Passed today on my second attempt. Big thanks to my study buddy, bin, who took heart and still guided me along even after he passed 1.5 months ago. And also big thanks to all the wonderful people who shared their experiences on CC. Couldn’t have done it without you all. Time to give back.
TS1: SRV and PC already have IP. vlan 12 missing in trunk.
TS2: wrong username and password in R17
TS3: R1 only has one path via R21. R22 and R5 missing OSPF neighbourship. unpassive interface of R22
TS4: add metric weight. deny 145.14.14.14 in R12 distribute-list
TS5: all ok except 134.21.21.21. 134.21.21.21 needs to go thru R4 instead of multipath. Adjusted MED on R4 to make it happen. Also needed to “no ip cef” and then turn it back(after 2mins?) on again on R6 so it R4 appears first in multipath.
TS6: wrong network statement in R25.
TS7: R15 – missing next-hop-self,split-horizon, ip nh red. R19 ACL need enable ping and DM neighbourship. need to “no ip domain timeout 1” somewhere so traceroute shows capital letters instead of small letters, forgot where, probably SRV102.
——————– DIAG1: “sh ip int b” shows user interface as down/down. under interface config shows mac address explicitly.
ANS 1: SW3, sh ip int b ANS 2: SW3, ask user for mac
DIAG 2: under R15 eigrp there is “redistribute connected” ANS 1: problem device = R15 ANS 2: sol = exclude NBMA from being advertised in EIGRP (something like that)
DIAG 3: messy stuff. left 9 minutes left after drawing out traffic flow. no time analyse the Drag and Drop.
ANS 1: analysed picked 5 “relevant” options hastily. Total need 8 though. not sure if any points for partial correct.
ANS 2: URPF caused by assymtric routing ——————— CONF —— SW1, SW2 = VTP transparent SW3, SW4 = VTP server and client, mac add aging 10800
MST
R1 ospf max-metric router-lsa
remember the router-id for all BGP, OSPF and MPLS. failsafe, i just made sure i have router-id all in whatever BGP, OSPF, MPLS and OSPFv3 instances.
BGP 12345 – no bgp default ipv4 BGP 34567 – no bgp default ipv4 BGP 45678 – normal BGP mode all spoke routers = normal BGP mode
EIGRP 34567 – normal mode EIGRP 45678 – named with highest encryption + key chain, i configured same also for DMVPN on R17,R18,R19
R6 – 3 colour BGP links only R7 – 3 colour BGP links only
R17,R18,R19 VRF DMVPN R16,R17,R18,R19 – do not advertise anything to AS router, accept only default-route
OSPFv3 IPV6 – dont forget to advertise the loopbacks on SW3 and SW4 for NTP later.
Multicast – enable pim sparse on all transit interfaces in 45678 and R18,R19 e0/0. no net flow NTP configured – missing password authentication
at the end R12,R13,R14,R18,R19 must reach one another via e0/0. ping each e0/0 source from e0/0.
some helpful time savers
———— 123.0.0.0 0.255.255.255 for all OSPF and EIGRP network statements. user notepad to generate config for R2 and R3 BGP VRF neighbors. you need only slight changes.
more than 1 year of marathon and mugging at home on weekends/evenings…The cisco email came after 40mins i clicked the “END SESSION”. I thought i failed. The seconds that took to open the link in my email seemed like a long time. I saw “PASSED”, tears welled in my eyes. YOU CAN DO IT TOO!