Saturday, November 10, 2007

IPExpert Lab 23 Complete

Ahhh, a much easier one for a change. There wasn't anything too complicated in here at all. I did make a couple of minor mistakes--completely skipped a small step and messed up a couple of access lists.

I spent a little more than than I would have liked on OSPF authentication and a poorly worded RIP section. Other than that, things went pretty well.

I took a different approach this time. First I setup the required parts of the Cats. Next, configured IGP, EGP, and anything else required on R1. I intentionally left off anything related to security, redistribution, or filtering at this point. Then I did the same with R2, ensuring all adjacencies, etc. formed with R1. I followed the same process until I got through all the routers. Then I went back through on the items I skipped--authentication, filtering, summaries, etc.

I felt pretty good about the way things went this way. By 2.5 hours, the entire core was up and connectivity was verified. At 4.5 hours, all advanced core features were completed. At this point I just picked off the advanced features one by one and had the whole lab finished in about 7 hours.

The nice part about this approach is that I get any design concerns out of the way early on because I'm getting end to end reachability up pretty fast and including BGP in that initial design. I'm also saving a lot of time because I'm not jumping back and forth between routers so much. The only real negative to this approach is I am jumping around in the workbook a lot so it makes it really easy to accidentally skip something.

Saturday, November 3, 2007

IPExpert Lab 22 Complete (sort of)

For once the core portion of the lab was pretty easy. I still have to get faster, but everything through BGP took about 5 hours. There's definitely some room for improvement. Primarily, this involves setting up everything in OSPF and BGP the first time. I have the tendancy to get everything up on OSPF and then setting up the virtual links and then encrypting. It'd be nice to do it all the first time rather than having to visit each router 3 or 4 times. The same goes with BGP adjacencies and reflectors/confederations. I bet hitting all of these in one shot would take a hour off the time.

The rest of the lab got pretty tough. Some of this, such as the logging section, was due to poor explanations and not having a proctor around to ask clarification. The VPN section was a wash. Same with a VMPS question on the advanced switch part. As always, some annoying ports to try to figure out. And then just when it seems as if the lab should be ending, in comes two IPv6 sections. One was easy, the other was pretty complicated.

So, I ended up running out of time. I'm intending of repeating Lab 21 due to the complicated redistribution. Well, I need to repeat this one, primarily to improve time management. This lab was supposed to be diffiult, with a complexity of 6.5. The next three labs are easier, at 4.5, and then the rest of the workbook looks pretty rough. So, I think I'll knock out the next three easier ones, and then repeat 21 and 22. And then I'll be into the hard ones. That should put me right about to January to where I'll be beginning to panic with the lab date getting close.

Saturday, October 27, 2007

IPExpert Lab 21 Complete

Ok, this one took me a little bit longer than the last few. The complexity is a little higher at 4 out of 10. I finished the lab with about 15 minutes to spare, with a few unplanned breaks that took up about an hour. I had to rush a little through the QoS section, but not much so I would really say I was pressed for time.

So what took so long? Primarily, understanding what the heck they were asking for. It was evident this lab was barely rewritten from an older version with fewer switches and other technologies. A lot of the language just didn't add up. And with a couple typos in the beginning stages, I spent a lot of time asking myself if something later was a typo or if it was the desired config.

For example, I was told to configure OSPF on 4 serial interfaces. Well, 2 of those interfaces were already running EIGRP. OSPF could not form an adjacency over the frame relay links because they were spokes and the hub was not running OSPF. So my choices were either to run OSPF on the hub as well, or to add OSPF to the ethernet links. The strange part of this is that OSPF would end up configured on the frame relay links, but there wouldn't actually be an adjacency. Well, they didn't say an adjacency was needed, so that's the path I chose.

Redistribution was a major pain in this lab. Every other step of the IGP configuration required to check that things are still up if link x or y goes down. So a bit of time was taken up shutting down interfaces and running ping scripts from distant ends to ensure things come back up. There always seemed to be a loopback or two that needed to be manually redistributed into another protocol.

So, the bottom line is I can do complex redistribution, I just need to get a lot faster at it. The latest trend seems to recommend doing a few labs 4 or 5 times. I think I'll add this one to be one that I'll do multiple times before gameday.

As for the rest of the tasks, I think things went pretty well. I still stink at Catalyst QoS. I didn't catch the aggregate policer. I need to commit to memory that if shared bandwidth must be below a certain level I need to use aggregate policers. I also wish for once I could remember to classify video, use "match protocol http mime "video/*". I was closer this time, I just had "*video" instead of "video/*"

I'd give myself about 90% on this one, with a total time, minus interruptuions, of 7 hours.

Saturday, October 20, 2007

IPExpert lab 20 complete

I found this one relatively easy. The 8 hour lab took me about 5 hours to complete and was nearly perfect. The only real issue was I neglected to realize I needed to setup NAT. This is still one of the easier labs, but it's certainly helping to build my confidence. I'm pretty sure if I do one of these each Saturday I'll be ready to go once February gets here!

Sunday, October 14, 2007


Wow, it's been awhile since I've posted. Believe it or not, I have been making progress. I took the IPExpert bootcamp with Marvin as the instructor. I highly recommend this. I learned a heck of a lot, while at the same time I got by butt kicked enough to motivate me to keep studying until my lab date in February.

Today was the first time since the bootcamp that I was able to get some studying in. I attacked ipexpert lab #19. I was able to finish it in 6 hours with about 95% accuracy. I do think my speed is getting considerably better. That was my biggest issue at the bootcamp--running out of time.

I'm going to try to do a lab every Saturday until my real date comes up. I hope that's a sufficient amount of studying at this point. With a 2 month old baby and graduate school, it's though enough to get this much in as it is.

Saturday, September 8, 2007

Bootcamp scheduled

Once I passed the written, I decided I was probably going to attend a CCIE bootcamp. I got a heck of a lot of studying done so far this year and it's tough to keep dedicated with a 6 week old son and graduate school going on at the same time. I just so happened to get a marketing email from IPexpert this week and decided to follow up on it. The date, location, and price was right, so I went ahead and signed up. Apparently I get to actually take the class twice for the price of one, so I'm going the first time the end of September. Now I just have to work hard the next two weeks on my home rack before class starts to make sure I'm adequately prepared.

Unfortunately, studying didn't happen tonight.

On the left is my car which got hit while parked. My wife was standing on the passenger side and literally had to dive out of the way to avoid serious injury. Thankfully, everyone's fine.

Thursday, September 6, 2007

Lab Date Scheduled

The backlog was a little longer than I expected, so a lab date of January does not look possible. I have instead scheduled my lab date for February 22nd. Which basically means I have until January 22nd to commit to that date or push it back further.

I'm currently in talks with a few bootcamp providers to decide what to take. I'm leaning toward IPexpert's 5 day bootcamp in December, but I haven't committed to anything yet.

No rack time yet this week :(

Saturday, September 1, 2007

Getting back in the groove

Wow, it's been a while since I've posted. I've had a few distractions to studying. For starters, my son, Kyle, was born in July. That alone has made rack time all but impossible for the past month.

So instead I focused my studying on the Written exam, which expired a couple of years back so I needed to retake it. There was one new section in particular, MPLS. I knocked out the written on Friday after about a month of studying (thanks ccbootcamp and netmasterclass!!!). An interesting note on ccbootcamp's material: there are a LOT of errors. Strangely, I think this helped me. Because of my distrust of the material, I was forced to hunt for resources on every questionable item. I ended up spending as much time on univercd as I did studying the material.

Now I'm all out of excuses to continue my studies. As it stands, I have:

Completed the IE Advanced Technologies Class-on-demand
Completed the first 4 IE workbook 2 labs
Completed the first 3 IE core labs

My intentions are to take the Lab at the end of January. In order to accomplish this, I'd like to complete all of the IE core labs and half of the IE workbook 2 labs by the end of the year. I'm also intending on taking a bootcamp in early January. The question is, which one? I'm considering IPexpert, IE, NetmasterClass, Unitek, or Global Knowledge. I've got a few months to figure it out.

Tuesday, July 24, 2007

IE Lab 4 complete

I completed IE lab 4 today. The remaining parts consisted of BGP, IPv6, QoS, and other miscellaneous stuff. Unfortunately, the router that I needed to run IPv6 OSPF wouldn't handle it (2501 running 12.3 IP Plus). So, I implemented it on another router but wasn't able to watch it peer with the border router. I also reviewed the configuration guide heavily to ensure I didn't miss anything.

There were a couple of shockers at the end. I never knew there was a menu command in IOS. I also had no idea about the "ip alias" and busy/refuse message commands.

All in all, I felt pretty comfortable once again with most of the lab. I still need to work on my understanding of QoS and multicast, and I need to get more comfortable with IPv6.

Now that Lab 4 is complete, per the guidelines I'm going to (re)do the core workbooks labs 1-3 before continuing on to Lab 5. I actually did the core labs 1-3 a few months back because I felt so overwhelmed by the workbook 1 labs. Thanfully, around workbook lab 2, combined with what I learned from the core and the class on demand, I finally got route redistribution (mostly) figured out and haven't had much trouble with it since. I just hope that stays.

Before I continue on with Lab 5, I'm also intending on doing the technology labs for Multicast, QoS, and the peering portion of BGP. With a little more experience with those I should really start tearing through the rest of the labs.

Sunday, July 22, 2007

Daily Update

Okay, so it's been a few days since I've studied. I actually had to take a break for my own health. You see, over the years I've gotten a case of tech neck. Back in January I purchased a sleep number bed and I haven't had a single incident since.

That was until last Tuesday night. I like a sleep number of about 65. My cat apparently does not. On that night, he preferred a sleep number of 0. In the middle of the night he managed to hold the remote down to deflate my bed completely. I woke up effectively sleeping on the floor. About two hours into work, my neck popped and I knew what was coming. Throughout the day my neck got progressively more sore, to the point that when I awoke the next morning I couldn't move my head at all. One day off work and countless Ibuprofen later and I'm almost back to normal.

I hope to be back to studying Monday night, if more important matters don't come up. It's hard enough to study for my CCIE when life doesn't interfere. But as bad as I want it, some things just make it pale in comparison.

Tuesday, July 17, 2007

Daily Update

I finished IE lab 4 up to IGP tonight. Things certainly get more comfortable and faster every day. There were only three issues I ran into.

First, I showed I need to reread udld, specifically the spanning tree loop guard functionality.

Secondly, I need to make sure to read every single subtask. This is a trend that I continually see. I intend to put more effort into ensuring I complete every task once I complete lab 4, where it is recommended that I start seriously timing myself and preparing as if it were the real lab.

Finally, I fat fingered an IP address on a tunnel interface, which ate up about 20 minutes of troubleshooting. Then, to top it off, one of my frame-relay interfaces was acting up and, even though the show frame-relay maps were fine. I still needed to do a mass reboot to get everything responding fine. I wasted way too much time troubleshooting before I initiated the reboot, eating up another 20 minutes.

All in all though, I was happy with the results. I caught on to all the trickery and had no issues knowing what needed to be done, but some mistakes hurt me in the time to execute.

I'm looking forward to hitting the BGP and other portions tomorrow night.

Monday, July 16, 2007

Daily Update

I didn't do a whole lot today. I wiped the configs on all of my equipment and loaded the IE lab 4 base configs. There was very little studying completed over the weekend as well. I was having some work done on my house and studying would have been nearly impossible with all of the noise.

So, I thought this would be a great chance to explain a little about what the CCIE means to me. In a nutshell, the CCIE is the most demanding IT certification. It requires not only the passage of a computerized exam, but also one must pay Cisco a visit to demonstrate his or her knowledge. In this eight hour lab, Cisco requires you to set up an extraordinarily complex network that would probably never be seen in the real world. They throw the book at you and give you very little time. On top of that, each attempt costs over $1000 and the average person to pass--and many never do pass--takes three attempts.

The typical estimate is that an individual who is already a professional network engineer takes about 2000 more hours of studying to pass the CCIE. This does not mean a year of work. This means 2000 hours of weekends and time after work spent dedicated directly toward CCIE material. Unless perhaps your job description precisely matches the CCIE blueprint. Since mine does not, it means a lot of time studying.

I've achieved a number of computer certifications over the years. The MCSE took me about a year to complete back in 1998. The CCNA, MCDBA, and CCNP were also completed with little effort--perhaps a month of studying for each exam. But, I have been working toward the CCIE off and on since about 2004. The first year was spent just reading every related book I could get my hands on. I needed to learn topics such as IPv6, Multicast, BGP, OSPF, and others much, much deeper than what was required to slide through the CCNP exams.

Last December I was in the fortunate position where I had a little extra money to spend and InternetworkExpert was throwing in a PS3 to boot, so I couldn't pass up the deal. Since I purchased the end-to-end training package, I have been, for perhaps the first time, consistently dedicated to the CCIE. I'm not nearly as afraid of many of the topics as I used to be, but I still have a lot to learn. I'm optimistic I can take a stab at the CCIE lab this year, if I can stay focused.

And that brings me to why I started this blog. I figure if I imagine others out there are reading my progress, I'll have to be accountable to somebody. I know this can be done. It really isn't brain surgery. It's just a matter of coming to terms with the large volume of information that's out there. I'm determined to pass the CCIE this year. Perhaps another time I'll explain why.

Friday, July 13, 2007

Lab 3 Complete

IE Lab 3 completed tonight. I learned I know nothing about RSVP and TCP intercept and could use some work on Multicast filtering. All in all, I feel lab 3 went pretty well though. My confidence gets a little higher with each lab. Unfortunately I was feeling a little burned out tonight.

My weekend is full so I probably won't get to lab 4 until Monday. Per the recommendations, I'm just going through lab 4 and spending a lot of time reading the docs and experimenting. Once lab 4 is complete, it's time to start taking things more seriously.

And then there's the issue that I still need to re-pass the CCIE written. I'm not in a hurry to retake this. For starters, the info I'm learning and finally understanding by going through the labs will help make the written studying go much better. Also, the written was recently changed to add IPv6 and MPLS. IPv6 is part of the written, so this shouldn't be a big deal. But I haven't even looked at MPLS since taking the Routing exam nearly 5 years ago. I'll probably just review and hope there aren't many questions on it.

Lab 3 BGP

Last night I completed IE Lab 3 BGP. The section was relatively easy until the last part. I was led down a path where I had to override BGP weight on an inbound path. Huh? I didn't think this was possible. Remote outbound always gets precedence over local inbound. That's why weight and local preference are above AS path and med. I was going to go down a path of advertising two /25's subnetted from the /24--longest match would definitely take precedence over weight. I know that would have worked, but if this were the real lab I'd definitely have to ask the proctor if that were allowed or not.

The more I thought about it, the more I assumed it would not be allowed, so I caved and checked the answers. Sure enough, it was something I did not know--BGP conditional advertisement. There's a command in BGP which allows you to only advertise a route when another route is not in the network. VERY HANDY! I can't wait to start using this in the real world. I always have ISPs choosing the wrong path even when the AS-path is longer. Usually because the remote host's ISP is the same as the low bandwidth link.

Wednesday, July 11, 2007

Daily Update

I'll go through my history and a little bit more on the CCIE when I have some time. For now, I really want to get started on a progress report. Today I completed the Internetwork Expert Lab 3 IGP section after work. I felt really comfortable about the time it took and the requirements. I did lose some time with reachability to the border IGP routes. It turned out that EIGRP external routes were being redistributed into OSPF external routes, which had a lower administrative distance, thereby creating a routing loop. Increasing the OSPF external AD to 171 took care of that issue.