10 Days to go

9:38am Wow, I cant believe I only have 10 days left to prepare. I’ll have to make the most of it. Just completed the first vol3 lab. Pretty easy stuff, definitely missing the multicast section. The last will probably progressively get harder. One new thing I tried in this lab when redistributing between rip and ospf to save time is to use:

ospf distance external 121

I normally use tags just to be sure, but these are time consuming, i changed the external distance and it worked fine, but this wont work if another part of the lab is redistributing into ospf, because then the routes redistributed into rip will be prefered with a admin distance of 120.

1am Just completed vol3lab5. First half done, but as I thought they are getting harder and longer to complete. If I keep a steady pace, I could possibly complete them by tuesday.

Some interesting scenarios in the first few labs:

The question is to setup the a hub and spoke frame links so that if the DLCI becomes inactive or deleted the interface goes into down state. I initially set it up with a multipoint subinterface but when I verified this, the link stayed up

sh frame-re pvc in s1/0 | in 301
DLCI = 301, DLCI USAGE = LOCAL, PVC STATUS = DELETED, INTERFACE = Serial1/0.301

sh ip int brief | in 301
Serial1/0.301 190.1.135.3 YES unset up up

I changed the multipoint to ppp over frame on point-to-point sub interfaces. The goal was to keep the ip the same for both circuits the same on the hub. PPPoFr work for this because even though I used two different sub interfaces they link to same virtual-template. One ip is linked to different dlci’s. So after the change and removing the dlci’s from the frame switch, the interface went down when the dlci’s were deleted or inactive. The solution guide used the first method but does not show any verification.

sh ip int brief | in 301
Serial1/0.301 unassigned YES unset down down

The first few times I used PPPoFr it was a bit unfamiliar and tried to avoid it if possible, but its really quite simple. Consider the following few lines to change from a multipoint to PPPoFr config. The PPPoFr has exactly the same amount of statements. 2 frame-relay commands and one ip address.

interface Serial1/0.301 point-to-point
frame-relay interface-dlci 301 ppp Virtual-Template1
interface Serial1/0.305 point-to-point
frame-relay interface-dlci 305 ppp Virtual-Template1

interface Virtual-Template1
ip address 190.1.135.3 255.255.255.0

Another interesting discovery was that it seems that is only possible to run one ospf virtual-link over a point-to-point interface and the secondary virtual links will only come up when the interface is changed with ip ospf network point-to-multipoint. Any other type besides ptp would probably work. When I see an opportunity in another lab I will double check this.

11 Days to go

16:48 Just completed mock lab1. While most do this one first, I did it last, for one reason, speed and accuracy. I completed in 5hours 15 minutes but was working at a snail pace, so it felt. Doing lots of labs helps with speed without trying. I did this lab slowly but still managed to finish early. I thought over 3hours will be way to much time to check everything but I was still busy doing the last tclsh script to check full reachability with 30minutes to go. I havent downloaded the solution guide yet, but Im ready for surprises. I have a feeling that the solution guide and my solution guide is not going to match Will see how the grading script goes. Might have to send IE a mail for some “errors” I have picked up. Will check the forum later, maybe someone thought the same. This lab was definitely not a walk in the park, I actually think with one or two more questions and adding one or two lines/restrictions/requirements to the questions this could easily be a level7.

Overall not a bad thought out lab, there are some ambiguities that I will have to wait and see what IE thought. According to my own grading I should make the 90’s but there are always surprises. If there are no surprises and I didnt make silly mistakes e.g. missing a value in an acl, then I should be quite close to 100. From experience with IE I know the script hates me so Im ready for it. In the last 3 hours I found 6 points in the first hour. In the last 2 hours I made small changes but not of any value that I can see in the solution guide. Most was due changes that had to be made because of ambiguities. Will have to wait 110 hours for the score.

— Rant starts here —

Initial configs and diagram dont match. Lab says explicitly not to change ip addresses in initial config. Vlan7 on diagram is displayed as 10.X while my rack number is 11 the initial config had 10.1. This no sweater except that an ACL had to match this address.

The ipv6 questions was extremely annoying because the ip address in question displays 2001:163:X:4::4 where 163 is the major network and on vlan4. The rack number is 11. Well this seems easy, just add 11 to make it 2001:163:11:4::4 which looks similar to the ipv4 address 163.11.4.4 for reading purposes. The annoying part is that there is no message to say whether to use hex or not. I went with the cisco way and used hex which makes the address 2001:163:B:4::4. What is further annoying is that the IE labs are so inconsistent that one never knows what they are looking for when there is an ambiguity. This is understandable because they have more than one person setting up labs, but this should be more clearer. I checked the solution guide, as they use “1″ I wouldnt know untill I get the score which they wanted. Same with the Vlan7 address, solution also uses 1, so I wouldnt know whether the error in the initial config had to be changed.

Another example of inconsistency. In vol2lab20 it wasnt good enough to set a hsrp priority decrement while tracking a “frame-relay connection to the frame-relay cloud“. In mock lab1 it is good enough. The restriction was not to use ip sla so I tracked a rip route.

Solution guide gets -6 for the NTP section. Question has a requirement: “Use the most reliable interfaces on R2 and R4 to accomplish this.” The routers are not using loopback0 interface to speak to the BB routers, only for the internal routers. -6 for these two  and -3 additional points for making me risk points to advertise R4 and R2 loopbacks to BB routers, especially R2 loopback who only peers with BB3 via bgp so I had to advertise the route via bgp, which in effect caused R1 not to advertise R2’s loopback to Sw2 because it had this route via bgp while sw2 does not run bgp so eigrp didnt advertise this route to sw2 via eigrp. Ok in short, I had to make the admin distance on R1 for bgp higher than eigrp so R1 could be more generous and share the damn route with sw2. Why? so that sw2 could sync ntp on R2’s loopback. Maybe I should make that -6 points for the extra effort

There are some more, e.g to use summary-only or not in the bgp aggregate, but I’ll call it quits

— Rant stop here —

12 Days to go

11am Lab19 completed. It is a bit over rated at level10, should be between 8 or 9. Initial configs loaded for lab20.

Posts might get a bit shorter from now untill the lab…

20:42 lab20 done. A short sigh of relief and on to loading initial configs for vol3lab1. I will spend 3 days on these, what I get done, great, whats not done in these three days, too bad. Tommorow is the last IE mock lab, level6. I would prefer to do another level7 or 8 in stead of the level 6, but that means I must aim to get above 90%. A 90 will be a pass, but again my worst problem at the moment is myself. Tomorrow I should be able to finish early and get time to verify. Technowledge confirmed my retake of assessor 2b on the 6th of june. Thats good and bad, one there is not much time to do anything if I discover a weakness on the other side if I do well, i’ll feel a bit better going into the lab on the 11th. I have already read the 2b lab so I have a bit of an advantage, but already confused due to the labs I have done since, which is good.

13 Days to go

2am Today (Technically yesterday) was a productive day, this normally means that I have trouble to sleep afterwards. On the one side Im spent, no cpu cycles left to do more labs. A reload in 5 command would have been useful now. Will browse some blogs, maybe someone discovered something new. I leave cape town on 6am 9th june and arrive 4:30pm brazil time in sao paulo. Another 1 to 2 hours boarding and to get to the hotel so if all goes well in total its going to be 15-16hours of traveling. I wonder whether cisco realises the lab seat crises. Anyhow, getting some sleep after traveling shouldnt be a problem. The 10th will be a timeout period and the lab is on the 11th June.

14:18 Lab18 completed but Im starting to fade. Will crawl along as far as possible in lab19 level 10.

23:33 Got to multicast in lab19, didnt spent a lot of time this evening but should still be able to complete 19 and 20 tomorrow. Then on friday its the last mock lab. One thing I havent noticed with my mock lab scores is that, even though I check a few times whether the mock lab has been graded or not I never see the scores increase. Not that I expect them to increase although some questions were suspectecly marked wrong, but what I read on the net is that the score increase… hmmm.

14 Days to go

8am 2 Weeks to go, after today there are 10 prep days left. If Im not ready now, Im probably not going to be ready in two weeks time. I will use the next three days to complete lab16,17,18,19 and 20. Friday I have the last IE mock lab. It will be mock lab 1, level 6. If I fail that, I have serious issues, but my goal is not to make any unforced errors and work on the second verification.

1:35pm Lab16 completed. Did a bit of “research” on the topics I didnt get right the first time which cost a bit of time, but was well worth it. Will need to speed things up a bit if I want to complete lab17 today as well, but this will depend on what is in the lab. If its a weaker area I will do the necessary reading even if I only complete it tomorrow.

2:12pm Lab17 Initial configs loaded.

7:53pm lab17 completed. This one went quick. Spent a bit of time on the doccd searching for Admission control, glad I did, found a new way to use the doccd. Instead of just using the configuration guide/command reference, I now also use the new “default” page to look for features of the other IOS’s. For example Network Admission Control is under 12.3T feature list. Will read lab17 again then load initial configs for lab18.

Useful 5 minute page on bridging vlans

11pm Will start Lab18 IGP tomorrow morning. Have only done 1hour after lab17, took a break and went to visit one of the camps where 500-600 of the refugees fleeing the xenophobia are located. Was a good a refresher and an eye opener to again appreciate the quality of life I sometimes take for granted. For those interested:
http://edition.cnn.com/2008/WORLD/africa/05/23/southafrica.violence/index.html?iref=newssearch
http://edition.cnn.com/2008/WORLD/africa/05/25/southafrica.violence/index.html?iref=newssearch

15 Days to go

9:16am Working through lab15 today. It would be great if I can complete it early and get to full reachability in lab16. Friday I have another IE mock lab, the goal in this mock lab is to finish early and go back through everything again. “Unforced errors” are my biggest concern at the moment, these increase with the speed im going at, I need to improve both.

5:19pm lab15 completed. Played a bit more with the transparent v2 issue, it is still not working on the newer switches. Will try it a bit later on some older 3500xl and 2950 switches. Currently what Im getting is the following:

21:47:37: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/16 - not in domain CISCO

Rack1SW4#sh vtp status
VTP Version                              : running VTP2
Configuration Revision                       : 0
Maximum VLANs supported locally    : 1005
Number of existing VLANs                 : 9
VTP Operating Mode                           : Transparent
VTP Domain Name                              : IE
VTP Pruning Mode                               : Disabled
VTP V2 Mode                             : Enabled
VTP Traps Generation                          : Disabled
MD5 digest                                          : 0xD3 0×56 0xA7 0×96 0xDB 0×0A 0xDD 0xA0
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

Rack1SW4#sh ver
Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(40)SE, RELEASE SOFTWARE (fc3)

 10:52pm Got to multicast in lab16. I thought the multicast was going to be easy but this one is interesting. It involves multicast over frame-relay links that are not configured for broadcast/multicast traffic. I played some more with the Vtp2/transparent scenario and it is looking more and more to me that somewhere more or less when they changed the show vtp status to display “running VTP2″ from the old way of just “2″ which werent clear wether the switch is actually running version 2 or 1. Anyway, somewhere in between then or when they changed from “v2-mode” to “vtp version 2″ the functionality changed. I said last time it is a good thing to remember in production, well its because we have similar situations and was worth noting this. Im glad Tassos proved that it does work on his setup, which lead me to test this on the production network with some older switches. What I found was that though it does not work on the newer code of the 3560’s and 3550’s it does work on the older switches which we do have some in production. The reason why this is important is because the older switches have a low maximum vlan they can take so they are running in transparent mode already due to the switch switching from client to transparent automatically when the max vlans are reached. Since we have different vtp domains, it will be interesting to know far these messages are being relayed. A quick fix will be to make sure they are running VTP1

May 26 17:17:38: VTP LOG RUNTIME: Dropping packet received on trunk Gi0/1 – not in domain core
staff-35-1#sh vtp status
VTP Version                             : 2
Configuration Revision                      : 225
Maximum VLANs supported locally : 254
Number of existing VLANs               : 117
VTP Operating Mode                         : Client
VTP Domain Name                            : staff
VTP Pruning Mode                            : Disabled
VTP V2 Mode                          : Disabled
VTP Traps Generation                      : Disabled

After changing to transparent and v2-mode

VTP Version                                         : 2
Configuration Revision                      : 0
Maximum VLANs supported locally : 254
Number of existing VLANs                : 117
VTP Operating Mode                          : Transparent
VTP Domain Name                            : staff
VTP Pruning Mode                             : Disabled
VTP V2 Mode                                     : Enabled
VTP Traps Generation                     : Disabled

May 26 23:08:58: VTP LOG RUNTIME: Relaying packet received on trunk Gi0/1 – in TRANSPARENT MODE (nc = false)

 

16 Days to go

9:50am Today is Sunday so Im taking some much needed timeout. Yesterday I completed lab14 and loaded lab15 initial configs.

Version-Dependent Transparent Mode—In VTP Version 1, a VTP transparent switch inspects VTP messages for the domain name and version and forwards a message only if the version and domain name match. Because VTP Version 2 supports only one domain, it forwards VTPmessages in transparent mode without inspecting the version and domain name.

This information from the doccd is actually incorrect. If the domain names dont match, the transparent switch wont forward the vtp messages whether version2 or 1. Again, something to remember in a production network.

Another thing I noticed was that the Doccd had a major change yesterday. The “Configuration Guide” has now the same format as the “Command Reference”, but it seems everything still links to the same pages so it wont take too long to get used to the format.

17 Days to go

13:30 Still busy with lab13. Planning to complete lab13 today and get well into lab14. Tomorrow is Sunday so I might spend an extra few hours labbing tonight. Depends on how much I get done. Last I heard from technolowledge was to find out when I want to schedule the retake. Depending on how the current schedule is, I will retake on the 5th or 6th june. I set those days out for reviewing. I will have an advantage in the retake as I read the exam already, so therefore I have to up the expectation bar a bit higher.

The blog seems to be unavailable at times, not sure if there is a limit of traffic the site can take, perhaps there is an upgrade feature that allows more traffic, but I cant seem to find it. For now there is not a lot of time to fiddle with the blog, so it will have to stay this way, unfortunately.

Lab13 has an interesting VTP setup. All for switches are in the same VTP domain. The interesting part is that one switch which in transparent mode has a access port in vlan 25. In the rest of the VTP domain, pruning is enabled. Due to the switch in transparent mode not participating in VTP messages, the other switches will prune off vlan 25 on the links to the transparent switch. Something to remember in the real world as well. One way to fix it is with a “switchport trunk pruning vlan remove 25″

18 Days to go

7:35am Did some browsing of the the doccd and came across NHRP under the IP addressing section and wondered whether this could be on the lab. Technically it falls under ip addressing which is on the blueprint. Just briefly read over it, at some stage I will try to setup a basic config. Assessor starts in 20minutes

4pm The assessor was a disaster. Everything that could possibly go wrong went wrong. Am I just saying that because I got a bad score? No, I got 96%, but this is also not correct. I will get in contact with the vendor and probably have to retake this test. It is really disappointing to say the least. The questions are really of high quality, but the rest of the labgear interface completely sucks, this is not just a rumour. Half of the features didnt work and only gave me a HTTP 500 Internal Server Error. I will find out soon how the service is. Hopefully this makes up…

I will work through mock lab6 answers and skip the whole assessor answer sheet as Im hoping for either a retake or refund. If I manage to get a refund I will take an IPexpert mock lab if they have or something similar from NMC.

5pm Ok, went through the Mock lab Solution Guide in a bit more detail. I gave the solution guide 87%

* Definite spoilers in the following section if you intend writing IE mock labs at some stage

4.3 SG -2
“Enable EIGRP on the Frame Relay circuit between R1 and R3.” SG uses default encapsulation on these links.
Second reason: the summary had to be configured on the ethernet section the R5 as well. R5 will redistribute this more specific routes into ospf and pass it on to R1 via ospf. Therefore R1 will have the more specific routes and the summary on the serial is not sufficient.

4.9 SG -3
Solution Guide used 12 statements. First reason is this is not the minimum. Its possible to set the tag on the redistribution command that does not match metric 1-5. I also used 12 statements but one important thing the SG does not address. The BB router also has the route 192.10.1.0 which with the SG answer gives the 192.10.1.0 range a metric of 10. R5 has this route as connected. The problem is that when BB2 passes this route to R5, it has a metric of 1 which would mean it must have a metric of 5 when it gets to R6, but because its connected on R5 it does not match metric 1.
Rack1R6#show ip route rip | include 0/0
R 222.22.2.0/24 [120/10] via 176.1.46.4, 00:00:21, GigabitEthernet0/0
R 220.20.3.0/24 [120/10] via 176.1.46.4, 00:00:21, GigabitEthernet0/0
R 176.1.0.0/16 [120/1] via 176.1.46.4, 00:00:21, GigabitEthernet0/0
R 192.10.1.0/24 [120/10] via 176.1.46.4, 00:00:21, GigabitEthernet0/0
R 205.90.31.0/24 [120/10] via 176.1.46.4, 00:00:21, GigabitEthernet0/0
R* 0.0.0.0/0 [120/15] via 176.1.46.4, 00:00:21, GigabitEthernet0/0

This route should’ve been:
R    192.10.2.0/24 [120/5] via 176.2.46.4, 00:00:02, FastEthernet0/0

4.10 SG  -3
1) Requirements not met because the summary in 4.3 was not applied on the ethernet segment to R5 and SG has no filter in place for the more specific routes.
2) Overall objective is full reachability, no reachability to sw3 and sw4 loopback.

4.12 SG -2
summary does not include sw2,sw3,sw4 loopback ips.

“Upon completion, all devices should have full IP reachability to all
networks in the routing domain, including any networks generated by the
backbone routers unless explicitly specified.”

10.2 SG -3
failing to attempt the question, therefore no mark.

Do I really think the SG deserves a 87, yes and no. Im sure in the real lab there are points and questions that we could debate for days on. I think this is the reason why we dont get a detailed score report for the lab.

I made the following error in the lab while setting up mroutes and Im surprised I didnt loose more than just 2 points.
4.7 2 points

Rack2R4(config)#do sh ip pim rp map
PIM Group-to-RP Mappings

Group(s) 239.3.0.0/16
  RP 150.2.3.3 (?), v2v1
    Info source: 150.2.5.5 (?), elected via Auto-RP
         Uptime: 00:00:07, expires: 00:02:49
Rack2R4(config)#ip route 0.0.0.0 0.0.0.0 176.2.145.5
Rack2R4(config)#do deb ip mp

IE’s response to question 4.7, a totally different task than the multicast section:
“you’re not allowed to configure default static routes on R4 for this task”

6pm Moving on the lab13. Will put the assessor behind me and try and focus. I will probably only hear from cisco on monday/tuesday anyway. On the one side if I retake it I wont get an accurate “assessment” about how ready I am for the real lab because I saw all the questions and answers. Or I should retake the exam on the day that I planned to review the assessor labs. Ok, blocking it out, lab13 here I come…

8:26pm Received a mail from Technowledge, they are aware of the issue and a retake is on the cards. Waiting for confirmation.

19 Days to go

8am 19days, pressure is building. Got almost two full labs to complete today, will see how far I get. Tomorrow is the last assessor, really motivated for a good score. Still waiting for mock lab6 score which is overdue now. I clicked the “overdue” button, maybe that does something. This will probably only be available late tonight when its day in the US so I can go through it tomorrow after the assessor. After the assessor I only have one mock lab left, mock lab 1 level6.

12:30pm Lab11 complete. Still have another 7-8hours left to complete lab12 level7, should go a bit quicker on this one. Lab11 was interesting, except for killing R6 it didnt feel like a level9. Time to write erase and paste lab12 initial configs.

2:30pm Receive the score for mock lab6, 74%. Its not a pass but I’ll take it. I havent gone through the answers yet, will do that after the assessor tomorrow. One thing is weird, I got a 0% for the bgp section which I thought I got 100%, will look into this tomorrow.

9:07pm Lab12 completed. Rated level7 but I would rate it at level8. BGP section is tedious, long configs for a few points. Im looking forward to the assessor 8am tomorrow morning. I will log in quickly and check that everything is ok, although I did that last time and still ended up battling with the app. Im glad I met my target for the week, to finish up to lab12. I also feel that I have made progress in the last 2 weeks. Just have to invest a little bit more time. The goal seems achievable.