Tecccie 3000 PDF

CCIE Routing and Switching Techtorial
Yusuf Bhaiji – Senior Manager, Expert Certifications #9305

Kurt Claes – CCIE R&S Exam Support Engineer #9483
Bruce Pinsky – Distinguished Engineer #1045
Bruno van de Werve – CCIE R&S Exam Program Manager #20066
TECCCIE-3000
TECCCIE-3000 Session Abstract
This session covers CCIE Routing & Switching Program updates, and provides
you an in-depth overview of what is covered in both the written and the lab exams.
This includes examples and lab exam case studies focusing on topics candidates
frequently miss out during their lab attempt.
The main objective of this session is to give you an overview of how the
exams are conducted and to provide you good guidance on what you need
to look at when preparing and taking the exams.
The session is mainly focusing on exam centric approaches and strategies and is
not aimed at covering all technical topics susceptible to appear in the exams.
Disclaimer
• Not all topics discussed today appear on every exam
• For time reasons, we’re unable to discuss every feature and topic possible on
the exam
Agenda
• Overall CCIE Program

• CCIE R&Sv5 Update
• Written Exam Sample Questions
• Lab Exam Case Studies
• Preparation Materials
• Exam Tips & Tricks
• Questions & Answers
6
Cisco Certifications
CCIEs Worldwide
• Most highly respected IT certification since 20+ years!
• Industry standard validating and endorsing expert-level skills and experience
• Demonstrate strong commitment and investment to networking career, life-long

learning, and dedication to remaining an active CCIE
8
CCIE and CCDE Tracks
Routing & Switching Security Collaboration Design
• Expert level knowledge of networking
across LAN and WAN interfaces and • Expert level knowledge of security •Expert level knowledge of Cisco •Expert level knowledge of
variety of routers and switches and VPN solutions Voice over IP (VoIP) products and network design principles for the
•Solve complex connectivity problems to
solutions Layer 2 and 3 network
increase bandwidth, improve response
times, maximize performance, and • Demonstrate in-depth infrastructure
support global operations understanding of Layer 2 and 3 •Capable of building and configuring
network infrastructure; Solid complex end-to-end telephony •Capable of assessing and
understanding of Windows, Unix, network, troubleshooting and translating network business
Linux and HTTP, SMTP, FTP and resolving VoIP-related problems requirements into technical
DNS designs
Data Center Service Provider SP Operations Wireless

•Expert level knowledge of Data •Expert level knowledge of IP
•Expert level knowledge of SP IP •Expert level knowledge of WLAN
Center Technologies, including DC fundamentals and technologies
NGN technologies technologies
infrastructure, storage, compute and Expertise in building an extensible
virtualization service provider network
•Capable of troubleshooting SP •Provides next step for individuals
networks, managing SP processes interested in a career in managing or
•Capable of building, configuring, •Expert level knowledge to
(incident, fault, change, working with Cisco wireless
and troubleshooting an end-to-end troubleshoot and maintain complex
configuration, and performance), technologies
virtualized Data Center using Cisco service provider networks
and knowledge of NMS technology
DC technologies
9
Certification Process
Written Exam pass Practical pass CCIE

400-YXZ Exam
• Pearson • Select Cisco locations

• 2 hours • 8 hours
• Multiple choices • Configurations
• Flash items • Troubleshooting
• No documentation • Cisco documentation
• Immediately scored • Scored within 48h
10
Proactive and Holistic Candidate Feedback
Input Feedback
 Candidate Exam and Item
 Cisco Business Units Comments
 Cisco Technology groups  Candidate Satisfaction Surveys
 Cisco Technical Support teams Create or  Customer Service Cases
(TAC, AS, ..)
 Cisco-Internal and Cisco-External
Refresh Exam  EAG (Exam Advisory Groups)
Subject Matter Experts Content  Cisco Learning Network
 Customer Advisory Boards  Blogs
 Customer Focus Groups
 Customer and Cisco field surveys
(Marketing) Launch
 Cisco Product Manager, Marketing Exam
Manager, Program Manager
Exams
Exam Live
11
Performance Assessment
VALIDITY
RELIABILITY
FAIRNESS
CONGRUENCY
RELEVANCY
Use of the test scores
Definition of MQC
12
Agenda

13
CCIE R&Sv5 Curriculum Overview
• Certification process unchanged
• Exam curriculum and format changed (June 4th 2014)
• Designed and validated with industry experts
(Cisco internals and externals)
• Aligned with evolution of job role and relevant technologies
Check the official information on CLN

https://learningnetwork.cisco.com/community/certifications/ccie_routing_switching
14
CCIE R&Sv5 Update
• New Curriculum
• New Exam Format
• Enhanced Certification’s validity, reliability, integrity and security
• Assessment of platform-independent concepts
• Cisco IOS Software Release 15
• 100% Virtual equipment
• More relevant network topologies
• Improved assessment of Troubleshooting skills (new Diagnostic)
• More variations of content combinations (three modules)
• 6 main domains in Written exam & 5 main domains in Lab exam
• New weighting factors
• 4 levels of details
• Two documents: Written exam Topics (blueprint) + Lab exam Topics
• https://learningnetwork.cisco.com/community/certifications/ccie_routing_switching
• https://learningnetwork.cisco.com/docs/DOC-22705
CCIE RSv4 CCIE RSv5 % WR % LAB
1.00 Implement Layer 2 Technologies 1.0.0 Network Principles 10 0
2.00 Implement IPv4 2.0.0 Layer 2 Technologies 15 20
3.00 Implement IPv6 3.0.0 Layer 3 Technologies 40 40
4.00 Implement MPLS Layer 3 VPNs 4.0.0 VPN Technologies 15 20
5.00 Implement IP Multicast 5.0.0 Infrastructure Security 5 5
6.00 Implement Network Security 6.0.0 Infrastructure Services 15 15
7.00 Implement Network Services 6
8.00 Implement Quality of Service 6
9.00 Troubleshoot a Network 6
10.00 Optimize the Network 6
Evaluate proposed changes to a Network
11.00 (Written only)
CCIE R&Sv5 Lab Curriculum Alignment
Blueprint sections = Exam sections = Score report sections
Candidate: John Smith

Exam date: 02/30/2015
CCIE RSv5 Lab Topics domains Weight CCIE RSv5 Lab Exam sections CCIE RSv5 Score report sections
1.0.0 Layer 2 Technologies 20 1.0.0 Layer 2 Technologies 1.0.0 Layer 2 Technologies 85%
2.0.0 Layer 3 Technologies 40 2.0.0 Layer 3 Technologies 2.0.0 Layer 3 Technologies 45%
3.0.0 VPN Technologies 20 3.0.0 VPN Technologies 3.0.0 VPN Technologies 15%
4.0.0 Infrastructure Security 5 4.0.0 Infrastructure Security 4.0.0 Infrastructure Security 0%
5.0.0 Infrastructure Services 15 5.0.0 Infrastructure Services 5.0.0 Infrastructure Services 20%
Failed 
Or…
Passed!  Your CCIE# is 1025
CCIE RSv5
CCIE R&Sv5 Curriculum’s Details 1.0.0 Network Principles (Written only)

2.0.0 Layer 2 Technologies
3.0.0 Layer 3 Technologies
4.0.0 VPN Technologies
5.0.0 Infrastructure Security
6.0.0 Infrastructure Services
CCIE R&Sv5 Key Topic Changes
Topics Written only Written & Lab
IOS-XE, VSS, ISIS, L2VPN, Packet capture analysis,

New
GETVPN DMVPN, IPsec, IPv6 FHS
Moved PfR, L2QoS, IPv6 Multicast,

from v4 Lab to v5 Written
802.1x
Frame-Relay, FRTS, LFI, WRR/SRR, ZBF, IPS, RSVP,

WCCP
CCIE R&Sv5 Changes
• Detailed document about the transition from RSv4 to RSv5:
http://www.cisco.com/web/learning/certifications/expert/ccie_rs/docs/ccieRS_examUpdates4-5.pdf
• Cf. Appendices for detailed information about the changes to the Topics.
CCIE R&Sv5 Update
• New Curriculum
• New Exam Format
CCIE R&Sv5 Written exam
• New Number: 400-101
• 120 minutes, 90 – 110 independent items
• MC-SA/MA; DnD; Point & Click
• English only
• Pearson VUE
• Closed-book
• Score directly available
24
CCIE R&Sv5 Lab exam
• 480 minutes, multiple exam modules
• Configure, Troubleshoot scenarios to given specifications
• English only
• Cisco Lab locations
• Open-book (Cisco Documentation)
• Score available within 48h
25
CCIE R&Sv5 Lab Exam Format
Web-based delivery
Optional Optional
Troubleshooting + 30min DIAG - 30min Configuration
(2h) (30min) (5h30)
Virtual devices No Device Virtual devices
minScore minScore minScore
Cut Score
CCIE R&Sv5 Delivery System
Web-based delivery
Troubleshooting Optional DIAG Optional Configuration

(2h) (30min) (5h30)
+ 30min - 30min
Cut Score
• Identical to CCIE RSv4’s

• Separate TS and CFG topologies
• Check the WISP labs in the WoS!
• Try CLL online via CLN’ Store
• Stay tuned for the additional demo content
27
CCIE R&Sv5 Virtual Lab
Web-based delivery

(2h) (30min) (5h30)
+ 30min - 30min
Cut Score
• CFG is now virtual, like TS

• DIAG do not use any device
• Virtual router: IOL (IOS on Linux) & virtual switch: L2IOL (Layer 2 IOL)
• Option to reload initial configuration if needed, very fast reload
• Ethernet and Serial interfaces only, Layer 1 simulation available
28
CCIE R&Sv5 New Diagnostic module
Web-based delivery

(2h) (30min) (5h30)
+ 30min - 30min
Cut Score
• Assessing new skills

• Analyzing, correlating and discerning multiple sources of documentation
• Support ticket scenario
• Fixed 30 minutes, 100% Web-based, no device needed
• Deterministic grading, no partial grading.
• Item format similar to multiple choices item
29
CCIE R&Sv5 Flexible TS time
Web-based delivery

(2h) (30min) (5h30)
+ 30min - 30min
Cut Score
• Optional time extension of 30 min in TS

• TS designed for 2h
• Any extra time used, up to 30 min is reduced from CFG time credit
30
CCIE R&Sv5 Scoring Logic
Web-based delivery

(2h) (30min) (5h30)
+ 30min - 30min
Cut Score
• Module-level minimum score

• Lab-level cut-score
if {[∀mod: (mod_Score ≥ mod_minScore)] && ∑(mod_Score) ≥ Lab_CutScore};
then PASS
31
CCIE R&Sv5 Lab Skills Assessment
TS DIAG CFG
Skills tested: Skills tested: Skills tested:
• Resolve networking problems • Perceive problem areas • Abstract functional element of
• Use IOS Troubleshooting • Analyze symptoms of networking complex network environment
tools issues, identify and describe root • Understand how infrastructure
• Apply Troubleshooting cause components interoperate
methodologies • Correlate information from • Implement Network
• Troubleshoot Network multiple sources technologies (any topic on the
technologies (any topic on the • Discern appropriate solution blueprint)
blueprint) • Apply Troubleshooting • Design appropriate solutions to
• Implement and verify working Methodologies network infrastructure’s
solution of networking issues • Troubleshoot Network challenges within constraints
technologies (any topic on the and verify functionality
blueprint)
32
CCIE R&Sv5 Lab exam format
Cf. Case Studies for illustrations and Live demo!

Agenda

35
CCIE R&Sv5 Written Exam Guidelines
• If MC-SA: select only one option.
• If MC-MA: select as many options as directed in the stem, ex. “Choose two.”
• If DnD: select as many options as there are targets.
• If there is an exhibit, use the information provided by the exhibit.
36
CCIE R&Sv5 Written Exam Sample MC-SA Item
Multiple-choice Single-Answer
Which statement is true about IS-IS?

a) IS-IS provides direct support for NBMA networks.
b) IS-IS has a “virtual-link” concept similar to OSPF.
c) IS-IS packets are directly encapsulated in the data-link layer.
d) IS-IS is a hybrid between distance-vector protocol and link-state protocol.
37
CCIE R&Sv5 Written Exam Sample MC-MA Item
Multiple-choice Multiple-Answer
Which two of these statements about CBWFQ are correct? (Choose two)
a) The CBWFQ scheduler provides a guaranteed minimum amount of bandwidth to each
class.
b) CBWFQ services each class queue using a strict priority scheduler.
c) The class-default queue only supports WFQ.
d) Inside a class queue, processing is always FIFO, except for the class-default queue.
e) Each CBWFQ traffic class is policed using a congestion-aware policer.
38
CCIE R&Sv5 Written Exam Sample Item exhibit
MC-SA/MA with Exhibit
BGP routes
R1 R4
R3 R6 R7
R2 R5
OSPF Area 0 OSPF Area 1
Refer to the exhibit. R6 (in standard Area 1) is redistributing routes learned from
BGP into the OSPF process. Which three OSPF LSA types will R3 advertise into
the Area 0? (Choose three)
39
CCIE R&Sv5 Written Exam Sample Item
Refer to the exhibit. R6 (in standard Area 1) is redistributing routes learned from
BGP into the OSPF process. Which three OSPF LSA types will R3 advertise into
Area 0? (Choose three)
a) Type 1 - Router LSAs
b) Type 2 - Network LSAs
c) Type 3 - Network summary LSAs
d) Type 4 - ASBR Summary LSAs
e) Type 5 - AS external LSAs
f) Type 7 - NSSA external LSAs
40
CCIE R&Sv5 Written Exam Sample DnD Item
Drag and Drop
41
Agenda

42
Agenda

• Guidelines
• TS
• DIAG
• CFG
43
CCIE R&Sv5 Lab Exam Guidelines
Applicable to all three modules
• Manage your own time!
• Pay attention to details!
• Read all questions and cherry pick!
• Confirm equipment & interface are in working order
• Locate all resources (questions, diagrams, calculator, etc)
• Do not change device’s:
• hostname
• password
• console configuration
• pre-configured IP addressing scheme
44
Agenda: Lab Exam Case Studies
1. TS 2. DIAG 3. CFG
• Guidelines • Guidelines • Guidelines
• Strategy • Strategy • Strategy
• Incident#1 • Ticket#1
• LAN Switching
• IGP Routing
• Incident#4 • BGP Routing
• Incident#5 • VPN Technologies
• Infrastructure Security
• Infrastructure Services
45
Agenda: Lab Exam TS Case Studies
Incident format:
• All incidents visible at start
TS
• Module format • Score visible, no partial grading
• Guidelines • Virtual devices
• Strategy • Single topology/scenario

• Incident#1 • Independent incidents
• Incident#2 • Troubleshoot, configure and verify
• Incident#3 solution
• Incident#4 • Per-incident constraints
• Incident#5
DIAG & CFG
46
CCIE R&Sv5 Troubleshooting module
• Network topology of ~30 virtual routers and switches
• Scenario is fully preconfigured but contains faults
• 2h30 maximum (visible countdown timer + 30 min warning after 2h)
• Content designed to be doable within 2h
• Incidents’ stem are “symptom-based”
• Verifications are “result-based” + constraints
• No partial scoring
47
TS module’s Format
• Main IGP topology diagram (high res)
• Two+ enterprises with remote sites
• Three+ Service Providers
• Host/Server simulated by IOS
• Preconfigured scenario
• Multiple faults injected
• Console access via

• Main diagram
• Device manager (menu)
48
• Layer 2 diagrams
• Any region/AS with switches
• Mixing L2 and L3 links
49
• BGP diagram
• Only the BGP speakers
• iBGP, eBGP, MP-BGP
• Default originate
50
• MPLS VPN diagram
• Only the VPN sites and backbone
• VRF RD, RT, Interfaces
• PE-CE RP
51
• Mostly independent incidents
• Mini-Diagram
Incident#1 Incident#2
52
TS Exam Guidelines
Specific to Troubleshooting module
• Read the whole question stem before starting to troubleshoot!
(symptoms, validation test, constraints)
• Do a Root Cause Analysis before doing any configuration change
• Revert to initial configuration if in doubt (“manage devices” menu)
• Do not remove any feature preconfigured!
ACL, PBR, NAT, CoPP, MQC, …
• Do not change routing protocol(s) boundaries, unless it is the issue!
• Do not use static routes to resolve an issue, unless it is the issue!
• Use the validation test to confirm resolution (necessary but not sufficient!)
• Do backward verifications using the validation test of each incident
53
Troubleshooting Approach/Strategy
• “Questioning to the void” ( “5x Why’s”)
• Ask “Why is that…” until “I don’t know” or “I don’t care” 
• Confirm validity of each answer and if it provides relevant additional info
• Isolate the problem description to as few devices, interfaces, features as possible!
• Focus on the highlighted region of the main topology

• Don’t expect best practices configs/scenario!
• Go for the simplest solution!
• Verify resolution vs constraints!
• Manage your time! Don’t get stuck!
54
• Understand the symptoms and their scope
• Analyze the scenario without doing any changes yet
• Mentally define the problem with specific and precise networking terms
• Isolate the issue to a minimum number of devices that may be implicated
• Mentally formulate possible causes and assign likelihood
• Test each hypothesis methodically
• Keep track of all config changes and revert to initial configs if needed
55
Define the
problem
Verify resolution
Identify symptoms
within guidelines
Design and Form hypothesis

Implement final about possible
solution causes
Proof-test and
analyze
hypothesis
56
TS Case Studies: Diagrams
• The main diagram has a clickable map on most device icons

57
TS Case Studies: Diagrams
• Additional Diagrams are available under the main menu

• Layer 2 Connections
• IGP Topology
• BGP Topology
• VPN Topology
• …
58
TS Case Studies: Layer 2 Connections
59
TS Case Studies: IGP Topology
60
TS Case Studies: BGP Topology
61
TS Case Studies: MPLS VPN Topology
62
TS Case Studies: DMVPN Topology
63
TS Case Studies: Questions (“Incidents”)
• Incidents are available under the main menu

• One incident at a time
• All incidents sequentially in one popup
• Incident’s stem are opened in a separate popup window
64
TS Case Study: Incident#1
Hosts that are connected to the interface E1/0 of R19
are not able to use Telnet to connect to the server R50,
which is located in VLAN_100.
Fix the problem so that the following Telnet session establishes:
R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
User Access Verification
Password:
R50>
While resolving this issue, you are not allowed to create any new interface.
Refer to the Troubleshooting guidelines to determine if your solution is appropriate.
Make sure that you disconnect the telnet session after verification.
65
Hosts that are connected to the interface E1/0 of R19 Mini Diagram
R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
Password:
R50>
66
Symptoms
R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
Password:
R50>
67
Validation test
R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
Password:
R50>
68
R19#telnet 200.100.200.200 /so e1/0
Trying 200.100.200.200 ... Open
Password:
R50>
Additional guidelines and constraints
69
Zoom on Logical Diagram
70
Layer 2 Diagram
71
START TS#1
72
TS Case Study: Incident#1 Debriefing
Define the
• Symptoms problem
• Scenario
• Possible cause(s) Verify resolution Identify
within guidelines symptoms
• Hypothesis
• Constraints
• Possible solution(s)
• Verifications solution causes
Proof-test and
analyze
hypothesis
73
The BigIndustry headquarters have lost connectivity to servers that are located in their warehouse and
that are connected to the interface E2/0 of R28.
Fix the problem so that the connectivity is restored, as follows:
R25#telnet 172.16.28.1
Trying 172.16.28.1 ... Open
Password:
R28>
74
75
Layer 2 Diagram
76
MPLS VPN Diagram
77
START TS#2
78
Define the
• Scenario
• Hypothesis
• Constraints
Proof-test and
analyze
hypothesis
79
R19 has lost access to a server that is located on the Internet and that is reachable at the IP address
4.2.2.2.
Fix the problem so that the connectivity is restored, as follows:
R19#ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/152/280 ms
R19#
80
81
Layer 2 Diagram
82
START TS#3
83
Define the
• Scenario
• Hypothesis
• Constraints
Proof-test and
analyze
hypothesis
84
The network administrator of the Call Center company is having difficulty establishing the BGP peering
between R20 and R2.
Fix the problem so that the BGP peering is established, as follows:
R20#sh ip bgp sum
BGP router identifier 200.20.20.20, local AS number 65200
BGP table version is 59, main routing table version 59
58 network entries using 8584 bytes of memory
58 path entries using 3712 bytes of memory
2/2 BGP path/bestpath attribute entries using 272 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 12616 total bytes of memory
BGP activity 58/0 prefixes, 58/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.45.67.17 4 12345 714 703 59 0 0 10:39:05 58
R20#
85
86
BGP Diagram
87
START TS#4
88
• Symptoms Define the
problem
• Scenario
• Hypothesis
• Constraints
Proof-test and
analyze
hypothesis
89
Users who are connected to R23 on the Call Center Site#3 are not able to use the services provided by
the server R52, which is located in the Call Center Site#2 on VLAN 21.
Fix the problem or problems, so that the following sequence of commands
produces the same relevant output:
R53#ping 200.100.21.100
Sending 5, 100-byte ICMP Echos to 200.100.21.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 176/196/240 ms
R53#trace 200.100.21.100
Tracing the route to 200.100.21.100
VRF info: (vrf in name/id, vrf out name/id)
1 200.100.0.25 896 msec 20 msec 28 msec
2 200.100.0.5 20 msec 24 msec 16 msec
3 200.100.17.21 440 msec 164 msec 288 msec
4 200.100.20.254 208 msec 152 msec 120 msec
5 200.100.21.100 544 msec 288 msec *
R53# 90
91
VPN Diagram
92
START TS#5
93
• Symptoms Define the
problem
• Scenario
• Hypothesis
• Constraints
Proof-test and
analyze
hypothesis
94
Agenda: Lab Exam DIAG Case Studies
Ticket format:
• All tickets visible at start
• TS
• Score visible, no partial grading
• DIAG
• Format • No devices
• Guidelines • Multiple scenarios

• Strategy
• Independent tickets
• Ticket#1
• Ticket#2 • Analyze & correlate info and
make a choice between options
• Ticket#3
• CFG
95
• Independent scenarios putting candidate into the role of a Network Support
engineer who diagnoses networking issues
• Analyze, identify, locate and explain the root cause
• Recommend optimal troubleshooting procedures leading to the root cause
• Recommend network changes isolating the issue without causing more harm
• Etc…
• Analyzing, correlating and discerning multiple sources of documentation

• Email threads
• Network topology diagrams
• Console sessions log
• Syslogs, Monitoring charts, …
• Network traffic captures
96
• Format similar to written exam items (MC-MA) with huge exhibits 
• Deterministic grading
• No living devices
• MC-SA (Radio buttons) and MC-MA (Checkboxes)
• Drop-down(s)
• Drag and Drop
• Point and Click / Hotspot
97
• Designed to be doable within 30 minutes
• Tickets stem are very generic
• Scenarios provided by additional documentation
• Verifications are “deterministic”
• Partial scoring possible per ticket
98
CCIE R&Sv5 Format of New Diagnostic module
• Enables candidate to focus on content
(not on navigation!)
• Left menu always visible

• Easy back’n forth between multiple doc sources
• Updating dynamically
(depending on cursor location)
• Development still ongoing

• More features coming in soon!
99
• Input validation
100
CCIE R&Sv5 Lab DIAG Exam Guidelines
Specific to Diagnostic module
• Read the whole ticket stem and options before diving into the additional
resources (email thread, console session, topology diagram, syslogs, …)
• Play the role of a network support engineer and understand the situation,
analyze the documentation, correlate information and discern between relevant
vs non-relevant data point, make a choice between the options.
• Select as many options as requested.
• No partial scoring on ticket level.
• Submit your answers! (Click the submit button!)
101
Diagnostic Approach/Strategy
• Carefully read the stem and all options then go through all resources provided.
• Mentally picture the situation and understand the problem asked.
• Identify any absurd option(s) and options’ pair(s)!
• Test each plausible option(s) using the documentations!
• Use your knowledge and experience but go for the simplest option(s) that is
confirmed by the documentation!
• Take your time but watch the clock! (NB: Time is fixed to 30 minutes).
• NB: There is only one possible solution, considering all resources provided!
102
DIAG Case Study: Ticket#1
MC-MA Dropdowns
• A new service request was escalated to you and the following information was
provided to help you understand, diagnose and help resolve the issue:
• Email thread between the first-line support and the customer
• Network topology
• Router configurations
1. Identify which command on which device provides the most important information
about the root cause of this issue:
2. Considering all information provided, identify which solution option configured on

which device is the solution to this issue?
103
MC-MA Dropdowns
1. Identify which command on which device provides the most important information
about the root cause of this issue:
Two drop-downs
104
MC-MA Dropdowns
2. Considering all information provided, identify which solution option configured on which
device is the solution to this issue?
Two drop-downs
105
MC-MA Dropdowns
Start DIAG#1
106
DIAG Case Study: Ticket#1 Debrief
• Problem description
• Root cause analysis
• Solution
107
Point & Click (Hotspot)
• Syslogs
• Debugs
• Considering all information provided, point and click on the location in the
topology that is causing the reported symptoms.
108
• Considering all information provided, point and click on the location in the
topology that is causing the reported symptoms.
109
• Syslogs
• Debugs
Start DIAG#2
110
• Solution
111
Drag and Drop
• One of your colleagues is working on a service request where the customer
complaints about traffic not being load-balanced and he needs some help to
figure out what is happening.
• He provides you with the following information:
• Network topology diagram
• Summary of investigations
• Console output
• Explain to your colleague what is happening.

Drag and drop three options on the left in an ordered sequence on the right that
explains what is happening.
112
Drag and drop three options on the left in an ordered sequence on the right that
explains what is happening:
113
(…)
• He provides you with the following information:
• Network topology diagram
• Summary of investigations
• Console output
Start DIAG#3
114
• Solution
115
Agenda: Lab Exam CFG Case Studies
Item format:
• TS & DIAG • All tickets visible at start
• CFG • Score visible, no partial grading

• Format • Virtual devices
• Guidelines
• Single topology/scenario
• Strategy
• Layer 2 Switching • Inter-dependent items
• IGP Routing • Implement, configure and verify

• BGP Routing working scenario
• VPN Technologies
• Infrastructure Security and Services
116
CFG module’s Format
• Network topology with virtual routers and switches
• Scenario is partly preconfigured and items are inter-dependent!
• Item#10 may require Item#1 to be completed! And Vice versa!!
• Sequence of items is not aligned to the implementation sequence!!
• May include implicit troubleshooting
• 5h30 maximum (no visible countdown timer, refer to proctor’s clock)

• Items’ stem are based on requirements and constraints
• Verification rules check for functionalities, not specific configurations
• Validate alternate solution configurations
• No partial scoring
117
CFG Exam Guidelines
Specific to Configuration module
• Read all items and understand the overall scenario.
• The overall scenario targets full reachability between all sites, unless specified.
• Points are awarded per item if the solution meets all requirements.
• There are many valid solutions, grading is based on outcome.
• Do not use static route and redistributions unless explicitly requested to.
• Do not change IP addressing or routing protocols boundaries.
• Do not add interfaces unless specified.
• Plan for regression tests after completed substantial changes.
118
CFG Case Study: Overall Strategy
1. Read the whole scenario
2. Determine the item sequence for efficient configuration
3. Implement and configure all requirements
4. Test solutions and revert to default state
5. Verify all requirements
119
CFG Case Study: Strategy
1. Read the whole scenario
1. Layer 2 section
2. Layer 3 section
3. VPN section  Gauge item difficulty
4. Security section  Identify inter-dependency of items…
 Identify ‘stub’ items
5. Services section
6. All Diagrams!
120
2. Determine the item sequence for efficient configuration
1. Configure LAN switching
2. Configure WAN switching
3. Configure IGP then BGP then VPN
This is just an example 
4. Configure routing policies Do whatever works for you!
5. Test routing policies and revert to default state
6. Configure Security
7. Configure Services
8. Test overall solution
9. Revert to default state
121
3. Implement and configure all requirements
1. Work items as a unit!
2. Read the whole stem before jumping to configuration!
3. Figure out the stake of the item!
4. Understand all requirements… Ask help to proctor as last resort…
5. Design your solution “on paper”…
6. Anticipate the expected effect of your solution…
7. Evaluate inter-dependency with previous and next items…
8. Apply the configuration and monitor the expected effect!
9. Move on if you are happy. 
122
4. Test solutions and revert to default state
• Test solutions when completed a “functional” block. (Ex. IGP, BGP, VPN, …)
• Design test cases (which interface(s) to shut, show commands, etc)
• Anticipate the expected effect…
• Run the test…
• Enable debugs…
• Validate the resulting effect…
• Revert to initial state!
123
5. Verify all requirements
• Go back to each items, re-read the whole stem (again )
• Verify if all requirements and constraints are full-filled.
• Figure out the stake of each requirement, with all details of the scenario in mind
• Most requirements are explicit!
• Some requirements might be implicit, using functional outcome-based description!
• Other requirements might be just distractors
• Save all configurations
124
CFG Case Study: Layer 2 Connections
125
CFG Case Study: IGP Topology
126
CFG Case Study: BGP Topology
127
CFG Case Study: VPN Topology
128
CCIE R&Sv5 CFG Exam Sections
1. Layer 2 Technologies
2. Layer 3 Technologies
3. VPN Technologies
4. Infrastructure Security
5. Infrastructure Services
129
CFG Case Study: Layer 2 Technologies
1.1 Trunk ports (Part 1)
• Refer to “Diagram 1: Layer 2 Connections”.

• Configure VLAN Trunking Protocol (VTP) in ACME Headquarters network as
per the following requirements:
• Use VTP version 2.
• The VTP domain name is ”CCIE” (without quotes).
• Secure the VTP advertisements with an MD5 hash of the string ”CCIE" (without
quotes).
• SW1 must propagate all VLAN configuration changes to SW2, SW3, and SW4.
• Verify that SW2, SW3 and SW4 accept all VLAN configuration changes done on SW1.
(…)
130
1.1 Trunk ports (Part 2)
(…)
• Configure the trunk ports in ACME Headquarters network as per the following
requirements:
• Configure interfaces E2/0 to E2/3 of SW1 and SW2 as dot1Q trunks.
• Configure interfaces E2/2 and E2/3 of SW3 and SW4 as dot1Q trunks.
• All trunks must set the native VLAN to VLAN 999.
• All VLANs must be allowed on all trunks.
4 points
131
1.2 Spanning-Tree (Part 1)
• Configure the ACME Headquarters network as per the following requirements:
• Configure SW1 as the root switch for VLANs 501 and 502 and as the backup switch for
VLANs 503 and 504.
• Configure SW2 as the root switch for VLANs 503 and 504 and as the backup switch for
VLANs 501 and 502.
• Ensure that all four switches are running the IEEE 802.1w Spanning Tree.
• Configure SW1 so that the port E2/1 is forwarding for VLAN 504 but blocking for VLAN
503.
(…)
132
1.2 Spanning-Tree (Part 2)
(…)
• Configure the ACME Main Regional Office network as per the following
requirements:
• SW5 must be the root switch for the whole range of possible VLANs.
• SW5 must have the best chance of being elected the root switch in case a new switch
was added to the network in the future.
• SW5 must run the IEEE 802.1w Spanning Tree.
4 points
133
1.3 Layer 2 Access Ports
• ACME’s network administrator wants to enhance the switch network reliability,
manageability and security.
• Configure the ACME network as per the following requirements:
• Complete the configuration of the access ports as per the mapping table documented
below the “Diagram 1: Layer 2 Connections”.
• All access ports must immediately transition to the STP forwarding state upon link up.
Use a single command per switch to enable this feature on all access ports.
• All access ports must not be able to influence the STP topology. Use a single command
per switch to enable this feature on all access ports.
• If a switch is connected to any access port, the port must be disabled and a message
must appear on the console.
• If a port was disabled, it must reenable itself automatically after 15 minutes.
4 points
134
1.4 WAN Switching
• Configure the ACME Remote Office network as per the following requirements:
• The Internet Service Provider enforces unidirectional PPP CHAP authentication on the
serial link with R6.
• The CHAP credentials expected by the provider are as follows:
• Username: ACME_RemoteOffice
• Password: CCIE
• The provider will assign an IP address to the interface S2/0 of R6 when the link is
authenticated. Configure R6 to expect an IP address from the provider.
• Configure a static default route on R6 pointing to 123.99.6.1 .
2 points
135
Layer 2 Debrief
1.1 Trunk Ports
• Explicit config of VTPv2 with server/client, domain and password.
• Dot1Q trunks with native VLAN and no pruning
1.2 Spanning-tree
• Rapid STP with priority settings for load-balancing and backup root
• Per-VLAN STP port-cost tuning
1.3 Layer 2 Access Ports

• Access port config with portfast default and BPDUguard default
• Errdisable recovery and interval
1.4 WAN Switching

• PPP CHAP and IPCP negotiation
136
Layer 2 Verifications
Review Verifications for Layer 2
137
CFG Case Study: IGP Topology
138
2.1 EIGRP
• Refer to “Diagram 2: IGP Routing”.
• All four sites must run EIGRP for IPv4.
• The autonomous system number is 11111.
• EIGRP must be enabled on all interfaces of all six routers (R1 to R6), except on the
Serial interfaces that connect to the Internet Service Provider.
• EIGRP must be enabled on all interfaces of all five Layer 3 switches (SW1, SW2, SW5,
SW6 and SW7).
• All six routers must use the “passive-interface default” command.
• R1 must not query R6 in case any prefix becomes active.
2 points
139
Part 1
2.2 EIGRP
• Refer to “Diagram 2: IGP Routing”.
• Configure a static default route on R1 pointing to 123.99.1.1.
• SW5 must install two equal-cost external default routes into its routing table.
• SW6 must receive a default route from R5, no other EIGRP prefix must be propagated
to SW6.
• SW7 must receive only an internal default route from R6, no other EIGRP prefix must be
propagated to SW7.
140
Part 2
2.2 EIGRP
• (…)
• R1 and R2 must propagate a default route into the EIGRP domain as an external route.
• R3 and R4 must receive the external default route from R1 and R2.
• The headquarters must have reachability to all access VLANs of all remote sites (VLAN
601, 602, 701 and 801) via either the DMVPN cloud or via the MPLS VPN.
4 points
141
Part 1
2.3 EIGRP
• Refer to “Diagram 2: IGP Routing” and to the following subnet allocation table:

• In order to minimize routing updates across the WAN, each site must advertise
summary routes as per the table above.
• Summary routes must be propagated via both the MPLS VPN and the DMVPN.
(…)
4 points
142
Part 2
2.3 EIGRP
(…)
• R1 must not propagate the Global SP#1 prefixes (12.0.0.0/8) via the Tunnel interface.
• Ensure that ACME’s remote sites are never used as transit sites.
• R6 must have the following routes when the DMVPN is operational:
4 points
143
2.4 OSPF
• Configure the Global Service Provider network as per the following
requirements:
• Enable OSPFv2 on all five routers.
• The OSPF router-id must be set to the interface Loopback0 on all routers.
• All routers must advertise their interface Loopback0 into OSPF as a host route.
• No interface that faces an external routing domain may be advertised into OSPF.
1 points
144
IGP Debrief
2.1 EIGRP (2pt)
• Basic EIGRP config with passive default and stub routing
2.2 EIGRP (4pt)
• Redistribute static default route
• Default summary route on R5
• Reachability to R6’s access VLAN while R6 is EIGRP Stub!?
• Default-originate on PE to propagate R1’s default route to R3 and R4!
2.3 EIGRP (4pt)

• Explicit summarization
• Implicit filtering out of all dual-connected spokes!
2.4 OSPF (2pt)

• Basic OSPF config
145
IGP Verifications
146
CFG Case Study: BGP Topology
147
2.5 BGP
• Refer to “Diagram 3: BGP Routing”.
• Establish an iBGP session between R1 and R2 using their respective interface Lo0.
• Establish an iBGP session between R3 and R4 using their respective interface Lo0.
• Establish four eBGP sessions between R1, R2, R3 & R4 and R99 as per the “Diagram
3: BGP Routing” using the IP address of their respective Serial link.
• All four routers must receive multiple BGP prefixes from the Internet Service Provider.
• Do not redistribute BGP into EIGRP (or vice versa) in any ACME router.
• Do not alter the AS path in any router.
2 points
148
2.6 BGP
• Refer to “Diagram 3: BGP Routing”.
• Configure the Global Service Provider network as per the following
requirements:
• All four PE routers must run one IPv4 and one VPNv4 BGP peering with R51 only.
• All BGP sessions in AS 10001 must be established using interface Loopback0 of the
BGP peers.
• Ensure that IPv4 address family routing information is not advertised by default for each
BGP routing session configured with the neighbor remote-as command.
• R51 must maintain exactly two separate BGP update-groups.
3 points
149
2.7 Routing Policies (Part 1)
4 points
• Ensure that traffic originated in ACME Headquarters and destined to the Internet is
routed preferably via R1 and via R2 only in case R1 is down.
• Ensure that traffic originated in ACME Regional Main Office and destined to the Internet
is routed preferably via R4 and via R3 only in case R4’s S2/0 is down.
• Ensure that R3 and R4 receive R2’s default route via EIGRP only in case R1 is down.
• (…)
150
2.7 Routing Policies (Part 2)
4 points
• (…)
• R3, R4 and R5 must primarily use the Global SP to route any corporate or Internet
traffic. The DMVPN must only be used in case links to the Global SP are down.
• Ensure that both the MPLS VPN and DMVPN clouds are up and running when leaving
the lab.
• Do not modify the BGP weight in any device in order to achieve any of these
requirements.
• Do not configure any IP SLA in order to achieve any of these requirements.
151
BGP Debrief
2.5 BGP
• Simple iBGP and eBGP, no redistribution
2.6 BGP
• IPv4 & VPNv4 Route-reflector
2.7 Routing Policies
• BGP local-pref
• AD tuning on static default
• Metric tuning
152
BGP Verifications
153
CFG Case Study: VPN Technologies
3.1 Tunneling
• Deploy DMVPN phase 3 in the ACME network as per the following
requirements:
• R1 must be the hub. R3, R4, R5 and R6 must be the spokes.
• Configure the following parameters for the interface Tunnel0 of all five routers:
• IP MTU is 1400, TCP adjust-MSS is 1360.
• Authenticate NHRP using the key 11111.
• Set the NHRP holdtime to 5 minutes.
• Ensure that spoke-to-spoke tunnels are dynamically established when needed.
• All three spokes must establish an EIGRP peering with the hub and via the interface
Tunnel0.
4 points
154
3.2 Tunneling
• Refer to “Diagram 4: VPN”.
• Complete the configuration of MPLS VPN in the Global SP’s network as per the
following requirements:
• R52, R53, R54 and R55 are the PE routers. R51 is a P router.
• Enable LDP on all relevant interfaces in order to assign and distribute labels between P
and PE routers.
• Use EIGRP as the PE-CE protocol between the ACME network and the Global SP.
• Configure the VRF named “ACME” using the parameters listed in the legend of
“Diagram 3: VPN”.
• Ensure that the customer prefixes are propagated from PE to PE.
4 points
155
3.3 Encryption (Part 1)
• Secure the DMVPN tunnel with IPsec according to the following requirements:
• Configure IKE phase-I according to the following requirements:
• Use AES encryption with the pre-shared key “CCIE” (without quotes).
• The key must appear in plain text in the configuration.
• All IPsec tunnels must be authenticated using the same IKE Phase I pre-shared key.
• Use 1024 bits for the key exchange using Diffie-Hellman algorithm.
• Configure a single policy with priority 10.
• (…)
3 points
156
3.3 Encryption (Part 2)
• Secure the DMVPN tunnel with IPsec according to the following requirements:
• (…)
• Configure IKE phase-II according to the following requirements:
• Use CCIEXFORM as the transform-set name.
• Use DMVPNPROFILE as the IPsec profile name.
• Use IPsec in transport mode.
• Use the IPsec security protocol ESP and the algorithm AES with 128-bit.
• Ensure that the DMVPN cloud is secured using the above parameters.
• Use tunnel protection in your configuration.
3 points
157
Tunneling Debrief
3.1 DMVPN
• Phase 3 with single-cloud/single-hub but with dynamic spoke-to-spoke
3.2 MPLS VPN
• Single VRF with multiple sites, shared RD/RT
3.3 Encryption
• Simple IPsec with very explicit requirements
158
VPN Verifications
Review Verifications for VPN
159
CFG Case Study: Infrastructure Security
4.1 Device Security
• Ensure that only the management station located at 192.168.111.100 is able to login
into R1 and R2 using SSH with the username “NOC” and password “NOC”.
• Use “acme.org” as domain-name.
• Ensure that no authentication is enabled on the console port.
1 points
160
4.2 Network Security
• Ensure that both SW3 and SW4 forward traffic that was sent from expected and
legitimate hosts and servers.
• SW3 must learn only one MAC address per port and must save it in its startup
configuration.
• Ensure that access-ports are shutdown in case an illegitimate device is plugged in the
network.
2 points
161
Security Debrief
4.1 Device Security
• Simple and explicit SSH config
4.2 Network Security
• Basic but implicit port-security feature
162
Security Verifications
Review Verifications for Security
163
CFG Case Study: Infrastructure Services
5.1 System Management
• R1 must examine all traffic sent and received via both interfaces Ethernet0/0 and
Tunnel0.
• R1 must collect a fingerprint of each packet and determine if it is unique or similar to
other packets.
• The attributes that R1 must examine are:
• IP source address
• IP destination address
• Source port
• Destination port
• Layer 3 protocol type
• Class of Service
• Router interface
2 points
164
5.2 Network Services
3 points
165
• Configure ACME’s Regional office network as per the following requirements:
• R1 must assign IP addresses via DHCP to hosts in VLAN 501, 502, 503 and 504
according to the table below.
• R1 must provide the default gateway according to the table above.
• The host-1 (R61) must always receive the IP address 192.168.111.100/24 from R1.
• The server-1 (R62) must always receive the IP address 192.168.113.200/24 from R1.
• Make sure that the MAC address of host-1 and server-1’s Eth0/0 is part of the DHCP
client-identifier.
• Both SW1 and SW2 must forward the BOOTREQUEST to 10.1.1.1.
3 points
166
• R1 and R2 must enable all private corporate traffic to connect to the Internet via their
respective interface S2/0.
• Both R1 and R2 must maintain a table of the active connections routed to the Internet.
• Use a single standard Access-list per device to accomplish these requirements.
• Ensure that the following traceroute from R5 reveals the same path:
2 points
167
Services Debrief
5.1 Netflow
• Basic but implicit FNF configuration on Tunnel interface
5.2 DHCP
• Explicit DHCP client, relay and server config with reservation based on MAC
5.3 NAT
• Basic but implicit source NAT
168
Services Verifications
Review Verifications for Services
169
Agenda

170
CCIE Exam Preparation, General
• Expert-level knowledge requires ACTIVE LEARNING
Researching, Reading, Analyzing, Correlating, Practicing, Repeating
LEARN PRACTICE PRACTICE TROUBLESHOOT

•READ •BASIC •EXPLORE •VERIFY
•UNDERSTAND SCENARIO •OBSERVE •ANTICIPATE
•REMEMBER •INCREASE •INVENT •VALIDATE
DIFFICULTY
171
Preparation Materials
• Resources
• Advises
CCIE R&Sv5 Preparation Materials
• Cisco Learning Network (CLN)
• Cisco Expert-level Training Program for CCIE RS
• New Ciscopress titles
• CCIE Lab builder
173
Cisco Learning Network – Official Resources
• https://learningnetwork.cisco.com
• Community forums
• Topics (Blueprints)
• Written exam
• Lab exam
• Equipment List
• Study Group
Cisco Expert-level Training Program for CCIE RS
• Revised “Cisco 360 Learning Program for CCIE RS”
• The only Cisco-authorized learning program
• Features Cisco IOS on Linux (IOL) and offers virtual rack rental
• Support Cisco IOS Software Release 15 M and T
• Updated content for v5.0 exam topics
• Workbook with 10 full-scale (TS & CFG) labs
• 11 performance assessment labs (full-scale CCIE labs)
• Offers grading report, detailed answer key, interactive mentor
175
New Ciscopress titles for CCIE RSv5
• CCIE RSv5.0 Configuration Practice Labs
• CCIE RSv5.0 Troubleshooting Practice Labs
• CCIE RSv5.0 Configuration and Troubleshooting Practice Labs Bundle
• CCIE RSv5.0 Official Cert Guide, Volume 1
• CCIE RSv5.0 Official Cert Guide, Volume 2
• CCIE RSv5.0 Official Cert Guide Library
• CCIE page on Ciscopress.com

• http://www.ciscopress.com/markets/detail.asp?st=44718
176
CCIE Lab Builder
https://learningnetworkstore.cisco.com/cisco-ccie-lab-builder
• Actual exam’s cloud-based virtual lab environment!
• Supports virtual routers (IOL) and switches (L2IOL)!
• Build your own topologies (DnD), up to 20 nodes!
• 24/7 web + telnet access! No waiting/scheduling!
• 2 Packages:
• 100h for $300 ($3/h) in 6 months
• 500h for $1000 ($2/h) in 12 months
Other resources
• Cisco docs, whitepapers, wiki, tools…
• Cf. bookmarks in Appendices…
Preparation Advises
• Chose lovable project • Learn one topic at a time
• Remove barriers to practice • Prepare Lab Equipment
• Deconstruct the Topics • Practice, Practice & Practice!
• Self Assessment • Practice for speed and
troubleshooting
• Quality first, then Quantity
• Become familiar with Cisco
documentation
179
Chose lovable project
Why do I want to become CCIE?
• I want to become a CCIE because…
…the answer is what will keep you going in difficult times…
…personal reason…
Remove Barriers in Learning
• Do you have Internet access?
• Do you have a login for Cisco Learning Network?
• Do you have study materials?
• Do you have access to practice lab?
• Do you have place to study?
• Did you allocate time in your schedule?
Deconstruct the Topics
Turn the blueprint into a checklist?
• Layer 2 Technologies
• LAN Switching
• L2 Multicast
• Routing Protocols (IGP, EGP)
• Common features
• DMVPN, MPLS VPN
• Encryption
• Infrastructure Security
Self Assessment
• Assess and rate your current skills level in each topic
Ex.
• I’m a star
• I'm very comfortable
• I'm familiar but need more hands on
• I'm less familiar but can find it in C-docs
• I don’t have any clue
• Be honest! 
• ”Know what you don't know"
Quality first, then Quantity
• Make time!
• The first few hours are the most difficult
• Study on daily basis
• Be consistent and maintain the pace
• Gradually add quantity and speed
• And… Remember Newton’s First Law of motion…

I. Newton
Get Familiar with Cisco Documentation
• Sort, don't search
• Configuration guide and command reference
• IOS release notes and new features
• Technology QA, White-papers, …
Learn one Topic at a time
• Start with the core topics (switching, IGP, BGP, multicast, MPLS, DMVPN)
• Start to study one hour a day, even with no lab yet

• “Slowly but surely”
• Try to set up the mood and to get into the "flow”

• “Slowly increase pace”
• Focus on technology/topic labs before moving to full-lab scenario!

Prepare Lab Equipment
• Emulator vs. real lab
• Home lab vs. rental lab
• Combination between emulator vs. real lab

Practice, Practice & Practice!
• Better to be stuck in one full lab scenario than looking at the answer
• Try to find the answer on your own!

• Further research on the topic
• Use debug and show commands
• Try and test possible config solutions
• Focus on Quality vs Quantity!
• Always ask ”What if?"

Practice for speed and Troubleshooting
• Target max 5h to resolve a practice lab
• Learn and use IOS shortcuts
• Use Notepad to copy/paste identical
• Establish your methodology and strategy with speed in mind
• Ask someone to introduce problems to a known lab

• Focus on the troubleshooting methodology and speed will come naturally
• Isolate the issue in OSI layer, protocol/feature, device(s), interface(s), …
• Work from destination when applicable
• Keep asking “What IS and What IS NOT working?” & “What if?”
Final Preparation
• Anticipate the D-day!
• Review the Tips & Tricks… 
• Mentally picture yourself as a CCIE! 
• And… Remember the Universal Law of Attraction…

Henry Ford
Agenda

193
CCIE Lab exam Tips & Tricks
• Before the exam

• During the exam
• After the exam
194
Before…
• Prepare for the exam! 
• Purchase training material
• Active and/or Passive Learning…
• Practice, practice, practice…
• Build your own exam strategy!

• Cherry pick per topic, per point value, both ?
• Time management and per-item timer ?
• Final validation method ?
• Target total score ?
• Mitigation plan ?
195
Before…
• Familiarize yourself with the web delivery system and tools
• WISP Labs
• CLN Demo
• Cisco Learning Labs
• CCIE Lab Builder
• Practice browsing Cisco Documentation

• Learn CLI shortcuts!
196
Before…
• Travel to the lab location if needed
• “Plan for the worst, hope for the best”
• Arrive on the day before your exam…
• Do a site-survey
• Measure commute time from hotel
• Identify entrance location
• Have a good dinner & sleep enough!

• Do whatever you need to have a fit body condition for the next day
197
During…
• Reduce stress, arrive early and prepare ID’s!
• Listen to proctor’s guidelines (empty pockets, etc)!
• If needed, use ear-plugs, medicine, food…
• Manage your time! Stick to your strategy!
• Read the whole module (don’t forget the guidelines!)
• Cherry pick items!
• Don’t get stuck at the beginning!
• Build your confidence!
198
During…
• Don’t get intimated by big topologies!
• Triple read questions before asking help to the proctor!
• Save configs often! Avoid last minute change!
• Plan for “regression tests” and overall validations at the end of each module!
• Use the scratch paper to track progress (item table) and notes
• Draw topologies if really needed (be careful with time!)
• Target 80 or 90%! Don’t shoot for 100% - unless you have time!!
199
After…
• If you pass, well… you know what to do! 
• If you failed:
• Release the anger! Do whatever you have to do!
• Try to switch from ‘Denial’ to ‘Curious’ quickly
• Start looking for your mistakes (especially typos!)
• Repeat the scenarios in your home lab
• Back to lab practice with focus on the failed topics and verification methods
• Book for the next lab exam ASAP
• Only ask for a re-read if you have done all the above, and 100% sure CCIE
Program team is wrong! Beware of very low turnover rate!!
200
Albert Einstein
Agenda

202
Got a question after the session?
• Join the CCIE R&S Study Group on CLN
• Ask technical questions
• Find study partner(s)
• Join the Table Topic “How to prepare for CCIE RS Lab”

• Download the session’s deck at https://www.ciscolive.com/online
• Open a CertSupport case at http://www.cisco.com/go/certsupport
• Contact us via email:
Kurt kuclaes@cisco.com CCIE RS Support engineer

Bruno brunov@cisco.com CCIE RS Exam PM
203
Cisco Certifications SME* Recruitment Program
http://www.cisco.com/go/certsme
Apply
Now!
• Directly influence Cisco Career Certifications (Design, Author, Review)

• Give back to community
• Experience with assessment techniques
• Join creativity with experience, knowledge and skills
• Collaborate and network with other engineers
204
SME= Subject Matter Expert

Q&A
• What questions do you have about the new CCIE R&S v5 exams?
• Exam Curriculum ?
• Exam Format ?
• Exam Deliveries ?
• Case Studies ?
• Preparation Materials ?
• Exam Strategy ?
• Anything else ?
205
Call to Action
• Visit the World of Solutions for
• Cisco Campus, Learning at Cisco booth
• Walk in Labs (there multiple relevant labs, all labelled with LABCCIE)
• Try the Diagnostic demo!
• Technical Solution Clinics
• Meet the Engineer
• Lunch time Table Topics
• Monday: How to prepare for CCIE RS Lab exam
• DevNet zone related labs and sessions
• Recommended Reading: for reading material and further resources for this
session, please visit www.pearson-books.com/CLMilan2015
Participate in the “My Favorite Speaker” Contest
Promote Your Favorite Speaker and You Could Be a Winner
• Promote your favorite speaker through Twitter and you could win $200 of Cisco
Press products (@CiscoPress)
• Send a tweet and include
• Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
Complete Your Online Session Evaluation
• Give us your feedback to be
entered into a Daily Survey
Drawing. A daily winner
will receive a $750 Amazon
gift card.
• Complete your session surveys
though the Cisco Live mobile
app or your computer on
Cisco Live Connect.
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
CiscoLive.com/Online
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
• Related sessions
Thank you
Appendices
• Details of RSv5 Topics changes

• Preparation materials bookmarks
• Diagnostic item format
212
Appendices

213
CCIE R&Sv5 New Topics on Written exam
• Network Principles
• Network Theory
• Describe basic software architecture differences between IOS and IOS XE
• Identify Cisco Express Forwarding concepts
• Explain general network challenges
• Explain IP, TCP, UDP operations
214
• LAN Switching technologies
• Describe Chassis Virtualization and Aggregation Technologies
• Layer 2 Multicast
• Explain PIM Snooping
• Layer 2 WAN Circuit technologies

• Describe WAN rate-based ethernet circuits
215
• BGP
• Describe BGP fast convergence features
• ISIS
• Describe basic ISIS network
• Describe neighbor relationship
• Describe network types, levels and router types
• Describe operations
• Describe optimization features
216
• Tunneling
• Describe basic layer 2 VPN – wireline
• L2TPv3, ATOM General principals
• Describe basic layer 2 VPN – LAN services
• VPLS, OTV General principals
• Encryption
• Describe GETVPN
• Network Services
• Describe IPv6 Network Address Translation
217
CCIE R&Sv5 New Topics on Written & Lab exams
• Network Troubleshooting
• Use IOS troubleshooting tools
• Apply troubleshooting methodologies
• Interpret packet capture
Applicable to all lab domains
218
• Fundamental routing concepts
• Implement and Troubleshoot Bidirectional Forwarding Detection
• EIGRP
• Implement EIGRP (multi-address) Named Mode
• Implement, troubleshoot and optimize EIGRP convergence and scalability
• OSPF
• Implement, troubleshoot and optimize OSPF convergence and scalability
219
• Tunneling
• Implement and Troubleshoot DMVPN (single hub)
• Encryption
• Implement and Troubleshoot IPsec with pre-shared key
220
CCIE R&Sv5 Topics moved from v4 Lab to v5
Written
• Describe IPv6 Multicast
• Describe RIPv6 (RIPng)
• Describe IPv6 Tunneling Techniques
• Describe Device Security using IOS AAA with TACACS+ and RADIUS
• Describe 802.1x
• Describe Layer 2 QoS
• Identify Performance Routing (PfR)
221
CCIE R&Sv5 Topics removed from v4 Exams
• Flexlink, ISL, Layer 2 Protocol Tunneling
• Frame-Relay (LFI, FR Traffic Shaping)
• WCCP
• IOS Firewall and IPS
• RITE, RMON
• RGMP
• RSVP QoS, WRR/SRR
222
Appendices

223
Cisco.com Products and Technology documentation
• Cisco documentation
• http://www.cisco.com/go/documentation
• http://www.cisco.com/cisco/web/psa/default.html
• IOS 15.3M&T Configuration Guides

• http://www.cisco.com/en/US/products/ps12745/products_installation_and_configuration
_guides_list.html
224
Cisco.com Whitepapers, Design Zone, …
• White papers on (m)any technologies
• http://tools.cisco.com/search/results/en/us/get#q=white+papers
• Cisco Validated Design

• http://www.cisco.com/go/cvd
• Enterprise Design Zone

• http://www.cisco.com/en/US/netsol/ns1063/networking_solutions_program_home.html
225
Cisco Forums and Wiki
• Cisco Support Community
• https://supportforums.cisco.com
• CLN Study Group for CCIE RS

• https://learningnetwork.cisco.com/groups/ccie-routing-and-switching-study-group
• Doc Wiki
• http://docwiki.cisco.com
226
Cisco Tools
• Cisco Feature Navigator
• www.cisco.com/go/fn
• Command Lookup Tool
• https://tools.cisco.com/Support/CLILookup/cltSearchAction.do
• Error Message Decoder
• https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi
227
Cisco Tools
• Output Interpreter
• https://www.cisco.com/pcgi-bin/Support/OutputInterpreter/home.pl
• Bug Search Tool
• https://tools.cisco.com/bugsearch
• Cisco Notification Service, Software Advisor
• http://www.cisco.com/cisco/support/notifications.html
• http://tools.cisco.com/Support/Fusion/FusionHome.do
228
External Resources
• Standard documentation (IETF’s RFC, ISO, …)
• WWW (Wikipedia, Blogs, …)
• Search engines (Google, Bing, …)
• Academic sources (Research papers, Thesis, …)
• Etc…
229
Appendices

230
• Multiple Choice – Single Answer
231
• Multiple Choice – Multiple Answers
232
• Dropdown(s)
233
• Drag and Drop
234
• Documentation
235
Internet of Things (IoT) Cisco Education Offerings
Course Description Cisco Certification
NEW! CCNA Industrial An associate level instructor led training course designed to prepare you CCNA® Industrial
for the CCNA Industrial certification
Managing Industrial Networks with This curriculum addresses foundational skills needed to manage and Cisco Industrial
Cisco Networking Technologies (IMINS) administer networked industrial control systems. It provides plant Networking Specialist
administrators, control system engineers and traditional network engineers
with an understanding of the networking technologies needed in today's
connected plants and enterprises
Control Systems Fundamentals For IT and Network Engineers, covers basic concepts in Industrial Control
for Industrial Networking (ICINS) systems including an introduction to automation industry verticals,
automation environment and an overview of industrial control networks
Networking Fundamentals For Industrial Engineers and Control System Technicians, covers basic IP
for Industrial Control Systems (INICS) and networking concepts, and introductory overview of Automation
industry Protocols.
For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Business Transformation Cisco Education Offerings
For IT and Network Professionals:
Building Business Specialist Skills • Builds non-technical skills key to ensure business impact and influence. Cisco Enterprise IT
Topics include: business analysis, finance, technology adoption and Business Specialist
effective communications.
• Bridges IT and business impacts of mature and emerging solutions

including cloud plus Internet of Everything
For Technology Sellers:

Applying Cisco Specialized Business Value Builds skills to discover and address technology needs using a business- Cisco Business Value Specialist
Analysis Skills focused, consultative sales approach
Executing Advanced Cisco Business Value Enables customer transformation through business architecture and Cisco Certified Business
Analysis and Design Techniques solution selling expertise Value Practitioner
Performing Cisco Business-Focused Provides skills and an approach to build a strategic roadmap of IT Cisco Transformative
Transformative Architecture Engagements initiatives, aligned to business priorities Architecture Specialist

Security Cisco Education Offerings
Implementing Cisco IOS Network Security (IINS) Focuses on the design, implementation, and monitoring of a comprehensive CCNA® Security
security policy, using Cisco IOS security features
Implementing Cisco Edge Network Security Solutions
(SENSS) Configure Cisco perimeter edge security solutions utilizing Cisco Switches, Cisco
Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls
Implementing Cisco Threat Control Solutions (SITCS)
Deploy Cisco’s Next Generation Firewall (NGFW) as well as Web Security, Email
Implementing Cisco Secure Access Solutions (SISAS) Security and Cloud Web Security
Implementing Cisco Secure Mobility Solutions Deploy Cisco’s Identity Services Engine and 802.1X secure network access
(SIMOS)
Protect data traversing a public or shared infrastructure such as the Internet by
implementing and maintaining Cisco VPN solutions
Securing Cisco Networks with Threat Detection and Designed for professional security analysts, the course covers essential areas of Cisco Cybersecurity Specialist
Analysis (SCYBER) competency including event monitoring, security event/alarm/traffic analysis, and
incident response
Network Security Product and Solutions Training For official product training on Cisco’s latest security products, including Adaptive
Security Appliances, NGIPS, Advanced Malware Protection, Identity Services
Engine, Email and Web Security Appliances see
www.cisco.com/go/securitytraining

R&S Related Cisco Education Offerings
CCIE R&S Advanced Workshops (CIERS-1 & Expert level trainings including: instructor led workshops, self CCIE® Routing & Switching
CIERS-2) plus assessments, practice labs and CCIE Lab Builder to prepare candidates
Self Assessments, Workbooks & Labs for the CCIE R&S practical exam.
• Implementing Cisco IP Routing v2.0 Professional level instructor led trainings to prepare candidates for the CCNP® Routing & Switching
• Implementing Cisco IP Switched CCNP R&S exams (ROUTE, SWITCH and TSHOOT). Also available in
Networks V2.0 self study eLearning formats with Cisco Learning Labs.
• Troubleshooting and Maintaining
Cisco IP Networks v2.0
Interconnecting Cisco Networking Devices: Configure, implement and troubleshoot local and wide-area IPv4 and IPv6 CCNA® Routing & Switching
Part 2 (or combined) networks. Also available in self study eLearning format with Cisco Learning
Lab.
Interconnecting Cisco Networking Devices: Installation, configuration, and basic support of a branch network. Also CCENT® Routing & Switching
Part 1 available in self study eLearning format with Cisco Learning Lab.

Wireless Cisco Education Offerings
• Conducting Cisco Unified Wireless Site Survey Professional level instructor led trainings to prepare candidates to conduct CCNP® Wireless
• Implementing Cisco Unified Wireless Voice site surveys, implement, configure and support APs and controllers in
Networks converged Enterprise networks. Focused on 802.11 and related
• Implementing Cisco Unified Wireless Mobility technologies to deploy voice networks, mobility services, and wireless
Services security.
• Implementing Cisco Unified Wireless Security
Services
Implementing Cisco Unified Wireless Network Prepares candidates to design, install, configure, monitor and conduct CCNA® Wireless
Essential basic troubleshooting tasks of a Cisco WLAN in Enterprise installations.

Design Cisco Education Offerings
Designing Cisco Network Service Architectures Provides learner with the ability to perform conceptual, intermediate, and CCDP® (Design Professional)
(ARCH) detailed design of a network infrastructure that supports desired capacity,
performance, availability required for converged Enterprise network
services and applications.
Designing for Cisco Internetwork Solutions Instructor led training focused on fundamental design methodologies used CCDA® (Design Associate)
(DESGN) to determine requirements for network performance, security, voice, and
wireless solutions. Prepares candidates for the CCDA certification exam.

Service Provider Cisco Education Offerings
Deploying Cisco Service Provider Network Routing SPROUTE covers the implementation of routing protocols (OSPF, IS-IS, BGP), CCNP Service Provider®
(SPROUTE) & Advanced (SPADVROUTE) route manipulations, and HA routing features; SPADVROUTE covers advanced
routing topics in BGP, multicast services including PIM-SM, and IPv6;
Implementing Cisco Service Provider Next-Generation
Core Network Services (SPCORE) SPCORE covers network services, including MPLS-LDP, MPLS traffic engineering,
QoS mechanisms, and transport technologies;
Edge Network Services (SPEDGE) SPEDGE covers network services, including MPLS Layer 3 VPNs, Layer 2 VPNs,
and Carrier Ethernet services; all within SP IP NGN environments.
Building Cisco Service Provider Next-Generation The two courses introduce networking technologies and solutions, including OSI CCNA Service Provider®
Networks, Part 1&2 (SPNGN1), (SPNGN2) and TCP/IP models, IPv4/v6, switching, routing, transport types, security, network
management, and Cisco OS (IOS and IOS XR).
Implementing Cisco Service Provider Mobility UMTS The three courses (SPUMTS, SPCDMA, SPLTE) cover knowledge and skills Cisco Service Provider Mobility
Networks (SPUMTS); required to understand products, technologies, and architectures that are found in CDMA to LTE Specialist;
Implementing Cisco Service Provider Mobility CDMA Universal Mobile Telecommunications Systems (UMTS) and Code Division Multiple Cisco Service Provider Mobility UMTS
Networks (SPCDMA); Access (CDMA) packet core networks, plus their migration to Long-Term Evolution to LTE Specialist
Implementing Cisco Service Provider Mobility LTE (LTE) Evolved Packet Systems (EPS), including Evolved Packet Core (EPC) and
Networks (SPLTE) Radio Access Networks (RANs).
Implementing and Maintaining Cisco Technologies Service Provider/Enterprise engineers to implement, verification-test, and optimize Cisco IOS XR Specialist
Using IOS XR (IMTXR) core/edge technologies in a Cisco IOS XR environment.

Collaboration Cisco Education Offerings
CCIE Collaboration Advanced Workshop (CIEC) Gain expert-level skills to integrate, configure, and troubleshoot complex CCIE® Collaboration
collaboration networks
Implementing Cisco Collaboration Applications Understand how to implement the full suite of Cisco collaboration CCNP® Collaboration
(CAPPS) applications including Jabber, Cisco Unified IM and Presence, and Cisco
Unity Connection.
Implementing Cisco IP Telephony and Video Learn how to implement Cisco Unified Communications Manager, CUBE, CCNP® Collaboration
Part 1 (CIPTV1) and audio and videoconferences in a single-site voice and video network.
Implementing Cisco IP Telephony and Video Obtain the skills to implement Cisco Unified Communications Manager in a
Part 2 (CIPTV2) modern, multisite collaboration environment.
Troubleshooting Cisco IP Telephony and Video Troubleshoot complex integrated voice and video infrastructures
(CTCOLLAB)
Implementing Cisco Collaboration Devices Acquire a basic understanding of collaboration technologies like Cisco Call CCNA® Collaboration
(CICD) Manager and Cisco Unified Communications Manager.
Implementing Cisco Video Network Devices Learn how to evaluate requirements for video deployments, and implement
(CIVND) Cisco Collaboration endpoints in converged Cisco infrastructures.

Data Center / Virtualization Cisco Education Offerings
Cisco Data Center CCIE Unified Fabric Prepare for your CCIE Data Center practical exam with hands on lab CCIE® Data Center
Workshop (DCXUF); exercises running on a dedicated comprehensive topology
Cisco Data Center CCIE Unified Computing
Workshop (DCXUC)
Implementing Cisco Data Center Unified Fabric Obtain the skills to deploy complex virtualized Data Center Fabric and CCNP® Data Center
(DCUFI); Computing environments with Nexus and Cisco UCS.
Implementing Cisco Data Center Unified
Computing (DCUCI)
Introducing Cisco Data Center Networking Learn basic data center technologies and how to build a data center CCNA® Data Center
(DCICN); Introducing Cisco Data Center infrastructure.
Technologies (DCICT)
Product Training Portfolio: DCAC9k, DCINX9k, Get a deep understanding of the Cisco data center product line including
DCMDS, DCUCS, DCNX1K, DCNX5K, DCNX7K the Cisco Nexus9K in ACI and NexusOS modes

Network Programmability Cisco Education Offerings
Integrating Business Applications with Network Learn networking concepts, and how to deploy and troubleshoot Cisco Business Application
Programmability (NIPBA); programmable network architectures with these self-paced courses. Engineer Specialist Certification
Integrating Business Applications with Network
Programmability for Cisco ACI (NPIBAACI)
Developing with Cisco Network Programmability Learn how to build applications for network environments and effectively Cisco Network Programmability
(NPDEV); bridge the gap between IT professionals and software developers. Developer Specialist Certification
Developing with Cisco Network Programmability
for Cisco ACI (NPDEVACI)
Designing with Cisco Network Programmability Learn how to expand your skill set from traditional IT infrastructure to Cisco Network Programmability
(NPDES); application integration through programmability. Design Specialist Certification
Designing with Cisco Network Programmability
for Cisco ACI (NPDESACI)
Implementing Cisco Network Programmability Learn how to implement and troubleshoot open IT infrastructure Cisco Network Programmability
(NPENG); technologies. Engineer Specialist Certification
Implementing Cisco Network Programmability
for Cisco ACI (NPENGACI)

Cloud Cisco Education Offerings
Designing the FlexPod Solution (FPDESIGN); Learn how to design, implement and administer FlexPod solutions FlexPod Design Specialist;
Implementing and Administering the FlexPod FlexPod Implementation &
Solution (FPIMPADM) Administration Specialist
UCS Director (UCSDF) Learn how to manage physical and virtual infrastructure using
orchestration and automation functions of UCS Director.
Cisco Prime Service Catalog Learn how to deliver data center, workplace, and application services in an
on-demand, automated, and repeatable method.
Cisco Intercloud Fabric Learn how to implement end-to-end hybrid clouds with Intercloud Fabric
for Business and Intercloud Fabric for Providers.
Cisco Intelligent Automation for Cloud Learn how to implement and manage cloud deployments with Cisco
Intelligent Automation for Cloud


Tecccie 3000 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tecccie 3000 PDF

Uploaded by

Copyright:

Available Formats

CCIE Routing and Switching Techtorial

Yusuf Bhaiji – Senior Manager, Expert Certifications #9305

• Overall CCIE Program

• Industry standard validating and endorsing expert-level skills and experience

• Demonstrate strong commitment and investment to networking career, life-long

Data Center Service Provider SP Operations Wireless

Written Exam pass Practical pass CCIE

• Pearson • Select Cisco locations

Use of the test scores

• Overall CCIE Program

Check the official information on CLN

Candidate: John Smith

CCIE R&Sv5 Curriculum’s Details 1.0.0 Network Principles (Written only)

IOS-XE, VSS, ISIS, L2VPN, Packet capture analysis,

Moved PfR, L2QoS, IPv6 Multicast,

Frame-Relay, FRTS, LFI, WRR/SRR, ZBF, IPS, RSVP,

Virtual devices No Device Virtual devices

minScore minScore minScore

Troubleshooting Optional DIAG Optional Configuration

minScore minScore minScore

• Identical to CCIE RSv4’s

Troubleshooting Optional DIAG Optional Configuration

minScore minScore minScore

• CFG is now virtual, like TS

Troubleshooting Optional DIAG Optional Configuration

minScore minScore minScore

• Assessing new skills

Troubleshooting Optional DIAG Optional Configuration

minScore minScore minScore

• Optional time extension of 30 min in TS

Troubleshooting Optional DIAG Optional Configuration

minScore minScore minScore

• Module-level minimum score

Cf. Case Studies for illustrations and Live demo!

• Overall CCIE Program

Which statement is true about IS-IS?

OSPF Area 0 OSPF Area 1

• Overall CCIE Program

• Lab Exam Case Studies

• Guidelines • Virtual devices

• Strategy • Single topology/scenario

• Incident#4 • Per-incident constraints

• Console access via

• Focus on the highlighted region of the main topology

Design and Form hypothesis

• The main diagram has a clickable map on most device icons

• Additional Diagrams are available under the main menu

• Incidents are available under the main menu

• Incident’s stem are opened in a separate popup window

Trying 200.100.200.200 ... Open

User Access Verification

Trying 200.100.200.200 ... Open

User Access Verification

Trying 200.100.200.200 ... Open

User Access Verification

Trying 200.100.200.200 ... Open

User Access Verification

Trying 200.100.200.200 ... Open

User Access Verification

Trying 172.16.28.1 ... Open

User Access Verification

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds: