Sunday, January 6, 2008

5th Mock Lab - 94%

Unbelievable!!!

I got my 2nd biggest grade (94%) in the hardest Mock Lab (level 10)!!!

I lost only 2 tasks in this one, but i spent 2 more hours from the normal 8-hour lab:

1) I lost 1 task (3 points), because i couldn't find a way to do ip accounting for traffic destined to a specific ip. I tried ip accounting, netflow, policing/classification, but neither one was correct. The answer was IP Source Tracker.


Router(config)#ip source-track 1.2.3.4

Router#show ip source-track

2) I lost 1 task (3 points), because i didn't know that the default class is useless with MLS; you have to classify traffic somehow. i.e. if you want to police ALL incoming traffic on a L2/L3 switch for a specific interface, then you can create an aggregate policer and use it under 2 different classes (one IP, one non-IP) under the interface's policy-map.


mls qos
mls qos aggregate-policer POLICER-1MB 1000000 8000
!
ip access-list ext IP
 permit ip any any
!
mac access-list ext NON-IP
 permit any any
!
class-map IP
 match access-group name IP
!
class-map NO-IP
 match access-group name NON-IP
!
policy-map POLICY
 class IP
  police aggregate POLICER-1MB
 class NON-IP
  police aggregate POLICER-1MB
!
int F0/1
 service-policy input POLICY


Generally, this lab didn't have many tasks that were depending on others. So if you made a mistake in a task , you're probably going to lose only that task. Surely there were many tasks that were quite strange or tricky, but with a trial & error method, you could solve most of them.

Posted by Tassos at 01:48

Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Greece License.