CCIE Lab passed!

Image representing Cisco as depicted in CrunchBase

Image representing IPexpert as depicted in Cru...
Image via CrunchBase

Just an update- I passed in San Jose on May 1st!  CCIE # 35355.  Here’s my story:

I thank God.  This has been a dream of mine for 6 years, and he solely helped me attain this! I don’t want to start a religion roll as we are all from different parts of the word and have different religious backgrounds.  However, give God a year of your faith and belief and see if things don’t change!
Secondly, my wife and family for dealing with me.  It’s been a constant 2 years of knowing that I need to get home and lab.  I thank those that have helped me on the forums, and especially Narbik.  He gave me a personal relationship through my training, and even hung out with us until the wee morning hours during bootcamps to chat with us about anything and everything.  He really does care and it shows in his work.  Finally, I thank my employer.  Without their support, I would have had to quit my job to get this accomplished in 2 years.Materials used:
Global Knowledge CIERS1 bootcamp
CCBootcamp MPLS for CCIE candidates (taken at Cisco LIVE)
INE (video only)
IPExpert Blended Learning Solution (Vol1 and 3 only, video on demand, audio on demand)
CCBootcamp ALM bootcamp
Narbik CIERS1 (attended twice) bootcamp, Advanced workbook, bootcamp 4.0 workbook
Hardware used:
I was using 2800/3800/3560’s hardware cabled for each vendor.
Products that didn’t work:
CCBootcamp workbooks- I attended a CCB in September 2011.  The instructor (Rahim) was great and very knowledgeable.  I attended a bootcamp, but quickly cancelled on day 2 due to the workbooks alone.  There were so many typos, that even the instructor had to work through the workbooks to find that it mentions the wrong routers as part of the restrictions.  This made me start to doubt myself- not a good way to learn!  I’m sure the owner will come after me again for this posting, however, he did not follow up on his promise to rectify the situation (by receiving a beta version of the new workbooks) and I’m advising students away from your products as I said I would.  I have a few more examples of the bad business practices, but I will spare you those details.  WORST WORKBOOKS EVER!
– April 30, 2010- Passed CCIE R&S Written
– May 3, 2010- Global Knowledge Bootcamp, CIERS1 (San Jose, California)
– July 2010- Passed CCIE Security written (Free test at Cisco LIVE)
– July 2010-Dec. 2011
I was averaging 15 hours a week of rack time over 4-5 days a week. 
– May 2011
Passed the CCIE written R&S (my December lab attempt would be beyond my 18 month deadline)
– June 2011
I attended Narbik’s CIERS1 bootcamp.  WHOA.  That’s a lot to take in, but amazing training.  The man is a walking IOS dictionary and can rattle off 7 levels deep of IOS commands.  I learned his theory (not verbatim) that if you need a sh run or to use a “?”, you aren’t ready for the lab.  I carried this with me throughout my studies after that.  Narbik taught me to look at the requirement or question, think about what technology is at hand, and if it’s a global, or interface command before starting in on a solution.  Great advice!
– Nov, 2011
I attended Narbik’s CIERS1 bootcamp for the second time. I was better prepared and did much better on my assessment labs.  I felt close to ready, but Narbik informed me that I wasn’t ready.  Yet, I still had to make my attempt at the Lab to qualify for the Lab Safe program.
– Dec. 13, 2011
My first attempt at the CCIE R&S lab.  I got a 50% (avg) on the config section, and an 18% on troubleshooting.  I didn’t expect to pass, but I was forced (so to speak) to take the lab by the end of the year to qualify for the “Lab Safe” program (free second attempt).
– Dec. 15- 2011
Kicked my labbing into high gear, and focused on the technologies I didn’t know well.  These were mainly IP Services.
– Dec. 20, 2011-March 20, 2012
Stepped up my lab times to 25 hours a week.  My method was this- Run through IPX VOL1 for the technologies I saw that I didn’t know well.  This was about 12 topics.  Run through IPX VOL3 Mock labs very slowly.  In fact, I sometimes took 16-20 hours for a Mock lab because I was looking them up on the DOCCD, and playing with different options to actually break the solution and finding a second solution as an alternative.  This was a key building block for me.  I want through Narbik’s Adv. workbooks and Bootcamp 4.0 workbooks.  I especially liked Narbik’s workbooks for the reason for the solution.  If I didn’t know something in-depth, Narbik’s workbooks were my direct solution.  All of the vendors workbooks were still weak in IP Services, especially EEM an OER.  I know that Narbik, and I’m sure the other vendors will as well, have updates to their workbooks as this has been mentioned time and time again.  I believe Brain with INE has committed to releasing something soon.
– March 20-April 30, 2012
Kicked my labbing into high gear.  My job allowed me to work from home, so I was averaging 30 hours a week (7 days a week) without any days off from labbing.  Those last 5 weeks were rough!  I was staying up late at night, drinking Monster energy drinks, and chasing them with Red Bull energy drinks!  Up until midnight/1am, and getting up at 6am, taking my girls to school, going to the gym, and then heading back to the house to lab/work.  The last week before my lab, I actually took a week of vacation and turned off my email and didn’t answer my work phone except at breaks.
– May 1, 2012
Passed CCIE R&S Lab in San Jose!  Although they say to stop labbing and relax your mind, I don’t work like that.  I labbed until midnight the night before the lab in my hotel, and labbed for an hour that morning.  This is partially because my mind was conditioned to do that (lab late), and I wanted my mind alert and fingers ready that morning for the lab.  I didn’t feel it was proper to show up and not have the mentality for the wording of the lab.  *NOTE* You could have cut the tension with a knife in the waiting area prior to the lab at Cisco’s San Jose’s office.  I couldn’t help but crack jokes!  Probably my way of dealing with nervous situations.  Also, it took 10 hours for my email that I passed!  AHHHHH!  Why was it that when I failed I knew in 2 hours?  Needless to say, I got zero sleep that night!*My tips to success*
When you lab up, take your time to learn a technology.  When you learn it, go to a different vendor and work their technology based labs.  Go through them, fix it, and break it.  Get fancy with it and find another way to do it (because there is always another way and you might get a restriction that will throw you for a loop).
Preferred vendors (there is no single vendor), and why-
Narbik-Workbooks are in different degrees of difficulty, they build upon each other, and have a VERY detailed explanation to learn from.  After paying for his bootcamp and attending, you can re-take the bootcamps if seats are available for free.  With the amount of information delivered, I highly recommend taking it at least twice!
IPExpert- VERY hard, right out of the box!  But, their BLS has video’s that help understand how, but not why.  It’s up to you to learn the technology prior to working their labs.  The VOD is a “death by slideshow” that didn’t help me at all.  I did thoroughly enjoy their video on demand.  I have a lengthy drive to work each day, and these came in handy to some extent.  But, once I found myself solid on a technology, and I was done with Narbik’s workbooks, this is where I went.  This is for the advanced student that feels they are ready, but in my opinion, not a learning tool.
INE- Their all access pass is great, and offers you discounted rates on their CCIE workbooks.  Their video’s are REALLY good.  For a lot of candidates, INE is a good choice as their hardware is 1800/2600 model routers and less of a financial impact.
Cisco 360- I don’t care for the workbooks, but their assessment labs are good to get a feel of the lab interface, and gives you an idea via a score of where you are.  If you can score high on these labs, you will do good on the labs.  But, I saw technologies on the lab that I did not get tested on within the Assessment labs.
I hope this helps you.  Now, onto CCIE Security!  Re-cabling my racks now for IPExpert and Narbik’s layouts.  😉 
God Bless.
Jay McMickle- CCIE #35355
Posted in CCIE Routing and Switching Lab Prep | Tagged , , , , , , , , , , , , , , | 2 Comments

Misc. labbing

3 hours
I haven’t logged much here as I’ve been doing 30mins here, an hour or two there, in my free time!  I’ve been re-creating what I experienced on the lab, and then mixing it up with other technologies to learn about more of them interworking together.

Posted in CCIE Routing and Switching Lab Prep | Tagged , , , , | Leave a comment

Mock Lab

3.5 hours
Narbik Workbooks

Filtering with single line ACL‘s
You are receiving a group of routes from a RIP peer on R1.  Only allow 4 routes in.  The first two should be N1 routes; The second two should be N2 routes as seen by the next upstream neighbor (R2).
Receiving these routes on R1: (should be seen by R2 as OSPF N1 route) (should be seen by R2 as OSPF N1 route) (should be seen by R2 as OSPF N2 route) (should be seen by R2 as OSPF N2 route)

R2-(OSPF)-R1-(RIP)-Sw1 (generating routes)

1- 00000001
2- 00000010
This will grab only the .1 and .2 subnets

3- 00000011
4- 00000100
This will grab only the .3 and .4 subnets

router rip
 no auto
 ver 2
 pass def
router ospf 1
 net area 0
 redist rip route-map RtoO subnets
access-list 1 permit
access-list 2 permit
route-map RtoO permit 10
 match ip add 1
 set metric type-1
route0map RtoO permit 20
 match ip add 2
 set metric type-2

R2#sh ip route ospf
O N2 [110/20] via, 00:14:11, FastEthernet0/0
O N2 [110/20] via, 00:14:11, FastEthernet0/0
O N1 [110/85] via, 00:14:11, FastEthernet0/0
O N1 [110/85] via, 00:14:11, FastEthernet0/0

Posted in CCIE Routing and Switching Lab Prep | Tagged , , , , , , , | Leave a comment

Etherchannel L2

6 hours
Tips and tricks throughout my mock lab today:

Building an etherchannel
* Note, when building a layer 2 etherchannel, build it from the interface level.  This will create the port-channel and inherit those physical interface settings to eliminate any misconfiguration.

Before configuring:
interface GigabitEthernet1/0/23
 switchport trunk encapsulation dot1q
 switchport mode trunk
interface GigabitEthernet1/0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk

To configure L2 etherchannel-
SW1(config)#int range g1/0/23-24
SW1(config-if-range)#channel-group 12 mode active
Creating a port-channel interface Port-channel 12
SW1(config-if-range)#no shut
*Mar  1 01:24:31.869: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/23, changed state to up
*Mar  1 01:24:31.995: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/24, changed state to up
*Mar  1 01:24:32.851: %LINK-3-UPDOWN: Interface Port-channel12, changed state to up
*Mar  1 01:24:33.857: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel12, changed state to up
SW1(config-if-range)#do sh run | be 0/23
interface GigabitEthernet1/0/23
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 12 mode active
interface GigabitEthernet1/0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 12 mode active

SW1(config-if-range)#do sh run int po12
Building configuration…

Current configuration : 93 bytes
interface Port-channel12
 switchport trunk encapsulation dot1q
 switchport mode trunk
Obviously a similiar config would be on the other adjacent switch.  In the end, you should see this:

SW1(config-if-range)#do sh etherc summ
12     Po12(SU)        LACP      Gi1/0/23(P) Gi1/0/24(P)

Note- The Etherchannel group numbers do not have to match on each end as they are locally signifigant.

Posted in CCIE Routing and Switching Lab Prep | Tagged , , | 1 Comment

Mock Lab

2 hours-
Loaded up racks with startup
Did sections 1.1-1.3. 

Summary point-
BPDUGuard- Puts port in error mode if a BPDU is received
Spanning-tree portfast default- Puts all ports into portfast mode with a single command, globally
BPDUFilter- Disables BPDU from being sent on a port

Posted in CCIE Routing and Switching Lab Prep | Tagged | Leave a comment

IPv6 filtering

1.5 hours
Ran through some filtering technique’s, much like IPv4.  Simply create a loopback with a given IPv6 address.  Redistribute the loopback into Area 5, but not Area 0 (this device was part of both areas).

Loopback 1
 ipv6 add….
route-map loop
 matching int lo1
ipv6 router ospf 1
 redistribute conneted route-map loop
int s0/0/0
 ipv6 ospf 1 area 0
int f0/0
 ipv6 opsf 1 area 5

Neighboring router:
int f0/0
 ipv6 ospf 1 area 5
ipv6 router ospf 1
 area 5 nssa no-redistribute

This effectively blocked the incoming redistributed route from entering area 5.

Posted in CCIE Routing and Switching Lab Prep | Tagged , , | Leave a comment

OSPFv3 and IPV6

Narbik’s Workbooks
2 hours
Ran through these labs pretty quickly.  Quick refresher on the syntax.  Not too terrible.  Moving on.

Posted in CCIE Routing and Switching Lab Prep | Leave a comment

Mock Lab

Cisco 360
6 hours config section

Posted in CCIE Routing and Switching Lab Prep | Leave a comment

Mock Lab

Cisco 360
2 hours

Posted in CCIE Routing and Switching Lab Prep | Leave a comment

RIP tricks

– Configure R1 to peer with R2 (Backbone)
– Only allow RIP to run on the port facing R2
– Updates with R2 should be only be via unicast

router rip
 ver 2
 no auto
 pass def
 no pass f0/0

How can we tell what RIP updates are happening over? 
R1#debug ip rip events
RIP event debugging is on
*Dec 29 19:11:07.899: RIP: received v2 update from on FastEthernet0/0
*Dec 29 19:11:07.899: RIP: Update contains 17 routes
*Dec 29 19:11:29.655: RIP: sending v2 update to via FastEthernet0/0 ( – suppressing null update
*Dec 29 19:11:36.995: RIP: received v2 update from on FastEthernet0/0
*Dec 29 19:11:36.995: RIP: Update contains 17 routes

So, we can see that R1 is sending updates to (multicast).  We see that we are receiving updates from (R2).  To put this into Unicast, we’ll specify a neighbor command under the RIP process.  Our debug ip rip shows us the neighbor IP address as well.

router rip

Now debug the updates:
*Dec 29 19:13:03.487: RIP: received v2 update from on FastEthernet0/0
*Dec 29 19:13:03.491: RIP: Update contains 17 routes
*Dec 29 19:13:18.539: RIP: sending v2 update to via FastEthernet0/0 ( – suppressing null update

We can see now that the updates are send to the actual peered host, effectively unicast.

Posted in CCIE Routing and Switching Lab Prep | Tagged , , | Leave a comment