Fast Friday – Podcasts Galore!

It’s been a hectic week and I realized that I haven’t had a chance to share some of the latest stuff that I’ve been working on outside of Tech Field Day. I’ve been a guest on a couple of recent podcasts that I loved.

Art of Network Engineering

I was happy to be a guest on Episode 57 of the Art of Network Engineering podcast. AJ Murray invited me to take part with all the amazing co-hosts. We talked about some fun stuff including my CCIE study attempts, my journey through technology, and my role at Tech Field Day and how it came to be that I went from being a network engineer to an event lead.

The interplay between the hosts and I during the discussion was great. I felt like we probably could have gone another hour if we really wanted to. You should definitely take a listen and learn how I kept getting my butt kicked by the CCIE open-ended questions or what it’s like to be a technical person on a non-technical briefing.

IPv6, Wireless, and the Buzz

I love being able to record episodes of Tomversations on Youtube. One of my latest was all about IPv6 and Wi-Fi 6E. As soon as I hit the button to publish the episode I knew I was going to get a call from my friends over at the IPv6 Buzz podcast. Sure enough, I was able to record an episode talking to them all about how the parallels between the two technologies are similar in my mind.

What I love about this podcast is that these are the experts when it comes to IPv6. Ed and Tom and Scott are the people that I would talk to about IPv6 any day of the week. And having them challenge my assertions about what I’m seeing helps me understand the other side of the coin. Maybe the two aren’t as close as I might have thought at first but I promise you that the discussion is well worth your time.

Tom’s Take

I don’t have a regular podcast aside from Tomversations so I’m not as practiced in the art of discussion as the people above. Make sure you check out those episodes but also make sure to subscribe to the whole thing because you’re going to love all the episodes they record.

Podcasts I’m Playing in 2020

Since I seem to have a lot more time on my hands without travel thanks to current…things, I’ve been consuming podcasts more and more during my morning workouts. I’ve got a decent list going now and I wanted to share it with you. Here are my favorite podcasts (not including the one that I do for Gestalt IT, the On-Premise IT Roundtable:

  • Packet Pushers – The oldest and best is still my go-to for listening. I started back at Episode 3 or 4. i can remember the intro music. And I’ve been a guest and a participant more times than I can count. Greg, Ethan, and Drew do an amazing job of collecting all the info about the networking world and pushing it to my ears daily. When you through in their news feed (Network Break), cloud (Day Two Cloud), DevOps (Full Stack Journey), IPv6 (IPv6 Buzz), and one-off stuff (Briefings in Brief) there’s a lot to consume aside from their Heavy Networking “main” feed. You can sub to any or all of these if you want. And stay tuned because you might hear me from time to time.
  • Network Collective – Jordan is one of my old and dear friends. And I’ve been a fan of his work since he started it back in the day. Network Collective has gone through a lot of changes over the years, from flirting with video to changes in the host lineup. But one thing has remained the same. Network Collective captures the spirit and camaraderie of the old Community shows that so many podcasts have gotten away from over the years. When the focus moves to making the podcast into a business or on other topic areas, often the community aspect is the first thing to go. Jordan and Tony do a great job today of keeping the focus on the community.
  • Risky Business – This is my favorite security news podcast. It’s slick. Professional. And Patrick does a great job of blending news and interviews with sponsored segments. Risky Business also helps me keep a more global perspective on the world of security. It’s often far too easy to become insular and forget that not everyone lives in the US or faces the same challenges we do. The release cadence of episodes ensures that I always have something Risky to listen to on my walks.
  • Darknet Diaries – If Risky Business is the nightly news, Darknet Diaries is the drama that comes on right before. Each episode has a compelling hook to get you listening and then keep you there while the story unfolds. I’ve been known on a few occasions to do an extra lap around the block so I didn’t miss a juicy tidbit in the story. Jack Rhysider has that kind of voice that makes you feel like he’s just about to drop the biggest twist of the century with every statement. You should listen if you like long-form content.
  • The Contention Window – Gotta have a wireless podcast, right? Scott Lester and Tauni Odia are good friends from the wireless side of the house that break down the latest news and updates and have fun. Seriously. I don’t think there’s been an episode that I haven’t chuckled at yet. Their recording schedule has been a bit sparse this year with job changes and COVID craziness, but make sure you subscribe so you’ll be updated the next time Scott finishes editing something.
  • Current Status – Current Status is a podcast from my friends Teresa Miller and Phoummala Schmitt. I was honored to be Guest #1 back in the day. They’ve tackled some pretty heady subjects over the years. For a while it looked as thought real life had claimed another podcast and left it fallow, but the tenacity of these two ladies can’t be denied. Current Status has been resurrected and is broadcasting live on Youtube every Thursday night. Make sure you grab a drink and join in the fun! You can also subscribe to their feed to pull down the episodes after the fact.
  • Nerd Herd Podcast – Not every podcast in my feed is about tech. Sometimes it’s just tech-y friends being nerdy. The Nerd Herd Podcast is all about the nerdy stuff that goes on around us. Rocket launches, app security issues, and even the occasional sing along are a great way to unwind and not think about work for a while. Plus, check out Episode 26 to watch cast favorite Amy Lewis sing her heart out!

Tom’s Take

Consuming these podcasts during my morning walk or run helps me focus on keeping my head in the game as well as keeping up with what’s going on. Plus, I don’t typically trip and fall like I would if I’m reading my phone. Unless Tauni is making fun of Scott again. If you’ve got a favorite podcast (tech or otherwise) that I should check out, leave a comment below. And yes, it’s totally okay if you’re the host! You never know when someone is going to find your hard work and enjoy it!

The Knights Who Say “Um…”

The other day, Ethan Banks (@ecbanks) tweeted a rather amusing thought while editing an episode of the Packet Pushers:

It’s rather easy to sympathize with Ethan on this.  I find myself very conscious of saying “um” when I’m speaking.  We’re all guilty of it.  “Um” is a buffering word, a form of speech disfluency.  People use it as a filler while buying time to think of a more complete thought.  Most modern languages have some form of it, whether it be “err” or “ehhh”.  Most public speakers have gone to great lengths to analyze their speaking methods to eliminate these pause words.  The results, however, seem to point to substitution instead of reconfiguration.

Listen to any presentation involving technical content and you are likely to hear the word “so” more frequently than you’d like.  I’m as bad as anyone.  Since that presentation, I’ve gone to great lengths to eliminate “so” from my speaking vocabulary as a pause word.  Sometimes, I do a pretty good job.  Other times, I don’t do as great of a job.  There are a few people that work in my office that are constantly looking for my uses of “so” and pointing them out when they happen.  It seems that no matter how hard I try, rather than eliminating pause words, I just replace them.  Even in my second presentation, I used “hallmark” a lot more than I should.  Even with a lot of rehearsal, going off the cuff on some things tends to introduce the moments of indecision and thought processes that end in “um”s and “err”s.

I would much prefer that non-verbal cues be given instead of these pause words.  Rather than filling the conversation with unnecessary words, you should use silence as a time to reflect and collect your thoughts.  Provided you aren’t speaking over the phone or via a VoIP conversation, silence shouldn’t be regarded as a negative thing.  By taking a little extra time to analyze your thoughts before you start speaking, you negate the need to fill dead speaking space with unneeded syllables.  An old saying goes, “A pipe gives the wise man time to reflect and the unwise man something to put in his mouth.”  You should treat silence just like the pipe.  Rather than spending time filling the conversation, really think about what you want to say before you say it.  There’s no shame in taking an extra second or two before saying something really insightful or interesting.

I like to record my presentations because it gives me a chance to analyze them at length afterward to see what I was doing wrong.  I don’t listen for content the second or third or fourth time.  Instead, I try to pick out all the verbal garbage and make mental notes to myself to remove it for the next time.  After my IPv6 presentation, I did my best to eliminate “so” from my presenting vocabulary.  Now that I’m conscious of saying it, I can concentrate more on avoiding it.  The same goes for other pause words and comfort sayings, like “basically” or “interestingly”.  Only by repeated viewings of my prior work can I see what needs to be improved.  I would encourage those out there reading this to do the same.  Have a friend record your presentation or do it yourself with a simple tripod setup.  When you’re finished, take the time to analyze yourself.  Be honest.  Don’t give yourself any quarter when it comes to your speaking strategy.  It may be hard to watch yourself on film the first few time you do it, but after a while you begin to realize all the good that it can do for you.  You also learn to start tuning out the sound of your own voice, but that’s a different matter entirely.

Tom’s Take

There’s nothing wrong with speech disfluency.  In moderation, that is.  Words like “um” and “err” should be treated like salt – some is good, but too much ruins the dish.  Instead, focus on being conscious of the pause words and eliminating them from your speaking habits.  Instead, use silence as the best way to fill the void.  You’ll look smarter spending your time thinking about questions and not worrying about what words to fill into the conversation.

ISR G2: ISR Harder

There have been a lot of questions recently about the new Integrated Services Router (ISR) G2 line of routers from Cisco.  These new routers are designated by a ‘9’ in the hundreds digit of the model number, e.g. 2901 or 3945.  They are the replacement models for the original line of ISRs, the x800 series.  A little history:

Old and Not-Quite-Busted

The original line of ISRs from Cisco was designed to start incorporating more and more of the integrated network services as defined by Cisco’s “Network as a Platform” idea.  They incorporated things like Packet Voice DSP Modules (PVDM) for voice transcoding and AIM slots for things like Unity Express voice mail modules.  Also, security related modules could be purchased and loaded, and VPN encryption was accelerated on the main board itself through the use of a specialized ASIC.  They also included more RAM and compact flash memory then the previous models to allow for all kinds of fun things like CallManager Express and larger and larger routing tables.  As well, newer services such as MPLS and GET VPN were designed around the idea of using these newer routers with all the additional horsepower to achieve better performance.  And since there introduction, they are quickly becoming some of the most popular routers out in production.  So imagine my surprise when Cisco not only releases a second generation model, but announces the end of sale of the previous generation.

New, um, Warmness

The new line of ISRs, the G2 as Cisco refers to them, are evolutionary upgrades to the product line.  From the specs listed on Cisco’s website, they appear to incorporate newer technology and refreshes of hardware, but nothing spectacularly groundbreaking.  For example:

  • The G2 comes standard with gigabit ethernet ports for the 2900 and 3900.  The 2911 and up includes at least 3 ports, with one being an SFP module for things like fiber, which are becoming increasing more common as a handoff.
  • The amount of RAM has increased to 512MB across the board as the default.  The G2 can also increase to a maximum of 2GB of RAM.
  • There are two compact flash slots on the G2.  One is preloaded with a 256MB flash module, and both can be upgraded to a max of 4GB of flash each.
  • The x900 series includes the new USB console connection, which allows for the use of a simple USB A-to-mini-B connector instead of the ubiquitous blue rollover cable.  Good news for those of us that are getting tired of hauling around USB-to-serial adaptors that don’t work half the time with OSX or Windows 7.
  • Also included are two USB 2.0 ports (an upgrade from the 1.1 ports on the x800s) for things like security token use and file transfers
  • Support for newer HWICs, VWICs, and PVDM3 modules that provide DSPs for voice and video.

As you can see, this is at best an evolutionary upgrade.  Much like refreshing the Dell Vostro or the Lenovo Thinkpad, Cisco has given us better hardware in the box.  It’s now more modern and better suited for increasing connectivity speeds.  But was all this really necessary for a new product line launch?  Or the sunsetting of the old?  Before you answer that question, let’s look at the OTHER piece of the puzzle.  The software.

IOS with a capital “I”

Despite what a Cisco router looks like on the outside, what’s always been important to us is what’s under the hood.  The real guts of the router for networking professionals is the operating system.  A router could look like a pile of circuit boards and plastic packing peanuts as long as it shovels packets and gives us a way to program it.  And so, Cisco’s IOS has moved up to version 15.  Yes, they went from 12.4 to 15.  I can see skipping 13 out of superstitious reasons, but while they vaulted past 14 is beyond me.  Maybe 15 was a nice round number.  At any rate, along with the launch of IOS 15 was a change in the licensing model.  That’s where the real meat of this upgrade lives.

Go to Cisco’s website and check out how many software images are available for download for the 12.4 code train on the 2811.  Go ahead, I’ll stay here and burn a Lady Gaga CD…

Back already?  What, you don’t have a service contract with a 2800?  You can’t see the images to download them?  Oh, alright.  I’ll check for you.

Twenty four.  Yes, that’s right.  While some of them are bundle upgrades, there are still a lot of images out there.  With names like IP Base, SP Services, Advanced IP Services, and Advance Enterprise Services.  What?  What do those mean?  Unless you use the IOS feature navigator, who on earth knows?  Each one of those images contains some functionality that you need.  Need a CME upgrade?  You need SP Services or better.  MPLS?  Your looking for Advanced IP services.  Each feature you need from a service set requires you to download a specific file.  And in some cases, you get more functionality than you know what to do with.  If you download Advanced Enterprise services, you get the whole kitchen sink to deal with.  And that is the crux of Cisco’s problem.

It is entirely possible to purchase a 2811 router with an IP Base IOS image and then upgrade it to an Advanced Enterprise Services image (DISCLAIMER: I do not advise that you do this.  It’s illegal.  And it’ll get you in tons of trouble with Cisco should they find out.  And, you have  your conscience to live with afterward.)  The only limiting factor on the platform is the amount of RAM and flash storage needed.  As well, when you download the proper image looking for CCME, you inadvertently get the MPLS code and a whole host of other things as well.  It gets in the way and doesn’t allow things to run smoothly.

Now, go check out how many images are available for the 2911.  Oh, yeah.  Service contract thing again…

One.  Exactly one IOS image available for the 2911.  No IP Base or SP Services.  It’s labeled a “universal” IOS image.  What exactly does that mean?

The Cisco Code

For those of you that play video games, you might remember one called Quake.  Made by id Software all the way back in good old 1996, it was a first-person shooter.  It was also the subject of an interesting sales tactic by the publisher, GT Interactive.  They used a method called “Test Drive”, which allowed you to purchase the shareware version of the game at a nice low price.  You could play the first few levels of the game and decide if you liked it.  If you did, you called up GT and told them you wanted to buy the whole game.  They e-mailed you a key and told you to type it in.  As soon as you did, you unlocked the whole game on the CD you purchased.  That way, there was no second trip to the store and no additional install time.  GT saved a ton on packaging by only selling one version of the game.  The “full” version you bought for the regular $50 price tag just included the unlock code in the box.

Now, it appears that Cisco is doing something very similar with IOS to prevent OS piracy and lock down feature sets.  When you order an ISR G2 router, you get the basic image with all the basic routing functions.  If you want to do CCME, you need to buy a Unified Communications license.  You want to do VPN?  You have to buy a security license.  MPLS? Advanced data license.  This way, Cisco can give you all the functionality on the router when you buy it, but you only have to unlock what you need.  No silly MPLS commands to get in the way of the clean, sleek dial peers and CUBE settings.

Of course, this does allow for other nefarious things as well.  VWICs now require you to have a Unified Communications license or they won’t work.  They bark and complain when you try to activate them if the license isn’t correct.  The commands don’t show up if the license isn’t right, just like the old days when you had the wrong IOS on the router.  The difference is the commands are still in IOS 15, they’re just hidden until you have the right license key.  Once you type in the right key (or upload the license file into flash), reboot and the thing magically starts working again!  This is also a way to make sure you keep up with your maintenance, as the ability to mark a key with an expiration date is now a distinct possibility.  Don’t pay your SmartNet?  No SSL VPN for you!  As well, if you purchase the router on E-Bay or through a 3rd party seller, it is very easy to disable the license for that router and force it to be repurchased.

My Thoughts

I’m all for upgrades.  New hardware makes me drool and faster software with fewer bugs is something everyone can enjoy.  But the licensing thing drives me bonkers.  I understand the reasons why you have to have it.  The pirates and dishonest people out there have seen to it that every slip up or advantage they can use to screw Cisco out of a few dollars are well worth it, no matter what price they might pay.  But it also makes the lives of an honest network engin…um, rock star miserable.  I’m all for finding a way to make the software easy to use and install without needing to spend half my install tracking down the one little slip of paper that came in the box with the right key.  Or worse, the key is in an envelope that got shipped to the Houston office when the router is is Columbus.  Things like that make enemies of your valuable resources.  And with everyone out there gunning for you now, the fewer enemies you have, the better.

I’m going to go one installing ISR G2s for my customers.  I don’t have a whole lot of choice in the matter.  Moreover, I actually like what they’ve done with the platform as far as USB console cables and such.  But when it comes down to uploading that silly license, I’m still going to grumble.  Not much I can do about that.

I Got a +5 Tunnel of SSH!

I had an opportunity this week to record an episode of the PacketPushers Podcast.  It was a great outing that dealt with a lot of listener questions.  One of the questions that we didn’t get time to get to, however, involved online gaming and SSH tunneling.  I figured I’d do a little more research into it and see what exactly it is that makes this service work.


The game in question here is World of Warcraft (WoW), easily the #1 Massively-Multiplayer Online Role Playing Game (MMORPG) in the world.  At any one time, millions of players are logged on to any of the almost 250 servers that comprise the game.  Consequently, these servers are located in datacenters housed all over the world in an effort to provide close support and (hopefully) low latency connections.  In the MMORPG world, the lower your latency to the server, the smoother things appear in game.  When latency increases strange things start happening as the player’s client attempts to update the server as to the location of the player’s character, and the server attempts to update the player’s client as to the location of objects in the realm.  When this starts happening, player’s experience the dreaded lag.  Lag causes objects to appear out of nowhere, or objects to warp around the screen, or in the worst cases the player’s client freezes waiting for an update from the server.  As you can see, having a fast connection is very important for the enjoyment and playability of the game.

SSH Port Forwarding – The Beginning

Originally, the idea of using SSH to forward WoW traffic came about because of firewalls.  WoW communicates with the realm servers on TCP port 3724.  Many firewalls, especially those found in enterprise networks, allow known traffic such as HTTP or DNS while blocking all unknown protocols.  In other cases, firewall admins have specifically blocked traffic known to be associated with peer-to-peer (P2P) protocols, such as Bittorrent or Limewire.  At any rate, players found that being behind these firewalls rendered them unable to play WoW.  Some enterprising players found that if they encapsulated the packets in SSH and forwarded them to an SSH server that had port forwarding enabled, they were able to connect and play.  Essentially, this involves taking the traffic on port 3724 and forcing through an SSH client (like PuTTY) and forwarding it on to an SSH server.  The server would then act as a proxy and forward the traffic on to the WoW datacenter.  Since SSH is a well-known and quite useful protocol, it is very likely to be passed along without a second thought.  Also, as SSH is an encrypted protocol, the firewall isn’t able to break the packet apart and inspect it to determine what kind of traffic it contains.  So, through the use of SSH and a proxy server, users were able to play from just about anywhere

Now, how to get people to pay for it

One of the side effects of using SSH forwarding to circumvent firewalls was that some users were seeing their latency drop as a result.  Especially for players located in more remote areas of the world, tunneling the traffic to a location with a faster connection caused the somewhat-high ping times to drop to more acceptable levels.  A few companies, such as SmoothPING or WoWTunnels have taken this idea to its logical extreme and started charging users for the ability to lower their latency.  For a small fee each month, you pay for the use of a client, which automates the whole process of modifying your system to encapsulate the WoW packets in SSH.  You also get access to a proxy server that then forwards these encapsulated packets on to the WoW datacenters.  The WoWTunnels website claims that the latency is decreased because the packets take a “different path” to your particular WoW server.

This “different path” claim is the reason behind the question to PacketPushers.  The listener wondered if these services were just moving the packets on to a faster connection or if they indeed had a secret backdoor into the WoW datacenters.  The answer to this question is actually quite easy and requires no real magic.  Yes, the packets are taking a different path to the data center.  The packets are being pushed through an SSH tunnel to a server that forwards them on to the WoW servers.  In essence, this forwarding server is acting as a proxy.  If the proxy server has a fast enough connection to the destination it should decrease your latency.  As well, by tunneling the traffic as it exits your network, you avoid having it be scanned by firewalls or packet shapers, thereby avoiding these devices dropping your packet priority or increasing latency.

In the end, tunneling your WoW traffic in SSH can decrease your latency for several reasons related to firewalls and faster connections.  When you pay someone to automate the process for you, you are essentially paying for them to keep upgrading the pipe they have from their servers to the WoW datacenter.  As long as they keep their user traffic segregated and avoid filling up the proxy connection you should see a good connection.  But remember that you don’t necessarily need to pay for this service.  If you have access to a server that can port forward SSH and aren’t afraid to get your hands a little dirty, give this link a try.  But remember your mileage may vary.