[Offer] CCIE EI Section 1.3 solution

[Loki]

Hi Guys!!

I had some free time to look at the Lab file uploaded here with UNL file. Section 1.2 Solution is correct, But i feel for Section 1.3 the solution is incorrect. So did some labbing. Here is the Solution for Section 1.3. I'll try to finish the entire section 1 in a week or so because of time restriction. I am doing this to help the Lab takers. 

Let's Start technical discussion on Lab. Keep the vendors out of here. Remember that we are a community to help each other.

Any suggestions are welcome !!!!!

Loki from Asgard                                                            

This is the hidden content, please

• Sign In
• or
• Sign Up

[Glavin]

Warning missing [offer] / [Req] also no hidden link for the sol. Read the rules before posting ban for 2 days. 

[siriom]

Link to where it is and ill have a look

[hikaru]

8 hours ago, Loki said:

Hi Guys!!

I had some free time to look at the Lab file uploaded here with UNL file. Section 1.2 Solution is correct, But i feel for Section 1.3 the solution is incorrect. So did some labbing. Here is the Solution for Section 1.3. I'll try to finish the entire section 1 in a week or so because of time restriction. I am doing this to help the Lab takers. 

Let's Start technical discussion on Lab. Keep the vendors out of here. Remember that we are a community to help each other.

Any suggestions are welcome !!!!!

Loki from Asgard                                                            

Hidden Content

• Give reaction or reply to this topic to see the hidden content.

 

Dear Loki from Asgard

first inform  my salutation to ragnarok once you'll visit him ⚔️

Then

Could you please after you find out all reliable and accurate answer please make a PDF or post it again in order?

Thanks and Regards

[siriom]

Anyone wanna post the source for the original solution ?

[bibra]

I think that the tracking is not good, decrement 21 means that the vrrp will switchover even if only R11 loopback is down, you need to change the priority or the track.

Also why do you advertise the network 10.1. in OSPF with the network statement ?

[bibra]

so in that case ip ospf 1 area 0 is enough under vlan2000 and 2001 ...

[hikaru]

2 hours ago, bibra said:

I think that the tracking is not good, decrement 21 means that the vrrp will switchover even if only R11 loopback is down, you need to change the priority or the track.

Also why do you advertise the network 10.1. in OSPF with the network statement ?

@bibrasorry about my opinion on your kind comment, again i am apologize , but dear , this is not very good approach and policy for solving CCIE Level question , Your idea has much respect , yet CCIE is not playing around thought, anyway , I hope we can have full scenario in action (practically solve, more clear means, all technologies together not solve part by part), trust what I am talking, I had had a terrible experience about solving part by part , it wouldn't work properly later at the whole.

We(anyone included) should solve from standard path.

The problem of solving CCIE is not just answering and configuring in any way, If it was, anyone can pass it.

Accurate strategies also applied to all parts as well.

Someone with many years expertise must solve it, however, I am respect you and your knowledge(I am pretty sure you have had this knowledge)

but I have been asking and requesting many times from CCIE candidates to put their own idea and exp about new Lab, no one respond me even in message.

 

[bibra]

@hikaruno problem from my side we are here to share technicals ideas, i understand your point and i agree with having a global vision of the topology and senario.

If you want to discuss all the points i am open i've finish the workbook and need to compare my responses with someone else, in order to respect all the requirements that's why i am here.

Thanks 🙂

[siriom]

Managed to get a skype friend who paid spoto for the rack/lab time, 150 hours over 3 months .... their solution works on their stuff anyway. Im guessing this is why C4C is late to the party ... they dont have the real gear to sim the DNA stuff.

 

[hikaru]

6 hours ago, bibra said:

global vision of the topology and senario

Hi

Yes, Exactly you got  my point

6 hours ago, bibra said:

If you want to discuss all the points i am open i've finish the workbook and need to compare my responses with someone else, in order to respect all the requirements that's why i am here.

How you simulate whole scenario ? how much resources you are using ? 

[hikaru]

6 hours ago, Sachiho said:

@hikaruWhat do you think we should do.
I have also made a complete solution, and look forward to comparing it with others.

Making complete scenario does not matter ,my friend , If I want to be honest with you,

exactly last CCIE I was witness that there are multiple configurations method for a one questions, you believe at the moment I am looking at those scenario !!!!!

specially conjunction of BGP,MPLS,redistribution and etc.

I agree that possible to achieve a ticket/question with your configuration, yet, the problem might have specific vision to solve, I remember exactly MPLS section that this approach should be applied.

I believe first we could practice whole scenario at the time, yet for instance, for DNA , which emulator or simulator rather than online Cisco tools have you used?

[Loki]

Hi Guys,  saw all of you discussing  sec-1.3, especially @bibra, hikaru, siriom, Sachiho

As Here is my view when you use  Or Boolean for tracking:

I used (The Boolean expression enables two types of calculations by using either “and” or “or” operators. which is given as a solution by vendor) and ran a test:

On Sw101

Track 100 list Boolean or

Object 1

Object 2

!

interface Vlan2000

 ip address 10.1.100.2 255.255.255.0

 vrrp 100 ip 10.1.100.1

 vrrp 100 priority 120

 vrrp 100 track 100

On Sw102

 

Track 101 list Boolean or

Object 1

Object 2

!

interface Vlan2000

 ip address 10.1.101.2 255.255.255.0

 vrrp 101 ip 10.1.101.1

 vrrp 101 priority 120

 vrrp 100 track 101

SW101#sh vrrp brief

Interface          Grp  Pri Time  Own Pre State   Master addr     Group addr

Vl2000             100 120 3531     Y      Master     10.1.100.2         10.1.100.1 

Vl2001             101 100 3609     Y      Backup     10.1.101.3         10.1.101.1

SW102#sh vrrp brief

Interface          Grp Pri Time   Own Pre State   Master addr     Group addr

Vl2000             100 100 3609            Y    Backup  10.1.100.2      10.1.100.1    

Vl2001             101 120 3531            Y    Master  10.1.101.3      10.1.101.1

Now shutdown the interface lo0 on R11 and Check VRRP:

SW101#sh track 100

Track 100

List boolean or

Boolean OR is Up

2 changes, last change 00:31:04

object 1 Down

object 2 Up

Tracked by:

VRRP Vlan2000 100

Same output for VRRP:

SW101#sh vrrp brief

Interface          Grp  Pri Time  Own Pre     State      Master addr        Group addr

Vl2000             100 120 3531             Y      Master     10.1.100.2         10.1.100.1 

Vl2001             101 100 3609             Y      Backup     10.1.101.3         10.1.101.1

What is the use if traceability to R11(lo0) is down but still SW101 remains the Master for Vlan 2000?????

Also, in Section-1.5 once the Host11 & 12 receives IPs from DHCP server then you must check the trace to R11 & R12.

When R11 Lo0 is up, the traffic from Host11 is going through Sw101 since it the Gateway via 10.1.100.2

I am tracing interface of R11 facing Sw102: 10.1.13.1

But when Lo0 is down then I get this: host11 still takes path from Sw101 10.1.100.2(Technically incorrect because Gateway is down i.e Vlan 2000)

It must go through Sw102 : 10.1.100.3

As questions states that:

A router must be declared unreachable as soon as it does not respond to three probes in a row.

*Declared Unreachable means what????? It can’t be OSPF

So, I think it means that Sw101 must not be the Master, after lo0 on R11 is down. This is normal according to Industry

Question does not mention that switches remain master even if one Track is down.

So, I personally feel that you must avoid boolean OR (any condition is true will give output true)

OR Boolean for Sw101- Vlan 2000:

R11 Lo0 - UP	R12 Lo0 - UP	Master
R11 Lo0 - UP	R12 Lo0 - Down	Master
R11 Lo0 - Down	R12 Lo0 - UP	Master
R11 Lo0 - Down	R12 Lo0 – Down	Slave (Sw102 will be Master)

Also, the decrement value must be greater than 10(default), So I used Priority 120 and decrement value 21 then only it will switch over Master/Slave roles.

Hope  you guys understand. Read the entire Lab Questions.

Initially i advertise network 10.1.0.0 in OSPF, which is not required.

ip ospf 1 area 0 under OSPF with passive interface for vlan2000 & 2001

Hope you guys agree with me

Edited July 14, 2021 by Loki
Lot's of unnecessay spaces between lines

[Loki]

16 hours ago, Sachiho said:

I think you should use a track list like this:

This is the hidden content, please

• Sign In
• or
• Sign Up

Since If both r11 and r12 are declared unreachable.

The rest of it is perfect, and I look forward to talking to you.

This is the hidden content, please

• Sign In
• or
• Sign Up

Perhaps the solution to Section1 in my blog will help you, although it may not be complete and my knowledge is lacking.

Saw you blog i can point few faults in the solution; For example Sec-1.16 :

Router r12 may be used as an internet exit for the FABD2 company network only if neither r23

nor r24 are advertising a default route in OSPF. This requirement must be accomplish exclusively

in “router ospf” mode on router r12 without changing the default parameters on routers r23

and r24.

The solution is supposed to be implement on  R12.  And you are using Metric-type1 on R23 and R24 , when it says without changing the default parameters on routers r23

and r24.

The solution is wrong. Also R24 is injecting a Default route 0.0.0.0/0 in EIGRP on Tunnel 0 so when you have BGP peering with ISP INTERNET , the default route will be as  r>0.0.0.0 in BGP table.

So no way DC device will have an E2 default route in OSPF . Think about it. Remove Default-info originate from R12 and R23 and check if R24 is able to inject the default E2 route in OSPF domain.

 

Edited July 14, 2021 by Loki

[hikaru]

2 hours ago, Sachiho said:

I paid for the solution from a training institute

I am not comfy with this types of solution.

2 hours ago, Sachiho said:

but their workbook has many serious holes

Yeah, it's likely predicted 

2 hours ago, Sachiho said:

so I'm trying to solve it with my friends

should make a team 

[Loki]

3 hours ago, Sachiho said:

Thank you for your kind reply, but I'm sorry I can't agree with you.

If both r11 and r12 are declared unreachable from a preferred gateway, the other switch must be allowed to assume the gateway role.

I don't think there is a better way to meet this requirement, in your solution, when one of the routers goes down, the gateway will be replaced by another switch. Only when using a tracking list can you ensure the switching of the gateway roles after both routers are down.

SW101 is not only connected to R11, it's hard to understand why we "must go through SW102" when R11 is down. 

When I shutdown R12 after configuring the track list, the host12 can connect to SW211 through SW102 as usual.

 

Regarding the blog post, thanks for your guidance, I wasn't able to solve the last two subsections very well. I admit my mistake, and will find a correct solution. I have benefited from the discussion here, thanks.

The default nature of HA is fast switchover of master/Slave. So when  Vlan 2000 track is down then it must become slave.( That's what i think)

Use my solution and shutdown both the Lo0 interfaces on R11 &R12 . You will find the Result is achieved. Sw0101 becomes Master for Vlan 2001 & Sw102 becomes Master for Vlan2000.

Instead of using OR boolean, use AND boolean and see the output. when i get time i'll test again.

And for your information the Lab Workbook shared here , i know a guy who failed the exam using the same.

Edited July 15, 2021 by Loki

[Loki]

@Sachiho: I just don't understand why you are using R11 as the only exit for SW101.

Answer: i am not talking about from R11 . From Host11 connected to SW110. R11 anyways does load balancing between Sw101&102 as OSPF is configured.

So whether gateway is up or down, it doesn't matter, R11  still Load-balance because OSPF is configured on interfaces and Vlan 2000 & Vlan2001 are passive interface

 

[Loki]

2 minutes ago, Sachiho said:

Thank you so much for being so patient; now I understand your point of view.

But I still think the question means that when SW101 can't connect to R11 and R12 simultaneously, switch the Master to SW102.

If only SW101 cannot connect to R11, the network should still be considered available.

I'm sorry to have wasted so much of your time, next time I will confirm the entire subsection before posting a response.

Cisco ask question like this is tricky. See first you have to achieve Switched roles of Master/Slave(both Lo0s are down).

Then consider the Host11 in Vlan 2000. Technically we are tracking both R11 & R12, so assuming Vlan 2000 is down then it should get DHCP IP from Sw102 for Vlan 2000(if Sw102 becomes Master).

Again these are all technical point of view. And cisco Always look for that.🙂

[routemap]

For this question, after multiple testings, I sourced from the physical interfaces instead for the SLA tracking, technically the SW101 itself for example is still the gateway for VLAN 2000, while SW202 is the gateway for VLAN 2001. Then used the Boolean OR. 

Upon testing, when I both shut down the physical interfaces of R11 and R12 facing SW101 for example, that's ONLY the time that the gateway swinged to SW102.

Same logic for the other side (from R11 and R12, facing SW102).

Edited July 16, 2021 by routemap

[Loki]

16 hours ago, routemap said:

For this question, after multiple testings, I sourced from the physical interfaces instead for the SLA tracking, technically the SW101 itself for example is still the gateway for VLAN 2000, while SW202 is the gateway for VLAN 2001. Then used the Boolean OR. 

Upon testing, when I both shut down the physical interfaces of R11 and R12 facing SW101 for example, that's ONLY the time that the gateway swinged to SW102.

Same logic for the other side (from R11 and R12, facing SW102).

Nice work !

So what's your conclusion????

I think when physical Interfaces of R11 connected to Sw101 is down then technically Sw102 must become Master for traffic coming from Host11( in Vlan2000). That's why i think the Boolean is not required.

I have been trying to explain this.

[routemap]

8 hours ago, Loki said:

Nice work !

So what's your conclusion????

I think when physical Interfaces of R11 connected to Sw101 is down then technically Sw102 must become Master for traffic coming from Host11( in Vlan2000). That's why i think the Boolean is not required.

I have been trying to explain this.

Conclusion:
1. IP SLA - From SW101 and 102, ping R11 and R12 loopback; source is physical interface
2. Use track list boolean OR

As the tasks says "If both r11 and r12 are declared unreachable from a preferred gateway, the other switch must be allowed to assume the gateway role.",  then boolean OR should be used since it will only trigger the failover when BOTH uplinks (to R11 and R12) are down.

Because if the task says that even atleast one of the links go down that the gateway has to swing, then boolean AND should be used. But I think that's not the case for this particular task.

Edited July 17, 2021 by routemap

[mica7788]

Many thanks for the share !!

[idataproxy]

thanks

[Maxwell]

thx

[t3ln3t]

On 7/16/2021 at 9:19 PM, routemap said:

Conclusion:
1. IP SLA - From SW101 and 102, ping R11 and R12 loopback; source is physical interface
2. Use track list boolean OR

As the tasks says "If both r11 and r12 are declared unreachable from a preferred gateway, the other switch must be allowed to assume the gateway role.",  then boolean OR should be used since it will only trigger the failover when BOTH uplinks (to R11 and R12) are down.

Because if the task says that even atleast one of the links go down that the gateway has to swing, then boolean AND should be used. But I think that's not the case for this particular task.

I think you are mixing the boolean logic up...

Boolean "and" function––When a tracked list has been assigned a Boolean "and" function, each object defined within a subset must be in an up state so that the tracked object can become up.

Boolean "or" function––When the tracked list has been assigned a Boolean "or" function, at least one object defined within a subset must be in an up state so that the tracked object can become up.

This is the hidden content, please

• Sign In
• or
• Sign Up