Aiti Tribe Stories (31): How to become a qualified network engineer?

[51CTO.com original article] Perhaps many people now think that the entry threshold of the IT industry is really low, and that they can take part in IT training and then use it as a stepping stone to enter the IT industry. What's more, some people think that they can get started by reading a few books and looking at a few cases. However, for those who have barely succeeded in changing careers: it is easy to know the basics, but it is difficult to understand the principles. Any career change requires countless time and energy to work hard, especially in the IT industry.

[[209006]]

Kevin·Network Engineer

Kevin switched to the IT industry and worked in integration and after-sales support. He is currently focusing on network and security. He is determined by nature and is keen on exploring details. He firmly believes that one method can lead to all methods and technology can change the world. Kevin has become a real network operation and maintenance veteran in the past few years. So how does a qualified network engineer's way of thinking develop, and how can he improve his skills step by step?

1. Clarify your goals .

This step is not easy. The most difficult thing is to know what you want and what preparations you need to make for this goal. For network engineers, it is an extension of operation and maintenance. Generally speaking, you need to understand the operating system principles (Windows & Linux), network basics (TCP/IP protocol, OSI network reference model, routing switching, and basic security management), which are the basics of the basics.

There are two common sources for acquiring these skills: reading and technical communication (omitted for later discussion)

As a Party B staff, what you need to understand is Party A's needs.

As a Party A staff, what you need to understand is the job requirements.

As a self, what you need to understand is the planning and goals of your career.

Important, very important, very important.

2. Thinking style.

When I switched to network operation and maintenance, the first thing I encountered was network adjustment. When the company moved, the superiors required the reorganization of the network architecture to make it clear, controllable and easy to manage.

1. Clarity . Kevin matched the network divisions with the company's organizational structure and documented them.

2. Controllable . Divide the security strategies of each network part to ensure the security of important departments at the network level. Divide according to the importance level (reference).

These are just some simple and basic planning processes. There are more non-technical management aspects. Only the combination of the two can achieve a controllable goal.

3. Easy to manage . On the basis of being clear and controllable, improve the corresponding configuration documents, make standard operation manuals, etc. Provide subsequent maintenance personnel with documents that effectively and intuitively understand the current network system architecture, and reduce the time cost of maintenance personnel.

Refer to the simple networking process above and establish a way of thinking that suits your work. For Kevin: when receiving a task, first analyze the stages of the entire task process, what difficulties there are in each stage, what goals need to be achieved, put all ideas on paper, and seek opinions from colleagues and even leaders when necessary. Then, keep records during each step of the execution process to prepare in advance for the subsequent output of relevant documents and the formal operation and maintenance of the system.

Carrying out phased decomposition and organization will help to control the progress of the task well and improve one's multi-dimensional thinking ability during the task execution process.

3. Skill framework.

Kevin feels that it may be a bit presumptuous to talk about the skill framework, but skills and methods are also effective ways and means to improve abilities.

For example, a new server (ReadHat 6.5) was once configured with dual network cards for aggregation. There are two options for this configuration: one is to perform hardware port aggregation on the access layer switch; the other is to perform bond1 network card aggregation within the system. Considering the convenience of configuration (actually laziness), I chose to perform bond0 network card aggregation within the system. After the operation, the network monitoring system immediately prompted an IP address conflict and issued an ARP warning. After a detailed packet capture analysis, he found that when the devices in the local network segment performed ARP response detection, both network cards on the server would respond to the ARP packet of the IP address, thereby triggering the IP address conflict alarm and ARP warning of the network monitoring system. After finding the cause, execute the operation to suppress the kernel's response and forwarding of the ARP packet. The specific execution operations are as follows:

1. The first method: configure the arp policy of software firewall iptables;

2. arptables -A INPUT -j DROP && arptables -A OUTPUT -j DROP;

3. Second method: disable kernel ARP forwarding and ARP protocol support of the network card;

4. echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore && echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce;

5. ifconfig eth0 -arp

For this case, the content related to Linux maintenance requires basic network knowledge, as well as an understanding of the working scenarios and principles of the corresponding communication protocols.

However, in the complex maintenance process of various production environments, the comprehensive understanding and application of multiple skills and knowledge points is inevitable. Moreover, in the daily browsing of technical knowledge sharing and book reading, we usually receive a point or a part of the content. Some may be difficult to understand. Therefore, it is necessary to list the outline framework according to the initial goal and your habitual way of thinking, and fill the different knowledge points obtained each time into the prepared framework in different categories. If there are any inappropriate places, adjust them at any time. In this way, after a period of time, you will find that many of the knowledge points you have read before have various connections, which may be in the work scene or in the principle of technical implementation. Through such a systematic connection, we can deepen our understanding and cognition of different knowledge points, and gradually improve our comprehensive skills while strengthening our memory.

For example, when Kevin sees the various security policies on the firewall, he often thinks about the servers corresponding to each policy and the services running on them, how these services are implemented, and why they were configured in this way at the beginning. From such a point, it can be extended to the operation of the entire system, which reflects the understanding and cognition of the overall architecture.

4. Communication with friends outside the circle.

This may not be the right time to mention this, but Kevin thinks it is very important.

IT practitioners tend to value logical thinking, pay attention to the connections between various programs, services, systems, etc., pay attention to the availability and security of services, etc., and sometimes they seem a bit rigid. In fact, when you are free, communicate more with friends outside the circle. In addition to enhancing relationships, you can also confide in each other about your discomfort in your work. Soliciting their opinions and ideas as non-professionals often brings some unexpected gains, because everything we do may ultimately provide services to non-professionals. Their ideas and needs are the most real understanding.

For example, in the balance between convenience and security, absolute security means absolute inconvenience. Maintenance work is more often a compromise between various situations to achieve the goal of high service availability.

【Written at the end】

For Kevin, who changed his career, many skills and methods were acquired through trial and error. He hopes that these accumulated knowledge can help his peers reach a consensus in thinking and become a qualified network engineer.

If you are also willing to share your story, please join the 51CTO developer QQ exchange group 627843829 and contact the group owner Xiaoguan. We look forward to your wonderful story!

[51CTO original article, please indicate the original author and source as 51CTO.com when reprinting on partner sites]