CCIE Candidate

Welcome to Packet Pushers - the Data Networking podcast where we discuss events, technology, and worklife in the networking industry. Our motto “Too Much Networking Would Never Be Enough”.

During the week we gather articles, media and information various ideas then get together to discuss them. Basically, we get some senior network people around the table and talk about whatever is going on. We cover routing, switching, security, internet and happenings in and around the Networking industry, and sometimes we will pick a topic and go deep diving.

All three hosts are Cisco CCIE’s including Ethan Banks (they guy who wrote most of the material on the site), Dan Hughes (Security CCIE) and Greg Ferro (the guy responsible for EtherealMind.com website.

Subscribe in iTunes

You can subscribe in iTunes by clicking on the logo here.

MP3 Download and Player

Head over the to Packet Pushers pod cast website to download the MP3 or listen in your web browser.

Packet Pushers Podcast

If I am a member of your network or you of mine (how does that work anyway?), you may know I have been working diligently to reach as many hiring companies and CCIEs as possible. In my quest for perfection I am a student of the internet. But while I was still enrolling in the, “School of the Ether” I did a few things I was not sure at the time were wise. I registered URLs. Yup I was thinking that I might need them when I was starting out in this arena a few years ago specifically focused on CCIEs and Cisco Channel Partners. So even though there is a training company out there using CCIEJOBS.COM as a tag/keyword I actually own CCIEJOBS.COM along with ccienetwork.com, cciementors.com, cciecareers.com, cciementornetwor.com, cciestaffing.com, ccieagent.com, ccieflyer.com (of course), and more. (heck I can’t show my entire hand). At the time I was doing this I was not sure if I would need them or even use them. Then I started seeing the plethora of companies claiming to be recruiting CCIEs. Some were simply pulling down ads they found posted by competitors just to play games, others keeping postings out there just to collect resumes and still others taking time off from their real jobs to try their hand at recruiting. No disrespect but come on people, you just don’t start recruiting CCIEs because you can toss around the acronym. I get calls constantly from recruiters who want to partner or pick my brain. Typical questions are, “What is the difference between the written and the lab?” “Why do network engineers need certification?” “Why do Cisco resellers want CCIEs?” I will hop on LinkedIn while they are talking and pull up their profiles only find out they were working in sandwich shops, insurance companies, used cars dealerships, Wal-Mart, or they have been recruiting from utero. Now they claim to be CCIE recruiters.

So to make things easier I dusted off the old www.cciejobs.com URL and decided to use it for posting the work I am getting from around the world. Specifically from Cisco Channel partners and yes there are a few that do not require a CCIE, but network engineers never the less. So as I populate the site with my team’s activities and the demands from around the world I ask you to go have a look.

CCIEJOBS.COM a better place to see the jobs for CCIEs that will make a difference in your career.

The question has been posed as to why I’m going after the R&S written to recertify, as opposed to the written from another CCIE track.

Intellectually, I’m interested in the other tracks.  I love networking.  It would be great to take the SP or Voice written exam.  However, it’s a matter of practicality.  I don’t do MPLS at all in my current job.  I do minimal voice, mostly focusing on QoS schemes, not call managers or dial plans.  To ramp up to the level required to pass those written qualification exams would require substantial effort on my part.  I could do SP easier than I could Voice, but both would be a challenge…more of a challenge than I want to put time into right now.

As I dig back into the CCIE R&S book and begin reviewing, I’m finding that the material there is tough enough.  For example, one would think I’d know spanning-tree as a CCIE, right?  And I certainly do - but the details are elusive if you haven’t thought through the STP processes for a couple of years.  So I’m having to go back through the text and diagrams in the book, review all of the terminology, the packet level detail of BPDUs (how they are sent, who sends them, what kinds of information they contain, etc.), and bring all that knowledge buried in the back of my brain up to the front so that I can confidently use it to answer test questions.  My experience with Cisco multiple choice questions is that there are two or more answers you can throw out, leaving usually two answers that seem plausible.  Knowing your tech thoroughly makes the difference in being able to determine the best answer of the two plausible choices.  I know the new written exam has test questions other than multiple choice, but I’m making the point that “mostly” knowing the material isn’t the same as “thoroughly” knowing it.

That said, it’s a LOT easier to remember all of this material than it was the first few times I took it in as a CCNA and later CCNP.  But that’s still an awfully big book that includes more detail on MPLS than I had to know when I took version 3 of the written.  Let’s also keep in mind that the “official” book is just one book.  To really own the CCIE written test material, I’ll do additional reading on cisco.com and maybe some other books as well.  The one book will probably get me close, but I’ll need to consult other sources to round out some topics.

With the lab almost 2 years in my rearview mirror, my kids still get nervous when I make any statement with the term “CCIE” in it.  They’ll respond with a tentative question along the lines of, “Are you going to have to do all that studying like you did before?”  My kids don’t want to lose their Dad again.  The ”right” thing for me personally is to recertify in the most expedient way possible.  That means going for the R&S written again.  I think I have the best chance of passing that specific test on the first attempt, although since I’ve never seen the version 4 test, I admit it might take me more than once to pass.  There’s precious little I can find on the Internet regarding how people have fared on the version 4 test, although Anthony Sequeira seemed to think it was pretty easy.

Time, as they say, flies.  It seems like just yesterday I was doing my celebratory weep over the newly awarded digits, but here we are nearly two years later.  The time has come to re-certify.

To certify at the CCIE level a second time represents a choice.  You might think it’s not much of a choice (some would go so far as to call it a “no-brainer”), but it depends on what your perspective is on the value of holding the certification going forward.  One must exert an effort to study back up to a level sufficient to pass the written exam, especially as the body of required knowledge changes.  So then, is there a specific benefit to retaining the CCIE title?  For me, the answer is “yes”, although it’s a qualified “yes.”  I don’t work for a Cisco partner, nor does my employer provide any incentive to keep up the certification.  However, I am finding that the CCIE certification still opens doors that few other accomplishments can open.  I’m not sure when I might be in a position where I’m sorry I let the certification go away, so I’m choosing to maintain it for at least another cycle.  When a door is presented that I’d like to walk through, I don’t want it locked.

When I took the 350-001 written exam back in July 2007, it was version 3.  Now it is version 4.  To be honest, I’ll have to go back through the blueprint to see what’s changed.  More MPLS and less wireless I think are the highlights as I look at the table of contents in this whacking thick “CCIE Routing and Switching Certification Guide Fourth Edition” I just bought.  Mostly, the content is the same as before, though.  I think the test itself is a different testing engine, but that’s of no great concern to me.  If I know the material sufficiently well, I should be able to pass the test.  At least, that’s my presumption.

Last time I prepared for the written exam by reading every word of every paragraph of every chapter in the book (the Second Edition at that time). This time around, my plan is to use the “Do I Know This Already?” quizzes at the start of every chapter, and focus on the areas I’m forgetful of.  I will also use the Boson test question engine that came with the Ciscopress book, and possibly the NetMasterClass.com written test prep engine if I can figure out how to get back at that material (I seem to have lost access, even though I signed up for it just a few months ago).

I might post a bit more about that as I go along.

From Eman Conde, CCIE Agent:

A CCIE Widow’s Request

CCIE # 5804 was one of the very few CCIEs in Alaska.  I met him at Networkers in 2008 the month before his death.  I did not find out about his passing until March of 2009 when a friend and co-worker sent me a message about him after seeing his picture on my blog.  I had exchanged emails with him prior to Cisco Live 2008 so when we met I was pleased to make the acquaintance of one of only 4 CCIEs in Alaska that I knew of.  After Cisco shut down the NASCAR Grille CCIE party, I hosted a bunch of CCIEs at the Hard Rock Café near there at Universal Studios Orlando.  The band Modest Mouse was just finishing their last set for the night and we had a few beers together along with seven or eight other CCIEs.  The other guys were from Holland, Texas and a few other places.  But Dave and I talked a lot that evening and I am happy now, looking back that I had that chance.

At the end of August 2009 I received this email from Lee Gahm, Dave’s wife;

Dear Eman,

Sincerely,
Lee

So I am posting this so that anyone who knew CCIE # 5804, Dave Gahm will share in photos or in writing their experiences with Dave.  CCIEs have a way of influencing others across borders so I am happy to help Mrs. Gahm and Dave’s parents in gathering what I can through this medium Dave loved so much.

If you have anything you would like to share about Dave Gahm please respond to eman@ccieflyer.com.

Thanks.

Reading allot of blogs out there, there seem to be quite a few different approaches to studying for the CCIE. Some people read entire books, go through full COD type classes and then go on to either protocol labs or multi protocol labs. Others well read and wing the exam, some are actually successful some are not. Some just do Mock Lab type scenarios.

I for one do this, first I’ll read a chapter in a book about whatever subject I happen to be on. For this I’m going to use OSPF. I read that chapter on lets say, Routing TCP/IP by Jeff Doyle.. (Awesome book!). Rather than read the whole book, I go to lets say my Internetwork Expert COD and go through the OSPF videos. Then afterward, I open up an OSPF specific protocol lab, in this case Internetwork Experts’ VOL1 labs. Then go through my notes during the lab practice or after, refresh on anything and move on. Only after I’ve fully done all protocols in this scenario, do I move on to full protocol labs or mock labs.

What is your study habit? How do you prepare? Any pointers, comments or advice more than welcomed.

A little something from Eman Conde, CCIE Agent…

What does amnesty mean?  Well it has been years since I thumbed through my Funk and Wagnalls dictionary so I could not actually find it!  Instead I hopped on-line and looked it up.

Noun1.amnesty - a period during which offenders are exempt from punishment

Verb1.amnesty - grant a pardon to (a group of people)

If you have not been informed there are many ways to use your CCIE number.  A few of these methods are frowned upon by Cisco and can even cost you that hard earned number.  Yes, recently I personally witnessed the revoking of a pair of CCIEs who had associated their numbers to a channel they did not work for.  This is strictly forbidden by Cisco and can result in severe penalties to the Channel and the CCIE.  (see http://www.itworld.com/networking/69359/innocuous-or-unethical )

I felt pretty badly about the CCIEs losing their certifications and wanted to help prevent this as much as I can.  So I called Monica (my best friend at Cisco) and we put our heads together to come up with a solution.  From this chat the CCIE Amnesty program was born.

The rules are very clear about CCIEs whose numbers are used to help advance channel partners reseller status.  The CCIE must work and live where the company is located.  Number associations have been done in some creative ways both with and without the CCIE’s participation.  As I described in February on my blog http://www.ccieagent.com/ in the story , “CCIE Hostage Stand-Off”, sometimes unsuspecting CCIEs are fooled by a company simply to get them to associate their number.  The company in this story after passing the Cisco Audit put the CCIEs on unpaid leave.  In other cases the CCIE simply succumbs to the temptation to associate their number because their real employer has no use for it.  So they get a small fee for the number and are never utilized by the company, I call this a Rent-A-Cert.   This is a name used by a company acting as a recruiting company but in actuality putting certified individuals in harm’s way.

Here’s our plan, for the next 90 days I am asking any CCIE who is in a situation where their CCIE number is associated with a company they are not really working for to step forward and I will have their number released from that employer with no repercussions or penalties.  The company will then have nine months to resolve their need and the CCIE will help another CCIE have a shot at a real job.  Think about it, if you have your number associated with a company that needs the number you are taking a job away from another CCIE who needs a job.

How to proceed.

Send me an email eman@ccieflyer.com and I will call you to begin the process.  I will keep you out of hot water and help the channel partner replace you with a real CCIE to join their staff.  If you are the victim of a channel that is holding your number against your will I will help release your number also without reprisals to the channel partner in question.

Tell your friends tell your coworkers but most of all tell the man in the mirror (ala Michael Jackson) it’s wrong so let’s clean it up!  There is an effort to identify the fraudulent associations so please take advantage of this amnesty before you get a letter from Cisco about your CCIE number being revoked!

Peace!

I’m baaaccckkkk!  Now, on to the SP!  I finished my CCVP about 2 months ago and I needed a little break, but I’m ready to go again.

I just happened to glance at my calendar today and realized that I need to get my butt in gear.  I’ve scheduled the CCIE SP written exam for August 1 and I’m only about 30% of the way through MPLS Fundamentals!

I’ll be updating this site as I progress through each blueprint topic as well as posting a plan of attack.

Talk soon…

Ok, I’m feeling jet-lagged so I’ll just summarize here. Basically, Narbik’s bootcamp surpassed my expectations for a bootcamp. There was this great feeling I had the whole time of feeling ready and Narbik bringing us closer to the finish line. As most of you may already know, Narbik uses all whiteboard, and no powerpoint or overhead projection. THANK GOD! getting down in the trenches with us by drawing out all talking points just keeps you in tune and keeps the dialogue bidirectional.

So what else set Narbik apart? This bootcamp was fun. It was involved. He skipped over what we knew as the basics and got right down to the point on most topics. And when you thought you knew something… POW! You knocked you upside the head with fundamental scenarios that begged to differ.  What I really liked, is we were’nt follwing every keystroke while he configured an entire topology, watch us lab the whole time or try to dazzle us with his knowledge of english composition nor drink champagne with the aristocracy pinky finger up. This dude was straight down to earthand I loved that we got at least half the time in lecture. I mean, seriously, why the hell would I pay to go lab in a hotel banquet hall? I can do that at home for free. I want to have an interactive exploration of our favorite subjects and thats precisely what I got.  You don’t go there to feel smart. Join a bookclub if thats the case. You go there to be humbled and learn from it. 

So what didn’t I like? Eh, the location got changed at the last minute when I had my hotel reservations already, but it was only 10 min farther, so thats just plain old bitching. But LA traffic blows. And 9am start time was later than I expected, but then again, more bitching. 

Above all, it’s great to have a mentor in front of your face to answer and demonstrate you questions. Want to know the best part? I’ve made a habit of citing conflicting information from different sources, footnoting who it was said from. Then I put some of it to the test with Narbik. Well, lets just say he destroyed my footnotes and I enjoyed it.  Btw, I don’t think Narbik sleeps… at all.

Here’s some dark humor for you guys. This week i’m attending Narbik’s bootcamp in Glendale, CA and today was BGP.  Also here is  Paul Negron, technical reviewer of the CCIE offical Exam Cert Guide 3rd edition( i believe there’s a bio inside the cover). After wisecracking the We love oranges mnemonic for BGP path selection, Paul created his own on the spot. In all fairness we were all joking with a very twisted theme today. Pretty hilarious day actually. Here’s the new mnemonic for BGP path selection:

Weight, Local Pref, Network(best origination), AS, Origin code, MED, External>Internal, RID which is shortened as:

We Love Negron’s Ass on Mondays Except If Rashed

Er.. I may have helped a little bit. Sick yet hilarious. Oh man, it was a goofy day. But much was learned. In short, Narbik is the man

This is what I received in my mailbox today, I thought to share it
with you guys.  Below is the email from Narbik Kocharians.

For the longest time I have been thinking of either giving it up all
together or come up with something that will capture the entire
(CCIE) world, well I decided to really go after it and I mean full
ON, here are the changes that you may find in my future boot camps
starting in 2 months, here it goes:

The boot camp work book and the advanced work book will be combined
and sold as the new version 2.0.

The boot camp workbook will have the following:

• Brand New switching section, covering intense STP, RSTP, MSTP, and all new tasks.
• Brand new frame relay labs, 100 percent of frame-relay
• Brand new RIPv2 section, this routing protocol has 30 tasks in amini mock lab style, you have NOT seen anything like it, summarization and filtering like you have never seen before.
• Brand new EIGRP, if you think you had a hard ass EIGRP section, you wait till you see this one.
• Brand new OSPF and BGP section, everything is a fair game.
• Brand new redistribution and QOS section.
• Brand new Multicast section, this new section is over 150 pages.
• Brand new IPv6 mini mock lab section
• Brand new security and IP services section

I mean you have NOT seen better, listen guys I am NOT trying to sell you
the class, you have paid already, but I am telling you, even the lectures
have changed. YOU WAIT AND SEE.

My goal is to get 80 percent passing on the first try. That is a promise.

This is my first post and donot shy while sending me comments on my poor english. Till now I have written posts on layer 3 MPLS but did not get enough motivation to write on MPLS Internet. This is the first article of MPLS Internet working which is going to start as my first post on CCIE Candidate. Post is very basic and will not cover so technically except the basic flow of traffic.

Introduction

Serving internet in MPLSVPN cloud is really a frantic job. This is what I used to think but after reading lot of articles and paper I got full understanding. Of course, if you are aware of MPLS technology then it’s really a calm job. In the given scenario MPLS is running in service provider cloud and from now onwards service provider wants to serve internet with the help of MPLS. The focal point is route target in MPLSVPN cloud and you should have the basic understanding of working of route targets with import and export statements.

 Apologies for not uploaing scenario pic. May be some problem with the server.

Internet———R2-PE-INTERNET—–MP-iBGP——-R1-CUST-VRF———CE

Working

Router R2-PE-INTERNET is connected with upstream service provider from where the internet bandwidth is allocated. R2-PE-INTERNET is only having a default route towards the R3 router.

Ip route 0.0.0.0 0.0.0.0 2.2.2.2 [Default Route Towards The Internet Service Provider]

Before proceeding further on we need to understand the how the packet flow will work. It will be of two types :-

a)      PE itself works as internet gateway.

b)      PE is receiving the default route from another PE router and there after traffic will move towards the internet.

In this post I will keen towards the internet flow and its working configuration and simulation will provide in the upcoming posts.

Note:-On internet only IPV4 traffic will move. Internet doesn’t understand the vpnv4 traffic or label traffic.

Customer will send a request to the PE for shivlu.blogspot.com. The traffic sent by the customer will be ipv4 traffic; once it reached PE it will be entered in the vrf. So in vrf the traffic will look for the default route for internet. If the route will not present in the vrf, traffic will be dropped silently. So vrf must have a default route which should forward the traffic towards the internet gateway. Assume default route is in the CUST vrf routing table. Now the next question comes in mind what will be the next hop address of that default route? Definitely the next hop address should be the remote PE router from the router will learn the default route in vrf. I know its little sticky but don’t worry it will be cleared later. After reaching the remote PE traffic will look forward the ip address which will be available in global routing table and at last it will leave the service provider cloud. This is all about the traffic moving from CUST vrf to internet. Here we cannot stop because need to check how the traffic will come from internet and will receive by customer.

For reverse traffic forwarding; traffic will first arrive to service provider internet gateway router. After that global routing table will be checked for the destination address which is the CUST global ip pool. It means we need to advertise the CUST global internet pool in the service provider cloud. Now the question comes where it should be announced and how customer will receive ipv4 traffic because it is part of vrf? For achieving this service provider need to add a static route towards PE router which is directly attached to the CE.

Ip route <global route> <subnet mask> <outgoing interface address which is part of vrf> <next hop CE address>

Now the route is added in the global routing table and need to redistribute in IGP. There after route will be globally available on every router. So during the reverse path from internet traffic will come to know about the destination address via IGP and on reaching PE the ip traffic will forwarded in the vrf interface.

Now ping the global ip address 4.2.2.2 with source public ip from CE and you get the !!!!!.

regards

shivlu jain

First look at CCIE Command Memorizer.

Bought CCIE Command Memorizer today. My first impression of the product is very good. I already have IPEXPERT BLS as i mentioned in my previous post but this tool gives me different perspective that way i can learn. Even though i have to type the commands in full but i dont mind doing that. The whole thing is divided in parts. They cover most of the topics mentioned in the CCIE (R & S) blueprint. You cant type “  ?  ” for help, which means that you need to know the command before you type it. I think this is a good feature but everyone has a different view on things. The reason why i think it is great is that instead of typing ? all the times and drill down until i find the right command with COMMAND MEMORIZER i need to actually know what i am typing which means i can save a lot of time during my lab exam as i know the commands by heart. Another benefit of not having help when attempting any scenario is that it will change my habit of typing ? everytime and instead go to the CISCO DOC CD to find the answer which means i am improving my navigation skills for the CISCO DOC which can be very handy when i am doing my lab. But again everyone has a different view.

You can do the scenarios as many times you want. Once you are finished you can reset the whole page and do all over again. You dont even need internet connection, once you have activated the product you are good to go and you can use the product anywhere you want.

I tried the switching section and they have really good scenarios to work on. They start from basic and then complex scenarios.

Will update more once i have tried it a bit more.

Through all the reading and practice labs, these are some redistribution notes that I thought were very useful and helped me allot. So I’m sharing and maybe it’ll help someone understand or see things differently.

Notes on Redistribution

• When redistributing from OSPF in to BGP, by default, BGP only accepts internal routes not external type-1 or type-2.
• When redistributing into OSPF all redistributed routes get a metric of 20, except BGP gets a metric of 1.
• EIGRP needs a default-metric command or a metric when redistributing with route-map or with the redistribute metric xxx command.
• Watch for RIP metrics set to redistributed routes, might end up with 16, use metric, again in route-map or redistribute metric command.
• Only IS-IS Level-2 routes are redistributed by default
• Watch for administrative distance problems, especially since EIGRP has lower distance than OSPF.
• Beware of the metric used by RIP
• Redistributing in to RIP requires a metric or default-metric or it may get set to 16.
• Always filter routes when doing redistribution the use of route TAGS is extremely useful and sometimes necessary (to conserve time and headaches).
• BGP only redistributes eBGP routes by default (bgp redistribute internal) to change that.
• Make note of routes in routing table and from which protocol. Only routes in routing table get redistributed.
• Always watch for multiple points of redistribution and routes from a higher AD protocol going into a lower AD protocol then back into Higher AD, use route TAGS as well for this.
• Only change Protocol AD if absolutely necessary.
• route-maps are extremely useful in redistribution as in BGP.

If you have further notes that are useful and wish to share, well then go ahead an leave me your thoughts

My study plan coming soon… Workbooks used and methods :0

I read Luis Garcia’s excellent post about fitness and study, and mostly agree. I am not as conscientious about my fitness as Luis, but here are my thoughts on how I plan and execute on study. You should make choices that suit your life, but if someone wants my to hear my suggestions, here they are.
Read more »