Course Overview

This three-day course provides students with intermediate routing knowledge and configuration examples. The course includes an overview of protocol-independent routing features, OSPF, IS-IS, BGP, routing policy, IP tunneling, load balancing, high availability (HA) features, VRRP, and IPv6.

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring Junos OS and monitoring device operations. This course uses Juniper Networks vSRX Series Services Gateways for the hands-on component, but the lab environment does not preclude the course from being applicable to other Juniper hardware platforms running Junos OS.

This course is based on Junos OS Release 23.4R1

Course Level: Intermediate

Course Objectives

• Describe how routes enter a routing table, and how routers choose the best routes for forwarding traffic.
• Implement static routing within Junos OS.
• Describe OSPF within Junos OS.
• Describe how routing policies control what prefixes can enter the routing table and what prefixes can be advertised by protocols.
• Deploy OSPF within Junos OS.
• Implement IS-IS within Junos OS.
• Implement BGP within Junos OS.
• Deploy BGP within Junos OS.
• Describe some important advanced routing policy features and behaviors.
• Implement routing instances within Junos OS.
• Implement load balancing within Junos OS.
• Implement VRRP within Junos OS.
• Implement graceful routing and Bidirectional Forwarding Detection (BFD) within Junos OS.
• Implement high availability features—GRES, NSR, and unified ISSU— within Junos OS.
• Implement IP tunneling within Junos OS.
• Describe IPv6 within Junos OS.
• Implement filter-based forwarding (FBF) within Junos OS.

Course Content

DAY 1

Routing Fundamentals

• Explain the role of a router in a network
• Define the difference between directly connected, static, and dynamic routes
• Explain how route preference selects the best route to a destination
• Explain the process of longest prefix match lookups
• Demonstrate how to view and verify the inet.0 and inet6.0 routing tables

Protocol Independent Routing

• Configure static routes
• Configure aggregate routes
• Configure generated routes
• Manage martian routes

Lab 1: Protocol Independent Routing

Fundamentals of OSPF

• Describe OSPF
• Explain adjacency formation and the designated router election
• Explain OSPF scalability

Routing Policy

• Explain how import and export policies can re-advertise prefixes between protocols
• Describe the CLI syntax of a routing policy
• Demonstrate how a routing policy can export static routes into OSPF

Deploying OSPF

• Configure and monitor OSPF
• Troubleshoot OSPF

Lab 2: OSPFDAY 2

IS-IS

• Explain IS-IS
• Describe IS-IS PDUs
• Define adjacency formation and DIS election
• Configure and monitor IS-IS
• Troubleshoot IS-IS

Lab 3: IS-IS

Fundamentals of BGP

• Explain BGP
• Describe BGP attributes

Deploying BGP

• Explain IBGP and EBGP
• Configure and monitor BGP
• Describe the BGP route reflection operation
• Examine the route reflection configuration

Lab 4: BGP

Advanced Routing Policy Features

• Describe advanced route-filter options
• Describe how to refer to a prefix list in a routing policy
• Explain route filters with mixed prefix lengths

Routing Instances

• Describe routing instances
• Configure and share routes between routing instances

Lab 5: Routing Instances

Load Balancing

• Describe the load-balancing concepts and operations
• Implement and monitor Layer 3 load balancing

Lab 6: Load Balancing

DAY 3

VRRP

• Describe, configure, and monitor VRRP

 Graceful Restart and Bidirectional Forwarding Detection

• Describe high availability
• Explain graceful restart
• Explain Bidirectional Forwarding Detection

Lab 7: High Availability

GRES, NSR, and Unified ISSU

• Explain graceful Routing Engine switchover
• Explain nonstop active routing
• Explain unified ISSU

 IP Tunneling

• Describe IP tunneling
• Describe GRE and IP-IP tunnels
• Deploy GRE and IP-IP tunnels

Lab 8: IP Tunneling

IPv6

• Explain IPv6 addressing
• Explain routing protocol configuration examples
• Describe tunneling IPv6 over IPv4

Lab 9: IPv6SELF-STUDY MODULE

Filter-Based Forwarding

• Illustrate benefits of filter-based forwarding
• Configure and monitor filter-based forwarding

Lab 10: Filter-Based Forwarding

Course Overview

This two-day course is designed to provide students with intermediate switching knowledge and configuration examples using Junos Enhanced Layer 2 Software (ELS). 

This course includes an overview of switching concepts and operations, VLANs, the Rapid Spanning Tree Protocol (RSTP), port and device security features, and high availability (HA) features. 

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos operating system (OS) and in monitoring device operations. 

This course uses Juniper Networks EX4300 Series Ethernet switches for the hands-on components, but lab environment does not preclude the course from being applicable to other Juniper hardware platforms running Junos OS. 

This course is based on Junos OS Release 21.4R1.12.

Course Level

Junos Enterprise Switching (JEX) is an intermediate-level course.

Relevant Juniper Product

• EX Series • QFX Seri

Course Objectives

List the benefits of implementing switched LANs. 

• Describe transparent bridging concepts and operations. 

• Describe terms and design considerations for switched LANs. 

• List enterprise platforms that support Layer 2 switching. 

• Configure interfaces for Layer 2 switching operations. 

• Display and interpret the Ethernet switching table. 

• Explain the concept of a VLAN. 

• Describe access and trunk port modes. 

• Configure and monitor VLANs. 

• Describe voice VLAN and native VLAN concepts. 

• Explain inter-VLAN routing operations. 

• Configure and monitor inter-VLAN routing. 

• Explain when a spanning tree is required. 

• Describe STP and Rapid Spanning Tree Protocol (RSTP) operations. 

• List some advantages of using RSTP over STP. 

• Configure and monitor RSTP. 

• Describe the bridge protocol data unit (BPDU), loop, and root protection features. 

• Configure and monitor the BPDU, loop, and root protection features. 

• List and describe various port security features. 

• Configure and monitor port security features. 

• Describe the storm control feature. 

• Configure and monitor storm control. 

• Describe firewall filter support for EX Series Ethernet switches. 

• Implement and monitor the effects of a firewall filter. 

• List and describe some features that promote high availability. 

• Configure and monitor high availability features. 

• Describe the basic concepts and operational details of a virtual chassis. 

• Implement a virtual chassis with multiple EX4300 switches. 

• Explain the concepts of Multiple Spanning Tree Protocol (MSTP). 

• Configure and monitor MSTP. 

• Discover, configure, and troubleshoot EX Series switches using Junos Space Network Director.

Course Content

Day 1

Course Introduction

Layer 2 Switching 

• Describe Ethernet bridging basic 

• Configure and monitor Layer 2 switching operations

Lab 1: Implementing Layer 2 Switching

Switching Design Considerations 

• Explain switching terminologies and design considerations 

• Describe various Enterprise Switching platforms 

Implement VLANs 

• Define VLANs 

• Create VLANs 

• Monitor VLANs 

Implement VLAN Features 

• Describe voice LAN concepts and operations 

• Describe native LAN concepts and operations 

• Describe and implement IRB interfaces 

Lab 2: Implementing Virtual Networks 

Spanning Tree Overview 

• Explain the operations of STP 

• Explain the operations of RSTP 

Deploy Spanning Tree 

• Configure STP and RSTP 

• Monitor STP and RSTP 

Spanning Tree Protection Features 

• Explain and configure BPDU protection on spanning tree 

• Explain and configure loop protection on spanning tree 

• Explain and configure root protection on spanning tree 

Lab 3: Implementing Spanning Tree 

Day 2

LAGs and RTGs 

• Describe link aggregation groups (LAGs) and redundant trunk groups (RTGs) 

• Configure and monitor LAG and RTG 

Lab 4: Implementing LAGs and RTGs 10 Storm Control 

• Describe storm control features 

• Configure and monitor storm control features

Layer 2 Firewall Filters 

• Describe firewall filter support for EX Series switches 

• Implement and monitor the effects of a firewall filter 

Lab 5: Implementing Storm Control and Firewall Filters 

Port Security—MAC Limiting, MAC Learning, and MACsec 

• Describe MAC limiting, MAC learning, and MACsec 

• Configure MAC limiting, MAC learning, and MACsec 

• Monitor MAC limiting, MAC learning, and MACsec 

Port Security—DHCP Snooping, Dynamic ARP Inspection, and IP Source Guard 

• Describe DHCP snooping, dynamic ARP inspection, and IP source guard 

• Configure DHCP snooping, dynamic ARP inspection, and IP source guard 

• Monitor DHCP snooping, dynamic ARP inspection, and IP source guard 

Lab 6: Implementing Port Security 

High Availability—GRES, NSR, and NSB 

• Overview of high availability networks 

• Explain graceful Routing Engine switchover (GRES) 

• Explain nonstop active routing (NSR) 

• Explain nonstop bridging (NSB) 

Virtual Chassis 

• Describe operational details of Virtual Chassis 

• Implement Virtual Chassis and verify its operation 

Deploy Virtual Chassis 

• Configure and monitor Virtual Chassis 

Lab 7: Implementing Virtual Chassis Systems

The following Appendices can be covered if requested at the time of booking and subject to time during the course:

Appendix A: Junos Space Network Director 

• Describe Junos Space Network Director 

• Configure Junos Space Network Director

Appendix B: MSTP 

• Explain the operations of MSTP 

• Configure and verify MSTP 

Appendix C: Mist Integration with EX Series Switches 

• Explain mist solution and supported devices 

• Describe provisioning and deployment process 

Appendix D: Mist Wired Assurance 

• Describe the deployment options 

• Explain wired assurance SLE and their classifiers 

• Describe the role of Mist within campus and branch architecture 

Appendix E: ELS and Non-ELS Configuration 

• Configure switching options 

• Understand IRB and RVI interfaces and its configuration 

• Describe Q-in-Q VLAN tagging

Course Overview

This 5-day bundle course covers the content of both the Junos Enterprise Switching (JEX) and Junos Intermediate Routing (JIR) courses.

JEX

This two-day course is designed to provide students with intermediate switching knowledge and configuration examples using Junos Enhanced Layer 2 Software (ELS). 

This course includes an overview of switching concepts and operations, VLANs, the Rapid Spanning Tree Protocol (RSTP), port and device security features, and high availability (HA) features. 

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos operating system (OS) and in monitoring device operations. 

This course uses Juniper Networks EX4300 Series Ethernet switches for the hands-on components, but lab environment does not preclude the course from being applicable to other Juniper hardware platforms running Junos OS. 

This course is based on Junos OS Release 21.4R1.12.

Course Level

Intermediate

Relevant Juniper Product

• EX Series • QFX Series

JIR

This three-day course provides students with intermediate routing knowledge and configuration examples. The course includes an overview of protocol-independent routing features, OSPF, IS-IS, BGP, routing policy, IP tunneling, load balancing, high availability (HA) features, VRRP, and IPv6.

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring Junos OS and monitoring device operations. This course uses Juniper Networks vSRX Series Services Gateways for the hands-on component, but the lab environment does not preclude the course from being applicable to other Juniper hardware platforms running Junos OS. This course is based on Junos OS Release 23.4R1.

Course Level

Intermediate

Relevant Juniper Product

• Junos OS • SRX Series

Course Objectives

JEX

• List the benefits of implementing switched LANs. 

• Describe transparent bridging concepts and operations. 

• Describe terms and design considerations for switched LANs. 

• List enterprise platforms that support Layer 2 switching. 

• Configure interfaces for Layer 2 switching operations. 

• Display and interpret the Ethernet switching table. 

• Explain the concept of a VLAN. 

• Describe access and trunk port modes. 

• Configure and monitor VLANs. 

• Describe voice VLAN and native VLAN concepts. 

• Explain inter-VLAN routing operations. 

• Configure and monitor inter-VLAN routing. 

• Explain when a spanning tree is required. 

• Describe STP and Rapid Spanning Tree Protocol (RSTP) operations. 

• List some advantages of using RSTP over STP. 

• Configure and monitor RSTP. 

• Describe the bridge protocol data unit (BPDU), loop, and root protection features. 

• Configure and monitor the BPDU, loop, and root protection features. 

• List and describe various port security features. 

• Configure and monitor port security features. 

• Describe the storm control feature. 

• Configure and monitor storm control. 

• Describe firewall filter support for EX Series Ethernet switches. 

• Implement and monitor the effects of a firewall filter. 

• List and describe some features that promote high availability. 

• Configure and monitor high availability features. 

• Describe the basic concepts and operational details of a virtual chassis. 

• Implement a virtual chassis with multiple EX4300 switches. 

• Explain the concepts of Multiple Spanning Tree Protocol (MSTP). 

• Configure and monitor MSTP. 

• Discover, configure, and troubleshoot EX Series switches using Junos Space Network Director.

JIR

• Describe how routes enter a routing table, and how routers choose the best routes for forwarding traffic.

• Implement static routing within Junos OS.

• Describe OSPF within Junos OS.

• Describe how routing policies control what prefixes can enter the routing table and what prefixes can be advertised by protocols.

• Deploy OSPF within Junos OS.

• Implement IS-IS within Junos OS.

• Implement BGP within Junos OS.

• Deploy BGP within Junos OS.

• Describe some important advanced routing policy features and behaviors.

• Implement routing instances within Junos OS.

• Implement load balancing within Junos OS.

• Implement VRRP within Junos OS.

• Implement graceful routing and Bidirectional Forwarding Detection (BFD) within Junos OS.

• Implement high availability features—GRES, NSR, and unified ISSU—within Junos OS.

• Implement IP tunneling within Junos OS.

• Describe IPv6 within Junos OS.

• Implement filter-based forwarding (FBF) within Junos OS.

Course Content

JEX

Day 1

Course Introduction

Layer 2 Switching 

• Describe Ethernet bridging basic 

• Configure and monitor Layer 2 switching operations

Lab 1: Implementing Layer 2 Switching

Switching Design Considerations 

• Explain switching terminologies and design considerations 

• Describe various Enterprise Switching platforms 

Implement VLANs 

• Define VLANs 

• Create VLANs 

• Monitor VLANs 

Implement VLAN Features 

• Describe voice LAN concepts and operations 

• Describe native LAN concepts and operations 

• Describe and implement IRB interfaces 

Lab 2: Implementing Virtual Networks 

Spanning Tree Overview 

• Explain the operations of STP 

• Explain the operations of RSTP 

Deploy Spanning Tree 

• Configure STP and RSTP 

• Monitor STP and RSTP 

Spanning Tree Protection Features 

• Explain and configure BPDU protection on spanning tree 

• Explain and configure loop protection on spanning tree 

• Explain and configure root protection on spanning tree 

Lab 3: Implementing Spanning Tree 

Day 2

LAGs and RTGs 

• Describe link aggregation groups (LAGs) and redundant trunk groups (RTGs) 

• Configure and monitor LAG and RTG 

Lab 4: Implementing LAGs and RTGs 

Storm Control 

• Describe storm control features 

• Configure and monitor storm control features

Layer 2 Firewall Filters 

• Describe firewall filter support for EX Series switches 

• Implement and monitor the effects of a firewall filter 

Lab 5: Implementing Storm Control and Firewall Filters 

Port Security—MAC Limiting, MAC Learning, and MACsec 

• Describe MAC limiting, MAC learning, and MACsec 

• Configure MAC limiting, MAC learning, and MACsec 

• Monitor MAC limiting, MAC learning, and MACsec 

Port Security—DHCP Snooping, Dynamic ARP Inspection, and IP Source Guard 

• Describe DHCP snooping, dynamic ARP inspection, and IP source guard 

• Configure DHCP snooping, dynamic ARP inspection, and IP source guard 

• Monitor DHCP snooping, dynamic ARP inspection, and IP source guard 

Lab 6: Implementing Port Security 

High Availability—GRES, NSR, and NSB 

• Overview of high availability networks 

• Explain graceful Routing Engine switchover (GRES) 

• Explain nonstop active routing (NSR) 

• Explain nonstop bridging (NSB) 

Virtual Chassis 

• Describe operational details of Virtual Chassis 

• Implement Virtual Chassis and verify its operation 

Deploy Virtual Chassis 

• Configure and monitor Virtual Chassis 

Lab 7: Implementing Virtual Chassis Systems

The following Appendices can be covered if requested at the time of booking and subject to time during the course:

Appendix A: Junos Space Network Director 

• Describe Junos Space Network Director 

• Configure Junos Space Network Director

Appendix B: MSTP 

• Explain the operations of MSTP 

• Configure and verify MSTP 

Appendix C: Mist Integration with EX Series Switches 

• Explain mist solution and supported devices 

• Describe provisioning and deployment process 

Appendix D: Mist Wired Assurance 

• Describe the deployment options 

• Explain wired assurance SLE and their classifiers 

• Describe the role of Mist within campus and branch architecture 

Appendix E: ELS and Non-ELS Configuration 

• Configure switching options 

• Understand IRB and RVI interfaces and its configuration 

• Describe Q-in-Q VLAN tagging

JIR

Day 3

1 Routing Fundamentals

•Explain the role of a router in a network

•Define the difference between directly connected, static, and dynamic routes

•Explain how route preference selects the best route toa destination

•Explain the process of longest prefix match lookups

•Demonstrate how to view and verify the inet.0 andinet6.0 routing tables

2 Protocol Independent Routing

•Configure static routes

•Configure aggregate routes

•Configure generated routes

•Manage martian routes

Lab 1: Protocol Independent Routing

3 Fundamentals of OSPF

•Describe OSPF

•Explain adjacency formation and the designated router election

•Explain OSPF scalability

4 Routing Policy

•Explain how import and export policies can re-advertise prefixes between protocols

•Describe the CLI syntax of a routing policy

•Demonstrate how a routing policy can export static routes into OSPF

5 Deploying OSPF

•Configure and monitor OSPF

•Troubleshoot OSPF

Lab 2: OSPF

Day 4

6 IS-IS

•Explain IS-IS

•Describe IS-IS PDUs

•Define adjacency formation and DIS election

•Configure and monitor IS-IS

•Troubleshoot IS-IS

Lab 3: IS-IS

7 Fundamentals of BGP

•Explain BGP

•Describe BGP attributes

8 Deploying BGP

•Explain IBGP and EBGP

•Configure and monitor BGP

•Describe the BGP route reflection operation

•Examine the route reflection configuration

Lab 4: BGP

9 Advanced Routing Policy Features

•Describe advanced route-filter options

•Describe how to refer to a prefix list in a routing policy

•Explain route filters with mixed prefix lengths

10 Routing Instances

•Describe routing instances

•Configure and share routes between routing instances

Lab 5: Routing Instances

11 Load Balancing

•Describe the load-balancing concepts and operations

•Implement and monitor Layer 3 load balancing

Lab 6: Load Balancing

Day 5

12 VRRP

•Describe, configure, and monitor VRRP

13 Graceful Restart and Bidirectional Forwarding Detection

•Describe high availability

•Explain graceful restart

•Explain Bidirectional Forwarding Detection

Lab 7: High Availability

14 GRES, NSR, and Unified ISSU

•Explain graceful Routing Engine switchover

•Explain nonstop active routing

•Explain unified ISSU

15 IP Tunneling

•Describe IP tunneling

•Describe GRE and IP-IP tunnels

•Deploy GRE and IP-IP tunnels

Lab 8: IP Tunneling

16 IPv6

•Explain IPv6 addressing

•Explain routing protocol configuration examples

•Describe tunneling IPv6 over IPv4

Lab 9: IPv6

Self-Study Bundle

17 Filter-Based Forwarding

•Illustrate benefits of filter-based forwarding

•Configure and monitor filter-based forwarding

Lab 10: Filter-Based Forwarding

Course Overview

This five-day course provides network engineers and technicians who are working in the enterprise sector with the knowledge and skills that are needed to study and configure the IP version 6 (IPv6) features of Cisco IOS Software. This course provides an overview of IPv6 technologies, covers IPv6 design and implementation, describes IPv6 operations, addressing, routing, services, and transition, and describes the deployment of IPv6 in enterprise and service provider networks. Hands-on labs and case studies are used to provide possible deployment scenarios.

Course Objectives

After completing this course you should be able to:

• Describe the history of IP version 4 (IPv4) and the rationale for implementing IPv6 to resolve IPv4 addressing and security issues 
• Explain the benefits of addressing with IPv6 and describe how larger IPv6 address sizes facilitate auto configuration and aggregation 
• Describe the market drivers that help promote IPv6 as the key technology of the future 
• Describe the IPv6 addressing architecture, including types of addresses and address representation 
• Describe changes in the IPv6 header and the purpose of extension headers 
• Describe and use Cisco IOS software commands to enable IPv6 on Cisco routers 
• Describe internet control message protocol (ICMP) types and codes and IPv6 neighbor discovery, which is the process in which neighbors discover each other and autoconfigure addresses 
• Describe the IPv6 configuration process on Cisco IOS software and provide some basic methods for troubleshooting issues that relate to IPv6 configurations 
• Explain IP mobility in general and describe the IPv6 network mobility model with possible usages 
• Describe how domain name system (DNS) works in an IPv6 environment 
• Describe dynamic host configuration protocol (DHCP) version 6 (DHCPv6) for IPv6 operations, including how DHCP operation in IPv6 differs from its operation in IPv4 and how you can implement DHCPv6 prefix delegation to improve the IPv6 numbering process 
• Describe the fields in the IPv6 header that are used to support quality of service (QoS) and explain how these fields differ from the IPv4 QoS model 
• Describe Cisco IOS tools, such as Telnet, Trivial File Transfer Protocol (TFTP), Secure Shell Protocol (SSH), and others 
• Describe open shortest path first (OSPF)v3, the IPv6-capable version of the OSPF routing protocol, including its operations, configuration, and commands 
• Describe Cisco enhanced interior gateway routing protocol (EIGRP), including its operation, configuration, and commands 
• Explore multiprotocol border gateway protocol (MP-BGP), including operation, IPv6-related configuration, and commands 
• Explain the issues when using policy-based routing (PBR) and when disabling the processing of extension headers 
• Describe the characteristics of first hop redundancy protocol (FHRP) for IPv6, which are used to offer redundant connections on the network layer for upstream connectivity 
• Describe redistribution of IPv6 routing information, differences among various routing protocols, and changes in the behavior of redistribution compared to IPv4 
• Describe the IPv6 multicast addresses format, including a real-life multicast example 
• Describe IPv6 multicast addressing options, media access control (MAC) address mappings, and multicast address scoping 
• Describe the dual-stacking approach to integrating IPv6 functionality into an existing IPv4-only environment 
• Describe tunneling mechanisms for IPv4-to-IPv6 transition, or for supporting IPv4 and IPv6 coexistence 
• Explain the benefits of adopting IPv6 single stack instead of using both IPv4 and IPv6 and the process for converting networks from IPv4 to IPv6 
• Describe the features of access control lists (ACLs) in an IPv6 environment 
• Describe how security is implemented in IPv6 
• Describe security issues in an IPv6 transition environment 
• Describe security practices for IPv6 deployment 
• Describe how Cisco IOS Firewall works and how to configure it in Pv6 traffic 
• Describe the IPv6 networking environments in use today, the process of becoming an IPv6 internet service provider (ISPs), address allocation policies and organizations, and strategies for connecting to the IPv6 internet 
• Identify an IPv6 multihoming issue and prescribe a potential solution 
• Describe several IPv6 enterprise deployment strategies 
• Explain how to deploy IPv6 over a multi-protocol label switching (MPLS) network 
• Describe IPv6 broadband access services and digital subscriber line (DSL)-based access in particular 
• Describe how to plan and implement IPv6 in enterprise networks 
• Describe how plan and implement IPv6 cloud and software-defined deployments 
• Describe and identify the most common planning and implementation approaches as they pertain to moving to IPv6 in branch networks 

Course Content

Explaining the rationale for IPv6

• IP Address Allocation
• History of IPv4
• Next Generation of IP
• IPv4 Workarounds

IPv6 Features and Benefits

• Features and Benefits of IPv6
• IPv6 Addresses
• IPv6 Autoconfiguration and Aggregation
• Advanced IPv6 Features
• Transition Strategies to IPv6

Market Drivers

• IPv6 Market Growth and Technologies
• Core IPv4 Address Space Exhaustion Timeline
• Mergers and Acquisitions Driving Change
• Growth of the Internet
• IoT and the Increasing Number of Devices
• Multinational Compliance Efforts and References

IPv6 Addressing Architecture

• IPv6 Addressing Architecture
• IPv6 Address Formats and Types
• IPv6 Address Uses
• Required IPv6 Addresses

IPv6 Header Format

• IPv6 Header Changes and Benefits
• IPv6 Header Fields
• IPv6 Extension Headers

Enabling IPv6 on Cisco Routers

• Enabling IPv6 on Cisco Routers
• IPv6 Address Configuration

Using ICMPv6 and Neighbor Discovery

• ICMPv6
• ICMP Errors
• Echo
• IPv6 over Data Link Layers
• Neighbor Discovery
• Stateless Autoconfiguration
• Value of Autoconfiguration
• Renumbering
• Cisco IOS Neighbor Discovery Command Syntax
• Cisco IOS Network Prefix Renumbering Scenario
• ICMP MLD
• IPv6 Mobility

Troubleshooting IPv6

• Cisco IOS IPv6 Configuration Example
• Cisco IOS show Commands
• Cisco IOS debug Commands
• Cisco IOS debug Command Example

IPv6 Mobility

• Introduction to IP Mobility
• Mobile IPv6
• Network Mobility Examples

DNS in an IPv6 Environment

• DNS Objects and Records
• DNS Tree Structure
• Dynamic DNS

DHCPv6 Operations

• DHCPv6
• DHCPv6 Operation
• DHCPv6 Multicast Addresses
• DHCPv6 Prefix Delegation Process
• DHCPv6 Troubleshooting

QoS Support in an IPv6 Environment

• IPv6 Header Fields Used for QoS
• IPv6 and the Flow Label Field
• IPv6 QoS Configuration

Cisco IOS Software Features

• Cisco IOS XE Software Features
• Cisco IOS XE Software IPv6 Tools
• IPv6 Support for Cisco Discovery Protocol
• Cisco Express Forwarding IPv6
• IP Service Level Agreements

Examining OSPFv3

• OSPFv3 Key Characteristics
• OSPFv3 Enhancements
• OSPFv3 Address Families
• OSPFv3 Configuration
• OSPFv3 IPsec ESP Authentication and Encryption
• OSPFv3 Advanced Functionalities

Examining EIGRP for IPv6

• EIGRP for IPv6
• Cisco IOS EIGRP for IPv6 Commands

Understanding MP-BGP

• MP-BGP Support for IPv6
• IPv6 as Payload and Transport Mechanism in MP-BG
• BGP Peering Over Link-Local Addresses
• BGP Prefix Filtering
• MP-BGP Configuration and Troubleshooting

Configuring IPv6 Policy-Based Routing

• Policy-Based Routing
• Configure PBR

Configuring FHRP for IPv6

• First Hop Redundancy Protocols and Concepts
• HSRPv2 for IPv6
• VRRPv3 for IPv6
• GLBP for IPv6

Configuring Route Redistribution

• Route Redistribution
• PE-CE Redistribution for Service Providers

Implementing Multicast in an IPv6 Network

• IPv6 Multicast Addressing
• PIM for IPv6
• Rendezvous Points
• MP-BGP for the IPv6 Multicast Address Family
• IPv6 Multicast Application Example

Using IPv6 MLD

• Multicast Listener Discovery
• MLD Snooping and MLD Group Limits
• Multicast User Authentication and Group Range Support

Implementing Dual Stack

• Dual-Stack Applications
• Dual-Stack Node
• The Dual-Stack Approach

Describing IPv6 Tunnelling Mechanisms

• Overlay Tunnels
• Manually Configured Tunnels
• Automatic Tunnels

Transition to Single-Stack Deployments

• IPv6 Single Stack
• DNS for IPv6 Migrating from A to AAAA
• Translation Options

Configuring IPv6 ACLs

• IPv6 ACLs
• IPv6 ACL Configuration
• Reflexive and Time-Based ACLs
• Cisco IOS IPv6 Header Filtering
• Cisco IOS New ICMPv6 Types
• Editing of ACLs
• How to Configure ACLs in an IPv6 Environment

Using IPsec,IKE and VPNs

• IPsec, IKE, and VPNs Basics
• IPsec and IKE
• VPN Connections Using IPv6

Security Issues in an IPv6 Transition Environment

• Dual-Stack Transition Mechanism
• Single-Stack Security Issues
• Security at the Network Edge
• ICMP Traffic Requirements
• Private IPv6 Addressing Versus Public IPv6 Addressing
• IP Overloading Issues

IPv6 Security Practices

• Threats in IPv6 Networks
• Zero trust Overview
• Build Distributed Security Capability
• Hide Topology when Possible
• Secure the Local Link
• ICMPv6 at Edge—Manage ICMPv6 Traffic
• Develop Mobility Support Plan
• Use Transition Mechanisms as Transport
• Secure the Routing Plane
• Deploy an Early-Warning System

Configuring Cisco IOS Firewall for IPv6

• Cisco IOS Firewall for IPv6
• IPv6 Inspection on ISRs
• Implement IPv6 Inspection on ISR
• Zone-Based Policy Firewall for IPv6 on ISRs
• Configuring Zones and Zone Pairs
• Configuring a Basic OSI Layer 3 to 4 Interzone Access Policy
• Troubleshooting the Zone-Based Policy Firewall

IPv6 Address Allocation

• IPv6 Internet
• IPv6 Address Allocation
• Connecting to the IPv6 Internet

IPv6 Multihoming Issue

• IPv6 Multihoming Aspects and Issues
• IPv6 Multihoming Status
• Protocol-Based Solutions

IPv6 Enterprise Deployment Strategies

• Enterprise Networks
• Impacts of Network Services
• WAN Networks
• Dual Stack: Advantages and Disadvantages
• Tunneling: Advantages and Disadvantages
• Translation: Advantages and Disadvantages

Support for IPv6 in MPLS

• MPLS Operations
• IPv6 over MPLS Deployment Scenarios
• IPv6 Tunnels Configured on CE Routers
• IPv6 over Layer 2 MPLS VPN
• Cisco 6PE
• Deploy Cisco 6PE on MPLS Networks

IPv6 Broadband Access Services

• IPv6 Rapid Deployment
• Customer Link Encapsulations
• FTTH Access Architecture
• Cable Access Architecture
• Wireless Access Architecture
• DSL Access Architecture

Planning and Implementing IPv6 Cloud and Software-Defined Deployments

• Cisco SD-WAN
• Cisco SD-Access
• Cloud-Native Deployment
• IaaS – AWS and Azure

Planning and Implementing IPv6 in Enterprise Networks

• Enterprise Network Definition
• Implementing IPv6 in an Enterprise Campus Network
• IPv6 in an Enterprise WAN Network

Planning and Implementing IPv6 in Branch Networks

• Branch Deployment General Considerations
• Branch Deployment Profiles: Single-Tier Profile Implementation

Labs

• Discovery Lab 1: Using Neighbor Discovery
• Discovery Lab 2: Using Prefix Delegation
• Discovery Lab 3: Routing with OSPFv3
• Discovery Lab 4: Routing with EIGRP
• Discovery Lab 5: Routing with BGP and MP-BGP
• Discovery Lab 6: Multicasting
• Discovery Lab 7: Implementing Tunnels for IPv6
• Discovery Lab 8: Configuring Advanced ACLs
• Discovery Lab 9: Implementing IPsec and IKE
• Discovery Lab 10: Configuring Cisco IOS Firewall

Course Overview

This course covers the fundamental concepts of segment routing, how to configure and verify segment routing within an Interior Gateway Protocol (IGP), the interworking of Label Distribution Protocol (LDP) with segment routing, how to implement topology-independent loop-free alternate (TI-LFA) using segment routing, and how to instantiate and verify segment routing traffic engineering policies. Students will also learn how to implement segment routing within Border Gateway Protocol (BGP).

Course Objectives

After completing this course you should be able to:

• Describe the key concepts of segment routing
• Implement and verify IGP segment routing
• Migrate an existing Multiprotocol Label Switching (MPLS) LDP-based network to segment routing
• Implement and verify TI-LFA segment routing
• Instantiate segment routing policies
• Instantiate multidomain segment routing policies
• Configure and verify BGP prefix segments and SR-based services

Course Content

Introduction to Segment Routing (SR)

• Examining Unified Fabric Routing
• Exploring Segment Routing Concepts
• Examining Segment Types
• Examining the Segment Routing Global Block (SRGB)

IGP Segment Routing Implementation and Verification

• Examining the IGP Control Plane
• Examining SRGB and IGP Interactions
• Examining Prefix and Adjacency Segment Identifiers
• Intermediate System to Intermediate System Multilevel and Open Shortest Path First (OSPF) Multi-Area
• Configuring and Verifying IS-IS SR Operation
• Configuring and Verifying OSPF SR Operation

Segment Routing and LDP Interworking

• SR and LDP Interworking Data Plane
• Mapping Server Function and Configuration
• Interworking Deployment Models

Topology Independent -Loop Free Alternate

• Examining Classic LFA
• Examining TI-LFA Fundamentals
• Implementing and Verifying TI-LFA for SR Traffic
• Implementing and Verifying TI-LFA for LDP Traffic
• TI-LFA and SR/LDP Interworking

Segment Routing Policies – Traffic Engineering (SR-TE)

• Exploring SR Policies
• Introducing the Anycast and Binding SIDs
• Enabling and Verifying SR Policies
• Instantiating SR Policies
• Instantiating SR Policies Using BGP Dynamic

Multidomain SR Policies

• Configuring and Verifying a Path Computation Element (PCE)
• Configuring and Verifying BGP Link State (BGP-LS)
• Configuring Multidomain SR Policies with a PCE
• Configuring Multidomain SR Policies with On-Demand Next Hop (ODN)

Segment Routing – Based Services 

• Examining the BGP Prefix – SID Operation
• Configuring and Verifying the BGP Prefix SID
• Examining Egress Peer Engineering
• Examining the BGP Prefix-SID Operation
• SR Flexible Algorithm and Performance Measurement (PM) Delay
• SR-Enabled VPNs

Labs:

• Lab 1: Configuring and Verifying IGP Segment Routing
• Lab 2: Migrating from LDP to Segment Routing
• Lab 3: Configuring and Verifying TI-LFA Fast Reroute
• Lab 4: Configuring and Verifying SR Policies
• Lab 5: Configuring and Verifying Multidomain SR-TE
• Lab 6: Configuring and Verifying BGP Segment Routing

Course Overview

Learn how to design, deploy, configure and manage your Cisco® Software-Defined WAN (SD-WAN) solution in a large-scale live network, including how to migrate from legacy WAN to SD-WAN. You will learn best practices for configuring routing protocols in the data center and the branch, as well as how to implement advanced control, data, and application-aware policies.The course also covers SD-WAN deployment and migration options, placement of controllers, how to deploy WAN Edge devices, and how to configure Direct Internet Access (DIA) breakout, and how to deploy a Multi-Region Cisco SD-WAN fabric. You will also learn about the various Application Quality of Experience (AppQoE) traffic optimization capabilities. Finally, the training looks at the different Cisco SD-WAN security options available.  The course looks at the different Cisco SD-WAN security options available, such as application-aware enterprise firewall, Intrusion Prevention System (IPS), URL filtering, Cisco Advanced Malware Protection (AMP), Secure Sockets Layer/Transport Layer Security (SSL/TLS) proxy, and Cisco Umbrella® Secure Internet Gateway (SIG) and Cisco TrustSec in Cisco SD-WAN.

Course Objectives

After completing this course you should be able to:

• Describe the Cisco SD-WAN solution and how modes of operation differ in traditional WAN versus SD-WAN.
• Describe options for Cisco SD-WAN cloud and on-premises deployment.
• Explain how to deploy WAN Edge devices.
• Compare  the Zero-Touch Provisioning (ZTP) and traditional Plug-n-Play processes and examine technical specifics for on-premises deployment.
• Describe configuration groups and feature profiles for configuration management.
• Describe device and feature configuration templates.
• Describe options for providing scalability, high availability, and redundancy.
• Explain how dynamic routing protocols are deployed in an SD-WAN environment, on the service side and transport side.
• Describe Cisco SD-WAN policy concepts, which includes how policies are defined, attached, distributed, and applied.
• Define and implement advanced control policies, such as policies for custom topologies and service insertion.
• Describe the Multi-Region SD-WAN fabric feature.
• Define and implement advanced data policies, such as policies for traffic engineering and QoS.
• Describe the Application Quality of Experience (AppQoE) capabilities available in Cisco SD-WAN.
• Define and implement an Application-Aware Routing (AAR) policy.
• Implement Direct Internet Access (DIA) and Cisco SD-WAN Cloud OnRamp options.
• Describe Cisco SD-WAN security components and integration.
• Describe how to design pure and hybrid Cisco SD-WAN solutions, as well as how to perform a migration to Cisco SD-WAN.
• Describe the different tools and options available for managing a Cisco SD-WAN fabric.
• Describe the different tools and options available for monitoring the Cisco SD-WAN fabric.
• Describe Cisco SD-WAN support for multicast.

Course Content

Examine the Cisco SD WAN Architecture

• Software-Defined Networking for the WAN
• SD-WAN Components and Functions
• Underlay and Overlay Network
• SD-WAN Terminology
• Secure Control Plane
• Secure Data Plane
• SD-WAN Platforms
• IOS XE and IOS XE SD-WAN Software

Examine Cisco SD-WAN Deployment Options

• Flexible Controller Deployment Options
• SD-WAN Cloud Deployment
• SD-WAN Managed Service Provider Deployment
• SD-WAN On-Premises Deployment
• Using an Enterprise CA
• Controller Placement and Challenges

Deploying WAN Edge Devices

• Onboard WAN Edge Devices
• Deploy Cisco Catalyst 8000v IOS XE Devices
• ZTP Process Overview – Pure Play Viptela operating system
• Cisco Plug-and-Play Process Overview
• Working with NAT

Manage Device Configuration

• Configuration Groups Overview
• Configuraion Group Feature Profile Overview
• Device Configuration Template Overview
• Device Configuration Template Features

Explore Redundancy, High Availability, and Scalability

• Horizontal Solution Scale
• Cisco vManage, vSmart and vBond Redundancy
• Routed and Bridged Site Design

Enabling Service-Side and Transport-Side Routing

• Implement OSPF
• Implement BGP
• Impement EIGRP
• Implement TLOC Extensions
• Loop Prevention Mechanism

Explore SD-WAN Policy Configuration Basics

• Policy Configuraton Overview
• Policy Attachment, Distribution and Operation

Define Advanced Control Policies

• Control Policy Overview
• Control Policy Application
• Using Arbitrary VPN Topology
• Using Hierarchical Topology
• VPN Membership Policies
• Multi-Region Fabric
• Implementing Traffic Engineering
• Implementing Service Insertion and Chaining
• Implementing Shared Services
• Dynamic On-Demand Tunnels

Define Advanced Data Policies

• Data Policy Overview
• Implementing Traffic Engineering
• Data Forwarding and Qos
• Implementing Qos in Cisco SD-WAN

Implement Application Quality of Experience

• Application Quality of Experience Overview
• TCP Optimization
• Data Redundancy Elimination
• Packet Duplication
• Forward Error Correction
• AppNav-XE

Implement Application-Aware Routing

• AAR Overview
• Implement AAR Policy

Examine Direct Internet Access and Cloud Deployment Options

• Implement Direct Internet Access
• Cisco SD-WAN Cloud OnRamp for SaaS
• Cisco SD-WAN Cloud onRamp for IaaS
• Cisco SD-WAN Cloud onRamp for Multicloud
• Cisco SD-WAN Cloud OnRamp for Colocation
• Cisco Enterprise NFV Infrastructure Software (NFVIS) SD-Branch

Explore Cisco SD-WAN Security

• Cisco SD-WAN Intent Based Security Use Cases
• Cisco SD-WAN Security Components
• Cisco Umbrella DNS Security and SIG Integration
• Cisco Legacy and Unified Policy
• Describe Cisco SD-WAN TrustSec

Design and Migrate to Cisco SD-WAN

• Design Considerations for Hybrid Scenarios
• Enabling Cisco SD-WAN in the Data Center
• Migrating the Branch to Pure SD-WAN
• Migrating a Branch to a Hybrid Model

Perform Cisco SD-WAN Network Management and Troubleshooting

• Managing Cisco SD-WAN
• Monitoring Cisco SD-WAN
• Troubleshooting Cisco SD-WAN
• Upgrading Cisco SD-WAN Components

Examine Cisco SD-WAN Multicast Support

• Multicast Overlay Routing
• Multicast Protocol Support
• Traffic Flow in Multicast Overlay Routing

Lab outline

• Lab 1: Deploy Cisco SD-WAN Controllers
• Lab 2: Manage Cisco SD-WAN Device Configuration
• Lab 3: Configure Cisco SD-WAN Controller Affinity
• Lab 4: Implement Service Side Routing Protocols
• Lab 5: Implement Transport Location (TLOC) Extensions
• Lab 6: Implement Control Policies
• Lab 7: Implement Data Policies
• Lab 8: Implement Application-Aware Routing
• Lab 9: Implement Branch and Regional Internet Breakouts
• Lab 10: Configure Application Firewall
• Lab 11: Migrate Branch Sites
• Lab 12: Perform Cisco SD-WAN Software Upgrade

Course Overview

The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS)  course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and TLS or SSL decryption. Cloud integration with multiple cloud services providers and multiple use-cases is also covered.

The labs will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows.

Course Objectives

After completing this course, you should be able to:

• Describe Cisco SD-WAN security functions and deployment options
• Understand how to deploy on-premises threat prevention
• Describe content filtering options
• Implement secure Direct Internet Access (DIA)
• Explain and implement service chaining
• Explore Secure Access Service Edge (SASE) and identify use cases
• Describe Umbrella Secure Internet Gateway (SIG) and deployment options
• Implement Cisco Umbrella SIG and DNS policies
• Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365)
• Discover how to use Cisco ThousandEyes to monitor cloud services
• Configure Cisco ThousandEyes to monitor Microsoft 365 applications
• Examine how to protect and optimize access to the software as a service (SaaS) application with Cisco SD-WAN Cloud OnRamp
• Discover and deploy Cloud OnRamp for multi-cloud, including interconnect and collocation use cases
• Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics.

Course Content

Introducing Cisco SD-WAN Security

Deploying On-Premises Threat Prevention

Examining Content Filtering

Exploring Cisco SD-WAN Dedicated Security Options

Examining SASE

Exploring Cisco Umbrella SIG

Securing Cloud Applications with Cisco Umbrella SIG

Exploring Cisco SD-Wan ThousandEyes

Optimizing SaaS Applications

Connecting Cisco SD-WAN to Public Cloud

Examining Cloud Interconnect Solutions

Exploring Cisco Cloud OnRamp for Colocation

Monitoring Cisco SD-WAN Cloud and Security Solutions

Course Overview

Implementing Cisco Multicast is a five-day instructor-led course designed to provide technical solutions for simple deployments of IP multicast within a provider or customer network. This course covers the fundamentals of IP multicasting including multicast applications, sources, receivers, group management, and IP multicast routing protocols (such as Protocol Independent Multicast [PIM]) used within a single administrative domain (intradomain). The issues of switched LAN environments and reliable IP multicasting have also been incorporated.

The labs incorporated in this course provide delegates with hands-on experience of the configuration and troubleshooting guidelines for implementing IP multicast on Cisco routers.

Course Objectives

After you complete this course you will be able to :

• Introduce IP multicast services, to evaluate the functional model of IP multicasting and the technologies present in IP multicasting, acknowledge IP multicast benefits and associated caveats, and determine various types of multicast applications in order to understand the IP multicast conceptual model and its implementation prerequisites
• Configure and deploy MSDP in the interdomain environment
• Identify IP multicast issues on a data link layer, explain the methods of mapping network layer multicast addresses to data link layer addresses, and list the mechanisms for constraining multicast streams in a LAN environment
• Answer to and design multicast-related application and network solutions in customer and service provider networks
• Introduce Protocol Independent Multicast sparse mode (PIM-SM) as the most current scalable IP multicast routing protocol to learn the principles of protocol operation and details, become familiar with the determinism built into sparse mode multicast protocols, and configure and deploy PIM-SM in complex IP multicast network deployments
• Review RP distribution solutions, recognize the drawbacks of manual RP configuration, become familiar with the Auto-Rendezvous Point (Auto-RP) and the bootstrap router (BSR) mechanisms, and introduce the concept of Anycast RP that works in combination with the Multicast Source Discovery Protocol (MSDP)
• Recognize the drawbacks of the PIM-SM and introduce two extensions to provide possible solutions; learn about mechanics of the Source Specific Multicast (SSM) and bidirectional mode of PIM-SM in order to configure and deploy SSM and bidirectional mode of the PIM-SM in a large service provider network
• Explain basic concepts of Multiprotocol BGP (MP-BGP) and its use in the IP multicast environment, apply steps that are associated with configuring MP-BGP with Address Family Identifier (AFI) syntax to support IP multicast in the interdomain environment
• Introduce solutions to mitigate security issues in the IP multicast network. Examine and implement suitable virtual private network (VPN) technologies, such as Generic Routing Encapsulation (GRE) with IP Security (IPsec) and Group Encrypted Transport (GET) VPN
• Describe the process of monitoring and maintaining multicast high-availability operations, introduce the PIM triggered join feature, and describe how load splitting IP multicast traffic over Equal-Cost Multipath (ECMP) works

Course Content

IP Multicast Concepts and Technologies

• Introducing IP Multicast
• Understanding the Multicast Service Model
• Defining Multicast Distribution Trees and Forwarding
• Reviewing Multicast Protocols

Multicast on the LAN

• Mapping Layer 3 to Layer 2
• Working with Cisco Group Management Protocol
• Using IGMP Snooping

PIM Sparse Mode

• Introducing Protocol Independent Multicast Sparse Mode
• Understanding PIM-SM Protocol Mechanics
• Using PIM-SM in a Sample Situation
• Configuring and Monitoring PIM-SM

Rendezvous Point Engineering

• Identifying RP Distribution Solutions
• Implementing Auto-RP
• Using PIMv2 BSR
• Using Anycast RP and MSDP

PIM Sparse Mode Protocol Extensions

• Introducing Source Specific Multicast
• Configuring and Monitoring SSM
• Reviewing Bidirectional PIM
• Configuring and Monitoring Bidirectional PIM

Multiprotocol Extensions for BGP

• Introducing MP-BGP
• Configuring and Monitoring MP-BGP

Interdomain IP Multicast

• Examining Dynamic Interdomain IP Multicast
• Explaining Multicast Source Discovery Protocol
• Using MSDP SA Caching
• Configuring and Monitoring MSDP

IP Multicast Security

• Introducing IP Multicast and Security
• Securing a Multicast Network

Multicast Optimization and High-Availability Features

• Using Multicast Optimization and High-Availability Features

Applications of Multicast

• Exploring IP Multicast and Video Applications
• Using IP Multicast in Mission-Critical Environments
• Exploring How Enterprise IT Uses IP Multicasting Globally

Course Overview

Multiprotocol Label Switching (MPLS) is a high-performance method for forwarding packets through a network enabling routers at the edge of a network to apply simple labels to packets. This practice allows the edge devices to switch packets according to labels, with minimal lookup overhead. MPLS integrates the performance and traffic-management capabilities of data link Layer 2 with the scalability and flexibility of network Layer 3 routing.

This course covers both introductory and advanced MPLS and MPLS VPNs concepts. Configuration, implementation and troubleshooting skills are all included with a significnat focus on the use of labs to consolidate the learners knowledge. At the end of this course you should be able to design, implement and maintain core IP routing network infrastructures.

Each student will have their own virtual pod of equipment with access to the labs 24×7 for 90 days

Course Objectives

After you complete this course you should be able to:

• Describe the features of MPLS
• Describe how MPLS labels are assigned and distributed
• Identify the Cisco IOS tasks and command syntax necessary to implement MPLS on frame-mode Cisco IOS platforms
• Describe the MPLS peer-to-peer architecture and explain the routing and packet forwarding model in this architecture
• Identify the Cisco IOS command syntax required to successfully configure, monitor, and troubleshoot VPN operations
• Identify how the MPLS VPN model can be used to implement managed services and internet access
• Describe the various internet access implementations that are available and the benefits and drawbacks of each model
• Provide an overview of MPLS Traffic Engineering

Course Content

Introducing Basic MPLS Concepts

• Foundations of Traditional IP Routing
• Basic MPLS Features
• Benefits of MPLS
• MPLS Terminology: Label Switch Router
• MPLS Terminology: Label Switched Path
• MPLS Terminology: Upstream and Downstream
• MPLS Architecture Components
• Architecture of Ingress Edge LSRs
• Architecture of Intermediate LSRs
• Architecture of Egress Edge LSRs

Introducing MPLS Labels and Label Stack

• MPLS Labels
• FEC and MPLS Forwarding
• MPLS Label Imposition
• MPLS Label Stack

Identifying MPLS Applications

• MPLS Services
• MPLS Unicast IP Routing
• MPLS Multicast IP Routing
• MPLS VPNs
• MPLS Traffic Engineering
• MPLS Quality of Service
• Any Transport over MPLS
• Interactions Between MPLS Services

Discovering LDP Neighbours

• Label Distributing Protocols
• LDP Neighbour Session Establishment
• LDP Link Hello Message
• LDP Negotiating Label Space
• Discovering LDP Neighbours
• Negotiating LDP Sessions

Introducing Typcial Label Distribution in Frame-Mode MPLS

• Propagating Labels Across a Network
• Building Blocks for IP Forwarding
• Using the FIB Table to Forward Packets
• Using LDP to Forward Packets
• Label-Switched Path
• Propagating Labels by Using PHP
• Impact of IP Aggregation on LSPs
• Label Allocation in a Frame-Mode MPLS Network
• Label Distribution and Advertisement
• Receiving Label Advertisement
• Liberal Label Retention
• Further Label Allocation
• Frame-Mode Loop Detection Using the MPLS TTL Field
• Normal TTL Operation
• Disabling TTL Popagation

Introducing Convergence in Frame-Mode MPLS

• MPLS Steady-State Operation
• Link Failure State
• Routing Protocol Convergence After a Link Failure
• MPLS Convergence After a Link Failure
• Link Recovery Actions

Implementing Frame-Mode MPLS Implementation on Cisco IOS Platforms

• Cisco IOS Platform-Switching Mechanisms
• Using Standard IP Switching
• Cisco Express Forwarding Switching Architecture
• Configuring IP Cisco Express Forwarding
• Monitoring IP Cisco Express Forwarding
• MPLS Configuration Tasks
• Configuring the MPLS ID on a Router
• Configuring MPLS on a Frame-Mode Instance
• Configuring IP TTL Propagation
• Configuring Conditional Label Distribution

Monitoring and Troubleshooting Frame-Mode MPLS on Cisco IOS Platforms

• Monitoring MPLS
• Monitoring LDP
• Monitoring Label Switching
• Debugging MPLS and LDP
• Common Frame-Mode MPLS Issues
• Solving LDP Session Start-up Issues
• Solving Label Allocation Issues
• Solving Label Distribution Issues
• Solving Packet-Labeling Issues
• Solving Intermittent MPLS Failures
• Solving Packet Propagation Issues

Introducing VPNs

• Basic VPN Overview
• VPN Implementation Models
• Overlay VPN Technologies
• Peer-to-Peer VPN Technologies
• Benefits of VPNs
• Drawbacks of VPNs

Introducing MPLS VPN Architecture

• MPLS VPN Architecture
• PE Router Architecture
• VRF Overview
• Methods of Popagating Routing Information across the P-Network
• Route Distinguishers
• RD Format
• RD Operation in MPLS VPN
• RD Process Flow
• Route Targets
• RT Operation
• RT and RD Process Flow

Introducing the MPLS VPN Routing Model

• MPLS VPN Routing
• CE Router MPLS VPN Routing
• IP Router MPLS VPN Routing
• PE Router MPLS VPN Routing
• Support for Internet Routing
• Routing Tables on PE Routers
• Identifying End-to-End Routing Update Flow

Forwarding MPLS VPN Packets

• End-to-End VPN Mechanisms
• VPN Penultimate Hop Popping
• Propagating VPN Labels Between PE Routers
• Effects of MPLS VPNs on Label Propagagtion
• Effects of MPLS VPNs on Packet Forwarding

Implementing an MP-BGP Session Between PE Routers

• VRF Table
• Need for Routing Protocol Contexts
• VPN-Aware Routing Protocols
• Using VRF Tables
• Propagating BGP Routes – Outbound Example
• Propagating Non-BGP Routes – Outbound Example
• Propagating BGP Routes -Inbound Example
• Propagating Non-BGP Routes – Inbound Example
• Configuring BGP Address Families
• Enabling BGP Neighbours
• Configuring MP-BGP
• Configuring MP-IBGP
• VFR Configuration Tasks
• Creating VRF Tables and Assigning RDs
• Specifying Export and Import RTs
• Using MPLS VPN IDs

MPLS VPN Implementation

• Using MPLS VPN Mechanisms of Cisco IOS platforms
• Configuring an MP-BGP Session Between PE Routers
• Configuring VRF Tables
• Configuring Small-Scale Routing Protocols Between PE and CE routers
• Monitoring MPLS VPN Operations
• Configuring OSPF as the Routing Protocol Between PE and CE Routers
• Configuring BGP as the Routing Protocol between PE and CE Routers
• Troubleshooting MPLS VPNs

Configuring Small-Scale Routing Protocols Between PE and CE Routers

• Configuring PE-CE Routing Protocols
• Selecting the VRF Routing Context for BGP
• Configuring Per-VRF Static Routes
• Configuring RIP PE-CE Routing
• Configuring EIGRP PE-CE Routing
• Configuring SOO for EIGRP PE-CE Loop Prevention

Monitoring MPLS VPN Operations

• Monitoring VRFs
• Monitoring VRF Routing
• Monitoring MP-BGP Sessions
• Monitoring an MP-BGP VPNv4 Table
• Monitoring Per-VRF Cisco Express Forwarding and LFIB Structures
• Monitoring Labels Associated with VPNv4 Routes
• Identifying MPLS VPN Diagnostic Commands

Configuring OSPF as the Routing Protocol Between PE and CE Routers

• OSPF Hierarchical Model
• OSPF in an MPLS VPN Routing Model
• OSPF Superbackbone-OSPF-BGP Hierarchy Issue
• OSPF in MPLS VPNs-Goals
• OSPF Superbackbone- Route Propagation Example
• OSPF Superbackbone- Rules
• OSPF Superbackbone- Implementation
• OSPF Superbackbone- External Routes
• OSPF Superbackbone- Mixing Routing Protocols
• Configuring PE-CE OSPF Routing
• Routing Loops Between MP-BGP and OSPF
• OSPF Down-Bit-Loop Prevention
• Optimizing of Packet Forwarding Across the MPLS VPN Backbone
• Routing Loops across OSPF Domains
• OSPF Tag Field-Operation
• OSPF Tag Field-Usage Guidelines
• OSPF Tag Field-Routing Loop Prevention
• Sham Link

Configuring BGP as the Routing Protocol Between PE and CE Routers

• Configuring a Per-VRF BGP Routing Context
• Reasons for Limiting the Number of Routes in a VRF
• Limiting the Number of Prefixes Received from a BGP Neighbour
• Limiting the Total Number of VRF Routes
• Identifying AS-Override Issues
• AS-Override Implementation
• AS-Path Prepending
• Idenifying the Allow-AS Issue
• Allow-AS in Implementation
• Implementing SOO for Loop Prevention

Troubleshooting MPLS VPNs

• Identifying Preliminary Steps in MPLS VPN Troubleshooting
• Verifying the Routing Information Flow
• Validating CE-to-PE Routing Information Flow
• Validating PE-to-PE Routing Information Flow
• Validating PE-to-CE Routing Information Flow
• Identifying the Issues when Verifying the Data Flow
• Validating Cisco Express Forwarding Status
• Validating the End-to-End LSP
• Validating the LFIB Status
• MPLS VPN Troubleshooting Command Summary

Complex MPLS VPNs

• Particpants in Overlapping VPNs
• Typical Overlapping VPNs
• Overlapping VPN Routing
• Overlapping VPN Data Flow
• Configuring Overlaping VPNs
• Central Services VPN
• Central Services VPN Routing
• Central Services VPN Data Flow Model
• Central Services VPN and Overlapping VPN Requirements
• Configuring RDs and RTs in a Central Services VPN and Overlapping VPN
• Advanced BRF Features
• Configuring Selective VRF Import
• Configuring Selective VRF Export
• Managed CE Routers
• VRF Creation and RD Overview
• Configuring Managed CE Routers

Internet Access and MPLS VPNs

• Customer Internet Connectivity Scenarios Overview
• Classical Internet Access
• Multisite Internet Access
• Wholesale Internet Access
• Internet Design Models for Service Providers
• Internet Access Through Global Routing
• Internet Access Through a Seperate VPN Service
• Internet Access Through Route Leaking
• Classical Internet Access for a VPN Customer
• Implementing Classical Internet Access for a VPN Customer
• Using Seperate Subinterfaces
• Implementing Internet Access from Every Customer Site
• Internet Access as a Seperate VPN
• Implementing Wholesale Internet Access
• Seperate Internet Access Benefits and Limitations
• Running an Internet Backbone in a VPN: Benefits and Limitations

Introducing MPLS TE Components

• TE Concepts
• TE Motivations
• Business Drivers for TE
• Congestion Avoidance and TE
• TE with a Layer 2 Overlay Model
• Example of TE with a Layer 2 Overlay Model
• Drawbacks of the Layer 2 Overlay Solution
• Layer 3 Routing Model Without TE
• TE with a Layer 3 Routing Model
• MPLS TE Model
• MPLS TE Traffic Tunnels
• Traffic Tunnel Attributes
• Link Resource Attributes
• Constraint-Based Path Computation
• Example of Constraint-Based Path Computation (Bandwidth)
• MPLS TE Processes
• Role of RSVP in Path Setup Procedures
• Path Setup and Admission Control with RSVP
• Forwarding Traffic to a Tunnel
• Autoroute
• Autoroute Example

Understanding MPLS TE Operations

• Attributes Used by Constraint-Based Path Computation
• MPLS TE Link Resource Attributes
• MPLS TE Link Resource Attributes: Maximum Bandwidth and Maximum Reservable Bandwidth
• MPLS TE Link Resource Attributes: Link Resource Class
• MPLS TE Link Resource Attributes: Constraint-Based Specific Link Metric (Administrative Weight)
• MPLS TE Tunnel Attributes
• MPLS TE Tunnel Attributes: Traffic Parameter and Generic Path Selection and Management
• MPLS TE Tunnel Attributes: Tunnel Resource Class Affinity
• MPLS TE Tunnel Attributes: Adaptability, Priority and Pre-emption
• MPLS TE Tunnel Attributes: Resilience
• Implementing TE Policies with Affinity Bits
• Using Affinity Bits in TE Policies
• Propagating MPLS TE Link Attributes with Link-State Routing Protocol
• Constraint-Based Path Computation
• Constraint–Based Path Computation: Path Selection
• Example of Constraint-Based Path Computation (resource Affinity)
• Path Setup
• RSVP Usage in Path Setup
• Hop-by-Hop Path Setup with RSVP
• Tunnel and Link Admission Control
• Path Rerouting
• Path Reoptimization
• Path Rerouting: Link Failure
• Assigning Traffic to Traffic Tunnels
• Using Static Routing to Assign Traffic to a Traffic Tunnel
• Autoroute
• Autoroute: Path Selection Rules
• Autoroute: Default Metric
• Autoroute: Relative and Absolute Metric
• Forwarding Adjacency
• Forwarding Adjacency Traffic Flows

Configuring MPLS TE on Cisco IOS Platforms

• MPLS TE Configuration Flow Chart
• Enabling Device-Level MPLS TE Support
• Enabling MPLS TE Support in IS-IS
• Enabling MPLS TE Support in OSPF
• Enabling Basic MPLS TE On an Interface
• Creating and Configuring a Traffic Tunnel
• Mapping Traffic into Tunnels with Autoroute

Monitoring Basic MPLS TE on Cisco IOS Platforms

• Monitoring MPLS TE Tunnels
• show ip rsvpinterface Command
• show mpls traffic-eng tunnels brief commands
• Monitoring MPLS TE
• show mpls traffic-eng autoroute Command
• show ip cef Command

Labs

• Discovery 1: Implement SP and Customer IP Addressing and IGP Routing
• Discovery 2: Verify Cisco Express Forwarding
• Discovery 3: Enable MPLS
• Discovery 4: Change IP TTL Propagation
• Discovery 5: Implement the Core MPLS Environment in the Service Provider Network
• Discovery 6: Configure MP-IBGP
• Discovery 7: Configure the VRF Instances
• Discovery 8: Configure RIP as a PE-CE Routing Protocol
• Discovery 9: Configure EIGRP as a PE-CE Routing Protocol
• Discovery 10: Implement EIGRP-Based MPLS VPNs
• Discovery 11: Configure OSPF as a PE-CE Routing Protocol
• Discovery 12: Implement OSPF-Based MPLS VPNs
• Discovery 13: Configure BGP as a PE-CE Routing Protocol
• Discovery 14: Implement BGP-Based MPLS VPNs
• Discovery 15: Configure a Central Services VPN
• Discovery 16: Configure MPLS Traffic Engineering
• Discovery 17: Implement MPLS Traffic Engineering  

Course Overview

The Implementing Cisco Enterprise SD-Branch (ENSDBI) course is designed to provide an understanding of the Cisco® Software-Defined (SD)-Branch architecture and Cisco Enterprise Network Functions Virtualization (ENFV) solution. You will learn about the supported hardware platforms with a focus on the components, installation, and upgraded workflows of the Cisco Enterprise Network Compute System (ENCS) 5400 series. Building your knowledge of Cisco NFVIS and Cisco vManage by deploying and managing the VNFs.

Course Objectives

After completing this course you should be able to:

• Describe the Cisco SD-Branch solution and its architecture
• Explain the hardware components of the Cisco ENCS 5400 and Cisco Catalyst® 8200 Series Edge Universal Customer Premises Equipment (uCPE)
• Install and access the Cisco Enterprise NFVIS on Cisco ENCS 5400
• Understand the VNF Lifecycle management and its deployment
• Identify Cisco Enterprise NFVIS Security considerations
• Explain the Cisco SD-WAN solution and its components
• Describe the Cisco ENCS orchestrations systems and Representational State Transfer (REST) APIs
• Deploy the Cisco ENCS using orchestrators
• Monitor and troubleshoot Cisco ENFV components using Cisco vManage

Course Content

Introducing Cisco SD-Branch Architecture and Cisco ENFV Solution

• Need for Cisco SD-Branch
• Cisco SD-Branch Solution Architecture and Benefits
• Cisco ENFV Solution
• Cisco Enterprise NFVIS and Its Benefits
• Cisco Enterprise NFVIS Hardware Platforms and Cisco NFVIS Supported Virtual Machines
• Cisco Enterprise NFVIS Key Tasks

Preparing Cisco ENCS Device for Deployment

• Cisco ENCS 5400 Components
• Cisco Catalyst 8200 Series Edge uCPE Components
• Install and Access the Cisco Enterprise NFVIS on the Cisco ENCS 5400
• Upgrade Cisco Enterprise NFVIS and Cisco ENCS 5400 Firmware versions

Deploying VNFs on Cisco ENCS

• VNF and Its Requirements
• VNF Lifecycle Management
• Cisco Enterprise NFVIS Security Considerations
• VNF Packaging
• VNF Deployment
• Networking via Cisco Enterprise NFVIS

Working with Cisco ENCS Orchestration

• Cisco SD-WAN Solution and Components
• Plug and Play for Cisco SD-Branch Solution
• Cisco ENCS Supported Orchestration Systems and Rest APIs
• Overview of Cisco SD-WAN Network Design

Monitoring and Managing Cisco ENFV Components

• Monitor and Manage Cisco ENFV Components Using Cisco vManage
• Troubleshoot Cisco ENFV Components Using Cisco vManage

Labs

• Explore Cisco ENCS and Cisco Enterprise NFVIS Portal
• Deploy Cisco Virtual Machines (VMs) and VNFs
• Deploy Orchestration using Cisco vManage
• Monitor and Troubleshoot Cisco ENCS device