Preparing SP lab-part1 22Dec08 d-3927.pdf

7/31/2019 Preparing SP lab-part1 22Dec08 d-3927.pdf

1/29

Preparing for the Cisco CCIE Security Provider Lab Exam 1Posted to the Cisco Learning Network www.cisco.com/go/learningnetwork 2008 Cisco Systems, Inc. All rights reserved.

Preparing for theCisco CCIE Service Provider Lab Exam

Part I of III


2/29


This presentation is the first of a three-partintroduction to the Cisco CCIE ServiceProvider lab exam.

Although this presentation is not to beconsidered a course, it will give you someuseful information and tips for preparing totake your lab exam.

Disclaimer


3/29


Topics

PART III

PART II

PART I

Sample QuestionsSession 8

SP MulticastSession 6

Resources and Test-Taking TipsSession 9

MPLS, VPN, and TESession 5

QOS and SecuritySession 7

BGP ProtocolSession 4

IGP ProtocolSession 3

Layer 2 ProtocolSession 2

Lab OverviewSession 1


4/29


Session 1CCIE ServiceProvider LabOverview


5/29


CCIE Service Provider Lab Exam:

Locations

+

Sydney

Hong Kong

San Paulo

RTP Brussels

There are seven worldwide CCIE Service Provider lab locations.

Beijing

San Jose


6/29



Equipment and Cisco IOS Version The lab may test any feature that can be configured on the

equipment and Cisco IOS versions that are listed below and thatare on the CCIE website. More recent versions may be installed

in the lab, but you will not be tested on them.

Cisco 7200 series routers

Cisco IOS 12.2S (SERVICE PROVIDER/SECURE SHELL 3DES)


Cisco IOS 12.3T (ENTERPRISE PLUS/H323 MCM)





Catalyst 3550 series switches

Cisco IOS 12.2 (IP SERVICES)


7/29


Cisco Service Provider Lab Exam:

Equipment in the Rack

The equipment on the rack assigned to you isphysically cabled, and you should NOT tamper withit. Before starting the exam, confirm the workingorder of all devices in your rack.

During the exam, if any device is locked or

inaccessible for any reason, you must recover it.

When finishing the exam, ensure that all devices areaccessible for the grading proctor. Any devices that

are not accessible for grading cannot be marked andmay cause you to lose substantial points.


8/29


CCIE Service Provider Lab:Logical Layout

Access Net

SP Core

ATM/Eth BB

High-end routers formmultiple AS SP core.

Low-end routers andswitches run as access

routers.

Backbone routers providediverse information

injection.


9/29



Rack Access

Comm Server

Candidate PC

Exam

Routers

Ethernet

Candidate Workstation Candidate Rack

Corp Network


10/29


Session 2CCIE ServiceProvider Lab Exam:Layer 2 Protocol


11/29



Preconfiguration

The CCIE Service Provider lab exam is preconfigured with

basic Layer 2 protocol on the devices, giving the candidatemore exam time to work on service provider-specifictechnologies.

The routers and switches in your topology have these

preconfigurations: Basic IP addressing, hostname, and passwords Switching: trunk, VLAN Trunking Protocol (VTP), and VLANs

Frame Relay: data-link connection identifier (DLCI) mapping(static and dynamic)

All preconfigured passwords are 'cisco'

Do NOT change any preconfiguration on any device(s)unless explicitly stated in a question.


12/29



Layer 2 Preconfiguration Verification

Candidate is responsible for making sure that the

preconfiguration is working properly. Here are useful commands to verify pre-configuration:

show vtp domain

show vtp status

show vlans

show interface trunk

show frame-relay map

show frame-relay pvc show interface (type) (s/p.x)


13/29



Frame Relay

Terms to know:

DLCI: data-link connection identifier LMI: Local Management Interface

FECN: forward explicit congestion notification

BECN: backward explicit congestion notification DE: discard eligible

Bc: committed burst size

Be: excess burst

CIR: committed information rate

MinCIR: minimum committed information rate

Tc: committed rate measurement interval


14/29



Frame Relay (Cont.)

Features to practice:

Traffic shaping Multilink

Fragmentation

FRFR


15/29



PPP

Terms to know:

LCP: Link Control Protocol NCP: network control point

PAP: Password Authentication Protocol

CHAP: Challenge Handshake Authentication Protocol


16/29



PPP (Cont.)


Authentication PPP multilink

Fragmentation and interleaving

Compression

PPPoE


17/29



ATM

Terms to know:

PVC: permanent virtual circuit

SVC: switched virtual circuit

VPI: virtual path identifier

VCI: virtual circuit identifier

ILMI: Integrated Local Management Interface

AAL: ATM adaptation layer


18/29



ATM (Cont.)


PVC and SVC RFC 1577

PPP over ATM

Traffic shaping and policing

Frame Relay ATM Interworking


19/29


Session 3CCIE ServiceProvider Lab Exam:

IGP Protocol


20/29



IS-IS Addressing

Area address: Variable-length field composed of high-orderoctets of the NSAP, excluding the SystemID and NSEL fields.

SystemID: Defines an ES or IS in an area; Cisco implementsa fixed length of 6 octets for the SystemID.

NSEL: Selector, also designated as N-selector; it is the lastbyte of the NSAP and identifies a network service user (transport

entity or the IS network entity itself). Example:

49.0002.0000.0000.5555.00Area = 49.0002, SysID = 0000.0000.5555, Nsel = 00

IDP

AFI IDI

DSP

High-Order DSP System ID NSELVariable Length Area Address 6 Bytes 1 Byte


21/29


Intermediate System-to-Intermediate System (IS-IS) has a 2-layerhierarchy: Backbone and Area

An intermediate system can be:

Level 1 router (intra-area routing) Level 2 router (inter-area routing)

Level 1-2 router (intra and inter-area routing)

Level 1 router Has neighbors only on the same area

Has the Level 1 link-state database (LSDB) with all routing information forthe area

Use the closest Level 2 router to exit the area

Level 2 router May have neighbors in other areas

Has a Level 2 LSDB with all information about inter-area routing

Level 12 router

May have neighbors on any area

Has two LSDBs: Level 1 and Level 2


IS-IS Router Level


22/29



IS-IS Backbone

Backbone must be Layer 2 contiguous.

L1L2

L1L2

L1L2

L1L2

L1L2

L1-Only

L2-Only

L1-Only

Area-2

Area-1

Area-3

Area-4L1-Only

L1-Only


23/29



IS-IS Circuit Types

Circuit type

Level 1 only Level 2 only

Level 12 (default)

Link type

Point-to-point

LAN

Designated router or Designated Intermediate System (DIS) is

elected based on interface priority, with the highest MAC addressbeing the tie-breaker.


24/29



IS-IS Commands

Router commands

router isis (tag) net XX.XXXX. ... .XXX.XX

is-type level (X)

redistribute (routing protocol)

Interface commands

ip router isis (tag)

frame-relay map clns (dlci) broadcast

isis circuit-type level (x) isis priority (value)


25/29



IS-IS Commands (Cont.)

Verify and Troubleshooting Commands

show clns protocol show clns neighbor

show clns interface

show isis database detail

show isis topology

debug isis adj-packets

debug isis spf-events

debug isis authentication information


26/29



IS-IS Practice


Multiple network entity titles (NETs)

Metric adjustment

Node or link level

Fast hello Authentication

Layer 2 to Layer 1 routes leaking

Overload bit signalling


27/29



Open Shortest Path First (OSPF) Terminology

Link-state advertisement (LSA) Type: router LSA,network LSA, summary LSA, external LSA, andopaque LSA

Area, backbone, Area Border Router (ABR), andAutonomous System Boundary Router (ASBR)

Media type: point-to-point, broadcast, and non-broadcast

Cost and router ID

Hello, flooding, and SPF calculation

Note: Advanced OSPF features such as stub, not-so-stubby area (NSSA), virtuallink, and demand circuit are not tested in the CCIE Service Provider lab exam.


28/29



OPSF Commands Router commands

router ospf (process ID)

network x.x.x.x area y.y.y.y

neighbor x.x.x.x

Interface commands

ip ospf network ip ospf priority

ip ospf hello-interval

Show commands

show ip ospf interface

show ip ospf neighbor

show ip ospf database


29/29


This presentation will be continued in Part II

Documents

Preparing SP lab-part1 22Dec08 d-3927.pdf