RE: mls Qos from Evan Weston on 2009-07-26 (Ccielab archives 07/2009)

From: Evan Weston <evan_weston_at_hotmail.com>
Date: Mon, 27 Jul 2009 12:06:43 +1000

So you get in the exam and they ask you some OEQ about this stuff what are
you going to say?

"I know I should have a trust boundary here but nah it might upset the users
because there's stuff on the network I don't know about"

No, you're going to say "Im going to set my trust boundary here on the
access ports" that's the textbook way of doing it and it's the way a CCIE
should do it.

On Darbys point I suppose I agree - if you enter in commands and you don't
know what they do at this level then you deserve to fail.

One thing Narbik said incidentally was that in close cases with borderline
pass or fail where the proctors mark by hand it can come down to this stuff.
i.e: does it look like the candidate has a lot of unneeded commands and look
like they don't have a clue i.e: broadcast on every frame-relay map
statement, confederation peers on every confederation member needed or not.
So in the exam from that perspective alone I'd only put it on where needed.

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Dale
Shaw
Sent: Monday, 27 July 2009 11:40 AM
To: Evan Weston
Cc: Darby Weaver; CCIE Groupstudy
Subject: Re: mls Qos

Hi,

On Mon, Jul 27, 2009 at 11:25 AM, Evan Weston<evan_weston_at_hotmail.com>
wrote:
> Yeah sure it will wreak havoc if you haven't set up the trust boundaries
on
> your production network but whose fault it that? You just gave a better
> example of negligent that the OP.

Darby's point was that turning on "mls qos", without understanding the
consequences, is negligent. I wholeheartedly agree.

If you break it down and isolate the argument to that simple scenario,
it's a no-brainer.

Networks aren't always (or can't be) managed perfectly, and sometimes
there are long transitional states that require us to run a
sub-optimal configuration. If you've never had to compromise on the
technical integrity of a configuration because of some other
hair-brained technical constraint or business decision, well, I'm
jealous.

An "optimal" configuration is not always the same for everyone,
either: the viewpoint of a managed network service provider is
different from an in-house managed network team. Anyway, we could go
on and on about how flicking the 'mls qos' switch shouldn't break
things in a perfectly designed/operated network, but that's not the
point.

cheers,
Dale

Blogs and organic groups at http://www.ccie.net
Received on Mon Jul 27 2009 - 12:06:43 ART

This archive was generated by hypermail 2.2.0 : Sat Aug 01 2009 - 13:10:23 ART