Cisco SDN

Question 1

Four Workflows of DNA

Answer 1

1. Design
2. Policy
3. Provision
4. Assurance

Question 2

Two Models of Underlay

Answer 2

1. Manual Underlay - configured and managed manually via CLI or API rather than thru Cisco DNA
2. Automated Underlay - Configured and managed by Cisco DNA Center LAN Automation Feature

Question 2

3 Basic Planes of Operation in SD-Access fabric

Answer 2

1. Control Plane - based on Locator/ID Separation Protocol (LISP)
2. Data Plane - based on VXLAN
3. Policy Plane - based on Cisco TrustSec

Question 3

5 Basic Role in the fabric overlay

Answer 3

1. Control Plane node - contains the settings to provide endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay
2. Fabric border node - this fabric device connects external Layer 3 network to the SDA fabric
3. Fabric Edge node - conneced wired endpoints to the SDA fabric
4. Fabric WLAN controller - connect wireless and AP to the SDA Fabric
5. Intermediate Nodes - these are intermediate routers or extended switches that do not provide any SDA fabric roles other than underlay services

Question 3

Provide onboarding and mobility services for wired users and devices (including AP and WLC) connected to the fabric

Answer 3

Fabric Edge Nodes

Question 4

is a LISP map server/resolver (MS/MR) with enhanced functions for SD-Acccess such as fabric wireless and SGT mapping

Answer 4

Fabric Control Plane node

Question 5

are LISP proxy tunnel routers (PxTRs) that connect external Layer 3 network to the SD-Access fabric and translate reachability and policy information, such as VRF and SGT information

Answer 5

Fabric Border nodes

Question 6

3 Types of border nodes

Answer 6

1. Internal border - connects only to the known areas of the org
2. Default border - connects only to unknown areas outside org
3. Interna+Default border - connects transits areas as well known areas of the company

Question 7

connects APs and wireless endpoints to the SD-Acces fabric

Answer 7

Fabric Wireless Controller (WLC)

Question 8

SD-Access fabric concepts

Answer 8

1. Virual Network (VN) - provide virtualization at device level using VRF
2. Host Pool - group of endpoints assigned to an IP Pool subnet in the SDA-Access fabric
3. Scalable group - group of endpoints with similar policies
4. Anycast gateway - provides a pervasive L3 default gateway where the same SVI is provisione on every edge node

Question 9

Provides all of the management subsystem for the management layer and this is all provided by Cisco DNA centre and CISCO ISE

Answer 9

Controller layer

Question 10

3 Main Controller subsystems

Answer 10

1. Cisco Network Control Platform (NCP) - directly integrated into Cisco DNA that provides all the underlay and fabric automation and orchestration. uses NETCONF/YANG
2. Cisco Network Data Platform (NDP) - is a data collection and analytics and assurance subystem that is integrated directly into Cisco DNA Centre. (Netflow - SPAN)
3. Cisco Identity Services Engine (ISE) provide all the identity and policy services for the physical layer and network layer

Question 11

the user interface/user experience (UI/UX) layer where all the information from the other layers is presented to the user in the form of a centralized management

Answer 11

Management layer

Question 12

Cisco SD-WAN solution 4 main components

Answer 12

vManage Network Management System (NMS) - single pane of glass (GUI) for managing the SD-WAN solutions

vSmart Controller - brain of the solutions

vBond Orchestrator - authenticates and orchestrates connectivity between SD-WAN routers and vSmart controllers

vAnalytics - optional analytics and assurance service

Question 13

SD-WAN routers options available

Answer 13

vEdge - original viptela platforms running Viptela software

cEdge - Viptela software integratred with Cisco IOS-XE. supported on CSR, ISR

Question 14

Two types of hypervisor

Answer 14

1. Type 1 - hypervisor runs directly on the system hardware
2. Type 2 - hypervisor requires a host OS

Question 15

Is an isolated environment where containerized applications run

Answer 15

container

Question 16

is a software based layer 2 switch that operates like a physical Ethernet switch

Answer 16

vSwitch

Question 17

Is a architectural framework created by the European Telecomnunications Standards Institute (ESTI) that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in soft-ware on standard x86 servers

Answer 17

Network Functions Virtualization (NFV)

Question 18

Allows VNFs to have direct access to Physical PCI devices which appear and behave as if they were physically attached to VNF

Answer 18

PCI Passthrough

Question 19

is an enhancement to PCI passthrough that allows multiple VNFs to share the same pNIC.

Answer 19

SR-IOV

Question 20

Cisco solution based on the ETSI NFV architectural framework. reduces operational complexity of enterprise branch environments by running the required networking functions as network virtual functions (VNF) on standard x86 hosts.

Answer 20

Cisco Enterprise Network Functions Virtualization (ENFV)

Question 21

Cisco ENFV Solution Architecture 4 Components

Answer 21

1. Management and Orchestration (MANO)
2. VNFs
3. Network Functions Virtualization Infrastructure software (NFVIS) - operating system the provides virtualisation capabilities
4. Hardware resource

Question 22

API - often used to communicate from a network controller to its management software

Answer 22

Northbound API

Question 23

If a network operators makes a change to a switch configuration management software of the controller, those changes are pushed down to the individuals via this API

Answer 23

Southbound API

Question 24

This API use HTTP methods to gather and manipulate data

Answer 24

Representation State Transfer (REST) APIs

Question 25

HTTP Function and uses cases

Answer 25

1. GET - request data
2. POST - submit data
3. PUT - replaces data (updating)
4. Patch - appends data (adding)
5. Delete

Question 26

CRUD Functions

Answer 26

Create
Read
Update
Delete

Question 27

HTTP Status codes

Answer 27

200 - OK
201 - Created
400 - Bad Request
401 - Unauthorised
403 - Forbidden
404 - Not Found

Question 28

Cisco IOS Tool that allows engineer to build software applet that can automate many tasks.

Answer 28

Embedded Event Manager (EEM)

Question 29

Robust configuration management and automation tool.

Answer 29

Puppet

Question 30

Open source configuration management tool that is designed to automate configurations and operations of a network and server environment

Answer 30

Chef

Question 31

Another configuration management tool. build in python

Answer 31

SaltStack

Question 32

Automation tool that is capable of automating cloud provisioning, deployment of applications, and configuration management. Agentless tool and opensource

Answer 32

Ansible

Question 33

Allows you to leverage the power of Puppet without having to install a puppet master or puppet agents on devices and nodes. Connect using SSH or WinRM

Answer 33

Puppet Bolt

Question 34

Saltstatck offer this option that allow user to run Salt Commands without having to install a minion on the remote device or node

Answer 34

Salt SSH

Question 35

IETF standard protocol that uses YANG Data models to communicate with various devices on the network. Runs vers SSH,TLS
RFC 4741 and 6241

Answer 35

NETCONF

Question 36

NETCONF Operations

Answer 36

<get>
<get-config>
<edit-config>
<copy-config>
<delete-config>
</delete-config></copy-config></edit-config></get-config></get>

Question 37

RFC 8040, used programmatically interface with data defined in YANG models while also using the datastore concept defined in NETCONF.

Answer 37

RESTCONF