CCIE pass

zhaoke0727

I tried my second attempt in Dubaï the June 2011, but I failed it.in attached the
. R$ X' O: |5 }5 z. b) ftopology of the troubleshooting section
  a) m$ C/ ^% \8 SMy configuration section(K1) was successful, but I failed troubleshooting section (68%).
3 t3 ]$ K3 v: i9 T- fBelow the kind of questions I got in troubleshooting section :
1- BGP peering issue. the question also said that you should establish the peering int the safest
way.
When I check the config, I see that there is "neighbor xxxx password cisco".
I did " no neighbor xxxx password cisco", and then "neighbor xxxx password cisco" on each peer,
and the peering comes up.
% E$ z+ f; C6 |. i# R( ]5 JAbout the safest way, the use the "service password-encryption" command on each peer
- k# g" H, O# C+ V( ?2- reachibility issue: PC1 in one AS(AS 300) cannot ping PC2 in another AS (AS 100)
I see that the router connected to PC1 do not have the route to PC2 , because there is already AS
300
: {- h3 Z! t+ E/ G( H- u7 ^in the as-path to reach PC1.
# a: z( k9 x7 Y6 F8 F7 tto solve it, I modify the route-map on the router (on router on the path between the two PCs) on
which the as-pas preprend is configured.
! C( C, h0 V! M3 h' fI just remove AS 300 in the as-path prepend command, and it worked.
8 L% t+ S( U; [3- OSPF neighbor issue : R13 and R15 cannot establish ospf neighboring with R14.
. ~( \* P: i0 T& ~* ]/ Mon R14, I see that the serial interface is configured as DCE, not DTE; also the lmi-type was ansi.
I changed the interface to DTE and the lmi-type to cisco.
5 ]  V3 F  i& U$ i* k  e4- Load-balancing issue in EIGRP domain: there was on router with "bandwidth 1000" configured
8 Z: e$ V+ k/ P5 L( `on and interface,
( M" z. s9 g* {4 F6 k! wand another router configured with "delay 120". I delete these two commands, and I saw the two
% p& L9 u! c1 n) T+ wpaths in the routing table
; P. @  H1 e# @7 v% l: u3 M5- Reachibility issue between two PCs accross OSPF domain : here the problem was an virtual-link
+ s+ d, m1 M7 G( _# _down, because of a network type mismatch
3 V! n6 f! v8 I1 T(between R16 and R17). I remove the network type pont-to-multipoint on R17 Ethernet
, [3 h! G$ j7 Kinterfaces connecting R16, and it worked.
6- reachibility issue :there was a redistribution problem, missing default-metric when
8 n( @. W0 Y/ r1 o4 G4 @$ b/ ^redistributing ospf in eigrp
7- SNMP issue: failed to send link-status traps. I used these two commands:
(conf-if)#snmp trap link-status)
(config)#snmp-server trap-source loopback 0
& w3 e2 @" k$ x8 G3 y9 g8- Multicast issue (autorp): some routers (R11) are not able to get by autorp the addres of the rp
4 P5 W2 ^& d% x& ^, g(R3).
. m" X$ S. Q; u9 BI did not resolved this issue.
' o" N# X: c- ?. KThere was an access-list in R3 with the wrong multicast-group. I changed the address from
224.1.1.2 (wrong address)to 224.1.1.1 (right address)
After that, R5 get the address of the RP, but not R9 nor R11. the PIM neighbor relationship was
. u4 `2 n( a, `* J8 R! BOK between these router.
. y& F# f8 @9 S1 k( i4 Xthe "ip pim sparse-dense-mode " was configured on all interfaces between R3 and R11.
9- Control-plane Policing issue. R9 loopback cannot telnet R10 loopback. there was many
restrictions on this question like:
-don't remove any configuration, don't remove any access-list, don't delete any line
. `0 h. f' _5 ~: J8 U2 |1 hconfiguration.But you can create your access-list
When I check R9, I see that there is a CoPP , with a class-map (TELNET) which deny all telnet
+ s' W. F8 _4 j. g, U! B. qtraffic.
below what I did:
- create an access-list : access-list 101 permit tcp host R9_lo0 hos R10_lo0 eq telnet
- create a class-map which matches the new access-list :
class-map ACCESS
9 B& u' ?; w! |  C9 F* {match ip address 101
( V. ~( @7 e! E9 \/ T/ r- modify the policy-map like this :
policy-map R10_POLICY
; `+ p1 f* Y6 O+ h. K9 p: b& Fno class TELNET
class ACCESS
class TELNET
* D3 o/ _6 t! t- }there was also "transport input none" in line vty of R9. I configured "transport input telnet" , and
7 f/ r3 g+ M0 |% K* Mit worked
10- tunnel issue between R5 and R13: tunnel is flapping.I used the debug tunnel and I see a
. V1 f' W2 u) U4 c7 D+ ?recursive routing issue.
8 p6 h! X) o8 c3 ], |, uAfter that, I check the routing table and the config of each router .We have the configuration
) P  t. l0 L) ]/ r! K# ibelow:
  d" _0 F" s2 GR5
int tunnel0
2 k: k' R- u/ \) w1 O& i, L3 gip address 135.0.0.5 255.255.255.0
& f# R9 p( m# n3 }tunnel source R5_lo0
( x" [4 b# q0 \) ~" u9 Stunnel destination R13_lo0
: l% t5 v$ w! ^& Hip route 135.0.0.13 255.255.255.0 tunnel0
R13
int tunnel0
/ q  z# ^( [6 V1 f& ]ip address 135.0.0.13 255.255.255.0
tunnel source R5_lo0
$ t" s( }1 N* d5 Htunnel destination R13_lo0
ip route 135.0.0.5 255.255.255.0 tunnel0
each router learn the loopback of the other by ospf. I delete the static route in each router, and it
/ Z4 \4 g. K; k) ~8 l2 C$ Fworked.
I was sure that I will pass the troubleshooting sestion, but no luck.
At the break, when we discuss with the proctor, he said that there is only one way to solve each
issue in troubleshooting section.
Also, I see that there is a lot of restrictions on each ticket, so be very careful about that.
  X- v6 {/ m( V! {/ k$ |/ uI also see that Cisco can smoothly modify each question by adding restrictions, so two guys can
have the same topology, apparently
the same kind of questions, but different way to solve these tickets because of restrictions.
$ |; {& W5 A$ V7 G& `, SWhen I see my troubleshooting score (68%) , I'm sure that my tickets 2,3,4,5,6,7 was good. I'm
not sure about the other.
# ~( l$ u9 ^8 q6 R* h) _I want to share this experience with you because I think we can all get this CCIE number.
% a4 `4 c; w( @& F; t. M6 g: Dplease , if somebody in the forum get the same tickets and pass this section, please share with
# h; p9 D2 j' B. B" Z$ b% {me your answer.
I don't want to make the CCIE exam all my life. I want to make my third and last attempt next
" B0 ?( Q& p& h  p1 vmonth.

ozweego

英文不好捉寄

shidi

谢谢楼主分享！！！！！

tonyshengxia

aaaaaaaaaa

JamesSmith001

1111111