Sunday, June 7, 2009

IPExpert SP Volume 3 Lab 4 Complete

Layer 2:
No issues

I've never heard of isis mesh-groups before. From the task, it sounded like a split-horizon type of technology, and that's exactly what it does. In essence, don't flood a route out a mesh-group interface if you received the route from another interface in that mesh group.

No issues

Messed up MSDP AGAIN!!! Ugh, I was so close this time. I spent some time verifying and was able to see the packets flowing, but they were getting stopped due to null output interface. No RPF issues and the loopbacks were running pim, so I couldn't figure it out. Turns out the external peer didn't have an RP, so the sa cache was empty on the inside peer. Once I statically made the external peer an RP, the internal peer's sa cache populated and pings went through.

No issues

L2/L3 VPN:
The basic VPN topology is still way too simple. No issues until the end when I got to the L2 part. I never would have dreamed of encapsulating a q-in-q tunnel inside of l2vpn--very cool!
I cheated and used a vlan other than 49 instead, so -2 for breaking the rules of one of the tasks.

QoS and Security:
Blew setting DSCP for RSVP

Lots of really ambiguous working on the other tasks in this section. I would have been able to ask a proctor for clarification if this were real, so I'm not deducting points. On two tasks, I chose the wrong option.

Chose the wrong banner. More ambiguity. I'll take these points off though. -2
Wrong telnet config, -2
Wrong interface buffer config, -2

Lab complete, 86%

The lab definitely got more complicated this time. The VPN is still a bit on the easy side, but everything else is about right now. A lot of ambiguity that I probably could have got points on with a proctor to talk to.

Speed is good too. Total time was 6 hours, with quite a few short breaks.

No comments: