设为首页收藏本站language 语言切换
查看: 2143|回复: 4
收起左侧

[LAB战报] CCIE pass

[复制链接]
发表于 2011-6-24 10:44:13 | 显示全部楼层 |阅读模式
I tried my second attempt in Dubaï the June 2011, but I failed it.in attached the& o8 e7 Q9 h, R/ A) r3 J
topology of the troubleshooting section- x# z: ?4 V8 q" k
My configuration section(K1) was successful, but I failed troubleshooting section (68%).
2 u  l( {- }8 ]1 U# c0 cBelow the kind of questions I got in troubleshooting section :* r. n, h: v/ p/ f9 \
1- BGP peering issue. the question also said that you should establish the peering int the safest$ `- b) ~" g. ~, ~/ k1 A) n
way./ n' F% V: ~  c' r* p
When I check the config, I see that there is "neighbor xxxx password cisco".
& k, a* J& q9 y, l$ w2 y' _  g: vI did " no neighbor xxxx password cisco", and then "neighbor xxxx password cisco" on each peer,
- h$ I5 k! ?3 jand the peering comes up.. ^/ O, q4 e3 w
About the safest way, the use the "service password-encryption" command on each peer3 P" m& e5 Q6 ]2 W
2- reachibility issue: PC1 in one AS(AS 300) cannot ping PC2 in another AS (AS 100)
/ f! [# s2 P* V; R' G, r' T3 VI see that the router connected to PC1 do not have the route to PC2 , because there is already AS
# D0 `- u8 [. e6 h300* J# A+ m& S6 B* a) B
in the as-path to reach PC1.
" t! l7 k; I2 T6 v, _7 ~# W# @to solve it, I modify the route-map on the router (on router on the path between the two PCs) on' D* T3 g3 j2 r% R$ T
which the as-pas preprend is configured.
. F0 d6 e/ }8 RI just remove AS 300 in the as-path prepend command, and it worked.
: Z$ G' r( B" V3 W9 n3- OSPF neighbor issue : R13 and R15 cannot establish ospf neighboring with R14.
& W2 b- @5 @8 U! x5 son R14, I see that the serial interface is configured as DCE, not DTE; also the lmi-type was ansi.
& A: L$ s6 h, VI changed the interface to DTE and the lmi-type to cisco.
: R" Y! c9 i6 s2 i. }4- Load-balancing issue in EIGRP domain: there was on router with "bandwidth 1000" configured6 C" W( _8 ~( q6 [
on and interface,- T: }1 \/ b6 L6 Y6 v" F+ C: R
and another router configured with "delay 120". I delete these two commands, and I saw the two
! ~& w; w/ p2 G; J8 Tpaths in the routing table) W4 D3 R. n8 b& q  o/ J; F
5- Reachibility issue between two PCs accross OSPF domain : here the problem was an virtual-link/ u0 u# i* |! u9 x
down, because of a network type mismatch  y# V4 g# Y0 w3 n- h3 L- p- H
(between R16 and R17). I remove the network type pont-to-multipoint on R17 Ethernet5 M& y: A9 \0 N" J' [- d
interfaces connecting R16, and it worked.
  {$ h& v2 ?' J  p% J3 \- ]+ C6- reachibility issue :there was a redistribution problem, missing default-metric when8 k) L$ N. F& G- K, k' y
redistributing ospf in eigrp
, K* w& r8 O: }. R7- SNMP issue: failed to send link-status traps. I used these two commands:
4 [' e3 v/ D+ B0 @(conf-if)#snmp trap link-status)
) r0 @' a" t% m, E(config)#snmp-server trap-source loopback 0
( R3 d+ R0 ^; \# a4 {8- Multicast issue (autorp): some routers (R11) are not able to get by autorp the addres of the rp% g' z4 E/ ~6 h; q
(R3).' @* y( v) _" j. v% r0 t
I did not resolved this issue.# G0 |4 O4 x' ~- \* w
There was an access-list in R3 with the wrong multicast-group. I changed the address from4 m6 T$ ^& L2 p' V
224.1.1.2 (wrong address)to 224.1.1.1 (right address)/ q  w1 u- c1 F" l# P( a
After that, R5 get the address of the RP, but not R9 nor R11. the PIM neighbor relationship was" U7 `% t9 `1 e% h# w4 J7 j
OK between these router.( J- I& |  k# E$ K' |
the "ip pim sparse-dense-mode " was configured on all interfaces between R3 and R11.# f' c# e5 g+ z! F. }2 u
9- Control-plane Policing issue. R9 loopback cannot telnet R10 loopback. there was many
" {% n1 [' |& c. Q/ grestrictions on this question like:, D* X- O' U) X8 N5 e
-don't remove any configuration, don't remove any access-list, don't delete any line
; a; J, X, P8 Q+ x+ I! K& K' rconfiguration.But you can create your access-list
7 r( o! S0 [8 ^+ Q$ E: SWhen I check R9, I see that there is a CoPP , with a class-map (TELNET) which deny all telnet6 x6 u/ M' h6 P' T6 Y0 T) \
traffic.# ?9 ^3 a$ `2 S* \" |, v1 W) n. \, ~
below what I did:; |4 Z' @) j8 E+ z" S
- create an access-list : access-list 101 permit tcp host R9_lo0 hos R10_lo0 eq telnet
0 O% p$ `; F7 Y; V/ G  z- create a class-map which matches the new access-list :
0 ^7 L4 p" O9 ?+ ?: f8 Z0 N2 j- lclass-map ACCESS
- b" }5 K+ r1 n# l% {; O3 Mmatch ip address 101& z' A9 r; Q% i' ^" v8 m
- modify the policy-map like this :" W; Q9 o% c( m7 V* w- L
policy-map R10_POLICY( S/ p0 |& _# C
no class TELNET
. `7 _. ^! g: I/ ~) c) Gclass ACCESS: ^5 H4 u: p) Y; e( r9 X
class TELNET4 g$ \, C4 ]6 l' W
there was also "transport input none" in line vty of R9. I configured "transport input telnet" , and: [4 N# B2 k! U0 f) G
it worked
4 H) V. Q' d- k# P4 |/ r10- tunnel issue between R5 and R13: tunnel is flapping.I used the debug tunnel and I see a3 u. _/ Y6 A$ g. Y6 s
recursive routing issue.
; t7 n# \+ s2 NAfter that, I check the routing table and the config of each router .We have the configuration
& {. |0 N; h% `; wbelow:. L+ c7 d4 g- K# q
R5
* P" k( |7 f- T" h) ]int tunnel0
% w( m1 t  N$ j* E& Iip address 135.0.0.5 255.255.255.0
" |( J* S* a, Xtunnel source R5_lo0% `- m1 k9 O. P3 x9 i8 U
tunnel destination R13_lo0: z# A: l3 U3 o  G3 ~* F, h
ip route 135.0.0.13 255.255.255.0 tunnel0* Y* V! z  `3 V2 R0 }9 X" A4 p
R13+ ~9 V% o7 a9 a8 a
int tunnel0- A0 O, V: Y2 ?$ k" g1 A
ip address 135.0.0.13 255.255.255.0
3 s; G& t# c* r1 k/ h: V6 u) ?% Q# wtunnel source R5_lo0
+ J/ l. a6 k$ jtunnel destination R13_lo0
2 |8 O/ M" h% h; S6 J  ^7 A: Y' Wip route 135.0.0.5 255.255.255.0 tunnel0
% K$ @( s6 r( |each router learn the loopback of the other by ospf. I delete the static route in each router, and it
! D+ \, z2 h, j' t4 pworked.
; c* F7 X& V; y7 D( o1 @I was sure that I will pass the troubleshooting sestion, but no luck.& z, U) L: z1 N- K7 Z' g
At the break, when we discuss with the proctor, he said that there is only one way to solve each
1 z9 Z( W2 h0 I( \  |issue in troubleshooting section.
" S$ Z- z& C3 e8 j6 bAlso, I see that there is a lot of restrictions on each ticket, so be very careful about that.8 [2 G7 n, U/ b3 J
I also see that Cisco can smoothly modify each question by adding restrictions, so two guys can
# g3 q& j3 b5 e( y7 ~have the same topology, apparently3 R+ r9 n" d& u: j
the same kind of questions, but different way to solve these tickets because of restrictions.% E4 {# _2 \# _
When I see my troubleshooting score (68%) , I'm sure that my tickets 2,3,4,5,6,7 was good. I'm
& |: V+ \$ I5 hnot sure about the other.
2 O/ L; y$ c3 A3 f5 Q5 q3 @* i/ dI want to share this experience with you because I think we can all get this CCIE number.
' x* f, W, u* n& W9 F1 v2 s1 i: zplease , if somebody in the forum get the same tickets and pass this section, please share with
2 M" M  ^- U2 H, zme your answer.# t/ e3 }# c/ x. e4 W
I don't want to make the CCIE exam all my life. I want to make my third and last attempt next% V" w! I! }& u0 g/ g3 s/ {
month.
发表于 2011-6-24 11:03:26 | 显示全部楼层
英文不好捉寄
沙发 2011-6-24 11:03:26 回复 收起回复
回复 支持 反对

使用道具 举报

发表于 2014-6-17 08:43:30 | 显示全部楼层
谢谢楼主分享!!!!!
板凳 2014-6-17 08:43:30 回复 收起回复
回复 支持 反对

使用道具 举报

发表于 2018-8-28 16:27:01 | 显示全部楼层
aaaaaaaaaa
地板 2018-8-28 16:27:01 回复 收起回复
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2025-4-3 18:03 , Processed in 0.079833 second(s), 23 queries , Redis On.  

  Powered by Discuz!

  © 2001-2025 HH010.COM

快速回复 返回顶部 返回列表