Ccie Written Study Guide - All in One CCIE Routing and Switching

2014-2016 Copyright CCIEin8Weeks.com.
**REDISTRIBUTION PROHIBITED**
All-in-One CCIE Data Center V2.0

400-151 Written Exam Cert Guide
August 24, 2016
Sa
pl
ui
d
(Fully Revised Edition for V2.0 Exam)
2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**
Contents at a Glance
Part 1 Cisco Data Center L2/L3 Technologies
Chapter 1: Design Implement and Troubleshoot Complex Layer 2 Technologies
Chapter 3: Design, Implement and Troubleshoot External Fabric Connectivity
Part 2 Cisco Data Center Network Services
Chapter 4: Design, Implement and Troubleshoot Service Insertion and Redirection
Chapter 5: Design, Implement and Troubleshoot network services
ui
d
Part 3 Data Center Storage Networking and Compute

Chapter 6: Configure and Troubleshoot Data Center Storage Protocols
Chapter 7: Design, Implement and Troubleshoot Data Center Storage Networking Features
Chapter 8: Implement and Troubleshoot Compute resources
Chapter 9: Design, Implement and Troubleshoot Data Center Compute Connectivity
Chapter 10: Design, Implement and Troubleshoot Virtual and Physical End Point Connectivity
pl
Part 4 Data Center Automation and Orchestration

Chapter 11: Implement and Troubleshoot Data Center Automation
Chapter 12: Implement and Troubleshoot Data Center Orchestration Tools
Chapter 13: Integrate Cisco Cloud offerings into existing Data Center infrastructure
Sa
Part 5 Data Center Fabric Infrastructure

Chapter 14: Design, Implement and Troubleshoot policy and non-policy driven Internal Fabric
Connectivity
Chapter 15: Design, Implement and Troubleshoot Infrastructure policies and elements
Part 6 Evolving Technologies
Chapter 16: Cloud
Chapter 17: Network Programmability (SDN)
Chapter 18: Internet of Things (IoT)
Table of Contents
Table of Contents
Preface .......................................................................................................................................................................................... 18
What this study guide covers .............................................................................................................................................. 18
How to use this study guide ................................................................................................................................................. 18
What's available on the CCIEin8Weeks website ......................................................................................................... 18
Sa
pl
ui
d
Part 1 Cisco Data Center L2/L3 Technologies ......................................................................... 20

Chapter 1: Cisco Data Center Architecture, Products, Unified I/O and Platform Selection .................... 22
Design, Implement and Troubleshoot Highly Available and redundant topologies for example vPC 22
NX-OS Version Requirement for vPC ................................................................................................................................ 23
NX-OS License Requirement for vPC ................................................................................................................................ 24
Components of vPC .................................................................................................................................................................. 24
vPC Peer Link ............................................................................................................................................................................. 27
vPC Peer-Keepalive .................................................................................................................................................................. 28
vPC Ports, and Orphaned Ports .......................................................................................................................................... 29
Traffic Flows ............................................................................................................................................................................... 29
Dual-Control Plane with Single Layer 2 Node Behavior ......................................................................................... 30
Link Aggregation Group Identifier ................................................................................................................................... 30
Dual-Control Plane with Single Layer 2 Node Behavior ......................................................................................... 31
Link Aggregation Group Identifier ................................................................................................................................... 31
System ID in a vPC System .................................................................................................................................................... 32
Primary and Secondary vPC Roles .................................................................................................................................... 32
Spanning Tree ........................................................................................................................................................................... 33
Cisco Fabric Services over Ethernet Synchronization Protocol ........................................................................... 34
vPC Configuration Changes When the Peer Link Fails ............................................................................................ 34
vPC Reload Restore .................................................................................................................................................................. 38
vPC Configuration Consistency .......................................................................................................................................... 38
vPC Consistency Check ........................................................................................................................................................... 39
vPC Configuration Synchronization ................................................................................................................................. 40
Duplicate Frames Prevention in vPC ............................................................................................................................... 40
vPC and Object Tracking ....................................................................................................................................................... 43
In-Service Software Upgrade and vPC ............................................................................................................................ 43
Interactions Between vPC and Routing .......................................................................................................................... 44
HSRP Gateway Considerations ........................................................................................................................................... 44
HSRP Configuration and Best Practices for vPC ......................................................................................................... 44
ARP Synchronization .............................................................................................................................................................. 45
Peer Gateway ............................................................................................................................................................................. 45
Layer 3 Link Between vPC Peers ....................................................................................................................................... 46
Layer 3 Link to the Core ........................................................................................................................................................ 48
Sa
pl
ui
d
IGMP Snooping and vPC ........................................................................................................................................................ 49

Multicast Traffic Forwarding with vPC .......................................................................................................................... 50
Protocol Independent Multicast and vPC ...................................................................................................................... 50
vPC with Fabric Extender Active-Active Design ......................................................................................................... 51
vPC Configuration Best Practices ...................................................................................................................................... 53
vPC Domain Configuration .................................................................................................................................................. 53
vPC Role and Priority ............................................................................................................................................................. 53
Reload Restore ........................................................................................................................................................................... 53
Peer Gateway ............................................................................................................................................................................. 54
vPC Peer Link ............................................................................................................................................................................. 54
vPC Peer Keepalive .................................................................................................................................................................. 54
vPC Ports ...................................................................................................................................................................................... 55
LACP ............................................................................................................................................................................................... 56
vPC Deployment Scenarios ................................................................................................................................................... 57
Best Practices for Attaching a Device to vPC Domain ............................................................................................. 61
How to Attach Devices to a vPC Domain ........................................................................................................................ 61
Access Device Dual-Attached to vPC Domain .............................................................................................................. 63
Single-Sided vPC with 16-Way Port-Channel .............................................................................................................. 63
Double-Sided vPC with 32-Way Port-Channel ............................................................................................................ 64
Double-Sided vPC Sample Configuration: ..................................................................................................................... 65
Access Device Single-Attached to vPC Domain ............................................................................................................ 71
Access Device STP-Attached to vPC Domain ................................................................................................................ 73
vPC Failure Scenarios ............................................................................................................................................................. 74
vPC Member Port Failure ..................................................................................................................................................... 74
vPC Complete Dual-Active Failure (Double Failure) ................................................................................................ 74
vPC Peer-Link Failure ............................................................................................................................................................. 75
vPC Peer-Keepalive Failure .................................................................................................................................................. 75
Examples ...................................................................................................................................................................................... 75
Troubleshooting Virtual Port Channel Issues .............................................................................................................. 78
Unable to configure vPC ................................................................................................................................................... 78
vPC in blocking state ........................................................................................................................................................... 78
vPC domain ids ....................................................................................................................................................................... 79
Connectivity issues ................................................................................................................................................................... 81
Peer-link issues .......................................................................................................................................................................... 84
vPC Consistency parameter issues .................................................................................................................................... 88
Design, Implement and Troubleshoot Highly Available and redundant topologies for example
FabricPath ................................................................................................................................................................................... 90
Cisco FabricPath Benefits ..................................................................................................................................................... 90
FabricPath Technology Overview ..................................................................................................................................... 91
Spine and Edge .......................................................................................................................................................................... 91
Design Considerations for the Edge and Access Layer ............................................................................................ 92
FabricPath VLANs ................................................................................................................................................................. 92
MAC Learning at the Access Layer ................................................................................................................................... 92
Sa
pl
ui
d
Learning the HSRP MAC Address ...................................................................................................................................... 93

Direct Connectivity between Edge Switches ................................................................................................................ 93
vPC+ at the Edge ....................................................................................................................................................................... 94
FabricPath Convergence Times ......................................................................................................................................... 95
Design, Implement and Troubleshoot Highly Available and redundant topologies for example STP 95
Rules of Operation ................................................................................................................................................................... 96
Spanning Tree Protocol Failure ......................................................................................................................................... 97
Design, Implement and Troubleshoot Data Center Layer 2 overlays for example VXLAN, OTV, EVPN
.......................................................................................................................................................................................................... 97
Configuring a Layer 2 VXLAN Gateway on a Cisco Nexus 5600 ........................................................................ 101
Cisco Nexus 5600 Deployment Scenarios .................................................................................................................... 102
Cisco Nexus 5600 as a Layer 3 VXLAN Gateway ....................................................................................................... 103
Hypervisor-Originated VXLAN ......................................................................................................................................... 103
Underlay Requirements for VXLAN ................................................................................................................................ 104
VXLAN Designs ........................................................................................................................................................................ 104
Centralized Gateway with Inter-VXLAN Routing in the Core/Aggregation ................................................. 104
Single and Dual Attached Physical Machines to Hardware VTEPs .................................................................. 105
Single and Dual Attached Virtual Machines to Hardware VTEPs .................................................................... 105
Single and Dual Attached Physical Machines to FEX ............................................................................................. 106
Single and Dual Attached Virtual Machines to FEX ................................................................................................ 106
Single and Dual Attached (Distributed Gateway) Hypervisor-Originated VXLAN to the Top of Rack
(ToR) ............................................................................................................................................................................................ 106
Single Attached Hypervisor-Originated VXLAN to FEX ......................................................................................... 107
Hypervisor-Originated VXLAN with no VTEPs on Physical Switches .............................................................. 108
Bud-Node VTEP ....................................................................................................................................................................... 109
VXLAN and Virtual PortChannel (vPC) ......................................................................................................................... 110
Overlay Interfaces .................................................................................................................................................................. 112
MAC Address Learning ......................................................................................................................................................... 112
Multicast Group Addresses and IGMP Snooping ....................................................................................................... 113
High Availability and ISSU ................................................................................................................................................. 113
Virtualization Support ......................................................................................................................................................... 114
Guidelines and Limitations for OTV ............................................................................................................................... 114
MP-BGP EVPN Control Plane Overview ........................................................................................................................ 115
Software and Hardware Support for the MP-BGP EVPN Control Plane ........................................................ 116
IP Transport Devices Running MP-BGP EVPN ........................................................................................................... 116
VTEPs Running MP-BGP EVPN ......................................................................................................................................... 116
Inter-VXLAN Routing ............................................................................................................................................................ 116
Multitenancy in MP-BGP EVPN ........................................................................................................................................ 117
MP-BGP EVPN NLRI and L2VPN EVPN Address Family ........................................................................................ 117
Integrated Routing and Bridging with the MP-BGP EVPN Control Plane .................................................... 119
Local-Host Learning ............................................................................................................................................................. 119
EVPN Route Advertisement and Remote-Host Learning ...................................................................................... 120
MP-BGP EVPN VTEP Configuration ............................................................................................................................... 120
Sa
pl
ui
d
Design, Implement and Troubleshoot Network management protocols for example PTP, NTP, DNS,
DHCP ............................................................................................................................................................................................ 125
PTP Overview ........................................................................................................................................................................ 125
PTP Device Types .............................................................................................................................................................. 126
Configuration Steps ............................................................................................................................................................... 126
Name Servers ........................................................................................................................................................................... 128
DHCP Relay Agent ............................................................................................................................................................. 129
Design, Implement and Troubleshoot Traffic management for example queuing, policing, shaping
........................................................................................................................................................................................................ 129
Configuring Queuing and Scheduling ........................................................................................................................... 130
Configuring Color-Aware Policing .............................................................................................................................. 131
Design, Implement and Troubleshoot layer 2 security features for example port security, MACsec,
ACL, private vlans .................................................................................................................................................................. 131
Port Security and Port Types ............................................................................................................................................ 131
Virtualization Support ......................................................................................................................................................... 132
Cisco TrustSec and Authentication ................................................................................................................................ 132
SGACLs and SGTs .................................................................................................................................................................... 133
Exam Essentials ...................................................................................................................................................................... 136
Further Reading ..................................................................................................................................................................... 137
Chapter 2: Design Implement and Troubleshoot Complex Layer 3 Technologies ..................................... 139
Design, Implement and Troubleshoot Routing Protocols and features for example OSPF, ISIS, MBGP,
IBGP, PBR, BFD ........................................................................................................................................................................ 139
LSA types (1, 2, 3, 4, 5, 7, 9) ................................................................................................................................................ 139
Table below summarizes various LSA types and their description .................................................................. 139
Table below, shows various OSPF network types and traffic that are allowed .......................................... 140
Route types (N1, N2, E1, E2) ............................................................................................................................................. 140
Implement and troubleshoot neighbor relationship .............................................................................................. 141
Enabling OSPFv2 .................................................................................................................................................................... 144
Describe basic ISIS network .............................................................................................................................................. 145
Enabling IS-IS .......................................................................................................................................................................... 146
Creating an IS-IS Instance .................................................................................................................................................. 146
BGP Autonomous Systems ........................................................................................................................................... 147
4-Byte AS Number Support ........................................................................................................................................... 147
Administrative Distance ................................................................................................................................................... 147
BGP Peers ............................................................................................................................................................................... 148
BGP Sessions ....................................................................................................................................................................... 148
BGP Router Identifier ........................................................................................................................................................ 148
BGP Path Selection ........................................................................................................................................................... 148
BGP and the Unicast RIB ............................................................................................................................................... 149
Sa
pl
ui
d
BGP Prefix Independent Convergence Core ...................................................................................................... 149

BGP Virtualization ............................................................................................................................................................... 149
Multiprotocol BGP ................................................................................................................................................................. 149
Enabling BGP ........................................................................................................................................................................ 150
Configuration Steps ............................................................................................................................................................ 150
Creating a BGP Instance ..................................................................................................................................................... 150
Policy-Based Routing (PBR) .............................................................................................................................................. 150
Policy Route Maps .............................................................................................................................................................. 151
Enabling the Policy-Based Routing Feature .............................................................................................................. 151
Configuring a Route Policy ................................................................................................................................................ 152
BFD ............................................................................................................................................................................................... 152
Asynchronous Mode .......................................................................................................................................................... 152
BFD Detection of Failures .............................................................................................................................................. 152
BFD Echo Function ............................................................................................................................................................ 153
Enabling the BFD Feature .............................................................................................................................................. 153
Configuring Global BFD Parameters ....................................................................................................................... 153
Further Reading ..................................................................................................................................................................... 153
Design, Implement and Troubleshoot Layer 3 Overlay Protocols for example OTV, LISP ..................... 154
Table below shows the OTV entities/roles and their description ..................................................................... 155
Control Plane Considerations ....................................................................................................................................... 155
Multicast Enabled Transport Infrastructure .......................................................................................................... 156
OTV Neighbor Discovery ..................................................................................................................................................... 156
Unicast-Only Transport Infrastructure (Adjacency-Server Mode) .................................................................. 157
OTV Scalability Considerations ........................................................................................................................................ 158
OTV Deployment Options .................................................................................................................................................... 158
OTV in the DC Core ................................................................................................................................................................ 158
Layer 2-Layer 3 Boundary at Aggregation ................................................................................................................. 158
Layer 2-Layer 3 Boundary at the Core ......................................................................................................................... 158
OTV at the DC Aggregation ............................................................................................................................................... 159
OTV in Point-to-Point Deployments ............................................................................................................................... 159
Deploying OTV at the DC Aggregation ......................................................................................................................... 159
Further Reading ..................................................................................................................................................................... 159
LISP .............................................................................................................................................................................................. 159
LISP Message Definitions .................................................................................................................................................... 160
User Data ................................................................................................................................................................................... 161
Control Messages .................................................................................................................................................................... 161
EID-to-RLOC Mapping Database ..................................................................................................................................... 161
Connecting the Databases Together .............................................................................................................................. 162
Database Lookup Procedures ........................................................................................................................................... 162
EID-to-RLOC Mapping Database ..................................................................................................................................... 162
Summary of LISP Network Element Functions ......................................................................................................... 163
Ingress Tunnel Router .......................................................................................................................................................... 163
Sa
pl
ui
d
Egress Tunnel Router ........................................................................................................................................................... 164

Map-Request message .......................................................................................................................................................... 164
Map Server ................................................................................................................................................................................ 164
Map Resolver ............................................................................................................................................................................ 164
ALT Router ................................................................................................................................................................................ 165
Proxy Ingress Tunnel Router ............................................................................................................................................. 165
Proxy Egress Tunnel Router .............................................................................................................................................. 165
Applicability and Use Cases ............................................................................................................................................... 165
Further Reading ..................................................................................................................................................................... 166
Design, Implement and Troubleshoot Multicast protocols for example PIM, IGMP, RP, BSR ............... 166
PIM Dense Mode (PIM-DM) .......................................................................................................................................... 166
PIM Sparse Mode (PIM-SM) ......................................................................................................................................... 167
Bidirectional PIM (Bidir-PIM) ......................................................................................................................................... 167
IGMP ............................................................................................................................................................................................. 167
Table below shows IGMPv2 intervals and their default values ......................................................................... 169
Further Reading ..................................................................................................................................................................... 170
IGMP Snooping ........................................................................................................................................................................ 170
IGMP Querier ............................................................................................................................................................................ 171
Further Reading ..................................................................................................................................................................... 171
IGMP Filter ................................................................................................................................................................................ 171
Further Reading ..................................................................................................................................................................... 172
IGMP proxy ................................................................................................................................................................................ 172
Further Reading ..................................................................................................................................................................... 172
Rendezvous Point (RP) ........................................................................................................................................................ 172
BSR ............................................................................................................................................................................................... 173
Design, Implement and Troubleshoot layer 3 security features for example CoPP, ACL's, DAI, IP
Source Guard ............................................................................................................................................................................ 174
ACLs .............................................................................................................................................................................................. 174
ACL Types and Applications .............................................................................................................................................. 175
Dynamic ARP Inspection (DAI) ........................................................................................................................................ 175
Source Guard ............................................................................................................................................................................ 176
Further Reading ..................................................................................................................................................................... 176
Design, Implement and Troubleshoot Monitoring services for example Netflow ...................................... 176
Netflow v5, v9 .......................................................................................................................................................................... 176
Table below describes various NetFlow versions and their description ........................................................ 177
Further Reading ..................................................................................................................................................................... 178
Nx-OS Features ........................................................................................................................................................................ 178
Configuration Guidelines .................................................................................................................................................... 178
Configuration Examples ...................................................................................................................................................... 178
Exam Essentials ...................................................................................................................................................................... 180
Chapter 3: Design, Implement and Troubleshoot External Fabric Connectivity ........................................ 182
Design, Implement and Troubleshoot policy driven External Fabric Connectivity for example L2/L3
connectivity .............................................................................................................................................................................. 182
10
Configuring a BGP Layer 3 Outside Network Connection .................................................................................... 182

Configuring BGP External Routed Network Using the NX-OS Style CLI ........................................... 184
Configuring a Tenant Layer 3 Outside Network Connection .............................................................................. 184
Shared Services Contracts Usage .................................................................................................................................... 187
Shared Layer 3 Out ................................................................................................................................................................ 188
ACI Transit Routing ............................................................................................................................................................... 188
Transit Routing Overview ............................................................................................................................................... 188
Route Distribution Within the ACI Fabric ................................................................................................................... 189
External Layer 3 Outside Connection Types ............................................................................................................... 190
Further Reading ..................................................................................................................................................................... 190
ACI Virtual Port Channel Workflow ............................................................................................................................... 191
Configure the Virtual Port Channel ................................................................................................................................ 191
Configure the Application Profile .................................................................................................................................... 191
Networking Domains ............................................................................................................................................................ 191
Attachable Entity Profile .................................................................................................................................................... 192
Exam Essentials ...................................................................................................................................................................... 193
ui
d
Part 2 Cisco Data Center Network Services .......................................................................... 194

Chapter 4: Design, Implement and Troubleshoot Service Insertion and Redirection .............................. 196
Sa
pl
Design, Implement and Troubleshoot Service Insertion and Redirection for example LB, vPATH, ITD,
RISE .............................................................................................................................................................................................. 196
Topology and Design Principles ...................................................................................................................................... 197
Connecting Endpoint Groups with a Service Graph ................................................................................................ 197
Extension to Virtualized Servers ..................................................................................................................................... 197
Management Model .............................................................................................................................................................. 198
Service Graphs, Functions, and Rendering .................................................................................................................. 198
Hardware and Software Support .................................................................................................................................... 199
Service Graph Definition ..................................................................................................................................................... 199
Concrete Devices and Logical Devices .......................................................................................................................... 201
Logical Device Selector (or Context) ............................................................................................................................. 202
Splitting Bridge Domains ................................................................................................................................................... 202
Further Reading ..................................................................................................................................................................... 203
Cisco vPath ................................................................................................................................................................................ 204
Cisco vPath Service Chaining Architecture ................................................................................................................. 205
vPath Service Chaining Architecture Components .................................................................................................. 205
Management Plane ............................................................................................................................................................... 205
Control Plane ........................................................................................................................................................................... 205
Virtual Service Nodes (VSN) .............................................................................................................................................. 206
Service Data Plane ................................................................................................................................................................. 206
vPath Service Chaining Example 1 with VSG and ASA ........................................................................................... 206
Cisco vPath Service Chaining Features ......................................................................................................................... 208
Dynamic Service Provisioning .......................................................................................................................................... 208
Multitenancy ............................................................................................................................................................................ 208
11
Sa
pl
ui
d
Administrative Boundaries ................................................................................................................................................ 208

Mobility ....................................................................................................................................................................................... 208
VXLAN ......................................................................................................................................................................................... 209
Enabling vPath Service Chaining in the Virtual Data Center ............................................................................. 209
Cisco Nexus 1000V Series Infrastructure ..................................................................................................................... 209
Service Chaining Components .......................................................................................................................................... 209
Cisco ASA .................................................................................................................................................................................... 210
Further Reading ..................................................................................................................................................................... 210
Cisco ITD .................................................................................................................................................................................... 210
Intelligent Traffic ................................................................................................................................................................... 211
High Scalability ....................................................................................................................................................................... 211
Operational Simplicity ......................................................................................................................................................... 211
Investment Protection .......................................................................................................................................................... 211
Deployment Modes ................................................................................................................................................................ 212
One-Arm Deployment Mode .............................................................................................................................................. 212
One-Arm Deployment Mode with VPC .......................................................................................................................... 212
Sandwich Deployment Mode ............................................................................................................................................. 212
Server Load-Balancing Deployment Mode ........................................................................................................... 212
Configuring Cisco RISE in a Direct Mode Deployment ........................................................................................... 212
Configuring RISE in an Indirect Mode Deployment ................................................................................................ 215
Configuring RISE on the Cisco Nexus Switch ............................................................................................................. 215
Configuring RISE in vPC Mode (Recommended Deployment Mode) ............................................................... 218
Configuring RISE in a vPC Direct Mode Deployment .................................................................................... 218
Configuring RISE in a vPC Indirect Mode Deployment ................................................................................. 218
Route Health Injection ......................................................................................................................................................... 218
Intelligent Service Card Manager ................................................................................................................................... 219
Intelligent Service Card Client .......................................................................................................................................... 219
Universal Routing Information Base ............................................................................................................................. 219
Exam Essentials ...................................................................................................................................................................... 219
Further Reading ..................................................................................................................................................................... 220
Chapter 5: Design, Implement and Troubleshoot network services ................................................................ 222
Design, Implement and Troubleshoot network services for example policy driven L4-L7 services ... 222
Further Reading ..................................................................................................................................................................... 223
Exam Essentials ...................................................................................................................................................................... 224
Chapter 6: Configure and Troubleshoot Data Center Storage Protocols ...................................................... 227
Describe, Configure and Troubleshoot infrastructure to support Block Storage Protocols for example
FC, FCoE, iSCSI, DCB .............................................................................................................................................................. 227
Describe SCSI standards and protocols ........................................................................................................................ 228
Describe iSCSI standards and protocols ....................................................................................................................... 229
SCSI initiator ............................................................................................................................................................................ 229
SCSI target ................................................................................................................................................................................. 230
SCSI Flow Statistics ............................................................................................................................................................... 230
Describe iSCSI and its features ......................................................................................................................................... 231
12
Sa
pl
ui
d
Initiator Presentation Modes ............................................................................................................................................ 232

Transparent Initiator Mode .............................................................................................................................................. 232
Proxy Initiator Mode ............................................................................................................................................................. 232
iSCSI Routing Modes ............................................................................................................................................................. 232
iSCSI Immediate Data and Unsolicited Data Features .......................................................................................... 233
iSCSI Interface Advanced Features ................................................................................................................................. 234
Parallel SCSI ............................................................................................................................................................................. 234
SCSI-1 .......................................................................................................................................................................................... 234
SCSI-2 .......................................................................................................................................................................................... 234
Fibre Channel over Ethernet Overview ......................................................................................................................... 235
Design and implement data center bridging protocol and lossless Ethernet .............................................. 235
Lossless Ethernet .................................................................................................................................................................... 235
Logical Link Up/Down ......................................................................................................................................................... 236
Converged Network Adapters ........................................................................................................................................... 236
FCoE Topologies ..................................................................................................................................................................... 236
Directly Connected CNA Topology .................................................................................................................................. 237
Remotely Connected CNA Topology ............................................................................................................................... 237
Configuring FCoE ................................................................................................................................................................... 238
Enabling FCoE ......................................................................................................................................................................... 238
Disabling LAN Traffic on an FCoE Link ........................................................................................................................ 238
Configuring the FC-Map ...................................................................................................................................................... 238
Configure and Troubleshoot infrastructure to support File Storage Protocols for example NFS, CIFS
........................................................................................................................................................................................................ 239
Further Reading ..................................................................................................................................................................... 241
Exam Essentials ...................................................................................................................................................................... 241
Chapter 7: Design, Implement and Troubleshoot Data Center Storage Networking Features ........... 243
Design, Implement and Troubleshoot Data Center Storage Networking Features for example zoning,
multihop technologies .......................................................................................................................................................... 243
Design basic and enhanced zoning ................................................................................................................................ 243
Describe multihop FCoE ...................................................................................................................................................... 243
Design Consideration for Multihop FCoE with Edge-Core-Edge Design ........................................................ 245
Access Layer and SAN Edge Fabric ................................................................................................................................ 245
Aggregation Layer and SAN Core Fabric ..................................................................................................................... 245
Storage Edge Fabric ............................................................................................................................................................. 246
Further Reading ..................................................................................................................................................................... 246
Exam Essentials ...................................................................................................................................................................... 246
Chapter 8: Implement and Troubleshoot Compute resources ............................................................................ 248
Implement and Troubleshoot Compute policies and pools for example SAN/LAN policies, boot
policies, profiles ...................................................................................................................................................................... 248
Storage Policies for Multiple VM Disks ......................................................................................................................... 248
13
Sa
pl
ui
d
Adding and Configuring a Storage Policy ................................................................................................................... 248

Virtual Storage Catalogs ................................................................................................................................................. 250
Network Policies ..................................................................................................................................................................... 251
Adding a Static IP Pool Policy ........................................................................................................................................... 251
Adding a Network Policy .................................................................................................................................................... 252
Networking Provisioning Policies ................................................................................................................................... 254
Boot Policy ................................................................................................................................................................................ 254
Creating a Boot Policy ......................................................................................................................................................... 255
Further Reading ..................................................................................................................................................................... 255
Service profile Overview ...................................................................................................................................................... 256
Service profile types .............................................................................................................................................................. 256
Analyze and Troubleshoot Compute resources using tools such as UCS Central, UCSM ......................... 257
Faults ........................................................................................................................................................................................... 258
Events .......................................................................................................................................................................................... 258
Audit Log .................................................................................................................................................................................... 258
System Event Log ................................................................................................................................................................... 259
Syslog ........................................................................................................................................................................................... 259
Technical Support Files ....................................................................................................................................................... 259
Troubleshooting Compute Resources with UCS Central ....................................................................................... 260
Further Reading ..................................................................................................................................................................... 260
Exam Essentials ...................................................................................................................................................................... 260
UUID duplication across two service profiles can take place if a duplicate UUID has not
yet been allocated as part of a pool however it is assigned statically .................................................. 260
................................................................................................................................................................................................... 261
Chapter 9: Design, Implement and Troubleshoot Data Center Compute Connectivity ........................... 262
Design, Implement and Troubleshoot Data Center Compute Connectivity for example SAN/LAN
uplinks, rack server integration, fabric ports, appliance ports .......................................................................... 262
Direct Connect Mode ............................................................................................................................................................. 263
Management Connection Policy and Connection Mode ........................................................................................ 263
Why Appliance Port VLANs Should be Allowed on Uplinks ................................................................................. 264
Definition of a Unified Storage Port ............................................................................................................................... 264
When to Use Trunk or Access Mode ............................................................................................................................... 265
Situations to Avoid ................................................................................................................................................................ 265
Appliance Port Failover ....................................................................................................................................................... 265
Network Uplink Failure ....................................................................................................................................................... 265
Appliance Port Troubleshooting ..................................................................................................................................... 265
Further Reading ..................................................................................................................................................................... 267
Exam Essentials ...................................................................................................................................................................... 267
Chapter 10: Design, Implement and Troubleshoot Virtual and Physical End Point Connectivity ...... 269
Design, Implement and Troubleshoot Virtual and Physical End Point Connectivity ............................... 269
Cisco UCS 6100 Series Fabric Interconnects .............................................................................................................. 270
Gigabit Ethernet connectivity ........................................................................................................................................... 271
Cisco UCS Cluster .................................................................................................................................................................... 271
14
Sa
pl
ui
d
Ethernet Switching Mode ................................................................................................................................................... 271

Switch Mode ............................................................................................................................................................................. 272
End-Host Mode ........................................................................................................................................................................ 272
Further Reading ..................................................................................................................................................................... 273
Chapter 11: Implement and Troubleshoot Data Center Automation ............................................................. 276
Implement and Troubleshoot Data Center Automation using methods such as REST API
implemented by scripting languages including Python ........................................................................................ 276
Infrastructure Provisioning and Operations .............................................................................................................. 277
Development and Operations Models and Continuous Integration ................................................................. 277
Monitoring and Advanced Analytics .............................................................................................................................. 278
Standard Network Manageability Features ............................................................................................................... 278
Advanced Automation Features ...................................................................................................................................... 279
Extensible Messaging and Presence Protocol Support .......................................................................................... 279
OpenStack Integration ......................................................................................................................................................... 280
OpenDayLight Integration and OpenFlow Support ................................................................................................ 280
Comprehensive Programmability Support ................................................................................................................. 281
Cisco NX-API Support ........................................................................................................................................................... 281
Python Scripting ..................................................................................................................................................................... 281
Cisco onePK ............................................................................................................................................................................... 283
Further Reading ..................................................................................................................................................................... 284
Chapter 12: Implement and Troubleshoot Data Center Orchestration Tools ............................................. 286
Implement and Troubleshoot Data Center Orchestration using Tools such as UCSD, UCS Central, CPO
........................................................................................................................................................................................................ 286
Cisco UCS Director Orchestrator ..................................................................................................................................... 286
Tasks ............................................................................................................................................................................................ 286
Workflows ................................................................................................................................................................................. 287
Service Requests ..................................................................................................................................................................... 287
Approvals ................................................................................................................................................................................... 287
Rollback ...................................................................................................................................................................................... 288
Further Reading ..................................................................................................................................................................... 288
Cisco Process Orchestrator ................................................................................................................................................ 288
Cisco Process Orchestrator Features That Support Service-Oriented Orchestration .............................. 290
Target Types ............................................................................................................................................................................ 291
Inheritance ................................................................................................................................................................................ 291
Target Properties ................................................................................................................................................................... 291
Target Relationships ............................................................................................................................................................ 292
Target Operations Views .................................................................................................................................................... 292
Interobject Messaging and Policy Provided by Events for a Target Type ..................................................... 292
Automatic and Consistent API Support ........................................................................................................................ 293
Automation Packs .................................................................................................................................................................. 294
TOSCA and Cisco Process Orchestrator Comparison .............................................................................................. 294
Further Reading ..................................................................................................................................................................... 296
Chapter 13: Integrate Cisco Cloud offerings into existing Data Center infrastructure ........................... 298
15
Sa
pl
ui
d
Describe and Integrate Cisco Cloud technologies into existing Data Center infrastructure using
solutions such as Cisco ONE Enterprise cloud Suite ................................................................................................ 298
Benefits of Cisco ONE Data Center for Compute ....................................................................................................... 298
Table below shows Features and Capabilities of Cisco ONE for Data Center Compute .......................... 300
Further Reading ..................................................................................................................................................................... 302
Chapter 14: Design, Implement and Troubleshoot policy and non-policy driven Internal Fabric
Connectivity .............................................................................................................................................................................. 304
Design, Implement and Troubleshoot policy and non-policy driven Internal Fabric connectivity for
example ECMP, ISIS, inband mgmt, VXLAN ................................................................................................................ 304
Policy Identification and Enforcement ......................................................................................................................... 304
Encapsulation Normalization .......................................................................................................................................... 305
Extension to Virtualized Servers and VLAN and VxLAN Normalization ....................................................... 306
Routed Design with VxLAN Overlays ............................................................................................................................. 306
Load Balancing ....................................................................................................................................................................... 307
Configuring Static In-Band Management Access Using the NX-OS Style CLI .............................................. 308
Further Reading ..................................................................................................................................................................... 308
Chapter 15: Design, Implement and Troubleshoot Infrastructure policies and elements ..................... 311
Design, Implement and Troubleshoot policy driven Infrastructure for example interface policies,
MGMT policies ......................................................................................................................................................................... 311
Pre Provision Interface Policy Groups ........................................................................................................................... 312
The Cisco ACI Policy Management Information Model ......................................................................................... 313
Tenants ....................................................................................................................................................................................... 315
Contexts ...................................................................................................................................................................................... 315
Application Profiles ............................................................................................................................................................... 315
Endpoint Groups ..................................................................................................................................................................... 315
Microsegmentation ............................................................................................................................................................... 316
Intra-EPG Endpoint Isolation ........................................................................................................................................... 317
Contracts .................................................................................................................................................................................... 317
Labels, Filters, and Subjects Govern EPG Communications ................................................................................. 317
What vzAny Is .......................................................................................................................................................................... 317
Default Policies ........................................................................................................................................................................ 317
Further Reading ..................................................................................................................................................................... 318
Configure and Troubleshoot physical infrastructure components for example controllers, switches
........................................................................................................................................................................................................ 318
Setting up the APIC ................................................................................................................................................................ 318
Accessing the CLI .................................................................................................................................................................... 320
Switch Discovery with the APIC ....................................................................................................................................... 321
Switch Discovery Validation and Switch Management from the APIC ........................................................... 321
Validating the Fabric Topology ....................................................................................................................................... 321
Unmanaged Switch Connectivity in VM Management ........................................................................................... 321
Registering the Unregistered Switches Using the CLI ............................................................................................ 321
Creating User Accounts ....................................................................................................................................................... 322
Configuring a Local User .................................................................................................................................................... 322
16
Configuring a Remote User ................................................................................................................................................ 322

Adding Management Access .............................................................................................................................................. 322
Management Connectivity Modes ................................................................................................................................... 323
Attach Entity Profiles ........................................................................................................................................................... 323
Deploying an Application Policy ...................................................................................................................................... 324
Three-Tier Application Deployment .............................................................................................................................. 324
Further Reading ..................................................................................................................................................................... 325
Analyze and Troubleshoot logical infrastructure elements using health indicators ............................... 325
Viewing a Health Score Using the NX-OS-Style CLI ................................................................................................. 327
Viewing a Health Score Using the iShell ...................................................................................................................... 327
Understanding Faults ........................................................................................................................................................... 327
How Health Scores Are Calculated ................................................................................................................................. 328
Using Health Scores for Proactive Monitoring .......................................................................................................... 328
Using Health Scores for Reactive Monitoring ............................................................................................................ 329
Further Reading ..................................................................................................................................................................... 329
Sa
pl
ui
d
Part 6 Evolving Technologies ............................................................................................... 330

Chapter 16: Cloud .................................................................................................................................................................. 332
Compare and Contrast Cloud Deployment Models .................................................................................................. 332
Private Cloud ............................................................................................................................................................................ 332
Community Cloud ................................................................................................................................................................... 333
Public Cloud .............................................................................................................................................................................. 333
Hybrid Cloud ............................................................................................................................................................................. 333
Infrastructure, Platform, and Software Services (XaaS) ...................................................................................... 334
Performance and Reliability ............................................................................................................................................. 335
Security and Privacy ............................................................................................................................................................. 336
Scalability and Interoperability ....................................................................................................................................... 338
Describe Cloud implementations and Operations ................................................................................................... 338
Automation and Orchestration ........................................................................................................................................ 338
Workload Mobility ................................................................................................................................................................. 339
Troubleshooting and Management ................................................................................................................................ 340
OpenStack Components ....................................................................................................................................................... 340
Compute ..................................................................................................................................................................................... 340
Swift ............................................................................................................................................................................................. 341
Cinder .......................................................................................................................................................................................... 341
Keystone ..................................................................................................................................................................................... 341
Dashboard ................................................................................................................................................................................. 341
Glance .......................................................................................................................................................................................... 342
Ceilometer ................................................................................................................................................................................. 342
Heat .............................................................................................................................................................................................. 342
Ironic ........................................................................................................................................................................................... 342
Exam Essentials ...................................................................................................................................................................... 342
Further Reading ..................................................................................................................................................................... 343
Chapter 17: Network Programmability (SDN) ......................................................................................................... 345
17
Sa
pl
ui
d
Describe Functional Elements of Network Programmability (SDN) and How They Interact .............. 345
Controllers ................................................................................................................................................................................. 345
APIs ............................................................................................................................................................................................... 347
Scripting ..................................................................................................................................................................................... 347
Agents .......................................................................................................................................................................................... 348
Northbound versus Southbound protocols ................................................................................................................. 349
Describe Aspects of Virtualization and Automation in Network Environments ........................................ 350
DevOps Methodologies, Tools and Workflows ........................................................................................................... 351
Network/Application Function Virtualization (NFV) ............................................................................................ 352
Service Function Chaining ................................................................................................................................................. 353
Performance, Availability, and Scaling Considerations ........................................................................................ 354
Exam Essentials ...................................................................................................................................................................... 355
Further Reading ..................................................................................................................................................................... 357
Chapter 18: Internet of Things ......................................................................................................................................... 359
Describe Architectural Framework and Deployment Considerations for Internet of Things (IoT) .. 359
Performance, Reliability and Scalability ..................................................................................................................... 359
Mobility ....................................................................................................................................................................................... 362
Security and Privacy ............................................................................................................................................................. 363
IoT Threats ................................................................................................................................................................................ 365
Security in IoT/M2M ............................................................................................................................................................. 366
Authentication ......................................................................................................................................................................... 368
Authorization ........................................................................................................................................................................... 368
Network Enforced Policy .................................................................................................................................................... 369
Secure Analytics: Visibility and Control ....................................................................................................................... 369
Standards and Compliance ................................................................................................................................................ 370
Environmental Impacts on the Network ..................................................................................................................... 373
Exam Essentials ...................................................................................................................................................................... 374
Further Reading ..................................................................................................................................................................... 375
18
Preface
Congratulations! You have taken your first step towards passing the CCIE Data Center V2.0
written 400-151 exam.
This book is dedicated to all those souls who will never settle for less than they can be, do,
share, and give!
What this study guide covers

As you may already have noticed on the "Contents at a Glance" page that this guide has been
formatted around the Cisco's official CCIE 400-151 exam topics or curriculum. So as you read
through parts and chapters, you know exactly where you're within your learning journey.
All contents are carefully covered in enough details however still trimmed to exactly what's
ui
d
necessary to pass the exam. The result of this approach is that you have 300 odd pages on
your hands (as opposed to 700 to 1,400 pages long reference manuals!). Each exam topic has
"Further Reading" section, which you can refer to if you are looking for more in-depth details.
How to use this study guide
pl
This guide is for everyone who's studying for CCIE DC written 400-151 V2.0 exam, regardless if
this is your first time sitting for a CCIE written exam or you're a pro who's recertifying. I strongly
Sa
suggest taking a methodical approach for exam preparation, i.e. starting with a target date when
you would like to sit for the actual exam and then work backwards to see what kind of study plan
would work for you. I believe you can cover the entire contents within eight weeks including the
practice questions (refer to website).
Lastly, the study guide alone may not be enough for everyone to pass the exam so be sure to
add other sources of learning and your hands-on experience on Cisco product portfolio and DC
technologies.
What's available on the CCIEin8Weeks website

CCIEin8Weeks.com carries the extras (sold separately) that go hand in hand with this study
guide to further ensure your exam success!
Website includes:
19
6 Practice Exams (one for each section as per official curriculum), One final exam
4 Study Plans, to help you track your progress or help you come up with your own plan
Study guide in printable PDF format
Last but not least, CCIE Exam community forum, to help you interact with others, share
Sa
pl
ui
d
knowledge, find study partners etc.
Part 1 Cisco Data Center L2/L3 Technologies
Sa
pl
ui
d

Chapter 2: Design, Implement and Troubleshoot Complex Layer 3 Technologies
Chapter 3: Design, Implement and Troubleshoot External Fabric Connectivity
20
21
Sa
pl
ui
d
This chapter covers the following exam topics from Ciscos official 400-151 written exam
curriculum.
Design, Implement and Troubleshoot Highly Available and redundant topologies for
example vPC, FabricPath, STP
Design, Implement and Troubleshoot Data Center Layer 2 overlays for example VXLAN,
OTV, EVPN
Design, Implement and Troubleshoot Network management protocols for example PTP,
NTP, DNS, DHCP
Design, Implement and Troubleshoot Traffic management for example queuing, policing,
shaping
Design, Implement and Troubleshoot layer 2 security features for example port security,
MACsec, ACL, private vlans
22
Chapter 1: Cisco Data Center Architecture, Products, Unified I/O and Platform
Selection
Design, Implement and Troubleshoot Highly Available and redundant topologies for
example vPC
vPC is a virtualization technology that presents both Cisco Nexus 7000 Series paired devices as
a unique Layer 2 logical node to access layer devices or endpoints. vPC belongs to Multichassis
EtherChannel [MCEC] family of technology.
A virtual port channel (vPC) allows links that are physically connected to two different Cisco
Nexus 7000 Series devices to appear as a single port channel to a third device. The third device
can be a switch, server, or any other networking device that supports link aggregation
technology.
ui
d
vPC provides the following technical benefits:
Eliminates Spanning Tree Protocol (STP) blocked ports
Uses all available uplink bandwidth
Allows dual-homed servers to operate in active-active mode
Provides fast convergence upon link or device failure
Offers dual active/active default gateways for servers
Sa
pl
vPC also leverages native split horizon/loop management provided by port-channeling

technology: a packet entering a port-channel cannot immediately exit that same port-channel.
By using vPC, users get the immediate operational and architectural advantages:
Simplifies network design
Build highly resilient and robust Layer 2 network
Enables seamless virtual machine mobility and server high-availability clusters
Scales available Layer 2 bandwidth, increasing bisectional bandwidth
Grows the size of the Layer 2 network
23
(Source: Cisco.com)
vPC leverages both hardware and software redundancy aspects:
ui
d
vPC uses all port-channel member links available so that in case an individual link fails,
hashing algorithm will redirect all flows to the remaining links.
vPC domain is composed of two peer devices. Each peer device processes half of the
traffic coming from the access layer. In case a peer device fails, the other peer device will
absorb all the traffic with minimal convergence time impact.
Sa
pl
Each peer device in the vPC domain runs its own control plane, and both devices work
independently. Any potential control plane issues stay local to the peer device and does not
propagate or impact the other peer device.
From a Spanning-Tree standpoint, vPC eliminates STP blocked ports and uses all available
uplink bandwidth. Spanning-Tree is used as a fail safe mechanism and does not dictate L2 path
for vPC-attached devices.
Within a vPC domain, user can connect access devices in multiple ways: vPC-attached
connections leveraging active/active behavior with port-channel, active/standby connectivity
using spanning-tree, single attachment without spanning-tree running on the access device.
NX-OS Version Requirement for vPC

vPC technology is supported since NX-OS 4.1.3. (i.e since the inception of Nexus 7000
platform).
NX-OS appropriate version depends on line cards configuration (M1, F1 or F2), chassis type
(7010, 7018 or 7009) and Fabric Module generation (FM generation 1 [46 Gbps per module] or
generation 2 [110 Gbps per module]).
24
NX-OS License Requirement for vPC

vPC feature is included in the base NX-OS software license.
Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Link
Aggregation Control Protocol (LACP) are also included in this base license.
Layer 3 features like Open Shortest Path First (OSPF) protocol or Intermediate-Systemto-Intermediate System (IS-IS) protocol require LAN_ENTERPRISE_SERVICES_PKG
license.
Virtual device contexts (VDCs) requires LAN_ADVANCED_SERVICES_PKG license.
Components of vPC
Table below lists important terms you need to know to understand vPC technology. These terms
are used throughout this guide.
Description
Term
The combined port-channel between the vPC peers and the

downstream device.
ui
d
vPC
pl
vPC
domain
A vPC switch (one of a Cisco Nexus 7000 Series pair).
Sa
vPC peer device
A vPC is a L2 port type: switchport mode trunk or switchport mode

access
Domain containing the 2 peer devices.

Only 2 peer devices max can be part of same vPC domain.
vPC member port
One of a set of ports (that is, port-channels) that form a vPC (or
port-channel member of a vPC).
vPC peer-link
Link used to synchronize the state between vPC peer devices. It

must be a 10-Gigabit Ethernet link.
vPC peer-link is a L2 trunk carrying vPC VLAN.
vPC peer-keepalive
link
The keepalive link between vPC peer devices; this link is used to
monitor the liveness of the peer device.
vPC
VLAN
25
VLAN carried over the vPC peer-link and used to communicate via
vPC with a third device.
As soon as a VLAN is defined on vPC peer-link, it becomes a vPC
VLAN
non-vPC VLAN
A VLAN that is not part of any vPC and not present on vPC peerlink.
Orphan
port
A port that belong to a single attached device.
vPC VLAN is typically used on this port.
Underlying protocol running on top of vPC peer-link providing

reliable synchronization and consistency
protocol
check mechanisms between the 2 peer devices.
ui
d
Cisco Fabric Services

(CFS)
Sa
pl
Virtual PortChannels (vPCs) allow links that are physically connected to two different Cisco
switches to appear to a third downstream device to be coming from a single device and as part
of a single PortChannel. The third device can be a switch, a server, or any other networking
device that supports IEEE 802.3ad PortChannels. vPC allows the creation of Layer 2
PortChannels that span two switches. At the time of this writing, vPC is implemented on the
Cisco Nexus 7000 and 5000 Series platforms (with or without Cisco Nexus 2000 Series Fabric
Extenders).
vPCs consist of two vPC peer switches connected by a peer link. Of the vPC peers, one is
primary and one is secondary. The system formed by the switches is referred to as a vPC
domain.
ui
d
Sa
pl
(Source: Cisco.com)
(Source: Cisco.com)
26
27
Sa
pl
ui
d
Following is a list of some possible Cisco Nexus vPC topologies, refer to diagrams above:
vPC on the Cisco Nexus 7000 Series (topology A): This topology consists of access layer
switches dual-homed to the Cisco Nexus 7000 Series with a switch PortChannel with Gigabit
Ethernet or 10 Gigabit Ethernet links. This topology can also consist of hosts connected with
virtual PortChannels to each Cisco Nexus 7000 Series Switch.
vPC on Cisco Nexus 5000 Series (topology B): This topology consists of switches dualconnected to the Cisco Nexus 5000 Series with a switch PortChannel with 10 Gigabit Ethernet
links, with one or more links to each Cisco Nexus 5000 Series Switch. Like topology A, topology
B can consist of servers connected to each Cisco Nexus 5000 Series Switch via virtual
PortChannels.
vPC on the Cisco Nexus 5000 Series with a Cisco Nexus 2000 Series Fabric Extender singlehomed (also called straight-through mode) (topology C): This topology consists of a Cisco
Nexus 2000 Series Fabric Extender single-homed with one to eight 10 Gigabit Ethernet links
(depending on the fabric extender model) to a single Cisco Nexus 5000 Series Switch, and of
Gigabit Ethernet or 10 Gigabit Ethernet-connected servers that form virtual PortChannels to the
fabric extender devices. Note that each fabric extender connects to a single Cisco Nexus 5000
Series Switch and not to both, and that the virtual PortChannel can be formed only by
connecting the server network interface cards (NICs) to two fabric extenders, where fabric
extender 1 depends on Cisco Nexus 5000 Series Switch 1 and fabric extender 2 depends on
Cisco Nexus 5000 Series Switch 2. If both fabric extender 1 and fabric extender 2 depend on
switch 1 or both of them depend on switch2, the PortChannel cannot be formed.
Dual-homing of the Cisco Nexus 2000 Series Fabric Extender (topology D): This topology is
also called Cisco Nexus 2000 Series Fabric Extender (FEX for brief) Active/Active. In this
topology each FEX is connected to each Cisco Nexus 5000 Series device with a virtual
PortChannel. With this topology, the server cannot create a PortChannel split between two
fabric extenders. The servers can still be dual-homed with active-standby or active-active
transmit-load-balancing (TLB) teaming.
The vPC peer switches are connected through a link called a peer link, also known as a
multichassis EtherChannel trunk (MCT).
vPC Peer Link

The vPC peer link is the most important connectivity element in the vPC system. This link is
used to create the illusion of a single control plane by forwarding Bridge Protocol data units
(BPDUs) or Link Aggregation Control Protocol (LACP) packets to the primary vPC switch from
the secondary vPC switch. The peer link is used to synchronize MAC addresses between
aggregation groups 1 and 2, to synchronize IGMP entries for the purpose of IGMP snooping, it
provides the necessary transport for multicast traffic and for the communication of orphaned
ports. The term orphaned ports refers to switch ports connected to single-attached hosts, or
vPC ports whose members are all connected to a single vPC peer.
28
Sa
pl
ui
d
In the case of a vPC device that is also a Layer 3 switch, the peer link also carries Hot Standby
Router Protocol (HSRP) frames. For a vPC to forward a VLAN, that VLAN must exist on the
peer link and on both vPC peers, and it must appear in the allowed list of the switch port trunk
for the vPC itself. If either of these conditions is not met, the VLAN is not displayed when you
enter the command show vpc brief, nor is it a vPC VLAN. When a PortChannel is defined as a
vPC peer link, Bridge Assurance is automatically configured on the peer link.
(Source: Cisco.com)
vPC Peer-Keepalive
A routed link (it is more accurate to say path) is used to resolve dual-active scenarios in
which the peer link connectivity is lost. This link is referred to as a vPC peer-keepalive or faulttolerant link. The peer-keepalive traffic is often transported over the management network
through the management 0 port of the Cisco Nexus 5000 Series Switch or the management 0
ports on each Cisco Nexus 7000 Series supervisor. The peer-keepalive traffic is typically routed
over a dedicated Virtual Routing and Forwarding (VRF) instance (which could be the
management VRF, for example). The keepalive can be carried over a routed infrastructure; it
does not need to be a direct point-to-point link, and, in fact, it is desirable to carry the peerkeepalive traffic on a different network instead of on a straight point-to-point link.
29
vPC Ports, and Orphaned Ports

A vPC port is a port that is assigned to a vPC channel group. The ports that form the virtual
PortChannel are split between the vPC peers and are referred to as vPC member ports.
A non-vPC port, also known as an orphaned port, is a port that is not part of a vPC.
To summarize, a vPC system consists of the following components:
Two peer devices: the vPC peers, of which one is primary and one is secondary; both are part
of a vPC domain
A Layer 3 Gigabit Ethernet link called a peer-keepalive link to resolve dual-active scenarios
A redundant 10 Gigabit Ethernet PortChannel called a peer link which is used to carry traffic
from one system to the other when needed and to synchronize forwarding tables
vPC member ports forming the virtual PortChannel
Traffic Flows
Sa
pl
ui
d
vPC configurations are optimized to help ensure that traffic through a vPC-capable system is
symmetric. In Figure below, for example, the flow on the left (in blue) reaching a Cisco Nexus
switch (Agg1 in the figure) from the core is forwarded toward the access layer switch (Acc1 in
the figure without traversing the peer Cisco Nexus switch device (Agg2). Similarly, traffic from
the server directed to the core reaches a Cisco Nexus Switch (Agg1), and the receiving Cisco
Nexus Switch routes this traffic directly to the core without unnecessarily passing it to the peer
Cisco Nexus device. This process occurs regardless of which Cisco Nexus device is the primary
HSRP device for a given VLAN.
30
ui
d
pl
(Source: Cisco.com)
Dual-Control Plane with Single Layer 2 Node Behavior
Sa
While still operating with two separate control planes, vPC helps ensure that the neighboring
devices connected in vPC mode see the vPC peers as a single spanning-tree and LACP entity.
For this to happen, the system has to perform IEEE 802.3ad control-plane operations in a
slightly modified way (which is not noticeable to the neighbor switch).
Link Aggregation Group Identifier

IEEE 802.3ad specifies the standard implementation of PortChannels. PortChannel
specifications provide LACP as a standard protocol, which enables negotiation of port bundling.
LACP makes misconfiguration less likely, because if ports are mismatched, they will not form a
PortChannel.
LACP discerns that the only ports that can be bundled are port 1 going to port 4. According to
the IEEE specifications, to allow LACP to determine whether a set of links connect to the same
system and to determine whether those links are compatible with aggregation, you need to be
able to establish two types of identification:
31
You need a globally unique identifier for each system that participates in link aggregation (that
is, the switch itself needs to be unique. This number is referred to as the system ID and is
composed of a priority and a MAC address that uniquely identifies the switch.
You need a means of identifying a link aggregation group.
Dual-Control Plane with Single Layer 2 Node Behavior

While still operating with two separate control planes, vPC helps ensure that the neighboring
devices connected in vPC mode see the vPC peers as a single spanning-tree and LACP entity.
For this to happen, the system has to perform IEEE 802.3ad control-plane operations in a
slightly modified way (which is not noticeable to the neighbor switch).
Link Aggregation Group Identifier
IEEE 802.3ad specifies the standard implementation of PortChannels. PortChannel

specifications provide LACP as a standard protocol, which enables negotiation of port bundling.
LACP makes misconfiguration less likely, because if ports are mismatched, they will not form a
PortChannel.
ui
d
ACP makes misconfiguration less likely, because if ports are mismatched, they will not form a
PortChannel. Consider example A in the figure below, in which switch 1 connects to switch 2.
Port 1 on switch 1 connects to port 4 on switch 2, and port 2 on switch 1 connects to port 6 on
switch 2.
Sa
pl
Now imagine that the administrator configured a PortChannel on switch 1 between ports 1 and
2, while on switch 2 the PortChannel is configured between ports 5 and 3. Without LACP, the
ports could be configured in channel-group mode, and you would not discover that this is a
misconfiguration until you notice that traffic has dropped. LACP discerns that the only ports that
can be bundled are port 1 going to port 4. According to the IEEE specifications, to allow LACP
to determine whether a set of links connect to the same system and to determine whether those
links are compatible with aggregation, you need to be able to establish two types of
identification:
You need a globally unique identifier for each system that participates in link aggregation (that
is, the switch itself needs to be unique. This number is referred to as the system ID and is
composed of a priority and a MAC address that uniquely identifies the switch.
You need a means of identifying a link aggregation group.
ui
d
(Source: Cisco.com)
32
System ID in a vPC System
pl
Spanning tree and LACP use the switch MAC address for, respectively, the bridge ID field in the
spanning-tree BPDU and as part of LACP LAGID. In a single chassis, they use the systemwide
MAC address for this purpose. For systems that use vPCs, use of the systemwide MAC address
would not work because the vPC peers needs to appear as a single entity. To meet this
requirement, vPC offers both an automatic configuration and a manual configuration of the
system ID for the vPC peers.
Sa
The automatic solution implemented by vPC consists of generation of a system ID composed of

a priority and a MAC address, with the MAC derived from a reserved pool of MAC addresses
combined with the domain ID specified in the vPC configuration. The domain ID is encoded in
the last octet and the trailing 2 bits of the previous octet of the MAC address.
By configuring domain IDs to be different on adjacent vPCs complexes (and to be identical on
each vPC peer complex), you will help ensure the uniqueness of the system ID for LACP
negotiation purposes. You also help ensure that the spanning-tree BPDUs use a MAC address
that is representative of the vPC complex.
You can override the automatic generation of the system ID by using the command-line
interface (CLI) and configuring the system ID on both vPC peers manually, as follows:
(config-vpc-domain)#system-mac <mac>
Primary and Secondary vPC Roles

In a vPC system, one vPC switch is defined as primary and one is defined as secondary, based
on defined priorities. The lower number has higher priority, so it wins. Also, these roles are
33
nonpreemptive, so a device may be operationally primary, but secondary from a configuration

perspective. To understand the operational role of a vPC member, you need to consider the
status of the peer-keepalive link and the peer link.
When the two vPC systems are joined to form a vPC domain, the priority decides which device
is the vPC primary and which is the vPC secondary. If the primary device were to reload, when
the system comes back online and connectivity to the vPC secondary device (now the
operational primary) is restored, the operational role of the secondary device (operational
primary) will not change, to avoid unnecessary disruptions. This behavior is achieved with a
sticky-bit method, whereby the sticky information is not saved in the startup configuration, thus
making the device that is up and running win over the reloaded device. Hence, the vPC primary
becomes the vPC operational secondary.
ui
d
If the peer link is disconnected but the vPC peers are still connected through the vPC peer
keepalive link, the vPC operational roles stay unchanged.
If both the peer link and peer-keepalive link are disconnected, both vPC peers become
operational primary, but upon reconnection of the peer-keepalive link and the peer link, the vPC
secondary device (operational primary) keeps the primary role, and the vPC primary becomes
the operational secondary device.
Spanning Tree
Sa
pl
vPC modifies the way in which spanning tree works on the switch to help ensure that the vPC
peers in a vPC domain appear as a single spanning-tree entity on vPC ports. Also, vPC helps
ensure that devices can connect to a vPC domain in a non-vPC fashion with classic spanningtree topology. vPC is designed to support hybrid topologies. Depending on the Cisco NX-OS
Software release, this can be achieved in slightly different ways.
In all Cisco NX-OS releases, the peer link is always forwarding because of the need to maintain
the MAC address tables and Internet Group Management Protocol (IGMP) entries
synchronized.
vPC by default ensures that only the primary switch forwards BPDUs on vPCs. This modification
is strictly limited to vPC member ports. As a result, the BPDUs that may be received by the
secondary vPC peer on a vPC port are forwarded to the primary vPC peer through the peer link
for processing. Non-vPC ports operate like regular spanning-tree ports. The special behavior of
the primary vPC member applies uniquely to ports that are part of a vPC.
Starting from Cisco NX-OS Releases 4.2(6) and 5.0(2), vPC allows the user to choose the peerswitch option. This option optimizes the behavior of spanning tree with vPC as follows:
The vPC primary and secondary are both root devices and both originate BPDUs
The BPDUs originated by both the vPC primary and the vPC secondary have the same
designated bridge ID on vPC ports
The BPDUs originated by the vPC primary and secondary on non-vPC ports maintain the
local bridge ID instead of the vPC bridge ID and advertise the Bridge ID of the vPC system as
the root
34
The peer-switch option has the following advantages:

It reduces the traffic loss upon restoration of the peer link after a failure.
It reduces the disruption associated with a dual-active failure (whereby both vPC members
become primary). Both devices keep sending BPDUs with the same bridge ID information on
vPC member ports, which prevents errdisable from potentially disabling the PortChannel for an
attached device.
It reduces the potential loss of BPDUs if the primary and secondary roles change.
Cisco Fabric Services over Ethernet Synchronization Protocol
The vPC peers use the Cisco Fabric Services protocol to synchronize forwarding-plane
information and implement necessary configuration checks.
vPC peers must synchronize the Layer 2 forwarding table - that is, the MAC address information
between the vPC peers. This way, if one vPC peer learns a new MAC address, that MAC
address is also programmed on the Layer 2 forwarding table of the other peer device.
The Cisco Fabric Services protocol travels on the peer link and does not require any
configuration by the user.
Sa
pl
ui
d
To help ensure that the peer link communication for the Cisco Fabric Services over Ethernet
protocol is always available, spanning tree has been modified to keep the peer-link ports always
forwarding. The Cisco Fabric Services over Ethernet protocol is also used to perform
compatibility checks to validate the compatibility of vPC member ports to form the channel, to
synchronize the IGMP snooping status, to monitor the status of the vPC member ports, to
synchronize the Address Resolution Protocol (ARP) table (starting from Cisco NX-OS 4.2(6)
and future Release 5.0 releases). If the peer link is disconnected between two vPC peers, the
synchronization between vPC peers is interrupted, which may lead to traffic drop for multicast
traffic and to flooding for unicast traffic.
vPC Configuration Changes When the Peer Link Fails

The correct sequence for setting up vPCs requires that the two participating vPC switches see
each other over the peer link and that they can communicate over the vPC peer keepalive link.
Figure below illustrates this fundamental concept: the configuration depicted in Figure (2)
requires starting from Figure (1). If you try to configure a vPC like in Figure (2) without having
established vPC peer-link and vPC peer keepalive connectivity, vPC ports wont go into
forwarding state.
Once you are in the state depicted in Figure (1) (which is a fully formed vpc domain) the peer
keepalive connectivity is not strictly required in order to create or modify vPCs. In other words,
you can configure the vPC in Figure (2) even if theres a loss of vPC peer keepalive connectivity
after the configuration depicted in Figure (1).
It is necessary and recommended to have functional vPC peer keepalive connectivity for the
correct behavior of vPC in presence of failures, but from a traffic forwarding and configuration
purpose, the temporary failure of the peer keepalive link doesnt have any impact.
35
ui
d
(Source: Cisco.com)
The vPC peer-link connectivity is more important for the correct traffic forwarding operations as
well as for the ability to create or modify vPCs.
Sa
pl
The initial implementation of vPC did not allow configuration changes when the peer link was
disconnected to avoid, upon reconnection of the peer switch, inconsistencies that could bring
these links down. Thus, if the peer-link was lost, the interfaces on the vPC primary could not be
flapping (i.e. if they went down, they stayed down up until the peer-link was restored), and while
the peer link was down, a new vPC member port could not be activated.
Example A in Figure shows the case of a single vPC peer. The user cannot activate any vPC
member port until a vPC peer switch is present (example B in Figure).
36
ui
d
(Source: Cisco.com)
Sa
pl
Because of this behavior, if the peer-link connection is lost, by default the user cannot add any
vPC ports and activate them, nor can an interface flap. If a vPC interface flaps, the port will stay
down after flapping.
For example, imagine a vPC setup with PortChannel 8 configured as vPC 8:
vPC status
---------------------------------------------------------------------------id Port Status Consistency Reason Active vlans
------ ----------- ------ ----------- -------------------------- ----------8 Po8 up success success 23,50
After the peer-link failure only the primary keeps the vPC interfaces up. If the interface
associated with PortChannel 8 flaps, it never goes up again.
vPC status
---------------------------------------------------------------------------id Port Status Consistency Reason Active vlans
------ ----------- ------ ----------- -------------------------- ----------8 Po8 down failed Peer-link is down
To restore connectivity, you need to first restore the peer link, and then enter a shut/no shut
command under the interface on the primary device.
Similarly, if you want to create a new vPC interface and to activate it, a vPC peer needs to be
present and connected through the peer link. While a peer link is not connected, vPC prevents
activation of any new vPC member port.
This vPC behavior may manifest itself in several scenarios:
37
ui
d
A vPC pair in which the peer link is lost but the peer-keepalive is still connected (shown as
case 1 in Figure)
A vPC pair in which peer link and peer-keepalive links are lost (split brain)
A switch that was part of a vPC but has been reloaded; upon coming online, the vPC peer is
unavailable (shown as case 2 in Figure)
A vPC switch that has never been part of a vPC domain because it has just been powered up
and configured for vPC, but no peer-link and peer-keepalive connectivity has been established
yet
pl
(Source: Cisco.com)
Sa
Case 1 has been addressed by the Cisco Nexus 7000 Series with Cisco NX-OS 4.2(3). This
solution allows the vPC device to shut/no shut existing vPC member ports as long as the vPC
secondary device can still be reached through the peer-keepalive link. This same behavior on
the Cisco Nexus 5000 Series requires configuration of the keyword peer-check-config-bypass
under the vPC domain configuration, but this process is superseded with NXOS 5.0(2)N1(1).
For case 1, to add a new vPCs you need the reload restore command of the Cisco Nexus 7000
Series and on the Cisco Nexus 5000 Series running NXOS 5.0(2)N1(1) or higher. You can
achieve the same results with peer-check-config-bypass for the Cisco Nexus 5000 Series if
running an earlier version of code.
The case of complete disconnection between the vPC primary and secondary devices (split
brain) is addressed in the Cisco Nexus 7000 Series or Cisco Nexus 5000 Series running NXOS
5.0(2)N1(1) or higher (for existing vPC member ports) and reload restore (for new vPC member
ports). The equivalent command on the Cisco Nexus 5000 Series for earlier releases is peercheck-config-bypass.
The third case, reload of a vPC device, is addressed with the vPC reload restore command.
To override the default vPC behavior, which prevents activation of new vPC member ports when
the peer link is down, you can use the command peer-config-check-bypass under the vPC
domain configuration (on the Cisco Nexus 5000 Series only).
38
As an example:
vpc domain 2
role priority 100
peer-keepalive destination 10.51.35.18
peer-config-check-bypass
The peer-config-check-bypass command was introduced in Cisco NX-OS 4.1(3)N2(1), and it will
be superseded by the vPC reload restore command when that command is available.
With this command in place, even if the Cisco Nexus 5000 Series peer link is down, a vPC
member port can flap, and you can also create new vPC member ports and activate them.
vPC Reload Restore
Sa
pl
ui
d
The vPC reload restore feature was introduced with Cisco NX-OS 5.0(2). With vPC reload
restore, when the peer link is down, or when the both peer link and peer-keepalive links are lost,
the vPC primary can activate new vPCs ports.
If the vPC peer switch is brought online or connected to the existing vPC peer switch, the
configuration checks are performed; if inconsistencies are found, the vPC ports are shut down.
In addition, with reload restore a vPC peer can reload, and after a reload, if no vPC peer exists
(a condition that is detected by a timer), the user can create vPCs on the standalone vPC peer.
Upon reload, Cisco NX-OS starts a user-configurable timer (with a default of 240 seconds). If
the peer-link port comes up physically or if the peer keepalive is functional, the timer is stopped
and the device waits for the peer adjacency to form. If at timer expiration no peer-keepalive- or
peer-link-up packets have been received, Cisco NX-OS assumes the primary role. The software
reinitializes the vPCs, activating its local ports. Because there are no peers, the consistency
check is bypassed for the local vPC ports.
The timer is user configurable and defines how long the standalone vPC device waits to detect
a vPC peer. If at the timer expiration no peer-keepalive- or peer-link-up packets have been
received, the software reinitializes the vPCs, activating its local ports. Because there are no
peers, the consistency check is bypassed for the local vPC ports.
The following output shows the status of a virtual PortChannel configured on a standalone vPC
system with restore reload:
---------------------------------------------------------------------id Port Status Consistency Reason Active vlans
-- ---- ------ ----------- -------------------------- -----------51 Po51 up success Type checks were bypassed 10-14, 21-24
for the vPC ,50,60
vPC Configuration Consistency

The Ethernet PortChannel capability allows links to be bundled to form a single entity if certain
compatibility conditions are met. The following is a list of conditions that are verified before ports
can form a regular PortChannel (this list refers to regular PortChannels, not vPCs specifically).
39
Members must:
Have the same port mode configured
Have the same speed configured; if they are configured with speed AUTO, they have to
negotiate the same speed when they become active, and if a member negotiates a different
speed, it will be suspended
Have the same maximum transmission unit (MTU) value configured
Have the same duplex mode configured
Have the same Ethernet layer (switchport or no switchport) configured
Not be SPAN ports
Have the same storm control configured
Have the same flow control configured
Have common capabilities
Be switching ports (Layer 2)
Have the same port access VLAN
Have the same port native VLAN
Have the same port-allowed VLAN list
ui
d
vPC Consistency Check
Sa
pl
Similar to regular PortChannels, virtual PortChannels are subject to consistency checks and
compatibility checks. During a compatibility check, one vPC peer conveys configuration
information to the other vPC peer to verify that vPC member ports can actually form a
PortChannel. For example, if two ports that are going to join the channel carry a different set of
VLANs, this is a misconfiguration. Depending on the severity of the misconfiguration, vPC may
either warn the user (Type-2 misconfiguration) or suspend the PortChannel (Type-1
misconfiguration). In the specific case of a VLAN mismatch, only the VLAN that differs between
the vPC member ports will be suspended on all the vPC PortChannels.
You can verify the consistency between vPC peers by using the command show vpc
consistency-parameter:
tc-nexus5k02# show vpc consistency-parameter
Inconsistencies can be global or interface specific:
Global inconsistencies: Type-1 global inconsistencies affect all vPC member ports (but do not
affect non-vPC ports)
Interface-specific inconsistencies: Type-1 interface-specific inconsistencies affect only the
interface itself
Examples of areas where Type-1 inconsistencies may occur include:
Multiple Spanning Tree (MST) region definition (VLAN-to-instance mapping)
MTU value
Spanning-tree global settings (Bridge Assurance, loop guard, and root guard)
Configuration changes to the following (these affect only individual vPCs for all VLANs on the
vPC):
- PortChannel mode
40
- Trunk mode
- Spanning-tree interface settings
vPC Configuration Synchronization

A vPC allows two links that are physically connected to two Cisco Nexus switches to appear as
a single PortChannel. Some configurations must be identical on both switches for vPCs to
forward traffic. Such configurations include port mode, channel mode, speed, and duplex.
The config-sync command simplifies the management of vPCs by synchronizing vPC
configurations between primary and secondary vPC peers.
ui
d
vPC config-sync is currently available on the Cisco Nexus 5000 Series starting from Cisco NXOS 5.0(2)N1(1).
The config-sync feature uses the concept of the configuration profile. The switch profile is the
construct that allows configurations to be applied both locally and on the config-sync peer. The
config-sync peer definition is independent of the vPC peer definition and is specified in the
switch profile configuration mode as follows:
Nexus5000(config-sp)# sync-peers destination {destination IPs}+ [source <source IP> | vrf
<vrf>]
Sa
pl
After the config-sync peer has been defined, the configuration that uses vPC config-sync
appears as follows:
Switch# config sync
Switch(config-sync)# switch-profile profiledefinition
Switch(config-sp)# interface Port-channel100
Switch(config-sp-if)# interface Ethernet1/1
Switch(config-sp-if)# channel-group 100
Switch(config-sp-if)# exit
Switch(config-sp)# commit
Configurations are applied only after the user enters a commit command. The configuration is
synchronized with the remote peer through the mgmt0 interface using routable Cisco Fabric
Service protocol over IP. If the remote peer cannot be reached, the configuration is applied only
locally.
All commit operations follow the two-phase commit approach: If the config-sync peer is
reachable, either the configuration is fully committed on both peers or it is rolled back on both. If
the config-sync peer is not reachable, then the configuration is applied only locally. When the
peer becomes reachable, the configurations are merged.
Duplicate Frames Prevention in vPC

One of the most important forwarding rules for vPC is that a frame that enters the vPC peer
switch from the peer link cannot exit the switch from a vPC member port.
Figure shows switches 3 and 4 connected to 5k01 and 5k02 with vPCs Po51 and Po52. If one
of the hosts connected to switch 4 sends either an unknown unicast or a broadcast, this traffic

Ccie Written Study Guide - All in One CCIE Routing and Switching

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccie Written Study Guide - All in One CCIE Routing and Switching

Uploaded by

Copyright:

Available Formats

2014-2016 Copyright CCIEin8Weeks.com.

All-in-One CCIE Data Center V2.0

(Fully Revised Edition for V2.0 Exam)

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Part 3 Data Center Storage Networking and Compute

Part 4 Data Center Automation and Orchestration

Part 5 Data Center Fabric Infrastructure

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Part 1 Cisco Data Center L2/L3 Technologies ......................................................................... 20

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

IGMP Snooping and vPC ........................................................................................................................................................ 49

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Learning the HSRP MAC Address ...................................................................................................................................... 93

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

BGP Prefix Independent Convergence Core ...................................................................................................... 149

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Egress Tunnel Router ........................................................................................................................................................... 164

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Configuring a BGP Layer 3 Outside Network Connection .................................................................................... 182

Part 2 Cisco Data Center Network Services .......................................................................... 194

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Administrative Boundaries ................................................................................................................................................ 208

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Initiator Presentation Modes ............................................................................................................................................ 232

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Adding and Configuring a Storage Policy ................................................................................................................... 248

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Ethernet Switching Mode ................................................................................................................................................... 271

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Configuring a Remote User ................................................................................................................................................ 322

Part 6 Evolving Technologies ............................................................................................... 330

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

What this study guide covers

How to use this study guide

What's available on the CCIEin8Weeks website

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Study guide in printable PDF format

knowledge, find study partners etc.

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Part 1 Cisco Data Center L2/L3 Technologies

Chapter 1: Design Implement and Troubleshoot Complex Layer 2 Technologies

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

Chapter 1: Design Implement and Troubleshoot Complex Layer 2 Technologies

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

vPC provides the following technical benefits:

Eliminates Spanning Tree Protocol (STP) blocked ports

Uses all available uplink bandwidth

Allows dual-homed servers to operate in active-active mode

Provides fast convergence upon link or device failure

Offers dual active/active default gateways for servers

vPC also leverages native split horizon/loop management provided by port-channeling

Simplifies network design

Build highly resilient and robust Layer 2 network

Enables seamless virtual machine mobility and server high-availability clusters

Scales available Layer 2 bandwidth, increasing bisectional bandwidth

Grows the size of the Layer 2 network

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

NX-OS Version Requirement for vPC

2014-2016 Copyright CCIEin8Weeks.com. **REDISTRIBUTION PROHIBITED**

NX-OS License Requirement for vPC

The combined port-channel between the vPC peers and the

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED

2014-2016 Copyright CCIEin8Weeks.com. REDISTRIBUTION PROHIBITED