www.CCIEtrack.com
Del.icio.us!Digg!StumbleUpon!Email a Friend!

CCIE Lab Track

This is a copy of articled published Feb. 19, 2002, however you may still find it worth reading.
Note: I wrote this over two years ago, right when the lab introduced ATM (no voice, and with the old two-day format). I hope it's still somewhat useful. --ljk
Written by Liam Keegan @ liamkeegan.com

I wanted to put a document together that might help other people understand the Cisco Certified Internetworking Expert (CCIE) lab practical exam. For the few that don't know, the CCIE is one of the hardest and most sought after technical certifications. Unlike other companies' certifications, the CCIE exam tests practical knowledge in a build-it/break-it environment. In this little dissertation, I'll go over what I did to study for the lab, and more importantly for you, what I would have done differently. I hope that this little blurb will help people with their trek to the CCIE.

What does your lab look like? What do I need?

I used the following equipment:
  • 4 Cisco 2516's
  • 2 Cisco 3640's
  • 1 Cisco AS5300
  • 1 Cisco Catalyst 5505

One of the Cisco 3640's is populated with dual T1/PRI cards. The individual routers have serial cables between them and an ADC T1 shelf. I made five T1 crossover cables (crossing pins 1,2 with 4,5) that run from the ADC shelf to the T1 cards in the 3640. Basically, I came up with this configuration because I didn't have enough Cisco serial crossover cables or a four port serial module for my 3640. The frame switch config can be changed to HDLC, PPP, or whatever layer 2 transport I want. I also have a V.35 DCE/DTE cable pair that I have attached to R1 and R2. I can extend the width of the network by routing traffic across this cable, instead of using the switched cloud. This is also a way to practice multiple paths: configure the frame switch for only fractional T1, and route traffic between interfaces accordingly.

All ethernet interfaces run into the Catalyst 5505. R1 is in port 2/1, R6 is in port 2/6. I threw the AS5300 into the rack for a few reasons: it has a fast ethernet port, so it can do ISL/802.1q trunking, and if I run a PRI line off of my phone switch, I can set up Radius/TACACS authentication, and all sorts of dial up services. Each of the 2516's have an ISDN port on them, but my lack of an NT1 shelf unit and an ISDN emulator makes these ports pretty useless. I can still go in and do the commands, however there is no way to test the configs. Look for a Madge AccessSwitch 60 pretty soon (hopefully).

Finally, I have a 16 port async module in the frame relay switch. Every router can be accessed by telneting into the frame switch, and opening a telnet session from there.

While the hardware in my own lab isn't exactly what's in the real lab, the equipment that I have is more than adequate for studying. You could build yourself a little network with four Cisco 1005's and a Cisco 2520. You might not get all the functionality that a full-featured IOS'd router will have, but you will get 80% of it. Remember, you don't need a frame-relay switch for complete connectivity. You can run async SLIP/PPP over the aux ports, and tie ethernet interfaces together to form different networks. To practice access-lists, for example, take two computers and tie them to the ethernet port on any router. Assign one computer to be 192.168.1.1/24 and the other computer 192.168.2.1/24. Create some IP's on the router, set the workstations to point at the router, and try to route between them. It's not pretty, but it will teach you how to create an access-list. At a minimum, I would recommend three routers. With two back-to-back cables and a couple ethernet crossovers, you've got yourself a good lab configuration. Throw some enterprise software on them, and you can do pretty much anything.

Lab equipment can be difficult to obtain. Just ask my boss: I had to beg, borrow, and steal to get this lab put together. Before I dug up that old Kentrox shelf, I was stuck with two back-to-back cables and three routers. Luckily, I got my hands on some 2516's. The lease ran out on a customer's AS5300. Boom, it was stolen for the lab. If you are a Cisco Premier Partner, there is a NFR program. This lets you purchase Cisco equipment at substantial discounts for internal use only. Also, buy used stuff. It might be old, but if it runs 11.x and later IOS, you're in business.

So, how did you study?

"So, how do I study for this test?", you ask. "Do I need to purchase lots of expensive books? Is it worth it for me to buy a router? How many? Do I need expensive routers? Will they test me on OSPF? How many routers are there? ATM? Voice?"

Some of these questions I can answer, some I can't. Please don't email me about what was on the lab. I've developed a nasty case of selective amnesia.

What books did you buy?

I did buy the Bridges, Routers and Switches for CCIE's book by Andrew Caslow. I read it cover to cover, and I'm pretty sure it was worth it. Some parts of the book were very good, some parts were verbatim copies from the Cisco Documentation CD. The frame relay stuff was pretty good, but I felt it lacked in multiprotocol. If you can find the book for a good price, I highly recommend picking it up. (Slight sidebar: each time I took the CCIE lab, I packed the Caslow book with me. I never opened it, but for some odd reason, I thought it might be good to have.)

For less Cisco-specific reading, I'd absorb the Internetworking Technologies Handbook. It gives a pretty thorough overview of Layer 2 and 3 technologies. Randy Benn's CCIE page has links to a ton of Cisco documents. Read and memorize, and develop a firm grasp of networking!

What do I need to pass the test?

I know that everyone and their mother has heard of the Cisco non-disclosure (NDA). I'm going to tell you the secret to passing your CCIE on the FIRST try. Please don't tell Cisco I've told you -- they might kick my ass/un-CCIE me/throw me in jail. I've got to type really small so people don't read this over your shoulder. Keep this between you and me, ok?

KNOW EVERYTHING ON THE DOCUMENTATION CD.

Now, in case you can't squint to read that, I said, "know everything on the documentation CD." I know the shock you must be feeling! "How can he expect me to read and memorize every document on the CD?" Nonononononono. I said, "know everything ON the documentation CD." If you're in the lab, and you need to look up the syntax of a command, you don't want to burn time by waiting for the CD's search engine to spit out half a billion documents. If you need to look up the syntax for "frame-relay route", know EXACTLY where to go.

Let's have an example quiz. Pretend you're in the lab. Nervous? You betcha. You read...

In no more than two minutes, design an IPX access list that applies to a DDR interface which satisfies the following criteria:
  • No IPX serialization packets should trigger the link to dial.
  • No IPX RIP/SAP updates should trigger the link to dial.
  • No Novell autodiscovery packets should trigger the link to dial.
  • Everything else can trigger the link to dial.

Sounds like a tough question, especially if you don't know IPX. Of course, being the Documentation CD guru that I am, I would have immediately opened the CD, clicked on Internetworking Case Studies, clicked on Using ISDN Effectively in Multiprotocol Environments, and looked half way down the document for an example access list. The lab might not ask for something verbatim like I just did, but looking at the docs might 1) refresh your memory, or 2) point out one of those "oops" things (wrong access list type, fat fingering the numbers...). Bottom line: the documentation CD is your only friend in the lab. Know it inside and out.

Take a long, hard look at the documents in the Internetworking Case Studies section. Know them all, especially that last one. The Using the Border Gateway Protocol for Interdomain Routing document is gold. Frankly, I think that the IOS documentation on BGP sucks. This fills in a LOT of holes.

How did I study? I spent a lot of time in the lab. I'd take a section of documentation, read through most of it, and then build it on my network. I'd set up basic IP rouing on all my routers, and if I was working on say, DLSw+, I'd try pretty much every capabiility in there. For instance, here is a short breakdown on all the things you can do with DLSw+:

  • Basic setup for interfaces
  • Different media encapsulation (TCP, FST, Direct)
  • Backup Peers
  • Groups

So, I'd set that stuff up, using my six routers. I'd set up some peers, stick 'em in a group, have one backup another, run them on different media, and see how it all fits together. By doing this, I learned that the documentation on backup-peering wasn't the best. So, by trial and error, I learned how to configure backup peers.

So, go through the Documentation CD and put together as many scenarios as you can think of. Scour the Internet for practice labs and configuration guides. Subscribe to mailing lists (Groupstudy is really good.), and build a rapport with the people there. Also, if you have CCO access, the Open Forum is EXCELLENT. There are a bunch of gems in there. I'd spend a good eight hours just reading the technical tidbits. It really augments the documentation. Chances are, if you've got a question, it's already been asked in the OF.

I know that you are one smart cookie. However, when you go take the lab, I want you to remember this:

No matter how smart you are, there will be things on the lab that you know, and things on the lab that you don't know. No amount of studying will prepare you for the things you don't know.

Why do I say this? The material that the R & S CCIE can cover is so vast. There is no way I could know everything they are going to ask. If I did, I'd be a really big nerd. Seriously though, the wording of a question could confuse you into mis-configuring something. They might intentionally ask you to configure an undocumented or obscure command. One thing could screw up something else. The context of your job is a huge factor: I configure routers every day, but 95% of my work is IP-based. Other protocols are my weak spot.

This isn't a test that is all about learned knowledge: it's about flexibility and quick thinking in a pressured environment. Remember when you took the SATs? Your teacher told you to go in there with your two number two pencils. S/he said, "look over the test before you start it. Isolate the sections that you know from the sections that you don't know. Do the easy stuff first." Same thing on the CCIE lab. There is no partial credit. If you need to complete eight items for three points and you're not going to get two of them, skip the section until the end. Time management is key.

Best of luck to you on obtaining your CCIE!
Date Published: Feb. 19, 2002
home | about us | disclaimer