Cisco CCIE v5

As the news spreads the internet and as many people waited and speculated Cisco released the blueprint for the CCIE routing and switching version 5! This is one of the biggest steps forward in my opinion of the CCIE in a while. The CCIE is the penultimate Cisco certification for those seeking to become the best of the best in their chosen track (I am choosing to discount the CCAr as not many outside Cisco pursue this).

What is in and out is the focus of this blog. There are some interesting additions to the CCIE written exam firstly.

Topics Added to the CCIE Routing and Switching v5.0 Written Exam:

• Describe basic software architecture differences between IOS and IOS XE
• Identify Cisco Express Forwarding Concepts
• Explain General Network Challenges
• Explain IP, TCP and UDP Operations
• Describe Chassis Virtualization and Aggregation Technologies
• Explain PIM Snooping
• Describe WAN Rate-based Ethernet Circuits
• Describe BGP Fast Convergence Features
• ISIS (for IPv4 and IPv6)
• Describe Basic Layer 2 VPN – Wireline
• Describe Basic L2VPN – LAN Services
• Describe GET VPN
• Describe IPv6 Network Address Translation

There seems to be a shift to bring security and some SP infiltrating technologies that have found mass enterprise deployments into the R and S track! This is great. We are finding now we require more of MPLS and extending such functionality with DMVPN and other technologies. There also is a focus on CEF here. That might be to the chagrin of others. There is also IPv6 NAT which makes my face hurt. The idea of IPv6 is to remove and liberate networks and the internet from NAT. Ho-hum. Maybe it is 6-4 translations but even still this is a worrying sign.

The additional features to both written and lab are welcomed.

Topics Added to the CCIE Routing and Switching v5.0 Written and Lab Exams:

• Use IOS Troubleshooting Tools
• Apply Troubleshooting Methodologies
• Interpret Packet Capture
• Implement and Troubleshoot Bidirectional Forwarding Detection
• Implement EIGRP (multi-address) Named Mode
• Implement, Troubleshoot and Optimize EIGRP and OSPF Convergence and Scalability
• Implement and Troubleshoot DMVPN (single hub)
• Implement and Troubleshoot IPsec with pre-shared key
• Implement and Troubleshoot IPv6 First Hop Security

AF EIGRP and DMVPN make their foray into battle. DMVPN can provide some interesting protocol behaviours which will allow flexibility for Cisco to test candidates on their knowledge. An increased focus of security in a routing context is great as there is often never a firewall guy and a routing guy. Generally we both have to wear the hat and so why not test on a little overlap.

It is great to see some topics shuffled around that traditionally could have been single pointers or minor scorers yet required a LOT of learning. There are also some technologies that may be sunset or in the process of or are looking to have their functionality played down.

Topics Moved from the CCIE® RS v4.0 Lab exam to the CCIE® RS v5.0 Written Exam:

• Describe IPv6 Multicast
• Describe RIPv6 (RIPng)
• Describe IPv6 Tunneling Techniques
• Describe Device Security using IOS AAA with TACACS+ and RADIUS
• Describe 802.1x
• Describe Layer 2 QoS
• Identify Performance Routing (PfR)

A clear trend appearing is the CCIE’s approach to move away to a hardware independent topology. This is a FANTASTIC move as it focuses less on platform tricks and places a focus on the technology solutions. Applying this to theory is great as you do not need the depth required in theory as you do combined with the hands on. L2 QoS totally depended on queues and ASIC architecture and not a skill that is easily transferable between platforms. Learning QoS is extremely platform dependent and can make stale large portions of learnings when deep diving for a lab. Theory spot is a great place for this.. I find it a little odd that any IPv6 technology is being sunset this early on but there must be demand. PfR is an interesting decision to move to written only. I saw PfR as a

Topics Removed from the CCIE® RS v4.0 Exam:

• Flexlink, ISL, Layer 2 Protocol Tunneling
• Frame-Relay (LFI, FR Traffic Shaping)
• WCCP
• IOS Firewall and IPS
• RITE, RMON
• RGMP
• RSVP QoS, WRR/SRR

As we know Frame-Relay has been used as a last mile technology for a long time. At 26, this technology has been around almost as long as I have! As it is never seen in enterprise environments now we now say goodbye to a technology that has claimed scalps, failed many a CCIE candidate and brought tears of joy and frustration. Farewell Frame-Relay. There are other some technologies being removed but nothing as notable as FR.

As you can determine from this topology, Cisco is revamping the CCIE RS v5 and bringing its relevance in alignment with the Juniper JNCIE examinations. As Cisco move toward this hardware independent test there are many benefits for a test taker. With Cisco VIRL – now known as CML – entering the market it can replicate the required lab environment for the IOS 15.x software code train. There is also a simplification of hardware for purists who want to build a topology at home. The two models of hardware the CCIE RS v5 uses is the Cisco 3560X and Cisco 2900 series ISR. These devices do make up a lot of campus topologies and their technology sets extend rather well into 4500, 6500 and other devices seen in the same environment.

Where the CCIE differs this time around is that there is a new section to the CCIE. The troubleshoot section was brought it and broke up the pure 8 hour configuration block. Now there is a new 30 minute Diagnose section. A collection of emails, trouble ticket responses, and commentaries surrounding an issue requires a candidate to attempt to guide the help desk to a root cause. This is a pure theory approach. Initially I thought this was a good thing for the written exam but it actually serves well as a break up between the troubleshoot and configuration sections. Irrespective of the exam it is in the module provides some good real world skills that all engineers should be familiar with.

What is new with this section is the candidate’s ability to adjust the timings of each section. Although the exam is still 8 hours there can be time adjusted in a one way fashion. If you’re a configuration rock star and are having trouble in the troubleshooting section you can allocate time as required. Configuration is now 2 hours and 30 minutes. This is due to the 30 minutes carved off for the Diagnosis section. The diagram below explains it a little better.

It is exciting times. Never before has the CCIE had as much value and now it is no longer a back of tricks and hardware traps. It is becoming more standardised and industry aligned. This allows for a better value of the exam and ROI on time spent investing in the pursuit of the CCIE. It is great to see Cisco taking feedback from candidates and CCIE’s on this program. We are committed and it seems Cisco is to us too! My next two years are going to rock! Hello Marko or Brian – I’ll be visiting soon.