CCIE R&S v5 Exam Review on 01 MAY 2015
cciereallabworkbook helped me passed the CCIEv5 exam on May 1st.
Here are what I was given.
1) VLAN12 was not allowed on a single trunk interface from SW2 to SW1. Due to spanning-tree, that interface was forwarding traffic… So I just added vlan 12 to the trunk link
2) Wrong hostname on R17
3) Passive Interface on R21
4) Offset list on R12 & Wrong metric on R13 (If you go to R11 for instance and run the command “sh ip protocol”, you should be able to see the K values… Just configure the same values on the other side)
5) Depending on the actual configuration between R21, R22, R4 and R6, you should be able to come up with a solution to route traffic accordingly. The thing you have to remember is lower metric wins and high local pref wins. In my case, there was already a route-map tied to prefix-list defining 220.127.116.11 on R21. I lowered the LP and created another RM on R22. I did the opposite for 18.104.22.168. For 22.214.171.124 and 126.96.36.199, make sure you read carefully the route-maps configured. The RM on R4 with the lower metric should be matched with the prefix-list of 188.8.131.52 and vice versa for 184.108.40.206
6) IPv6 encapsulated in IPv4 packets is what I did with the RM and setting the next-hop as the ser int of R25 (Outbound). The network AD of the Ethernet link had the wrong mask too.
7) Wrong NHS address on R18, ACL on R19 (I allowed esp any any), Redistribution of the NBMA address in EIGRP
8) I did a “sh ip route of SW3 and the default route was not received via OSPF from R9 so I did a “default originate always” on R9. R5 was not learning the default route from the backbone routers as well. So I did the same in BGP on R7 and R8. The command “ip nat outside” was also missing on .125 on R7. Also LSP was broken between R4 and R6 but I advise you to be veryu careful with that. I did not change it and my pings and traces worked fine. The reason why I did not change is because when you do a “sh cdp nei” on either R4 or R6, you will that is connected to R12 or SW5 (I forgot but the device it is connected to is outside the OSPF domain) and it is also connected to R2 or R6 (inside the OSPF domain). So changing the metric on eth2/0 or doing a passinve inter command will affect your ospf domain. Since everything worked for me, I did not change it even tho I did not have any labels for R6 and R4.
9) The key address of R7 was pointing to 192.168… (R24 address). It needs to be WAN interface of R23 or you can just do 0.0.0.0. I used the serial interface of R23 and made sure the Natting is correct.
10) IP dns server on R23.
1) Some user on vlan 501 could not connect to the network while other users could… When I looked at the configuration on the devices, I could see that the output of the “sh vtp status” did not have the same count of vlan as the other switches. When I also looked at the “sh int trunk”, I could see the vlan allowed and not pruning… So it was clear that it was a vtp propagation issue. Only SW1 had the password showing in the configuration files but none of the other ones did. So I chose the issue is a vtp issue and to ask for the password of the switch in question
2) This was a DMVPN setup with R15 as the hub, R17 and R18 as the spokes… R16 was connected to the same cloud as well. I spend most time on this one and the piece of advice I’m going to give you is that before you start reading, click on the dropdown first and look at your options, it will help you narrow down the root cause of the problem. I didn’t do that at first which cost me the last question. But anyway, R16 had “redistributed connected” under EIGRP… That means the WAN interface was being redistributed but what puzzled me was that R16 did not have a tunnel interface and was not part of the DMVPN network… After looking at it carefully, the subnet mask of R16 was large enough to include the WAN subnet of R15 and R17 I believe. So the answer is “decrease the subnet length of the WAN interface of R16”
3) Some uRPF with BGP… I had 3 mns left when I started this so I just rolled the dice on this one.
I finished everything by 2pm.
Missing VLANs on SW2, SW3 and SW4
OSPF R1 (max metric….)
no EIGRP Named Mode
LOCALSP vrf on 45678. Be careful here, After I configured the BGP peering with the SP, R16 could not come up and I found out that the “ip forwarding vrf LOCALSP” was missing on the int facing the SP
The BGP peering between R20, R2 and R3 was backwards in the exam. R20 had almost all the configs done except the router id but R2 and R3 did not have any configs… So I have to look at the vrf interface by running “sh ip vrf” and look at the int subnet to know what address to peer with under that specific vrf.
IPv6 the same
DMVPN with Encryption (LOCALSP)
Good Luck Everyone !!