CCIE Pursuit Blog

October 31, 2007

7 Months, 300+ Lab Hours, $2,200, and 200 Blog Posts Later…

I’m on a well-deserved vacation this week (just out of town with the wife and kids, nothing fancy) so I won’t be doing a lot of blogging and my studies will be minimal as well.  I logged into WordPress today and noticed that this post will be my 200th.  Damn I’m a wordy jackass.  :-)

This post is sort of a milestone post for me.  I’m nearly 7 months in to my studies.  I am feeling pretty good about my progress so far.  I have already learned a ton of stuff and I haven’t even gone deep into all of the subjects yet.

Average Lab Hours per Week: 10.5
Average Number of Blog Posts per Week: 6.66 <-666…on Halloween???  Oooh, spooky!!!  :-)
Average Number of Study Hours per Week: Unknown, but I would guess that it’s => lab hours.

Anyhoo…I’m going to enjoy my time off (although I did do some MPLS labs on the plane – I LOVE Dynamips) and hit the labs again this weekend.  I’m already getting CLI withdrawal.  That can be seen as a good thing or (as my wife believes) unhealthy.  :-)

October 27, 2007

Internetwork Expert: Using Dynamips On The Mini Mac

Over a month ago I posted about Internetwork Expert’s plans to create a Class On Demand for using Dynamips on a Mini Mac:

Building on the strength of their excellent Dynamips for Windows class-on-demand, IE will be releasing a COD for Dynamips using the MAC OSx operating system.   This class is scheduled to be available some time during the week of 17 – 21 September.

The original dates have since come and gone, but today I see that they have a page up dedicated to using Dynamips on a Mini Mac.  No COD at this point, but lots of good information.

$1400 And They Can’t Afford Copies???

This comes from the recent Q&A with Maurilio Gorito (content manager for the CCIE R&S exams) on Ask The Expert at Cisco.com:

Maurilio, having failed CCIE once and ready to fail again in January, I hope this does not breach NDA but, I was wondering why we are not able to write on the exam papers/lab diagrams during the lab, this added to the likelihood of making a simple mistake. This was very much the case on the diagrams as info such as AS numbers or OSPF processes were missing and simply writing them on the diagram would mean I would not have to look time and time again at the config. I am not blaming this for my failure but it all added to the already very difficult exam. Could we not have a photocopy of the exam and that could be handed in at the end?

This is something that bothers me as well.  I have heard that Cisco gives you some network topologies, BUT you are not allowed to write on them.  This has lead to many candidates recommending that you draw your own topologies (sometimes with colored pens) so that you have a topology that you can mark as you wish.

Here is Maurilio’s response:

Hi Andy,

In most of the lab locations we do re-use the lab doc for the next candidate and then we give you blank paper so you can draw and to make notes as needed.

I will get your suggestion to discussion internally to see how we could add it in consideration.

Thank you for the feedback.
Regards,
Maurilio

WTF!?!  Cisco wants to reuse the exams so you aren’t allowed to write on them?  $1400 doesn’t cover the cost of copies?

More Lab Locations Coming In 2008?

There is speculation on GroupStudy that Cisco will open one or more new CCIE lab locations in 2008.  This speculation was started with this post in the Ask The Expert forum at Cisco.com:

Yes. We are working to open up more seats availability to our current labs, but the ultimate goal is to extend the offering worldwide to more locations. The idea is exactly to minimize the cost and travel time to candidates while opening more opportunities to candidates worldwide to take the exam.

I can’t tell you at this point how it is going to be as we are working on the planning. News on it we will have more in 2008.

Regards,
Maurilio

Maurilio is Maurilio Gorito (CCIE 3807) who is the content manager for the CCIE R&S exams, written and lab exams and also serves as an exam proctor.

This is GREAT news.  Currently it is very difficult to schedule a lab as the labs are all full for the next 6 months (the furthest out that you can book the lab).  Opening up some more seats in the existing labs would help alleviate this log jam.

Opening new locations would benefit some candidates by decreasing the distance they need to travel (thereby reducing travel costs) to take the lab.  I’m located in the middle of the States so I pretty much equidistant from the two US locations (San Jose, CA and RTP, NC).

The rest of the GroupStudy thread consisted of posters pimping their favorite locations for the new labs.  There were some rumors about specific locations: 

I’ve heard rumors about Dallas, Japan(adding new tracks to existing location), and the UK. However, at the moment, they are having issues with the facility in Australia (lack of proctors).

Thanks,
Brad Ellis
CCIE#5796 (R&S / Security)
CCSI# 30482
CEO / President
CCBOOTCAMP – A Cisco Sponsored Organization (SO)

October 26, 2007

Automatically Upgrade Your IOS With Cisco IOS Auto-Upgrade Manager

David Davis has an interesting article about a new IOS feature to allow automatic IOS upgrades (not sure if you need a user/password to access the article or not).  I encourage you to read it.  Here’s the skinny on the Cisco IOS Auto-Upgrade Manager (AUM – like we need another acronym) from the horse’s mouth:

Cisco IOS® Auto-Upgrade Manager automates the process of upgrading Cisco IOS Software versions on Cisco® 1800, 2800, and 3800 Series Integrated Services Routers directly from the console without additional management software. Whether for a single device or multiple devices, Cisco IOS Auto-Upgrade Manager guides the user through the process of downloading the software to the router and scheduling the upgrade with easy-to-use, interactive mode prompts. More advanced users can take advantage of the Cisco IOS Auto-Upgrade Manager “single-line” command to initiate the process. Either way, Cisco IOS Auto-Upgrade Manager can help reduce the cost of upgrading systems by streamlining the process to perform Cisco IOS Software upgrades by engineers of varying skill levels.

As stated, this only works with 1800, 2800, and 3800 ISRs.  You also need to be running 12.4(15)T and later code.  It also has some prereqs:

  • The feature set must be Cisco IOS Advanced Security or higher (for HTTPS support).
  • The system being upgraded must have Internet connectivity that allows HTTPS (not blocked by a firewall).
  • The user must have a registered username and password on Cisco.com and have completed the Encryption Entitlement Form. Users are automatically prompted for this information the first time they select a strong cryptographic image for download directly in the Cisco Software Center; the form is also available at http://tools.cisco.com/legal/k9/controller/do/k9Check.x?eind=Y.
  • The SSL certificate for the Cisco IOS Auto-Upgrade Manager must be configured (refer to documentation for instructions).

And, as David Davis points out:

Of course, the irony of AUM is that you must first manually upgrade your routers before they can even support the new IOS.

I tried to find some documentation for the new commands (autoupgrade, upgrade automatic, upgrade automatic getversion) but I couldn’t find any details.  There was an example of the upgrade automatic getversion” command in the Cisco IOS Auto-Upgrade Manager documentation:

upgrade automatic getversion {cisco username username password pass image image|url} [at hh:mm|now|in hh:mm][disk-management auto|confirm|no]

This looks like an interesting feature and should work nicely with “warm reboot”.  For enterprises that have a number or devices that require IOS upgrades and do not use a software solution like CiscoWorks this may be a good option.  I wish that it was available on more platforms (specifically switches) but I’m sure that it will eventually work on more platforms.  I don’t like enabling https on Internet connected devices.  I might play with this next weekend to see how well it works on a 2800.

October 25, 2007

I Thought I Told You NOT To Do That!

Occasionally (okay, way more than occasionally) you will fat-finger something in your configuration.  Today I stumbled across something that I hadn’t tried before and experienced some interesting results.

I was mucking about with snmp settings and wanted to remove the snmp configuration:

r1(config)#do sh run | i snmp
snmp-server enable traps bgp state-changes all

I “up-arrowed” one time and added “no” to the beginning of the line.  I was trying to do “no snmp-server enable traps bgp state-changes all”.  I don’t know why I thought that I could up-arrow to the show output, but that another story.  :-)

r1(config)#no do sh run | i snmp
snmp-server enable traps bgp state-changes all

Interesting.  The router ignored the “no” and just executed the show command.  I’m surprised that I didn’t get a “^” and an error message.

This works with other show commands as well:

r1(config)#no do sh ip int br
Interface                  IP-Address      OK? Method Status                Prot
ocol
FastEthernet0/0            unassigned      YES NVRAM  administratively down down

Serial1/0                  10.1.1.1        YES NVRAM  up                    up

Serial1/1                  unassigned      YES NVRAM  administratively down down

“no no” is a…well, no-no:

r1(config)#no no do sh run int fa0/0
                               ^
% Invalid input detected at ‘^’ marker.

Random letters throw an error:

r1(config)#bb do sh run int fa0/0
                     ^
% Invalid input detected at ‘^’ marker.

This does not work when you are not in config mode: 

r1#no sh ip int br
      ^
% Invalid input detected at ‘^’ marker.

I guess that it makes sense for IOS to ignore “no” in config mode when the next word is “do”.  It’s a pretty safe bet that executing the show command was what the engineer really wanted to do, or the engineer fat-fingered the command.

LFU 6: Traffic Shaping Won’t Start By Itself

Frame Relay traffic-shaping tasks can be a real pain in the ass.  Make sure that you don’t skip the simple steps when tackling a complicated FRTS task. 

In this scenario I want to create a simple Frame Relay map-class and apply it to DLCI 102 on interface s1/0.  Here’s my configuration:

map-class frame-relay MYFRAMEMAP
 frame-relay tc 100
 frame-relay cir 128000
!
interface Serial1/0
 ip address 10.1.1.1 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 10.1.1.2 102 broadcast
 frame-relay interface-dlci 102
  class MYFRAMEMAP
 no frame-relay inverse-arp

Done, right?  I go to verify my traffic-shaping and get nothing, nada, zilch:

r1#sh traffic
   <-note: no output
r1#

I try a few more commands:

r1#sh traffic queue
  <-note: no output
r1#

r1#sh traffic stat
                  Acc. Queue Packets   Bytes     Packets   Bytes     Shaping
I/F               List Depth                     Delayed   Delayed   Active

Finally I stumble across the problem:

r1#sh traffic s1/0
Traffic shaping not configured on Serial1/0 dumbass!!!

Okay, so IOS didn’t actually say “dumbass”, but I know that it wanted to.  :-)

Of course I didn’t do “sh traffic s1/0″ right away.  No, it took tons of swearing, adding and removing configurations, and making sure that Frame Relay was set up right before I discovered that I had not actually TURNED FRAME RELAY TRAFFIC SHAPING ON!!! 

Quick fix:

r1(config)#int s1/0
r1(config-if)#frame traffic
r1(config-if)#do sh traffic

Interface   Se1/0
       Access Target    Byte   Sustain   Excess    Interval  Increment Adapt
VC     List   Rate      Limit  bits/int  bits/int  (ms)      (bytes)   Active
103           56000     875    7000      0         125       875       -
102           128000    2000   128000    0         125       2000      – <-booyah!!!

Don’t shoot yourself in the foot after mastering the fine art of FRTS.  Be sure to turn “frame-relay traffic-shaping” on for your interface.

October 24, 2007

Status Update: 16 – 22 October

I have to admit that I really underestimated the amount of time that it would take me to study for the CCIE written test.  I’ve been treating the written test as a minor inconvenience on my way to the lab.  I had figured that by studying for the lab I would have the knowledge to easily knock out the written with minimal study time.

As I begin my third straight week of (mostly) dedicated written studies, I am forced to admit that I was wrong.  Part of the problem is the amount of theory that you need to memorize (i.e. “What’s the third BGP attribute considered when evaluating a route?).  The other major issue is the addition of MPLS and IPv6 to the exam.  I am very weak in both areas.  I am also pretty weak in QoS (mostly legacy Frame Relay QoS) as well as Multicast.  Those four areas are going to require a lot of study before I feel that I am up to the level that I need to be to pass the written.

I am already behind where I thought that I would be in my studies (I planned to be tackling full practice labs at this point).  Putting the needed time into studying for the written is only going to push me further off of my goals.  Even if I passed the written tomorrow, I would not be able to book a lab in early April as I had planned.  If I am able to pass the exam in 4 weeks (which is probably a realistic goal), then I would be looking at a lab 6 months out from mid-November. 

I’m changing my target date for the lab from 01 April to 01 June, 2008.  That will give me more time to dedicate towards passing the written exam as well as more time to tackle practices labs.  I really want to take the exam before summer starts.  My new “Days Until Lab” will reflect the 01 June date.  If I feel ambitious, I’ll go back and update my previos status updates to reflect that date as well.

Anyhoo…here are my goals from last week:

12 hours of mixed technology labs. Schedule my CCIE written exam. Review QoS. Complete MPLS CBT.

I actually exceeded my lab goal by two hours.  I concentrated on QoS labs.  I also completed my review of QoS.  I am feeling pretty good about that subject now.  I did not schedule my written exam yet because VUE sucks ass.  I tried a couple of times online to get the ability to book Cisco tests.  Can you say “bit bucket”?  I finally broke down (thank you for the tip Erica) and called VUE.  After they took all of the same information that I had already submitted online (twice!) they told me that it would take a few days for their “systems to reflect the changes.”  That was Monday, I still do not have the ability to book Cisco exams online.  Arrgghhhh!!!!!  I also did not complete the MPLS CBT.  My job has Knowledgenet CBTs that we can use, but they are hosted on a server at work.  I managed to complete the first two modules, but since they use audio it was hard to sneak in study time (unlike reading PDFs).  I am going to VPN in [can I use VPN as a verb?  Sure I can! :-) ] and complete that course from home.  The Knowledgenet material is very good (so far).

Speaking of work, my workload has increased quite a bit over the last few weeks.  We are heading in to an annual tech freeze.  There is a period of time each year when the business units are in their peak business cycles, and no tech changes are permitted without a change control authorized by God.  That’s great, except that the weeks running up to the freeze are really busy as everyone tries to implement their changes before the freeze.  So my available study time is going to be decreased over the next month or so.

My goals for the week: 8 hours of QoS labs. Schedule my CCIE written exam (hopefully).  Complete MPLS CBT.  Begin IPv6 studies.  Possibly begin IPv6 technology labs.

Days Until Lab: 221
Readiness (1 to 10): 2
Lab Hours This Week 14
Study Hours This Week (estimate): 12

October 22, 2007

Interesting…

I stumbled across this on GroupStudy (the original question concerned study materials):

As a side note a new highly successful approach that we (Internetwork Expert) are recommending to certain candidates is taking only 5 or 6 full scale labs but doing them 4 or 5 times each.  Then during the last week or two before the real lab taking 2 or 3 additional full scale labs and doing them once or twice each.  This approach should get you to the point where you can do any of the 5 or 6 labs within 4 hours and be able to complete the additional 2 or 3 labs within 5 to 5.5 hours.  You would be amazed at the amount you can learn by doing a lab more than once.  Plus one of the big benefits with this approach is that you gain speed and accuracy (accuracy = correct configuration the first time around) which is important in passing the lab.

Brian Dennis, CCIE4 #2210 (R&S/ISP-Dial/Security/SP)

There were posts requesting more details, but I guess that I’ll have to wait until next week to get more details as I am not subscribed the the GroupStudy mailing list (I don’t have the time or inclanation to sort hundreds of emails a week- I already do that at work :-)  ).

How To Show Map-Class

One of my Friday morning rituals is to read through the GroupStudy archive for the week before.  I generally just skim the subjects and open the threads that look interesting.  Since I was doing a bunch of Frame Relay QoS labs this week, the following posting was very timely:

Hi,

How can I see a map-class configured on my router?  There is no command such as “show map-class”.

Thanks,
Navid

Try “show run map-class:

Rack1R1#sh run map-class
Building configuration…

Current configuration:
!
map-class frame-relay test
 frame-relay cir 56000
end

For FRTS using map class use show “frame-relay pvc xxx (dlci)” to see the FRTS info.  Also try “show traffic-shape”

Hope it helps.

-BQ

I ended up using this command a lot over the weekend.  You can use “show run map-class” to see all of the map-classes configured on a box, or use “show run map-class [type]” or “show run map-class [type] [name]” to filter your results:

To see all configured map-classes:
r1#sh run map-class
Building configuration…

Current configuration:
!
map-class frame-relay MAPCLASS1
 frame-relay tc 10
 frame-relay cir 56000
 frame-relay bc 560
 frame-relay be 80
!
map-class frame-relay MAPCLASS2
 frame-relay cir 512000
 frame-relay bc 51200
 frame-relay mincir 500000
 frame-relay ip rtp priority 16384 16383 256
!
map-class dialer MAPCLASS3
 dialer fast-idle 10
 dialer isdn speed 56 spc
end

To see all map-classes of a type (frame, atm, dialer):
r1#sh run map-class dialer
Building configuration…

Current configuration:
!
map-class dialer MAPCLASS3
 dialer fast-idle 10
 dialer isdn speed 56 spc
end
To see a specific map-class:
r1#sh run map-class frame MAPCLASS2
Building configuration…

Current configuration:
!
map-class frame-relay MAPCLASS2
 frame-relay cir 512000
 frame-relay bc 51200
 frame-relay mincir 500000
 frame-relay ip rtp priority 16384 16383 256
end

Next Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 113 other followers