It begins.

rakem

Working through BGP labs again last night and this morning.

Mainly the aggregation stuff:
Suppress maps - allows specific subnets to be suppressed and others to not be
Unsuppress maps - when summary only is used you can use the unsuppress map to advertise a specific prefix - this is configured per neighbor
as-set - advertises as-path info in aggregate routes - unordered list of of as-paths
attribute-maps - allows an aggregate roue to set attributes, useful for removing attributes inherited from aggregated prefixes
advertise-maps - allows you to specify what prefixes will go be used for aggregation.

Mrock4

Keep up the good work. It sounds like we're both pretty close topic-wise, I'll be beginning BGP next week more than likely. How long do you think it'll take for you to get through BGP?

rakem

Been on it for about a week and a half. I'm thinking another week. I only really get good lab time on weekends so its taking a while. Its a big topic in the INE books.... is that what you are following?

Mrock4

Yeah. I am using INE Vol I. I know BGP is a huge part. I've been on OSPF a while, so I imagine I'll be on BGP a few weeks too. I'll definitely be following your progress since you're planning on sitting the lab a couple of months before me.

That being said, if you weren't a CCIE candidate I'd say "enjoy your weekend", but since you are...........Go Study!

rakem

Yea OSPF was crazy, so many little things about it that I never really knew. I spent a very long time on OSPF as well and will probably revisit it again soon.

Mrock4

Yep! I'm about 3/4 through OSPF now, and already want to go back and review the OSPF Frame-relay sections. I don't know if it' similar to what you're doing, but I plan on setting aside one session every couple of weeks to circle around and lab a topic again. For example, right before I start BGP, I'll probably do some Layer 2/FR review. After BGP, I'll come back for a day or two and review some OSPF before moving on.

jamesp1983

Mrock4 wrote: »

I don't know if it' similar to what you're doing, but I plan on setting aside one session every couple of weeks to circle around and lab a topic again.

That's an excellent idea. Do you guys continue to review your flash cards or notes from the Written?

rakem

I'm still taking new notes as I go through the labs!
But yes every so often I go back and review the labs I have already done

Mrock4

Right now I read Cisco docs and other various books (only an hour at a time) on my off days- Tues/Thurs/Sun. It's not much but I think it's enough to keep me sharp on the theory side.

Rakem- do you feel you're on target to take the lab in December? I know it's a bit early to tell, but I was just wondering since I'd assume you'd be scheduling the lab in a couple of months.

jamesp1983

rakem wrote: »

I'm still taking new notes as I go through the labs!
But yes every so often I go back and review the labs I have already done

Im the same way. I have over 260 pages from just labbing alone.

rakem

Mrock4 wrote: »

Rakem- do you feel you're on target to take the lab in December? I know it's a bit early to tell, but I was just wondering since I'd assume you'd be scheduling the lab in a couple of months.

Hmmmm hard to say right now. I'm comfortable with the routing protocol side of things (OSPF probably needs some more time though), and layer 2 stuff is also fine. Its Multicast and QoS that i'm worried about.

I haven't attempted any of the INE mock labs yet, I think once i start hitting them I'll get a better idea.

My original target was late December, I'm still keen to have it done by then, but not to worried if I slip a few months.

NetworkVeteran

rakem wrote: »

Its Multicast and QoS that i'm worried about.

You aren't tempted to take the Cisco QoS exam?

I'm taking that sidestep precisely because I think being an expert at QoS will shore up one of my weakest areas and make the CCIE R&S that much easier.

rakem

NetworkVeteran wrote: »

You aren't tempted to take the Cisco QoS exam?

I'm taking that sidestep precisely because I think being an expert at QoS will shore up one of my weakest areas and make the CCIE R&S that much easier.

hmmm haven't thought about it. Might look into it, but I would prefer keep focused on the CCIE.

Big outage a work on Wednesday ruined my studies, very late night, we had all customers down due to a SAN issue.

Anyway back to it this morning 5+ hours on INE labs, almost finished the BGP section.
Once finished with BGP i'll probably take two weeks to go back through the INE labs I have done so far, so layer 2 stuff, RIP, EIGRP, OSPF....

Plan to finish BGP this weekend.

Mrock4

Go rakem! I'm just now beginning BGP, but will sidestep a bit to review my layer 2 topics briefly (a day or so) as well as EIGRP/OSPF before moving on. Using CBT Nuggets CCIP BGP videos to review BGP first.

How did you find the INE Vol I labs for BGP? I probably won't start them till later this week, but I'm hoping they're pretty challenging.

rakem

The INE labs are quite good. I'm enjoying it.

PsychoFin

rakem wrote: »

I need to re-certify my Juniper Certs at the end of the year, will probably go for the professional track so that might be a bit of a challenge!

Yeah the P exams are very different from the S ones. They are very much scenario based and have some very large and complex scenarios, so each question can take quite a long time. My attempt at the JNCIP-ENT was definitely a wakeup call

Good luck though!

Regards,
Fin

PsychoFin

NetworkVeteran wrote: »

You aren't tempted to take the Cisco QoS exam?

Keep in mind that the QoS exam is retired though Well, not really, but all its associated exams are either changed or retired.

rakem

2 1/2 hour labs. Just got the last 7 BGP exercises to do.
Tonight was mainly about manipulating the local AS number.

local-as command = allows you to send a different AS number in BGP open/update messages
replace-as command = replaces the real AS number (the one in router bgp [AS] with the AS number configured with the local-as command (only when advertising to ebgp peers)
dual-as command = allows a router to establish a bgp peer on either the local-as or he real as.
no-prepend = will not prepend the real AS to incoming updates from ebgp peers.

Also did the dampening labs... not too much new there.

BGP to be finished in my next lab (Thursday) Then I have two weeks going back over the labs I have already done and also catching up on some reading. The I'll hit up multicast.

rakem

Finished INE BGP section. The last few little labs were a bit obscure.

ORF - Allows a router to send its inbound prefix list filter to a peer. This will allow the peer to not send the prefixes to the peer who sent the prefix list. I guess this is to save bandwidth.... why send the prefixes to someone who is just going to filter them out anyway.

BGP fall over - allows a neighbour to only be torn down only if the IGP route to it is lost.

BGP TTL security - Allows you to specify how many hops away a peer can be. Useful for preventing TCP SYN attacks on port 179. If all your peers are say max of 5 hops away, you can configure TTL security to drop any TCP 179 SYN from something that has a TTL of less than 250 (255 - 5). Pretty neat.

Didn't know much about this stuff, seems like features that wouldn't be used to often.

Anyway, as i mentioned, its time to go back and review the stuff I have done so far. Plan to do lots of reading also. Giving myself two weeks of 'review' time before hitting up the multicast INE labs.

Two 5 hours INE labs scheduled this weekend also. Will just pick a few bits and pieces from the topics i have covered so far as a refresher.

Forsaken_GA

rakem wrote: »

Finished INE BGP section. The last few little labs were a bit obscure.

ORF - Allows a router to send its inbound prefix list filter to a peer. This will allow the peer to not send the prefixes to the peer who sent the prefix list. I guess this is to save bandwidth.... why send the prefixes to someone who is just going to filter them out anyway.

I've never actually seen this used in practive.

BGP TTL security - Allows you to specify how many hops away a peer can be. Useful for preventing TCP SYN attacks on port 179. If all your peers are say max of 5 hops away, you can configure TTL security to drop any TCP 179 SYN from something that has a TTL of less than 250 (255 - 5). Pretty neat.

TTL Security is marginally useful. For eBGP purposes, unless your transit links are being advertised into the global BGP table (big no no), then the only folks who could make an attempt at it are folks directly connected to your peers, as other AS'es shouldn't have a route to those links.

It's more useful for iBGP to keep your internal peering sessions safe, but if your environment allows TCP SYN attacks to be made against your border routers from internal hosts (or at the very least, doesn't pick up on them very quickly), you've got a much bigger security problem.

Sett

Forsaken_GA wrote: »

I've never actually seen this used in practive.

We are using it on the peering between the CE and PE routers. A little "gotcha" with it is that if you update the inbound ORF prefix list it won't be enough just to clear the session with "clear ip bgp x.x.x.x soft in" but you'll have to add "prefix-list" in the end of the command to push the new ORF filter to the peer too. Or at least on some older versions is like that...
Another weird thing is that it works between Cisco and Juniper too.

rakem

Forsaken_GA wrote: »

I've never actually seen this used in practive.

It's more useful for iBGP to keep your internal peering sessions safe, but if your environment allows TCP SYN attacks to be made against your border routers from internal hosts (or at the very least, doesn't pick up on them very quickly), you've got a much bigger security problem.

I believe it only works for ibgp? Thats what the INE book says at least. Haven't tried to configure it though.

rakem

5 hours or so this morning. Going back through workbook 1.
It's so easy to forget some of this stuff!
Pretty good lab though. Finished 80% of the bridging and switching labs. Had a bit of trouble with the QinQ stuff but apart from that it was all pretty good.

Another 5 hours lab scheduled tomorrow.

Mrock4

My previous employer (service provider) also used it between PE/CE routers.

Rakem- which 5 hour labs are you doing? INE?

rakem

Mrock4 wrote: »

Rakem- which 5 hour labs are you doing? INE?

.

Yep i use the INE racks. On weekends I book 5 hour sessions.
Also try to throw in a few 2 1/2 hour sessions during the week. It actually handy that they have changed the lab session length to 2 1/2 hours.

It means after work I can do a few hours of study, 5 hour labs after work were too draining.

rakem

Only managed 3 hours so far today... late night last night.

rakem

2 1/2 hour INE lab tonight.

Finished off the review on layer 2 stuff. Spent most of the time on private VLANs.

Another 2 1/2 hour lab on Thursday.

Lab hours are now greater than reading hours!

rakem

Frame relay review/lab tonight.

I always struggle with frame relay, I know how it works and can configure it easily.... I just don't see the point of it anymore.

Maybe one day Cisco will remove it from the R&S lab.

jamesp1983

rakem wrote: »

Frame relay review/lab tonight.

I always struggle with frame relay, I know how it works and can configure it easily.... I just don't see the point of it anymore.

Maybe one day Cisco will remove it from the R&S lab.

I've heard some rumors that they will be removing it.

rakem

jamesp1983 wrote: »

I've heard some rumors that they will be removing it.

Yea that would be good. Replace it with more MPLS stuff, without encroaching on the SP CCIE exam to much.

Anyway, around 2 hours labbing and note taking tonight. Pretty much blew through the frame relay INE labs. Got a bit stuck with some of the obscure stuff at the end like bridging over frame relay.

It seems the last few labs in the INE books (no matter what topic) are always the really obscure stuff. Probably not much change of getting tested on this in the real lab.