From: joshua lauer (jslauer@hotmail.com)
Date: Sun Mar 18 2007 - 12:18:07 ART
sitting in a hotel room? Dude, I would be out hitting the town!! Are you in
Heinz's camp in germany? If so, waste no time and hit the beer :) I go to
germany once a year to visit family and it rocks.
Josh
----- Original Message -----
From: "Darby Weaver" <darbyweaver@yahoo.com>
To: "Dan C" <cdan2154@gmail.com>; <ccielab@groupstudy.com>;
<gordonccie@yahoo.com>
Sent: Sunday, March 18, 2007 10:08 AM
Subject: Re: Lab Strategy - Please Comment
> Excellent Additions.
>
> Actually, as I sit here in my hotel room and go over
> things with a friend of mine and walk him through my
> strategy it has occcurred to me to work a bit smarter
> as well.
>
>
> I have decided to add aliases (I have not been using
> these but they cannot hurt me much) to my pre-lab
> list.
>
> I also decided it may not be a bad idea to turn on
> multicast-routing, IPv6 per router, and do a few extra
> config tasks like set the time on all routers. Set my
> timestamps etc.
>
>
> I thought I would use the send * to copy and paste the
> configs. I also thought I would use it to reload the
> routers as required. At 2 minutes per reboot or so,
> I'm thinking it is really wise to do it after I
> achieve end-to-end connectivity, again after I have
> added all my "extra configs - like auth and setup my
> root bridge, etc." I am toying with this and rather
> like the idea. My tcl scripts and my 3550 macro are
> hard-coded in my brain.
>
> I am proving to be amazingly quick, fast, and
> efficient at spotting the issues and explaining why
> for each as I tutor my room-mate and prepare to meet
> Heinz Ulm.
>
> My "stick-man" diagrams are simply efficient and it is
> taking me less than 14-15 minutes to draw my entire
> topology for Switching, my point matrix checklist, my
> physical toplogy, my IGPs, my BGP, my IPv6, and my
> Multicast diagrams.
>
> My quick run through all 10 devices - sh run and sh
> ver is only taking me about 5 minutes - 10 minutes
> and I am confident I can spot "troubleshooting issues"
> fast and efficiently as well as perform the
> corrections as well.
>
> I am finding that my methodology is lightening fast
> for my link layer configuration and configuring my
> switches fot VTP, veryifying it and vlan propagation,
> configuring trunks and verifying, and assigning vlans
> to interfaces. This whole process is extremely quick,
> accurate and verified in like 5 minutes flat on a bad
> finger cramp.
>
> My link layer connectivity methodology is equally fast
> and using my stick diagram and very quick pings it is
> proving delightfully fast.
>
> The same can be said with my per-IGP configuration.
> Issues like Auth, stub areas and other misc, tweaks
> are not included here as they distract from the
> misssion of achieving connectivity early on. My only
> goal is connectivity and getting up, done, and verfied
> in the most efficient manner possible. Adding other
> items now may slow me down and may cause me to miss a
> link - if I get side-tracked. Not this time. I did
> this before. I am extemely well-discined now it
> seems.
>
> Now I address the issue of Redistribution where
> required. This is usually quick and in my tried and
> true battles with redistribution - now fairly
> painless, I am keenly aware from battered and bruised
> ego's vantage of higher to lower admin distance,
> Tagging techniques (very preferred if not a removed
> option).
>
> My "sii" alias serves me well as I use it at the send
> * prompt and just log back into each router and grab
> the output for easy and quick typing into notepad - 10
> Devices 1-2 minutes with pruning and config of both
> the tcl and macro script. How's that for efficiency.
>
> Now since I have verified my link-layer connectivity,
> my per-IGP connectivity, and my redistribution with a
> quick ping from a far router, I will now run my
> scripts and again use the send * command for each one
> and immediately check the results. I know the tcl
> won't work on the switches and the macro will not work
> on the routers - but this is about speed here and
> getting the task done on all 10 devices in only a few
> minutes time and correcting any errors found -
> quickly.
>
> From here - Darby has gotten older and invariably a
> bit wiser. So at this point I turn on debug ip
> routing and then reboot my pod using the send *
> command. I watch the screens and the debug output to
> verify that my routing debugs are as expected on a
> per-Router basis. I have this down pat. So it takes
> a few brief minutes - but I remind you if I had to
> troubleshoot any single problem, it could easily take
> this time and more as well as drain my precious mental
> energies.
>
> Now, I look at my Tasklist and my workbook and I start
> thinking about my tasks - Authentication is first and
> foremost, as are any tweaks like stub areas, etc.
> (each task is verified as soon as completed). After
> these are completed - I reboot and verify again...
>
> Took a few minutes - but from here on out any problems
> noted are not link-layer, IGP, authentication, or even
> Spanning-Tree related. Stub areas should work now as
> well.
>
> Now other misc. tasks are completed - if I have
> SPAN/RPAN, DHCP tasks, etc. These tasks are done and
> done quickly with per-Task verification.
>
> I am and have been using my Tasklist effectively. It
> has anything I am not comfortable with or questionable
> (questions for the proctor noted).
>
> At this point - Is my proctor-time - Any questions I
> have regarding any task I have completed or not
> completed or even a inkling of a doubt about I go to
> the proctor - workbook in hand... and have carefully
> worded questions ready for a further clarification.
>
>
> Now I return to my pod and apply any changes based on
> output and I have learned to "interpret" proctor
> jargon as "look at the task again" or something of the
> sort to mean... there might be more... and so I am
> out to go back and check one more time for possible
> mis-interpretation.
>
> This is a careful and keen step in my overall
> strategy. At this point I have completed about 55-65%
> of my lab and I am thinking, it is the foundation
> portion and needs to be rock solid.
>
> I expect to have about 1 hour before lunch to check
> and re-check.
>
> Before lunch - BGP Connectivity and basic address
> advertisement are done - with veriication as are any
> PIM interfaces.
>
> Time permitting another quick look at my Tasklist and
> my workbook - IPv6 and IP Services are on my mind and
> nothing else for lunch.
>
> Reload using the send * (my sanity check)
>
> At lunch - a quick mental review of what I have done
> and what I have yet to do.
>
> After lunch I validate the reload and run a few tcl
> scripts to verify things like "sir", "sip", etc.
>
> Thanks again Bruce and Val! TCL is KEWL!!!
>
> BGP tasks that I am familiar with I nail quickly.
> Those I have any question of are noted and can be done
> later.
>
> IPv6 is done and verified if itwas not completed
> before lunch - usually a 15-20 minute task for me - or
> much less.
>
> MCAST - I appoach with extreme caution. Having always
> suffered here - even when I thought I had it, I am
> cautious and wary. Interpretation is questioned and
> addressed.
>
> QoS - No longer my bugbear is now a friend of mine and
> I take on things like Queueing, Class-map tasks, NBAR,
> FRTS, CAR, and a multitude of other tasks with relish,
> some improved speed, and enlightened interpretation
> skills - I am wary and the proctors are consulted for
> anything that even looks negotiable...
>
> Security - I like to think of as my old dear friend,
> but my eyes are opened wide here for any access-list
> issues and control-plane traffic, and a number of
> things that just might break something.
>
> I have spent a wealth of time in the Security section
> of the UniverCD and so I am prepared - I'll have to
> tell you of my "ULTRA-QUICK METHODOLOGY for QUICK
> MASTERY OF THE UNIVERCD" - as of now it IS a trade
> secret. But to say I can find any item new or old
> quickly and in one or two minutes or less is an
> understatement... I got this one...
>
> So... If by chance, everything looked easy, my
> suspicion is on high alert and I look at my workbook
> and my diagram and I question everything - each item
> and I mentally note my config options - if in doubt I
> use my enhanced CCO skills and put them to work. I'm
> looking and looking hard for matters of interpretation
> and double-checking my work.
>
> I may even reboot the pod one more time to ensure
> everything works.
>
> I now use TCL to more advantage and may run it to
> produce desired output for quick verification.
>
> Guys, I think I got this...
>
> Now, let's see if Herr Ulm can teach me some tricks
> and help me tune my weaker areas...
>
> Every little bit helps... And I hope I don't have to
> take a picture and submit to "The EVIL BASTARD".
> Besides a flogging with a cat-o-nine tails may not
> look as good on a resume...
>
>
>
>
>
>
>
>
>
>
>
>
> I always copy and paste any way.
> --- Dan C <cdan2154@gmail.com> wrote:
>
>> Hi Darby,
>>
>> Just to add to your list at point 3 I would do a sh
>> interface status on
>> switches and have a quick look at the output....
>>
>> Also I like to use the access server for things
>> like:
>>
>> send *
>> term len 0
>> sh run
>> sh ver
>>
>> term len 24
>>
>> ctrl z send
>>
>> I will be checking for config reg value just in case
>> is set wrong and don't
>> end up in rommon mode after reload.
>>
>> Also I use send * for things like no ip
>> domain-lookup , wr mem, logg
>> console, it helps me speed up the whole process....
>>
>> Cheers and all the very best with your studies,
>> Dan
>>
>> On 3/15/07, Darby Weaver <darbyweaver@yahoo.com>
>> wrote:
>> >
>> > Here's some of the techniques I've picked up so
>> far,
>> > mostly from Bruce Caslow, Bob Sinclair, Scott
>> Morris,
>> > and from Brian Dennis, however I might have a few
>> > other tricks sprinkled in that I just like a bit.
>> >
>> >
>> > 1. Read the Lab - Yes the Whole Lab. - Now just
>> > reading it is great, since we are excited and all
>> but
>> > what are we looking for?
>> >
>> > - Diagrams
>> > - IP Addressing
>> > - Physical Loops
>> > - Logical Loops
>> > - Issues with Split-Horizon
>> >
>> > 2. Read the Lab again - Yes I know the clock is
>> > ticking. But I can promise you'll find something
>> you
>> > didn't see before and besides the more familair
>> you
>> > are with the layout the better your performance
>> will
>> > be later when you have that headache, yours eyes
>> are
>> > sore, and you are wondering what you came for...
>> >
>> > - Again look closely
>> > - Draw your diagrams
>> > - Switch Layout VLANS/TRUNKS
>> > - Spanning-Tree Topology
>> > - Physical Diagram (Link-to-Link and IP's)
>> > - Watch those IP Addresses - Anything wrong?
>> > - Frame Relay Map - P2P, P2M, Phy.
>> > - IGP Diagram per-IGP (note where they meet i.e
>> > Redistribution (Y/N))
>> > - BGP Fiagram
>> > - Mcast Diagram
>> > - Make a Diagram for your points/section
>> >
>> > Task Points Y N ?
>> > ===========================
>> > 1.1
>> > 1.2
>> > 1.3
>> > 1.4
>> > 2.1
>> > 2.2
>> > 2.3
>> > 3.1
>> > 3.2
>> > 3.3
>> >
>> >
>> > OK, So you spent about 20 minutes on item number 1
>> and
>> > another 25-30 minutes on the items in number 2.
>> You
>> > still have not touched your pod.
>> >
>> > 3. Setup your icons. Now I'm kinda weird here, I
>> work
>> > off of Notepads and I label each one per Device,
>> ie.
>> > R1, R2, R3, S1, S2, S3, etc. I also prefer to
>> work on
>> > one session and only use other sessions when I
>> need
>> > them for testing. However you may like 1 session
>> or
>> > tab per device. You decide.
>> >
>> > As you are setting up your icons, you should log
>> into
>> > each device. For a few reasons:
>> >
>> > - To be sure you can.
>> > - To do a sh ver - Check the ver AND
>> config-registers
>> > or if on a switch - look for env_vars and in any
>> case
>> > look for other configs that may be there - you
>> don't
>> > need them and they could hurt you.
>> > - To do a sh cdp neigh
>> > - To do a sh ip int brief
>> > - To setup housekeeping commands and/or aliases
>> > - TO VERIFY WHAT IS ON YOUR WORKBOOK IS WHAT IS ON
>> > YOUR RACK - If I yelled it any louder the glass
>> would
>> > break.
>> > - Oh yes, and a quick sh run might be valuable to
>> > determine if any extra configuration is present or
>> > not.
>> > - Sometimes, I may also check anything that is
>> > pre-configured for me. If there are vlans, I
>> might do
>> > a sh vlan, or if there are trunks, I might do a sh
>> int
>> > trunk. If there were pre-configured
>> etherchannels,
>> > I'd perform a cursory sh channel-group command,
>> etc.
>> >
>> > What I am really doing is carefully inpsecting
>> > anything that they gave me... Not that I do not
>> trust
>> > the proctors, but hey...
>> >
>> > - config cdp on eveything - even frame, especially
>> > frame - I like visibility.
>> > - turn on multicast and IPv6 where required -
>> > afterthought but it helps and besides - you did
>> script
>> > it right?
>> >
>> > 4. Work on your layer 2 configuration and as you
>> do so
>> > - verify link layer connectivity on a per-Link
>> basis.
>> > Here I do things like config my VTP, Trunks,
>> > EtherChannel, assign ports to trunks, config my
>> frame
>> > relay, bridging, fallback bridging,
>> virtual-templates
>> > etc.
>> >
>> > Here are the tips for this section.
>> >
>> > - Shut down interfaces before configuring things
>> like:
>> > trunks, frame interfaces followed by no fram inv,
>> > interfaces used for etherchannels, etc.
>> >
>> > - Create vlans before assigning ports.
>> >
>> > - Verify L2 etherchannel, before moving to L3
>> > Etherchannel which we verify as well.
>> >
>> > - Verify connectivity to the Backbone. - We may
>> have
>> > to filter here one way or the other. But we need
>> > connectivity first. Hah!
>> >
>> >
>> > debug is our friend here for anything that even
>> think
>> > it looks out of place.
>> >
>> > 5. Start configuring my IGP AS's one at a time,
>> and
>> > verify connectivity per AS. router-id's (yes, I
>> use
>> > them for eigrp and ospf).
>> >
>> > 6. Now configure Redistribution if and where
>> required.
>> >
>> > 7. OK - Time for a TCL Script.
>> >
>> > sh ip alias, notepad, and copy/paste are the tools
>> of
>> > the trade.
>> >
>> > Verify connectivity - should not have problems.
>> And
>> > if you do you would fix them here and now.
>> >
>> > Run the Switch Macro too...
>> >
>> > 8. Repeat steps for IPv6 if required.
>> >
>> > - Intermission - Might as well reboot - Ensure
>> things
>> > are going great. Ping script.
>> >
>> > Note: Some people say before lunch - I say after
>> IGPs.
>> > Just me - I like to make sure things are the way I
>> > want them and I tend to watch the order of the
>> boot as
>> > well and watch for things that are not like I
>> might
>> > like and then I fix them.
>> >
>> > 9. Quickly complete BGP Connectivity (bgp
>> router-id,
>> > no auto, no sync or not)
>> >
>> > 10. Quickly enable PIM interfaces.
>> >
>> > 11. Quickly perform any authentication on a
>> per-link
>> > bassis, adhere to order of operations and then
>> verify
>> > on a per-link and per-AS basis.
>> >
>> > 13. Ping scripts are working? Right? Try again.
>> Fix
>> > any discrepancies.
>> >
>> > 14. Pick off easy tasks, SPAN/RSPAN, AUTOINSTALL,
>> NTP,
>> > SYSLOG, RMON, FTP, SSH, CRASHDUMP, NAT/PAT, DHCP,
>> > VRRP, IRDP, GLBP, HSRP, MENU, BANNERS, etc. The
>> fun
>> > and misc stuff.
>> >
>> > 15. Get Multicast working and testing.
>> >
>> > 16. Get BGP Advanced Tasks working
>> >
>> > 17. Get QoS Tasks working - would anything even
>> > remotely filter or break anything - Check anyway.
>> The
>> > Scripts were working before they work now. Only
>> takes
>> > a few minutes.
>> >
>> > 18. Security - Let's get these guys in place.
>> >
>> > 19. I know you may have questions. You have
>> > everything you know how to work working. So take
>> a
>> > step back and breathe. Look at your work. Run
>> the
>> > Scripts - BTW some labs may not require full
>> > reachability.
>> >
>> > Tunnels, DHCP, NAT, or FHRP may be done earlier if
>> you
>> > think you need them to work.
>> >
>> > Ask the proctor any mind-numbing questions.
>> > Go back and work any sections you found difficult
>> or
>> > you skipped or that were ambiguius.
>> >
>> >
>> > Anyway - I had a few random minutes so I thought I
>> > would jot this down for RouterGirl2003 and anyone
>> else
>> > who might find it handy...
>> >
>> >
>> > I may have missed something, but not too much I
>> hope.
>> >
>> >
>>
> _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART