Cisco CCNA/CCNP Training/Exam Tips that are helpful for your Certification Exam!
To be Cisco Certified please Check out:
http://asmed.com/information-technology-it/
Watch the replay: http://cs.co/90028sLgC
We’re going to make this as simple as Cisco’s new Software-Defined Access makes building and managing more secure enterprise networks:
Do you want to streamline device provisioning and host onboarding? Automate policy and segmentation? Get performance insights you didn’t think possible? Of course you do.
Register for the workshop today to get performance insights you didn’t think possible.
Resources:
Watch the New Era of Networking playlist: http://cs.co/90058sI1U
Cisco CCNA/CCNP Training/Exam Tips that are helpful for your Certification Exam!
To be Cisco Certified please Check out:
http://asmed.com/information-technology-it/
Watch the replay: http://cs.co/90028sLgC
We’re going to make this as simple as Cisco’s new Software-Defined Access makes building and managing more secure enterprise networks:
Do you want to streamline device provisioning and host onboarding? Automate policy and segmentation? Get performance insights you didn’t think possible? Of course you do.
Register for the workshop today to get performance insights you didn’t think possible.
Resources:
Watch the New Era of Networking playlist: http://cs.co/90058sI1U
Cisco CCNA Training/Exam Tips that are helpful for your Certification Exam!
To be Cisco Certified please Check out:
http://asmed.com/information-technology-it/
VRF (Virtual Routing and Forwarding) is a technology that allows multiple instances of a routing table to
co-exist within the same router at the same time. This increases functionality by allowing network paths
to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and authentication. Internet
service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs)
for customers; thus the technology is also referred to as VPN routing and forwarding. Because the
routing instances are independent, the same or overlapping IP addresses can be used without
conflicting with each other.
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Mike Herbet, Principal Engineer, Cisco, Dave Cole, Consulting Systems Engineer, Cisco, Sean Comrie, Technical Solutions Architect, Cisco focused on the application centric infrastructure (ACI) at Cisco Connect Toronto.
Cisco CCNA Training/Exam Tips that are helpful for your Certification Exam!
To be Cisco Certified please Check out:
http://asmed.com/information-technology-it/
VRF (Virtual Routing and Forwarding) is a technology that allows multiple instances of a routing table to
co-exist within the same router at the same time. This increases functionality by allowing network paths
to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and authentication. Internet
service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs)
for customers; thus the technology is also referred to as VPN routing and forwarding. Because the
routing instances are independent, the same or overlapping IP addresses can be used without
conflicting with each other.
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Mike Herbet, Principal Engineer, Cisco, Dave Cole, Consulting Systems Engineer, Cisco, Sean Comrie, Technical Solutions Architect, Cisco focused on the application centric infrastructure (ACI) at Cisco Connect Toronto.
Comment by JCB Please center this on the pag.docxclarebernice
Comment by JCB: Please center this on the page
Cisco Network Proposal Part 2Comment by JCB: This document should include to sites, Worchester and Boston, you have combined the requirements of both sites.
Worchester requires subnetting, the range of each subnet in a table, and encapsulation 802.1q configured.
Boston requires subnetting, all ranges displayed in a table, a routing protocol chosen and a summarized route advertised utilizing the routing protocol
CMIT 350 7982: Interconnecting Cisco Devices
Contents
Routing Protocol3
Summarization 3
Default Route 4
Topology8Site
The current site which I have been assigned to upgrade in Boston and do the routing, the default routing include Comment by JCB: You wording does not clearly state what you are trying to accomplish.
Recommend that you start by describing the Boston network then describe what you plan to do the fix it. For example
Title should be Boston Site Configuration (or something like this)
The Boston site consist of three (type) routers. The routers will be configured with the x.x.x.x/x. This subnet address will be subnetted to support the current configuration and allow for future expansion.
You actually have something below that should be moved up to the introduction paragraph about Boston. I have highlighted it in red.
You then want to talk about your intension to utilized the OSPF routing protocol and summarization to improve the network and the value it will bring.
Then you can start talking about each.
The subnetting would be a good topic at this point because you would have just finished talking about the network and how you intend to improve it. You can now state the subnet address that will be utilize to configure the router and that the subnet will be summarized
Next you can talk about the routing protocol and state that the summarized route will be used and why.
You can use one of these charts.
Why are you using subinterfaces? There is not requirement for VLANs at the Boston site.
3 – 2900 of integrated routers, the routers have four Ethernet cables and are connected to two serial cables. The diagram for the current cabling is as shown below.
Figure 1: Boston site topology
Comment by JCB: All figures, diagrams, and tables must be labeled and referenced in the test.
What is the purpose of the show ip interface brief command?
The site has implemented a routing protocol and the routers have been configured with the default routing protocol.
Proposed solutions and remedies
Routing Protocols
There are three main interior routing protocols:Comment by JCB: You don’t have to describe all the routing protocols, just pick one and state why you chose it. Then show an example of how to configured it.
i. OSPF protocol – This is a link-state classless protocol which is best suited across multi-vendor networks and extensive networks. The protocol can be used in a distance of 110 meters. The routing standard uses cost metric. Comment by JCB: Your formattin ...
Network topology is the topological structure of a system and might be portrayed physically or sensibly. It is an utilization of chart hypothesis wherein conveying gadgets are demonstrated as hubs and the associations between the gadgets are displayed as connections or lines between the hubs.
LAN to LAN VPN also known as Site to Site VPN is the most basic and the most simplest of all the VPN’s used on CISCO devices. It helps in connecting networks in different geographical location.
Three modules for the remote inventory feature on Pandora FMS Enterprise. Get's information from CISCO devices like CPU, IOS version, Interfaces and other hardware info (version, s/n). For mo
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
1. Configure ACI Multi-Site Deployment
Contents
Introduction
Prerequisites
Requirements
Components Used
Background Information
Configure
Logical Network Diagram
Configurations
IPN Switch Configuration
Required Configuration from APIC
Multi-Site Controller Configuration
Verify
Troubleshoot
Related Information
Introduction
This document describes the steps to set up and configure Application Centric Infrastructure (ACI)
multi-site fabric.
The ACI Multi-Site feature introduced in Release 3.0 allows you to interconnect separate Cisco
ACI Application Policy Infrastructure Controller (APIC) cluster domains (fabrics). Each site
represents a different availability zone. This helps to ensure multi-tenant Layer 2 and Layer 3
network connectivity across sites and it also extends the policy domain end-to-end across fabrics.
You can create policies in the Multi-Site GUI and push them to all integrated sites or selected
sites. Alternatively, you can import tenants and their policies from a single site and deploy them on
other sites.
Prerequisites
Requirements
Cisco recommends that you:
Complete the instructions in the Cisco ACI Multi-Site Orchestrator Installation and Upgrade
Guide in order to set up the Multi-Site Controller (MSC).
q
Ensure ACI fabrics have been fully discovered in two or more sites.q
Ensure the APIC clusters deployed in separate sites have the Out of Band (OOB)
management connectivity to the MSC nodes.
q
Components Used
2. The information in this document is based on these software and hardware versions:
Site A
Hardware Device Logical Name
N9K-C9504 w/
N9K-X9732C-EX
spine109
N9K-C93180YC-
EX
leaf101
N9K-C93180YC-
EX
leaf102
N9K-C9372PX-E leaf103
APIC-SERVER-
M2
apic1
Site B
Hardware Device Logical Name
N9K-C9504 w/
N9K-X9732C-EX
spine209
N9K-C93180YC-
EX
leaf201
N9K-C93180YC-
EX
leaf202
N9K-C9372PX-E leaf203
APIC-SERVER-
M2
apic2
IP Network (IPN) N9K-C93180YC-EX
Hardw
are
Version
APIC Version 3.1(2m)
MSC Version: 1.2(2b)
IPN
NXOS: Version
7.0(3)I4(8a)
The information in this document was created from the devices in a specific lab environment. All of
the devices used in this document started with a cleared (default) configuration. If your network is
live, ensure that you understand the potential impact of any command.
Background Information
Note: The cross-site namespace normalization is performed by the connecting spine
switches. This requires 2nd generation or later Cisco Nexus 9000 Series switches with "EX"
or "FX" on the end of the product name. Alternatively, Nexus 9364C is supported in ACI
Multi-Site Release 1.1(x) and later.
For more details on hardware requirements and compatibility information, see the ACI Multi-Site
Hardware Requirements Guide.
Configure
Logical Network Diagram
3. Configurations
This document mainly focuses on an ACI and MSC side configuration for Multi-Site deployment.
IPN switch configuration details are not fully covered. However, a few important configurations
from the IPN switch are listed for reference purposes.
IPN Switch Configuration
These configurations are used in the IPN device connected to the ACI spines.
vrf context intersite
description VRF for Multi-Site lab
feature ospf
router ospf intersite
vrf intersite
//Towards to Spine109 in Site-A // Towards to Spine209 in Site-B
interface Ethernet1/49
speed 100000
mtu 9216
no negotiate auto
no shutdown
interface Ethernet1/49.4
mtu 9150
interface Ethernet1/50
speed 100000
mtu 9216
no negotiate auto
no shutdown
interface Ethernet1/50.4
mtu 9150
4. encapsulation dot1q 4
vrf member intersite
ip address 172.16.1.34/27
ip ospf network point-to-point
ip router ospf intersite area 0.0.0.1
no shutdown
encapsulation dot1q 4
vrf member intersite
ip address 172.16.2.34/27
ip ospf network point-to-point
ip router ospf intersite area 0.0.0.1
no shutdown
Note: Maximum transmission unit (MTU) of Multiprotocol Border Gateway Protocol (MP-
BGP) Ethernet Virtual Private Network (EVPN) control plane communication between spine
nodes in different sites - By default, the spine nodes generate 9000-byte packets to
exchange endpoint routing information. If that default value is not modified, the Inter Site
Network (ISN) must support an MTU size of at least 9100 bytes. In order to tune the default
value, modify the corresponding system settings in each APIC domain.
This example uses the default control plane MTU size (9000 bytes) on the spine nodes.
Required Configuration from APIC
Configure iBGP AS and Route Reflector for each site from the APIC GUI. Log in the site's
APIC and configure internal Border Gateway Protocol (iBGP) Autonomous System Number
and Route Reflector Nodes for each site's APIC cluster. Choose APIC GUI > System >
System Settings > BGP Route Reflector. This is the default BGP Route Route Reflector
Policy which will be used for the fabric pod profile.
Configure the fabric pod profile for each site's APIC cluster. Choose APIC GUI > Fabric >
Fabric Policies > Pod Policies > Policy Groups. Click the default Pod policy group. From
the BGP Route Reflector Policy drop-down list, choose default.
1.
5. Configure spine access policies to include external routed domains for each site from the
APIC GUI. Configure the spine access policies for spine uplink to the IPN switch with an
Access Entity Profile (AEP) and Layer 3 routed domain (APIC GUI > Fabric > Access
Policies). Create the switch profile.
Create the Attachable Access Entity Profile (AAEP), Layer 3 Routed domain, and VLAN
Pool.
2.
6. Create the Spine Access Port Policy Group. From the Attached Entity Profile drop-down list,
choose msite.
Create the Spine Interface Profile. Associate the IPN facing spine access port to the interface
policy group created in the previous step.
7. Note: As for now, there is no need to configure L3Out of Open Shortest Path First (OSPF)
under infra tenant from the APIC GUI. This will be configured via MSC and the configuration
pushed to each site later.
Configure the external dataplane Tunnel End Point (TEP) per site from the APIC GUI.
Choose APIC GUI > Infra > Policies > Protocol > Fabric Ext Connection Policies. Then
create an intrasite/intersite profile.
3.
Repeat the previous steps in order to complete the APIC side configuration for SiteB ACI
fabric.
4.
Multi-Site Controller Configuration
Add each site one by one in the MSC GUI. Connect and log in to the MSC GUI.1.
8. Click ADD SITE in order to register the sites one-by-one in MSC. You can also see the
cluster status in the top right of the window.
Use one of the APIC's IP addresses and assign one unique site ID for each site. The valid
range is 1-127.
9. Configure the infra policies per site in MSC. Log in to the MSC GUI. Choose Sites from the
left pane and then click CONFIGURE INFRA.
Configure the Fabric Infra General settings. From the BGP Peering Type drop down list,
choose full-mesh (full mesh - EBGP /route reflector - IBGP).
2.
10. Once it is complete, choose one of the sites from the left pane. Then you will see site
information in the middle pane. There are three different configuration levels. You can
choose the Site level, the Pod level, or the Spine level. It will allow different settings on the
configuration panel (right pane).
Once you click on the Site area, the site level configurations (Multi-Site Enable (On),
Dataplane Multicast TEP, BGP ASN, BGP Community (for example, extended:as2-nn4:2:22)
, OSPF Area ID, OSPF Area Type (stub prevent tep pool advertising), External Route
Domain, and so on) will display in the right pane. Here, you can configure or modify:
11. Dataplane Multicast TEP (one loopback per site), used for Headend Replication
(HREP)Border Gateway Protocol (BGP) Autonomous System (AS) (matching AS from the
site configured in APIC)OSPF Area ID, OSPF Area Type, and OSPF Interface Policy (for
spine interface towards IPN)External Routed DomainIn most cases, the attribute values
would have already been retrieved automatically from APIC to
MSC.
Click the Pod area and go to the POD level specific policies. Enter the Data Plane Unicast
TEP.
Click the Spine area and go to the spine specific infra settings. For each interface from the
spine towards the IPN switch:
Set the IP address and mask
BGP Peering - On
Control Plane TEP - enter the Router IP address
Spine is Route Reflector -
On
12. Repeat these steps for other sites and complete the infra configuration in MSC.Click
DEPLOY. This will save and push the infra configuration to APICs in both sites.
The initial integration between APIC clusters and MSC is complete and ready to use.
You should be able to configure stretched policies for tenants on MSC for different ACI sites.
Verify
Use this section in order to confirm that your configuration works properly.
Verify the infra configuration from the APIC GUI on each APIC cluster. Verify the
Intrasite/Intersite profile was configured under infra tenant on each APIC cluster.Verify the
infra L3Out (intersite), OSPF, and BGP was configured on each APIC cluster (APIC
GUI).Log in the site's APIC and verify the Intrasite/Intersite Profile under Tenant infra>
Policies > Protocol > Fabric Ext Connection Policies . The Intersite profile will look like
this when the site is fully configured/managed by MSC.
1.
13. Choose APIC GUI > Tenant Infra > Networking > External Routed Networks. Here the
intersite L3Out profile should be created automatically under tenant infra in both sites.
Also, ensure the L3Out logical node and interface profile configuration is correctly set in
VLAN
4.
14. Verify the OSPF/BGP session from the Spine CLI on each APIC cluster. Verify OSPF is up
on spine and gets routes from the IPN (Spine CLI).Verify the BGP session is up to the
remote site (Spine CLI).Log in to the Spine CLI, verify the BGP L2VPN EVPN and OSPF is
up on each spine. Also verify the node-role for BGP is msite-speaker.
spine109# show ip ospf neighbors vrf overlay-1
OSPF Process ID default VRF overlay-1
Total number of neighbors: 1
Neighbor ID Pri State Up Time Address Interface
172.16.1.34 1 FULL/ - 04:13:07 172.16.1.34 Eth1/32.32
spine109#
spine109# show bgp l2vpn evpn summary vrf overlay-1
BGP summary information for VRF overlay-1, address family L2VPN EVPN
BGP router identifier 172.16.1.3, local AS number 100
BGP table version is 235, L2VPN EVPN config peers 1, capable peers 1
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.2.3 4 200 259 259 235 0 0 04:15:39 0
spine109#
spine109# vsh -c 'show bgp internal node-role'
Node role : : MSITE_SPEAKER
spine209# show ip ospf neighbors vrf overlay-1
OSPF Process ID default VRF overlay-1
Total number of neighbors: 1
Neighbor ID Pri State Up Time Address Interface
172.16.1.34 1 FULL/ - 04:20:36 172.16.2.34 Eth1/32.32
spine209#
spine209# show bgp l2vpn evpn summary vrf overlay-1
2.
15. BGP summary information for VRF overlay-1, address family L2VPN EVPN
BGP router identifier 172.16.2.3, local AS number 200
BGP table version is 270, L2VPN EVPN config peers 1, capable peers 1
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.1.3 4 100 264 264 270 0 0 04:20:40 0
spine209#
spine209# vsh -c 'show bgp internal node-role'
Node role : : MSITE_SPEAKER
Verify Overlay-1 interfaces from the Spine CLI on each APIC cluster. Log in to the Spine CLI
to check and verify Overlay-1 interfaces.ETEP (Multipod Dataplane TEP)The Dataplane
Tunnel Endpoint address used to route traffic between multiple Pods within the single ACI
fabric.DCI-UCAST (Intersite Dataplane unicast ETEP (anycast per site))This anycast
dataplane ETEP address is unique per site. It is assigned to all the spines connected to the
IPN/ISN device and used to receive L2/L3 unicast traffic.DCI-MCAST-HREP (Intersite
Dataplane multicast TEP)This anycast ETEP address is assigned to all the spines
connected to the IPN/ISN device and used to receive L2 BUM (Broadcast, Unknown unicast
and Multicast) traffic.MSCP-ETEP (Multi-Site Control-plane ETEP)This is the control plane
ETEP address, which is also known as BGP Router ID on each spine for MP-BGP EVPN.
spine109# show ip int vrf overlay-1
<snip>
lo17, Interface status: protocol-up/link-up/admin-up, iod: 83, mode: etep
IP address: 172.16.1.4, IP subnet: 172.16.1.4/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
lo18, Interface status: protocol-up/link-up/admin-up, iod: 84, mode: dci-ucast
IP address: 172.16.1.1, IP subnet: 172.16.1.1/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
lo19, Interface status: protocol-up/link-up/admin-up, iod: 85, mode: dci-mcast-hrep
IP address: 172.16.1.2, IP subnet: 172.16.1.2/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
lo20, Interface status: protocol-up/link-up/admin-up, iod: 87, mode: mscp-etep
IP address: 172.16.1.3, IP subnet: 172.16.1.3/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
spine209# show ip int vrf overlay-1
<snip>
lo13, Interface status: protocol-up/link-up/admin-up, iod: 83, mode: etep
IP address: 172.16.2.4, IP subnet: 172.16.2.4/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
lo14, Interface status: protocol-up/link-up/admin-up, iod: 84, mode: dci-ucast
IP address: 172.16.2.1, IP subnet: 172.16.2.1/32
IP broadcast address: 255.255.255.255
3.
16. IP primary address route-preference: 1, tag: 0
lo15, Interface status: protocol-up/link-up/admin-up, iod: 85, mode: dci-mcast-hrep
IP address: 172.16.2.2, IP subnet: 172.16.2.2/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
lo16, Interface status: protocol-up/link-up/admin-up, iod: 87, mode: mscp-etep
IP address: 172.16.2.3, IP subnet: 172.16.2.3/32
IP broadcast address: 255.255.255.255
IP primary address route-preference: 1, tag: 0
At the end, ensure no faults are seen from the MSC.TroubleshootThere is currently
no specific troubleshooting information available for this configuration.Related
InformationCisco ACI Multi-Site Architecture White PaperTechnical Support &
Documentation - Cisco Systems