CCIE RS Lab – Week 6

Hours studied – 19 hours

Sunday – I did some light reading. The book was choice was Narbik’s bridging the gap the EIGRP chapter.

Monday – INE ATC videos, System Management Labs – I have forgotten a lot of the different options. I also need to practice finding these in the documentation, these are spread out through the doc cd.

Tuesday – Took the night off, I was mentally exhausted and needed to disconnect

Wednesday – I watched more INE ATC videos, I have been getting through the EIGRP section

Thursday – I did some more light reading of past labs and also worked on a few pointed BGP labs

Friday – I watched more INE ATC videos continuing with EIGRP. I also reviewed the systems management labs.

Saturday – I spent most of the day on INE full scale lab 2

Notes I took during the lab:


  • No transit links – had to configure as p2p interfaces
  • No unnecessary LSAs – prefix-suppression
    • Convergence time can be reduced by preventing the advertisement of all ip prefixes
    • Loopbacks, secondary addresses and passive interfaces are excluded as some designs require them to remain reachable
  • Traffic engineering – changing the network type to manipulate the traffic path
    • Needed to change to p2m non-broadcast and add a cost on the neighbor commands to get the desired traffic path


  • iBGP load balancing
    • Max path 2
    • Need to use a different RD for each iBGP peer when doing this in MPLS
    • The different RD affects how prefixes show up in the BGP table
      • If they are the same RD the best path is chosen even if there are 2 paths
      • By changing the RD to be something different and enabling max paths for ibgp you’ll be able to install¬† multiples ibgp routes
  • Remember to configure next-hop-self on iBGP peers
  • Practice AS-path ACL’s with regexp
    • How to create a filter to not become a transit
    • Only allow prefixes that are locally originated
  • Traffic engineering techniques
    • AS-prepend – affects inbound path, but is applied out to the ebgp peer
    • Local preference – affects outbound path, but in applied inbound from the neighbor


  • Need to use static mroute when connecting across unsupported network with GRE tunnels
  • RPF follows the unicast routing table to reach RP. Without adding a static mroute the RP is not learned by the routers
  • OSPF cost can be used to manipulate the RPF to traffic go a desired path

ACL logging – log-input matches mac addresses

  • Ip access-list log-update threshold 10
  • Even though the question is regarding syslog, need to know the different options that may not be under the logging main command

NTP authentication

  • Many steps to configure NTP authentication
  • Need to create a key
  • Tell NTP to authenticate
  • Trust the authentication key
  • Apply the key to peers if syncing between multiple NTP masters
  • Must be applied for all devices and set on the server command


  • Wording for shaping – delay for excess traffic, dropped as worse case
    • Policing would have said something along the lines of cir or change the dscp for exceeding traffic
  • Random detect, different from tail-drop
    • Tail drop – default mechanism, packets get dropped from the queue when full
    • Random detect based on DSCP value
      • Weigted random early detections

CCIE RS Lab – Week 5

Hours studied – 19.5 hours

Sunday – I took a little break from labbing and was able to catch up on some house work. I built my little guy a sandbox, which he has not left since it was finished. To close out the day I watched some OSPF videos.

Monday – I continued working through INE foundations 2. One of the new things I learned working on DMVPN with IPSec where the GRE tunnels shares the same outbound interface there is a caveat to remember for applying the policy on the tunnel, must use the shared key word or only 1 tunnel will be encrypted.

I got stuck after setting up L3VPN. Was able to get MPLS up and running, VPNv4 routes up, CE-PE routes worked, I could see CE to CE connectivity in the control plane (routes showed up from each CE) however the data path would not work. I ran this past the study group and we were not able to resolve it before the rack time ended. I’m going to get back to this week 6.

Tuesday Р I watched an older recording of MPLS Troubleshooting with Nick Russo. Nick did a webex a long time ago that I am revisiting and taking notes on again.

Wednesday – Indepedence Day, spent it in the pool

Thursday – I continued watching Nick’s MPLS troubleshooting video. I was able to write out the steps he goes through when troubleshooting L3VPN routes and how to follow the tags throughout the network and verify the truth.

I also did some IPv6 labs. I need to get used to some of the differences and also get my typing acuracy back along with getting better at reading the ::’s

Friday – I worked on one of my weaker topics, Multicast. I find it very tedious typing ip pim sparse-mode on every interface, but ones that’s done I spent a lot of time on how to verify and follow the routing paths.

Saturday – I spent about 5 hours on INE full scale lab 1. This is my first full scale lab getting back into the studies. The lab helped identify a few weaknesses for me to help me refocus on what to practice and learn. There’s were some of my struggles that I need to work on

  1. Read between the lines/steps. There are steps given, but conviently leave out some key underlying routing that needs to be completed in order to accomplish the task. What I need to work on here is better understanding of what is being asked, identifying the gap in the request, configuring it and verifying.
  2. Verify as I configure. I got ahead of myself and kept configuring without verifying as I went.
  3. Redistribution, this is a double edge sword. I was able to get redistribution working first try. I scripted everything out in notepad and had no issues pasting it into the routers. The thing I need to challenge myself with though it to stop using tags. If the restrictions take tags away from me I am screwed. I also need to look into alternatives such as summaries
  4. This comes back to number 2 which is verify, I also need to read all the requirements. I forgot simple things because I didn’t read carefully enough
  5. Configuration specifics
    1. IPSec, transform sets – tunnel vs transport > need to memorize the differences
    2. DMVPN Phase 3 – shortcut vs redirect > which one goes on the hub
    3. Practice BGP communities – typing was slow

I also found that for this 5 hours of straight configuring drained me. I need to work on my stamina and also my speed, however right now speed is not my focus. I kept score as I went, however didn’t finish the lab, so I will post this at a later time.

CCIE RS Lab – Week 4

Hours studying – 27.5

I continued working on foundations 3. This shed light on how much I need to practice more IPv6. The redistribution was nasty, there are a bunch of loops created when doing this. I used tags for the redistribution, there were no restrictions on what tech could or could not be used.

I used debug ip routing to find out if these was any loops, also check routing table and used traceroute to verify conenctivty

I did run into an issue where a route on R7 should have been learned via EIGRP from it’s directly connected neighbor, but was being learned from R6 via OSPFv3. After tracking the problem down to R6 and seeing how the route was being learned I added an deny statement on one of my route maps which restored connectvity on R7 and for the rest of the network to learn routes properly via R7’s EIGRP neighbors.

I was looking for a way to listen to videos and have them autoplay the next video. I found a way to listen to videos in the background which has helped greatly while commuting. The app on the iPhone is called PlayerXtreme, it is able to see existing videos on the phone and play them while giving additional options for play next video and increase the playback speed.

Being able to listen to the videos has increased the amount of time I’ve been able to spend “studying”. I count listening as study time as I’ll absorb some knowledge.

I have also started reading through Narbiks book, Bridging the Gap between CCNP and CCIE. So far it has been helpful and steps through the technology is a very step by step way.

I started Foundations 2 and did not run into many things I didn’t remember. I have been taking my time on this one and will be continuing it Week 5.

I was able to spend 7.5 hours on Troubleshooting Lab 1 with 2 study partners. This was the most helpful study session I’ve had in a long time. I’ll do a youtube video soon around the need for a study partner(s). We were able to discuss strategy and teach each other things we may have forgotten. This lab exposed a lot of weaknesses that I need to brush up on: OSPF LFA, BGP Table Map, Multicast MSDP, EEM tricks, BGP additional paths.