|
Employer
|
Date
|
Current title
|
|
Job description
|
Transcore
920 Line St.
Easton, PA
|
present
2002-09-15
|
Networking consultant
- Propose, purchase, install, and support production road-warrior
VPN based on PIX and the OpenSCEP certificate authority package that I
maintain. Build this into a standard kit that can quickly install at
customer sites.
- Thought leadership role in migration of 30+ site switched
microwave WAN in Philippines to a routed, leased line system
- Reconfigure 24/7 call center's production network PIX for B2B
leased line to JPM Chase. Add TACACS+ control of outside web access.
Set up routing and static mappings for VoIP system.
- Practice good configuration management to effectively support this 24/7
call center with extremely tight maintenance windows.
- Install ISDN WAN link to customer site
- Design switched network for a real-time digital video system that
requires zero-packet-loss
Internet Area Networks
Red Hook, Brooklyn
|
2005-01-12
|
Consultant
|
- Fix site-to-site VPN based on PIX and Netopias in hub-and-spoke
configuration used by a VoIP system.
|
Transcore
Manila, Philippines
|
2001-04-30
2000-08-28
|
Consultant
|
- support high-stakes contract acceptance test during the popular
overthrow of President Estrada.
- diagnose arp problems with an HA cluster
|
Evolving Systems
DTC
Denver, CO
|
1997-08-20
1997-04-01
|
System Administrator II
|
- HPUX and Solaris sysadmin for two telco infrastructure
developer teams.
|
Willows Software
Saratoga, CA
|
1997-02-26
1996-08-01
|
Sysadmin
|
- Support Unix, PeeCee, Mac, embedded developers with a unified sccs
repository. Centralized file and printer sharing for Unix, PeeCee,
Mac software developers over IP and Appletalk. Centralized backups.
Maintain access lists on Livingson router.
|
PSU Office of
Telecommunication
Univ. Park, PA
|
1995-12-15
1995-01-01
|
Assistant Hostmaster
|
- maintain psu.edu zone files. support and educate other
sysadmins about the DNS.
| | |
|
Skill
|
Summary
|
|
Details
|
|
VPN
|
Cisco VPNs with certificates
|
- BSD package maintainer of OpenSCEP: free software that lets Cisco
PIX and IOS devices interoperate with an OpenSSL certificate authority.
- Road warriors: PIX and Unity client. NAT traversal. In my
system, I make individual certificates for each road warrior.
- site-to-site: PIX interoperating with Netopia
|
|
Firewall
|
PIX and IOS
|
- PIX with three or more interfaces, static mappings and
access-groups. AAA with TACACS+.
- IOS extended access lists
|
|
Routing
|
Set up a small production AS
|
- OSPFv2 (IPv4) and OSPFv3 (IPv6) over physical links and GRE tunnels
- Experimental OSPF configuration for a specific mobility
application on a laptop
- BGP initial configuration and route-map setup for a small private
AS (BGPv4 IPv4 and IPv6)
- IOS dial-on-demand
|
|
Switching
|
Standard Cisco managed switch skills
|
- 802.1q VLANs.
- I spoke at a technical conference on
RSTP 802.1w/d
- Implemented an arp-free
forwarding plane with BSD for a conference to make arp poisoning
more difficult.
- Interoperability between Cisco, Lucent, Foundry, SMC managed
switches and BSD
- Track down and fix duplex mismatch problems
|
|
WAN
|
All phases of WAN deployment
|
- shopping, provisioning, troubleshooting T1 and ISDN
- Both as B2B leased line and as Internet access (business-to-ISP)
|
|
DNS
|
DNS admin since 1995
|
- BIND 9 with IPv4 and IPv6 zones
- use the two clients 'nsupdate' and 'dhcpd' to perform TSIG BIND 9 dymaic updates
|
|
non-Cisco
|
experimental systems and understanding of wire protocols
|
- I reviewed pre-publication copy of Fernando Gont's ICMP attacks
against TCP Internet-Draft and suggested the ``Initial PMTU
Discovery'' phase and corresponding
maxsizeacked
variable.
- PF and ipfilter firewalls. Write and maintain complicated systems
with several hundred rules.
- Quagga, an OSPF and BGP routing daemon for BSD. IPv4 and IPv6.
Quagga interoperating with Cisco. Quagga bug-fixing.
- ALTQ QoS
- Appletalk routing using netatalk
|
UNIGROUP member. OCCAID member since 2004
Speaker at Metarheinmain Chaosdays 101b conference in Darmstadt,
Germany (September 2006). Topic: Comparison of WAN Interior Gateway
Protocols.