Okay… Stop me if you’ve heard this before: We only have 6% of the world’s supply of IPv4 address left to hand out and if we don’t do something really fast… (sounds of Todd screeching to a halt!) Phew…Thanks for stopping me. This just isn’t breaking news anymore, and it’s becoming a pretty tired topic being discussed to death in the ever-growing number of tech blogs that interestingly, are just now starting to bring it up.

I’ve gotta say, cheers mates… it’s about time! I mean really, where have they been? I’ve only been writing and talking about impending IPv4 address exhaustion for years now, which means that it’s no longer something I want to blog about. Still, I have to admit that pretty much everything that we’ll be doing at work or on The Net from here on out will have at least something to do with that IPv4 lack of addresses issue. It’s true, I’m not kidding, but I promise to explain without digressing into “The IPv4 Event Horizon” thing.

Because we need to use a new, larger addressing scheme, many companies and world government agencies are taking advantage of this IPv4 issue to create a new, controllable internet, so although this blog may sort of resemble a techno-thriller movie script, it’s all too real to ignore. Believe it or not, if you dig around enough, you’ll find that most of this is straight out of the newspapers, though it may be buried deeply and certainly blurred a bit.

With the government now having complete and absolute power to shut down the existing Internet “in the name of national security” (referring to the 197-page senate bill entitled, “Protecting Cyberspace as a National Asset Act”), Google has commandeered a /32 IPv6 address, effectively crowning themselves an ISP with hundreds of millions of IPv6 addresses (see figure of where Google’s IPv6 address starts by clicking here).

Want to get on the new Internet? No worries! Just pay Google and you get to go to any of the new sites that they’ve deemed safe and desirable for you—a decision based upon your past search results, of course. Want to set your business up so people can see and maybe even buy your products? Again—no worries… Just pay that piper, and once you’re on the “white list” of government approved sites, people with a credit card used for an Internet subscription—much like your cable provider uses today—can get to your site and bleed some cash.

So it’s pay to play or no Net for you! Sounds like SciFi, doesn’t it, but sadly, it’s all too true. And it’s not even that big of a reach. Not all that long ago, people would have been totally shocked at the thought of paying anything except the electric bill for TV. Now it’s complete reality—no TV without paying…Period! Pretty good analogy except for the fact that the subscriber-only TV conversion happened slowly, over many years, and we just don’t have that kind of time because of “that subject” we’re oh-so tired of yammering about here.

Google (of course) denies this whole pay to get to the Internet thing, yet their hush-hush talks with Verizon seem to keep inconveniently popping up and making the news. This, while both organizations keep emphatically denying any and all of it and loudly singing the “net-neutrality must be protected” anthem. As always though, actions sing much louder, and their words are empty as my wallet probably will be after blogging this because their clandestine deals are getting closer and closer to closing down our current Internet as I write!

Now back to the government for a second. Large ISPs are somehow okay with this new senate bill because it contains language that will give them immunity from civil lawsuits and also reimburse them for any costs incurred if the Internet just so happens to be shut down for a period of time. Wow-hey, nice work if you can get it right? Get paid to not work, or even to shut your company down for a breather—sweet! Anyone who has ever been in line/on hold to a government office or service agency knows this does in fact curiously resemble how efficiently or not our current government tends to work.

Seriously—this is some real power we’re talking about. Think about it for minute… Just regulate free Internet speech and control the media and you gain unprecedented control over an entire country! Don’t think this is a unique U.S. idea, no way. It’s been “borrowed” from China and New Zealand, Australia and even the U.K are very much behind it too! Personally, I’m thinking the U.K. will be the first to pull the plug on the existing Internet, but only time can tell. It’s just really hard to ignore because it is a fact that they passed an unprecedented censorship bill in April of this year, which will pretty much kill their current Internet whenever they decide to. This little detail is pretty blasted ominous, and tells me I’m probably not too far off the mark with this little prediction.

Recent releases under the Freedom of Information Act has revealed that social media outlets such as YouTube, Google, Facebook, Myspace, Flickr and Yahoo have waived rules on monitoring users and permitting companies to track visitors to government web sites for advertising purposes. At the same time, the U.S. military has invested more than $30 billion towards its own understanding and ability to control the new Internet (the DoD, which creates defacto standards was suppose to have IPv6 on all their backbones by 2008, but hey, they did it by 2010 – and their new goal of an end-to-end IPv6 Internet is what they are spending all this money on!). To me, these factors clearly indicate that this information is unquestionably important and we shouldn’t just be blowing it off as hype for sure!

Well, knowledge is power right? Right… So use this information to create a solid plan to bag some sharp new skills, fine tuned specifically for this new controlled environment now, while you’re still ahead of the pack. I know I am! I can’t get enough of studying anything and everything IPv6 like crazy, and since I am a network guy, I’m working with as many government agencies and companies as possible to keep in step with the latest Intel and info on our ‘Brave New Internet.” And I’m not doing all this because I’m into techno-thrillers. I’m doing it all because I see it as a really exciting, new and lucrative business opportunity in what is honestly, a comparatively bleak landscape. You should too!

More on this as time progresses…

… In the meantime, be sure and check out GlobalNet Training & Consulting, inc for some really sweet training specials (including some up and coming new IPv6 classes!) and where you can find the best and only Todd Lammle Cisco Authorized training.

Cheers!
Todd Lammle

It’s been a long time since I wrote regarding Cisco Wireless technologies, and since my newest CCNA Wireless book is about to hit the shelves next week, as well as Cisco soon to be released Borderless Mobility networks, I thought I’d write a post regarding the benefits regarding the current Cisco enterprise solutions for your wireless networks.

There are basically two types of wireless networks you can install today: stand-alone (also called autonomous, and Cisco uses the two words interchangeably depending on what day of the week it is), and lightweight (controller based) solutions. The controller based solutions are becoming the defacto standard for all manufacturers today, but autonomous solutions are still available, and this solutions can be found in Cisco’s Linksys products.

If you have an autonomous solution, you have a wireless network as shown in this figure:

Autonomous APs have their own internetworking operating system (IOS). You configure them individually, and there’s no centralized administration point, as pictured. By contrast, the CUWN lightweight model solution definitely requires centralized control, which is gained via Cisco WLAN controllers ( WLCs). APs are controlled and monitored by the WLC, and al All clients and APs transmit information back to the WLC, including stats about coverage, interference, and even client data—back to the WLC as shown in the following figure:

Although the controller based solution is more expensive, the benefits can outweigh the costs because the administrative overhead can reduced. However, if you only have three or four access-points, the costs may not justify the need for a controller, depends on your needs.
All transmitted data is sent between the APs and the WLCs via an encapsulation protocol called Lightweight Access Point Protocol (LWAPP). LWAPP carries and encapsulates control information between the APs and the WLC over an encrypted tunnel. Client data is encapsulated with an LWAPP header that contains vital information about the client’s Received received Signal signal Strength strength Indicator indicator (RSSI) and signal-to-noise ratio (SNR). Once the data has arrived at the WLC, it can be forwarded as needed, which is how the real-time processes actually become available. A couple of great benefits gained through this kind of centralized control are improved security and traffic conditioning.
The controller considers a number of RF characteristics in real time to efficiently handle channel assignments. These include the following:
-Noise
-Client load
-802.11 interference
-Utilization
-Access point received energy

The WLC can digest all this information and through the use of algorithms make decisions on the behalf of the entire system.

Another great benefit about lightweight architecture is that it allows for the splitting of 802.11 Data Link layer functions between the Lightweight AP and the WLC. The Lightweight AP handles real-time portions of the communication, and the Cisco WLC handles the items that aren’t time-sensitive. This technology is typically referred to as split MAC.

One last thing I want to mention: Cisco’s Radio Resource Management (RRM) engine is the component of the WLC that makes the magic of RF environment management possible. Through the use of dynamic algorithms, the WLC creates an environment that is completely self-configuring, self-optimizing, and self-healing. The RRM performs these functions:
• Radio resource monitoring
• Client and network load balancing
• Dynamic channel assignment
• Coverage hole detection and correction
• Dynamic transmit power control
• Interference detection and avoidance
By receiving information constantly from the APs under its control, the WLC maintains a broad and comprehensive view of the RF environment.

That’s it for now, I’ll be back shortly to blog about Cisco’s new up and coming Borderless Mobility with the new CUWN Clean-Air Technology.

In the meantime, be sure and check out http://www.globalnettraining.com/ for some really sweet specials (including my CCNA Wireless class!) and where you can find the best and only Todd Lammle Cisco Authorized training.

Cheers!
Todd Lammle

I’ve been trying to say this for years!

Finally, people are listening about the IPv4 address problems and how we must start migrating to IPv6!

Read this CNN link

Let me know what you think!

Cheers!

Todd Lammle

Wow, okay, in the U.S. yesterday, a huge national broadband plan the FCC proposed creates a national policy for the taxation of digital goods and services imposing a fee to create a national public safety wireless broadband network. Being a network guy, especially a wireless expert, I am all for expanding the wireless networks!

However, the Obama administration has a plan to do it with more taxes and higher fees. Nice.. new taxes and fees, couldn’t be better timing.

Salaries for the Cisco certifications held by respondents to this year’s survey decreased from 2009, but they were still higher than the average salaries for Cisco-certified folks in 2008. The average salary of $93,953 for a Cisco Certified Design Associate was the sixth highest salary listed in this year’s survey, and is still a 25% increase from a CCDA’s average salary of $75,000 in 2008.

The second highest Cisco certification salary in this year’s survey ($89,864) was for the Cisco Certified Network Professional designation. Cisco this month announced a major overhaul of this certification by replacing the required exams with those that better reflect a network professional’s job tasks. After July 31, candidates are required to take exams that cover implementing Cisco IP routing, implementing Cisco switched networks, and troubleshooting and maintaining Cisco IP networks. (More information about the changes is available at Cisco’s CCNP site).

Cisco finally has announced what we’ve known was coming for about 6 months or so….an update to the CCNP Exams available starting March 10th, 2010. The new exams are simply called ROUTE, SWITCH, TSHOOT, with the latter not available until April 30th. So, if you’re working on your CCNP, you have until July 31st to finish using the old exams: BSCI, BSMSN, ONT and ISCW. The new CCNP offers a nice, new path for Cisco CCNA® certified network engineer and will provide you with a solid foundation for those interested in the Cisco CCIE® R&S.

There are two nice benefits about the latest exams: you’ll spend only $450 instead of $600 to get your CCNP (we’ll see how long that lasts), and you now get 120 minutes instead of just 90 to complete them.

Cisco has provided four various paths to achieve your CCNP, depending upon how far along you presently are with your CCNP Studies and exams. You can find the page describing each of those four paths here.

There are some interesting changes in the courses that will definitely affect the way that I’ll be teaching the 12-day bootcamp. First, the ROUTE and TSHOOT courses have some very cool e-learning lessons that you can only get from a Cisco Authorized training company. This means that if you do not go to an authorized bootcamp or class, you will not get said e-learning modules and yes—the information in them is absolutely vital to meeting the exam objectives! I’ve always wondered about people who claim they’ve passed the exam by just reading a book or using brain dumps, but now, I no longer will. In the new Cisco World, without attending an authorized course, getting the information required to pass will be next to impossible without doing something really shady—something that honest people with well, brains will realize is just not worth the risk. Cisco is not known to be the least bit forgiving of ill-gotten certifications! I am not saying you can’t self-study, it just seems that Cisco is making it harder to do so. Inside the Cisco Authorized kits will be a CD that allows access to the all-so-important material. So, how can we pass these exams without the new curriculum? Beats me.

Okay—that said, the ROUTE part of the CCNP provides you with information and labs on how to plan, configure, and verify the implementation of complex enterprise LAN and WAN routing solutions, using a range of routing protocols and securing routing solutions to support branch offices and mobile workers. There are more than 7 hours of extended e-learning outside of the classroom needed to meet the exam objectives.

The SWITCH part of the CCNP gives you with information and labs on how to plan, configure, and verify the implementation of complex enterprise switching solutions, using Cisco Enterprise Campus Architecture. The exam objectives also cover securing integration of VLANs, WLANs, voice, and video into campus networks with switches.

Lastly, The TSHOOT part of the CCNP supplies you with the information and labs on how to plan and perform regular maintenance on complex enterprise routed and switched networks, plus use technology-based practices and a systematic ITIL-compliant approach to successfully pull off complex network troubleshooting. I’m really interested to see what Cisco will use from ITIL in this exam. BTW… This course is all hands-on labs and has 9 hours of extended e-learning lessons.

With all this in mind, I really can’t say the CCNP will become any easier to attain, that’s for sure. The writing on the wall is that it’s going to be harder to instruct the course effectively and harder for the students to pass the exams unless they have some serious study and hands-on lab time. So if you are trying to finish your CCNP or wanting to get your CCNP, you’d better get with it. The bar is seriously rising soon!

Cisco has video information regarding these CCNP updates found here.

While we’re all waiting with baited breath for the new exams to be available so we can finally get the skinny about what’s going on, be sure and check out www.globalnettraining.com for some sweet New Years’ special offers from the only place that delivers the highest quality Todd Lammle Cisco Authorized training!

Cheers!
Todd Lammle

Taking off from where I left off last month….There are < 10% of the reserved blocks from IANA left to allocate, which means there is only about twenty-six 256 blocks. At this rate, the allocation of all addresses will happen on September 23, 2011. This is actually 17 extra days then I reported last month.

But wait- that’s only about 626 days from now….and when I wrote my last blog around Thanksgiving, 30 more days have passed- time is running out quick.

Also remember in my last blog I told you that a new RIR policy was created in 2008 that tells the IANA “When you’ve just allocated the last of six /8 network blocks, give us the remaining five unallocated network blocks!”, so right now we only have nineteen more block to hand out before this happens!

Looking back, It would have been helpful if the original designers didn’t reserve so many addresses to begin with when allocating IPv4 addresses. Here is the breakdown (remember that each /8 represent 16,777,216 addresses!):

• Sixteen /8’s for multicast use. This is probably the most useful reserved address space, but this is still more reserved addresses than are typically used.
• Sixteen /8’s for some unspecified “future use” that never happened…
• One /8 for local identification (0.0.0.0). Cisco had also reserved this range for router broadcast use that never happened.
• One /8 block for private use (10.0.0.0/8) – this one is actually helpful, and not too wasteful at all.
• And here’s a head scratcher for you…14.0.0.0/8…Something about public data networks, but I’ve never seen this used, and we never will either.

• And let’s just end with my personal favorite: 127.0.0.1/8. Now who was the genius that thought of this beauty? 16 million+ addresses wasted just to test your local IP stack. Nice.

• And the addresses ranges from 240.0.0.0 on up are reserved as well in RFC 3330 for some future use that we’ll never see as well.

Now I am no math genius, but if you take all those /8 addresses reserved (not counting the 240 through 255 addresses, which is a lot more addresses!) and if you multiple them by 16,777,216…well, now that’s a lot of reserved addresses. 603,979,776 to be exact, and considering that we only have about 318 million address left to allocate (to IANA & RIPE) worldwide – for the rest of our lives – this just shows how wasteful the designers of the first RFC’s were. And just as another reminder: we need about 190 million new addresses a year – and that is in this bad economy too. What happens if we get another rebound in the economy worldwide?

Sooner or later the unallocated address pools will run out for each RIR which means that life of an IPv4 network will be harder and harder to maintain, and certainly more expensive! Just try and buy some /28 or /29 addresses for your small company or home business and see how much the prices have already sky rocketed!

If this exhaustion problem hasn’t already made you very aware that you need to start deploying IPv6 products and services as soon as possible, then nothing will change your mind at this point.
So, what are your options? If you are an IT professional, get in an IPv6 class and just start learning some basics. If you are running a routed network, put together a test bed of routers running dual-stack routing and get some hands-on experience.

As for Cisco, my CCNP certification class is doing more and more IPv6 configurations every month now, and I have heard that Cisco is going to go even deeper into IPv6 even at the CCNA level. So at a minimum, get a book and start reading up on IPv6…it is in your future!

In the meantime, be sure and check out www.globalnettraining.com for some end of year specials and where you’ll find the best and only Todd Lammle Cisco Authorized training!

Cheers!
Todd Lammle

Want to read something startling to wake you up today? Here it is:

Projected IANA Unallocated Address Pool Exhaustion: 06-Sep-2011

Projected RIR Unallocated Address Pool Exhaustion: 29-Aug-2012

Or to put it another way – that’s only about 643 days from now….

Let me start at the beginning for a minute…the Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the Internet protocol resources and provides these resources to the Regional Internet Registry’s (RIR) who, in turn, delegates resources to their customers, which include ISP’s and end-user organizations.

Sure, there are a few other steps & details, but you can get the general idea that everything starts with IANA, and basically ends with RIR’s decisions on how to allocate the last remaining IP addresses. IANA’s IPv4 exhaustion has been predicted by scientists for decades so let’s just skip back to just the last six years….

In 2003, after the .com boom had already went “boom”, some various scientists predicted we had until about 2021 before we had anything to really worry about in our corporate or home based networks, which for them, would be long after these “scientist geniuses” were retired, or more likely dead (thanks mostly in part to PAT… [I mean thanks to PAT that we would still have IP addresses unallocated, not that the scientists are dead]).

However, a new study in the spring of 2008 shows that we have less than 10% of reserved unallocated addresses available and that we’re going to be lucky to even get to 2012 with our current IPv4 addresses in place, and we’ll start seeing address allocation problems occurring within the next year!

But what has created this massive address exodus from IANA in the last few years and how will it affect me?

First, I have to make some basic assumptions in this blog since I am not sure that anyone understands the exact question that I am trying to answer, because figuring out the IANA allocation amount and how fast it is being depleted is much like playing in the stock market. However, by assuming that 2010’s growth will be much like 2008 and 2009, we can just do the math based on the last year and a half.

This just seems like a good idea on where and how the prediction of when the unallocated IPv4 address will run out….or you can stop reading now and just keep believing what you are probably thinking…”That this is someone else’s problem” ….and you can just keep ignoring the problem, at least for another 643 days, give or take a few days.

But to answer the question about what is creating this problem in the first place, we have to understand what the world needs, and to quickly put things into perspective, the world needs IP addresses more than the U.S. needs oil. To be even more exact, at the end of 2003 the address consumption rate was about 64 million a year, and at the end of 2009 it is believed to be 192 million per year, which gives us about two more years before the IANA starts getting Social Security.

With all this in mind, understand that a new RIR policy was created in 2008 that tells the IANA “When you’ve just allocated the last of six /8 network blocks, give us the remaining five unallocated network blocks!”, which means the demise of the IANA forever. Wow, now there’s something to contemplate. It is very possible that IANA was both created and retired in your lifetime, and what a history it created!

Be sure and stop by next week and get up-to-the-minute updates on the depletion of the IPv4 unallocated address space. In the meantime, be sure and check out www.globalnettraining.com for some end of year specials and where you’ll find the best and only Todd Lammle Cisco Authorized training!

Cheers!
Todd Lammle

In my last blog, I talked about the new 15 IOS code and discussed the reason why they jumped from 12 to 15 in their code—well, my theory of why they did anyway. I also started a discussion about the new licensing they will be using, plus, their newest Integrated Services Routers Generation 2 (ISR G2). But right now, the types of licenses that Cisco will be providing with their new routers are what I really want to focus on.

Types of Licenses

First and foremost, how does this change what you need to buy? Answer… That depends on exactly what you need from the router. And to answer that question at all, you just really need to know about the types of licenses that will be available regarding them.

Okay, Licenses are first categorized by their time frame, or how long they are good for.  Check out the following figure—the time frame is either specified as permanent or temporary as shown by the top green boxes:

Permanent Licenses

Just as you would think, a Permanent license is good for the life of the device on which it is installed.

Temporary Licenses

A Temporary license can be used for evaluating new capabilities or an emergency situation. A temporary license allows a feature set to be used for 60 days of actual usage. When the 60-day period expires, the device will continue to operate normally until reloaded. After the reload, the device will default to the original functionality before the temporary license was enabled. Only the actual time that the temporary license is enabled counts towards that 60-day limit. The Cisco Technical Assistance Center (TAC) can provide an extension license for longer trials or other circumstances. Or, you could opt to just never reboot your router, and you’re golden!

Technology Package License

A technology package license is similar to the current image and licensing types that you are used to (i.e. advanced IP services, advanced security, etc.). however, instead of the many types that you have now, there are now just four:

• IPBase – basic entry functions
• DATA – includes MPLS, ATM, Multi-protocols, IBM support
• UC – unified communications, VoIP, IP Telephony
• SEC – security, IOS Firewall, IPS, IPSEC, 3DES, VPN

Software Licensing Framework

Alright, last thing before we tie this post off. We mentioned the Cisco Licensing Framework and Cisco Software Activation. This is the primary control part of this whole scheme to “help the customer track hardware, software, add services, upgrade images, and transfer licenses easier”. Oh, and it ensures that Cisco gets paid for every little thing too.

So let’s go through the whole process here. You go out and by a new ISR G2 router, it works the same way if you own one already and are buying new features as well. Ok, so you have it or buy it, first thing you get with the purchase is a Product Authorization Key (PAK). The PAK is an 11 digit alphanumeric key.

With the PAK you access the Cisco Licensing Portal, www.cisco.com/go/license and provide the PAK, serial number, and Product ID of the device. hA license file will then be generated for that specific device and that device only. You can download the file or have it emailed to you. Finally, you have to install the license file onto the router. This is much more complicated and time consuming than anything we’ve ever had to do before. However… Cisco doesn’t want to discourage you and make you complain….

So, to further “help” you in keeping track of all this licensing and to make it easier for you download and install the licenses. Cisco has made a handy application that you can install on a management workstation. This program is called Cisco License Manager (CLM). It is does some similar discovery functions and operates a lot like the Cisco Configuration Assistant (CCA).

Be sure and stop often as I update my blog with the latest and greatest Cisco intel. In the meantime, be sure and check out www.globalnettraining.com for some end of year specials and where you’ll find the best and only Todd Lammle Cisco Authorized training!
Cheers!

Todd Lammle

Cisco’s 12.x code has definitely proven to be a very stable operating system. But since change is a given, Cisco has gone through a lot of revisions, and it’s finally time to morph into the 13.x code. But no… wait! 13 is bad. Buildings don’t have a 13th floor, and even if they do, elevators don’t go there! 13 is a superstitiously cursed, unlucky number here in the U.S.

Friday the 13th has been cursed since the 16th Century because that’s the day that the King of France attacked and attempted to jail all of the members of the secretive society, the Knights Templar. Reading folklore tells us that a vast fortune disappeared at that time too, and no, the Masons didn’t bring it to the U.S. nor did Nicolas Cage find it a couple years ago.

Yet, strangely enough, the also secretive and private Swiss banking system began around the same time all this vast fortune from the Knights Templar disappeared. Okay, so I’m not a historian, I’m a Cisco networking guy, so I really don’t how much truth there is to any of this, (if any), but it’s sure some sweet fodder for great stories and movies.

Cisco appears to feel a bit superstitious too… they skipped the 13.x code and went to… 14.x code? Nope. Not 14 either, because 14 happens to be a really nasty number in parts of Asia. So to keep anyone from getting the willies, Cisco’s jumped to the new 15.x code! The actual reason for skipping versions 13 & 14 code is of course, nothing but a rumor, but it it’s a fun way to start to this blog. And just as with secret societies and bank accounts, no one’s talking!

(more…)