Sunday, November 2, 2008

IPexpert Volume 2 Section 8 Review

I just completed this lab. It took me awhile because I was taking breaks watching Tennessee remain unbeaten, and Miami beat up Denver. I accidentally skipped lab 7 by the way, so I will do that one next weekend hopefully. This lab had some neat redistribution issues which I am getting better at fixing on the fly. I always tag and drop first when redistributing. Then alter distances based on what routing protocol should be used to reach certain networks.

Here are the mistakes I made on this lab:

-3 task 3.2. Didn't use rip triggered on R4 because serial interface was multipoint. Should have made a point-to-point subinterface on R4.

-3 task 5.2. Confused about the IP address, thought it was R8's loopback, but it wasn't. You need to configure static RP override as well as bidir PIM.

-3 task 6.4. Forgot to allow in the NTP Acl. This caused R1 to lose sync with itself and it can't be master or serve time requests. I hadn't bothered to re-verify later in the lab that R2 was still synced. This is a good lesson learned.

-3 task 6.2. Couldn't find the DHCP options for TFTP. (They are 66 and 150 - thanks to the peeps on GS for the links)

-3 task 6.3. It was a NAT questions - I couldn't even figure out what they wanted. I knew there was a secondary address, but the task said "Configure support for a new network." Configure support? WTF. Anyways I was suppose to create a NAT rule for this new network.

-3 task 8.3. Didn't configure the Be parameter in FRTS. The task said to configure FRTS with CIR of 64k, ac "access-rate" of 96 and Tc of 20 ms. Easy one but I didn't equate access-rate with Be. If I knew that I would have had the Be right. Bc was 1280 so Be was 640. I guess what they are saying is you can burst up to your access-rate which is what most frame providers allow you to do.

-3 task 8.5. This task is ridiculous. It says to configure flow-based wred. Then give EF packets a min threshold of 65, max threshold of 80, then a MPD of...yeah right. You can only flow-based wred or dscp-based. NOT BOTH. Then it says configure the MPD so that packets are twice as likely to be dropped...twice as likely as what?!

Another tasked asked me to enable telnet to the switches, but prevent telnet out. I created an ACL to deny any, then applied it as an access-class outbound. This worked, but the PG used "transport output none" which is a much cleaner solution I presume.

I booked back to back session for today. I like to take my time sometimes while reading DocCD and trying to gain a really in-depth understanding of the solutions. I have about 4 hours left so maybe another post or 2 will come out of it.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.