Did you know that security is a major element of CCNP now. I was researching IPSec, GRE and DMVPN and found that some of the best learning material is in a module for CCNP!…. Goosh. It is part of the security for secure WAN networks module. I plan to read this stuff this weekend as I can imagine I need it for work.


Been on a long holiday and I’ve just recovered from jet lag….. California is 8 hours behind the UK so my whole day was upside down. I’m now refreshing my lab knowledge, starting with pure routing and switching… I’ve really enjoyed having a bit of time off to travel and study but I’m now looking forward to getting back to mainstream work. I’ve applied for a few positions and I’ve got my fingers crossed! In the meantime, I’ve started looking into IP Experts lab rentals and will probably start off with the 5 proctor mock labs…. I just hope there are enough hours in the day for me to utilise this all!!!!

For all info on my IPExpert Progress, Check out my IPExpert Page….

I need some more study material so the lastest plan is to use IP Expert workbooks….



After some research and help from teh chaps on group study, I have now determined the correct order of BGP preference for BGP route filtering.

The order of preference varies based on whether the attributes are applied for inbound updates or outbound updates.

For inbound updates the order of preference is:

  1. route-map
  2. filter-list
  3. prefix-list, distribute-list

For outbound updates the order of preference is:

  1. prefix-list, distribute-list
  2. filter-list
  3. route-map

Note: The attributes prefix-list and distribute-list are mutually exclusive, and only one command (neighbor prefix-list or neighbor distribute-list) can be applied to each inbound or outbound direction for a particular neighbor.

Passed the written and got 91%. This is the second time i have passed the written. This gives me enough valid time to take the lab. It was weird to get away from being hands on all day. Now I’m back I’m on lab 19 and feeling good!.

Don’t you hate those scenarios where you need to block an odd port using an ACL. I’ve found that if you do >telnet ? the cisco router will list all the port numbers; ready for you to pick for your ACL. Nice


SW4#telnet ?
/debug             Enable telnet debugging mode
/encrypt           Negotiate telnet encryption
/ipv4              Force use of IP version 4
/ipv6              Force use of IP version 6
/line              Enable telnet line mode
/noecho            Disable local echo
/quiet             Suppress login/logout messages
/route:            Enable telnet source route mode
/source-interface  Specify source interface
/stream            Enable stream processing
/terminal-type     Set terminal type
<0-65535>          Port number
bgp                Border Gateway Protocol (179)
chargen            Character generator (19)
cmd                Remote commands (rcmd, 514)
daytime            Daytime (13)
discard            Discard (9)
domain             Domain Name Service (53)
drip               Dynamic Routing Information Protocol (3949)
echo               Echo (7)
exec               Exec (rsh, 512)
finger             Finger (79)
ftp                File Transfer Protocol (21)
ftp-data           FTP data connections (20)
gopher             Gopher (70)
hostname           NIC hostname server (101)
ident              Ident Protocol (113)
irc                Internet Relay Chat (194)
klogin             Kerberos login (543)
kshell             Kerberos shell (544)
login              Login (rlogin, 513)
lpd                Printer service (515)
nntp               Network News Transport Protocol (119)
pim-auto-rp        PIM Auto-RP (496)
pop2               Post Office Protocol v2 (109)
pop3               Post Office Protocol v3 (110)
smtp               Simple Mail Transport Protocol (25)
sunrpc             Sun Remote Procedure Call (111)
syslog             Syslog (514)
tacacs             TAC Access Control System (49)
talk               Talk (517)
telnet             Telnet (23)
time               Time (37)
uucp               Unix-to-Unix Copy Program (540)
whois              Nicname (43)
www                World Wide Web (HTTP, 80)

I hope it helps.

This studying is killing me…. I’m getting better by the day but I’m not able to complete test labs with the time frame nor am I able to get the required marks…. bugger… This calls for a strategy change …. my plan is to do all the labs and just learn from them…. not wasting too much time pondering on the solution as more often than not ……… the answer is some strange and obscure command. I should be able to get better marks when I repeat them in n rack rental.

The quest continues….