aloha
07-14-2018, 01:16 AM
We have to start the exam on 8:10 and the lunch break is around 12:15.
After that, we start again and ends in 4:30.
At first, I think I need to answer diagnosis section first in exam.
But I have to answer troubleshoot section first and then diagnosis.
Troubleshoot (TS2)
First of all, I want to talk about TS section.
Ticket 1 >> the mac-address is wrong in SW410.
Ticket 2 >> i think the problem is on R14. i didn't remember that.
Ticket 3 >> the route is all the way goes down to R10 like TS2 BT3 new variation 2. It says "don't do anything with BGP attribute." But I changed to extcommunity to default value as the value in exam is 200.
Ticket 4 >> the local preference on R21 is 1000 and it's also correct under "router bgp". Check in R20.
Ticket 5 >> wrong configuration in crypto section, ip nhrp nhs ip.
Ticket 6 >> SW111 > interface vlan 2001 > ipv6 dhcp server VLAN100
Ticket 7 >> mpls neighbor password > CISCO vs CISC0, it pings from SVR1 and R50. all correct. The problem starts here. It's the backup path. The problem is in R51. The tunnel interface & the loopback is in PID 1 and the interface e0/1 of R51 is in domain 10. I changed them in same domain, but when i change to PID 1 and SW501 down and vice versa. I can ping from R51 to SVR1, but i can't ping from SW501. that's why I give default-originate under ospf in R51. but the route stops on R51. I don't know why then i left it.
Ticket 8 >> the default gateway ip is wrong in R30 ip dhcp pool.
Ticket 9 >> the ospf hello interval is missing and some commands under tunnel interface. and the crypto session.
Ticket 10 >> the ip nat outside xxxx is missing on R24.
Honestly, I didn't remember all the faults in TS. i try to note it down on paper. but i forgot what i just corrected in exam room. don't think that all the faults are exactly the same as WB, you need some troubleshooting skills. in Ticket 8 >> i can ping R30 loopbacks's IP at first. After all session, when i ping it stops. So, i try to find the answer and trace. trace is okay. but ping stops. i shut the interface and it's okay again. in second verification, it still the same. and start thinking what am i missing? so, i type "ip dhcp relay information option" on SW310. "ip dhcp snooping vlan 2000" on both SW300 & SW301. but in triple verfication, it's also the same. the time is nearly over. then i just leave it. may be the ios bugs i guess.
Diagnosis (H3)
the topology (picture) can be different what you just saw in WB.
i mean like we saw the photo is in portrait but it can change like landscape style in exam.
Ticket 1
first question, i thought the topology is H1 and i chose "SW3" and sh ip int bri (wrong)
second question, i remembered seq 193 and i chose "193" seq number. (wrong)
third question, i chose SW1-SW3
Ticket 2
i can't find which ip address is attacker and which ip address is server
they just gave me the wireshark file which contain over 300 lines. some of source ip address are 10.1.1.1 and some of destinations ip are 10.1.1.2
so, i answered like in WB.
Config (H2 Plus)
1.1 >> same as WB
1.2 >> same as WB
1.3 >> same as WB
1.4 >> same as WB
2.1 >> there's no ospf preconfiguration in Datacentre Network. i'm not sure that the Core Network ospf is preconfigure or not.
2.2 >> all the interfaces in R17, R19, R20, R21 is in vrf.
2.3 >> same as WB
2.4 >> iBGP is preconfigure in R11,12,13,14 but check carefully. they advertise wrongly on R11,12,13,14. advertising like "10.255.1.13" in R14 as R14 loopback's ip address is 10.255.1.14. the output is with 65001 65001. that's why i did with allowas-in
2.5 >> the question says should not contain 65006 in BGP NLRI, CE in Jocobs do not see AS 65001 in NLRI. so, i need to delete "router bgp 65006" reconfigure with 65001 and neighbor R55,56 with "no-prepend replace-as". (NOTE: THERE'S NO PRECONFIGURE BETWEEN EIGRP AND BGP ON R55 AND R56 INCLUDING PREFIX-LIST AND ROUTE-MAP)
2.6 >> same as WB
2.7 >> same as WB
2.8 >> you don't need to add "bgp default local-preference 200" on R55 because the output shows like it wants to go via load-balancing. so, if you add bgp local-preference 200 on R55, the route will only goes from R55.
2.9 >> same as WB
2.10 >> same as WB
2.11 >> same as WB
3.1 >> same as WB
3.2 >> it says all the route wants to go via Datacentre. but i put the route-target as the same in WB.
3.3 >> same as WB
3.4 >> don't forget (#ip load-sharing per-packet) if output shows like load-balancing.
4.1 >> not allow "deny" statement
4.2 >> do it after section 5.1
5.1 >> same as WB
5.2 >> same as WB
5.3 >> same as WB
5.4 >> same as WB
I hope you get your number soon.
After that, we start again and ends in 4:30.
At first, I think I need to answer diagnosis section first in exam.
But I have to answer troubleshoot section first and then diagnosis.
Troubleshoot (TS2)
First of all, I want to talk about TS section.
Ticket 1 >> the mac-address is wrong in SW410.
Ticket 2 >> i think the problem is on R14. i didn't remember that.
Ticket 3 >> the route is all the way goes down to R10 like TS2 BT3 new variation 2. It says "don't do anything with BGP attribute." But I changed to extcommunity to default value as the value in exam is 200.
Ticket 4 >> the local preference on R21 is 1000 and it's also correct under "router bgp". Check in R20.
Ticket 5 >> wrong configuration in crypto section, ip nhrp nhs ip.
Ticket 6 >> SW111 > interface vlan 2001 > ipv6 dhcp server VLAN100
Ticket 7 >> mpls neighbor password > CISCO vs CISC0, it pings from SVR1 and R50. all correct. The problem starts here. It's the backup path. The problem is in R51. The tunnel interface & the loopback is in PID 1 and the interface e0/1 of R51 is in domain 10. I changed them in same domain, but when i change to PID 1 and SW501 down and vice versa. I can ping from R51 to SVR1, but i can't ping from SW501. that's why I give default-originate under ospf in R51. but the route stops on R51. I don't know why then i left it.
Ticket 8 >> the default gateway ip is wrong in R30 ip dhcp pool.
Ticket 9 >> the ospf hello interval is missing and some commands under tunnel interface. and the crypto session.
Ticket 10 >> the ip nat outside xxxx is missing on R24.
Honestly, I didn't remember all the faults in TS. i try to note it down on paper. but i forgot what i just corrected in exam room. don't think that all the faults are exactly the same as WB, you need some troubleshooting skills. in Ticket 8 >> i can ping R30 loopbacks's IP at first. After all session, when i ping it stops. So, i try to find the answer and trace. trace is okay. but ping stops. i shut the interface and it's okay again. in second verification, it still the same. and start thinking what am i missing? so, i type "ip dhcp relay information option" on SW310. "ip dhcp snooping vlan 2000" on both SW300 & SW301. but in triple verfication, it's also the same. the time is nearly over. then i just leave it. may be the ios bugs i guess.
Diagnosis (H3)
the topology (picture) can be different what you just saw in WB.
i mean like we saw the photo is in portrait but it can change like landscape style in exam.
Ticket 1
first question, i thought the topology is H1 and i chose "SW3" and sh ip int bri (wrong)
second question, i remembered seq 193 and i chose "193" seq number. (wrong)
third question, i chose SW1-SW3
Ticket 2
i can't find which ip address is attacker and which ip address is server
they just gave me the wireshark file which contain over 300 lines. some of source ip address are 10.1.1.1 and some of destinations ip are 10.1.1.2
so, i answered like in WB.
Config (H2 Plus)
1.1 >> same as WB
1.2 >> same as WB
1.3 >> same as WB
1.4 >> same as WB
2.1 >> there's no ospf preconfiguration in Datacentre Network. i'm not sure that the Core Network ospf is preconfigure or not.
2.2 >> all the interfaces in R17, R19, R20, R21 is in vrf.
2.3 >> same as WB
2.4 >> iBGP is preconfigure in R11,12,13,14 but check carefully. they advertise wrongly on R11,12,13,14. advertising like "10.255.1.13" in R14 as R14 loopback's ip address is 10.255.1.14. the output is with 65001 65001. that's why i did with allowas-in
2.5 >> the question says should not contain 65006 in BGP NLRI, CE in Jocobs do not see AS 65001 in NLRI. so, i need to delete "router bgp 65006" reconfigure with 65001 and neighbor R55,56 with "no-prepend replace-as". (NOTE: THERE'S NO PRECONFIGURE BETWEEN EIGRP AND BGP ON R55 AND R56 INCLUDING PREFIX-LIST AND ROUTE-MAP)
2.6 >> same as WB
2.7 >> same as WB
2.8 >> you don't need to add "bgp default local-preference 200" on R55 because the output shows like it wants to go via load-balancing. so, if you add bgp local-preference 200 on R55, the route will only goes from R55.
2.9 >> same as WB
2.10 >> same as WB
2.11 >> same as WB
3.1 >> same as WB
3.2 >> it says all the route wants to go via Datacentre. but i put the route-target as the same in WB.
3.3 >> same as WB
3.4 >> don't forget (#ip load-sharing per-packet) if output shows like load-balancing.
4.1 >> not allow "deny" statement
4.2 >> do it after section 5.1
5.1 >> same as WB
5.2 >> same as WB
5.3 >> same as WB
5.4 >> same as WB
I hope you get your number soon.