Tomorrow, December 6th 2013, at 10:00 PST (GMT 18:00) I will be running a free live online session on Introduction to DMVPN for CCIE R&S v5 Candidates. You can sign-up for this seminar here. Additionally the link to attend is available at the top of the dashboard when you login to the INE Members Site.
This session is the first of many to help candidates transition from the current CCIE R&S v4 Blueprint to the recently announced CCIE R&S v5 Blueprint that goes live on June 4th 2014. We will continue to run additional sessions in the future on new topics that have been added to the CCIE R&S v5 Blueprint, such as IPv6 First Hop Security, IPsec LAN-to-LAN tunnels, GET VPN, IGP Convergence & Scalability, and BGP Convergence & Scalability, just to name a few. These sessions are not only applicable to CCIE R&S v5 candidates, but also to those pursuing the CCNA, CCNP, or CCIE Security tracks, as well as for everyday engineers looking to apply these technologies in their production environments.
Tomorrow’s session will focus on the theory of what Dynamic Multipoint VPN (DMVPN) is, what problems it was designed to solve, and where it fits in the overall network design as compared to other technologies such as MPLS Virtual Private LAN Service (VPLS) or MPLS Layer 3 VPNs. The session will also include live implementation examples of DMVPN on the Cisco IOS CLI. Expect this session to run somewhere around 2 – 3 hours in length.
I hope to see you there!
Today Cisco posted their official announcement on the upcoming changes for CCIE Routing & Switching Version 5. The majority of the announcement is along the same lines as previously rumored changes, except for the official launch date, which is now scheduled for June 4th 2014. This should bring a great sigh of relief to you if you’re currently nearing the end of your CCIE R&S v4 preparation, as you now have a 6 month window to pass the v4 lab exam before the change to v5 occurs.
Specifically the announcement details changes to technical topics covered both in the written and lab exams, the equipment used, as well as the exam format, as follows:
Technical Topic Changes
New Lab Topics:
- Interpreting Packet Captures
- Bidirectional Forwarding Detection (BFD)
- Multi Address Family (AF) EIGRP
- Dynamic Multipoint VPN (DMVPN)
- IPv6 First Hop Security
Of the new topics announced, the big ones are DMVPN and IPsec. These are specifically listed as DMVPN Single Hub and IPsec with Pre-Shared Keys, so the scope is not nearly as large as the CCIE Security. If you don’t yet know what any of these terms mean, don’t worry, you soon will
Topics moved from the Lab to the Written:
- IPv6 Multicast
- IPv6 Tunneling
- IOS AAA with TACACS+ and RADIUS
- Layer 2 QoS
- Performance Routing (PfR)
Topics completely removed:
- Layer 2 Protocol Tunneling
- IOS Firewall
- IOS IPS
- RSVP QoS
For topics removed, there are three killer areas here: Frame Relay, PfR, and Layer 2 QoS. Frame Relay’s removal is no surprise, as Ethernet based last mile access solutions such as Metro Ethernet and Virtual Private LAN Services (VPLS) have exploded in the past few years and have eclipsed legacy methods such as DS3 Frame Relay. From a technology design point of view though, a lot of the Frame Relay theory transfers directly over to DMVPN, as DMVPN could be thought of as a way to emulate legacy hub-and-spoke network designs over a public transport.
As for PfR’s removal, this one is a bit of a surprise, and I can already hear Brian Dennis’s screams of agony:
While the general idea of PfR is great, I’ve never seen it implemented other than in very small scale environments due to the management complexity. You have to give Cisco credit though, as PfR is essentially SDN version 1.0, and now a very large portion of the industry is focused on this type of application.
The other large change here is the removal of Layer 2 QoS. While this is still a very important topic, the problem with L2 QoS is that it is highly platform dependent, and the way that Catalyst 29xx/35xx/45xx/65xx implement L2 QoS is generally unique to each. Therefore in the interest of platform independence and virtualization, L2 QoS gets the axe. This brings us to our next topic, which is the hardware changes in the new blueprint.
As previously rumored, the new CCIE R&S v5 equipment is going all virtual. As CCIE R&S v4 had already been using virtual IOS for the troubleshooting section of the exam, this should come as no surprise. The biggest implication of this change is that the size of the topology is now arbitrary. I wouldn’t be surprised going into the exam and seeing a configuration section with 20+ routers in the topology.
The other implication of this change is that certain features can no longer be tested on, as they’re not supported in the virtual IOS. Those topics that can’t be tested, such as Layer 2 QoS or Flexlinks, are now explicitly excluded from the topic scope of the exam.
Last but not least, a new testing section has been introduced into the R&S v5 lab exam format. While the written exam format stays the same, the lab now includes a “diagnostic” section, which focuses on the diagnosis and resolution of network issues from a more high level point of view.
This new section won’t use equipment, but instead will present the candidate with information such as network diagrams, CLI outputs, log outputs, traffic captures, and email exchanges, based on which they will be expected to diagnose a presented network problem. Based on the description in the announcement, I would assume that this format is going to be similar to the CCDE Practical Exam testing format, which tests analytical skills without the need of access to actual devices CLI.
Another minor change to the exam is how the timing of sections works. In the v4 format, candidates had a maximum of 2 hours to complete the troubleshooting section, and a minimum of 6 hours for the configuration section. If the candidate used less than 2 hours in troubleshooting, the extra time rolled over to the configuration section. In the v5 format this changes along with the addition of the diagnostic section.
In v5, candidates will have a maximum of 2.5 hours to complete troubleshooting, a fixed 30 minutes for the diagnostic section, and the rest to complete configuration. Any time less than 2.5 hours used in troubleshooting will be credited towards configuration. For example if a candidate uses only 1.5 hours in troubleshooting then the configuration section would be 6 hours, which along with the .5 hour of diagnostic adds up to a total of 8 hours for the exam.
How Does This Affect Me As An INE Customer?
The good news is that if you’ve purchased and of the R&S v4 products from INE, you’re covered for the v5 products. You won’t have to pay anything to upgrade to the v5 products, including the Bootcamps. If you already attended a v4 bootcamp and want to resit a v5 bootcamp, there’s no charge for it.
As it’s no secret that Cisco’s blueprint changes have been in the works for quite some time, as have INE’s plans for the v5 update. We have a bunch of new exciting product updates and more importantly new product features that we’re going to be launching along with the v5 product updates. More information will be available about these updates in the coming weeks.
In the short term I’m going to be running a free online class this Friday – December 6th 2013 – at 10:00 PST (GMT –8) on Introduction to DMVPN for CCIE R&S Candidates. I’ll post another blog update tomorrow with more information on this.
Congratulations go out to the newly minted Cisco Certified Design Experts that passed the Practical Exam after attending INE’s CCDE Bootcamp with me in Chicago last week! So far I know of at least 9 students from this past week’s class and previous ones that passed the practical this time around. Here’s what some of them had to say:
I had accomplished 2 CCIE’s and was ready for the CCDE. I took the CCDE v1 test a couple of years ago and failed miserably. I came to the INE CCDE boot camp with really no expectations. I didn’t only learn some technical details through the boot camp, I learned the mental strategies needed to get through this test. Thanks, INE!!
Rob Gonzalez, CCDE #20130059
Brian’s approach in how to tackle the exam question were invaluable. I was able to successfully navigate several difficult questions there on my first attempt. Thanks to Brian and his insight I was able to pass.
Travis Jones, CCDE #20130060
Just wanted to drop you a note that I passed the exam today. Still in shock, but it’s starting to sink in. Thanks for a great session this week. I’ll highly recommend it!
Dave Fusik, CCDE #20130070
I passed the CCDE in Chicago after attending the 3 day INE CCDE Bootcamp with Brian McGahan. The room was full of very intelligent and experienced individuals who started discussions that helped solidify my knowledge in the topics tested on the exam. Thank you once again INE!
Dana Yanch, CCDE #20130071
As it seems that the interest in the CCDE track is continuing to grow, INE is going to continue to offer our study sessions which follow along with Cisco’s schedule for the Practical Exam. The next Practical Exam is scheduled for Thursday February 20th 2014, so expect our next session to likely run Monday – Wednesday that same week in Chicago. However since Cisco is now offering the CCDE Practical Exam at all Pearson Professional Center locations, there’s a possibility that we may be moving our next study session to an online format.
If you’re interested in attending one of INE’s CCDE Bootcamps in the future, let me know via comments below if you prefer it in an online format or a live onsite format. The advantage of course of running it online is that you can attend from anywhere, but at the expense of the live class discussion that happens in an onsite class.
Also don’t forget to check out our CCDE Practical Recommended Reading List, as the topic scope for the exam is immense to say the least.
Congrats again to the newest CCDEs of 2013!
A few changes have occurred with regards to the CCIE Data Center certification, some on Cisco’s part and a few on ours.
Cisco Makes a Change
Firstly, released a new testing rack into the system in the middle of last week, and a lot of new seats have opened up to sit for the CCIE Data Center exam. Jump online and book yours today if you’ve been waiting for one.
Next, Cisco made a seemingly inconspicuous change a few weeks back to the “Lab Equipment and Software Versions” document, not by adding anything, but rather by removing most minor version numbers from software that was previously listed. This doesn’t go against anything Cisco has done in the past or anything that they normally let the candidate know six months ahead of time – that goes for major software revisions or hardware changes only.
For instance, the software section previously looked like this:
• NXOS v6.0(2) on Nexus 7000 Switches
• NXOS v5.1(3) on Nexus 5000 Switches
• NXOS v4.2(1) on Nexus 1000v
• NXOS v5.2(2) on MDS 9222i Switches
• UCS Software release 2.0(1x) for UCS-6248 Fabric Interconnect
• Software Release A5(1.0) for ACE 4710
• Cisco Data Center Manager software v5.2(2)
And today looks simply like this:
• NXOS v6.x on Nexus 7000 Switches
• NXOS v5.x on Nexus 5000 Switches
• NXOS v4.x on Nexus 1000v
• NXOS v5.x on MDS 9222i Switches
• UCS Software release 2.x for UCS-6248 Fabric Interconnect
• Software Release A5(1.0) for ACE 4710
• Cisco Data Center Manager software v5.x
(A bit funny that ACE didn’t feel the love and remained untouched)
The implications to this are that things like a ‘true’ Admin context in Nexus 7Ks Sup1s (Sup2(e)s already have this) as well as Native FC Zoning in UCS, Single-Wire Cable Management for UCS C-Series from FIs and the biggest of all, Northbound FCoE from the UCS, can be potentially tested in the future. We’re told that for now many of these new UCS 2.1 features are not being tested, but we’ll go ahead and add content for them to prepare you.
What INE is Doing About it
We will be upgrading our code following our currently full bootcamp, which will give you the option to practice with the new features, while changing nothing from the current features that you already test with on our racks. We also will be adding scenarios to our online workbooks in the coming weeks, specifically demonstrating and testing you on these new features. Finally, beginning on November 16, you will see the amount of racks we have available for rent more than double.
We’ll continue to stay ahead of all major and minor changes that occur in the CCIE Data Center space and alert you as things progress.
Also, we’re currently completely booked full in our Data Center classes until March, and even now March and April classes are nearing capacity. If you have any intention of getting into one of these, you’d better head over here and register for one today.
Tags: CCIE Data Center
It’s rumored that the announcement for the R&S CCIE v5 update should be coming soon (November timeframe) and the switch over for the lab sometime around March 2014. Cisco Live Europe has a R&S v5 Technical Breakout scheduled for anyone attending. The update to version 5 is rumored to be a 100% virtual lab environment similar to how the troubleshooting section of the lab is done now. The major benefit of the lab going virtual is that the topics covered will be platform independent. You will not need to buy 2911′s or 3750x’s to prepare and can use any relatively newer router or switch to prepare or use a virtualized environment (IOL/IOU/VIRL, GNS3, CSR). The goal of the v5 appears to be to focus on the technologies themselves and less on the hardware and a specific topology. This is the best move Cisco has made for the R&S CCIE program in years as candidates will need to focus more on the technologies themselves and not worry about IOS versions, hardware platforms, physical topologies, etc.
Allegedly the R&S CCIE v5 blueprint will see legacy topics like Frame-Relay removed. Additionally it’s possible some of the more lesser used features of the IOS like Zone-Based Firewall, WCCP, IPv6 multicast, and PfR could be removed from the lab. A few of the topics we could see added are IPSec, DMVPN, and Embedded Packet Capture. We may see ISIS added to the written at least if not the lab. This could be the last version of the R&S lab that isn’t IOS XE based so we could see it added to the written.
Currently the lab has a 2 hour troubleshooting section and a 6 hour configuration section. The new lab may contain, in addition to the troubleshooting section, a new diagnostic section. This means the lab could have a troubleshooting, diagnostic and configuration section. I would assume the points for this new section would come from the configuration section and the troubleshooting section would remain the same or possibly even slightly higher in points.
So what does this mean for someone currently preparing for the R&S v4 blueprint? If you feel you are close to taking the lab but do not have to scheduled, you should schedule a date ASAP. Once the official v5 announcement comes out from Cisco, it will be hard to schedule a lab date. If you have a date scheduled before March 2014 then you should be fine. If your date is after February 2014 then I would recommend you move it up ASAP. The longer we go into November the more likely the new blueprint date has been pushed back by Cisco.
Additional v4 bootcamps will be added to the schedule before the March 2014 changeover. We will start transitioning the current bootcamps over to version 5 around the first of the year. For the self-paced products we will start releasing labs and videos covering the new blueprint in November. 90% of the material from the version 4 blueprint will carry over to the version 5 lab blueprint. Topics you can skip for the routers will be Frame-Relay, PfR, WCCP, Zone-Based Firewall along with technologies that are not supported in IOU L2/IOL L2. Here is a list of features we may not see for the layer 2 section since the switches will be virtual.
1) QinQ Tunneling
2) ISL trunks
3) DHCP Snooping
4) Layer 3 Port Channel
5) Private VLANs
Post any questions you have about the new blueprint changes and I’ll start creating a FAQ below:
Q) I purchased the version 4 self-paced material so will I be covered for the version 5 products?
Q) Will I have to pay anything for get the new version 5 material?
Q) I attended an R&S CCIE v4 bootcamp so can I resit a v5 bootcamp for free?
Q) Will INE offer racks for the new blueprint?
A) Yes. Although the lab is virtual it is still good to spend part of your preparation using real hardware as that is what you use in your day-to-day job. Towards the end of your preparation you can hone your skills using virtualized environment. We will be using the CSR along with real switches for the virtualized environments.
Q) What about my tokens?
A) Your tokens will carry over.
Q) I’m currently schedule for the lab after the v5 update. Can I still take the v4 lab?
Q) Do you feel strongly that the announcement will come out in November?
A) I do feel confident that the announcement will be in November but it could slip since they are trying to align the Cisco 360 update to the lab release.
Starting next year Cisco will be offering the CCDE Practical Exam at many more locations beyond San Jose, Chicago, London, etc., and registration for the practical will be open up to the day before the exam. Another nice change is that candidates can take lunch break on their own time after finishing the second scenario in the exam, where previously they were required to wait until the set lunchtime was finished before continuing on with section 3. The specific announcement from Cisco is below, along with the link to the CCDE page which outlines exactly where the new locations will be.
Starting with the February 20, 2014 exam administration, the CCDE practical exam will be available at all Pearson Professional Centers (PPCs) worldwide. The ability to conveniently take the CCDE practical exam at a local PPC testing center eliminates the stress and expense of traveling to a remote exam location.
The overall exam administration experience has improved giving you more flexibility in the following areas:
Choosing your exam location:
- The number of locations where this exam can be administered will increase from 8 to 275
Registering for the exam:
- Registration will close one day before the test date
- However, candidates are encouraged to register at least 45 days in advance for most locations to guarantee PPC sites will be open for the required nine hours to administer the CCDE practical exam
Breaking for lunch:
- Candidates can only take a lunch break after they finish section 2
- Candidates are no longer required to take a lunch break simultaneously
There are no changes to the exam content, scoring methodology, or modular testing approach. See the FAQs for more detail
Congratulations go out to Keith Humphreys who recently passed his CCIE Service Provider Lab Exam on his first attempt! Keith was a student in a recent CCIE SPv3 Bootcamp that I taught in London, and posted a very inspirational story about his road to CCIE success on INE’s Online Commmunity. It’s a long one, but is definitely worth the read.
Finally after years of preparation I have passed my 1st CCIE on my 1st attempt in Diegem, which is the party centre of the universe, isn’t it!? Below I will go through my preparation, what I did, when I did it and it’s probably all repetition of other peoples experiences but you only pass the CCIE for the 1st time once so I’m going to babble on cos this is my moment
I hope everyone enjoyed the IPv4 Route Redistribution session on Friday. The turnout was amazing to say the least. We got off to a late start due to needing to split the streams between servers as we had over 2000 people logged in accessing the session. Once we got rolling you can really see how excited I get working on routers In fact I’ll be doing a few of these R&S CCIE sessions a month going forward since the turnout is so good and I really enjoying do this. The flow for these new online sessions will be that I run every session twice to get enough video for a complete product. After that it’ll take about one or two weeks to get the final product through editing and into your members site depending on the length of the session. These videos will be free for any AAP member or R&S CCIE Bootcamp customer.
I’m going to be running the IPv4 Route Redistribution session again sometime after next week and span it over two days (6 hours each). I’ll publish labs for this next session so after you watch the videos you can go back and reinforce the concepts by doing the labs. Additionally I’ll publish the initial and final configurations for the video sessions along with the configurations I capture during each of the breaks. After that I’ll go through the videos and get the complete product released.
The next sessions will be MPLS L3 VPNs and IPv4 Multicast. Both of these will be ran twice with the first session being one day in length and the second two days. Also I’ll be fitting in a few smaller sessions in between covering other topics.
As a side note the R&S CCIE Version 5 update is just around the corner. The word is that we are looking at a April/May timeframe so I’ll try and get all of the R&S topics covered in these sessions by the end of January or mid-February. Most of the sessions will carry over to the R&S CCIE Version 5 blueprint if you aren’t planning on taking the R&S CCIE Version 4 lab.
Friday Oct 11th starting at 10am PDT I’m going to be holding an all day online R&S CCIE session covering IPv4 Route Redistribution Configuration and Troubleshooting. From the R&S CCIE Bootcamps I know that some of the more popular topics are IPv4 route redistribution, IPv4 multicast and MPLS L3 VPNs. I’m going to start with IPv4 route redistribution first since it can be covered in a single 5 to 6 hour session. I’ll cover the other two later this month as IPv4 multicast and MPLS L3 VPNs each needs to spanned over two days (two 6 or 7 hour sessions) to fully cover them. Let me know in the comments what other topics you would like to see done after. Please say SDN!
To sign up for the session click here. These sessions will be recorded and the configurations will be available so you can follow along with the recordings. I will be using the larger 32 device R&S topology which can be rented through your members site account.
INE’s new CCIE Security V4 Advanced Technologies Class continues this week, with a focus on ASA Firewall. This week’s classes will run Wednesday Oct 9th – Friday Oct 11th at 10:00 PDT (17:00 GMT) daily, with class days running typically about 4 hours each.
Anyone with an active All Access Pass subscription or that has previously purchased the download version of the SCv3 ATC can attend the live sessions. The link to join class can be found at the top of the Members Site dashboard, or direct at http://ine.co/scv4.
Specifically this week’s classes will focus on the following topics:
- Security Levels
- Access Lists before and after 8.3
- Routed vs. Transparent Firewall
- Single vs. Multi Context Mode
- Active/Standby vs. Active/Active Failover Mode
- ASA Routing
- NAT before and after 8.3
- ASA Modular Policy Framework and Application Inspection