Another SP Mock Lab Completed & Lessons Learned
I went at a full lab and kept accurate timings as I went.
Morning
- Initial Configurations – Full Lab Reading – My own diagram took 45 minutes.
- Testing of L2 and FR pre-configurations and validation took up 15 minutes.
- ISIS was fine a mixture of L2 and L1, OSPF was okay add in some advanced IGP features and complete in 20 minutes.
- BGP was going well, two AS’s to be built, iBGP, eBGP – 40 minutes
- But I got caught cold with a simple omission that I just could not see – asked to use the [not so new now] format AA:NN and advertise as such – configured up the ip community list, created the route map, matched on the community and used the set command to specify the value required but here’s where I got thrown – I played with both advertising the network using the network statement under the ipv4 address family and specifying the route map and then also with specifying the route map under the neighbor command with the route map filtering on an inbound direction. The latter was kinda cheating but strangely I saw the community value under the “sh ip bgp x.x.x.x” command but then not another time – I had forgotten the “send-community” command for the relevant neighbors and just could not see that! Some BGP advanced features were fine but I had used up over 1 hour.
- MPLS – I really like this section – LDP, Neighbors, Traffic Engineering [really well documented in DocCD], no issues – 35 minutes and that brought me up the halfway mark. It did raise a question in my head – if you are asked for a specific path in a traffic engineering tunnel should we also place a second dynamic entry in addition to the 1st explicit entry? i am leaning towards yes – Why? Because if there is an issue with one of your routers in the tunnel path then you can lose connectivity and thus points – whereas the dynamic option ensure connectivity remains and points lost are minimised – finally from reading forums and feedback over configuration will not go against you once its within the lab guidelines.
- Save configurations and reload.
Now I am a little behind on my plan which is L2, L3 IGP, EGP , MPLS, and some QoS\Security\features before lunch for my actual lab attempt as I know I’ll need time to gain as much as possible from the MPLS VPN Section.
Afternoon
- Quick check of morning work – ’sh isis nei’, ’sh ip ospf nei’, ’sh ip bgp summ’, pings, etc – 10 minutes.
- QoS – a whole myriad of items, CAR, NBAR, FRTS, etc – some items found in the 12.4 docs, some easier to find in the 12.2 doc’s – watch for anomalies here in the IOS e.g. FRTS with 7200’s – Time =36 minutes.
- Services\Management – based on the blueprint – I went for questions on RMON, Netflow, SNMP, etc – Some queries – If we get asked for Netflow do we go for V5 or V9? I have worked with V5 for years and only recently set about configuring V9 in work – one for the proctor maybe? Time = 45 mins.
MPLS VPN
- VRF – I copied and pasted a string of VRF details in as initial configs as per the lab and this really took time for me to resolve. MP-iBGP – no issues – up and running across several routers – well documented again in the Doccd if you’re not familiar. 2nd site configured with some redistribution between OSPF & BGP – Note for redistributing OSPF into BGP I use the IEE acronym [as in the shorter version of IEEE - the engineering institute] as in matching internal ext 1 ext 2. Just helps for redistributing all OSPF routes. 1st and 2nd sites talking – redistributing and setting some advanced features – verification can be difficult having to know exactly what to look for and more importantly where – I used the INE SP Vol2 Lab Workbook in this regard as the newer solutions guide for the Dynamips version has verification and validation commands in addition to the solutions. The key to this section is two-fold – ascertaining what is being asked for – knowing where to configure what and avoiding troubleshooting if at all possible. My total time for 9 sections was 3 hours – Ouch!!!
- Security – A lot of this was done as part of the IGP\EGP and MPLS sections as it asked for authentications and filtering there – additional filtering and total time was 20 mins.
- Finally – Multicast – PIM SM across the AS’s – RP\BSR and multicast VPN – total time of 25 minutes – no major issues – what’s nice about multicast is that if there are errors it tells you on screen and the messages are fairly accurate.
Conclusion:- Total Time = 9h 15 mins – Hmmm – have to speed up both to finish and allow additional time for verification otherwise happy enough with 20 days to go.
