CCNA

Myth

Member
Feb 27, 2018
148
7
18
Los Angeles
Hey Guys,

I'm just thinking about going for my CCNA certification. Do you guys have any advice for me before I start to study? I've only setup a single switch before, but I've watched a network guy setup a VLAN, MTU size, port enabling, IP settings, console set up, ssh remote in, etc.

I've also recently applied for a network administration job which is way over my head, but I feel confident I can figure it out. I need to setup firewalls, which I've never done before. Humm... any advice, other than don't do it would be much appreciated.

-Myth
 

i386

Well-Known Member
Mar 18, 2016
2,741
829
113
32
Germany
"learning by doing" :D
Get an used enterprise switch, connect a few hosts and try to setup the switch for the diferent things and see if the hosts can ping/reach each other.
 

BlueLineSwinger

Active Member
Mar 11, 2013
164
62
28
If a classroom settings works well for you, a lot of community colleges offer classes for CCNA routing/switching, as well as other related certs such as CCNA security and the CCNP series. Many also have hands-on, or at least online, hardware labs.
 

WANg

Well-Known Member
Jun 10, 2018
1,184
791
113
44
New York, NY
Hey Guys,

I'm just thinking about going for my CCNA certification. Do you guys have any advice for me before I start to study? I've only setup a single switch before, but I've watched a network guy setup a VLAN, MTU size, port enabling, IP settings, console set up, ssh remote in, etc.

I've also recently applied for a network administration job which is way over my head, but I feel confident I can figure it out. I need to setup firewalls, which I've never done before. Humm... any advice, other than don't do it would be much appreciated.

-Myth
Here's a clue from an actual hiring manager: don't apply for a network administrator gig unless you are fairly solid in your network skills, because one of those things you would inevitably do is to fix problems in an emergency, and you don't want to be seen frantically looking for results on Google while your company's bottom line is at stake. Most network guys are there to do initial setups and to fix things during breakdowns/emergencies. It might be okay if you are a junior SA who is under the wing of someone more experienced and can teach you the stuff while on the job, but if you are the single point of contact when the proverbial hits the fan, well, you are going to be overwhelmed real quickly. Fake-it-'til-you-make-it is not a good idea here - it'll often lead to fake-it-and-you-broke-it.

Okay, as for certification - eh, I don't favor it since many of the CCNAs I interviewed are blithering idiots. They might know the 3 to 4 letter abbreviations or the 7 layer OSI cake (Aunt Patty Sells Taiwanese network dog poop), but they can't tell me why something was done, and what's the advantages of doing it in a certain way - like what does it mean to have a VLAN tag, and how switching decisions are done on the hardware level.

Instead of focusing on a specific certification program focusing on a specific vendor's specific take on technology, look at the generic/standard scenario out there, and work on things that lean to that. Yes, you should buy a switch or 2 (a Cisco Catalyst 3524 is worth nothing, and a Juniper EX4200-48 is only $100+shipping) , a router or 2 (you don't even need an expensive one - an EdgeRouter lite, a Mikrotik or even a cheap wireless router running DDWRT will do just fine), or maybe even VMs of routers and switches (hit up a network engineer for Cisco IOS VMs, Juniper JunOS / vSRX or even Arista for their vSwitch), but the challenge is to figure out how to interconnect them together using various means, and then figure out a way to monitor/troubleshoot them.

As you are going through, ask yourseld questions like -
- Can you find out what's connected on the other side of a switchport on a Cisco switch? How about a Juniper one?
- Do you need special equipment to connect Infiniband equipment to ethernet? Where would you see that in a data center?
- Why is it so important to disable spanning tree in certain situations on 100Mbit Full-duplex switches?
- What's the actual difference between a router and a switch, and why is the line between them often blurred?
- What's the industry standard for monitoring networking equipment, and how would it interface with the monitoring software?
- How would you backup your current settings and how would you restore it quickly in an emergency?
- How would you track changes made to equipment configuration files?
- What are some of the warning signs of a routing engine failure?
 

Myth

Member
Feb 27, 2018
148
7
18
Los Angeles
awesome advice, serious questions! I don't know any of them except maybe the difference from a switch to a router.

The problem is that a junior position are really competitive and hard to find. But yes I agree with you I don't really want to lie my way through an interview then be put on the hot seat.

I found this class at a local community college:

Configuration and troubleshooting of static routing, Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Virtual LANs (VLANs), Inter-VLAN routing, Access Control Lists (ACLs), Dynamic Host Configuration Protocol (DHCP), and Network Address Translation (NAT). Preparation for the Cisco CCENT and CCNA Routing & Switching certification exams. No credit if taken after CIS 162. Total of 36 hours lecture and 54 hours laboratory.
 
Last edited:

SeanFi

Member
Aug 7, 2015
36
18
8
34
A CCNA was my first certification (well, really the CCENT that came as a stepping stone) and I feel it was well worth it. I got it in 2012, and my primary methods of preparing were the CBT Nuggets videos for the exam along with a pretty good lab build out. Yes, it gets into some pretty Cisco-specific stuff (the whole IOS CLI for example) but a lot of it is just a great overview of networking and technologies in general. I'm a generalist "IT Administrator" at a mid-sized business and so I find that I get very rusty on the CLI and higher-level routing stuff between recertifications, but the general networking knowledge has come in handy A TON of times.

A good lab setup can't be overstated. Even though a lot of the stuff now is on IOS 15 only, the basics still work in IOS 12 which you can get even with dirt cheap 1760 routers and 2950 switches. Often times the older routers come with T1 cards which work the same as the higher-end serial link cards, but the serial link stuff is starting to fall by the wayside on the exams. For full IOS 15 features, you can pick up 18xx, 28xx, or even 38xx routers pretty cheaply. And if you poke around, you can find all the IOS packages you could want on the internet even without a support subscription from Cisco. GNS3 is a pretty good tool as well, but be warned that it does have bugs that aren't always apparent. I've tried to set up lab environments in it before and found something not working, and only after pulling my hair out and building the exact same configuration on real hardware did I realize that GNS3 just wasn't emulating something properly.

Good luck!
 
  • Like
Reactions: Myth

turgin

Member
May 16, 2016
52
7
8
48
As an IT professional with 20+ years of experience that has interviewed candidates for several positions from entry to senior level I would say that WANg is pretty spot on. I started in IT back in 1992 with a local mom and pop computer store assembling computers and eventually being sent out on support calls to small businesses. It was definitely trial by fire, learn as you go, on the job training.

In the subsequent years I have moved from a consultant type role to enterprise IT staff and have worked in heavy manufacturing, financial, and oil and gas. I had some exposure to networking early on but have really focused on networking the last 10 or so years. In that time I have come to realize that only so much can be taught. Like many other fields a person either has the aptitude or they don't. They either want to learn and will pursue self study or they will not.

In the past, I have actually set up a small stack of equipment and provided a high level design with requirements to prospective candidates. Assuming they could build it in a reasonable time I would then break it and have them find and resolve the problems. It was simple stuff that should take 30 to 45 minutes to configure and then maybe another 20 to 30 minutes to troubleshoot, but some people applying for not entry level positions couldn't do it. If you can't configure a simple network with some vlans on 2 switches separated by two routers and subnet out your own networks given a /23 then maybe Network Engineer III is a bit of a stretch?

My experience may not line up with others but in the years I've been involved with IT at a corporate level across the industries mentioned I have only worked with Cisco gear other than a few low end Netscreen firewalls in one environment. That's just my experience though.

Things like a fundamental understanding of the life of a packet or a frame and the difference between the two helps tremendously in troubleshooting. Truly understanding that OSI model that WANg mentioned ( I learned it as All People Seem To Need Data Processing though) . Early on I thought that was a bunch of outdated jargon but its not. Of course, I only really care about the P, D, and N (sometimes T).

A CCNA course might be a good starting point to get some basic familiarity, but nothing can replace actual screen time connected to the equipment building and troubleshooting things. There is so much content available these days for free it is astounding. There are virtual labs you can rent time on that are surprisingly affordable. Used gear can be dirt cheap from ebay if you have the space and tolerance for that sort of thing in your home. Last I looked, GNS3 is a viable option for basic route switch labs but it can't emulate higher end Cisco gear due to their use of specialized ASICs for nearly everything these days.
 
  • Like
Reactions: Tha_14 and Myth

WANg

Well-Known Member
Jun 10, 2018
1,184
791
113
44
New York, NY
Okay, so here's a clue from someone who has been in the industry for at least 20 years - learn what I would call "street fighting network administration" - the stuff that matters on a day-to-day basis (not always taught on CCNA classes), which is the following:

a) Know how to crimp network cables, and know how to test them for faults.
b) Know the difference between multimode and singlemode fiber, what they are capable of, and why you would use one over the other.
The same goes for copper based stuff like 100BaseT, GigBaseT and 10GigBaseT
Also, know why SFPs are both a boon and a freaking massive pain in the ass for every network guy out there, and why for short distances, why you are better off with passive DACs
c) Know basic cable management and troubleshooting
- Think of it this way, you are in a messy server room with tons of cables entangled in a pile, and you must figure out which switchport on which switch/router does what, and you must do it with minimal supervision or clue. What would you do? (Hint: cdp or lldp, arp tables, show running config, ethtool on Linux or its Windows equivalent, enable, conf t followed by adding comments, etc)
d) Know what is the important stuff in the OSI 7-layer-cake (1 to 3 is usually important, as is 7)
e) Know how VLANs work, how trunking works, and why it is done
f) Know the difference between switching, and routing
g) Know what NAT does, and how to set it up
h) Know how single sign-on technology affects your ability to log into your devices (TACACS+/Radius binding to AD/OpenLDAP)
i) Know how to track the usage on every port in a switch without access to the switch (bossman will ask for trends analysis one day if you are an admin)

Note: I know many of these things are covered in a typical CCNA syllabus, but theres's a difference between rote memorization and really knowing your stuff. If you can "get" the stuff in the previously described knowledge pool, you should be able to take the same information and pass the JNCIA without any issues whatsoever.