Congratulations to Stefan Fouant, CISSP and JNCIE-M/T, recently posted his steps for methods the JNCIP-M/T and JNCIP-M/T to Groupstudy. This is an excellent posting which covers the following:
> JNCIP-M/T review
> JNCIE-M/T review
> Proteus Networks JNCIE-M/T practice exams/lab gear review
JNCIP-M/T and JNCIE-M/T Lab & Preparation Notes
Hello Fellow Groupstudy Lurkers,
I'm delighted to say that I passed the JNCIE-M/T exam last month and I am
now the proud recipient of the highly sought-after JNCIE-M/T designation!
I'd like to take a few moments to share about my experiences with the rest
of you who may also decide to pursue this certification. Sorry for the long
post, but I'm sure some of you will find this useful.
Before I delve into the specifics of the JNCIP-M/T and JNCIE-M/T
preparations, let me suggest that anyone who is interested in pursuing this
track start out with the JNCIA-M/T certification, prior to moving to the
JNCIS-M/T. While it is possible to skip directly to the JNCIS-M/T
certification, there is so much useful information available in the 'JNCIA
Study Guide' that I strongly believe it should be at the top of the list for
those who are just starting out with JUNOS.
As for JNCIP-M/T, I prepared entirely using the 'JNCIP Study Guide' by Harry
Reynolds. Although this book is long out of print, the Study Guide is
available as a free download from Juniper's website, as are the rest of the
Study Guides for the Service Provider track. For actual hands-on, I used a
testbed comprised entirely of Juniper Olives running in VMware. Yes, it is
possible to use an Olive lab exclusively in order to do EVERYTHING needed to
prepare for this exam. As this exam is mostly focused on BGP and IGPs there
is nothing which actually requires a hardware based PFE or dedicated ASICs,
as such an Olive is perfectly acceptable for test preparation.
If you decide to pursue this route and do preparations exclusively in this
manner, there are a few things to keep in mind. I've found that the initial
install of JUNOS requires quite a bit more memory than it does once its
finally completed. I was able to successfully run a VM Olive running JUNOS
8.1 (at the time of this writing JUNOS 8.1 was the version being used in the
exam) with as little as 48 MB of memory, however CLI response time was
incredibly slow. I've found the sweet spot to be right at around 96MB of RAM
for each Olive VM image. In order to follow through the examples in the
JNCIP Study Guide, you're going to want to have at least 8 Olive VMs running
simultaneously (7 for the actual routers comprising the student's testbed
and another Olive to simulate the EBGP peers using Virtual Routers). Make
sure you have at least 768 MB of available memory you can allocate to your
VMs. Depending on what version of VMware you are running, you might need to
tweak the vmnet interfaces so that each Olive has enough fxp0s, and you
might also need to stitch them together logically within the VMware
configuration files. Be prepared to get under the hood of VMware
configuration in order to get all this working correctly. Perhaps a better
option would be to configure an ESX or ESXi Server and run your images off a
high-powered server, where you have loads of memory and virtual switching
capabilities. Another option is to utilize a single hardware-based chassis,
such as the MX240 and segment this using Logical Routers (see below for
details on this configuration).
Preparing for the JNCIE-M/T exam is a bit more difficult, as it requires
actual hardware to perform many of the tasks required of this exam. Many of
the tasks like setting up Multicast or Layer 2 VPN srequire dedicated
hardware within the PFE, so using Olives is not an option. Never fear, it
is entirely possible to prepare for this exam using as little as a single
MX240 coupled with Logical Routers (Logical Systems in JUNOS 9.3 and above).
You will need a total of ~40 connections to set this lab up so get your
hands on a high density 40x1GE card and a bunch of fiber and you should be
ready to go. Make sure the card you use is capable of Layer 3 services, as
cards capable of running only Layer 2 services will fall short of many of
the configuration tasks. If you're short on SFPs or just don't have enough
physical ports, it's also possible to use logical tunnels to stitch your
logical routers together, as in the following example:
logical-systems {
dc {
interfaces {
lt-0/0/10 {
unit 0 {
description dc->r7;
encapsulation ethernet;
peer-unit 1;
family inet {
address 10.0.8.13/30;
}
family iso;
}
}
}
}
r7 {
interfaces {
lt-0/0/10 {
unit 1 {
description r7->dc;
encapsulation ethernet;
peer-unit 0;
family inet {
address 10.0.8.14/30;
}
family iso;
}
}
}
}
chassis {
fpc 0 {
pic 0 {
tunnel-services {
bandwidth 1g;
}
}
}
network-services ip;
}
The last bit is required in order to make sure you allocate a fixed amount
of bandwidth on the PFE for the logical tunnels. The coolest thing about
the logical tunnels feature within JUNOS is that you can actually configure
them with Ethernet, Frame Relay, or a host of other encapsulation types.
Logical tunnel interfaces behave just like regular interfaces and it's
entirely possible to configure things like IS-IS across them, as can be seen
in the above example where 'family iso' has been enabled.
Navigating the CLI is a bit unwieldy using Logical Routers if you're working
from the root of the physical device, so its highly advisable to configure
individual user accounts for each logical router. This will enable you to
log in to each logical router and be positioned within the root of that
logical router as if you were in the root of a real physical router. This
can be accomplished with the following configuration:
system {
class dc {
idle-timeout 0;
logical-system dc;
permissions all;
class r7 {
idle-timeout 0;
logical-system r7;
permissions all;
}
user dc {
uid 2014;
class dc;
authentication {
encrypted-password "xxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
}
}
user r7 {
uid 2010;
class r7;
authentication {
encrypted-password "xxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
}
}
}
}
In addition to the above lab setup, I used the 'JNCIE Study Guide' from
Harry Reynolds. While this is an excellent book in preparation for the
exam, my advice is to make sure you also read through the 'MPLS
Applications', 'Multicast', and 'VPN' Configuration Guides, and be familiar
with as many knobs and configuration options as possible. You are also
going to want to make sure you understand IS-IS and OSPF as well as BGP in
an even deeper fashion than that required in the JNCIP-M/T exam.
As a word of note, in preparing for both the JNCIP-M/T and the JNCIE-M/T
exams, make sure you have a good handle on how to use 'load merge terminal
relative', 'load patch terminal', and when to copy and paste portions of
code simply using 'show | display set'. It's equally important to know
which one of the above commands to use in a given situation. For example,
when copying changes to several stanzas from one router to another, it's
often quite a bit easier to use the 'load patch' command as you won't have
to copy snippets from portions of different stanzas into a notepad prior to
loading into the target router. Little things like this can save quite a bit
of time and will come in handy when your time would be better served trying
to focus on troubleshooting why your IGP isn't coming up.
Finally, I should mention that I also utilized the services of Proteus
Networks (www.proteus.net) which offers remote-proctored JNCIP-M/T,
JNCIE-M/T and JNCIE-ER practice exams on their lab gear. For $800, their
package consists of two 8 hour labs comprising a wide variety of topics you
are likely to see on the exam. When you are finished with each, they will
grade it and give you feedback on how well you performed. What I liked
about Proteus is that they even let me play around with the gear after my
exam was graded, and allowed me to go and fix some of my mistakes. In
addition, they were highly responsive to my emails, and answered all of my
questions in a timely manner. Looking back, I don't think I would have been
able to pass the JNCIE-M/T exam without the use of their services as there
were several subject areas identified throughout their exam which required
additional focus. In my opinion, their remote-proctored exams are a genuine
bargain for the price and anyone who is preparing for the JNCIE exams should
seriously investigate their offerings.
All in all, the total study time for JNCIP-M/T was approximately 2 months,
and the total study time for JNCIE-M/T was approximately 3 months. This
usually comprised about an hour or two each day during the week reading, and
anywhere from 10-16 hours of lab time on the weekends. I'm lucky in that I
have also worked in a Service Provider environment for several years where I
was able to intimately familiarize myself with many of these technologies
over a span of many years. In addition, I have spent a considerable amount
of time reading a plethora of books on a wide variety of networking
technologies. If you are new to MPLS, Multicast, Layer 2/3 VPNs, QoS, or
IPv6, you may want to factor in additional time to your study schedule. The
trick here is to be consistent and develop a schedule which you can live
with - you will be much better served by spending a few hours a day over a
span of months rather than hundreds of hours the weeks before your exam.
Slow and steady wins the race here... you'll be surprised how quickly a few
months can go by when you're motivated and committed to something!
I hope this helps those of you who are pursuing either the JNCIP-M/T or the
JNCIE-M/T certifications, and I wish you the best of luck in your endeavors!
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
Showing posts with label Juniper. Show all posts
Showing posts with label Juniper. Show all posts
Wednesday, January 13, 2010
Thursday, December 3, 2009
Olive reloaded or how to emulate Juniper routers
It had to happen at some point right? GNS3 can now utilize Juniper JUNOS on the PC.
Olive reloaded or how to emulate Juniper routers
I have an Juniper/Olive rack which now includes 5 Olives and a J2300, so I'll be sticking with those for a while...
Olive reloaded or how to emulate Juniper routers
I have an Juniper/Olive rack which now includes 5 Olives and a J2300, so I'll be sticking with those for a while...
Monday, October 12, 2009
JNCIA-ER Complete
So, I finally completed the JNCIA-ER today. I actually took and failed this exam on Friday by 2 measly points. Funny, I found the JNCIA-M to be a cake walk, but the ER was another story.
I used the Juniper Fast Track materials. Which include the OJRE student and lab guides. I found them to be barely sufficient enough to pass. I needed other resources to pass this exam:
JUNOS Enterprise Routing
Juniper Techpubs
I used the Juniper Fast Track materials. Which include the OJRE student and lab guides. I found them to be barely sufficient enough to pass. I needed other resources to pass this exam:
JUNOS Enterprise Routing
Juniper Techpubs
Tuesday, September 29, 2009
Sunday, August 30, 2009
The 1U Olive
I posted this on Techexams, but I thought I'd add it here.
Getting back into Juniper has been great so far, most especially because of the Fast Track materials. That stated, I still need to get a little more hands-on with JUNOS. I recently built one Olive already, with a plan to add a couple more eventually. My first Olive is contained in a 4U server rackmount case. That’s a space eater. A good friend of mine with a firewall background (who also is using Fast Track) thought it might be possible to use a 1U Nokia IP330. His company had several they were about to toss, so what the hey right?
Here are the specs:
1U-sized PC appliance
1x AMD K6-2 CPU @400 MHz (i586)
256 MB PC-100 SDRAM
1x 20GB IDE hard drive
3x Intel 82558 Pro/100 Ethernet (fxp(4))
2x RS-232 serial interfaces (DB-9 male) with BIOS-level serial console
You can find similar ones here:
nokia IP330, great deals on Computers Networking on eBay!
1. I had to connect the Hard Drive from the IP330 to my first Olive (in place of the current working HD). The IDE port on the IP330 motherboard has an extra pin which prevented me from connecting a standard IDE cable with master and slave connectors for dual use of the HD and CD ROM.
2. I installed FreeBSD mini 4.4 per Sid Smokes.
Juniper Olive Install: Juniper Olive has more granular instructions for basic *nix folks like myself. These sites also contain the instructions for loading JUNOS. Note: For my initial installation I used jinstall-7.4R1.7-export-signed.tgz and I upgraded to jinstall-8.3R2.8-export-signed. I don’t have enough RAM to upgrade to jinstall-9.x …yet.
3. When the install of FreeBSD completed (and rebooted), I logged in as root to complete the file system changes. I then mounted the cdrom and copied the jninstall to the /var/temp (as per the above instructions).
4. I then ran the pkg_add command. Once that completes a "reboot" will need to be issued. (This is normal so far). After I issued the "reboot" the machine began to reboot (of course). When it powered down, and before it powered up, I manually turned off the power to that machine.
5. I removed the drive, and re-installed it in the IP330. I connected the power cable, then a null-modem cable to the console port and booted the IP330 up. Null modem cables can be found here: RS-232 Null Modem, great deals on Computers Networking, Electronics on eBay!
6. It took about 15 minutes, more or less, for the IP330 to boot all the way up to the login prompt. I did see the following error (you may see several, but I was concerned only about this one):
fxp: Could not derive MAC address from EEPROM
fxp0: Ethernet address 02:00:02:00:00:04
fxp: Could not derive MAC address from EEPROM
fxp1: Ethernet address 02:00:03:00:00:04
fxp: Could not derive MAC address from EEPROM
fxp2: Ethernet address 02:00:04:00:00:04
While probably not an issue for only one IP330 Olive, all of my IP330 Olives assigned a dummy MAC address (of 02:00:0X:00:00:04) to the respective fxp ports on each Olive. You can manually change the MAC address to avoid duplicates:
jnpr@OLIVE1# set interfaces fxp0 mac ?
Possible completions:
[edit].
I was able to easily assign an IP, configure telnet/hostname/1 superuser, and telnet
from my machine.
Here's what fxp0 looks like:
jnpr@OLIVE2# run show interfaces fxp0
Physical interface: fxp0, Enabled, Physical link is Up
Interface index: 1, SNMP ifIndex: 1
Type: Ethernet, Link-level type: Ethernet, MTU: 1514, Speed: 100mbps
Device flags : Present Running
Interface flags: SNMP-Traps
Link type : Full-Duplex
Link flags : 4
Current address: 02:00:02:00:00:04, Hardware address: 02:00:02:00:00:04
Last flapped : Never
Input packets : 10
Output packets: 1
Logical interface fxp0.0 (Index 65) (SNMP ifIndex 13)
Flags: SNMP-Traps Encapsulation: ENET2
Protocol inet, MTU: 1500
Flags: Is-Primary
Addresses, Flags: Is-Default Is-Preferred Is-Primary
Destination: 192.168.5/24, Local: 192.168.5.96,
Broadcast: 192.168.5.255
And show version:
jnpr@OLIVE2> show version
Hostname: OLIVE2
Model: olive
JUNOS Base OS boot [8.3R2.8]
JUNOS Base OS Software Suite [8.3R2.8]
JUNOS Kernel Software Suite [8.3R2.8]
JUNOS Packet Forwarding Engine Support (M/T Common) [8.3R2.8]
JUNOS Packet Forwarding Engine Support (M20/M40) [8.3R2.8]
JUNOS Online Documentation [8.3R2.8]
JUNOS Routing Software Suite [8.3R2.8]
jnpr@OLIVE2>
Special shout to 8o8 for the IP330s.
Saturday, August 22, 2009
JNCIA-ER - Part 1.7
Ok. Passed the assessment (see below). I still have two chapters left to read in the OJRE Student Guide. In addition to that and reviewing tabbed notes, I also need to review the J-Web Interface User Guide. If the exam is anything like the assessment, I'll need that to bone up on J-Web. I'll likely complete the OJRE Lab Guide as well.
JNCIA-ER: Pre-assessment Exam
The pre-assessment exam consists of 25 questions designed to prepare you for the proctored exam at a Prometric testing center. At the end of the pre-assessment exam you will be instantly graded; a 70% passing score earns you a discounted voucher ID for the Prometric exam. An e-mail will also be sent to you with your results.
Congratulations! You have passed the JNCIA-ER: Pre-assessment Exam.
Your score was: 80%
Passing score is: 70%
Your voucher ID is: **********
You have earned a discount off your certification exam of 100%
You will receive an e-mail with this information shortly.
Thursday, August 13, 2009
Olive is UP/UP!
The first thing you should know about Olives, is that there are no Olives.
The second thing you should know about Olives, is that there are no Olives.
Ok, so there are several sites/blogs you can use to build an Olive.
Here's what worked for me:
Juniper Olive Install
which seems to piggy back off of Sid Smokes
My network cards were purchased from eBay based on recommendations from JuniperClue.
I used the following code, thereby bypassing the "ELF binary type "0" not known": jinstall-7.4R1.7-export-signed.tgz (no I cannot share a copy).
Though, you should be able to resolve such an error using this or I Can Has IPv6.
The issue I ran into, (that I could not seem to find a resolution for on the www), was the following error:
ERROR: recognize_model: Unable to discover hard drive Issue
=================== Bootstrap installer starting ===================
Initialized the environment
Routing engine model is Olive
Sourcing /sbin/Olive
No harddrive device found!
ERROR: recognize_model: Unable to discover hard drive
You are now in a debugging subshell (you may not see a prompt)...
# Console: serial port
BIOS drive A: is disk0
BIOS drive C: is disk1
BIOS 639kB/228288kB available memory
The resolution was "simple." The HD should have been physically cabled as primary master, and I had it cabled as secondary master. Once I cabled it correctly, I had to reload FreeBSD and the jinstall file from scratch. After that, I was good to go.
The second thing you should know about Olives, is that there are no Olives.
Ok, so there are several sites/blogs you can use to build an Olive.
Here's what worked for me:
Juniper Olive Install
which seems to piggy back off of Sid Smokes
My network cards were purchased from eBay based on recommendations from JuniperClue.
I used the following code, thereby bypassing the "ELF binary type "0" not known": jinstall-7.4R1.7-export-signed.tgz (no I cannot share a copy).
Though, you should be able to resolve such an error using this or I Can Has IPv6.
The issue I ran into, (that I could not seem to find a resolution for on the www), was the following error:
ERROR: recognize_model: Unable to discover hard drive Issue
=================== Bootstrap installer starting ===================
Initialized the environment
Routing engine model is Olive
Sourcing /sbin/Olive
No harddrive device found!
ERROR: recognize_model: Unable to discover hard drive
You are now in a debugging subshell (you may not see a prompt)...
# Console: serial port
BIOS drive A: is disk0
BIOS drive C: is disk1
BIOS 639kB/228288kB available memory
The resolution was "simple." The HD should have been physically cabled as primary master, and I had it cabled as secondary master. Once I cabled it correctly, I had to reload FreeBSD and the jinstall file from scratch. After that, I was good to go.
Monday, August 10, 2009
JNCIA-ER - Part 1
Well, I was fortunate enough to complete a Juniper JNSSA-ER Virtual Lab Hands-on Training course over the weekend. It is not a JNCIA-ER course, but it was technical and free. Great course. So great, in fact, as Juniper is offering 4 FREE certifications (until year's end) and I have plenty of time on my hands, I have decided to go for them!
I'll blog about my experience here, of course.
First things first. Last night, I took the pre-assessment which allows me to obtain the 100% off voucher from Juniper for the actual exam. There were 25 questions, which I blew through in less than 5 minutes. I just needed to see where I stood, and to get a feel for the questions. The being said, you know what comes next:
We’re sorry. You did not pass the JNCIA-ER: Pre-assessment Exam this time.
Your score was: 24%
Passing score is: 70%
Today, I am working my way through Part 1: JUNOS as a Second Language (JSL) online course (pictured here). Also free. It's excellent. The course is downloadable and does not require installation. It runs inside my Adobe Flash player and it is interactive (to an extent) which allows for 'configuration' of the examples presented in the course. This is simply to give you a basic feel for JUNOS, if you will. It compares and contrasts the differences between Cisco IOS and JUNOS, and walks you through examples of various configurations. You can also compare different pieces of a JUNOS config and compare it to the same config in IOS. Pretty cool.
Friday, August 7, 2009
Free JNCIE-ER Labs...
These are pretty cool...
http://www.techexams.net/forums/juniper-certifications/45576-jncie-er-prep-materials-practice-labs-topology.html
Now all I need are Olives!!!
http://www.techexams.net/forums/juniper-certifications/45576-jncie-er-prep-materials-practice-labs-topology.html
Now all I need are Olives!!!
Juniper Fast Track is Back!
What a nice wallet saver is such a rough economy...
You are on your way to become certified in Juniper Networks Enterprise Routing, Enhanced Security, and Enterprise Switching! You will have access to valuable study materials, and information about scheduling your final exam. Take our pre-assessment exam to earn a 100% off voucher* towards the price of the final exam! Get started today!
* One voucher per person per certification exam through 2009
Juniper Fast Track is Back!
What a nice wallet saver is such a rough economy...
You are on your way to become certified in Juniper Networks Enterprise Routing, Enhanced Security, and Enterprise Switching! You will have access to valuable study materials, and information about scheduling your final exam. Take our pre-assessment exam to earn a 100% off voucher* towards the price of the final exam! Get started today!
* One voucher per person per certification exam through 2009
Saturday, July 18, 2009
JNCIA/S/P/E...anyone?
Well, here are the free books to the M-Series:
http://www.juniper.net/us/en/training/certification/books.html
http://www.juniper.net/us/en/training/certification/books.html
Subscribe to:
Posts (Atom)