CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide (2023)
Build your confidence with CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide (2023), a must-have for certification seekers.
Sarah Anderson
Contributor
4.9
161
about 2 months ago
Preview (31 of 1111)
Sign in to access the full document!
CCNP and CCIE Data Center Core DCCOR 350-601
Official Cert Guide
Companion Website and Pearson Test Prep Access Code
Access interactive study tools on this book’s companion website, including practice test software,
review exercises, Key Term flash card application, a study planner, and more!
To access the companion website, simply follow these steps:
1. Go to www.ciscopress.com/register.
2. Enter the print book ISBN: 9780138228088.
3. Answer the security question to validate your purchase.
4. Go to your account page.
5. Click on the Registered Products tab.
6. Under the book listing, click on the Access Bonus Content link.
When you register your book, your Pearson Test Prep practice test access code will automatically
be populated with the book listing under the Registered Products tab. You will need this
code to access the practice test that comes with this book. You can redeem the code at
PearsonTestPrep.com. Simply choose Pearson IT Certification as your product group and log into
the site with the same credentials you used to register your book. Click the Activate New Product
button and enter the access code. More detailed instructions on how to redeem your access code
for both the online and desktop versions can be found on the companion website.
If you have any issues accessing the companion website or obtaining your Pearson Test Prep
practice test access code, you can contact our support team by going to pearsonitp.echelp.org.
Official Cert Guide
Companion Website and Pearson Test Prep Access Code
Access interactive study tools on this book’s companion website, including practice test software,
review exercises, Key Term flash card application, a study planner, and more!
To access the companion website, simply follow these steps:
1. Go to www.ciscopress.com/register.
2. Enter the print book ISBN: 9780138228088.
3. Answer the security question to validate your purchase.
4. Go to your account page.
5. Click on the Registered Products tab.
6. Under the book listing, click on the Access Bonus Content link.
When you register your book, your Pearson Test Prep practice test access code will automatically
be populated with the book listing under the Registered Products tab. You will need this
code to access the practice test that comes with this book. You can redeem the code at
PearsonTestPrep.com. Simply choose Pearson IT Certification as your product group and log into
the site with the same credentials you used to register your book. Click the Activate New Product
button and enter the access code. More detailed instructions on how to redeem your access code
for both the online and desktop versions can be found on the companion website.
If you have any issues accessing the companion website or obtaining your Pearson Test Prep
practice test access code, you can contact our support team by going to pearsonitp.echelp.org.
This page intentionally left blank
Loading page 4...
Cisco Press
CCNP and
CCIE Data
Center Core
DCCOR
350-601
Official Cert Guide
Second Edition
SOMIT MALOO, CCIE NO. 28603, CCDE NO. 20170002
ISKREN NIKOLOV, CCIE NO. 20164, CCSI NO. 32481
FIRAS AHMED, CCIE NO. 14967
CCNP and
CCIE Data
Center Core
DCCOR
350-601
Official Cert Guide
Second Edition
SOMIT MALOO, CCIE NO. 28603, CCDE NO. 20170002
ISKREN NIKOLOV, CCIE NO. 20164, CCSI NO. 32481
FIRAS AHMED, CCIE NO. 14967
Loading page 5...
iv CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
CCNP and CCIE Data Center Core
DCCOR 350-601 Official Cert Guide,
Second Edition
Somit Maloo, Iskren Nikolov, Firas Ahmed
Copyright© 2024 Cisco Systems, Inc.
Published by:
Cisco Press
Hoboken, New Jersey
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage and retrieval
system, without written permission from the publisher, except for the inclusion of brief quotations in a
review.
$PrintCode
Library of Congress Control Number: 2023946984
ISBN-13: 978-0-13-822808-8
ISBN-10: 0-13-822808-6
Warning and Disclaimer
This book discusses the content and skills needed to pass the 350-601 CCNP Data Center Core
certification exam, which is the prerequisite for CCNP as well as CCIE certification. Every effort has been
made to make this book as complete and as accurate as possible, but no warranty or fitness is implied.
The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall
have neither liability nor responsibility to any person or entity with respect to any loss or damages
arising from the information contained in this book or from the use of the discs or programs that may
accompany it.
The opinions expressed in this book belong to the author and are not necessarily those of
Cisco Systems, Inc.
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately
capitalized. Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a
term in this book should not be regarded as affecting the validity of any trademark or service mark.
Special Sales
For information about buying this title in bulk quantities, or for special sales opportunities (which
may include electronic versions; custom cover designs; and content particular to your business,
training goals, marketing focus, or branding interests), please contact our corporate sales department at
corpsales@pearsoned.com or (800) 382-3419.
For government sales inquiries, please contact governmentsales@pearsoned.com.
For questions about sales outside the U.S., please contact intlcs@pearson.com.
CCNP and CCIE Data Center Core
DCCOR 350-601 Official Cert Guide,
Second Edition
Somit Maloo, Iskren Nikolov, Firas Ahmed
Copyright© 2024 Cisco Systems, Inc.
Published by:
Cisco Press
Hoboken, New Jersey
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage and retrieval
system, without written permission from the publisher, except for the inclusion of brief quotations in a
review.
$PrintCode
Library of Congress Control Number: 2023946984
ISBN-13: 978-0-13-822808-8
ISBN-10: 0-13-822808-6
Warning and Disclaimer
This book discusses the content and skills needed to pass the 350-601 CCNP Data Center Core
certification exam, which is the prerequisite for CCNP as well as CCIE certification. Every effort has been
made to make this book as complete and as accurate as possible, but no warranty or fitness is implied.
The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall
have neither liability nor responsibility to any person or entity with respect to any loss or damages
arising from the information contained in this book or from the use of the discs or programs that may
accompany it.
The opinions expressed in this book belong to the author and are not necessarily those of
Cisco Systems, Inc.
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately
capitalized. Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a
term in this book should not be regarded as affecting the validity of any trademark or service mark.
Special Sales
For information about buying this title in bulk quantities, or for special sales opportunities (which
may include electronic versions; custom cover designs; and content particular to your business,
training goals, marketing focus, or branding interests), please contact our corporate sales department at
corpsales@pearsoned.com or (800) 382-3419.
For government sales inquiries, please contact governmentsales@pearsoned.com.
For questions about sales outside the U.S., please contact intlcs@pearson.com.
Loading page 6...
Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book
is crafted with care and precision, undergoing rigorous development that involves the unique expertise of
members from the professional technical community.
Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we
could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us
through email at feedback@ciscopress.com. Please make sure to include the book title and ISBN in your
message.
We greatly appreciate your assistance.
Vice President, IT Professional: Mark Taub
Alliances Managers, Cisco Press: Jaci Featherly;
James Risler
Director, ITP Product Management: Brett Bartow
Executive Editor: James Manly
Managing Editor: Sandra Schroeder
Development Editor: Ellie Bru
Senior Project Editor: Tonya Simpson
Copy Editor: Chuck Hutchinson
Technical Editor: Donald S. Bacha
Editorial Assistant: Cindy Teeters
Cover Designer: Chuti Prasertsith
Composition: codeMantra
Indexer: Ken Johnson
Proofreader: Charlotte Kughen
v
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book
is crafted with care and precision, undergoing rigorous development that involves the unique expertise of
members from the professional technical community.
Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we
could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us
through email at feedback@ciscopress.com. Please make sure to include the book title and ISBN in your
message.
We greatly appreciate your assistance.
Vice President, IT Professional: Mark Taub
Alliances Managers, Cisco Press: Jaci Featherly;
James Risler
Director, ITP Product Management: Brett Bartow
Executive Editor: James Manly
Managing Editor: Sandra Schroeder
Development Editor: Ellie Bru
Senior Project Editor: Tonya Simpson
Copy Editor: Chuck Hutchinson
Technical Editor: Donald S. Bacha
Editorial Assistant: Cindy Teeters
Cover Designer: Chuti Prasertsith
Composition: codeMantra
Indexer: Ken Johnson
Proofreader: Charlotte Kughen
v
Loading page 7...
vi CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Pearson’s Commitment to Diversity, Equity,
and Inclusion
Pearson is dedicated to creating bias-free content that reflects the diversity of all learners.
We embrace the many dimensions of diversity, including but not limited to race, ethnic-
ity, gender, socioeconomic status, ability, age, sexual orientation, and religious or political
beliefs.
Education is a powerful force for equity and change in our world. It has the potential to
deliver opportunities that improve lives and enable economic mobility. As we work with
authors to create content for every product and service, we acknowledge our responsibil-
ity to demonstrate inclusivity and incorporate diverse scholarship so that everyone can
achieve their potential through learning. As the world’s leading learning company, we have
a duty to help drive change and live up to our purpose to help more people create a
better life for themselves and to create a better world.
Our ambition is to purposefully contribute to a world where
■ Everyone has an equitable and lifelong opportunity to succeed through learning
■ Our educational products and services are inclusive and represent the rich diversity
of learners
■ Our educational content accurately reflects the histories and experiences of the
learners we serve
■ Our educational content prompts deeper discussions with learners and motivates
them to expand their own learning (and worldview)
While we work hard to present unbiased content, we want to hear from you about any
concerns or needs with this Pearson product so that we can investigate and address them.
Please contact us with concerns about any potential bias at https://www.pearson.com/
report-bias.html.
Pearson’s Commitment to Diversity, Equity,
and Inclusion
Pearson is dedicated to creating bias-free content that reflects the diversity of all learners.
We embrace the many dimensions of diversity, including but not limited to race, ethnic-
ity, gender, socioeconomic status, ability, age, sexual orientation, and religious or political
beliefs.
Education is a powerful force for equity and change in our world. It has the potential to
deliver opportunities that improve lives and enable economic mobility. As we work with
authors to create content for every product and service, we acknowledge our responsibil-
ity to demonstrate inclusivity and incorporate diverse scholarship so that everyone can
achieve their potential through learning. As the world’s leading learning company, we have
a duty to help drive change and live up to our purpose to help more people create a
better life for themselves and to create a better world.
Our ambition is to purposefully contribute to a world where
■ Everyone has an equitable and lifelong opportunity to succeed through learning
■ Our educational products and services are inclusive and represent the rich diversity
of learners
■ Our educational content accurately reflects the histories and experiences of the
learners we serve
■ Our educational content prompts deeper discussions with learners and motivates
them to expand their own learning (and worldview)
While we work hard to present unbiased content, we want to hear from you about any
concerns or needs with this Pearson product so that we can investigate and address them.
Please contact us with concerns about any potential bias at https://www.pearson.com/
report-bias.html.
Loading page 8...
vii
About the Authors
Somit Maloo, CCIE No. 28603, CCDE No. 20170002, is a content architect from the data
center team in the Learning & Certifications’ organization. He holds a master’s degree in
telecommunication networks and a bachelor’s degree in electronics and telecommunication
engineering. He is also a penta CCIE in routing and switching, service provider, wireless,
security, and data center technologies. Somit holds various industry-leading certifications,
including CCDE, PMP, RHCSA, and VMware VCIX6 in Data Center and Network Virtu-
alization. Somit has extensive experience in designing and developing various data center
courses for the official Cisco curriculum. He started his career as a Cisco TAC engineer.
Somit has more than 13 years of experience in the networking industry, working mostly
with data center networks. You can reach Somit on Twitter: @somitmaloo.
Iskren Nikolov, CCIE No. 20164, CCSI No. 32481, MCT Alumni, content architect,
engineer, and developer with the Cisco Learning & Certifications’ Data Center & Cloud
team. He is responsible for designing, developing, and reviewing Data Center Official
Learning Cisco courses, including lab infrastructures and exercises. He holds a mas-
ter’s degree in computer systems and management from the Technical University-Sofia,
Bulgaria. Iskren has more than 26 years of experience in designing, implementing, and
supporting solutions based on the data center, security, storage, wide area networks,
software-defined networks, cloud, hybrid, and multi-cloud technologies, including 11
years of teaching, and developing Cisco Data Center & Cloud and Microsoft Azure
courses. The huge experience across technologies from multiple vendors such as Cisco
Systems, VMware, Microsoft, and Barracuda, combined with the different perspectives
gained from the different roles in his work and experience with customers from differ-
ent industries, allow Iskren to have a unique view of the current data center technologies
and the future trends. You can reach Iskren on LinkedIn: https://www.linkedin.com/in/
iskrennikolov.
Firas Ahmed, CCIE No. 14967, is a solution architect on the data center technologies
team at Nile. He completed a master’s degree in systems and control engineering follow-
ing a bachelor’s degree in computer engineering. Firas holds CCIE certificates in routing
and switching, collaboration, wireless, security, and data center technologies in addition
to industry-based certifications, including CISSP, PMP, VMware VCP6.5-DCV, ITIL, and
GICSP. Firas has more than 18 years of experience in designing, developing, and support-
ing various data centers for enterprise and IoT customers. Firas has additional experience
as a seasonal instructor in a number of community colleges in Toronto, where he taught
various computer networking courses. You can reach Firas on Twitter: @dccor_firas.
About the Authors
Somit Maloo, CCIE No. 28603, CCDE No. 20170002, is a content architect from the data
center team in the Learning & Certifications’ organization. He holds a master’s degree in
telecommunication networks and a bachelor’s degree in electronics and telecommunication
engineering. He is also a penta CCIE in routing and switching, service provider, wireless,
security, and data center technologies. Somit holds various industry-leading certifications,
including CCDE, PMP, RHCSA, and VMware VCIX6 in Data Center and Network Virtu-
alization. Somit has extensive experience in designing and developing various data center
courses for the official Cisco curriculum. He started his career as a Cisco TAC engineer.
Somit has more than 13 years of experience in the networking industry, working mostly
with data center networks. You can reach Somit on Twitter: @somitmaloo.
Iskren Nikolov, CCIE No. 20164, CCSI No. 32481, MCT Alumni, content architect,
engineer, and developer with the Cisco Learning & Certifications’ Data Center & Cloud
team. He is responsible for designing, developing, and reviewing Data Center Official
Learning Cisco courses, including lab infrastructures and exercises. He holds a mas-
ter’s degree in computer systems and management from the Technical University-Sofia,
Bulgaria. Iskren has more than 26 years of experience in designing, implementing, and
supporting solutions based on the data center, security, storage, wide area networks,
software-defined networks, cloud, hybrid, and multi-cloud technologies, including 11
years of teaching, and developing Cisco Data Center & Cloud and Microsoft Azure
courses. The huge experience across technologies from multiple vendors such as Cisco
Systems, VMware, Microsoft, and Barracuda, combined with the different perspectives
gained from the different roles in his work and experience with customers from differ-
ent industries, allow Iskren to have a unique view of the current data center technologies
and the future trends. You can reach Iskren on LinkedIn: https://www.linkedin.com/in/
iskrennikolov.
Firas Ahmed, CCIE No. 14967, is a solution architect on the data center technologies
team at Nile. He completed a master’s degree in systems and control engineering follow-
ing a bachelor’s degree in computer engineering. Firas holds CCIE certificates in routing
and switching, collaboration, wireless, security, and data center technologies in addition
to industry-based certifications, including CISSP, PMP, VMware VCP6.5-DCV, ITIL, and
GICSP. Firas has more than 18 years of experience in designing, developing, and support-
ing various data centers for enterprise and IoT customers. Firas has additional experience
as a seasonal instructor in a number of community colleges in Toronto, where he taught
various computer networking courses. You can reach Firas on Twitter: @dccor_firas.
Loading page 9...
viii CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
About the Technical Reviewer
Donald Bacha is an infrastructure manager with a health research organization in New
York City. He’s the technical lead responsible for designing and implementing network,
compute, virtualization, storage, and disaster recovery solutions. During the past 18
years, Donald has supported Cloud Services Provider, Enterprise, and Data Center envi-
ronments contributing to complex routing and switching, data center, storage, and virtu-
alization projects in both greenfield and brownfield deployments. Donald’s certifications
include CCNP Data Center, CCNP Enterprise, and VCAP-DCV. Donald holds a master of
science in network engineering from Southern Methodist University (SMU) Lyle School
of Engineering and a master of business administration from the Commonwealth of
Learning/University of Guyana. You can reach Donald on Twitter: @donald_bacha.
About the Technical Reviewer
Donald Bacha is an infrastructure manager with a health research organization in New
York City. He’s the technical lead responsible for designing and implementing network,
compute, virtualization, storage, and disaster recovery solutions. During the past 18
years, Donald has supported Cloud Services Provider, Enterprise, and Data Center envi-
ronments contributing to complex routing and switching, data center, storage, and virtu-
alization projects in both greenfield and brownfield deployments. Donald’s certifications
include CCNP Data Center, CCNP Enterprise, and VCAP-DCV. Donald holds a master of
science in network engineering from Southern Methodist University (SMU) Lyle School
of Engineering and a master of business administration from the Commonwealth of
Learning/University of Guyana. You can reach Donald on Twitter: @donald_bacha.
Loading page 10...
ix
Dedications
Somit:
To my loving wife, Renuka, for her unending love and support.
To my wonderful parents, who supported me in every phase of my life.
To Navya and Namit, who agreed not to fight while Papa was working on the book.
To my aunt, Tara, for being the guiding angel in my life.
Iskren:
To my loving family—my wife, Petya, and my kids, Diana and Valentin—for their
continued support and unconditional love!
Firas:
To my amazing wife, Nora, who has been extremely supportive throughout this process.
Thanks for letting me spend long hours on my computer once again!
To Ibrahim and Maryam, you are growing so fast. Never give up on what you want. If at
first you don’t succeed, try and try again. I love you more than anything!
To my parents, you are still the guiding light that keeps me on the right path.
Dedications
Somit:
To my loving wife, Renuka, for her unending love and support.
To my wonderful parents, who supported me in every phase of my life.
To Navya and Namit, who agreed not to fight while Papa was working on the book.
To my aunt, Tara, for being the guiding angel in my life.
Iskren:
To my loving family—my wife, Petya, and my kids, Diana and Valentin—for their
continued support and unconditional love!
Firas:
To my amazing wife, Nora, who has been extremely supportive throughout this process.
Thanks for letting me spend long hours on my computer once again!
To Ibrahim and Maryam, you are growing so fast. Never give up on what you want. If at
first you don’t succeed, try and try again. I love you more than anything!
To my parents, you are still the guiding light that keeps me on the right path.
Loading page 11...
x CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Acknowledgments
Somit Maloo:
I would like to thank my coauthors, Iskren Nikolov and Firas Ahmed, for working as a
team to complete this book. Without their support, this book would not have been pos-
sible. I am thankful to all our professional editors, especially James Manly and Ellie Bru,
for their patience and guidance at every step of the book process. I would also like to
thank our technical editor, Donald Bacha, for his keen attention to detail and for agreeing
to review the book, taking time out of his busy schedule.
Firas Ahmed:
I would like to thank my co-author, Somit Maloo, for taking the initiative to form this
partnership and for his dedication in putting together the outline of this book. Thank you
for your valuable input and continuous support throughout the process.
Thanks to the Cisco Press team, especially James Manly, for believing in us, and Ellie Bru,
for her guidance and extreme patience while editing and amending the chapters of the
book.
A special credit to Hazim Dahir, distinguished engineer at Cisco Systems, for his help and
support with the technical review of the book.
In addition, I want to thank my colleague Naveen Chapa for reviewing and providing
constructive feedback that helped enhance the ACI chapter.
Iskren Nikolov:
I would like to thank my co-author, Somit Maloo—it’s not that often one can work
effortlessly as a team with someone. I am thankful to the whole production team, espe-
cially James Manly and Ellie Bru, for their professionalism and endless patience with me!
Special thanks also to our technical editor, Donald Bacha, for providing this precious
other perspective on how we can tell a better story about the technology!
Acknowledgments
Somit Maloo:
I would like to thank my coauthors, Iskren Nikolov and Firas Ahmed, for working as a
team to complete this book. Without their support, this book would not have been pos-
sible. I am thankful to all our professional editors, especially James Manly and Ellie Bru,
for their patience and guidance at every step of the book process. I would also like to
thank our technical editor, Donald Bacha, for his keen attention to detail and for agreeing
to review the book, taking time out of his busy schedule.
Firas Ahmed:
I would like to thank my co-author, Somit Maloo, for taking the initiative to form this
partnership and for his dedication in putting together the outline of this book. Thank you
for your valuable input and continuous support throughout the process.
Thanks to the Cisco Press team, especially James Manly, for believing in us, and Ellie Bru,
for her guidance and extreme patience while editing and amending the chapters of the
book.
A special credit to Hazim Dahir, distinguished engineer at Cisco Systems, for his help and
support with the technical review of the book.
In addition, I want to thank my colleague Naveen Chapa for reviewing and providing
constructive feedback that helped enhance the ACI chapter.
Iskren Nikolov:
I would like to thank my co-author, Somit Maloo—it’s not that often one can work
effortlessly as a team with someone. I am thankful to the whole production team, espe-
cially James Manly and Ellie Bru, for their professionalism and endless patience with me!
Special thanks also to our technical editor, Donald Bacha, for providing this precious
other perspective on how we can tell a better story about the technology!
Loading page 12...
xi
Contents at a Glance
Introduction xxxv
Part I Networking
Chapter 1 Implementing Routing in the Data Center 2
Chapter 2 Implementing Data Center Switching Protocols 90
Chapter 3 Implementing Data Center Overlay Protocols 150
Chapter 4 Describe Cisco Application Centric Infrastructure 172
Chapter 5 Cisco Cloud Services and Deployment Models 240
Chapter 6 Data Center Network Management and Monitoring 252
Chapter 7 Describe Cisco Nexus Dashboard 314
Part II Storage
Chapter 8 Implement Fibre Channel 352
Chapter 9 Implement FCoE Unified Fabric 434
Chapter 10 Describe NFS and NAS Concepts 478
Chapter 11 Describe Software Management and Infrastructure Monitoring 488
Part III Compute
Chapter 12 Cisco Unified Computing Systems Overview 530
Chapter 13 Cisco Unified Computing Infrastructure Monitoring 628
Chapter 14 Cisco Unified Compute Software and Configuration Management 658
Chapter 15 Cisco HyperFlex Overview 702
Part IV Automation
Chapter 16 Automation and Scripting Tools 730
Chapter 17 Evaluate Automation and Orchestration Technologies 762
Part V Security
Chapter 18 Network Security 798
Chapter 19 Compute Security 874
Contents at a Glance
Introduction xxxv
Part I Networking
Chapter 1 Implementing Routing in the Data Center 2
Chapter 2 Implementing Data Center Switching Protocols 90
Chapter 3 Implementing Data Center Overlay Protocols 150
Chapter 4 Describe Cisco Application Centric Infrastructure 172
Chapter 5 Cisco Cloud Services and Deployment Models 240
Chapter 6 Data Center Network Management and Monitoring 252
Chapter 7 Describe Cisco Nexus Dashboard 314
Part II Storage
Chapter 8 Implement Fibre Channel 352
Chapter 9 Implement FCoE Unified Fabric 434
Chapter 10 Describe NFS and NAS Concepts 478
Chapter 11 Describe Software Management and Infrastructure Monitoring 488
Part III Compute
Chapter 12 Cisco Unified Computing Systems Overview 530
Chapter 13 Cisco Unified Computing Infrastructure Monitoring 628
Chapter 14 Cisco Unified Compute Software and Configuration Management 658
Chapter 15 Cisco HyperFlex Overview 702
Part IV Automation
Chapter 16 Automation and Scripting Tools 730
Chapter 17 Evaluate Automation and Orchestration Technologies 762
Part V Security
Chapter 18 Network Security 798
Chapter 19 Compute Security 874
Loading page 13...
xii CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Chapter 20 Storage Security 896
Chapter 21 Final Preparation 932
Chapter 22
CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Exam Updates 942
Appendix A Answers to the “Do I Know This Already?” Quizzes 946
Glossary 961
Index 984
Online Elements
Appendix B Memory Tables
Appendix C Memory Tables Answer Key
Appendix D Study Planner
Glossary
Chapter 20 Storage Security 896
Chapter 21 Final Preparation 932
Chapter 22
CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Exam Updates 942
Appendix A Answers to the “Do I Know This Already?” Quizzes 946
Glossary 961
Index 984
Online Elements
Appendix B Memory Tables
Appendix C Memory Tables Answer Key
Appendix D Study Planner
Glossary
Loading page 14...
xiii
Contents
Introduction xxxv
Part I Networking
Chapter 1 Implementing Routing in the Data Center 2
“Do I Know This Already?” Quiz 2
Foundation Topics 5
Routing Protocols Support on Cisco Nexus Devices 5
OSPF 6
OSPF Link-State Advertisements 7
OSPF Areas 10
Designated Routers and Backup Designated Routers 12
OSPF Authentication 13
OSPF Configurations and Verifications 13
Border Gateway Protocol 24
BGP Peering 25
BGP Path Selection 26
Step 1: Comparing Pairs of Paths 27
Step 2: Determining the Order of Comparisons 28
Step 3: Determining the Best-Path Change Suppression 29
Multiprotocol BGP 29
BGP Configurations and Verifications 30
Bidirectional Forwarding Detection 37
Rapid Detection of Failures 38
BFD Configurations and Verifications 38
Multicast 42
Internet Group Management Protocol 43
Switch IGMP Snooping 46
Multicast Listener Discovery 46
Multicast Distribution Trees 47
Protocol Independent Multicast 49
PIM Rendezvous Points 53
PIM Designated Routers/Forwarders 54
Multicast Forwarding 55
Multicast Configurations and Verifications 56
Hot Standby Router Protocol 69
Virtual Router Redundancy Protocol 73
Contents
Introduction xxxv
Part I Networking
Chapter 1 Implementing Routing in the Data Center 2
“Do I Know This Already?” Quiz 2
Foundation Topics 5
Routing Protocols Support on Cisco Nexus Devices 5
OSPF 6
OSPF Link-State Advertisements 7
OSPF Areas 10
Designated Routers and Backup Designated Routers 12
OSPF Authentication 13
OSPF Configurations and Verifications 13
Border Gateway Protocol 24
BGP Peering 25
BGP Path Selection 26
Step 1: Comparing Pairs of Paths 27
Step 2: Determining the Order of Comparisons 28
Step 3: Determining the Best-Path Change Suppression 29
Multiprotocol BGP 29
BGP Configurations and Verifications 30
Bidirectional Forwarding Detection 37
Rapid Detection of Failures 38
BFD Configurations and Verifications 38
Multicast 42
Internet Group Management Protocol 43
Switch IGMP Snooping 46
Multicast Listener Discovery 46
Multicast Distribution Trees 47
Protocol Independent Multicast 49
PIM Rendezvous Points 53
PIM Designated Routers/Forwarders 54
Multicast Forwarding 55
Multicast Configurations and Verifications 56
Hot Standby Router Protocol 69
Virtual Router Redundancy Protocol 73
Loading page 15...
xiv CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
VRRP Operation 73
VRRP Groups 75
VRRP Router Priority and Preemption 76
VRRP Authentication 77
VRRP Tracking 77
IPv6 First Hop Redundancy 77
HSRP/VRRP Configurations and Verifications 79
Exam Preparation Tasks 87
Review All Key Topics 87
Memory Tables 88
Define Key Terms 88
References 88
Chapter 2 Implementing Data Center Switching Protocols 90
“Do I Know This Already?” Quiz 90
Foundation Topics 93
Spanning Tree Protocols 93
STP Topology 93
STP Port Types 94
STP Extensions 94
STP Bridge Assurance 95
BPDU Guard 96
BPDU Filter 96
Loop Guard 96
Root Guard 97
Unidirectional Link Detection 97
Rapid PVST+ 98
Rapid PVST+ Ports 100
Spanning Tree Configurations and Verifications 102
Port Channels 117
Port Channel Load Balance 120
Virtual Port Channel 122
vPC Traffic Flows 125
vPC Dual-Control Plane 126
vPC Primary and Secondary Roles 127
vPC Configuration Consistency 128
vPC Duplicate Frames Prevention Mechanism 129
vPC HSRP Gateway Considerations 131
VRRP Operation 73
VRRP Groups 75
VRRP Router Priority and Preemption 76
VRRP Authentication 77
VRRP Tracking 77
IPv6 First Hop Redundancy 77
HSRP/VRRP Configurations and Verifications 79
Exam Preparation Tasks 87
Review All Key Topics 87
Memory Tables 88
Define Key Terms 88
References 88
Chapter 2 Implementing Data Center Switching Protocols 90
“Do I Know This Already?” Quiz 90
Foundation Topics 93
Spanning Tree Protocols 93
STP Topology 93
STP Port Types 94
STP Extensions 94
STP Bridge Assurance 95
BPDU Guard 96
BPDU Filter 96
Loop Guard 96
Root Guard 97
Unidirectional Link Detection 97
Rapid PVST+ 98
Rapid PVST+ Ports 100
Spanning Tree Configurations and Verifications 102
Port Channels 117
Port Channel Load Balance 120
Virtual Port Channel 122
vPC Traffic Flows 125
vPC Dual-Control Plane 126
vPC Primary and Secondary Roles 127
vPC Configuration Consistency 128
vPC Duplicate Frames Prevention Mechanism 129
vPC HSRP Gateway Considerations 131
Loading page 16...
xv
vPC ARP Synchronization 131
vPC Peer Gateway 131
Port Channel Configurations and Verifications 132
Exam Preparation Tasks 146
Review All Key Topics 146
Memory Tables 147
Define Key Terms 147
References 148
Chapter 3 Implementing Data Center Overlay Protocols 150
“Do I Know This Already?” Quiz 150
Foundation Topics 151
Virtual Extensible LAN (VXLAN) Overview 151
VXLAN Encapsulation and Packet Format 152
VXLAN Tunnel Endpoint 152
Virtual Network Identifier 153
VXLAN Control Plane 154
VXLAN Flood and Learn Multicast-Based Control Plane 154
VXLAN MPBGP EVPN Control Plane 156
VXLAN Gateways 157
VXLAN High Availability 157
VXLAN Tenant Routed Multicast 159
VXLAN Configurations and Verifications 159
Exam Preparation Tasks 169
Review All Key Topics 169
Define Key Terms 170
References 170
Chapter 4 Describe Cisco Application Centric Infrastructure 172
“Do I Know This Already?” Quiz 172
Foundation Topics 174
Cisco Application Centric Infrastructure (ACI) Overview 174
Cisco Application Policy Infrastructure Controller 176
Cisco Nexus 9000 Series Spine and Leaf Switches for Cisco ACI 179
Cisco ACI Initial Setup, Fabric Discovery, Fabric Upgrade, and Fabric Access
Policies 182
Cisco ACI Initial Setup 182
Cisco ACI Fabric Discovery 187
vPC ARP Synchronization 131
vPC Peer Gateway 131
Port Channel Configurations and Verifications 132
Exam Preparation Tasks 146
Review All Key Topics 146
Memory Tables 147
Define Key Terms 147
References 148
Chapter 3 Implementing Data Center Overlay Protocols 150
“Do I Know This Already?” Quiz 150
Foundation Topics 151
Virtual Extensible LAN (VXLAN) Overview 151
VXLAN Encapsulation and Packet Format 152
VXLAN Tunnel Endpoint 152
Virtual Network Identifier 153
VXLAN Control Plane 154
VXLAN Flood and Learn Multicast-Based Control Plane 154
VXLAN MPBGP EVPN Control Plane 156
VXLAN Gateways 157
VXLAN High Availability 157
VXLAN Tenant Routed Multicast 159
VXLAN Configurations and Verifications 159
Exam Preparation Tasks 169
Review All Key Topics 169
Define Key Terms 170
References 170
Chapter 4 Describe Cisco Application Centric Infrastructure 172
“Do I Know This Already?” Quiz 172
Foundation Topics 174
Cisco Application Centric Infrastructure (ACI) Overview 174
Cisco Application Policy Infrastructure Controller 176
Cisco Nexus 9000 Series Spine and Leaf Switches for Cisco ACI 179
Cisco ACI Initial Setup, Fabric Discovery, Fabric Upgrade, and Fabric Access
Policies 182
Cisco ACI Initial Setup 182
Cisco ACI Fabric Discovery 187
Loading page 17...
xvi CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Startup with Cisco ACI Fabric Discovery and Configuration 188
Fabric Upgrade 189
Cisco ACI Fabric Access Policies 190
Cisco ACI Fabric Building Blocks, Policy Model, and VMM Domains 195
ACI Policy Model 197
Cisco ACI Tenants 198
Virtual Routing and Forwarding 200
Bridge Domain and Subnets 200
Endpoint Group 202
Cisco ACI Virtual Machine Manager Domains 203
Cisco ACI Integration with Microsoft SCVMM 204
Cisco ACI Integration with VMware vCenter 205
Cisco ACI Virtual Edge 206
Integrating VMware Overlays with the Cisco ACI 206
Application Profiles 206
Microsegmentations 207
Attachable Entity Profile 207
ACI Contract 208
Taboo Contracts 209
vzAny Rule 210
Filters and Subjects 213
Management Tenant 213
In-Band Management Access 214
Out-of-Band Management Access 214
ACI VXLAN 215
ACI Intersubnet Tenant Traffic 217
Policy Identification and Enforcement 218
ACI Fabric Traffic Storm Control 219
ACI Fabric Traffic Load Balance 219
ACI Fabric Loop Detection 220
ACI Design Best Practices 221
ACI LAB Configurations Example 221
Building ACI Fabric 224
Creating Tenant 227
Creating Contract and Filter 230
Deploying a Three-Tier Application 233
Integrating with vCenter 235
Startup with Cisco ACI Fabric Discovery and Configuration 188
Fabric Upgrade 189
Cisco ACI Fabric Access Policies 190
Cisco ACI Fabric Building Blocks, Policy Model, and VMM Domains 195
ACI Policy Model 197
Cisco ACI Tenants 198
Virtual Routing and Forwarding 200
Bridge Domain and Subnets 200
Endpoint Group 202
Cisco ACI Virtual Machine Manager Domains 203
Cisco ACI Integration with Microsoft SCVMM 204
Cisco ACI Integration with VMware vCenter 205
Cisco ACI Virtual Edge 206
Integrating VMware Overlays with the Cisco ACI 206
Application Profiles 206
Microsegmentations 207
Attachable Entity Profile 207
ACI Contract 208
Taboo Contracts 209
vzAny Rule 210
Filters and Subjects 213
Management Tenant 213
In-Band Management Access 214
Out-of-Band Management Access 214
ACI VXLAN 215
ACI Intersubnet Tenant Traffic 217
Policy Identification and Enforcement 218
ACI Fabric Traffic Storm Control 219
ACI Fabric Traffic Load Balance 219
ACI Fabric Loop Detection 220
ACI Design Best Practices 221
ACI LAB Configurations Example 221
Building ACI Fabric 224
Creating Tenant 227
Creating Contract and Filter 230
Deploying a Three-Tier Application 233
Integrating with vCenter 235
Loading page 18...
xvii
Exam Preparation Tasks 238
Review All Key Topics 238
Define Key Terms 239
References 239
Chapter 5 Cisco Cloud Services and Deployment Models 240
“Do I Know This Already?” Quiz 240
Foundation Topics 242
What Is Cloud Computing? 242
Cloud Service Models 245
Software as a Service 245
Platform as a Service 246
Infrastructure as a Service 246
Cloud Deployment Models 248
Private Cloud 248
Public Cloud 248
Hybrid Cloud 249
Community Cloud 250
Exam Preparation Tasks 250
Review All Key Topics 250
Define Key Terms 251
References 251
Chapter 6 Data Center Network Management and Monitoring 252
“Do I Know This Already?” Quiz 252
Foundation Topics 254
Cisco Nexus NX-OS Software Installation, Updates, and Their Impacts 254
PowerOn Auto Provisioning (POAP) 259
Data Center Infrastructure Software Lifecycle Management 263
Nexus Nondisruptive In-Service Software Upgrade 263
Nexus Disruptive and Nondisruptive Upgrade/Downgrade Procedure 265
Programmable Logical Devices Upgrade 269
Nexus Configuration Management 271
NX-OS Configuration Save and Backup 272
Nexus Config Rollback and Checkpoint 272
Network Time Management 274
Network Time Protocol 275
Precision Time Protocol 280
Exam Preparation Tasks 238
Review All Key Topics 238
Define Key Terms 239
References 239
Chapter 5 Cisco Cloud Services and Deployment Models 240
“Do I Know This Already?” Quiz 240
Foundation Topics 242
What Is Cloud Computing? 242
Cloud Service Models 245
Software as a Service 245
Platform as a Service 246
Infrastructure as a Service 246
Cloud Deployment Models 248
Private Cloud 248
Public Cloud 248
Hybrid Cloud 249
Community Cloud 250
Exam Preparation Tasks 250
Review All Key Topics 250
Define Key Terms 251
References 251
Chapter 6 Data Center Network Management and Monitoring 252
“Do I Know This Already?” Quiz 252
Foundation Topics 254
Cisco Nexus NX-OS Software Installation, Updates, and Their Impacts 254
PowerOn Auto Provisioning (POAP) 259
Data Center Infrastructure Software Lifecycle Management 263
Nexus Nondisruptive In-Service Software Upgrade 263
Nexus Disruptive and Nondisruptive Upgrade/Downgrade Procedure 265
Programmable Logical Devices Upgrade 269
Nexus Configuration Management 271
NX-OS Configuration Save and Backup 272
Nexus Config Rollback and Checkpoint 272
Network Time Management 274
Network Time Protocol 275
Precision Time Protocol 280
Loading page 19...
xviii CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Network Infrastructure Monitoring 284
NX-OS System Message Logging 284
NX-OS Simple Network Management Protocol 286
Nexus Smart Call Home 292
Nexus NetFlow 293
Switched Port Analyzer 298
Streaming Telemetry 306
Network Assurance Concept 310
Exam Preparation Tasks 312
Review All Key Topics 312
Memory Tables 313
Define Key Terms 313
References 313
Chapter 7 Describe Cisco Nexus Dashboard 314
“Do I Know This Already?” Quiz 314
Foundation Topics 316
Cisco Nexus Dashboard 316
Cisco Nexus Dashboard Insights 318
Cisco Nexus Dashboard Insights Features and Benefits 318
Cisco Nexus Dashboard Insights GUI Overview 320
Cisco Nexus Dashboard Orchestrator 323
Cisco Nexus Dashboard Orchestrator Features and Benefits 324
Cisco Nexus Dashboard Fabric Controller 325
Cisco Nexus Dashboard Fabric Controller Features and Benefits 326
Cisco Nexus Dashboard Fabric Controller GUI Overview 331
Cisco Nexus Dashboard Data Broker 335
Cisco Nexus Dashboard Data Broker Features and Benefits 337
Cisco Nexus Dashboard Platforms 337
Cisco Nexus Dashboard Cluster Nodes 339
Cisco Nexus Dashboard External Networks 341
Cisco Nexus Dashboard GUI Overview 342
One View Page 343
Admin Console Page 343
Overview Page 344
Sites Page 345
Services Page 345
System Resources Pages 346
Network Infrastructure Monitoring 284
NX-OS System Message Logging 284
NX-OS Simple Network Management Protocol 286
Nexus Smart Call Home 292
Nexus NetFlow 293
Switched Port Analyzer 298
Streaming Telemetry 306
Network Assurance Concept 310
Exam Preparation Tasks 312
Review All Key Topics 312
Memory Tables 313
Define Key Terms 313
References 313
Chapter 7 Describe Cisco Nexus Dashboard 314
“Do I Know This Already?” Quiz 314
Foundation Topics 316
Cisco Nexus Dashboard 316
Cisco Nexus Dashboard Insights 318
Cisco Nexus Dashboard Insights Features and Benefits 318
Cisco Nexus Dashboard Insights GUI Overview 320
Cisco Nexus Dashboard Orchestrator 323
Cisco Nexus Dashboard Orchestrator Features and Benefits 324
Cisco Nexus Dashboard Fabric Controller 325
Cisco Nexus Dashboard Fabric Controller Features and Benefits 326
Cisco Nexus Dashboard Fabric Controller GUI Overview 331
Cisco Nexus Dashboard Data Broker 335
Cisco Nexus Dashboard Data Broker Features and Benefits 337
Cisco Nexus Dashboard Platforms 337
Cisco Nexus Dashboard Cluster Nodes 339
Cisco Nexus Dashboard External Networks 341
Cisco Nexus Dashboard GUI Overview 342
One View Page 343
Admin Console Page 343
Overview Page 344
Sites Page 345
Services Page 345
System Resources Pages 346
Loading page 20...
xix
Operations Pages 347
Infrastructure Pages 348
Administrative Pages 348
Exam Preparation Tasks 348
Review All Key Topics 348
Memory Tables 349
Define Key Terms 349
References 349
Part II Storage
Chapter 8 Implement Fibre Channel 352
“Do I Know This Already?” Quiz 353
Foundation Topics 356
Cisco MDS 9000 Series Hardware 356
Cisco MDS 9700 Series Multilayer Directors 356
Cisco MDS 9300 Series Multilayer Fabric Switches 360
Cisco MDS 9200 Series Multiservice Switches 361
Cisco MDS 9100 Series Multilayer Fabric Switches 362
Fibre Channel Basics 365
Fibre Channel Topologies 365
Fibre Channel Port Types 368
E Port 369
F Port 369
NP Ports 369
TE Port 369
TF Port 370
TNP Port 370
Fx Port 370
Auto Mode 370
Fibre Channel Addressing 371
Flow Control 372
Switched Fabric Initialization 373
Principal Switch Selection 374
Domain ID Distribution 375
FCID Allocation 377
Fabric Reconfiguration 377
Device Registration: FLOGI, PLOGI, PRLI 378
FLOGI and FCNS Databases 378
Operations Pages 347
Infrastructure Pages 348
Administrative Pages 348
Exam Preparation Tasks 348
Review All Key Topics 348
Memory Tables 349
Define Key Terms 349
References 349
Part II Storage
Chapter 8 Implement Fibre Channel 352
“Do I Know This Already?” Quiz 353
Foundation Topics 356
Cisco MDS 9000 Series Hardware 356
Cisco MDS 9700 Series Multilayer Directors 356
Cisco MDS 9300 Series Multilayer Fabric Switches 360
Cisco MDS 9200 Series Multiservice Switches 361
Cisco MDS 9100 Series Multilayer Fabric Switches 362
Fibre Channel Basics 365
Fibre Channel Topologies 365
Fibre Channel Port Types 368
E Port 369
F Port 369
NP Ports 369
TE Port 369
TF Port 370
TNP Port 370
Fx Port 370
Auto Mode 370
Fibre Channel Addressing 371
Flow Control 372
Switched Fabric Initialization 373
Principal Switch Selection 374
Domain ID Distribution 375
FCID Allocation 377
Fabric Reconfiguration 377
Device Registration: FLOGI, PLOGI, PRLI 378
FLOGI and FCNS Databases 378
Loading page 21...
xx CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
CFS 380
CFS Features 381
CFS Fabric Lock 382
CFSoIP and CFSoFC 382
CFS Merge 384
CFS Regions 384
VSAN 386
VSAN Features 386
VSAN Attributes 387
VSAN Advantages 388
Dynamic Port VSAN Membership (DPVM) 388
VSAN Trunking 389
SAN Port Channels 396
Types of SAN Port Channels 396
Port Channel Load Balancing 398
Port Channel Modes 399
Zoning 404
Zoning Features 404
Zone Enforcement 406
Full and Active Zone Set 407
Autozone 410
Zone Merge 410
Smart Zoning 411
Enhanced Zoning 412
Device Alias 418
Device Alias Features 419
Device Alias Modes 419
Device Alias Distribution 420
Zone Aliases (FC Aliases) Versus Device Aliases 421
NPIV and NPV 424
Exam Preparation Tasks 431
Review All Key Topics 431
Memory Tables 432
Define Key Terms 432
References 433
CFS 380
CFS Features 381
CFS Fabric Lock 382
CFSoIP and CFSoFC 382
CFS Merge 384
CFS Regions 384
VSAN 386
VSAN Features 386
VSAN Attributes 387
VSAN Advantages 388
Dynamic Port VSAN Membership (DPVM) 388
VSAN Trunking 389
SAN Port Channels 396
Types of SAN Port Channels 396
Port Channel Load Balancing 398
Port Channel Modes 399
Zoning 404
Zoning Features 404
Zone Enforcement 406
Full and Active Zone Set 407
Autozone 410
Zone Merge 410
Smart Zoning 411
Enhanced Zoning 412
Device Alias 418
Device Alias Features 419
Device Alias Modes 419
Device Alias Distribution 420
Zone Aliases (FC Aliases) Versus Device Aliases 421
NPIV and NPV 424
Exam Preparation Tasks 431
Review All Key Topics 431
Memory Tables 432
Define Key Terms 432
References 433
Loading page 22...
xxi
Chapter 9 Implement FCoE Unified Fabric 434
“Do I Know This Already?” Quiz 434
Foundation Topics 436
FCoE Overview 436
Ethernet Enhancements 438
Priority-Based Flow Control (PFC) 438
Enhanced Transmission Selection (ETS) 439
Data Center Bridging Exchange (DCBX) 440
FCoE Frame Format 442
Virtual Fibre Channel (VFC) 444
FCoE Elements and Port Types 445
FCoE Addressing and Forwarding 447
FCoE Initialization Protocol (FIP) 448
Benefits of FCoE 451
FCoE Topology Options 451
FCoE Single-Hop Topology 451
FCoE Direct-Attached Topology 452
FCoE FEX Topology 453
FCoE Remote-Attached Topology 454
FCoE Multi-Hop Topology 454
FCoE Implementations 455
FCoE Configuration on Cisco Nexus 7000 Series Switches 456
Miscellaneous FCoE Configuration 457
FCoE Configuration on Cisco Nexus 5000 Series Switches 458
FCoE Configuration on Cisco Nexus 9000 Series Switches 459
FCoE over FEX 461
FCoE NPV 463
FCoE Verification 466
Exam Preparation Tasks 475
Review All Key Topics 475
Memory Tables 476
Define Key Terms 476
References 476
Chapter 10 Describe NFS and NAS Concepts 478
“Do I Know This Already?” Quiz 478
Foundation Topics 479
Describe NFS Concepts 479
Chapter 9 Implement FCoE Unified Fabric 434
“Do I Know This Already?” Quiz 434
Foundation Topics 436
FCoE Overview 436
Ethernet Enhancements 438
Priority-Based Flow Control (PFC) 438
Enhanced Transmission Selection (ETS) 439
Data Center Bridging Exchange (DCBX) 440
FCoE Frame Format 442
Virtual Fibre Channel (VFC) 444
FCoE Elements and Port Types 445
FCoE Addressing and Forwarding 447
FCoE Initialization Protocol (FIP) 448
Benefits of FCoE 451
FCoE Topology Options 451
FCoE Single-Hop Topology 451
FCoE Direct-Attached Topology 452
FCoE FEX Topology 453
FCoE Remote-Attached Topology 454
FCoE Multi-Hop Topology 454
FCoE Implementations 455
FCoE Configuration on Cisco Nexus 7000 Series Switches 456
Miscellaneous FCoE Configuration 457
FCoE Configuration on Cisco Nexus 5000 Series Switches 458
FCoE Configuration on Cisco Nexus 9000 Series Switches 459
FCoE over FEX 461
FCoE NPV 463
FCoE Verification 466
Exam Preparation Tasks 475
Review All Key Topics 475
Memory Tables 476
Define Key Terms 476
References 476
Chapter 10 Describe NFS and NAS Concepts 478
“Do I Know This Already?” Quiz 478
Foundation Topics 479
Describe NFS Concepts 479
Loading page 23...
xxii CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Describe NAS Concepts 481
NAS Benefits 483
Cisco UCS S-Series Storage Servers 483
Exam Preparation Tasks 485
Review All Key Topics 485
Define Key Terms 485
References 486
Chapter 11 Describe Software Management and Infrastructure Monitoring 488
“Do I Know This Already?” Quiz 488
Foundation Topics 490
Cisco MDS NX-OS Setup Utility 490
Cisco MDS NX-OS Software Upgrade and Downgrade 498
Nondisruptive Upgrade on a Cisco MDS Fabric Switch 500
Disruptive Upgrade on a Cisco MDS Fabric Switch 505
Nondisruptive Downgrade on a Cisco MDS Fabric Switch 508
Disruptive Downgrade on a Cisco MDS Fabric Switch 513
EPLD Upgrade on Cisco MDS 9000 Series Switches 515
Infrastructure Monitoring 521
System Messages 521
Call Home 521
Embedded Event Manager 522
RMON 523
SPAN 523
SPAN Configuration Example 526
Remote SPAN 526
Exam Preparation Tasks 528
Review All Key Topics 528
Define Key Terms 529
References 529
Part III Compute
Chapter 12 Cisco Unified Computing Systems Overview 530
“Do I Know This Already?” Quiz 530
Foundation Topics 532
Cisco UCS Architecture 532
Cisco UCS Components and Connectivity 534
Cisco UCS 5108 Blade Server Chassis 536
Describe NAS Concepts 481
NAS Benefits 483
Cisco UCS S-Series Storage Servers 483
Exam Preparation Tasks 485
Review All Key Topics 485
Define Key Terms 485
References 486
Chapter 11 Describe Software Management and Infrastructure Monitoring 488
“Do I Know This Already?” Quiz 488
Foundation Topics 490
Cisco MDS NX-OS Setup Utility 490
Cisco MDS NX-OS Software Upgrade and Downgrade 498
Nondisruptive Upgrade on a Cisco MDS Fabric Switch 500
Disruptive Upgrade on a Cisco MDS Fabric Switch 505
Nondisruptive Downgrade on a Cisco MDS Fabric Switch 508
Disruptive Downgrade on a Cisco MDS Fabric Switch 513
EPLD Upgrade on Cisco MDS 9000 Series Switches 515
Infrastructure Monitoring 521
System Messages 521
Call Home 521
Embedded Event Manager 522
RMON 523
SPAN 523
SPAN Configuration Example 526
Remote SPAN 526
Exam Preparation Tasks 528
Review All Key Topics 528
Define Key Terms 529
References 529
Part III Compute
Chapter 12 Cisco Unified Computing Systems Overview 530
“Do I Know This Already?” Quiz 530
Foundation Topics 532
Cisco UCS Architecture 532
Cisco UCS Components and Connectivity 534
Cisco UCS 5108 Blade Server Chassis 536
Loading page 24...
xxiii
UCS Blade Servers 536
Cisco UCS Rack Servers 537
Cisco UCS Storage Servers 537
Cisco UCS Mini 539
Cisco UCS Fabric Infrastructure 539
Cisco UCS 6536 Fabric Interconnect 540
Cisco UCS 6454 Fabric Interconnect 541
Cisco UCS 6300 Series Fabric Interconnects 543
Fabric Interconnect and Fabric Extender Connectivity 544
Cisco UCS Virtualization Infrastructure 550
Cisco UCS-X System 555
Cisco UCS Initial Setup and Management 557
Fabric Interconnect Connectivity and Configurations 565
Uplink Connectivity 566
Downlink Connectivity 567
Fabric Interconnect Port Modes 567
Fabric Failover for Ethernet: High-Availability vNIC 569
Ethernet Switching Mode 570
UCS Device Discovery 577
Chassis/FEX Discovery 577
Rack Server Discovery Policy 577
Initial Server Setup for Standalone UCS C-Series 578
Cisco UCS Network Management 584
UCS Virtual LAN 584
Named VLANs 586
UCS Identity Pools 591
Universally Unique Identifier Suffix Pools 591
MAC Pools 593
IP Pools 593
Server Pools 596
Service Profiles 596
UCS Server Policies 599
UCS Service Profile Templates 602
Quality of Service 608
QoS System Classes 608
QoS System Classes Configurations 609
Configuring Quality of Service Policies 610
UCS Blade Servers 536
Cisco UCS Rack Servers 537
Cisco UCS Storage Servers 537
Cisco UCS Mini 539
Cisco UCS Fabric Infrastructure 539
Cisco UCS 6536 Fabric Interconnect 540
Cisco UCS 6454 Fabric Interconnect 541
Cisco UCS 6300 Series Fabric Interconnects 543
Fabric Interconnect and Fabric Extender Connectivity 544
Cisco UCS Virtualization Infrastructure 550
Cisco UCS-X System 555
Cisco UCS Initial Setup and Management 557
Fabric Interconnect Connectivity and Configurations 565
Uplink Connectivity 566
Downlink Connectivity 567
Fabric Interconnect Port Modes 567
Fabric Failover for Ethernet: High-Availability vNIC 569
Ethernet Switching Mode 570
UCS Device Discovery 577
Chassis/FEX Discovery 577
Rack Server Discovery Policy 577
Initial Server Setup for Standalone UCS C-Series 578
Cisco UCS Network Management 584
UCS Virtual LAN 584
Named VLANs 586
UCS Identity Pools 591
Universally Unique Identifier Suffix Pools 591
MAC Pools 593
IP Pools 593
Server Pools 596
Service Profiles 596
UCS Server Policies 599
UCS Service Profile Templates 602
Quality of Service 608
QoS System Classes 608
QoS System Classes Configurations 609
Configuring Quality of Service Policies 610
Loading page 25...
xxiv CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
Cisco UCS Storage 611
UCS SAN Connectivity 611
UCS SAN Configuration 615
Virtual Storage-Area Networks 616
Named VSANs Configurations 616
Zones and Zone Sets 618
World Wide Name Pool 621
SAN Connectivity Policies 624
Exam Preparation Tasks 625
Review All Key Topics 625
Define Key Terms 626
References 626
Chapter 13 Cisco Unified Computing Infrastructure Monitoring 628
“Do I Know This Already?” Quiz 628
Foundation Topics 630
Cisco UCS System Monitoring 630
Data Management Engine 631
Application Gateway 631
Northbound Interfaces 631
Cisco UCS Monitoring Events and Logs 632
Cisco UCS Monitoring Policies 634
Cisco UCS Simple Network Management Protocol 636
Cisco UCS Call Home and Smart Call Home 636
Cisco UCS Manager Database Health and Hardware Monitoring 638
Cisco UCS NetFlow Monitoring 638
Traffic Monitoring 640
Traffic Monitoring Across Ethernet 641
Traffic Monitoring Across Fibre Channel 642
Cisco Intersight 647
Intersight Management as a Service 648
Intersight as a Telemetry Data Collection 650
Cisco Intersight Supported Software 650
Cisco Intersight Licensing 652
Exam Preparation Tasks 656
Review All Key Topics 656
Define Key Terms 657
References 657
Cisco UCS Storage 611
UCS SAN Connectivity 611
UCS SAN Configuration 615
Virtual Storage-Area Networks 616
Named VSANs Configurations 616
Zones and Zone Sets 618
World Wide Name Pool 621
SAN Connectivity Policies 624
Exam Preparation Tasks 625
Review All Key Topics 625
Define Key Terms 626
References 626
Chapter 13 Cisco Unified Computing Infrastructure Monitoring 628
“Do I Know This Already?” Quiz 628
Foundation Topics 630
Cisco UCS System Monitoring 630
Data Management Engine 631
Application Gateway 631
Northbound Interfaces 631
Cisco UCS Monitoring Events and Logs 632
Cisco UCS Monitoring Policies 634
Cisco UCS Simple Network Management Protocol 636
Cisco UCS Call Home and Smart Call Home 636
Cisco UCS Manager Database Health and Hardware Monitoring 638
Cisco UCS NetFlow Monitoring 638
Traffic Monitoring 640
Traffic Monitoring Across Ethernet 641
Traffic Monitoring Across Fibre Channel 642
Cisco Intersight 647
Intersight Management as a Service 648
Intersight as a Telemetry Data Collection 650
Cisco Intersight Supported Software 650
Cisco Intersight Licensing 652
Exam Preparation Tasks 656
Review All Key Topics 656
Define Key Terms 657
References 657
Loading page 26...
xxv
Chapter 14 Cisco Unified Compute Software and Configuration
Management 658
“Do I Know This Already?” Quiz 658
Foundation Topics 660
Cisco UCS Configuration Management 660
Creating and Running a Backup Operation 661
Backup Policies 666
Backup Policy Configuration 666
Import Backups 668
Enable the Import Operation 669
System Restore 670
Restoring the Configuration for a Fabric Interconnect 671
UCS Firmware and Software Updates 672
Firmware Version Terminology 679
Firmware Upgrades Through Auto Install 680
Direct Upgrade After Auto Install Procedure 684
Install Infrastructure Firmware Procedure 688
Upgrading the Server Firmware with Auto Install 691
Standalone Cisco UCS C-Series Server Firmware Upgrade Using the Host
Upgrade Utility (HUU) 693
Downloading and Preparing the ISO for an Upgrade 694
Exam Preparation Tasks 700
Review All Key Topics 700
Define Key Terms 700
References 700
Chapter 15 Cisco HyperFlex Overview 702
“Do I Know This Already?” Quiz 702
Foundation Topics 704
Cisco HyperFlex Solution and Benefits 704
HyperFlex Benefits 707
Intelligent End-to-End Automation 708
Unified Management for All Workloads 709
Independent Resource Scaling 710
Superior Virtual Machine Density with Lower and Consistent
Latency 711
HyperFlex as an Edge, Hybrid, and All-Flash Nodes 712
HyperFlex as an Edge Device 712
Chapter 14 Cisco Unified Compute Software and Configuration
Management 658
“Do I Know This Already?” Quiz 658
Foundation Topics 660
Cisco UCS Configuration Management 660
Creating and Running a Backup Operation 661
Backup Policies 666
Backup Policy Configuration 666
Import Backups 668
Enable the Import Operation 669
System Restore 670
Restoring the Configuration for a Fabric Interconnect 671
UCS Firmware and Software Updates 672
Firmware Version Terminology 679
Firmware Upgrades Through Auto Install 680
Direct Upgrade After Auto Install Procedure 684
Install Infrastructure Firmware Procedure 688
Upgrading the Server Firmware with Auto Install 691
Standalone Cisco UCS C-Series Server Firmware Upgrade Using the Host
Upgrade Utility (HUU) 693
Downloading and Preparing the ISO for an Upgrade 694
Exam Preparation Tasks 700
Review All Key Topics 700
Define Key Terms 700
References 700
Chapter 15 Cisco HyperFlex Overview 702
“Do I Know This Already?” Quiz 702
Foundation Topics 704
Cisco HyperFlex Solution and Benefits 704
HyperFlex Benefits 707
Intelligent End-to-End Automation 708
Unified Management for All Workloads 709
Independent Resource Scaling 710
Superior Virtual Machine Density with Lower and Consistent
Latency 711
HyperFlex as an Edge, Hybrid, and All-Flash Nodes 712
HyperFlex as an Edge Device 712
Loading page 27...
xxvi CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
HyperFlex Hyperconverged Multicloud Platform (Hybrid or
All-Flash) 714
HyperFlex All NVMe 715
Cisco HyperFlex Data Platform 716
HX Storage Cluster Physical Components 717
HX Data Platform High Availability 718
HX Data Platform Cluster Tolerated Failures 719
HX Data Platform Ready Clones 719
HX Data Platform Native Snapshots 719
HX Cluster Interfaces 720
HX Self-Encrypting Drives 720
Configuring a Local Encryption Key 721
Managing HX Disks in the Cluster 721
Managing HX Datastores 724
Expand Cisco HX System Clusters 725
Enabling HX Logical Availability Zones 726
Exam Preparation Tasks 728
Review All Key Topics 728
Define Key Terms 728
References 728
Part IV Automation
Chapter 16 Automation and Scripting Tools 730
“Do I Know This Already?” Quiz 730
Foundation Topics 733
EEM Overview 733
Policies 733
Event Statements 734
Action Statements 734
Configuring EEM 735
Verifying the EEM Configuration 736
Scheduler 736
Configuring Scheduler 737
Verifying Scheduler Configuration 739
Bash Shell for Cisco NX-OS 740
Managing Feature RPMs 742
Managing Patch RPMs 742
Guest Shell for Cisco NX-OS 743
HyperFlex Hyperconverged Multicloud Platform (Hybrid or
All-Flash) 714
HyperFlex All NVMe 715
Cisco HyperFlex Data Platform 716
HX Storage Cluster Physical Components 717
HX Data Platform High Availability 718
HX Data Platform Cluster Tolerated Failures 719
HX Data Platform Ready Clones 719
HX Data Platform Native Snapshots 719
HX Cluster Interfaces 720
HX Self-Encrypting Drives 720
Configuring a Local Encryption Key 721
Managing HX Disks in the Cluster 721
Managing HX Datastores 724
Expand Cisco HX System Clusters 725
Enabling HX Logical Availability Zones 726
Exam Preparation Tasks 728
Review All Key Topics 728
Define Key Terms 728
References 728
Part IV Automation
Chapter 16 Automation and Scripting Tools 730
“Do I Know This Already?” Quiz 730
Foundation Topics 733
EEM Overview 733
Policies 733
Event Statements 734
Action Statements 734
Configuring EEM 735
Verifying the EEM Configuration 736
Scheduler 736
Configuring Scheduler 737
Verifying Scheduler Configuration 739
Bash Shell for Cisco NX-OS 740
Managing Feature RPMs 742
Managing Patch RPMs 742
Guest Shell for Cisco NX-OS 743
Loading page 28...
xxvii
Accessing the Guest Shell 743
Resources Used for the Guest Shell 744
Capabilities in the Guest Shell 744
Managing the Guest Shell 746
XML 748
Example 749
XML Syntax 750
JSON 751
Rest API 752
Authentication 753
Response 754
NX-API 755
NX-API Request and Response Elements 757
NX-API Developer Sandbox 759
Exam Preparation Tasks 760
Review All Key Topics 760
Memory Tables 761
Define Key Terms 761
References 761
Chapter 17 Evaluate Automation and Orchestration Technologies 762
“Do I Know This Already?” Quiz 762
Foundation Topics 764
Ansible 764
Ansible Components 765
Important Ansible Concepts 766
Ansible CLI Tools 767
Cisco NX-OS and Ansible Example 767
Python 768
Python Package for Cisco 769
Using the CLI Command APIs 771
Python in Interactive Mode 772
Python in Noninteractive Mode 773
UCS Manager Python SDK 775
Convert to UCS Python 777
PowerOn Auto Provisioning (POAP) 777
Limitations of POAP 778
Network Requirements for POAP 778
Accessing the Guest Shell 743
Resources Used for the Guest Shell 744
Capabilities in the Guest Shell 744
Managing the Guest Shell 746
XML 748
Example 749
XML Syntax 750
JSON 751
Rest API 752
Authentication 753
Response 754
NX-API 755
NX-API Request and Response Elements 757
NX-API Developer Sandbox 759
Exam Preparation Tasks 760
Review All Key Topics 760
Memory Tables 761
Define Key Terms 761
References 761
Chapter 17 Evaluate Automation and Orchestration Technologies 762
“Do I Know This Already?” Quiz 762
Foundation Topics 764
Ansible 764
Ansible Components 765
Important Ansible Concepts 766
Ansible CLI Tools 767
Cisco NX-OS and Ansible Example 767
Python 768
Python Package for Cisco 769
Using the CLI Command APIs 771
Python in Interactive Mode 772
Python in Noninteractive Mode 773
UCS Manager Python SDK 775
Convert to UCS Python 777
PowerOn Auto Provisioning (POAP) 777
Limitations of POAP 778
Network Requirements for POAP 778
Loading page 29...
xxviii CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide
POAP Configuration Script 778
POAP Process 779
Power-Up Phase 779
USB Discovery Phase 779
DHCP Discovery Phase 781
Script Execution Phase 782
Post-Installation Reload Phase 782
Configuring a Switch Using POAP 782
HashiCorp Terraform 783
Terraform Concept 784
Terraform Components 784
Terraform Commands 786
PowerShell 789
Exam Preparation Tasks 795
Review All Key Topics 795
Memory Tables 796
Define Key Terms 796
References 797
Part V Security
Chapter 18 Network Security 798
“Do I Know This Already?” Quiz 798
Foundation Topics 801
Authentication, Authorization, and Accounting 801
AAA Service Configuration Options 802
Authentication and Authorization User Login Process 803
AAA NX-OS Configurations 804
Role-Based Access Control 807
NX-OS User Roles and Rules 809
NX-OS RBAC Configurations 811
Nexus First-Hop Security 815
Nexus Dynamic ARP Inspection 816
NX-OS DAI Configurations 819
NX-OS DHCP Snooping 827
DHCP Snooping Trusted and Untrusted Sources 827
DHCP Snooping Packet Validation 828
DHCP Snooping Option 82 Data Insertion 829
POAP Configuration Script 778
POAP Process 779
Power-Up Phase 779
USB Discovery Phase 779
DHCP Discovery Phase 781
Script Execution Phase 782
Post-Installation Reload Phase 782
Configuring a Switch Using POAP 782
HashiCorp Terraform 783
Terraform Concept 784
Terraform Components 784
Terraform Commands 786
PowerShell 789
Exam Preparation Tasks 795
Review All Key Topics 795
Memory Tables 796
Define Key Terms 796
References 797
Part V Security
Chapter 18 Network Security 798
“Do I Know This Already?” Quiz 798
Foundation Topics 801
Authentication, Authorization, and Accounting 801
AAA Service Configuration Options 802
Authentication and Authorization User Login Process 803
AAA NX-OS Configurations 804
Role-Based Access Control 807
NX-OS User Roles and Rules 809
NX-OS RBAC Configurations 811
Nexus First-Hop Security 815
Nexus Dynamic ARP Inspection 816
NX-OS DAI Configurations 819
NX-OS DHCP Snooping 827
DHCP Snooping Trusted and Untrusted Sources 827
DHCP Snooping Packet Validation 828
DHCP Snooping Option 82 Data Insertion 829
Loading page 30...
xxix
NX-OS DHCP Snooping Configuration 829
Port Security 832
Nexus Port Secure MAC Address Maximum and Dynamic Address
Aging 833
Port Security Violations and Actions 834
Nexus Port Types and Port Security 835
NX-OS Port Security Configuration 835
Nexus Control Plane Policing 837
Control Plane Packet 839
Classification for CoPP 840
Rate-Controlling Mechanisms 840
Modular QoS Command-Line Interface 842
NX-OS CoPP Configuration 844
Cisco ACI Contracts 851
Cisco ACI Contract Configuration Parameters 853
Create, Modify, or Remove Regular Contracts 854
Apply or Remove VRF Contracts 856
Inter-Tenant Contracts 857
Inter-Private Network Contracts Communication 858
Single Contract Bidirectional Reverse Filter 859
Single Contract Unidirectional with Multiple Filters 859
Multiple Contracts Unidirectional Single Filter 860
ACI Microsegmentation 860
Example: ACI Microsegmentation with VMs from a Single Application
EPG 862
Example: ACI Microsegmentation with VMs in Different Application
EPGs 863
ACI Microsegmentation Configurations 864
Keychain Authentication 868
NX-OS Keychain Configurations 868
Key Selection 871
Exam Preparation Tasks 872
Review All Key Topics 872
Define Key Terms 873
References 873
NX-OS DHCP Snooping Configuration 829
Port Security 832
Nexus Port Secure MAC Address Maximum and Dynamic Address
Aging 833
Port Security Violations and Actions 834
Nexus Port Types and Port Security 835
NX-OS Port Security Configuration 835
Nexus Control Plane Policing 837
Control Plane Packet 839
Classification for CoPP 840
Rate-Controlling Mechanisms 840
Modular QoS Command-Line Interface 842
NX-OS CoPP Configuration 844
Cisco ACI Contracts 851
Cisco ACI Contract Configuration Parameters 853
Create, Modify, or Remove Regular Contracts 854
Apply or Remove VRF Contracts 856
Inter-Tenant Contracts 857
Inter-Private Network Contracts Communication 858
Single Contract Bidirectional Reverse Filter 859
Single Contract Unidirectional with Multiple Filters 859
Multiple Contracts Unidirectional Single Filter 860
ACI Microsegmentation 860
Example: ACI Microsegmentation with VMs from a Single Application
EPG 862
Example: ACI Microsegmentation with VMs in Different Application
EPGs 863
ACI Microsegmentation Configurations 864
Keychain Authentication 868
NX-OS Keychain Configurations 868
Key Selection 871
Exam Preparation Tasks 872
Review All Key Topics 872
Define Key Terms 873
References 873
Loading page 31...
30 more pages available. Scroll down to load them.
Preview Mode
Sign in to access the full document!
100%
Study Now!
XY-Copilot AI
Unlimited Access
Secure Payment
Instant Access
24/7 Support
AI Assistant
Document Details
Subject
Cisco Certified Network Professional