设为首页收藏本站language 语言切换
查看: 2133|回复: 4
收起左侧

[LAB战报] CCIE pass

[复制链接]
发表于 2011-6-24 10:44:13 | 显示全部楼层 |阅读模式
I tried my second attempt in Dubaï the June 2011, but I failed it.in attached the" H$ ]- J" j; }
topology of the troubleshooting section
: n% n/ Z  G) v/ ]9 G( lMy configuration section(K1) was successful, but I failed troubleshooting section (68%).
. `* j* T, U4 `0 z  D; |5 }; G  e: {; u3 hBelow the kind of questions I got in troubleshooting section :
& D  u/ @1 _: S8 V. X1- BGP peering issue. the question also said that you should establish the peering int the safest
& O, l/ M% Z& U) @way.7 K: P5 W" l5 k% j, p
When I check the config, I see that there is "neighbor xxxx password cisco".' c7 r, {) w7 n% ?; x7 b. \: @% J
I did " no neighbor xxxx password cisco", and then "neighbor xxxx password cisco" on each peer,
4 t/ B, E2 U% Z9 A/ I# `2 }+ j$ fand the peering comes up.$ e! Z2 g9 ]/ O: v  |7 \& T
About the safest way, the use the "service password-encryption" command on each peer
; h  V- z) ?+ @* n' ^, j" |8 T& d2- reachibility issue: PC1 in one AS(AS 300) cannot ping PC2 in another AS (AS 100)/ W1 G9 ]  Q. g3 {  F+ A0 q3 j9 M
I see that the router connected to PC1 do not have the route to PC2 , because there is already AS
6 q" B, I1 S% l300
" k3 c$ v  Q: i8 lin the as-path to reach PC1.
  D! @: U1 ]; `2 O+ Dto solve it, I modify the route-map on the router (on router on the path between the two PCs) on& E  U* r/ M2 U6 t4 P; E$ Y
which the as-pas preprend is configured.
' G. i0 q9 t. N+ ~! l# L* oI just remove AS 300 in the as-path prepend command, and it worked.
8 u- L. j- v& K" K, w6 u% H$ I3- OSPF neighbor issue : R13 and R15 cannot establish ospf neighboring with R14.
- P4 K( O+ H5 P+ |6 \) `! I1 {* Ron R14, I see that the serial interface is configured as DCE, not DTE; also the lmi-type was ansi.
! [9 r! ~$ k2 d- s4 _I changed the interface to DTE and the lmi-type to cisco.
  x% |$ [' w* i) ^1 {4- Load-balancing issue in EIGRP domain: there was on router with "bandwidth 1000" configured
' J3 O8 B; U6 Z5 _9 qon and interface,
! i; @9 h0 ^3 q6 h$ H: Oand another router configured with "delay 120". I delete these two commands, and I saw the two
, h  T# F! k% C' ~4 H  _paths in the routing table
6 G3 ^% I) @" u1 M1 U* ]3 j- k5- Reachibility issue between two PCs accross OSPF domain : here the problem was an virtual-link
! w5 [) y: y- l& B# `down, because of a network type mismatch
. v: q, z3 V  F) ]1 s! w(between R16 and R17). I remove the network type pont-to-multipoint on R17 Ethernet
, L3 i) s$ b# r6 K+ tinterfaces connecting R16, and it worked.
. r6 z% y, G& G" N6- reachibility issue :there was a redistribution problem, missing default-metric when
' _* ]% t2 O: M( g% N  K7 Bredistributing ospf in eigrp
- h8 \, ~# m7 Z- j1 p+ y- |1 l! x7- SNMP issue: failed to send link-status traps. I used these two commands:& |  T' z) [3 Z( W
(conf-if)#snmp trap link-status)
5 W8 }7 R8 X9 n$ C/ ?(config)#snmp-server trap-source loopback 0. g/ j4 R' H5 M. \. u2 t+ j
8- Multicast issue (autorp): some routers (R11) are not able to get by autorp the addres of the rp6 \) d& G& Z" c$ [
(R3).
; C5 y' y$ K8 p* M  C! eI did not resolved this issue.3 z3 C4 l- z! z: ^* u- g
There was an access-list in R3 with the wrong multicast-group. I changed the address from
/ c3 {, E3 f: m/ v9 ~' @* S224.1.1.2 (wrong address)to 224.1.1.1 (right address)
* ]+ N3 o5 @& H! h% e& Z9 iAfter that, R5 get the address of the RP, but not R9 nor R11. the PIM neighbor relationship was6 U5 Q, F4 U% d
OK between these router.% q- q* R, i, T! t7 c: k5 N
the "ip pim sparse-dense-mode " was configured on all interfaces between R3 and R11.8 m* }9 @, B/ A0 K6 W
9- Control-plane Policing issue. R9 loopback cannot telnet R10 loopback. there was many9 f) R9 v* ]6 p: j; @
restrictions on this question like:: U/ Y0 |( E3 \
-don't remove any configuration, don't remove any access-list, don't delete any line
1 J0 k' O6 G4 R0 S' Z, }. @configuration.But you can create your access-list8 @# M: m9 O  Q5 }: C
When I check R9, I see that there is a CoPP , with a class-map (TELNET) which deny all telnet! Y- F3 e4 x2 Q, P. E) B+ I" I
traffic.$ U/ S( e. T! q. v
below what I did:  k2 A- _/ z4 x5 ~0 ]% j
- create an access-list : access-list 101 permit tcp host R9_lo0 hos R10_lo0 eq telnet
' T4 h1 t4 g. s/ f1 p& I- create a class-map which matches the new access-list :8 D  t& N8 J+ U" U; c! ?5 [# I
class-map ACCESS
# [  Y+ A: |" M4 a+ gmatch ip address 101' C: A+ \0 f+ w
- modify the policy-map like this :
) B* V$ `* k3 O# x) D9 r' bpolicy-map R10_POLICY
5 m; l1 J6 r- o7 w0 N0 C# Uno class TELNET, m+ T- E) M/ o7 V5 j- Z
class ACCESS
2 x  x* ?* v" uclass TELNET' F( x& c% [1 U6 l, \
there was also "transport input none" in line vty of R9. I configured "transport input telnet" , and
  v; h. ?8 x7 Fit worked: z! ^. K' u; D4 A( i# |% I
10- tunnel issue between R5 and R13: tunnel is flapping.I used the debug tunnel and I see a0 Q  |" k! `% o# Q" h# L( d6 i
recursive routing issue.
1 k$ B# M; F7 V/ T7 M2 l$ ]After that, I check the routing table and the config of each router .We have the configuration' Z( ?9 L. h! _$ q
below:8 s2 d4 x8 m7 _/ b8 i
R5: U6 ^# Q5 I- {( _7 K1 ^2 i
int tunnel0
! ?6 [+ I0 Q' F! Qip address 135.0.0.5 255.255.255.04 G: t/ m8 `5 l- Y% `$ @, n6 T
tunnel source R5_lo0
5 n  ?! r9 T. W5 f5 K$ Btunnel destination R13_lo0
0 {" `' b; F+ R( h3 R6 ]' n( D3 oip route 135.0.0.13 255.255.255.0 tunnel01 d3 ~$ K& w* Q. k9 x
R13% S; K) n" P8 v; n) w0 ^2 J
int tunnel0# q4 r+ U3 o' j) |: a4 Y3 r
ip address 135.0.0.13 255.255.255.0% E$ j. [" Q/ e9 ]3 x
tunnel source R5_lo0
* T, q) _) X$ ?# h& M3 k, l& u0 otunnel destination R13_lo0' i& V) x8 _" o$ M& k
ip route 135.0.0.5 255.255.255.0 tunnel0
1 }/ C) a$ s0 d1 @$ a  {" N7 |2 keach router learn the loopback of the other by ospf. I delete the static route in each router, and it) b& _1 Q5 [0 h4 f4 S; k, ]
worked.
) V6 B! _) S2 r9 |1 P( bI was sure that I will pass the troubleshooting sestion, but no luck.
& I% y& ^" x1 |7 `5 WAt the break, when we discuss with the proctor, he said that there is only one way to solve each
$ L, {' i8 r: n7 M8 W! {# n- D/ ^) @issue in troubleshooting section.
  \1 d2 e" w- _+ f+ ?Also, I see that there is a lot of restrictions on each ticket, so be very careful about that.1 \: ~4 P. G1 p1 d
I also see that Cisco can smoothly modify each question by adding restrictions, so two guys can
( ~- o( w, _5 thave the same topology, apparently
" k6 b* ]& u* vthe same kind of questions, but different way to solve these tickets because of restrictions.
! k% V5 M+ s8 ~: `( UWhen I see my troubleshooting score (68%) , I'm sure that my tickets 2,3,4,5,6,7 was good. I'm
: p, p: ^+ g9 f% u. r) onot sure about the other.- V2 M, `; k6 v3 M
I want to share this experience with you because I think we can all get this CCIE number.
* E7 f) I$ U  I, T5 L. nplease , if somebody in the forum get the same tickets and pass this section, please share with- V' ~: N$ ~: p4 ?8 X" |6 v
me your answer.! |4 Q% N3 V: d) r* Q+ o7 i, i7 e
I don't want to make the CCIE exam all my life. I want to make my third and last attempt next! n% \8 c+ X+ m
month.
发表于 2011-6-24 11:03:26 | 显示全部楼层
英文不好捉寄
沙发 2011-6-24 11:03:26 回复 收起回复
回复 支持 反对

使用道具 举报

发表于 2014-6-17 08:43:30 | 显示全部楼层
谢谢楼主分享!!!!!
板凳 2014-6-17 08:43:30 回复 收起回复
回复 支持 反对

使用道具 举报

发表于 2018-8-28 16:27:01 | 显示全部楼层
aaaaaaaaaa
地板 2018-8-28 16:27:01 回复 收起回复
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2025-4-2 16:11 , Processed in 0.257208 second(s), 25 queries , Redis On.  

  Powered by Discuz!

  © 2001-2025 HH010.COM

快速回复 返回顶部 返回列表