Motivating for Enterprise IPv6 Adoption

Firstly, head over to Packet Pushers and read Ethan’s excellent blog post about The Reason Enterprises Aren’t Deploying IPv6.  This post made me start thinking about IPv6 adoption, especially in light of the things I talked about almost 8 months ago in front of a group of education IT professionals.  In his post, Ethan discusses the problem with IPv6 in the enterprise from the perspective of it being more trouble than it’s worth right now.  I agree with him that there are a lot of issues to overcome today for very little immediate gain.  Today’s IPv6 implementations are still relegated to a lab or to the IT department network where they can be contained and properly tested.  I’d wager that Hurricane Electric tunnels is the most common method of IPv6 support right now.  It’s still very much a “hobby kit” type of implementation where the nerd spends several hours pouring over documentation and expends energy typing furiously at a dimly lit console only to finish up and say, “Cool.  It works.”  No fanfare, no raise.  Just the satisfaction of a hard job well done.  So how do we change that?

In college, I studied Management Information Systems, which is a fancy way of spelling Database Administrator.  I promptly forgot all my DBA training, but the Introduction to Database class was a goldmine of information thanks to my wonderful professor, Dr. Traci Carte.  She once told me that there are basically two ways to motivate people in business: fear and greed.  The more time I spend in the business world, the more I see that she had a good point.  Those two emotions tend to be pretty strong and are great motivators for people that wouldn’t ordinarily be compelled to take action.

When it comes to IPv6, we’ve already tried to motivate through fear.  If you remember any of the headlines from earlier this year you’ll agree that the Chicken Little mentality of the IPv4 sky falling down on us was reaching a fever pitch quickly.  It even made the local nightly news, which of course made my mom call and wonder when her computer was going to blow up.  Unfortunately, fear didn’t work here.  Why not?  Because there wasn’t a consequence.  It’s like announcing that an asteroid is going to hit the earth tomorrow.  If we make to the end of the day and no big rock comes down in our front yard, we just go back to life as it was.  When ICANN depleted their IPv4 prefixes and the Internet just kept working the next day, the rank-and-file users went right back to watching cat videos on Youtube without a care in the world.  After all, how bad can this problem be if there are still cat videos?

I think it’s time we move to motivator #2 – greed.  Greed, for lack of a better word, is good.   And greed can work for you.  IPv6 isn’t a compelling case when you tell your boss that most everyone can still use the Internet with no issues.  The key is that “most everyone” statement.  As APNIC and ARIN begin to deplete their reserves of IPv4 prefixes, the cost to acquire them will start skyrocketing.  For those not willing to pay a king’s ransom for a /28, there has to be an alternative.  Based on my distaste for things like carrier-grade NAT or NAT64, I would hope that pure IPv6 prefixes would start to be handed out.  Assuming that NAT64 does end up getting used as a necessary evil for those newly-minted prefixes, are we to assume that it’s going to work all the time?  What happens when there are hiccups or outages?  Only pure IPv6 sites will be available.  Right now, that’s Facebook or Google.  Greed comes into play when you can convince your decision makers to implement IPv6 to reach those customers.  If your widget is the only one those IPv6-only users can find when they search then you are going to have a competitive advantage over everyone else.  This might be a wash up front when you think about the costs needed to plan and implement IPv6 versus the additional revenue from those IPv6 only users.  However, we aren’t going to slow down our ravenous consumption of IPv4 addresses any time soon.  As more and more customers come online with native IPv6 support, they’re going to be surfing an Internet where you don’t have a presence.  First-to-market has a whole new meaning here.

Another avenue of greed to appeal to is the ego of a company and its decision makers when it comes to IPv6 implementation.  The same kind of mentality that drives executives to drive fancy cars and wear expensive accessories can be manipulated to drive adoption of new protocols.  Comments like, “Wouldn’t you like to be known as the first CxO to make their website ready for IPv6 in this market?” or “I hear that <competitor> is working on an IPv6 implementation and I’d like to beat them to it.” work on the ego of people that love attention and want to be known as leaders in their industry.  Giving them another headline or accolade plays right into their desire for recognition and gets you the time and resources needed to plan your implementation of IPv6.

Tom’s Take

This may seem a little like gamesmanship to some.  You may disagree with me boiling things down to simplistic terms.  You may even think I’m a bit crazy for thinking that someone can be manipulated into implementing new technology solely by appealing to their desire for money and recognition.  However, until a real business case materializes for IPv6, it won’t really get implemented.  And until it is more pervasive, real business cases won’t materialize.  A classic Catch-22 scenario.  Something has to give.  It’s time to draw a line in the sand.  Maybe I have to spend a little more time stroking egos or building a compelling business case instead of typing away on a keyboard or working in Visio.  If I can drive IPv6 implementation along by playing a few head games now and then, I think I can sleep well at night knowing I made the world a slightly better place one /48 at a time.

The Last Cable Tool You’ll Ever Need

We all have our own tools that we carry around in our toolkits when we need to get down and dirty with our hands.  Screwdrivers, wire cutters, wire strippers, crimping tools, knives, duct tape, and even velcro are common sights.  You can see what Tony Matke has in his bag and contrast it with the contents of Jeff Fry’s bag.  However, a co-worker of mine recently purchased a tool that I think might trump all of them:

The Gerber Cable Dawg

Say hello to the Gerber Cable Dawg.  This little jewel represents the high-end for cable crimpers/strippers/destroyers.  It was designed by Gerber to be used by U.S. military personnel in Forward Operating Bases (FOBs) for cabling projects.  It is constructed from high-grade steel while the handles are made from glass-filled nylon.  This means that while the length of the tool is 7.5 inches, the weight is a svelt 14 ounces.  As you might expect, it is a hardy little device with a veritable toolbox attached to it.

The Cable Dawg includes anything you might find yourself needing to work with cabling.  There is a wire cutter and Category 5 (CAT 5) cable stripper in the spring-loaded nose.  An RJ-45 crimper rests behind the pivot point along with a stripping block that can handle a lot of different gauges of wire.  The handles also contain a great number of additions.  One hand includes a set of driver bits for slotted and Phillips screws as well as a punch-down bit for terminating wires.  There is also a lanyard attachment if you don’t want to carry the tool in the included tactical pouch.

The other handle is the greatest part of the tool, in my opinion.  It contains the driver attachment for the above driver bits as well as a knife blade with a partially serrated edge and “jacket cutter” which is the little hook on the end that is capable of slicing a CAT 5 wire jacket or skinning the intern that may dare try to do their job incorrectly.  While driver handles and knife blades are fairly standard fare on a multitool, the genius in the Cable Dawg is that the knife/driver handle detaches from the tool itself to feel more like a screwdriver or pocket knife in your hand.  No longer do you have to fumble around with an overly-large multitool when all you need to do is drive a screw or slice a tomato.  Pop off the handle and go to town!

The Cable Dawg is available from Gerber’s Military Tool website here.  You can also scout around and find it on a variety of different military gear websites.  That might be a good idea, since this thing appears to be out of stock frequently.  That’s all the more impressive when you consider the retail price for the Cable Dawg clocks in at $300.  It does come with a lifetime warranty for the price, but if you can come close to wearing this puppy out you are a more vicious cabler than I can imagine.

Tom’s Take

I’m a Gerber fan.  I own three of their multitools and equally as many folding knives.  They are very high quality and have never let me down.  When my friend told me that he ordered a cable tool from Gerber, I couldn’t wait to see what they had done with it.  The Cable Dawg is a little on the pricy side for most IT personnel, but if you find yourself in need of a rugged tool that will take loads of punishment and keep crimping and stripping no matter what, this is worth the price, especially if you are in the military.  Besides, it’s better than a $600 hammer, right?

I’d like to say thanks to Scott Baird for loaning me his Cable Dawg for the purposes of writing this review and for a little testing.  I promise to return it to you…soon.

Network Field Day 2: Network Boogaloo

Guess who’s back?

I’m headed to yet another Tech Field Day event!  This time, I’ll be attending Network Field Day #2 in San Jose, CA on October 27th and 28th.  I read about the first Network Field Day last year and learned a lot about the vendors and presentations from the delegates.  Now, it’s up to me to provide that same kind of response for Net Field Day 2.  The delegate list this time around is quite awe-inspiring for a guy like me:

Kurt Bales Network Janitor @NetworkJanitor
Ethan Banks PACKETattack @ECBanks
Tony Bourke The Data Center Overlords @tbourke
Brandon Carroll BrandonCarroll GlobalConfig @BrandonCarroll
Greg Ferro EtherealMind PacketPushers @EtherealMind
Jeremy L. Gaddis Evil Routers @JLGaddis
Ivan Pepelnjak Cisco IOS Hints and Tricks @IOSHints
Mrs. Y. Packet Pushers @MrsYisWhy

I am humbled to be included in such good company.  The two Packet Pushers, Mr. MPLS himself, the man that beat IOU, the Aussie JNCIE/CCIE candiate, the walking security dictionary Brandon Carroll, and the Network Security Princess herself.  I think my invitation must have gotten confused with someone else’s.

Odds are good that if you are involved in networking at all you already follow all of these people on Twitter and read their blogs daily.  If not, stop what you are doing and follow them RIGHT NOW.  You won’t be sorry.  In fact, this is the first time I haven’t had to start following a Tech Field Day delegate on the list of attendees since I’ve been following these folks for quite a while.

Getting Inolved with Tech Field Day

Tech Field Day is always looking for amazing people to attend events and share in the wealth of knowledge.  There are lots of ways you can add your voice to the gestalt:

1.  Read the TFD FAQ and the Becoming a Field Day Delegate pages first and foremost.  Indicate your desire to become a delegate.  You can’t go if you don’t tell someone you want to be there.  Filling out the delegate form submits a lot of pertinent information to Tech Field Day that helps in the selection process.

2.  Realize that the selection process is voted upon by past delegates and has selection criteria.  In order to be the best possible delegate for a Tech Field Day, you have to be an open-minded blogger willing to listen to the presentations and think about them critically.  There’s no sense in bringing in delegates that will refuse to listen to a presentation from Brocade because all they’ve ever used is Arista and they won’t accept Brocade having good technology.  If you want to learn more about all the products and vendors out in the IT ecosystem, TFD is the place for you.

3.  Write about what you’ve learned.  One of the hardest things for me after Tech Field Day was consolidating what I had learned into a series of blog posts.  TFD is a fire hose of information, and there is little time to process it as it happens.  Copious notes are a must.  As is having the video feeds to look at later to remember what your notes meant.  But it is important to get those notes down and put them up for everyone else to see.  Because while your audience may have been watching the same video stream you were watching live, they may not have the same opinion of things.  Tech Field Day isn’t just about fun and good times.  Occasionally, the delegates must look at things with a critical eye and make sure they let everyone know where they stand.

Be sure to follow Tech Field Day on Twitter (@TechFieldDay) for information and updates about Network Field Day 2 as the date approaches.  There will also be streaming video of the presentations at the Tech Field Day website.  The videos will also be posted in their entirety shortly afterwards.  If you want to follow along on Twitter, you can use the hastags #TechFieldDay or #NFD2 to make comments or ask questions during the presentations.  I usually have a TweetDeck window open and will relay your questions along if no one else beats me to it.  I try to tag all my posts with the #TechFieldDay and #NFD2 hashtags, so if I’m overwhelming you with commentary feel free to filter that hashtag from your feed to keep me quiet.  In the past, I’ve tried to have an IRC channel open during the presentations to allow for real-time communications and feedback for those of you out there that prefer an alternative to Twitter.  Once I have the room setup I will post the details.

Tech Field Day Sponsor Disclaimer

Tech Field Day is made possible by the sponsors.  Each of the sponsors of the event is responsible for a portion of the travel and lodging costs.  In addition, some sponsors are responsible for providing funding for the gatherings that occur after the events are finished for the day.  However, the sponsors understand that their financing of Tech Field Day in no way guarantees them any consideration during the analysis and writing of reviews.  That independence allows the delegates to give honest and direct opinions of the technology and the companies that present it.

Blogging with the Packet Pushers

I’ve always believed that everyone has at least one good story in them.  People have anecdotes about funny times in college or goofy stories about their kids.  Tech-oriented people have even more stories that usually revolve around technology gone bad or interaction with non-technical people.  From the amount of studying and learning that tech-oriented people do, it is inevitable that knowledge is accumulated and waiting to be passed on.  The trick with all these stories and knowledge is finding someone to share it with.

Blogging is my preferred method of getting the thoughts out of my head.  Most of my friends an colleagues do the same.  Some of us have established blogs that have been going for a while now.  Others are just starting out.  However, there are even more of you out there with stories to tell and things to share without a blog.  Maybe you have no desire to keep up with the day-to-day drudgery of maintaining a blog.  Perhaps you don’t think you have enough in you to keep writing day after day.  You have even avoided creating a blog because you couldn’t think of a catchy title.  Let me tell you that I’ve got a deal for you that will eliminate all those issues for you.

As many of you know, I’ve been a regular contributor to the Packet Pushers Podcast.  Recently, Ethan and Greg have redesigned the site and started blogging more and more there.  They’ve also decided to open up the doors and invite some guest bloggers to write content for the site.  This is wonderful for those of you that are worried about blogging.  You don’t have to concern yourself with writing once a week.  Or month.  Or even year.  Just write whenever you feel the need to put something out there.  The Packet Pushers will make sure that everything is spelled correctly and put it up on the site.  You can be sure that your post will be seen by lots of visitors, as the Packet Pushers site gets hundreds every day and several thousand a month.  And you’ll get lots of feedback and comments for sure.

How do you get involved?  Send an email to with the subject line “I Want To Blog With The Packet Pushers!”  You’ll get an account on the website for creating your post and the rest will take care of itself.  I look forward to see some of you writing on Packet Pushers and sharing all you’ve learned.  Remember, Too Much Blogging Would Never Be Enough.

365 Days of Blogging

My last real milestone to hit just came up.  This blog has now been around for one whole year.  I’m shocked to say the least.  I never believed that having a scratchpad for jotting down my ideas about troubleshooting would blossom into this.  Those of you that have followed me for a while know that I tend to flit around technologies from wireless to security to switching and back to posts about Apple computers from time to time (even though I don’t own one).  To see that I’ve been able to keep this going for as long as I have is either a testament to my stubbornness or the large amount of cruft floating around in my head.

My initial ideas about troubleshooting hit a writer’s block wall pretty quickly.  I started posting some things about my CCIE studies and the occasional voice-related article.  It took a couple of months before I started writing pieces based more on opinion than fact.  I was afraid at first.  I’m normally the kind of person that keeps my opinions to myself.  However, it was interesting to put my thoughts and ideas down on “paper” and see what people thought of them.  Opinion pieces don’t require paragraphs worth of console output or exhaustive testing.  Of course, they can also be wrong or inaccurate and subject to debate or correction.  Other bloggers have told me that opinion pieces aren’t for them due to the possibility of angering their audience or fear of rejection.  My advice is to give it a shot on something simple first.  Put your thoughts out there and see what the reaction looks like.  Remember the old adage, “If people agree with everything you’ve said, you aren’t doing your job.”

I find myself spending more time commenting on current events in long form now.  I do get a chance to discuss things on Packet Pushers from time to time, but when something really juicy comes up, I can’t resist adding my voice to the din.  Some of these articles are interesting, others not so much.  I tried my hand at adding some link aggregation pages every week or so but found that I didn’t really keep up with new things like I thought I would.  I really spend a lot more time out in the field doing rather than learning.  I’m not one for going over simple things that are well-documented elsewhere.  I tend to talk about the more esoteric configurations or things that you just can’t find anywhere else.  Those posts are as much for my benefit as anyone else’s.  If I know that I’ve run into a particular situation and I write about it, I know I can always find it here as opposed to sifting through Google for hours on end.  I just hope my readers can get some use out of it too.

I still blog about the CCIE a fair amount.  It feels a little different commenting on it from the other side of the line, but people seem to like reading about all things lab related.  There are a ton of great blogs out there that detail the process that lab candidates are going through and the little gems of knowledge that they unearth from time to time, whether it be revelations about Dynamic Trunking Protocol (DTP) or alias lists or even TCL scripts.  I should probably create a CCIE candidate blog list just so those of you out there that hunger for my CCIE-related material can get your fix from them as well.  My CCIE posts tend to be more on the commentary side and focused on the details in the process rather than the content.  I think it’s more of a way to talk about the things that I see are important to keep in mind besides the ability to remember OSPF LSA types on demand.  A “forest for the trees” approach, if you will.

Once again, I’d like to thank all my visitors and readers for your time.  I appreciate your feedback and comments about everything.  You help me be a better blogger with every post.  It helps me to know that the things I post can be useful.  Tanner Ezell and I discussed the idea that people should provide help and support because they can, not because they’re doing it for fame or recognition.  I like helping people solve problems.  It just so happens that the most efficient way for me to do it is by writing a blog.  The more you wonderful people read it, the more popular and well-known it becomes.  While I appreciate that, know that I’ll still be here plugging away and talking about things even if I’m on page 30 of a Google search.

Dial Plan Considerations

A Candlestick Phone (image courtesy of WIkipedia)

Dial Plans are probably one of the hardest parts of learning about voice.  I consider it to be just like subnetting for network enginee…rock stars.  There are volumes upon volumes of how to stage and arrange your dial plans to speed call routing and minimize memory usage on voice over IP (VoIP) equipment.  However, there are a couple of things that I’ve found over the course of my career in voice that I want to pass along that I’ve never really found written down anywhere.  Consider these some of the “street smarts” of VoIP.

- Avoid Placing Extensions in the “9XXX” range.  This one seems to be the most popular issue.  No matter if you’re using 3-digit or 4-digit extensions, consider anything beginning with a “9″ to be off limits.  There are actually a couple of reasons for this.  First and foremost, “9″ is generally used at the PSTN access code (or escape code) for most PBX-style equipment in the world.  It’s also used as the escape code for Centrex phone service.  If any of the extensions on your Cisco phone system start with a “9″, the system will get a bit confused.  The external route patterns on your CUCM/CUCME system all start with “9″ and have the “Provide Outside Dial Tone” box checked (at least they should).  If you have an extension that is 9640, for instance, CUCM will not play the pitch-changed PSTN dial tone until the number you are dialing explicitly matches a route pattern with the “Provide Outside Dial Tone” check box enabled.  In this example, if you are calling a long distance number, when you hit “9″, you won’t hear the higher-pitched tone.  You also won’t hear it if you follow with 1, 3, or 1.  Not until you dial the 5th digit of your long distance call that eliminates the above 9640 extension will the caller hear the PSTN dial tone.  While this doesn’t really affect the operation of the system, it really throws the users for a loop when they don’t hear that dial tone for accessing the PSTN.

The other crucial reason for avoiding extensions that start with “9″ is to cut down on the number of misdialed emergency numbers (911 or 999).  I’ve talked about emergency numbers before and taking them into account here is just as critical.  I’ve even had to change the PSTN escape code to something other than “9″ (like 8 or 7) in order to correct this emergency calling issue.  In those cases, I have to avoid putting extensions in the 9 range and the new code range to keep my PSTN dial tones and emergency calling behavior straight.

- The 1XXX range is your friend.  If you need a number range for your extensions or voice mail ports or other system directory numbers, anything starting with a “1″ is a great idea.  Why?  Well, since the very beginning of phone systems two numbers have always been reserved and not used to start phone numbers.  One of these is “0″.  Zero has always been used as a signal to the phone company operator, so no number in the North American Numbering Plan (NANP) starts with a zero.  The other number is “1″.  One is a more curious case.  It turns out that the original “candlestick” phones had a bad habit of sending a fast pulse when they went off-hook.  In order to prevent a ton of misdialed calls, the system was configured to ignore any numbers that started with a “1″.  Again, no numbers in the NANP start with a “1″.  We now use One to signal a long distance telephone call, but that is really the only time it’s used.  If you use the 1XXX range for all your voice mail ports or park slots or even extensions, you never really have to worry about it colliding with other parts of your dialing plan.  If you’re setting up a home CUCME system, like I’m trying to do once I can convince my wife, you can put your extensions in the 1XX range and not need to worry about using a PSTN access code.  I’ll probably write a little more about this once my experiment is up and running.

- Create a local 10-digit dial peer.  I’ve mentioned this in passing once before, but if you still live in one of those areas that hasn’t switched to 10-digit dialing for all local calls, you should probably program an explicit local dial peer.  For example, in central Oklahoma calls are still dialed with 7 digits locally.  However, there are destinations that are not long distance (prefixed with a 1) that use 10-digits.  If you program a standard 10-digit dial peer (9.[2-9]XX[2-9]XXXXXX), when you dial 7-digit local calls the system must wait for the interdigit timeout to expire before dialing the call.  This is because those 7 digits can match two different dial peers (7-digit and 10-digit) and the system doesn’t know which one to use until you let the digit timeout expire, which could be up to 15 seconds.  That time is an eternity to your users.

Instead, until the time when your state figures out 10-digit dialing is what all the cool kids are doing, you should do this little work around.  Configure your regular 7-digit and long distance dialing codes.  Rather than creating a 10-digit route pattern though, just create a route pattern with your 10-digit local area code.  In the above example for central Oklahoma (area code 405), that explicit dial peer would be 9.405[2-9]XXXXXX.  This way, any 10-digit calls will route immediately.  Most of your 7-digit calls should route immediately as well when they match the 9.[2-9]XXXXXX route pattern.  The only issue you might have is if your local NANP prefix (the [2-9]XX part) is the same as your area code.  Chances are slim in that case, so your local calls won’t wait for the interdigit time to expire.  Just be sure to have the 10-digit dial peer for all local calls ready to go on the day you get switched over.  Otherwise you are going to have some confused and angry users.

Tom’s Take

If you are going to be a voice enginee…miracle worker, you are going to spend a lot of time learning about dial plans.  Before you know it, things will just be automatic and you’ll be able to churn them out without a second thought.  If you take my advice above into account as you’re learning about dial plans, you will have a much easier time when it comes to the strange corner cases you might run into like not hearing a PSTN dial tone or interdigit timeout issues for local calling.

Cisco Phone Cheat Codes

There are many things in this world that are hidden just beneath the surface that make our lives easier.  Whether it be the Secret Menu at In-n-Out Burger or the good old Konami Code, the good stuff that we need is often just out of reach unless you know the code.  This is also the case when dealing with Cisco phones.  There are three key combinations that will help you immensely when configuring these devices, provided you know what they are.

1.  Unlock Settings – *, *, #.  When you check the settings on a Cisco phone, you’ll notice that you can look at the values but you can’t change any of them.  Many of these values are set at the Cisco Unified Communications Manager (CUCM) level.  However, once common issue is the phone not being able to contact the CUCM server or the phone having the wrong address/TFTP server information from DHCP.  While there are a multitude of ways to correct these issues in the network, there is a quick method to unlock the phone to change the settings.

  • Go to the Settings page of the phone
  • While in the settings page, press *, *, # (star, star, pound) about 1/2 second apart
  • The phone will display “Settings Unlocked” and allow you to make changes

It’s that easy.  There won’t be a whole lot to do with the phone Telephony User Interface (TUI), but you can make quick changes to DHCP, IP address, or TFTP server address entries to verify the phone configuration is correct.  By the way, when putting in an IP address via TUI, the “*” key can be used to put a period in an IP address.  That should save you an extra keystroke or two.

2.  Hard Reset – *,*,#,*,*.  Sometimes, you just need to reboot.  There are a variety of things that can cause a phone to need to be reset.  Firmware updates, line changes, or even ring cadence necessitate reboots.  While you can trigger these from the CUCM GUI, there are also times that they may need to be done from the phone itself in the event of a communications issue.  Rebooting is also a handy method for beginning to troubleshoot issues.

But Tom?  Why not just pull the network cable from the back of the phone?  Won’t disconnecting the power reboot?

True, it will.  What if the phone is mounted to the wall?  Or if the phone is running from an external power supply?  Or positioned in such as way that only the keypad is visible?  Better to know a different way to reboot just in case.  Here’s where the reboot cheat code comes in handy.

  • Go to the settings page of the phone
  • Press *,*,#,*,* (star, star, pound, star, star) about 1/2 second apart
  • The phone will display “Resetting” and perform a hard reset

This sequence will cause the phone to reboot as if the power cable had been unplugged and force it to pull a new configuration from CUCM.  Once common issue I find when entering this code is the keypresses not registering with the phone.  Try it a couple of times until you develop a rhythm for entering it about 1/2 second apart.  Much more than that and the phone won’t think you’re entering the code.  Quicker than that and the keys might not all register.

3.  Factory Reset – “1,2,3,4,5,6,7,8,9,*,0,#”.  When all else fails, nuke the phone from orbit.  It’s the only way to be sure.  Some settings are so difficult to change that it’s not worth it.  Or you’ve got a buggy firmware that needs to be erased.  In those cases, there is a way to completely reset a phone back to the shipping configuration.  You’ll need access to unplug the power cable, as well as enough dexterity to press buttons on the front as you plug it back in.

  • Unplug the power from the phone.
  • As you plug it back it, press and hold the “#” key.  If performed correctly, the Headset, Mute, and Speaker buttons in the lower right corner will start to flash in sequence.
  • When those three buttons start flashing in sequence, enter the following code: 1,2,3,4,5,6,7,8,9,*,0,#.  You’ll notice that’s every button on the keypad in sequence from left to right, top to bottom.
  • Phone will display “Upgrading” and erase the configuration.

Don’t worry if you press a key twice on accident.  The phone will still accept the code.  However, you do need to be quick about things.  The phone will only accept the factory reset code for 60 seconds after the Headset, Mute, and Speaker buttons start flashing in sequence.

Tom’s Take

I find myself using these cheat codes all the time.  Whether I’m correcting a bad TFTP server entry or setting a static IP on a subnet, the ability to manipulate a phone without resorting to using CUCM all the time is very useful.  You can also use these codes to impress your friends with your intimate knowledge of the way Cisco phones work.  Just be careful with that reset code.  About every 1 out of 1,000 times it gives you 30 lives instead.

You Don’t Need Gigabit, But We Do

Stacy Higginbotham wrote a thought-provoking article last week entitled “The Elephant in the Gigabit Network Room”.  Therein, she talks about how many providers are starting to bring gigabit connectivity to residential areas for prices in the $200-$300 range.  She also discusses that this is overkill for most customers, as many devices today can’t reach sustained transfer rates above 500 Mbps as well as the majority of the content being provided are low speed, bandwidth non-intensive services like Twitter.  She goes on to discuss that while there may be applications for using gigabit broadband, they are few and far between now and don’t equate to the cost when something like a 25 Mbps downstream cable modem would suffice just as well.

Allow me to disagree here.

I think one of the reasons why this article sounded flawed to me is because is sounds based on the idea that people still use one computer at a time.  The more I thought about it, the more I realized that the supposition that gigabit residential service for a single machine is overkill is indeed correct.  However, that’s where my opinion diverges.  I would argue that today’s residential networks are staring to resemble small enterprise networks with regard to bandwidth usage.

Think about all the things that you are doing with your home networks right now.  Sure, there’s a fair amount of low bandwidth web surfing going on.  We use Twitter to and Facebook to post status updates.  We check email.  We look up things on Wikipedia to win Internet arguments.  If that was it, I would say that even 100 Mbps or 25 Mbps service would be more than you’d ever need.  But go deeper.  We now use Netflix to stream movies to our televisions.  We use iTunes to download content to all manner of devices.  Hulu, Boxee, and Vudu are all clamoring for attention and bandwidth.  Even simple Bittorrent transfers can suck up an entire pipe.  Now imagine all this couple with the blah blah cloud services coming down the pipe.  We even use cloud-ish services today.  Gigabytes of pictures uploaded to Picasa and Flickr.  Video uploaded to Youtube and Vimeo.  Music streaming coming from Google, Amazon, Apple, and anyone else with a handheld device with a headphone jack.  We can even run our household phone system over the Internet.  Not to mention Facetime, Telepresence, and all manner of real-time video communications.  Sounds to me like that little cable modem is starting to get a bit crowded.

Another argument against gigabit networking is the inability of devices to use the full bandwidth.  Specifically, the lack of gigabit wireless networking is pointed out in the article.  Right now, she’s right.  However, with 802.11ac coming down the pipe and WiGig coming to the 60 Ghz spectrum sooner rather than later, I think it’s better if we have the broadband infrastructure in place sooner rather than later.  In the article, it is stated that a generic laptop only hit 420 Mbps downstream in a test.  Okay, so with a little optimization we could probably hit 600 Mbps easy.  Did they test several sites to be sure it wasn’t a transit network issue?  Did they pull from a close FTP server with a high-speed backbone?  Or were they clocking Windows Update?  Most machines will eat any amount of bandwidth you throw at them.  Even if you peaked at 500 Mbps out of the box, that’s still 5 times faster than a 100 Mbps network.  Think about what would happen in your enterprise if you granted users the ability to run gigabit all the way to the desktop.  Files could be transferred faster internally.  Content could be pushed with little effort.  Imagine again what might happen if you then brought those same users back down to 100 Mbps.  You’d have a mutiny on your hands.  When driving on the highway, 80 MPH only seems fast when you get going.  Once you’ve been cruising there for a while, 60 MPH seems like a standstill.  I think that even half a gigabit connection per machine is still amazingly fast, especially when that pipe starts getting crowded as I’ve outlined above.

The final argument is that there is no killer app that necessitates paying such high fees for gigabit service.  One service that is discussed by the author is online backup.  This, however, is dismissed as being too infrequent to be useful to a customer paying a monthly charge.  Let me ask this of you out there: how crazy did the idea of downloading music on the Internet seem when the fastest connection we could muster was 56k?  How about watching movies in our house solely over the internet when 128k ISDN was the fastest kid on the block (that was exorbitantly high priced for its time too)?  Why code an app if you know it can’t work to its fullest potential today?  What about continuous online backup?  If you’ve already got the pipe to handle it why not keep a running backup of your files out in the blah blah cloud?  HD streaming video to multiple devices simultaneously?  What about the burgeoning website designs that seem to be taking more and more bandwidth every day with Flash landing pages, Flash adds, Shockwave menus and more?  If we start running gigabit to our house, I can promise you that there will be apps written to take advantage of those big fat pipes.

Tom’s Take

Yes, running a gigabit pipe into my house would probably be overkill right now.  Despite my protestations to the contrary, my wife realizes that I don’t need to have the ability to instantly download anything and everything on the Internet.  But I also see that as we start placing more and more content and information outside of our computers and in the blah blah cloud, we’re going to get very impatient to get that content quickly.  HD video, 27 megapixel images, and enough MP3s to sink an aircraft carrier stored somewhere in an online vault and we have to have it NAO!  Just because 100 Mbps would do anyone just fine today doesn’t mean that there isn’t a market for gigabit residential service.  It’s like saying that just because we can only drive 65-75 MPH on the highway there’s no need for sports cars that can do 130.  Someone out there will find a use for it if it’s available.  If nothing else, the blah blah cloud providers should be championing us to get the fastest available connections and start storing everything we have with them.  That way, we don’t have to spend so much time worrying about where our stuff is being stored.  We just click it and go.

The Sky’s The Limit for CCIEs

First of all, congratulations to Jonathan Topping, CCIE #30002.  He passed back on August 25th, which means that CCIE #30000 passed on the 24th or 25th.  That person is still unknown at this time, but the milestone that it represents is pretty impressive.

I chased my CCIE all the way through the 20000′s.  From reading Ethan Banks’ first blog at CCIE Candidate as he got his number (20655) all the way up until I got mine just shy of the 30k mark, I’ve been entrenched in the lore of things.  30,000 is a big mark.  Sure, CCIE #31025 will be the actual 30,000th person certified, but you can’t ignore the significance of how many people out there have chased their goal and achieved it.  Ethan passed his lab in April 2008, and with a little fudging on the math with the pass rates, it took about 3.5 years to get from 20,000 to 30,000.  Pretty impressive for what some have considered to be the hardest exam in the industry for a number of years.  The rate of passing seems to be accelerating.  It fluxuates from about 50 per week up to 150 per week depending on when the test is being taken and whether changes are rumored to be coming down the pipe soon.

There was a time I can remember people saying that anyone with a 5-digit CCIE number was just too green to be of any use in the industry.  Those same things were said just after Larry Edie passed to become #20000.  I’m sure someone will say that now that we’ve broken through 30,000 as well.  It doesn’t matter in the end though.  CCIE numbers are like grade point averages.  I was worried when I graduated college because my GPA wasn’t as outstanding as those kids that spent every waking minute studying for tests and turning in homework two weeks early.  However, on my first interview I wasn’t asked about my GPA.  They asked about my experience and what I was capable of.  The same is now true of my CCIE.  People are impressed with the certification itself, not the number.  The number only exists to prove you are who you say you are.  It doesn’t matter if you’re #1027 or #31027.  The fact is that you’ve all passed the same rigorous test to achieve your goals.  Sure, Greg Ferro may have had to study Token Ring and Ethan Banks may have had to study ATM, but we all passed a lab exam with requirements and tasks.  I’m sure that the IP tasks on my lab exam will look foreign in 3 years when we’re all running IPv6 and configuring OSPFv3.

Other vendors are starting to see the light, too.  Juniper has lab exams for its Juniper Networks Certified Internet Expert (JNCIE).  Microsoft added practical-type questions to the Server 2008 certification track a while back.  Novell took a shot at a practical exam with the first iteration of the Novell Certified Linux Engineer 1.0 exam.  I still have nightmares about that jewel.  I can see more people starting to look at practical exams at the expert level.  I know they are pain to administer and grade.  They are difficult to study for and the material has to be refreshed frequently.  However, they provide something no written multiple choice test can – experience.  I know that someone who has passed the CCIE or the JNCIE can actually sit down and do the things on the test.  There’s no multiple guessing or subject board to award a certification.  It’s down to merit, plain and simple.

Tom’s Take

CCIE #40000 will probably be certified in March 2013 if the current passing trends stay stable.  Sounds closer than one might think.  Milestones come and go, but the aptitude is always there for those that pass.  Don’t worry about getting vanity numbers like 31,024 or 31,337.  Whatever number you get will be the one 5-digit number you will never forget in your entire life.  Don’t fret over getting a number in the 30,000s.  You’re still a name after all.  The number just comes after it.

If you’d like to lookup some milestone CCIE numbers, I highly recommend Marc La Porte’s CCIE Hall of Fame.  He verifies every CCIE number, so the information there is better than anywhere else on the net.

Ghost in the Wires – Review

Anyone who is old enough to remember the heady days of the formation of what we recognize as today’s Internet knows the name Kevin Mitnick.  Depending on who you ask, Mitnick is either a curious computer user that was wrongfully accused of horrendous crimes or he’s the most evil person to ever sit behind a keyboard and is capable of causing Armageddon with nothing more than a telephone.  Of course, the truth lies somewhere in the middle.

Mitnick has written books before that discuss social engineering.  The Art of Intrusion and The Art of Deception are both interesting books for security professionals that talk about the myriad of ways that hackers can exploit trust and other factors to compromise networks and systems.  However, both books lack something.  Deception is written as a series of “what if” methods of social engineering.  Intrusion uses real examples from a variety of sources, but not from Mitnick.  I’m sure there were lots of things that prevented him from talking about his past in these two books.  What people have really waited for though is the story of the World’s Most Wanted Hacker.  Well, wait no longer:

Ghost in the Wires is the autobiography of Kevin Mitnick.  Now that I’ve finished my CCIE studies, I have a couple of hours of free time to enjoy reading something that isn’t a whitepaper or a lab workbook.  I picked this up as soon as it was available on Amazon and cracked it open right away.  I took my time going through it, enjoying each chapter as it built up the story of Mitnick from his early years onward.  As the story progressed more into his social engineering stories and hacking exploits, I found myself spending more and more time reading about them.  I was drawn into the book not only because of the content, but the writing style as well.  Mitnick and his co-author William Simon decided to keep the content at a fairly non-technical level.  Other than a couple of expositions about gaining access via .rhosts files or spoofing IPs, the book as a whole doesn’t really go much deeper than programming a VCR.

What you do get from this book is a sense of what drives Mitnick.  It’s not wealth or fame or anarchy.  It’s the pursuit of knowledge.  Unlike the fame seeking kids today, Mitnick outlines that he only went after the targets he did because of the challenge of breaking into the them.  He didn’t do it to steal credit card numbers or to hold computers for ransom in some strange blackmail scheme.  Sure, he gained from his knowledge by virtue of his unfettered access to the phone company or his ability to clone his cell phone’s ESN whenever he wished.  However, rather than exploit this on a grand scale or sell his access privileges on the Internet, he held on to them and used them as capital only for bragging rights to other hackers.

Mitnick also takes some time to address the “Myth of Kevin Mitnick”, the legend that has grown up and been propagated about his crimes.  Stories of his flight from early prosecution to another country of his “ability” to whistle launch codes into pay phones elicit laughter but also show how the legal system in the early days of person computing was ill-equipped to deal with people like Mitnick that pushed systems to their boundaries and used them for their own purposes.  At times, it seems like the legal system in this book is run by a collection of scare mongers, ready at a moment’s notice to say whatever it takes to keep their suspects locked in solitary confinement and safely away from any form of communication, electronic or otherwise.  The second half of the book details his flight from the federal authorities and the ease with which Mitnick was able to create a new identity for himself.  Back in 1993 he was able to create a string of identities to elude his pursuers.  Today, however, I wonder if it would be as easy as before with all the linking of databases and sharing of information among all the different departments that Mitnick used to set himself up and someone else.  I’m sure it would be a very difficult challenge, which is just the kind Mitnick admits he loves.

Tom’s Take

I loved this book.  I’m a sucker for computer history, especially from someone as famous as Kevin Mitnick.  Yes, he violated laws and treated security procedures like recommendations instead of guidelines.  In truth, his crimes consisted of theft of things like source code or free telephone calls.  He did it because he liked the challenge of getting things he wasn’t supposed to have.  He was like a kid that would take his toys apart as a child to see how they worked.  I can identify with this kind of mentality, as I’m sure many of you can.  Mitnick chose to express this desire in ways that ended up bringing him into conflict with law and order.  In the end, he paid for his crimes.  However, he has paid us all back with the wealth of knowledge that he has shared about his methods of social engineering and computer hacking.  I recommend this book not only to those that are interested in the history of hacking but also to anyone that might ever take a telephone call or use a computer.  A little education about how easily Mitnick was able to gain the trust of unsuspecting people and get them to give him whatever info he wanted is worth the ounce of prevention that it will provide.  If nothing else, you’ll know what a nuclear launch code sounds like when it’s whistled in your general direction.