Guide in Progress: Building out a home lab

RTFM · January 06, 2015, 07:09:16 PM

This is what I found on eBay, a Cisco 2621XM 128D/32F [1] running Advanced Enterprise IOS image, c2600-adventerprisek9-mz.124-10a.bin for 75 USD.
Is this a good purchase where I can use the IOS image on GNS3 for educational purposes?

If not, is anyone willing to donate any of their old hardware? Please let me know.

Thanks

[1]. http://www.ebay.com/itm/Cisco-2621XM-128D-32F-CCNA-CCNP-CCIE-6xAvailable-Warranty-/311240796181#rwid

Ironman · January 06, 2015, 07:16:42 PM

It's a good price but I would prefer a more "reputable" seller. Check this site out:

http://www.cablesandkits.com/cisco-2600xm-series-routers-c-50_84_878.html

wintermute000 · January 06, 2015, 07:33:35 PM

Don't buy 26xx era stuff. 18/28xx is cheap and runs ios15

deanwebb · January 06, 2015, 07:40:20 PM

Quote from: wintermute000 on January 06, 2015, 06:04:08 PM
seriously, for labbing who cares about legalities.
do they want techs to know and evangelise their gear or not? zero guilt for non-prod usage IMO

We can't require that you feel any guilt, only that nobody posts links to where this stuff can be had. While it's hard to go after a zillion students, it's easy to take a whack out of a website owner's backside.

We now return to our discussion of what gear to get.

ChestHair · January 06, 2015, 08:37:49 PM

Quote from: deanwebb on January 06, 2015, 10:45:40 AM
For professional-level certifications and above, however, you will want to handle real equipment, since real equipment can fail in ways that simulated/emulated equipment can't. Those real equipment failures are also things you can experience in real life.

This is something I came across when I picked up a 3560 off eBay that had 2 DOA SFP modules installed. I had a handful of spares laying around so no harm done, and it added a little something to the experience of getting it up and prepped to lab.

Most of the equipment I've bought from there still comes configured from wherever they pulled it, and I enjoy getting in and seeing how it was setup and seeing what they use for their type 7 passwords, lol.

deanwebb · January 06, 2015, 09:20:44 PM

Getting equipment from a former owner that hasn't been cleaned off gives one an opportunity to find out all about using physical access to a network device to gain root access, courtesy of ROMMON mode. That is one of the most fun things to do, ever, for a networking guy. If you don't have fun going to ROMMON, you need to consider a different career direction.

hizzo3 · January 06, 2015, 09:26:38 PM

Quote from: deanwebb on January 06, 2015, 09:20:44 PM
Getting equipment from a former owner that hasn't been cleaned off gives one an opportunity to find out all about using physical access to a network device to gain root access, courtesy of ROMMON mode. That is one of the most fun things to do, ever, for a networking guy. If you don't have fun going to ROMMON, you need to consider a different career direction.

My second 3550 booted in ROMMON... and it wouldn't take a new BAUD rate, so I was stuck loading an IOS using speed closer to smoke signals... then my laptop shut down because of the Power Options... Note to the wise... always check your Power Options before doing any long file transfers.

hizzo3 · January 06, 2015, 09:31:27 PM

Feel free to move if you think this is too much for this thread. Also, any feedback is welcome.
Quick primer on Virtualization.

Problem: I have one box (computer consisting of a motherboard, hard disk drive (hdd), cpu, ram, ect), but you need to run multiple operating systems, simultaneously. Good example would be a Windows server, a firewall appliance (like pfsense) and Fedora desktop as a testbed.

Solution: Enter the world of Virtualization.

With Virtualization, you can run multiple operating systems (OS) on a single box, simultaneously. This can decrease the number of physical servers needed, decrease energy consumed, allow greater flexibility, and potentially increase security. Enter the hypervisor.

A hypervisor is what you run your virtual machines (VM) in. In the example above, the Windows server is one VM, while pfsense would be your other VM. You would need a hypervisor to create the environment in which both could coexist simultaneously without killing each other. There are two types of hypervisors: Type 1 – bare metal (Citrix XenServer, VMware ESXi, Microsoft Hyper-V) and Type 2 – hosted (VMware Workstation and VirtualBox). Type 1 runs as an OS on the hardware while Type 2 runs like an application within an installed OS like Windows 7. It is like running programs inside a program, sometimes installed in another program. Crazy, huh?

The hardware needs of Virtualization depend greatly on what you intend to do with it. While not required in all cases, a good start is a box that supports Intel VT-x or AMD-V. Most hardware built in the last 4-5 years will support this, but your mileage will vary, so check manufacture documentation. For instance, I have a laptop with an upgraded T9300 processor and PM965 Express chipset. Both support VT-x, but the bios needs to be hacked to allow the function to be turned on.

Other hardware needs will be a decent processor and most importantly, ram. There are other things that are application and hypervisor specific, but that is beyond the scope of this. I still can use VMware Workstation, and do, but with limited performance.
Another great perk of VM's is they are more fluid. You can have a Golden Image (image template, before you deleted messed with your registry). If you have multiple hosts (type 1), you can create a pool and create fail-over/High Availability. Depending on your hypervisor, you can even migrate a VM incase the box it resides on need maintenance (without shutting it down). If you're practicing for an install and configure certification, you can delete it then recreate it until you can do it in your sleep.

In my scenario, my laptop was out of the question as a host machine for the hypervisor (I needed a dedicated solution), so I cannibalized an old HTPC (home theater PC) I had lying around. It has an i5-2405s Intel processor (launched in 2011), some hard drives, a Z68 motherboard and 8GB ram (32GB max). It was/is hardly anything hardcore. My hypervisor of choice was XenServer. It comes (freely) fully featured, including management software, and has rather strong support community. Linux skills will help, but your Google-fu with be more important. Aside from running a few Linux VMs like Backtrack and RedNectar's GNS3 Workbench, all I knew about Linux was that they have an obsession with penguins. A few hours later of practicing my Google-fu I learned some basic XenServer and related XenServer commands, I had my first VM up and running. Just be patient - if you get frustrated, take a break. They say it is 7 minutes to Xen, which is true, but then its about 30-45 mins to config the remainder.
Currently, I have running:
Windows Server 2012 (DreamSpark-for college students) acting as a file share (iSCSI initiator for a target I have). Future plans include RADIUS for 802.1x (might use pfsense, but I like the separation for security), SNMP, Plex Media Server, Backup for all my devices, among other duties.
Fedora testbed for my Linux practice
pfsense is next in the list (my asus router is great and all, but it can handle only so much). This will be my firewall for my home network, VPN (Asus only does PPTP efficiently), and local DNS.
I still have room for any of the VM needs of future certs.

RTFM · January 07, 2015, 01:47:28 AM

Quote from: wintermute000 on January 06, 2015, 07:33:35 PM
Don't buy 26xx era stuff. 18/28xx is cheap and runs ios15

Quick question. I am reading, Understanding Cisco IOS Naming Conventions[1] document. It says, the name of a Cisco IOS image represents the
   Platform,
   Feature set,
   Format, and other information about the image file.

If you look at the example in the document, c3725-entbase-mz.123-2.T.bin,
where c3725 = Platform, entbase = Feature set and etc.

My question is, if I want to use an IOS image in GNS3, shouldn't I buy a router whose Platform is one of the hardware emulated by GNS3? I ask this question because 18/28xx is not listed as one of the hardware emulated by GNS3. Am I mistaken or are you suggesting to buy a 2 or 3 18/28xx routers running IOS v15 and practice on the actual hardware instead of GNS3?

Thanks

[1]. http://www.cisco.com/web/learning/le21/le34/downloads/689/academy/2005/BRK-101.pdf

wintermute000 · January 07, 2015, 02:00:39 AM

I'm merely making the point that a 1800 or 2800 or 3800 series device is capable of running IOS15 code (however you get it). This is the code that you should be labbing against as its much more current - even then you will only run up to 15.1M or 15.2T.

Even without the code issue the 2600 / 3600 era platforms are ancient. You are also going to be getting a machine thats a good 6+ years newer than a 2600 for example (with power supplies that are years newer lol).

I can't comment if you're specifically buying a device just to get an IOS but I will just say there are many, many easier ways.....

deanwebb · January 08, 2015, 01:47:58 PM

OK, so how many routers and what kind? How many switches and what kind? Let's consider a minimal home lab config.

hizzo3 · January 08, 2015, 05:13:44 PM

I have a few 3550 switches. All of my routers are GNS3 using USB adapters.

deanwebb · January 08, 2015, 06:04:55 PM

Quote from: hizzo3 on January 08, 2015, 05:13:44 PM
I have a few 3560 switches. All of my routers are GNS3 using USB adapters.

Why a 3560 instead of a 2600?

hizzo3 · January 08, 2015, 06:23:07 PM

Quote from: deanwebb on January 08, 2015, 06:04:55 PM
Quote from: hizzo3 on January 08, 2015, 05:13:44 PM
I have a few 3560 switches. All of my routers are GNS3 using USB adapters.
Why a 3560 instead of a 2600?

Sorry. Typo... 3550's. 2600 can be emulated in gns3

deanwebb · January 08, 2015, 07:10:56 PM

... and what is it the 3550s get you that the 2600s don't?