CCIE Pursuit Blog

June 10, 2009

So You Wanna Cheat On The CCIE Lab?

Filed under: Cisco,Cisco Certification — cciepursuit @ 11:55 am
Tags: , , , , ,

We all hear the rumors about the companies that have somehow procured all of the copies of the various CCIE labs and will sell you access to them for just slightly less than the actual cost of the lab.  It’s nearly impossible to escape the Ad Sense served ads pointing candidates to these sites(it seems that every time I open a gmail with “CCIE” in it, Google serves up an ad for these sites).  They’re constantly tempting candidates with a quick and somewhat cheap(compared to failing the lab multiple times – or if you get a group of candidates to pitch in to cover the cost) way to pass the CCIE lab.

Of course, most candidates wouldn’t cheat.  Of those that might be tempted to do so, they’ll probably ask themselves whether sending $1000 overseas to an anonymous person for a product which you have no way to verify if it’s legitimate or not, is a good idea.  Who would you complain to if the labs were bullshit or if you didn’t receive anything?  It seems that there is a small percentage of candidates who decide to fork over the money to these companies.  A recent GroupStudy post details the experience of one such candidate:

hi, guys
Just a kind reminder, the really sucks, I have very bad experience with this jerk evil company.

This company claim that they got the real lab exam questions and diagrams, and is selling their material for thousands of dollars, after you payed money, they will ask your real name, cisco candidate ID, ccie written test score and taken date, all these infor are used to watermark all the materals they are giving you to prevent you from leaking these materials to anybody else, and used to threaten you in the future, to bond you with them forever, if you don’t want give them these info, they won’t give you the material even you paid them, which make you feel very bad, after you sent them the info, they know that your infomation and they can access your cisco profile with this info anytime if they want

Finally, you got the material, you’ll found that the wording of the questions is very bad, you can’t understand what the question really about, confuse you a lot, and this company don’t have technical support about the material, later, you will find their resolutions to the questions have too many errors and mistakes, if you use this anwers to go for exam, you will fail for sure, the resolution to the question really sucks.

>From the website, they have the news about the new updates about the test, but when you ask for the updates, you have to send them your real name, cisco candidate ID, written test date and score again, if you put anything wrong in this info, they will refuse to give the updates. even though you give them the right info, you have to ask them 2 or more times to get it

After you failed, your account may expired, coz what you purchase is only 3 or 4 month account on their website, then you will lose the access to the materials ( it is web connection based access to the material, if no internet, you have no access, you can’t save it, and all water marked with your inportant info), if you renew it, you have to pay almost the same money.

At last you will find that you spent the money, you can’t pass the ccie in a short time as you expected, you may fail 3 or more times, finally found out that you waste money too.

Due to my personal life, I can’t pusue this CCIE anymore recently, I have to wait for 3 years, I really hate myself now and this, I created this new id here to tell you guys the story, coz the cciecert evil guys sneaks aroung here and solicite candidates in dark here, my advise is: don’t trust them, they are just liers.

Obviously, the poster received little sympathy on GroupStudy(or here).

So not only do you need to send a large sum of money to an anonymous person, but then after you have paid you will need to give them your real name and Cisco ID, as well as your written test score and the date you passed the written exam.  The company now has you by the balls.  Even if you pass the lab – with or without their labs – they have a very easy way to identify you to Cisco so that Cisco can revoke your digits.  The more conspiracy-minded might even consider that this could be a honey-pot for Cisco.  🙂

Even if these companies have copies of the actual labs and you’re willing to shell out to cheat, do you really want a company to have your unique Cisco identification information on file?  Your poor decision today could end up costing you much, much more in the future.


March 25, 2009

Group Study: The Top Ten Indications You Have Sat the Lab Too Many Times

Filed under: Cisco,Cisco Certification — cciepursuit @ 7:43 am
Tags: , , , , ,

I stumbled across this on GroupStudy:

The Top Ten Indications You Have Sat the Lab Too Many Times :

Number 10 – Visitor parking at Cisco features a spot with your name on it.

Number 9 – Visa calls you to inquire if someone at Cisco may have stolen your Credit Card.

Number 8 – You have earned 65,000 flight miles in the last year.

Number 7 – Your wife asks “Who the hell are you?” when you return home from your latest attempt.

Number 6 – You can now type 90 words per minute.

Number 5 – Your boss indicates that he has a task for you and you respond “How many points is it worth?”

Number 4 – You have recurring nightmares about redistribution and ping packet drops

Number 3 – Your new nickname on the InternetworkExpert forum is “That poor bastard!”

Number 2 – While romancing with your girl, all you can think about is full IGP reachability.

and the Number 1 Indication You Have Sat the Lab Too Many Times:

The proctor hands you your badge and says “You are on Rack 5 – AGAIN!”


Deepinder Singh Babbar
CCIE R&S #20182

February 9, 2009

GroupStudy: First Feedback On New CCIE Lab Open-Ended Questions

Jason on Groupstudy recently passed his CCIE lab in RTP.  He is the first candidate that I have read about who has given feedback on the new open-ended question portion of the (Routing and Switching) lab:

I was actually trying to avoid talking about the Open Ended question, because I don’t know what the NDA even allows me to discuss or not discuss about them and even though I just had them I still don’t know much about how they are used in the testing process.  I will say that personally the questions were not difficult, but I’m sure that there’s is a very huge pool of them so in my opinion there’s no telling what a person may get.  I still don’t even know how they’re graded or how that grade, if it exists, affects your overall lab results.  Maybe they’re being vague about things on purpose…I don’t know.  They are, just as their name implies, open-ended. No multiple choice…no interviews…just questions that you read and provide a typed response to.  I agree with Cisco’s statement, that CCIE candidates *should *be able to answer them without much difficulty, but what if someone just so happens to get the handful of questions that they hadn’t prepared for as much as they should have even though they may have spent a year or more studying / testing / labbing?   I’m sure something needs to be done if there are integrity problems with the lab material, but I just don’t know that these open ended questions is the solution they’re looking for.

You will NOT be able to reference the Cisco documentation during the open-ended question portion of the lab.  Since Jason passed his lab (congratulation by the way) he did not receive a scoring report (well…the best type of scoring report, the one that just says ‘Pass’):

No, there are no references allowed for the questions.   They never clarified about the points or weights for the questions.  They really didn’t provide any information about that part of it at all.  I wish I knew. Although the questions are “open-ended”, everyone should be prepared to answer very specific questions.  I think that’s about all I can say.

Another candidate’s comment indicated that you needn’t worry about composing an essay response for each question:

Don’t stress about the questions. They are short answer questions for one question I answered with 2 words.

I encourage you to read the entire thread but here are the major points about the new questions:

  • You’re given the questions at your workstation and you answer them on your PC (not an oral interview).
  • You can ask the proctor for clarification on the questions.
  • You are given up to 30 minutes to answer the questions, but as soon as you finish them you can begin the lab.
  • You are not granted additional time for these questions.  If it takes you the maximum 30 minutes to complete them, then you will only have 7.5 hours for your lab.

Hopefully this clears up some of the confusion and angst about this new addition to the lab.

February 3, 2009

GroupStudy: Great CCIE Study Strategy

This recent posting to the GroupStudy mailing list contains a lot of great suggestions for CCIE candidates who are crafting/refining their study strategy:

1st) Do practice labs! It’s that easy, do as many as you can from a reputable vendor. I’m not here to prop one vendor over another…just find 1 (more if possible) that has a proven track record and do their labs. *The key is not so much the material but how you study it! Do the labs just like you’re are going to do the real lab! Meaning…in the real lab you don’t get to see the questions or the topology before hand, you don’t get to go to a proctor guide or google when you get stuck, you have 8 hours. So, when you have a lab manual, schedule your 8 to 10 hours, don’t look at any of the material before hand…then just sit there for 8 hours straight, beating your head against the wall, using only the doc cd. When you start, don’t touch a router until you have read through the whole lab, written down your “blue print” and point values and have a plan for the lab. Then go at it, if you get stuck or stumped, don’t look up the answer! Track your points and save your configs (maybe a show ip route or ip bgp or what ever is relevant as well) to your PC for grading yourself later.

When you have finished (either right after if you’re that impatient) or the next day go through the lab and grade it, be honest with yourself, and find out what you missed, then study it, learn it and understand it. (Those are your “off” days). Then, schedule your next Lab session and do it again!

At first you’ll get owned, feel like crap and wonder what in the hell you are doing. Probably will take you more than 10 hours to get through the labs, but do it all. After the first 5 to 10 you’ll get to where you can finish them in 8 hours, hopefully even sooner after 15 or 20 (the assumption is the labs get progressively harder but you are getting even faster). *part of completing a lab, is going back through the questions and verifying each task…without fail you will find at least one thing you did wrong or missed…that means you need to calculate that into your 8 hours. Get in the habit though

2nd) Once you have done 5 or 10 labs, if you are in a position, do a graded mock lab or… 7. See how you do. I wouldn’t worry so much about the score or “explanations” after the fact, but more of “did I come up with A solution for every section?” “Did I finish it in time?” “How was my time management?” “How well did I think on my feet?” (While I did not pass one of my mock labs, I always completed them, came up with solutions and learned how important it is to notice the little details) Use the mock labs to evaluate your testing strategy.

In all I did over 30 full labs (including my mock labs)…so sitting down for 8 hours in the real lab was nothing for me, I had been doing it 2 to 3 times a week for months. That kind of experience is crucial for success in the real lab. What’s more, I finish my lab (had a solution in place for each question) in 5 and a half hours and was able to spend the next 2 hours going back over each question. I easily earned between 15 to 25 points that way. Having that extra time allowed me to re-read scenarios, pick up on key-words, verify syntax et…You need to be able to get through the lab quickly…if you have done 20+ “labs” all ready, the real lab isn’t nearly as daunting in terms of time or manageability.

The point is this, you can’t do practice labs one way and think that you’ll do the real lab another. The real lab should be 2nd nature in terms of your initial read through and assessment, your time management and troubleshooting of individual scenarios, and your re-read and verification at the end.

I hope this has been helpful. Doing simple math 8 hours X 2 or 3 times a week = a lot of time and that doesn’t include the “off” days where you need to “grade” your self, study weak areas, practice configs, and browse the doc cd. It’s a huge investment of time, but if you’re going to do it, do it right and don’t “cheat” yourself.

January 1, 2009

Group Study: Good Explanation of the Voice VLAN

Filed under: Cisco,Cisco Certification,IOS — cciepursuit @ 1:51 pm
Tags: , , , , ,

I’ll admit it.  The voice VLAN confuses the hell out of me.  In our production network we assign an access VLAN and a separate voice VLAN to each user switchport:

int f0/1
switchport access vlan 100
switchport voice vlan 200

My understanding is that this is a trunk.  We’re trunking VLANs 100 and 200 to the IP phone.  But if you do a ‘show interfaces trunk’ command, the ports configured for a voice and data VLAN do not show up as trunks. And if we look at the switchport setting for the port, we can also verify that it is not trunking(output is from a 3640 with a NM-16ESW module emulated via Dynamips):

sw1(config-if)#do sh int f0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access

Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Disabled
Access Mode VLAN: 100 (VLAN0100)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 100
Priority for untagged frames: 0
Override vlan tag priority: FALSE
Voice VLAN: 200
Appliance trust: none

The 3560 configuration guide even goes so far as to warn you:

Note Voice VLAN is only supported on access ports and not on trunk ports, even though the configuration is allowed.

Also, I’ve been told “No silly little man, those aren’t trunk links.”  Okay.  Then how the hell are we passing two separate VLANs between the IP phone and the switchport?

This dilemma was recently raised on GroupStudy:

Dear groups,
If we said switchport voice vlan under the interface, it’s mean the port become a trunk ?
When we have switchport access vlan also, which one is tag with vlan header after exiting the port ? Voice vlan or data vlan ?

The official Cisco stance is that this is not a trunk:

Cisco calls this a Multi-Vlan access port, and NOT a trunk port. if it were a trunk port, according to Cisco, it would flood all vlans configured on the switch out to the phone. As you probably know already, a port configured for voice Vlan does not flood out all Vlans to the phone, just the voice vlan frames (tagged) and the data frames ( untagged ).

Multiservice switches supports a new parameter for IP Telephony support that makes the access port a multi-VLAN access port. The new parameter is called an auxiliary VLAN. Every Ethernet 10/100/1000 port in the switch is associated with two VLANs

A Native VLAN for data service that is identified by the port VLAN identifier or PVID

An Auxiliary VLAN for voice service that is identified by the voice VLAN identified or VVID.

– During the initial CDP exchange with the access switch, the IP phone is configured with a VVID.

– The IP phone also supplied with a QoS configuration using Cisco Discovery Protocol. Voice traffic is separated from data, and supports a different trust boundary.

Data packets between the multiservice access switch and the PC or workstation will be on the native VLAN. All packets going out on the native VLAN of a 802.1q port are sent untagged by the access switch. The PC or workstation connected to the IP phone usually sends untagged packets.

Voice packets will be tagged by the IP phone based on the Cisco Discovery Protocol information from the access switch.

*The multi-VLAN access ports are not trunk ports, even though the hardware is set to dot1q trunk*. The hardware setting is used to carry more than two VLANs, but the port is still considered an access port that is able to carry one native VLAN and the Auxiliary VLAN. The ‘switchport host’ command can be applied to a multi-VLAN access port on the access switch.

If I understand this correctly, although the switchport is configured to use two different VLANs, only the voice VLAN traffic is actually tagged by the IP Phone.  The data VLAN is sent untagged (making use of the native VLAN dot1q feature).  This STILL sounds like trunking to me though.  🙂  This gives me high school Physics flashbacks about photons (“Is it a wave or a particle?” “It’s both…and neither.” <head explodes>). Scott Morris agrees:

That’s a fancy name for a small trunk.  I agree.  If you have tagged frames, it’s a trunk.

If it has two wheels and pedals, it’s a bicycle.  They have some weird looking ones these days, but they’re still bicycles. Call it a multi-unicycled transportation device if you want, but it’s still a bicycle.

Would you see anything different if you turned off CDP, set the port as a trunk port, used the trunk allowed vlan command to only allow the access/voice vlans, set the native vlan to equal the data vlan and went down that path?

Scott Morris, CCIE4 #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al.
Senior CCIE Instructor

So I guess that I’ll just have to accept the whole trunk/non-trunk duality when it comes to the voice VLAN.

April 13, 2008

Nerd Humor IV

Filed under: Cisco,Cisco Certification — cciepursuit @ 8:10 pm
Tags: , , , ,

More poking fun at what has become my biggest source of aggravation – Cisco Documentation:


Just be patient for some more time.

They will bring a new CCIE track explicitly for DocCD/UniverCD searching skills.

It will be called CCIE (D/U).

In the lab, there won’t be any 8hr time constraint. It will be unlimited as they will charge you on hourly basis until you become insane /bankrupt.

 lol !!.


March 28, 2008


Every few months on GroupStudy there will be a story about a CCIE candidate going to lunch and coming back to find out that the proctor has messed with their configuration.  I always figured that this was just an urban legend, but then I experienced an ATTACK BY PROCTOR firsthand.

On Wednesday I took one of Internetwork Expert’s Graded Mock Labs.  I had successfully completed IGP redistribution  and had verified that I had end-to-end connectivity via TCL scripts.  I hurried up and applied the basic BGP peerings.  Then I consoled into each device and wrote the configuration.  Just before I went to lunch (actually just a 20 minute break to pick up my son) I reloaded all of the devices. 

When I got back I ran my TCL script again and noticed that my connectivity was broken.  Between IGP redistribution and basic BGP peering my network somehow “broke”.  I figured that I must have really messed something up with my BGP configuration since everything was fine after IGP redistribution.  I went back and verified my BGP configuration and peering on each device.  Maybe I lost some configuration when I reloaded – even though I was careful to make sure that I wrote each device before reloading.  All of my BGP configuration was there so I obviously wrote each device as that was the last configuration I had completed.  All of the BGP peerings were up and I was seeing routes coming in on the peerings (the ones that should be sending routes at least).  WTF?

I didn’t want to waste a ton of time troubleshooting this mess, so I soldiered on with the exam and made a note to run the TCL scripts again later.  When I did eventually run the scripts again, my network was still broken.

I finally started to look at the individual routes that were missing.  My issue seemed to be between the hub and spokes on one of the Frame Relay networks.  I still could not find an issue with BGP.  I took a look at my OSPF neighbors and I found that my OSPF adjacencies from my hub to my spokes were gone.  I still had some routes coming in via a virtual link between my hub and one of my spokes.  How the hell did that happen?

I looked at my OSPF configuration on my hub and found that my neighbor statements to the spokes were missing.  I added them back into the configuration and then ran my TCL scripts again.  Hallelujah!!!  I had full connectivity once again.  Although I had written my configurations after each task I must have somehow not written r5’s configuration after I finished my first OSPF task?  I continued on with the lab as I only had about 20 minutes left at that point.  I did not reload the routers again before finishing the test.  I did make sure that I wrote my configurations on each device and saved out my configurations to textfiles on my desktop.  I probably verified that those neighbor statements were still on r5 about 10 times before the lab ended.  🙂

Thinking back about this issue later I realized that since my BGP configuration was still on r5 I had definitely written the configuration on that device.  The neighbor statements must have been removed when I reloaded that router.  Somehow those devious bastards at IE must have removed my configuration.  They probably have a script that somehow removes those two lines of configuration whenever r5 is reloaded.  I had experienced the dread ATTACK BY PROCTOR!!!

Or not…. 🙂

I went to ccie-in-3-months to see if Tassos had experienced any similar issues with his mock lab and found this:

…I decided to reload all routers! What was even more disastrous, was the fact that i reloaded them all at the same time and i didn’t look at their logs while booting.

The result? After the reload, something wasn’t working as expected. After a quick search I found one router which seemed not to be running OSPF. I checked its configuration (thank god I had saved all my session locally) and I found that there were two “neighbor” commands missing! I added them and reloaded again. This time I watched the logs and there was an error message saying that this particular command is not supported on this kind of topologies (a bug? command is accepted while configuring, but it’s rejected after reloading). So i saved my configuration and warned (through email) the proctor about this behavior.

Here’s his post on the Internetwork Expert Mock Lab 1 forum:

Task 4.1

After reload:

Cisco 3640 (R4700) processor (revision 0x00) with 111616K/19456K bytes of memory.
Processor board ID 13831044
R4700 CPU at 100MHz, Implementation 33, Rev 1.0
2 Ethernet interfaces
2 Serial interfaces
DRAM configuration is 64 bits wide with parity disabled.
125K bytes of NVRAM.
32768K bytes of processor board System flash (Read/Write)

OSPF: Neighbor command is allowed only on NBMA and point-to-multipoint networks
OSPF: Neighbor command is allowed only on NBMA and point-to-multipoint networks

Press RETURN to get started!

Like I said, I didn’t reload the router a second time.  I also would not have thought to watch the reload output.  So the good news is that it was not ATTACK BY PROCTOR but I was the victim of a bug.  [My network type on the hub and spoke was NBMA per the task].

This was actually a good experience as I got to do some troubleshooting under pressure.  I did fuck up my troubleshooting as I assumed that the issue was with BGP and did not troubleshoot outside of BGP until much later.  This was also a potentially disastrous experience as I would have lost an untold number of points due to not having end-to-end connectivity.  I am a bit disappointed that IE had not addressed this bug.

Oh, and the ATTACK BY PROCTOR rumor?  It’s exactly that – a rumor:

Hi Maruilio,

Thanks for the reply!!!

Could you please give a clarity on proctor’s behaviour during the Lab exam? I’ve heard that proctor’s occasionally changes the configuration while the exam is on eg- erase passwords, erase configurations, shutting down the interface, changing the IP addreses, etc. I am not sure if that’s all true? If it is, is that justified? I’ve also heard that you should not be too fast even if you know are pretty confident of your configurations because proctor’s probability of changing the configurations increases. Is that also true?

If the above is true, I also want to know to what extent are proctor’s authorised to play with the configurations during the exam?

My second query is – when the lab starts do we get all the devices with zero configurations or we have to first erase all the pre-configured inappropriate configuration on the devices?

My third query is out of curiosity – what method does proctor’s use for checking the lab created by the student?
Saurabh Garg

Hi Saurabh,

These are all rumors and do not reflect the CCIE Lab environment.

Proctors do not touch any of the candidate’s devices during the exam.The only exception will be if a candidate thinks that something is not working because a possible failure on your rack the Proctor will ver[if]y it, but the candidate will be aware of it. Proctors do not touch or play with candidate’s configuration during or after the exam.

When you start the exam your routers and switches will have an initial configuration such IP addresses, hostnames, passwords. Depending of the exam you may have more pre-configuration. The ‘General Guidelines’ of the exam will state what you can change and what not can be changed.

We do have a process to development each question of the exam and it is based on results. By the end of the exam Proctors use an automatic tool to save the candidate’s configuration into our database and to verify some questions and do some connectivity tests like pings, verify routing tables, and so on. Then Proctors will manually verify the results and all remaining questions to come up with the final score.


March 15, 2008

Nerd Humor III

This is from a GroupStudy thread about the existence of a paper copy* of the DOC CD:

Will the paper copy of the docs cd have a million broken links in it also?-Dane

* I guess that Cisco used to print these up and they were quite voluminous – literally.  🙂

I did this once and it came in three very large boxes.  Not banker boxes, but more like 3′ x 3′.

The complete 9.1 docs take up about a foot worth of shelf. That includes the 9.14/9.17 addition. Last printed manual I saw was in the 11.x range and it took the entire bookcase. At that rate 12.4T takes my entire office.

March 4, 2008

Nerd Humor II

Filed under: Cisco,OT: Humor — cciepursuit @ 11:11 am
Tags: , , , , ,

This posting  describing slow e-mail response made me laugh:

I see them showing up in about 24 hours. Seems like SMTP over USPS.

December 7, 2007

Initial Faults – When And How To Find Them

Here’s a thread on GroupStudy concerning intial faults in the CCIE Lab (errors that are placed in the pre-loaded configurations) and methods used to discover them.  The Internetwork Expert labs (Volume II and III) have these types of errors in their initial configurations.  I have struggled with how long I should be spending hunting them down and whether I should sniff them out before I start the lab or just correct them as I discover them in the lab.  This post has some good strategies concerning this.

Implicit in this discussion and the fact that IE includes these faults in their labs (I can’t speak for the other vendors, but due to Scott Morris’ responses I would assume that IPexpert does as well) is that there is a very good chance that the actual lab contains these types of errors.  I think that coming out and verifying this would break the NDA, but I would fully expect to see some errors in the initial configurations.

I have posted the original question along with some interesting responces:

Hi All,
From what I have heard aboutt the lab, there are a few initial mistakes that you have to correct to get a couple of marks (IP Addresses, Mask etc). Tried to see if there is a pattern or flow that I could induct in my lab practise to find these, but no avail. Just a beginner in the CCIE World so don’t have much idea abt lab strategy right now.

Please suggest if there are any Tips or Tricks that i can use to find these initial glitches. And most importantly when should I start looking for them..

Thanks in advance.

With Regards,
Rakesh Menon


When I practice with the IE labs and I usually find the mistakes while doing the actual lab. And I generally figure the problems when I am working through the switching tasks.

You could have a quick look through the initial configs and match them with the diagram. Try working through the switching section and see if you can see where the mistakes are.


That always depends on the evils of the lab…  🙂

“sh ip int br | exc una” is a good place to get your IP addresses.
“sh run | in interface|ip address” is a good place to get your interface, IP and MASK information.
“sh int | in is up|Internet” is a good place for interfaces that are really up, plus IP and VLSM information.

Tweak things around for whatever you are searching for!  But each lab may be different in terms of how much is or is not preconfigured for you!

[note: I combined two of Scott Morris’ responses.  The text below actually comes from another of his posts.]

I would read the lab and look at HOW MANY faults I was supposed to find.  If there was something major that made me paranoid about changing it, I’d go ask the proctor “did you really do this?”
I would strongly recommend reading through the whole lab (twice!) BEFORE you do any troubleshooting or touch your keyboard!!!  That way you have a good solid picture in your head of what is supposed to be there.

Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE-M
#153, JNCIS-ER, CISSP, et al.
VP – Technical Training – IPexpert, Inc.
IPexpert Sr. Technical Instructor


Something I found useful was to take a snapshot of all the configs prior to making any configuration changes.

This way I had a snapshot of what I had been given to begin with and should I accidentally delete/change/modify something I wasn’t supposed to I could refer back to the snapshot and recover what I had been given.



Dear Rakesh,

I don’t think you should waste too much time trying to find the initial errors because you have no idea what you are looking for. Trust me, I wasted a good 30  minutes which i could have used for my final verification.

These mistakes that have been introduced will definitely interfere with the completion of a task (it wouldn’t be a mistake otherwise). So the key is to verify after you finish each task and you will find the mistakes as you go along.

The best strategy to start off would be to draw out the IP Topology  presented to you (On a separate Sheet) and write out the IP addresses/mask from the live system. Take no more that 15 minutes for this. This will give you a good idea of your Topology and will help you weed out any mistakes in IP Assignments. I think what Spathas said is a very good idea – to take a snapshot of the config before you start.


Ranjith Samuel.


The approach that worked for me best was:

1) Log on to all devices and to see if you were given a pre-configuration in sync with the scenario.  The reason to do this was to discover possible issues with the lab early.  Takes 5 minutes. One time I was given the wrong setup.
2) Read the scenario and do your homework
3) Fix the issues as you complete the Layer 2 tasks, then check basic connectivity again.  “sh run” is great at discovering “typos” and the like.  However, not all issues appear in sh run (I am thinking of VTP, system MTU, SDM and other goodies).  Do not forget to check if console logging is on.



Next Page »

Blog at