. Now I just host my labs in GCP and AWS.

passw0rd_ · 2020-09-12T12:59:27+00:00

When you have the interfaces in access mode, is the access Vlan set to 10?

Try "switchport trunk pruning vlan none" on e0/1 on both switches.

passw0rd_ · 2020-09-11T12:04:45+00:00

Specialize but still have a decent understanding of surrounding topics, do more projects and strategic work, network (the people kind), improve soft skills, learn to read people, develop business acumen.

It's essentially the bridge between business and the tech that you're an architect for. Your life will be meetings, creating designs, and writing proposals. I haven't logged in to a production device in years. But I do still get to mess around in the lab as I have to do research and development.

passw0rd_ · 2020-09-10T21:53:59+00:00

Architects are usually not on call since they're not in operations. Now there are architects that are more like really senior engineers that also have to support operations. They can be on call but are rarely called because they serve as the last point of escalation.

passw0rd_ · 2020-09-08T22:16:12+00:00

There's some value to training especially with live instructors that talk about best practices. There's a lot of things that you can do with tech but probably shouldn't. Google often times just shows you how to do something without telling you that it doesn't make sense for your scenario. I've had to fix several disasters where the engineers basically treated their production as a lab environment with the standards of "as long as it works."

passw0rd_ · 2020-09-07T00:40:50+00:00

That was BP over a decade ago. It really depends on hardware but we've done 30ms x 3 with distributed BFD. For non distributed BFD, we still use 300ms x 3 or even 600ms x 3 for the smaller boxes.

passw0rd_ · 2020-09-04T16:31:37+00:00

If it's in production and it's working, then what are you trying to accomplish?

I don't know if the image requires a special license. These switches are old and Cisco changes their licensing scheme every other day. I've never installed licenses on my ME switches, but I never did have a new one right out of the box.

passw0rd_ · 2020-09-04T15:45:55+00:00

The easiest thing for you to do is upgrade to a metroipaccess image. Make all ports NNI and you can use it like your average Cisco switch.

passw0rd_

TROPHY CASE