Road to CCIE

Hello networking nerds!

After to think accurately concerning my road map I have decided to prepare the CCIE R&S. I think that will be good way to acquire more knowledge and extend my current netoworking concepts.

From now on, I will plublish my key methods that I am doing to achieve the theorical CCIE exam as easy as be possible.

  • Mnemonics for Memorizing

In order to pass the theorical par of CCIE you will need to memorize a lot of concepts and processes. In this section I will share the mnemonics made by me:


Screen Shot 2017-11-26 at 18.47.50.png

The first mnemonic will be ILL + ASS 🙂 


Screen Shot 2017-09-24 at 17.15.03.png

Mnemonic: OKUN.

The next table summarize all possible BGP status:

Screen Shot 2017-09-25 at 00.17.53.png

Mnemonic: ICA O2E

The next table let you memorize the process to determine the best route in BGP.

Screen Shot 2017-09-25 at 00.06.20.png

Mnemonic:           N     WLLA   OMNI

Here you have the magic mnemonic to remember the 4 categories associated to BGP attributes:

Screen Shot 2018-04-07 at 19.33.24


Screen Shot 2017-12-03 at 21.06.36

Mnemonic: HD-3L

Screen Shot 2017-12-03 at 21.04.20.png

Mnemonic: WIFE-DEA

Screen Shot 2017-12-12 at 00.11.43.png

Mnemonic: IIEENN

Screen Shot 2017-12-12 at 01.20.40.png

Mnemonic: TAMASA


Screen Shot 2018-02-17 at 18.57.30.png

The mnemonic will be SQUASH-R.

QoS Service Models

Screen Shot 2017-10-21 at 13.00.01

Mnemonic: DIE CDC.

Queuing Tools

Screen Shot 2017-11-18 at 14.17.53

Mnemonic: CLIP  +   W

Congestion Avoidance Methods

Screen Shot 2017-10-21 at 13.24.09

Multicast Routing Protocols


Mnemonic: PIC MOD


Screen Shot 2017-11-29 at 22.03.17.png

Mnemonic: GAVEE O

(L-point-to-point;LAN multipoint; V-multiple VLANs;)

IPv6 Tunneling

Screen Shot 2017-12-14 at 13.44.46.png

Mnemonic: MAGIC 🙂 6


Mode Active (Netflow)

Screen Shot 2018-05-29 at 00.00.51


Screen Shot 2018-05-28 at 23.58.38.png




Publicado en CCIE, Uncategorized | Etiquetado , , , , | Deja un comentario


Today, studying the written CCIE R&S exam I have just found out the EIGRP Over The Top feature and I would like to share with you briefly.


  • Let you avoid redistribution
  • You need IOS-XE OS
  • Control plane will be EIGRP
  • Data Plane will be LISP
  • Establish an EIGRP multihop adjacency using LISP as the encapsulation method for transport through the WAN network

Screen Shot 2018-02-24 at 22.18.21.png

As you can see, host machines with LISP have an Endpoint ID or EID, that identifies its identity which never changes.   This EID can be an IPv4 address an IPv6 address or any other address format as needed.  The outside address of  the edge router represents the location of the EID of the hosts, this is referred to as  the Routing Locator or RLOC.  Multiple EIDs can exist behind a single RLOC.

Basically is a L2TP protocol that let us to avoid the redistribution. In this way the troubleshooting will be more clear.

After sharing a brief nuthsell and explaining how works, we’ll use the next topology created on “”


The routers are CSR1000V with “csr1000v-universalk9.16.06.02” because older versions cannot let us to create EIGRP OTP.

As you can see all of these routers are running on ESXi Server.



  1. Configure OSPF into CORE network
CSR_1#show running-config | section ospf
router ospf 10
network area 0
network area 0
CSR_2#show running-config | section ospf
router ospf 10
network area 0
network area 0
network area 0
CSR_3#show running-config | section ospf
router ospf 10
network area 0
network area 0
network area 0
CSR_4#show running-config | section ospf
router ospf 10
network area 0
CSR_5#show running-config | section ospf
router ospf 10
network area 0

2. Configure EIGRP OTP

router eigrp CCIE
address-family ipv4 unicast autonomous-system 100
topology base
neighbor GigabitEthernet2 remote 10 lisp-encap 1
exit-address-family2. Configure EIGRP Named
router eigrp CCIE
address-family ipv4 unicast autonomous-system 100
topology base
neighbor GigabitEthernet2 remote 10 lisp-encap 1


Pay attention to “neighbor GigabitEthernet2 remote 10 lisp-encap 1” here you are configuring EIGRP over LISP protocol.



CSR_4#show ip eigrp interfaces
EIGRP-IPv4 VR(CCIE) Address-Family Interfaces for AS(100)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Lo0 0 0/0 0/0 0 0/0 0 0
Gi2 1 0/0 0/0 37 0/0 100 0
CSR_5#show ip eigrp interfaces
EIGRP-IPv4 VR(CCIE) Address-Family Interfaces for AS(100)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Lo0 0 0/0 0/0 0 0/0 0 0
Gi2 1 0/0 0/0 10 0/0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms


Publicado en Uncategorized | Deja un comentario

Next Goal: CCIE LAB


First of all I wanted to say my apologizes because my last 6 months I was very busy preparing my written CCIE R&S Exam and I didn’t upload some technical article.

Now I want to encourage you to prepare CCIE R&S certification because let you to master the networking environment. Nevertheless be aware that you can’t forget the cloud manufacturers like AWS, Google, Azure and Alicloud (I prefer AWS).

Finally, I am going to dive in the CCIE LAB prepartion by means of EVE-NG ( In my way to prepare the CCIE LAB I have created a Slack group where the main goal will be share ideas/topics and establish meeting rooms of brainstorming.

Screen Shot 2018-07-30 at 20.33.44.png

If you are interested send us mail to:

Best regards,

Publicado en Uncategorized | Deja un comentario

Written CCIE RS Passed

Hey mates!

Firstly just I wanted to say that I left the blog 6 months because I had to used my spare time to study so hard my Written CCIE R&S. And now I can say that I passed last monday my CCIE written exam and I am so proud. Was one of the best days of my live.

I would like to help to prepare the CCIE R&S exam and for that reason I’ll expose some big advices:

ADVICE 1:Firstly, read the CCIE R&S official book

ADVICE 2: SUBSCRIBE TO CCIE slack groups and NetworkLessons.

ADVICE 3: DOWNLOAD EVE-NG software to practise a lot one of the TOPICS of the exam.

ADVICE 4: MNEMONICS… Take into account that you’ll need to memorize a lot of new concepts and our capacity for that is limited. Use mnemonics!! Here you have my LIST.

ADVICE 4: BOOK!!! Remember to schedule your exam day in pearsonvue as soon as possible.

In my humble opinion, CCIE R&S written exam get us a lot of deep knowledge that let us to execute our network tasks better. After passing written CCIE you’ll inspect more deeply any issue. Furthermore the exam is focused in new technologies like DMVPN,  OTV, Cloud computing, IoT and SDN…For things like that I think that CCIE will be useful to do migrations and improve our network duties like to migrate from legacy to leaf&spine topologies.


Publicado en CCIE, Uncategorized | Deja un comentario


Currently I am working deploying & testing DMVPN tunnels and their features like IPSec or QoS and I hope to have a DMVPN environment working with certificates.

Furthermore, I can take the advantage of my CCIE notes about DMVPN that let me to understand deeply how works.

Now I’ll share my CCIE note, but in exchange of receiving your feedback.


4.1.d (i) NHRP Packets

  • Registration Request
  • Resolution Request
  • Redirect (Traffic indication message)

3.1.d (ii) DMVPN Phases




NO spoke-to-spoke


Spoke to-spoke

Support Summarization

No support summarization

support summarization

No Support default routing

support Default routing

next-hop can’t be modified

Next-hop are always modified

Spokes must always maintains next-hop reachability

Require: ip nhrp redirect

Require: ip nhrp shortcut

ip nhrp redirect   Will notify the sender of a packet that the packet that the path is suboptimal.

ip nhrp shortcut(tras recibir NHRP Traffic indication, el Spoke manda NHRP Resolution request al destino e instala la ruta con spoke como next-hop en la local RIB).




inte tunnel 0

ip nhrp authentication <key>

ip nhrp map multicast dynamic

ip nhpr network-id <ID>

Tunnel source interface<Gi1/0>

Tunnel mode gre multipoint

Tunnel key<key_number>

Ip Mtu 1400

Ip tcp mtu adjunt mss

Ip nhr redirect

int tunnel 0

Ip nhrp authentication <key>

Ip nhrp nhs <overlay_IP>

Ip nhrp map multicast underlay_IP //send only multicast traffic to HUB.

Ip nhrp map <overlay_IP> <underlay_IP>

ip nhrp network-id 1

Tunnel source interface Gi1/0

Tunnel mode gre multipoint

Tunnel key <key_number>

Ip nhrp shortcut

Ip nhr redirect

Ip Mtu 1400

Ip tcp adjust mss 1360


3.1.d (iii) DMVPN Flags

  • Authoritative: mapping was obtained directly from next-hop router. Mapping ws obtained from registration request.
  • Implicit: mapping was obtained from NHRP resolution request.
  • Local: mapping local.
  • Negative: mapping could not be obtained
  • Registered: mapping was created in response to an NHRP registration
  • Unique: mapping cannot be overwritten
  • Temporary: spoke create a temporary map for the other spokes (after 15.0 OS)

3.1.d (vi) DMVPN Authentication

FIRST thing that happens is Authentication; after occur NHRP.


Used: Transport mode

  • Phase1

crypto isakmp key password address //wildcard o indicar dir Spokes

crypto iakmp policy 10

Hash SHA

Encr AES

Group 5

*ISAKMP preshared key encryption can be used to encrypt and store keys in type 6 format.

Key config-key password-encryption master-key

Password encryption aes

  • Phase2

Crypto ipsec transform-set

crypto ipsec profile name

           set security-association lifetime seconds seconds (86400)

           set transform-set set-name

  • Apply

Tunnel protection ipsec profile NAME

Publicado en CCIE, Uncategorized | Deja un comentario

MPLS VPN & Extended Community

Here are the weekly challenge from CCIE R&S. One of the hardest tips of CCIE is to understand so clear how works the attribute Cost Community.

During this week we’ll focus on this lab:

Extended Community.JPG

Cost Community: The idea behind the Cost community is having so me additive metric, similar to IGP’s costs, that could be accounted in BGP best-path selection process. This community also specifies the POI – point of insertion in the BGP best-path selection procedure. Thus, theoretically a BGP speaker may be instructed to compare cost communities say before the AS_PATH comparison or even before the weights are  considered.

As good network engineer you need break down in small pieces. I recommend you to begin creating the MPLS VPN and after that create the EIGRP as backdoor between both customers.





Publicado en CCIE, Uncategorized | Deja un comentario


Hello folks,

I beign the EVE-NG section with a big&awesome topology where you will check all feature that brings us OSPF like:

  • LSA Throttling
  • LSA Types: Router LSA, Network LSA, Net Summary, ASBR Summary, External, NSSA…
  • LSA filter
  • tweaking timers
  • OSPF authentication
  • Virtual-link
  • Differents types of network
  • Fast Reroute
  • OSPFv3 capabilities


I have uploaded the topology and all running-config in order to run in your laptop and share your doubts and suggestions.

I hope you are enjoying our lab.


Publicado en Uncategorized | Deja un comentario

OSPF Sham-Link

After being puzzled over the OSPF Sham-link issue I thought that would be interesting share my knowledge acquired:


  • Used when same customer has MPLS & backdoor link between a couple of offices.
  • Remember the types of OSPF routes:
    • Intra-area (O)
    • Inter-area (O IA)
    • External Type 1 (E1)
    • NSSA type 1 (N1)
    • External Type 2 (E2)
    • NSSA type 2 (N2)


Publicado en Uncategorized | Deja un comentario