You are on page 1of 229

CCIE Routing and Switching techtorial

TECCCIE-3000

Kurt Claes CCIE R&S Exam Support Engineer #9483


Himawan Nugroho Solution Architect #8171

Bruno van de Werve CCIE R&S Exam Program Manager #20066

TECCCIE-3000 Session Abstract


This session covers CCIE Routing & Switching Program updates, and provides
you an in-depth overview of what is covered in both the written and the lab exams.
This includes examples and lab exam case studies focusing on topics candidates
frequently miss out during their lab attempt.
The main objective of this session is to give you an overview of how the exams
are conducted and to provide you good guidance on what you need to look at
when preparing and taking the exams.

The session is mainly focusing on exam centric approaches and strategies and is
not aimed at covering all technical topics susceptible to appear in the exams.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Know what you dont know

Disclaimer
Not all topics discussed today appear on every exam
For time reasons, were unable to discuss every feature and topic possible on
the exam

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Certifications

learningnetwork.cisco.com
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIEs Worldwide
Most highly respected IT certification since 20+ years!
Industry standard validating and endorsing expert-level skills and experience

Demonstrate strong commitment and investment to networking career, life-long


learning, and dedication to remaining an active CCIE

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIE and CCDE Tracks


Routing & Switching

Security

Voice

Design

Expert level knowledge of


networking across LAN and WAN
interfaces and variety of routers and
switches
Solve complex connectivity
problems to increase bandwidth,
improve response times, maximize
performance, and support global
operations

Expert level knowledge of security


and VPN solutions

Expert level knowledge of Cisco


Voice over IP (VoIP) products and
solutions

Demonstrate in-depth
understanding of Layer 2 and 3
network infrastructure; Solid
understanding of Windows, Unix,
Linux and HTTP, SMTP, FTP and
DNS

Expert level knowledge of


network design principles for the
Layer 2 and 3 network
infrastructure

Capable of building and configuring


complex end-to-end telephony
network, troubleshooting and
resolving VoIP-related problems

Data Center

Service Provider

SP Operations

Wireless

Expert level knowledge of Data


Center Technologies, including DC
infrastructure, storage, compute and
virtualization

Expert level knowledge of IP


fundamentals and technologies
Expertise in building an extensible
service provider network

Expert level knowledge of SP IP


NGN technologies

Expert level knowledge of WLAN


technologies

Capable of building, configuring,


and troubleshooting an end-to-end
virtualized Data Center using Cisco
DC technologies

Expert level knowledge to


troubleshoot and maintain complex
service provider networks

Capable of troubleshooting SP
networks, managing SP processes
(incident, fault, change,
configuration, and performance),
and knowledge of NMS technology

Provides next step for individuals


interested in a career in managing or
working with Cisco wireless
technologies

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Capable of assessing and


translating network business
requirements into technical
designs

Certification Process
Written Exam
400-YXZ

pass

Practical
Exam

Pearson
2 hours
Multiple choices
Flash items
No documentation
Immediately scored

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

pass

Select Cisco locations


8 hours
Configurations
Troubleshooting
Cisco documentation
Scored within 48h

Cisco Public

10

CCIE

Proactive and Holistic Candidate Feedback


Input

Feedback

Cisco Business Units

Candidate Exam and Item


Comments

Cisco Technology groups

Candidate Satisfaction Surveys

Cisco Technical Support teams


(TAC, AS, ..)
Cisco-Internal and Cisco-External
Subject Matter Experts

Create or
Refresh Exam
Content

Customer Service Cases


EAG (Exam Advisory Groups)
Cisco Learning Network
Blogs

Customer Advisory Boards

Customer Focus Groups


Customer and Cisco field surveys
(Marketing)

Launch
Exam

Cisco Product Manager, Marketing


Manager, Program Manager

Exam Live
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

11

Exams

Performance Assessment
VALIDITY
RELIABILITY
FAIRNESS
CONGRUENCY

RELEVANCY

Use of the test scores

Definition of MQC
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

12

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

13

CCIE R&Sv5 Curriculum Overview


Certification process unchanged
Exam curriculum and format changed
Designed and validated with industry experts (Cisco internals and externals)
Aligned with evolution of job role and relevant technologies

Check the official information on CLN


https://learningnetwork.cisco.com/community/certifications/ccie_routing_switching
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

14

CCIE R&Sv5 Curriculum Overview


Enhanced Certifications validity, reliability, integrity and security
Assessment of platform-independent concepts

Cisco IOS Software Release 15


100% Virtual equipment

More relevant network topologies


Improved assessment of Troubleshooting skills (new Diagnostic)

More variations of content combinations (three modules)


TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIE R&Sv5 Curriculum Overview


6 main domains in Written exam & 5 main domains in Lab exam
New weighting factors
4 levels of details
Two documents: Written exam Topics (blueprint) + Lab exam Topics
https://learningnetwork.cisco.com/community/certifications/ccie_routing_switching
https://learningnetwork.cisco.com/docs/DOC-22705
https://learningnetwork.cisco.com/docs/DOC-22706
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

16

CCIE R&Sv5 Curriculum Overview


CCIE RSv4

1.00 Implement Layer 2 Technologies


2.00 Implement IPv4
3.00 Implement IPv6
4.00 Implement MPLS Layer 3 VPNs
5.00 Implement IP Multicast
6.00 Implement Network Security
7.00 Implement Network Services
8.00 Implement Quality of Service
9.00 Troubleshoot a Network
10.00 Optimize the Network

1.0.0
2.0.0
3.0.0
4.0.0
5.0.0
6.0.0
6
6
6
6

11.00 Evaluate proposed changes to a Network (Written only)

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIE RSv5
Network Principles
Layer 2 Technologies
Layer 3 Technologies
VPN Technologies
Infrastructure Security
Infrastructure Services

% WR
10
15
40
15
5
15

% LAB
0
20
40
20
5
15

CCIE R&Sv5 Lab Curriculum Alignment


Blueprint sections = Exam sections = Score report sections

Candidate: John Smith


Exam date: 02/30/2015

CCIE RSv5 Lab Topics domains


1.0.0 Layer 2 Technologies
2.0.0 Layer 3 Technologies
3.0.0 VPN Technologies
4.0.0 Infrastructure Security
5.0.0 Infrastructure Services

Weight
20
40
20
5
15

CCIE RSv5 Lab Exam sections


1.0.0 Layer 2 Technologies
2.0.0 Layer 3 Technologies
3.0.0 VPN Technologies
4.0.0 Infrastructure Security
5.0.0 Infrastructure Services

CCIE RSv5 Score report sections


1.0.0 Layer 2 Technologies
85%
2.0.0 Layer 3 Technologies
45%
3.0.0 VPN Technologies
15%
4.0.0 Infrastructure Security
0%
5.0.0 Infrastructure Services
20%

Failed
Or
Passed!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Your CCIE# is 1025

CCIE R&Sv5 Curriculums Details

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIE RSv5
1.0.0 Network Principles (Written only)
2.0.0

Layer 2 Technologies

3.0.0

Layer 3 Technologies

4.0.0

VPN Technologies

5.0.0

Infrastructure Security

6.0.0

Infrastructure Services

CCIE R&Sv5 Key Topic Changes


Topics

New

Moved
from v4 Lab to v5 Written

Written only
IOS-XE, VSS, ISIS, L2VPN,
GETVPN

Written & Lab


Packet capture analysis,
DMVPN, IPsec, IPv6 FHS

PfR, L2QoS, IPv6 Multicast,


802.1x
Frame-Relay, FRTS, LFI, WRR/SRR, ZBF, IPS, RSVP,
WCCP

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIE R&Sv5 New Topics on Written exam


Network Principles
Network Theory

Describe basic software architecture differences between IOS and IOS XE


Identify Cisco Express Forwarding concepts
Explain general network challenges
Explain IP, TCP, UDP operations

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

21

CCIE R&Sv5 New Topics on Written exam


Layer 2 Technologies
LAN Switching technologies
Describe Chassis Virtualization and Aggregation Technologies

Layer 2 Multicast
Explain PIM Snooping

Layer 2 WAN Circuit technologies


Describe WAN rate-based ethernet circuits

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

22

CCIE R&Sv5 New Topics on Written exam


Layer 3 Technologies
BGP
Describe BGP fast convergence features

ISIS

Describe basic ISIS network


Describe neighbor relationship
Describe network types, levels and router types
Describe operations
Describe optimization features

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

23

CCIE R&Sv5 New Topics on Written exam


VPN Technologies
Tunneling
Describe basic layer 2 VPN wireline
L2TPv3, ATOM General principals

Describe basic layer 2 VPN LAN services


VPLS, OTV General principals

Encryption
Describe GETVPN

Infrastructure Services
Network Services
Describe IPv6 Network Address Translation

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

24

CCIE R&Sv5 New Topics on Written & Lab exams


Network Troubleshooting
Use IOS troubleshooting tools
Apply troubleshooting methodologies
Interpret packet capture

Applicable to all lab domains

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

25

CCIE R&Sv5 New Topics on Written & Lab exams


Layer 3 Technologies
Fundamental routing concepts
Implement and Troubleshoot Bidirectional Forwarding Detection

EIGRP
Implement EIGRP (multi-address) Named Mode
Implement, troubleshoot and optimize EIGRP convergence and scalability

OSPF
Implement, troubleshoot and optimize OSPF convergence and scalability

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

26

CCIE R&Sv5 New Topics on Written & Lab exams


VPN Technologies
Tunneling
Implement and Troubleshoot DMVPN (single hub)

Encryption
Implement and Troubleshoot IPsec with pre-shared key

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

27

CCIE R&Sv5 Topics moved from v4 Lab to v5


Written
Describe IPv6 Multicast
Describe RIPv6 (RIPng)
Describe IPv6 Tunneling Techniques

Describe Device Security using IOS AAA with TACACS+ and RADIUS
Describe 802.1x
Describe Layer 2 QoS
Identify Performance Routing (PfR)

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

28

CCIE R&Sv5 Topics removed from v4 Exams


Flexlink, ISL, Layer 2 Protocol Tunneling
Frame-Relay (LFI, FR Traffic Shaping)
WCCP

IOS Firewall and IPS


RITE, RMON
RGMP
RSVP QoS, WRR/SRR

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

29

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

30

CCIE R&Sv5 Written exam


New Number: 400-101
120 minutes, 90 110 independent items
MC-SA/MA; DnD; Point & Click

English only
Pearson VUE
Closed-book

Score directly available

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

31

CCIE R&Sv5 Lab exam


480 minutes, multiple exam modules
Configure, Troubleshoot scenarios to given specifications

English only

Cisco Lab locations


Open-book (Cisco Documentation)
Score available within 48h

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

32

CCIE R&Sv5 Lab Exam Format


100% virtual
New DIAG module
Flexible time in TS
New Scoring Logic
Web-based delivery
Troubleshooting
(2h)

Virtual devices
minScore

Optional

DIAG

Optional

Configuration

+ 30min

(30min)

- 30min

(5h30)

No Device
minScore

Virtual devices
minScore
Cut Score

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

CCIE R&Sv5 Delivery System


Web-based delivery
Troubleshooting
(2h)
Virtual devices
minScore

Optional

DIAG

Optional

Configuration

+ 30min

(30min)

- 30min

(5h30)

No Device

Virtual devices

minScore

minScore
Cut Score

Identical to CCIE RSv4s

Separate TS and CFG topologies


Check the WISP labs in the WoS!
Try CLL online via CLN Store
Stay tuned for the additional demo content
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

34

CCIE R&Sv5 Virtual Lab


Web-based delivery
Troubleshooting
(2h)
Virtual devices
minScore

Optional

DIAG

Optional

Configuration

+ 30min

(30min)

- 30min

(5h30)

No Device

Virtual devices

minScore

minScore
Cut Score

CFG is now virtual, like TS

DIAG do not use any device


Virtual router: IOL (IOS on Linux) & virtual switch: L2IOL (Layer 2 IOL)
Option to reload initial configuration if needed, very fast reload
Ethernet and Serial interfaces only, Layer 1 simulation available
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

35

CCIE R&Sv5 New Diagnostic module


Web-based delivery
Troubleshooting
(2h)
Virtual devices

Optional

DIAG

Optional

Configuration

+ 30min

(30min)

- 30min

(5h30)

minScore

No Device

Virtual devices

minScore

minScore
Cut Score

Assessing new skills


Analyzing, correlating and discerning multiple sources of documentation

Support ticket scenario


Fixed 30 minutes, 100% Web-based, no device needed

Deterministic grading, no partial grading.


Item format similar to multiple choices item
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

36

CCIE R&Sv5 Flexible TS time


Web-based delivery
Troubleshooting
(2h)
Virtual devices

Optional

DIAG

Optional

Configuration

+ 30min

(30min)

- 30min

(5h30)

minScore

No Device

Virtual devices

minScore

minScore
Cut Score

Optional time extension of 30 min in TS

TS designed for 2h
Any extra time used, up to 30 min is reduced from CFG time credit

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

37

CCIE R&Sv5 Scoring Logic


Web-based delivery
Troubleshooting
(2h)
Virtual devices

Optional

DIAG

Optional

Configuration

+ 30min

(30min)

- 30min

(5h30)

minScore

No Device

Virtual devices

minScore

minScore
Cut Score

Module-level minimum score

Lab-level cut-score
if {[mod: (mod_Score mod_minScore)] && (mod_Score) Lab_CutScore};
then PASS

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

38

CCIE R&Sv5 Lab Skills Assessment


TS
Skills tested:
Resolve networking problems
Use IOS Troubleshooting
tools
Apply Troubleshooting
methodologies
Troubleshoot Network
technologies (any topic on the
blueprint)
Implement and verify working
solution of networking issues

TECCCIE-3000

DIAG
Skills tested:
Perceive problem areas
Analyze symptoms of networking
issues, identify and describe root
cause
Correlate information from
multiple sources
Discern appropriate solution
Apply Troubleshooting
Methodologies
Troubleshoot Network
technologies (any topic on the
blueprint)

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

39

CFG
Skills tested:
Abstract functional element of
complex network environment
Understand how infrastructure
components interoperate
Implement Network
technologies (any topic on the
blueprint)
Design appropriate solutions to
network infrastructures
challenges within constraints
and verify functionality

CCIE R&Sv5 Lab Modules Design


TS

DIAG

CFG

Incident format:
All incidents visible at start

Ticket format:
All tickets visible at start

Item format:
All items visible at start

Score visible, no partial grading

Score visible, no partial grading

Score visible, no partial grading

Virtual devices

No devices

Virtual devices

Single topology/scenario

Multiple scenarios

Single topology/scenario

Independent incidents

Independent tickets

Inter-dependent items

Troubleshoot, configure and


verify solution

Analyze & correlate info and


make a choice between options

Implement, configure and verify


working scenario

Per-incident constraints

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

40

CCIE R&Sv5 Lab Modules Design


TS

DIAG

CFG

Incident format:
All incidents visible at start

Ticket format:
All tickets visible at start

Item format:
All items visible at start

Score visible, no partial grading

Score visible, no partial grading

Score visible, no partial grading

Virtual devices

No devices

Virtual devices

Single topology/scenario

Multiple scenarios

Single topology/scenario

Independent incidents

Independent tickets

Inter-dependent items

Troubleshoot, configure and


verify solution

Analyze & correlate info and


make a choice between options

Implement, configure and verify


working scenario

Per-incident constraints

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

41

CCIE R&Sv5 Troubleshooting modules Format


Network topology of ~30 virtual routers and switches
Scenario is fully preconfigured but contains faults
2h30 maximum (visible countdown timer + 30 min warning after 2h)

Content designed to be doable within 2h


Incidents stem are symptom-based
Verifications are result-based + constraints
No partial scoring

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

42

CCIE R&Sv5 Troubleshooting modules Format


Main IGP topology diagram (high res)

Two+ enterprises with remote sites


Three+ Service Providers
Host/Server simulated by IOS
Preconfigured scenario
Multiple faults injected

Console access via


Main diagram
Device manager (menu)

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

43

CCIE R&Sv5 Troubleshooting modules Format


Layer 2 diagrams
Any region/AS with switches
Mixing L2 and L3 links

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

44

CCIE R&Sv5 Troubleshooting modules Format


BGP diagram
Only the BGP speakers
iBGP, eBGP, MP-BGP
Default originate

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

45

CCIE R&Sv5 Troubleshooting modules Format


MPLS VPN diagram
Only the VPN sites and backbone
VRF RD, RT, Interfaces
PE-CE RP

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

46

CCIE R&Sv5 Troubleshooting modules Format


Mostly independent incidents
Mini-Diagram
Incident#1

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Incident#2

Cisco Public

47

CCIE R&Sv5 Troubleshooting Incidents Format


Incident#1
Hosts that are connected to the interface E1/0 of R19
are not able to use Telnet to connect to the server R50,
which is located in VLAN_100.

Fix the problem so that the following Telnet session establishes:


R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification

Password:
R50>

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

48

CCIE R&Sv5 Troubleshooting Incidents Format


Mini Diagram

Incident#1
Hosts that are connected to the interface E1/0 of R19
are not able to use Telnet to connect to the server R50,
which is located in VLAN_100.

Fix the problem so that the following Telnet session establishes:


R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification

Password:
R50>

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

49

CCIE R&Sv5 Troubleshooting Incidents Format


Incident#1

Symptoms

Hosts that are connected to the interface E1/0 of R19


are not able to use Telnet to connect to the server R50,
which is located in VLAN_100.

Fix the problem so that the following Telnet session establishes:


R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification

Password:
R50>

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

50

CCIE R&Sv5 Troubleshooting Incidents Format


Incident#1
Hosts that are connected to the interface E1/0 of R19
are not able to use Telnet to connect to the server R50,
Validation test
which is located in VLAN_100.

Fix the problem so that the following Telnet session establishes:


R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification

Password:
R50>

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

51

CCIE R&Sv5 Troubleshooting Incidents Format


Incident#1
Hosts that are connected to the interface E1/0 of R19
are not able to use Telnet to connect to the server R50,
which is located in VLAN_100.

Fix the problem so that the following Telnet session establishes:


R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification

Password:
R50>

Additional guidelines and constraints

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

52

CCIE R&Sv5 Lab Modules Design


TS

DIAG

CFG

Incident format:
All incidents visible at start

Ticket format:
All tickets visible at start

Item format:
All tickets visible at start

Score visible, no partial grading

Score visible, no partial grading

Score visible, no partial grading

Virtual devices

No devices

Virtual devices

Single topology/scenario

Multiple scenarios

Single topology/scenario

Independent incidents

Independent tickets

Inter-dependent items

Troubleshoot, configure and


verify solution

Analyze & correlate info and


make a choice between options

Implement, configure and verify


working scenario

Per-incident constraints

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

53

CCIE R&Sv5 New Diagnostic module


Independent scenarios putting candidate into the role of a Network Support
engineer who diagnoses networking issues

Analyze, identify, locate and explain the root cause


Recommend optimal troubleshooting procedures leading to the root cause
Recommend network changes isolating the issue without causing more harm
Etc

Analyzing, correlating and discerning multiple sources of documentation

Email threads
Network topology diagrams
Console sessions log
Syslogs, Monitoring charts,
Network traffic captures

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

54

CCIE R&Sv5 New Diagnostic module


Format similar to written exam items (MC-MA) with huge exhibits

Deterministic grading
No living devices
MC-SA (Radio buttons) and MC-MA (Checkboxes)
Drop-down(s)
Drag and Drop
Point and Click / Hotspot

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

55

CCIE R&Sv5 New Diagnostic module


Designed to be doable within 30 minutes
Tickets stem are very generic
Scenarios provided by additional documentation
Verifications are deterministic

Partial scoring possible per ticket

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

56

CCIE R&Sv5 Format of New Diagnostic module


Multiple Choice Single Answer

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

57

CCIE R&Sv5 Format of New Diagnostic module


Multiple Choice Multiple Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

58

CCIE R&Sv5 Format of New Diagnostic module


Dropdown(s)

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

59

CCIE R&Sv5 Format of New Diagnostic module


Drag and Drop

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

60

CCIE R&Sv5 Format of New Diagnostic module


Documentation

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

61

CCIE R&Sv5 Format of New Diagnostic module


Enables candidate to focus on content
(not on navigation!)
Left menu always visible
Easy backn forth between multiple doc sources

Updating dynamically
(depending on cursor location)
Development still ongoing
More features coming in soon!
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

62

CCIE R&Sv5 Format of New Diagnostic module


Input validation

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

63

CCIE R&Sv5 Lab Modules Design


TS

DIAG

CFG

Incident format:
All incidents visible at start

Ticket format:
All tickets visible at start

Item format:
All tickets visible at start

Score visible, no partial grading

Score visible, no partial grading

Score visible, no partial grading

Virtual devices

No devices

Virtual devices

Single topology/scenario

Multiple scenarios

Single topology/scenario

Independent incidents

Independent tickets

Inter-dependent items

Troubleshoot, configure and


verify solution

Analyze & correlate info and


make a choice between options

Implement, configure and verify


working scenario

Per-incident constraints

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

64

CCIE R&Sv5 Configuration modules Format


Network topology with virtual routers and switches
Scenario is partly preconfigured and items are inter-dependent!
Item#10 may require Item#1 to be completed! And Vice versa!!
Sequence of items is not aligned to the implementation sequence!!
May include implicit troubleshooting

5h30 maximum (no visible countdown timer, refer to proctors clock)


Items stem are based on requirements and constraints
Verification rules check for functionalities, not specific configurations
Validate alternate solution configurations

No partial scoring
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

65

CCIE R&Sv5 Configuration modules Format


Main IGP topology diagram

Console access via

One enterprise/corporation
Multiple remote sites
Multiple Service Providers
Host/Server simulated by IOS

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Per-device terminal (PuTTY)


Main diagram URL (image-map)
Device manager (listing)

Cisco Public

66

CCIE R&Sv5 Configuration modules Format


Layer 2 diagram
Any region/AS with switches
Mixing L2 and L3 links and switches

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

67

CCIE R&Sv5 Configuration modules Format


BGP diagram
iBGP
eBGP
VPNv4 BGP

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

68

CCIE R&Sv5 Configuration modules Format


VPN diagram
MPLS VPN
VRF details
DMVPN

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

69

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

70

CCIE R&Sv5 Written Exam Guidelines


If MC-SA: select only one option.
If MC-MA: select as many options as directed in the stem, ex. Choose two.
If DnD: select as many options as there are targets.

If there is an exhibit, use the information provided by the exhibit.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

71

CCIE R&Sv5 Written Exam Sample MC-SA Item


Multiple-choice Single-Answer
Which statement is true about IS-IS?
a) IS-IS provides direct support for NBMA networks.
b) IS-IS has a virtual-link concept similar to OSPF.
c) IS-IS packets are directly encapsulated in the data-link layer.
d) IS-IS is a hybrid between distance-vector protocol and link-state protocol.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

72

CCIE R&Sv5 Written Exam Sample MC-MA Item


Multiple-choice Multiple-Answer
Which two of these statements about CBWFQ are correct? (Choose two)
a) The CBWFQ scheduler provides a guaranteed minimum amount of bandwidth to each
class.
b) CBWFQ services each class queue using a strict priority scheduler.
c) The class-default queue only supports WFQ.
d) Inside a class queue, processing is always FIFO, except for the class-default queue.
e) Each CBWFQ traffic class is policed using a congestion-aware policer.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

73

CCIE R&Sv5 Written Exam Sample Item exhibit


MC-SA/MA with Exhibit
BGP routes

R4

R1
R3

R6

R7

R5

R2
OSPF Area 0

OSPF Area 1

Refer to the exhibit. R6 (in standard Area 1) is redistributing routes learned from
BGP into the OSPF process. Which three OSPF LSA types will R3 advertise into
the Area 0? (Choose three)
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

74

CCIE R&Sv5 Written Exam Sample Item

Refer to the exhibit. R6 (in standard Area 1) is redistributing routes learned from
BGP into the OSPF process. Which three OSPF LSA types will R3 advertise into
Area 0? (Choose three)
a) Type 1 - Router LSAs
b) Type 2 - Network LSAs
c) Type 3 - Network summary LSAs

d) Type 4 - ASBR Summary LSAs


e) Type 5 - AS external LSAs
f)

Type 7 - NSSA external LSAs

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

75

CCIE R&Sv5 Written Exam Sample DnD Item


Drag and Drop

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

76

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

77

Agenda
Lab Exam Case Studies

Guidelines & Strategy


TS
DIAG
CFG

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

78

CCIE R&Sv5 Lab Exam Guidelines


Applicable to all three modules
Read all questions when starting any module
Confirm equipment & interface are in working order (manage devices menu)
Locate all resources (questions, diagrams, calculator, etc)

Manage your own time, watch the countdown timer


Do not change devices:

hostname
password
console configuration
pre-configured IP addressing scheme

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

79

Agenda: Lab Exam Case Studies


1. TS

2. DIAG

Guidelines
Strategy
Incident#1
Incident#2
Incident#3
Incident#4
Incident#5

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

3. CFG

Guidelines
Strategy
Ticket#1
Ticket#2
Ticket#3

Cisco Public

80

Guidelines
Strategy
LAN Switching
IGP Routing
BGP Routing
VPN Technologies
Infrastructure Security
Infrastructure Services

Agenda: Lab Exam TS Case Studies


Incident format:
All incidents visible at start

1. TS

Guidelines
Strategy
Incident#1
Incident#2
Incident#3
Incident#4
Incident#5

Score visible, no partial grading


Virtual devices
Single topology/scenario
Independent incidents

2. DIAG

Troubleshoot, configure and


verify solution

3. CFG

Per-incident constraints

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

81

CCIE R&Sv5 Lab TS Exam Guidelines


Specific to Troubleshooting module
Read the whole question stem before starting to troubleshoot!
(symptoms, validation test, constraints)
Do a Root Cause Analysis before doing any configuration change

Revert to initial configuration if in doubt (manage devices menu)


Do not remove any feature preconfigured!
ACL, PBR, NAT, CoPP, MQC,
Do not change routing protocol(s) boundaries, unless it is the issue!
Do not use static routes to resolve an issue, unless it is the issue!
Use the validation test to confirm resolution (necessary but not sufficient!)

Do backward verifications using the validation test of each incident


TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

82

Troubleshooting Approach/Strategy
Questioning to the void ( 5x Whys)
Ask Why is that until I dont know or I dont care
Confirm validity of each answer and if it provides relevant additional info
Isolate the problem description to as few devices, interfaces, features as possible!

Focus on the highlighted region of the main topology


Dont expect best practices configs/scenario!
Go for the simplest solution!
Verify resolution vs constraints!
Manage your time! Dont get stuck!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

83

Troubleshooting Approach/Strategy
Understand the symptoms and their scope
Analyze the scenario without doing any changes yet
Mentally define the problem with specific and precise networking terms

Isolate the issue to a minimum number of devices that may be implicated


Mentally formulate possible causes and assign likelihood
Test each hypothesis methodically
Keep track of all config changes and revert to initial configs if needed

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

84

Troubleshooting Approach/Strategy
Define the problem

Verify resolution
within guidelines

Identify symptoms

Design and
Implement final
solution

Form hypothesis
about possible
causes

Proof-test and
analyze hypothesis
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

85

TS Case Studies: Diagrams

The main diagram has a clickable map on most device icons


TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

86

TS Case Studies: Diagrams

Additional Diagrams are available under the main menu


Layer 2 Connections
IGP Topology

BGP Topology
VPN Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

87

TS Case Studies: Layer 2 Connections

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

88

TS Case Studies: IGP Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

89

TS Case Studies: BGP Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

90

TS Case Studies: MPLS VPN Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

91

TS Case Studies: DMVPN Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

92

TS Case Studies: Questions (Incidents)

Incidents are available under the main menu


One incident at a time
All incidents sequentially in one popup

Incidents stem are opened in a separate popup window

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

93

TS Case Study: Incident#1


Hosts that are connected to the interface E1/0 of R19
are not able to use Telnet to connect to the server R50,
which is located in VLAN_100.
Fix the problem so that the following Telnet session establishes:
R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification
Password:
R50>

While resolving this issue, you are not allowed to create any new interface.

Refer to the Troubleshooting guidelines to determine if your solution is appropriate.


Make sure that you disconnect the telnet session after verification.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

94

TS Case Study: Incident#1


Zoom on Logical Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

95

TS Case Study: Incident#1


Layer 2 Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

96

TS Case Study: Incident#1

START TS#1

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

97

TS Case Study: Incident#1 Debriefing


Symptoms

Define the
problem

Scenario
Possible cause(s)
Hypothesis

Verify resolution
within guidelines

Identify
symptoms

Design and
Implement final
solution

Form hypothesis
about possible
causes

Constraints
Possible solution(s)
Verifications

Proof-test and
analyze
hypothesis
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

98

TS Case Study: Incident#2


The BigIndustry headquarters have lost connectivity to servers that are located in their warehouse and
that are connected to the interface E2/0 of R28.
Fix the problem so that the connectivity is restored, as follows:
R25#telnet 172.16.28.1
Trying 172.16.28.1 ... Open
User Access Verification
Password:
R28>

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

99

TS Case Study: Incident#2


Zoom on Logical Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

100

TS Case Study: Incident#2


Layer 2 Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

101

TS Case Study: Incident#2


MPLS VPN Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

102

TS Case Study: Incident#2

START TS#2

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

103

TS Case Study: Incident#2 Debriefing


Symptoms

Define the
problem

Scenario
Possible cause(s)
Hypothesis

Verify resolution
within guidelines

Identify
symptoms

Design and
Implement final
solution

Form hypothesis
about possible
causes

Constraints
Possible solution(s)
Verifications

Proof-test and
analyze
hypothesis
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

104

TS Case Study: Incident#3


R19 has lost access to a server that is located on the Internet and that is reachable at the IP address
4.2.2.2.
Fix the problem so that the connectivity is restored, as follows:
R19#ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/152/280 ms
R19#

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

105

TS Case Study: Incident#3


Zoom on Logical Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

106

TS Case Study: Incident#3


Layer 2 Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

107

TS Case Study: Incident#3

START TS#3

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

108

TS Case Study: Incident#3 Debriefing


Symptoms

Define the
problem

Scenario
Possible cause(s)
Hypothesis

Verify resolution
within guidelines

Identify
symptoms

Design and
Implement final
solution

Form hypothesis
about possible
causes

Constraints
Possible solution(s)
Verifications

Proof-test and
analyze
hypothesis
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

109

TS Case Study: Incident#4


The network administrator of the Call Center company is having difficulty establishing the BGP peering
between R20 and R2.
Fix the problem so that the BGP peering is established, as follows:
R20#sh ip bgp sum
BGP router identifier 200.20.20.20, local AS number 65200
BGP table version is 59, main routing table version 59
58 network entries using 8584 bytes of memory
58 path entries using 3712 bytes of memory
2/2 BGP path/bestpath attribute entries using 272 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 12616 total bytes of memory
BGP activity 58/0 prefixes, 58/0 paths, scan interval 60 secs
Neighbor

123.45.67.17

AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


12345

714

703

59

0 10:39:05

58

R20#

While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

110

TS Case Study: Incident#4


Zoom on Logical Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

111

TS Case Study: Incident#4


BGP Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

112

TS Case Study: Incident#4

START TS#4

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

113

TS Case Study: Incident#4 Debriefing


Symptoms

Define the
problem

Scenario
Possible cause(s)
Hypothesis

Verify resolution
within guidelines

Identify
symptoms

Design and
Implement final
solution

Form hypothesis
about possible
causes

Constraints
Possible solution(s)
Verifications

Proof-test and
analyze
hypothesis
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

114

TS Case Study: Incident#5


Users who are connected to R23 on the Call Center Site#3 are not able to use the services provided by
the server R52, which is located in the Call Center Site#2 on VLAN 21.
Fix the problem or problems, so that the following sequence of commands
produces the same relevant output:
R53#ping 200.100.21.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.100.21.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 176/196/240 ms
R53#trace 200.100.21.100
Type escape sequence to abort.
Tracing the route to 200.100.21.100
VRF info: (vrf in name/id, vrf out name/id)
1 200.100.0.25 896 msec 20 msec 28 msec
2 200.100.0.5 20 msec 24 msec 16 msec
3 200.100.17.21 440 msec 164 msec 288 msec
4 200.100.20.254 208 msec 152 msec 120 msec
5 200.100.21.100 544 msec 288 msec *
R53#
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

115

TS Case Study:
Incident#5
Zoom on Logical Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

116

TS Case Study: Incident#5


VPN Diagram

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

117

TS Case Study: Incident#5

START TS#5

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

118

TS Case Study: Incident#5 Debriefing


Symptoms

Define the
problem

Scenario
Possible cause(s)
Hypothesis

Verify resolution
within guidelines

Identify
symptoms

Design and
Implement final
solution

Form hypothesis
about possible
causes

Constraints
Possible solution(s)
Verifications

Proof-test and
analyze
hypothesis
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

119

Agenda: Lab Exam DIAG Case Studies


TS

Ticket format:
All tickets visible at start

DIAG

Score visible, no partial grading

Guidelines
Strategy
Ticket#1
Ticket#2
Ticket#3

No devices
Multiple scenarios
Independent tickets

CFG

TECCCIE-3000

Analyze & correlate info and


make a choice between options

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

120

CCIE R&Sv5 Lab DIAG Exam Guidelines


Specific to Diagnostic module
Read the whole ticket stem and options before diving into the additional
resources (email thread, console session, topology diagram, syslogs, )
Play the role of a network support engineer and understand the situation,
analyze the documentation, correlate information and discern between relevant
vs non-relevant data point, make a choice between the options.
Select as many options as requested.
No partial scoring on ticket level.
Submit your answers! (Click the submit button!)

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

121

Diagnostic Approach/Strategy
Carefully read the stem and all options then go through all resources provided.
Mentally picture the situation and understand the problem asked.
Identify any absurd option(s) and options pair(s)!

Test each plausible option(s) using the documentations!


Use your knowledge and experience but go for the simplest option(s) that is
confirmed by the documentation!

Take your time but watch the clock! (NB: Time is fixed to 30 minutes).

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

122

DIAG Case Study: Ticket#1


MC-MA Dropdowns
A new service request was escalated to you and the following information was
provided to help you understand, diagnose and help resolve the issue:
Email thread between the first-line support and the customer
Network topology
Router configurations
1. Identify which command on which device provides the most important information
about the root cause of this issue:
2. Considering all information provided, identify which solution option configured on
which device is the solution to this issue?

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

123

DIAG Case Study: Ticket#1


MC-MA Dropdowns
1. Identify which command on which device provides the most important information
about the root cause of this issue:

Two drop-downs

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

124

DIAG Case Study: Ticket#1


MC-MA Dropdowns
2. Considering all information provided, identify which solution option configured on which
device is the solution to this issue?

Two drop-downs

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

125

DIAG Case Study: Ticket#1


MC-MA Dropdowns
A new service request was escalated to you and the following information was
provided to help you understand, diagnose and help resolve the issue:
Email thread between the first-line support and the customer
Network topology
Router configurations

Start DIAG#1

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

126

DIAG Case Study: Ticket#1 Debrief


Problem description

Root cause analysis

Solution

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

127

DIAG Case Study: Ticket#2


Point & Click (Hotspot)
A new service request was escalated to you and the following information was
provided to help you understand, diagnose and help resolve the issue:

Email thread between the first-line support and the customer


Syslogs
Network topology
Router configurations
Debugs

Considering all information provided, point and click on the location in the
topology that is causing the reported symptoms.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

128

DIAG Case Study: Ticket#2


Considering all information provided, point and click on the location in the
topology that is causing the reported symptoms.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

129

DIAG Case Study: Ticket#2


A new service request was escalated to you and the following information was
provided to help you understand, diagnose and help resolve the issue:

Email thread between the first-line support and the customer


Syslogs
Network topology
Router configurations
Debugs
Start DIAG#2

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

130

DIAG Case Study: Ticket#2 Debrief


Problem description

Root cause analysis

Solution

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

131

DIAG Case Study: Ticket#3


Drag and Drop
One of your colleagues is working on a service request where the customer
complaints about traffic not being load-balanced and he needs some help to
figure out what is happening.
He provides you with the following information:
Network topology diagram
Summary of investigations
Console output

Explain to your colleague what is happening.


Drag and drop three options on the left in an ordered sequence on the right that
explains what is happening.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

132

DIAG Case Study: Ticket#3


Drag and drop three options on the left in an ordered sequence on the right that
explains what is happening:

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

133

DIAG Case Study: Ticket#3


()
He provides you with the following information:
Network topology diagram
Summary of investigations
Console output

Start DIAG#3

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

134

DIAG Case Study: Ticket#3 Debrief


Problem description

Root cause analysis

Solution

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

135

Agenda: Lab Exam CFG Case Studies


TS

Item format:
All tickets visible at start

DIAG

Score visible, no partial grading

CFG

Virtual devices

Guidelines
Strategy
Layer 2 Switching
IGP Routing
BGP Routing
VPN Technologies
Infrastructure Security
Infrastructure Services

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Single topology/scenario
Inter-dependent items
Implement, configure and verify
working scenario

Cisco Public

136

CCIE R&Sv5 Lab CFG Exam Guidelines


Specific to Configuration module
Read all items and understand the overall scenario.
The overall scenario targets full reachability between all sites, unless specified.
Points are awarded per item if the solution meets all requirements.

There are many valid solutions, grading is based on outcome.


Do not use static route and redistributions unless explicitly requested to.
Do not change IP addressing or routing protocols boundaries.
Do not add interfaces unless specified.
Plan for regression tests after completed substantial changes.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

137

CFG Case Study: Overall Strategy


1. Read the whole scenario
2. Determine the item sequence for efficient configuration
3. Implement and configure all requirements

4. Test solutions and revert to default state


5. Verify all requirements

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

138

CFG Case Study: Strategy


1. Read the whole scenario
1. Layer 2 section

2. Layer 3 section
Gauge item difficulty
Identify inter-dependency of items
Identify stub items

3. VPN section
4. Security section
5. Services section
6. All Diagrams!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

139

CFG Case Study: Strategy


2. Determine the item sequence for efficient configuration
1. Configure LAN switching

2. Configure WAN switching


This is just an example
Do whatever works for you!

3. Configure IGP then BGP then VPN


4. Configure routing policies
5. Test routing policies and revert to default state
6. Configure Security
7. Configure Services
8. Test overall solution
9. Revert to default state
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

140

CFG Case Study: Strategy


3. Implement and configure all requirements
1. Work items as a unit!

2. Read the whole stem before jumping to configuration!


3. Figure out the stake of the item!
4. Understand all requirements Ask help to proctor as last resort
5. Design your solution on paper
6. Anticipate the expected effect of your solution
7. Evaluate inter-dependency with previous and next items
8. Apply the configuration and monitor the expected effect!
9. Move on if you are happy.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

141

CFG Case Study: Strategy


4. Test solutions and revert to default state
Test solutions when completed a functional block. (Ex. IGP, BGP, VPN, )

Design test cases (which interface(s) to shut, show commands, etc)


Anticipate the expected effect
Run the test
Enable debugs
Validate the resulting effect
Revert to initial state!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

142

CFG Case Study: Strategy


5. Verify all requirements
Go back to each items, re-read the whole stem (again

Verify if all requirements and constraints are full-filled.


Figure out the stake of each requirement, with all details of the scenario in mind
Most requirements are explicit!
Some requirements might be implicit, using functional outcome-based description!
Other requirements might be just distractors

Save all configurations

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

143

CFG Case Study: Layer 2 Connections

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

144

CFG Case Study: IGP Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

145

CFG Case Study: BGP Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

146

CFG Case Study: VPN Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

147

CCIE R&Sv5 CFG Exam Sections


1. Layer 2 Technologies
2. Layer 3 Technologies
3. VPN Technologies
4. Infrastructure Security

5. Infrastructure Services

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

148

CFG Case Study: Layer 2 Technologies


1.1 Trunk ports (part 1)
Refer to Diagram 1: Layer 2 Connections.

Configure VLAN Trunking Protocol (VTP) in ACME Headquarters network as


per the following requirements:
Use VTP version 2.
The VTP domain name is CCIE (without quotes).
Secure the VTP advertisements with an MD5 hash of the string CCIE" (without
quotes).
SW1 must propagate all VLAN configuration changes to SW2, SW3, and SW4.
Verify that SW2, SW3 and SW4 accept all VLAN configuration changes done on SW1.

()

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

149

CFG Case Study: Layer 2 Technologies


1.1 Trunk ports (part 2)
()

Configure the trunk ports in ACME Headquarters network as per the following
requirements:

Configure interfaces E2/0 to E2/3 of SW1 and SW2 as dot1Q trunks.


Configure interfaces E2/2 and E2/3 of SW3 and SW4 as dot1Q trunks.
All trunks must set the native VLAN to VLAN 999.
All VLANs must be allowed on all trunks.

4 points

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

150

CFG Case Study: Layer 2 Technologies


1.2 Spanning-Tree (part 1)
Configure the ACME Headquarters network as per the following requirements:
Configure SW1 as the root switch for VLANs 501 and 502 and as the backup switch for
VLANs 503 and 504.
Configure SW2 as the root switch for VLANs 503 and 504 and as the backup switch for
VLANs 501 and 502.
Ensure that all four switches are running the IEEE 802.1w Spanning Tree.
Configure SW1 so that the port E2/1 is forwarding for VLAN 504 but blocking for VLAN
503.

()

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

151

CFG Case Study: Layer 2 Technologies


1.2 Spanning-Tree (part 2)
()

Configure the ACME Main Regional Office network as per the following
requirements:
SW5 must be the root switch for the whole range of possible VLANs.
SW5 must have the best chance of being elected the root switch in case a new switch
was added to the network in the future.
SW5 must run the IEEE 802.1w Spanning Tree.

4 points

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

152

CFG Case Study: Layer 2 Technologies


1.3 Layer 2 Access Ports
ACMEs network administrator wants to enhance the switch network reliability,
manageability and security.
Configure the ACME network as per the following requirements:
Complete the configuration of the access ports as per the mapping table documented
below the Diagram 1: Layer 2 Connections.
All access ports must immediately transition to the STP forwarding state upon link up.
Use a single command per switch to enable this feature on all access ports.
All access ports must not be able to influence the STP topology. Use a single
command per switch to enable this feature on all access ports.
If a switch is connected to any access port, the port must be disabled and a message
must appear on the console.
If a port was disabled, it must reenable itself automatically after 15 minutes.

4 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

153

CFG Case Study: Layer 2 Technologies


1.4 WAN Switching
Configure the ACME Remote Office network as per the following requirements:
The Internet Service Provider enforces unidirectional PPP CHAP authentication on the
serial link with R6.
The CHAP credentials expected by the provider are as follows:
Username: ACME_RemoteOffice
Password: CCIE

The provider will assign an IP address to the interface S2/0 of R6 when the link is
authenticated. Configure R6 to expect an IP address from the provider.
Configure a static default route on R6 pointing to 123.99.6.1 .

2 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

154

CFG Case Study: Layer 2 Technologies


Layer 2 Debrief
1.1 Trunk Ports
Explicit config of VTPv2 with server/client, domain and password.
Dot1Q trunks with native VLAN and no pruning

1.2 Spanning-tree
Rapid STP with priority settings for load-balancing and backup root
Per-VLAN STP port-cost tuning

1.3 Layer 2 Access Ports


Access port config with portfast default and BPDUguard default
Errdisable recovery and interval

1.4 WAN Switching


PPP CHAP and IPCP negotiation
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

155

CFG Case Study: Layer 2 Technologies


Layer 2 Verifications

Review Verifications for Layer 2

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

156

CFG Case Study: IGP Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

157

CFG Case Study: Layer 3 Technologies


2.1 EIGRP
Refer to Diagram 2: IGP Routing.

Configure the ACME network as per the following requirements:


All four sites must run EIGRP for IPv4.
The autonomous system number is 11111.
EIGRP must be enabled on all interfaces of all six routers (R1 to R6), except on the
Serial interfaces that connect to the Internet Service Provider.
EIGRP must be enabled on all interfaces of all five Layer 3 switches (SW1, SW2, SW5,
SW6 and SW7).
All six routers must use the passive-interface default command.
R1 must not query R6 in case any prefix becomes active.

2 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

158

CFG Case Study: Layer 3 Technologies

Part 1

2.2 EIGRP
Refer to Diagram 2: IGP Routing.

Configure the ACME network as per the following requirements:

Configure a static default route on R1 pointing to 123.99.1.1.


Configure a static default route on R2 pointing to 123.99.2.1.
Configure a static default route on R5 pointing to 123.99.5.1.
Configure a static default route on R6 pointing to 123.99.6.1.
SW5 must install two equal-cost external default routes into its routing table.
SW6 must receive a default route from R5, no other EIGRP prefix must be propagated
to SW6.
SW7 must receive only an internal default route from R6, no other EIGRP prefix must
be propagated to SW7.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

159

Part 2

CFG Case Study: Layer 3 Technologies


2.2 EIGRP
Configure the ACME network as per the following requirements:

()
R1 and R2 must propagate a default route into the EIGRP domain as an external
route.
R3 and R4 must receive the external default route from R1 and R2.
The headquarters must have reachability to all access VLANs of all remote sites
(VLAN 601, 602, 701 and 801) via either the DMVPN cloud or via the MPLS VPN.

4 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

160

Part 1

CFG Case Study: Layer 3 Technologies


2.3 EIGRP

Refer to Diagram 2: IGP Routing and to the following subnet allocation table:

Configure the ACME network as per the following requirements:


In order to minimize routing updates across the WAN, each site must advertise
summary routes as per the table above.
Summary routes must be propagated via both the MPLS VPN and the DMVPN.
()

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

161

4 points

Part 2

CFG Case Study: Layer 3 Technologies


2.3 EIGRP

()
R1 must not propagate the Global SP#1 prefixes (12.0.0.0/8) via the Tunnel interface.
Ensure that ACMEs remote sites are never used as transit sites.
R6 must have the following routes when the DMVPN is operational:

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

162

4 points

CFG Case Study: Layer 3 Technologies


2.4 OSPF
Configure the Global Service Provider network as per the following
requirements:

Enable OSPFv2 on all five routers.


The OSPF router-id must be set to the interface Loopback0 on all routers.
All routers must advertise their interface Loopback0 into OSPF as a host route.
No interface that faces an external routing domain may be advertised into OSPF.

1 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

163

CFG Case Study: Layer 3 Technologies


IGP Debrief
2.1 EIGRP (2pt)
Basic EIGRP config with passive default and stub routing

2.2 EIGRP (4pt)

Redistribute static default route


Default summary route on R5
Reachability to R6s access VLAN while R6 is EIGRP Stub!?
Default-originate on PE to propagate R1s default route to R3 and R4!

2.3 EIGRP (4pt)


Explicit summarization
Implicit filtering out of all dual-connected spokes!

2.4 OSPF (2pt)


Basic OSPF config
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

164

CFG Case Study: Layer 3 Technologies


IGP Verifications

Review Verifications for Layer 3

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

165

CFG Case Study: BGP Topology

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

166

CFG Case Study: Layer 3 Technologies


2.5 BGP
Refer to Diagram 3: BGP Routing.

Configure the ACME network as per the following requirements:


Establish an iBGP session between R1 and R2 using their respective interface Lo0.
Establish an iBGP session between R3 and R4 using their respective interface Lo0.
Establish four eBGP sessions between R1, R2, R3 & R4 and R99 as per the Diagram
3: BGP Routing using the IP address of their respective Serial link.
All four routers must receive multiple BGP prefixes from the Internet Service Provider.
Do not redistribute BGP into EIGRP (or vice versa) in any ACME router.
Do not alter the AS path in any router.

2 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

167

CFG Case Study: Layer 3 Technologies


2.6 BGP
Refer to Diagram 3: BGP Routing.

Configure the Global Service Provider network as per the following


requirements:
All four PE routers must run one IPv4 and one VPNv4 BGP peering with R51 only.
All BGP sessions in AS 10001 must be established using interface Loopback0 of the
BGP peers.
Ensure that IPv4 address family routing information is not advertised by default for
each BGP routing session configured with the neighbor remote-as command.
R51 must maintain exactly two separate BGP update-groups.

3 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

168

CFG Case Study: Layer 3 Technologies


2.7 Routing Policies
Configure the ACME network as per the following requirements:
Ensure that traffic originated in ACME Headquarters and destined to the Internet is
routed preferably via R1 and via R2 only in case R1 is down.
Ensure that traffic originated in ACME Regional Main Office and destined to the
Internet is routed preferably via R4 and via R3 only in case R4s S2/0 is down.
Ensure that R3 and R4 receive R2s default route via EIGRP only in case R1 is down.
R3, R4 and R5 must primarily use the Global SP to route any corporate or Internet
traffic. The DMVPN must only be used in case links to the Global SP are down.
Ensure that both the MPLS VPN and DMVPN clouds are up and running when leaving
the lab.
Do not modify the BGP weight in any device in order to achieve any of these
requirements.
Do not configure any IP SLA in order to achieve any of these requirements.

4 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

169

CFG Case Study: Layer 3 Technologies


BGP Debrief
2.5 BGP
Simple iBGP and eBGP, no redistribution

2.6 BGP
IPv4 & VPNv4 Route-reflector

2.7 Routing Policies


BGP local-pref
AD tuning on static default
Metric tuning

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

170

CFG Case Study: Layer 3 Technologies


BGP Verifications

Review Verifications for Layer 3

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

171

CFG Case Study: VPN Technologies


3.1 Tunneling
Deploy DMVPN phase 3 in the ACME network as per the following
requirements:
R1 must be the hub. R3, R4, R5 and R6 must be the spokes.
Configure the following parameters for the interface Tunnel0 of all five routers:
IP MTU is 1400, TCP adjust-MSS is 1360.
Authenticate NHRP using the key 11111.
Set the NHRP holdtime to 5 minutes.

Ensure that spoke-to-spoke tunnels are dynamically established when needed.


All three spokes must establish an EIGRP peering with the hub and via the interface
Tunnel0.

4 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

172

CFG Case Study: VPN Technologies


3.2 Tunneling
Refer to Diagram 4: VPN.

Complete the configuration of MPLS VPN in the Global SPs network as per the
following requirements:
R52, R53, R54 and R55 are the PE routers. R51 is a P router.
Enable LDP on all relevant interfaces in order to assign and distribute labels between P
and PE routers.
Use EIGRP as the PE-CE protocol between the ACME network and the Global SP.
Configure the VRF named ACME using the parameters listed in the legend of
Diagram 3: VPN.
Ensure that the customer prefixes are propagated from PE to PE.

4 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

173

CFG Case Study: VPN Technologies


3.3 Encryption
Secure the DMVPN tunnel with IPsec according to the following requirements:
Configure IKE phase-I according to the following requirements:

Use AES encryption with the pre-shared key CCIE (without quotes).
The key must appear in plain text in the configuration.
All IPsec tunnels must be authenticated using the same IKE Phase I pre-shared key.
Use 1024 bits for the key exchange using Diffie-Hellman algorithm.
Configure a single policy with priority 10.

Configure IKE phase-II according to the following requirements:

Use CCIEXFORM as the transform-set name.


Use DMVPNPROFILE as the IPsec profile name.
Use IPsec in transport mode.
Use the IPsec security protocol ESP and the algorithm AES with 128-bit.

Ensure that the DMVPN cloud is secured using the above parameters.
Use tunnel protection in your configuration.
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

3 points
174

CFG Case Study: VPN Technologies


Tunneling Debrief
3.1 DMVPN
Phase 3 with single-cloud/single-hub but with dynamic spoke-to-spoke

3.2 MPLS VPN


Single VRF with multiple sites, shared RD/RT

3.3 Encryption
Simple IPsec with very explicit requirements

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

175

CFG Case Study: VPN Technologies


VPN Verifications

Review Verifications for VPN

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

176

CFG Case Study: Infrastructure Security


4.1 Device Security
Configure the ACME network as per the following requirements:
Ensure that only the management station located at 192.168.111.100 is able to login
into R1 and R2 using SSH with the username NOC and password NOC.
Use acme.org as domain-name.
Ensure that no authentication is enabled on the console port.

1 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

177

CFG Case Study: Infrastructure Security


4.2 Network Security
Configure the ACME network as per the following requirements:
Ensure that both SW3 and SW4 forward traffic that was sent from expected and
legitimate hosts and servers.
SW3 must learn only one MAC address per port and must save it in its startup
configuration.
Ensure that access-ports are shutdown in case an illegitimate device is plugged in the
network.

2 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

178

CFG Case Study: Infrastructure Security


Security Debrief
4.1 Device Security
Simple and explicit SSH config

4.2 Network Security


Basic but implicit port-security feature

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

179

CFG Case Study: Infrastructure Security


Security Verifications

Review Verifications for Security

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

180

CFG Case Study: Infrastructure Services


5.1 System Management
Configure the ACME network as per the following requirements:
R1 must examine all traffic sent and received via both interfaces Ethernet0/0 and
Tunnel0.
R1 must collect a fingerprint of each packet and determine if it is unique or similar to
other packets.
The attributes that R1 must examine are:

IP source address
IP destination address
Source port
Destination port
Layer 3 protocol type
Class of Service
Router interface

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

2 points
Cisco Public

181

CFG Case Study: Infrastructure Services


5.2 Network Services
Configure ACMEs Regional office network as per the following requirements:
R1 must assign IP addresses via DHCP to hosts in VLAN 501, 502, 503 and 504
according to the table below.
R1 must provide the default gateway according to the table above.
The host-1 (R61) must always receive the IP address 192.168.111.100/24 from R1.
The server-1 (R62) must always receive the IP address 192.168.113.200/24 from R1.
Make sure that the MAC address of host-1 and server-1s Eth0/0 is part of the DHCP
client-identifier.
Both SW1 and SW2 must forward the BOOTREQUEST to 10.1.1.1.

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

182

3 points

CFG Case Study: Infrastructure Services


5.3 Network Services
Configure the ACME network as per the following requirements:
R1 and R2 must enable all private corporate traffic to connect to the Internet via their
respective interface S2/0.
Both R1 and R2 must maintain a table of the active connections routed to the Internet.
Use a single standard Access-list per device to accomplish these requirements.
Ensure that the following traceroute from R5 reveals the same path:

2 points
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

183

CFG Case Study: Infrastructure Services


Services Debrief
5.1 Netflow
Basic but implicit FNF configuration on Tunnel interface

5.2 DHCP
Explicit DHCP client, relay and server config with reservation based on MAC

5.3 NAT
Basic but implicit source NAT

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

184

CFG Case Study: Infrastructure Services


Services Verifications

Review Verifications for Services

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

185

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

186

Know what you dont know

CCIE Exam Preparation, General


Expert-level knowledge requires ACTIVE LEARNING
Researching, Reading, Analyzing, Correlating, Practicing, Repeating

LEARN
READ
UNDERSTAND
REMEMBER

TECCCIE-3000

PRACTICE
BASIC
SCENARIO
INCREASE
DIFFICULTY

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

PRACTICE
EXPLORE
OBSERVE
INVENT

188

TROUBLESHOOT
VERIFY
ANTICIPATE
VALIDATE

CCIE R&Sv5 Preparation Materials


Cisco Learning Network (CLN)
Cisco Expert-level Training Program for CCIE RS
New Ciscopress titles
Cisco.com Products and Technology documentation

Cisco.com Whitepapers, Design Zone,


Cisco Forums (supportforums.cisco.com)
Cisco Tools

External Resources

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

189

Cisco Learning Network Official Resources


https://learningnetwork.cisco.com

Community forums

Topics (Blueprints)

Written exam
Lab exam

Equipment List

Study Group

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Expert-level Training Program for CCIE RS


Revised Cisco 360 Learning Program for CCIE RS
https://learningnetwork.cisco.com/docs/DOC-7998

The only Cisco-authorized learning program


Features Cisco IOS on Linux (IOL) and offers virtual rack rental
Support Cisco IOS Software Release 15 M and T
Updated content for v5.0 exam topics
Workbook with 10 full-scale (TS & CFG) labs
11 performance assessment labs (full-scale CCIE labs)
Offers grading report, detailed answer key, interactive mentor
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

191

New Ciscopress titles for CCIE RSv5


CCIE RSv5.0 Configuration Practice Labs
CCIE RSv5.0 Troubleshooting Practice Labs
CCIE RSv5.0 Configuration and Troubleshooting Practice Labs Bundle
CCIE RSv5.0 Official Cert Guide, Volume 1

CCIE RSv5.0 Official Cert Guide, Volume 2


CCIE RSv5.0 Official Cert Guide Library

CCIE page on Ciscopress.com


http://www.ciscopress.com/markets/detail.asp?st=44718

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

192

Cisco.com Products and Technology documentation


Cisco documentation
http://www.cisco.com/go/documentation
http://www.cisco.com/cisco/web/psa/default.html

IOS 15.3M&T Configuration Guides


http://www.cisco.com/en/US/products/ps12745/products_installation_and_configuration
_guides_list.html

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

193

Cisco.com Whitepapers, Design Zone,


White papers on (m)any technologies
http://tools.cisco.com/search/results/en/us/get#q=white+papers

Cisco Validated Design


http://www.cisco.com/go/cvd

Enterprise Design Zone


http://www.cisco.com/en/US/netsol/ns1063/networking_solutions_program_home.html

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

194

Cisco Forums and Wiki


Cisco Support Community
https://supportforums.cisco.com

CLN Study Group for CCIE RS


https://learningnetwork.cisco.com/groups/ccie-routing-and-switching-study-group

Doc Wiki
http://docwiki.cisco.com

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

195

Cisco Tools
Cisco Feature Navigator
www.cisco.com/go/fn

Command Lookup Tool


https://tools.cisco.com/Support/CLILookup/cltSearchAction.do

Error Message Decoder


https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

196

Cisco Tools
Output Interpreter
https://www.cisco.com/pcgi-bin/Support/OutputInterpreter/home.pl

Bug Search Tool


https://tools.cisco.com/bugsearch

Cisco Notification Service, Software Advisor


http://www.cisco.com/cisco/support/notifications.html
http://tools.cisco.com/Support/Fusion/FusionHome.do

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

197

External Resources
Standard documentation (IETFs RFC, ISO, )
WWW (Wikipedia, Blogs, )
Search engines (Google, Bing, )
Academic sources (Research papers, Thesis, )

Etc

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

198

Preparation Advises
Chose lovable project

Learn one topic at a time

Remove barriers to practice

Prepare Lab Equipment

Deconstruct the Topics

Practice, Practice & Practice!

Self Assessment

Practice for speed and


troubleshooting

Quality first, then Quantity


Become familiar with Cisco
documentation

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

199

Chose lovable project


Why do I want to become CCIE?
I want to become a CCIE because

the answer is what will keep you going in difficult times


personal reason

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

200

Remove Barriers in Learning


Do you have Internet access?
Do you have a login for Cisco Learning Network?
Do you have study materials?

Do you have access to practice lab?


Do you have place to study?
Did you allocate time in your schedule?

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

201

Deconstruct the Topics


Turn the blueprint into a checklist?

Layer 2 Technologies
LAN Switching
L2 Multicast

Layer 3 Technologies
Routing Protocols (IGP, EGP)
Common features

VPN Technologies
DMVPN, MPLS VPN
Encryption

Infrastructure Security

Infrastructure Services
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

202

Self Assessment
Assess and rate your current skills level in each topic

Ex.

Im a star
I'm very comfortable
I'm familiar but need more hands on
I'm less familiar but can find it in C-docs
I dont have any clue

Be honest!
Know what you don't know"
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

203

Quality first, then Quantity


Make time!
The first few hours are the most difficult
Study on daily basis

Be consistent and maintain the pace


Gradually add quantity and speed

And Remember Newtons First Law of motion

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

204

An object that is at rest will stay at rest unless an external


force acts upon it

I. Newton

205

Get Familiar with Cisco Documentation


Sort, don't search
Configuration guide and command reference
IOS release notes and new features

Technology QA, White-papers,

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

206

Learn one Topic at a time


Start with the core topics (switching, IGP, BGP, multicast, MPLS, DMVPN)
Start to study one hour a day, even with no lab yet
Slowly but surely

Try to set up the mood and to get into the "flow


Slowly increase pace

Focus on technology/topic labs before moving to full-lab scenario!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

207

Prepare Lab Equipment


Emulator vs. real lab
Home lab vs. rental lab

Combination between emulator vs. real lab

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

208

Practice, Practice & Practice!


Better to be stuck in one full lab scenario than looking at the answer
Try to find the answer on your own!
Further research on the topic
Use debug and show commands
Try and test possible config solutions

Focus on Quality vs Quantity!


Always ask What if?"
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

209

Practice for speed and Troubleshooting


Target max 5h to resolve a practice lab
Learn and use IOS shortcuts
Use Notepad to copy/paste identical
Establish your methodology and strategy with speed in mind

Ask someone to introduce problems to a known lab

Focus on the troubleshooting methodology and speed will come naturally


Isolate the issue in OSI layer, protocol/feature, device(s), interface(s),
Work from destination when applicable
Keep asking What IS and What IS NOT working? & What if?

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

210

Final Preparation
Anticipate the D-day!
Review the Tips & Tricks

Mentally picture yourself as a CCIE!


And Remember the Universal Law of Attraction

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

211

We attract whatever we choose to give our attention to


-- whether wanted or unwanted.

Whether you think you can, or you think you can't you're right.
Henry Ford

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

214

CCIE Lab exam Tips & Tricks


Before the exam
During the exam
After the exam

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

215

CCIE Lab exam Tips & Tricks


Prepare for the exam!

Before the exam

Build your own exam strategy!

Cherry pick per topic, per point value, both ?


Time management and per-item timer ?
Final validation method ?
Target total score ?

Familiarize yourself with the web delivery system and tools


WISP Labs
Free Screencasts (cf. CLN)
Cisco Learning Labs

Practice browsing Cisco Documentation and learn CLI shortcuts!


TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

216

CCIE Lab exam Tips & Tricks


Before the exam
Travel to the lab location if needed
Plan for the worst, hope for the best
Arrive on the day before your exam

Do a site-survey
Measure commute time from hotel
Identify entrance location

Have a good dinner & sleep enough!


Do whatever you need to have a fit body condition for the next day

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

217

CCIE Lab exam Tips & Tricks


During the exam
Reduce stress, arrive early and prepare IDs!
Listen to proctors guidelines (empty pockets, etc)!

If needed, use ear-plugs, medicine, food


Manage your time! Stick to your strategy!
Read the whole module (dont forget the guidelines!)
Cherry pick items!
Dont get stuck at the beginning!
Build your confidence!
Dont get intimated by big topologies!
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

218

CCIE Lab exam Tips & Tricks


During the exam
Triple read questions before asking help to the proctor!

Save configs often! Avoid last minute change!


Plan for regression tests and overall validations at the end of each module!
Use the scratch paper to track progress (item table) and notes
Draw topologies if really needed (be careful with time!)
Target 80 or 90%! Dont shoot for 100% unless you have time!!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

219

CCIE Lab exam Tips & Tricks


After the exam
If you pass, well you know what to do!
If you failed:

Release the anger! Do whatever you have to do!


Try to switch from Denial to Curious quickly
Start looking for your mistakes (especially typos!)
Repeat the scenarios in your home lab
Back to lab practice with focus on the failed topics and verification methods
Book for the next lab exam ASAP

Only ask for a re-read if you have done all the above, and 100% sure CCIE
Program team is wrong! Beware of very low turnover rate!!

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

220

You never fail until you stop trying.

Albert Einstein

Agenda
Overall CCIE Program
New CCIE R&Sv5 Curriculum
New CCIE R&Sv5 Exam Format

Written Exam Sample Questions


Lab Exam Case Studies
Preparation Materials
Exam Tips & Tricks
Questions & Answers

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

222

Got a question after the session?


Join the CCIE R&S Study Group on CLN
Ask technical questions
Find study partner(s)

Open a CertSupport case at http://www.cisco.com/go/certsupport

Contact us via email:


Kurt
Himawan
Bruno
TECCCIE-3000

kuclaes@cisco.com
hinugroh@cisco.com
brunov@cisco.com

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

223

CCIE RS Support engineer


Solution Architect
CCIE RS Exam PM

Cisco Certifications SME* Recruitment Program


Apply
Now!

http://www.cisco.com/go/certsme

Directly influence Cisco Career Certifications (Design, Author, Review)


Give back to community
Experience with assessment techniques

Join creativity with experience, knowledge and skills


Use and sharpen technical expertise
Collaborate and network with other engineers
SME= Subject Matter Expert
TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

224

Q&A
What questions do you have about the new CCIE R&S v5 exams?

Exam Curriculum ?
Exam Format ?
Exam Deliveries ?
Case Studies ?
Preparation Materials ?
Exam Strategy ?
Anything else ?

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

225

Complete Your Online Session Evaluation


Give us your feedback and you
could win fabulous prizes. Winners
announced daily.
Complete your session evaluation
through the Cisco Live mobile app
or visit one of the interactive kiosks
located throughout the convention
center.
Dont forget: Cisco Live sessions will be available
for viewing on-demand after the event at
CiscoLive.com/Online

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

226

Continue Your Education


Demos in the Cisco Campus
Walk-in Self-Paced Labs
Table Topics

Meet the Engineer 1:1 meetings

TECCCIE-3000

2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

227