CCIE Pursuit Blog

December 28, 2008

Lab Tip: Start Your Troubleshooting With The Basics

I was racking my brains (what little I have…as you’ll soon see) as to why I couldn’t get my EIGRP adjacencies to come up.  Everything was fine up until I configured rotating keys:

key chain KEY_ROTATION
 key 10
  accept-lifetime 00:00:00 Jan 1 2008 00:15:00 Jan 1 2030
  send-lifetime 00:00:00 Jan 1 2008 00:05:00 Dec 31 2030
 key 20
  accept-lifetime 00:00:00 Jan 1 2030 infinite
  send-lifetime 00:00:00 Jan 1 2030 infinite

I removed and re-added the keys.  I made sure that the clocks on the routers were all set to the same time.  I shut/no shut interfaces.  I added and removed the ‘ip authentication’ commands on the interfaces.  I checked for spaces after the key chain name.  I even took out key 20 so that there was only one key.  Nothing worked.  WTF?!?  This shouldn’t be so difficult.

Then I finally ran a simple verification command that I should have run much, much earlier:

R2#sh key chain KEY_ROTATION
   * key 10 — text “(unset)”
        accept lifetime (00:00:00 UTC Jan 1 2008) – (00:15:00 UTC Jan 1 2030) [valid now]
        send lifetime (00:00:00 UTC Jan 1 2008) – (00:05:00 UTC Dec 31 2030) [valid now]
  * key 20 — text “(unset)”
        accept lifetime (00:00:00 UTC Jan 1 2030) – (infinite)
        send lifetime (00:00:00 UTC Jan 1 2030) – (infinite)

Notice the “(unset)” bit?  Yup.  I forgot to CONFIGURE THE PASSWORD!!!!  I was concentrating so hard on getting the accept and send lifetimes correct that I forgot to configure the most important bit.

The reason that I’m advertising my idiocy to the world is because it’s important in the lab (and in ‘real life’) to make sure that you verify the basics before you start ripping apart configurations and pulling out your hair.  I seriously wasted about 20 minutes on this mess.  In the lab I would have been under much, much more stress and those 20 minutes (besides being about 5% of my total available lab time) could easily have stretched out longer…or I could have moved on and lost some “easy” points.  😦


  1. Well, I think this is a very important point that you raise here. I agree that troubleshooting should proceed bottom-up. Not only in the CCIE lab but also in real world troubleshooting, you should start from the network layer going up to the application layer one-ny-one.
    Thanks for the post!!

    Comment by Tarun Lohumi — December 29, 2008 @ 8:49 am | Reply

  2. I’m a follower of your blog for quite some time… What a funny story! Eheh! I had a “deja-vu”… 😉
    It happens to everybody… I think!

    Comment by Ric — December 29, 2008 @ 1:36 pm | Reply

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

%d bloggers like this: