Bridging the gap between CCIE RS and SP

BGP fast-external-fallover – Common confusion

21500 — Mon, 01 Feb 2010 13:01:19 +0000

Most will know the feature and what it does, but to recap the process level command:

R5(config-router)#bgp fast-external-fallover

R5(config-router)#no bgp fast-external-fallover

This feature will enable fast fallover in the event of a link failure for all neighbors peers. In layman terms shutdown the bgp neighbor as soon as the interface reset is detected and not wait for the holddown timer to expire.

Then the interface command:

R5(config-if)#ip bgp fast-external-fallover permit

R5(config-if)#ip bgp fast-external-fallover deny

This is used to overwrite the process level command. Therefore if the feature is enabled under the bgp process, which is on by default, and a specific client interface is flapping frequently, the interface level command can be used to keep the client peer from flapping due to the fast-fallover and prevent upstream peers from dampening the client routes. Fast-fallover is important in multihomed scenarios where it is useful to shut the neighbor as soon as possible in order to avoid packet drops.

But the real reason for this post is that I have seen this a couple of times configured in both (RS) INE and (SP) IPX workbooks with the incorrect interface level command:

R5(config-if)#no ip bgp fast-external-fallover

This will have no effect, except removing previous fast-fallover config. Beware of this common confusion between the two syntaxes. The correct interface level configuration is to use permit or deny.

Old habits: Soft-Reconfiguration

21500 — Sat, 30 Jan 2010 09:37:46 +0000

While on the subject of old habits, I had to mention this one. I remember back when studying for CCNA and maybe even CCNP that it was always recommended to configure soft-reconfiguration in order to propagate route policy updates/changes without hard resetting the bgp neighbor. This is one of those things that sometimes just becomes routine, a habit, something that is just pasted into new configs and forgotten about. Well it might be time to shake this one off as well.

In brief terms the soft-reconfiguration command will allow a ’soft’ reset. The tcp session between the two bgp peers will not be reset but new policy changes will take effect. E.g, a new route-map filter is applied. Therefore a way to cause minimal damage to overall stability of the network.

A decade or so ago RFC 2918 Route Refresh for BGP-4 September 2000 was published which made the soft-reconfiguration redundant. Two bgp peers that support the route refresh capability can implement a soft reset without any preconfiguration. In order to determine whether a peer support this capability:

show ip bgp nei 11.11.7.11
BGP neighbor is 11.11.7.11, remote AS 11, external link
BGP version 4, remote router ID 150.140.130.120
BGP state = Established, up for 00:03:27
Last read 00:00:27, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(new)

Extract from: http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfbgp.html#wp1001128

To use soft reset without preconfiguration, both BGP peers must support the soft route refresh capability, which is advertised in the OPEN message sent when the peers establish a TCP session. Routers running Cisco IOS software releases prior to Release 12.1 do not support the route refresh capability and must clear the BGP session using the neighbor soft-reconfiguration router configuration command. Clearing the BGP session in this way will have a negative impact upon network operations and should only be used as a last resort.

Table 8 Advantages and Disadvantages of Hard and Soft Resets
Type of Reset	Advantages	Disadvantages
Hard reset	No memory overhead.	The prefixes in the BGP, IP, and Forwarding Information Base (FIB) tables provided by the neighbor are lost. Not recommended.
Outbound soft reset	No configuration, no storing of routing table updates.	Does not reset inbound routing table updates.
Dynamic inbound soft reset	Does not clear the BGP session and cache. Does not require storing of routing table updates, and has no memory overhead.	Both BGP routers must support the route refresh capability (in Cisco IOS Release 12.1 and later releases).
Configured inbound soft reset (uses theneighbor soft-reconfiguration router configuration command)	Can be used when both BGP routers do not support the automatic route refresh capability.	Requires preconfiguration. Stores all received (inbound) routing policy updates without modification; is memory-intensive. Recommended only when absolutely necessary, such as when both BGP routers do not support the automatic route refresh capability.

Now what does this really mean to you and me? The memory consumption used by soft-reconfiguration since all routes from a neighbor with soft-reconfig configured will be stored in memory. For example a peer might send a full table but the router is filtering all neighbor AS and neighbor client AS’s. Although only a few thousand routes might be inserted into the bgp table from this neighbor, the router still has to keep the remaining 200k+ routes in memory. If the router has a couple on these peers, it will probably not scale well. By relying only on the route refresh feature, the router will be able to scale to far more peers.

In an enterprise environment with less routes, an old 3600 might still be active in the BGP routing domain and become unstable due to running out of memory. Removing the legacy “soft-reconfiguration” configuration might be the healing touch it needs.

Another day, another CCIE track – SP Operations

21500 — Mon, 25 Jan 2010 18:14:57 +0000

I initially started with this post and thought hard about whether this post is a knee jerk reaction to another SP track. A couple days later and nothing has changes. CCIE SP Ops is still not a winner.

Sometimes when news is made you either get a positive or negative vibe. When the rumors surfaced about CCIE Data Center, I had a positive vibe about it, from the speculation it just seems the right fit. A track that is needed by industry demand. A year ago when Cisco released CCIE Wireless, I had the same thoughts: ‘This is exactly what the industry needs’. Today Cisco announce CCIE SP Operations and my first impression is that this is going to be another CCIE Design or Storage. Is Cisco expanding with too many tracks too soon?

SP Operations will cover Cisco’s IP NGN which I have said on a couple of occasions should be on the SP track. Cisco IP Next Generation Network buzz is largely based on Carrier Ethernet. In very compact form, a mass migration from proprietary SONET/SDH/ATM onto Cisco Metro Ethernet and EoMPLS. I say Cisco Metro because it is an all Cisco or no Cisco affair since Cisco Metro Ethernet does not play ball with others well. This is largely due to not supporting standards QinQ 802.1ad on the Metro switches. From what I read in ‘future’ releases they would, but read between the lines, once they have the monopoly on Carrier Ethernet.

I have no doubt Cisco has put a lot of research into this track, but I think they overlooked the most important aspect. CCIE SP has been neglected for years and has been begging for an upgrade. People have been talking about the outdated ATM/Frame and no relevant Layer2 VPN for ages. This is a personal opinion but I don’t believe IP NGN warrants a CCIE track on its own and again a personal opinion I don’t believe MPLS L3VPN does either. A mixture of the two however makes a lethal combination.

Another aspect of a new qualification is the time and numbers it takes in order to get market recognition. SP is only at a very late stage maturing into a track that is generally known and accepted in the industry. Will Cisco dumb down the SP Operations track in order to get the numbers out which will ensure engineers build another proprietary carrier network empire? Yes, sounds like a brilliant business plan. The second part will be the cost in preparing for XR, this one is not going to be cheap. Perhaps Cisco will sponsor (read: leak) a simulator?

It is still early days and not much about CCIE SP operations is known to make a informed judgement, but I get the gut feeling this is a track developed by Business/Sales in order to push a revenue stream rather than demand from the industry. While a lot is still unknown, this is my initial conclusion: SP operations has all the right ingredients for another epic fail.

From the general outline of the SP Operations written:

1.0 Manage the network fault management system
1.1 Develop a fault management process for a managed network environment collaboratively with the tools team
1.2 Determine the interaction between the fault management system and the ticketing system in collaboration with the tools team
1.3 Determine the method to gather appropriate metrics for an established fault management process

2.0 Manage performance and capacity
2.1 Identify spikes and potential trouble spots based on syslog and/or Network Management System (NMS) output
2.2 Develop a plan to solve a particular performance issue based on syslog and/or Network Management System (NMS) output
2.3 Identify the Network Management System (NMS) metrics and SLA metrics that will be needed in order to further troubleshoot a specific problem communicated orally, written, etc.
2.4 Develop a plan to establish a baseline and monitor the network in conjunction with the tools and performance groups
2.5 Create baseline network performance in conjunction with engineering and architecture teams
2.6 Monitor the network to look for variances against the baseline
2.7 Edit existing scripts which enable a network baseline management plan in conjunction with the tools and performance groups

3.0 Manage operations processes
3.1 Collaborate with the process team and NOC management on process development to meet a desired network operational objective
3.2 Develop a specific prototype and test plan for a particular planned network change, working collaboratively with the engineering and design groups
3.3 Develop, for a particular network, a list of needed tools working collaboratively with the tools team
3.4 Develop a detailed operations plan including metrics and reporting functions for a particular network working collaboratively with the process team
3.5 Develop a process change action plan based on the results of a network audit
3.6 Develop and maintain a spares plan for a particular network

4.0 Troubleshoot and fix reachability and transport problems within the network
4.1 Identify predecessor steps that have not been executed based on an escalation ticket dealing with reachability
4.2 Determine whether to fix or escalate a ticket dealing with reachability
4.3 Identify the area(s) causing a complex reachability problem of unknown origin
4.4 Troubleshoot a complex routing problem and, considering the technical aspects, determine the risks and fix it
4.5 Troubleshoot a complex security problem and, considering the technical aspects, determine the risks and fix it

5.0 Identify problems in implementation plans
5.1 Find issues of a rollout plan received from engineering before deployment
5.2 Identify hardware which is not backwards compatible on a new service rollout plan
5.3 Find hardware that needs operating system upgrades on a new service rollout plan
5.4 Review and provide recommendations on areas in which NOC support plans will not be sufficient on a new service rollout plan

6.0 Troubleshoot and fix network performance problems
6.1 Identify predecessor steps that have not been executed based on an escalation ticket dealing with network performance
6.2 Determine whether to fix or escalate a ticket dealing with network performance
6.3 Determine whether to fix or where to escalate a core network fault
6.4 Identify the source of a complex network performance problem
6.5 Troubleshoot a complex network performance problem and, considering the technical aspects, determine the risks and fix it
6.6 Identify a complex application performance problem and isolate it
6.7 Identify a complex computing device (server, call manager, etc – not the network or application) performance problem and isolate it
6.8 Troubleshoot a complex traffic pattern problem and, considering the technical aspects, determine the risks and fix it
6.9 Troubleshoot a complex, chronic performance problem and, considering the technical aspects, determine the risks and fix it

Identify spikes and escalate tickets? My word, what is Cisco doing? Sounds more like a CCNA blueprint. Perhaps just trust and put faith in the network giant? Hope this does not destroy the CCIE reputation.

Autonegotiate – The debate continues

21500 — Fri, 15 Jan 2010 23:14:31 +0000

The saying, old habbits die hard holds true to this one. Quite a while ago I read an article by Greg Ferro regarding the force speed and duplex myth. Today I stumbled on Terry Slattery’s blog regarding the same “autonegotiate duplex or not“ topic. For those that dont know Sir Slattery, he is practically CCIE#1. Yes, the first man on the moon. While I accept each person has his own opinion based on past experience, consider reading these two posts with an open mind.

The fundamental problem I have with the “Force All” practice is the administrative overhead with duplex mismatching. I found that problems caused due to this practice out weigh the problems solved by 100:1, in fact it might be more. Besides the network overhead there is also the system administrative overhead as forcing needs to happen on both sides or in a LAN scenario the helpdesk overhead when a techinician needs to force settings on all workstations.

Problems happen when ports are forced in order to make them shut up and stay up. I could compare this to a situation where my wife indirectly complains I am spending too much time preparing for the next CCIE, I could just put the head phones on and ignore the warning message. But this does not solve the problem and it might make it worse by making it harder to determine when I have pushed the issue beyond its limits. If ports are not agreeing on a speed and duplex, 99.9% of the time it can be solved by asking the following two questions?

1) Are both sides are auto/auto? Should be standard practice and you will have a happy network.

2) The Autonegotiation principle is based on electrical signal pulses with micro second (µs) tolerances. Are the signals received within the required threshold? If not, why not? Quality layer 1 will determine the quality of the layers above.

This raise some thoughts:
How old are the cables? How old is the Datacenter? Something that I hardly ever hear of is the lifespan of UTP cables. While manufactures will today punt a 20+ year lifespan on CAT5e, I personally believe UTP cables from the 90’s should be phased out. Where possible, do not re-use patch leads as they are often the culprits. Patching and repatching puts additional wear and tear on the cable/connectors. All good quality UTP cable has the manufacturing date printed almost every meter. Check the manufacture dates of the patch leads, more than 5 years? Tie a knot in it. Check the cable standard, recently I discovered a 1000Mb link issue due to a Cat5 cable (rated 100mb) being used. Only use at a minimum Cat5e.

The negative effects of forcing speeds is that the shut up and stay up effect does exactly that. The autonegotiation process especially on 1000Mb links is fundamental to fast fail over detection and error signaling. When troubleshooting something as simple as packetloss on a Gb link with both sides forced is difficult to determine whether the problem is at the physical layer. This is since only a fraction of errors and CRC’s are logged. Removing the settings will most likely display a more realistic error count. This is not specific to GB ports, I have seen this on 100mb links as well.

The fundamental flaw with forcing speed and duplex, besides the technical aspects mentioned above, is that everyone has to follow this religion vigorously.

Mixed feedback on SP OEQ

21500 — Tue, 12 Jan 2010 18:24:06 +0000

For the last week and a bit I have been doing what I consider preparing for the OEQ. My method of attack consist of reading a topic on the blueprint and then labbing up what ever I read. Again a simple approach. After reading the first feedback regarding the OEQ on the SP lab, my initial thought was that they will be relatively easy if one is prepared well for the lab. Putting more emphasis on the practical rather than theory seemed the appropriate next step. Now with further feedback from another candidate, I am not so sure.

Some comments from the two candidates to think about:

Most positive thing about them was that they really were core things. And you can really answer with one single word, maybe 2-4, but that’s it.
If you are able to pass the lab, you certainly are able to answer those four questions!

I passed the lab configuration today. If I would have taken my test 2 weeks earlier, I would be a CCIE now. BEWARE of the OEQs. They threw me for a loop. One was a stupid mistake. The others were just crazy. None of the simulator questions even came close! It was just not what I would consider core material. Look in all the nooks and crannies of all the books you have – there you may find some OEQ study material. I have not touched any lab configuration for the past month prior to my lab attempt yesterday. All I did was reread books and bone back up on the theory.

I am a bit puzzled.

CCIE Worldwide stats – RS still dropping

21500 — Sat, 09 Jan 2010 16:58:48 +0000

A month after the first RS number drop of 48 Cisco updated the stats again, this time the RS numbers dropped by a further 62 or about 2 a day. Interesting that so many people don’t recertify.

Comparing the stats from the beginning of 2009 with 2010:

Total new: 2136
Total RS: 1382
Total SP: 622
Total Double: 438
Total Sec: 340
Total Voice: 260
Total Triple+: 98
Total Wireless: 17
Total Storage: 9

http://www.cisco.com/web/learning/le3/ccie/certified_ccies/worldwide.html

BGP Best Path Selection Process

21500 — Wed, 30 Dec 2009 09:18:58 +0000

One of those topics that is really fundamental to passing Cisco exams and labs or more importantly, predicting the behavior of BGP, is knowing the BGP route selection process well.
Following is a summary for quick reference.

1. Next_Hop: The next hop of the BGP route has to be in the routing table else if it is unreachable, the route is ignored.
2. Pre-bestpath Cost: If the pre-bestpath cost attribute is present, choose the route with the lowest cost value, if they are the same, the lowest community.
3. Weight: Cisco proprietary, local significant attribute where the largest is prefered.
4. Loc_Pref: If the weights are the same, choose the path with the highest local preference.
5. Local Originated: Routes that were locally originated with network statement, aggregated or redistributed.
6. AS_PATH: Next compare the as-path length and prefer the route with the shortest AS_PATH length.
7. ORIGIN: Choose the route with the lowest origin type if the AS_PATH lengths are the same. IGP 8. MED: If the origin types are the same, choose the route with the lowest MED value. This will only be compared for routes from the same AS or if bgp always-compare-med is enabled, for all routes.
9. EBGP/iBGP: Prefer EBGP routes over IBGP routes if the routes have the same MED value.
10. IGP: At this point if there are still multiple routes prefer the route with the shortest route to the NEXT_HOP. The IGP will have already determined the shortest path to the next-hop.
11. Cost: If the cost attribute is present not configured to be ignored, choose the lowest cost.
12. Multipath: If multipath is enabled, multiple paths that match up to this point will be installed.
13. Oldest: If multiple external routes remain, choose the oldest one, thus avoids propagating a flapping route. To overwrite this, this step can be ignored with bestpath compare router-id.
14. Router_ID: If multiple routes still exist, the BGP ROUTER_ID will be a tiebreaker. Choose the route advertised by the BGP peer with the lowest Router_ID. If RR present, the originator ID is used.
15. Cluster Length: Minimum RR cluster length is compared next.
16. Lowest Neighbor: Last, the path from the lowest neighbor address.

Richard Bannister made a great post on the topic that in detail illustrates the algorithm in a flow-chart:
http://rbcciequest.wordpress.com/2008/02/27/bgp-path-selection/

And then there is the well known Cisco documentation:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml

Preview of Richard Bannister’s flow-chart:

BGP scan-time

21500 — Wed, 30 Dec 2009 08:18:11 +0000

BGP scanner process monitors the next hop of installed routes to verify next-hop reachability. It is also responsible to select, install, and validate the BGP best path. By default, the BGP scanner is used to poll the RIB for this information every 60 seconds. During the 60 second time period between scan cycles, Interior Gateway Protocol (IGP) instability or other network failures can cause black holes and routing loops to temporarily form.

BGP scan process is also responsible for the checks to determine whether the conditional advertisement should or should not advertise the conditional route. It also checks whether route dampening information needs to be updated.

bgp scan-time

There is also a VPN4 equivalent that is configured under the VPN4 address family and the syntax is slightly different. By default it runs every 15 seconds.

bgp scan-time import

Also see:
http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_adv_features_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1056233
http://www.cisco.com/en/US/docs/ios/12_0t/12_0t7/feature/guide/VPN_EN.html#wp1045721

CCIE SP gets OEQ

21500 — Wed, 09 Dec 2009 13:34:34 +0000

OEQ to be tested on SP from 4th Jan 2010. Guess I will have some use for that extra month after all. Just glad I worked it into the study schedule. Now, the next question, how to prepare for this and what to expect. If the RS feedback regarding the OEQ is anything to go by then it should be a walk in the park. Famous last words…

Call me crazy, but I am glad it has finally made it.

http://www.cisco.com/web/learning/le3/ccie/sp/lab_exam.html

Still nothing on:
http://www.cisco.com/web/learning/le3/ccie/announcements/index.html

and
https://learningnetwork.cisco.com/community/certifications/ccie_service_provider

CCIE Data Center

21500 — Mon, 07 Dec 2009 16:30:37 +0000

Very interesting track that is making the rounds in the usual gossip corners. Now I have already decided SP will be my last CCIE (excluding CCDE), but Data Center would be very tempting. Wife would kill me though

Apparently it will replace/consolodate the current Storage track which I think is a good idea. Storage in it self is not very appealing, but Data Center, if truly reflecting current and future real world Data Centers, then Yes, it is bound to be a winner.

In summary I would expect something to the effect of CCIE storage + CCIE RS less the routing. Possible devices:
Cat: 65xx, 49xx, 45xx, some smaller cats
Nexus: 5k, 7k
MSD 9xxx
Cisco ACE?
ACS

Realistically we will probably not see the high end devices and even then it will be a difficult track to prepare for due to the hardware.

Some earlier comments:
http://www.facebook.com/topic.php?uid=75717837879&topic=8511

CCIE worldwide stats – RS numbers dropping

21500 — Thu, 03 Dec 2009 18:10:00 +0000

I never thought this would ever happen: RS numbers officially dropping, SP taking the lead. Probably just a glitch in the system while the cheaters/vendors/360 program catch up. I wonder whether the 360 ads will change their 1.2 pass ratio. From the latests stats: 71 New SP ccie’s of which 20 were RS holders. That trend is slightly down from Feb09 when it was 24:62. If CCIE was a code on the stock exchange, I would expect to see a spike.

http://www.cisco.com/web/learning/le3/ccie/certified_ccies/worldwide.html

http://www.networkworld.com/community/node/48678

http://www.ccie18473.net/wwccies/wwccies.htm

Game plan two

21500 — Mon, 30 Nov 2009 14:00:39 +0000

The definition of a game plan is any strategy devised to reach a given objective (From en.wiktionary.org/wiki/game_plan). As someone once said, not to plan, is planning to fail. Therefore I need a concrete strategy for the next attempt. Game plan one was simply to invest all my effort into mastering the technologies. This I believe was successful, however the dynamics of passing the CCIE lab is far more complicated than just the technologies. Personally I would say the technologies are 50% of what it takes. The other 50% is comprised of the psychological and the physical aspects that determine your overall delivery on lab day.

To summarize my RS experience which correlates with the above. Game plan one was similar: lab, read and absorb as much as possible. Got to the lab in Brazil, was confident, somewhere along I messed up, got the result no pass. I was fortunate enough to get a response from Bruno, one of the proctors at Brussels, that due to configuring a simple IP address wrong, cost multiple points. How did it miss the radar. Re-evaluate what went wrong. Booked the next lab, just over a month away from the first attempt. Did no technical excercises, just read the labs I previously did and prepared mentally for the next attempt. The reason for no technical labs was after the first lab I realized I was ready for this part of the lab but that it required more than that. I needed to demonstrate on lab day that I knew what I was doing in a very articulate way. That is the tough part of the lab. If Cisco was a democracy, I would vote for tougher lab questions and partial points.

The first SP lab went similar, the technologies went well, but due to my RS lab experience, time management went out the door in favor for being as punctual in the demonstration as possible. I actually thought I would finish the lab with time to spare and be able to go over everything again in order to spot the errors in interpretation, requirements that were just simply skipped and those questions that broke previous ones. I got the balance totally wrong.

For the second attempt I have a bit of a problem. I can not sit the lab within a month, I have to wait five before I can have another opportunity to convince Cisco. The advantage of sitting the lab in quick succession is that it is easier to stay prepared at CCIE level. Lab day is a peak along the journey and to maintain that peak for five months is not going to be easy. I have no other choice but to keep doing labs and keep everything fresh. This is for my own benefit in the long run. Since getting back to labs at the start of November I have completed the first four labs of IPX Vol3, now branded as the Lab Mentoring Kit. They are simple labs, but what I like about them is that the topology does not have to be complicated in order to bring a point across and makes it easier to learn from. I actually consider Lab3 and Lab4 of this range to be the best of all the workbooks I have done (read the review). I am now currently busy with INE vol2 labs and have completed the first three. I would rate the first two labs from INE vol2 second to lab3 and 4 from IPX vol3, aka Mentoring kit. The further the INE labs go in the workbook the more the wheels start to fall off. If you do the last 5 labs for the first time, make sure to use their forum where most of the workbook bugs are discussed. For some reason Lab8 rings a bell as another gem. After completing INE vol2, I will do the 5 IPX vol2 labs and lab5 from IPX vol3. The reason for this is that they are marathon labs which I hope will help with time management. I need to complete them in 6 or less hours or even better if I can do one every evening after work. This would be a workout of note.

All this should be done by the end of December. I then have about another month in order to either prepare for OEQ and if they don’t arrive I will spend this month on specific scenarios, reading and preparing mentally. All this with the focus on speed and accuracy while keeping the technologies fresh.

Postmortem – Brussels

21500 — Mon, 23 Nov 2009 18:08:10 +0000

As promised a bit more about the Brussels lab (a month or two over due). It is probably the most documented venue on the net so I wont go into too much detail about the venue it self.

Lab day started off well. The proctor was late but this was a minor, almost expected. In fact I preferred to start a little late in Brussels. If you fly west then the opposite is preferred. Bruno, the first proctor, gives a long run down of do’s and don’ts. Somewhere in the long run down he mentioned the preconfig, but that was still not clear to me. I ended up spending way to much time verifying the preconfig.

After reading through the lab the first time, I had a deja vu moment. I remember distinctly when I read my first RS lab I thought it was going to be a walk in the park. Talk about counting chickens before they hatched. How quick we forget. So with this mindset I treated cautiously, just not wanting to throw it all away with unforced errors. The effect was that by lunch time I completed 40% of the lab. I knew I had the points on the board, but also knew I was behind, so after lunch I tried to pick up the pace (in vain). Another two and half hours later I had (in my mind) about 70 points on the board. So with the VPN section left for last with just over an hour to go, I could spend a good part of 15 minutes per question and complete four of them, pushing me over the required 80. I spent some time on a couple and then started rushing through the rest just to at least finished and leave no points on the table. I believe this strategy was the correct one to follow, the only problem was that I arrived at this point at least an hour too late, two more hours would have been ‘fair’. When I walked out I knew it was going to be tight. I counted the points up, if I get all the points I think I should get I would easily pass, if I made unforced errors or miss interpreted some questions it would mean another lab. From my first RS lab experience I came to the conclusion that I have to be absolutely sure about 90+ points in order to pass. There will always be one or two requirements that were misinterpreted or one or two unforced errors. This can easily add up to 12 points or more.

The result, thanks for coming, please come again, arrived the next morning on the way back. After counting up the points I opted for the reread. Reviewing the score report suggested that I did not get points where I was absolutely sure I should have got. The only explanation I could arrive at was that I did not clear some neighbors after changes were made. After preparing for two ccie’s these are the things one can do while in a coma, so I knew they were correct, but was I so confident that I did not bother to verify in the rush. Yes, probably, argh. I counted up 18 points that I might have lost due to the above and two bugs I encountered. The one bug is normally solved with a bit of extra config and a reload. Although I had the bug fix config, the reload was not an option. This was the last question I configured while everyone was waiting for me . When I decided to go for the reread I was convinced this was going to give me that extra points I needed. Alas, the reread result came back with no change.

Personally I think the reread is not just a total reload with the saved configs, but rather the reload with saved configs plus an evaluation of the saved grading script output. Therefore if some conditions failed during the first grading and succeed during the second, they take the first result.

Good rest is half the work

21500 — Mon, 02 Nov 2009 18:44:43 +0000

…but rest also breeds rust and so a month of rest comes to an end. Time to hit the labs and documentation with rejuvenated energy. The last month of complete sp-lab-thought-blackout has been good. This was the third month I have taken off away from the labs and whitepapers since starting RS at the start of 2008. It is becoming a bit exhausting and the thoughts of where I could have been with honours/masters with the time spent leaves a bitter after taste. Never the less I shall push on , i’m no quitter. I would have preferred to push through and sit the lab again as soon as possible, but due to the limited seats, this was not to be. This makes it tough and at the same time a better engineer.

First I will need to work on a study plan. Perhaps more focus on the IPX vol2 marathon labs. I want to try get these done in 6 or less hours. And then… well I don’t know yet.

Reread

21500 — Thu, 01 Oct 2009 11:49:04 +0000

After reviewing the lab score I opted for the reread. I was sure in the rush I lost some points due to not clearing some tcp based protocols after implementing the config. Coupled with that the bugs, I was convinced the score (at the minimum) would change. Today Cisco responded:

Regarding the re-read of your CCIE Lab exam taken 15-Sep-2009.

The re-read process is intended to verify that the original scoring was accurate according to the guidelines set by the CCIE Program. A re-read ensures that there were no major errors or proctor bias in your lab scoring.

A second proctor has reloaded your configs onto a rack and completely re-scored your exam. The retest result shows No changes in the original score.

Emphasis mine. Nice to know minor errors are acceptable in the grading process. So this means another SP lab and another exhausting trip. Just great

Not yet

21500 — Wed, 16 Sep 2009 22:36:09 +0000

Received the score report while waiting for the connecting flight at the amsterdam airport. My initial calculation indicates a score of 77. I will go through the finer details of the score values and make a decision whether to go for the reread. I think it might be worth it as I had some devices logging errors and could not reload due to the time constraints. The lab content was by no means difficult, the blueprint is covered well in the vendor workbooks. The questions are not hard and over preparation will not help much. The key to passing this lab is blistering speed and swiss precision accuracy. I finished the last question when some candidates were already handing in their workbooks.

Will update with a full post in due course.

One week to go

21500 — Mon, 07 Sep 2009 20:11:26 +0000

To recap, the formula has been simple. Complete twice: IPX vol1, IPX vol3, IPX vol2 and INE vol2. I left vol3 lab 1&2 for ‘match’ practice while in Brussels. I believe this will be enough practice but the proof will be in the pudding.

With SP the outcome is unpredictable as you never know what question or dependency can make your card castle not come up or tumbling down. From what I read on the SP blogs and vendor forums, I gathered that it is absolutely crucial to get it perfect. I believe this is similar to the ‘core’ in RS. I have therefore focused a lot of attention on the details of the different Inter-As/CSC options and getting a complex mixture of them working together. I trust I have that covered well, but with only a few days left, I am now concerned about the details I have not paid much attention to. For example, accuracy is very critical in the RS lab, but I would say that my accuracy at the moment is at an all time low. The last round of IPX vol2 labs I skipped a great deal of requirements. Although they were the normal gimme tasks, these are the things that could potentially cost ‘unforced’ points when rushed. There is not much I can do about accuracy now, my only option is to verify everything and verify thoroughly. Then there are the topics on the blueprint that are not covered in much detail or at all on the full-scale labs. I can still do something about this and therefore I am working through the IPX Vol1 labs as they have the most variety of different technologies and concepts. I also setup a few 2600 routers with some older 12.2 code just to get a feel for it.

For the remainder of the week I will keep focusing on tying up the loose ends. Almost time to start packing.

IPX Volume 2 SP Review 2

21500 — Thu, 03 Sep 2009 22:11:21 +0000

Just a few days left and I am still on schedule. I completed the IPX Volume 2 and IPX Vol3 Lab5 again for the second time. In summary, they are long tedious labs, but I would strongly suggest editing the igp,ldp and bgp authentication as well as community filters out of the initial configs. This will allow you to skip a lot of requirements and get straight to the meat of the lab. Yes, absolutely, I agree with the others, they are definitely a must. I noticed that the same “feature” questions caught me off guard as on the first time, but the multi SP CSC over Inter-AS scenarios hardly receive any troubleshooting and debugging anymore. Next up is the Vol3 labs which I started with. I will leave (skip) the two easy labs ( Lab 1 and 2) in case I want to do some lab practice while in Brussels to kill time.

Vol2 and Vol3 has been consolidated into one workbook and I noticed the Vol3 is not on the site as well. Unfortunately the new workbooks are not available for download yet.

Read the complete first review.

Update: I will run through these labs a third time under timed conditions. I think it is important to get these labs done in 6 hours or less.

INE SP Volume 2 Review

21500 — Sun, 30 Aug 2009 10:59:23 +0000

I completed the 10 INE vol2 labs a few days ago for the second time. I wont make this a long whining post, only a short simple whining post. These workbooks are riddled with an extraordinary amount of mistakes. It is really unforgivable that BrianM makes a comment on the forum “Hope you weren’t banging your head against this one too hard. The task should read level-2″. Two years later the task still reads Level-1. A simple change of a value from 1 to 2. Come on? Eventually, you loose faith in the workbook. I would suggest making notes of dodgy questions during the first round and using the SG. On the second round things went a bit smoother since I knew which questions broke the lab. Normally I would not suggest using the Solution Guide as figuring out the answers without the sg is the optimal learning method.

In summary, 1 or 2 good labs, 5 out of the 10 labs are completely broken, all labs are rough around the edges and all labs have some brief moments of brilliance.

IPX Volume 2 SP Review 1

21500 — Wed, 19 Aug 2009 10:46:57 +0000

Vol2 contain 5 labs, but I would add IPX vol3 lab 5 into this group as well, as it is clearly written by the same author. Vol3 Lab5 also use the same topology as Vol2 which is not supplied by IPX. You will have to create the SP topology .net file or download it from the blog when I get around to considering it blog worthy. All the labs are possible on dynamips.

I had very high expectations of the IPX vol2 labs after reading two blog posts claiming they were the “best”. For this reason I planned to do these labs last. The logic behind doing them last is that the “best” labs deserved my thorough understanding and concentration. I did not want to miss any vital information. The term “best” needs to be put into perspective and due to its high reputation this review will go into more detail.

If I had to compare cabbage, broccoli and spinach, I might tell you cabbage is the best. What I’m actually saying is that the cabbage is better than the broccoli and spinach. The same principle applies to the IPX vol2 SP labs. I have been using three sets of full scale labs. INE vol2, IPX vol3 and vol2. Of the bunch, the IPX vol2 could be considered by some as the better labs. I think they would say this due to the multiple Service provider CSC over Inter-AS topologies. This is great practice for sure. The problem is that you have to dig your way through a kilo of broccoli before getting a bite of steak. I consider these labs a configuration marathon. Each protocol requires neighbors to be authenticated. After the first lab or two it becomes a joke. Skipping these cause the next problem that preconfiguration have the authentication preconfigured on some devices. So again you are forced to go back and enable it. I think the word “all” is used way to loosely in these labs. Configuring all routers for a specific question is unnecessary and trying to figure out shortcuts wastes time. This generally cause the configuration marathon phenomena. For this reason I have labeled these labs as a health risk, as you run a high risk of developing Carpal tunnel syndrome. The “all routers”, “all neighbors” and “all interfaces” questions should really be contained to the devices that require them, or where they make sense. This reminds me of when a coach runs out of creative exercises and says: ” Ok guys, run around the track a hundred times”. If these questions are narrowed down to the devices that need them more questions that add value could be added e.g. multicast sections on both Lab5’s.

In all honesty and without a doubt, the complex inter service provider topologies are great practice. The questions that require many “stand alone” features to be configured is also a welcome addition. Therefore I can imagine that they are considered the best of the lot. With a little bit of tweaking with the end user in mind, I think these labs have the potential to truly become vital to the SP lab prep. All in all I will come back and redo these before the lab.

Update: Review 2