I recently took my CCNP Switch Exam (642-813), passing on my first attempt. While I mostly used GNS3/dynamips to simulate routers for my CCNP Route Exam (642-902), I actually put together physical hardware for the Switch Exam. My switch lab consists of a Cyclades ACS48 terminal server, an APC 7900 switched PDU, 3 Cisco 3550-EMI multilayer switches, a 24 port patch panel, a Cisco SPA942 IP phone, and 2 ZNYX PCI 4-port ethernet cards for my desktop (for a combined 8 NICs dedicated to virtualization).
Initially I had thought there were no emulators for Cisco switches, but upon news that GNS3 would be supporting switching in their upcoming 1.0 release, I started digging. Apparently it’s a well established fact that Cisco switching can indeed be emulated and there are leaked binaries compiled for Linux for a handful of layer 2 IOS images. Hewlett Packard also has a 64-bit VM emulator for their VSR1000 Virtual Services Router Series.
While IOU is nice to work with, there are a number of bugs in the images. First of all, while you can configure private VLAN’s, they don’t appear to work (and they’re not supported on my physical 3550′s). Testing dynamic arp inspection in the following images also doesn’t seem to work:
The utility iou2net (which is used to connect the unix socket to physical hardware) is sometimes wonky, sending unidirectional traffic much of the time. So for my exam, I stuck mostly with my physical hardware for switching, emulated routers via dynamips (in GNS3), and hosts spawned by VirtualBox Manager (to make moving them around to different switchports easier).
I’m connecting my emulated routers to my physical switches and virtual machines using GNS3′s Generic NIO ethernet interface. Of course, my physical setup isn’t without it’s own issues – the tulip drivers (or my motherboard) appear to have occassional complications, flooding the kernel ring buffer with annoying “slowpath” messages and also preventing traffic. Kernel upgrades haven’t resolved the problem (there were some fixes between kernel 3.9.11 and 3.10.1, but they don’t appear to resolve my issues). Thankfully bouncing the problematic ports will fix the issue.
[2842987.323263] Call Trace:
[2842987.323268] [<c0455341>] dump_stack+0×16/0×18
[2842987.323272] [<c012796c>] warn_slowpath_common+0×48/0x5f
[2842987.323275] [<c013284b>] ? del_timer_sync+0x2b/0x3d
[2842987.323277] [<c0127992>] warn_slowpath_null+0xf/0×13
[2842987.323280] [<c013284b>] del_timer_sync+0x2b/0x3d
[2842987.323284] [<f8606ace>] t21142_lnk_change+0×331/0×507 [tulip]
[2842987.323294] [<f86021e4>] tulip_interrupt+0x5d0/0×784 [tulip]
[2842987.323298] [<c015c538>] ? clockevents_program_event+0xe5/0×103
[2842987.323302] [<c0176516>] handle_irq_event_percpu+0x4d/0×158
[2842987.323305] [<c0176647>] handle_irq_event+0×26/0x3f
[2842987.323307] [<c01785fa>] handle_fasteoi_irq+0×63/0x8b
[2842987.323310] [<c0102862>] handle_irq+0×67/0×71
[2842987.323313] [<c01024ce>] do_IRQ+0×35/0x8e
[2842987.323317] [<c045deec>] common_interrupt+0x2c/0×31
[2842987.323319] —[ end trace 80bd835791c79500 ]—
For studying, I worked off Chris Bryant’s really solid Bryant Advantage lectures, the official certification guide, and labwork, labwork, labwork. To play with some of the layer 2 and 3 protocols outside of IOS, I put together a small TinyCore LiveCD [gpg] that includes yersinia, hping2, scapy, and tcpdump. (I’ve packaged yersinia separately if anyone would like it here).
I find it’s extremely helpful to see traffic in action and having 8 NICs helps to facilitate that. While you can easily sniff HSRP, VRRP, and GLBP traffic inside GNS3, seeing VTP and DTP frames can be accomplished by creating bridge interfaces on my desktop OS and using the patch-panel to place myself in the middle of switch-to-switch connections.
The exam itself was pretty typical. I find the simulations to be fun although I’m surprised at how bad the Cisco interpreter is. At one point I had placed a VACL on the wrong piece of equipment, went to remove it and place it on the correct switch but couldn’t remove it on the original switch. Trying every variation of “no” proved fruitless, and in the end I’m sure I lost points due to that mistake. What’s annoying is that I tried to correct it. Thankfully, I’m not alone and a LOT of people complain about the interpreter.
If you’re studying for the exam, here are my pieces of advice:
- You’re paying to take the exam, so get the best grade possible. That means study, study, study.
- Find a good practice exam engine (like Boson’s ExSim) and take a bunch of practice exams. You’ll find out what you don’t know, then lab, lab, lab.
- Take some time off work to study if you can. I dedicated 12 hours a day 5 days (over a long weekend) before the exam to studying. Was it excessive, definitely, but there’s no harm in being over prepared (you’re paying to take the exam, work your hardest).
- If you truly know the material, you know the wrong answers sometimes more clearly than you know the right ones. Always remove the wrong answers from your available options while taking the exam. “No, GLBP uses UDP port 3222 so that answer isn’t for HSRP”
- Even when you’re absolutely certain of the right answer, read all of the answers before going to the next question. On multiple choice questions, I typically say in my head “No that’s not it, that’s it, that’s not it, that’s not it. Second answer is correct”.
- Double check your work on the simulations before going to the next question. Make sure you do everything and completely, and test your configurations.
- Lab work means breaking things. Don’t just configure a working protocol, purposely misconfigure the protocol. Make sure you see the nuances that no book will dedicate the column inches to detailing.
- Look over the exam topics. I didn’t realize they existed until after I took my CCNA and the CCNP Route and Switch exams, and it really led to a lot of unnecessary anxiety (“What’s on this exam, do I know everything???? HELP!”)
So now, I’m in the process of studying for my final CCNP exam – the TSHOOT. Wish me luck!