CCIE R&S v5 Exam Review on 8 November 2015
I’d like to thank you to cciereallabworkbook. It’s been a very helpful.And now, it’s time to give back. First I’d like to mention that it’s my second attempt, my first was a
v4 exam with davestating loss, passing the conf part and failing TS by a very close point. Below are some details
about the exam.
Ticket 1- L2 Switching – Host was attached to a wrong vlan assignment(10 instead of 100)
Tip: I saw that port security was configured with the wrong mac but i didn’t care, the thing is
inter eth 1/0
swi mo acc
swi acc vla 10
swi port-security mac-address sticky aaaa.bbbb.0123
swi port-security maximum 1
At this point, you don’t need to worry about it cause port-security is not enabled, just the festures are.
it’s enabled by the command ‘switchport-port-security’. the above config alone is not going to enable it. you can
check this by issuing show port-security command, you’ll see nothing as long as you don’t have ‘switchport-port-security’
to activate the feature.
Ticket 2- PPP – ipcp route default on R17 and Default-router on R12 dhcp pool configuration
Ticket 3- OSPF – max-metric on R5 modified with startup 5,
Ticket 4- EIGRP – bandwith on R12, metric weight adjustment on all four routers
Ticket 5- BGP – changed LP for 220.127.116.11 to take R22 path everything else was working
Ticket 6- IPv6 – Next-hop on R23
Ticket 7- DMVPN – Redistribute connnected on the Hub, I creared a routemap that matches and denies the NBMA interface.
Ticket 8- MPLS – Few problems on this one, IP Nat out was missing on both R7 and R8, also ip nat in was missing on R8 for the
fall back rote. area range was configured on R7, default-originate on both 7&8 towards 3&4
Ticket 9- DMVPN-NAT – first thing i checked was the configuration of the tunnel interface, I didn’t see anything wrong so i thought
it might be the crypto config, still didn’t see anything worng, so I removed the tunnel protection from the tunnel
and ospf came up. Then I copied crypto from R7 and pasted on R24, put the tunnel protection config back on the tunnel
and ospf came back up and trace was working ok.
Ticket 10- NAS – Ip nat inside was configured towards a wrong NAS ip. I changed that and enabled ip http server on NAS. Ping from nas was working. ^_^
Diag 1 a)interface is down, port security issue.
😎 the second part of the question,I saw a lot of comments like choose switch 3 and ask for mac-address
but the wording on the question was like “what information would you request from the help-desk to confirm
your suspission?” and i choose host1 and mac address of the interface on the host.
2) a) Problem was on R15
😎 excluded the eth 0/0 interface from R15(hub).
3)configuration was loose mode on both interfaces of R1 connecting to R2 and R3. interface connecting to R2 also has
an ACL on incoming direction. you need to read the configuration as path manipulation was configured using route-maps
to change LP. at the end, it was due to an access-list.
Config: pretty much the same as we see here on the threads.
-Authentication for EIGRP on AS 45678 excluding R18 &R19.
-SW1&SW2 vtp version should be saved to startup-config. Nothing too magical about this,
they’re just saying vlans should be seen in the running config, which you can do this only in Transparent mode.
-MST version and saying there should be three instances, still nothing magical, you just need two instances for odd and even vlans, there is instance 0 default for the rest of the vlans.
I saw a lot of people spending a lot of time on L2 part, to configure all those ports access vlans.
it literally took me 10 minutes on that part. What i did was on all four switches run ‘show cdp neighbor detail | in IP address|Interface’
very helpful command. it will show interface and the ip address of the neighbor interface, i just looked at the L3 diagram and find that spefific ip
and see what vlan on the diagram for that interface….you might want to use that.
Wrapping up: the TS took me 1hr and 20 minutes, i solved everything.
Diag took me pretty much the whole 30 minutes because you need to read carefully specially the third question.
people say if you answer 2 questions, it should be enough to pass you but ofcourse i’m not taking any chances.
Config, I was very slow, not really but slower than what i practised. I was able to finish in 2 hour and 20 minutes in practice.
In the exam three hours in I was done in the exam. I had two hours to double check everything, i found some stuff that i configured wrong
and corrected it. everything except multicast ping was not working, didn’t care too much. But please read the questions carefully. sometimes
i got carried away with reading only the first line of the questions and start typing…not a good idea.
Feel free to ask me any questions, I’ll try to answer as briefly as i can. And all questions don’t include where and when i took the exam, including my CCie number. ^_^ thanks folks, i wish you all the best.