Escolar Documentos
Profissional Documentos
Cultura Documentos
Configure a custom strict COPP policy on DC1-N7K with a suffix of "ccie". Ensure
that this COPP policy is applied.
######################################
2. Cisco Data Center Network Services
######################################
You must complete the deployment of an L4-L7 Service Graph on ACI within the tenant
named ASAv between the inside and outside EPGs. The ASAv has been deployed in routed
mode. When the service graph is deployed correctly, you must ping from the VM named
SecureVM to the VM named UnsecureVM. You can use the VM consoles within vCenter for
testing. Use CCIE-ASAV for the service graph and contract name. Ensure that the
bridge domains are configured to meet these requirements
2.2 - Implement ACI Shared Fabric Services
A customer is trying to implement a three-tier application on ACI. The web service
function resides in a tenant called web and the Applications and Database services
reside in a tenant called app-db. The web VM and app VM should be able to
communicate (ping) each other.
The ACI-Web VM resides on SRV-3, which is vPC connected to N2K-3 and N2K-4. The
ACI-App and ACI-DB VMs reside on SRV-5, which is directly connected to LEAF-3 and
LEAF-4. Correct the configuration.
Requirement: Do not create any new policies.
Ensure the web services are made available to devices outside the fabric, using OSPF
for the L3 connection, and SVIs for connectivity. The ACI-Web VM (10.3.1.10) should
be able to communicate (ping) the Cisco Nexus 7000 OSPF peer device (10.3.6.1).
############################################
3. Data Center Storage Networking and Compute
############################################
N5K-3--VSAN 700
PWWN 00:20:23:43:54:23:54:54 --- Server1
PWWN 00:20:23:46:54:23:54:54 --- Server2
N5K-4--VSAN 800
PWWN 00:20:23:49:54:23:54:54 -- Server1
PWWN 00:20:23:52:54:23:54:54 -- Server2
• Your company also requires that a zone and zone set for VSAN 700 and 800 be
created. You must configure the members using the names configured earlier. Use the
naming schemes that follow when you create the zone and zone set. The configuration
should be active when complete.
N5K-3--VSAN 700
Zone set name DC_vsan_700
Zone name DC_vsan_700
N5K-4--VSAN 800
Zone set name DC_vsan_800
Zone name DC_vsan_800
Score: 2 points
• Configure port channels from each fabric interconnect to DC1-N5K-1 and DC2-N5K-2.
Ensure that if LACP frames are not received from the N5Ks, the ports are put into a
suspended state.
• Configure the appropriate querier configuration for VLAN 104. The IP address
should be applied to both fabric interconnects, and the VLAN should not flood
multicast traffic on all ports by default.
• Configure VLAN 103 so that multicast traffic is flooded by default.
You must get a blade to boot from a Fibre Channel storage array using the service
profile named "UCSM-LSP1". Some of the configuration is in place, but you notice
that the blade is still unable to boot. Make any necessary changes to Cisco UCS
Manager and Cisco Nexus 5000 configurations to ensure that the blade boots up
successfully. If completed properly, the LUN should be visible in the KVM when the
VIC option ROM loads, and the blade should boot the vSphere operating system from
the storage device.
Do not create any new policies. If configuration must be modified, modify only
existing policy assigned to the profile.
You are going to register your Cisco UCS domain with Central. You have been
instructed to ensure that only global service profiles and resource pools are
managed by Cisco UCS Central. The Cisco UCS shared password has been set as
"C1scoucs". Ensure that the Cisco UCS domain is ever unregistered and that all
global policies are removed where possible.
After these pools have been created, you must reconfigure the local service profile
"UCSM-LSP2" to use the global pools you created.
##########################################
4. Data Center Automation and Orchestration
###########################################
4.1 - Understanding Basic Scripting Used with ACI
As the data center expert, you must analyze the provided script,
createStudentTenants.py and the newStudentTenants.json data file, and make this
change for all student EPGs that the script creates when it is executed.
Your task is to make the necessary changes to the domain name in the script, then
execute the script against ACI to create the necessary tenant configuration.
Add VLAN 105 to 7k devices in DC2 and UCSB. VLAN 105 must to be added to Cisco UCSB,
extended through OTV link, and onto DC2 switches. Using existing Cisco UCS Director
workflows.
###################################
5. Data Center Fabric Infrastructure
####################################
Several ACI fabric policies are already deployed, but they do not appear to be
working correctly. You have been tasked with correcting the BGP route reflector and
NTP fabric policies. The NTP source for the fabric is 10.1.1.254 with no
authentication. Both spines should be configured as route reflectors.
You have also been instructed to configure ACI such that acknowledged faults do not
adversely affect the fabric health score.
Only default policies should be used. Do not create any new policies or use any
custom policy for NTP and the BGP route reflector other than default or existing
policies.
Use SVI interfaces for L3 Out from the ACI fabric. BGP connection is over vPC
between ACI fabric and DC2-N7K-2
The "DCI" test VM can be accessed via vCenter console.
Your customer wants to use VMM integration to push and ACI DVS to the vCenter
located at 10.1.1.215, and wants Server-5 in Data Center 2 to be attached to the
DVS.
The customer wants to make sure that any audit logs, events, and faults on the
leaves, spines, and APICs are preserved. The messages are used to perform root cause
analysis for problems encountered during the day-to-day operations on the ACI
fabric. The customer has a server (IP address 1.1.1.1) installed to collect these
messages. Create the ACI policy configurations as needed.
Use default settings unless previously provided.
Make sure audit logs, events, and faults that are part of the default and custom
configured policies are collected.