Today's CCENT-level challenge involves the methods that are commonly used to describe and compare modern network infrastructures regarding such things as performance and structure.

ICND1-1: What common descriptive  characteristic for a modern network often encompasses a measure of the probability of a network failure called the Mean Time Between Failures or MTBF?

Answer: _________________


In our recent Implement Layer 2 Technologies series, we examined Q-in-Q tunneling in great detail. In this discussion, I mentioned a big caution about the Service Provider cloud with 802.1Q trunks in use for switch to switch trunking. This caution involved the use of an untagged native VLAN.

You see, this configuration could lead to what is known as the VLAN hopping attack. Here is how it works:

  1. A computer criminal at a customer site wants to send frames into a VLAN that they are not part of.
  2. The evil-doer double tags the frame (Q-in-Q) with the outer frame matching the native VLAN in use at the provider edge switch.
  3. The provider edge switch strips off the outer tag (because it matches the native VLAN), and send this frame across the trunk.
  4. The next switch in the path examines the frame and reads the inner VLAN tag and forwards the frame accordingly. Yikes!

Notice the nature of this attack is unidirectional. The attacker can send traffic into the VLAN, but traffic will not return. Admittedly, this is still NOT something we want taking place!

What are solutions for the Service Provider?

  1. Use ISL trunks in the cloud. Yuck.
  2. Use a Native VLAN that is outside of the range permitted for the customer. Yuck.
  3. Tag the native VLAN in the cloud. Awesome.

You will find the answer to today's CVOICE Exam Practice in the comments area of the blog approximately 24 hours after the post. Have fun!

CVOICE-1: Cisco Unified Communications gateways support various VoIP signaling protocols. For each description below, provide the signaling protocol that is described:

A. This protocol specifies the commands and responses to set up and tear down calls. It also details features such as security, proxy, and transport control protocol (TCP or User Datagram Protocol [UDP]) services. It is a text-based protocol that borrows many elements of HTTP, using the same transaction request-and-response model and similar header and response codes.


B. This protocol definition controls VoIP gateways that are connected to external call control devices, referred to as call agents.


C. This standard specifies the components, protocols, and procedures that provide multimedia communication services—real-time audio, video, and data communications—over packet networks, including IP networks. The protocol is part of a family of ITU-T recommendations.


D. This Cisco proprietry protocol is used between Cisco Unified Communications Manager and Cisco Unified IP phones.



Beginning January 17th, 2011, Cisco will add Layer 2 Switch Troubleshooting to the 2 hour Troubleshooting section of the lab exam. Like the Layer 3 Troubleshooting that you will perform, these switches are emulated devices using Cisco's IOU product - that stands for IOS on UNIX and is a similar approach to the popular Dynamips platforms. Cisco calls the ability to emulate switches on UNIX - L2IOU.

As you know, INE has been addressing Layer 2 Troubleshooting in all of our CCIE R&S products for a long time - so there will be few modifications that need to be made. I realize that change does cause some level of fear among students studying hard for this exam. I will be sure to schedule a free vSeminar next week to chat about this latest exam format and answer your questions. Watch the blog for the date and time of that vSeminar.

By the way, Cisco announced this change on the Cisco Learning Network this week. Here is the original post.


One of the most important technical protocols on the planet is Open Shortest Path First (OSPF). This highly tunable and very scalable Interior Gateway Protocol (IGP) was designed as the replacement technology for the very problematic Routing Information Protocol (RIP). As such, it has become the IGP chosen by many corporate enterprises.

OSPF’s design, operation, implementation and maintenance can be extremely complex. The 3-Day INE bootcamp dedicated to this protocol will be the most in-depth coverage in the history of INE videos.

This course will be developed by Brian McGahan, and Petr Lapukhov. It will be delivered online in a Self-Paced format. The course will be available for purchase soon for $295.

Here is a preliminary outline:

Day 1 OSPF Operations

●      Dijkstra Algorithm

●      Neighbors and Adjacencies

○   OSPF Packet Formats

○   OSPF Authentication

○   Link-State information Flooding

●      Concept of Areas

○   Notion of ABR

○   Notion of ASBR

●      Network Types

○   Flooding on P2P Links

○   Flooding with DR

○   Topologic Representation

●      The Link State Database

○   LSA Format (Checksum, Seq#, etc)

○   LSA Types

○   LSA Purging

●      The Routing Table

○   How is RIB computed from LSDB

●      Flooding Reduction

○   DNA bit

○   DC Circuits

○   Database Filter

Day 2 Configuring OSPF

●      Basic Configurations

○   Setting Router IDs

○   OSPF and Secondary Addresses

●      NBMA Networks

○   Selecting Network Type

○   Ensuring peer reachability

●      Special Areas

○   Stub Area Types

○   Routing in NSSA Areas

●      OSPF Summarization

○   Internal vs External

●      Virtual Links

○   Transit Capability

○   Summarization and Virtual Links

Day 3 Advanced Topics and Troubleshooting

●      OSPF Fast Convergence

○   L3 and L2 interaction

○   SPF and LSA Throttling

●      OSPF Tuning

○   LSA Pacing

○   Hello Timer Tuning

○   Max-Metric LSA

●      OSPF in MPLS Layer 3 VPNs

○   Superbackbone

○   MP-BGP extensions for OSPF

○   Loop-Prevention Concepts

○   Sham-Link

●      Inter-Area Loop Prevention Caveats

●      Key OSPF Verifications

●      OSPF Troubleshooting Process

○   Adjacency Problems (e.g. MTU issues)

○   Intra-area reachability (e.g. network types mismatch)

○   Inter-area reachability (e.g. summary LSA blocking)

○   Troubleshooting VLs and SLs


INE is happy to announce a new class dedicated to the recently introduced Cisco Certified Design Expert (CCDE) certification. The first CCDE Practical Bootcamp is to be run on May 1-5th in Chicago, right before the actual CCDE practical exam that is scheduled on May 6th. Our goal was designing a "last-week" refresher and booster class to finalize your CCDE exam preparation. Students are assumed to have solid theoretical knowledge of the exam's technology base prior to attending. This blog posts gives you a quick overview of the class structure and pre-requisites you should meet in order to benefit the most from this training offer.

Technologies You need to Know.

Firstly, here is a short list of the topics you need to master before enrolling into the bootcamp. In essence, this is a condensed version of the CCDE Written exam blueprint. It is highly recommended that you pass the CCDE Written test prior to attending the CCDE Practical bootcamp. We schedule classes right before the actual exam date and it gives you perfect chance to take the exam right after the bootcamp.

  • Routing
    • OSPF
    • EIGRP
    • ISIS
    • BGP
    • Traffic Engineering
    • Scalability Features for IGPs and BGP
    • Convergence Tuning
    • Redundancy and Resilience
    • Multicast Routing
    • L3 and L2 interaction
  • Tunneling
    • IP Tunneling: P2P and MP
    • MPLS TE
    • Control and Data Plane Separation
    • VPNs: L3 and L2, P2P and MP
  • Security
    • Security Policy Requirements
    • Policy Enforcement Points
    • Access Control: Firewalls and Authentication/Authorization
    • Confidentiality: Encryption and Compartmentization
    • Well-known attacks and countermeasures
  • QoS
    • Applications and their requirements
    • Diff-Serv QoS Model and Tools
    • Int-Serv QoS Model
    • Capacity Planning and Over-provisioning
  • Management
    • Network Monitoring Tools: SNMP, Netflow, RMON, Counters, ACLs etc
    • Monitoring Tools Placement and their impact
    • Information Aggregation
    • OOB and IB management

Recommended Reading

We already published a very detailed reading list for CCDE Practical preparation previously, in the publication titled CCDE Practical Exam Recommended Reading. Here is the list of the books you probably want to brush upon before the class:
Definitive MPLS Network Designs by Jim Guichard et al. Your primary handbook when preparing to the practical exam.
IS-IS: Deployment in IP Networks by Russ White and Alvaro Retana. Good reading on ISIS, provides some design ideas and covers advanced topics.
EIGRP for IP: Basic Operation and Configuration by Russ White and Alvaro Retana. Good reading on EIGRP network designs.
BGP Design and Implementation by Randy Zhang Excellent Reading on BGP, missing some “new” features such as BGP next-hop tracking, but perfect for advanced BGP understanding.
OSPF and ISIS: Choosing an IGP for Large Scale Network by Jeff Doyle. Optional. Excellent additional reading on OSPF and ISIS and routed network design.
Routing TCP/IP Volume II by Jeff Doyle (Multicast sections). This book provides excellent Multicast routing overview. Read over Chapters 5-7, and possibly Chapter 4 (NAT). Multicast is not a huge part of CCDE, but you definitely need to know it.
Optimum Routing Designs by Russ White and Alvaro Retana. You may mainly concentrate on IGP protocols designs and IGP-specific appendices (Part I, Part II and Appendix A-E). I recommend reading this book after you have completed the previous ones on the list.

Class Structure

The class is designed as a series of mock scenarios, mimicking the real exam structure as closely as possible, without using the actual exam software. Every class day is built around a practical case study, presented as series of initial documents and followed by additional information as the scenario evolves. The following are the main logical steps followed in every scenario. Notice that every scenario involved technologies from the main technology domains listed above.

  • Extract and Analyze Design Requirements
    • Identify key components of existing network design
    • Identify the set of requirements presented in the initial documents
    • Gather additional information as you deem necessary to clarify requirements
    • Classify type of design problem and apply solution templates
  • Translate Functional Specification into Network Design
    • Choose the correct technology to resolve a specific network design problem
    • List alternate options and describe how they fit the particular problem
    • Balance scalability, resilience and supportability with your solution
  • Create an Implementation plan
    • Evaluate the impact of implementation options.
    • Develop step-by-step plan for implementing your design
  • Explain and Justify your design choices
    • Explain how network design choices match functional specifications.
    • Justify technology choices based on technical requirements.

Students will participate into "interactive" exam solution process, discussing various technology options and reasoning for using one over another. As mentioned, there are going to be five different design scenarios: two centered around Enterprise networks, two dedicated to SP networks and one scenarios discussing generic protocol design issues. Every scenario is centered around a different type of design problem: e.g. new application, network growth, design problem etc. By the end of the class, students will receive the slide decks used for class presentation as well as scenarios and their condensed solution guides.


There are no official CCDE Practical training programs designed by Cisco Systems. The class we are offering is not intended to be all-in-one solution for preparing you to the practical exam, but rather a strong refresher of your design skills, a session that summarizes the body of knowledge you need to pass the exam and gives you some look and feel of the real thing. The class does not cover theoretical aspects of networking technologies, so you are assumed to posses knowledge equivalent to the one found in CCDE Written blueprint. A typical class candidate is someone who already holds CCIE title and have passed the CCDE Written test.


Join me tomorrow, October 22nd at 12:00 PM PST / 3:00 PM EST, for the free vSeminar: Unified Mobility Interactions with Local Route Group and Globalization.

To attend this free vSeminar, use the following URL tomorrow at 12:00 PM PST / 3:00 PM EST: Unified Mobility Interactions with Local Route Group and Globalization

In case you missed any previous vSeminars, be sure to check out the recent updates here.

If you are interested in learning more about technologies covered by the CCIE Voice Lab Exam, check out INE's Voice Deep Dive. The CCIE Voice Deep Dive is the ideal way to gain in-depth knowledge about specific topics and technologies. We've now just completed 17 modules, and unlike other Class on Demand's that only go to 20 or possibly 25 hours, ours now span over 95 hours of training, and we still have more to go. It truly doesn't get any "deeper" than this. We will post an update with the complete new table of contents to these 3 newly released Deep Dive modules on CUCME, next week.

Hope to see you tomorrow!


CCIE instructors see the question time and time again - are we penalized for “over-configuration” in the CCIE lab exam? The answer - “not typically”. Let us walk through some examples to see exactly what we are talking about here.

First of all, I encourage students to ask two questions when they are about to “over-configure” something. Question 1 - can this additional configuration I am about to make actually gain me points (might Cisco be grading for it)? Question 2 - can this additional configuration I am about to make actually hurt me (cause point loss)? If the answers are a resounding YES and NO, then it is definitely a configuration you should consider making.

A simple example would be setting a Layer 2 switch port for a VLAN with:

<span>switchport access vlan 100</span>


switchport mode access
switchport access vlan 100

Might Cisco be grading for the specific configuration of DTP mode OFF on the port, perhaps. So the answer to the first question is YES. Notice, on the other hand, this configuration should not cost us points in any way, so the answer to the second question is NO. We see that these questions lead us to the conclusion...if it can only help us and not hurt us - GO FOR IT!

While many times we are not penalized for over-configuration, remember that we are always looking for the simple, time-saving, straightforward solution to the task at hand. I have seen ridiculous amounts of silly over-configuration from students that do not understand this principle. One example that comes to mind is the student that is asked to iBGP peer between R1, R2, and R3 using AS 100. The student then takes it upon himself to configure peer groups, loopback peerings, and router-IDs. All of this is for “good measure” and absolutely none of it was required and gained the student any points! In fact, when asking the second question about the over-configuration causing point-loss, the answer here might be...”yes, it can cause point loss because I am wasting so much time!”

Let us also remember that the key to solving the CCIE lab exam comes down to reading very carefully and following explicit instructions versus implicit instructions that exist in the task. Often times we discover additional configuration steps that we should take due to implied requirements.

I discuss this issue in greater detail in the following blog post:



Encoding and Modulating

Questions Only

What form of CSMA does 802.11 use?

What does DCF stand for?

Your wireless station heres someone transmit and waits the duration heard plus what value?

What logically seperates WLANs?

Name three requirements to roam between two autonomous APS.

What method causes changes to the characteristics of the RF signal?

What method changes the RF to make 0 and 1s?

What is the strength of a radio signal called?

What is the timing of the signal between peaks called?

How often the signal repeats in a second is called what?

What is the most popular frequency range for WLAN used today?

How many channels are used in the 2.4 GHz range?

How wide is each channel in the 2.4 GHz range?

What is the sending of 11 bits with each data bit?

Complimentary Code Keying is used with what speeds?

How many bits per symbol do you have with Differential Binary Phase Shifting?

How many bits per symbol encoded per symbol with DQPSK?

OFDM is used in which two 802.11 standards?

What is the technology used in 802.11n that uses multiple antenna?

As a client moves away from an AP, what happenes to the sending and receiving rate?

Questions and Answers

What form of CSMA does 802.11 use?

Collision Avoidance

What does DCF stand for?

Distributed Coordinated Function

Your wireless station heres someone transmit and waits the duration heard plus what value?

DCF Inter Frame Spacing (DIFS)

What logically seperates WLANs?

Service Set Identifiers (SSIDs)

Name three requirements to roam between two autonomous APS.

Sames SSID; Non-overlapping channels; 15% overlap

What method causes changes to the characteristics of the RF signal?


What method changes the RF to make 0 and 1s?


What is the strength of a radio signal called?


What is the timing of the signal between peaks called?


How often the signal repeats in a second is called what?


What is the most popular frequency range for WLAN used today?

2.4 GHz

How many channels are used in the 2.4 GHz range?


How wide is each channel in the 2.4 GHz range?

22 MHz

What is the sending of 11 bits with each data bit?

Barker Code

Complimentary Code Keying is used with what speeds?

5.5 Mbps and 11 Mbps

How many bits per symbol do you have with Differential Binary Phase Shifting?


How many bits per symbol encoded per symbol with DQPSK?


OFDM is used in which two 802.11 standards?

802.11a and 802.11g

What is the technology used in 802.11n that uses multiple antenna?


As a client moves away from an AP, what happenes to the sending and receiving rate?

Shifts down with Dynamic Rate Shifting


When we ask students “what are your weakest areas” or “what are your biggest areas of concern” for the CCIE Lab Exam, we typically always here non-core topics like Multicast, Security, QoS, BGP, etc. As such, INE has responded with a series of bootcamps focused on these disciplines.

The IPv4/IPv6 Multicast 3-Day live, online bootcamp, and the associated Class On-Demand version seeks to address the often confounding subject of Multicast. Detailed coverage of Multicast topics for the following certifications is provided:

Cisco Certified Network Professional (CCNP)

Cisco Certified Design Associate (CCDA)

Cisco Certified Design Professional (CCDP)

Cisco Certified Design Expert (CCDE)

Cisco Certified Internetwork Expert Routing & Switching (CCIE R&S)

Cisco Certified Internetwork Expert Service Provider (CCIE Service Provider)

Cisco Certified Internetwork Expert Security (CCIE Security)

To purchase the live and on-demand versions of the course for just an amazing $295 - just click here. The live course runs 11 AM to 6 PM EST US on September 29,30, and October 1.

The preliminary course outline is as follows:

  • Module 1 Introduction to Multicast

Lesson 1 The Need for Multicast

Lesson 2 Multicast Traffic Characteristics and Behavior

Lesson 3 Multicast Addressing

Lesson 4 IGMP

Lesson 5 Protocol Independent Multicast

  • Module 2 IGMP

Lesson 1 IGMP Version 1

Lesson 2 IGMP Version 2

Lesson 3 IGMP Version 3

Lesson 4 CGMP

Lesson 5 IGMP Snooping

Lesson 6 IGMP Optimization

Lesson 7 IGMP Security

Lesson 8 Advanced IGMP Mechanisms

  • Module 3 Protocol Independent Multicast Forms

Lesson 1 Dense Mode

Lesson 2 Sparse Mode

Lesson 3 Sparse-Dense Mode

Lesson 4 Bidirectional PIM

Lesson 5 PIM on NBMA Networks

  • Module 4 Rendezvous Points

Lesson 1 Static Configuration

Lesson 2 AUTO-RP

Lesson 3 BSR

Lesson 4 Hybrid RP Assignment Approaches

  • Module 5 Connecting PIM Domains

Lesson 1 MSDP

Lesson 2 MSDP Configurations

Lesson 3 MSDP to Anycast

  • Module 6 Multicast Tools

Lesson 1 Rate Limiting

Lesson 2 Multicasting with Tunnels

Lesson 3 Multicast Helper

Lesson 4 Miscellaneous Other Tools and Features

  • Module 7 IPv6 Multicast

Lesson 1 PIM

Lesson 2 RP Assignments

Lesson 3 MLD

Subscribe to INE Blog Updates