CCIE R&S v5 Exam Review on 29 March 2015
I took my second attempt yesterday & finally got my number.Thanks a lot to this forum.. without which i couldnt have made it.
All sections are still the same except for minor variants..
I was little bit slow, I took 2:30 hrs but couldnt complete one (ipv6),
1. Trace from pc to server to follow a PARTICULAR path –Vlan 12 was missing in both switch
2. authentication chap callout is specified in the client, need to remove that and if required bounce the interface once
3. ospf loadbalancing — passive interface mentioned under router ospf for one router( couldnt remember which one)
4. Eigrp — normal mode, remove bandwidth specified on an interface and change to metric 011111
5. BGP – two traces were not matching..BGP session was not established btwn R 22/R5,fixing that solved it
6. Ipv6 — not sure what went wrong… ultimately i didnt complete it.
7. DMVPN- 4points — spoke need to ping server and spoke to spoke need to follow a trace ( without hitting the hub)-
Ip nhrp shortcut missing in a spoke & split horizon not disabled in Hub; wrong nhrp mapping.
8. Mpls ( 4 points)–Trace to internet & trace to Server ; Ip nat outside missing on R7, nat statement missing on R8
default information orginate– always’ missing in R7, internet facing subinterface of R3-R7 not advertised out of R3
vpnv4 session not established in R6
9. NAS — wrong client id on dhcp server, so NAS receiving wrong ip address
10. DMVPN R7/R24– mismatch in crypto config
Diag — Same as discussed here. (could complete in 15 min and then take a break..)
Config section – Again the same LAB1.2 .mostly same..except few changes in wordings/ devices.
But i couldnt complete it this time.. i missed out ipv6 bgp & NTP & didnt have time to verify all..
Initially i made some mistake in vlan assignment..that took some time… or may be the approach i took slowed me down..
Section I —
sw1&sw2- should save vlan information locally..
sw3&sw4 should retain mac address for 3 hours..
STP — There has to be only 3 instances of STP in the switch. ( MSTP with Sw1/Sw3 root for odd vlans — I manually specified priorties)
Section II / III-
2.1 Ospf on AS12345 -R1 should have stub router processing enabled ( but being area0, you cannot configure as stub, just max-metric)
2.3 Eigrp in AS 45678 — have strong authentication that protects against packet replay attacks ( Choose named mode with Hmac-sha on all including switches)
2.4 Eigrp in AS 65222 — use Tunnel interfaces, no authentication; R17 shouldnt query R18/19 ( stub connected)- but note: NBMA interface in VRF
2.7 BGP in AS45678 /65222 –no IBGP; R15 should receive all routes; R16,17,18,19 should receive only default route and in vrf LOCALSP.
Rest all almost the same… BGP is partially preconfigured)
Section IV/V – 4.1 — i just did banner login ; first time the created user did not work, so deleted and re-created.
4.2— switch port security for all 4 interfaces in sw3 ( eth 0/0-3)
5.1 — ssh on R20 ; 5.2 —NAT in R20 will take some time to get enabled;5.3—- shell processing full on R17
5.4— NTP ipv6– couldnt attempt
After section 1 — i completed IGP in AS12345 & 34567; then I worked fully on AS45678/65222 across multiple sections ie IGP-BGP-DMVPN-MCAST all on AS45678/65222
then i came back to AS12345/34567 for BGP & MPLS : Now should be able to verify all things but it was into last 30min, so couldnt complete verify..
Then I did Section 4 & 5 — complete and verified.
Finally i attempted Ipv6 – did ipv6-ospf but couldnt complete the ipv6BGP & NTP