The Uber-Geek Lab Overview

Not that I recommend this level of excitement to everyone, but this is my lab. It is my basement, and as you may note from the disheveled ceiling tiles up above, having this much equipment has actually forced me to purchase a separate AC unit for the basement. So my trendy two-zone AC house has now magically become a three-zone AC house. Fortunately, I didn't need a furnace for down here. Equipment is great in the winter to heat your house!

The lab has taken on a life of it's own over time... It started out as a single standard 7-foot 19" rack. Then it grew to two standard racks... Then it changed into three Ortronics Mighty-Mo 19" rack systems (because those are cool). As seen now, it has changed yet again into four separate rack cabinets. The cabinets are a bit pricey, so they aren't all the same vendor. Note to all, even if you find a really good price on Ebay, be aware that you still have to ship them, and they weigh a LOT! (This means, have lots of friends and lots of pizza/beer!)

Nov'04 -- Well, things have moved even more! The equipment was beating the AC unit that ran for the basement. So instead of being a three-level, three-zone house, we had to upgrade to being a four-zone house. Go figure. As noted above, I would not recommend this path to anyone unless you have a good amount of business to drive it! All of the equipment here is used for testing and lab purposes, but easily serves as Proof of Concept lab for many consulting clients of mine. The recent change was that the crawlspace area under the kitchen area was excavated out and had a concrete floor poured making an enclosed little room. In addition, a large air handler (AKA Mongo AC Unit) was put into that specific room and a door was installed for access and physical separation! While all a very interesting project, it is a pain to move any equipment that you amass, so definitely plan ahead for this sort of activity!

Current Layout:

Lab Details

Rack 1

This is known also as the production rack as it has most "live" equipment. In addition to the toys, I also have a NxT-1 feed to the Internet, my own Autonomous System and a good amount of IP addresses. Yup, I'm a geek, but I'm proud of it, so it's no big deal! :) Juniper Networks J2300 Router

Juniper/Netscreen 208 Firewall

Juniper/Netscreen SA-1000 SSL VPN Device

Cobalt/Sun RAQ2+ for Web and DNS Services

Cobalt/Sun RAQ2+ for Web and DNS Services (yup, two)

Dell PowerEdge 650 (2 x P4-2GHz, 4GB RAM) running as new Web Server for clients

Dell PowerEdge 650 (2 x P4-2GHz, 2GB RAM) running as primary DNS for clients

Trend Micro Network VirusWall 2500

Cisco IDS-4210 Outside IDS Sensor

Cisco IDS-4210 Inside IDS Sensor (this is the way they SHOULD be deployed!)

Cisco VPN-3030 VPN Concentrator

Dell PowerEdge MC1655 Blade Server running a variety of applications such as my e-mail services, a Certificate Authority, CiscoACS server, CiscoWorks Management Centers and other things

Dell PowerEdge MC1655 Blade Server running a variety of applications

IOMega NAS - 320 GB Network Attached Storage

IOMega NAS - 500 GB Network Attached Storage

Dell 1U LCD Panel and Keyboard slide out. Everything is connected into a Cisco Catalyst 6509. The 6509 runs:

Dual Sup-2/MSFC2 Modules

WS-X6608-T1 T1/DSP blade

Four separate WS-X6348-PWR ethernet blades with inline power

WS-X6408-GBIC Gigabit Ethernet blade

WS-X6624-FXS Analog Telephony blade

Dual 1300W power supplies The rack is run by an APC SmartUPS 3000 battery system. Off to the side, from the bottom up: Juniper Networks (Pacific Broadband) G10 CMTS for supplying connectivity to cable modems

Cisco PIX 520 Firewall (6 interfaces and all that jazz)

The server on top of that is a clone machine with a database server from an ISP I took over operations for, I haven't migrated that to a blade yet.

Juniper/Netscreen IDP-100 for Main Production

Juniper/Netscreen IDP-100 for DMZ1

Juniper/Netscreen IDP-100 for DMZ2

Juniper/Netscreen IDP-100 for Spare

Juniper/Netscreen ISG-2000 Firewall System

Juniper/Netscreen NS-204 Firewall

Juniper/Netscreen NS-204 Firewall

Juniper/Netscreen NS-50 Firewall

Juniper/Netscreen NS-25 Firewall

Cisco 3750 48-port Switch

Cisco 3750 48-port Switch

Cisco 2811-VSEC Voice Router with CCME

Juniper BRAS ERX-1410 with some OC-3 modules



Around back are four APC MasterSwitches to provide remote power.

Rack 2

Juniper/NetScreen NS-208 Firewall #1

Juniper/NetScreen NS-208 Firewall #2

Juniper Networks M7i (2-port ATM OC-3 PIC, 4-port 10/100 Ethernet PIC, 4-port MMF SONET OC-3 PIC)

NetScreen SA-1000 SSL VPN Server

Netscreen IDP-100 Intrusion Detection

Juniper Networks M7i (4-port MMF SONET OC-3 PIC, 4-port T-1 PIC, 4-port 10/100 Ethernet PIC)

Juniper Networks M7i (1-port OC-12 ATM PIC, 4-port MMF SONET OC-3 PIC, 4-port 10/100 Ethernet PIC)

Juniper Networks M7i (4-port 10/100 Ethernet PIC, 4-port MMF SONET OC-3 PIC, 1-port OC-12 ATM PIC)

Cisco Catalyst 3750 - 48-port 10/100 Ethernet switch with 4 SX SFP Gigabit ports (For separate Juniper Lab usage)

Juniper Networks M5e (Gigabit Ethernet LX PIC, 4-port MMF SONET OC-3 PIC, 2-port ATM OC-3 PIC)

Juniper Networks M10 (4-port DS-3 PIC, Gigabit Ethernet SX PIC, OC-12 MMF SONET PIC, OC-12 MMF ATM PIC, 4-port T-1 PIC, 4-port Channelized DS-3 PIC, 4-port MMF SONET OC-3, Tunnel PIC)

24-port KVM with a SwitchView IP controller (KVMoIP)

Juniper Networks Dell Olive testing platform #1

Juniper Networks Dell Olive testing platform #2

Juniper Networks M10e (4-port T-1 PIC, 2-port ATM OC-3 PIC, 4-port OC-3 MMF SONET PIC, Adaptive Services Firewall PIC, Encryption Services PIC, Gigabit Ethernet LX PIC)

Juniper Networks M5e (Tunnel Services PIC, 2-port ATM OC-3 PIC, 4-port MMF SONET PIC, 4-port 10/100 Ethernet PIC)

Juniper Networks M10 (1-port OC-12 SONET PIC, 2-port ATM OC-3 PIC, 4-port 10/100 Ethernet PIC, 4-port MMF SONET PIC, Encryption Services PIC, Tunnel Services PIC, Gigabit Ethernet LX PIC) This rack is run by four APC Smart UPS 3000 battery systems.





Rack 3



Xyplex 1640 Terminal Server #1

Xyplex 1640 Terminal Server #2

Juniper Networks/NetScreen 50 Firewall

Cisco MCS-7825 Call Manager for Voice Lab

Cisco MCS-7825 Call Manager for Voice Lab

Cisco MCS-7847 Unity Server for Voice Lab

Cisco MCS-7835 Application Server for Voice Lab

Cisco Catalyst 3550 with Inline Power for Voice lab

Cisco VG-200 Voice Gateway (WIC-1DSU-T1, NM-2V, VIC-2EM, VIC-2DID)

Cisco 3620 (NM-1E1R2W, WIC-2T, WIC-1B-U, NM-2V, VIC-2FXO, VIC-2FXS)

Cisco 3620 (NM-1E2W, WIC-1B-U, WIT-1T, NM-2V, VIC-2FXO, VIC-2FXS)

Cisco 3620 (NM-1E2W, WIC-1DSU-T1, WIC-1T, NM-HDV, VWIC-2MFT-T1-DI)

Cisco Catalyst 3550 with Inline Power

Cisco 2611 (NM-2V, VIC2BRI-ST-TE, WIC-1T, WIC-1DSU-T1) providing 4 live voice lines

Compaq DL/320 running Call Manager Publisher (yes, you have to dial 9 to leave my house!)

Compaq DL/320 running Call Manager Subscriber

Cisco LS-1010 ATM Switch (capable of 20 OC-3 ATM ports + 2 OC-12 ATM ports)

Cisco 2610 (NM-16A) for Juniper Lab Terminal Server and Rentals

Juniper Networks M5e (ATM OC-12 MMF PIC, 4-port DS-3 PIC, 1-port Gigabit Ethernet SX PIC, 4-port MMF SONET PIC)

Juniper Networks J4300 (10 - 10/100 Ethernet ports, 4 - T-1 ports)

Juniper Networks M7i (4-port 10/100 Ethernet PIC, 4-port T-1 PIC, 4-port Channelized DS-3 PIC, Gigabit Ethernet SX PIC)

Cisco uBR-7223 Cable Modem Termination System (CMTS) with a uBR-MC14C (one downstream and four upstreams) and an OC-3 ATM blade This rack is run by an APC SmartUPS 3000 battery system. Around back:

(9) Cisco uBR-924 Cable Modems with voice capability

Cisco VPN-3002 VPN Device

Cisco 575 LRE Long Range Ethernet Modem

Cisco ATA-186 Analog Telephone Adapter/MTA

Wavecom Dual4040 Upconverter

Wavecom UC-4040C Upconverter

(6) APC MasterSwitches providing remote power access to Rack2 and Rack3 The CMTS units and cable modems are all connected via a mass of cables. There are two Wavecom Upconverters in the back of this rack in order to provide the channelization of my cable. I haven't integrated my systems with the real live cable network running through my yard. I assume Insight BroadBand would be a little pissed if I pirated a channel. :)

Rack 4

This is where most of the routers lie. Up top:

Juniper/Netscreen RA-525 SSL VPN #1

Juniper/Netscreen RA-525 SSL VPN #2 Rack:

Juniper/NetScreen 25 Firewall

Cisco Catalyst 3550 switch with two SX GBIC's

Cisco Catalyst 3550 switch with two SX GBIC's

Cisco 3620 Frame Switch (NM-8A/S, NM-1E2W, WIC-1DSU-T1, WIC-1B-U)

Cisco 3620 ISDN Switch (NM-8B-U, NM-2E2W, WIC-1T, WIC-1DSU-T1)

Cisco Catalyst 3560 switch

Cisco Catalyst 3560 switch

R1 - Cisco 2811

R2 - Cisco 3825 (NM-16-ESW, WIC-1T, WIC-1T)

R4 - Cisco 2811 (WIC-1T, WIC-1T)

R5 - Cisco 2811 (WIC-1T, WIC-1T, NM-4B-U)

R6 - Cisco 2811 (WIC-1T, WIC-2T)

R7 - Cisco 2811 (WIC-1T)

R8 - Cisco 2811 (WIC-1T)

R9 - Cisco 2811 (WIC-2T)

BB1 - Cisco 2811

BB2 - Cisco 2811

BB3 - Cisco 2811

Spare - Cisco 2811 (NM-32A)

Cisco IDS-4215

Cisco ASA-5510

Cisco ASA-5510

Juniper Networks M5e (4-port E-1 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC)

Juniper Networks M5e (2-port DS-3 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC)

Juniper Networks M5e (4-port E-1 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC)

Juniper Networks M5e (2-port DS-3 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC)



This rack is run by one APC SmartUPS 3000 battery system and four APC SmartUPS 1000 battery systems. Around Back:

Adtran Atlas 800Plus Telephony Switch (configured with 8 PRI/T-1 ports and 24 ISDN BRI ports)

Three APC MasterSwitch devices providing remote power access Otherwise not pictured -

Cisco 1760V (VWIC-1MFT-T1, VIC-2FXS, WIC-1DSU-T1, WIC-4ESw)

About a dozen 7960 IP Telephones

Two 7935 IP Conference Phones

Cisco IDS-4210 (loaned out to a friend studying CCIE Security)

Cisco AP-1232 Wireless Access Point running 802.11 a/b/g simultaneously with both internal and external antennas (Yup, I'm a hooked-up kinda guy!)

Sun Microsystems SunFire V100 (Future broadband voice and PacketCable stuff)

Sun Microsystems SunFire V100 (A second future-use system)

IP/TV Archive Server

IP/TV Control Server

IP/TV Broadcast Server

Various laptops and other network pieces not related to the lab (yes, I run a business too!) There are also a few different webcams set up at strategic places with various sensors to assist in providing security and environmental monitoring. All sorts of fun!

As things continue to be interesting, I'm sure the lab will continue to grow in new and exciting ways... I have added to the Juniper lab (although pricey) over the past year as I prepared for my JNCIE lab exam. Things may rearrange a bit as I figure out how to rent out some lab access to recoup some of that money! I will likely rearrange things a bit as I move through the CCIE Voice lab. It's all in the name of fun though! And other than for the training that I do, this has made for a wonderful Proof of Concept lab for various consulting clients that I have! With the upgrades of the routers in Rack4, I can fully emulate the IPexpert/Proctorlabs setup as well, which makes course and lab development that much easier. It's always interesting trying to figure out the next best thing to do, or learn something new and exciting!

A lab of equipment is most certainly an investment, but hopefully one that can pay off for you well beyond your studying for the particular CCIE track that you may be working on. In the end, you may end up with a cluttered mess like I have! If anyone told me this is where I would be five years ago, I wouldn't have believed it! It can grow on you, just make sure you are the one in control! Whenever looking at this though, remember that this is certainly not something that just magically appeared with one giant purchase! It is an ever-growing environment, and what things I do for training, consulting or just learning will drive the direction that it goes. Whether adding or subtracting or just evolving along the way, one step at a time is the way it all happens!

Parting shots: My Desk

Now, perhaps you understand the reason behind the domain name! :)

Updated September 17, 2006