CCIE round #2

After two weeks of partying like the Wolf of Wall Street (yeah right) I have decided to brush off the lab and return to studying for my second CCIE in SP. I plan to take the V4 written on the first day it is available (May 2015) and the lab soon after.

Similar to my R&S thread, I will use this to track my progress and general thoughts and I will use my blog to write up more details about some of the technologies on the SP blueprint and other networking related things. One thing I like about tracking progress in these types of threads as that it makes you somewhat accountable in progressing your learning.

My reading list for this will be:

MPLS Fundamentals (already read many times)
MPLS Traffic Engineering
BGP Design and Implementation
Routing TCP/IP Volume 1 (for IS-IS)
QoS for MPLS
MPLS VPN Architectures 1 and 2
IOS XR Fundementals

I will also use my INE All Access Pass until it runs out to watch ATC videos and the SPv3 workbook.

I am going to stop using web-IOU and try to use unetlab exclusively because it is easy to create large routing topologies with a few XR instances and 10+ XE instances using CSR1KV. I will buy another box that I can run ESXi on which will be used exclusively for running the unetlab master, and still have enough memory to run several XRv's (3GB RAM minimum per instance).

Three hours of reading and labbing today:

1) MPLS Route Target Constraint - I really like this feature, especially when used with route reflection, to prevent RRs from sending VPNv4/v6 prefixes to PE routers who are just going to drop them anyway. If you have ever used question mark when writing address-family under BGP you may have seen rtfilter - this is what route target constraint uses.

2) Some IS-IS basics such as neighbour establishment, levels, default routing between levels when the L1/L2 router sets the ATT bit on the LSP

3) IS-IS route leaking from L2 to L1 and also from L1 to L2 (to prevent L1 routes from entering the L2)

Find more posts tagged with

Comments

Alex90

You are a Ninja my friend! I look forward to seeing how you get one

JoJoCal19

Wow only a two week break huh, awesome motivation. Good luck in your pursuit of #2!

joelsfood

You are a glutton for punishment, my good man

fredrikjj

Good luck!

PS.
I'm looking forward to using you for all MPLS questions

gorebrush

We are not worthy! Best of luck for #2.

How good is the unetlab then?

jamesp1983

Wow, you don't waste any time. Good luck.

RouteMyPacket

See, the greed takes over...always has to be another. ha

I have a big decision of my own to make soon, R&S or Security

Good luck, once you get the SP, DE should be next since there is so much SP at play

broli720

RouteMyPacket wrote: »

See, the greed takes over...always has to be another. ha

I have a big decision of my own to make soon, R&S or Security

Good luck, once you get the SP, DE should be next since there is so much SP at play

R&S would be my choice because I enjoy that material more, but that's my opinion. Good luck to the both you!

JeanM

Nice job!

gorebrush

RouteMyPacket wrote: »

See, the greed takes over...always has to be another. ha

I have a big decision of my own to make soon, R&S or Security

Good luck, once you get the SP, DE should be next since there is so much SP at play

DC, right?

lrb

Thanks guys!

gorebrush wrote: »

How good is the unetlab then?

It's pretty good so far, I've done some pretty thorough XRv testing on it and it works very well. I will run it up on an AWS instance on the weekend and maybe open it up for people to have a play with it when I get it into a state I'm happy with.

RouteMyPacket wrote: »

I have a big decision of my own to make soon, R&S or Security

Good luck, once you get the SP, DE should be next since there is so much SP at play

I would say R&S is a great choice because it has so much carry over to other tracks, which is th main reason I went with SP because the carry over is huge. I would say R&S also has the best materials out there from vendors, including workbooks, ATCs, books, and videos.

lrb

2 hours tonight:

1) Some more reading on how LSPs are updated in IS-IS including MaxAge, refresh intervals, etc

2) Played around with various ways to set the OL bit in an LSP to create a similar affect to max-metric LSA from OSPF if you are waiting for BGP to converge or you want to do planned maintenance on a router.

3) Did some labbing on excluding transit links in IS-IS which is functionally equivalent to OSPF's prefix suppression. The scaleable way in IS-IS is to run your loopback (that will be used as the BGP update source and MPLS router ID) as a passive interface and tell IS-IS to only advertise the prefixes of passive interfaces. Neat!

bharvey92

One IE is not enough eh?

Good luck my friend, I enjoyed your last thread I'm sure this one will be just as informative!

Essendon

This is serious motivation Luke! Go for it mate!

lrb

About 4 hours today:

1) Went over a lot more IS-IS theory including fragmented LSPs, ATT and OL bit, difference between LSPs, CSNPs, and PSNPs, and all of the different TLVs supported by IOS

2) Went over clear text and MD5 authentication. This took a lot longer than planned. If you specify IS-IS "new style" authentication isis authentication ... under the interface it authentications the Hello packets but nothing else, and if you configure the same authentication at the process level it authenticates every packet every packet except for the Hello. Nevertheless, it results in an situation where one side thinks that the adjacency up but then invalidates the incoming CSNPs, and the other end just keeps invalidating the hello packets.

lrb

Decided to do another hour before I went out to watch the EPL tonight

. I've been doing some more labbing with MPLS with IS-IS as the IGP and it seems to be that the only way a SP would run it would be a completely flat level 2. Areas simply break the MPLS LSPs unless you leak the L2 routes to the BGP loopbacks into the L1. Actually it's made worse with IS-IS because the default is not advertised into L1, it is created by L1 routers when they see an L1/L2 router attached to another area. Therefore no label is created or advertised in LDP.

Anyone have another perspective on why you wouldn't run just a flat level 2 in a SP network?

OfWolfAndMan

Congrats on the CCIE number Luke, and good luck to you on the SP side of things!

lrb

Thanks mate! I see that you're reading CCIE OCG... do I sense a CCIE thread coming :wink

lrb

I've posted the DMVPN solutions on my blog for anyone who was following my other thread

DMVPN Troubleshooting Solutions | Internetworking blog by CCIE #45527

The second part of the workbook I've tried to show my method for troubleshooting things. I've also updated some of the initial configs which had minor errors in them such as some interfaces not being brought up initially.

On the SP side of things, I did watched two hours of INE ATC videos today on MPLS TE. In a week I'm on Narbik's SP bootcamp so I'm looking forward to another intense week!

NOC-Ninja

Goodluck! Thats a lot of work!

lrb

I had a day off of work today so I decided to hit the INE racks and the IS-IS portion of the SPv3 workbook. While at it, I renewed my AAP for another 2 hours for $1500, and got an extra 500 tokens! I have about 1300 tokens now so that is around 200 hours of SP rack rental (6 tokens/hr). I really like unetlab and web-IOU but there are some things I will need to do on real hardware such as VPLS. The SP workbook is nowhere near as comprehensive as the R&S one, but that's to be expected seeing as more people would do R&S first before SP rather than the other way around I would think.

6 hours today:
1) Read the AToM and VPLS chapters in MPLS Fundamentals

2) Completed all of the IS-IS sections from the SPv3 workbook.

3) Went through a bunch more examples on partial vs full SPF runs using my little unetlab topology and matching the debug output to my notes.

lrb

After a few days off sick, it's now 4AM Australia time and I'm starting the SPv3 online bootcamp

Paul Negron (the instructor) seems pretty awesome so far

lrb

About 12 or so hours today I think.. I'm kind of tired right now from the early wakeup so my sense of time is pretty hazy

1) Lectures on mostly IS-IS and BGP basics for about 7 or so hours.

2) Did all of hte IS-IS sections in the workbook and most of OSPF (most of this was was covered in R&S anyway)

The SP bootcamp is really good, Paul definitely knows his stuff

lrb

I'm still getting used to the early starts but at least lectures finish around 11AM so the rest of the day is mostly homework. Each day I've probably done at least about 3-5 hours of homework too.

A lot of stuff on the course has been a carryover from R&S and really the extra stuff so far has been inter-AS VPN and TE, which were covered pretty quickly.

The following video has been pretty good to clear up some questions I had on TE:

https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=5997&backBtn=true

And this is also not a bad read for people studying for R&S or SP:

Service Provider Security - Cisco Systems

lrb

The bootcamp last week was really good and I definitely learned more about my weaker areas, namely some of the different inter-AS VPN options and TE. I'll write something more up about it later but for now that will be my last bit of SP study for the year as I will be working on a writing a tool to test different failure scenarios for a customer at work. I might make it available on my blog when its done too as some people might find a good use for it in their environments.

Have a good Christmas and new years everybody

OfWolfAndMan

lrb wrote: »

Thanks mate! I see that you're reading CCIE OCG... do I sense a CCIE thread coming :wink

Haha. You know it! Lots of reading! Unfortunately, I have to justify a budget for some better switches first. The QoS material is killer though.

lrb

Sometimes you don't realise how much you need a break until you actually take one. Nearly 2 weeks off of studying has made me feel much more refreshed and ready to get back on track. Hope everyone else enjoyed their breaks too!

Started back with a relatively easy night tonight of reading Traffic Engineering with MPLS and doing some very small TE labs for maybe about an hour and a half.

Alex90

Out of interest, did you do CCNP SP or CCIP before you did the CCIE? I just wondered how the exam topics differ between CCNP, CCNP SP, CCIE and CCIE SP as it seems that order of exams is the natural progression.

lrb

I did CCNP R&S, then CCIP, then they got rid of CCIP so I did the two-exam path to get the CCNP SP for current CCIP holders, then I did CCIE R&S.

The CCNP SP is a good option after getting the CCNP R&S because it will give you a very good start on CCIE R&S topics such as multicast, MPLS, and BGP in a lot more detail. The only thing is you will need to know how to implement everything on both IOS and IOS-XR; not a big deal if you look at it in the grand scheme of things as you will have another desirable skill

You can spin up a few instances of XRv (free!) for about 6GB of memory and connect it to your existing lab infra to get the practice in too.

gorebrush

I wish I'd had done CCIP when I had the chance, but never bothered. Would have been handy, but it's a bit moot with the IE lab coming at me fast