Monday, January 28, 2008

Not quite there

Well, I didn't pass on my first attempt. I was close, but no cigar. I finished early, doublechecked everything, and really thought I had it. So, back to the drawing board. I'm going to focus on the IE practice labs this time to see how they go. Even though I didn't stick to my last study schedule too much, I'm going to set one again. One thing to note, my speed ended up being fine, it was mostly an issue understanging the wording and some of the non-core tasks. So I'm going to be focusing on the full labs.

2/2 IPexpert Challenge H
2/3 IE Lab 5
2/9 IE Mock Lab 4
2/10 IE Lab 10
2/16 IE Lab 12
2/17 IE Lab 16
2/23 IE Mock Lab 6
2/24 IE Lab 17
3/1 Rest
3/2 Lab Attempt #2

Sunday, January 20, 2008

IE Mock lab #5

This will be my final mock lab. It's actually my fourth. But IE Mock lab #4 had a difficulty rating of 9, as opposed to an 8 for this one. I didn't really feel like psyching myself out 5 days before the exam. Let's just hope a 8 doesn't hurt me too badly either.

7:12am printed out materials
7:31am layer 3 diagrams complete. I don't have enough information to complete layer 2 diagrams yet
7:47 readthrough complete
8:08 layer 2 diagram complete
8:12 1.1 complete
8:30 1.2 complete, still had to lookup qinq and took time for switch reboots
8:54 1.3 complete, strange I had to remove and put the l2 configs back on
8:58 1.4 complete
9:01 1.5 complete
9:03 1.6 complete
9:13 1.7 complete, had to renumber my port channel to match the diagram

Skipping 1.8, have to look it up and non-core
Task 1 complete, 15/18 points

9:34 2.1 complete
9:39 2.2 complete
9:44 2.3 complete

Task 2 complete 7/7 points, 22/25 total

Task 3.1 partway complete, need to finish virtual links
10:25 Task 3.2 complete, 1 point
10:28 Task 3.1 complete, 3 points -- I may not have needed this VL after all
10:33 Skipping task 3.3, messy OSPF summarization and non-core
11:03 Task 3.4 complete, took WAY too long. CHECK LAYER 3 FIRST!!!!
11:10 Task 3.5 complete, watch those subinterfaces
11:23 Task 3.6 complete
11:31 Task 3.7 complete
11:39 Task 3.8 complete
11:55 Task 3.9 complete, had to fix some virtual-template ip addressing
12:01 Task 3.10 complete
12:17 Task 3.11 complete
12:29 task 3.12 complete

Task 3 complete 27/30, 49/55 total

Taking lunch at 12:31. 5.5 hours down, 2.5 hours left
12:48 back from lunch
1:03 ping tests complete
1:15 task 4.1 complete
1:41 task 4.2 complete
1:43 task 4.3 complete

Task 4 complete, 9/9, 58/64 total

2:04 task 5.1 complete, needed to tunnel over the non-broadcast interfaces
2:21 back from break
Task 5.2 skipped

Task 5 complete, 3/6, 61/70 total

2:26 Task 6.1 complete
2:39 Task 6.2 complete 3 points--is ipv6ip the least overhead?
2:47 Task 6.3 complete

Task 6 complete, 9/9, 70/79 total

2:58 Task 7.1 complete
3:21 Task 7.2 complete

Task 7 complete, 6/6, 76/85 total

Skipping Task 8.1 0/3, 76/88

3:29 Task 9.1 complete

Task 9 complete, 3/3, 79/91

3:39 Task 10.1 complete
3:46 Task 10.2 complete, out of TIME

Task 10 almost complete, 6/9, 85/100

Well, if I got everything right that would be a passing score. We shall see.

Time to see if I can do what I skipped

4:02 Task 1.8 complete, would have been 3 points.
4:27 Task 3.3 complete, as I thought this was kind of messy, 3 points
4:41 Task 5.2 complete, 3 points
5:08 Task 8.1 still skipped, it's killing my ipv6 tunnels :(
5:18 Task 10.3 complete

Saturday, January 19, 2008

Continuing Bootcamp 3

54 points, 7:40

Yes, I'm running really far behind. Something I neglected to mention, I handled reachability a little differently. Usually I just filter the routes unless it says redundancy is required. I decided to make it hard on myself this time. Playing with the Distance and tags and policy routing, even though not necessarily required, taught me a heck of a lot. Tomorrow's mock lab #5, that's the one I'll be focusing on time with.



Starting Task 20, 3:40pm

3:55 Task 20 complete, 4 points. This was evil because the switchport was to only allow 1 mac address. So for the standby router, I had to "use-bia"

5:00pm Task 21 complete. 4 points. More fun with different strategies. Rather than using an as-path list, I tried it with manual communities. Took a bit to figure out. The problem was when using a route-map with dapening, I must use a match clause and a set dapening clause



On break

Returned from break, 7:25pm

7:42 Task 22 complte, DocCD fun

8:27 Task 23 complete, 4 points

Continuing Bootcamp Lab 3

Here we go, the last weekend before the lab on Friday. Time to get real. The following topics scare me

  • Advanced NAT configurations, such as NAT on a stick
  • Advanced bridging configurations, such as frame relay bridging
  • Advanced Multicast configurations, pretty much anything beyond anycast
  • MLS QoS, particulary cos maps and distributed configs
  • Advanced Redistribution

I'll need to put some time into all of these topics this weekend. For now though I'm going to finish off bootcamp lab 3. At this point I'm 4 hours in.

6:15am Initial configs loaded

7:00am Task 15 complete, 3 points

7:00am Task 16 complete, 5 points--I don't see anything saying I can't use policy-routing here

7:00am IGP complete, pingtests complete

7:30am Have to do some rl work for a few minutes. Currently hung up on an annoying BGP peer that won't come up. Oops, there it is. Have to remember that inter confederation peerings are like ebgp and require multihop

8:45am Ok, work's done and I grabbed breakfast too

8:50am Task 17 complete, 3 points

8:58am Task 18 complete, 3 points

9:30am taking a break

10:45am back from break

11:20am Task 19 complete, some bgp next hop issues to resolve and some conferation as-lists

12:30 External Ping testing complete. This was one of the more complicated BGP scenerios I've dealt with. It consisted of 2 additional points of redistribution required and a router not running BGP next to one of the BB routers. That created an interesting scenerio because I had to redistribute into IGP and then use policy routing to adjust the next hop so the routes continued to go the correct way. Additionally, a bunch of distance modifications were needed. Finally, something I have not run into before. BGP by default will NOT allow you to redistribute internal routes into an IGP. The command bgp redistribute-internal allows for this. However, it warns that this will create a mess, and indeed it does. Every router needed to be adjusted so that OSPF had a higher AD than BGP so that everything remained reachable. Why did the task take so long? About 45 minutes were spent learning the BGP internal redistribution situation.

Time to move on to the non-core portion of the lab

Thursday, January 17, 2008

Repeat bootcamp lab #3

It's a short night, so this should be fun.

6pm: Started
6:23pm diagrams complete--not bad time
6:33 Inital configs loaded
7:41 returned from break. Total time so far, 23 minutes
8:00 readthrough complete
8:21 2.0 complete, 2 points
8:47 3.0 complete, 3 points -- fun with macros
8:54 4.0 complete, 2 points
9:00 5.0 complete, 2 points
9:11 6.0 complete, 3 points
9:23 7.0 complete, 2 points -- finally get private vlans
9:57 1.0 complete, 3 points
9:58 8.0 complete, 2 points
10:01 9.0 complete, 3 points
10:06 10.0 complete, 3 points --default frame-rel keepalive is 10
10:09 11.0 complete 2 points
10:25 12.0 complete, 3 points -- read too deep into obvious neighbor statement
10:54 13.0 complete, 3 points
11:13 14.0 complete, 3 points -- lots of virtual link encryption, probably wasn't worth 3 points

Need to make sure I get my configs saved, so I'm calling it a night
36 points, 3:55 down, 4:05 to go

Port Priority and Port Cost

Ok, I finally have it figured out.

Port Cost: The primary metric a switch uses to determine which port is root. The cumulative costs to root are used. The lower the better

Upstream router id: The secondary piece used to determine which port is root. The lower the better

Port priority: Sent to the downstream switch to tell it which port to select as root.

Port priority on comes into effect if port cost and neighbor id are equal. Which pretty much means it only matters if there are multiple uplinks going to the same switch and the port cost is equal. Then, to influence which port is root, one can set the port priority on the upstream switch.

Tuesday, January 15, 2008

IPExpert Multiprotocol Challenge G

I liked the requirements of this one and with a challenge of only 5 I should be able to buzz through it relatively quickly. Since it's a weeknight, I need to be done by midnight. So, without much time to waste here I go.

6:30pm lab started
6:56pm diagrams and readthrough complete
7:00pm initial configs loaded, 1 point
7:30pm basic configuration completed, 3 points
7:32pm WAN configuration completed, 12 points
8:45pm I'm calling it a night. I got hung up on something really stupid in switching. I was even more frustated when the workbook game me a stupid answer for what I was stuck on. I've made it really clear to myself that I have absolutely no clue what the port-priority command does. I'm going to have to research this. I'll be back Thursday.

Sunday, January 13, 2008

Continuing Bootcamp Lab #2

11:05am Configs from yesterday loaded and verified
11:27am TASK 17 complete,3 points--multicast went much better since doing IE mcast labs
11:37am Task 18 complete, 3 points
12:07pm Task 19 complete, 5 points
12:25pm Task 20 complete, 5 points--the MBGP stuff is still a little bit over my head
12:46pm Task 21 complete, 4 points
12:57 Task 22 complete, 2 ponts--easy, I was just distracted
1:12 Task 24 complete, 4 points--easy, took extra time for verification
1:23 Task 25 complete, 4 points
1:26 Task 26 complete, 2 points
1:30 Task 27 complete, 3 points
1:47 Task 28 complete, 2 points
1:47 Task 29 complete, 2 points
2:00 Task 30 complet, 2 points--it's "ip telnet"

I still intnetionally skipped task 5. It was only worth 3 points and would have taken a bit of time. First, I hate cos-maps. Second, it required changing Cat3 to transparent mode. Since pruning was enabled, this could have had undesired effects on trunked traffic. So, I would have then probably had to turn off pruning for specific vlans. Next, it would have probably taken a few minutes to find "switchcore wirespeed" in the doc cd. And finally, I'm not a big fan of smart macros, for anything other than pinging. So, I was more than happy to throw away 3 points.

All in all, I'm glad I repeated this lab. I understood a lot more about what was going on than I did back in September. I also didn't have to look much up on the doc cd.

Saturday, January 12, 2008

Repeat Bootcamp Lab 2

I'm off to a little bit of a late start this morning. So I figure I'll redo a previous lab.

8:45am start
9:00am diagrams complete
10:00am readthrough and initial configs complete
10:00am 1.0 complete 3 points
10:00am 2.0 complete 1 point
10:40am 3.0 complete 2 ponts
10:40am 4.0 complete 2 points
Task 5.0 skipped for now
10:48 Task 6.0 complete 4 points
11:15 Task 7.0 complete 4 points (Watch those supernet addresses!)
Task 8.0 skipped for now
Task 9.0 skipped for now
11:45 Task 10.0 complete, 5 points. Back to task 9.0
12:00 Task 9.0 complete, 5 points
12:05 Task 8.0 complete, 3 points
12:35 Task 11.0 complete, 4 points
12:49 Task 12.0 complete, 3 points (took a 20 minute lunch also)
12:57 Task 13.0 complete, 3 points
1:19 Task 14.0 complete, 3 points
2:08 Task 15 complete, 5 points (and a 20 minute break)
2:45 Task 16 complete, 6 points (had to lookup as-set for aggregation)
3:00 Pingtests complete. Had to advertise one of the EIGRP links into OSPF.

I'm going to take it easy this weekend and call it a day. At this point I have about 2:30 left and the core is complete. I have 53 points and I skipped 3, mostly because it was "extra" and looked like a lot to go through for 3 points.

Thursday, January 10, 2008

Mock Lab back and More Multicast

For IE Mock lab 3, the score was a 63. In actuality, there were some problems with the router code versions. For example, R1 wouldn't accept ospfv3 commands. So my real score was a 70. Once again, some dumb mistakes cost me.

  • Missed portfast on some interfaces: 2 pts
  • Missed a community string: 3 pts
  • Misconfigured RMON: 3 pts
  • Sent DHCP requests to the wrong place: 3 pts
  • Missed a BGP peer: 6 pts

So, sans dumb mistakes my score was a 88. This makes me feel pretty dang good, since this lab was supposed to be equivalent in difficulty to the real thing. Also, I seem to be gaining 10 points a week on the actual scores of the mock labs. It's always nice to see progress.

I intended on finishing off the Multicast labs on Thursday, but my family has dinner plans so I moved it up to Wednesday. Honestly, I feel this was a bit of a mistake. I'm already studying close to 20 hours over the weekend. Two consecutive nights during the week is a bit much. Even though i was feeling a little burnt out, I forced myself through the remainder of the multicast labs. I learned a couple of little pieces of information:

  • Anycast requires that the RPs be joined by MSDP. I never realized this before
  • Running multicast over BGP requires the address-family commands under BGP. I've seen these before but haven't really messed with them so I need to do some more research

Other than that, the scenerios weren't nearly as eye opening as yesterdays.

Tuesday, January 8, 2008

Multicast Refresher

I've been struggling with Multicast and it's obvious I just don't get it. So tonight I decided to start going though the IE workbook 1 multicast session. The IE workbook 1 parts are great when I just need to immerse myself in a particular technology. However, it gets very redundant and monotonous, so it's not generally my idea of fun. I think they intentionally have it set up so you're constantly undoing and redoing configs.

On the bright side, it works wonders on muscle memory. It is also very detailed on the show and debug commands. I went through a whole bunch of the BGP tasks a few months back and felt it really helped me out there. I'd actually consider BGP one of my stronger areas, thanks in part to that and in part to actually using it at work now.

So I did about half the multicast tasks so far. At the beginning, I rolled my eyes becasue the tasks just seemed too easy. But once I followed along with the debugs and show commands, I feel I did learn a thing or two. As a bonus, I made a couple of mistakes and did have to do some troubleshooting.

I've been torn as to whether to speed drills or what on Tuesday and Thursday nights since I just want to spend a couple of hours. I think the Multicast section will work nicely for Thursday. We'll see what I want to do next week depending on how this weekend's labs go.

Sunday, January 6, 2008

Contingency Plan

Let's face it--as hard as I prepare, there's a good chance I may not pass. Maybe I'm not prepared enough. Maybe I just make a bunch of stupid mistakes. Maybe I just have a bad day. Honestly, if I were to take the lab tomorrow, I'd give myself a 50/50 shot. I hope to have that up to 70 or 80 by time January 25th gets here. So what do I do if I don't make it?

  1. Continue with the Sunday morning mock labs. These seem to be the most beneficial. I'll go ahead and purchase all 7 and then redo them all, ungraded, repeatedly
  2. Use my free IPexpert retake in Columbus. Jun 9-13 seems good. So does July 21-25.
  3. Retake the lab the week after the bootcamp.
  4. Worry about a contingency plan for a second failure when I get closer to that.
  5. Keep in mind, once August gets here, I'll have a Master's degree in Computer Science. Now that's something I don't have to recertify every couple of years!

IE Mock Lab #3

I must confess, I'm hooked on the IE mock labs. I was nervous that they were going to start charging $250 for them again, but they extended their $99 special through the end of January. This works pretty well for me since my lab is scheduled January 25th.

Why do I like them? First off, the challenge level seems to be just right--they're just a little bit beyond me. So I can see what is being asked for, I just need to push myself a little bit. Also, the questions are clear and don't seem to be trying to trick you, just to really make sure you know what you're doing. And of course having them graded and a very detailed solutions guide is a big plus.

Here we go.

6:00am Printed out the materials. This one looks scary from the topology standpoint!
6:40am Diagrams Completed. Created BGP and Layer 2 diagrams as well this time
7:09am Readthrough completed
7:21am Task 1.1 completed, no issues
7:25am Task 1.2 completed, no issues
7:42am Task 1.3 completed. Wasted time assuming it was back-to-back frame relay and disabled keepalives. Also, task states "point-to-point" yet requirements don't allow it. It'd be nice to be able to ask a proctor for clarification.
Task 1.4 skipping for now
7:50am Task 1.5 complete, had to lookup end-to-end keepalives on the doc cd. Knew what to look for
8:04am Task 1.6 completed--stupid phantom space got me :(

TASK 1 complete, 10 of 12 points

8:34am Task 2.1 competed--L2 diagram helped IMMENSELY
9:07am Task 2.2 completed--had to research dot1q tunneling, especially getting CDP to pass
9:07am Task 2.3 already completed with Task2.1
9:07am Task 2.4 already completed with Task 2.1
9:07am Task 2.5 already completed with Task 2.1
9:16 Skipping Task 2.6
9:16 Task 2.7 alrerady completed with Task 2.1
9:16 Task 2.8 already completed with Task 2.1
9:20 Task 2.9 Completed

Task 2 complete, 18 of 20 points. (28 Total)

9:39 Task 3.1 completed
9:39 Task 3.2 completed, pretty sure authentication is correct
9:47 Task 3.4 completed
10:02 Task 3.5 completed
10:09 Task 3.6 completed, had to lookup k value order
10:15 Task 3.7 completed--some offset-list trickery
10:21 Task 3.8 completed
10:23 Task 3.9 completed
10:59 Task 3.10 completed --not bad time for figuring out redistribution. It looked a lot worse than it was. A couple of distance statements on a router did the trick. It was basically an EIGRP transit router that had an OSPF interface. Since OSPF distance is better than EIGRP external, the EIGRP routes weren't passing through. Setting OSPF external and inter-area distance to 180 did the trick.

TASK 3 complete, 24 out of 24 points (52 total)

11:00 performed mass reboot and am going to lunch. Will perform ping test upon returning.

Thoughts on lab so far: Not bad. As I previously mentioned, these IE mock labs seem to be just right for the level I'm at. Some tasks that make me think, but nothing I can't figure out. Looking back at my times, I'm not disappointed with anything. I'm a little concerned that I only have 3 hours left, but on the bright side if my scores are correct I only need to pick up 28 points in those 3 hours.

11:20 Continuing
12:07 Ping Test complete. Thank goodness for the mass reboot and the ping scripts. My virtual link didn't come back up. This was due to its cost being 65535. I had to adjust the bandwidth on the link inbetween to get this to come up.

Skipping Multicast for now

12:19 Task 5.1 not complete. I have no idea how to configure sw1 to obtain its ipv6 address automatically
12:24 Task 5.1 complete. Remembered I have to change the sdm before I can use ipv6 on sw1
12:37 Task 5.2 complete. I'm calling it complete. R1 doesn't seem to support OSPVv3.

Task 5 Complete. 5 of 5 points (57 total)

12:52 Task 6.1 complete--got mark-probability confused with exponential weighting constant
12:54 Task 6.2 complete

Task 6 Complete. 5 out of 5 points (62 total)

1:00 Task 7.1 complete
7.2 skipped

Task 7 Complete, 3 out of 5 points (65 total)

1:09 Task 8.1 complete
1:18 Task 8.2 complete. Couldn't set the message for some reason.

Task 8 complete, 6 out of 6 points (71 total)

1:32 Task 9.1 complete
1:36 Task 9.2 complete

Task 9 complete, 5 out of 5 points (76 total)

1:58 Task 10.1 complete
2:05 Task 10.2 complete
2:10 Task 10.3 complete
2:15 Task 10.4 complete

Task 10 complete, 12 out of 12 points (88 total)
Time's up!!! Well, if I didn't make any mistakes, I'll have passed. Now I'll go ahead and try to clean up the remaining tasks.

2:24 Task 1.4 complete
Task 2.6, I'll have to look this one up. Didn't think you could block a root port
I'm completely stuck on the igmp proxy piece, will have to look into that

Time to watch my son. Hopefully I didn't miss much on what I think I got correctly.

Saturday, January 5, 2008

Proctor Labs Ebook #2

Well, I was hoping to redo IPexpert bootcamp lab 2, but I couldn't get a hold of the initial configs yet so I have to pass on it for now. Instead I'll go for Proctor Labs Ebook #2.

Start time: 8:24am
8:36 Diagram completed
8:56 1st Read through completed
9:38 Routers IP addresses, basic OSPF, and iBGP completed
10:52 Layer 2 complete. Took way too long configuring spanning-tree root. The question said "forward" and I assumed "root".
11:40 IGP completed. Took a little while to find "ip ospf flood-reduction" in the doccd
11:58 Internal ping test completed. Found a mistake in the lab that took some time to correct.
1:44 eBGP completed. Another mistake in the backbone configs.
1:51 External ping test completed
2:01 returned from break
2:50 multicast completed. First time I've messed with BSR so it took a little longer
3:13 QoS completed
3:45 Lab ended. two tasks not complete

Summary
Some tricky wording cost me some time when configuring spanning tree
Mistakes in the diagram and configs cost me some time as well. A proctor would have helped (I hope!)
Never touching BSR before wasted some time
Otherwise, I'd say the lab wasn't bad

Friday, January 4, 2008

SDM Templates

The SDM templates are, sdm prefer
  • access: maximizeds for ACLs
  • default: balance to all
  • dual-ipv4-and-ipv6: supports ipv4 and ipv6 routing
  • default: balance layer 2 and layer 3
  • routing: maximize routing, including ipv4 pbr
  • vlan: maximum usage for ipv4 and 6 vlans
  • routing: maximize routing
  • vlan maximize vlan configuration, no routing supported in hardware

3560 Unicast MAC address filtering

The 3560 will drop packets with specific source or destiantion MAC addresses
Only supports unicast
Usage: mac address-table static xxxx.yyyy.zzzz vlan v drop

Doc CD

Here begins a new installment of my review of the Doc CD. I'll begin with the 3560 Switch Software Configuration guide.

Cisco IOS CNS Agents
The Cisco Configuration Engine automates network device and service deployment
There are 3 components: Configuration service, Event Service, and Data service directory
Initial Configuration works as follows
  • When the switch comes up, it attempts to get an IP address from DHCP
  • If no DHCP server on the subnet, the switch acts as a relay agent
  • The DHCP server assigns an IP address, TFTP server address, path to bootstrap, and gateway
  • The switch configures the IP address to VLAN 1 and attempts to download the bootstrap config file
  • The Cisco IOS agents talk to the configuration engine using the ConfigID and EventID.
  • The Configuration engine maps the config id to a template and downloads the configuration file to the switch

The prerequisites are

  • Access switch: must be factory default
  • Distribution switch: IP helper address and ip routing if a gateway
  • DHCP Server: scope configured with tftp and path to config
  • TFTP server: bootstrap config with CNS configuration commands
  • CNS configuration engine: templates mapped to configids

Since I'm assuming the lab won't have much of this available, my guess would be the only likely part would be to enable the CNS event agent and configuration agent on the switch. To do that:

  • cns event
  • cns config connect-intf
  • config-cli
  • cns id
  • cns config initial

to initiate a partial config

  • cns config partial

Thursday, January 3, 2008

Catching Up

Ok, so I have some catching up to do. Here's what I've been up to:

End of November and early December: Focused on graduate school. Between parenting and finals and projects I had no time at all for studies.

Mid December: I managed to get back on the ball a little bit. I completed half of lab 24 but the baby decided not to cooperate and I needed to quit half way through. Besides, I was pretty worn out from the end of the semester and had the holidays coming up so my motivation was lacking.

Took a break for xmas.

Upon returning from xmas I got back on the ball. IEexpert had a nice mock lab sale so I took one on Sunday and another on New Years. I felt I understood the concepts pretty well and did alright with time management but dumb mistakes brought my score down to the 50s.

At this point I feel pretty close to being ready. Grad school starts up again the end of January, so I really wanted to take a shot before then so I could focus. Fortunately, a lab date opened up for 1/25/08 so I grabbed it. I have now paid and the date is set in stone.

I've drawn up my schedule over the next three weeks and I'm hopeful it will be enough:

1/5: repeat bootcamp lab 2
1/6: IE mock lab 3
1/8: IEcore 5 (speed drill)
1/10: IPexpert core 6 (speed drill)
1/12: repeat bootcamp lab 3
1/13: Proctor lab 2
1/15: IE core 7 (speed drill)
1/17: IE core 8 (speed drill)
1/19: repeat bootcamp lab 3
1/20: IE mock lab 4
1/21: IE core 9 (speed drill)
1/22: IE core 10 (speed drill)
1/23-24: reading and rest
1/25: give it my best shot

The plan here is to get a mix of new stuff, speed drills, and repeats. I still feel the bootcamp labs, especially 3, were tough and covered a very wide range of materials, which is why I'm repeating them twice. This gets me about 70 hours this month. It if doesn't go well on the 25th, I'll take a break during the Spring semseter and repeat the IPexpert bootcamp over the summer and set another course of action at that time.