CCIE Routing & Switching

CISCO CERTIFIED INTERNETWORK EXPERT

ROUTING and SWITCHING Ver5.0

CCIE in IT Industry

The Cisco Certified Internetwork Expert, or CCIE, is the most reputed and respected technical certification in IT industry offered by Cisco Systems. Cisco introduced the CCIE certification in 1993 to assist the industry in distinguishing the top echelon of internetworking experts worldwide. According to recent surveys, CCIE is one of the highest paying certifications were average annual salary for a CCIE Holder is $100,000 per year.

Cisco CCIE RnS

The CCIE certifies the skills required of network engineers to plan, operate and troubleshoot complex, converged network infrastructures across various LAN and WAN on a wide variety of Cisco equipment especially Routers and Switches.

Requirements for Certification

There are no formal prerequisites for CCIE certification. Other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam. You are expected to have an in-depth understanding of the topics in the exam blueprints.

Step One: CCIE Routing and Switching Written Exam

You must pass the two-hour, written qualification exam which covers networking concepts and some equipment commands before you are eligible to schedule the lab exam. The comprehensive CCIE R&S v5.0 Written Exam (#400-101) has 100 multiple-choice questions and is two hours in duration. Associate Professional and Specialist.

  • Candidates will be required to answer each question before moving on to the next question. In other words, candidates will no longer be allowed to skip a question and come back to it at a later time.
  • There will be an update to the overall score report. The overall exam score and the exam passing score will now be reported on a scale from 300-1000. The exam uses a combination of multiple choice questions and simulations to assess the skills listed under Exam Topics.

Locations

Exam cost and Validity

Written exam are administered by independent vendors at cost of US$350. You must make an initial attempt of the CCIE lab exam within 18 months of passing the CCIE written exam. If you do not pass the lab exam within three years of passing the written exam, you must retake the written exam before being allowed to attempt the lab exam again.

Step Two: CCIE Routing and Switching Lab Exam

The eight-hour lab exam tests your ability to configure actual equipment and troubleshoot the network in a timed test situation. Once you have passed the CCIE written exam, you are eligible to schedule your CCIE lab and practical exam.

You will need the following to schedule your lab exam:

  • Valid Cisco user account
  • Identification number you used to register for your written exam (in the U.S. and Canada the ID number is generally your Social Security or Social Insurance number. In other regions, the testing vendor assigns the number.)
  • Date of your passing written exam
  • Passing score on written exam

Cost

CCIE Lab and Practical Exam(s) are $1,500 USD per attempt, not including travel and lodging expenses. Costs may vary due to exchange rates and local taxes. You are responsible for any fees your financial institution may charge to complete the payment transaction.

Lab Exam Grading

Each question on the lab has specific criterion. The labs are graded by proctors who ensure the entire criterions are met and points are awarded accordingly. The proctors use automatic tools to gather information from the routers to perform some preliminary evaluations, but the final determination of a correct or incorrect configuration is done by a trained proctor.

Lab Format

The CCIE R&S lab exam consists of a two-hour Troubleshooting section, and a six-hour Configuration section.

Results

You can review your lab exam results online (login required), usually within 48 hours. Results are Pass/Fail and failing score reports indicate major topic areas where additional study and preparation may be useful.

Reevaluation of Lab Results

You may request a reevaluation of results for Routing and Switching, Security and Service Provider labs for up to 14 days following your exam date. Use the link next to your lab record called "Request for Reread". Due to the equipment used, rereads are not available for the Voice and Storage Networking exams. Each reread costs US$250 plus any applicable local taxes. Payment is made online via credit card and your card will be charged upon receipt of the request. You may not cancel the reread request once the process has been initiated and refunds are only given when the results change from Fail to Pass. A reread consists of a second proctor loading your configurations onto a rack to recreate the test and rescore the entire exam. This process may take up to three weeks after receipt of payment. Only one reread per lab attempt is permitted. The result of the reread is an updated score report with success rates for each major section. Be aware that scores may decrease. Exams receive a Pass mark only when the total exam score exceeds 80%. Before requesting a reread, consider that, historically, only 0.3% of exams have been changed from Fail to Pass.

Troubleshooting

The CCIE R&S lab exam features a two-hour troubleshooting section. Candidates will be presented with a series of trouble tickets for preconfigured networks and need to diagnose and resolve the network fault or faults. As with the configuration section, the network must be up and running for a candidate to receive credit. Candidates who finish the troubleshooting section early may proceed on to the configuration section, but they will not be allowed to go back to troubleshooting since their equipment will need to be reinitialized for the configuration portion.

Syllabus

Written Exam Version 5.0 (400-101)

Exam Description: The Cisco CCIE® Routing and Switching Written Exam (400-101) version 5.0 is a 2-hour test with 90−110 questions that will validate that professionals have the expertise to: configure, validate, and troubleshoot complex enterprise network infrastructure; understand how infrastructure components interoperate; and translate functional requirements into specific device configurations. The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

20%

1.0

Network Principles

1.1 Network theory
1.1.a  Describe basic software architecture differences between IOS and IOS XE
  1.1.a (i) Control plane and Forwarding plane
  1.1.a (ii) Impact to troubleshooting and performances
  1.1.a (iii) Excluding specific platform's architecture
1.1.b  Identify Cisco express forwarding concepts
  1.1.b (i) RIB, FIB, LFIB, Adjacency table
  1.1.b (ii) Load balancing Hash
  1.1.b (iii) Polarization concept and avoidance
1.1.c  Explain general network challenges
  1.1.c (i) Unicast flooding
  1.1.c (ii) Out of order packets
  1.1.c (iii) Asymmetric routing
  1.1.c (iv) Impact of micro burst
1.1.d  Explain IP operations
  1.1.d (i) ICMP unreachable, redirect
  1.1.d (ii) IPv4 options, IPv6 extension headers
  1.1.d (iii) IPv4 and IPv6 fragmentation
  1.1.d (iv) TTL
  1.1.d (v) IP MTU
1.1.e  Explain TCP operations
  1.1.e (i) IPv4 and IPv6 PMTU
  1.1.e (ii) MSS
  1.1.e (iii) Latency
  1.1.e (iv) Windowing
  1.1.e (v) Bandwidth delay product
  1.1.e (vi) Global synchronization
  1.1.e (vii) Options
1.1.f   Explain UDP operations
  1.1.f (i) Starvation
  1.1.f (ii) Latency
  1.1.f (iii) RTP/RTCP concepts
1.2 Network implementation and operation
1.2.a Evaluate proposed changes to a network
1.2.a (ii)  Migrate parts of a network to IPv6
1.2.a (iii)   Routing protocol migration
1.2.a (iv)  Adding multicast support
1.2.a (v)  Migrate spanning tree protocol
1.2.a (vi)  Evaluate impact of new traffic on existing QoS design
1.3 Network troubleshooting
1.3.a Use IOS troubleshooting tools
1.3.a (i)  debug, conditional debug
1.3.a (ii)  ping, traceroute with extended options
1.3.a (iii)  Embedded packet capture
1.3.a (iv)  Performance monitor
1.3.b Apply troubleshooting methodologies
1.3.b (i)  Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
1.3.b (ii)  Design and implement valid solutions according to constraints
1.3.b (iii)  Verify and monitor resolution
1.3.c Interpret packet capture
1.3.c (i)  Using Wireshark trace analyzer
1.3.c (ii)  Using IOS embedded packet capture

15%

2.0

Layer 2 Technologies

2.1 LAN switching technologies
2.1.a Implement and troubleshoot switch administration
2.1.a (i)  Managing MAC address table
2.1.a (ii)  errdisable recovery
2.1.a (iii)  L2 MTU
2.1.b Implement and troubleshoot layer 2 protocols
2.1.b (i)  CDP, LLDP
2.1.b (ii)  UDLD
2.1.c Implement and troubleshoot VLAN
2.1.c (i)  Access ports
2.1.c (ii)  VLAN database
2.1.c (iii)  Normal, extended VLAN, voice VLAN
2.1.d Implement and troubleshoot trunking
2.1.d (i)  VTPv1, VTPv2, VTPv3, VTP pruning
2.1.d (ii)  dot1Q
2.1.d (iii)  Native VLAN
2.1.d (iv)  Manual pruning
2.1.e Implement and troubleshoot EtherChannel
2.1.e (i)  LACP, PAgP, manual
2.1.e (ii)  Layer 2, layer 3
2.1.e (iii)  Load-balancing
2.1.e (iv)  Etherchannel misconfiguration guard
2.1.f Implement and troubleshoot spanning-tree
2.1.f (i)  PVST+/RPVST+/MST
2.1.f (ii)  Switch priority, port priority, path cost, STP timers
2.1.f (iii)  port fast, BPDUguard, BPDUfilter
2.1.f (iv)  loopguard, rootguard
2.1.g Implement and troubleshoot other LAN switching technologies
2.1.g (i)  SPAN, RSPAN, ERSPAN
2.1.h Describe chassis virtualization and aggregation technologies
2.1.h (i)  Multichassis
2.1.h (ii)  VSS concepts
2.1.h (iii)  Alternative to STP
2.1.h (iv)  Stackwise
2.1.h (v)  Excluding specific platform implementation
2.1.i Describe spanning-tree concepts
2.1.i (i)  Compatibility between MST and RSTP
2.1.i (ii)  STP dispute, STP bridge assurance
2.2 Layer 2 multicast
2.2.a Implement and troubleshoot IGMP
2.2.a (i)  IGMPv1, IGMPv2, IGMPv3
2.2.a (ii)  IGMP snooping
2.2.a (iii)  IGMP querier
2.2.a (iv)  IGMP filter
2.2.a (v)  IGMP proxy
2.2.b Explain MLD
2.2.c Explain PIM snooping
2.3 Layer 2 WAN circuit technologies
2.3.a Implement and troubleshoot HDLC
2.3.b Implement and troubleshoot PPP
2.3.b (i)  Authentication (PAP, CHAP)
2.3.b (ii)  PPPoE
2.3.b (iii)  MLPPP
2.3.c Describe WAN rate-based ethernet circuits
2.3.c (i)  Metro and WAN Ethernet topologies
2.3.c (ii)  Use of rate-limited WAN ethernet services

40%

3.0

Layer 3 Technologies

3.1 Addressing technologies
3.1.a Identify, implement and troubleshoot IPv4 addressing and subnetting
3.1.a (i)  Address types, VLSM
3.1.a (ii)  ARP
3.1.b Identify, implement and troubleshoot IPv6 addressing and subnetting
3.1.b (i)  Unicast, multicast
3.1.b (ii)  EUI-64
3.1.b (iii)  ND, RS/RA
3.1.b (iv)  Autoconfig/SLAAC, temporary addresses (RFC4941)
3.1.b (v)  Global prefix configuration feature
3.1.b (vi)  DHCP protocol operations
3.1.b (vii)  SLAAC/DHCPv6 interaction
3.1.b (viii)  Stateful, stateless DHCPv6
3.1.b (ix)  DHCPv6 prefix delegation
3.2 Layer 3 multicast
3.2.a Troubleshoot reverse path forwarding
3.2.a (i) RPF failure
3.2.a (ii)  RPF failure with tunnel interface
3.2.b Implement and troubleshoot IPv4 protocol independent multicast
3.2.b (i)  PIM dense mode, sparse mode, sparse-dense mode
3.2.b (ii)  Static RP, auto-RP, BSR
3.2.b (iii)  BiDirectional PIM
3.2.b (iv)  Source-specific multicast
3.2.b (v)  Group to RP mapping
3.2.b (vi)  Multicast boundary
3.2.c Implement and troubleshoot multicast source discovery protocol
3.2.c (i)  Intra-domain MSDP (anycast RP)
3.2.c (ii)  SA filter
3.2.d Describe IPv6 multicast
3.2.d (i)  IPv6 multicast addresses
3.2.d (ii)  PIMv6
3.3 Fundamental routing concepts
3.3.a Implement and troubleshoot static routing
3.3.b Implement and troubleshoot default routing
3.3.c Compare routing protocol types
3.3.c (i)  Distance vector
3.3.c (ii)  Link state
3.3.c (iii)  Path vector
3.3.d Implement, optimize and troubleshoot administrative distance
3.3.e Implement and troubleshoot passive interface
3.3.f Implement and troubleshoot VRF lite
3.3.g Implement, optimize and troubleshoot filtering with any routing protocol
3.3.h Implement, optimize and troubleshoot redistribution between any routing protocol
3.3.i Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
3.3.j Implement, optimize and troubleshoot policy-based routing
3.3.k Identify and troubleshoot sub-optimal routing
3.3.l Implement and troubleshoot bidirectional forwarding detection
3.3.m Implement and troubleshoot loop prevention mechanisms
3.3.m (i)  Route tagging, filtering
3.3.m (ii)  Split horizon
3.3.m (iii)  Route poisoning
3.3.n Implement and troubleshoot routing protocol authentication
3.3.n (i)  MD5
3.3.n (ii)  Key-chain
3.3.n (iii)  EIGRP HMAC SHA2-256bit
3.3.n (iv)  OSPFv2 SHA1-196bit
3.3.n (v)  OSPFv3 IPsec authentication
3.4 RIP (v2 and v6)
3.4.a Implement and troubleshoot RIPv2
3.4.b Describe RIPv6 (RIPng)
3.5 EIGRP (for IPv4 and IPv6)
3.5.a Describe packet types
3.5.a (i)  Packet types (hello, query, update, and such)
3.5.a (ii)  Route types (internal, external)
3.5.b Implement and troubleshoot neighbor relationship
3.5.b (i)  Multicast, unicast EIGRP peering
3.5.b (ii)  OTP point-to-point peering
3.5.b (iii)  OTP route-reflector peering
3.5.b (iv)  OTP multiple service providers scenario
3.5.c Implement and troubleshoot loop free path selection
3.5.c (i)  RD, FD, FC, successor, feasible successor
3.5.c (ii)  Classic metric
3.5.c (iii)  Wide metric
3.5.d Implement and troubleshoot operations
3.5.d (i)  General operations
3.5.d (ii)  Topology table, update, query, active, passive
3.5.d (iii)  Stuck in active
3.5.d (iv)  Graceful shutdown
3.5.e Implement and troubleshoot EIGRP stub
3.5.e (i)  Stub
3.5.e (ii)  Leak-map
3.5.f Implement and troubleshoot load-balancing
3.5.f (i)  equal-cost
3.5.f (ii)  unequal-cost
3.5.f (iii)  add-path
3.5.g Implement EIGRP (multi-address) named mode
3.5.g (i)  Types of families
3.5.g (ii)  IPv4 address-family
3.5.g (iii)  IPv6 address-family
3.5.h Implement, troubleshoot and optimize EIGRP convergence and scalability
3.5.h (i)  Describe fast convergence requirements
3.5.h (ii)  Control query boundaries
3.5.h (iii)  IP FRR/fast reroute (single hop)
3.5.h (iv)  Summary leak-map
3.5.h (v)  Summary metric
3.6 OSPF (v2 and v3)
3.6.a Describe packet types
3.6.a (i)  LSA yypes (1, 2, 3, 4, 5, 7, 9)
3.6.a (ii)  Route types (N1, N2, E1, E2)
3.6.b Implement and troubleshoot neighbor relationship
3.6.c Implement and troubleshoot OSPFv3 address-family support
3.6.c (i)  IPv4 address-family
3.6.c (ii)  IPv6 address-family
3.6.d Implement and troubleshoot network types, area types and router types
3.6.d (i)  Point-to-point, multipoint, broadcast, non-broadcast
3.6.d (ii)  LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
3.6.d (iii)  Internal router, ABR, ASBR
3.6.d (iv)  Virtual link
3.6.e Implement and troubleshoot path preference
3.6.f Implement and troubleshoot operations
3.6.f (i)  General operations
3.6.f (ii)  Graceful shutdown
3.6.f (iii)  GTSM (Generic TTL Security Mechanism)
3.6.g Implement, troubleshoot and optimize OSPF convergence and scalability
3.6.g (i)  Metrics
3.6.g (ii)  LSA throttling, SPF tuning, fast hello
3.6.g (iii)  LSA propagation control (area types, ISPF)
3.6.g (iv)  IP FRR/fast reroute (single hop)
3.6.g (v)  LFA/loop-free alternative (multi hop)
3.6.g (vi)  OSPFv3 prefix suppression
3.7 BGP
3.7.a Describe, implement and troubleshoot peer relationships
3.7.a (i)  Peer-group, template
3.7.a (ii)  Active, passive
3.7.a (iii)  States, timers
3.7.a (iv)  Dynamic neighbors
3.7.b Implement and troubleshoot IBGP and EBGP
3.7.b (i)  EBGP, IBGP
3.7.b (ii)  4 bytes AS number
3.7.b (iii)  Private AS
3.7.c Explain attributes and best-path selection
3.7.d Implement, optimize and troubleshoot routing policies
3.7.d (i)  Attribute manipulation
3.7.d (ii)  Conditional advertisement
3.7.d (iii)  Outbound route filtering
3.7.d (iv)  Communities, extended communities
3.7.d (v)  Multi-homing
3.7.e Implement and troubleshoot scalability
3.7.e (i)  Route-reflector, cluster
3.7.e (ii)  3.7.e (ii)
3.7.e (iii)  Aggregation, AS set
3.7.f Implement and troubleshoot multiproctocol BGP
3.7.f (i)  IPv4, IPv6, VPN address-family
3.7.g Implement and troubleshoot AS path manipulations
3.7.g (i)  Local AS, allow AS in, remove private AS
3.7.g (ii)  Prepend
3.7.g (iii)  Regexp
3.7.h Implement and troubleshoot other features
3.7.h (i)  Multipath
3.7.h (ii)  BGP synchronization
3.7.h (iii)  Soft reconfiguration, route refresh
3.7.i Describe BGP fast convergence features
3.7.i (i)  Prefix independent convergence
3.7.i (ii)  Add-path
3.7.i (iii)  Next-hop address tracking
3.8 ISIS (for IPv4 and IPv6)
3.8.a Describe basic ISIS network
3.8.a (i)  Single area, single topology
3.8.b Describe neighbor relationship
3.8.c Describe network types, levels and router types
3.8.c (i)  NSAP addressing
3.8.c (ii)  Point-to-point, broadcast
3.8.d Describe operations
3.8.e Describe optimization features
3.8.e (i)  Metrics, wide metric

15%

4.0

VPN Technologies

4.1 Tunneling
4.1.a Implement and troubleshoot MPLS operations
4.1.a (i)  Label stack, LSR, LSP
4.1.a (ii)  LDP
4.1.a (iii)  MPLS ping, MPLS traceroute
4.1.b Implement and troubleshoot basic MPLS L3VPN
4.1.b (i)  L3VPN, CE, PE, P
4.1.b (ii)  Extranet (route leaking)
4.1.c Implement and troubleshoot encapsulation
4.1.c (i)  GRE
4.1.c (ii)  Dynamic GRE
4.1.c (iii)  LISP encapsulation principles supporting EIGRP OTP
4.1.d Implement and troubleshoot DMVPN (single hub)
4.1.d (i)  NHRP
4.1.d (ii)  DMVPN with IPsec using preshared key
4.1.d (iii)  QoS profile
4.1.d (iv)  Pre-classify
4.1.e Describe IPv6 tunneling techniques
4.1.e (i)  6in4, 6to4
4.1.e (ii)  ISATAP
4.1.e (iii)  6RD
4.1.e (iv)  6PE/6VPE
4.1.g Describe basic layer 2 VPN —wireline
4.1.g (i)  L2TPv3 general principals
4.1.g (ii)  ATOM general principals
4.1.h Describe basic L2VPN — LAN services
4.1.h (i)  MPLS-VPLS general principals
4.1.h (ii)  OTV general principals
4.2 Encryption
4.2.a Implement and troubleshoot IPsec with preshared key
4.2.a (i)  IPv4 site to IPv4 site
4.2.a (ii)  IPv6 in IPv4 tunnels
4.2.a (iii)  Virtual tunneling Interface (VTI)
4.2.b Describe GET VPN

5%

5.0

Infrastructure Security

5.1 Device security
5.1.a Implement and troubleshoot IOS AAA using local database
5.1.b Implement and troubleshoot device access control
5.1.b (i)  Lines (VTY, AUX, console)
5.1.b (ii)  SNMP
5.1.b (iii)  Management plane protection
5.1.b (iv)  Password encryption
5.1.c Implement and troubleshoot control plane policing
5.1.d Describe device security using IOS AAA with TACACS+ and RADIUS
5.1.d (i)  AAA with TACACS+ and RADIUS
5.1.d (ii)  Local privilege authorization fallback
5.2 Network security
5.2.a Implement and troubleshoot switch security features
5.2.a (i)  VACL, PACL
5.2.a (ii)  Stormcontrol
5.2.a (iii)  DHCP snooping
5.2.a (iv)  IP source-guard
5.2.a (v)  Dynamic ARP inspection
5.2.a (vi)  port-security
5.2.a (vii)  Private VLAN
5.2.b Implement and troubleshoot router security features
5.2.b (i)  IPv4 access control lists (standard, extended, time-based)
5.2.b (ii)  IPv6 traffic filter
5.2.b (iii)  Unicast reverse path forwarding
5.2.c Implement and troubleshoot IPv6 first hop security
5.2.c (i)  RA guard
5.2.c (ii)  DHCP guard
5.2.c (iii)  Binding table
5.2.c (iv)  Device tracking
5.2.c (v)  ND inspection/snooping
5.2.c (vii)  Source guard
5.2.c (viii)  PACL
5.2.d Describe 802.1x
5.2.d (i)  802.1x, EAP, RADIUS
5.2.d (ii)  MAC authentication bypass

15%

6.0

Infrastructure Services

6.1 System management
6.1.a Implement and troubleshoot device management
6.1.a (i)  Console and VTY
6.1.a (ii)  telnet, HTTP, HTTPS, SSH, SCP
6.1.a (iii)  (T)FTP
6.1.b Implement and troubleshoot SNMP
6.1.b (i)  v2c, v3
6.1.c Implement and troubleshoot logging
6.1.c (i)  Local logging, syslog, debug, conditional debug
6.1.c (ii)  Timestamp
6.2 Quality of service
6.2.a Implement and troubleshoot end-to-end QoS
6.2.a (i)  CoS and DSCP mapping
6.2.b Implement, optimize and troubleshoot QoS using MQC
6.2.b (i)  Classification
6.2.b (ii)  Network based application recognition (NBAR)
6.2.b (iii)  Marking using IP precedence, DSCP, CoS, ECN
6.2.b (iv)  Policing, shaping
6.2.b (v)  Congestion management (queuing)
6.2.b (vi)  HQoS, sub-rate ethernet link
6.2.b (vii)  Congestion avoidance (WRED)
6.2.c Describe layer 2 QoS
6.2.c (i)  Queuing, scheduling
6.2.c (ii)  Classification, marking
6.3 Network services
6.3.a Implement and troubleshoot first-hop redundancy protocols
6.3.a (i)  HSRP, GLBP, VRRP
6.3.a (ii)  Redundancy using IPv6 RS/RA
6.3.b Implement and troubleshoot network time protocol
6.3.b (i)  NTP master, client, version 3, version 4
6.3.b (ii)  NTP Authentication
6.3.c Implement and troubleshoot IPv4 and IPv6 DHCP
6.3.c (i)  DHCP client, IOS DHCP server, DHCP relay
6.3.c (ii)  DHCP options
6.3.c (iii)  DHCP protocol operations
6.3.c (iv)  SLAAC/DHCPv6 interaction
6.3.c (v)  Stateful, stateless DHCPv6
6.3.c (vi)  DHCPv6 prefix delegation
6.3.d Implement and troubleshoot IPv4 network address translation
6.3.d (i)  Static NAT, dynamic NAT, policy-based NAT, PAT
6.3.d (ii)  NAT ALG
6.3.e Describe IPv6 network address translation
6.3.e (i)   NAT64
6.3.e (ii)  NPTv6
6.4 Network optimization
6.4.a Implement and troubleshoot IP SLA
6.4.a (i)  ICMP, UDP, Jitter, VoIP
6.4.b Implement and troubleshoot tracking object
6.4.b (i)  Tracking object, tracking list
6.4.b (ii)  Tracking different entities (e.g. interfaces, routes, IPSLA, and such)
6.4.c Implement and troubleshoot netflow
6.4.c (i)  Netflow v5, v9
6.4.c (ii)  Local retrieval
6.4.c (iii)  Export (configuration only)
6.4.d Implement and troubleshoot embedded event manager
6.4.d (i)  EEM policy using applet
6.4.e Identify performance routing (PfR)
6.4.e (i)  Basic load balancing
6.4.e (ii)  Voice optimization

Lab Exam Version 5.0

Exam Description: The CCIE® Routing and Switching Lab Exam version 5.0 is an eight-hour, hands-on exam which requires you to configure and troubleshoot a series of complex networks to given specifications. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE lab exam. You will not configure end-user systems, but are responsible for all devices residing in the network.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

20%

1.0

Layer 2 Technologies

1.1 LAN switching technologies
1.1.a Implement and troubleshoot switch administration
1.1.a (i)  Managing MAC address table
1.1.a (ii)  errdisable recovery
1.1.a (iii)  L2 MTU
1.1.b Implement and troubleshoot layer 2 protocols
1.1.b (i)  CDP, LLDP
1.1.b (ii)  UDLD
1.1.c Implement and troubleshoot VLAN
1.1.c (i)  access ports
1.1.c (ii)  VLAN database
1.1.c (iii)  normal, extended VLAN, voice VLAN
1.1.d Implement and troubleshoot trunking
1.1.d (i)  VTPv1, VTPv2, VTPv3, VTP pruning
1.1.d (ii)  dot1Q
1.1.d (iii)  Native VLAN
1.1.d (iv)  Manual pruning
1.1.e Implement and troubleshoot etherchannel
1.1.e (i)  LACP, PAgP, manual
1.1.e (ii)  layer 2, layer 3
1.1.e (iii)  load-balancing
1.1.e (iv)  etherchannel misconfiguration guard
1.1.f Implement and troubleshoot spanning-tree
1.1.f (i)  PVST+/RPVST+/MST
1.1.f (ii)  switch priority, port priority, path cost, STP timers
1.1.f (iii)  port fast, BPDUguard, BPDUfilter
1.1.f (iv)  loopguard, rootguard
1.1.g Implement and troubleshoot other LAN switching technologies
1.1.g (i)  SPAN, RSPAN, ERSPAN
1.2 Layer 2 Multicast
1.2.a Implement and troubleshoot IGMP
1.2.a (i)  IGMPv1, IGMPv2, IGMPv3
1.2.a (ii)  IGMP snooping
1.2.a (iii)  IGMP querier
1.2.a (iv)  IGMP filter
1.2.a (v)  IGMP proxy
1.3 Layer 2 WAN circuit technologies
1.3.a Implement and troubleshoot HDLC
1.3.b Implement and troubleshoot PPP
1.3.b (i)  authentication (PAP, CHAP)
1.3.b (ii)  1.3.b (ii)
1.3.b (iii)  MLPPP
1.4 Troubleshooting layer 2 technologies
1.4.a Use IOS troubleshooting tools
1.4.a (i)  debug, conditional debug
1.4.a (ii)  ping, traceroute with extended options
1.4.a (iii)  Embedded packet capture
1.4.b Apply troubleshooting methodologies
1.4.b (i)  Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
1.4.b (ii)  Design and implement valid solutions according to constraints
1.4.b (iii)  Verify and monitor resolution
1.4.c Interpret packet capture
1.4.c (i)  Using wireshark trace analyzer
1.4.c (ii)  Using IOS embedded packet capture

40%

2.0

Layer 3 Technologies

2.1 Addressing technologies
2.1.a Identify, implement and troubleshoot IPv4 addressing and sub-netting
2.1.a (i)  Address types, VLSM
2.1.a (ii)  ARP
2.1.b Identify, implement and troubleshoot IPv6 addressing and sub-netting
2.1.b (i)  Unicast, multicast
2.1.b (ii)  EUI-64
2.1.b (iii)  ND, RS/RA
2.1.b (iv)  Autoconfig/SLAAC temporary addresses (RFC4941)
2.1.b (v)  Global prefix configuration feature

2.2 Layer 3 Multicast
2.2.a Troubleshoot reverse path forwarding
2.2.a (i)  RPF failure
2.2.a(ii)  RPF failure with tunnel interface
2.2.b Implement and troubleshoot IPv4 protocol independent multicast
2.2.b (i)  PIM dense mode, sparse mode, sparse-dense mode
2.2.b (ii)  Static RP, auto-RP, BSR
2.2.b (iii)  Bidirectional PIM
2.2.b (iv)  Source-specific multicast
2.2.b (v)  Group to RP mapping
2.2.b (vi)  Multicast boundary
2.2.c Implement and troubleshoot multicast source discovery protocol
2.2.c.(i) Intra-domain MSDP (anycast RP)
2.2.c.(ii)  SA filter
2.3 Fundamental routing concepts
2.3.a Implement and troubleshoot static routing
2.3.b Implement and troubleshoot default routing
2.3.c Compare routing protocol types
2.3.c (i)  distance vector
2.3.c (ii)  link state
2.3.c (iii)  path vector
2.3.d Implement, optimize and troubleshoot administrative distance
2.3.e Implement and troubleshoot passive interface
2.3.f Implement and troubleshoot VRF lite
2.3.g Implement, optimize and troubleshoot filtering with any routing protocol
2.3.h Implement, optimize and troubleshoot redistribution between any routing protocol
2.3.i Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
2.3.j Implement, optimize and troubleshoot policy-based routing
2.3.k Identify and troubleshoot sub-optimal routing
2.3.l Implement and troubleshoot bidirectional forwarding detection
2.3.m Implement and troubleshoot loop prevention mechanisms
2.3.m (i)  Route tagging, filtering
2.3.m (ii)  Split horizon
2.3.m (iii)  Route poisoning
2.3.n Implement and troubleshoot routing protocol authentication
2.3.n (i)  MD5
2.3.n (ii)  key-chain
2.3.n (iii)  EIGRP HMAC SHA2-256bit
2.3.n (iv)  OSPFv2 SHA1-196bit
2.3.n (v)  OSPFv3 IPsec authentication
2.4 RIP v2
2.4.a Implement and troubleshoot RIPv2
2.5 EIGRP (for IPv4 and IPv6)
2.5.a Describe packet types
2.5.a (i)  Packet types (hello, query, update, and such)
2.5.a (ii)  Route types (internal, external)
2.5.b Implement and troubleshoot neighbor relationship
2.5.b (i)  Multicast, unicast EIGRP peering
2.5.c Implement and Troubleshoot Loop free path selection
2.5.c (i)  RD, FD, FC, successor, feasible successor
2.5.c (ii)  Classic metric
2.5.c (iii)  Wide metric
2.5.d Implement and troubleshoot operations
2.5.d (i)  General operations
2.5.d (ii)  Topology table, update, query, active, passive
2.5.d (iii)  Stuck in active
2.5.d (iv)  Graceful shutdown
2.5.e Implement and troubleshoot EIGRP stub
2.5.e (i)  stub
2.5.e (ii)  leak-map
2.5.f Implement and troubleshoot load-balancing
2.5.f (i)  equal-cost
2.5.f (ii)  unequal-cost
2.5.f (iii)  add-path
2.5.g Implement EIGRP (multi-address) named mode
2.5.g (i)  Types of families
2.5.g (ii)  IPv4 address-family
2.5.g (iii)  2.5.g (iii)
2.5.h Implement, troubleshoot and optimize EIGRP convergence and scalability
2.5.h (i)  Describe fast convergence requirements
2.5.h (ii)  Control query boundaries
2.5.h (iii)  IP FRR/fast reroute (single hop)
2.5.h (iv)  Summary leak-map
2.5.h (v)  Summary metric
2.6 OSPF (v2 and v3)
2.6.a Describe packet types
2.6.a (i)  LSA types (1, 2, 3, 4, 5, 7, 9)
2.6.a (ii)  Route types (N1, N2, E1, E2)
2.6.b Implement and troubleshoot neighbor relationship
2.6.c Implement and troubleshoot OSPFv3 address-family support
2.6.c (i)  IPv4 address-family
2.6.c (ii)  IPv6 address-family
2.6.d Implement and troubleshoot network types, area types and router types
2.6.d (i)  Point-to-point, multipoint, broadcast, non-broadcast
2.6.d (ii)  LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
2.6.d (iii)  Internal router, ABR, ASBR
2.6.d (iv)  Virtual link
2.6.e Implement and troubleshoot path preference
2.6.f Implement and troubleshoot operations
2.6.f (i)  General operations
2.6.f (ii)  Graceful shutdown
2.6.f (iii)  GTSM (generic TTL security mechanism)
2.6.g Implement, troubleshoot and optimize OSPF convergence and scalability
2.6.g (i)  Metrics
2.6.g (ii)  LSA throttling, SPF tuning, fast hello
2.6.g (iii)  LSA propagation control (area types, ISPF)
2.6.g (iv)  IP FR/fast reroute (single hop)
2.6.g (v)  LFA/loop-free alternative (multi hop)
2.6.g (vi)  OSPFv3 prefix suppression
2.7 BGP
2.7.a Describe, implement and troubleshoot peer relationships
2.7.a (i)  Peer-group, template
2.7.a (ii)  Active, passive
2.7.a (iii)  States, timers
2.7.a (iv)  Dynamic neighbors
2.7.b Implement and troubleshoot IBGP and EBGP
2.7.b (i)  EBGP, IBGP
2.7.b (ii)  4 bytes AS number
2.7.b (iii)  Private AS
2.7.c Explain attributes and best-path selection
2.7.d Implement, optimize and troubleshoot routing policies
2.7.d (i)  Attribute manipulation
2.7.d (ii)  Conditional advertisement
2.7.d (iii)  Outbound route filtering
2.7.d (iv)  Communities, extended communities
2.7.d (v)  Multi-homing
2.7.e Implement and troubleshoot scalability
2.7.e (i)  Route-reflector, cluster
2.7.e (ii)  Confederations
2.7.e (iii)  Aggregation, AS set
2.7.f Implement and troubleshoot multi-protocol BGP
2.7.f (i)  IPv4, IPv6, VPN address-family
2.7.g Implement and troubleshoot AS path manipulations
2.7.g (i)  Local AS, allow AS in, remove private AS
2.7.g (ii)  Prepend
2.7.g (iii)  Regexp
2.7.h Implement and Troubleshoot Other Features
2.7.h (i)  Multipath
2.7.h (ii)  BGP synchronization
2.7.h (iii)  Soft reconfiguration, route refresh
2.8 Troubleshooting layer 3 technologies
2.8.a Use IOS troubleshooting tools
2.8.a (i)  debug, conditional debug
2.8.a (ii)  ping, traceroute with extended options
2.8.a (iii)  Embedded packet capture
2.8.b Apply troubleshooting methodologies
2.8.b (i)  Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
2.8.b (ii)  Design and implement valid solutions according to constraints
2.8.b (iii)  Verify and monitor resolution
2.8.c Interpret packet capture
2.8.c (i)  Using wireshark trace analyzer
2.8.c (ii)  Using IOS embedded packet capture

20%

3.0

VPN Technologies

3.1 Tunneling
3.1.a Implement and troubleshoot MPLS operations
3.1.a (i)  Label stack, LSR, LSP
3.1.a (ii)  LDP
3.1.a (iii)  MPLS ping, MPLS traceroute
3.1.b Implement and troubleshoot basic MPLS L3VPN
3.1.b (i)  L3VPN, CE, PE, P
3.1.b (ii)  Extranet (route leaking)
3.1.c Implement and troubleshoot encapsulation
3.1.c (i)   GRE
3.1.c (ii)  Dynamic GRE
3.1.d Implement and troubleshoot DMVPN (single hub)
3.1.d (i)  NHRP
3.1.d (ii)  DMVPN with IPsec using preshared key
3.1.d (iii)  QoS profile
3.1.d (iv)  Pre-classify
3.2 Encryption
3.2.a Implement and troubleshoot IPsec with preshared key
3.2.a (i)  IPv4 site to IPv4 site
3.2.a (ii)  IPv6 in IPv4 tunnels
3.2.a (iii)  Virtual tunneling interface (VTI)
3.3 Troubleshooting VPN technologies
3.3.a Use IOS troubleshooting tools
3.3.a (i)  debug, conditional debug
3.3.a (ii)  ping, traceroute with extended options
3.3.a (iii)  Embedded packet capture
3.3.b Apply troubleshooting methodologies
3.3.b (i)  Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
3.3.b (ii)  Design and implement valid solutions according to constraints
3.3.b (iii)  Verify and monitor resolution
3.3.c Interpret packet capture
3.3.c (i)  Using wireshark trace analyzer
3.3.c (ii)  Using IOS embedded packet capture

5%

4.0

Infrastructure Security

4.1 Device security
4.1.a Implement and troubleshoot IOS AAA using local database
4.1.b Implement and troubleshoot device access control
4.1.b (i)  Lines (VTY, AUX, console)
4.1.b (ii)  SNMP
4.1.b (iii)  Management plane protection
4.1.b (iv)  Password encryption
4.1.c Implement and troubleshoot control plane policing
4.2 Network security
4.2.a Implement and troubleshoot switch security features
4.2.a (i)  VACL, PACL
4.2.a (ii)  Stormcontrol
4.2.a (iii)  DHCP snooping
4.2.a (iv)  IP source-guard
4.2.a (v)  Dynamic ARP inspection
4.2.a (vi)  Port-security
4.2.a (vii)  Private VLAN
4.2.b Implement and troubleshoot router security features
4.2.b (i)  IPv4 access control lists (standard, extended, time-based)
4.2.b (ii)  IPv6 traffic filter
4.2.b (iii)  Unicast reverse path forwarding
4.2.c Implement and troubleshoot IPv6 first hop security
4.2.c (i)  RA guard
4.2.c (ii)  DHCP guard
4.2.c (iii)  Binding table
4.2.c (iv)  Device tracking
4.2.c (v)  ND inspection/snooping
4.2.c (vi)  Source guard
4.2.c (vii)  PACL
4.3 Troubleshooting infrastructure security
4.3.a Use IOS troubleshooting tools
4.3.a (i)  debug, conditional debug
4.3.a (ii)  ping, traceroute with extended options
4.3.a (iii)  Embedded packet capture
4.3.b Apply troubleshooting methodologies
4.3.b (i)  Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
4.3.b (ii)  Design and implement valid solutions according to constraints
4.3.b (iii)  Verify and monitor resolution
4.3.c Interpret packet capture
4.3.c (i)  Using wireshark trace analyzer
4.3.c (ii)  Using IOS embedded packet capture

15%

5.0

Infrastructure Services

5.1 System management
5.1.a Implement and troubleshoot device management
5.1.a (i)  Console and VTY
5.1.a (ii)  telnet, HTTP, HTTPS, SSH, SCP
5.1.a (iii)  (T)FTP
5.1.b Implement and troubleshoot SNMP
5.1.b (i)  v2c, v3
5.1.c Implement and troubleshoot logging
5.1.c (i)  Local logging, syslog, debug, conditional debug
5.1.c (ii)  Timestamp
5.2 Quality of service
5.2.a Implement and troubleshoot end to end QoS
5.2.a (i)  CoS and DSCP mapping
5.2.b Implement, optimize and troubleshoot QoS using MQC
5.2.b (i)  Classification
5.2.b (ii)  Network based application recognition (NBAR)
5.2.b (iii)  Marking using IP precedence, DSCP, CoS, ECN
5.2.b (iv)  Policing, shaping
5.2.b (v)  Congestion management (queuing)
5.2.b (vi)  HQoS, sub-rate ethernet link
5.2.b (vii)  Congestion avoidance (WRED)
5.3 Network services
5.3.a Implement and troubleshoot first-hop redundancy protocols
5.3.a (i)  HSRP, GLBP, VRRP
5.3.a (ii)  Redundancy using IPv6 RS/RA
5.3.b Implement and troubleshoot network time protocol
5.3.b (i)  NTP master, client, version 3, version 4
5.3.b (ii)  NTP authentication
5.3.c Implement and troubleshoot IPv4 and IPv6 DHCP
5.3.c (i)  DHCP client, IOS DHCP server, DHCP relay
5.3.c (ii)  DHCP options
5.3.c (iii)  DHCP protocol operations
5.3.c (iv)  SLAAC/DHCPv6 interaction
5.3.c (v)  Stateful, stateless DHCPv6
5.3.c (vi)  DHCPv6 prefix delegation
5.3.d Implement and troubleshoot IPv4 network address translation
5.3.d (i)  Static NAT, dynamic NAT, policy-based NAT, PAT
5.3.d (ii)  NAT ALG
5.4 Network optimization
5.4.a Implement and troubleshoot IP SLA
5.4.a (i)  ICMP, UDP, jitter, VoIP
5.4.b Implement and troubleshoot tracking object
5.4.b (i)  Tracking object, tracking list
5.4.b (ii)  Tracking different entities (e.g. interfaces, routes, IPSLA, and such)
5.4.c Implement and troubleshoot netflow
5.4.c (i)  Netflow v5, v9
5.4.c (ii)  Local retrieval
5.4.c (iii)  Export (configuration only)
5.4.d Implement and troubleshoot embedded event manager
5.4.d (i)  EEM policy using applet
5.5 Troubleshooting infrastructure services
5.5.a Use IOS troubleshooting tools
5.5.a (i)  debug, conditional debug
5.5.a (ii)  ping, traceroute with extended options
5.5.a (iii)  Embedded packet capture
5.5.b Apply troubleshooting methodologies
5.5.b (i)  Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
5.5.b (ii)  Design and implement valid solutions according to constraints
5.5.b (iii)  Verify and monitor resolution
5.5.c Interpret packet capture
5.5.c (i)  Using wireshark trace analyzer
5.5.c (ii)  Using IOS embedded packet capture
Chat Icon