CCIE vs.CCDE is probably one of the most frequently asked questions by networking experts.
How many times have you asked yourself or discussed this topic with your friends? Many times, right?
I have CCIE routing switching and/or service provider, should I continue to design certificates such as CCDE or should I study for another expert level certification, perhaps virtualization certification?
To illustrate my answer, let me give you an example.
Consider that you would build Greenfield network. (Usually, it is the same for Brownfield as well).
First, you need to understand the business, how many locations it has, where it is located, where is HQ or HQs, Datacenter, POP locations, and so on.
After that, you try to understand how the business can assist its consumers.
It can be retail, airport, stadium, or service provider network.
All these businesses have similar and different requirements,
For example, stadium architecture requires you to have ticketing systems, access control systems, and streaming the game, all of which are connected to the network. So, you need to understand the business requirements, how they want their revenue to appear, and how their systems interact with one another. Then, you will provide the business an architecture to support its requirements.
You may need to enable QoS or Multicast for that application, as an example.
Architecture refers to the process of gathering, analyzing, and clarifying the business requirements.
Without Architecture, a Design Is Just a Guess
The designer needs to understand the business objectives and high-level functional specifications.
In the retail store example, store sales information may be updated with some central locations such as Datacenter for the purpose of analyzing data only, and high availability requirements of the store may not have much priority.
Now, let me give an example that shows that it is pertinent that you understand why a design is important and why it requires different strategies.
A Business has 1000 sites connected to two data centers. (Technically, we call it Hub and Spoke).
It plans to open 1000 additional sites within 2 years.
The business wants to operate its WAN network. While its data is highly classified, the business carries a small amount of data between remote sites and data centers.
The business can tolerate up to half an hour downtime. Since the enterprise has many remote sites, it wants to reduce the cost of devices in the remote offices.
Ideally, the enterprise wants to operate those sites using small resources on its devices. And since there are many sites, it wants the most cost effective WAN solution.
As you must have observed, I did not mention anything technical so far.
All these requirements can be received from the business leader, perhaps the CIO or CTO of the company.
Let me translate these business requirements and the structure of the technical terms.
- The company has many sites, and it needs scalable design.
- The available requirements are not tight.
- The business’s network physically fits Hub and Spoke (Star) topology.
So far, MPLS L3 VPN service from the provider seems suitable for its requirements. Let’s continue.
- The business wants to operate its WAN network.
Now, we have eliminated the MPLS L3VPN option. If you get l3 VPN from the provider, you can have multi-point-to multi-point capability; however, you may lose your control. This is because you are transferring SLA and risks to the service provider even though you depend on their performance and control.
After understanding the architecture and business requirements, translating those requirements to technical solution is the design.
You can come up with many valid design alternatives.
But you should always proffer the simplest solution.
- The business believes that its data is highly confidential, so we need to encrypt its data.
Based on the business requirements, IPSEC over DMVPN would be a valid design.
DMVPN can be set up over leased lines, virtual leased line, Internet, and so on.
Since its availability requirement is not tight and the business wants the most cost effective design, IPSEC over DMVPN over the Internet is suitable.
The equipment choice is important, but not necessarily, from the design point of view. The CCDE task is generally a CCDA engineer’s job.
If you are lucky, you can tell your boss that it is not your job
Which routing protocol would you choose? More importantly, do not forget that they have two data centers.
Architecture understood the applications and the systems, all of which the business needs. The business also needs the interactions those systems have with each other at the conceptual level.
The designer will translate those requirements to the technical requirements. After that, the designer will find the best technologies for these requirements.
CCIE as an operational task will translate these technical requirements and technologies to low-level configuration state.
The designer doesn’t configure NHRP, IPSEC Crypto, Routing Protocols, Redistribution, Area Assignment, and so on.
CCIE does not necessarily need to know if EIGRP or OSPF would be a better option for the business. However, CCIE needs to know how links can be assigned to the OSPF Areas, how EIGRP Stub is configured, and so on.
What would be your design for the above business requirements?