segunda-feira, 29 de fevereiro de 2016

Lab CCIE R&S no GNS3


Bom pessoal, aqui mais um lab pré configurado para os estudos do CCIE R&S, o colega Daniel Demers do forum do GNS3 está montando esse lab para todos que estão estudando para a prova, o que mais me chamou a atenção foi a quantidade de detalhes nas configs e na topologia dele:


Estou terminando de fazer funcionar, porém já percebi que ele separou o lab por tópico (ex. OSPF+ BGP na topologia DOG, EIGRP na RED etc) o que facilita pois você não irá precisar ligar todos os routers (muitos de verdade).

Fica como mais uma opção pra quem vai estudar pro tão sonhado CCIE.

Ele utilizou as imagens:

Layer 3 IOU: i86bi-linux-l3-adventerprisek9-15.4.1T.bin
Layer 2 IOU: i86bi-linux-l2-adventerprisek9-15.1a.bin

A versão do GNS3 é a 1.4 (releases acima dessa versão).

Lab:


Abraços

Para ajudar o Café com Redes:

terça-feira, 23 de fevereiro de 2016

Cisco LAB Móvel 2016


Bom pessoal, como é sempre bom ficar de olho nas oportunidades, parece que o lab móvel da Cisco virá para o Brasil algumas vezes esse ano, em abril está confirmado (de 4-8 de abril), mas também com possibilidade de Jun-Jul (27-01) e em Nov-Dez (28-02), quem conseguir acelerar os estudos pode aproveitar que o dólar ainda não aumentou pra 5 reais e tentar pelo menos 1 vez esse ano.

Segue a lista completa:


Fonte:

https://learningnetwork.cisco.com/docs/DOC-3224


Abraços

quinta-feira, 18 de fevereiro de 2016

100 mil visitas!!


Pessoal, queria agradecer a todos que acessaram o blog e nos ajudou a chegar a marca de 100 mil acessos, pode não parecer muito mas vale muito pra mim saber que o pessoal acompanha e que conseguimos ajudar muita gente, seja com materiais, tutorials, novidades etc.

A segunda ótima noticia é que minha filha Manuela nasceu agora no dia 14/02:


É a coisa mais linda do mundo kkkkk

Agora tenho motivos dobrados pra continuar estudando e correndo atrás das coisas :)

Abraços pessoal, e obrigado.

segunda-feira, 8 de fevereiro de 2016

Mininet - SDN na prática



Bom pessoal, SDN é um assunto bem polêmico e quer queira ou não ele veio pra ficar e você analista/administrador de redes como eu vai acabar se deparando com essa tecnologia logo logo.

 Essa dica é para você que como eu não conhece nada ou quase nada de SDN, Mininet é um emulador que cria uma rede virtual rodando um kernel real com switches, hosts e controladoras tudo dentro de uma única VM:

 http://mininet.org/

 Sem muito papo, vamos a parte prática da coisa:

 - Baixe a VM do site (Virtual Box, VMWorkstation, KVM ou VMFusion):

 http://mininet.org/download/

Direto da fonte:

git clone git://github.com/mininet/mininet

Ou via apt-get:

#sudo apt-get install mininet

Bom eu como sou preguiçoso baixei a VM e instalei no Virtual Box (requer 1 processador e 1GB de RAM), agora antes de iniciar a VM, adicione a placa de rede de sua preferência (para ter acesso via terminal):


Acesse a console e use as seguintes credenciais:

user: mininet
password: mininet



Para começar digite o seguinte comando:

$sudo mn

A topologia inicial é o que eles chamam de "minimal"  com 2 hosts, 1 switch e 1 controladora, feito isso você tem uma serie de comandos pra já começar a brincar:

Mostrar os comandos da CLI:
mininet> help

Mostrar os nodes:
mininet> nodes

Mostrar os links:
mininet> net

Mostrar as informações de todos os nodes:
mininet> dump

Pingar todos os hosts:
mininet> pingall

Para verificar as configurações das interfaces, você deve colocar o nome do host/switch/controller antes do comando:

Exemplo de Host:

mininet> h1 ifconfig -a
h1-eth0   Link encap:Ethernet  HWaddr 46:b4:7a:09:76:96
          inet addr:10.0.0.1  Bcast:10.255.255.255  Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Exemplo no Switch 1:

mininet> s1 ifconfig -a
eth0      Link encap:Ethernet  HWaddr 08:00:27:65:98:ee
          inet addr:192.168.56.101  Bcast:192.168.56.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:280 errors:0 dropped:0 overruns:0 frame:0
          TX packets:231 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:26953 (26.9 KB)  TX bytes:32712 (32.7 KB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:9639 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9639 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:496844 (496.8 KB)  TX bytes:496844 (496.8 KB)

ovs-system Link encap:Ethernet  HWaddr d2:bb:c1:1a:24:1c
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

s1        Link encap:Ethernet  HWaddr 76:b3:5a:77:3b:4c
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

s1-eth1   Link encap:Ethernet  HWaddr 4e:26:36:33:e5:3c
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

s1-eth2   Link encap:Ethernet  HWaddr ba:c0:ed:12:a6:7e
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Exemplo na controller 1:

mininet> c0 ifconfig -a
eth0      Link encap:Ethernet  HWaddr 08:00:27:65:98:ee
          inet addr:192.168.56.101  Bcast:192.168.56.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:350 errors:0 dropped:0 overruns:0 frame:0
          TX packets:278 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:32661 (32.6 KB)  TX bytes:40008 (40.0 KB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:9675 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9675 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:498908 (498.9 KB)  TX bytes:498908 (498.9 KB)

ovs-system Link encap:Ethernet  HWaddr d2:bb:c1:1a:24:1c
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

s1        Link encap:Ethernet  HWaddr 76:b3:5a:77:3b:4c
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

s1-eth1   Link encap:Ethernet  HWaddr 4e:26:36:33:e5:3c
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

s1-eth2   Link encap:Ethernet  HWaddr ba:c0:ed:12:a6:7e
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


Agora um teste básico de comunicação, vamos pingar do Host 1 para o Host 2:

mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=3.33 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.474 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.060 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.055 ms
64 bytes from 10.0.0.2: icmp_seq=5 ttl=64 time=0.054 ms
64 bytes from 10.0.0.2: icmp_seq=6 ttl=64 time=0.056 ms
64 bytes from 10.0.0.2: icmp_seq=7 ttl=64 time=0.318 ms
^C
--- 10.0.0.2 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6004ms
rtt min/avg/max/mdev = 0.054/0.621/3.331/1.117 ms
mininet>

 Topologias

Para verificar as topologias pré-existentes use:

mininet@mininet-vm:~$ sudo mn --help

--topo=TOPO           linear|minimal|reversed|single|torus|tree[,param=value
                        ...] linear=LinearTopo
                        reversed=SingleSwitchReversedTopo tree=TreeTopo
                        single=SingleSwitchTopo torus=TorusTopo
                        minimal=MinimalTopo

mininet@mininet-vm:~$ sudo mn --topo=linear,5

- Minimal - Topologia default com 1 Switch e 2 hosts:




- Linear - Topologia Simples em que os Switches se conectam entre eles e com os hosts:

Agora vamos complicar um pouco mais a nossa topologia, primeiro de um exit na topologia criada, em seguida abra novamente porém vamos utilizar 5 Switches e 5 hosts em modo linear:

mininet@mininet-vm:~$ sudo mn --topo=linear,5

Verifique que foram adicionados 5 SWs e 5 Hosts:

mininet> nodes
available nodes are:
c0 h1 h2 h3 h4 h5 s1 s2 s3 s4 s5

mininet> links
h1-eth0<->s1-eth1 (OK OK)
h2-eth0<->s2-eth1 (OK OK)
h3-eth0<->s3-eth1 (OK OK)
h4-eth0<->s4-eth1 (OK OK)
h5-eth0<->s5-eth1 (OK OK)
s2-eth2<->s1-eth2 (OK OK)
s3-eth2<->s2-eth3 (OK OK)
s4-eth2<->s3-eth3 (OK OK)
s5-eth2<->s4-eth3 (OK OK)

mininet> pingall
*** Ping: testing ping reachability
h1 -> h2 h3 h4 h5
h2 -> h1 h3 h4 h5
h3 -> h1 h2 h4 h5
h4 -> h1 h2 h3 h5
h5 -> h1 h2 h3 h4
*** Results: 0% dropped (20/20 received)

mininet> net
h1 h1-eth0:s1-eth1
h2 h2-eth0:s2-eth1
h3 h3-eth0:s3-eth1
h4 h4-eth0:s4-eth1
h5 h5-eth0:s5-eth1
s1 lo:  s1-eth1:h1-eth0 s1-eth2:s2-eth2
s2 lo:  s2-eth1:h2-eth0 s2-eth2:s1-eth2 s2-eth3:s3-eth2
s3 lo:  s3-eth1:h3-eth0 s3-eth2:s2-eth3 s3-eth3:s4-eth2
s4 lo:  s4-eth1:h4-eth0 s4-eth2:s3-eth3 s4-eth3:s5-eth2
s5 lo:  s5-eth1:h5-eth0 s5-eth2:s4-eth3
c0

- Tree - Topologia em arvore com diversas ramificações:

mininet@mininet-vm:~$ sudo mn --topo=tree,4

Obs. o Número 4 significa as camadas da topologia.

mininet> net
h1 h1-eth0:s4-eth1
h2 h2-eth0:s4-eth2
h3 h3-eth0:s5-eth1
h4 h4-eth0:s5-eth2
h5 h5-eth0:s7-eth1
h6 h6-eth0:s7-eth2
h7 h7-eth0:s8-eth1
h8 h8-eth0:s8-eth2
h9 h9-eth0:s11-eth1
h10 h10-eth0:s11-eth2
h11 h11-eth0:s12-eth1
h12 h12-eth0:s12-eth2
h13 h13-eth0:s14-eth1
h14 h14-eth0:s14-eth2
h15 h15-eth0:s15-eth1
h16 h16-eth0:s15-eth2
s1 lo:  s1-eth1:s2-eth3 s1-eth2:s9-eth3
s2 lo:  s2-eth1:s3-eth3 s2-eth2:s6-eth3 s2-eth3:s1-eth1
s3 lo:  s3-eth1:s4-eth3 s3-eth2:s5-eth3 s3-eth3:s2-eth1
s4 lo:  s4-eth1:h1-eth0 s4-eth2:h2-eth0 s4-eth3:s3-eth1
s5 lo:  s5-eth1:h3-eth0 s5-eth2:h4-eth0 s5-eth3:s3-eth2
s6 lo:  s6-eth1:s7-eth3 s6-eth2:s8-eth3 s6-eth3:s2-eth2
s7 lo:  s7-eth1:h5-eth0 s7-eth2:h6-eth0 s7-eth3:s6-eth1
s8 lo:  s8-eth1:h7-eth0 s8-eth2:h8-eth0 s8-eth3:s6-eth2
s9 lo:  s9-eth1:s10-eth3 s9-eth2:s13-eth3 s9-eth3:s1-eth2
s10 lo:  s10-eth1:s11-eth3 s10-eth2:s12-eth3 s10-eth3:s9-eth1
s11 lo:  s11-eth1:h9-eth0 s11-eth2:h10-eth0 s11-eth3:s10-eth1
s12 lo:  s12-eth1:h11-eth0 s12-eth2:h12-eth0 s12-eth3:s10-eth2
s13 lo:  s13-eth1:s14-eth3 s13-eth2:s15-eth3 s13-eth3:s9-eth2
s14 lo:  s14-eth1:h13-eth0 s14-eth2:h14-eth0 s14-eth3:s13-eth1
s15 lo:  s15-eth1:h15-eth0 s15-eth2:h16-eth0 s15-eth3:s13-eth2
c0

Fica mais ou menos assim:



Cuidado para não exagerar nas camadas pois a VM não aguenta kkkk tentei com 10 camadas e travou tudo.

O bacana disso tudo é pra começar a ter uma ideia de como serão as redes no futuro, assim que eu conseguir integrar com o Wireshark direitinho posto mais coisas sobre a ferramenta.

Abraços

Ajude o Café com Redes:

terça-feira, 2 de fevereiro de 2016

CCIE 5.1 Written (nova prova)

Bom pessoal, hoje pela manhã meu colega Paulo (vai estudar pro CCIE também) me contou que a prova do CCIE Written mudou, saiu a versão 5.1 da prova.

As principais mudanças são a adição de um tópico chamado Evolving Technologies que adiciona Cloud, SDN e IoT (internet das coisas), ou seja, retiraram um pouco de cada tópico da prova pra criar esse novo.

A prova antiga ficará disponível até dia 25 de julho deste ano então é melhor correr.

Segue os tópicos do novo exame:

1.0 Network Principles 10%

1.1 Network theory
1.1.a Describe basic software architecture differences between IOS and IOS XE
1.1.a [i] Control plane and Forwarding plane
1.1.a [ii] Impact to troubleshooting and performances
1.1.a [iii] Excluding specific platform's architecture
1.1.b Identify Cisco express forwarding concepts
1.1.b [i] RIB, FIB, LFIB, Adjacency table
1.1.b [ii] Load balancing Hash
1.1.b [iii] Polarization concept and avoidance
1.1.c Explain general network challenges
1.1.c [i] Unicast flooding
1.1.c [ii] Out of order packets
1.1.c [iii] Asymmetric routing
1.1.c [iv] Impact of micro burst
1.1.d Explain IP operations
1.1.d [i] ICMP unreachable, redirect
1.1.d [ii] IPv4 options, IPv6 extension headers
1.1.d [iii] IPv4 and IPv6 fragmentation
1.1.d [iv] TTL
1.1.d [v] IP MTU
1.1.e Explain TCP operations
1.1.e [i] IPv4 and IPv6 PMTU
1.1.e [ii] MSS
1.1.e [iii] Latency
1.1.e [iv] Windowing
1.1.e [v] Bandwidth delay product
1.1.e [vi] Global synchronization
1.1.e [vii] Options
1.1.f Explain UDP operations
1.1.f [i] Starvation
1.1.f [ii] Latency
1.1.f [iii] RTP/RTCP concepts

1.2 Network implementation and operation
1.2.a Evaluate proposed changes to a network
1.2.a [i] Changes to routing protocol parameters
1.2.a [ii] Migrate parts of a network to IPv6
1.2.a [iii] Routing protocol migration
1.2.a [iv] Adding multicast support
1.2.a [v] Migrate spanning tree protocol
1.2.a [vi] Evaluate impact of new traffic on existing QoS design

1.3 Network troubleshooting
1.3.a Use IOS troubleshooting tools
1.3.a [i] debug, conditional debug
1.3.a [ii] ping, traceroute with extended options
1.3.a [iii] Embedded packet capture
1.3.a [iv] Performance monitor
1.3.b Apply troubleshooting methodologies
1.3.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
1.3.b [ii] Design and implement valid solutions according to constraints
1.3.b [iii] Verify and monitor resolution
1.3.c Interpret packet capture
1.3.c [i] Using Wireshark trace analyzer
1.3.c [ii] Using IOS embedded packet capture

2.0 Layer 2 Technologies 13%

2.1 LAN switching technologies
2.1.a Implement and troubleshoot switch administration
2.1.a [i] Managing MAC address table
2.1.a [ii] errdisable recovery
2.1.a [iii] L2 MTU
2.1.b Implement and troubleshoot layer 2 protocols
2.1.b [i] CDP, LLDP
2.1.b [ii] UDLD
2.1.c Implement and troubleshoot VLAN
2.1.c [i] Access ports
2.1.c [ii] VLAN database
2.1.c [iii] Normal, extended VLAN, voice VLAN
2.1.d Implement and troubleshoot trunking
2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
2.1.d [ii] dot1Q
2.1.d [iii] Native VLAN
2.1.d [iv] Manual pruning
2.1.e Implement and troubleshoot EtherChannel
2.1.e [i] LACP, PAgP, manual
2.1.e [ii] Layer 2, layer 3
2.1.e [iii] Load-balancing
2.1.e [iv] Etherchannel misconfiguration guard
2.1.f Implement and troubleshoot spanning-tree
2.1.f [i] PVST+/RPVST+/MST
2.1.f [ii] Switch priority, port priority, path cost, STP timers
2.1.f [iii] port fast, BPDUguard, BPDUfilter
2.1.f [iv] loopguard, rootguard
2.1.g Implement and troubleshoot other LAN switching technologies
2.1.g [i] SPAN, RSPAN, ERSPAN
2.1.h Describe chassis virtualization and aggregation technologies
2.1.h [i] Multichassis
2.1.h [ii] VSS concepts
2.1.h [iii] Alternative to STP
2.1.h [iv] Stackwise
2.1.h [v] Excluding specific platform implementation
2.1.i Describe spanning-tree concepts
2.1.i [i] Compatibility between MST and RSTP
2.1.i [ii] STP dispute, STP bridge assurance

2.2 Layer 2 multicast
2.2.a Implement and troubleshoot IGMP
2.2.a [i] IGMPv1, IGMPv2, IGMPv3
2.2.a [ii] IGMP snooping
2.2.a [iii] IGMP querier
2.2.a [iv] IGMP filter
2.2.a [v] IGMP proxy
2.2.b Explain MLD
2.2.c Explain PIM snooping
2.3 Layer 2 WAN circuit technologies
2.3.a Implement and troubleshoot HDLC
2.3.b Implement and troubleshoot PPP
2.3.b [i] Authentication [PAP, CHAP]
2.3.b [ii] PPPoE
2.3.b [iii] MLPPP
2.3.c Describe WAN rate-based ethernet circuits
2.3.c [i] Metro and WAN Ethernet topologies
2.3.c [ii] Use of rate-limited WAN ethernet services

3.0 Layer 3 Technologies 37%

3.1 Addressing technologies
3.1.a Identify, implement and troubleshoot IPv4 addressing and subnetting
3.1.a [i] Address types, VLSM
3.1.a [ii] ARP
3.1.b Identify, implement and troubleshoot IPv6 addressing and subnetting
3.1.b [i] Unicast, multicast
3.1.b [ii] EUI-64
3.1.b [iii] ND, RS/RA
3.1.b [iv] Autoconfig/SLAAC, temporary addresses [RFC4941]
3.1.b [v] Global prefix configuration feature
3.1.b [vi] DHCP protocol operations
3.1.b [vii] SLAAC/DHCPv6 interaction
3.1.b [viii] Stateful, stateless DHCPv6
3.1.b [ix] DHCPv6 prefix delegation

3.2 Layer 3 multicast
3.2.a Troubleshoot reverse path forwarding
3.2.a [i] RPF failure
3.2.a [ii] RPF failure with tunnel interface
3.2.b Implement and troubleshoot IPv4 protocol independent multicast
3.2.b [i] PIM dense mode, sparse mode, sparse-dense mode
3.2.b [ii] Static RP, auto-RP, BSR
3.2.b [iii] BiDirectional PIM
3.2.b [iv] Source-specific multicast
3.2.b [v] Group to RP mapping
3.2.b [vi] Multicast boundary
3.2.c Implement and troubleshoot multicast source discovery protocol
3.2.c [i] Intra-domain MSDP [anycast RP]
3.2.c [ii] SA filter
3.2.d Describe IPv6 multicast
3.2.d [i] IPv6 multicast addresses
3.2.d [ii] PIMv6

3.3 Fundamental routing concepts
3.3.a Implement and troubleshoot static routing
3.3.b Implement and troubleshoot default routing
3.3.c Compare routing protocol types
3.3.c [i] Distance vector
3.3.c [ii] Link state
3.3.c [iii] Path vector
3.3.d Implement, optimize and troubleshoot administrative distance
3.3.e Implement and troubleshoot passive interface
3.3.f Implement and troubleshoot VRF lite
3.3.g Implement, optimize and troubleshoot filtering with any routing protocol
3.3.h Implement, optimize and troubleshoot redistribution between any routing protocol
3.3.i Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
3.3.j Implement, optimize and troubleshoot policy-based routing
3.3.k Identify and troubleshoot sub-optimal routing
3.3.l Implement and troubleshoot bidirectional forwarding detection
3.3.m Implement and troubleshoot loop prevention mechanisms
3.3.m [i] Route tagging, filtering
3.3.m [ii] Split horizon
3.3.m [iii] Route poisoning
3.3.n Implement and troubleshoot routing protocol authentication
3.3.n [i] MD5
3.3.n [ii] Key-chain
3.3.n [iii] EIGRP HMAC SHA2-256bit
3.3.n [iv] OSPFv2 SHA1-196bit
3.3.n [v] OSPFv3 IPsec authentication

3.4 RIP [v2 and v6]
3.4.a Implement and troubleshoot RIPv2
3.4.b Describe RIPv6 [RIPng]

3.5 EIGRP [for IPv4 and IPv6]
3.5.a Describe packet types
3.5.a [i] Packet types [hello, query, update, and such]
3.5.a [ii] Route types [internal, external]
3.5.b Implement and troubleshoot neighbor relationship
3.5.b [i] Multicast, unicast EIGRP peering
3.5.b [ii] OTP point-to-point peering
3.5.b [iii] OTP route-reflector peering
3.5.b [iv] OTP multiple service providers scenario
3.5.c Implement and troubleshoot loop free path selection
3.5.c [i] RD, FD, FC, successor, feasible successor
3.5.c [ii] Classic metric
3.5.c [iii] Wide metric
3.5.d Implement and troubleshoot operations
3.5.d [i] General operations
3.5.d [ii] Topology table, update, query, active, passive
3.5.d [iii] Stuck in active
3.5.d [iv] Graceful shutdown
3.5.e Implement and troubleshoot EIGRP stub
3.5.e [i] Stub
3.5.e [ii] Leak-map
3.5.f Implement and troubleshoot load-balancing
3.5.f [i] equal-cost
3.5.f [ii] unequal-cost
3.5.f [iii] add-path
3.5.g Implement EIGRP [multi-address] named mode
3.5.g [i] Types of families
3.5.g [ii] IPv4 address-family
3.5.g [iii] IPv6 address-family
3.5.h Implement, troubleshoot and optimize EIGRP convergence and scalability
3.5.h [i] Describe fast convergence requirements
3.5.h [ii] Control query boundaries
3.5.h [iii] IP FRR/fast reroute [single hop]
3.5.8 [iv] Summary leak-map
3.5.h [v] Summary metric

3.6 OSPF [v2 and v3]
3.6.a Describe packet types
3.6.a [i] LSA yypes [1, 2, 3, 4, 5, 7, 9]
3.6.a [ii] Route types [N1, N2, E1, E2]
3.6.b Implement and troubleshoot neighbor relationship
3.6.c Implement and troubleshoot OSPFv3 address-family support
3.6.c [i] IPv4 address-family
3.6.c [ii] IPv6 address-family
3.6.d Implement and troubleshoot network types, area types and router types
3.6.d [i] Point-to-point, multipoint, broadcast, non-broadcast
3.6.d [ii] LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
3.6.d [iii] Internal router, ABR, ASBR
3.6.d [iv] Virtual link
3.6.e Implement and troubleshoot path preference
3.6.f Implement and troubleshoot operations
3.6.f [i] General operations
3.6.f [ii] Graceful shutdown
3.6.f [iii] GTSM [Generic TTL Security Mechanism]
3.6.g Implement, troubleshoot and optimize OSPF convergence and scalability
3.6.g [i] Metrics
3.6.g [ii] LSA throttling, SPF tuning, fast hello
3.6.g [iii] LSA propagation control [area types, ISPF]
3.6.g [iv] IP FRR/fast reroute [single hop]
3.6.g [v] LFA/loop-free alternative [multi hop]
3.6.g [vi] OSPFv3 prefix suppression

3.7 BGP
3.7.a Describe, implement and troubleshoot peer relationships
3.7.a [i] Peer-group, template
3.7.a [ii] Active, passive
3.7.a [iii] States, timers
3.7.a [iv] Dynamic neighbors
3.7.b Implement and troubleshoot IBGP and EBGP
3.7.b [i] EBGP, IBGP
3.7.b [ii] 4 bytes AS number
3.7.b [iii] Private AS
3.7.c Explain attributes and best-path selection
3.7.d Implement, optimize and troubleshoot routing policies
3.7.d [i] Attribute manipulation
3.7.d [ii] Conditional advertisement
3.7.d [iii] Outbound route filtering
3.7.d [iv] Communities, extended communities
3.7.d [v] Multi-homing
3.7.e Implement and troubleshoot scalability
3.7.e [i] Route-reflector, cluster
3.7.e [ii] Confederations
3.7.e [iii] Aggregation, AS set
3.7.f Implement and troubleshoot multiproctocol BGP
3.7.f [i] IPv4, IPv6, VPN address-family
3.7.g Implement and troubleshoot AS path manipulations
3.7.g [i] Local AS, allow AS in, remove private AS
3.7.g [ii] Prepend
3.7.g [iii] Regexp
3.7.h Implement and troubleshoot other features
3.7.h [i] Multipath
3.7.h [ii] BGP synchronization
3.7.h [iii] Soft reconfiguration, route refresh
3.7.i Describe BGP fast convergence features
3.7.i [i] Prefix independent convergence
3.7.i [ii] Add-path
3.7.i [iii] Next-hop address tracking

3.8 ISIS [for IPv4 and IPv6]
3.8.a Describe basic ISIS network
3.8.a [i] Single area, single topology
3.8.b Describe neighbor relationship
3.8.c Describe network types, levels and router types
3.8.c [i] NSAP addressing
3.8.c [ii] Point-to-point, broadcast
3.8.d Describe operations
3.8.e Describe optimization features
3.8.e [i] Metrics, wide metric

4.0 VPN Technologies 13%

4.1 Tunneling
4.1.a Implement and troubleshoot MPLS operations
4.1.a [i] Label stack, LSR, LSP
4.1.a [ii] LDP
4.1.a [iii] MPLS ping, MPLS traceroute
4.1.b Implement and troubleshoot basic MPLS L3VPN
4.1.b [i] L3VPN, CE, PE, P
4.1.b [ii] Extranet [route leaking]
4.1.c Implement and troubleshoot encapsulation
4.1.c [i] GRE
4.1.c [ii] Dynamic GRE
4.1.c [iii] LISP encapsulation principles supporting EIGRP OTP
4.1.d Implement and troubleshoot DMVPN [single hub]
4.1.d [i] NHRP
4.1.d [ii] DMVPN with IPsec using preshared key
4.1.d [iii] QoS profile
4.1.d [iv] Pre-classify
4.1.e Describe IPv6 tunneling techniques
4.1.e [i] 6in4, 6to4
4.1.e [ii] ISATAP
4.1.e [iii] 6RD
4.1.e [iv] 6PE/6VPE
4.1.g Describe basic layer 2 VPN —wireline
4.1.g [i] L2TPv3 general principals
4.1.g [ii] ATOM general principals
4.1.h Describe basic L2VPN — LAN services
4.1.h [i] MPLS-VPLS general principals
4.1.h [ii] OTV general principals

4.2 Encryption
4.2.a Implement and troubleshoot IPsec with preshared key
4.2.a [i] IPv4 site to IPv4 site
4.2.a [ii] IPv6 in IPv4 tunnels
4.2.a [iii] Virtual tunneling Interface [VTI]
4.2.b Describe GET VPN

5.0 Infrastructure Security 5%

5.1 Device security
5.1.a Implement and troubleshoot IOS AAA using local database
5.1.b Implement and troubleshoot device access control
5.1.b [i] Lines [VTY, AUX, console]
5.1.b [ii] SNMP
5.1.b [iii] Management plane protection
5.1.b [iv] Password encryption
5.1.c Implement and troubleshoot control plane policing
5.1.d Describe device security using IOS AAA with TACACS+ and RADIUS
5.1.d [i] AAA with TACACS+ and RADIUS
5.1.d [ii] Local privilege authorization fallback

5.2 Network security
5.2.a Implement and troubleshoot switch security features
5.2.a [i] VACL, PACL
5.2.a [ii] Stormcontrol
5.2.a [iii] DHCP snooping
5.2.a [iv] IP source-guard
5.2.a [v] Dynamic ARP inspection
5.2.a [vi] port-security
5.2.a [vii] Private VLAN
5.2.b Implement and troubleshoot router security features
5.2.b [i] IPv4 access control lists [standard, extended, time-based]
5.2.b [ii] IPv6 traffic filter
5.2.b [iii] Unicast reverse path forwarding
5.2.c Implement and troubleshoot IPv6 first hop security
5.2.c [i] RA guard
5.2.c [ii] DHCP guard
5.2.c [iii] Binding table
5.2.c [iv] Device tracking
5.2.c [v] ND inspection/snooping
5.2.c [vii] Source guard
5.2.c [viii] PACL
5.2.d Describe 802.1x
5.2.d [i] 802.1x, EAP, RADIUS
5.2.d [ii] MAC authentication bypass

6.0 Infrastructure Services 12%
6.1 System management
6.1.a Implement and troubleshoot device management
6.1.a [i] Console and VTY
6.1.a [ii] telnet, HTTP, HTTPS, SSH, SCP
6.1.a [iii] [T]FTP
6.1.b Implement and troubleshoot SNMP
6.1.b [i] v2c, v3
6.1.c Implement and troubleshoot logging
6.1.c [i] Local logging, syslog, debug, conditional debug
6.1.c [ii] Timestamp

6.2 Quality of service
6.2.a Implement and troubleshoot end-to-end QoS
6.2.a [i] CoS and DSCP mapping
6.2.b Implement, optimize and troubleshoot QoS using MQC
6.2.b [i] Classification
6.2.b [ii] Network based application recognition [NBAR]
6.2.b [iii] Marking using IP precedence, DSCP, CoS, ECN
6.2.b [iv] Policing, shaping
6.2.b [v] Congestion management [queuing]
6.2.b [vi] HQoS, sub-rate ethernet link
6.2.b [vii] Congestion avoidance [WRED]
6.2.c Describe layer 2 QoS
6.2.c [i] Queuing, scheduling
6.2.c [ii] Classification, marking

6.3 Network services
6.3.a Implement and troubleshoot first-hop redundancy protocols
6.3.a [i] HSRP, GLBP, VRRP
6.3.a [ii] Redundancy using IPv6 RS/RA
6.3.b Implement and troubleshoot network time protocol
6.3.b [i] NTP master, client, version 3, version 4
6.3.b [ii] NTP Authentication
6.3.c Implement and troubleshoot IPv4 and IPv6 DHCP
6.3.c [i] DHCP client, IOS DHCP server, DHCP relay
6.3.c [ii] DHCP options
6.3.c [iii] DHCP protocol operations
6.3.c [iv] SLAAC/DHCPv6 interaction
6.3.c [v] Stateful, stateless DHCPv6
6.3.c [vi] DHCPv6 prefix delegation
6.3.d Implement and troubleshoot IPv4 network address translation
6.3.d [i] Static NAT, dynamic NAT, policy-based NAT, PAT
6.3.d [ii] NAT ALG
6.3.e Describe IPv6 network address translation
6.3.e [i] NAT64
6.3.e [ii] NPTv6

6.4 Network optimization
6.4.a Implement and troubleshoot IP SLA
6.4.a [i] ICMP, UDP, Jitter, VoIP
6.4.b Implement and troubleshoot tracking object
6.4.b [i] Tracking object, tracking list
6.4.b [ii] Tracking different entities [e.g. interfaces, routes, IPSLA, and such]
6.4.c Implement and troubleshoot netflow
6.4.c [i] Netflow v5, v9
6.4.c [ii] Local retrieval
6.4.c [iii] Export [configuration only]
6.4.d Implement and troubleshoot embedded event manager
6.4.d [i] EEM policy using applet
6.4.e Identify performance routing [PfR]
6.4.e [i] Basic load balancing
6.4.e [ii] Voice optimization

7.0 Evolving Technologies 10%

7.1 Cloud
7.1.a Compare and contrast Cloud deployment models
7.1.a [i] Infrastructure, platform, and software services [XaaS]
7.1.a [ii] Performance and reliability
7.1.a [iii] Security and privacy
7.1.a [iv] Scalability and interoperability
7.1.b Describe Cloud implementations and operations
7.1.b [i] Automation and orchestration
7.1.b [ii] Workload mobility
7.1.b [iii] Troubleshooting and management
7.1.b [iv] OpenStack components

7.2 Network programmability [SDN]
7.2.a Describe functional elements of network programmability [SDN] and how they interact
7.2.a [i] Controllers
7.2.a [ii] APIs
7.2.a [iii] Scripting
7.2.a [iv] Agents
7.2.a [v] Northbound vs. Southbound protocols
7.2.b Describe aspects of virtualization and automation in network environments
7.2.b [i] DevOps methodologies, tools and workflows
7.2.b [ii] Network/application function virtualization [NFV, AFV]
7.2.b [iii] Service function chaining
7.2.b [iv] Performance, availability, and scaling considerations

7.3 Internet of Things
7.3.a Describe architectural framework and deployment considerations for Internet of Things [IoT]
7.3.a [i] Performance, reliability and scalability
7.3.a [ii] Mobility
7.3.a [iii] Security and privacy
7.3.a [iv] Standards and compliance
7.3.a [v] Migration
7.3.a [vi] Environmental impacts on the network



Abraços