In this post I will try to summarize the things known so far about the CCDE written/practical exams and provide some (hopefully) useful tips and hint. Even though I didn’t receive my exam results yet, I think it’s still a good idea. At least, I’m still the person who “tried” and haven’t “failed” yet (at least unaware of that
The first question that people ask – would getting CCDA and CCDP help in achieving CCDE? That would help, a little. Most useful thing would be summarization your knowledge of IP Routing protocols and QoS topics. Plus, you can find some useful things in the new ARCH2 training course. However, I don’t think it is necessary to become a CCDP in order to get enough knowledge for taking CCDE.
This one looks remarkably close to any CCIE written test you have taken before. You have about 100 questions to be answered in 2 hours following this *very* detailed blueprint:
Look at the top-level sections of the document:
IP Routing. This is the section you should pay most of your attention to. You must know everything about OSPF, ISIS, EIGRP and BGP. Specifically, you should learn anything related to protocol deployment and scalability issues – things like summarization, flooding domain, route filtering, BGP topologies, traffic engineering. The exam contains a lot of “scenario-type” questions, providing information on a particular topology and configuration and asking questions that require some basic analysis. Don’t expect to encounter questions like “which command tunes OSPF LSA throttling” but expect things like “where would you place flooding domain boundary” or “what would you do reduce the impact of a flapping link”. There is no single book to cover all the section topics in depth, but here is a list that I would recommend:
Jeff’s Doyle “Routing TCP/IP Vol 1,2” and R. Zhang, M. Bartell “BGP Design and Implementation”
Additionally, look through the relevant tech notes for all protocols here:
When you’re done with in-depth reading on protocols, read the following “final” book: R. White, A. Retana, D. Slice “Optimal Routing Design”. This book covers the design topics in quite generic manner. For the “IP Routing” section focus on the chapters dedicated to routing protocols only. At first sight, the book might look a little bit boring, as it does not focus on gory details, but goes over talking about “generic” topics. Remember, knowing “IP Routing” in-depth is about 60% of your success in the written test.
Tunneling. What they mean by that are various “virtualization” techniques. This includes L3 and L2 tunneling techniques, most notably using MPLS and classic IP packet technologies such as GRE, mGRE, L2TPv3. This is where they are going to test your knowledge of L3 and L2 VPNs (e.g. VPLS), MPLS FRR and other VPN topics. This section is probably the next largest in the exam, constituting about 20-30% of the content that you should absorb. Here is a recommended reading list. First, if you’re not well familiar with MPLS, read the following as a good intro:
I. Pepelnjak, J. Guichard “MPLS and VPN Architectures”, a good additional books is J. Guichard, et. Al “Definitive MPLS Network Designs”.
Other books for this section:
W. Luo, et. al “Layer 2 VPN Architectures” and E. Osborne, A. Simha “Traffic Engineering with MPLS”
Also you may look through the section of “Optimal Routing Design” dedicated to the tunneling technologies for a brief summary. Don’t expect the exam to ask you in-depth technology questions like “what is the meaning of this bit in AToM control word”. Most likely you’ll be asked to pick up the best technology for implementing a particular solution (like what is the best VPN solution to transport multicast securely over SP core given the following limitations, etc).
QoS. This is the topic that most people hate With respect to the CCDE exam you are not required to know all the flavors of FRTS. Rather, what you should know are theoretical aspects of QoS implementation, such as QoS models (e.g. Diff/Int Serv) and mapping of application performance requirements to a particular QoS technology (e.g. policing or LLQ). You are expected to know the generic requirements of different application types (e.g. video, interactive traffic) with respect to network characteristics and understand the performance impact caused by QoS implementations. Of course, you need to know all QoS technologies available on Cisco routers as well (classification, marking, conditioning, policing, congestion management and avoidance). Most notably, you need to know how QoS applies in “virtualized” or “tunneled” environments, such as MPLS VPNs (e.g. pipe, short-pipe and uniform QoS models). The blueprint provides A LOT of details for QoS section. Don’t be scared, though. Most of the topics are just analytical breakdown of generic QoS models such as DiffServ. And besides, QoS does not constitute the huge part of the written test. What I would recommend to read on the QoS topics is the following list:
S. Vegesna “IP Quality Of Service” and probably S. Alvarez “QoS for IP/MPLS Networks”
Remember, QoS topics might look overly complicated at first sight. Make sure you master the fundamental concepts of QoS models and understand the implication of QoS configurations on application performance. They wont ask you crazy questions like 10xG.729 cRTP calls bandwidth consumption, but may ask things like “what technology should be used to provide differentiated services for applications sharing the same MPLS LSP”.
Management. This one should be relatively easy, as they wont ask you questions about Cisco Works or Tivoli Most likely you need to demonstrate the knowledge of show and debug commands as well as various system monitoring technologies, such as syslog, netflow, RMON, SNMP etc. You may want to take a quick look over A. Clemm’s “Network Management” book, but you probably should better focus at the IOS DocCD section dedicated to “IP Services” and “Network Management” commands and features. Don’t get stuck with in-depth theory of network management, like you would do with QoS. You may expect questions like “choose an optimal technology to extract particular type of information from traffic flows” etc.
Security. You need to know a little about generic concepts such risk analysis, security policy, policy enforcement, role separations, intrusion detection, event correlation etc. However, the top priority for you with this section is studying IOS security features and tools. This includes AAA, packet filtering, firewall features, routing protocol security, and infrastructure protection. Also, make sure you understand some advanced topics such as RTBH and sink-holes, which are related to SP security toolkit. In general, this section does not require detailed knowledge of all security features, but you’d better look under the “Security” section of the DocCD to have basic understanding of all IOS security features.
To summarize, I think you need to focus on the top three sections: Routing, Tunneling, QoS and spend less time on Management and Security. Of course that does not mean you can simply ignore those two “outsiders”, but rather gives you an idea of how to plan your study time.
First of all, you may want to read some of our previous blog posts on the CCDE practical exam.
The “practical” test itself does not involve any real hardware configuration. The exam is built using Adobe Flash engine. There are few sections, with every section build around a particular network topology (the same topology diagrams) you are supposed to work with. For every topology you are given a number of scenarios (approximately 30-35 questions each), that require the following, per the exam blueprint:
Gather, clarify, and analyze existing and new network requirements
- Identify requirements and determine how they shape the purpose and expectations of a given network.
- Demonstrate the ability to gather and validate information about an existing network.
This one is tough, even though it’s mostly reading. In the beginning of every scenario they give you the diagrams and an initial set of documents describing the current network design. Those documents contain quite a lot of information, with some part being more or less relevant to your scenario. What you need to do is perform an analysis, extracting the key concept, business and technical requirements and constrains (sounds easy, huh). For a non-native English speaker this is more time-consuming, since the information could be presented in “free-formats” such as emails or minutes and require additional “processing”. The engine will then ask you some questions testing your ability to extract the key concepts and find the correct questions to ask from the customer. As you could see from the “demo” test, you are offered to request additional information on the network. Whether you selected the correct or wrong choices, the engine presents you the “correct” information. The final result of this section is set of documents that provide all the relevant information you need to complete the particular scenario. The format of the documents could be different, but most of the time it includes some “live” conversations reflecting the real-life work flow.
Develop network designs to meet functional specifications
- Choose the correct technology to resolve a specific network design problem.
- Create a network design that minimizes or eliminates negative impact on the existing network and services.
- Create a network design that is scalable.
- Create a network design that is elegant and supportable.
- Create a network design that is resilient.
This part follows the information gathering. Now the engine asks you some questions on relevant technologies. You may need to clarify your choices, as the engine may ask for justification of your selections. The funniest part is the ability to work with network diagrams. The Flash engine allows you enhancing the existing diagrams, placing additional devices (routers, switches) or links (e.g. physical connections or tunnels) and choosing the functional role of devices in the network. The design you are creating should satisfy the scalability and resiliency requirements stated above. You can try working with the diagram using the demo test. Again, even if you provide an incorrect solution, the engine will give you the “correct” design when the next part of the scenario will start. So you can always see how far from the successful design you have been
Develop a plan to implement network design changes
- Evaluate the impact of implementation options.
- Develop contingency plans for network restoration.
This section is relatively short. The engine asks you to arrange the network changes in the optimal order. You can see that in the demo test as well. The order you choose should provide less impact on the existing topology and should be logically consistent, e.g. you cannot deploy L3 before you enable MPLS in the core. However, it is not all that simple. Sometimes it makes almost no difference to place a particular step before or after another one. Most likely this means you miss something important
Convey design decisions and rationale
- Justify network design choices based on functional specifications.
- Justify technology choices based on technical requirements
This may happen at any point within the exam where you are asked to select a particular technology or solution. The engine may ask you to justify your choice and provide rational arguments behind your selection. Even though you may have selected an incorrect choice, it still has some rationale options that you may select from.
Practical Exam Summary
The exam is very exhausting. Like I mentioned, first four hours could draw all your motivation off. So make sure you have enough strength to read a lot of documents and grasp tons of diagrams The problem is the exam stress, which may affect your ability to concentrate and understand information presented. During the exam, try taking short breaks and relaxing, as you may feel your brain burning out due to exception load of new information (at least this is what I felt afte 5 hours
As for the preparation, there is no special reading list that I would recommend. Theoretical concepts that you need are contained within the books recommended for the written test. You don’t have to practice any lab equipment, as with the CCIE exam, you just need to develop you analytical skills and patience Compared to the CCIE lab exam the CCDE practical might look “unfair”. After all, during the lab exam you have full control of the situation. Unlike this, during the CCDE practical the engine controls all your actions, and sometimes you may find that even though your answers might constitute a valid solution, the engine suddenly cuts your line of deduction and throws the “valid” solution on the screen. Sometimes you don’t even have chance to justify your selection, as the engine seems to mark it as incorrect immediately. This lack of options might be frustrating to many and a panel board review could constitute a truly fair examination. However, remember that there are people who already passed the CCDE test, and therefore you have a real chance
About Petr Lapukhov, 4xCCIE/CCDE:
Petr Lapukhov's career in IT begain in 1988 with a focus on computer programming, and progressed into networking with his first exposure to Novell NetWare in 1991. Initially involved with Kazan State University's campus network support and UNIX system administration, he went through the path of becoming a networking consultant, taking part in many network deployment projects. Petr currently has over 12 years of experience working in the Cisco networking field, and is the only person in the world to have obtained four CCIEs in under two years, passing each on his first attempt. Petr is an exceptional case in that he has been working with all of the technologies covered in his four CCIE tracks (R&S, Security, SP, and Voice) on a daily basis for many years. When not actively teaching classes, developing self-paced products, studying for the CCDE Practical & the CCIE Storage Lab Exam, and completing his PhD in Applied Mathematics.
9 Responses to “CCDE Certification”
Leave a Reply