I started a theoretical study in March 2019. Although I followed SPOTO's teacher for two rounds of CCIE RS Certification theory study, I didn't fully complete the round because of my busy work last year. Of course, I planned to enter the version in July last year. Also with the soup.
About preparation - pain, and happiness
I am in the version of January 2019, and I completed the study in accordance with Su Sir's suggestion for three months. When I first entered the version, it was particularly painful to look at the video while referring to the document. So I spent three nights on Y1 and then knocked out the set. In the process, I found the lack of theoretical knowledge, so I went back to CCIE theory. I reviewed it again. After completing a round of theoretical review by the course home, the knowledge points mentioned in the version video can understand a score of 7 or 8 points, so in the next two weeks, I changed the version and TS week progress at the end of November. TS learning. It is planned to be able to ensure that the version and TS can be checked without waiting for the demand between January and 2 and can guarantee the correct rate.
During this period, I started practicing from around 7 or 8 o'clock every night. Until the middle of the night, my proficiency gradually improved. I also encountered some troubleshooting ideas due to misconfiguration or mismatch. During the period, I also discussed the problem with the students in the group. Everyone gave me a lot of help. Thank you!
Prepare for the exam - pick up the mood
I was in the position at the beginning of May. I was fortunate to be on the same day as the history classmates in our group (January 11th). I arrived in Beijing one day in advance. In the afternoon, I simply configured the previous round of versions and TS questions as a whole. After reviewing it, I turned over some recent battle reports.
Before the exam, the teacher specifically told me about the attention of the exam, especially the TS should not be nervous, if there is a problem, do the latter. I have been worried about the ACL problem in TS before because it is not very familiar with some ports and protocols. I am afraid that I will suffer from this. SPOTO's teacher gave me three ideas: 1. Plus small 2. Deny change permit 3. Permit any. One day before the exam, the teachers also wished me a smooth exam. I thank the teacher for his careful teaching over the past few months. This has benefited me a lot during the theoretical study.
Exam process - despair
My original plan was to complete the test and complete the test for about an hour and a half. The version has enough time to verify the check, but there is always an accident... The package I got is TS1 ADD, D3+, Y1. After getting the exam number, I immediately logged in. I saw that the topology is TS1 address. It feels very easy. When I did the second question, I encountered a problem. R17's PPP ipcp route default was not matched with the default route. The address was obtained. I have tossed a lot of time on this as if checking and comparing the configuration of R18. Finally, I reloaded after WR. After reload, I got it magically, and the phenomenon also came out. It’s just that from this side, the mood suddenly changes. Although there are some phenomena in the following questions, I still have a long time to exhaust them. For example, OSPF router-id, I started to check the network announcement and port configuration. I have not paid attention to the router-id problem. I finally thought about it. Normally, it relies too much on log information, and TS does not have any log at the time of the exam. During the TS exam process, I have been experiencing various faults, and I have encountered new mistakes that I have not encountered in several exercises. When I was doing the problem, I couldn’t concentrate on it, and I left behind the troubleshooting ideas I said before the exam. (Of course, I also forgot the words of Lee sir before the exam.) This caused me to spend two and a half hours in TS, and even the last two questions have not been completed.
When I was doing the diagnosis and version later, my mood was very low. There was an impulse to give up because there were several phenomena in the TS, I think it must be hanged. Then think about it or finish it, familiarize yourself with the familiar page, so as not to make mistakes next time. At lunchtime, I didn't have a mood to eat. Two chicken legs only bite one and one directly lost... (manually funny). The diagnosis and version are relatively simple, the version turned out to be Y1, I don't know why the Y1 test is particularly recent.
At around three o'clock, I checked the version configuration repeatedly and handed it out to the test room to prepare for the next time. Waiting for the history classmates downstairs, let's talk together, TS is quite unsatisfactory. Hey~ I thought about my mentality at the time, and I decided to come back next time.
The result - the end of life
After the test, I told my family, friends, and SPOTO teachers that I am definitely not able to pass this time, and I am going to make another position test in the near future. After receiving psychological comfort, I received Cisco mail at 7:49 pm, and went to check the transcript, and unexpectedly passed!
I will think about it later, if my TS can stabilize my mind, if my time schedule is more reasonable, if I find that my TS hangs the back version, I don’t knock it... Life is not so much, if we can do it, we can do it positively. Try to solve it. I would like to thank my family and colleagues for their understanding and responsibilities during this time. I am grateful to SPOTO for letting me have such an unforgettable experience, and I wish my future students to pass the exam. Below is tested feedback for me.
Package: TS1 ADD, D3+, Y1
TS1 add
1. The ACL on vlan 12 only matches 172.16.200.0.
Change to match per 172.16.200.0 0.0.0.255
2. R17 s4/0 does not have encap PPP, configuration completion, view username and password from R12, I added PPP ipcp route default IP got but can not get the default route, this wasted some time, then no way, After the reload is acquired, the phenomenon is also out, which is quite strange;
3. The router-id and R5 on R22 are consistent, causing ospf to fail to be established.
Router OSPF 1 uses network announcement
Router-id 123.5.5.5 router-id is consistent with R5
Network 134.22.22.22 0.0.0.0 a 1
Network 134.56.78.48 0.0.0.7 a 1
Network 134.56.78.16 0.0.0.3 a 1
Network 134.56.78.40 0.0.0.3 a 1
Passive int s4/0
R22 S4/0 interface address 134.56.17.87/30, R25 interface address 134.56.18.18/30
4. The interface of no passive and R14 on R12 is good, and the load is satisfied. By default, metric weight 0 1 1 1 1 1 is configured;
5. BGP, I am on the R12 tra 8.8.8.8 to Mpls nowhere, R2 and R1 connected interface does not have Mpls ip, complete the pass;
But not load, max 2 has been configured. I found that there is no route coming over R6. I didn't get this problem. Before I solved this problem, I didn't find out the OSPF neighbor. I think ospf is not awkward to use the interface. I have been checking the network address. I think it is the problem of OSPF announcement. Later, ospf solved it or there was a problem. I didn't have time to check it out, but I saw that there are 8.8.8.8 routes on R6. I haven't had time to check the BGP configuration of R5. I think there may be problems here.
The following two MED phenomena can appear in this question, there is no route of 134.22.121.21 on R12, I announced it on R21;
6. IPV6 BGP this question is also relatively pit, and in our rack is different, is to build a neighbor with an ipv6 address under ADD iPv4, and hang the route-map next hop, BGP neighbor does not get up.
R22 and R26 establish a neighbor through add ipv6. This is fine. If the neighbor relationship is normal, you can learn the loopback route of R26.
ACL configuration on S4/0 of R22:
Ipv6 acl:
R25:
There is no R25 route on R22:
I repeatedly checked the next hop without problems, and then found that there is ipv6 ACL under the s4/0 port of R22.
Ipv6 access-list noipv6
Deny TCP any any
Per ipv6 any any
I changed deny to per, then the BGP neighbors on both sides got up, but I can't see the route passed by R25 on R22. I saw the BGP configuration of R25, which is the prefix of the declared lo0 and the direct e0/0. Did not solve it;
7. MPLS
R104 directly connected to SW3 vlan does not declare OSPF, resulting in R104 not obtaining the address, after the announcement can trace R105, from R105trace8.8.8.8 can appear like;
Then the backup check, I disconnected e0/1.124 on R7 and found that it is still left, I disconnected e0/1.123 or left, time hastily, did not solve;
8. R18 or R14 s4/0 interface has ACL, plus per esp any, dmvpn
R107trace R106 does not go to the hub I added ip nhrp redirect on R15, then the trace domain name is resolved from the local, I added the IP host phenomenon on R15 on R107 is satisfied;
Note that after configuring the IP nhrp redirect on R15, you can't immediately appear. You need to ping R106 on R107. The requirement is trace userspoke2, you need to ping this domain name.
9. I haven’t had much time for the following two questions, because I’ve encountered too many mistakes and I’m a little panicked, causing one to come up.
I will test the phenomenon, DMVPN does not get up, can ping public network address 125.45.67.22, there is a default route on R24, I see ACL on R21, match a few deny 127.0.0.0 any, etc., allow esp by default And isakmp and a dozen other entries, I changed the deny to per, I didn't think about it, I tried to take peri any, I took it off, took off dmvpn (so the wrong point is definitely in ACL), R24 has R100 route. But R103 can't ping, this and the tenth question didn't have time to finish.
10. The tenth question is just a simple look, from the R21 telnet nowhere, I read the nat entry is static nat 8008, IP access matching is no problem, there are other udp 500 and 4500 static nat option, The problem of not having time to view the address on the NAS is over.
There will be a yellow font warning at the last minute, that is, the time is running out.
After the test, I stumbled and found that there may be a problem with the address of the NAS. There is another possible error. I saw it at the time but did not change it. The bgp on R21 announced that it was 134.0.0.0 ma 255.0.0.0. There is no such route, if it is not, then it needs to declare 134.56.18.820/30;
TS summary:
1. The mentality is not good, can not rationally use the usual problem-solving ideas, leading to problems in time allocation; the beginning is also too confident for TS, feeling that time is not a problem, slowly solve, but the wrong points encountered in the examination room did not immediately Abandon the original problem-solving ideas;
2. Another important factor is that it is usually dependent on the log prompt information during the practice. In the exam, the port, neighbor status, router-id mismatch, etc. will not be displayed, so everyone pays attention when practicing. Don't get used to it.
3. In addition, the interface and operation are a bit unfamiliar. It was a waste of time. I found the location that suits my configuration in the later version.
Suggestion: Don't just click on Begin LAB after the exam starts, let yourself calm down and start again.
There are also insufficient understanding of some protocols in the ACL, which leads to not knowing which protocols and ports to match.
The test site clearly stated that the configured ACL could not be deleted. Regarding the ACL in TS, I confirmed it before the test and Lee sir, 1: Add the small number 2. Deny changed per 3. Per any, but forgot the exam or mentality;
D3+Diag has not changed, there are documents;
Y1 version
Recently, I have tested a lot of Y1. I and Shi Hongyi and my classmates who are tested on Monday are all Y1. There is no problem in this part, and the configuration and phenomenon are repeated.
Need to pay attention to is that iOS is newer than our rack, support swi none, span portfast edge default; and so on.