Join Telegram Study Group ▷
First I want to have my thanks to everyone in the team and of course, the biggest will be given to Todd and Tom, without you guys’ help, I can’t believe I can get it. My special Thanks to TOM, your video is precise, accurate and concrete, I used your video for all the section practice plus 5 times’ whole configuration.
Diag
ACI performance and OTV troubleshooting
Guys, don’t be shy to ask Todd of Diag, he has lots of mystery diag questions which are sent out in the last minutes and saved me and else.
Config
Section 1:
All the pre-configuration are in place which includes features supporting VxLAN, EVPN, Jumbo
MTU. You just need to verify those by using the SHOW command
1.1 Same
I have met a big problem for the vpc peer-link (po10) at this point and it wasted me about 40
minutes or so for troubleshooting. If this can’t be fixed, you will be losing points for the part of
phantom RP, VPC even the EVPN, etc. I reloaded both N5K1/2 to fix the problem eventually (I believe
the SFP in either or both N5Ks have the issue)
1.2 same
1.3 same
1.4 same
1.5 same
1.6 same
1.7 same OTV I used clear otv isis adj * to force the converge, it works pretty well
Section 2:
2.1-2.3 same (I didn’t touch ASAv and it’s in routed mode)
enabled L2 flooding in both BDs and changed service graph policy for inside from TRUE to FALES, applied
the correct asav VM; adjusted appToDB filters config from IPV4 to IP
Verification: you can go to “DEPLOYED SERVICE GRAPH” and modify the ACL entries to see if new entries
can be pushed to the asav or not, and then remove the entries.
2.4 same
DHCP has no naming convention requirement so you can use whatever you want. The DHCP-client can’t
get IP even I used command “systemctl restart network. service” and “reboot”. But “show IP DHCP relay”
should give you details in leaf-3, so I leave it as is.
2.5 same
OOB does have a naming convention, so please follow the ask
2.6 same
SPAN also has NO naming convention, just need to SHOW MONITOR SESSION ALL in leaf-3
Section 3:
3.1 same
I enabled server port auto-discovery, over the pre-check, I enabled port1/12 in FI-A as port1/12 in FI-B is
enabled
3.2 same
3.3 same, please remove vsan 1 entry if there is any
3.4 same
3.5 same
3.6 same
3.7 same
3.8 same
iSCSI booted smoothly with success for both 10.2.6.1 and 10.2.7.1 and VMware boots up eventually.
Section 4
4.1-2 same
For health score, I did two steps: first to enable ignore acknowledged faults and it gives me to score 100 but
there are several raised faults in every EPG so the second I used JingChun’s solution to apply the newly
created physical domain to DC1 and added port1/33 into both leaf1/2 with policy-group Net1.
4.3-4.5 same
Don’t worry about login, I was thinking we will be mistakenly using other account login but
actually, without correct tenant ID, you CAN’T log in, so take it easy and just follow the request.
Section 5:
5.1 same
modified subnet mask from /29 to /30, added all four missing loopback for BGP peer, changed OSPF
profile,route-control enforcement, updated missing prefixes
5.2 same
5.3 same
I used the label because the question is explicitly saying using a different filter for different EPGs.
5.4-6 same
Note: if you are preparing for the CCIE Data Center Lab certification exam, and you can follow SPOTO. We will update the latest news related to the exam information.
More Recommended Articles
1. Excellent Women Who Got CCIE Certified in Just 4 Months
2. Boom! New LAB 2 Updates in CCIE Wireless LAB Exam
3. Top 3 Tips to Fast Pass CCIE Wireless Lab Exam
4. OMG! I Faced New Diag in CCIE Data Center Lab Exam
5. Explosive News: CCIE Lab Exam Slots Are Released and Book Now!
