CCIE R&S v5 Exam Review on 01 August 2017
The first thing is that I would like to thanks all people in forum and everyone who has shared their feedbacks, as they are very helpful for those preparing the exam.
I strongly recommend everyone watching this video so you have an idea of how is the exam environment
I must say that everything in the questions throughout the exam was quite clear and well explained.
I am going to shared my feedback of exam and I hope that it will be helpfull for ohter people. Sorry if my english is not very good…
If you have any questions, tell me and I will try to respond
###################### OLD TS #################################
Nothing new…Everyting was discussed in the forum. I managed to do this within 2h, really in 1h 30min was done with the second verification include.
30 min remaining, I used it to go to the bathroom and prepare the notepad for the CFG and disconnect
I don’t touch DHCP lease time in any server.
1. ACL blocked OSPF in Vlan 12.
2. Configure ppp encapsulation and ppp hostname/pass in R12 for authentication and ppp ipcp route default
3. passive interface in one router / incorrect router-id in other
5.- LSP between R1-R2 / Route-map for Next-hop in R5
6.- Configure BGP V6 session using IPv4 neighbor IP between R22 and R25 with route-map for IPv6 Next-hop
7.- no ip next-hop-self in R15 / ACL deny ESP traffic in R14 / ip nhrp redirect/shortcut
8.- Here I have seen many things not configured, but it is possible that everything was not failures, because with one change traces matched, and text says only two faults, but I configured more than two faults for security….
– Network was missing for OSPF in PC105
– Route-target import in R3/R4
– BGP neighborship R3-R7 – R4/R8 in GRT
– Nat missing commands in R7/R8 / – Route-map for origin IGP in neighbor R24 for match trace to 172.x.x.x
9.- ACL in R21 blocked ESP traffic
10.- client-id ethe0/0 missing in NAS
###################### Diag #################################
HSRPv6 and Multicast
The part of DIAG worried me since I did not know very well which info I would see and how. Keep in mind that in the end, this is a forum and there is a lot of information and everything subject to the understanding of each one, but for me, as I said at the beginning, everything is quite clear and explained both in the statements and in the case of DIAG also in the LOGs.
In HOST logs you will see default gateway installed in them. In my case, DG was NOT HSRPv6 VIP of the CEs. It was another IP. Based in this, I found the RA in packet capture and I saw a RA with route-preference medium from the IP that the host had as gateway. I also saw the HSRPv6 IP packets in packet capture with low preference.
1.- Configure CE2 with the highest Priority possible
2.- Unknown device CE’s LAN / High preference gateway information is sent out.
3.- Frame with medium route-preference in Capture.
Nothing special, same as usual, In logs you will see easily that there aren’t route to RP.
1. R3 has not route to RP
2. Why 10.x.x.x is not in R3 RIB
3. Configure ip route ….
###################### Config #################################
And Finally I had NEW config with VRF version and variations.
As said above, I think that there are a lot of info in forum about VRF version, but in my opinion, any workbook that I saw resolve completely some requeriments.
I think that this is the config with many “small details” to consider.
Also, I think, and it’s just my opinion if you go to exam with only based on that the woorkbooks says and it is not well understood what you are doing and why, and do not read all the information carefully, you will get the outputs, but not really the requirements that Cisco ask us in questions.
There are many info about the variations, and more or less is correct, but there are other “small things” in the text of the questions that I think that should be considered because yes, you will see the output required, but you can lose other requeriments without a specific output in exam.
I saw other requirements that I had not read in forum and in my opinion they are just as important as the outputs.
I read all the info that i could and I practiced and Finally I decided what config apply in each section based in my criteria. I didn’t follow any Woorkbook specifically
I will try to remember it, and explain it
1.1 / 1.2 / 1.3
There are ports preconfigured, I delete the config (Po included) and configured everything from 0.
MST with 3 instances. Cisco tell what vlan was in each instance (not odd/even)
Traffic from vlan 34 must go trought Ethe2/1 in SW3, but do not delete them from the trunks, in no case. Cisco doesn’t say this in any case
In 1.2 test say something like “use encapsulation method that insert a 4-byte tag….” I don´t remember exactly. The truth is that it made me doubt enough, but I configured dot1q.
Rest of the configuration of this part don’t had nothing special
In branch routers WAN was not in VRF and rest of interfaces yes.
Same for R17.
Requeriment was Branch routes get default route without configure a static route
Only is required configure OSFP in Datacenter with the restriction that there isn’t OSPF type 2 LSA in database.
CORE, HQ and Office in jameson was preconfigured.
I didn’t touch HQ and Office, but As I did not want surprises, also configure the CORE again including the LDP config, which was preconfigured but lacked the LDP router-id, so take advantage and configure everything again if there were more faultys.
no requeriment for DR in R1, SW1 and SW2, but it was preconfigured…
static route for default route is allowed in R17
Must be advertised in ospf only if he has it in the routing table
10.2.0.0/16 must be advertised to area 51
In area 51 must not have Type 2 LSA
no requeriment for area 51 stub
Only is required to configure Jacobs CORE.
R52 must inject ONLY it’s Lo52 as an external.
BW was preconfigured to 1 KBPS and can not removed.
Question say that don’t use any metric for redistribute connected and don’t modify metric weights.
In section 2.7 there are a output required for show ip route 188.8.131.52 from R9 and R10 with a specific metric.
However, also configured HQ Jacobs with eigrp named mode.
Diference was in that is required that R15/R16 advertised 10.0.0.0/8 in BGP.
There was a output for sh ip bgp 10.0.0.0/8 in R11 with as-path shows 65001 65002
This section in exam is about loop prevention in jameson sites. Don’t have any restriction, but exam says that the solution must be valid for any prefix added in the future.
Backdoor link. Examn requires configured the agreggate-address with summary-only.
In R57 there was preconfigured mutual redistribution between eigrp and bgp.
loop avoidance in R9/R10.
Restriction in this question for not use ACL, prefix-list or route-map.
There was a output required in this question for show ip route 184.108.40.206 from R9 and R10 with a specific metric.
There was a lot of opinions in forum about this question with the summary-only requeriment in 2.6
The only restriction in this question is not to use ACL, therefore route-map are permitted. In fact, the only way to advertise /24 prefix with “summary-only” in BGP aggregation is with unsuppress/map with implicit route-map.
However there were more details to take into account.
For me, most important is “All other traffic must be routed via the MPLS network” (for me, is implicit that traces from SW10 to 10.3.x.x and 10.1.x.x must not go trough backdoor link)
Besides, question explicitly indicated that the announced summarized prefix in 2.6 were not advertised to the MPLS network (the agreggated /8 of each site in R15/16 and R55/56).
And besides, another restriction was that in R55/R56 no summarization could be configured.
there was a output with traces from R101 and SW10 to /24 prefix for backdoor and another prefix whose trace had to go through the MPLS network
2.9 and 2.10
SW4 was HSRP active.
Ethe 0/1 in R19 was the source for ping
Ethe 0/1 in R20/R21 was join to 220.127.116.11
protocol propietary of cisco.
R17 was RP
there was a requeriment for Branch routers Never have DR election and other restriction that I don’t remember exactly, but was the command spt-threshold infinity in branch routers.
Nothing special that I remember.
Phase 3 must be configured and verified although output required was ping between branch routers.
LDP Was preconfired, but ldp router-id is missing in all routers.
R3/R4 vrf DC
R5/6/7/8 vrf Corp
required traces from SW1 and SW2 in HQ Jameson and Office Jameson to DC show load-balance between source and dst in MPLS and Datacenter.
I don’t configure any in special. cost on OSPF was default in all links and load-balance was matched
here was required to change AS to 65001 in Jacobs PEs.
Sessions between PEs and CEs must be recovered without modify CEs config.
Two New Requeriment in this question was
AS 65001 must not showed in BGP NLRI in Jacobs CEs
AS 65006 must not showed in BGP NLRI in CORE
Output required was ping and trace from SW10 to Datacenter
For me, requeriment was accurate and Understandable
communication directly between jameson sites
communication directly between jacobs sites
communication between jameson sites and Jacobs Sites will goes trough the Datacenter.
Do not configure it for precaution
DHCP in R15.
R101 must be a specific prefix.
Don’t change config in Ethe0/0 in R101 (there was a preconfigured mac-address)
Nothing special. NAT
Nothing special. SW4 was HSRP active
At the end of my exam I had connectivy between all sites for the required paths