I’ve decided that I wish to know some other Network OS than what Cisco can provide. It’s healthy to know more than one environment.
I’ve found my self a Juniper SSG 20 which is not that expensive ( comparing to other Juniper stuff , especially brand new ) for training.
One thing which I’ve noticed strait away was the registration process. I simply couldn’t find any link on www.juniper.net which would let me create an account. I had to mistype the user and password and then system suggested to create one!! What on earth?!
Also access to ScreenOS technical documentation, I really had to dig around to find that gem. But nothing really substitutes a good book.
I’ve opted for :
Hope they will give me nice reference point for my trip into the strange world of NOT CISCO Network System
I’ve spent most of the long weekend playing games and working.
Finally, after around 4 years of having the AA Account ( AAA 
I’ve finished Special Forces training! This gave me access to some neat weaponry in the game. Also unlocked SF exclusive deployments. Most of the time i was playing SF Hospital, but now SF Snakeplains is my favourite. The only training which I didn’t finish is for becoming a Medic.
I have also lost about 1.5 days over the weekend replacing old Monowall FIrewall with a state of art CIsco ASA 5510 Security Plus. I have some suspicion that current SysOp has a bug in regard to Port Speed. When, you boot the box, ports, which are connected to gigabit start, to glow orange, as they should to indicate 1Gbps connection, but after the system has finished booting, they are back to green, telling me that they are 100Mbps. After disconnecting and connecting back the cables, they are back to orange .. 1Gbps.
Oh, also replacing the firewall and extended period of time of dis-connectivity caused Windows 2003 DNS server on AD controller to crash in a way that it wasn’t serving any queries any more… that is MS for you.
Virtualization
Due to server hardware refresh coming at work, I am investigating routes which we can take, one of the new ones is going virtual. It has couple of advantages like High Availability, and Fail Over which are very important these days ( users complain if their services are not available 100% )
So far I have covered VMWare Server and Infrastructure products. Where I like features of Infrastructure and price and ease of use of Server.
Now it’s time for XEN. From the beginning it looks very bare. Not like entirely integrated VMWare software, XEN is just the basic core and you need tools to use it and these come in plenty. Now I am playing with what came shipped with OpenSuSe. But just now I’ve briefly read on ganeti and I am impressed.
Linux KVM, hmm, I don’t have much to say for it. From what I’ve seen it’s not good for hosting MS Windows guest systems.
SAN
This is kinda strange, I know what are they, how they work, even used it in some testing. But I never had opportunity to work with a real, expensive solution. So far, Compellent is looking like the sort of things which I might consider installing. The only thing which worries me is license cost as well as resilience of a controller. If I have half a dozen servers connected to that bastard, they all die with it.
Routing
I am also in the router/firewall upgrade bucket. Choice is hard here, part of me wants a Cisco and the other one wants something cheaper but as good as Cisco. No part of me wants a Juniper, they are cheaper but from what I have seen they are awkward to work with. I’ve came across Vyatta, looks solid and as I am testing it, I can not find any limitations which would cross it out. But I don’t like it’s name, it does not flow on the keyboard right ( definitely not as well as my yllq )
I have started using voip systems something like a 3 years ago. First casual for calling abroad as advised by my former boss I have registered with SipGate. First used it with linphone, later actualy bought a hard phone the Grandstream GXP2000. It was always fun.
Later I have installed Asterisk server for my self to play with … and this is where the real love for VoIP started.
At the moment I have local numbers in 3 countries if my family wishes to call me from their regular phones a few phones around my flat, phones in my parents place, as well as my cell phone can SIP in 
Now I am working on commercial solutions with Asterisk at the center and Grandstream, Sipura/Linksys and Cisco clients. Asterisk is brilliant and strait forward… worse with the clients, Grandstream phones are OK to provision while their gateway is just full of confusions and you do need to know a lot about the environment which it will work in – without documentation, unable to configure. Sipura/Linksys phones have a strait forward documentation for provisioning … but it does not work … use VoIP Info website. Cisco Phones … you do need to dig out some documentation and IRV codes to make them go …
Why I am writing that ?
I am in need of replacing a router with a more feature reach model. So I am going to Cisco website, looking for router with all my required features ( wifi, adsl, ipv6 ) and I have found that 857W will do it and it’s not to pricey.
Here is a features table which I found there :
|
Feature
|
Description
|
|
Routing Protocols and General Router Features
|
• Routing Information Protocol (RIPv1 and RIPv2)
• Layer 2 Tunneling Protocol (L2TP)
• Network Address Translation (NAT) and Port Address Translation (PAT)
• RFC 1483/2684
• Point-to-Point Protocol over ATM (PPPoA) (Cisco 857)
• PPP over Ethernet (PPPoE)
• 802.1d Spanning Tree Protocol
• Dynamic Host Control Protocol (DHCP) server/relay/client
• Access control lists (ACLs)
• Generic routing encapsulation (GRE)
• Dynamic DNS Support for Cisco IOS
|
|
Recommended Number of Users
|
10
|
|
IPv6 Features
|
• IPv6 addressing architecture
• IPv6 name resolution
• IPv6 statistics
• IPv6 translation-transport packets between IPv6-only and IPv4-only endpoints
• ICMPv6
• IPv6 DHCP
|
|
DSL and ATM Features (DSL Model Only)
|
• ATM Unspecified Bit Rate (UBR), Constant Bit Rate (CBR), and Variable Bit Rate/non-real-time (VBR-nrt)
• ATM Operation, Administration, and Maintenance (OAM) Support for F5 Continuity Check; segment and end-to-end loopback; and Interim Local Management Interface (ILMI) support
• 8 virtual circuits
|
|
Security Features
|
• Stateful Inspection Firewall
• Hardware-accelerated Triple Data Encryption Standard (3DES) for IPSec
• Hardware-accelerated Advanced Encryption Standard (AES) for IPSec
• IPSec 3DES termination/initiation
• IPSec pass-through
• 5 VPN Tunnels
• Point-to-Point Tunneling Protocol (PPTP) pass-through
• L2TP pass-through
• Advanced Application Inspection and Control
• E-mail Inspection Engine
• No Service Password Recovery
• HTTP Inspection Engine
• System Logging-EAL4 Certification Enhancements
|
|
Quality of Service (QoS) Features
|
• Weighted Fair Queuing (WFQ)
• Policy-based routing (PBR)
• Per-VC queuing
• Per-VC traffic shaping
|
|
Management Features
|
• Cisco SDM
• Cisco Configuration Express
• Cisco Configuration Engine support
• DSL firmware update from Flash
• Cisco Service Assurance Agent (SAA)
• Telnet, Simple Network Management Protocol (SNMP)v3, CLI, and HTTP management
• Out-of-band management with external modem through virtual auxiliary port
• RADIUS and TACACS+
|
I have bought one unit and when trying to configure ipv6 …. it is missing. I say OK, maybe on this IOS image.
Going back to Cisco website, using Software Advisor I can not find any IOS for 850 series which contains IPv6.
So, I have opened an issue with TAC. And guy says something “yeah, 850s don’t have IPv6″.
CISCO give me my IPv6 on router which I bought!!!!!! Or give me a new one which does it!
Cisco liars !!!
Since I have implemented IPv6 in my network, I am suffering from lack of Ethernet – Ethernet router which can do IPv6. It means that my laptop has to stay wired to external/border router and my sharp server is not yet available over IPv6.
I am fishing on Ebay for any IPv6 capable router, my bad, I know only about Cisco 8[3,5,7]1 routers which are also in price range acceptable for me. Maybe you know about any other ? does not have to be Cisco ( however I prefer ) and does not have to be new.
No problem. Just finished setting up my router with IPv6 over IPv4 tunnel to Hurricane Electric … and it works! and it is amazing how easy it is to do when doing it with Cisco IOS … Linux requires more steps.
But … if I wish to make it something permanently fitted in to my network, I will need to redesign it, and replace at least one router with something what supports IPv6 and no doubt it will be Cisco … unless you know other Big Brand, cheap router.
I did not known that Cisco routers are spoofing DNS …
When I am doing nslookup on external server which returns one of my static external IPs , my router is spoofing it and sends me my internal IP instead of external. Sometimes useful, sometimes not.
Freaking surprise !
Today, I was planing on playing more with my new router, unfortunately I have no console cable ( will arrive tomorrow ) and I was not hardcore enough to upgrade IOS on it.
I ended up installing new OS on my Nokia 770 , the 2006 edition. I have not used it for a while and I have not looked in to software repositories for it, for very very long time. Read more…
I have got hold of Cisco 837 router in last few days. Last few days were just one big back to roots learning session, I am still getting used to things, which were not present on routers back in my days at Cisco Network Academy.
QoS, Nat were nowhere on my CNA, same goes for ATM/ADSL. Actually this router made me review my knowledge and catch up on IOS.
Oh the router is used in my new flat for internet access as previous one D-Link something 604 something did not remember my magic after reset, and was hanging too often.
