Cisco SDWAN Questions Flashcards
What is the Cisco SD-WAN solution?
Software-defined wide area network is the separation of the control plane and forwarding planes.
What are the key benefits offered by Cisco SD-WAN?
Transport independent.
Secure Connectivity: IPSEC & (TLS/DTLS)
The separation of the control and forwarding planes.
LAN Segmentation.
Onboard to cloud Apps.
Cloud Connectivity.
WAN Analytics.
What are vSmart controllers?
The vSmart is the Control plane of SDWAN. Pushes global policies via OMP (TLS/DTLS) to the edge routers. It can be deployed on-prem, cloud, or Cisco-cloud hosted.
What are vBond orchestrators?
The vBond is the Orchestration Plane of SDWAN. First point of authentication (white-list model) for the edge routers. Distributes the list of vSmarts/ vManage to all vEdge routers after authorization is done. Maintains a Complete chassis number & S/N Token database.
What is Cisco vManage?
The Cisco vManage manages the entire solution. You can log in on the Cisco vManage dashboard to manage and centrally control the WAN. Configures routers via Local policies using NETCONF. You can create and push templates from vManage.
What are the elements of Viptela SD-WAN?
vManage: The Network management (GUI) plane. A central dashboard for management and configuration.
vSmart: The Control plane. pushes global policies via OMP (TLS/DTLS) to the edge routers.
vBond: The Orchestration Plane. First point of authentication (white-list model). Distributes the list of vSmarts/ vManage to all vEdge routers.
vEdge/cEdge: The WAN edge routers. Establishes secure control plane with vSmart controllers (OMP).
OMP: Overlay routing enables the distribution of routing information across all sites within a VPN.
What is site-id?
Is a Unique per-site number assigned to identify branches and is used in the policy application. Needed for a bootstrap configuration.
What is a Virtual Private Network (VPN) within SDWAN?
In the SD-WAN overlay, Virtual Private Networks (VPNs) provide segmentation, just like Virtual Routing and Forwarding instances (VRFs) . Each VPN is distinct from the others and has its forwarding table.
- VPN 0: This is the transport VPN. It has interfaces to connect to WAN transports. Secure DTLS/TLS connections to vSmart between vSmart or vBond.
- VPN 512: It is the management VPN. It is responsible for carrying the out-of-band management traffic to and from the Cisco SD-WAN devices.
What are the specifications to be met for ZTP?
- The transport VPN interface is configured by default as DHCP for ZTP.
- In vManage, it is necessary to have an appropriate device configuration template for the vEdge router.
- The system IP address & site ID must be configured on the edge router.
Familiarity and hands-on experience with Cisco (Viptela) SD-WAN?
- Created a home lab with ESXi and vEdge images and CSR1000v to practice SDWAN.
- Designed and roll-out SDWAN to a trucking company with 130 locations in the US and Mexico.
- Rolled out SDWAN at a financial institution with 160 branches in the US.
What are the Cisco SD-WAN controllers?
vManage, vSmart and vBond.
What is your experience with deploying the SD-WAN controllers?
Deployed on-prem and on the AWS cloud.
Name the main (overlay) protocol used in Cisco SD-WAN?
OMP/Overlay Management Protocol
What are VPN 0 and VPN 512 used for?
- VPN 0: This is the transport VPN. It has interfaces to connect to WAN transports. Secure DTLS/TLS connections to vSmart between vSmart or vBond.
- VPN 512: It is the management VPN. It is responsible for carrying the out-of-band management traffic to and from the Cisco SD-WAN devices.
What is the default overlay topology type without any configuration?
Full-mesh
