Getting started with HashiCorp Terraform Associate

HashiCorp Terraform, a technology that started off with a huge focus within the cloud space, now has really good support for network and security products, across a plethora of vendors. With this in mind (and by the fact you’re reading this article), you probably want to learn the best way to approach getting a bit more knowledge around Terraform – perfect, read on!

When I learn new technologies, I like to follow a certification; this is because there’s a structured learning path and test to verify you know, what you think you know (move aside ego), and you get something shiny at the end. I decided a few weeks back to attempt the ‘HashiCorp Terraform Associate’ certification, and truth be told – it was one of the most enjoyable certifications I’ve ever studied for; this article outlines the resources I used and also defines some exam tips and tricks.

Getting started

Read More »

Article 1 – VMware NSX-T home lab; planning for the mission ahead

Introduction

So, it begins – the preparation for expanding my VMware knowledge; specifically NSX-T and AVI, but I am sure I will learn a bunch along the way with other VMware products.

This blog will contain a few parts, breaking up the steps I took/am taking to create a home lab suitable for expanding my VMware knowledge.

Without further a-do, below outlines the contents for the upcoming blog series, and breaks down each element. It is worth noting at this point, that to accompany the blogs, there will various videos created so I can provide a walk-through of what I’m talking about.

Read More »

Mission success – VCAP-NV Design Passed!

On the 9th of October I passed the VCAP-NV Design exam. For those of you who haven’t already read my battle plan for this exam, you can read it here and you can also find the links to my notes here.

I followed pretty much the outline of what I set out on the battle plan to the letter, the design guide is a must read and the vBrownBag is time well spent.

Each of these resources approach assisting you with the exam in slightly different ways; the design guide tells you how NSX-T should be designed and the caveats around the few different supported architectures. Whereas the vBrownBag is focussed around the softer skills of a design, allowing you to think like an architect – finding Read More »

The Plan – VCAP-NV Design

The last year has been an adventure; I started a new role which I’m really enjoying. New opportunity naturally brings new challenges, which will bring out your strengths and weaknesses. As such, I have decided I want to learn more about VMware NSX-T, specifically in the design phase of a project.

This post outlines how I plan on gaining more knowledge of NSX-T design, by taking the VCAP-NV exam. It is worth noting, this post is the first of many, I plan to share my technical thoughts along this journey via this website.

Requirements

So, before I start going into the material which I plan Read More »

ASA License Upgrade

There maybe a time when you need to upgrade your license on a Cisco Adaptive Security Appliance (ASA).  The license is responsible for what feature set you have on the firewall and a comparison of licenses can be found here (v9.1).

The first step is to register your PAK key on the Cisco website.  The PAK key can be activated here and will require the device’s serial number to complete.  Follow the activation wizard and you will receive an email from Read More »

ASA – Dynamic FQDN Filtering

In today’s IT world, we are relying more and more on public cloud services such as Amazon Web Services (AWS), Azure and Google Cloud which typically have large IP address allocations. These cloud providers have the right to change the IP address of your hosted environment at any point in time and it is important that as network engineers, we can configure our equipment to dynamically adapt to applications changing IP addresses.  

Although in some environments use proxy servers for web traffic, there are some applications and websites which simply don’t work via a proxy, meaning traffic must bypass a firewall, typically at your internet edge.

Cisco Adaptive Security Appliance (ASA) Read More »

CCIE R&S – Lab Attempt #1

On the 23rd of November 2018 I took my first attempt at the CCIE Routing and Switching lab exam.  This article outlines my view on the lab experience, from both the traveling and the lab itself.

Travel & accommodation

I flew out from London Heathrow the day before the lab, with Matt, someone I have been studying with for the last few years originally met via RouterGods.  

The overall flight experience was pretty good and the travel between the airport in Brussels and the hotel I stayed at was around 5-10 minutes uber drive, which cost about 15 euros.Read More »

EIGRP – Faster Convergence vs Optimal Traffic Flows

Enhanced Interior Gateway Protocol (EIGRP) is a distance vector protocol, originally a dynamic routing protocol created and made proprietary by Cisco.  By default, EIGRP supports equal cost load balancing and when configured, EIGRP supports unequal cost load balancing.

Design Thoughts

Often when we design and engineer our networks, we are presented with a lot of challenges and hurdles to overcome of which should Read More »

Love it or hate it – RIP

Routing Information Protocol (RIP), love it or hate it – it’s still used and sometimes still even deployed but why?

First of all; let’s look at what RIP is, summarized in a few bullet points:-

–  Distance vector
–  Metric-based protocol
–  Slow convergence

The list of RIP attributes are not limited to the above, but it’s what I think of when I think of the protocol. Read More »