[ale] [Semi-OT] Networking Equipment

David Tomaschik david at systemoverlord.com
Wed Nov 30 11:36:28 EST 2011 

On Wed, Nov 30, 2011 at 11:25 AM, Michael B. Trausch <mike at trausch.us> wrote:
> On Tue, Nov 29, 2011 at 03:47:27PM -0500, David Tomaschik wrote:
>> I consider myself a pretty good system administrator and a decent
>> developer.  What I am not is a networking guy.  At the risk of
>> spreading myself too thin, I want to learn more about the networking
>> side of things.  (It helps as a system administrator to know what is
>> going on on the stuff your servers are connected to.)  While I know
>> the academic/general side of things like VLANs and STP, I haven't
>> had any opportunity for practical experience.
>
> My advice: learn the stack and the protocols within it.  This will
> help you more than learning anything that is vendor-specific, because
> you'll be able to see and understand what's going on and where.
>
> Don't make the mistake that so many do and assume that IP is opaque
> and that you need not know about it.  The measure (again, IMHO!) of a
> good sysadmin/netadmin is that as little of the system (or network) as
> possible is opaque to them.  Now, I am not saying that you need to be
> an expert in every aspect of the network stack, but you should at
> least know how to recognize what's what and where to look for more
> information if you need it.
>
> Perhaps even more important than the focus on networking, keep your
> knowledge of the RFCs up to date if you can.  I refer to the things
> all the time, though I'll admit that I haven't read as many as I
> want.  But, you can keep track of changes by monitoring the Daily Dose
> of IETF, which talks about new RFCs, new drafts, and so forth.  A most
> excellent resource.  (And if you haven't really looked at the list of
> current RFCs, there are standards for things you might not of thought
> of there...)
>
> The RFCs cover virtually every topic you would be interested in, from
> Ethernet framing to virtual network protocols, IP (both v4 and v6),
> transport protocols, routing, switching, bridging... more than you can
> comfortably read in a month.  But get a reader or a tablet or
> something and do spend time reading them.  They provide great insight,
> and as with anything, the more you know about the stack the more the
> higher-level constructs within it become predictable and make sense.
> And if you understand how all of the layer-2 things work (again,
> generally speaking) you don't have to really know any one vendor's UI
> to diagnose and fix a problem.  Diagnose the L2 issue, and then you
> can figure out how the device can be fixed to work around it (if it
> indeed can be, assuming it's something that isn't Linux).
>
>> I'd like to get my hands dirty, so I'm looking for one (or more)
>> cheap managed switches.  Cisco probably preferred, since they have
>> the lion's share of the gear out there, but I'm open to other
>> suggestions.  I know there are some switches for around $50 on eBay,
>> but most of those seem to be ancient and I'm not sure how relevant
>> they are to what's out there today.  (i.e., devices that went
>> end-of-sale a decade ago.)  Of course, the basics might not have
>> changed too much.  I'm not looking to go CCNA or really work as a
>> network guy, just to know enough to have a good grasp of the network
>> side and maybe to do some small business scale tasks.
>
> Go to the store and pick up a router that will run DD-WRT and
> experiment, experiment, experiment.  Great way to do it "on the cheap"
> and of course most of the stuff that Linux exposes is something that
> Cisco's ios is capable of doing.  Or so I've heard, anyway.
>
>> Can anyone suggest a source for cheap used networking gear?  Or
>> alternatively, suggest models of switches worth looking at on
>> eBay/other?
>
> I'd start with the DD-WRT list of supported routers, and get the
> largest one that you're comfortable playing with.  Seriously.  You can
> then do things like play with VLANs and firewalling and routing and
> whatever else you can imagine.  If you want to expand your experiments
> to include Cisco equipment later, you can, and IIRC the Linux kernel
> can create tunnels using Cisco's custom tunnel protocol.
>
>    --- Mike

I hadn't considered using dd-wrt for much, mostly because I despise
the dd-wrt web interface and the way the stack is set up that it feels
"hard" to do things manually.  (Getting iptables to play nice is a
PITA.)  I keep meaning to learn how to rebuild the firmware with
OpenWRT though...  (My main router, unfortunately, is not supported by
OpenWRT, only dd-wrt.)  I have about 4 or so WRT54G[LS]? routers, so
that might be a good first step.

While I'm aware that the kernel and tools were there for things like
802.1q, 802.1x, STP, etc., I guess I hadn't considered how to get to
them from within the dd-wrt environment.  I can probably (reasonably)
rebuild OpenWRT to include things if dd-wrt does not.

I've read a number of the RFCs, but there's typically a big gap
between RFC and reality, and I'm looking to bridge that gap.

-- 
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com

More information about the Ale mailing list