On May the 17th I passed the CCDE practical in Madrid and became Swedens 2nd CCDE, CCDE #20160011. This post describes my journey to passing the CCDE practical in my 1st attempt and the materials that I used to do so.
Let me start by saying that this is a tough exam, a very tough exam. You need to be an expert in RS and SP technologies and there is no instant feedback in the exam, like you would get in the CCIE lab. In the CCIE lab you will see you are missing routes or if your output does not match the output the lab guidelines told you to match. In the CCDE practical there will be very few questions that you are 100% sure that you got the optimal answer. Design is a more subjective skill than implementation. I had several moments where I felt that I could just as well leave because there was no chance I was going to pass the lab. You need to be mentally strong to put those thoughts aside and just keep performing your best throughout the whole exam. You might be doing a lot better than you think.
The first section will focus on mandatory books to read for the CCDE practical. Only reading these books or even reading all of the material I am referencing here will not make you a CCDE. You need to have the depth of knowledge within these technologies but this list will help you get started with the most essential resources.
CCDE Study Guide
When I started studying for the practical, there was no book that summarized the knowledge needed to attempt the practical. Marwan Al-shawi wrote this excellent book which is an essential read for the CCDE practical. This book teaches business requirements, technical constraints, network design principles and the most important technology that is included in the CCDE program. Don’t rush through this book, you must understand the concepts and you will probably end up reading it multiple times.
Optimal Routing Design
This book written by Russ White, Alvaro Retana and Don Slice is the bible of routing design. This book is over 10 years old but the principles still apply. This book will teach you about fault domains, modularization, aggregation of topology information, summarization of prefix information. When we aggregate routes we have a more optimized forwarding table but what are we giving up? There’s always a tradeoff! If we summarize we may have suboptimal routing, sometimes also called stretch. There is also the risk of summarization black holes. This book is a must read to understand how to design networks using different routing protocols such as EIGRP, OSPF and ISIS.
Definitive MPLS Network Designs
This book in my opinion is the book that has the most resemblance to the CCDE practical. This book takes you through different fictious scenarios which are based on the experiences of the authors. As the scenario develops they will explain why a technology was chosen and what the impact is to the design. It goes through a lot of technologies such as IGP, BGP, MPLS, MPLS-TE, Inter-AS and so on. It’s quite a heavy book but an essential read for the CCDE practical. It is useful to use this book and discuss the scenarios with other people preparing for the CCDE practical.
The Art of Network Architecture: Business-Driven Design
This is another book by Russ White and the co author Denise Donohue. This book focuses on the business side of network architecture but also explains a lot of important concepts such as mean time to repair (MTTR), redundancy vs resilience and the OODA loop. This book explains different topologies such as fully meshed, rings, CLOS and so on.
The next session focuses on Cisco Live presentations. This is actually one of the most valuable resources and almost all of the content is 100% free!
Cisco Live Sessions
BRKRST-2337 – Intermediate – OSPF Deployment in Modern Networks
This session is a good complement to Optimal Routing Design. It has some of the more modern concepts such as prefix suppression, LFA, rLFA, BFD and goes through routing design for OSPF in different topologies such as fully meshed and hub and spoke. It also has a lot of information on using OSPF as PE-to-CE protocol in MPLS VPN networks. You must be very knowledgable in what kind of topology changes trigger SPF runs, the different area types and how the number of areas affect the scalability of an ABR. When we use stub areas we get less routes to the routers in the stub area but what do we give up? Once again, optimal routing. Does our business require optimal routing though? That’s where you have to map the requirements of the business to the technical design that you will use.
BRKRST-2338 – Intermediate – ISIS Deployment in Modern Networks
This session on ISIS is also a must read to complement the Optimal Routing Design book. It starts out by comparing ISIS to OSPF and then demonstrates some best practices for ISIS. The session goes through different designs and shows how a L1 router may use suboptimal routing because it will only have a default route to the L1L2 router unless routes are leaked. It also show the concept of multi topology and single topology. The session shows important concepts in achieving fast convergence and important concepts such as LDP IGP sync and LDP session protection.
BRKRST-3321 – Advanced – Scaling BGP
This session on scaling BGP starts out by comparing confederations to route reflectors. It then explains the concepts of hierarcy within route reflection and route reflector clusters. It has a useful chart for comparing confederations to route reflection. It shows best path selection when RR is used and how more paths can be sent by using technologies such as Add Path, Shadow RR and shadow session. It also shows how hot potato routing can be done when using route reflectors. It also shows different scaling options such as carving RT’s between route reflectors and using route target constraint (RTC). It also demonstrates the concept of running Internet in a VRF and different MPLS label assignment modes such as per CE or per VRF as opposed to the default of per prefix.
BRKRST-3363 – Routed Fast Convergence
This session is all about fast convergence and shows the four steps that are involved in converging, detecting, notifying, calculating and installing new routes. The session shows that failure detection via interrupt based mechanisms is generally much faster than doing polling. It shows how interrupt based signalling may not always work if there are other devices between two routers as an example. It compares fast hello’s to BFD and shows how different IGP’s can be tuned to achieve fast convergence.
LTRCCDE-3006 – Advanced – CCDE Lab
This is actually a debrief session for a paid CCDE lab available at Cisco Live. I highly recommend that you take the CCDE techtorial and labtorial if you are serious about this cert and are going to Cisco Live. This session is still useful even if you didn’t take the lab though. It demonstrates different type of questions that you will face during the lab and it also does a debrief of the scenario Best Buddy. You can still learn from this even if you didn’t take the lab. I reviewed this session a few days before taking the practical and I started finding things I weren’t fully agreeing with in the slides. This is a good sign that you are getting prepared for the practical. This session shows the concept of branching questions which are very important for the practical.
BRKCRT-8001 – CCDE: The Cisco Certified Design Expert (Session 1)
This session explains what the CCDE is and why you should get involved in network design, it’s just not about plumbing! This session also shows different technologies that are expected to be on the practical. Then the session goes through a fictious scenario called LISP and shows how you will receive documents and e-mails and examples of different type of questions. This session is very useful to get a feel for what the CCDE practical is like. If you watch the video, there is a part 2 to this session that is called BRKCRT-8002 – CCDE: The Cisco Certified Design Expert (Session 2).
These are the sessions that MUST watch/read but I have probably gone through 50-100 sessions in total on different topics such as DMVPN, GETVPN, FW design, WAN design, DC design and so on.
There are mainly two prominent CCDE trainers out there, Jeremy Filliben and Orhan Ergun. They are both very talented and strong instructors and I would recommend that you get material from at least one of them if not both.
I used CCDE scenarios from Jeremy in my preparation for the practical. As far as I know, Jeremy has the most scenarios and each scenario is a different platform that revolves around different concepts such as a merger or divestiture, adding technology etc. The scenarios which are delivered in PDF format simulates the exam experience by giving you initial information and then communicating new information through e-mails. It has different type of questions such as multiple choice, single answer, charts, diagrams and so on.
Jeremy also delivers bootcamps, I attended such a bootcamp roughly a month before the practical. This was a great experience to learn from someone who is already a CCDE. I learned a lot about how to approach the exam and how to think when you are answering questions for the practical. I was already fully prepared from a technology standpoint when I took the bootcamp. You should not take this bootcamp expecting Jeremy to teach you all the technical content. No bootcamp can do that in only one week of training.
If you are interested in Jeremy’s training, visis his web site here.
Orhan is also producing content for the CCDE. His offering is called the Designworld where he offers different materials such as CCDE scenarios, CCDE videos and comparison charts between different technologies. I think that Orhan’s charts are very good and a key to getting prepared for the CCDE practical. The technology videos are good to refresh your knowledge on different technologies and to see how an experienced designer approaches different technologies such as first hop routing protocols (FHRP’s) or IGP’s, BGP etc.
Orhan also offers bootcamps and personal coaching sessions. He delivers bootcamps both online and onsite. The next bootcamp is delivered in August. One of my friends, Martin Duggan, just passed the CCDE practical in London and he had been receiving training from Orhan.
If you are interested in joining Designworld, go to Orhan’s site here.
Blogs can be another important resource in getting prepared for the CCDE practical. I recommend the following excellent blog posts by Diptanshu Singh which were posted to the Packet Pushers blog.
These posts are very good to understand what MPLS-TE is, what a tactical deployment is and what a strategic deployment is. It discusses how you can scale MPLS-TE and different FRR methods. This is the best writing I have seen on MPLS-TE outside of the books. Make sure you understand the content from these blogs.
This post describes the concept of accumulated IGP (AIGP) metric which can be used to carry an IGP metric across BGP domains. This is used to optimize routing between different ASNs since normally MED is used and that is not representative of the total end to end path cost. For this reason AIGP is better than MED in achieving optimal routing.
These two posts introduces the concept of LFA and how micro loops can be formed. It’s a bit heavy on the math side which is not very important for the CCDE but the concepts are important. You should understand what IP FRR is, when to use it and why micro loops are formed and what can be done to prevent it.
These posts are very important in understanding BGP RR design. They will show the challenges of BGP RR such as increased convergence time, suboptimal routing and reduced path diversity. Routing loops can also exist in a RR design if the physical topology is not congruent with the logical topology. It also shows how BGP RR can be combined with fully mesh to achieve a reasonable scale and more optimal routing than a full RR design.
I have also done a lot of post for the CCDE. In my opinion writing is one of the most efficient ways to learn something at a deeper level than simply reading. I recommend you read the following posts that I have put a considerable effort into to summarize information from books, Cisco Live sessions and real life.
This blog is about CSC which is a concept where a backbone carrier can efficiently carry routes of a customer carrier.
Inter-AS VPNs is an important concept for connecting VPNs between two different ASNs of the same organization or to connect two different organizations together. This technology can be important in mergers where there needs to be a temporay setup between the ASNs until one side can get integrated into the other.
BGP confederation is an alternative to using BGP RR although the two technologies can be combined as well. BGP confederations can be use when there are different groups of people responsible for different parts of the network but they still belong to the same organization.
This post describes the important considerations for BGP convergence. The main concept is to have a fast converging IGP. It goes through bgp next hop tracking (NHT) and different timers such as the minimum route advertisement interval (MRAI).
DMVPN is a Cisco proprietary technology but it is still something you need to study for the practical. This post talks about some ways to scale the DMVPN by using a dual tier topology where the mGRE control plane is handled by one router and the crypto control plane by another router.
GETVPN is another Cisco proprietary technology which is a tunnel less VPN built over private WAN. This post is a good summary of Cisco Live presentations and the GETVPN design guide.
This post explains different WAN rates such as T1, E1, DS3, OC-192 etc. In the practical you might get the BW in clear writing but I still recommend you learn these basic rates by heart.
MPLS primary one-hop tunnels is a way of scaling MPLS-TE networks and achieving FRR for both MPLS-TE LSPs and LSPs signalled by LDP as well as plain IP traffic. One-hop tunnels are tunnels that are one hop and built between adjacent routers.
Security is not as big a part of the practical as RS and SP technologies but you still need some understanding of it. You need to understand where to place security devices along choke points and concepts such as a routed firewall vs a transparent firewall. Where is it most optimal to place an IPS? What is the difference between an IPS and an IDS?
This post on load balancing describes different load balancing designs such as one-armed and direct server return (DSR). Load balancing is not a big topic for the CCDE but I recommend that you learn the basics.
These two posts describe PIM BiDir which is normally used in many to many multicast deployments such as in the financial vertical. What is the role of the RP in PIM BiDir? How is RP redundancy achieved? These posts teach these concepts.
This is an interview I did with the CCDE program manager, Elaine Lopes. It explains why you should go for the CCDE and what study resources are available for the CCDE.
IPv6 multicast is probably not a key technology for the CCDE but you should be familiar of the concepts which I have summarized in this blog post.
In the road to deploying IPv6, what transition technologies can we use in the mean time? What is 6RD? What is 6PE? What can we deploy when we have moved to IPv6 but need to maintain IPv4 connectivity? Those concepts are explained in this post.
What is bisectional bandwidth? Why does STP waste bandwidth? How can anycast HSRP achieve more efficient forwarding and utilization of links in a leaf and spine topology? Learn about this in this blog post.
QoS is a very important topic in the CCDE. This blog post is basically a summary of the End to End QoS Design book. What are the characteristics of different type of applications such as voice and video? How should we mark traffic? How much bandwidth should be set aside for the LLQ? This post is important to understand QoS for the CCDE practical.
There are some more posts available but I recommend that you start with these. To reach all of the posts I’ve done for the CCDE, you can follow this link.
CCDE Slack Study Group
I and my friend Kim Pedersen started a CCDE study group in Slack. In my opinion it was one of the key factors that made me pass this exam in my first attempt. We discussed different technologies and designs and the group consists of a lot of different subject matter experts. We have experts in a wide range of technologies. The CCDE is very difficult to achieve on your own which is possible when studying for the CCIE.
Cisco Validated Designs
Cisco has a program called Cisco validated designs (CVD) where different architectures such as Campus design are explained and what the best practices are in such environments. I recommend that you read through at least the following CVD’s.
I studied for this exam for about two years. There are no shortcuts. You need to be an expert in RS and SP technologies and you need a basic understanding of DC and Security design as well. Reading all the material in this blog post will not make you a CCDE but it provides you with the foundation of the knowledge that you need for the exam. By putting this in a blog post I hope to help the CCDE candidates out there to a more efficient study path.