Archive for September, 2013
The R&S CCIE Volume 2 workbook has been ported to our new web format (see below). This format allows you to add bookmarks, add notes (both private and public notes) and ensures you always have the latest version. Additionally you can submit feedback directly to the Development and Editing teams from within workbook. We are also working on integrating our IEOC forum directly into the workbook and plan on having it available late October.
For the notes, we are currently implementing a rating system that will allow you to rate a public note posted by someone else. This will allow you to filter public notes that are not above a certain rating if desired. This new public notes feature will be really popular based on the feedback we have received from the beta testers. The R&S Volume 2 in the new web format will be released next week.
R&S Volume 3 workbook has been updated. This updated version will be available later this week in your members site account. This is the last major update to Volume 3 before it is retired and integrated into the new single R&Sv5 blueprint based workbook we are already developing.
Q – Will I automatically get the new workbook when its released next week if I have the current workbook?
A – Yes. The workbook will automatically show up in your members site account next week.
Q – Will I be able to view it offline?
A – Yes. A PDF version will automatically be generated when a change is made to the workbook.
Q – Can I view it on my tablet?
A – Yes the new format is pure HTML5 which is support by all modern tablet web browsers. This is the first step before we release it as an iPad/iPhone app and Android app. The tablet app will allow you to take the workbooks “offline” and still make notes, bookmarks, etc that will sync up when you get back online.
Q – Does this include new material?
A – We had to freeze any development while the workbook was ported to the web. Now that the workbook is up we’ll start adding new content. We have 3 additional labs to add to the workbook now.
Lastly Volume I is currently being ported to the web and I’ll release it in chunks as each section is finished. Currently the IP Routing section has been ported. I’m reviewing it before release and adding more PfR/OER labs.
Below is a good write-up by now dual CCIE 35565 IEOC user ndiayemalick after passing the SP lab:
I have passed the CCIE SP Lab yesterday at Brussels. The results came in pretty fast around 10 PM. I will share my experience here. I will only share things pertaining to the SP lab. There are many other posts about the lab in general, preparations, what to expect, the proctors, etc…. Here we go:
- Don’t forget to commit your changes
- Don’t forget to create the BGP_PASS RPL to allow eBGP routes to pass
- Check each and every step on the way. You do not want to be troubleshooting CSC problem because one of your LDP session was not up.
- Logging is disabled on all the IOS devices with “no logging on / no logging console”. I enable it but checked with the proctor who told me to make sure to put disabled it back at the end of my lab, which I did. Do not assume anything, you have a doubt, ask the proctor.
- Keep track of :
BGP peerings (Route reflector for IPv4/IPv6 VPNv4/VPNv6)
RPs per site
- Use the command ‘ip route profile’ to make sure that your routing is stable.
- There’s a lot of reverse engineering in the lab. Many things are pre build for you with many many faults in IPv4 and IPv6 for all address families so know even worst get acquainted your protocols (BGP, OSPF, IS-IS,EIGRP, RIP, PIM) for both address families
- Verify all your neighboring as you go. OSPF, IS-IS, BGP, LDP, RSVP, PIM,etc… You do not want to troubleshooting OSPF neighboring because your MPLS TE is not working. You can waste a lot of time. Things build up as go. The further you go in the lab, the harder it will become to see small details.
- Besides the DOC-CD, Notepad is your next best friend. Many configurations are repetitive. You will gain time and reduce the chance of making a mistake by using it. I had 3 notepad widows one for TCL scripts, another one called “AT THE END” to put back the configurations I changed like logging, and another one for copy/paste configs to save time.
- Read the lab end to end before starting type. Every word is important. The lab is pretty self explanatory but you have to know your stuff hence you need speed and accuracy.
- It’s harder than the R&S lab but easier because to study because of less topic to focus on.
- Sent private emails to Brian and he helps out a lot. Even Mark Snow was available to meet me personally in Columbus, Ohio. How cool is that ?
- I was tested on all possible PE-CE Routing protocols, filtering and loop avoidance techniques.
- Use TCL scripts to check reachability for all address families. It’s crucial. SP is all about reachability and doing the way they wanted it.
- Found 2 typos in the lab: OPSF instead of OSPF and PIM-SW instead of PIM-SM. I was kind enough to send a feedback
- during the end, my Internet Explorer froze. After killing the process in the Task Manager, I was not able to log back in the lab to display the tasks. I still had access to the devices. After multiple attemps with the proctor, we decided to save my configs and logg off. By doing that, I lost all my TCL scripts and notepad notes. Lesson: do not open multiple IE windows even when going for the documentation.
- Request for reread after passing the lab ?????: You can request a reread even when you pass the lab. How stupid is that?????
- Now INE owes me 2 CCIE shirts
Do not hesitate if you have questions, I will help out as much as I can without breaking NDA of course
Read the replies to this post on IEOC here :
Yesterday marked the kickoff of the new CCIE Security v4 Advanced Technologies Class. In our first session we discussed the scope of the new CCIE Security Version 4.0 blueprint, recommended readings (which can be found at the bottom of this post), the new format of class, and technical topics that included stateless traffic filters on IOS with standard ACLs, extended ACLs, time-based ACLs, and dynamic ACLs.
Going forward the SCv4 ATC will be delivered over the next 4 – 6 weeks as shorter, more spread out class days, typically of about 4 hours apiece. The specific class schedule will be posted here on the blog at least a week in advance so you can plan which sessions you want to attend live. Anyone with an active All Access Pass subscription or that has previously purchased the download version of the SCv3 ATC can attend the live sessions. The link to join class can be found at the top of the Members Site dashboard, or direct at http://ine.co/scv4. In the short-term the next upcoming class sessions are as follows:
- 2013-09-26 10:00 PDT (17:00 GMT) – Reflexive ACLs, CBAC, & ZBPF
- 2013-09-30 10:00 PDT (17:00 GMT) – Advanced ZBPF
A longer-term schedule will be posted after the weekend. In general, the class flow will follow the below outline. If you have specific topics requests for class please feel free to post a comment below and I will take it into account.
Starting tomorrow, September 24th 2013 at 10:00 PDT (17:00 GMT), I will begin the running the new CCIE Security Advanced Technologies Class for the newest version 4.0 blueprint. Online streaming of tomorrow’s class is free for anyone to attend. Simply login to http://members.ine.com and then browse to the streaming url of http://ine.co/scv4. A link to the streaming page is also located in the members dashboard.
Tomorrow’s class will start with an introduction about the scope of the CCIE Security v4 blueprint, including the hardware and software versions, as well as the specific technologies within the scope, and then will continue with the technical topics of IOS Firewall, including stateless ACL filtering and stateful filtering with both CBAC and ZBPF.
The format of this class will be a little different than previous iterations of ATCs for Security, R&S, SP, etc. Instead of running a 5-day class with 8 – 10 hours per day, the class will be spread out over the next 4 – 6 weeks in smaller increments. This will allow you to plan your study schedule more accordingly, and ideally not have to take a full week or more of vacation time or PTO in order to attend the sessions. More details of the specific class schedule will be discussed during the class intro tomorrow.
Beyond tomorrow’s class, anyone with a currently active All Access Pass subscription or that has previously purchased the CCIE Security ATC Download will be able to attend the live streaming sessions. Streaming and download versions of the class recordings will be available sometime around November, but more updates will be posted as the live class progresses.
I hope to see you in class tomorrow!
Cisco hasn’t exactly changed their minds, but has made some – ahem – slight adjustments for those current CCIE Voice holders and how they may transition to the new CCIE Collaboration. Three options are laid out quite clearly here on Cisco’s Learning Network page. Note that option 2 (what most previously thought was the only designated path) does expire on Feb 13, although that’s Feb 13, 2016, so there is plenty of time to make your decision.
In this post we get back to basics, and the roots of the CCIE lab exam – stupid router tricks. Recently I was posed the following question:
Can I force my router to reply to a traceroute with the IP of a certain interface, meaning not the usual that reply to the traceroute with the IP address of the ingress interface?
The short answer: yes. The slightly longer answer: yes, but not the way you probably think you can. To understand how and why you can do this, first let’s review how a traceroute works.