Monthly Archives: August 2020

Iron Chef: Certification Edition

Posted on by
6

My friend Joshua Williams (@802DotMe) texted me today with a great quote that I wanted to share with you that made me think about certifications:

You’ve probably already thought through this extensively, and maybe even written about it, but after sitting through another 8 hour practical exam yesterday I’m more convinced than ever that expert level exams from technical companies are more analogous to a gimmicky Food Network TV show than real world application of technical acumen. They don’t care so much about my skill level as they do about what kind of meal I can prepare in 30 minutes using Tialapia, grapes, and Dr. Pepper syrup with my salt shaker taken away halfway through.

I laughed because it’s true. And then I thought about it more and realized he’s way more than right. We know for a fact that companies love to increase the level of challenge in their exams from novice to expert. It’s a way to weed out the people that aren’t committed to learning about something. However, as the questions and tasks get harder it becomes much more difficult to get a good sense of how candidates are going to perform.

Boiling Water Isn’t Hard?

When you look at something like the CCNA, they’re trying to make sure you know how networks actually work. The simulations and lab exercises are pretty basic. Can you configure RIP correctly? Do you know the command to enable a switch port? There isn’t a need to get crazy with it. Using Joshua’s analogy from above, it’s not unlike a show like Worst Cooks in America, where the basics are the challenge that needs to be overcome. Not everyone is a superstar chef. Sometimes getting the building blocks right is more than half the battle.

As you move up the ladder, the learning gets harder. You dive deep into protocols and see how technologies build on each other. You need to configure BGP, but you also need to have some kind of other IGP running to distribute the routes. You need to remember that this spice goes in while the dish is cooking and this other goes on at the end so the flavor isn’t destroyed. I would liken this to a “fun” challenge cooking show, where the expert Food Network Chef faces off against someone that isn’t in the food business at a high professional level. Maybe they run a diner or are a short-order cook in a hotel restaurant. They aren’t looking to create their own signature dish. They know enough to cook what tastes good. But ask them to make hollandaise sauce or make pufferfish sashimi and they’re out.

Which brings us to the highest level of learning. The expert certification tracks. These are the crowing achievements of a career. They are the level that you have to be at to prove you know the technology inside and out. How do you test that, exactly? Microsoft had a great way of doing it back in the day with some of the mastery programs. You went to Redmond and you spent a couple of months learning the technology with the people that wrote it. It was very similar to a doctor’s internship in a hospital. You did the work with people that knew what you needed to know. They corrected you and helped you grown your knowledge. Even though you were an expert you understood what needed to be done and how to get there. At the end you took an exam to cover what you had learned and you earned your mastery.

Other certification programs don’t do that. Instead, they try to trip you up with tricky scenarios and make you make mistakes if you’re not paying attention. This is the Iron Chef round. You know your stuff, eh? Face off against this hard challenge. And by the way, here’s your curveball: You have to use this crazy extra ingredient. A show like Chopped does this a lot too. You need to make a meal using chicken, soy sauce, and candy corn. Are they testing your ability to prepare food? Or trying to figure out how creative you can be with a set of constraints that don’t make sense?

Ala Config!

The theory behind this kind of challenge is sound on paper. You never know what you’re going to walk into and what you’ll be forced to fix. I’ve had some real interesting problems that I’ve needed to solve over my career. But in every crazy case I never had to deal with the kinds of constrained setups that you get in lab-based exams. Configure this protocol, but don’t use these options. Make this connection work this way using one of these options but know that picking the wrong one will wreck your configuration in about two hours. Make trout-flavored ice cream. You name it and it’s a huge challenge for no good reason.

In theory, this is a great way to challenge your experts. In practice, it’s silly because you’re putting up barriers they will never see. Worse yet, you force them to start looking for the crazy constraints that don’t exist. One of my favorites is the overarching constraint in the CCIE lab that you are not allowed to use a static route to anything unless explicitly allowed in the question. Why? Because static routes don’t scale? Because they create administrative overhead? Or is it because a single static route fixes the problem and doesn’t require you to spend an hour tagging routes when redistribution happens? Static routes cut the Gordian Knot in the lab. So they can’t be allowed. Because that would make things too easy.

Tom’s Take

We need to move away from trivia and Iron Chef-style certifications. Instead of making our people dependent on silly tricks or restricting them from specific tools in their kit, we need to ensure their knowledge is at the right level. You would never ask a chef to cook an entire meal and not be able to use a saucepan. Why would you take away things like static routes or access lists from a network engineer’s arsenal? Instead of crafting the perfect tricky scenario to trap your candidates, spend the time instead teaching them what they need to know. Because once someone learns that trout is a horrible ice cream flavor we all win.

Thanks to Josh Williams for this great post idea!

Opening Up Remote Access with Opengear

Posted on by
1
Opengear OM2200

The Opengear OM2200

If you had told me last year at this time that remote management of devices would be a huge thing in 2020 I might have agreed but laughed quietly. We were traveling down the path of simultaneously removing hardware from our organizations and deploying IoT devices that could be managed easily from the cloud. We didn’t need to access stuff like we did in the past. Even if we did, it was easy to just SSH or console into the system from a jump box inside the corporate firewall. After all, who wants to work on something when you’re not in the office?

Um, yeah. Surprise, surprise.

Turns out 2020 is the Year of Having Our Hair Lit On Fire. Which is a catchy song someone should record. But it’s also the year where we have learned how to stand up 100% Work From Home VPN setups within a week, deploy architecture to the cloud and refactor on the fly to help employees stay productive, and institute massive change freezes in the corporate data center because no one can drive in to do a reboot if someone forgets to do commit confirmed or reload in 5.

Remote management has always been something that was nice to have. Now it’s something that you can’t live without. If you didn’t have a strategy for doing it before or you’re still working with technology that requires octal cables to work, it’s time you jumped into the 21st Century.

High Gear

Opengear is a company that has presented a lot at Tech Field Day. I remember seeing them for the first time when I was a delegate many, many years ago. As I have grown with Tech Field Day, so too have they. I’ve seen them embrace new technologies like cloud management and 4G/LTE connectivity. I’ve heard the crazy stories about fish farms and Australian emergency call boxes and even some stuff that’s too crazy to repeat. But the theme remains the same throughout it all. Opengear is trying to help admins keep their boxes running even if they can’t be there to touch them.

Flash forward to the Hair On Fire year, and Opengear is still coming right along. During the recent Tech Field Day Virtual Cisco Live Experience in June, they showed off their latest offerings for sweet, sweet hardware. Rob Waldie did a great job talking about their new line of NetOps Console servers here in this video:

Now, I know what you’re thinking. NetOps? Really? Trying to cash in on the marketing hype? I would have gone down that road if they hadn’t show off some of the cool things these new devices can do.

How about support for Docker containerized apps? Pretty sure that qualifies at NetOps, doesn’t it? Now, your remote console appliance is capable of doing things like running automation scripts and triggering complex logic when something happens. And, because containers are the way the cloud runs now, you can deploy any number of applications to the console server with ease. It’s about as close at an App Store model as you’re going to find, with some nerd knobs for good measure.

That’s not all though. The new line of console appliances also comes with an embedded trusted platform module (TPM) chip. You’ve probably seen these on laptops or other mobile devices. They do a great job of securing the integrity of the device. It’s super important to have if you’re going to deploy console servers into insecure locations. That way, no one can grab your device and do things they shouldn’t like tapping traffic or trying to do other nefarious things to compromise security.

Last but not least, there’s an option for 64GB of flash storage on the device. I like this because it means I can do creative things like back up configurations to the storage device on a regular basis just in case of an outage. If and when something happens I can just remote to the Opengear server, console to the device, and put the config back where it needs to be. Pretty handy if you have a device with a dying flash card or something that is subject to power issues on a regular basis. And with a LTE-A global cellular modem, you don’t have to worry about shipping the box to a country where it won’t work.

Tom’s Take

I realize that we’re not going to be quarantined forever. But this is a chance for us to see how much we can get done without being in the office. Remember all those budgets for fancy office chairs and the coffee service? They could go to buying Opengear console servers so we can manage devices without truck rolls. Money well spent on reducing the need for human intervention also means a healthier workforce. I trust my family to stay safe with our interactions. But if I have to show up at a customer site to reboot a box? Taking chances even under the best of circumstances. And the fewer chances we take in the short term, the healthier the long-term outlook becomes.

We may never get back to the world we had before. And we may never even find ourselves in a 100% Remote Work environment. But Opengear gives us options that we need in order to find a compromise somewhere in the middle.

If you’d like more information about Opengear’s remote access solutions, make sure you check out their website at http://Opengear.com

Disclaimer: As a staff member of Tech Field Day, I was present during Opengear’s virtual presentation. This post represents my own thoughts and opinions of their presentation. Opengear did not provide any compensation for this post, nor did they request any special consideration when writing it. The conclusions contained herein are mine alone and do not represent the views of my employer.

Is Bandwidth A Precious Resource?

Posted on by
3

During a recent episode of the Packet Pushers Podcast, Greg and Drew talked about the fact that bandwidth just keeps increasing and we live in a world where the solution to most problems is to just increase the pipeline to the data center or to the Internet. I came into networking after the heady days of ISDN lines everywhere and trying to do traffic shaping on slow frame relay links. But I also believe that we’re going to quickly find ourselves in a pickle when it comes to bandwidth.

Too Depressing

My grandparents were alive during the Great Depression. They remember what it was like to have to struggle to find food or make ends meet. That one singular experience transformed the way they lived their lives. If you have a relative or know of someone that lived through that time, you probably have noticed they have some interesting habits. They may keep lots of cash on hand stored in various places around the house. They may do things like peel labels from jelly jars and use them as cups. They may even go to great lengths to preserve as much as they can for reuse later “just in case”.

It’s not uncommon for this to happen in the IT world as well. People that have been marked by crazy circumstance develop defense mechanisms against. Maybe it’s making a second commit to a configuration to ensure it’s correct before being deployed. Maybe it’s always taking a text backup of a switchport before shutting it down in case an old bug wipes it clean. Or, as it relates to the topic above, maybe it’s a network engineer that grew up on slow ISDN circuits trying to optimize links for traffic when there is absolutely no need to do so.

People will work with what they’re familiar with. If they treat every link as slow and prone to congestion they’ll configure they QoS policies and other shaping features like they were necessary to keep a 128k link alive with a massive traffic load. Even if the link has so much bandwidth that it will never even trigger the congestion features.

Rational Exuberance

The flip side of the Great Depression grandparent is the relative that grew up during a time when everything was perfect and there was nothing to worry about. The term coined by Alan Greenspan to define this phenomenon was Irrational Exuberance, which is the idea that the stock market of 1996 was overvalued. It also has the connotation of meaning that people will believe that everything is perfectly fine and dandy when all is well right up to the point when the rug gets pulled out from underneath them.

Going back to our bandwidth example, think about a network engineer that has only ever known a world like we have today where bandwidth is plentiful and easily available. I can remember installing phone systems for a school that had gigabit fiber connectivity between sites. QoS policies were non-existent for them because they weren’t needed. When you have all the pipeline you can use you don’t worry about restraining yourself. You have a plethora of bandwidth capabilities.

However, you also have an issue with budgeting. Turns out that there’s no such thing as truly unlimited bandwidth. You’re always going to hit a cap somewhere. It could be the uplink from the server to the switch. Maybe it’s the uplink between switches on the leaf-spine fabric. It could even be the WAN circuit that connects you to the Internet and the public cloud. You’re going to hit a roadblock somewhere. And if you haven’t planned for that you’re going to be in trouble. Because you’re going to realize that you should have been planning for the day when your options ran out.

Building For Today

If you’re looking at a modern enterprise, you need to understand some truths.

  1. Bandwidth is plentiful. Until it isn’t. You can always buy bigger switches. Run more fiber. Create cross-connects to increase bandwidth between east-west traffic. But once you hit the wall of running out of switch ports or places to pull fiber you’re going to be done no matter what.
  2. No Matter How Much You Have, It Won’t Be Enough. I learned this one at IBM back in 2001. We had a T3 that ran the entire campus in Minnesota. They were starting to get constrained on bandwidth so they paid a ridiculous amount of money to have another one installed to increase the bandwidth for users. We saturated it in just a couple of months. No matter how big the circuit or how many you install, you’re eventually going to run out of room. And if you don’t plan for that you’re going to be in a world of trouble.
  3. Plan For A Rainy Day. If you read the above, you know you’re going to need to have a plan in place when the day comes that you run out of unlimited bandwidth. You need to have QoS policies ready to go. Application inspection engines can be deployed in monitor mode and ready at a moment’s notice to be enabled in hopes of restricting usage and prioritizing important traffic. Remember that QoS doesn’t magically create bandwidth from nothing. Instead, it optimizes what you have and ensures that it can be used properly by the applications that need it. So you have to know what’s critical and what can be left to best effort. That means you have to do the groundwork ahead of time so there are no surprises. You have to be vigilant too. Who would have expected last year that video conference traffic would be as important as it is today?

Tom’s Take

Bandwidth is just like any other resource. It’s not infinite. It’s not unlimited. It only appears that way because we haven’t found a way to fill up that pipe yet. For every protocol that tries to be a good steward and not waste bandwidth like OSPF, you have a newer protocol like Open/R that has never known the harsh tundra of an ISDN line. We can make the bandwidth look effectively limitless but only by virtue of putting smart limits in place early and understanding how to make things work more smoothly when the time comes. Bandwidth is precious and you can make it work for you with the right outlook.

Appreciation Society

Posted on by
2

Given how crazy everything is right now, it’s important to try and stay sane. And that’s harder than it sounds to be honest. Our mental health is being degraded by the day. Work stress, personal stress, and family stress are all contributing to a huge amount of problems for all of us. I can freely admit that I’m there myself. My mental state has been challenged as of late with a lot of things and I’m hoping that I’m going to pull myself out of this funk soon with the help of my wife @MrsNetwrkngnerd and some other things to make me happier.

One of the things that I wanted to share with you all today was one of the things I’ve been trying to be mindful about over the course of the last few months. It’s about appreciation. We show appreciation all the time for people. It’s nothing new, really. But I want you to think about the last time you said “thank you” to someone. Was it a simple exchange for a service? Was it just a reflex to some action? Kind of like saying “you’re welcome” afterwards? I’d be willing to bet that most of the people reading this blog post say those words more out of habit than anything else.

I decided I was going to change that. Instead of just mouthing an empty “thank you” for something, I decided to turn it into a statement of appreciation. As a father, I often tell my kids that they need to include statements in their apologies. Not just “I’m sorry” but “I’m sorry for hitting my brother”. Intent matters. In this case, the intent and appreciation is the opposite feeling.

So, instead of “thank you” I’ll say “Thank you for bringing me that cup.” Or maybe “Thank you for helping change that tire.” Calling out the explicit action that caused your thanks shows people that you’re being mindful of what they do. It means you’re paying attention and showing real gratitude instead of just being reflexive.

This can apply to technology as well. Instead of just a quick “Thanks” when someone completes a job, try making it specific. “Thanks for getting that routing loop figured out.” Or how about “Thanks for putting in the extra effort to get those phones deployed by the end of the day.” Do you see how each of these more specific statements are mindful of actions?

When you show people you appreciate them as much as what they do for you, you change the conversation. Appreciation is one of the most power gifts we can give other people. Validation and praise aren’t just meaningless platitudes. Show people you care may be the best connection they’ve had all day. Or all week. And all it takes is a little extra effort on your part. Take my word for it and try it yourself. For the next week, go the extra mile and explain why you’re thankful for people. You’d be surprised how far you’ll get.