Please enable JavaScript.
Coggle requires JavaScript to display documents.
EnSDWI - Coggle Diagram
EnSDWI
Day 1
API
type of endpoint
Example: http, https, REST (Representiation Steteful Transfer)
secure control plane
Using DTLS by default (UDP)
12346 port number
Can be changed to TLS (TCP)
3456, 23556, 23656, 2375
route leaking
Means Inter-VPN
configure export route
GCM
Galois/Counter Mode
virtualized platform
ISRv, Vedge Cloud, CSR
ENCS can support NFVIS?
can support ISRv, CSRv, Vedge, ASAv, NGFWv, WAAS WLC, linux VM and third party VM
2 certificates required
Root CA cert
2 options
To use default root CA
DigiCert or Cisco
Install CA chain
Microsoft, OpenSSL
Device Cert.
Activate using the CSR (Certificate Signing Requeste (Enrollment process)
Zone in cloud deployment
=Availabilty zone
Is a separate disaster zone in AWS or Azure region
Can be defined when deploy controller
vedge deployment methods
Manual deplyment
CSR (IOS_XE)
tunnel number must match with interface number
Tunnel1 for Gi0/0/1
Tunnel10 for Gi0/1/0
Tunnel100 for Gi1/0/0
Generate bootstrap config
Only required for Virtual Router
Not need for Appliance router
Because hardware has Chassis ID and device cert.
Use ZTP or PnP
Day 2
Vsmart
2700 OMP sessions, and 256K routes per controller
ECMP
by default, a combination of source IP address, destination IP address, protocol, and DSCP value is used as the hash key to determine which equal-cost path to pick.
Network Service Route
Service ID
FW, for firewall (maps to svc-id 1)
IDS, for Intrusion Detection Systems (maps to svc-id 2)
IDP, for Identity Providers (maps to svc-id 3)
netsvc1, netsvc2, netsvc3, and netsvc4, which are reserved for custom services (they map to svc-id 4, 5, 6, and 7, respectively)
BGP
Aggregate add (=summary address)
summary only setting
ON mode
Means Only aggregate route will be advertised
OFF mode
Aggregate and Specifc route will be advertiseed
Day 5`
TLS proxy
3 actions
-1.Drop,
2.do-not-decryp
decypt
OS Upgrade
Order
1.- vManage
2.- vBond
3.- vSmart
4.- WAN Edge
Multicasting
Components
Type of PIM
PIM-SM
2 distribution tree (path)used to forward the traffic
(S,G)= S is Source IP(=video server IP), G is multicast group IP
Source Specific path
=best path
2 (*, G)
Shared Tree
Path is go through the RP
routing protocol
SSM (source Specific Multicast)
Only has (S, G) path, no (*,G) path
No RP router is required
Require IGMP version 3
ASM (Any Source Multicast)
Only has (*, G)
No (S,G)
IGMP
Protocol run between receiver and switch/router
day 3
Marking
Type of marking
L2 = CoS
L3 = DSCP (differentiated Service Code Point
AAR policy
SLA measure based on BFD probe
poll interval
default is 10 minute
cumulative interval to place the BFD in bucket
App Route Multiplier
default is 6
Interval to wait before SDWAN router decide the path fullfill SLA
S