HASH (TS2, DIAG H2+, CFG H1+)
Dec 13, 2018 Admin CCIE RS Feedback

Greetings C4C Family,
Alhamdullilah! I have passed my CCIE RSv5 lab. This is bit longer report/feedback. I hope you guys get full benefit out of it.
First and foremost; I would like to thank my instructor from C4C and team members for their continuous support and tremendous help. Without their assistance it is quite difficult to get the number.
####C4C-EVE Platform vs. Real Lab impressions ####
EVE platform and IOS images are very stable in practice lab, the real lab environment is almost same yet little bit more stable so you can do your practice with full confidence on EVE platform. The new updated platform is almost same as lab. In lab you will have multiple chrome windows to access topology, questions, all questions, incidents and other things.
#################################
I encountered TS2-BT3(Mix), H2 DIAG and H1+ CFG.
############# TShoot Feedback ########
Ticket 1:
SW400 and SW401 Preconfig:
* Extended ACL 111 with permit ip any any at sequence 30
* 2 Vmaps one with match ACL -> action drop and one with action forward
* OSPF is passive for VLAN 2000-2001
R40:
Preconfig:
* lease 0 2 configured under pool
Solution:
* add sequence 25 with deny ip any any on both SW400-401
* no lease on R40 pool and apply lease infinite
* Un-passive the VLANs
Tip: Console messages are disabled, so just check "sh ip int br" on User4 if it got the ip address. I wasted 5 minutes waiting for console message just like our EVE practice.

Ticket 2:
SW111 Preconfig:
* OSPF cost is 9 on interface connecting R15
* Cross check DHCP pool, lease was configured here too
R14/R15:
* BGP configs are 100% ok (next-hop-self, peering, and NAT etc)

Solution:
* Make ip OSPF cost 10 (default cost)on SW111 interface connecting to R15
* SW111 will start preferring the R14 route due to lower router-id for 8.8.8.8

Ticket 3 Mix: 2 Faults but had to solve more faults to ditto match the traces
* Required to advertise the directly connected interface of R22/R23 in BGP so that the MPLS AS stamps are matched
* Could be vice versa for R12 and R13 to match the MPLS AS stamps
** One of trace from SW210 for odd was not matching the hop number 4 (113 vs 213)

R22/R23 Preconfig:
* Either loopback 0 is configured in wrong PID in R22 or not advertised in right PID on R23
* Origin type mismatch as per ODD and EVEN requirements same as WB

Solution:
* Fix R22/R23 OSPF and Loopback advertisements
* Advertise the directly connected interface of border routers
* Fix the origin type IGP as per required for EVEN or ODD
** To match the 113 or 213, manipulate the OPSF cost, I did 9 on interface connecting to the requirement and trace matched
Tip: After you complete all 4 required traces, just soft clear OSPF and BGP on 4 border routers and cross check once again. Helps in updating routing table with new manipulations.

Ticket 4:
* One trace required from server 2 (same as WB)
* One trace required from R41 or R41 (different from WB)
** Do not touch any BGP attribute

Solution:
By default trace is going via MPLS path due to R20 getting preferred as lower BGP router-id.
R20:
* Increase loopback 0 cost to 1000, clear OPSF and BGP
* Trace will start going via R21
As for the return trace, it just worked fine. No need to touch anything.

Ticket 5:
* sh ip route ospf on R60
Issues:
* Wrong tunnel ip address mask on R60. /32 -> make it /24
* The OSPF area is 1 so keep it 1 between HUB and SPOKES

Ticket 6:
* Only advertise the VLAN 2001 in OSPFv3 on SW11 and all things work fine

Ticket 7: 2 Fault indication
* One trace required from SW500
* One trace required from Server 1 (different from WB)
Issues:
* R5 is not advertising loopback 0 in OSPF
* MPLS is not running on R5 inside interface
* R10 has OSPF distance 19
Solution:
* Advertise the Loopback on R5
* Enable MPLS on R5
* Cross check MPLS neighbourships on R1 (#sh mpls ldp nei | inc TCP)
* On R10 make distance 110
Return Trace from server 1 issue:
* The trace required that from SW111 the preferred outgoing way should be via SW101 (could be SW100).
* Manipulated the cost on SW111 interface from where trace was required i.e. #ip ospf cost 9 (E1/1 or E1/0)
** After that clear OPSF and BGP and trace matched

Ticket 8:
* Lease 0 2 was configured on R30
* IP ARP and IP DHCP Snooping were configured on SW310
* sh run | inc interface | ip dhcp
* sh run | inc interface | ip arp
** ip arp was missing on one of the port channel
* Just apply ip arp inspection trust and ticket solved

Ticket 9 and Ticket 10:

Preconfigured items:
* NAT Pool overloading method was used
* interface loopback 123 (123.45.67.48)
* interface loopback 123100 (123.45.67.100/32)
* ip prefix list 123100 (permit 123.45.67.100/32)
* route-map 123 (MED value was influenced on both borders)

There were some route-maps also applied on both border routers R24 and R25. I was not able to solve this ticket but when I used the trace towards server1. It always went thru R25 but never went thru R24.
This ticket took a great amount of time and pressure on me. Just when 30 minutes were left, what I did is I went back to Ticket 1 and started cross checking every trace/ping and do write on every router and switch just so that I'm sure that all previous tickets are properly solved.
One thing more that made me nervous is that Ticket 10 is dependent on ticket 9 and I spent way too much time on ticket 9. In just last 5 minutes when I checked ticket 10 it was telnet 123.45.67.100
I quickly managed to use the ip nat outside commands on both border routers and viola! ticket 10 was solved.

################### DIAG Part ###################
Consider DIAG part as a cool down and gear up time for CFG. DIAG is fixed 30 minutes, you cannot end it only you can select the appropriate answers and section will end automatically and graded automatically as well.
Take first 5 minutes of DIAG as a cool down time after rushing from Tshoot section. Then solve the DIAG tickets.
You must remember the trigger points to differentiate the H2 vs. H2+ and H3 vs. H3+ (This is very essential !!!). If you can differentiate the DIAG scenario then you can solve the DIAG tickets no maximum then 10 minutes.
I got H2, all things were same as workbook. Only be careful when selecting the packet. make sure you select the first packet which has RA from FE80:666
My sequence was same as workbook which is #193
If you sum up the above time you have used 15 minutes and you have 15 minutes spare. What I did is I got outside the lab (with badge of course) and went to restroom, washed my face and got bit refreshed and then came back to lab. I still had 7 minutes left.
I prepared my mind for CFG, revising key points for every lab H1,H2,H3 in my mind. I was very much ready to face any of the lab.
I wrote on scratch paper in red color "DO WR" so that whenever I end a question I must do wr and all minor details that we tend to forget.

#######CFG H1+ ##########
I will not say much here about H1+ as it is one of the oldest lab and most mature lab. Everything was as per workbook and If you can solve the workbook version then lab version is way more easy. Many things are pre-configured such as SP side eBGP peerings in VRF were pre-configured on all necessary routers. But there's a catch; router-id were missing.
Half baked DMVPN was also configured with some itsy-bitsy errors, fixed them easily.
I saved the ISAKMP and IPSEC configs from Tshoot and it helped me in VPN section.
Everything is basically same as workbook 100%. You must know the art of checking pre-configs and apply necessary missing configs and using notepad efficiently.
I got H1+ but that does not mean I left H3. I almost practised H3 lab up-to 50-60 times.

################### Mistake sheet method for CFG ########
What I usually do is I keep a mistake sheet with me in which I record the mistakes that I most frequently do while labbing. In every lab one can do some obvious mistake unknowingly and those mistakes can cost you very much. Best way to avoid such mistakes is make a sheet for each lab and record your most frequent/obvious mistakes and keep practicing until your sheet is all crossed off that means you know/learn from your mistakes and you will not do same mistakes in real lab exam.

########Closing Note #######
"The master has failed more times than the beginner has even tried."
#######################


CCIE

CONNECT TO US
CCIE DC
CCIE RS
CCIE SECURITY
CCIE SP
JNCIE DC
JNCIE ENT
JNCIE SEC
JNCIE SP


Last News