Re: OT - Second Puzzle for CCIE R&S Students

Oskar,

100 percent agreed, the same goes for the data plane when broadcast is
converted to Multicast and then back to Broadcast, the control plane is
there with no reachability.

As far as real world implementation, you and i both know that there are
better solutions than SPAN/RSPAN. The idea here is to use/utilize a feature
to do/achieve something totally different. Now....in order for anyone to do
that, they have to be very comfortable with the features and their
behaviors.

When you look at most of the NINJA/007 configurations, you ask yourself
"WHY?" The design must be pretty bad, why can't i use this command versus
the other. But this is not a design or BEST practice session or class. All
it teaches you is to think and utilise some of the features in a
different way or using a feature to solve something very different. Putting
on the wide lense camera (If you will), being creative.

There are many lawyers out there, BUT SOME ARE more creative and therefore,
they are more successful.

It's just a puzzle, to help you think of a solution from all layers. Have it
as a tool in your toll box.

On Sun, Oct 24, 2010 at 10:30 AM, Oskar <xyz7412369_at_yahoo.ca> wrote:

> I wonder then why I'd need to install far away routes on a router without
> having
> access to them ? What real problem could be solved that way? Unless this
> is a
> pure intellectual and abstract exercise not meant to solve any real life
> routing
> issue.
>
>
>
> ________________________________
> From: Narbik Kocharians <narbikk_at_gmail.com>
> To: Oskar <xyz7412369_at_yahoo.ca>
> Cc: Gary Duncanson <gary.duncanson_at_googlemail.com>; ccielab_at_groupstudy.com
> Sent: Sun, October 24, 2010 12:45:10 PM
> Subject: Re: OT - Second Puzzle for CCIE R&S Students
>
> Oh NO.
>
>
> On Sun, Oct 24, 2010 at 3:50 AM, Oskar <xyz7412369_at_yahoo.ca> wrote:
>
> Does this privide me end to end connectivity (R2 to R6) ?
> >
> >
> >
> >
> >
> >----- Original Message ----
> >From: Narbik Kocharians <narbikk_at_gmail.com>
> >
> >To: Gary Duncanson <gary.duncanson_at_googlemail.com>
> >Cc: ccielab_at_groupstudy.com
> >Sent: Sat, October 23, 2010 3:38:58 PM
> >Subject: Re: OT - Second Puzzle for CCIE R&S Students
> >
> >
> >OK the answer to the second puzzle:
> >
> >
> >
> >*Solution #1:*
> >
> >We can configure SPAN or RSPAN with the source port being the port
> connected
> >to R1 and the destination port connected to an unused port on R6. This is
> a
> >solution from layer 2s perspective.
> >
> >
> >
> >*Solution #2:*
> >
> >From Layer 3s perspective, we can configure RIPv2 to send its updates to a
> >
> >broadcast destination, and the next hop router can take the broadcast and
> >convert it to Multicast, and Multicast it through the routers all the way
> to
> >the last router, the router facing R6, where the multicast is converted
> back
> >to broadcast. The source of RIP updates should be negated.
> >
> >
> >
> >You see, the first puzzle was a basic one, which involved a very basic
> >topology using a very basic problem, a problem that we are all familiar
> >with. Some of you did not remember the solution, which tells me that you
> are
> >NOT labbing enough.
> >
> >
> >
> >The second puzzle utilized a feature in a different manner and some times
> >this is what is expected of you as a CCIE. We all know that SPAN/RSPAN is
> >NOT used in that manner, but as long as we understand the features and
> their
> >use, we can get very creative.
> >
> >
> >
> >*My tip for preparing for R&S v4:*
> >
> >You have probably heard people say The test was NOT hard at all; I will
> >nail it next time. The question is, why do they all say that and yet they
> >fail? Why do some say the test was at level 5 whereas, this particular
> >vendors workbook was at level 9, but then again they fail?
> >
> >
> >
> >
> >They fail not because they had to figure out NINJA tasks (for example:
> Level
> >9) but because of the lack of basic knowledge. If you check some of the
> post
> >by students who took the exam, you realize that none of them had a bunch
> of
> >real tricky tasks. *That version of exam does not exist.*
> >
> >
> >
> >The level 9 Workbook is missing the boat. Its cool to learn level 9 stuff
> >
> >if Workbook is covering everything UPTO and including level 9. When you
> >constantly hit level 9, you are missing the real world and the test
> >altogether.
> >
> >
> >
> >*What do we do and how do we prepare for this exam?*
> >
> >
> >
> >Know your protocols NOT from RFCs perspective, but how Cisco implemented
> >
> >that RFC. RFCs are GR8 (Especially on Sundays when you cannot sleep), but
> we
> >need to know the RFCs from Ciscos perspective. From my angle, RFC stands
> >for *R*equest *F*rom *C*isco (Just a joke), because most of the technology
> >
> >came from Cisco anyway.
> >
> >
> >
> >I see some of the blogs, posts and/or Workbooks, and I sometimes wonder,
> do
> >they want us to redesign the freaking protocols? WOW, very impressive.
> OK..
> >now what I do with it? Can I change any of this stuff?
> >
> >
> >
> >I saw a Mock lab and this particular redistribution task had 6000 lines of
> >route-maps (Exaggerating a bit), now.... when have we heard or even seen a
> >thing like that in any Cisco test? Anyways
> >
> >
> >*How do we know it from Ciscos perspective? *
> >**
> >
> >Lab up the scenarios and see the behavior. Dont assume. Try to utilize
> that
> >
> >behavior in a different way.
> >
> >Configure, verify and *TEST.* Some people ONLY configure and verify, the
> >question is what did they verify? Well, what they configured, so if they
> >configured the task incorrectly, their verification will NOT tell them
> that,
> >correct? This is why the testing portion comes in very handy. When you are
> >learning a particular feature, you do not want 65 routers with this
> screwed
> >up IP addressing scheme to learn a particular feature/protocol. Keep the
> >addressing and the topology simple so your focus goes on the feature and
> not
> >the addressing or the topology. TEST it and summarize what you learned.
> >
> >
> >
> >Reread your summary NOT the next day, but few days after. Why few days
> >after? Because if you understood the stuff it will still be there few days
> >after it was explained.
> >
> >
> >
> >How many times some one explained something to you and you feel that you
> >totally got it, but the next morning you say to yourself What the heck was
> >that all about?, How did it go again?, Yes a very common problem that
> >most of us face, the reason you could not remember how this thing worked,
> is
> >because you did not understand it. When you go back few days later, where
> >ever you are stuck, thats where your problem is.
> >
> >
> >
> >
> >In these two scenarios, we picked on RIPv2. You can just imagine what can
> >happen in OSPF or Eigrp or other protocols. I AM NOT PICKING ON OTHER
> >VENDORS, IF YOU FEEL THAT WAY I AM SORRY, IT'S YOU WHO HAS THE PROBLEM AND
> >NOT ME.
> >
> >
> >
> >*I will give you all a puzzle every Friday*, thats if you guys are OK with
> >
> >that. I know some people get annoyed, if you all feel that way, I will
> stop,
> >but if you guys like this kind of things, I am all for it, lets do it.
> >
> >
> >
> >
> >I am also coming up with *Explain it* series, where I ask you all to
> >explain a given protocol, and we start comparing our explanations and
> >labbing some of the explanations. More later..
> >
> >
> >I hope you enjoyed the puzzles
> >
> >
> >On Sat, Oct 23, 2010 at 7:53 AM, Gary Duncanson <
> >gary.duncanson_at_googlemail.com> wrote:
> >
> >> I agree.
> >>
> >> Essentially you want to know how to build a basic construct for every
> >> technology. It all starts from there.
> >>
> >> After that you are looking at ways to influence the behaviors. That
> could
> >> be best path, filtering options, and essential mechanics like timers and
> >> what have you.
> >>
> >> Surround all that with a solid understanding of the mechanics of things
> and
> >> how one influences another or is dependant on another i.e frame relay
> >> effects on routing protocols and chuck in many hours of regular practice
> >and
> >> you should be there or there abouts.
> >>
> >> If only I had more time. About to be a dad again :)
> >>
> >> Gary
> >> ----- Original Message ----- From: "Narbik Kocharians" <
> narbikk_at_gmail.com>
> >> To: "Tom Solski" <tom.solski_at_gmail.com>
> >> Cc: "CCIE Groupstudy" <ccielab_at_groupstudy.com>
> >> Sent: Friday, October 22, 2010 8:13 PM
> >>
> >> Subject: Re: OT - Second Puzzle for CCIE R&S Students
> >>
> >>
> >> I am trying to prove that studying labs that have 50 NINJA or 007
> tasks
> >>> is
> >>> NOT what gets you in the lab or prepares you for the lab, the lab
> focuses
> >>> on
> >>> easy stuff, you won't see tasks like:
> >>>
> >>> Redistribute on the appropriate router(s) such that my bathroom flushes
> 3
> >>> times every 985 ms, and with each flush it should use 2.3 liters of
> water.
> >>>
> >>> These tasks are NOT teaching you anything, these tasks tell you how
> >>> creative
> >>> the author can be.
> >>>
> >>> On Fri, Oct 22, 2010 at 12:09 PM, Tom Solski <tom.solski_at_gmail.com>
> >>> wrote:
> >>>
> >>> OK, I did lab it up. R2 and R3 exchange default routes and because of
> >>>> split horizon one of the routers will not send 0/0 to R1. Disabling
> >>>> split horizon on R2 and R3 will not help either. The solution is to
> >>>> prevent R2 and R3 to exchange default routes, but it took me *more
> >>>> than 5 minutes* to realize that the solutions is within R2-R3 and R1
> >>>> has nothing to do with it.
> >>>>
> >>>> So how do you find out ? Do you just KNOW that by looking at the
> >>>> diagram, start with debug ...
> >>>>
> >>>>
> >>>> On Fri, Oct 22, 2010 at 2:25 PM, Narbik Kocharians <narbikk_at_gmail.com
> >
> >>>> wrote:
> >>>> > *One of the students told me that he did not see the second puzzle,
> so
> >>>> > i
> >>>> am
> >>>> > posting my original post for the second one.*
> >>>> >
> >>>> > The reason I asked to Unicast was so one student will not see the >
> >>>> answer
> >>>> > from another student, this forces some people to lab the scenario
> and
> >>>> think.
> >>>> >
> >>>> >
> >>>> > *Now that I have your attention*, here are some solutions to the >
> >>>> problem,
> >>>> I
> >>>> > am sure there are more ways, and please feel free to add to the
> list.
> >>>> >
> >>>> > 1. Filter all RIPs updates coming from R2 on R3 fa0/0 interface with
> >>>> > access-list/prefix-list/route-map and vice versa.
> >>>> > 2. Filter the default route from R2 on R3 and vice versa.
> >>>> > 3. Instead of filtering, you could also use the distance command and
> >
> >>>> set
> >>>> it
> >>>> > to 255.
> >>>> > 4. Filter default from R2 on R3, and R3 to R2 using an "Offset-list
> >
> >>>> in".
> >>>> > 5. Configure passive-interface on the F0/0 interfaces of R2 and R3,
> and
> >>>> then
> >>>> > on Both routers configure a "Neighbor R1".
> >>>> > 6. Configure the ports that R2 and R3 are connected as "swi
> Protect".
> >>>> > 7. Configure Private Vlan; configuring the F0/0 interface of R2 and
> R3
> >>>> > in
> >>>> > Isolated, and the F0/0 interface of R1 in primary.
> >>>> > 8. Mac ACLs or an IP access-list and a Vlan Access-map that denies
> the
> >>>> two
> >>>> > routers from communicating.
> >>>> > 9. Configuring an MQC that matches on the destination-address MAC
> and
> >>>> drops
> >>>> > that traffic in the policy-map that's assigned to the F0/0 interface
> of
> >>>> R2
> >>>> > and Vice versa.
> >>>> > 10. Dropping the traffic by filtering the MAC on the switchports.
> >>>> > 11. Put R2 and R3 in different subnets and do a "no validate-update
> >>>> source"
> >>>> > on R1.
> >>>> >
> >>>> >
> >>>> > *Now could you imagine the following scenario*: you are in a CCIE
> lab,
> >>>> and
> >>>> > you just finished the troubleshooting section, so you feel like Mike
> >>>> Tyson
> >>>> > because you did well, but the first question in the configuration >
> >>>> section
> >>>> is
> >>>> > the following:
> >>>> >
> >>>> > R1 is running RIPv2.
> >>>> > R6 is also running RIPv2.
> >>>> > There are bunch of routers between R1 and R6 running OSPF or
> whatever
> >>>> > routing protocol that turns you on.
> >>>> >
> >>>> > I want R6 to get all R1 s RIP routes.
> >>>> >
> >>>> > Do not use redistribution, AToM, IPnIP or GRE tunnels to accomplish
> >
> >>>> this.
> >>>> > Come up with 2 solutions. Common unicast me the solution..
> >>>> >
> >>>> >
> >>>> > There is a reason I am doing this, trust me .
> >>>> >
> >>>> > --
> >>>> > Narbik Kocharians
> >>>> > CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> >>>> > www.MicronicsTraining.com <http://www.micronicstraining.com/> <
> http://www.micronicstraining.com/> <
> >>>> http://www.micronicstraining.com/>
> >>>>
> >>>> > Sr. Technical Instructor
> >>>> > YES! We take Cisco Learning Credits!
> >>>> > Training And Remote Racks available
> >>>> >
> >>>> >
> >>>> > Blogs and organic groups at http://www.ccie.net
> >>>> >
> >>>> >
> _______________________________________________________________________
> >>>> > Subscription information may be found at:
> >>>> > http://www.groupstudy.com/list/CCIELab.html
> >>>> >
> >>>> >
> >>>> >
> >>>> >
> >>>> >
> >>>> >
> >>>> >
> >>>> >
> >>>>
> >>>>
> >>>
> >>>
> >>> --
> >>> Narbik Kocharians
> >>> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> >>> www.MicronicsTraining.com <http://www.micronicstraining.com/> <
> http://www.micronicstraining.com/>
> >>> Sr. Technical Instructor
> >>> YES! We take Cisco Learning Credits!
> >>> Training And Remote Racks available
> >>>
> >>>
> >>> Blogs and organic groups at http://www.ccie.net
> >>>
> >>> _______________________________________________________________________
> >>> Subscription information may be found at:
> >>> http://www.groupstudy.com/list/CCIELab.html
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>
> >
> >
> >--
> >Narbik Kocharians
> >CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> >www.MicronicsTraining.com <http://www.micronicstraining.com/>
> >Sr. Technical Instructor
> >YES! We take Cisco Learning Credits!
> >Training And Remote Racks available
> >
> >
> >Blogs and organic groups at http://www.ccie.net
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
>
>
> --
> Narbik Kocharians
> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com <http://www.micronicstraining.com/>
> Sr. Technical Instructor
> YES! We take Cisco Learning Credits!
> Training And Remote Racks available
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Narbik Kocharians
CCSI#30832, CCIE# 12410 (R&S, SP, Security)
www.MicronicsTraining.com
Sr. Technical Instructor
YES! We take Cisco Learning Credits!
Training And Remote Racks available
Blogs and organic groups at http://www.ccie.net