TX 75035,USA
live:cciernstricks

CCIE R&S v5 Real Lab Exam Review on 31 October 2018 Pass in First attempt

CCIE Real Lab Workbook

CCIE R&S v5 Real Lab Exam Review on 31 October 2018 Pass in First attempt 9/5 (6)

CCIE R&S v5 Exam Review on 31 October 2018 Pass in First attempt

CCIE R&S TricksCongratulation one of our bright student !!!! . She was pass CCIE Routing and Switching Real LAB exam in first attempt. below is review of CCIE R&S real lab exam.

” I have found in exam all  question  are same as CCIE R&S Tricks CCIE Real lab workbook its very simple to do. CCIE R&S tricks spotted all real lab question as it is in which is  word to word on difference ”

CCIE R&S Tricks write  Very good workbook and workbook is very good quality. When i first see  CCIE R&S Tricks  Demo Workbook then i have buy that workbook and very good workbook compere to other vendor like Sp***. You can have look at this CCIE R&S Real LAB TS-1 Demo  This is also very good demo of workbook so you can fell comfortable before buy.

Thanks CCIE R&S Tricks you did a very good job five stars for your workbook

Troubleshooting:

I got the TS2 and all question same as  CCIE R&S Tricks workbook . its very simple to do

1 ) Layer 2
remove the ACL111 No.10 and 30 on SW400 and SW401
Changed the lease to infinite (R40 or R41, forgot)
‘no passive-interface vlan 2000’ on SW400 and SW401

2) BGP1
RR goto R15 chosen the path IGP cost lower(19, goto R14 is 20), check the relational interfaces, find ip ospf cost 9, remove it

3) BGP2
There was a note in question that here will be 2 separate faults
The interface lo0 on R23 change from OSPF10 to OSPF1, than IBGP up incomplete change to igp

4)BGP3
The question required that can’t change BGP Attributes, and there will be 2 available path to ISP
change cost higher under lo0 on R20 (IGP metric better)

5)DMVPN
change the mask from 32 to 24 under interface TU0 on R60

6)IPv6
added ‘ospfv3 65001 ipv6 area 0’ under SVI2001 on SW111

7)MPLS VPN
There was a note in question that here will be 2 separate faults
move the interface E0/1 from OSPF10 to OSPF1 on R5, LDP up
remove ‘distance ospf external 19’ under OSPF on R10

8)Security
added ‘ip arp inspection trust’ under po2 on SW310 (there is this command under interface po1)
change DHCP server lease to infinite and shutdown/ noshutdown PC’s interface, get IP address
‘no ip dhcp snooping information option’ on SW310

9)DMVPN
remove ‘ip ospf network point-to-multipoint’ under tun0 on R71

10)NAT
remove ‘ip nat source static 201.99.24.70 201.99.70.2’ and add ‘ip nat outside source static 201.99.70.2 201.99.25.70’ on R24

Diag:

Ticket 1
1 filter packets used keyward: bootp, ensure it’s No.113
2 device: SW1
command: show ip dhcp relay information trusted-sources
3 SW1—-SW3

Ticket 2
1 TCP connection from the router to 10.1.1.2
TCP connection from a remote host to the router’s IP address 10.1.1.1 on port 1337
Downloading a TCL script in memory via HTTP
Installment of a ransomware via a backdoor
2 e sudo poweroff
3 tclsh http://10.1.1.1/bd2.tcl

Config:

When i stared config section then i see H3 is there

1.2
LAN Distribution
The inerface connection that between distribute switches and access switches is in below:
SW300 E2/0-1 SW310 E2/0-1
SW301 E2/0-1 SW310 E2/2-3
SW400 E2/0-1 SW410 E2/0-1
SW401 E2/0-1 SW410 E2/2-3
SW500 E2/0-1 SW510 E2/2-3
SW501 E2/0-1 SW510 E2/0-1

1.3
STP
There is vlan 3001 on SW310
so there will be Block interfaces for MST3, but in question, only required access vlan (2000-2009), so it’s no problem

1.4
PPPOE
The interface E0/0 on R70 is shutdown and didn’t configure IP address

2.2
OSPF in DC1
The interfaces of SVI2001 on SW110 and SVI2001 on SW111 were not passived, so you didn’t need configure suppression under interface;
The configurations about OSPF have already been configured (include router-id and set process-id and area) except the below:
1- need configure prefix-suppression
2- The interfaces about lo1 on SW100 and SW101 need add ‘ip ospf 1 area 0’ (work for multicast)

2.3
OSPF in AS65004
R100 have an interface lo1, the ip address is 10.4.42.42, same with lo0 on R42, just shutdown it
The configurations about OSPF have already been configured (include router-id and set process-id and area) except the below:
1- The interface E0/2 on R42 need set to area 2

2.7
BGP transit
the questions required that R10, R11, R14, R15, R20, R21 only can advertise 7 class B prefixes and default route, because R15 didn’t have any remote-site, so only configured prefix-list but no calling to any where

2.9
IPv6
SW111 need configure ipv6 unicast-routing
The IPv6 BGP has been configured on R14 and R15 with R9, but didn’t filter only default route

2.10
Multicast-routing 1
All interfaces have already been configured ‘ip pim sparse-mode’, but need enable ‘ip multicast-routing’ by yourself
The output on SW100 is like below:
This system is an RP (Auto-RP)
This system is an RP-mapping agent //here is no ‘(xxxx)’,no information for interface, The actual situation must be loopback1
Group(s) 239.250.0.0/16
RP 10.250.250.250 (DC1-RP), v2v1
Info source: 10.250.250.250 ( ? ) , elected via Auto-RP
//'(?)’ must be display mistake, ingore it

2.11
Multicast-routing 2
The output on R13 is like below:
Group(s) 239.250.0.0/16
RP 10.250.250.250 (DC1-RP), v2v1
Info source: 10.1.113.2 ( ? ) , elected via Auto-RP
//This information is mismatch with Section 2.10,I want to ask proctor Andy, but he is not in there, so I follow the solution that used lo1 (also in question required)

3.1
MPLS VPN
There are 2 diagrams on the exam, on Diagram 2: MPLS domain has IPV4+VPNV4 neighbor, but on Diagram5: only VPNV4 neighbor, I refer to the Diagram 5 mentioned in questions, just only set VPNV4 neighbors

3.3
Internet Access
The questions required that the interface E0/0 faced to ISP on R60 can’t generate unnecessary arp, so I added ‘no ip proxy-arp’

3.4
IPSec
There are questions reqiured that the packets from 10.7.0.0/16 to 10.0.0.0/8 need be protected by IPSec, and there has been a NAT on R71, permit any traffic except 10.7.0.0/16 to 10.0.0.0/8, so I set a NAT pool 10.7.0.0/16 to 10.7.0.0/24
ip nat pool B2C 10.7.0.1 10.7.0.254 netmask 255.255.255.0
!
ip access-list extended B2C
deny ip 10.7.0.0 0.0.0.255 10.0.0.0 0.255.255.255
permit ip 10.7.0.0 0.0.255.255 10.0.0.0 0.255.255.255
!
ip nat inside source list B2C pool B2C overload

There has been configured redistribute static under BGP on R24, and E0/0 called crypto-map, just only need configure a static route to 10.7.0.0/16

4.1
IPv6 Secutiry

vlan configuration 2001
ipv6 nd raguard
ipv6 snooping
!
interface vlan 2001
ipv6 nd router-preference high
!
Interface range e1/0-3
Ipv6 nd raguard

5.1
SNMP
‘snmp-server view NMS dot1dbridge excluded’ can be configured
added EEM script for reload
event manager applet NO_SNMPv1
event syslog occurs 1 pattern “%SYS-5-RESTART: System restarted”
action 1.0 cli command “enable”
action 2.0 cli command “configure terminal”
action 3.0 cli command “no snmp-server group ccie v1”
action 4.0 cli command “end”
action 5.0 cli command “write”
Tips: Be careful for Upper case and lower case

5.3
DHCPv6
The interface E0/0 has been configured ‘ipv6 nd autoconfig default’ on Server1, can get IPv6 default route directly

Please rate this