20 - Network Automation Flashcards
Describe the data plane and list some of it’s tasks.
Data plane is also known as the forwarding plane.
It performs tasks that network devices use to forward a message. Anything to do with receiving, processing, and forwarding data.
- De-encapsulating and re-encapsulating.
- Adding or removing 802.1Q header.
- Matching Ethernet frames, destination mac to the mac addy table.
- Encryption
- NAT.
- ACL’s
Describe the control plane and list some of it’s tasks.
The Control plane holds what the data plane needs to know beforehand so that it can work properly.
- Creating tables
- ARP
- Mac addy - Adds removes and changes entries.
- NDP & STP
Describe the management plane and list some of it’s tasks.
In computer networking, the management plane of a networking device is the element of a system that configures, monitors, and provides management, monitoring and configuration services to, all layers of the network stack and other parts of the system. It should be distinguished from the control plane, which is primarily concerned with routing table and forwarding information base computation.
Does not directly impact the data plane like the control plane. Responsible for:
- Telnet
- SSH
What does ASIC stand for and what is it?
Application Specific Integrated Circuit.
ASIC is a chip built for a specific purpose example message processing.
What is an API?
An API - Application Programming Interface is a computing interface that defines interactions between multiple software intermediaries. It defines the kinds of calls or requests that can be made, how to make them, the data formats that should be used, the conventions to follow, etc.
What is an SBI?
SBI - South Bound Interface - An interface between a program (the controller) and a program on the networking device that lets both communicate.
- Allows the controller to program the data plane forwarding tables of the network device.
- SBI’s
- Open Flow
- Open Flex
- CLI & SNMP used w/Cisco APIC EM
- CLI (Telnet/SSH) SNMP NET CONF w Cisco SDA
Information that programs will need to gather from and about a network.
1- List of devices on the network. 2- Capabilities of each. 3- Interface ports on device 4- Current stat of each port. 5- Topology. 6- Device config. IP, VLANS etc
What is REST and what does it stand for?
Representational State Transfer - REST
- Type of API that allows apps to sit on different hosts using http messages to transfer data.
Cisco’s Openflow
Controller along with an IP based SBI between the controller and the network devices.
Sswitches must be used to support open flow.
Open Daylight followed Openflow.
What does ACI stand for?
Application Centric Infrastructure.
What does IBN stand for?
Intent Based Networking.
What is an APIC controller?
Application Policy Infrastructure Controller - APIC
- The controller that creates application policies for the data center infrastructure.
- Network Engineers no longer needs to connect to each individual switch to configure CLI commands
APIC-EM
Application Policy Infrastructure Controller Enterprise Model.
- Offers ent SDN using old switches.
- Dosen’t program data or control planes.
- It interacts with the management plane via Telnet, SSH & SNMP
- It can directly impact the data and control plane.
What replaced APIC-EM
Cisco DNA Center
What is the importance and purpose of the Overlay?
The overlay creates VXLAN tunnels between SDA switches.
Transports traffic from one fabric end point to another over the fabric.
What is the importance and purpose of the Underlay?
The Underlay consists of Network devices and connections, cables and wires.
- The goal is to support the dynamic discover of all sda devices and endpoints. As a part of the process to create overlay vxlan.
What type of device is a fabric edge node?
Switch - Fabric Edge Nodes - A Fabric device
(e.g. Access or Distribution) that connects
Wired Endpoints to the SDA Fabric
• Responsible for Identifying and Authenticating
Endpoints (e.g. Static, 802.1X, Active Directory)
• Register specific Endpoint ID info (e.g. /32 or /128)
with the Control-Plane Node(s)
• Provide an Anycast L3 Gateway for the connected
Endpoints (same IP address on all Edge nodes)
• Performs encapsulation / de-encapsulation of data
traffic to and from all connected Endpoints
What is a fabric border node?
A Fabric device(e.g. Core) that connects External L3
network(s) to the SDA Fabric
Border Node is an Entry & Exit point for data traffic going Into & Out of a Fabric
There are 3 Types of Border Node!
• Rest of Company/Internal Border Used for
“Known” Routes inside your company
• Outside World/External Border Used for
“Unknown” Routes outside your company
• Anywhere/External + Internal Border Used
for “Known” and “UnKnown” Routes for your company
What is a fabric WLC?
Fabric Wireless Controller - A Fabric device
(WLC) that connects APs and Wireless
Endpoints to the SDA Fabric
What is Cisco’s DNA Assurance?
Cisco DNA Assurance - Data Collectors
(e.g. NDP) analyze Endpoint to App flows
and monitor fabric status
Fabric Control Node?
A switch that performs special control plane functions for the underlay.
Describe the Greenfield SDA deployment?
- Layer 3 switches with routing enabled.
- Can be configured by DNA Center.
- ISIS routing protocol.
- STP RSTP HSRP FHRP not needed
What does VXLAN stand for.
Virtual Extensible LAN.
List some tasks of the Fabric Edge nodes?
- Learns the location of possible endpoints using traditional means based on mac addys and by subnet.
- Connect to the edge fo the fabric.
- Registers the fact that the node can reach a given endpoint.
LISP map
Locator ID separation protocol.
- 2 separate IP addys.
- One to indicate routing locators RLOCs for routing traffic through the global internet.
- Two For EIDs endpoint ID’s used to identifynetwork sessions between devices.
EID
End point Identifiers.
RLOC
Routing Locators.
List two roles of the DNA Center.
1- Controller that uses Cisco DNA
2- Network mgmt platform for traditional non-sda network devices.
It’s the software application installed on Ciscos DNA appliance
Southbound APIs that DNA Center supports.
- Protocols to support traditional network devices Telnet, SNMP, SSH.
- Protocols to support more recent network devices/software versions.
- NetCONF
- RESTCONF
Functions that DNA Center supports.
DNA Center supports:
- SDA
- Plug and Play
- GUI - single pane of glass.
- Supports entire enterprise - LAN WAN & data center.
- Converged wired and wireless
DNA Center Includes:
DNA Center Includes:
- Easy QOS
- Encrypted Traffic Analysis
- Uses algorithm to recognize security threats even in encrypted traffic - Device and client 360 view of health of device.
- Network time travel that shows past performances.
- Path trace - Discovers actual paths packets will take from source to destination based on current forwarding tables.
List characteristics of REST based API’s.
- Client/Server architecture
- Stateless operation
- Clear statement of cacheable/uncacheable.
- Uniform interface.
- Layered
- Code on demand.
Stateless meaning?
Stateless - Does not record or use information about one API exchange for the purpose of how subsequent API exchanges are processed.
What is a Variable?
A variable is a name or label that has an assigned value.
List and array belong to which Java or Python?
List - Python
Array - Java
What is a dictionary?
A dictionary is a series of paired items.
What does CRUD stand for?
Create - Create new instances of variables and data structures.
Read - Allows clients to retrieve current value of variables.
Update - Allows clients to change/update.
Delete - Allows clients to delete instances.
Why does http work best with REST?
HTTP works better with REST because http has verbs that match the common program actions in the CRUD paradigm.
CRUD REST Create Post Read Get Update Patch/Put Delete Delete
Describe all parts of the following:
https://dnac.exam.com/dna/intent/vi
https: - Protocol //dnac.exam.com - Hostname/addy /dna/intent/vi - Path/Resource
T/F - Data sterilization languages provides a translation of variables over languages
True
Data modeling language
What do the following stand for: JSON HTML XML YAML
JSON - Java Script Objection Notation
HTML - Hypertext Markup Language
XML - eXtensible Markup Language www and REST API
YAML - Yaml ain’t Markup Language - Ansible
In Json ever “:” identifies what?
In Json ever “:” identifies a key value pair.
Key before the colon and value after the colon.
Finish the statement: JSON arrays are similar to Python ________
JSON arrays are similar to Python lists
{ } stands for?
{ } - Object: A series of key value pairs enclosed in a matched of curly brackets.
[ ] stands for?
[ ] - Array - A series of values key:value pairs enclosed in a matched pair of square brackets.
What does Version Control allow?
Version Control allows you to see:
- when config changes were made
- who made them
- what was changed
What are the three main configuration management tools?
Ansible - Puppet - Chef
What is Configuration provisioning?
Configuration provisioning: How to provision/deploy changes to the config.
Primary function of the config. mgmt tool.
Ansible uses what kind of prog. language for templates?
jinja 2
What language does ansible use for calls for defining variable files?
YAML
What does Ansible Playbook do?
Ansible Playbook provides logic as to what ansible should do.
What does Ansible Inventory do?
Ansible Inventory keeps a log of device hostnames along with information about each device ex. roles
What does Ansible Templates do?
Jinja 2 represents device config but with variables
What is Ansible Variable?
Using YAML lists variables that ansible will substitute into templates.
What is agentless architecture?
Agentless architecture doesnt’ rely on any code runnin on the network device.
Relies on SSH or NETCONF to make changes or extract information.
Ansible uses which model, push or pull?
Ansible uses the push model. It fits more with config provisioning.
What platforms does ansible work on?
Mac, Linux, Linux VM, Windows.
You would install Puppet on what kind of host?
Linux host.
What is Puppet manifest?
Human readable text file used to define disired configuration/state of device.
What is Puppet Resource/Class/Module?
Components of Manifest
- Module - largest - composed of resources.
Provide information about Puppet templates.
Puppet domain specific language that allows puppet to generate manifests and modules, classes and resources by substituting variables in the template.
T/F - Puppet works well with all cisco devices.
False
T/F - puppet uses the push model and it declares the end state a device should have?
True
How does CHEF run?
CHEF runs as server with multiple chef workstations. Or it runs in stand alone mode called chef 0.
What is CHEF resource?
Contains configuration objects who’s state is managed by chef.
What is CHEF Recipe?
Chef Logic applied to resources to determine when, how and whether to act against the resources.
What is CHEF Cookbook?
Set of recipes about the same kinds of work grouped together for easier mgmt and sharing.
What is Chef Runlist?
An ordered list of recipes that should be run against a given device.
Chef uses archetecture similar to which configuration management tool?
Puppet.
T/F - Chef works on cisco devices.
False
