Pass Your Cisco CCNP Enterprise Certification Easy!

100% Real Cisco CCNP Enterprise Certification Exams Questions & Answers, Accurate & Verified By IT Experts

Instant Download, Free Fast Updates, 99.6% Pass Rate.

CCNP Enterprise Bundle

$69.99

Cisco CCNP Enterprise Certification Bundle

Implementing Cisco Enterprise Network Core Technologies (ENCOR)

Includes 501 Questions & Answers

Cisco CCNP Enterprise Certification Bundle gives you unlimited access to "CCNP Enterprise" certification premium .vce files. However, this does not replace the need for a .vce reader. To download your .vce reader click here
CCNP Enterprise Bundle
CCNP Enterprise Bundle

Implementing Cisco Enterprise Network Core Technologies (ENCOR)

Includes 501 Questions & Answers

$69.99

Cisco CCNP Enterprise Certification Bundle gives you unlimited access to "CCNP Enterprise" certification premium .vce files. However, this does not replace the need for a .vce reader. To download your .vce reader click here

Cisco CCNP Enterprise Certification Exams Screenshots

CCNP Enterprise Product Reviews

Download Free CCNP Enterprise Practice Test Questions VCE Files

Exam Title Files
Exam
300-410
Title
Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)
Files
2
Exam
300-415
Title
Implementing Cisco SD-WAN Solutions (ENSDWI)
Files
1
Exam
300-420
Title
Designing Cisco Enterprise Networks (ENSLD)
Files
2
Exam
300-425
Title
Designing Cisco Enterprise Wireless Networks (300-425 ENWLSD)
Files
1
Exam
300-430
Title
Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI)
Files
1
Exam
300-435
Title
Automating Cisco Enterprise Solutions (ENAUTO)
Files
1
Exam
350-401
Title
Implementing Cisco Enterprise Network Core Technologies (ENCOR)
Files
2

Cisco CCNP Enterprise Certification Exam Dumps & Practice Test Questions

Prepare with top-notch Cisco CCNP Enterprise certification practice test questions and answers, vce exam dumps, study guide, video training course from ExamCollection. All Cisco CCNP Enterprise certification exam dumps & practice test questions and answers are uploaded by users who have passed the exam themselves and formatted them into vce file format.

Architecture

22. 1.5 Explain the working principles of the Cisco SD-Access solution

Now we reach number five, and in number five we have to learn and understand about software-defined access, or SD access. The common term is DNA. Here we have to understand that what is SD accessand what does it mean by control and data plane. And, I'll add, in some of the examples, we can correlate or differentiate in a way that shows what is the existing campus and then how it will look inside the DNA or SD access. All right, so we know DNA and what DNA isgoing to add value in the market is that wehave the full automation engine, we have the analytic engine,actually we have NDP network data analytics engines. What is happening here is—and I have explained this earlier also—that now you have a management plane, a control plane, a data plane, and a policy plane. Now this management plan is nothing but your DNA controller. From your DNA controller, you can write the policies, you can do the orchestration, and it is open for the API. We have full automation support; we have full analytics engines; we can do the programming; we have the virtualization support. You'll see that What does it mean by "network virtualization"? And, of course, there's the cloud integration and support. In short, whatever is required for STM, everything is supported in this particular module and this particular feature. So this is a land or campus area network solution based on SDN. Now, the reason we are seeing such an improvement in the existing campus network to the DNA is that we now have full hardware support as well as full programming support. With full hardware support, we now have the programmable Essex, Essex, on which we can write the program. They can understand the program, they have the analytics, and they can understand the analytics as well. They can understand the programming as well. We can do full automation in that So here you can see that due to the evolution of ASIC, whether it's a wired or wireless stacking CN, they can do programming, they are flexible, and recirculation will be less. We have integrated stacking, visibility, and security, meaning we have mature and very extensive hardware that can be easily integrated with the programming. So whatever programming that we want to door in future we want to add itthat will be fully supported with the hardware. Generally, we are using Catalyst 9000 switches for DNA. I will see that later on in this session, and I will point you to the URL where you'll get the list of all the supported devices. So not only the switch, butroutinely are also there for DNA. Now let's try to understand what is meant by "fabric," because this is a common term, whether it's ACIC fabric application centric and fine data center) or SDWAN fabric or DNA fabric—everywhere you used to get the term "fabric." What is fabric? Fabric is nothing but the overlay. So that means we have underlay as well, and the answer is yes, we have underlay and then we have overlay. So whatever physical connectivity you have, that is nothing but your underlay. Correct? And then, if you abstract this physical connectivity as per your networking or as per your topology, that will be the overlay. And different, different abstraction can bedifferent different virtual network or tenant. So tenant one, tenant two, and tenant three—these tenants are nothing behind the scenes; they are the overlays or instances of the physical infrastructure or the abstractions, right? So the overlay that we are using at this point of time is not a new concept. We know that we used to use List, OTVDFA, and ACI; ACI is new, but Captain Ipccover Dmvp and MPLS GRE are actually the old ones. So what Cisco has done nicely in terms of DNA is that they have used only mature technology only.So for example List and VXLAN we are going touse inside DNA and with that we have the spaciouscampus area network that is software defined access network. Again, we have some slides just to differentiate between the underlay and overlay. So with one particular fixed underlay, you may have multiple overlays. So you can create an overlay for ten and one, two, and three, or for customer one, two, and three, etc., etc., etc. Right? And that's the true power you have. So now you have fixed your physical devices, connections, interfaces, and wiring, and then you can extract that. Now, if you do this repeatedly or if you are in the fabric, you can do mobility and scalability programming depending on the features you have. Now we have all sorts of flexibility with you, right? Again, one more example with the overlay, and this is actually specific to the DNA. In an upcoming session, we'll go and learn about DNA terminology, and then you will find that you have terminology used, say, for example, on edge devices. So you have edge devices; then you will go and learn that you have border devices as well. You have edge devices, border devices, and then edge devices. Then again, we'll see in upcoming slides other terminologies that you can extract inside the overlay. So you may have multiple overlays on the fixed underlay. So you have an underlay, and then you have an overlay for the underlying. Also, you have a control plane overlay. Also, you have a control plane. Just an example, and the control plane could be VXLAN overlay control plane. Okay, we'll talk about List in the next session as well. Maybe after this we have section four List. Even if you go and check the slaves, you'll find that Section 2-3 is for V, XLAN, and Lisp. So after this section, when you go and start your section two, which is for virtualization, there you will find the topics related to V and XLAN and the list as well. There are some of both in the world. So L three and L two overlay examples andVXLAN you can think as A, VXLAN is usedfor L two and L three as well. However, at this time, we can think of VXLAN as a Layer 2 and then list as a Layer 3, although VXLAN can be used for both. Generally, it is used as an L-three overlay. All right, so what type of planes do we have? We have a control plane, we have a data plane, and we have a policy plane, and one by one we are going to learn extra. I believe A and B can go and refer in sections two and three; we have the explanand list, and then you have the policy plan. These are the key components of Stax or DNA. The distinction is between L-2 plus L-3 overlay hostmobility and L-2 plus L-3 overlay hostmobility with any gas gateway VR finance industry. We also have VRF-related topics in Section 2 in the virtual tunnel endpoints with no topology limitation. If you have any limitations not in DNA, it is because we are going to use the scalability method with respect to the list locator separation protocol or the locator ID separation protocol. We'll see that we have completed things related to that. We will investigate this. So what are the terms we have in DNA? You have a control plane; that is a list map server. This term is also known as MSMRmap server and map resolver. Then you have the edge node, the list-tenor router. We'll see how extreme it is, inward and outward we'll see that.As an example, consider a turned router as an edge node and a proxy-tenant router PTR as a model node. I will go and refer to the topology, and then we have the intermediate notes as well. These terms will appear numerous times throughout the DNA. The fabric domain is Ft, and the listprocess virtual network is the VN or VRF. We are going to check this, and these are the loose terms. So VN is the loose term for list. Instance is a loose term for VRF endpoint IDgroup, or EIG, which is a segment that can be used inside the trust segment that we can check. HostWool is the dynamic endpoint ID or VLAN plus the IP subnet. So these are the terms that are going to be used inside the DNA. All right. So I hope you understand that overall, there are at least three planes in the DNA. Three things are on the list: a control plane via plan, a data plan, and Ice, which actually is for a policy plan.

23. LISP Locator ID and Separation Protocol

We have a very important topic now, which is the list of lisps for the control mechanism or control protocol for DNA. This is nothing but the locator ID separation protocolmeans how you can differentiate or how you canseparate the identity and location we'll see that whatis the mechanism and what are the technical technicaldefinitions or technology behind the list right? So let's try to understand this fabric and this DNA piece step by step. Now here in the diagram, you can see that you have edge devices; these are actually the edge devices. We have three components: you have the edge, then you have the border, and then you have the control. One by one, we will go and discuss all but these edge devices that we are seeing here Actually, the end point identities are connected with them. Here, you can see Eid, so this edge device specification is that one portion is connected with Eid, but one portion is inside the fabric, right? Now, inside the fabric, where you are running the list protocol as a control mechanism, this list protocol has been located in the router locator, and then inside that you have one database, so whatever edge devices you have, they will map to the R lock, and that Eid to R lock mapping will be stored inside the database, and that's the case we have, it's doing this, now we have the other components as well, so let's try to understand all the terminology, Now, if you use "List," what will happen? Assume you're storing or preserving the identity, so if you move the system from one location to another before List, they have to change their identity, but if you use List, you can see they are preserving the identity, which is why they support the mobility feature, and this mobility feature is huge in the campus area network because users are constantly moving from one location to another. Now, how is List using the campus fabric? Let's look at this in terms of campus fabric: you have the control of a controller router at this point, so you have one controller router, and then you have the edge devices that are connected with Eid and will use our Locator, and here we have the database that will store Eid in our Locator. Now what will happen? These Eid have the database of 34 IPVs, 41284 IPVs, or six Mac addresses, so at the moment you are part of Fabric or want to become a member of Fabric, you will send all the prefixes to the controllers or to the control plane. Now this controller what he willdo that he has his database? Next time, suppose this is A and this is B. If B wants to communicate with EA but doesn't know how, he will go to the controller and say, "Hey controller, I want to reach A now, since controller knows that this request is for A, why?" Because he has the eID to our locator information, he can say, OK, this is the way that you can reach them," and later on they can go and communicate directly, so it is working. You can think of this point in time as a proxy, but that's true. Why is it working in this way, and what's the benefit we have I'll show you in the next slide, but this is the mechanism behind the scene, and you can read out these points as well. Now. Here you can see that you have an edge node or edge device. The list term is list tenl router, so these are the list tenl routers because they are going to do the mapping for eID to our locator again. This term is also huge so provide any cast l threegateway for connected endpoints so whatever eid to our location obviouslyare located will be fixed for the eid but they aregoing to check who is the group to near who isthe nearby endpoint and then according to that. He has to store the information again in the big fabric, and you should have multiple control nodes. Of those control nodes, which particular group of endpoints is near that control node? So any cast will come into the picture. Right? Okay, so you have the eID, and they must register with the control plane or the controller, and then the controller will have the database for the eID to the locator, and again, you have the border note, and they are referred to as a list proxy tenant, so you have a list tenant and a less proxy tenant, why? Because if you want to go from list to nonlistdomain or who will be your entry or exit points, then these border notes will work like that. So here, you can see the notes connect traditional Layer 3 networks, which means nonlisp domain if you want to go where domain exchange endpoint eligibility and policy information they can have VRS and security tagging groups or group tagging Another option is virtualization, which they support. VRF provides a domain exit point for all the edge nodes; that's the usefulness of the border, so now we have freedom. We have an edge. We have border and we havecontrol border is the entry point. The point of exit for all edge devices plus This folder will be used if you want to communicate from a list domain to a non-list domain. This control plane or controller device is supposed to have the database for our locator information, correct? And these are the terms, actually. Apart from that, There is one other term as well, which is transient devices, so in between if we have non-lisp devices, that is also supported, so it is not mandatory that inside the fabric you are running Lisp to each and every devices all right.So we've reached or understood up to this point. Let's understand a few moreslides what benefit we have. That's the main thing so I'm going to use listand what benefit that list will provide to me nowhere you can see the benefit first of all mobilityand then the virtualization both features are there means devicescan move from one place to other place but theystill have their actual identity why? Because they are responsible for managing their identity, that's it. They're not there to manage the entire topology tableor entire database because for that you have otherdevices in a network apart from that this listthey are fully supporting virtualization so for virtualization thereare some code for VRF and all but theyare fully supporting virtualization before moving further. Let's try to understand about this location andidentity term you have location and identity. You have the identity of yourself, so that is nothing but the end point route, so you have the end point route, and then you have this colour red, which is the topology route. Now you can see in a big network, the topology route will be very big, which is why you want to have the topology route, and unnecessarily, you are utilising your tables. Your CPU and processing etc. for rather than offloading this, you offload this topology route to some database, and whenever you want to lead it, just contact the database, and that database will provide you that information, so rather than adding or putting extra burden on all the devices, you can put that in a centralised location like this. They will get the answer, and then they can communicate directly. That's the overall idea, so now you can see the scalability feature. The better utilisation of resource feature and theyare supporting mobility and they are supporting virtualizationas well so routing scalability is there. Mobility is there, and virtualization is there. With their help, we can achieve all these targets finallywe have the list mobility in the campus fabric. We have the host pool now, but you are preserving the VLAN and the IP subnet so now you are creating the VR for example, so VRF a VR bVC later we'll go and study about VM virtual networks associated with VRF so different networks or instances you can create and once you have those instances or networks they are associated with VLAN ID everything will happen dynamically here and they will manage the network That term is "host pool." So the host pool is based on IP, subnet, and Vladavan; these are the features listed. But the core fundamentals are the same. That means that you have to register somewhere where you are registering. He has all the information about the topology inside the fabric. You have local responsibilities. Now you can think like this: you have local responsibility, and someone else has global responsibility for all the devices, each with their own individual responsibility. When one responsibility wishes to communicate with another responsibility or with the person who holds the responsibility, So at that time they will consult the global member, and he will provide the path. Obviously, this will not have a lag. This will be very fast. Finally, the list supports virtual networking, or VRF, and by default that will be VRF zero. But we have options. We can go and configure; we are F-1234, etcetera, etcetera. So different fabrics we can create—or different overlays we can create inside the fabric— This overlay is nothing but the virtual network. This virtual network is nothing but a tiny entity itself. So overlay, virtual network, and tina are all the same thing. All right, so the final thing is that this is already working; we have discussed that you have one centralised database. So, if your edge device has the identifier or endpoint identifier, it will go and register with the control plane or controller, or as we call it, a control router. Sometimes it is referred to as a MSR map server or a map resolver. So the bottom line is that once you are inside the fabric with the help of our lock, our lock mapping is happening, and then you have the entire database stored with this guy. You can think of this as DNS as well. So you may have local DNS, you may have global DNS, or whatever else you can think of, and whenever you require it, you are resolving like DNS. So these guys will resolve like DNS; they will send their query, and finally they will get a response, and then they will do the communication. So it's very similar to how DNS works, and how the list works. If you want to learn more more about this, youcan go and check these links plus you can goand check there are so many good documenting Cisco liveas well that you can go and refer.

24. VxLAN Virtual Extension LAN

In previous sessions, we have discussed a list that is the control plane for DNA. The data plane for DNA is VXLAN. And let's learn about VXLAN. So now, here, we can see the header format of that. Before doing that, let's try to understand and know what type of header information we have inside the VXLINE list. So a normal IP packet will look like this. You have the payload; you have IP; you have Ethernet. However, if you go to List, LSV is actually the L three over there. But VXLAN is L two, plus L three meansit's support both L two and L three. The list fee is also known as You can see here that this is something in IP. and VXLAN you can think as UDP in IP youhave IP package, even if you have Ethernet package. And then you have the European capsulation, and then you have the outer header format as well. We have the document; we have a slide, actually, that is referring to some of the points. I'll come back there as well. So Mac in IP, but VXLAN can also be thought of as a UDP in IP. And you can see List as IP in IP here. Okay, so we claim as per Cisco, you can refer as Macin IP and List you can refer as IP and IP. All right, so here you can see that you have the header format for VXLAN. You have your IP and payload up to this point. Then you have V-XLAN encapsulation. Then you have Outer. We have the UDP encapsulation, and then you have IP and the Internet. These are the outer header, and then these are the inner header. Knowing everything up to this point, let me return to the actual header format, which we also have in detail. Let's try to understand this first, and then I'llgo and cover the next header format as well. So now here, you can see that you have the actual payload. Then you have the IP header, you have MacHeader, you have VxLine Header, and you have UDP, where you have the destination port as 4789. Then you have the Outer IP Header and the Outer Mac. Now in the outer IP header, it's important that you have the source IP address and source R lock related to List. And then the destination is destinationR lock related to List. That is the outbound fabric outbound.The rest of the process is very similar for inbound IP addresses. That is how VXLAN used to function in UDP. You'll see that your source port is the hash of L 2, L 3, and L 4 headers. Your destination port is UDP 4789. If you go and check the VXLAN headers, you'll find that you have the segment ID that is going to integrate with Ice Security Group Tagging. So you have 64K possible segments. Then you have this VNID we need, which is actually 16 million. And actually, 16 million is not supported, but yeah. It is far more than the VLAN ID VLAN. Actually, we know that we have only four kVLANs, and that's the restriction we want to overcome inside VXLAN: that we have 16 million possible vlans if we are using L-2 VXLAN VR, or if we are using L-3 VXLAN okay.Although this diagram is very busy, you have to take your time and at least draw the Vxline UDP and author the IP header. These three are important now for Vxln. Once you understand VXLAN These are the fixed things, then the UDPHeader's easy source will be the hash value so you can do the ECMP destination will be fixed at 4789 and then the outer IP addresses are the list-based inner and outer IP that is the RLC right now we have one more diagram here that lets try to understand the parallel list header and the B XL header unless we know that IP and IPso that's why you have the inner header as the IPthen you have this instance ID is the criteriafor the virtualization so if you want to do list virtualizationyou have to put instant instance ID apart from zero zerowill be the default by default all the configuration has zeroas a list ID but for different different VRS we canput different different instance idea then you have the UDP destinationport and source that will be randomly generated then you havethe Auto Header outer header we know that what will bethe outer header for the list packet so you have thedestination routing locator you have the source routing located UDP protocolnumber is 17 like that so we have referred the diagramand here you can see the same thing you have InnerHeader then you have List Header and then you have theOuter Header correct like that better you refer this rather thanthis although now when coming to VX line here you cansee that you have Inner Header so you have the payloadhere and you have the Ethernet as well then obviously youshould have IP as well so once you have the IPthen you have the VXLAN here you have the Viney orVNI you have L two and L three V NID youhave some reserve bit as well then you have the UDPencapsulation here where the destination port is 4789 sources will bethe hash of different values then you have the source routinglocator and destination routing locator and then you have the thisis actually a router header so your outer header. Your UDP. Your VXLAN. Your internet. Your payload and optional things okay. So this is the way that you can understand VXLANand actually we have covered the detailed comparison of VXLANand the packet format now we have one more slide Here is how this data plane is working—obviously, it will do the decalation and ecstasy at the edge point or the edge node. So if you have two edge nodes inside the fabric, they will do the encapsulation and decapitulation. So if I can draw and explain here, I have one device here as an edge, and then I have an EID. I have another device, an Edge. Assume edge two and h one, and I have eid. When the packet comes, it will resolve the list and go in contact with the control device or Ms M.Well, it should know how to reach the destination. Then the dynamic VXLAN tunnel will form. In that dynamic VXLAN tunnel, the source and destination outer headers will be the unlocked source and destination IP. Correct. So that's the thing written here—the underlay address, advertisement, and mapping. This is your underlay, and this is your overlay or fabric. Correct. This thing will happen. Then it was automatic tunnel. So your V, XL, and tunnel will form automatically. Then frame decapitulation between routing locators will obviously happen, resulting in encapsulation and decapitation and will happen.So once you're sending the frame with VXLAN, it willdo the encapsulation and once it will reach you thedestination over the channel he will do the decap. As a result, in cap and decap will occur. List is IP, and Ipvxlan is Mac and IP, and then we have some of the list control events as well. So this is the detailed explanation of VXLAN, and I hope you understand the format, the encapsulation, the packet format, and how it is working. The next section will go over what types of products are supported inside DNA. Although there are links to check the list of products, there are a large number of products that have been supported within Scaxis or DNA.

25. DNA supported Hardware & Summary

This is the last recording in Section 1, and we are going to study the types of devices supported inside DNA. Plus, I'm going to do the summary as well. For Section 1.5, we know that we have three variants: we have the edge node and edge node supported devices. Here you can see, and we can go and check the data sheet as well, which is the hardware and which is the software supported for DNA as an edge node. Then we have the border node here, and you can see that there are three k, six k, ASR one k, ISR four k, and seven k. They are supported as a border node. Again, these are the old iOS 6 and iOS images. We can go and check the latest image, the latest plus the stable image for SD access, and finally, we have the control plane devices as well. So we have the catalyst, three k ASR one k and ISR 4K. You can see here that in the border mode and the control plane, node devices are common as well. So there will be devices in the fabric that can act as both a border and a control plane node. Now, if you want to check the new and latest number of devices and how many devices are supported, you can go and check this particular link. There you will get the Excel sheet, and in that you will get so many supported devices with different product IDs and different devices and their hardware capabilities as well. If you want, you have to go and check the data sheet. Okay, so to summarise what we have a study, we know that we have the management plan, the control plane, the data plane, the policy plane, and we also have a. So in the DNA, what are the key components we have? We have a DNA server that handles automation assurance and management, correct? Because he has a full visibility, becausethe telemetry is supported inside this. So that's why he has full visibility. He can do management automation, and I have the assurance that the policy plane is Ice. So we can create pixie grid feature and so fromIce they can send the input to the DNA center,all the contextual information and DNA centre can analyse thoseand then it can give the output. But the policy plan is ICE. Then we have the edge node here. You can see the edge devices where you have connected endpoint identifiers, and then those will be registered inside the control plane nodes. Then we have the border node todo the communication with nonlist environment. We have the wireless controllers; the APS are not shown here in the diagram, but APS and wireless controllers can use fabric to build the tunnel to do the communication. So this is the overall picture of the DNA, where you have a single unified fabric that will be controlled and managed from the DNA center, or the DNAC. OK? And finally, this is the overall thing that we want to achieve. So we want to achieve an actual virtual network, or we want to achieve the overlay at the beginning of this section. We have discussed that you have fabric, you have overlay fixed hardware, and then you can abstract that as a virtual network or the overlay alternate. So here you can see that you have a fixed hardware connection where you have the border node, edge node, intermediate nodes, et cetera. And then you have multiple instances of "a virtual network," "a virtual network," c up to N," etc. And that's the overall feel that we have with the fabric. And this is what we can accomplish with Staxis or DNA.

26. 1.6 Qos

Another important section is the sixth, in which we must learn about quality of service, both wired and wireless. Another important section is the sixth, in which we must learn about quality of service, both wired and wireless. Apart from that,that, we are going to discuss keywordkeyword components and the policy in detail as well. well. Now, why we need quality of service service we know thatif you have congestion, if you have bandwidth issue atthat point of time you need QS QS EvenEven ifyou have you have bandwidth issuesissues and still needQS, that QS, that means youyou have sufficient bandwidth butbut still need QSbecause of how because of how you are classifying the traffic and which trafficyou are you are giving priority.priority. ThatThat's important. important. I'll show you in the next slide. I'll show you in the next slide. So here you can see that there are chancesthat you that you have highcenters, a centers, a lower receiver,receiver, and vice versa. versa. So at that point inin time,time, you need quality service. service. Suppose you have ten gigs. gigs. So let me highlight here two interfaces with ten gigs,gigs,and then and then here you have only one link with ten gigs. gigs. Suppose ten plus ten becomesbecomes 20. 20. So with 20 Mbps or 20 gigs,gigs, youare sending are sending the traffic,traffic, but the receiver hashas a speedspeed of onlyonly10 gigs 10 gigs or maybe 1010 Mbps. Mbps. So in that case,case, you have two instancesinstances of oversubscription,oversubscription, and this is theclassical case classical case ofthe highly the highly sensitive and slow receiver. receiver. Obviously,Obviously, in that case,case, despitedespite whatever speedor bandwidth or bandwidth youhave, you have, you still have tocategorise the categorise the traffic, classify the traffic,traffic, and thenmap it map it to certain hardwarequeues inside queues inside different typestypes of Cisco platforms. platforms. Sowhy do why do we need QS? QS? becausebecause the primary role ofQSI is QSI is to manage the packet loss. loss. There isistraffic, and traffic, and they are verysensitive to sensitive to delay,delay, soso withwith much more delay and condition there to deliverthe package, the package, they will lose their meaning,meaning, and it's actuallyvery difficult very difficult for those packets to do the reassembly. reassembly. So theSo the first thing is toto manage the packet loss. loss. The second thing is that obviously end-to-endend-to-end delivery should happen,happen, and for that youthat youhave to have to trust ClassifyClassify and the policy. policy. In this section,section, we are going to learnall these all these things with respect to all the hardware. hardware. Now when I'm talking about all the hardware,hardware,we'll see we'll see in the next slide which typeof hardware of hardware it is expected to learnabout in about in QS. QS. Before going there,there, we should know our tool. tool. So we should know the hardware we are goingto work to work on:on: what is the CLI command or theGUI command, GUI command, or what is the software or syntax? ? What is the global setting forfor that hardware? ? What will be the default setting forfor that hardware? hardware? where you want to set the trust boundary. boundary. wherewhere you want to apply the keys. keys. This NBA network-based application recognition protocol, whether physical or logical, should be understood. This NBA network-based application recognition protocol, whether physical or logical, should be understood. This isnot a not a very new thing,thing, but Ciscohas done has done so much innovation inside NBAR,NBAR, and nowthis BAR this BAR alongwith the with the deep packet inspection engine isisworking inside working inside SDWAN images or SDWAN devices as well. well. So,So, forexample, in example, in Cisco ISR,ISR, they have NBA2NBA2, so they can do deep packet inspection. inspection. Somehow they come to know about the metadata ofthe protocol, the protocol, and according to that metadata, themetadata, theprotocol is protocol is in line. line. So whenthe packet the packet is coming to theingress and ingress and going totothe egress the egress at that point inin time,time, you can goand apply and apply app route policies and different typestypes of policies as well. well. So invoir is important who isgoing to do the application discovery. discovery. Once you discover the application, then youcan apply can apply the policy for that,that, and the applied policyapplied policyeither allows either allows ingress oror egress as per requirement. requirement. Now let's quickly see whatwhat typetype of hardware we have. have. In this we have hardware two 9603-560-3750,they are very much similar type ofhardware and by default keys is disabled. disabled. You have to go and write a code MLS QS. QS. Then the QS will get kicked off; off; it will get a start. start. MLS is simply a multi-layer switch MLS QS. MLS is simply a multi-layer switch MLS QS. Okay, so here you cansee that see that this is one type of hardware. hardware. Now the second type of hardware you have is 365-03850. 365-03850. where you can go and use modular QS CLI commands. commands. Modular QS is very much iOS XC imagesare using even the Cisco routers are alsousing MQS format of QS or syntax. Modular QS is very much iOS XC imagesare using even the Cisco routers are alsousing MQS format of QS or syntax. QS is enabled by default. default. You can go and allow this, apply thiskeyword, we'll see later on that what arethe syntax and what are the queues, etcetera. Etcetera. Etcetera. Then youhave a have a 650-06800 modular chassis switch. switch. Again, you can see that MLS, MQC, and three PL Cisco common classification policy language QS are present in the chassis. Again, you can see that MLS, MQC, and three PL Cisco common classification policy language QS are present in the chassis. As you can see, QS is enabled by default in T supervisor, whereas 60 is disabled by default on even the most common hardware. Different supervisor engines have different types of settings. As you can see, QS is enabled by default in T supervisor, whereas 60 is disabled by default on even the most common hardware. Different supervisor engines have different types of settings. And that's the thing:: when you're using QS,QS, youhave to have to learn the QS for all different typestypes of hardware. hardware. All ports are trusted at layer twoand layer three by default c threePL present querying policy similar to MQC. All ports are trusted at layer twoand layer three by default c threePL present querying policy similar to MQC. The good thing is thatthat thethe C 3PL3PL and MQC formatsformats will be similar. similar. The onlyThe only difference is that youhave to have to use thisthis type of policy. policy. Likewise,Likewise, wehave the have the Nexus 77 K770,K770, where QS is enabled by default. default. All ports are trusted at layer two and layerthree by three by default.default. NX'sNX's queuing policy is similar to MQC's,MQC's,but with but with defined typestypes and default class names. names. So again,again, here also,also, you have tolearn the learn the QS policy syntax, different hardware, different typestypes, and , and different waysways to write the policy. policy. The good news is that MQC is very common across all platforms, with the exception of access layer switches such as 296-03560 and 3750. The good news is that MQC is very common across all platforms, with the exception of access layer switches such as 296-03560 and 3750. Now let's quickly discuss the trust boundary—whereboundary—where you want to put the trust boundary. boundary. And when we are talking about QS,remember that you have layer two QS. QS. That is classyclassy service. service. You have three layers of keys that could be different types of services. You have three layers of keys that could be different types of services. And we'll seethat in that in how weare going are going to map costs with DSCP. DSCP. layerlayer, three DSCPsDSCPs, and a, and a marking bit. bit. Okay, so you can see in the diagram that you can set the trust boundary for Cisco phones, telepresence systems, IP cameras, and media players. Okay, so you can see in the diagram that you can set the trust boundary for Cisco phones, telepresence systems, IP cameras, and media players. You may have a trust boundary that you can switch to, or you may not be using any type of trust at all. You may have a trust boundary that you can switch to, or you may not be using any type of trust at all. So that's one thing that you cando to do to use the trust boundaries for QS configuration. configuration. Suppose you want to map your COSCOS to QS. QS. As you can see, you have eight channels and are mapping with 64 DSP bits. As you can see, you have eight channels and are mapping with 64 DSP bits. Now in very easy term, how itis that actually you have eight bit. bit. And let me try to write say 123-4567 eight. eight. Now, for theNow, for the last two,two, you can reserve anreserve anECN, an ECN, an explicit congestion notification. notification. Then come these three, and start counting again from here. Then come these three, and start counting again from here. So these are the three that come to mind that can be used for DACP. So these are the three that come to mind that can be used for DACP. Alternatively, there is a comprehensive list of the aforementioned forwarding. Alternatively, there is a comprehensive list of the aforementioned forwarding. And hence,, you have the first three bits. bits. Actually,Actually, those are usedfor the for the cost of service. service. So that means you have to that's whythe number will be from zero to eight. eight. Because you can read at twoto the to the power one,two to two to the power two,two, and two to the power three. three. So one, two, three like that,the binary the binary to decimal conversion, et cetera. cetera. As a result, you can see that you have it a little like this here. As a result, you can see that you have it a little like this here. andand then you are mapping with the DSCP. DSCP. And inside DSCP,DSCP, you have64 values 64 values you can map like this. this. Now again you have to understand and thatwill come with experience that which is yourhigh priority traffic, which is your low prioritytraffic, mid priority traffic, default traffic, etcetera. etcetera. So, when we use cost-zero marketing, cost-zero marketing will generally be the default if you have high priority traffic. So, when we use cost-zero marketing, cost-zero marketing will generally be the default if you have high priority traffic. So you can see here that you have high priority traffic with costs six and seven. So you can see here that you have high priority traffic with costs six and seven. These are for control plane traffic. These. These are for network control traffic. traffic. For example, OSPF is there or STP isthere or any type of control message exchange. exchange. These queues, even these,these, are reserved for that. that. Then you have EF explicit forwardingthis EF or expedited forwarding. forwarding. These EF are for voice type of traffic. traffic. Then you can have this is say for examplehigh priority traffic, high priority traffic, mid traffic andlike that you should categorisecategorise all these things. things. But never mind, we have the slides in theupcoming session upcoming session that we are going to discuss about that. Here. Here. Again,Again, you can have the trust boundary. boundary. And trustingtrusting boundariesboundaries doesn't mean that you aregoing to going to apply the policy at that point inin time. time. So youhave a have a trust boundary here to markthe packet the packet for the VoIP or IP phone. phone. Now for this particular IP phone, the policy may appliedat switch level, it may apply to the router level. level. This fee is nothing but policy enforcement points. points. So it doesn't mean that if your trust boundary is thereis there, you're going to apply the QS policy atthe same the same point you can change the policy'spolicy's enforcement. enforcement. Now, when you're applying the QS here, youcan see can see that you canapply it apply it per port QS.You can apply per VLAN QS,QS, andand whateverinterfaces are interfaces are inside thatthat VLANVLAN will come into thepicture when you apply per VLAN QS, picture when you apply per VLAN QS, correct? correct? So aSo a policy map is applied to the logical VLAN interface. interface. You can go to the VLAN. VLAN. Because this is a 2960 switch, you can apply service policy input marking to it. Because this is a 2960 switch, you can apply service policy input marking to it. So you have to go and use this command,command, Mlsqs VLANwest,VLANwest, for all the interfaces and then over the VLAN,VLAN,or you or you are applying the policy now if it is perport, so port, so you can go to all the ports and thenyou can you can apply the QS service policy input marking. marking. So these are the starting pointspoints forfor keys. keys. In theIn the upcoming session,session, we're going to learnmore and more and more about QS beforewinding up winding up the session. session. I have given one extra slide here for N bar.BarBar none,none, they areusing the using the UADP chip. chip. This is nothing but the ASIC,ASIC, and dueto this to this ASIC,ASIC, we have that much capability tounderstand the understand the metadata and and to understand 1400 plus applications. applications. So,So,with the with the help of this unified access data plane chipplane chip, if we are capable ofof understandingunderstanding theapplication, and application, and once we are able to understand the application, application, then we can create and put the policies in place. in place. Everyone knows that Cisco is oneof the of the best companiescompanies making high-qualityhigh-quality hardwarehardware that'sthat's embedded insidethe hardware, the hardware, providing very nice application recognition features. features. Alright, so this is it for the introductory session. session. Let's just stop here,here, and inthe next section the next section we will will continue from here.

ExamCollection provides the complete prep materials in vce files format which include Cisco CCNP Enterprise certification exam dumps, practice test questions and answers, video training course and study guide which help the exam candidates to pass the exams quickly. Fast updates to Cisco CCNP Enterprise certification exam dumps, practice test questions and accurate answers vce verified by industry experts are taken from the latest pool of questions.

Read More


Add Comment

Feel Free to Post Your Comments About EamCollection VCE Files which Include Cisco CCNP Enterprise Certification Exam Dumps, Practice Test Questions & Answers.

Site Search:

 

VISA, MasterCard, AmericanExpress, UnionPay

SPECIAL OFFER: GET 10% OFF

ExamCollection Premium

ExamCollection Premium Files

Pass your Exam with ExamCollection's PREMIUM files!

  • ExamCollection Certified Safe Files
  • Guaranteed to have ACTUAL Exam Questions
  • Up-to-Date Exam Study Material - Verified by Experts
  • Instant Downloads
Enter Your Email Address to Receive Your 10% Off Discount Code
A Confirmation Link will be sent to this email address to verify your login
We value your privacy. We will not rent or sell your email address

SPECIAL OFFER: GET 10% OFF

Use Discount Code:

MIN10OFF

A confirmation link was sent to your e-mail.
Please check your mailbox for a message from support@examcollection.com and follow the directions.

Next

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.