Need some advice on learning networking

Re: Need some advice on learning networking

Man, routing is complicated business. After listening to hours hours of material about the theory of Dynamic Routing Protocols and Route Summarization, I thought I understood it from top to bottom. Then it came time to put that knowledge to use in the lab and that changed everything. I won't lie, I really struggled with it. There was a mental barrier that I couldn't break through.

But I didn't give up and the the light bulb finally came on for me. Cisco forces you to learn every nuance of routing. Complicated stuff.

Re: Need some advice on learning networking

I need to vent a little....

When I first signed up for the online CCNA course, they said that they provided "more than enough" material to pass the CCNA test. That's bullshit.

I don't want to totally shit on the online course because I actually think it's pretty good. But I think it could be much better. They skim over a lot of important concepts and a much deeper analysis is in order. I can't count the number of times I've had to seek out information elsewhere. This was never more apparent than when studying route summarization.

Route Summarization is a very important mainstay in routing and it deserved a better explanation than the one that was given. Route Summarization is extremely complex and just as important. Fortunately, you can find the information you need on the web if you look in enough places.


On another note: Knowing what I know now, if I could go back and give myself any advice when I signed up for the CCNA course, this would be it:


Maybe CCNA isn't the first certification you should go after. There are easier certs to get. You probably need a good understanding of the basics of networking before you tackle CCNA. CCNA is much different than CompTia. CompTia is more like a sampler platter of networking. It covers a lot of stuff but really doesn't go in depth on much. CCNA is just the opposite. It goes really deep into these topics.

The last piece of advice I'd give myself is this: Watch out for subnetting, supernetting and summary routes.


PS - I can finally say that I have mastered "summary routes" and that it was a real bitch.

Re: Need some advice on learning networking

I don't know how much of this anyone understands, but I came across a great explanation of why summary routes are important:

Re: Need some advice on learning networking

GNS3 has been a game changer when it comes to learning networking @ the production level. GNS3 runs the Cisco operating system on VMWARE. The full array of commands and features are now available. I have a couple of real Cisco Routers and Switches that I purchased but I much prefer GNS3. Also, it would be cost prohibitive to buy every piece of equipment needed.

Studying for the CCNA exam is very humbling. There are days when it just wears me out mentally. Some topics seem almost impossible to learn. But when I finally "get it", the feeling I get is worth all that frustration. The feeling that I get when the "ight bulb" finally comes on is as if I just won the lottery.


Learning the RIP protocol has brought me to a different level. RIP is a "distance vector" protocol and it's rarely used anymore but learning the principals associated with it can be applied to the more advanced routing protocols. The most commonly used routing protocol in large companies is OSPF.

OSPF is an open source protocol that is compatible with most makes and models of routers. I'm about 1-week away from learning OSPF. That will be a very important topic to learn because the CCNA exam will cover it extensively.

I figure it will take about 12-months total to prepare for the CCNA exam. I'm willing devote 12-months of my life to acquire that knowledge...even though I have no plans of ever working in a production environment. I just get the feeling that this is something that I need to know.

Re: Need some advice on learning networking

Anyone ever heard the term: "wildcard mask"?


Here's the scenario. Let's say that you're called out to the ABC Company to network a copier. Let's say that the copier is to be placed on the 172.16.0.0/24 network and that it is to be shared on the 10.1.0.0/24 network. But when you try to ping the 10.1.0.0 network, there's no connectivity. There could be multiple reasons why that is, but it could be that the Network Engineer has blocked inbound traffic from the 172.x.x.x network to the 10.1.0.0 network and he accomplished that by using a "wildcard" mask.

That's kinda the whole point of routers, isn't it? We get to control the flow of information over the network. Or multiple network. I don't care what fancy application is being run on a computer, none of it means much without connectivity. Right?

Re: Need some advice on learning networking

Networking as we know it is quickly going away. A new networking world is on the horizon.



Facebook has built its own switch. And it looks a lot like a server


















But the combination of the modular hardware approach to the Wedge server and the Linux-based FBOSS operating system blow the switch apart in the same way Facebook blew the server apart. The switch will use the Group Hug microprocessor boards so any type of chip could slot into the box to control configuration and run the OS. The switch will still rely on a networking processor for routing and delivery of the packets and has a throughput of 640 Gbps, but eventually Facebook could separate the transport and decision-making process.

Re: Need some advice on learning networking

I've been busy with work so I haven't spend much time on networking but I did get in a couple of hours here and there. Currently I'm learning the EIGRP routing protocol. This is a much more advanced routing protocols compared to RIP.


When it comes to networking @ the production level, I've come to think of it in terms of a road system in a city. A production network is much different than a home or small office network. Those only have a couple of streets and if one of them is shut down, you're not going anywhere til it opens back up.


A production network is designed to have multiple paths to the same destination. If one road is shut down, traffic is simply rerouted down another road. But these routes are NOT simply picked at random. No. Only the best routes are chosen and they're picked based on:

a.) how many miles it's gonna take
b) speed limit
c.) reliability (how often is the road shut down)

The other concept that needs to be understood is this:


Lets say you have 10 routers daisy chained together. Router 1 is connected to R2. R2 to R3 and so on....


Well, R1 can't see past R2. He has no idea that R3 is on the other side of R2. R1 relies on R2 to tell him that he's connected to R3. and R2 had no idea what's on the other side of R3. You get the picture, right?

Anyway, as long as all 10 routers are running EIGRP they form a "neighbor" relationship and they give each other a traffic update ever few seconds. When a road gets shut down or there's too much traffic, they'll collectivly reroute traffic down a better route.


Thank you.

Re: Need some advice on learning networking

I'm trying to learn everything I can so I took on another side job. This time it involved setting up multi-user in Quickbooks Enterprise. I had never done it before. Didn't know anything abotu it other than you can have multiple users working in the company file at the same time.


So, I installed Quickbook Enterprise on the Server and I created a different company file. I didn't want to share the default comany file that Quickbooks uses. I then shared the folder as needed and then I mapped this folder on each client PC.

Quickbooks is a little flaky. There's a couple of tricks to ensuring you don't get any error messages. Wasn't too difficult and I did manage to learn a couple of things.

Anyone done this before?

Re: Need some advice on learning networking

It's been years since I've had to play with the server-based versions of QuickBooks. It was installed on a 32-bit version of Server 2003 (not even the R2 release!) and even with permissions set correctly, it was always a hassle since they were using it in a Workgroup environment. Nothing like having to come out every time they needed to add a new user by creating the account on the server and then hoping that they gave me the correct password to enter for the passthrough account, or to have to babysit the service after a restart if it didn't automatically start. The web hosted version was a huge help to me since I didn't have to worry about a call every couple of months to deal with that server. When they retired it, I wanted to take it out to a field and set the thing on fire.

Pro tip for sharing: if you can, try using Access Based Enumeration. It determines what folders in a share people can see by their permissions on them. It's a couple extra steps, and I'd only do it in an AD environment, but it can make life a lot easier since all you need to do is add additional subfolders to the share instead of creating multiple shares on the same server. I have a couple customers hwere six or seven departments connect to the exact same share, but only see the folders for their group.

Re: Need some advice on learning networking



Hey, thanks for the tip on Access Based Enumeration and creating sub-folders. Genius. I would have never thought about doing that. Thank you much!

Re: Need some advice on learning networking

Just be sure to test. Getting the NTFS permissions right the first few times usually trips people up.

Re: Need some advice on learning networking

rthonpm was right, "access based enumeration" tripped me up at first. I found a good training video on it and was able to get it down. It's pretty cool because you don't always want everyone on the network to see a shared folder. This will come in very handy.

Re: Need some advice on learning networking

This won't hide the share, but it will hide some, or all, of the contents. The permissions for the share should be as wide as possible (the standard is usually Read for Domain Users) and then the permissions on the folders are more granular, so while everyone may see the share, only specific people will see something other than an empty share, or only see certain folders. Samba also allows for this, though the process is much more complicated and easier to break so I don't recommend it for anything other than Windows servers.

The advantage is also that hidden shares are only recognised by Windows: any Mac or Linux client will still be able to list shares that to Windows would be hidden.

Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking


Sorry, I misspoke. You're correct, it doesn't hide the share. But it will/can hide the subfolders inside the share depending on the permission level granted. I think the rule is that a user must at least have "read" permission or they won't be able to see the folder.

PS - I just verified it...the user must at least have "read" permission to see the subfolder. Of course, you can up the permission level depending on what you want to allow the user to do.


Did I explain that correctly? Just curious.

Re: Need some advice on learning networking

The way you get it to work is to remove inheritance from any subfolder you create and then grant NTFS permissions as needed. You're correct that the minimum permission to see a folder is Read, but that goes for any folder in any OS. You can also get more detailed down to the level of allowing people to modify the contents of a folder, but not the folder itself. I've had to do this in the past when a customer kept trying to move a folder in the root of the share inside another one, essentially cutting off access to it for others who didn't have access to the folder it was moved to.

Here's the setup I did recently for a company for scan to folder (to keep it in the copier world):

Shared folder: Scans. Shared as Read to all domain users.

Subfolders:

Bob
Chris
Mark
Michelle
Neil
Pete
Sandra
Sharon
Tammy

Each folder had NTFS inheritance removed and were permissioned so that only two accounts had permissions to each folder. The user has Modify permissions, and the AD account used for scanning has Read/Write.

Never under any circumstances give a standard user account Full Control as this allows for changing the permissions on contents. Nothing like trying to rebuild permissions on huge folders because of a disgruntled employee.

Sent from my BlackBerry using Tapatalk