Free CCIE Scholarship from InternetworkExpert

IE guys have decided to offer 2 CCIE scholarships to any CCIEs to be.

This scholarship gives you every resources at their disposal free of charge to pass CCIE lab.

Application for this will close by June 13, 2008 (new deadline now is June 20) and winner will be annouced sometimes in July.

To learn more, please follow this link.. IE Scholarship


Chance to retake any failed exam free – The “Comeback” Promotion from Cisco

Cisco, through VUE, is offering a promotion from April 15 to October 15, 2008 to retake any written examination that was failed at first attempt, free of charge for the second attempt.

I think this might be very useful to those still preparing for the CCIE Written exams (or any other CIsco examinations).

Please note that both the first & the retake attempts must both take place within the promotional dates.

To learn more, please click this link.   more….

IE is about to release version 5 of Workbook vol. I

IE has annouced on their blog their plan to release a ver. 5 of the Workbook Vol. I.

This is a highly welcomed development as the Vol. I really needs some re-work.  And for IE to ask for comments before final version is released is a good thing.  One major thing that is missing in this workbook is that there is not enough Side Notes to explain some of the technologies in detail. And another nice to have, as part of the Notes, is giving other ways of configuring a feature apart from the one they have used.

As I was “labbing up” chapter 1 of this ver. 5 Beta release last night, I came across some interesting topics and I think I like the organisation of the workbook, but it is not really too different from older version.

The chapter 1 covers most of the common bridging/switching topics like VTP, Trunking, Etherchannel, STP, MSTP, SPAN/RSPAN, Private VLANs, L2 tunneling.  One topic that I will like to cover on this blog is the l2 tunneling and Fallback bridging.

You can read comments from reviewer of this vol. 5 at IE Workbookvol.1 ver. 5

Tips for Passing the Lab Exam

Here is some great information I saw on CCIE4u web site that I wish to share regarding the CCIE Lab

The #1 reason for failure is lack of knowledge.

  • Study concepts. Do not try to memorize configurations or scenarios. For example, understand how an OSPF DR is chosen. The lab proctors generally power cycle all of the equipment BEFORE grading. This could change your OSPF DR if you didn’t configure the router you want to always be the DR properly.
  • Practice each concept on its own. For example, practice OSPF WITHOUT also turning on BGP. This will ensure that any behaviours you see are attributed ONLY to OSPF and you don’t confuse a behaviour that was caused by BGP to be an OSPF behaviour.
  • Practice Labs should be used for self evaluation. Time yourself when using a practice lab to simulate the CCIE Lab Exam experience. Only use the practice lab 1 time.


The #2 reason for failure is anxiety.

  • To reduce anxiety, travel to your lab location early the day before. Visit the CCIE lab facilities the day before. Introduce yourself to the CCIE lab proctor the day before. Doing this will keep you from fretting over how to find the lab the day of your lab. Also, meeting your lab proctor is a big help.
  • Have confidence in your abilities. If you have been studying the technology and concepts, you are ready for ANY scenario. The primary R&S concepts include Layer 2 switching, VLANs, OSPF, FR, BGP, Multicast. There is NO MPLS on the exam. IGRP and IPX have been removed from the exam.
  • Practice good test taking skills:
  • Skim the exam for the first 5 to 10 minutes once you get it.
  • Configure all L2 requirements FIRST.
  • Configure everything else in the exam that you know SECOND.
  • Use documentation or help commands to configure the remaining exam requirements that you are not familiar with LAST…remember this is a Pass or Fail exam. You only need 80 points. Not all 100 points.
  • If you believe you have a hardware problem, do NOT spend more than 10 minutes trying to fix the hardware. Ask the lab proctor to investigate the issue. The lab proctor will stop the clock and send you away while he/she checks the hardware. If it is a hardware problem, the proctor will resolve and restart your clock. If it is NOT a hardware problem, you will at least KNOW it is not a hardware problem. On the other hand, if you have a hardware problem that you spend 90 minutes trying to resolve, you will not regain this time after you and the proctor finally replace the hardware.
  • You are allowed to ask the proctor anything. But ask intelligent questions. For example, if you are unsure of what a question is asking, ask the proctor something like this:If I interpret this question this way……then I plan to do X. But if I interpret this question this other way……then I plan to do Y. Which way should I interpret it?



  • Lab exams are usually about 17 pages long.
  • A new lab is written every month and an old lab is retired every month. There are more than 1 lab exams available to be given at any time. Each lab achieves roughly the same pass rate.
  • The average person that passes the CCIE exam takes 2.5 lab attempts.
  • There is often a 4- 6 month backlog to register for the exam.
  • CCIE candidates can cancel a lab exam up to 28 days before their exam date WITHOUT being charged. Therefore, if you are willing to take an exam in 4 weeks, you can usually schedule it in 4 weeks. Otherwise, your lab exam will probably be 4-6 months out.
  • Grading is done with an automated script. The script gives full credit for any question that works properly. If a particular question does not work properly, the lab proctor manually checks to validate whether or not the question was answered properly. Partial credit is not given. 5 point questions are rare. When they do occur, there is usually a modular piece to it so that 2 or 3 points can be earned without getting all 5 points.
  • The RTP lab uses SecureCRT as the terminal emulator. This seems to be preferred. The San Jose lab uses Windows

“Do you know…” Series – (General technologies issues)

I have come across some hard facts about why some of the protocols behave the way they do and I want to use this “Do you know ………..” to be tracking all these. This is more like a Question & Answer (Q & A).  As I come across them I will be adding them to this list. As time goes on, I expect this list to be long.

Please note that comments, corrections, further explanations are welcome on this thread……..

Here we go………..

QuestionWhy is it a requirement in OSPF to have all other areas be either physically connected to area 0 or through virtual link or tunnells ?

What I found out about this is the fact that when you observe the behaviour of ospf ABR routers, you realised that what ABR does basically is to summarise reachbale networks within area and then generate LSA Type 3 (Summary LSA) and have this advertised to other areas.

If we reduce OSPF domain within an autonomous system to just the ABRs and their corresponding links, you will see that interchange of LSA Type 3 is done hop by hop (this is basically what happens between any area and area 0).

Hence, to ensure every ospf area has full reachability information from all othe areas, it is a requirement that every area be connected to area 0. With this area 0 has a full reachability detail and it exchanges them with all other areas within the domain.

This is kinda looks like holding daily management meetings everyday in an organisation and every department manager is required to attend and share whatever information they need to share so that every other manager in the meeting can hear it and subsequently share it with their respective teams.

Question: One-way PPP Link Aunthentication

I came across an interesting topic (that I never knew before) that ppp aunthentication does not really have to be configured on both ends of the link for it to work.

I know that for the CCIE lab, PPP encap will probably expect basically 2 types of aunthentication – CHAP & PAP. To enable this chap aunthetication type, we normally need a configuration similar to the one shown below;

  •  hostname R1
    username R3 password 0 cisco
    interface Serial1/1
     ip address
     encapsulation ppp
     ppp authentication chap


  •  hostname R3
    username R1 password 0 cisco
    interface Serial1/1
     ip address
     encapsulation ppp 
  • ppp authentication chap

But the truth is that we really do not need to have ppp authentication chap enabled on both ends for this link to be authenticated prior to moving it to UP state. All that is required is to have it enabled on one end of the link as shown below.

  •  hostname R1
    username R3 password 0 cisco
    interface Serial1/1
     ip address
     encapsulation ppp
     ppp authentication chap


  •  hostname R3
    username R1 password 0 cisco
    interface Serial1/1
     ip address
     encapsulation ppp

Now the interesting part to this is that what if we get a question that says make R1 authenticate R3 with chap while on this same link, R3 authenticates R1 with pap ?

For this, all we need to do is to enable ppp authentication pap on R3 and ensure we configure ppp pap sent-usename <name> password <pass> on the R1 end under the interface config. This required because with pap, router do not sent it’s hostname with the shared password, hence this has to be configured on the remote end.

  •  hostname R1
    username R3 password 0 cisco
    interface Serial1/1
     ip address
     encapsulation ppp
     ppp authentication chap
  • ppp pap pap sent-username R1 password cisco


  •  hostname R3
    username R1 password 0 cisco
    interface Serial1/1
     ip address
     encapsulation ppp
  • ppp authentication pap

Question: Running multicast in hub/spoke network (Frame Relay).

One important thing not to forget is to enable ip pim nbma-mode on the hub router.

What is ODR – On Demand Routing

This is one of those vague topics in CCIE lab that I’ve never configured before and it’s quite simple. Hence I decide to talk about it here.

ODR allows routing information from hub/spoke topology to be exchanged with hub and entered into hub routing table without running any standard routing protocol.

ODR (On Demand Routing) is designed to be used in a partially meshed environment (e.g Frame Relay networks) where a hub router maintains one link each to multiple stub routers (spokes routers). Therefore, for any spoke to communicate with another spoke, such traffic must pass through the hub.

If each stub networks is simply made up of the stub router and multiple hosts (much like remote location of a corporate organisation). There is no need to run any routing protocols on the stub since all host are connected and the routes can be exchanged with hub router using odr. Hub will henceforth install the routes in routing/forwarding tables as connected routes with next-hop address of each stub respectively.

ODR uses CDP protocol that runs, by default on all cisco devices. CDP is used by cisco devices to learn & retrieve basic information about their connected neigbors. Therefore, disabling CDP on a router will also disable propagation of ODR traffic.

ODR ip prefixes information can be redistributed to other routing protocols on the hub router using redistribute command.

Operation of ODR:

1.  Enable ODR on the hub router by

Router (config)# router odr

2.  As the hub router learns the stub routes dynamically, it tries to enter them into RIB. With this, it can therefore be filtered with distribute-list command.

Router(config)# access-list 101 permit ip any
Router(config)# !
Router(config)# router odr
Router(config-router)# distribute-list 101 in
Router(config)# end

3.  Redistribute odr routes into other routing protocols.

Router(config)# router ospf 1

Router(config-router)#redistribute odr ?
  metric       Metric for redistributed routes
  metric-type  OSPF/IS-IS exterior metric type for redistributed routes
  route-map    Route map reference
  subnets      Consider subnets for redistribution into OSPF
  tag          Set tag for routes redistributed into OSPF

4.  Timers manipulation

ODR timers can be changed by manipulating cdp timer in global config mode or using timers basic command under router odr mode.

  • Router(config)# cdp timer seconds
  • Router(config)# router odr
  • Router(config-router)# timers basic update invalid
    holddown flush [sleeptime]

Changing Blog site theme

Wondering if you were still in the same blog site or a different one !!

This is still the Sesano’s CCIE Blog site!

I have just changed the blog site theme as I wish to have 2 column rather than a single column that I had with previous theme.