Recently I set my sights on Juniper Networks‘ Design track as I am working with customers on an almost daily basis with regards to Data Center design. As such the Juniper Network Design – Data Center curriculum and associated JNCDS-DC certification looked very appealing. To top that off, according to Certification Magazine, the JNCDA and the JNCDS-DC certifications are two of the top six design related certifications at the moment, as of October 2016.
Data Centers and the Cloud are all the rage right now, and Juniper has been at the forefront of the Data Center revolution from the very beginning – early on with their introduction of the QFX and the much maligned QFabric, and more recently with the addition of Virtual Chassis Fabric (VCF), various open architectures for creating IP Clos Fabrics, and even advanced features such as Junos Fusion for the Data Center which collapse and simplify the deployment and management of a large number of Ethernet switches.
The JNCIP-DC is currently rated as the fifth hottest Data Center certification by Tom’s IT Pro, an online resource tracking the demand of various industry certifications.
Juniper QFX5100 Series: A Comprehensive Guide to Building Next-Generation Networks
by Douglas Richard Hanks, Jr.
Paperback: 310 pages
Publisher: O’Reilly Media
Much more than just a book about the QFX5100
This was an easy weekend read, and quite honestly I’d never thought I’d say this about a technical book but I literally could not put the book down. Doug has amassed a wealth of great information, approaching the subject matter from a standpoint of brevity, applying the Goldilocks principle — not too much and not too little — but rather just the right amount of information.
Juniper took a big step forward in rounding out their certification programs by announcing a new Design Training and Certification curriculum, focusing on best practices and techniques that can be used across the spectrum of network architecture and design. Slated to be included in this program are also technologies around software-defined networking (SDN) and network functions virtualization (NFV).
Not a day that goes by since having passed the JNCIE-SEC exam that I don’t receive an inquiry in one form or another regarding how I prepared for the exam. It seems that there is an incredible amount of interest in this exam, especially from all those die-hard ScreenOS folks that are now converting to Junos. So instead of constantly repeating myself, I figured I’d just put it up on the blog so others can benefit (leaving me more time to do other things, ‘heh).
Today we’ll start with a series of articles covering tips and techniques that might be utilized by JNCIE candidates, whether pursuing the JNCIE-SP, JNCIE-ENT, or even the JNCIE-SEC. The tips and techniques I will be covering might prove to be useful during a lab attempt but could also be used in real-world scenarios to save time and minimize configuration burden in addition to eliminating mistakes that might otherwise be made. I want everyone to understand that what I am about to write is simply a technique. I am not divulging any materials or topics which are covered under NDA.
As many of you know, Juniper is currently undergoing a massive effort to update their certification program. The previous track in ‘Enterprise Routing’ is now changing to ‘Enterprise Routing and Switching’ incorporating elements from the previous certification track in addition to some new elements essential to Enterprise switching such as Spanning-Tree, VLANs, Layer 2 Security, as well as High Availability features like Virtual Chassis. We can expect that a lot of the topics like Firewalling and NAT will be removed from this exam as these topics will more properly appear in the Security track.
Although the new JNCIE-ENT certification is planned to be released in August 2011, there are many of you who are currently pursuing the existing JNCIE-ER before time runs out. The good news is that Juniper plans to continue offering the existing JNCIE-ER exam until October 2011 so there is still quite a bit of time for those who are interested in attaining this certification.
There probably isn’t a single day that goes by that I don’t receive an email inquiry from someone currently pursuing the JNCIE-ER with a request to learn from my experiences and test preparation techniques. And although this exam will only be available for another 7 months, I thought I’d write about my preparations and experiences with this exam so those candidates might benefit – not to mention it prevents me from having to keep repeating myself over and over again…
Building the Lab
For this particular exam, you are really going to need to get your hands on several J-Series routers, or at the very least some M/T/MX-Series routers with Adaptive Services capabilities (NOTE: This might require additional hardware on non J-Series devices, such as an Adaptive Services PIC or a Multi-Services PIC). While it’s possible to do a lot of the routing preparation with Olives, a good majority of the exam is on services such as Firewalling, NAT, and IPsec. Without the right hardware, a candidate cannot properly prepare for these sections as performing these functions in an Olive is impossible. Olives have no hardware PFE or the appropriate Services PICs or Modules, therefore there is no SP interface which is required to create interface-style and next-hop style service-sets.
If you happen to have a bunch of SSG 300-Series or SSG 500-Series ending in an M in your environment, you may be in luck. These devices can be successfully converted to an equivalent J-Series box running Junos. For example, an SSG 320M can be converted to a J2320, and an SSG 350M can be converted to a J2350.
The easiest way to do this is to boot the SSG platform from the USB flash drive which has been formatted with the Junos image. An easy way to build a loadable Junos image onto a USB flash drive is to insert the USB flash drive into a working J-Series device and then perform the following function:
request system snapshot as-primary partition media compact-flash
This will copy all the appropriate system files and Junos image onto the flash drive and prepare it for booting on another device.
Once this has been done and the USB flash drive inserted into the SSG, the following commands can be issued to force the SSG to boot into Junos rather than ScreenOS:
set boot junos usb
NOTE: The SSG 300M-series or SSG 500M-series device must be running ScreenOS version 6.1 or later in order for you to perform the conversion. If your device is running an earlier ScreenOS version, you must first upgrade it to ScreenOS 6.1 or later.
A more thorough explanation of the upgrade process can be found here: Converting SSG 300M-series and SSG 500M-series Security Devices to J-series Services Routers with a USB Storage Device.
Exam Preparation Materials
In terms of exam study materials, here is what I used for the exam:
- ‘JUNOS Enterprise Routing’ by Harry Reynolds and Doug Marschke. Read it twice if you can
- ‘Advanced Juniper Networks Routing in the Enterprise’ courseware and labs which used to be available for free on the Juniper FastTrack site. These are no longer available publicly, but can likely be found with a little digging. I definitely recommend going through the labs because they are extremely representative of the types of things that you are likely to see on the exam.
- ‘Adaptive Services’ chapter in the JUNOS ‘Services Interfaces Configuration Guide’ – its 500 pages but will definitely educate candidates on all the variants of Junos Services.
- The ‘JNCIP-M Study Guide’ by Harry Reynolds is another really useful addition. The labs in this book will really help with routing policy and configuration of OSPF, RIP, and BGP.
- Probably the *single* most useful preparation tip I can give to anyone is to take the JNCIE-ER Bootcamp and/or the Remote Proctored lab exams offered by Proteus Networks. I haven’t personally taken the bootcamp, but I did see the materials from a colleague who sat through it and after sitting the exam I can tell you their Bootcamp is spot on. On another note, I did take their remote proctored lab exams and once again I am not disappointed with my experience with them. Rick Schenderlein was my proctor with Proteus and he really took the time to help me understand the areas that I could use improvement on.
As with all Expert level lab exams, a very important tip is to make sure you read the full exam in its entirety before starting a single configuration element. This is truly an expert level exam – one which requires you to think through your design decisions. There are often things later on in the exam which require you to go back and reconfigure something you’ve already set up in an previous section. Reading ahead will allow you to save yourself some time when you’ve thought your design through fully in advance.
All in all, I didn’t think the exam was that tough, but I also had 12+ years of experience working with Junos and a JNCIE-M certification prior to sitting the exam. If you’ve already got the JNCIE-M, I think it’s actually possible to prepare and pass this exam in just a few short months since there is considerable overlap between these two exams. In my case, I actually finished the exam in a little over 5 hours and spent another 1-2 hours going over everything just to make sure I had it right. I’ve heard that most people going in are pretty much down to the wire with time so I’m not sure what happened in my case but simply attribute it to being over-prepared and having spent about a full year of non-stop preparations between the JNCIP-M, JNCIE-M, and the JNCIE-ER exams. The trick here, as with preparation for anything, is to be consistent and develop a schedule which you can live with – a few hours a day over a span of several months will serve you infinitely better than studying hundreds of hours the few weeks before your exam. Slow and steady wins the race here… you’ll be surprised at how quick a few months can go by when you’re motivated and committed to something!
I hope this helps those of you who are pursuing JNCIE-ER certifications, and I wish you the best of luck in your endeavors!