Routing and Switching: Cisco's Composite Exam (642-891)
Andy reviews Cisco's new Composite exam, which also serves as the recertification exam for CCNPs and CCDPs.
by Andy Barkl
1/27/2004 -- Cisco Systems recently updated its professional-level Composite certification exam. This exam applies toward the Cisco Certified Network Professional (CCNP) and Cisco Certified Design Professional (CCDP)certifications in lieu of Cisco's separate 642-811 BCMSN exam (also known as "Switching") and 642-801 BSCI exam (also known as "Routing"). It can also be used to renew the company's CCNP and CCDP titles.
I recently took the updated exam and received 88 questions in 120 minutes with a passing score of 755. There were three simulation questions, many multiple choice and a few drag-and-drop. Note that exam engine can be slow when it comes to switching between the simulator-based questions and the standard multiple-choice questions. For most simulator-based questions, you are presented with a network scenario and required to configure or troubleshoot one or more routers and verify your work. The simulator behaves very much like the real thing and includes limited support for abbreviations, command line editing, and limited use of the question mark command for help. The exam indicated that some exam items may be present but not scored, but it was not obvious which items if any didn't count towards my final score.
 |
|
|
| Exam |
|
|
|
#642-891: Composite Exam |
|
| Vendor |
|
|
|
Cisco |
|
| Status |
|
|
|
Now live. Available at Pearson Vue and Prometric testing centers worldwide. |
|
| Reviewer's Rating |
|
|
|
"This exam will test your knowledge of all forms of routing and switching. You can use this single exam to meet four of the two exam requirements for CCDP and CCNP certification, or recertify your expiring CCDP or CCNP." |
|
| Test Information |
|
|
|
Apx. 88 questions, 2 hour time limit. Cost: $187.50 (U.S.). |
|
| Who Should Take This Exam? |
|
|
|
Candidates for CCDP and CCNP who don't want to take the BSCI and BCMSN exams separately (and pay $250). Also renews expiring CCNP and CCDP credentials. |
|
|
| Test Objectives |
|
|
|
Click here |
|
|
|
|
|
|
|
|
|
|
|
|
|
Having taken the 640-5xx version CCNP exams for certification two years ago, this exam wasn't much more difficult than the CCNP 640-503 (Routing) and 640-504 (Switching) combined. As a matter of fact, I wished I had taken the earlier version of this exam back then and saved a few dollars! The price for this exam in is $187.50 (US) -- a savings over the two-exam option of $62.50.
The official 642-891 objectives can be found here. This exam won't retest your knowledge of such things as subnetting or access lists since you proved that by passing the CCNA. The Composite exam will test you on everything from network technology, implementation and operation to planning, to design and troubleshooting. In this article, I will cover many of the topics of this exam to help you prepare.
Enterprise Composite Model
The first series of topics listed in the official exam objectives relate to the Enterprise Composite Model (ECM). While I didn't see this topic tested on my Composite exam, it doesn't mean that it won't appear on yours!
The ECM includes various modules of a network security design as outlined in the document titled: "Extending the Security Blueprint to Small, Midsize, and Remote-User Networks." As with the CCDA exam, which also tests on the model, for Composite exam it is imperative that you understand the design philosophy behind Cisco's SAFE security architecture design. The model allows network designers to focus on each area of the enterprise and campus design for a layered approach to security. Each network device and module such as the campus, edge or WAN can be secured against attacks from the outside and inside. A layered approach to security design is highly recommended in all cases.
Switching
When it comes to switching, Cisco expects its certified professionals to be able to:
The VLAN trunking protocols 802.1Q and ISL, which are used with Ethernet networks, provide for data link layer frame tagging and identification in a switched fabric. VLAN trunk links carry multiple VLAN frames.
Tip: 802.1Q uses an internal VLAN tagging process while the Cisco proprietary ISL uses an external. This means the 802.1Q Ethernet frame can exceed the permitted size of 1518 bytes.
The DTP (Dynamic Trunking Protocol) manages trunk negotiation for 802.1Q and ISL trunks. The set trunk mod_num/port_num [on | off | desirable | auto nonegotiate] vlan_range [isl | dot1q | lane | negotiate] command is required when configuring set-based Cisco Catalyst switches. The IOS-based command is switchport mode dynamic desirable, which is also the default for all ports on a 2950 switch. For more information, click here.
Tip: VLAN port assignments can be made manually based on MAC address, or dynamically by the use of a VMPS (VLAN Management Policy Server).
The Spanning Tree Protocol operates at the data link layer and helps to eliminate loops in a switched fabric through a root bridge. This means some ports are disabled or put in to a non-forwarding mode. STP includes the STA (Spanning Tree Algorithm) which uses BPDUs (Bridge Protocol Data Units) sent every two seconds on every port to ensure a stable, loop-free topology. A root bridge is chosen by combining the 2-byte priority and 6-byte MAC address.
Tip: The bridge with the lowest value when combining the bridge priority and MAC address values is chosen as the root bridge by STP. The number 80.00.00.00.0c.12.34.56 includes the first 2-byte priority field and 6-byte MAC address of a switch.
Spanning Tree port states are something you should be familiar with from your CCNA studies. They are tested here again but with a twist! You do remember the five states? They are blocking, listening, learning, forwarding and disabled. The STP operation can leave a port in the blocking state (which is also the default) if it detects a loop or better path to the root bridge. During the listening state, a port attempts to learn if there is a better path to the root bridge but does not forward frames or place entries into the CAM (Content Addressable Memory) table -- also known as MAC address table. In the learning state, the port can add entries to the CAM but is not yet forwarding frames. The forwarding state is typical for a port and this is when it's forwarding data frames. The disabled state can be configured on a selected port because of hardware failure or administratively.
Tip: The total time typically required for a switch port to transition from the blocking to forwarding state is 50 seconds.
When studying for this exam, be sure you are comfortable with the "special" STP port configurations such as PortFast and UplinkFast. Configuring PortFast on a switch port may be required for Microsoft Windows clients using RIS (Remote Installation Services), where the client will timeout if a wait of up to 50 seconds is required. Only configure PortFast on ports connected directly to a client or server. Doing so disables the STP operation and may cause loops. UplinkFast can be configured on switch ports for those that connect to the root bridge, and it helps to minimize the convergence after a topology change.
The VTP (VLAN Trunking Protocol) is used to manage all VLANs across a switch fabric. Using data link layer frames, messages are sent to manage the addition, deletion, and renaming of VLANs. After the configuration of a VTP management domain, all switches in the same domain share their VLAN information.
Tip: A switch can only operate in one VTP domain.
The three modes of VTP are server, client and transparent. When a switch is configured in the VTP server mode, you can create, modify and delete VLANs, and specify other parameters such as VTP version and VTP pruning. VTP server-configured switches advertise their configuration through trunk links to client and transparent configured switches. A client-configured switch receives VLAN configuration from the server, but management changes cannot be directly made at the client. Finally, transparent-configured switches do not advertise their VLAN configuration nor synchronize with the Server, but in VTP version 2, they do forward received VTP advertisements out their trunk ports.
Tip: VTP configuration revision numbers are critical to maintaining a stable VTP domain. If a switch is placed in the domain with a higher revision number, it can disrupt the domain and cause all previous changes to be overwritten!
VTP versions 1 and 2 are not compatible with each other. You must configure all the switches in a single domain to use the same version. The set command set vtp v2 enable or IOS command vtp version 2 is used for the version configuration on a switch. VTP pruning increases network available bandwidth. Without VTP pruning, a switch floods broadcast, multicast and unknown unicast traffic across all trunk links within a VTP domain. VTP pruning is disabled by default. VTP pruning is supported with VTP versions 1 and 2.
To help you meet the requirements to explain how IP multicast operates on a multilayer switched network, including PIM, CGM and IGMP, I refer you to a Cisco document which includes everything you need to know, here.
For the requirements to describe the QoS solutions that address voice quality issues, go to this Cisco document.
Tip: The Cisco Internetworking Technology Handbook includes valuable information for both CCNAs and CCNPs.
Routing
Now it's time for the routing objectives for this exam, including:
- List the key information routers need to route data.
- Describe and compare classful and classless routing protocols.
- Describe and compare link-state and distance vector routing protocols.
- Describe the use of VLSM.
- Features and operation of OSPF, EIGRP, IS-IS, BGP, and the redistribution between them.
There's actually a lot here to study and understand! You've learned the basics of routing and the specifics of RIP and IGRP for the CCNA exam -- now it's time raise the bar and become a professional with routing and routing protocols.
Tip: Be sure to get lots of hands-on practice with OSPF configuration.
Tip: To display a router's routing table, use the command show ip route works. The show ip protocols command displays the routing protocol in use and its configuration.
OSPF, EIGRP, ISIS and BGP are classless routing protocols. They support CIDR, which includes VLSM (Variable Length Subnet Masks), hierarchical addressing and route summarization. These methods -- along with private addresses and NAT -- are the means to support IP address depletion on the Internet.
Tip: VLSM works by allowing network designers and engineers to use IP addresses with variable masks because each routing update includes the mask. VLSM knowledge is required to pass this exam.
Many people refer to VLSM as the process of subnetting a subnet. Hierarchical addressing ties directly to VLSM, and it works very much like a phone number, whereas each number isn't maintained by each phone switch. VLSM allows network designers to make better use of the available address space and not waste! With varying subnet mask lengths, VLSM is one of the often recommended solutions to address depletion. Finally, route summarization is the last component required to minimize the depletion of IP addresses and is a means to have a single IP address represent a collection of IP addresses. The result of these methods and technologies is to minimize the size of routing tables, thereby reducing protocol traffic passed throughout the internetwork by the routers.
OSPF is a link-state routing protocol and uses areas to determine route update exchange. OSPF supports VLSM and is an open standard, interior gateway protocol. A router's OSPF routing table is generated by running the Dijkstra algorithm against the router's link-state database, which is built by exchanging LSAs (Link State Announcements) with other OSPF routers in the same area. OSPF supports Broadcast Multiaccess (Ethernet), Point-to-point (T1), and Nonbroadcast (Frame Relay) topologies.
Tip: OSPF routers generate Hello packets sent out all interfaces periodically using IP multicast IP address 224.0.0.5.
In an OSPF, Broadcast Multiaccess (Ethernet) topology, DR (Designated Router) and BDRs (Backup Designated Router) are chosen.
Tip: OSPF routers use a priority value and/or the highest router ID (which is the highest IP configured on an interface) to determine the DR and BDR for each network segment.
To configure a router with OSPF in an OSPF area in a Broadcast Multiaccess (Ethernet) topology, you would use the commands: router ospf process-id, network address wildcard-mask area area-id statements. For OSPF routers in a Nonbroadcast (Frame Relay) topology, you need to use one more command: neighbor ip-address.
OSPF LSAs are another important topic. You first need to understand OSPF Internal, Backbone, ABR (Area Border Router) and ASBR (Autonomous System Boundary Routers). I highly recommend you read the OSPF Design Guide available here. Be sure to study the LSA types, which OSPF routers generate each type, and create a system to recall each type with its name: such as LSA type 7; NSSA (Not-so-stubby area).
Tip: An OSPF virtual link can be used when an area doesn't have a physical connection to the backbone area.
EIGRP supports many of the same technologies OSPF does, such as VLSM, no limitation of network reachability, better use of network bandwidth for routing updates, plus the support for multiple protocols IP, IPX and Appletalk. EIGRP is much more sophisticated than Cisco's IGRP and has no real limitations except that it is Cisco proprietary and may not be supported by other vendor's routers. It's often referred to as a hybrid routing protocol since it uses the metrics of hop count much like distance vector, and those seen in pure link-state routing protocols, neighbor and topology tables.
Tip: EIGRP uses IP multicast address 224.0.0.10 for updates.
ISIS shares many similarities with OSPF and BGP. However, ISIS doesn't have a backbone area 0 like OSPF. The ISIS backbone is a contiguous collection of Level 2-capable routers, each of which can be in a different area. An ISIS routing domain is similar to a BGP autonomous system. A routing domain is a collection of areas under an administration that implements routing policies within the domain. A two-level hierarchy is used to support large ISIS routing domains. A large domain may be administratively divided into areas. Each system resides in exactly one area. Routing within an area is referred to as Level 1 routing. Routing between areas is referred to as Level 2 routing. A Level 2 Intermediate System (IS) router keeps track of the paths to destination areas. A Level 1 IS router keeps track of the routing within its own area. When a packet is destined for another area, a Level 1 IS router sends the packet to the nearest Level 2 IS router in its own area, regardless of where the destination area is. The packet then travels via Level 2 routers to the destination area, where it may travel via Level 1 routers to the destination.
For many, the BGP (Border Gateway Protocol) routing protocol has provided one of the greatest challenges in understanding with its breadth and depth of capability and configuration. BGP is used to connect large networks that make up the backbone of the Internet by the use of AS (Autonomous Systems). Each BGP design engineer must apply for his or her own. The BGP AS numbers range from 1 to 65536 and the range between 64512 and 65535 are reserved for private use. BGP's uses are specific. Unless you have good understanding of BGP, multiple connections to the Internet or plenty of bandwidth, it's recommended that you use the ip route prefix mask address/interface distance command to create static routes. BGP uses much of the same terminology as found in OSPF -- such as internal routing and neighbors or peers. BGP peers can be internal in an AS or located in two different autonomous systems; this is referred to as EBGP (External BGP). Policy-based routing in BGP allows for definitions of data flow and the exchange of BGP routes by autonomously controlled BGP systems, such as by each service provider of the Internet.
There are two types of BGP attributes used when configuring a network: well known and optional. Of these, there are the values: AS-path mandatory, next-hop mandatory, local preference, and the optional MED and community. The AS-path attribute is used to identify the source of route updates and gets prepended to the route, much like a passport would show your travels. The next-hop attribute defines the neighbor responsible for the received update. The local preference attribute provides a preferred path to exit the AS. The MED or metric attribute is exchanged between autonomous systems and indicates the preferred path into the AS.
For the exam, basic BGP configuration knowledge and experience is a must. For more information on OSPF, EIGRP, ISIS, and BGP, I refer you to my review of the Cisco BSCI 640-901 exam here.
Cisco wants to be sure its certified professionals can configure the above routing protocols to interoperate with each other. There are many reasons to redistribute route updates from one routing protocol to another: migration from IGRP to EIGRP, integrating a RIP and OSPF network, and enabling non-Cisco and Cisco routers to use a common routing protocol. There are the considerations to be aware of when redistributing, such as routing feedback or loops, incompatible routing information and inconsistent convergence times. Some of the solutions include Seed Metric and modification of the Administrative distance values. You can configure redistribution between RIP for IP and OSPF since they both use the IP protocol stack. Redistribution between IGRP and EIGRP occurs automatically. Configuration is performed with the command redistribute protocol process-id metric metric-type route-map subnets tag. The passive-interface command can also be used here to prevent updates from exiting an interface but still allow that interface to listen for updates. Finally, the ip default-network command specifies the outside world when different major network numbers are in place.
Tip: Hands-on experience configuring NAT (Network Address Translation) is highly recommended for all CCNPs and CCDPs. Be sure to read the configuration guide found here and practice, practice, practice!
Preparation Recommendations
When deciding which study guides will fully prepare you for the new Composite exam 642-891 exam, keep in mind that the exam objectives are really the same when you combine the Building Scalable Cisco Internetworks (BSCI) and Building Cisco Managed Switched Networks (BCMSN) exams together. You should also have (at a minimum) three Cisco 2500 series routers and one 2950 switch in your lab. On the actual exam, Cisco uses a router simulator developed by the Cisco Networking Academy program.
Final Thoughts
Remember, if you feel overwhelmed by the thought of taking this exam, you can stick with the separate BSCI and BCMSN exams for CCNP. If you choose that, I recommend you take the most common path (since much of the information builds upon previous study) by passing the exams in this order: Routing, Switching, Remote Access and Troubleshooting. Whatever path you choose, good luck and happy studying! 
Andy Barkl, CCNP, CCDP, CISSP, MCT, MCSE:Security, MCSA:Security, A+, CTT+, i-Net+, Network+, Security+, Server+, CNA, has over 19 years of experience in the IT field. He's the owner of MCT & Associates LLC, a technical training and consulting firm in Phoenix, Arizona. He spends much of his time in the classroom but has also been responsible for many Microsoft Windows 2000, Exchange 2000, and Cisco networking deployments for many clients across Arizona. He's also the online editor for MCPMag.com, TCPMag.com, CertCities.com, and a contributing author and editor for Sybex and Cisco Press. He hosts a multitude of exam preparation chats monthly on MCPmag.com, TCPmag.com and CertCities.com. You can reach him at .
More articles by Andy Barkl:
|
