JNCIE-ENT in review

Over the last 3 months I have done 350 hours of study towards my JNCIE-ENT lab exam. I had the fortune of being selected to participate in the beta version of a new exam version. Again (as I did for the JNCIE-SP – see my article on this here) I travelled over to the SF Bay Area to do this exam, which I took in Sunnyvale on 21st February (yesterday as I write this while waiting for my flight back to NZ at SFO airport).

I decided to take a few days of annual leave (PTO for American folk) and fly in on the Monday (with the exam on the Friday) in order that I could meet with various people in SF who I know online but had not yet met in person. I had an awesome time doing this, and it’s awesome to have put a heap of faces to names of people I have known for quite some time but never met!

As with all expert level exams, no matter how good you are, a significant amount of study is going to be required. You need to combine a wide ranging detailed knowledge of a heap of different protocols with expert level troubleshooting and debugging skills. The exam was 8.5 hours (8 hours normally, plus an extra half hour due to the exam still being in beta), which seems like a long time, but there are a lot of tasks to complete, and tasks often require a fair amount of configuration to complete.

One of the things that is important to note with these exams is that while you are required to achieve the tasks involved, you don’t have to do anything more – so it’s important to remember exactly what the task specifies. You are not trying to make a perfectly built network – you just need to achieve the goals they lay out to pass!

The JNCIE-ENT focuses on Enterprise Routing & Switching (like a CCIE R&S) – and is geared towards a practical (and realistic) enterprise deployment with a bunch of features you are likely to see. Having said this though, I can’t think of any network where you would see all the odd things you were required to do in this exam – but most networks have one or two of the tasks. The full syllabus list can be found here.

I have always been a big believer that the most important thing in preparing for an expert level exam is to use a wide range of resources to prepare – generally each one will have good and bad elements, but together they present a well rounded view of what is required. Additionally – nothing beats practical operational/architectural experience using the technologies in the exam. Knowing how to drive the right show commands / enable the correct traceoptions / do the right tcpdump is really important in this exam.

My reading list was as follows;

  • The InetZero JNCIE-ENT preparation lab book
  • The Proteus JNCIE-ENT workbook
  • Junos Enterprise Switching (O’Reilly)
  • Junos Enterprise Routing 2nd ed (O’Reilly)
  • The Juniper Day One guides
  • Interdomain Multicast Routing (Practical Juniper & Cisco Solutions)
  • Various Juniper courseware;
    • Junos Multicast Routing (JMR)
    • Junos Class of Service (JCOS)
    • Advanced Junos Enterprise Routing (AJER)
    • Advanced Junos Enterprise Switching (AJEX)
    • Advanced Junos Service Provider Routing (AJSPR)

I also rented a bunch of lab time from InetZero, however unfortunately there was only a very limited amount of lab time available to book in the 3 months I was preparing, so I did not manage to use all my vouchers (hint – if you are doing this, be sure to check with them what times they have available before you buy!).

Finally – I had a fairly extensive lab available at work, and used Junosphere quite a bit to lab various routing features. All in all, by the time I took the exam I was feeling as prepared as I could be, and actually ended up deciding to do absolutely no study in the last week I was in SF – as I had done (hopefully) more than enough prior to that.

I cannot say much about the actual lab – only that there were a lot of interesting and unique tasks – and that it was a really enjoyable day of configuring and troubleshooting! I had everything done after about 5 hours, then spent another hour double and triple checking everything. I’m proud to say that I walked out 2.5 hours early after getting to the point where I was sure everything was right (though of course there’s always the chance that I will have to eat my words if I’ve overlooked some major points and I end up failing!).

I felt that the exam was pitched at a fair level, ensuring the participant met the level required, while sticking to scenarios that you might be required to see in real life. Now I have to wait 2 months while all the other participants do the exam before they will mark them all together then figure out what the passing score is going to be (and then if I have made it!). I have always found that waiting for the result of an exam like this is super-painful, so I will be trying to keep busy and not think about it over the next wee while until I get the pass/fail mail!

Thanks to all those who were preparing for the exam or had already done it, particularly my “study buddies” Tyler and Campo, both of whom I would regularly bounce things off (as they would do the same to me). If you are studying for one of these exams I would highly recommend buddying up with a couple of people to do this – sometimes nothing is more helpful than someone else’s perspective on a problem.

Stay tuned for the result as soon as I have it!

A reading list of useful JNCIE-ENT articles

Here’s a (small) reading list of blog articles that I’ve found useful during my study for anyone wanting to get started on study towards their JNCIE-ENT certification.

Blueprint analysis;


Summarisation tip;

Load balancing;

Ethernet OAM;

Exam experiences;

A tip for logging useful stuff;

Hope this helps those of you working towards this certification!

JNCIE-ENT beta exam booked!

In the last couple of weeks, I was officially accepted into the JNCIE-ENT beta programme and have been making arrangements to travel over to the US to sit the exam on February 22nd 2014.

What does this mean? Juniper have been working on a new version of the JNCIE-ENT lab exam. While significant amounts of work is put into getting it right first time, with an exam of the scale and complexity of a JNCIE lab exam, there’s always going to be some stuff that you need others to verify and validate is correct. This is where the JNCIE-ENT beta comes in – select candidates are given the opportunity to sit the exam (for no charge) in the form the certification team have it in at that point. Generally you can expect that there will be some issues/errors with the exam, and therefore you are required to have a very in-depth understanding of the technologies you are working with to pass it – as you’ll need to be able to (on top of the normal stress of the real exam) identify issues with the actual exam – identify them to the proctor & move on to get all the tasks done. Friends who did this a couple of years ago have indicated that there were far more tasks to do in the period you get to complete them than  in the finished version!

This excites me, as I’m always up for a good challenge. One hitch that I’ve run into is that while work were willing to fund my JNCIE-SP, they are not willing to contribute to the JNCIE-ENT (to either the costs or the time off), so I’m paying for this one myself and I’m going to have to take some of my paid annual leave to do this :(. However at the end of the day I really want this certification and am excited about the lab, so am going to do it anyway.

I’m going to have a lot less time to complete this one than I did for the JNCIE-SP (I spent 5 months on the last one), but having said that I have the benefit of the fact that there is a lot of crossover in the routing syllabus which I understand really well after doing the JNCIE-SP.

So I’ve begun my old study routine of doing at least 40 hours a week of solid study towards this. I’m going to attempt to fit in time to continue at least some blogging in this time (I doubt I’ll be short of ideas for posts, learning about a whole lot of new technologies such as 802.1X, mac auth, and the VoIP specific stuff in the IE), plus I’ll still have my day to day work to complete as well.

The books I am going to be working from in the immediate future are as follows;

  • Proteus JNCIE-ENT workbook
  • InetZero JNCIE-ENT lab book
  • Junos Enterprise Switching vol 2
  • Junos Enterprise Routing
  • AJEX course materials
  • AJER course materials
  • Various bits of Juniper documentation

I’ve also brought 35 lab rack sessions for the InetZero lab racks and plan to use them very extensively in the short amount of time I have. This will be my “full scale” lab for doing full lab type scenarios, however I’ve also got access to the following devices at work which I intend to use fairly extensively;

  • 1x SRX240
  • 1x SRX110
  • 1x EX2200
  • 3x EX4200
  • 4x MX80
  • 1x MX480
  • 2x EX4500
  • 1x EX4550
  • 2x EX3300

My rough thinking with the lab time I’ve brought from InetZero and the above kit is that I’m going to lab specific concepts in order to get a full understanding of them during the week in my weeknights (I will be aiming for 6 hours a night 4/5 nights a week). Then in the weekends I will do 2x 8 hour sessions on the InetZero lab per weekend (maybe even up to 3 depending on the week and if I feel like staying up till 4am on a friday night to do a third!). This should ensure I am regularly interacting with a full scale network to practice the tasks, as well as spending a lot of time labbing individual technologies and concepts as much as possible. I’ll be largely doing the InetZero lab book labs in the weekends (as that’ll be suited to their kit), and using Chris Jones’ Proteus JNCIE-ENT workbook during the weeks as the basis for my studies.

I’ve been through the syllabus, and so far I have identified (out of the syllabus here https://www.juniper.net/us/en/training/certification/resources_jncieent.html) the following items that I could use a significant amount of work on;

  • 802.1X
  • Mac auth
  • Captive Portal
  • RPM
  • Private Vlans
  • IP telephony features
  • DAI/DHCP snooping
  • Layer 2 fireawall filters
  • IPv6 Multicast
  • Ethernet OAM
  • GRE tunnels
  • A few of the advanced tricks around EX Virtual Chassis

To be honest I think that for a JNCIE this is a relatively small “unknown” list. I’m fairly happy that I’m in an excellent position with all of the routing aspects of the JNCIE-ENT (having just come out of studying for the JNCIE-SP), and am feeling very positive around the features not mentioned above.

I’d be interested to know if anyone has any thoughts on any of the following for the JNCIE-ENT;

  • Study plans
  • Ideas for lab setups
  • Any gotchas they can think of with any of the technologies covered
  • Any resources they found particularly worthwhile
  • Any suggestions at all for getting through a beta JNCIE lab (having never done one before).
  • Anyone else who is studying towards this who would like to be a “study buddy” and share ideas, lab plans, etc.

Any feedback anyone has would be much appreciated.

I couldn’t leave this though without mentioning my greatest “asset” in tacking “yet another JNCIE” – which is my wife – who has been incredibly supportive throughout the first JNCIE and continues to be as I embark on this next challenge. Without her support I would be eating takeout every night and living in a dump of a house while I got through this (and not really looking after myself) :).

Also, many thanks to Liz and the Certification team at Juniper for accepting me into this – I’m really looking forward to the experience!

Many thanks :).

Three new certifications – JNCIP-ENT, JNCSP-ENT & JNCSP-SP…

Over the last few weeks I’ve attained three new certifications. What’s odd is the fact that this time I’m fairly certain my primary motivator was boredom rather than anything else. Since doing my JNCIE-SP lab on 26 September I’ve been at a bit of a loose end, so I decided to set myself a challenge of getting my JNCSP-ENT and JNCSP-SP within 2 weeks of completing the JNCIE-SP exam. Then following this I needed to work towards the JNCIP-ENT as I want to do the JNCIE-ENT early next year and this is a necessary step along the way.

If you’re not already familiar with it – all of the JNCIP level exams are single exams that are roughly equivalent to a CCIE written in terms of difficulty. The JNCIP used to be done as a lab exam, however Juniper have recently changed this to a written form. While some may think that this makes the exam easier, from all I have talked to (and doing the JNCIP-SP and JNCIP-ENT now) you do have to know the content well to pass – the certification team have done a good job in ensuring that it’s of an appropriate level of difficulty to ensure that those passing it do know their stuff.

The JNCSP exams are aimed to test your abilities in skills required effectively troubleshoot a juniper network. The sorts of things that are covered are abilities to read and interpret show commands, output, traceoptions, log files, and effectively deduce from incomplete pieces of information what is required. Juniper have 3 tracks for both the JNCIP and JNCSP; ENT (Enterprise Routing & Switching), SP (Service Provider), and SEC (Security). To get each of the tracks for an IP, you do just the JNCIP-xxx exam, however to do the JNCSP, you must do the JNCSP-xxx exam plus the JTNOC exam – which tests general Juniper hardware & software troubleshooting skills.

I started by doing the JNCSP-SP exam while on holiday (whoops!) a few days after my JNCIE. I read the content once, which took me about 2 hours, went to the exam centre, then had no trouble passing with a reasonable mark. I then booked my JNCSP-ENT for the tuesday after that (did the JNCSP-SP on a thursday), and the JTNOC for the friday of the same week I was doing the JNCSP-ENT. I spent 3 hours studying for the JNCSP-ENT (mostly doing a bit of reading on 802.1X which I had not yet had to work with or study) on a flight that weekend  from America to New Zealand, then a small bit just before the exam. Again, passed, but it showed that I was weak in layer2 features and security (mainly as I had not spent enough time to fully understand all the features of 802.1X, mac auth, captive portal & VC.

Finally was the JTNOC. I did only 2 hours study – this one I flew through. Truly for this you just need to be reasonably experienced at troubleshooting on Juniper devices.

Please note that while I got away with a small amount of study for the above exams, I had just come off the back of 900 hours of study for my JNCIE-SP, so had covered all of the SP material as much as I felt was humanly possible. Additionally, in my job I spend significant amounts of time troubleshooting the most complex of issues (as the final technical escalation point within the company) . So as much as I had an easy time,  remember that there is actually a large amount of complex technologies covered in this exam; it’s important to understand these well to pass!

For the JNCIP-ENT, I originally booked this for a couple of months after I sat my JNCIE-SP, however I then found out about the JNCIE-ENT beta exam which is coming out soon, and figured that I would be in a better position to apply for this having done the JNCIP-ENT. So I rebooked it to much closer (3 days away when I rebooked it), and spent that weekend studying. Again, coming off having done a significant amount of study for my JNCIE-SP I didn’t bother doing any study for the rouging portions of this exam, but spent about 15 hours over those 3 days reading up on some of the switching features I was less familiar with such as 802.1x, mac auth, captive portal, EX VC, DAI, DHCP snooping etc. I actually found this surprisingly far more interesting than I thought I would.

Finally I sat the exam and came back with a positive result. I’m now looking forward to doing the JNCIE-ENT sometime early next year (hopefully through the beta exam programme), and have already begun doing some playing around in the lab with some of the technologies covered in the syllabus this week! If anyone has any thoughts about things to focus on or good resources for studying towards the JNCIE-ENT please do drop me a message :).