Archive for November, 2008

Nov
30

PLEASE NOTE: This is a partial list of potential configuration options for various hypothetical sections of the lab exam. Do not allow this list to constrain your own creative thinking when it is time to solve actual lab tasks! Please suggest additions using the comments feature.

3550
Load Balancing with STP
Option 1 – STP cost – use on the downstream device
Option 2 – Port Priority – use on the upstream device

OSPF
Advertising Masks for Loopbacks in OSPF
Option 1 – OSPF network command
Option 2 – Redistribute connected – Watch for Later Redistribution Issues
Option 3 – Area Range command

Troubleshooting Neighbor Relationships in OSPF over NBMA
Option 1 – OSPF network command
Option 2 – Hello timer manipulation

Connecting Area 0s in OSPF
Option 1 – Virtual link
Option 2 – GRE Tunnel – often needed when area between is a stub area
Option 3 – Redistr between different OSPF processes on the same router

Sending Unicast Updates in OSPF
Option 1 – neighbor command and change network type/hello interval

Load Balance in OSPF – change to equal cost
Option 1 – use the bandwidth command
Option 2 – ip ospf cost command

Introducing a Network into OSFP without Updating Neighbor’s LSDB
Option 1 – no-advertise
Option 2 – area filter-list

Continue Reading

Tags: , , ,

Nov
29

I expanded upon the awesome CCIE Lab Technology Outline found in the Resources section or our main Web Site. I am looking to add features to this list soon, and of course, please post any changes you feel I should make in our comments section. I plan on fixing the formatting as I add new features. Enjoy your studies.

I. Bridging and Switching

A. Frame Relay

I. L2/L3 Resolution – static vs dynamic
II. Broadcast/Multicast Support
III. LMI
IV. Full Mesh/Partial Mesh
V. Hub and Spoke using Point-to-Point
VI. Hub and Spoke using Multipoint
VII. SVC
VIII. PPP over Frame
IX. End to End Keepalives
X. Broadcast Queue
XI. Load Interval
XII. PING local interface
XIII. Multilink Frame Relay

B. PPP/HDLC Continue Reading

Tags: , , , ,

Nov
26

Here is a small task that illustrates how combining a few technologies may result in interesting solution.

Task:

Configure R1 to send all logging messages to the remote server at the IP address “10.0.0.100″. Ensure secure (non-cleartext) and reliable (acknowledged) information delivery.

DO NOT USE:

1) TCP as the transport protocol.
2) IPsec for encryption.
3) Any tunneling technology.

Recent update: do not use BEEP. This seems to be ruled out by “don’t use TCP”, but worths being mentioned separately. The solutions is supposed to be a “bit” more complicated :)

For simplicity, assume the server to be directly connected to the router via Ethernet. Also, assume the server could be configured in any way to match the router’s configuration.

The first person to find the correct solution would win a 100$ Amazon.com gift card. Since tomorrow is a big holiday in the US, we will post the solution and announce the winner somewhere around the coming weekend.

Have a nice Thanksgiving!

—-

OK, it looks like I’m getting old after all :) The solution has been found a few hours after I actually made the post! The Winner is: Carl Burkland. Congratulaitons! He was the first to post a working solution. I’m disclosing the comments right now, so you can see other people who came with correct solutions or bright ideas after Carl. Also, see some explanations and comments below.

Continue Reading

Tags: , , , , ,

Nov
26

Nothing is perfect in this world, and things like typos and missed solutions do happen in the workbooks. However, we’re constantly working to improve the quality of our products. If you think you found an issue with a workbook and want to report it, then go to:

http://support.internetworkexpert.com

and click on the “Submit ticket” link. Select “Quality Management” department and fill in the form that follows. Attach screenshots and other information that you find necessary with the report. As soon as you submit the ticket, you will receive an automated e-mail notification, and may continue to follow the discussion thread using regular e-mail.

The best part is – we’re going to launch a system of rewards for people that report valid issues (this is why the form asks for your membership account name). So in result, you’re not just helping others, you win something!

Tags: , , , ,

Nov
24

Tonight I’m posting some updates to the IEWB-RS Volume 1 Version 5.0 section of OSPF, along with an interesting teaser on how OSPF path selection works towards external routes originated in an NSSA. In my pursuit of networking Nirvana, I have a motto; learn something new every day. This topic for sure will fall into that category for many engineers.

We all (hopefully) know what an NSSA is in OSPF. It’s that cute little area that’s sort of stubby, but not completely, which allows us to cut down on the size of the OSPF database while still doing redistribution into an area. What is a little lesser known fact however, is how calculation towards an external route originated in an NSSA differs from a normal route redistributed into OSPF. Check the above link for the detailed walkthrough of how this works, along with the diagram and initial configs for those of you that don’t already have a subscription to the product, but the spirit of the situation is as follows… Continue Reading

Tags: , , , , ,

Nov
24

Intro

In this post we are going to discuss operations of the “traceroute” and “ping” command in MPLS environment. The reader is supposed to have solid understanding of MPLS VPN technologies, prior to read this document. Note the use of terms “MPLS ping/traceroute” which are interchangeable with “LSP ping/traceroute”

The following is the testbed topology we are going to use for simulations. All PE/P routers are 7206s running IOS version 12.0(33)S. Unfortunately, MPLS ping and traceroute commands are just a recent addition to IOS code, and thus you only see them in later 12.4T versions and recent 12.0S images. The IOS versions currently used in the CCIE SP lab do not support the MPLS ping/trace features.

Classic Ping and Traceroute

Continue Reading

Tags: , , , , , ,

Nov
22

Part 3 – A Chapter Closes

Andrew Spruce arrived his usual 15 minutes early to the lab building at the Research Triangle Park Cisco location. He sat in the car with the heater running.

Is this North Carolina or Siberia? thought Andrew as he looked over the building where he would soon be configuring a rack of equipment at near super human speeds. The temperature on this January morning had to be about one degree.

Another car pulled along side and Andrew glanced at another candidate. They shared a moment’s eye contact that seemed to acknowledge volumes in a single instant.

I am going to pass today. Yes, I am going to pass today.

Twenty minutes later Andrew was greeting the RTP proctor, Hubert.

I should add this guy to my Christmas Card List, thought Andrew as he sat at his cube with his 15 inch CRT and scratch paper.  Andrew had seen him more in the last year than he had seen most of his relatives.

There it was, the lab booklet; so plain, so in descript; so potentially full of brain-busting fun!

I am going to pass today. Yes, I am going to pass today.

Andrew smiled confidentially and immediately engaged his tried and true lab strategy. He quickly confirmed the configurations on his pod were correct and examined the lab sections he would face that day.

Ten minutes later Andrew made his first verification (a very happy 802.1Q trunk), collected two points, and smiled even wider.

I am going to pass today. Yes, I am going to pass today.

From the cube next door, Andrew suddenly heard a loud slap of a palm against the cheap plastic monitor. Obscenities followed that would have made Andrew Dice Clay sound like Mr. Rodgers.

Andrew reached for some of the lightly salted peanuts he had brought to his desk, smiled at the photo of his daughter wearing her Cisco Kid T-shirt, and went back to his Layer 2 configurations.

I am going to pass today. Yes, I am going to pass today.

Tags: , , ,

Nov
19

Hello to all our faithful blog readers, I hope this post find you very well, and enjoying your studies!

Access list tasks are a common CCIE Lab Exam feature, and I wanted to take a moment to show how easy it can be for a candidate to miss one thing or many things in such a task.

Here is the task topology and the task itself. Following that we have the proposed solution by a Mock Student :-)

Can you find the errors in his or her ways?

The Topology

The Task

Security

Traffic Filtering

8.1 Configure a security filter on R3 that will accomplish the following for traffic entering the router from the direction of R2:

  • Allow Telnet from R2 (S0/1) to R1 (Lo1)
  • Allow BGP traffic through the router
  • Allow ICMP ping traffic between R1 (Lo1) and R2 (Lo1)
  • Block any traffic sourced from RFC 1918 addresses – log these violations and include Layer 2 address information

4 points

The Proposed Solution

!
access-list 100 permit tcp host 32.0.1.2 eq telnet host 192.168.100.1 eq telnet
access-list 100 permit tcp any any eq bgp
access-list 100 permit icmp host 22.10.1.2 host 192.168.100.1
access-list 100 permit icmp host 192.168.100.1 host 22.10.1.2
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.0.255.255 any log
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
!
interface Serial1/2
ip access-group 100 in

NOTE: I have posted a solution to this blog in the comments. The solution post date is November 20th, 2008.

Tags:

Nov
18

I saw a CCENT student ask a pretty common question on a Cisco forum the other day…they wanted to know tips for making all the theory really “stick” when studying.

A great tip in this regard is to practice as much as possible as you study. Get your hands on your home network and investigate as much as possible to drive the theory home.

For example, in the Operation of Data Networks portion of the course, why not download the free protocol analyzer, Wireshark, and start examining the packets that are generated by common network events?

Here is a simulation that I pulled from our course to demonstrate just how valuable this can be. Enjoy:

wireshark

Tags: , , ,

Nov
18

Today’s Open Lecture Series topic, Understanding the OSPF Database, will be open for guest access.  All users, customers and guests alike, are welcome to attend.  Simply open the link http://ieclass.internetworkexpert.com/r32376193/ and login with your classroom account or use the guest access field to attend.  Class starts at 1pm Pacific time (GMT -8)

Today’s session explores in detail how OSPF route selection occurs in the database, and how features such as network types, stub areas, and virtual-links affect the database view.

For customers of the Open Lecture Series, and the CCIE 2.0 Program, the Class-on-Demands from the previous sessions last week will be made available later tonight.  More information will be made available once the Class-on-Demands are posted.

Hope to see you in class!

Tags: , , , , , ,

Categories

CCIE Bloggers