First of all, I want to thank the PASSHOT teacher for practicing ccie r&s lab for me. The teachers are very professional and patient! Choosing PASSHOT is really right! Let me talk about the problems that I encountered during the exam.
TS
1. The MAC addresses bound to the SW410 are inconsistent. Modify the MAC address on USER4 to be the same as the binding address on sw410. Roll the interface to get the IP address.
2. There is an ACL for NAT on R14, 10 deny 10.1.0.0 0.0.255.255 and direct no 10
3. There is a route-map on R10 which matches the entries of 10.2.200 and 10.2.201. Sets loc 200 and directly drops the lo0 port of R22 to declare the ospf process error.
4. R20 has a community attribute. Set the set extcommunity cost pre-bestpath 1 200 and directly NO off
5. R14, R51, R60 on the cry parameter is incorrect and refer to the completion. Ip nhrp auth HMcorp ...
6. Ipv6 under SW111 is not applied under vlan2001 ipv6 dhcp server VLAN2001
7. MPLS password on R3 cisco and cisc0 on this one and check DIST on R10 without modifying ospf
8. The dhcp gateway on the R30 is reversed and reconfigured
9. Missing on ip nhrp map multicast 201.99.24.2
10. R24 on the ip nat outside source static 201.99.70.2 IP address to be displayed.
This pre-matched multiple ip nat entries and interference items that I have not deleted and directly to see if there are 2 key IP NAT. There is ip nat inside and fill the ip nat ouside source static R70 external network interface. The IP to be displayed internally. Server2 has acl that I did not change the effect without looking at it.
The above TS part is almost the same as the material provided by PASSHOT so don't worry too much when you go to the exam!
DIAG2
There are a lot of materials given in the examination room. I must first judge which set it is. Then I will look at the material in a targeted manner. I will first capture the package and see that it is 193. It is probably judged to be DIAG2. Then look at R3's show ip pim rp map. You can found no RP and determined to be DIAG2 and follow the solution
CFG
S1
In contrast to the Layer 2 topology of the problem, the interfaces have been added to the VLAN and the interface is not configured sw mode acc. This must be completed on all switches and one by one inspection time and effort
The portchannel ports on SW501 and SW500 are opposite to others and the topology map is very clear.
There is no ip address on the R70 so pay attention to the command, ip address neg ip person 1492, etc. If there is a miss, you can't get the address. There is no default route, you need to restart the device.
S2
Many routers have missing router-id, none of them are on AS65004 and AS65005 and there are fewer other areas.
Lo1 interface exists on R31 but no ip address.
OSPF in the AS65001 area is already configured and the router-id is also available on SW100 and SW101. The Lo1 interface is not announced. Check whether the ospf routing table is available before suppressing. Check the 32-bit route after suppression. It should be 10 (lo0 port of all devices in the area and Lo1 port on SW100/101)
When OSPF suppression is configured, the following 2.4 and 2.5 BGP and multicast commands are flushed together. The vlan2000 and vlan2001 are advertised to the BGP process on SW110 and SW111 and there is no passive interface under ospf.
IPv6 part
There is no load when server1 trac 2001: CC: 1E: 1::1. Also, there is no effect diagram in the demand and just that it can ping. I have checked it for a long time in the practice, it can display the load. Finally, I confirm that SW111 can receive 2 default routes. When R14 fails, trac take the R15 and leave it. Note to the students behind, don't spend too much time on this.
The multicast part takes time. First do 2.1 and then do the filtering immediately. After doing 2.11, the result filtering does not take effect. According to the previous report, the filtering is performed on the interfaces of R10 and R11. Lear ip pim rp, no effect. R31 ping, SW300 and SW111 have a return packet and check the configuration is no problem, then skip first. However, the effect map corresponding to multicast is correct.
The picture given in the examination room from the R13 on 2.11 that shows the E0/2 interface is used.
R13#show ip pim rp map
PIM Group-to-RP Mappings
Group(s) 239.250.0.0/16
RP 10.250.250.250 (DC1-RP), v2v1
Info source: 10.1.113.2 (?), elected via Auto-RP
//The e0/2 address is used on SW100, and the address of 10.1.113.0/30 is declared into BGP.
SW300#show ip pim rp map
PIM Group-to-RP Mappings
Group(s) 239.130.0.0/16
RP 10.3.250.250 (HQ-RP), v2v1
Info source: 10.3.250.250 (HQ-RP), elected via Auto-RP
Uptime: 2d01h, expires: 00:02:43
Group(s) 239.250.0.0/16
RP 10.250.250.250 (DC1-RP), v2v1
Info source: 10.250.250.250 (?), elected via Auto-RP
//Yes, is this displayed? Ip Host has been configured
Because the source address has inconsistencies in the above display. Both the e0/2 and lo1 ports so adopting such a configuration
SW 100:
ip pim send-rp-announce Loopback1 scope 255 group-list 10
ip pim send-rp-discovery Ethernet0/2 scope 255
SW101:
ip pim send-rp-announce Loopback1 scope 255 group-list 10
ip pim send-rp-discovery Loopback1 scope 255
After configuration, when show ip pim rp map,info source will jump on 10.250.25.250 and 10.1.113.2 to be inconsistent with the rendering of the problem.
Multicast filtering seems too slow and there have been feedbacks mentioned before. I spent an hour waiting for the multicast effect that nothing was done. R31 only has the return of SW300 and the return package on SW100 disappears.
Multicast is not recommended to stay until the end so even if it appears slow, it will not waste time.
The interfaces on multicast R14 and R15 are not provisioned ip pim sparse-mode. I also have no multicast commands.The interface on R12 is enabled and all configurations are multicast.
MPLS VPN
In my version, there is still only one color that indicating the neighbor relationship of vpnv4, or no iBGP. In normal configuration, I don't know if I made a mistake or was wrongly added by the examiner. I used the peer group to establish a relationship but there are no bgp neighbors on R4, 5, and 6 and R3. Quickly make up after the check, show ip bgp vpnv4 vrf HollyMaya and check for 4 routes like 100.10.
The internal ospf route is normal. The interface between R1 and R2 is not pre-provisioned with mpls ip.
DMVPN
Note that the bgp on R51 and R60 is configured with the neighbor relationship, but there is no local-as 65100. It is recommended to add it first. Otherwise, after the R14 dmvpn neighbor is configured, the error will be reported continuously and the peer AS number will not match. Don't forget allowas-in.
Pay attention to the interface on the R60 no ip pro .
The acl of nat on R71 has been matched, using a match of 10.7.0.0/16 bits.
Directly copy the crypto policy on the R24, ACL, modify the destination IP address and exchange the source address of the acl. Consistent with the version, the ipsec stream of interest is 10.7.0.0/24
4-5 parts are not flawless, directly by version
All in all, I believe PASSHOT is definitely right! They can definitely help you pass the exam!
Comments