Re: OT - Second Puzzle for CCIE R&S Students

Narbik,

Your second puzzle was great, let me guess, you took it from Mcast vol 2 lab
# 10

:-)

Great one indeed!

2010/10/23 Narbik Kocharians <narbikk_at_gmail.com>

> OK the answer to the second puzzle:
>
>
>
> *Solution #1:*
>
> We can configure SPAN or RSPAN with the source port being the port
> connected
> to R1 and the destination port connected to an unused port on R6. This is a
> solution from layer 2 s perspective.
>
>
>
> *Solution #2:*
>
> From Layer 3 s perspective, we can configure RIPv2 to send its updates to a
> broadcast destination, and the next hop router can take the broadcast and
> convert it to Multicast, and Multicast it through the routers all the way
> to
> the last router, the router facing R6, where the multicast is converted
> back
> to broadcast. The source of RIP updates should be negated.
>
>
>
> You see, the first puzzle was a basic one, which involved a very basic
> topology using a very basic problem, a problem that we are all familiar
> with. Some of you did not remember the solution, which tells me that you
> are
> NOT labbing enough.
>
>
>
> The second puzzle utilized a feature in a different manner and some times
> this is what is expected of you as a CCIE. We all know that SPAN/RSPAN is
> NOT used in that manner, but as long as we understand the features and
> their
> use, we can get very creative.
>
>
>
> *My tip for preparing for R&S v4:*
>
> You have probably heard people say The test was NOT hard at all; I will
> nail it next time . The question is, why do they all say that and yet they
> fail? Why do some say the test was at level 5 whereas, this particular
> vendor s workbook was at level 9, but then again they fail?
>
>
>
> They fail not because they had to figure out NINJA tasks (for example:
> Level
> 9) but because of the lack of basic knowledge. If you check some of the
> post
> by students who took the exam, you realize that none of them had a bunch of
> real tricky tasks. *That version of exam does not exist.*
>
>
>
> The level 9 Workbook is missing the boat. It s cool to learn level 9 stuff
> if Workbook is covering everything UPTO and including level 9. When you
> constantly hit level 9, you are missing the real world and the test
> altogether.
>
>
>
> *What do we do and how do we prepare for this exam?*
>
>
>
> Know your protocols NOT from RFC s perspective, but how Cisco implemented
> that RFC. RFCs are GR8 (Especially on Sundays when you cannot sleep), but
> we
> need to know the RFCs from Cisco s perspective. From my angle, RFC stands
> for *R*equest *F*rom *C*isco (Just a joke), because most of the technology
> came from Cisco anyway.
>
>
>
> I see some of the blogs, posts and/or Workbooks, and I sometimes wonder, do
> they want us to redesign the freaking protocols? WOW, very impressive. OK
> ..
> now what I do with it? Can I change any of this stuff?
>
>
>
> I saw a Mock lab and this particular redistribution task had 6000 lines of
> route-maps (Exaggerating a bit), now.... when have we heard or even seen a
> thing like that in any Cisco test? Anyways
>
>
> *How do we know it from Cisco s perspective? *
> **
>
> Lab up the scenarios and see the behavior. Don t assume. Try to utilize
> that
> behavior in a different way.
>
> Configure, verify and *TEST.* Some people ONLY configure and verify, the
> question is what did they verify? Well, what they configured, so if they
> configured the task incorrectly, their verification will NOT tell them
> that,
> correct? This is why the testing portion comes in very handy. When you are
> learning a particular feature, you do not want 65 routers with this screwed
> up IP addressing scheme to learn a particular feature/protocol. Keep the
> addressing and the topology simple so your focus goes on the feature and
> not
> the addressing or the topology. TEST it and summarize what you learned.
>
>
>
> Reread your summary NOT the next day, but few days after. Why few days
> after? Because if you understood the stuff it will still be there few days
> after it was explained.
>
>
>
> How many times some one explained something to you and you feel that you
> totally got it, but the next morning you say to yourself What the heck was
> that all about? , How did it go again? , Yes a very common problem that
> most of us face, the reason you could not remember how this thing worked,
> is
> because you did not understand it. When you go back few days later, where
> ever you are stuck, that s where your problem is.
>
>
>
> In these two scenarios, we picked on RIPv2. You can just imagine what can
> happen in OSPF or Eigrp or other protocols. I AM NOT PICKING ON OTHER
> VENDORS, IF YOU FEEL THAT WAY I AM SORRY, IT'S YOU WHO HAS THE PROBLEM AND
> NOT ME.
>
>
>
> *I will give you all a puzzle every Friday*, that s if you guys are OK with
> that. I know some people get annoyed, if you all feel that way, I will
> stop,
> but if you guys like this kind of things, I am all for it, let s do it.
>
>
>
> I am also coming up with *Explain it* series, where I ask you all to
> explain a given protocol, and we start comparing our explanations and
> labbing some of the explanations. More later ..
>
>
> I hope you enjoyed the puzzles
>
>
> On Sat, Oct 23, 2010 at 7:53 AM, Gary Duncanson <
> gary.duncanson_at_googlemail.com> wrote:
>
> > I agree.
> >
> > Essentially you want to know how to build a basic construct for every
> > technology. It all starts from there.
> >
> > After that you are looking at ways to influence the behaviors. That could
> > be best path, filtering options, and essential mechanics like timers and
> > what have you.
> >
> > Surround all that with a solid understanding of the mechanics of things
> and
> > how one influences another or is dependant on another i.e frame relay
> > effects on routing protocols and chuck in many hours of regular practice
> and
> > you should be there or there abouts.
> >
> > If only I had more time. About to be a dad again :)
> >
> > Gary
> > ----- Original Message ----- From: "Narbik Kocharians" <
> narbikk_at_gmail.com>
> > To: "Tom Solski" <tom.solski_at_gmail.com>
> > Cc: "CCIE Groupstudy" <ccielab_at_groupstudy.com>
> > Sent: Friday, October 22, 2010 8:13 PM
> >
> > Subject: Re: OT - Second Puzzle for CCIE R&S Students
> >
> >
> > I am trying to prove that studying labs that have 50 NINJA or 007 tasks
> >> is
> >> NOT what gets you in the lab or prepares you for the lab, the lab
> focuses
> >> on
> >> easy stuff, you won't see tasks like:
> >>
> >> Redistribute on the appropriate router(s) such that my bathroom flushes
> 3
> >> times every 985 ms, and with each flush it should use 2.3 liters of
> water.
> >>
> >> These tasks are NOT teaching you anything, these tasks tell you how
> >> creative
> >> the author can be.
> >>
> >> On Fri, Oct 22, 2010 at 12:09 PM, Tom Solski <tom.solski_at_gmail.com>
> >> wrote:
> >>
> >> OK, I did lab it up. R2 and R3 exchange default routes and because of
> >>> split horizon one of the routers will not send 0/0 to R1. Disabling
> >>> split horizon on R2 and R3 will not help either. The solution is to
> >>> prevent R2 and R3 to exchange default routes, but it took me *more
> >>> than 5 minutes* to realize that the solutions is within R2-R3 and R1
> >>> has nothing to do with it.
> >>>
> >>> So how do you find out ? Do you just KNOW that by looking at the
> >>> diagram, start with debug ...
> >>>
> >>>
> >>> On Fri, Oct 22, 2010 at 2:25 PM, Narbik Kocharians <narbikk_at_gmail.com>
> >>> wrote:
> >>> > *One of the students told me that he did not see the second puzzle,
> so
> >>> > i
> >>> am
> >>> > posting my original post for the second one.*
> >>> >
> >>> > The reason I asked to Unicast was so one student will not see the >
> >>> answer
> >>> > from another student, this forces some people to lab the scenario and
> >>> think.
> >>> >
> >>> >
> >>> > *Now that I have your attention*, here are some solutions to the >
> >>> problem,
> >>> I
> >>> > am sure there are more ways, and please feel free to add to the list.
> >>> >
> >>> > 1. Filter all RIPs updates coming from R2 on R3 fa0/0 interface with
> >>> > access-list/prefix-list/route-map and vice versa.
> >>> > 2. Filter the default route from R2 on R3 and vice versa.
> >>> > 3. Instead of filtering, you could also use the distance command and
> >
> >>> set
> >>> it
> >>> > to 255.
> >>> > 4. Filter default from R2 on R3, and R3 to R2 using an "Offset-list >
> >>> in".
> >>> > 5. Configure passive-interface on the F0/0 interfaces of R2 and R3,
> and
> >>> then
> >>> > on Both routers configure a "Neighbor R1".
> >>> > 6. Configure the ports that R2 and R3 are connected as "swi Protect".
> >>> > 7. Configure Private Vlan; configuring the F0/0 interface of R2 and
> R3
> >>> > in
> >>> > Isolated, and the F0/0 interface of R1 in primary.
> >>> > 8. Mac ACLs or an IP access-list and a Vlan Access-map that denies
> the
> >>> two
> >>> > routers from communicating.
> >>> > 9. Configuring an MQC that matches on the destination-address MAC and
> >>> drops
> >>> > that traffic in the policy-map that's assigned to the F0/0 interface
> of
> >>> R2
> >>> > and Vice versa.
> >>> > 10. Dropping the traffic by filtering the MAC on the switchports.
> >>> > 11. Put R2 and R3 in different subnets and do a "no validate-update
> >>> source"
> >>> > on R1.
> >>> >
> >>> >
> >>> > *Now could you imagine the following scenario*: you are in a CCIE
> lab,
> >>> and
> >>> > you just finished the troubleshooting section, so you feel like Mike
> >>> Tyson
> >>> > because you did well, but the first question in the configuration >
> >>> section
> >>> is
> >>> > the following:
> >>> >
> >>> > R1 is running RIPv2.
> >>> > R6 is also running RIPv2.
> >>> > There are bunch of routers between R1 and R6 running OSPF or whatever
> >>> > routing protocol that turns you on.
> >>> >
> >>> > I want R6 to get all R1 s RIP routes.
> >>> >
> >>> > Do not use redistribution, AToM, IPnIP or GRE tunnels to accomplish >
> >>> this.
> >>> > Come up with 2 solutions. Common unicast me the solution..
> >>> >
> >>> >
> >>> > There is a reason I am doing this, trust me .
> >>> >
> >>> > --
> >>> > Narbik Kocharians
> >>> > CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> >>> > www.MicronicsTraining.com <http://www.micronicstraining.com/> <
> >>> http://www.micronicstraining.com/>
> >>>
> >>> > Sr. Technical Instructor
> >>> > YES! We take Cisco Learning Credits!
> >>> > Training And Remote Racks available
> >>> >
> >>> >
> >>> > Blogs and organic groups at http://www.ccie.net
> >>> >
> >>> >
> _______________________________________________________________________
> >>> > Subscription information may be found at:
> >>> > http://www.groupstudy.com/list/CCIELab.html
> >>> >
> >>> >
> >>> >
> >>> >
> >>> >
> >>> >
> >>> >
> >>> >
> >>>
> >>>
> >>
> >>
> >> --
> >> Narbik Kocharians
> >> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> >> www.MicronicsTraining.com <http://www.micronicstraining.com/>
> >> Sr. Technical Instructor
> >> YES! We take Cisco Learning Credits!
> >> Training And Remote Racks available
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
>
>
> --
> Narbik Kocharians
> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com
> Sr. Technical Instructor
> YES! We take Cisco Learning Credits!
> Training And Remote Racks available
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sat Oct 23 2010 - 17:51:36 ART