Podcast
Questions and Answers
Which Cisco SD-WAN component establishes, adjusts, and maintains connections between WAN Edge devices, overseeing the control plane of the overlay network?
Which Cisco SD-WAN component establishes, adjusts, and maintains connections between WAN Edge devices, overseeing the control plane of the overlay network?
- vBond
- vSmart (correct)
- APIC-EM
- vManage
Which two hardware platforms can support the Cisco IOS XE SD-WAN image?
Which two hardware platforms can support the Cisco IOS XE SD-WAN image?
- ASR9000 series
- ISR9300 series
- ASR1000 series (correct)
- ISR4000 series (correct)
- vEdge-1000 series
What is the default protocol used for control plane connections in Cisco SD-WAN?
What is the default protocol used for control plane connections in Cisco SD-WAN?
- TLS
- DTLS (correct)
- HTTPS
- IPsec
Which Cisco SD-WAN component serves as the initial authentication point for WAN Edge devices joining the SD-WAN fabric?
Which Cisco SD-WAN component serves as the initial authentication point for WAN Edge devices joining the SD-WAN fabric?
Which Cisco SD-WAN component is typically located in a public internet address space to facilitate NAT traversal?
Which Cisco SD-WAN component is typically located in a public internet address space to facilitate NAT traversal?
Which Cisco SD-WAN WAN Edge platform natively supports LTE and Wi-Fi connectivity?
Which Cisco SD-WAN WAN Edge platform natively supports LTE and Wi-Fi connectivity?
In the provided exhibit, what aspect of the BFD session does the value '8' represent?
In the provided exhibit, what aspect of the BFD session does the value '8' represent?
A network administrator is configuring a WAN Edge router for branch connectivity. Which types of tunnels are established when the WAN Edge router connects to the Cisco SD-WAN fabric?
A network administrator is configuring a WAN Edge router for branch connectivity. Which types of tunnels are established when the WAN Edge router connects to the Cisco SD-WAN fabric?
If Smart Account synchronization is disabled, which Cisco SD-WAN component is used to manually upload an authorized serial number file?
If Smart Account synchronization is disabled, which Cisco SD-WAN component is used to manually upload an authorized serial number file?
If no alternate port is configured, which port number is used for vBond under controller certificates?
If no alternate port is configured, which port number is used for vBond under controller certificates?
In the Cisco SD-WAN solution, which two primary actions are the responsibility of the vSmart controller?(Choose two)
In the Cisco SD-WAN solution, which two primary actions are the responsibility of the vSmart controller?(Choose two)
When a WAN Edge device joins a Cisco SD-WAN overlay, which component orchestrates the connection between the Edge device and a vSmart controller?
When a WAN Edge device joins a Cisco SD-WAN overlay, which component orchestrates the connection between the Edge device and a vSmart controller?
Within the AWS cloud, which feature automatically provisions WAN Edge routers in Cisco SD-WAN?
Within the AWS cloud, which feature automatically provisions WAN Edge routers in Cisco SD-WAN?
A retail organization is migrating its branch applications to the AWS cloud. How can the network architect extend the in-house Cisco SD-WAN to AWS?
A retail organization is migrating its branch applications to the AWS cloud. How can the network architect extend the in-house Cisco SD-WAN to AWS?
When deploying Cisco WAN Edge Router virtual platforms, which two specific products can be used?(Choose two)
When deploying Cisco WAN Edge Router virtual platforms, which two specific products can be used?(Choose two)
A bank seeks to enhance customer application experience and diminish overhead affecting compliance and security. Which feature of Cisco SD-WAN assists?
A bank seeks to enhance customer application experience and diminish overhead affecting compliance and security. Which feature of Cisco SD-WAN assists?
Prior to launching Cloud OnRamp for IaaS on vManage to extend SD-WAN to AWS cloud, what prerequisites must be completed? (Choose two)
Prior to launching Cloud OnRamp for IaaS on vManage to extend SD-WAN to AWS cloud, what prerequisites must be completed? (Choose two)
Within a Cisco SD-WAN deployment, which component takes responsibility for distributing routing and policy information via the OMP?
Within a Cisco SD-WAN deployment, which component takes responsibility for distributing routing and policy information via the OMP?
For data plane resilience in Cisco SD-WAN, what mechanism is implemented by the software?
For data plane resilience in Cisco SD-WAN, what mechanism is implemented by the software?
An organization aims to leverage Cisco SD-WAN regionalized service-chaining. What capabilities does this feature offer for optimizing cost and the user experience?
An organization aims to leverage Cisco SD-WAN regionalized service-chaining. What capabilities does this feature offer for optimizing cost and the user experience?
Which Cisco SD-WAN component facilitates the initial connection between WAN Edge devices to join the SD-WAN fabric?
Which Cisco SD-WAN component facilitates the initial connection between WAN Edge devices to join the SD-WAN fabric?
What is an attribute of TLOC (Transport Location)?
What is an attribute of TLOC (Transport Location)?
What is the core behavior of the vBond orchestrator in the Cisco SD-WAN control plane?
What is the core behavior of the vBond orchestrator in the Cisco SD-WAN control plane?
Which routing protocol facilitates the exchange of control plane information between vSmart controllers and WAN Edge routers?
Which routing protocol facilitates the exchange of control plane information between vSmart controllers and WAN Edge routers?
What is a network requirement for a WAN Edge to successfully reach vManage, vBond, and vSmart controllers in a data center?
What is a network requirement for a WAN Edge to successfully reach vManage, vBond, and vSmart controllers in a data center?
Flashcards
What is the function of vSmart?
What is the function of vSmart?
Oversees the control plane to establish, adjust, and maintain connections in the SD-WAN.
Which hardware platforms support Cisco IOS XE SD-WAN images?
Which hardware platforms support Cisco IOS XE SD-WAN images?
ISR4000 series and ASR1000 series
Default Protocol for Control Plane Connection
Default Protocol for Control Plane Connection
DTLS (Datagram Transport Layer Security)
Which SD-WAN component facilitates NAT traversal?
Which SD-WAN component facilitates NAT traversal?
Signup and view all the flashcards
Which Cisco SD-WAN Edge supports LTE/Wi-Fi?
Which Cisco SD-WAN Edge supports LTE/Wi-Fi?
Signup and view all the flashcards
What does the BFD value represent?
What does the BFD value represent?
Signup and view all the flashcards
Tunnels formed when a WAN Edge connects
Tunnels formed when a WAN Edge connects
Signup and view all the flashcards
Component to upload auth serial number file
Component to upload auth serial number file
Signup and view all the flashcards
Default port for vBond under controller certificates
Default port for vBond under controller certificates
Signup and view all the flashcards
Responsibilities of vSmart
Responsibilities of vSmart
Signup and view all the flashcards
Component that Orchestrates connection to Controller
Component that Orchestrates connection to Controller
Signup and view all the flashcards
Which feature provisions WAn Edge routers
Which feature provisions WAn Edge routers
Signup and view all the flashcards
How to extend SD-WAN to AWS
How to extend SD-WAN to AWS
Signup and view all the flashcards
Products used to deploy virtual platform
Products used to deploy virtual platform
Signup and view all the flashcards
Key feature of the SD-WAN solution
Key feature of the SD-WAN solution
Signup and view all the flashcards
Prerequisites that must be met
Prerequisites that must be met
Signup and view all the flashcards
Component for distributing route/policy info
Component for distributing route/policy info
Signup and view all the flashcards
For data Plane Resiliency
For data Plane Resiliency
Signup and view all the flashcards
Solution for optimizing user experience with SD-WAN
Solution for optimizing user experience with SD-WAN
Signup and view all the flashcards
Interface which establishes BFD neighbors
Interface which establishes BFD neighbors
Signup and view all the flashcards
What secure tunnel type is best connecting?
What secure tunnel type is best connecting?
Signup and view all the flashcards
Default value for poll interval set for BFD
Default value for poll interval set for BFD
Signup and view all the flashcards
Plane builds and maintains network topology
Plane builds and maintains network topology
Signup and view all the flashcards
How is a TLOC defined?
How is a TLOC defined?
Signup and view all the flashcards
Study Notes
Cisco SD-WAN Architecture
- The vSmart component oversees the control plane of the overlay network.
- It establishes, adjusts, and maintains connections between WAN Edge devices.
Cisco IOS XE SD-WAN Hardware Platforms
- ISR4000 series and ASR1000 series hardware platforms support Cisco IOS XE SD-WAN images.
Control Plane Connection Protocol
- DTLS protocol is the default for control plane connections.
SD-WAN Device Functions:
- vSmart enforces control policies.
- vManage is a single pane of glass.
- vEdge establishes a secured data plane.
- vBond serves as the first point of authentication.
vBond Location
- The vBond component should be located in a public Internet address space.
- It also facilitates NAT traversal.
WAN Edge Platform
- The ISR 1101 platform supports LTE and Wi-Fi.
BFD Value
- The BFD value of 8 represents the number of BFD sessions.
WAN Edge Router Tunnel Formation
- When a WAN Edge router connects to the Cisco SD-WAN fabric, DTLS or TLS tunnels form with the vSmart controller.
- IPsec tunnels also form with other WAN Edge routers.
Smart Account Sync Alternatives
- If Smart Account Sync is not used, vManage is utilized to upload an authorized serial number file.
vBond Port
- Port 12346 is used for vBond under controller certificates when no alternate port is configured.
vSmart Controller Actions
- vSmart controller distributes route and policy information via OMP.
- It also distributes crypto key information among WAN Edge routers.
Orchestration Component
- vBond orchestrates the connection between a WAN Edge device and a vSmart controller.
AWS Cloud Feature
- Cloud OnRamp feature provisions WAN Edge routers automatically in Cisco SD-WAN within an AWS cloud.
Extending SD-WAN Branch to AWS
- Virtual WAN Edge devices are created through the AWS online software store.
Cisco WAN Edge Router Virtual Platforms
- Cisco UCS
- Cisco ENCS 5000 Series
Cisco SD-WAN Features
- The Cisco SD-WAN solution helps to improve customer experience and reduce overhead.
- Achieved through QoS, including application prioritization and meeting critical application SLAs.
Cloud onRamp Prerequisites on vManage
- Subscribe to the SD-WAN Edge router AMI in an AWS account.
- Attach a device template to the cloud WAN Edge router to be deployed in the AWS
Route and Policy Information
- vSmart Controller is responsible for distributing route and policy information via OMP.
Cisco NFV Infrastructure Building Blocks:
- Cisco UCS: Compute
- CEPH: Storage
- RH OpenStack: Management
- Gluster: Virtualized Infrastructure
Data Plane Resiliency
- BFD (Bidirectional Forwarding Detection)
IPsec Tunnel Configuration
- The configuration "vpn 1 service netsvc1 interface ipsec1 ipsec2 from-vsmart lists vpn-list 1 vpn 1" configures IPsec tunnels in active and standby.
Regionalized Service-Chaining
- Cloud OnRamp for Colocation optimizes cost and user experience with applications by allowing branch routers to analyze and steer traffic.
BFD (Bidirectional Forwarding Detection) Parameters
- BFD for Transport Tunnel includes color, hello interval, and PMTU discovery.
- BFD for Application-Aware Routing includes poll interval and multiplier.
Initial Communication Facilitator
- vBond Orchestrator facilitates the initial communication between WAN Edge devices to join the fabric.
TLOC Attribute
- The tag is an attribute of TLOC (Transport Location).
vBond Orchestrator
- Builds permanent connections with vSmart controllers.
Control Plane Information Exchange
- OMP (Overlay Management Protocol) is the routing protocol used to exchange control plane information between vSmart controllers and WAN Edge routers.
WAN Edge Requirement
- A requirement for a WAN Edge to reach vManage, vBond, and vSmart controllers in a data center is IGP (Interior Gateway Protocol).
Establishing BFD Neighbours
- An interface template which configures on tunnel interface, an MPLS colour and restrict to on will enable BFD for MPLS enabled circuits.
Secure Tunnel Type
- IPsec should be used to connect one WAN Edge router to other WAN Edge routers.
BFD Basic Configuration Default Value
- The default value for the poll interval in BFD basic configuration is 600,000 milliseconds.
Network Topology and Traffic Flow Decisions
- The control plane builds and maintains the network topology and makes decisions on traffic flows.
TLOC Definition
- A TLOC is defined as a unique collection of GRE or IPsec encapsulations, link color, and system IP address.
vBond System Configuration VPN 0
- The vBond system configuration under VPN 0 allows for a routable public IP address when the DNS name, hostname, or IP address of the vBond orchestrator are omitted.
Cloud-Based Controller Deployment Advantages
- Cloud-based Cisco SD-WAN controllers offer infrastructure as a service.
- They provide management of SLA (Service Level Agreement).
Image Formats
- The supported image formats for controller codes are .qcow2 and .ova.
Platforms SD-WAN architecture
- CSR 1000v
- vEdge Cloud
Manage Scalability
- Deploy multiple vManage controllers in a cluster.
SD-WAN Control Plane Storage
- vManage facilitates the storage of certificates and configurations for network components.
DCONFAIL DTLS Connection Failure
- The DCONFAIL DTLS connection failure message indicates a connectivity issue.
Verifying Certificate Validity
- To verify certificate validity on vEdge, the command is
show control local-properties.
Analyzing Control Connection Issues
- 'connect' in the
show control connectionsoutput means connection attempt is in progress
WAN Edge Router State
- The WAN Edge router can create control connections but not data tunnels when in the staging state.
Configuration Template Purpose
vpn 0in the configuration template is responsible for the transport of secure control traffic.
Routing Path Influence
- Use "control-policy" to create routing path in the network by using a group of prefixes.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
