CCDE, or how to design a network... or six of them

today I’ve met CCDE practical exam heads-on in London. it’s a new one at the Expert level, focusing on designing and redesigning of the networks - according to the virtual needs of virtual customers. after the Networkers CCDE presentation delivered by one of the authors of the CCDE program - Russ White - it’s hard to expect anything different than what they say. it’s very focused on “why”, and “how” is touched only in some generic terms. in other words, CLI-masters will get bored, but you’ll spend a lot of time thinking about subjects like: ...

May 6, 2011 · Łukasz Bromirski

IPv6 for WOŚP - summary

while the experiment was a success, effects were rather modest :) during the entire 9th, if we dismiss connections from bots connecting from University of Pennsylvania (greetings!) and China (really interesting URL mangling techniques), we’ve had 20 unique users and 1145 sessions. late evening, after grand finale additional 80 users visited us, and session counter increased to over 4500. i definitely didn’t do good job of marketing IPv6 availability for WOŚP, or IPv6 geeks were far away from IPv6-enabled internet that day. ...

January 11, 2011 · Łukasz Bromirski

ipv6 will play with Big Orchestra

traditionally for last couple of years engineering team at Cisco Poland is taking care of securing infrastructure for Wielkia Orkiestra Świątecznej Pomocy. this year i decided to launch experimental support for IPv6 - while we were not allowed to move all infrastructure to IPv6, it should be possible next year. everyone that has IPv6 access can point browser to ipv6.wosp.org.pl. everything works based on reverse-proxy provided by Apache, FreeBSD and Cisco MCS server :) ...

January 7, 2011 · Łukasz Bromirski

lisp@plnog#5

i was stubborn - and while from the very first moment we’ve had a lot of challenges with the hotel infrastructure, i was able to run xTR routers during last PLNOG for LISP. no, it’s not about programming Cisco routers with LISP, but about new concept of Location/ID Split, that is new concept enabling you to treat traffic engineering in internet differently. in short - we still serve traffic like we always did (backward compatibility), but by assigning users and companies IPv4 and IPv6 addressing from special pools, we can treat this traffic in a different manner. LISP is de facto overlay network concept. this itself is nothing revolutionary, but on the other hand - it’s first such network that got wide adoption in world-wide internet. why would you like to use LISP? apart from ability to conserve IP addresses, LISP gives you ability to do traffic engineering without use of BGP or involving third parties. and in effect, adopting it may mean less FIB space needed on core internet routers. ...

October 24, 2010 · Łukasz Bromirski

ipv6 - baby steps

everybody talks about IPv6 and still too few of us take it seriously. on polish mailing list dedicated to implementing IPv6 we get steady series of IPv6 prefix announcements, but real services available over this protocol is low. as a proof of concept for upcoming PLNOG, I just launched full network stack (Cisco 7200VXR with NPE-G1, ASA 5500-X, Catalyst 3750) and service (FreeBSD) for dual stack operation. IPv6 should be preferred, and while there’s still some things to tune down (like for example, DNS resolver in Windows XP), it should work. ...

August 21, 2010 · Łukasz Bromirski

1941w and its configuration...

…doesn’t have to be totally banal. it’s much more performant (300kpps, around the NPE300 performance from 7200!), so i upgraded my home 1803w to 1941w. as there are no readily available examples for complete config of the router (wired + WLAN), I decided to take the case in my hands and produce some examples. you may find them here.

June 29, 2010 · Łukasz Bromirski

confidence 2009 take 2 - post show

druga edycja CONFidence 2009 w tym roku, a już siódma ogólnie zakończyła się parę godzin temu. zgodnie z przewidywaniami mieliśmy dużo dobrej zabawy, całą rzeszę prelegentów wraz z ciekawymi sesjami i oczywiście - was. widzów, uczestników i aktywnych współtwórców konferencji (a przecież, jak doskonale wiemy, ostatnio nie każdy ma to szczęście :D). sesje i materiały z sesji, oraz materiały dodatkowe będą pojawiać się z czasem na stronie konferencji. moja prezentacja znajduje się jak zwykle w secji z prezentacjami. ...

November 20, 2009 · Łukasz Bromirski

layer 2 and 3 security - live demo

if you haven’t seen my practical demonstration at SecureCON 2007, you can see extended version on this thursday - i’ll be visiting AGH in Cracow at 7:45pm to do “show & tell” session as part of netWork sessions. session will be extended as we’ll have more time. photos can be found here and more information about the session itself can be found here.

February 20, 2009 · Łukasz Bromirski

ccie service provider

i came back yesterday from Brussels and today at 5:30am the verdict came in - definitely “PASS” :) so… let me share some advice and tips for those of you preparing to take CCIE SP practical exam (without breaking NDA of course). first of all - if you have that luxury of training on any software version - please try to check with the current Cisco page and align. software is quite “specific”, and you may be hit with interesting behavior that may be a little bit different from mainline versions. in the era of simulators and emulators building your own lab replica should be easy. but you may be kicked in the ass by making wrong assumptions about specific software versions. ...

February 10, 2009 · Łukasz Bromirski

conferences, conferences...

summer holidays are in full swing - starting from 26th of July i’ll be running Cisco Academy courses at PROIDEA for CCNP. everyone who’s eager to have a good time learning and discussing technologies (way outside of official curriculum) should immediately contact academy reception. independently of that, we have two large conferences coming. at Cisco Expo 2008 i will deliver sessions on network architecture that minimizes the chances of becoming a victim of a DDoS attack and becoming part of botnet. i’ll mention attacks over 10Gbps, DDoS “to go”, encrypted p2p and multiple ways to minimize damage - including using our Cisco gear to help. ...

July 25, 2008 · Łukasz Bromirski