site_logo

Previous Next


  1. ENCOR Practice Tests
  2. ENARSI Practice Exam
  3. CCNA Practice Tests

CCNP ENCOR Certification Cram Notes : Architecture

2.1 Describe device virtualization technologies

2.1.a Hypervisor type 1 and 2

A hypervisor is a software layer that enables virtualization technology by allowing multiple operating systems to run on a single physical server. There are two types of hypervisors:

Type 1 hypervisor: Also known as a native or bare-metal hypervisor, this runs directly on the host server's hardware and provides direct access to the underlying resources. Type 1 hypervisors are designed to run multiple virtual machines (VMs) simultaneously and are commonly used in enterprise environments to consolidate server resources.

Type 2 hypervisor: Also known as a hosted hypervisor, this runs on top of an existing operating system and is installed as an application. Type 2 hypervisors are generally used for testing and development purposes, as they are less efficient than type 1 hypervisors.

2.1.b Virtual machine:

A virtual machine (VM) is a software-based emulation of a physical computer that can run its own operating system and applications independently of the underlying hardware. Each VM runs in its own isolated environment and has its own virtual hardware resources, such as CPU, memory, storage, and network adapters. Virtual machines are created and managed by a hypervisor and can be migrated between physical servers to achieve load balancing and high availability.

2.1.c Virtual switching

Virtual switching is a technology that enables the creation of virtual switches that can be used to connect virtual machines and other network resources within a virtualized environment. Virtual switches are software-based and provide the same functionality as physical switches, such as VLANs, QoS, and security policies. Virtual switches are commonly used in data center environments to simplify network management and improve resource utilization. Examples of virtual switches include Cisco Nexus 1000V, VMware vSphere Distributed Switch, and Microsoft Hyper-V Virtual Switch.

Examples of virtual machines:

1. Virtual servers: These are commonly used in enterprise environments to consolidate server resources and enable multiple operating systems to run on a single physical server.

2. Virtual desktops: These provide users with a virtualized desktop environment that can be accessed from any device, providing greater flexibility and mobility.

3. Virtual appliances: These are pre-configured virtual machines that provide specific functionality, such as firewalls, load balancers, or web servers.

4. Virtual development environments: These are commonly used by software developers to create and test applications in a virtualized environment before deploying them to production.

5. Cloud-based virtual machines: These are virtual machines that are hosted in a cloud environment and can be accessed and managed remotely over the internet. Examples of cloud-based virtual machines include Amazon EC2, Microsoft Azure VMs, and Google Cloud VMs.

6. Virtual routers and switches: These are virtualized versions of network devices that can be used to provide routing and switching functionality in a virtualized environment.

2.2 Configure and verify data path virtualization technologies

2.2.a VRF

Virtual Routing and Forwarding (VRF) is a technology used to create multiple routing tables within a single router or switch. Each VRF instance provides a separate virtual network with its own unique routing table, allowing multiple logical networks to coexist on a single physical infrastructure. VRFs are commonly used in service provider and enterprise environments to separate different customers or departments, ensuring that each group's traffic is kept separate and secure. To configure and verify VRF, you can use the following commands:

To create a new VRF instance: 

ip vrf <vrf-name>

To assign an interface to a specific VRF:

interface <interface-name> ip vrf forwarding <vrf-name>

To verify VRF configuration: 

show ip vrf

2.2.b GRE and IPsec tunneling

Generic Routing Encapsulation (GRE) and IPsec tunneling are two technologies used to create secure and private connections between different networks over the internet or other public networks. GRE creates a virtual point-to-point tunnel between two endpoints, encapsulating the original packet inside a GRE header and adding a new IP header. IPsec, on the other hand, provides encryption and authentication of the data being transmitted between the endpoints. To configure and verify GRE and IPsec tunneling, you can use the following commands:

  • To create a GRE tunnel interface: 

    interface tunnel <tunnel-number>

  • To configure IPsec for the GRE tunnel: 

    crypto isakmp policy <policy-number> crypto isakmp key <key> address <remote-peer-ip> crypto ipsec transform-set <transform-set> esp-<encryption-type> esp-<hash-algorithm> crypto map <map-name> <sequence-number> ipsec-isakmp set peer <remote-peer-ip> set transform-set <transform-set> match address <access-list>

  • To verify GRE and IPsec configuration: 

    show interface tunnel <tunnel-number> show crypto isakmp sa show crypto ipsec sa

2.3 Describe network virtualization concepts

2.3.a LISP

Locator/Identifier Separation Protocol (LISP) is a network virtualization technology that separates the location and identity of network devices, allowing for more flexible and scalable routing. With LISP, devices are assigned two addresses: a Routing Locator (RLOC) that represents the device's physical location on the network, and an Endpoint Identifier (EID) that represents the device's identity. When a packet is sent to an EID, it is encapsulated in a LISP header that includes the destination RLOC. LISP routers use the EID to lookup the RLOC in a mapping database, and then forward the packet to the correct RLOC. To implement LISP, you can use the following commands:

  • To enable LISP on an interface:

     interface <interface-name> ip lisp enable

  • To configure the LISP database mapping service: 

    router lisp map-server <mapping-server-ip> database-mapping <eid-prefix> <rloc-address>

Advantages of using LISP

There are several advantages to using LISP (Locator/Identifier Separation Protocol) as a network virtualization technology, including:

1. Scalability: LISP enables more flexible and scalable routing by separating the identity (Endpoint Identifier, or EID) and location (Routing Locator, or RLOC) of network devices. This allows for greater mobility and flexibility in network design, while still maintaining efficient routing.

2. Security: LISP can provide improved security by keeping EIDs private and only exposing RLOCs to the network. This can help protect against attacks and unauthorized access to network devices.

3. Multi-homing: LISP can support multi-homing, allowing a device to be connected to multiple networks aneously, while still maintaining a single EID. This can improve network resilience and availability.

4. Load balancing: LISP can support load balancing across multiple RLOCs, improving network performance and resilience.

5. Interoperability: LISP is a widely adopted standard, which means it can be used in conjunction with a variety of network devices and technologies, including traditional routing protocols.

LISP (Locator/ID Separation Protocol) is supported on various Cisco IOS platforms, including Cisco IOS XE and IOS XR. The specific versions of IOS that support LISP may vary depending on the platform and the features being used.

For example, LISP is supported on Cisco ASR 1000 Series Aggregation Services Routers running IOS XE 3.13S or later, and on Cisco Nexus 7000 and 9000 Series Switches running NX-OS 6.2 or later. It is important to check the specific hardware and software requirements for LISP support on a given platform before deploying the technology in a production environment.

2.3.b VXLAN

Virtual Extensible LAN (VXLAN) is a network virtualization technology that allows for the creation of virtual Layer 2 networks over a Layer 3 infrastructure. VXLAN encapsulates Layer 2 Ethernet frames in UDP packets, allowing them to be transmitted across a Layer 3 network. VXLAN uses a virtual Network Identifier (VNI) to differentiate between different virtual networks, allowing multiple virtual networks to share the same physical infrastructure. To implement VXLAN, you can use the following commands:

To enable VXLAN on an interface: 

interface <interface-name> vxlan vlan <vlan-id> vni <vni-id>

To configure VXLAN on a VTEP (VXLAN Tunnel Endpoint) router

interface <tunnel-interface> ip address <vtep-ip-address> vxlan udp-port <udp-port> vxlan vlan <vlan-id> vni <vni-id>

Previous Next



simulationexams.com ad

certexams.com ad