Re: mls Qos

The rules should be:

1) Do what you have to do
2) Avoid doing extra
3) Understand the impact.

In some instances, we might set up an IPX connection to test an ACL on
a switch or whatever. You might forget about it. You did extra, but
the impact is minimal. Its not going to hurt.

However, blindly enabling something like mls qos and not fully
realizing (whether through insufficient knowledge or lack in
foresight) the impact that it has, its not a good idea.

Part of the reason I get weary about applying ACLs is that I might
break something more important than the 3 points if I don't fully
realize the impact. Same basic concept. If its just 3 points and i'm
ahead for most of it, it might be worthwhile to skip.

This exam is hard but not ridiculously hard. Just follow through to
get your points. Its a game of following the instructions and
understanding impact.

Also, I recommend Cheerios for breakfast.

--William McCall

On Mon, Jul 27, 2009 at 1:10 AM, Narbik Kocharians<narbikk_at_gmail.com> wrote:
> But i have asked the proctors, at least 2 of them, this was my question:
> **
> *Would you guys subtract points for extra configuration?*
>
> Their reply:
>
> *NO Not unless it changes the behavior of the routers or switches.*
>
> So based on that i would say NOT to configure things because "*just in case*",
> besides people get in this bad habit and they configure extra commands for
> absolutely no reason, now consultants LOVE people like that because it keeps
> them in business, but i would recommend doing what you need to do and always
> remember that "MORE IS LESS".
>
> BTW, i am NOT saying this to go against Scott or others, i truly believe in
> what i am saying.
>
> On Sun, Jul 26, 2009 at 8:36 PM, Scott Morris <smorris_at_ine.com> wrote:
>
>> I don't think the proctors pay attention to any such thing where they'd
>> look at it and say "Dude, what a dork this guy is, he/she shouldn't be a
>> CCIE". The test is NOT about real life.
>>
>> Now, what I WOULD expect is that the test is designed in such a way that
>> if you simply randomly enabled mls qos and were not aware of the default
>> rewrite that will occur (either to 0, or to dscp 40 if you trust
>> incorrectly) that it would mess up QoS at downstream routers. That
>> would be a bitch to show since you don't really have hosts in the lab,
>> but it would be a REAL reason to say "ooo, you don't get these points
>> because it will not work the way you have it configured."
>>
>> Example, if you had NO QoS on your lab (as if!), you would not get
>> counted off for putting mls qos on there.
>>
>> Just my two cents. Beyond that (the extra penny), I think 'negligent'
>> may be a little harsh without putting a "situation" behind it, but
>> concept is correct!
>>
>>
>>
>>
>> *Scott Morris*, CCIE/x4/ (R&S/ISP-Dial/Security/Service Provider) #4713,
>>
>> JNCIE-M #153, JNCIS-ER, CISSP, et al.
>>
>> JNCI-M, JNCI-ER
>>
>> evil_at_ine.com
>>
>>
>> Internetwork Expert, Inc.
>>
>> http://www.InternetworkExpert.com <http://www.internetworkexpert.com/>
>>
>> Toll Free: 877-224-8987
>>
>> Outside US: 775-826-4344
>>
>>
>> Knowledge is power.
>>
>> Power corrupts.
>>
>> Study hard and be Eeeeviiiil......
>>
>>
>>
>>
>>
>> Evan Weston wrote:
>> > So you get in the exam and they ask you some OEQ about this stuff what
>> are
>> > you going to say?
>> >
>> > "I know I should have a trust boundary here but nah it might upset the
>> users
>> > because there's stuff on the network I don't know about"
>> >
>> > No, you're going to say "Im going to set my trust boundary here on the
>> > access ports" that's the textbook way of doing it and it's the way a CCIE
>> > should do it.
>> >
>> > On Darbys point I suppose I agree - if you enter in commands and you
>> don't
>> > know what they do at this level then you deserve to fail.
>> >
>> > One thing Narbik said incidentally was that in close cases with
>> borderline
>> > pass or fail where the proctors mark by hand it can come down to this
>> stuff.
>> > i.e: does it look like the candidate has a lot of unneeded commands and
>> look
>> > like they don't have a clue i.e: broadcast on every frame-relay map
>> > statement, confederation peers on every confederation member needed or
>> not.
>> > So in the exam from that perspective alone I'd only put it on where
>> needed.
>> >
>> > -----Original Message-----
>> > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>> Dale
>> > Shaw
>> > Sent: Monday, 27 July 2009 11:40 AM
>> > To: Evan Weston
>> > Cc: Darby Weaver; CCIE Groupstudy
>> > Subject: Re: mls Qos
>> >
>> > Hi,
>> >
>> > On Mon, Jul 27, 2009 at 11:25 AM, Evan Weston<evan_weston_at_hotmail.com>
>> > wrote:
>> >
>> >> Yeah sure it will wreak havoc if you haven't set up the trust boundaries
>> >>
>> > on
>> >
>> >> your production network but whose fault it that? You just gave a better
>> >> example of negligent that the OP.
>> >>
>> >
>> > Darby's point was that turning on "mls qos", without understanding the
>> > consequences, is negligent. I wholeheartedly agree.
>> >
>> > If you break it down and isolate the argument to that simple scenario,
>> > it's a no-brainer.
>> >
>> > Networks aren't always (or can't be) managed perfectly, and sometimes
>> > there are long transitional states that require us to run a
>> > sub-optimal configuration. If you've never had to compromise on the
>> > technical integrity of a configuration because of some other
>> > hair-brained technical constraint or business decision, well, I'm
>> > jealous.
>> >
>> > An "optimal" configuration is not always the same for everyone,
>> > either: the viewpoint of a managed network service provider is
>> > different from an in-house managed network team. Anyway, we could go
>> > on and on about how flicking the 'mls qos' switch shouldn't break
>> > things in a perfectly designed/operated network, but that's not the
>> > point.
>> >
>> > cheers,
>> > Dale
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Narbik Kocharians
> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com
> Sr. Technical Instructor
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon Jul 27 2009 - 01:56:39 ART