So virtualization has come a long way…right? Sure it absolutely has. But what about in helping you prepare for your Cisco CCNA exam? Well you have heard the saying that there is nothing like the real thing…right? Well I have to agree with it for those of you who are preparing for your CCNA exams. Now let me say that I do feel that there is a place for simulators. But that is usually reserved for the situations in which someone cannot afford a lab or when you are at a CCNP level and you just need to simulate a certain technology that it may not make sense to spend $500 to see a single concept work. It is in those situations that the simulator is generally being used by someone who is a senior network engineer that clearly understands the foundation of the CCNA exam and is simply looking to augment a small part of their skill set.
EIGRP CCNA Lab
So let’s bring it back down to a CCNA level. Why do I and the vast majority of companies putting our IT jobs frown on simulators at the CCNA level? Well you generally do not have that real world experience that comes with working with real equipment. There are a lot of things that simulators just cannot do. Everything from simulate loose cable connections to inserting the wrong module as the simulators which generally picks the correct module for you. Thus how do you know which version of the module will actually work? For instance on a 1841 router you may be wondering why your WIC-1DSU-T1 module is not working. Well by real world experience you would know that the 1841 requires a WIC-1DSU-T1 v2 module and not the original version. You can’t really replicate that on Packet Tracer. Then when you get to interview time, guess what one of the questions the hiring manager is going to ask you when you interview for a Cisco position? What is your real world experience? What model Cisco routers and Cisco switches have you worked on? We have been hearing more and more that HR representatives are screening interviewers about their home lab, as they have become much more aware that virtualization leaves new employees lacking in the hands on skills they want to pay for.
Now it is quite possible you may not have any real world work experience as this might be your first job in the field. But don’t you think you will set yourself apart from all the other “paper CCNAs” when you can say “I have not had an opportunity through employment to utilize my skills, but in my home lab which consists of x,y,z I have been able to walk through over 100 hours and 100 different lab scenarios covering everything from basic router configuration, dynamic routing, VLANs, trunking, WAN encapsulations, NAT, Security and much, much more. What technology would you like to discuss that I have used?” That is a much better response than nothing or I used a simulator and I have no idea how to tell the difference between a 3550 and a 3560 if you put them in front of me and covered the model number. So then that goes back to also having real world experience even if it is in your home CCNA lab.
Now I have heard many people say that Packet Tracer or some other virtualization is all you need. Let’s put aside the items I touched on above. I recently went through our CCNA Lab Workbook to see how much of it I could actually complete in Packet Tracer. Here are the results of what did not work and I think you will agree it is quite extensive. There are many essential commands that are not supported and make many of the labs useless.
Let’s talk about GNS3 for a second. This always sounds like a great option, but once again this is simply just full of bugs and complications. We actually hear stories all the time about students who have a horrific time trying to get this to work and then waste almost as much time as it would have taken to full study for the exam just trying to get things running. This is followed by not being able to source compatible images, which leads to even more problems. Let’s not even start on what a mess trying to virtualize an ASA Firewall or Voice equipment looks like. The real world knows that these are accessory solutions to fill in gaps and not legitimate replacements for real equipment. Nothing will ever compare to running the real hardware and nothing will better prepare you to not only pass your exam, but also excel in the workplace when they expect you to implement what your certification says you know how to do.
We’ll keep the talk about VIRL pretty short because it is pretty similar to GNS3. It is yet another virtualized “solution” packed full of bugs and frustration. A large argument here is that you will need a server to get this up and running properly and by the time you pump enough money into this server, you might as well have just bought genuine Cisco equipment in the first place and avoided all the hassle.
Now let me preface this with some of these things a seasoned CCNA may be able to work around. But the objective of this exercise was to see what labs could be followed step by step as if I did have real equipment. Some are Packet Tracer bugs, some are commands Packet Tracer left out, some I am not sure why it did not work like real equipment. I am not saying Packet Tracer does not have value in certain circumstances, I am trying to illustrate there is a lot that can’t be done and it does not prepare you for the real world like real equipment. As at the end of the day when you do get your job, you will be working on real equipment….right?
Lab 2-2: Configure Login, EXEC and MOTD Banners
1. Packet Tracer does not support exec banners on the 1841 properly.
Lab 2-4: Exec Timeout and Login Failure Rate
1. Could not verify “aaa authentication attempts login 2 as the simulator did not have this command.
Lab 2-5: Installing a TFT Server & Overview
1. Could not test with simulator.
Lab 2-6: Upgrading the IOS for a Router
1. Lab cannot be done with PacketTracer.
Lab 2-7: Cisco Licensing
1. Could not test with Packet Tracer.
Lab 3-1: Terminal Server Setup
Cannot complete using Packet Tracer.
Lab 4-2: Default Routing
1. Cannot test with internet connectivity using the simulator.
Lab 5.1: EIGRP Routing
1. The “repeat” parameter within the ping command is NOT supported in Packet Tracer.
2. The “show ip eigrp topology” command with the “ip address” qualifier not work correctly within Packet Tracer.
3. The interface configuration command “ip hold-time eigrp <AS> #” command is not supported in Packet Tracer.
4. The interface configuration command “ip bandwidth-percent eigrp <AS> #” command is not supported in Packet Tracer.
Lab 5-2: Split-Horizon: EIGRP
1. Frame-relay switching not supported in Packet Tracer.
Lab 6-1:OSPF Routing
1. Interface configuration of OSPF. Does not work with Packet Tracer.
2. Note: Changing “ospf hello-interval” did NOT work with Packet Tracer as the “Dead” and “Wait” times did NOT change.
Lab 7-1: Cisco 2900/3500 Switch Password Recovery
1. Cannot test password recovery with Packet Tracer.
Lab 7-3: VLANs
1. Could not test “vlan database” command in Packet Tracer and verify output in labs.
Lab 7-5: VTP
1. Packet Tracer does not allow config command “vlan 10-20”.
2. VTP was not working properly between switches in Packet Tracer.
3. Could NOT add vlan 4000 even after setting switch to TRANSPARENT mode using Packet Tracer.
Lab 7-6: Spanning Tree Protocol
1. The “spanning-tree cost #” command is not supported in Packet Tracer.
2. Could not add multiple VLANs at one time with “vlan 50-53” command.
3. “show spanning-tree vlan 50 detail” command is not supported in Packet Tracer.
4. BPDU-GUARD not supported in Packet Tracer.
Lab 7-8: Per VLAN Spanning Tree Protocol
1. Packet Tracer did not support creating multiple VLANs in one command.
2. Could NOT test changing spanning tree via “cost” as it is NOT supported with Packet Tracer.
Lab 7-9: Inter-VLAN Routing
1. The “default int fa0/0” command is NOT supported in Packet Tracer.
Lab 7-12: Configuring EtherChannel using LACP
1. Could not verify. Packet Tracer does NOT support the “channel-group 1 protocol LACP” command.
Lab 8-1: Standard ACL
1. Output from the “access-list ?” command on Packet Tracer only shows 1-99 and 100-199 which is incorrect.
2 Packet Tracer does not support Hostname after “permit” on ACL, only IP Address.
Lab 8-2: Extended ACL
1.”access-list ?” command does not dispaly all output in Packet Tracer.
2. There is no “dynamic” under “access-list 101 ?” output in Packet Tracer.
3. Packet Tracer does not show as many options on “access-list 101 permit ?” command.
4. Packet Tracer does not have as many options after “access-list 101 permit tcp any any ?”.
5. Output in Packet Tracer is limited in all “?” cases.
Lab 8-3: Named ACL
1. Same comments with regards to Packet Tracer and “?”.
2. Output from “show access-list NoPingsFrom232” does NOT show sequence number in Packet Tracer.
Lab 8-4: Trusted Hosts
1. Can’t do lab in Packet Tracer.
Lab 8-5: Controlling VTY Access
1. The “ip telnet source-interface <int>” command is not supported in Packet Tracer.
Lab 9-2: DHCP, DHCP Relay and DHCP Exclusions
1. Packet Tracer does NOT support “service dhcp” command.
Lab 9-3: DNS
1. The “ip dns server” command is NOT supported in Packet Tracer.
Lab 9-4: Configuring NTP
1. Could NOT verify “ntp master” command as Packet Tracer does not support it.
Lab 9-5: Configure Logging to a Remote SYSLOG Server
1. Could not do lab with Packet Tracer.
Lab 9-6: Netflow
1. Could not do with Packet Tracer as it is not supported.
Lab 9-7: Routing Redundancy with HSRP and VRRP
1. Packet Tracer does NOT support “standby” command.
2. Packet Tracer does NOT support “vrrp” command.
3. Packet Tracer does NOT support “ip sla” command.
Lab 10-2: Dynamic NAT
1. The “ip nat pool WAN-POOL 10.10.3.200 10.10.3.201 prefix-length 24”
command is not supported in Packet Tracer.
Lab 10-3: Overloading an Inside Global Address
1. The “ip address x.x.x.x 255.255.255.0 secondary” command is not supported in Packet Tracer.
2. The “no keepalive” interface configuration command is not supported in Packet Tracer.
Lab 11-1: Frame-Relay Switching
1. Packet Tracer does NOT support “frame-relay switching” command. Can’t do lab.
Lab 11-2: Frame-Relay on Physical Interfaces
1. Packet Tracer does NOT support “frame-relay switching” command. Can’t do lab.
Lab 11-3: Frame-Relay on Point-to-Point Interface
1. Packet Tracer does NOT support “frame-relay switching” command. Can’t do lab.
Lab 11-4: Frame-Relay on Multi-Point Interfaces
1. Packet Tracer does NOT support “frame-relay switching” command. Can’t do lab.
Lab 12-2: PPP PAP Authentication
1. Confirmed everything other than debug output as not supported by Packet Tracer.
Lab 12-3: PPP CHAP Authentication
1. Confirmed everything other than debug output and interface commands to change hostname and password as it was not supported in Packet Tracer.
Lab 12-4: HDLC Encapsulation
1. The “show” commands with “| include” is not supported in Packet Tracer.
Lab 13-1: IPv6 Link Local Addressing
1. Packet Tracer did not have a “Local” route to “FE80::/10
Lab 13-2: IPv6 EUI-64 Addressing
1. Packet Tracer does not show a Local route for FE80::/10 [0/0] via ::, Null0 as it appears it might be an anomaly with Packet Tracer.
Lab 13-3: IPv6 Site Local Addressing
1. Packet Tracer does NOT show a Local route for FE80::/10 [0/0] via ::, Null0 as it appears it might be an anomaly with Packet Tracer.
2. “default int fa0/0” command not supported in Packet Tracer.
Lab 13-4: IPv6 Global Addressing
1. Packet Tracer does NOT show a Local route for FE80::/10 [0/0] via ::, Null0. Kept it in the output of the “show ipv6 route” as it appears it might be an anomaly with Packet Tracer.
Lab 13-5: Configuring EIGRP IPv6 Routing
1. “serial restart-delay 0” command not valid in Packet Tracer.
2. Packet Tracer does NOT support “show ipv6 int br f0/0” command.
3. “ipv6 nd autoconfig prefix” and “ipv6 nd autoconfig default-route” commands not available in Packet Tracer.
4. “netsh” commands on PC within Packet Tracer are not supported.
5. “eigrp router-id x.x.x.x” command not supported in Packet Tracer.
6. The “show ipv6 route eigrp” command NOT supported in Packet Tracer.
7. “debug ipv6 routing” not supported in Packet Tracer.
Lab 13-7: Configuring IPv6 over Frame-Relay with OSPFv3
1. Could NOT do lab as “frame-relay switching” is NOT supported in Packet Tracer.
Lab 14-1: Configuring and IPSec Tunnel
1. Command “crypto map peer-R# local-address serial 0/0/0” is not a supported command in Packet Tracer.
2. Command “show crypto engine connections active” is NOT a supported command in Packet Tracer.
Lab 14-2: GRE Over IPSec Virtual Tunnel
1. The command “crypto IPSec profile IPSEC-PROFILE” is not supported in Packet Tracer.
2. The command “tunnel source <ip address>” is not supported.
3. The command “tunnel mode ipsec ipv4” not supported.
4. The command “tunnel protection ipsec profile IPSEC-PROFILE” command not supported.
5. The command “ping <ip address> so l0” is not supported in Packet Tracer.
Lab 15-1: Cisco Configuration Professional (CCP)
1. Could not test with Packet Tracer.
Wow, that sure seems to be a lot of things that Packet Tracer can’t do that you should be able to do at the CCENT or CCNA level. Again, I think there is value in Packet Tracer, just not at the expense of a real CCENT or CCNA lab. So if you want to look at a real CCENT or CCNA lab, check out what we have here!