APIPA: Automatic Private IP Addressing

Have you ever found that you could not pull up a web page, and while troubleshooting the problem you found an unexpected IP address of 169.254.x.x? What did you later find out the trouble was? I will bet a dollar that for some reason, your computer could not find the DHCP server.

Windows and Apple computers (and some Linux flavors) have a default setting in the operating system that is based on international standards. When the interface is configured for DHCP but is unable to receive a response from a DHCP server, the OS automatically configures the interface with an address.

First of all, I assume you know what an IP address is. And you know what DHCP is? Let's keep this short and sweet and you can look up the details in Wikipedia later on if you need. An IP address is what ubniquely identifies your computer on the internet; without an IP address, you can be found. Imagine if your house did not have an address; how would you get any mail?

DHCP stands for Dynamic Host Configuration Protocol. You can either configure your network interface for DHCP or assign it a static address. If you assign static, that means you have to manually assign an address on every PC, one at a time. If you administer 100 PC's, that can get complex and time consuming. DHCP allows each PC to request an address from a server (as well as the Gateway and DNS addresses). This allows the administrator to set up one server, let the PC's configure themselves, and go home early.

However, cables break. Segments fail. Routers and servers fail. Stuff happens. If your PC is configured for DHCP, it sends out a request, and it never hears a reply, what can it do?

Well, it could just continually transmit requests; however, this consumes resources and becomes pointless after a few minutes. It could cause a hardware failure if this scenario was not planned for by the design engineers. It could disable the interface; however, when the DHCP server becomes available you are at a disadvantage--especially if you are a novice without support.

The solution is to allow APIPA to assign a private address to the network interface. This simply ends the DHCP request process and keeps the interface alive. Later, when the DHCP server is functional, the interface will automatically discover it at reconfigure itself. Windows will assign an APIPA address and attempt to discover the DHCP server every 3 minutes (5 minutes if the DHCP lease expired while connected) by default.

APIPA is an IANA (Internet Assigned Numbers Authority) standard, which means that it is applicable to the internet as a whole. The IANA has assigned the IP range of 168.254.0.0 through 169.254.255.255 as APIPA addresses only. These addresses are not routable and can be used by anyone without registering. However, without a functional DHCP server, you probably have bigger troubles on your hands than addressing.

MCDST

I am well on my way now to the MCDST, or Microsoft Certified Desktop Support Technician. This consists of two exams, the 70-271 and the 70-272. Both of those tests cover your ability to install, upgrade, and support Windows XP. Passing either one of them will make you an MCP, or Microsoft Certified Professional. That adds another line to your resume and another Logo to your email signature but doesn't really impress anyone.

After passing both of them, you earn the MCDST. That still isn't much, but it is something. Three more tests later (70-270, 70-290, and 70-291) and you are an MCSA, or Microsoft Certified Systems Administrator. This is a more common and slightly more impressive cert. The crowning achievement is the MCSE, but I have my eye on other achievements.

My company is encouraging us to get the MCDST. My company pays the bills, I like the job, and the MCDST is not far off of my career goals. Therefore, that is my current focus. I am using "Skillsoft" CBT's (Computer Based Training) to study for the 70-271. I am also using resources on the Microsoft websites, especially Technet. I am hoping that will be sufficient for these entry-level tests. Since this is not a lifelong dream, I am trying to avoid coughing up my own cash for the certification.

What I really want is to study security, beginning with firewalls. I would like to pass the Cisco 642-552 "Securing Network Devices", with an eye on the FIrewall Specialist cert, and then the CCSP "Cisco Certified Security Professional".

However, I am also keeping an eye on the big picture. I cannot do everything I want all at once without neglecting my family. Achieving my goals at the expense of my family seems like ultimate failure. Also, I feel a need for a graduate degree to expand my future options. Therefore, I have begun my MBA studies at Baker University. Finally, I need to play besides work, so I am training for a marathon in 2008. I also waste an hour or so a day in front of my TV, but I often watch documentaries to feel smart while being lazy.

If you are interested in the MSDST, stay tuned. I will let you know how the study goes and what the exam is like.

CCNA Obtained

On October 30, 2007, I obtained my CCNA. That was the original point of this blog; to aid me in my pursuit of my CCNA. However, this blog will continue on as I develop myself.

Now that I have my CCNA, I have a taste for Certifications. It is like a Shark; normally, they don't view humans as a source of sustenance. However, once they have tasted an arm or a leg, they will come back for more. At least, that is what I learned by watching Jaws.

Certification is only meaningful if you make it so. I am not making more money today, nor I am truly a better engineer just because I have certificate and wallet card from Cisco. However, my thinking is a little different. I am more confident. I have a sense of accomplishment from setting and achieving a goal. I also have more ammunition when presenting myself as an expert in a situation: Cisco says that I am a CCNA, what have you got?

My company wants us to obtain our Microsoft Desktop Support Technician certificate (MCDST). It is not something I am excited about, but it won't hurt. It consists of the 70-271 and 70-272 exams, and covers your skill at supporting Windows XP on individual PCs in workgroup and domain networks. Passing either exam designates you as a Microsoft Certified Professional (MCP), which is another line on your resume and another logo under your email signature. Successfully passing both exams gets you the MCDST, which will make my VP happy.

Three more tests after that and you are a Microsoft Certified System Administrator (MCSA). That is a little more interesting to me. From MCSA to Microsoft Certified Systems Engineer (MCSE) is just a few more tests. Combining MCSE with a Cisco specialist certification will definitely help out in the marketplace.

Which brings me to what I want to do. I want to get up to speed on firewalls. I have a lot to learn on routers and switches, but I am competent enough now to get the job done. I am not very knowledgeable on VPNs and security using firewalls. In the future, I would like to spend a lot more time on network security. Therefore, in 2008 I will work earnestly towards passing the Cisco 642-552 Securing Network Devices (SND) exam. This will extend my CCNA certification past October 30, 2010. It will also count towards a Cisco Firewall Specialist designation, and ultimately towards the Cisco Certified Security Professional (CCSP), which is like gold.

I have to pay the bills, and my current job is doing that well, so I am buckling down on the 70-271 right now. I hope to pass that during my two weeks of vacation at the end of November. That exam will spell out the rest of my journey. If it is as easy as I hope, then I will complete my MCDST by January and then focus on the Cisco SND exam. If the 70-271 is tricky and requires more brain cells than I am willing to commit, I will scrap it and try to convince the powers that be that my SND is much more valuable to them. Stay tuned.