Cisco SDA Flashcards
Cisco SDA
cisco software defined access
controller- cisco dnac
cisco dnac
cisco dna center. controller for cisco sda
overlay
dnac: mechanisms to create vxlan tunnels between sda switches
underlay
dnac: network of devices and connections (cable and wireless) to provide IP connectivity to all nodes in the fabric, with goal to support dynamic discovery of all SDA devices and endpoints as part of process to create vxlan tunnels
fabric
overlay+underlay
fabric edge node
connects to endpoints
fabric border node
switch that connects to devices outside sda’s control
fabric control node
performs special ctrl plane functions for underlay (LISP) requiring more CPU and memory
routed access layer
- switches l2 or l3?
- routing protocol?
- links l2 or l3?
- stp/rstp?
- DG for endpoints?
- hsrp/fhrp?
all switches L3 all switches use IS-IS all links L3 no dg is sda edge node for endpoints no
VXLAN tunneling performed in…
ASIC
LISP map server
stores info about how to reach endpoints learned from fabric edge nodes
DNAC southbound APIs:
- support trad devices
- support new devices
- telnet, ssh, snmp
2. netconf, restconf
SDA scalable group access- steps 1. 2. 3. 4.
- ingress node to DNAC
- DNAC works with security tools in network like Cisco ISE (identity services engine) to ID users and match to SGTs (scalable group tag)
- DNAC checks logic
- permit- creat vxlan tunnel. deny- no tunnel
VXLAN header
- IP 2. UDP 3. SGT-source 4. SGT-dest 5. VNID- source 6. VNID- dest 7. original ethernet frame –>
CPI features- trad network mgmt
- interface?
- build map?
- how many networks?
- interfaces?
- device management timeframe?
- view apps?
- wired and wireless mgmt?
- software mgmt?
- add devices?
- single-pane-of-glass
- discovery, inventory, topology map
- whole enterprise
- snmp, ssh, telnet, cdp, lldp
- lifecycle mgmt for all devices
- app visibility
- converged wired and wireless mgmt
- software image mgmt (swim)
- plug-and-play
