An engineer must enable the OMP advertisement of BGP routes for a specific VRF instance on a Cisco IOS XE SD-WAN device. What should be configured after the global address-family ipv4 is configured?
Correct Answer:
B
To enable the OMP advertisement of BGP routes for a specific VRF instance on a Cisco IOS XE SD-WAN device, the engineer must first configure the global address-family ipv4 and then enable bgp advertisement under the vrf definition. This will allow the device to advertise the BGP routes learned from the cloud provider to the OMP control plane, which will then distribute them to the other SD-WAN devices in the overlay network1
References := 1: Designing and Implementing Cloud Connectivity (ENCC) v1.0, Module 3: Implementing Cloud Connectivity, Lesson 3: Configuring IPsec VPN from Cisco IOS XE to AWS, Topic: Configuring BGP on the Cisco IOS XE Device, Page 3-24.
DRAG DROP
An engineer needs to configure enhanced policy-based routing (ePBR) for IPv4 by using Cisco vManage. Drag and drop the steps from the left onto the order on the right to complete the configuration of the ePBR using the CLI add-on template.
Solution:
Enhanced Policy-Based Routing (ePBR) is used to direct packets that arrive at an interface to a specified next-hop. It is very useful in managing a large number of configured access lists more efficiently. In ePBR, the router drops the traffic packets if the next hop configured in the PBR policy is not reachable. To avoid packet loss in such
scenarios, you must configure multiple next hops for each access control entry. Here are the steps to configure ePBR for IPv4 using Cisco vManage:
✑ Configure an extended ACL: This step involves defining the network or the host.
For example, you can permit IPv4 traffic from any source to specific hosts.
✑ Configure a class map that matches the ACL: Class maps match the parameters in the ACLs. For instance, you can create a class map of type traffic and match it with the previously created ACL.
✑ Configure the policy map with the action to set the next hop: Policy maps with ePBR then take detailed actions based on the set statements configured. You can configure an ePBR policy map with the class map and set the next hop.
✑ Apply the service policy on the interface: Finally, you apply the ePBR policy map to the interface. For example, you can apply the policy map to a GigabitEthernet interface.
References :=
✑ Implementing Enhanced Policy Based Routing - Cisco
✑ Cisco Catalyst SD-WAN Policies Configuration Guide, Cisco IOS XE
✑ How to configure PBR - Cisco Community
Does this meet the goal?
Correct Answer:
A
DRAG DROP
An engineer must configure an AppGoE service node for WAN optimization for applications that are hosted in the cloud using Cisco vManage for C8000V or C8500L-8S4X devices. Drag and drop the steps from the left onto the order on the right to complete the configuration.
Solution:
Step 1 = Navigate to Configuration, select Templates, and then select Device Templates. Step 2 = Click Create Template, select From Feature Template, and then select the device model. Step 3 = Select Device, select Service Node, and then set Template Name and Description. Step 4 = Attach the device template to the device.
The process of configuring an AppGoE service node for WAN optimization for applications that are hosted in the cloud using Cisco vManage for C8000V or C8500L-8S4X devices involves several steps12.
✑ Navigate to Configuration, select Templates, and then select Device Templates:
This is the first step where you navigate to the Templates section in the Configuration menu of Cisco vManage1.
✑ Click Create Template, select From Feature Template, and then select the device model: In this step, you create a new template for the device model from the feature template1.
✑ Select Device, select Service Node, and then set Template Name and Description:
After setting up the template, you select the device and the service node, and then set the template name and description1.
✑ Attach the device template to the device: Finally, you attach the created device template to the device1. References :=
✑ AppQoE - Step-by-Step Configuration - Cisco Community
✑ Cisco Catalyst SD-WAN AppQoE Configuration Guide, Cisco IOS XE Catalyst SD- WAN Release 17.x
Does this meet the goal?
Correct Answer:
A
A company with multiple branch offices wants a suitable connectivity model to meet these network architecture requirements:
• high availability
• quality of service (QoS)
• multihoming
• specific routing needs
Which connectivity model meets these requirements?
Correct Answer:
D
A fully meshed topology with SD-WAN technology using dynamic routing and prioritized traffic for QoS meets the network architecture requirements of the company. A fully meshed topology provides high availability by eliminating single points of failure and allowing multiple paths between branch offices. SD-WAN technology enables multihoming by supporting multiple transport options, such as MPLS, internet, LTE, etc. SD-WAN also provides QoS by applying policies to prioritize traffic based on application, user, or network conditions. Dynamic routing allows the SD-WAN solution to adapt to changing network conditions and optimize the path selection for each traffic type. A fully meshed topology with SD-WAN technology can also support specific routing needs, such as segment routing, policy-based routing, or application-aware routing. References:
✑ Designing and Implementing Cloud Connectivity (ENCC) v1.0
✑ [Cisco SD-WAN Design Guide]
✑ [Cisco SD-WAN Configuration Guide]
Which feature is unique to Cisco SD-WAN IPsec tunnels compared to native IPsec VPN tunnels?
Correct Answer:
A
Cisco SD-WAN IPsec tunnels are different from native IPsec VPN tunnels in several ways. One of the unique features of Cisco SD-WAN IPsec tunnels is that they support real-time dynamic path selection, which means that they can automatically choose the best path for each application based on the network conditions and policies. This feature improves the performance, reliability, and efficiency of the network traffic. Native IPsec VPN tunnels, on the other hand, do not have this capability and rely on static routing or manual configuration to select the path for each tunnel. This can result in suboptimal
performance, increased latency, and higher costs. References := Traditional IPsec Versus Cisco SD-WAN IPsec, SD-WAN vs IPsec VPN??s - What??s the difference?, SD-WAN vs. VPN: How Do They Compare?, Traditional IPSEC Versus SD-WAN IPSEC
