Transcription
CCIE Routing and Switching Written ExamVersion 5.0 (400-101)Exam Description: The Cisco CCIE Routing and Switching Written Exam (400-101) version 5.0 is atwo-hour test with 90 110 questions that will validate that professionals have the expertise to:configure, validate, and troubleshoot complex enterprise network infrastructure; and, understand howinfrastructure components interoperate; and translate functional requirements into specific deviceconfigurations. The exam is closed book and no outside reference materials are allowed.The following topics are general guidelines for the content likely to be included on the exam. However,other related topics may also appear on any specific delivery of the exam. In order to better reflect thecontents of the exam and for clarity purposes, the guidelines below may change at any time withoutnotice.10%1.01.1Network PrinciplesNetwork theory1.1.a Describe basic software architecture differences between IOS and IOS XE1.1.a (i)Control plane and Forwarding plane1.1.a (ii)Impact to troubleshooting and performances1.1.a (iii) Excluding specific platform's architecture1.1.bIdentify Cisco express forwarding concepts1.1.b (i)RIB, FIB, LFIB, Adjacency table1.1.b (ii)Load balancing Hash1.1.b (iii) Polarization concept and avoidance1.1.cExplain general network challenges1.1.c (i)Unicast flooding1.1.c (ii)Out of order packets1.1.c (iii) Asymmetric routing1.1.c (iv) Impact of micro burst1.1.dExplain IP operations1.1.d (i)ICMP unreachable, redirect1.1.d (ii)IPv4 options, IPv6 extension headers1.1.d (iii) IPv4 and IPv6 fragmentation1.1.d (iv) TTL1.1.d (v)IP MTU1.1.eExplain TCP operations1.1.e (i)IPv4 and IPv6 PMTU1.1.e (ii)MSS2013 Cisco Systems, Inc. This document is Cisco Public.Page 1
1.1.e (iii)1.1.e (iv)1.1.e (v)1.1.e (vi)1.1.e (vii)1.1.f15%LatencyWindowingBandwidth delay productGlobal synchronizationOptionsExplain UDP operations1.1.f (i)Starvation1.1.f (ii)Latency1.1.f (iii)RTP/RTCP concepts1.2Network implementation and operation1.2.a Evaluate proposed changes to a network1.2.a (i)Changes to routing protocol parameters1.2.a (ii)Migrate parts of a network to IPv61.2.a (iii) Routing protocol migration1.2.a (iv) Adding multicast support1.2.a (v)Migrate spanning tree protocol1.2.a (vi) Evaluate impact of new traffic on existing QoS design1.3Network troubleshooting1.3.a Use IOS troubleshooting tools1.3.a (i)debug, conditional debug1.3.a (ii)ping, traceroute with extended options1.3.a (iii) Embedded packet capture1.3.a (iv) Performance monitor2.02.11.3.bApply troubleshooting methodologies1.3.b (i)Diagnose the root cause of networking issue (analyze symptoms,identify and describe root cause)1.3.b (ii)Design and implement valid solutions according to constraints1.3.b (iii) Verify and monitor resolution1.3.cInterpret packet capture1.3.c (i)Using Wireshark trace analyzer1.3.c (ii)Using IOS embedded packet captureLayer 2 TechnologiesLAN switching technologies2.1.a Implement and troubleshoot switch administration2.1.a (i)Managing MAC address table2.1.a (ii)errdisable recovery2.1.a (iii) L2 MTU2.1.bImplement and troubleshoot layer 2 protocols2.1.b (i)CDP, LLDP2.1.b (ii) UDLD2013 Cisco Systems, Inc. This document is Cisco Public.Page 2
2.22.1.cImplement and troubleshoot VLAN2.1.c (i)Access ports2.1.c (ii)VLAN database2.1.c (iii) Normal, extended VLAN, voice VLAN2.1.dImplement and troubleshoot trunking2.1.d (i)VTPv1, VTPv2, VTPv3, VTP pruning2.1.d (ii)dot1Q2.1.d (iii) Native VLAN2.1.d (iv) Manual pruning2.1.eImplement and troubleshoot EtherChannel2.1.e (i)LACP, PAgP, manual2.1.e (ii)Layer 2, layer 32.1.e (iii) Load-balancing2.1.e (iv) Etherchannel misconfiguration guard2.1.fImplement and troubleshoot spanning-tree2.1.f (i)PVST /RPVST /MST2.1.f (ii)Switch priority, port priority, path cost, STP timers2.1.f (iii)port fast, BPDUguard, BPDUfilter2.1.f (iv)loopguard, rootguard2.1.gImplement and troubleshoot other LAN switching technologies2.1.g (i)SPAN, RSPAN, ERSPAN2.1.hDescribe chassis virtualization and aggregation technologies2.1.h (i)Multichassis2.1.h (ii)VSS concepts2.1.h (iii) Alternative to STP2.1.h (iv) Stackwise2.1.h (v)Excluding specific platform implementation2.1.iDescribe spanning-tree concepts2.1.i (i)Compatibility between MST and RSTP2.1.i (ii)STP dispute, STP bridge assuranceLayer 2 multicast2.2.a Implement and troubleshoot IGMP2.2.a (i)IGMPv1, IGMPv2, IGMPv32.2.a (ii)IGMP snooping2.2.a (iii) IGMP querier2.2.a (iv) IGMP filter2.2.a (v)IGMP proxy2.2.bExplain MLD2.2.cExplain PIM snooping2013 Cisco Systems, Inc. This document is Cisco Public.Page 3
2.3Layer 2 WAN circuit technologies2.3.a Implement and troubleshoot HDLC2.3.b Implement and troubleshoot PPP2.3.b (i)Authentication (PAP, CHAP)2.3.b (ii)PPPoE2.3.b (iii) MLPPP2.3.c40%3.03.1Layer 3 TechnologiesAddressing technologies3.1.a Identify, implement and troubleshoot IPv4 addressing and subnetting3.1.a (i)Address types, VLSM3.1.a (ii)ARP3.1.b3.2Describe WAN rate-based ethernet circuits2.3.c (i)Metro and WAN Ethernet topologies2.3.c (ii)Use of rate-limited WAN ethernet servicesIdentify, implement and troubleshoot IPv6 addressing and subnetting3.1.b (i)Unicast, multicast3.1.b (ii)EUI-643.1.b (iii) ND, RS/RA3.1.b (iv) Autoconfig/SLAAC, temporary addresses (RFC4941)3.1.b (v)Global prefix configuration feature3.1.b (vi) DHCP protocol operations3.1.b (vii) SLAAC/DHCPv6 interaction3.1.b (viii) Stateful, stateless DHCPv63.1.b (ix) DHCPv6 prefix delegationLayer 3 multicast3.2.a Troubleshoot reverse path forwarding3.2.a (i)RPF failure3.2.a (ii)RPF failure with tunnel interface3.2.bImplement and troubleshoot IPv4 protocol independent multicast3.2.b (i)PIM dense mode, sparse mode, sparse-dense mode3.2.b (ii)Static RP, auto-RP, BSR3.2.b (iii) BiDirectional PIM3.2.b (iv) Source-specific multicast3.2.b (v)Group to RP mapping3.2.b (vi) Multicast boundary3.2.cImplement and troubleshoot multicast source discovery protocol3.2.c (i)Intra-domain MSDP (anycast RP)3.2.c (ii)SA filter3.2.dDescribe IPv6 multicast3.2.d (i)IPv6 multicast addresses2013 Cisco Systems, Inc. This document is Cisco Public.Page 4
3.2.d (ii)3.3PIMv6Fundamental routing concepts3.3.a Implement and troubleshoot static routing3.3.bImplement and troubleshoot default routing3.3.cCompare routing protocol types3.3.c (i)Distance vector3.3.c (ii)Link state3.3.c (iii) Path vector3.3.dImplement, optimize and troubleshoot administrative distance3.3.eImplement and troubleshoot passive interface3.3.fImplement and troubleshoot VRF lite3.3.gImplement, optimize and troubleshoot filtering with any routing protocol3.3.hImplement, optimize and troubleshoot redistribution between any routingprotocol3.3.iImplement, optimize and troubleshoot manual and auto summarization withany routing protocol3.3.jImplement, optimize and troubleshoot policy-based routing3.3.kIdentify and troubleshoot sub-optimal routing3.3.lImplement and troubleshoot bidirectional forwarding detection3.3.m Implement and troubleshoot loop prevention mechanisms3.3.m (i)Route tagging, filtering3.3.m (ii) Split horizon3.3.m (iii) Route poisoning3.3.n3.4Implement and troubleshoot routing protocol authentication3.3.n (i)MD53.3.n (ii)Key-chain3.3.n (iii) EIGRP HMAC SHA2-256bit3.3.n (iv) OSPFv2 SHA1-196bit3.3.n (v)OSPFv3 IPsec authenticationRIP (v2 and v6)3.4.a Implement and troubleshoot RIPv23.4.b Describe RIPv6 (RIPng)2013 Cisco Systems, Inc. This document is Cisco Public.Page 5
3.53.6EIGRP (for IPv4 and IPv6)3.5.a Describe packet types3.5.a (i)Packet types (hello, query, update, and such)3.5.a (ii)Route types (internal, external)3.5.bImplement and troubleshoot neighbor relationship3.5.b (i)Multicast, unicast EIGRP peering3.5.b (ii)OTP point-to-point peering3.5.b (iii) OTP route-reflector peering3.5.b (iv) OTP multiple service providers scenario3.5.cImplement and troubleshoot loop free path selection3.5.c (i)RD, FD, FC, successor, feasible successor3.5.c (ii)Classic metric3.5.c (iii) Wide metric3.5.dImplement and troubleshoot operations3.5.d (i)General operations3.5.d (ii)Topology table, update, query, active, passive3.5.d (iii) Stuck in active3.5.d (iv) Graceful shutdown3.5.eImplement and troubleshoot EIGRP stub3.5.e (i)Stub3.5.e (ii)Leak-map3.5.fImplement and troubleshoot load-balancing3.5.f (i)equal-cost3.5.f (ii)unequal-cost3.5.f (iii)add-path3.5.gImplement EIGRP (multi-address) named mode3.5.g (i)Types of families3.5.g (ii)IPv4 address-family3.5.g (iii) IPv6 address-family3.5.hImplement, troubleshoot and optimize EIGRP convergence and scalability3.5.h (i)Describe fast convergence requirements3.5.h (ii)Control query boundaries3.5.h (iii) IP FRR/fast reroute (single hop)3.5.8 (iv) Summary leak-map3.5.h (v)Summary metricOSPF (v2 and v3)3.6.a Describe packet types3.6.a (i)LSA yypes (1, 2, 3, 4, 5, 7, 9)3.6.a (ii)Route types (N1, N2, E1, E2)2013 Cisco Systems, Inc. This document is Cisco Public.Page 6
3.73.6.bImplement and troubleshoot neighbor relationship3.6.cImplement and troubleshoot OSPFv3 address-family support3.6.c (i)IPv4 address-family3.6.c (ii)IPv6 address-family3.6.dImplement and troubleshoot network types, area types and router types3.6.d (i)Point-to-point, multipoint, broadcast, non-broadcast3.6.d (ii)LSA types, area type: backbone, normal, transit, stub, NSSA, totallystub3.6.d (iii) Internal router, ABR, ASBR3.6.d (iv) Virtual link3.6.eImplement and troubleshoot path preference3.6.fImplement and troubleshoot operations3.6.f (i)General operations3.6.f (ii)Graceful shutdown3.6.f (iii)GTSM (Generic TTL Security Mechanism)3.6.gImplement, troubleshoot and optimize OSPF convergence and scalability3.6.g (i)Metrics3.6.g (ii)LSA throttling, SPF tuning, fast hello3.6.g (iii) LSA propagation control (area types, ISPF)3.6.g (iv) IP FRR/fast reroute (single hop)3.6.g (v)LFA/loop-free alternative (multi hop)3.6.g (vi) OSPFv3 prefix suppressionBGP3.7.aDescribe, implement and troubleshoot peer relationships3.7.a (i)Peer-group, template3.7.a (ii)Active, passive3.7.a (iii) States, timers3.7.a (iv) Dynamic neighbors3.7.bImplement and troubleshoot IBGP and EBGP3.7.b (i)EBGP, IBGP3.7.b (ii)4 bytes AS number3.7.b (iii) Private AS3.7.cExplain attributes and best-path selection3.7.dImplement, optimize and troubleshoot routing policies3.7.d (i)Attribute manipulation3.7.d (ii)Conditional advertisement3.7.d (iii) Outbound route filtering3.7.d (iv) Communities, extended communities3.7.d (v)Multi-homing2013 Cisco Systems, Inc. This document is Cisco Public.Page 7
3.815%4.04.13.7.eImplement and troubleshoot scalability3.7.e (i)Route-reflector, cluster3.7.e (ii)Confederations3.7.e (iii) Aggregation, AS set3.7.fImplement and troubleshoot multiprotocol BGP3.7.f (i)IPv4, IPv6, VPN address-family3.7.gImplement and troubleshoot AS path manipulations3.7.g (i)Local AS, allow AS in, remove private AS3.7.g (ii)Prepend3.7.g (iii) Regexp3.7.hImplement and troubleshoot other features3.7.h (i)Multipath3.7.h (ii)BGP synchronization3.7.h (iii) Soft reconfiguration, route refresh3.7.iDescribe BGP fast convergence features3.7.i (i)Prefix independent convergence3.7.i (ii)Add-path3.7.i (iii)Next-hop address trackingISIS (for IPv4 and IPv6)3.8.a Describe basic ISIS network3.8.a (i)Single area, single topology3.8.bDescribe neighbor relationship3.8.cDescribe network types, levels and router types3.8.c (i)NSAP addressing3.8.c (ii)Point-to-point, broadcast3.8.dDescribe operations3.8.eDescribe optimization features3.8.e (i)Metrics, wide metricVPN TechnologiesTunneling4.1.a Implement and troubleshoot MPLS operations4.1.a (i)Label stack, LSR, LSP4.1.a (ii)LDP4.1.a (iii) MPLS ping, MPLS traceroute4.1.bImplement and troubleshoot basic MPLS L3VPN4.1.b (i)L3VPN, CE, PE, P2013 Cisco Systems, Inc. This document is Cisco Public.Page 8
4.1.b (ii)4.24.1.cImplement and troubleshoot encapsulation4.1.c (i)GRE4.1.c (ii)Dynamic GRE4.1.c (iii) LISP encapsulation principles supporting EIGRP OTP4.1.dImplement and troubleshoot DMVPN (single hub)4.1.d (i)NHRP4.1.d (ii)DMVPN with IPsec using pre-shared key4.1.d (iii) QoS profile4.1.d (iv) Pre-classify4.1.eDescribe IPv6 tunneling techniques4.1.e (i)6in4, 6to44.1.e (ii)ISATAP4.1.e (iii) 6RD4.1.e (iv) 6PE/6VPE4.1.gDescribe basic layer 2 VPN —wireline4.1.g (i)L2TPv3 general principals4.1.g (ii)ATOM general principals4.1.hDescribe basic L2VPN — LAN services4.1.h (i)MPLS-VPLS general principals4.1.h (ii)OTV general principalsEncryption4.2.a Implement and troubleshoot IPsec with pre-shared key4.2.a (i)IPv4 site to IPv4 site4.2.a (ii)IPv6 in IPv4 tunnels4.2.a (iii) Virtual tunneling Interface (VTI)4.2.b5%5.05.1Extranet (route leaking)Describe GET VPNInfrastructure SecurityDevice security5.1.a Implement and troubleshoot IOS AAA using local database5.1.bImplement and troubleshoot device access control5.1.b (i)Lines (VTY, AUX, console)5.1.b (ii)SNMP5.1.b (iii) Management plane protection5.1.b (iv) Password encryption5.1.cImplement and troubleshoot control plane policing5.1.dDescribe device security using IOS AAA with TACACS and RADIUS2013 Cisco Systems, Inc. This document is Cisco Public.Page 9
5.1.d (i)5.1.d (ii)5.215%6.06.16.2AAA with TACACS and RADIUSLocal privilege authorization fallbackNetwork security5.2.a Implement and troubleshoot switch security features5.2.a (i)VACL, PACL5.2.a (ii)Stormcontrol5.2.a (iii) DHCP snooping5.2.a (iv) IP source-guard5.2.a (v)Dynamic ARP inspection5.2.a (vi) port-security5.2.a (vii) Private VLAN5.2.bImplement and troubleshoot router security features5.2.b (i)IPv4 access control lists (standard, extended, time-based)5.2.b (ii)IPv6 traffic filter5.2.b (iii) Unicast reverse path forwarding5.2.cImplement and troubleshoot IPv6 first hop security5.2.c (i)RA guard5.2.c (ii)DHCP guard5.2.c (iii) Binding table5.2.c (iv) Device tracking5.2.c (v)ND inspection/snooping5.2.c (vii) Source guard5.2.c (viii) PACL5.2.dDescribe 802.1x5.2.d (i)802.1x, EAP, RADIUS5.2.d (ii)MAC authentication bypassInfrastructure ServicesSystem management6.1.a Implement and troubleshoot device management6.1.a (i)Console and VTY6.1.a (ii)telnet, HTTP, HTTPS, SSH, SCP6.1.a (iii) (T)FTP6.1.bImplement and troubleshoot SNMP6.1.b (i)v2c, v36.1.cImplement and troubleshoot logging6.1.c (i)Local logging, syslog, debug, conditional debug6.1.c (ii)TimestampQuality of service6.2.a Implement and troubleshoot end-to-end QoS6.2.a (i)CoS and DSCP mapping2013 Cisco Systems, Inc. This document is Cisco Public.Page 10
6.36.46.2.bImplement, optimize and troubleshoot QoS using MQC6.2.b (i)Classification6.2.b (ii)Network based application recognition (NBAR)6.2.b (iii) Marking using IP precedence, DSCP, CoS, ECN6.2.b (iv) Policing, shaping6.2.b (v)Congestion management (queuing)6.2.b (vi) HQoS, sub-rate ethernet link6.2.b (vii) Congestion avoidance (WRED)6.2.cDescribe layer 2 QoS6.2.c (i)Queuing, scheduling6.2.c (ii)Classification, markingNetwork services6.3.a Implement and troubleshoot first-hop redundancy protocols6.3.a (i)HSRP, GLBP, VRRP6.3.a (ii)Redundancy using IPv6 RS/RA6.3.bImplement and troubleshoot network time protocol6.3.b (i)NTP master, client, version 3, version 46.3.b (ii)NTP Authentication6.3.cImplement and troubleshoot IPv4 and IPv6 DHCP6.3.c (i)DHCP client, IOS DHCP server, DHCP relay6.3.c (ii)DHCP options6.3.c (iii) DHCP protocol operations6.3.c (iv) SLAAC/DHCPv6 interaction6.3.c (v)Stateful, stateless DHCPv66.3.c (vi) DHCPv6 prefix delegation6.3.dImplement and troubleshoot IPv4 network address translation6.3.d (i)Static NAT, dynamic NAT, policy-based NAT, PAT6.3.d (ii)NAT ALG6.3.eDescribe IPv6 network address translation6.3.e (i)NAT646.3.e (ii)NPTv6Network optimization6.4.a Implement and troubleshoot IP SLA6.4.a (i)ICMP, UDP, Jitter, VoIP6.4.bImplement and troubleshoot tracking object6.4.b (i)Tracking object, tracking list6.4.b (ii)Tracking different entities (e.g. interfaces, routes, IPSLA, and such)6.4.cImplement and troubleshoot netflow2013 Cisco Systems, Inc. This document is Cisco Public.Page 11
6.4.c (i)6.4.c (ii)6.4.c (iii)Netflow v5, v9Local retrievalExport (configuration only)6.4.dImplement and troubleshoot embedded event manager6.4.d (i)EEM policy using applet6.4.eIdentify performance routing (PfR)6.4.e (i)Basic load balancing6.4.e (ii)Voice optimization2013 Cisco Systems, Inc. This document is Cisco Public.Page 12
2013 Cisco Systems, Inc. This document is Cisco Public. Page 1 CCIE Routing and Switching Written Exam Version 5.0 (400-101) Exam Description: The Cisco CCIE Routing and Switching Written Exam (400-101) version 5.0 is a two-hour test with 90 110 questions that will validate that professionals have the expertise to:
