Finished QoS today.  I think the worst part about QoS will be the wording of questions…

“make sure bandwidth is reserved during congestion” = MQC Bandwidth

“limit to xxx” police

“expedite forwarding” prioity [bandwidth|percent]

etc etc

Remembering some of the formulae required can be a bit of PITA as well.  I can remember ohms law from school electronics class so Bc = CIR * Tc shouldnt be too difficult now should it?

I have to criticise Narbik now.  Just finished a book labelled Volume 5 of his advanced technology focussed workbooks.  Thinking I am ready for some mock labs and all that.  Forgot that Volume 5 is actually two books.  Damn you Narbik!  Go back to Carlton United Breweries and drown in a vat of crappy beer or something.  Speaking of Narbik and beer, I recall buying him his first Coopers Sparkling Ale when we were in Sydney.  Best beer on the planet!

http://www.coopers.com.au/

Damn… Just picked up the second half of Volume 5 and realised I still have 30 more pages of QoS to do.  Back to it…

Did multicast…  for some reason I always thought it would be difficult but Narbik’s book brings you through it quite well.

Static & auto RP, dense, sparse, its all in there.  I think I’ll redo this section towards the end just so I get exposure to it again.  Which leads me to the next question..

Multicast???  WTF???  I remember the last networkers I went to.  At the start of each session (50-100 people) they ask what technologies do everyone use…

OSPF? 90% put their hands up…  BGP? 70%, MPLS? 10% VoIP? 50%, QoS? 40% (funnily enough the gap between QoS users was directly proportional to the VoIP users experiencing issues)… Now, who uses multicast?  Out of 15 or so sessions, each with 50-100 in them one ONE BLOODY PERSON puts their hand up for the WHOLE DAMN WEEK.

Yeah! Lets make it work 6 (???) points of a CCIE Lab…  To me that indicates Cisco think multicast assumes 6% of work we do is multicast.  Sure, make switching worth 20 points, OSPF 30, BGP 20, IP Services 10… whatever… But im my opinion multicast is that obscure and unused that it is only in there as a subject to test people on.. Rather than a real-world indication test of technology.

Having said that… its not too much of a bad thing, as CCIE isnt all about the stuff you would use on the job now, is it?  But maybe just a good (and I do mean “good”) way of testing our IOS-fu.

To configure DHCP Snooping:

Static IP:

ip dhcp snooping

ip dhcp snooping vlan xxx

ip source binding MAC vlan xxx IP interface zzz
interface zzz

ip verify source

MAC + IP:

ip dhcp snooping

ip dhcp snooping vlan xxx

ip source binding MAC vlan xxx IP interface zzz

interface zzz

switchport port-security (etc)

ip verify source port-security

Whats the difference? Well… In the first example, the switch will not filter based on MAC address. If the wrong IP comes in on interface zzz (as specified by ip source binding) then the switch will drop the traffic. In the second example, configuring port security will drop traffic if the MAC address learned via port-security is incorrect. The second example will ALSO filter rogue IPs. The two are not mutually exclusive.

DAI:

ip arp inspection vlan xx

ip arp inspection filter ACL vlan xxx static

arp access-list ACL

permit ip host IP mac host MAC

Cheers

I still have pages of notes from the bootcamp to type out!  Been busy!

Yesterday I went to go and book my lab.  “Sorry you sat your written more than 18 months ago”  So what to do?

Call VUE and book an exam, that’s what!  So I booked it and passed it.  One less thing to worry about.

One thing I do wonder though…  Do Cisco get the score report and give me a Lab that has high scores in areas I didn’t do so well in?  For example, if I scored 0 for IPv6 would I get 15 IPv6 points in the lab?  If I scored 100% for BGP in the written would I only get 4 points for BGP in the lab?  etc etc