TCPmag.com
http://tcpmag.com/
http://tcpmag.com/rss
Nov. 7, 2006
Editor: Gladys Rama (grama 1105media.com)
------------------------------------------------------------
------------
THIS ISSUE SPONSORED BY:
- Free CCNA Exam Review From Global Knowledge
http://in
fo.101com.com/default.asp?id=32720
- Cisco Press
http://i
nfo.101com.com/default.aspx?id=32572
- Server Based Computing Solves Data Protection Issues
http://in
fo.101com.com/default.asp?id=32750
------------------------------------------------------------
------------
IN THIS ISSUE OF TCPmag.com:
1. Q&A: Moving from Frame Relay to MPLS VPN
2. What's New on TCPMag.com
3. Interesting Employment in Texas, Washington, D.C. and
Arizona
************************************************************
************
SPONSOR: Global Knowledge - Cisco Learning Partner of the
Year
************************************************************
************
This exclusive concept review was created for those
preparing for
exam 640-801 CCNA, 640-811 ICND, and 604-821 INTRO. This
free resource
covers topics such as the OSI Model, Routing Configuration
Commands,
IP Addressing, and more.
Visit our web site now to receive your free review:
http://i
nfo.101com.com/default.aspx?id=32720
************************************************************
************
1. Q&A: Moving from Frame Relay to MPLS VPN
Send your toughest Cisco technical questions to editortcpmag.com
with the subject line "Attn: Scott."
Scott,
This may or may not be a CCIE question, but it has been
posed to
me anyway!
We are putting our WAN carrier contracts out for bid, and it
seems
like everyone wants to move us from the frame relay network
we
currently have into an MPLS VPN (private MPLS?) network.
How much of a pain is that going to be for us to change
things?
Each bid says it's the best thing and will be seamless, but
I am
not sure.
Thanks,
--Sam
------------------------------
Sam,
So you're learning early on to not trust carriers, huh?
Especially
salespeople. 
All of that aside, I'll sit back and rely on the great Cisco
answer
of "it depends"! There are many things that ARE
seamless, as far as
a customer-side MPLS deployment goes, and that makes things
very
nice. We have a connection, we see other offices and life is
good.
But the "it depends" part comes in depending on
how your current
WAN is set up. Are you running a dynamic routing protocol?
If so,
which one? Is it just static routes (hub-spoke concept)? Is
your
provider talking about Layer 2 connections or Layer 3
connections?
From a common RFC2547 type MPLS VPN at Layer 3, there are
many
options for us, most of which will depend on the service
provider
and what they sell and/or are comfortable with themselves!
While
the whole point of an MPLS network is to be invisible as far
as
the multihop connections and "look and feel" just
like your old
frame relay WAN was.
That isn't necessarily the case. Being an IP-based network,
we do
run into some technical issues along the way for
connectivity. Your
service provider will be running BGP (OK, MBGP) on the
internal
side. Whether or not you run BGP is irrelevant. They will.
So your
"end" of a connection is really only from your
router to theirs
(CE to PE, or customer edge to provider edge). This concept
isn't
any different from frame relay, but what happens from there
is.
Frame relay performed switching based (typically) on
manually
preset paths. More recently, most providers do some fancy
conversions to re-encapsulate your frames into IP or
something like
that to take advantage of more dynamic connectivity on their
side
of the equation. But re-encapsulation meant that their
connection
TO your device was treated as a Layer 2 connection, and they
didn't
care about the contents.
Everyone has touted MPLS as being carefree like this, and
the ability
to share a single service provider infrastructure with
multiple
customers even though they have overlapping addresses. But
the fact
of the matter is that they start with a Layer 3 connection,
which
means they ARE, indeed, stuck in the middle as far as
routing
protocols and interactions go. So what are your options?
If they make you run BGP, the service provider should
actually make
the necessary changes to ensure that your routes aren't
rejected
upon reentry (magic that takes a little while to explain).
But the
difference you may see is that suddenly all of your
connections are
eBGP instead of iBGP ones!
If you are allowed to run EIGRP, then you'll see many routes
as
"D EX" or external due to the redistribution they
are providing
you, because your peering is actually with the service
provider, not
with your router on the other end. RIP follows this same
logic,
although there's no care whether a route is internal or
external!
OSPF can follow a few different paths, and you'll have to
wait and
see what the SP architecture allows for. If the service
provider is
participating in your OSPF protocol, it will normally appear
as
area 0 to be the "backbone" network. Most
recently, we have added a
feature called an OSPF sham-link, which allows a pseudo-link
to be
built between your CE devices, making the service provider
network
more transparent.
Of course, there's always the option that your service
provider is
running VPLS or L2TPv3 or some other version of Layer 2 over
MPLS
which truly will erase it from the equation, making the
"look and
feel" of your network just like frame-relay, except
that it's
Ethernet to Ethernet now. Cool, huh?
Now you see there's some great variety involved in that
answer and it
truly does depend on what your carrier is set to do. So
before you
sign on the dotted line, I'd suggest taking some time with
the
technical folks from your carrier to make sure you
understand exactly
what is going to be happening and how much of that will be
your
responsibility.
MPLS VPNs certainly do have great potential for saving money
and
increasing speed and features available, but if they're not
known
ahead of time, they can also cause their fair share of
stress in
a cutover!
For more information, check out:
http:/
/www.rfc-archive.org/getrfc.php?rfc=4577
http://tinyurl.com/yfxdkv
http://tinyurl.com/yby3ma
http://tinyurl.com/4hjl4
http://www.netcraftsmen.net/welcher/papers/mplspece.html
(A little
older, but still good.)
Hope that helps,
--Scott
Scott Morris, quadruple CCIE, JNCIE and all-around
Uber-Geek, can often
be seen traveling around the world consulting and delivering
CCIE
training. He has recently stepped up as VP of Curriculum
Development
for IPexpert and will oversee a new consulting practice. For
more
information on him check out http://www.ipexpert.com.
Send your questions for this column to editortcpmag.com with the
subject line "Attn: Scott."
Miss a Q&A? Go online to http://tcpmag.com/qanda/
************************************************************
************
SPONSOR: Visual Instruction Helps You Prepare for the CCNA
Exam
************************************************************
************
CCNA Video Mentor from Cisco Press provides more than two
hours of
personal, visual instruction from best-selling author and
instructor
Wendell Odom. Each video covers essential router and switch
configuration
tasks.
Visit: http://i
nfo.101com.com/default.aspx?id=32571 to view a sample
lab and purchase - members save 20% and get free UPS ground
shipping.
************************************************************
************
2. What's New on TCPmag.com
NEWS: "Survey: CCIE Prep Costs on the Rise"
An annual customer feedback survey commissioned by Cisco's
CCIE
Program revealed that CCIE candidates are spending an
average of
$9,000, compared to last year's reported $7,600, in their
pursuit of
Cisco's highest level of certification -- with increasingly
less
support from their employers.
http://tcpmag.com/news/article.asp?editorialsid=1129
NEWS: "Juniper Challenges Cisco in Enterprise
Branch"
Watch out Cisco Systems Inc., because rival Juniper Networks
has its
eye on the red-hot branch office sector, too.
http://tcpmag.com/news/article.asp?editorialsid=1130
NEWS: "Boom Times for Metro Ethernet"
Worldwide sales of Metro Ethernet equipment are surging --
and they
ain't about to stop any time soon.
http://tcpmag.com/news/article.asp?editorialsid=1131
RSS FEEDS ON TCPMAG.COM
If you're running an RSS client, then consider signing up
for feeds
from TCPmag.com. You'll automatically be notified when new
content
is posted. Learn more here: http://tcpmag.com/rss/
------------------------------------------------------------
------------
3. Interesting Employment in Texas, Washington, D.C. and
Arizona
Job postings courtesy of Monster.com.
RENT-A-CENTER, INFORMATION SECURITY SPECIALIST
Position Type: Full time
Location: Plano, TX
Salary: Not provided
Experience: 2 to 5 years
Desired Education: Bachelor's degree, CCNA
Besides being responsible for companywide data security, the
information security specialist will act as the technical
lead in the
company's Incident Response Team, as well as identify and
correct
any security violations. Must have experience with
firewalls, directory
services, Websense, Tipping Point and Cisco IOS.
To learn more, visit:
http://jobsearch.monster.com/getjob.asp?JobID=48
974368&AVSDM
-----------------------------
DELOITTE, APPLICATION INTEGRITY, FEDERAL ERP CONTROLS
ASSURANCE MANAGER
Position Type: Not provided
Location: Washington, D.C.
Salary: Not provided
Experience: At least 7 years
Desired Education: Bachelor's degree, CISSP, CCNA
Deloitte & Touche is looking for an addition to its
Security Services
Group to monitor clients' security and control readiness.
Applicants
should have experience in distributed system recovery,
application
security implementation, and have knowledge of Peoplesoft,
Oracle, JD
Edwards or SAP applications. Experience in financial
services or
health care a plus.
To learn more, visit:
http://jobsearch.monster.com/getjob.asp?JobID=49
991473&AVSDM
-----------------------------
CITY OF CHANDLER, OPERATIONS SYSTEMS ANALYST, NETWORK
ADMINISTRATOR
Position Type: Full time
Location: Chandler, Ariz.
Salary: $59,972 to $83,940
Experience: 2 to 5 years
Desired Education: Associate's degree, CCNA or CCNP
Responsibilities include monitoring the city's network
infrastructure,
carrying out software and hardware upgrades, documentation,
troubleshooting and inventory tracking. Applicants should
have
experience with LAN/WAN networking, firewalls and Cisco
routers.
After-hours work may be required.
To learn more, visit:
http://jobsearch.monster.com/getjob.asp?JobID=49
985869&AVSDM
************************************************************
************
SPONSOR: Server Based Computing Solves Data Protection
Issues
************************************************************
************
Protecting business-sensitive information is progressively
more
challenging because transferring information from centrally
controlled
environments (e.g., databases, file servers, and application
servers)
to distributed and uncontrolled or less-controlled
environments is
easier. Learn why Server Based Computing (SBC) is
recommended for
data protection. Read this FREE paper today!
http://in
fo.101com.com/default.asp?id=32750
************************************************************
************
Got Windows? Get Redmond magazine! Each monthly issue brings
you
hands-on problem solving, tactical hard-core tech info,
real-world
reviews, expert columnists, news analysis and strategic
insights.
Available in print and Adobe Acrobat PDF format.
Start or continue your FREE subscription now!
http://subscribe.101com.com/red/magazine/NewFreeUS/?
p=enews5
Sign up for all our related FREE newsletters today.
http://in
fo.101com.com/default.asp?id=12650
Encourage your peers to excel!
Please forward this newsletter to any IT professional.
************************************************************
************
To learn how you can sponsor a future edition of this
newsletter,
contact Matt Morollo at (508) 532-1418 or
e-mail mmorollo1105media.com
Contact the editorial staff at editortcpmag.com
Newsletter problems: REDlists.101com.com
************************************************************
************
UNSUBSCRIBE OR CHANGE E-MAIL ADDRESS:
http://newsletters.101com.com/red/form.asp?c=dunce&a
mp;nl=43
************************************************************
************
To review our Privacy Policy, visit our Web site at
http://www.1105
media.com/privacy.aspx
Copyright 2006 1105 Media Inc. TCPmag.com News may
only be redistributed in its unedited form. Written
permission
from the editor must be obtained to reprint the information
contained within this newsletter. Contact: editortcpmag.com
|