CCIE RS Lab Exam failed, for the second time.

Posted on April 27, 2012 by David Sudjiman

It’s been a good experience so far, knowing that I failed my CCIE R&S lab for the second time. Well, certainly not the best outcome but certainly was a good experience.

Last year, 31 May 2012, I failed my first lab exam. That time was pretty rough. I was too emotional and nearly walking out of the building for not knowing enough of the technologies. I came out of the building felling stress out. It could probably be that I went to the exam just couple of days after I finished with Narbik’s Bootcamp. Exhausted and agitated.

Almost a year after that, today, 27 April 2012, I went to the Cisco building with less stress. Not because I know that I’ll pass the exam. On a contrary, I know that I’ll fail this one. Not a good attitude to choose but I’m certainly having quite a few on my plate at the moment and I know I didn’t study well. This is not a case of miracle, you don’t study, you won’t pass!

Surprisingly, I’ve got better score than my previous attempt. Thank God! I thought I’m not making a significant progress but the score tells me otherwise. No, it’s still quite far from the 80% marking but at least knowing that I’m actually making progress does help build my confident.

Now I have another 12 months before my third attempt. Whether it would be August or December this year, I have to make sure that I can invest sufficient time for it.

Cisco 3560 MLS QOS – Part 3 – Final

Posted on February 22, 2012 by David Sudjiman

This is the third part of Cisco 3560 MLS QOS. Previously I’ve discussed about Classification and Marking and Ingress Queuing.

Egress Queuing

Now, it has come to the part where packets are ready to be sent out. The idea is quite similar with Ingress Queuing but Egress has 4 Queues instead of only 2 for Ingress. Unlike Ingress Queues, Egress Queues has two sets of Queue configuration templates. It is called Queue-set 1 and Queue-set 2. This can be handy if you require to have two different settings for access ports and trunk ports. You will be able to configure Queue-set 1 with particular setup and have another different setup for Queue-set 2.
Continue reading →

Cisco 3560 MLS QOS – Part 2

Posted on February 19, 2012 by David Sudjiman

This is the second part of Cisco 3560 MLS QOS. Previously I’ve discused about Classification and Marking which can be found here.

For this second part, I’ll try to explain about the Ingress Queueing mechanism and how can we modify this to prioritize traffic.
Continue reading →

Cisco 3560 MLS QOS – Part 1

Posted on February 14, 2012 by David Sudjiman

MLS QOS has been one of the greatest fear for my CCIE RS exam. I’ve read it several times, labbed it more than 3 times, but still I just cannot understand it. Then I decided to write my own notes to teach myself and hopefully any of you mere mortals like me.

I’ll start with this Classification and Marking and let see how deep the rabbit hole goes for the next few parts.

Enjoy!
Continue reading →

NAT with route-maps for two different destinations

Posted on February 8, 2012 by David Sudjiman

Just say that we have these three sites connected to the main hub R1. R1 – R2 is running EIGRP 12 and R1 – R3 is running EIGRP 13. R1 – R4 runs no routing protocol and R4 uses default route pointing to R1 Fa2/0 interface 14.14.14.1.

Initial configuration below

Continue reading →

OSPF Stuck in EXSTART/EXCHANGE

Posted on January 2, 2012 by David Sudjiman

There are several things to be satisfied before OSPF can establish its full adjacency. These are Area-ID, Stub-Flags, Interface-Type, Timers, Authentication, and MTU. These attributes must match to the other peering.

Let’s say that you have a scenario to create Q-in-Q which requires you to alter the default MTU to 1504 using system mtu 1504. The verification also shows that your system MTU is indeed 1504.

SWITCH-3560#sh system mtu

System MTU size is 1504 bytes
System Jumbo MTU size is 1504 bytes
Routing MTU size is 1500 bytes

Continue reading →

Proxy ARP Notes

Posted on July 26, 2011 by David Sudjiman

Proxy ARP (Cisco Page)

To check whether an interface is using Proxy ARP or not.

Rack10R6#sh ip int f0/0.146 | i ARP
  Proxy ARP is enabled
  Local Proxy ARP is disabled

To enable/disable Proxy ARP on the interface

Rack10R6(config)#int f0/0.146
Rack10R6(config-subif)#no ip proxy-arp
Rack10R6(config-subif)#do sh ip int f0/0.146 | i ARP
  Proxy ARP is disabled
  Local Proxy ARP is disabled

To disable Proxy ARP from the global configuration (Proxy ARP is enabled by default)

Rack10R6(config)#ip arp proxy disable
Rack10R6(config)#do sh ip int f0/0.146 | i ARP
  Proxy ARP is disabled (Globally)
  Local Proxy ARP is disabled

Access Port

Posted on June 24, 2011 by David Sudjiman

When you configure switchport access vlan 20 on an interface:

This will make the interface become a layer 2 switchport or non-routeable port.
There is no 802.1q/ISL tagging involvement in this port as the traffic will be received and sent as untagged.
Because there is no tagging involved, the port has no clue what VLAN this frame should be. Therefore, any packets passing this port is assumed to belong to the VLAN assigned to this port. In this case vlan 20.
If you add the configuration with switchport mode access this will make the interface turned to nontrunking permanently and also negotiates or telling the other end of the link to be a nontrunk link. This interface will permanently become nontrunk interface regardless the other end is trunk or nontrunk link. With this in mind, if one port is configured with switchport mode access and other end port happens to be configured with switchport mode dynamic auto or switchport mode dynamic desirable
Continue reading →

Gotta Set My Sail Again.

Posted on June 21, 2011 by David Sudjiman

Few weeks ago, May 31, 2011, I sat my CCIE lab exam and failed. I knew I was going to fail but somewhere inside just want to keep trying and wanting to know how far I would get. This exam is not an impossible exam. Yes, it is hard, but not impossible to achieve. I’ve seen all of the technologies but I didn’t know it enough to pass.

Enough for the rant, I’m starting my INE WB from the beginning and it feels like things are keep unlocking itself and I have lots of Aha moments. I guess whatever I read before still inside, somewhere.

Previously I studied like a running train and tried to read as much as I could but not necessarily trying to understand it. That’s why I failed. I can be efficient to read more but it wasn’t effective enough to make me to understand it. This time is different, I have that eagerness to know more and don’t really care about the time, as long as I can learn 1-2 hours a day and make it count, it will be much better rather than learning until 2am in the morning but understand nothing.

Just before the exam, I was quite lucky to be able to attend Narbik’s 5-day Bootcamp, for those who wants to know what is it like in details, please visit this article. From my own point of view, this training has opened my eyes that CCIE is not for the faint-hearted, no shortcuts and you have to walk the process. I’m planning to join his 5-day bootcamp again in December 2011.

For all of those CCIE candidates out there, it’s hard but not impossible.

Catalyst QOS Port-Based Policing Cannot Co-exist with Vlan-based Classification.

Posted on May 20, 2011 by David Sudjiman

Catalyst QOS Port-Based Policing Cannot Co-exist with Vlan-based Classification.

SW1#sh ver | i cisco

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

export@cisco.com.
cisco WS-C3560-24TS (PowerPC405) processor (revision D0) with 122880K/8184K bytes of memory.

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#
SW1(config)#no policy-map PM_QOS
SW1(config)#
SW1(config)#ip access-list ext ACL_IP
SW1(config-ext-nacl)# permit ip any any
SW1(config-ext-nacl)#exit
SW1(config)#
SW1(config)#class-map CM_IP
SW1(config-cmap)# match access-group name ACL_IP
SW1(config-cmap)#exit
SW1(config)#
SW1(config)#no policy-map PM_QOS
SW1(config)#policy-map PM_QOS
SW1(config-pmap)# class class-default
SW1(config-pmap-c)#  police 128000 125000 exceed-action drop
SW1(config-pmap-c)# exit
SW1(config-pmap)#exit
SW1(config)#
SW1(config)#int f0/1
SW1(config-if)# service-policy in PM_QOS
%QoS: policymap is not attachable to vlan-based interface
Service Policy attachment failed
SW1(config-if)#exit
SW1(config)#exit
SW1#
*Mar  1 09:26:17.854: %SYS-5-CONFIG_I: Configured from console by console
SW1#sh run int f0/1
Building configuration...

Current configuration : 81 bytes
!
interface FastEthernet0/1
 switchport access vlan 146
 mls qos vlan-based
end

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int f0/1
SW1(config-if)#no mls qos vlan-based
SW1(config-if)#^Z
SW1#
*Mar  1 09:26:35.545: %SYS-5-CONFIG_I: Configured from console by console
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#int f0/1
SW1(config-if)# service-policy in PM_QOS
SW1(config-if)#exit
SW1(config)#exit
SW1#
*Mar  1 09:26:47.550: %SYS-5-CONFIG_I: Configured from console by console
SW1#sh poli
SW1#sh policy-map int f0/1
 FastEthernet0/1 

  Service-policy input: PM_QOS

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
        0 packets, 0 bytes
        5 minute rate 0 bps
SW1#