- 积分
- 0
- 鸿鹄币
- 个
- 好评度
- 点
- 精华
- 最后登录
- 1970-1-1
- 阅读权限
- 0
- 听众
- 收听
游客
|
I tried my second attempt in Dubaï the June 2011, but I failed it.in attached the7 p: s# z" z2 p, ?' N; }; T
topology of the troubleshooting section q6 ^9 m+ E0 L4 w3 X- r+ U
My configuration section(K1) was successful, but I failed troubleshooting section (68%).
; m( q$ |2 H% e* tBelow the kind of questions I got in troubleshooting section :
2 K+ Y8 i/ O2 D1- BGP peering issue. the question also said that you should establish the peering int the safest
" y' b5 d6 O, P O9 N$ wway.
# | ~5 \& K. H2 {( aWhen I check the config, I see that there is "neighbor xxxx password cisco".% v5 T0 t Y* A$ q
I did " no neighbor xxxx password cisco", and then "neighbor xxxx password cisco" on each peer,
" n1 l& q: r6 W* Mand the peering comes up.
) D1 e4 @! B& ^" H3 R6 H; B7 Z; S! zAbout the safest way, the use the "service password-encryption" command on each peer G$ C6 G6 i( Q: ~2 _
2- reachibility issue: PC1 in one AS(AS 300) cannot ping PC2 in another AS (AS 100)3 w: r7 y o: ` \( Y6 X9 T
I see that the router connected to PC1 do not have the route to PC2 , because there is already AS
6 m8 _; a- k7 s! J) i; H3 }; k300
% F( g- ]) k( A; R; Vin the as-path to reach PC1.. P9 j( f& ^9 Z/ P5 {
to solve it, I modify the route-map on the router (on router on the path between the two PCs) on* S# O- _+ C7 p$ M' Y* }
which the as-pas preprend is configured.
8 J& o! l- f8 qI just remove AS 300 in the as-path prepend command, and it worked.
9 C/ F0 b2 E# }+ ?/ l3- OSPF neighbor issue : R13 and R15 cannot establish ospf neighboring with R14.
7 Y1 ]9 o1 p/ Y4 ^6 @. F# o# lon R14, I see that the serial interface is configured as DCE, not DTE; also the lmi-type was ansi.5 j- ^- @( B% s5 E3 \) z% I
I changed the interface to DTE and the lmi-type to cisco.- z0 Y8 t& c% ^& J/ M
4- Load-balancing issue in EIGRP domain: there was on router with "bandwidth 1000" configured
' X' u0 k3 Q5 ], T$ |4 \on and interface,, o0 k U: `. l6 h
and another router configured with "delay 120". I delete these two commands, and I saw the two+ ?1 i9 b5 t4 R0 u
paths in the routing table2 m9 T0 h! r/ i6 y1 U
5- Reachibility issue between two PCs accross OSPF domain : here the problem was an virtual-link
( D+ d+ r' S0 b' @) w5 p) F# kdown, because of a network type mismatch
7 u' U9 a( i/ s: @& i! x(between R16 and R17). I remove the network type pont-to-multipoint on R17 Ethernet
# S' ]. L2 }0 S: ~interfaces connecting R16, and it worked.) _# @' b. d$ _9 j
6- reachibility issue :there was a redistribution problem, missing default-metric when( D6 f* a2 _ g: i. U; G
redistributing ospf in eigrp G2 ^! V# D- q) z% q/ M* S$ V
7- SNMP issue: failed to send link-status traps. I used these two commands:
' j: B# B; ?8 W) {7 D* Y(conf-if)#snmp trap link-status)
* O1 Q$ o9 t4 p: ]) k: j, x: J$ s(config)#snmp-server trap-source loopback 0+ d7 O1 Q/ m* x2 X: e: I% c Q
8- Multicast issue (autorp): some routers (R11) are not able to get by autorp the addres of the rp
! L$ j( G& ]+ w(R3).
5 a! q; Y9 J% @; Q5 K; f) KI did not resolved this issue.
: l; o* _+ O+ n% @% C: v& XThere was an access-list in R3 with the wrong multicast-group. I changed the address from% k) O: u9 m( P# k; c1 A
224.1.1.2 (wrong address)to 224.1.1.1 (right address)
: K( s+ Q4 m3 y: y0 h$ G9 nAfter that, R5 get the address of the RP, but not R9 nor R11. the PIM neighbor relationship was
" P+ q) W9 i% S( n7 G6 N3 o1 x. @7 ?OK between these router.1 m$ Q, M6 r3 t/ I: o
the "ip pim sparse-dense-mode " was configured on all interfaces between R3 and R11.
* l9 |1 }: x+ s2 E! I9- Control-plane Policing issue. R9 loopback cannot telnet R10 loopback. there was many) }% m4 H1 w$ v' R" f/ I
restrictions on this question like:
7 H' a, n- H% k n }) C. n-don't remove any configuration, don't remove any access-list, don't delete any line
2 |5 @1 Q, [+ F0 { o& t' [configuration.But you can create your access-list
/ d c& v y$ `8 Z K$ eWhen I check R9, I see that there is a CoPP , with a class-map (TELNET) which deny all telnet- {5 }. [# t: V+ [
traffic.) C3 o. g' v* t2 ?" H7 N$ o4 H
below what I did:
; Z2 W: G- S5 E- create an access-list : access-list 101 permit tcp host R9_lo0 hos R10_lo0 eq telnet! f6 j! G9 g9 c2 x
- create a class-map which matches the new access-list :: Y" X8 g6 ]" v: U6 t! w
class-map ACCESS6 m$ w s- J! r& r
match ip address 101
7 `! G2 t0 p4 |& |, d: W- modify the policy-map like this :% b& J! w' S0 {5 M
policy-map R10_POLICY
0 @$ A# ]9 m& C! U& T+ pno class TELNET
/ X" @2 G3 C* v1 k/ f2 ]class ACCESS- a4 B, P- M% q: N" R" `% k7 j
class TELNET
9 P0 m" A/ r. l) U4 R# E X! gthere was also "transport input none" in line vty of R9. I configured "transport input telnet" , and
+ P0 W- M$ a0 n2 Y1 Y. m, @+ Yit worked: W0 }8 n. G: v4 z) x
10- tunnel issue between R5 and R13: tunnel is flapping.I used the debug tunnel and I see a
: l: ~$ p( z" v$ E" ~' Irecursive routing issue.
; J. V; _% \: I! c/ oAfter that, I check the routing table and the config of each router .We have the configuration9 l# A) t( @: H
below:
1 U- Y+ J' a8 T( }% \( NR5: r7 ]3 E- s* q @8 I
int tunnel0
* n& _; r" u' X1 `4 S2 j% ?+ Sip address 135.0.0.5 255.255.255.0 Z2 {! ?9 v( h0 I! z2 ~2 ]- J
tunnel source R5_lo0
5 F6 l0 {7 k/ N& J! g) t! [tunnel destination R13_lo0* d" B1 z8 I$ E) |
ip route 135.0.0.13 255.255.255.0 tunnel0
* \! _% j+ u" \3 M) IR135 l3 u, F7 I% j2 {2 A5 Z( d0 {
int tunnel05 m$ O3 n- {( u/ z# t
ip address 135.0.0.13 255.255.255.0
. o, I, E" U9 Ztunnel source R5_lo0* v+ D/ s2 p7 J: d, S
tunnel destination R13_lo0# \5 V5 H. ^ r9 K# V4 t0 n
ip route 135.0.0.5 255.255.255.0 tunnel0
2 b$ h( j w, J8 ?% Jeach router learn the loopback of the other by ospf. I delete the static route in each router, and it
6 W; @1 p. S; k1 T) z. Kworked.& q; B) Y/ v1 n x' Y, R
I was sure that I will pass the troubleshooting sestion, but no luck.# F1 G k8 o0 O2 }# e
At the break, when we discuss with the proctor, he said that there is only one way to solve each
7 v4 B( {5 D1 k/ i+ b" |" [! Missue in troubleshooting section.
2 I7 l- J8 t7 j- U: ~Also, I see that there is a lot of restrictions on each ticket, so be very careful about that.5 ]: _4 y3 h# k$ @; @% g7 T
I also see that Cisco can smoothly modify each question by adding restrictions, so two guys can9 N: w4 \0 `7 X
have the same topology, apparently
8 u O( w$ c3 `8 _! S8 }" |the same kind of questions, but different way to solve these tickets because of restrictions.
" v5 ]. f3 S7 k4 f _/ j4 nWhen I see my troubleshooting score (68%) , I'm sure that my tickets 2,3,4,5,6,7 was good. I'm
* W$ l ?( L! ~( D4 ynot sure about the other.: m7 b% j- [+ C- f" H- [
I want to share this experience with you because I think we can all get this CCIE number.
! n4 ^: F8 Y# B; d6 X- w Cplease , if somebody in the forum get the same tickets and pass this section, please share with
. t; t9 W6 h5 i* E1 J2 mme your answer.7 U7 u( F* p9 U: z7 i. M
I don't want to make the CCIE exam all my life. I want to make my third and last attempt next
/ J' O* \( v! \$ c! k0 ]3 R! H# c. cmonth. |
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2011-6-24 10:44:13
置顶卡
喧嚣卡
变色卡
千斤顶
