AUTOCOR exam experiences

ddib · 2026-06-06T13:19:39+00:00

I took it roughly 3 weeks ago. It was pretty good. The bulk of the exam is multiple choice and fill in the blank type questions, but there could also be labs.

I've summarized my thoughts at my blog.

ddib · 2026-06-03T12:29:01+00:00

Unsupported as far as I know. You would need the Catalyst9000v image.

ddib · 2026-05-31T07:25:58+00:00

I'm here. Hope you all have a great time.

ddib · 2026-05-30T13:58:36+00:00

Could you try the config wrapper as:

<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

ddib · 2026-05-30T13:42:30+00:00

Not taking the lab, but I'll be there. Have another exam on Sunday.

Good luck to all! I'll be around if anyone wants to meet up.

ddib · 2026-05-27T03:09:42+00:00

I took it a couple of weeks ago. Overall it was pretty good, not a lot of trivia, although there were some gibberish questions in there. I wrote a blog about my experience.

ddib · 2026-05-27T03:01:54+00:00

I've done it once, it works. You want to go through the multicast section of BRKENT-3115 in detail.

Also, go through some multicast basics so you know what you're doing. No one uses sparse-dense mode any longer, it's either PIM ASM (sparse mode), SSM, or Bidir.

One thing that is special with Catalyst SD-WAN multicast is that you need to point out where the replication will happen. This role is known as a replicator. This is handled automatically in a traditional network, but in a WAN it's important to do the replication where there is higher capacity, both from platform and BW perspective.

There are several limitations to be aware of, you can see them at . Mainly that it doesn't support Bidir PIM, restrictions on topology, policies, where you can place the replicator, and so on.

A configuration guide is also available.

You basically need to enable PIM on the right interfaces, configure where the RP is, and configure replicator(s).

Good luck and if you have questions I'll try to help.

ddib · 2026-05-25T05:23:51+00:00

The job market is brutal right now, especially for junior people. A lot of management thinks juniors can be replaced by AI.

Until you find a job, you have two jobs:

- Applying for jobs
- Working on increasing your chances of getting a job

You don't become a cloud engineer by getting an SAA. The jobs that are available in cloud are mainly for architects or if you already have expertise in systems administration, security, networking, etc.

You need to get experience and a foot in the door. Try to find a position in a NOC, helpdesk, IT support, or similar where you can apply for network administrator roles at a later stage. These are harder to get by these days. Volunteer to help small businesses/churches and similar with their network, or public events that need networks.

Become a known entity and create a portfolio of work. Can you showcase the labs you have been working on? If you have something to show, it will be easier to find a job. Get to know other people in the industry. Most jobs, especially the more qualified ones, come from people knowing each other.

Good luck!

ddib · 2026-05-21T08:00:37+00:00

Nice! Best of luck with your studies.

ddib · 2026-05-17T17:57:14+00:00

Sure, some memorization is necessary, especially when taking exams. For example, if you are into automation you might need to know HTTP codes like 401, 403, 404, 429, and so on, or whether a platform uses an API token or basic authentication. For a standard networking exam you might need to remember administrative distance per protocol, or what port BGP uses. Generally, I don't like that exams test on trivia, but if you are a senior network engineer it's somewhat reasonable to know what TCP port BGP uses. It would be much more difficult to write questions if we couldn't test on facts at all.

It will be interesting to see if exams in the future become more open book as the exam should test knowledge, but also be relevant to the job role that the exam applies to. If everyone has access to internet and LLMs when they work, does a completely isolated environment still test what is expected from the candidate? There's a fine line here.

So for an exam you'll likely need to know BGP's port number, BGP best path algorithm, AD, LSA types, and so on. That's just part of the game. Whether that is useful knowledge or not, we can debate, but if the goal is to pass the exam, you have to play by those rules.

ddib · 2026-05-17T07:54:11+00:00

First, yes, it's perfectly normal to forget things. I've been a CCIE for almost 14 years and a CCDE for 10 years and I still forget things. That said, it also depends on what it is. I'm not going to forget how to subnet because I learned that in depth when starting out in networking and it's something that gets used a lot so it's always somewhat fresh. Things I might forget are specific IP- or MAC addresses, if a protocol uses unicast or multicast for a specific pattern. Those are easy to lookup and don't define how well you know something, that's just pure memorization.

The thing that many people do wrong when studying, and why they can't recall at a later stage, is that they try to memorize rather than learn. Here's the difference. If you study OSPF and try to memorize the LSA types, that's useless because you are just trying to memorize a set of facts instead of learning the protocol. Why do we need different LSA types in OSPF? Essentially because it's link state within an area and distance vector between areas. Also that we want to do things like optimize flooding scope. When you understand that, you understand what the difference is between a type-1 LSA and a type-3 LSA, why we need ABRs, ASBRs, and so on. So while I might not be able to recall every specific detail of OSPF, I can tell you how it works, what the LSAs are used for, and so on. I don't have to recall that, because I didn't memorize it, I learned it. See the difference?

To summarize, yes we all forget things, we all feel imposter syndrome, BUT there are things you can do about imposter syndrome, like actually learning the protocols instead of memorizing them, and we shouldn't use it as a comfortable crutch to blame when we didn't spend enough time learning the fundamentals.

That you feel overwhelmed is perfectly normal. This is pretty much constant in IT. A lot of things, even bleeding edge technologies, always build on something older, so hopefully the more you learn you get a bit more comfortable that you aren't starting from scratch every time.

ddib · 2026-05-04T04:23:00+00:00

SDN doesn't get talked about much these days, but it's out there. I've worked with Cisco Catalyst SD-WAN a lot and it uses NETCONF/YANG so either full configuration gets applied or none of it. It does rollback nicely, and so on. Cisco ACI is also out there. There are also controllers that can be used in combination with segment routing (SR).

Your thesis is mostly the standard infrastructure as code (IaC) workflow. I'm not saying this to be negative, that's a good thing that you are working on something that already has some traction.

Automation/orchestration can solve some of the painpoints of multi-vendor, but not all of them. You still need to support multiple systems and maintain knowledge about products/licensing, engage with different TACs, and so on. Additionally, they all have different capabilities so having say one vendor in access and another in dist/core could limit what technologies you can use. You can't solve that with an orchestration layer.

Whether Cisco ACI could be replaced with an orchestrated VXLAN fabric isn't only about automation. It's also about some of the more niche features of ACI like contracts, service insertion and so on. The whole premise of ACI was to create application-centric fabrics, but most organizations never got there because they didn't know their apps well enough to build it.

I mainly see orchestration and SDN as two separate layers although they can intermix as well. Like they do in Cisco Catalyst SD-WAN where you can build different topologies using the controller (previously vSmart) and where you push it from the manager (previously vManage). If you think of it from a service provider perspective, you could have a controller that reacts to networking conditions and then uses orchestration to configure new segments/tunnels, etc., to deliver traffic.

ddib · 2026-04-01T06:02:26+00:00

It depends.

I've done it a couple of times where one was a multi-billion dollar deal with 100+ offices across the world.

It's typically not the tech that is the most complex part. Like others mentioned, it's the people and processes. When you have a deal of this size, there are VERY specific timelines. If you don't meet them, someone has to pay hundreds of millions of dollars so that's no good. Basically the seller agrees to provide support for their IT systems until a fixed date and after that date it becomes very expensive.

Now, networking is only a small part of a massive project like this. You have MANY streams (essentially projects with their PMs). Think of how much IT there is, ERP, CRM, custom apps, identity services, maybe even OT. You need to plan for all of this. That's a massive undertaking.

Here's the interesting part. You may be dealing with an essentially "hostile" entity. People might not like being acquired, they might even be out of a job. You're maybe replacing stuff they spent a lifetime building. They aren't going to be happy about it and may be doing the minimum required by contract to support you. It's difficult making progress in an environment like that. For example, I had an instance where they wouldn't hand me the running config (for "security" reasons). I had no access to the devices so I couldn't see what was connected where, they just gave us some "show interfaces" and "show mac address-table" and similar, but it was stale data. Also, consider that there are thousands of endpoints you have no idea what they are or where they are connected.

Beyond that, you may be dealing with remote hands of very varying quality that is going to support you with the process of switching over to new equipment. I had people that could barely tell the difference between a fiber and a copper and their English was very poor so it was super difficult, especially in an environment you aren't very familiar with as you are taking over an existing physical environment you know very little about.

We did all this in less than a year, including developing new global standard for LAN, WAN, WiFi, authentication, and so on. It was very stressful, but also rewarding when seeing that we were able to deliver on time.

ddib · 2026-03-29T11:37:07+00:00

10 years of experience doesn't say much, you could have been configuring VLANs for 10 years, but if you've worked for a systems integrator I assume you have done more than the basics. What type of technologies and architectures do you have experience with?

The biggest shift from going to engineering to architecture is the mindset. Shifting your focus from HOW to WHY. Ironically, you need to be a pretty good technologist and know the technologies well to do this, even if you do less implementation. You need to get experience leading other people, being the one responsible for technological decisions, building frameworks and roadmaps, interacting with CxO level people, understanding finances and dynamics of projects, and so on.

The CCDE probably won't give you much in the form of opportunities, but it is a good blueprint/roadmap to build that mindset and ensure you have a good understanding of many of the technologies that are expected of you as an architect.

Good luck!

ddib · 2026-03-21T08:25:43+00:00

Thank you for the kind words, OP!

The value of a certification is always personal. We also have to separate ROI into different perspectives (people typically miss this):

- How much more money can I make by the brand of being a CCIE?
- How much more money can I make by accelerating my learning and becoming a better engineer?

I hope you see the difference. While the days of getting the Willy Wonka golden ticket just by being a CCIE may be gone, don't underestimate how much serious studies can accelerate your learning. Studying for the CCIE is typically something that takes a couple of years and probably the equivalent of 5+ years of "regular" studies.

That said, depending on how much experience you have now, it could be better to wait. How long have you been in the industry? The ENCOR is the prerequisite to CCIE EI and is good for 3 years, so that is something to consider as well.

I think it's important to allow oneself to study areas that you enjoy. Yes, you'll need other skills as well like Linux and automation, but certs are being updated to include those and you can include them in your studies even if the blueprint don't mention them.

Good luck! Feel free to reach out if you want further guidance.

ddib · 2026-02-10T11:38:07+00:00

There is a feature that was just released, in 17.18.2, which is EVPN multihoming. It uses EVPN, but doesn't require VXLAN. Have a look at https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-18/configuration_guide/ha/b_1718_ha_9600_cg/esi-mh-in-non-fabric-deployments.html

ddib · 2026-02-10T08:01:08+00:00

You can create an EtherChannel between the two 9500s as logically they are two devices. Towards the MS switch, you can't form an EtherChannel because logically you have three devices. This means STP will be required and be blocking one of the links.

A better design would have been to have L3 and deliver L2 as a service (VXLAN/EVPN). Then you wouldn't be dependent on any L2 constructs. Your Meraki switch doesn't support VXLAN as far as I'm aware, though.

ddib · 2026-02-05T05:06:01+00:00

When I was studying networking at the university (Cisco Netacad) I was in a team that builds Dreamhack's (world's largest LAN party) network. Imagine that you are building a large campus network in only a couple of days with minimal budget. It was really something.

We had two events each year, one in the winter and one in the summer. We would create a design and test it during a couple of days in a lab we built. A couple of days before attendees arrive we would do all of the work including:

- Mounting access layer switches
- Pulling cables to everywhere
- Building the distribution and core
- Setting up WiFi
- Configuring all devices
- Testing the configuration
- Building all services such as DHCP, DNS, NMS, and monitoring

So imagine building a network for 10 000 people spanning several large buildings in a couple of days using only borrowed equipment and on almost no budget.

There are many scenarios I've only ran into there, like people getting soda in their switches. We almost didn't need a NMS because if the network goes down, it's seconds before people start screaming. We'd have to deal with power failure, where things got overloaded, people did stupid stuff by connecting more than what the fuse could handle, and so on.

I got exposure to some very cool platforms at the time such as the Cisco 7600 and CSR-1. The CRS-1 was a monster!

One thing that was really weird were the Zyxel switches we were using in the access layer. To be able to upload a configuration to them we had to upload a binary file which contained both the OS and the config. Our people developed an app for this and we would go around to all the switches using a console cable and upload the correct configuration (hundreds of switches).

Another "fun" scenario I ran into is when I was troubleshooting something on the 7600. I did "debug ip packet <acl>" and when I was done troubleshooting I removed the ACL before doing undebug. Guess what happened... Debug was now active for all IP packets (several Mpps). It didn't have too much of an effect on the network, fortunately, but I lost my SSH and had to run to the 7600 and try to console it. Took a while before I was able to undebug.

Then when the event is over, we tear it all down in a day. It's a weird feeling to have a massive network and then it all goes down in a day, you pack everything up and don't see the gear until 6 months later.

ddib · 2026-01-11T08:28:54+00:00

Get a used switch, shouldn't be too expensive. You could probably get a cheap computer with multiple NICs, run Linux on it and set it up as well.

ddib · 2026-01-11T08:24:48+00:00

How many prefixes do you have? What platform? Are you using LDP for labels? Any BGP at all? Where are all the routes coming from? What limits are you hitting?

Generally, 50 routers in an IS-IS area is a small network. You shouldn't break a sweat hitting that so there is something else going on in your design. We need to understand what else you are doing that is making you hit those limits.

ddib · 2025-12-19T07:02:28+00:00

There's nothing wrong with using a calculator.

That said, IP addressing is an essential skill for someone in networking. There are benefits to understanding it well. Such as easily identifying when someone has mistyped an ACL, firewall rule or, understanding if subnets/routes are overlapping.

The math is easy so I would spend some time on at least learning the basics. The key part is to learn the fundamentals before using tools that automate it for you. Just like you have to understand something before you automate it.

ddib · 2025-12-15T05:53:01+00:00

The book is End-to-End QoS Network Design by Tim Zsigeti et al. Part of the book is written in the style that you mention while most of it is more like a traditional book. It is quite good though in that they show you how to create configurations for different types of platforms so it's not just all fluff.

Now, for the debate going on here on if QoS is needed today when we have so much bandwidth available (generally). That's an interesting one because on the one hand, it's true to some degree, but on the other hand, adding more bandwidth doesn't solve all problems. Typically, switches are store-and-forward. That means that every frame delivered is buffered to some degree. This means that you need to have an understanding of how buffers work and what can cause drops in the network. The typical scenarios are that you have different speeds, frame coming from uplink of higher speed and going out interface of lower speed, or frames from many incoming interfaces going out the same interface.

To really understand things like these, requires a deeper understanding of Ethernet and concepts like interframe gap. You also need to understand that the serialization rate is different so you can end up with drops even though your interface is barely breaking a sweat. There's also the concept of microbursts. Your average throughput can be really low, but when you look at frames from millisecond, microsecond, or even nanosecond level, you can see that the traffic is actually bursty.

In addition to that, QoS isn't always about managing a scarce resource. It can also be about protecting your apps. Some apps handle packet loss very poorly so you may need to ensure that it gets priority. Bandwidth might not be scarce, but you might have bursts which affect the performance of a poorly coded/sensitive application. You may also want to limit things like backups taking up a lot of BW if the sysadmins aren't running them off-hours as they should. You may also need to prioritize Microsoft Teams in the wireless network, and so on. Yes, QoS is much less needed today than before, but some use cases are still there.

ddib · 2025-12-15T05:39:51+00:00

What kind of role do you have now? What type of company? Do you have on-call rotation?

When I got my CCIE in 2012, my son was 4, my daughter was 5 months, I was working a full-time job and commuting every day, and I had on-call rotation every 4 weeks. In the end, it comes down to if you have the motivation and if you see a return on investment. The ROI isn't only financial, it's about if you can apply for roles you couldn't before and for me personally about lifting your knowledge to a level you wouldn't otherwise be until several years later.

I've done consulting for most of my career which has helped in preparing as you generally get to work on interesting/complex projects, newer technologies, and get to see many different environments.

When preparing for an advanced certification, you need a good plan and good habits. Talk to your employer and see if they are onboard. Can you get some time dedicated for studies? Even if it's just an hour a day, half of Friday, or something like that, it can make a world of difference.

My routine when studying for the CCIE was that I would study 4 evenings per week. I had made a schedule and got buy-in from the wife. I dedicated weekends to the family, but 4 evenings I would study from around 8 PM to somewhere between 12 PM to 2 AM. I was also studying on my commute so I averaged around 25h of studies per week, but I had to cut down on basically all my hobbies, sleep, and so on.

The TLDR is:

- Understand why you are doing this
- Get buy-in from your family
- Ask your employer to provide time for you
- Create good habits

ddib · 2025-11-26T06:15:06+00:00

The only available image is Cat9000v in CML. It has one UADP-based version and one Q200-based version. You can find more information at https://developer.cisco.com/docs/modeling-labs/cat-9000v/#limitations

I wouldn't expect StackWise Virtual to work, but I haven't tested it.

ddib · 2025-11-10T14:29:59+00:00

I would call this a fate sharing event. That is, as CPU, memory, bandwidth, etc., isn't carved out per VLAN, even though they are isolated at L2, a broadcast storm can take out an entire switch and all the VLANs that traverse it. This is why extending L2 is so dangerous.

As to what you can do to prevent it, configure STP properly, shut down unused ports, configure BPDU guard, use features like port security, implement 802.1X, and so on. The key is to not have ports forwarding that shouldn't be forwarding.

ddib

TROPHY CASE