Re: OT - Second Puzzle for CCIE R&S Students

I wonder then why I'd need to install far away routes on a router without having
access to them ? What real problem could be solved that way? Unless this is a
pure intellectual and abstract exercise not meant to solve any real life routing
issue.

________________________________
From: Narbik Kocharians <narbikk_at_gmail.com>
To: Oskar <xyz7412369_at_yahoo.ca>
Cc: Gary Duncanson <gary.duncanson_at_googlemail.com>; ccielab_at_groupstudy.com
Sent: Sun, October 24, 2010 12:45:10 PM
Subject: Re: OT - Second Puzzle for CCIE R&S Students

Oh NO.

On Sun, Oct 24, 2010 at 3:50 AM, Oskar <xyz7412369_at_yahoo.ca> wrote:

Does this privide me end to end connectivity (R2 to R6) ?
>
>
>
>
>
>----- Original Message ----
>From: Narbik Kocharians <narbikk_at_gmail.com>
>
>To: Gary Duncanson <gary.duncanson_at_googlemail.com>
>Cc: ccielab_at_groupstudy.com
>Sent: Sat, October 23, 2010 3:38:58 PM
>Subject: Re: OT - Second Puzzle for CCIE R&S Students
>
>
>OK the answer to the second puzzle:
>
>
>
>*Solution #1:*
>
>We can configure SPAN or RSPAN with the source port being the port connected
>to R1 and the destination port connected to an unused port on R6. This is a
>solution from layer 2s perspective.
>
>
>
>*Solution #2:*
>
>From Layer 3s perspective, we can configure RIPv2 to send its updates to a
>
>broadcast destination, and the next hop router can take the broadcast and
>convert it to Multicast, and Multicast it through the routers all the way to
>the last router, the router facing R6, where the multicast is converted back
>to broadcast. The source of RIP updates should be negated.
>
>
>
>You see, the first puzzle was a basic one, which involved a very basic
>topology using a very basic problem, a problem that we are all familiar
>with. Some of you did not remember the solution, which tells me that you are
>NOT labbing enough.
>
>
>
>The second puzzle utilized a feature in a different manner and some times
>this is what is expected of you as a CCIE. We all know that SPAN/RSPAN is
>NOT used in that manner, but as long as we understand the features and their
>use, we can get very creative.
>
>
>
>*My tip for preparing for R&S v4:*
>
>You have probably heard people say The test was NOT hard at all; I will
>nail it next time. The question is, why do they all say that and yet they
>fail? Why do some say the test was at level 5 whereas, this particular
>vendors workbook was at level 9, but then again they fail?
>
>
>
>
>They fail not because they had to figure out NINJA tasks (for example: Level
>9) but because of the lack of basic knowledge. If you check some of the post
>by students who took the exam, you realize that none of them had a bunch of
>real tricky tasks. *That version of exam does not exist.*
>
>
>
>The level 9 Workbook is missing the boat. Its cool to learn level 9 stuff
>
>if Workbook is covering everything UPTO and including level 9. When you
>constantly hit level 9, you are missing the real world and the test
>altogether.
>
>
>
>*What do we do and how do we prepare for this exam?*
>
>
>
>Know your protocols NOT from RFCs perspective, but how Cisco implemented
>
>that RFC. RFCs are GR8 (Especially on Sundays when you cannot sleep), but we
>need to know the RFCs from Ciscos perspective. From my angle, RFC stands
>for *R*equest *F*rom *C*isco (Just a joke), because most of the technology
>
>came from Cisco anyway.
>
>
>
>I see some of the blogs, posts and/or Workbooks, and I sometimes wonder, do
>they want us to redesign the freaking protocols? WOW, very impressive. OK..
>now what I do with it? Can I change any of this stuff?
>
>
>
>I saw a Mock lab and this particular redistribution task had 6000 lines of
>route-maps (Exaggerating a bit), now.... when have we heard or even seen a
>thing like that in any Cisco test? Anyways
>
>
>*How do we know it from Ciscos perspective? *
>**
>
>Lab up the scenarios and see the behavior. Dont assume. Try to utilize that
>
>behavior in a different way.
>
>Configure, verify and *TEST.* Some people ONLY configure and verify, the
>question is what did they verify? Well, what they configured, so if they
>configured the task incorrectly, their verification will NOT tell them that,
>correct? This is why the testing portion comes in very handy. When you are
>learning a particular feature, you do not want 65 routers with this screwed
>up IP addressing scheme to learn a particular feature/protocol. Keep the
>addressing and the topology simple so your focus goes on the feature and not
>the addressing or the topology. TEST it and summarize what you learned.
>
>
>
>Reread your summary NOT the next day, but few days after. Why few days
>after? Because if you understood the stuff it will still be there few days
>after it was explained.
>
>
>
>How many times some one explained something to you and you feel that you
>totally got it, but the next morning you say to yourself What the heck was
>that all about?, How did it go again?, Yes a very common problem that
>most of us face, the reason you could not remember how this thing worked, is
>because you did not understand it. When you go back few days later, where
>ever you are stuck, thats where your problem is.
>
>
>
>
>In these two scenarios, we picked on RIPv2. You can just imagine what can
>happen in OSPF or Eigrp or other protocols. I AM NOT PICKING ON OTHER
>VENDORS, IF YOU FEEL THAT WAY I AM SORRY, IT'S YOU WHO HAS THE PROBLEM AND
>NOT ME.
>
>
>
>*I will give you all a puzzle every Friday*, thats if you guys are OK with
>
>that. I know some people get annoyed, if you all feel that way, I will stop,
>but if you guys like this kind of things, I am all for it, lets do it.
>
>
>
>
>I am also coming up with *Explain it* series, where I ask you all to
>explain a given protocol, and we start comparing our explanations and
>labbing some of the explanations. More later..
>
>
>I hope you enjoyed the puzzles
>
>
>On Sat, Oct 23, 2010 at 7:53 AM, Gary Duncanson <
>gary.duncanson_at_googlemail.com> wrote:
>
>> I agree.
>>
>> Essentially you want to know how to build a basic construct for every
>> technology. It all starts from there.
>>
>> After that you are looking at ways to influence the behaviors. That could
>> be best path, filtering options, and essential mechanics like timers and
>> what have you.
>>
>> Surround all that with a solid understanding of the mechanics of things and
>> how one influences another or is dependant on another i.e frame relay
>> effects on routing protocols and chuck in many hours of regular practice
>and
>> you should be there or there abouts.
>>
>> If only I had more time. About to be a dad again :)
>>
>> Gary
>> ----- Original Message ----- From: "Narbik Kocharians" <narbikk_at_gmail.com>
>> To: "Tom Solski" <tom.solski_at_gmail.com>
>> Cc: "CCIE Groupstudy" <ccielab_at_groupstudy.com>
>> Sent: Friday, October 22, 2010 8:13 PM
>>
>> Subject: Re: OT - Second Puzzle for CCIE R&S Students
>>
>>
>> I am trying to prove that studying labs that have 50 NINJA or 007 tasks
>>> is
>>> NOT what gets you in the lab or prepares you for the lab, the lab focuses
>>> on
>>> easy stuff, you won't see tasks like:
>>>
>>> Redistribute on the appropriate router(s) such that my bathroom flushes 3
>>> times every 985 ms, and with each flush it should use 2.3 liters of water.
>>>
>>> These tasks are NOT teaching you anything, these tasks tell you how
>>> creative
>>> the author can be.
>>>
>>> On Fri, Oct 22, 2010 at 12:09 PM, Tom Solski <tom.solski_at_gmail.com>
>>> wrote:
>>>
>>> OK, I did lab it up. R2 and R3 exchange default routes and because of
>>>> split horizon one of the routers will not send 0/0 to R1. Disabling
>>>> split horizon on R2 and R3 will not help either. The solution is to
>>>> prevent R2 and R3 to exchange default routes, but it took me *more
>>>> than 5 minutes* to realize that the solutions is within R2-R3 and R1
>>>> has nothing to do with it.
>>>>
>>>> So how do you find out ? Do you just KNOW that by looking at the
>>>> diagram, start with debug ...
>>>>
>>>>
>>>> On Fri, Oct 22, 2010 at 2:25 PM, Narbik Kocharians <narbikk_at_gmail.com>
>>>> wrote:
>>>> > *One of the students told me that he did not see the second puzzle, so
>>>> > i
>>>> am
>>>> > posting my original post for the second one.*
>>>> >
>>>> > The reason I asked to Unicast was so one student will not see the >
>>>> answer
>>>> > from another student, this forces some people to lab the scenario and
>>>> think.
>>>> >
>>>> >
>>>> > *Now that I have your attention*, here are some solutions to the >
>>>> problem,
>>>> I
>>>> > am sure there are more ways, and please feel free to add to the list.
>>>> >
>>>> > 1. Filter all RIPs updates coming from R2 on R3 fa0/0 interface with
>>>> > access-list/prefix-list/route-map and vice versa.
>>>> > 2. Filter the default route from R2 on R3 and vice versa.
>>>> > 3. Instead of filtering, you could also use the distance command and >
>>>> set
>>>> it
>>>> > to 255.
>>>> > 4. Filter default from R2 on R3, and R3 to R2 using an "Offset-list >
>>>> in".
>>>> > 5. Configure passive-interface on the F0/0 interfaces of R2 and R3, and
>>>> then
>>>> > on Both routers configure a "Neighbor R1".
>>>> > 6. Configure the ports that R2 and R3 are connected as "swi Protect".
>>>> > 7. Configure Private Vlan; configuring the F0/0 interface of R2 and R3
>>>> > in
>>>> > Isolated, and the F0/0 interface of R1 in primary.
>>>> > 8. Mac ACLs or an IP access-list and a Vlan Access-map that denies the
>>>> two
>>>> > routers from communicating.
>>>> > 9. Configuring an MQC that matches on the destination-address MAC and
>>>> drops
>>>> > that traffic in the policy-map that's assigned to the F0/0 interface of
>>>> R2
>>>> > and Vice versa.
>>>> > 10. Dropping the traffic by filtering the MAC on the switchports.
>>>> > 11. Put R2 and R3 in different subnets and do a "no validate-update
>>>> source"
>>>> > on R1.
>>>> >
>>>> >
>>>> > *Now could you imagine the following scenario*: you are in a CCIE lab,
>>>> and
>>>> > you just finished the troubleshooting section, so you feel like Mike
>>>> Tyson
>>>> > because you did well, but the first question in the configuration >
>>>> section
>>>> is
>>>> > the following:
>>>> >
>>>> > R1 is running RIPv2.
>>>> > R6 is also running RIPv2.
>>>> > There are bunch of routers between R1 and R6 running OSPF or whatever
>>>> > routing protocol that turns you on.
>>>> >
>>>> > I want R6 to get all R1 s RIP routes.
>>>> >
>>>> > Do not use redistribution, AToM, IPnIP or GRE tunnels to accomplish >
>>>> this.
>>>> > Come up with 2 solutions. Common unicast me the solution..
>>>> >
>>>> >
>>>> > There is a reason I am doing this, trust me .
>>>> >
>>>> > --
>>>> > Narbik Kocharians
>>>> > CCSI#30832, CCIE# 12410 (R&S, SP, Security)
>>>> > www.MicronicsTraining.com <http://www.micronicstraining.com/> <
>>>> http://www.micronicstraining.com/>
>>>>
>>>> > Sr. Technical Instructor
>>>> > YES! We take Cisco Learning Credits!
>>>> > Training And Remote Racks available
>>>> >
>>>> >
>>>> > Blogs and organic groups at http://www.ccie.net
>>>> >
>>>> > _______________________________________________________________________
>>>> > Subscription information may be found at:
>>>> > http://www.groupstudy.com/list/CCIELab.html
>>>> >
>>>> >
>>>> >
>>>> >
>>>> >
>>>> >
>>>> >
>>>> >
>>>>
>>>>
>>>
>>>
>>> --
>>> Narbik Kocharians
>>> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
>>> www.MicronicsTraining.com <http://www.micronicstraining.com/>
>>> Sr. Technical Instructor
>>> YES! We take Cisco Learning Credits!
>>> Training And Remote Racks available
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>
>
>--
>Narbik Kocharians
>CCSI#30832, CCIE# 12410 (R&S, SP, Security)
>www.MicronicsTraining.com
>Sr. Technical Instructor
>YES! We take Cisco Learning Credits!
>Training And Remote Racks available
>
>
>Blogs and organic groups at http://www.ccie.net
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
>
>
>

-- 
Narbik Kocharians
CCSI#30832, CCIE# 12410 (R&S, SP, Security)
www.MicronicsTraining.com
Sr. Technical Instructor
YES! We take Cisco Learning Credits!
Training And Remote Racks available 
Blogs and organic groups at http://www.ccie.net