Cisco Certification, or: omg n00b u sux0rz

As I’ve mentioned before, I’m back in school. This semester is drawing to a close, and I just took my final for my CCNA 2: Routers and Routing Basics course. This course is probably 20% theory and 80% “how to do it on Cisco hardware”, where the theory covers basics like routing tables and access-control lists (ACLs). I’ve been doing web programming for almost 12 years now, so the theory is cake for me. As for the Cisco stuff … well, that’s why I’m writing this post.

To skip to the end, the punch line is that I got an 88% on my final. Certainly nothing to sneeze at, but also not the A that I normally get. But I don’t really feel bad about that, because I felt that I got what I wanted out of the course. And, the point of this little rant, I’d like to argue that it’s probably better off that I didn’t get the stuff that I didn’t get.

Before I start ranting about everything I don’t like about the CCNA courses up to this point, let me tell you what I do like:

  • The first course (CCNA 1) really starts off with the basics. You might only have a limited grasp on what the Internet is, or that the brightly-colored cable gets plugged into the thing that looks like a fat phone jack, but that’s all you need. I saw fresh-out-of-high-school kids getting up to speed and acing that course. There are a few things that would be easier to understand if you had a few years of experience under your belt, but it’s not a requirement. Old-timers might be bored out of their skulls for this course.
  • The Cisco-provided curriculum is not half bad. It certainly has a Cisco bent to it, and those with experience will have several occasions where they have to distinguish between the real-world answer (wrong) and the Cisco answer (right). But, hello McFly, it’s a CCNA. Duh. Beyond that, there are plenty of pretty pictures and animations and whatnot. The explanation can be a bit thin in places, leaving you wanting for more, but that also means that you generally won’t get bogged down in a mire of useless trivia.
  • The courses are really big on repetition to help learning. This second course has been primarily focused on configuring Cisco routers, which we did from scratch not just occasionally but several times per week. We completely wiped the router and started clean each time, sometimes a half-dozen times per night. No leftover config files or shortcuts or web interfaces to help you out. By the end of the course, you will know how to pull a router out of the box and get started without cracking open the instruction manual.
  • Most of the examples, especially early on in the courses when it is important, aren’t overly contrived and are actually based in reality. It drives me up a wall to see an example that starts off with “you’d never do this in real life, but what if you wanted to …”. In the last two courses, I only had one example of that happening. There were two or three cases where a more complicated setup might have been better, but also harder for the non-gurus to get. So, it was nice to not end up dismissive every time I saw an example network diagram.
  • They have a really neat thing called NetLab. Basically, the school or training center buys an entire rack of Cisco routers and a couple of special units that control each of the routers as if you were at a keyboard next to the router. You can then get into all of it over the web and do simulations and reconfigure the routers pretty much however you like, without having to worry about taking anyone offline or if you forgot which end of the cable is DCE and which is DTE. It’s pretty spiff.

And now on to the ranty part. As you have probably guessed, the 12% I got wrong on the final was the portion of the curriculum that I couldn’t care less about. As anyone who has worked with Cisco equipment will tell you, there are a ton of very esoteric commands that could be less trivial and confusing and more helpful … but aren’t. Things like config register settings. It’s a 16-bit mask where there are no commands to set the individual flags, only the whole thing at once. I hope you remember what all 16 bits mean and wrote down what the old value was before you screwed it up. Oh yeah, and if you get it wrong you can really thrash your router. Good luck!

Should I care? The odds of me ever getting to do first-setup configuration of a production Cisco router are fairly minimal. Similarly, if I do end up with a Cisco router under my control and it goes so totally pear-shaped that I need the esoteric stuff to fix it … am I going to spend several hours trying to figure it out and fix it for myself, or am I going to call Cisco and have them fix it? Downtime is lost revenue.

I would kill for a CCNT certification — Cisco Certified Network Theorist. Or maybe that’s what the CCDA (Design Associate) certification is for? Having not taken the certification tests yet, I’m not sure. From what I understand of the CCDP (Professional) certification, it’s Cisco-specific, so maybe not.

Random Cisco-specific knowledge aside, I did have just a few gripes with the courses:

  • The curriculum doesn’t account for IOS versions as well as it should. It gets around the problem of having students not worry about the old ways of doing things by not mentioning the old ways at all, which is the wrong answer. More than a few times, my group would get stuck on a problem where the router just wouldn’t do what the book said it was supposed to be doing. We’d call over a teacher, who would then spend 15 minutes investigating, only to find out that on this specific occasion on that specific version of the IOS, you needed an extra special command or argument or whatever. This is what footnotes are for, people.
  • I would have liked to have seen at least a little discussion about interoperability. I know it’s a CCNA, and thus Cisco-specific, but the reality of the world is that there are vendors other than Cisco. Am I asking for too much?
  • I would also have liked to see more up-to-date examples. How does Cisco think I should build a DMZ? In a situation where I can’t segment the network because I only have one DHCP server, how do I configure broadcast proxying? That sort of thing. It seemed like there was a little too much hand-waving whenever I stared asking real-world questions.

Overall, though, I’d have to recommend the program to anyone who does any kind of networking. Yes, even you ColdFusion programmers. Those concepts that are always fuzzy and just outside of your ability to grasp them? Like DDoS attacks or IP spoofing or man-in-the-middle attacks? You need to solidify them and stop edging around them. A CCNA might be a bit of overkill, but even if you don’t get certified you will walk away from the courses a stronger web geek. And really, how can you consider yourself a web geek if you can’t explain how the web works from top to bottom?

By Rick Osborne

I am a web geek who has been doing this sort of thing entirely too long. I rant, I muse, I whine. That is, I am not at all atypical for my breed.