Oct
31

It’s rumored that the announcement for the R&S CCIE v5 update should be coming soon (November timeframe) and the switch over for the lab sometime around March 2014. Cisco Live Europe has a R&S v5 Technical Breakout scheduled for anyone attending. The update to version 5 is rumored to be a 100% virtual lab environment similar to how the troubleshooting section of the lab is done now. The major benefit of the lab going virtual is that the topics covered will be platform independent. You will not need to buy 2911′s or 3750x’s to prepare and can use any relatively newer router or switch to prepare or use a virtualized environment (IOL/IOU/VIRL, GNS3, CSR). The goal of the v5 appears to be to focus on the technologies themselves and less on the hardware and a specific topology. This is the best move Cisco has made for the R&S CCIE program in years as candidates will need to focus more on the technologies themselves and not worry about IOS versions, hardware platforms, physical topologies, etc.

Allegedly the R&S CCIE v5 blueprint will see legacy topics like Frame-Relay removed. Additionally it’s possible some of the more lesser used features of the IOS like Zone-Based Firewall, WCCP, IPv6 multicast, and PfR could be removed from the lab. A few of the topics we could see added are IPSec, DMVPN, and Embedded Packet Capture. We may see ISIS added to the written at least if not the lab. This could be the last version of the R&S lab that isn’t IOS XE based so we could see it added to the written.

Currently the lab has a 2 hour troubleshooting section and a 6 hour configuration section. The new lab may contain, in addition to the troubleshooting section, a new diagnostic section. This means the lab could have a troubleshooting, diagnostic and configuration section. I would assume the points for this new section would come from the configuration section and the troubleshooting section would remain the same or possibly even slightly higher in points.

So what does this mean for someone currently preparing for the R&S v4 blueprint? If you feel you are close to taking the lab but do not have to scheduled, you should schedule a date ASAP. Once the official v5 announcement comes out from Cisco, it will be hard to schedule a lab date. If you have a date scheduled before March 2014 then you should be fine. If your date is after February 2014 then I would recommend you move it up ASAP. The longer we go into November the more likely the new blueprint date has been pushed back by Cisco.

Additional v4 bootcamps will be added to the schedule before the March 2014 changeover. We will start transitioning the current bootcamps over to version 5 around the first of the year. For the self-paced products we will start releasing labs and videos covering the new blueprint in November. 90% of the material from the version 4 blueprint will carry over to the version 5 lab blueprint. Topics you can skip for the routers will be Frame-Relay, PfR, WCCP, Zone-Based Firewall along with technologies that are not supported in IOU L2/IOL L2. Here is a list of features we may not see for the layer 2 section since the switches will be virtual.

1) QinQ Tunneling
2) ISL trunks
3) DHCP Snooping
4) Layer 3 Port Channel
5) Private VLANs
6) SPAN/RSPAN/ERSPAN

Post any questions you have about the new blueprint changes and I’ll start creating a FAQ below:

Q) I purchased the version 4 self-paced material so will I be covered for the version 5 products?
A) Yes.

Q) Will I have to pay anything for get the new version 5 material?
A) No.

Q) I attended an R&S CCIE v4 bootcamp so can I resit a v5 bootcamp for free?
A) Yes.

Q) Will INE offer racks for the new blueprint?
A) Yes. Although the lab is virtual it is still good to spend part of your preparation using real hardware as that is what you use in your day-to-day job. Towards the end of your preparation you can hone your skills using virtualized environment. We will be using the CSR along with real switches for the virtualized environments.

Q) What about my tokens?
A) Your tokens will carry over.

Q) I’m currently schedule for the lab after the v5 update. Can I still take the v4 lab?
A) No.

Q) Do you feel strongly that the announcement will come out in November?
A) I do feel confident that the announcement will be in November but it could slip since they are trying to align the Cisco 360 update to the lab release.

Tags: , , , ,

Oct
15

Starting next year Cisco will be offering the CCDE Practical Exam at many more locations beyond San Jose, Chicago, London, etc., and registration for the practical will be open up to the day before the exam. Another nice change is that candidates can take lunch break on their own time after finishing the second scenario in the exam, where previously they were required to wait until the set lunchtime was finished before continuing on with section 3. The specific announcement from Cisco is below, along with the link to the CCDE page which outlines exactly where the new locations will be.

Starting with the February 20, 2014 exam administration, the CCDE practical exam will be available at all Pearson Professional Centers (PPCs) worldwide. The ability to conveniently take the CCDE practical exam at a local PPC testing center eliminates the stress and expense of traveling to a remote exam location.

The overall exam administration experience has improved giving you more flexibility in the following areas:

Choosing your exam location:

  • The number of locations where this exam can be administered will  increase from 8 to 275

Registering  for the exam:

  • Registration will close one day before the test date
  • However, candidates are encouraged to register at least 45 days in  advance for most locations to guarantee PPC sites will be open for the required  nine hours to administer the CCDE practical exam

Breaking  for lunch:

  • Candidates can only take a lunch break after they finish section 2
  • Candidates are no longer required to take a lunch break simultaneously

There are no changes to the exam content, scoring methodology, or modular testing approach. See the FAQs for more detail

Oct
14

Congratulations go out to Keith Humphreys who recently passed his CCIE Service Provider Lab Exam on his first attempt! Keith was a student in a recent CCIE SPv3 Bootcamp that I taught in London, and posted a very inspirational story about his road to CCIE success on INE’s Online Commmunity. It’s a long one, but is definitely worth the read.

Congrats Keith!

Finally after years of preparation I have passed my 1st CCIE on my 1st attempt in Diegem, which is the party centre of the universe, isn’t it!? Below I will go through my preparation, what I did, when I did it and it’s probably all repetition of other peoples experiences but you only pass the CCIE for the 1st time once so I’m going to babble on cos this is my moment :D

Continue Reading

Tags: ,

Oct
13

I hope everyone enjoyed the IPv4 Route Redistribution session on Friday. The turnout was amazing to say the least. We got off to a late start due to needing to split the streams between servers as we had over 2000 people logged in accessing the session. Once we got rolling you can really see how excited I get working on routers ;-) In fact I’ll be doing a few of these R&S CCIE sessions a month going forward since the turnout is so good and I really enjoying do this. The flow for these new online sessions will be that I run every session twice to get enough video for a complete product. After that it’ll take about one or two weeks to get the final product through editing and into your members site depending on the length of the session. These videos will be free for any AAP member or R&S CCIE Bootcamp customer.

I’m going to be running the IPv4 Route Redistribution session again sometime after next week and span it over two days (6 hours each). I’ll publish labs for this next session so after you watch the videos you can go back and reinforce the concepts by doing the labs. Additionally I’ll publish the initial and final configurations for the video sessions along with the configurations I capture during each of the breaks. After that I’ll go through the videos and get the complete product released.

The next sessions will be MPLS L3 VPNs and IPv4 Multicast. Both of these will be ran twice with the first session being one day in length and the second two days. Also I’ll be fitting in a few smaller sessions in between covering other topics.

As a side note the R&S CCIE Version 5 update is just around the corner. The word is that we are looking at a April/May timeframe so I’ll try and get all of the R&S topics covered in these sessions by the end of January or mid-February. Most of the sessions will carry over to the R&S CCIE Version 5 blueprint if you aren’t planning on taking the R&S CCIE Version 4 lab.

Tags: , ,

Oct
08

Friday Oct 11th starting at 10am PDT I’m going to be holding an all day online R&S CCIE session covering IPv4 Route Redistribution Configuration and Troubleshooting. From the R&S CCIE Bootcamps I know that some of the more popular topics are IPv4 route redistribution, IPv4 multicast and MPLS L3 VPNs. I’m going to start with IPv4 route redistribution first since it can be covered in a single 5 to 6 hour session. I’ll cover the other two later this month as IPv4 multicast and MPLS L3 VPNs each needs to spanned over two days (two 6 or 7 hour sessions) to fully cover them. Let me know in the comments what other topics you would like to see done after. Please say SDN! ;-)

To sign up for the session click here. These sessions will be recorded and the configurations will be available so you can follow along with the recordings. I will be using the larger 32 device R&S topology which can be rented through your members site account.

Tags: , ,

Oct
07

INE’s new CCIE Security V4 Advanced Technologies Class continues this week, with a focus on ASA Firewall.  This week’s classes will run Wednesday Oct 9th – Friday Oct 11th at 10:00 PDT (17:00 GMT) daily, with class days running typically about 4 hours each.

Anyone with an active All Access Pass subscription or that has previously purchased the download version of the SCv3 ATC can attend the live sessions. The link to join class can be found at the top of the Members Site dashboard, or direct at http://ine.co/scv4.

Specifically this week’s classes will focus on the following topics:

  • Security Levels
  • Access Lists before and after 8.3
  • Routed vs. Transparent Firewall
  • Single vs. Multi Context Mode
  • Active/Standby vs. Active/Active Failover Mode
  • ASA Routing
  • NAT before and after 8.3
  • ASA Modular Policy Framework and Application Inspection
Sep
26

The R&S CCIE Volume 2 workbook has been ported to our new web format (see below). This format allows you to add bookmarks, add notes (both private and public notes) and ensures you always have the latest version. Additionally you can submit feedback directly to the Development and Editing teams from within workbook. We are also working on integrating our IEOC forum directly into the workbook and plan on having it available late October.

For the notes, we are currently implementing a rating system that will allow you to rate a public note posted by someone else. This will allow you to filter public notes that are not above a certain rating if desired. This new public notes feature will be really popular based on the feedback we have received from the beta testers. The R&S Volume 2 in the new web format will be released next week.

R&S Volume 3 workbook has been updated. This updated version will be available later this week in your members site account. This is the last major update to Volume 3 before it is retired and integrated into the new single R&Sv5 blueprint based workbook we are already developing.

FAQ:
Q – Will I automatically get the new workbook when its released next week if I have the current workbook?
A – Yes. The workbook will automatically show up in your members site account next week.

Q – Will I be able to view it offline?
A – Yes. A PDF version will automatically be generated when a change is made to the workbook.

Q – Can I view it on my tablet?
A – Yes the new format is pure HTML5 which is support by all modern tablet web browsers. This is the first step before we release it as an iPad/iPhone app and Android app. The tablet app will allow you to take the workbooks “offline” and still make notes, bookmarks, etc that will sync up when you get back online.

Q – Does this include new material?
A – We had to freeze any development while the workbook was ported to the web. Now that the workbook is up we’ll start adding new content. We have 3 additional labs to add to the workbook now.

Lastly Volume I is currently being ported to the web and I’ll release it in chunks as each section is finished. Currently the IP Routing section has been ported. I’m reviewing it before release and adding more PfR/OER labs.

R&S Online Workbook

Tags: , , ,

Sep
25

Below is a good write-up by now dual CCIE 35565 IEOC user ndiayemalick after passing the SP lab:

Hello IEOC,

I have passed the CCIE SP Lab yesterday at Brussels. The results came in pretty fast around 10 PM. I will share my experience here. I will only share things pertaining to the SP lab. There are many other posts about the lab in general, preparations, what to expect, the proctors, etc…. Here we go:

  • Don’t forget to commit your changes
  • Don’t forget to create the BGP_PASS RPL to allow eBGP routes to pass
  • Check each and every step on the way. You do not want to be troubleshooting CSC problem because one of your LDP session was not up.
  • Logging is disabled on all the IOS devices with “no logging on / no logging console”. I enable it but checked with the proctor who told me to make sure to put disabled it back at the end of my lab, which I did. Do not assume anything, you have a doubt, ask the proctor.
  • Keep track of :
    BGP peerings (Route reflector for IPv4/IPv6 VPNv4/VPNv6)
    RPs per site
    MSDP Peerings
  • Use the command ‘ip route profile’ to make sure that your routing is stable.
  • There’s a lot of reverse engineering in the lab. Many things are pre build for you with many many faults in IPv4 and IPv6 for all address families so know even worst get acquainted your protocols (BGP, OSPF, IS-IS,EIGRP, RIP, PIM) for both address families
  • Verify all your neighboring as you go. OSPF, IS-IS, BGP, LDP, RSVP, PIM,etc… You do not want to troubleshooting OSPF neighboring because your MPLS TE is not working. You can waste a lot of time. Things build up as go. The further you go in the lab, the harder it will become to see small details.
  • Besides the DOC-CD, Notepad is your next best friend. Many configurations are repetitive. You will gain time and reduce the chance of making a mistake by using it. I had 3 notepad widows one for TCL scripts, another one called “AT THE END” to put back the configurations I changed like logging, and another one for copy/paste configs to save time.
  • Read the lab end to end before starting type. Every word is important. The lab is pretty self explanatory but you have to know your stuff hence you need speed and accuracy.
  • It’s harder than the R&S lab but easier because to study because of less topic to focus on.
  • Sent private emails to Brian and he helps out a lot. Even Mark Snow was available to meet me personally in Columbus, Ohio. How cool is that ?
  • I was tested on all possible PE-CE Routing protocols, filtering and loop avoidance techniques.
  • Use TCL scripts to check reachability for all address families. It’s crucial. SP is all about reachability and doing the way they wanted it.
  • Found 2 typos in the lab: OPSF instead of OSPF and PIM-SW instead of PIM-SM. I was kind enough to send a feedback

Trivials:

  • during the end, my Internet Explorer froze. After killing the process in the Task Manager, I was not able to log back in the lab to display the tasks. I still had access to the devices. After multiple attemps with the proctor, we decided to save my configs and logg off. By doing that, I lost all my TCL scripts and notepad notes. Lesson: do not open multiple IE windows even when going for the documentation.
  • Request for reread after passing the lab ?????: You can request a reread even when you pass the lab. How stupid is that?????
  • Now INE owes me 2 CCIE shirts

Do not hesitate if you have questions, I will help out as much as I can without breaking NDA of course ;)

Read the replies to this post on IEOC here :

Tags: , ,

Sep
25

Yesterday marked the kickoff of the new CCIE Security v4 Advanced Technologies Class. In our first session we discussed the scope of the new CCIE Security Version 4.0 blueprint, recommended readings (which can be found at the bottom of this post), the new format of class, and technical topics that included stateless traffic filters on IOS with standard ACLs, extended ACLs, time-based ACLs, and dynamic ACLs.

Going forward the SCv4 ATC will be delivered over the next 4 – 6 weeks as shorter, more spread out class days, typically of about 4 hours apiece.  The specific class schedule will be posted here on the blog at least a week in advance so you can plan which sessions you want to attend live.  Anyone with an active All Access Pass subscription or that has previously purchased the download version of the SCv3 ATC can attend the live sessions. The link to join class can be found at the top of the Members Site dashboard, or direct at http://ine.co/scv4.  In the short-term the next upcoming class sessions are as follows:

  • 2013-09-26 10:00 PDT (17:00 GMT) – Reflexive ACLs, CBAC, & ZBPF
  • 2013-09-30 10:00 PDT (17:00 GMT) – Advanced ZBPF

A longer-term schedule will be posted after the weekend.  In general, the class flow will follow the below outline. If you have specific topics requests for class please feel free to post a comment below and I will take it into account.

Continue Reading

Sep
23

Starting tomorrow, September 24th 2013 at 10:00 PDT (17:00 GMT), I will begin the running the new CCIE Security Advanced Technologies Class for the newest version 4.0 blueprint. Online streaming of tomorrow’s class is free for anyone to attend. Simply login to http://members.ine.com and then browse to the streaming url of http://ine.co/scv4.  A link to the streaming page is also located in the members dashboard.

Tomorrow’s class will start with an introduction about the scope of the CCIE Security v4 blueprint, including the hardware and software versions, as well as the specific technologies within the scope, and then will continue with the technical topics of IOS Firewall, including stateless ACL filtering and stateful filtering with both CBAC and ZBPF.

The format of this class will be a little different than previous iterations of ATCs for Security, R&S, SP, etc.  Instead of running a 5-day class with 8 – 10 hours per day, the class will be spread out over the next 4 – 6 weeks in smaller increments.  This will allow you to plan your study schedule more accordingly, and ideally not have to take a full week or more of vacation time or PTO in order to attend the sessions.  More details of the specific class schedule will be discussed during the class intro tomorrow.

Beyond tomorrow’s class, anyone with a currently active All Access Pass subscription or that has previously purchased the CCIE Security ATC Download will be able to attend the live streaming sessions.  Streaming and download versions of the class recordings will be available sometime around November, but more updates will be posted as the live class progresses.

I hope to see you in class tomorrow!

Categories

CCIE Bloggers