CCIE R&S Lab Blueprint v4 I did spend a bit of extra time in the formatting of this page, to enable just

a copy and paste into notepad, whilst keeping the format and not scrambling the output. :) Feel free to copy and use this blueprint, or if I missed something let me know. The new topics to Version 4 are in BOLD :) INDEX 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 Ethernet Bridging and Switching Frame-Relay HDLC/PPP IP Routing RIP EIGRP OSPF Redistribution BGP MPLS IPv6 Multicast QOS System Management IP Services Security

ETHERNET BRIDGING & SWITCHING

Ethernet Technologies Speed and duplex Ethernet, Fast Ethernet, and Gigabit Ethernet PPPoE (PPP over Ethernet) Switchports Dynamic o Desirable o Auto Access Trunk o Encapsulation

Mode Allowed List Tunnel o 802.1q Tunnel

VTP

Domains Modes o Server o Client o Transparent Authentication Pruning o Prune Eligible List Extended VLANs

Layer 3 Routing Router-on-a-Stick Native Routed Ports SVIs EtherChannel Dynamic o PAgP o LACP Static Layer 3 & Layer 2 Load Balancing Spanning-Tree Protocol Root Election Path Selection o Port Cost o Port Priority Advanced Spanning-Tree Features o Portfast o Uplinkfast o Backbonefast o BPDU Guard o BPDU Filter o Loopguard o UDLD Disabling STP

Multiple Spanning-Tree Protocol (MSTP) Root Election Path Selection Rapid Spanning-Tree Protocol (RSTP) Advanced Catalyst Features Flex Links Private VLANs SPAN RSPAN Optimizing System Resources (SDM) Link state Tracking Macros CAM Maintenance o Static Entries o Aging o Logging o MAC address notification traps o Unicast MAC address filtering Bridging Transparent CRB IRB Fall-Back Bridging o Aging Time o Discarding Static or Dynamic MAC Address o Adjusting STP Parameters 3560 Security Port Security o Violation modes o MAC Addresses o Aging Time o Aging Type o Errdisable Recovery/Detect 802.1x Authentication Storm Control DHCP Snooping o Option-82 Data-Inspection IP Source-Guard DAI (Dynamic ARP Inspection) VACLs

IP Acl o MAC Acls & Ethertypes Port Protection o Switchport Protect o Switchport Block
o

. FRAME-RELAY

NBMA Overview Times Keepalives Interface Types Physical Multipoint Subinterface Point-to-Point Subinterface Back-to-Back FRF.16.1 (Multilink Frame Relay) Address Resolution (iARP) Static o Self Mapping Dynamic (iARP) o Disabling Requests o Disabling Per DLCI DCHP to new router Broadcast Replication LMI

Adjusting the timers

Full Mesh Partial Mesh (Hub-and-Spoke) End-to-End Keepalives Bridging over Frame Relay

PPP

PPP advantages over HDLC PPP Features Auto neighbor IP LCP & IPCP Authentication PAP CHAP o CHAP Hostname o CHAP Password o Same hostname Putting a ? in Password Peer Neighbor Route Reliable Link (RFC 1663) Link Quality Monitoring Multilink PPP (MLP) MLP Interleaving and Queuing Multiclass MLP MRRU Negotiation PPP over Frame Relay (PPPoFR) PPP Half-Bridging

. IP ROUTING

Routing Decisions Longest Match Distance Inner Protocol Metric Default Routing Switching Paths Process switching

Fast Switching Netflow switching CEF switching

Layer 2 Resolution OER (Cisco Optimized Edge Routing) PFR (Performance Routing) ODR (On Demand Routing) Secondary Ip addresses Floating Static Routes Backup Interface GRE Tunneling (L3 VPN) PBR (Policy Routing) Policy route local traffic through Loopback /31 Mask IP-Unnumbered

. RIP

RIP Operation no validate-update source Metric & Timers RIP Vesion 1 & 2 Updates Types Broadcast Multicast Unicast Network Statement Passive Int

Split-Horizon, RIP Triggered Summarization Auto Summary Int Summary Filtering Distribute-List Offset List Distance Default Routing Authentication MD5 Text

. EIGRP

EIGRP Operation Metric, Timers and K-values Variance & Load-sharing Convergence Timers Routing Updates Packet Types (Theory) DUAL Finite State Machine (Theory) Passive Interface Split-Horizon Default Network Authentication MD5 Key Rotation

Summarization Auto-Summary Interface Default Route (summary command with 0.0.0.0) Floating Summary Filtering Distribute-List Offset List Distance Stub Routing Bandwidth Percent

. OSPF

OSPF Overview Hello Protocol Network Types Broadcast Non-Broadcast Point-to-Multipoint Point-to-Multipoint Non-Broadcast Point-to-Point Mismatch DR and BDR OSPF Finite State Machine Router Types LSA (Link State Advertisement) Stub Areas Stub Stub No-Summary NSSA No-Summary NSSA No-Redistrib NSSA No-Advertise

GRE over Stub

Filtering Distribute-List LSA 3 Filter LSA Overload Protection LSA Throttling Forwarding Address Suppression in Translated Type-5 LSAs Summarization Inter-area External Stub Router Advertisement Passive-Interface Originating routes Path Selection Auto-Cost Cost Bandwidth Neighbor Cost Incremental SPF Authentication Area Interface MD5 Clear Text Null Virtual-Link Default Routing Always Conditional OSPF Demand Circuit

. REDISTRIBUTION

Redistribution Overview

Connected interfaces Single Router Mutual Routers

Connected / Static RIP

Metric

EIGRP Metric External EIGRP routes OSPF

Route-Types Match command Bgp Redistribute internal

BGP

. BGP

The BGP Process Establishing Peerings TCP Transport Update Source o BGP States o BGP Open Message Authentication EBGP sessions Multihop BGP Backdoor Distance Maximum-Paths Dmzlink-bw Next-Hop Processing Next-Hop Self Route-Map

iBGP sessions Route Reflection Confederation iBGP Synchronization Redistribution into IGP BGP over GRE Bestpath Selection Process Weight Local Preference AS-Path Prepending MED Communities No-Export No-Advertise Local-AS Numbered New Format Community-list Default Originate Originating Prefixes Network Statement Redistribution Aggregation o Summary-Only o Suppress-Map o Neighbor Unsuppress-Map Filtering Filtering Specifics Filtering Aggregate Conditional Advertisement Conditional Route Injection Clearing BGP Sessions ORF (Outbound Route Filtering)

Local AS Remove Private AS Route-maps Dampening Peer Groups Peering Templates Regular Expressions Fast External Fallover Fast Peering session deactivation Support for Next-Hop Address Tracking Max Prefix BGP Policy Accounting

. MPLS (Multi-Protocol Label Switching)

MPLS Overview Router Types CE (Customer Edge) PE (Provider Edge) P (Provider) LDP (Label Distribution Protocol) MPBGP Address Families Originating Prefixes o Network Statement o Redistribution Layer 3 VPNs RD (Route-Target)

RT (Route Disinguisher) VRF (virtual routing and forwarding) Import and Export Maps

VRF-Lite (Multi-VRF Customer Edge)

. IPv6

Addressing Global Unicast Link Local Site Local Unicast Local EUI-64 DHCP for IPv6 IPv6 on 3560 IPv6 over Ethernet ICMP ND Static to Next-Hop Static to Interface IPv6 over Frame Relay Layer 3 Resolution Static to Next-Hop Static to Interface IPv6 Routing Overview RIPng

Enabling Default Routing Summarization Offset List Distribute-List Redistribution

EIGRP v6 Enabling Default Routing Summarization

Distribute-List Redistribution

OSPFv3 Enabling Network Types OSPFv3 over NBMA Summarization o Internal o External Authentication o Per interface o Per area Default Routing Redistribution MPBGP Address Families Originating Prefixes o Network Statement o Aggregation Tunneling IPv6IP GRE Automatic 6to4 ISATAP IPv6 Multicast IPv6 on 3560 Access-List Filtering Static IPv6 DNS Entries

. MULTICAST

Multicast Operation Addressing Reserved Addresses

Well-Known addresses multicast MACs SSM addresses Join Static Access-Group 3560 Profile IGMP Snooping Helper Timers Max Groups Modes Sparse o Dense Sparse-Dense Shortest Path switchover (SPT/RPT) o IP PIM SPT-Threshold
o

IGMP

PIM

Reverse Path Forwarding Static M-route RP Assignments Static o Override Auto-RP o Sparse-Dense o Auto-RP Listener o Default Static RP BSR o Specific Groups o Priority o BSR Border Anycast RP with MSDP Bi-directional PIM NBMA Mode Multicast over GRE

Multicast BGP Stub Multicast IP Routing Filtering Static RP o Filtering Specific Groups Auto-RP filtering o RP group filtering o MA filtering RPs BSR o Specific Groups PIM-Neighbor filtering Client filtering Multicast Bopundary Multicast Route-Limit Scoping TTL Scoping Administrative Scoping Additional Multicast features Multicast Rate Limiting Multicast Helper SDR Listener support Load splitting multicast traffic Multicast Heartbeat SSM (Source specific multicast) MSDP (Multicast Source Distribution Protocol) Interdomain Multicast Routing PGM (Pragmatic General multicast) MRM (Multicast Routing Monitor) MVR (Multicast VLAN Registration) on the 3550 IGMP Profile filtering on 3550/3550 DVMRP

QOS

Qos Overview MQC Diffserv & Intserv Models Classification & Marking Access-Lists IP Precedence DSCP NBAR Packet Length FR-DE Interface NOT statement Congestion Management Custom Queue (CQ) Priority Queue (PQ) Weighted Fair Queue (WFQ) MQC Bandwidth (CBWFQ) MQC Priority (LLQ) Congestion Avoidance Legacy WRED MQC WRED IP Precedence DSCP Shaping Legacy GTS Legacy FRTS MQC Shape MQC FRTS Adaptive Policing Legacy CAR MQC Police COPP (Control Plane Policing) Unconditional Packet Discard

RSVP Nested MQC Policies Switching Voice VLANs Cisco AutoQoS 3550 QoS Classification o Per-Port Per-VLAN o Mutation Maps Congestion Management o WRR o Expedite Queue Policing and Shaping 3560 QoS Classification o Per-Vlan Classification Congestion Management o Shaped Round Robin (SRR) o Weighted Tail Drop (WTD) Priority Queue Policing and Shaping o Aggregate policer Compression TCP Header Predictor RTP Header-compression Frame-Relay RTP compression Link Efficiency mechanisms FRF.12

. SYSTEM MANAGEMENT

SNMP

Polling

Trapping Communities Controlling Access

RMON Delta Absolute Logging Syslog Timestamps 3560 Flash Logging Config Change Notification and Logging (Archive) Remote-access via Telnet Establishing Terminal Session Limits Displaying Line Connection Information Chunk-size Assign IP address to service provided on a TCP port Busy-message Vacant-message Telnet message on successful connection Refuse-message IP telnet quiet Saving Local Settings Between Sessions Defining Escape character and other key sequences Setting terminal screen length and width Enable session locking Login Enhancements o block-for o quite-mode o delay Hiding Telnet Addresses NTP Master Server Peer Authentication

Timezones Banners & Menus Configuring Banners using tokens HTTP Server TFTP Server CDP Crash Dump Warm Reboot IOS Parser EEM (Embedded Resource Manager) System Resources Memory CPU Various other Autoinstall Aliases Service Nagle Interface Commands o Hold-Queue o Load-interval

. IP SERVICES

Scheduler allocate TCP

Performance Parameters o TCP Selective Acknowledgment o TCP Time-stamp o TCP Window Scaling o TCP ECN TCP Synwait-time Window Scaling

Explicit Congestion Notification Keepalive Packet Service IP MTU TCP MSS PMTU Discovery Inside Source Outside Source Overload Static Nat o Extendable o Port Redirection NAT Timeouts TCP Load Balancing On a Stick Stateful Nat

MTU

NAT

Broadcast Services IP Helper Changing Broadcast address DHCP

Server
o o o o o

Exclusions Domain Gateway Multiple Gateways Lease Time

Client IPCP Client IP Helper, DHCP Relay and Option 82 o Disabling on router o Disabling on switch IP Source Guard Multiple Default Gateway Static Entries Record Types: MX, A PTR etc Proxy

DNS

IP Accounting Output Packets Access-List Violations Precedence First Hop Redundancy HSRP VRRP GLBP Track IP SLA/RTR NetFlow RITE (Router IP Traffic-Export) EEM (Cisco IOS Embedded Event Manager) SCP (Switch-module Configuration Protocol) TCP/UDP Small Services Local Area Mobility Web Caching Content Protocol (WCCP) Inbound/Outbound Excluding Traffic from Redirection Only allowing certain Content Engines Setting a Password for a router and cache engine Enabling on 3550 NHRP

Configuring NHRP authentication

IRDP Mobile IP Local Area Mobility DRP Server Agent IP Event Dampening

SECURITY

Standard Access-Lists Extended Access-Lists Advanced Ext-ACL o as a prefix-list Scott Morriss Binary Voodoo Options ACL Logging Rate-limit Access-lists Time Based Access-Lists Dynamic Access-Lists Reflexive Access-Lists CBAC Zone Based Firewall IPS (Intrusion Prevention System) Security Compliance RFCs RFC 1918 RFC 3330 (more for SP Track) RFC 2827 TCP Intercept IP Source Tracking IP Traffic Export Disabling Services Source Routing Proxy ARP IP Options CDP IP Unreachable Local Authentication

Local Authorization AAA (know basics) Modes Defaults RADIUS/TACACS Max-attempts Quiet Period Host mode Guest VLAN URPF