├── topics.md ├── lab-ideas.md └── README.md /topics.md: -------------------------------------------------------------------------------- 1 | # CCIE EI Topics 2 | 3 | ## 1.0 Network Infrastructure 4 | 5 | ### 1.1 Switched Campus 6 | 7 | * 1.1.a Switch administration 8 | * 1.1.a i Managing MAC address table 9 | * 1.1.a ii Errdisable recovery 10 | * 1.1.a iii L2 MTU 11 | * 1.1.b Layer 2 protocols 12 | * 1.1.b i CDP, LLDP 13 | * 1.1.b ii UDLD 14 | * 1.1.c VLAN technologies 15 | * 1.1.c i Access ports 16 | * 1.1.c ii Trunk ports (802.1Q) 17 | * 1.1.c iii Native VLAN 18 | * 1.1.c iv Manual VLAN pruning 19 | * 1.1.c v VLAN database 20 | * 1.1.c vi Normal range and extended range VLANs 21 | * 1.1.c vii Voice VLAN 22 | * 1.1.c viii VTP 23 | * 1.1.d EtherChannel 24 | * 1.1.d i LACP, static 25 | * 1.1.d ii Layer 2, Layer 3 26 | * 1.1.d iii Load balancing 27 | * 1.1.d iv EtherChannel Misconfiguration Guard 28 | * 1.1.e Spanning- Tree Protocol 29 | * 1.1.e i PVST+, Rapid PVST+, MST 30 | * 1.1.e ii Switch priority, port priority, path cost, STP timers 31 | * 1.1.e iii PortFast, BPDU Guard, BPDU Filter 32 | * 1.1.e iv Loop Guard, Root Guard 33 | 34 | ### 1.2 Routing Concepts 35 | 36 | * 1.2.a Administrative distance 37 | * 1.2.b VRF-lite 38 | * 1.2.c Static routing 39 | * 1.2.d Policy Based Routing 40 | * 1.2.e VRF aware routing with any routing protocol 41 | * 1.2.f Route filtering with any routing protocol 42 | * 1.2.g Manual summarization with any routing protocol 43 | * 1.2.h Redistribution between any pair of routing protocols 44 | * 1.2.i Routing protocol authentication 45 | * 1.2.j Bidirectional Forwarding Detection 46 | 47 | 48 | ### 1.3 EIGRP 49 | 50 | * 1.3.a Adjacencies 51 | * 1.3.b Best path selection 52 | * 1.3.b i RD, FD, FC, successor, feasible successor 53 | * 1.3.b ii Classic Metrics and Wide Metrics 54 | * 1.3.c Operations 55 | * 1.3.c i General operations 56 | * 1.3.c ii Topology table 57 | * 1.3.c iii Packet types 58 | * 1.3.c iv Stuck In Active 59 | * 1.3.c v Graceful shutdown 60 | * 1.3.d EIGRP load-balancing 61 | * 1.3.d i Equal-cost 62 | * 1.3.d ii Unequal-cost 63 | * 1.3.d iii Add-path 64 | * 1.3.e EIGRP Named Mode 65 | * 1.3.f Optimization, convergence and scalability 66 | * 1.3.f i Fast convergence requirements 67 | * 1.3.f ii Query propagation boundaries 68 | * 1.3.f iii IP FRR (single hop) 69 | * 1.3.f iv Leak-map with summary routes 70 | * 1.3.f v EIGRP stub with leak map 71 | 72 | ### 1.4 OSPF (v2 and v3) 73 | 74 | * 1.4.a Adjacencies 75 | * 1.4.b Network types, area types 76 | * 1.4.c Path preference 77 | * 1.4.d Operations 78 | * 1.4.d i General operations 79 | * 1.4.d ii Graceful shutdown 80 | * 1.4.d iii GTSM (Generic TTL Security Mechanism) 81 | * 1.4.e Optimization, convergence and scalability 82 | * 1.4.e i Metrics 83 | * 1.4.e ii LSA throttling, SPF tuning, fast hello 84 | * 1.4.e iii LSA propagation control (area types) 85 | * 1.4.e iv Stub router 86 | * 1.4.e v Loop-free alternate 87 | * 1.4.e vi Prefix suppression 88 | 89 | ### 1.5 BGP 90 | 91 | * 1.5.a IBGP and EBGP peer relationships 92 | * 1.5.a i Peer-group/update-group, template 93 | * 1.5.a ii Active, passive 94 | * 1.5.a iii Timers 95 | * 1.5.a iv Dynamic neighbors 96 | * 1.5.a v 4-bytes AS numbers 97 | * 1.5.a vi Private AS 98 | * 1.5.b Path selection 99 | * 1.5.b i Attributes 100 | * 1.5.b ii Best path selection algorithm 101 | * 1.5.b iii Load-balancing 102 | * 1.5.c Routing policies 103 | * 1.5.c i Attribute manipulation 104 | * 1.5.c ii Conditional advertisement 105 | * 1.5.c iii Outbound Route Filtering 106 | * 1.5.c iv Standard and extended communities 107 | * 1.5.c v Multi-homing 108 | * 1.5.d AS path manipulations 109 | * 1.5.d i local-AS, allowas-in, remove-private-as 110 | * 1.5.d ii Prepend 111 | * 1.5.d iii Regexp 112 | * 1.5.e Convergence and scalability 113 | * 1.5.e i Route reflector 114 | * 1.5.e ii Aggregation, as-set 115 | * 1.5.f Other BGP features 116 | * 1.5.f i Multipath, add-path 117 | * 1.5.f ii Soft reconfiguration, Route Refresh 118 | 119 | ### 1.6 Multicast 120 | 121 | * 1.6.a Layer 2 multicast 122 | * 1.6.a i IGMPv2, IGMPv3 123 | * 1.6.a ii IGMP Snooping, PIM Snooping 124 | * 1.6.a iii IGMP Querier 125 | * 1.6.a iv IGMP Filter 126 | * 1.6.a v MLD 127 | * 1.6.b Reverse path forwarding check 128 | * 1.6.c PIM 129 | * 1.6.c i Sparse Mode 130 | * 1.6.c ii Static RP, BSR, AutoRP 131 | * 1.6.c iii Group to RP Mapping 132 | * 1.6.c iv Bidirectional PIM 133 | * 1.6.c v Source-Specific Multicast 134 | * 1.6.c vi Multicast boundary, RP announcement filter 135 | * 1.6.c vii PIMv6 Anycast RP 136 | * 1.6.c viii IPv4 Anycast RP using MSDP 137 | * 1.6.c ix Multicast multipath 138 | 139 | ## 2.0 Software Defined Infrastructure 140 | 141 | ### 2.1 Cisco SD Access 142 | 143 | * 2.1.a Design a Cisco SD Access solution 144 | * 2.1.a i Underlay network (IS-IS, manual/PnP) 145 | * 2.1.a ii Overlay fabric design (LISP, VXLAN, Cisco TrustSec) 146 | * 2.1.a iii Fabric domains (single-site and multi-site using SD-WAN transit) 147 | * 2.1.b Cisco SD Access deployment 148 | * 2.1.b i Cisco DNA Center device discovery and device management 149 | * 2.1.b ii Add fabric node devices to an existing fabric 150 | * 2.1.b iii Host onboarding (wired endpoints only) 151 | * 2.1.b iv Fabric border handoff 152 | * 2.1.c Segmentation 153 | * 2.1.c i Macro-level segmentation using VNs 154 | * 2.1.c ii Micro-level segmentation using SGTs (using Cisco ISE) 155 | * 2.1.d Assurance 156 | * 2.1.d i Network and client health (360) 157 | * 2.1.d ii Monitoring and troubleshooting 158 | 159 | ### 2.2 Cisco SD-WAN 160 | 161 | * 2.2.a Design a Cisco SD-WAN solution 162 | * 2.2.a i Orchestration plane (vBond, NAT) 163 | * 2.2.a ii Management plane (vManage) 164 | * 2.2.a iii Control plane (vSmart, OMP) 165 | * 2.2.a iv Data plane (vEdge/cEdge) 166 | * 2.2.b WAN edge deployment 167 | * 2.2.b i Onboarding new edge routers 168 | * 2.2.b ii Orchestration with zero-touch provisioning/Plug-And-Play 169 | * 2.2.b iii OMP 170 | * 2.2.b iv TLOC 171 | * 2.2.c Configuration templates 172 | * 2.2.d Localized policies 173 | * 2.2.e Centralized policies 174 | 175 | 176 | ## 3.0 Transport Technologies and Solutions 177 | 178 | ### 3.1 MPLS 179 | 180 | * 3.1.a Operations 181 | * 3.1.a i Label stack, LSR, LSP 182 | * 3.1.a ii LDP 183 | * 3.1.a iii MPLS ping, MPLS traceroute 184 | * 3.1.b L3VPN 185 | * 3.1.b i PE-CE routing 186 | * 3.1.b ii MP-BGP VPNv4/VPNv6 187 | * 3.1.b iii Extranet (route leaking) 188 | 189 | ### 3.2 DMVPN 190 | 191 | * 3.2 DMVPN 192 | * 3.2.a Troubleshoot DMVPN Phase 3 with dual-hub 193 | * 3.2.a i NHRP 194 | * 3.2.a ii IPsec/IKEv2 using pre-shared key 195 | * 3.2.a iii Per-Tunnel QoS 196 | * 3.2.b Identify use-cases for FlexVPN 197 | * 3.2.b i Site-to-site, Server, Client, Spoke-to-Spoke 198 | * 3.2.b ii IPsec/IKEv2 using pre-shared key 199 | * 3.2.b iii MPLS over FlexVPN 200 | 201 | 202 | ## 4.0 Infrastructure Security and Services 203 | 204 | ### 4.1 Device Security on Cisco IOS XE 205 | 206 | * 4.1.a Control plane policing and protection 207 | * 4.1.b AAA 208 | 209 | 210 | ### 4.2 Network Security 211 | 212 | * 4.2.a Switch security features 213 | * 4.2.a i VACL, PACL 214 | * 4.2.a ii Storm control 215 | * 4.2.a iii DHCP Snooping, DHCP option 82 216 | * 4.2.a iv IP Source Guard 217 | * 4.2.a v Dynamic ARP Inspection 218 | * 4.2.a vi Port Security 219 | * 4.2.a vii Private VLAN 220 | * 4.2.b Router security features 221 | * 4.2.b i IPv6 Traffic Filters 222 | * 4.2.b ii IPv4 Access Control Lists 223 | * 4.2.b iii Unicast Reverse Path Forwarding 224 | * 4.2.c IPv6 infrastructure security features 225 | * 4.2.c i RA Guard 226 | * 4.2.c ii DHCP Guard 227 | * 4.2.c iii Binding table 228 | * 4.2.c iv Device tracking 229 | * 4.2.c v ND Inspection/Snooping 230 | * 4.2.c vi Source Guard 231 | * 4.2.d IEEE 802.1X Port-Based Authentication 232 | * 4.2.d i Device roles, port states 233 | * 4.2.d ii Authentication process 234 | * 4.2.d iii Host modes 235 | 236 | 237 | ### 4.3 System Management 238 | 239 | * 4.3.a Device management 240 | * 4.3.a i Console and VTY 241 | * 4.3.a ii SSH, SCP 242 | * 4.3.a iii RESTCONF, NETCONF 243 | * 4.3.b SNMP 244 | * 4.3.b i v2c 245 | * 4.3.b ii v3 246 | * 4.3.c Logging 247 | * 4.3.c i Local logging, syslog, debugs, conditional debugs 248 | * 4.3.c ii Timestamps 249 | 250 | ### 4.4 Quality of Service 251 | 252 | * 4.4.a End to end L3 QoS using MQC 253 | * 4.4.a i DiffServ 254 | * 4.4.a ii CoS and DSCP Mapping 255 | * 4.4.a iii Classification 256 | * 4.4.a iv Network Based Application Recognition (NBAR) 257 | * 4.4.a v Marking using IP Precedence, DSCP, CoS 258 | * 4.4.a vi Policing, shaping 259 | * 4.4.a vii Congestion management and avoidance 260 | * 4.4.a viii HQoS, Sub-rate Ethernet Link 261 | 262 | ### 4.5 Network Services 263 | 264 | * 4.5.a First-Hop Redundancy Protocols 265 | * 4.5.a i HSRP, GLBP, VRRP 266 | * 4.5.a ii Redundancy using IPv6 RS/RA 267 | * 4.5.b Network Time Protocol 268 | * 4.5.b i Master, client 269 | * 4.5.b ii Authentication 270 | * 4.5.c DHCP on Cisco IOS 271 | * 4.5.c i Client, server, relay 272 | * 4.5.c ii Options 273 | * 4.5.c iii SLAAC/DHCPv6 interaction 274 | * 4.5.c iv Stateful, stateless DHCPv6 275 | * 4.5.c v DHCPv6 Prefix Delegation 276 | * 4.5.d IPv4 Network Address Translation 277 | * 4.5.d i Static NAT, PAT 278 | * 4.5.d ii Dynamic NAT, PAT 279 | * 4.5.d iii Policy-based NAT, PAT 280 | * 4.5.d iv VRF aware NAT, PAT 281 | * 4.5.d v IOS-XE VRF-Aware Software Infrastructure (VASI) NAT 282 | 283 | 284 | ### 4.6 Network optimization 285 | 286 | * 4.6.a IP SLA 287 | * 4.6.a i ICMP probes 288 | * 4.6.a ii UDP probes 289 | * 4.6.a iii TCP probes 290 | * 4.6.b Tracking object 291 | * 4.6.c Flexible Netflow 292 | 293 | 294 | ### 4.7 Network operations 295 | 296 | * 4.7.a Traffic capture 297 | * 4.7.a i SPAN 298 | * 4.7.a ii RSPAN 299 | * 4.7.a iii ERSPAN 300 | * 4.7.a iv Embedded Packet Capture 301 | * 4.7.b Cisco IOS-XE troubleshooting tools 302 | * 4.7.b i Packet Trace 303 | * 4.7.b ii Conditional debugger (debug platform condition) 304 | 305 | 306 | ## 5.0 Infrastructure Automation and Programmability 307 | 308 | ### 5.1 Data encoding formats 309 | 310 | * 5.1.a JSON 311 | * 5.1.b XML 312 | 313 | ### 5.2 Automation and scripting 314 | 315 | * 5.2.a EEM applets 316 | * 5.2.b Guest shell 317 | * 5.2.b i Linux environment 318 | * 5.2.b ii CLI Python module 319 | * 5.2.b iii EEM Python module 320 | 321 | ### 5.3 Programmability 322 | 323 | * 5.3.a Interaction with vManage API 324 | * 5.3.a i Python requests library and Postman 325 | * 5.3.a ii Monitoring endpoints 326 | * 5.3.a iii Configuration endpoints 327 | * 5.3.b Interaction with Cisco DNA Center API 328 | * 5.3.b i HTTP request (GET, PUT, POST) via Python requests library and Postman 329 | * 5.3.c Interaction with Cisco IOS XE API 330 | * 5.3.c i Via NETCONF/YANG using Python ncclient library 331 | * 5.3.c ii Via RESTCONF/YANG using Python requests library and Postman 332 | * 5.3.d Deploy and verify model-driven telemetry 333 | * 5.3.d i Configure on-change subscription using gRPC 334 | 335 | 336 | -------------------------------------------------------------------------------- /lab-ideas.md: -------------------------------------------------------------------------------- 1 | # CCIE EI Topics 2 | 3 | ## 1.0 Network Infrastructure - 30% 4 | 5 | ### 1.1 Switched Campus 6 | 7 | * 1.1.a Switch administration 8 | * 1.1.a i Managing MAC address table 9 | - [ ] Configure static MAC-IP mapping on VLAN 10 10 | * 1.1.a ii Errdisable recovery 11 | - [ ] Enable errdisable recovery for all causes 12 | * 1.1.a iii L2 MTU 13 | - [ ] Configure jumbo frames on all MPLS router interfaces 14 | * 1.1.b Layer 2 protocols 15 | * 1.1.b i CDP, LLDP 16 | - [ ] Enable CDP and LLDP on all interfaces in HQ site 17 | - [ ] Transmit all TLVs in LLDP 18 | * 1.1.b ii UDLD 19 | - [ ] Enable UDLD at one branch, using fast hellos 20 | - [ ] On one device, enable globally, on another enable per-interface 21 | * 1.1.c VLAN technologies 22 | * 1.1.c i Access ports 23 | * 1.1.c ii Trunk ports (802.1Q) 24 | * 1.1.c iii Native VLAN 25 | * 1.1.c iv Manual VLAN pruning 26 | - [ ] Configure manual VLAN pruning at core to agg level 27 | * 1.1.c v VLAN database 28 | * 1.1.c vi Normal range and extended range VLANs 29 | * 1.1.c vii Voice VLAN 30 | - [ ] Configure voice VLAN on all user ports at one branch 31 | * 1.1.c viii VTP 32 | * Configure VTPv2 at one branch 33 | - [ ] Use a password that cannot be read in the config 34 | - [ ] Configure automatic VLAN pruning 35 | * Configure VTPv3 at another branch 36 | - [ ] Require a password to create more VLANs 37 | - [ ] Configure MST and configure VTP to carry MST configuration 38 | * 1.1.d EtherChannel 39 | * 1.1.d i LACP, static 40 | - [ ] Configure static LAG 41 | - [ ] Change the config to LACP with one side initiating, other responding only 42 | * 1.1.d ii Layer 2, Layer 3 43 | - [ ] Configure a layer 3 port channel with subinterfaces 44 | * 1.1.d iii Load balancing 45 | - [ ] Modify load-balancing method on port-channels 46 | * 1.1.d iv EtherChannel Misconfiguration Guard 47 | - [ ] Enable etherchannel misconfiguration guard and make a misconfiguration that makes it fire 48 | * 1.1.e Spanning- Tree Protocol 49 | * 1.1.e i PVST+, Rapid PVST+, MST 50 | - [ ] Configure PVST+ with uplinkfast, backbonefast at campus site 51 | - [ ] Upgrade to Rapid PVST+ 52 | - [ ] Migrate to MST 53 | * 1.1.e ii Switch priority, port priority, path cost, STP timers 54 | - [ ] Modify STP path selection in campus with switch priority 55 | - [ ] Modify STP path selection in campus with port priority 56 | - [ ] Modify STP path selection in campus with path cost 57 | - [ ] Modify STP timers for faster convergence 58 | * 1.1.e iii PortFast, BPDU Guard, BPDU Filter 59 | - [ ] Enable portfast on all access ports on campus access switches 60 | - [ ] Enable bpduguard, make it fire 61 | - [ ] Enable bpdufilter, cause a loop 62 | * 1.1.e iv Loop Guard, Root Guard 63 | - [ ] On one access switch, enable loop guard and root guard on all interfaces globally 64 | - [ ] On another, enable loop guard and root guard per-interface, as needed 65 | 66 | ### 1.2 Routing Concepts 67 | 68 | * 1.2.a Administrative distance 69 | * 1.2.b VRF-lite 70 | * 1.2.c Static routing 71 | * 1.2.d Policy Based Routing 72 | * 1.2.e VRF aware routing with any routing protocol 73 | * 1.2.f Route filtering with any routing protocol 74 | * 1.2.g Manual summarization with any routing protocol 75 | * 1.2.h Redistribution between any pair of routing protocols 76 | * 1.2.i Routing protocol authentication 77 | * 1.2.j Bidirectional Forwarding Detection 78 | 79 | 80 | ### 1.3 EIGRP 81 | 82 | * 1.3.a Adjacencies 83 | * 1.3.b Best path selection 84 | * 1.3.b i RD, FD, FC, successor, feasible successor 85 | * 1.3.b ii Classic Metrics and Wide Metrics 86 | * 1.3.c Operations 87 | * 1.3.c i General operations 88 | * 1.3.c ii Topology table 89 | * 1.3.c iii Packet types 90 | * 1.3.c iv Stuck In Active 91 | * 1.3.c v Graceful shutdown 92 | * 1.3.d EIGRP load-balancing 93 | * 1.3.d i Equal-cost 94 | * 1.3.d ii Unequal-cost 95 | * 1.3.d iii Add-path 96 | * 1.3.e EIGRP Named Mode 97 | * 1.3.f Optimization, convergence and scalability 98 | * 1.3.f i Fast convergence requirements 99 | * 1.3.f ii Query propagation boundaries 100 | * 1.3.f iii IP FRR (single hop) 101 | * 1.3.f iv Leak-map with summary routes 102 | * 1.3.f v EIGRP stub with leak map 103 | 104 | ### 1.4 OSPF (v2 and v3) 105 | 106 | * 1.4.a Adjacencies 107 | * 1.4.b Network types, area types 108 | * 1.4.c Path preference 109 | * 1.4.d Operations 110 | * 1.4.d i General operations 111 | * 1.4.d ii Graceful shutdown 112 | * 1.4.d iii GTSM (Generic TTL Security Mechanism) 113 | * 1.4.e Optimization, convergence and scalability 114 | * 1.4.e i Metrics 115 | * 1.4.e ii LSA throttling, SPF tuning, fast hello 116 | * 1.4.e iii LSA propagation control (area types) 117 | * 1.4.e iv Stub router 118 | * 1.4.e v Loop-free alternate 119 | * 1.4.e vi Prefix suppression 120 | 121 | ### 1.5 BGP 122 | 123 | * 1.5.a IBGP and EBGP peer relationships 124 | * 1.5.a i Peer-group/update-group, template 125 | * 1.5.a ii Active, passive 126 | * 1.5.a iii Timers 127 | * 1.5.a iv Dynamic neighbors 128 | * 1.5.a v 4-bytes AS numbers 129 | * 1.5.a vi Private AS 130 | * 1.5.b Path selection 131 | * 1.5.b i Attributes 132 | * 1.5.b ii Best path selection algorithm 133 | * 1.5.b iii Load-balancing 134 | * 1.5.c Routing policies 135 | * 1.5.c i Attribute manipulation 136 | * 1.5.c ii Conditional advertisement 137 | * 1.5.c iii Outbound Route Filtering 138 | * 1.5.c iv Standard and extended communities 139 | * 1.5.c v Multi-homing 140 | * 1.5.d AS path manipulations 141 | * 1.5.d i local-AS, allowas-in, remove-private-as 142 | * 1.5.d ii Prepend 143 | * 1.5.d iii Regexp 144 | * 1.5.e Convergence and scalability 145 | * 1.5.e i Route reflector 146 | * 1.5.e ii Aggregation, as-set 147 | * 1.5.f Other BGP features 148 | * 1.5.f i Multipath, add-path 149 | * 1.5.f ii Soft reconfiguration, Route Refresh 150 | 151 | ### 1.6 Multicast 152 | 153 | * 1.6.a Layer 2 multicast 154 | * 1.6.a i IGMPv2, IGMPv3 155 | * 1.6.a ii IGMP Snooping, PIM Snooping 156 | * 1.6.a iii IGMP Querier 157 | * 1.6.a iv IGMP Filter 158 | * 1.6.a v MLD 159 | * 1.6.b Reverse path forwarding check 160 | * 1.6.c PIM 161 | * 1.6.c i Sparse Mode 162 | * 1.6.c ii Static RP, BSR, AutoRP 163 | * 1.6.c iii Group to RP Mapping 164 | * 1.6.c iv Bidirectional PIM 165 | * 1.6.c v Source-Specific Multicast 166 | * 1.6.c vi Multicast boundary, RP announcement filter 167 | * 1.6.c vii PIMv6 Anycast RP 168 | * 1.6.c viii IPv4 Anycast RP using MSDP 169 | * 1.6.c ix Multicast multipath 170 | 171 | ## 2.0 Software Defined Infrastructure - 25% 172 | 173 | ### 2.1 Cisco SD Access 174 | 175 | * 2.1.a Design a Cisco SD Access solution 176 | * 2.1.a i Underlay network (IS-IS, manual/PnP) 177 | * 2.1.a ii Overlay fabric design (LISP, VXLAN, Cisco TrustSec) 178 | * 2.1.a iii Fabric domains (single-site and multi-site using SD-WAN transit) 179 | * 2.1.b Cisco SD Access deployment 180 | * 2.1.b i Cisco DNA Center device discovery and device management 181 | * 2.1.b ii Add fabric node devices to an existing fabric 182 | * 2.1.b iii Host onboarding (wired endpoints only) 183 | * 2.1.b iv Fabric border handoff 184 | * 2.1.c Segmentation 185 | * 2.1.c i Macro-level segmentation using VNs 186 | * 2.1.c ii Micro-level segmentation using SGTs (using Cisco ISE) 187 | * 2.1.d Assurance 188 | * 2.1.d i Network and client health (360) 189 | * 2.1.d ii Monitoring and troubleshooting 190 | 191 | ### 2.2 Cisco SD-WAN 192 | 193 | * 2.2.a Design a Cisco SD-WAN solution 194 | * 2.2.a i Orchestration plane (vBond, NAT) 195 | * 2.2.a ii Management plane (vManage) 196 | * 2.2.a iii Control plane (vSmart, OMP) 197 | * 2.2.a iv Data plane (vEdge/cEdge) 198 | * 2.2.b WAN edge deployment 199 | * 2.2.b i Onboarding new edge routers 200 | * 2.2.b ii Orchestration with zero-touch provisioning/Plug-And-Play 201 | * 2.2.b iii OMP 202 | * 2.2.b iv TLOC 203 | * 2.2.c Configuration templates 204 | * 2.2.d Localized policies 205 | * 2.2.e Centralized policies 206 | 207 | 208 | ## 3.0 Transport Technologies and Solutions - 15% 209 | 210 | ### 3.1 MPLS 211 | 212 | * 3.1.a Operations 213 | * 3.1.a i Label stack, LSR, LSP 214 | * 3.1.a ii LDP 215 | * 3.1.a iii MPLS ping, MPLS traceroute 216 | * 3.1.b L3VPN 217 | * 3.1.b i PE-CE routing 218 | * 3.1.b ii MP-BGP VPNv4/VPNv6 219 | * 3.1.b iii Extranet (route leaking) 220 | 221 | ### 3.2 DMVPN 222 | 223 | * 3.2 DMVPN 224 | * 3.2.a Troubleshoot DMVPN Phase 3 with dual-hub 225 | * 3.2.a i NHRP 226 | * 3.2.a ii IPsec/IKEv2 using pre-shared key 227 | * 3.2.a iii Per-Tunnel QoS 228 | * 3.2.b Identify use-cases for FlexVPN 229 | * 3.2.b i Site-to-site, Server, Client, Spoke-to-Spoke 230 | * 3.2.b ii IPsec/IKEv2 using pre-shared key 231 | * 3.2.b iii MPLS over FlexVPN 232 | 233 | 234 | ## 4.0 Infrastructure Security and Services - 15% 235 | 236 | ### 4.1 Device Security on Cisco IOS XE 237 | 238 | * 4.1.a Control plane policing and protection 239 | * 4.1.b AAA 240 | 241 | 242 | ### 4.2 Network Security 243 | 244 | * 4.2.a Switch security features 245 | * 4.2.a i VACL, PACL 246 | * 4.2.a ii Storm control 247 | * 4.2.a iii DHCP Snooping, DHCP option 82 248 | * 4.2.a iv IP Source 249 | * 4.2.a v Dynamic ARP Inspection 250 | * 4.2.a vi Port Security 251 | * 4.2.a vii Private VLAN 252 | * 4.2.b Router security features 253 | * 4.2.b i IPv6 Traffic Filters 254 | * 4.2.b ii IPv4 Access Control Lists 255 | * 4.2.b iii Unicast Reverse Path Forwarding 256 | * 4.2.c IPv6 infrastructure security features 257 | * 4.2.c i RA Guard 258 | - [ ] Configure RA guard on switches in Branch #90 259 | - [ ] Router/Uplink ports of access layer: 260 | - [ ] Configure policies to match O and M flags as necessary 261 | - [ ] Configure RA guard policy to only match LLA of routers that should be sending RAs 262 | - [ ] Configure RA guard to only allow RAs with correct GUA prefixes 263 | - [ ] Configure RA guard to match correct default router preference 264 | - [ ] Configure differnet policies for differnet VLANs 265 | - [ ] Host ports: 266 | - [ ] Configure RA guard 267 | * 4.2.c ii DHCP Guard 268 | * 4.2.c iii Binding table 269 | * 4.2.c iv Device tracking 270 | * 4.2.c v ND Inspection/Snooping 271 | * 4.2.c vi Source Guard 272 | * 4.2.d IEEE 802.1X Port-Based Authentication 273 | * 4.2.d i Device roles, port states 274 | * 4.2.d ii Authentication process 275 | * 4.2.d iii Host modes 276 | 277 | 278 | ### 4.3 System Management 279 | 280 | * 4.3.a Device management 281 | * 4.3.a i Console and VTY 282 | * 4.3.a ii SSH, SCP 283 | * 4.3.a iii RESTCONF, NETCONF 284 | * 4.3.b SNMP 285 | * 4.3.b i v2c 286 | * 4.3.b ii v3 287 | * 4.3.c Logging 288 | * 4.3.c i Local logging, syslog, debugs, conditional debugs 289 | * 4.3.c ii Timestamps 290 | 291 | ### 4.4 Quality of Service 292 | 293 | * 4.4.a End to end L3 QoS using MQC 294 | * 4.4.a i DiffServ 295 | * 4.4.a ii CoS and DSCP Mapping 296 | * 4.4.a iii Classification 297 | * 4.4.a iv Network Based Application Recognition (NBAR) 298 | * 4.4.a v Marking using IP Precedence, DSCP, CoS 299 | * 4.4.a vi Policing, shaping 300 | * 4.4.a vii Congestion management and avoidance 301 | * 4.4.a viii HQoS, Sub-rate Ethernet Link 302 | 303 | ### 4.5 Network Services 304 | 305 | * 4.5.a First-Hop Redundancy Protocols 306 | * 4.5.a i HSRP, GLBP, VRRP 307 | * 4.5.a ii Redundancy using IPv6 RS/RA 308 | * 4.5.b Network Time Protocol 309 | * 4.5.b i Master, client 310 | * 4.5.b ii Authentication 311 | * 4.5.c DHCP on Cisco IOS 312 | * 4.5.c i Client, server, relay 313 | * 4.5.c ii Options 314 | * 4.5.c iii SLAAC/DHCPv6 interaction 315 | * 4.5.c iv Stateful, stateless DHCPv6 316 | * 4.5.c v DHCPv6 Prefix Delegation 317 | * 4.5.d IPv4 Network Address Translation 318 | * 4.5.d i Static NAT, PAT 319 | * 4.5.d ii Dynamic NAT, PAT 320 | * 4.5.d iii Policy-based NAT, PAT 321 | * 4.5.d iv VRF aware NAT, PAT 322 | * 4.5.d v IOS-XE VRF-Aware Software Infrastructure (VASI) NAT 323 | 324 | 325 | ### 4.6 Network optimization 326 | 327 | * 4.6.a IP SLA 328 | * 4.6.a i ICMP probes 329 | * 4.6.a ii UDP probes 330 | * 4.6.a iii TCP probes 331 | * 4.6.b Tracking object 332 | * 4.6.c Flexible Netflow 333 | 334 | 335 | ### 4.7 Network operations 336 | 337 | * 4.7.a Traffic capture 338 | * 4.7.a i SPAN 339 | * 4.7.a ii RSPAN 340 | * 4.7.a iii ERSPAN 341 | * 4.7.a iv Embedded Packet Capture 342 | * 4.7.b Cisco IOS-XE troubleshooting tools 343 | * 4.7.b i Packet Trace 344 | * 4.7.b ii Conditional debugger (debug platform condition) 345 | 346 | 347 | ## 5.0 Infrastructure Automation and Programmability - 15% 348 | 349 | ### 5.1 Data encoding formats 350 | 351 | * 5.1.a JSON 352 | * 5.1.b XML 353 | 354 | ### 5.2 Automation and scripting 355 | 356 | * 5.2.a EEM applets 357 | * 5.2.b Guest shell 358 | * 5.2.b i Linux environment 359 | * 5.2.b ii CLI Python module 360 | * 5.2.b iii EEM Python module 361 | 362 | ### 5.3 Programmability 363 | 364 | * 5.3.a Interaction with vManage API 365 | * 5.3.a i Python requests library and Postman 366 | * 5.3.a ii Monitoring endpoints 367 | * 5.3.a iii Configuration endpoints 368 | * 5.3.b Interaction with Cisco DNA Center API 369 | * 5.3.b i HTTP request (GET, PUT, POST) via Python requests library and Postman 370 | * 5.3.c Interaction with Cisco IOS XE API 371 | * 5.3.c i Via NETCONF/YANG using Python ncclient library 372 | * 5.3.c ii Via RESTCONF/YANG using Python requests library and Postman 373 | * 5.3.d Deploy and verify model-driven telemetry 374 | * 5.3.d i Configure on-change subscription using gRPC 375 | 376 | 377 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # CCIE EI Resources 2 | 3 | This is a list of resources for CCIE Enterprise Infrastructure candidates. It is not meant to be exhaustive, please add to it! Pull requests welcome. 4 | 5 | * [0.0 General](#00-general) 6 | * [1.0 Network Infrastructure](#10-network-infrastructure) 7 | * [2.0 Software Defined Infrastructure](#20-software-defined-infrastructure) 8 | * [3.0 Transport Technologies and Solutions](#30-transport-technologies-and-solutions) 9 | * [4.0 Infrastructure Security and Services](#40-infrastructure-security-and-services) 10 | * [5.0 Infrastructure Automation and Programmability](#50-infrastructure-automation-and-programmability) 11 | 12 | Legend: 13 | * 📺 Video 14 | * 🗒️ Cisco Docs 15 | * 📚 Book 16 | * 📝 RFC/Standard 17 | 18 | -------------------- 19 |   20 | ## 0.0 General 21 | 22 | ### 0.1 Cisco Resources 23 | 24 | * [Official Exam Topics](https://learningcontent.cisco.com/documents/exam-topics/CCIE+Enterprise+Infrastructure+(v1.0+RevA)+Exam+Topics.pdf) 25 | * [CCIE Enterprise Infrastructure Equipment and Software List](https://learningnetwork.cisco.com/s/article/ccie-enterprise-infrastructure-equipment-and-software-list) 26 | * [Cisco CCIE EI Training Tracking Log/Matrix (XLSX)]( https://www.cisco.com/c/dam/en_us/training-events/le31/le46/cln/marketing/learning-matrix/CCIE-Enterprise-Infrastructure-v1-Learning-Matrix.xlsx) 27 | * [CCIE Practical Exam / LAB overview](https://learningnetwork.cisco.com/s/article/ccie-practical-exam-format) 28 | * 📺 [Cisco Live On-Demand Library](https://www.ciscolive.com/global/on-demand-library.html?#/) 29 | * [Cisco DevNet](https://developer.cisco.com/site/networking/) 30 | * [Cisco Design Zone (CVD)](https://www.cisco.com/c/en/us/solutions/design-zone.html) 31 | * [Cisco Communities](https://community.cisco.com/t5/other-network-architecture/bd-p/5981-discussions-other-network-infra) 32 | 33 | ### 0.2 Paid Training Resources and Bootcamps 34 | 35 | * [kbits.live](https://kbits.live/) 36 | * [Micronics CCIE EI v1.0](https://micronicstraining.com/events/ccie-enterprise-infrastructure-v1-o/) 37 | * [Orhan Ergun CCIE EI v1.0](https://orhanergun.net/ccie-enterprise-infrastructure-training/) 38 | * [Network Lessons](https://networklessons.com/cisco/ccie-enterprise-infrastructure) 39 | * [INE CCIE EI v1.0](https://my.ine.com/path/61f74429-8e0c-41b1-ba84-dd542c555df7) 40 | * [Boson NetSim](https://www.boson.com/certification/ccie-enterprise-infrastructure) 41 | * [Lab Minutes](http://www.labminutes.com/) 42 | * [Pluralsight](https://www.pluralsight.com) 43 | 44 | ### 0.3 Labbing Software/Systems 45 | 46 | * [Cisco dCloud](https://dcloud.cisco.com/) 47 | * [Cisco Modeling Labs - Personal Edition (formally VIRL)](https://learningnetworkstore.cisco.com/cisco-modeling-labs-personal/cisco-cml-personal) 48 | * [Eve-NG](https://www.eve-ng.net/) 49 | * [GNS3](https://www.gns3.com/) 50 | * [Rack Rental - Cloud My Lab](https://cloudmylab.com/ccieenterpriseinfrastucture/) 51 | 52 | ### 0.4 Blogroll 53 | 54 | * Coming soon - add your own blog via a pull request! 55 | 56 | ## 1.0 Network Infrastructure 57 | 58 | * 🗒️ [Cisco Docs - Cisco IOS XE Gibraltar 16.12.1](https://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-gibraltar-16-12-1/model.html) 59 | * 🗒️ [Cisco Docs - Software Configuration Guide, Cisco IOS Release 15.2(4)E](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg.html) 60 | 61 | ### 1.1 Switched Campus 62 | * 🗒️ [Cisco IOS-XE Docs - LAN Switching Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/lanswitch/configuration/xe-16-12/lanswitch-xe-16-12-book.html) 63 | * 1.1.a Switch administration 64 | * 1.1.a i Managing MAC address table 65 | * 1.1.a ii Errdisable recovery 66 | * 1.1.a iii L2 MTU 67 | * 1.1.b Layer 2 protocols 68 | * 1.1.b i CDP, LLDP 69 | * 1.1.b ii UDLD 70 | * 1.1.c VLAN technologies 71 | * 1.1.c i Access ports 72 | * 1.1.c ii Trunk ports (802.1Q) 73 | * 1.1.c iii Native VLAN 74 | * 1.1.c iv Manual VLAN pruning 75 | * 1.1.c v VLAN database 76 | * 1.1.c vi Normal range and extended range VLANs 77 | * 1.1.c vii Voice VLAN 78 | * 1.1.c viii VTP 79 | * 1.1.d EtherChannel 80 | * 1.1.d i LACP, static 81 | * 1.1.d ii Layer 2, Layer 3 82 | * 1.1.d iii Load balancing 83 | * 1.1.d iv EtherChannel Misconfiguration Guard 84 | * 1.1.e Spanning- Tree Protocol 85 | * 🗒️ [Cisco Docs - Understanding Rapid Spanning Tree Protocol (802.1w)](https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24062-146.html) 86 | * 1.1.e i PVST+, Rapid PVST+, MST 87 | * 1.1.e ii Switch priority, port priority, path cost, STP timers 88 | * 1.1.e iii PortFast, BPDU Guard, BPDU Filter 89 | * 1.1.e iv Loop Guard, Root Guard 90 | 91 | ### 1.2 Routing Concepts 92 | * 🗒️ [Cisco Docs - IP Routing](https://www.cisco.com/c/en/us/tech/ip/ip-routing/index.html) 93 | * 🗒️ [Cisco Docs - IP Routing: Protocol-Independent Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-16-12/iri-xe-16-12-book.html) 94 | * 1.2.a Administrative distance 95 | * 1.2.b VRF-lite 96 | * 1.2.c Static routing 97 | * 1.2.d Policy Based Routing 98 | * 1.2.e VRF aware routing with any routing protocol 99 | * 1.2.f Route filtering with any routing protocol 100 | * 1.2.g Manual summarization with any routing protocol 101 | * 🗒️ [IP Routing: EIGRP Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - Route Summarization](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-16-12/ire-xe-16-12-book/ire-enhanced-igrp.html#GUID-5EC23579-53DC-4AC4-AED4-9C4748965BD8) 102 | * 🗒️ [IP Routing: EIGRP Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - Configuring Summary Addresses](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-16-12/ire-xe-16-12-book/ip6-route-eigrp-xe.html#GUID-84817AC5-D58C-4C83-9FC4-0434A46CA5FA) 103 | * 🗒️ [IP Routing: OSPF Configuration Guide, Cisco IOS XE Gibraltar 16.12.x- Configuring Route Summarization Between OSPF Areas](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-12/iro-xe-16-12-book/iro-cfg.html#GUID-3507B8ED-037F-465D-AFEE-F3543EE65692) 104 | * 🗒️ [IP Routing: BGP Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - BGP Route Aggregation](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16-12/irg-xe-16-12-book/configuring-a-basic-bgp-network.html#GUID-6DDE6391-682B-4A6F-8659-149272213871) 105 | * 🗒️ [Understanding Route Aggregation in BGP](https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5441-aggregation.html#aggregatingwithouttheassetargument) 106 | * 1.2.h Redistribution between any pair of routing protocols 107 | * 🗒️ [Cisco Troubleshooting TechNote - Redistributing Routing Protocols](https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/8606-redist.html) 108 | * 🗒️ [Cisco Troubleshooting TechNote - Understanding Redistribution of OSPF Routes into BGP](https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5242-bgp-ospf-redis.html) 109 | * 1.2.i Routing protocol authentication 110 | * [Managing Authentication Keys](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-16-12/iri-xe-16-12-book/iri-iprouting.html#GUID-121832C5-C558-4B9D-AEDB-4DA6AAE1B5FA) 111 | * [IP EIGRP Route Authentication](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-16-12/ire-xe-16-12-book/ire-rte-auth.html) 112 | * [IPv6 EIGRP - Configuring EIGRP Route Authentication](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-16-12/ire-xe-16-12-book/ip6-route-eigrp-xe.html#GUID-2ED9BBAC-0271-4361-B486-F060BB1D4096) 113 | * [EIGRP/SAF HMAC-SHA-256 Authentication](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-16-12/ire-xe-16-12-book/ire-sha-256.html) 114 | * [IP Routing: OSPF Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - Configuring Interface Parameters](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-12/iro-xe-16-12-book/iro-cfg.html#GUID-4AABEB56-2125-488B-B5A4-A5650F3159BB) 115 | * [OSPFv2 Cryptographic Authentication](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-12/iro-xe-16-12-book/iro-ospfv2-crypto-authen-xe.html) 116 | * [IPv6 Routing: OSPFv3 Authentication Support with IPsec](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-12/iro-xe-16-12-book/ip6-route-ospfv3-auth-ipsec.html#GUID-BCDA2C85-53CA-4400-B6D9-C2A908AD87B8) 117 | * [OSPFv3 Authentication Trailer](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-12/iro-xe-16-12-book/iro-ospfv3-authtrailer.html) 118 | * [TCP Authentication Option](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-16-12/iri-xe-16-12-book/tcp-ao.html) 119 | * [BGP Support for TCP Authentication Option](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16-12/irg-xe-16-12-book/bgp-support-for-TCP-AO.html) 120 | * 1.2.j Bidirectional Forwarding Detection 121 | * 🗒️ [Cisco Docs - IP Routing: BFD Configuration Guide, Cisco IOS XE Gibraltar 16.12.x](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bfd/configuration/xe-16-12/irb-xe-16-12-book.html) 122 | 123 | ### 1.3 EIGRP 124 | 125 | * 🗒️ [Cisco Docs - IP Routing: EIGRP Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-16-12/ire-xe-16-12-book.html) 126 | * 📺 [Cisco Live - EIGRP](https://www.ciscolive.com/global/on-demand-library.html?search=EIGRP#/) 127 | * 📺 [Cisco Live - EIGRP Deployment in Modern Networks](https://www.ciscolive.com/global/on-demand-library.html?search=BRKRST-2336#/) 128 | * 📺 [Cisco Live - Intro to EIGRP](https://www.ciscolive.com/global/on-demand-library.html#/session/1576111569617001f7vL) 129 | * 📺 [Cisco Live - Troubleshooting EIGRP Networks](https://www.ciscolive.com/global/on-demand-library.html#/session/1542224322901001ryRy) 130 | * 1.3.a Adjacencies 131 | * 1.3.b Best path selection 132 | * 1.3.b i RD, FD, FC, successor, feasible successor 133 | * 1.3.b ii Classic Metrics and Wide Metrics 134 | * 1.3.c Operations 135 | * 1.3.c i General operations 136 | * 1.3.c ii Topology table 137 | * 1.3.c iii Packet types 138 | * 1.3.c iv Stuck In Active 139 | * 1.3.c v Graceful shutdown 140 | * 1.3.d EIGRP load-balancing 141 | * 1.3.d i Equal-cost 142 | * 1.3.d ii Unequal-cost 143 | * 1.3.d iii Add-path 144 | * 1.3.e EIGRP Named Mode 145 | * 1.3.f Optimization, convergence and scalability 146 | * 1.3.f i Fast convergence requirements 147 | * 1.3.f ii Query propagation boundaries 148 | * 1.3.f iii IP FRR (single hop) 149 | * 1.3.f iv Leak-map with summary routes 150 | * 1.3.f v EIGRP stub with leak map 151 | 152 | ### 1.4 OSPF (v2 and v3) 153 | 154 | * 📝 [RFC 2328 OSPF Version 2](https://tools.ietf.org/html/rfc2328) 155 | * 📝 [RFC 5340 OSPF for IPv6](https://tools.ietf.org/html/rfc5340) 156 | * 📚 [OSPF - anatomy of an Internet Routing Protocol]() 157 | * 📚 [Cisco IP Routing - Packet Forwarding and Intra-domain Routing Protocols]() 158 | * 📚 [Routing TCP/IP Vol. 1]() 159 | * 🗒️ [Cisco IOS-XE Docs - OSPF Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-10/iro-xe-16-10-book.html) 160 | * 1.4.a Adjacencies 161 | * 1.4.b Network types, area types 162 | * 1.4.c Path preference 163 | * 1.4.d Operations 164 | * 1.4.d i General operations 165 | * 1.4.d ii Graceful shutdown 166 | * 1.4.d iii GTSM (Generic TTL Security Mechanism) 167 | * 1.4.e Optimization, convergence and scalability 168 | * 1.4.e i Metrics 169 | * 1.4.e ii LSA throttling, SPF tuning, fast hello 170 | * 1.4.e iii LSA propagation control (area types) 171 | * 1.4.e iv Stub router 172 | * 1.4.e v Loop-free alternate 173 | * 1.4.e vi Prefix suppression 174 | 175 | ### 1.5 BGP 176 | 177 | * 📺 [Google Talks - BGP at 18](https://www.youtube.com/watch?v=_Mn4kKVBdaM) 178 | * 📺 [Cisco Live BRKRST-3321 Scaling BGP](https://www.ciscolive.com/c/global/on-demand-library.html?search=BRKRST-3321#/) 179 | * 📚 [Internet Routing Architectures](https://learning.oreilly.com/library/view/internet-routing-architectures/157870233X/) 180 | * 📚 [Routing TCP/IP, Vol II](https://learning.oreilly.com/library/view/routing-tcpip-volume/9780134192772/) 181 | * 📚 [Practical BGP](https://learning.oreilly.com/library/view/practical-bgp/0321127005/) 182 | * 📚 [Optimal Routing Design](https://learning.oreilly.com/library/view/optimal-routing-design/1587051877/) 183 | * 🗒️ [Cisco IOS-XE Docs - IP Routing: BGP Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16-10/irg-xe-16-10-book.html) 184 | * 1.5.a IBGP and EBGP peer relationships 185 | * 1.5.a i Peer-group/update-group, template 186 | * 1.5.a ii Active, passive 187 | * 1.5.a iii Timers 188 | * 1.5.a iv Dynamic neighbors 189 | * 1.5.a v 4-bytes AS numbers 190 | * 1.5.a vi Private AS 191 | * 1.5.b Path selection 192 | * 1.5.b i Attributes 193 | * 1.5.b ii Best path selection algorithm 194 | * 1.5.b iii Load-balancing 195 | * 1.5.c Routing policies 196 | * 1.5.c i Attribute manipulation 197 | * 1.5.c ii Conditional advertisement 198 | * 1.5.c iii Outbound Route Filtering 199 | * 1.5.c iv Standard and extended communities 200 | * 1.5.c v Multi-homing 201 | * 1.5.d AS path manipulations 202 | * 1.5.d i local-AS, allowas-in, remove-private-as 203 | * 1.5.d ii Prepend 204 | * 1.5.d iii Regexp 205 | * 1.5.e Convergence and scalability 206 | * 1.5.e i Route reflector 207 | * 1.5.e ii Aggregation, as-set 208 | * 1.5.f Other BGP features 209 | * 1.5.f i Multipath, add-path 210 | * 1.5.f ii Soft reconfiguration, Route Refresh 211 | 212 | ### 1.6 Multicast 213 | 214 | * 🗒️ [Cisco IOS-XE Docs - PIM Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/xe-16-10/imc-pim-xe-16-10-book.html) 215 | * 🗒️ [Cisco IOS-XE Docs - IGMP configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_igmp/configuration/xe-16-10/imc-igmp-xe-16-10-book.html) 216 | * 📚 [Routing TCP/IP, Vol II](https://learning.oreilly.com/library/view/routing-tcpip-volume/9780134192772/) 217 | * 📚 [Developing IP Multicast Networks](https://www.ciscopress.com/store/developing-ip-multicast-networks-volume-i-paperback-9781587142895) 218 | * 📚 [Interdomain Multicast Routing: Practical Juniper Networks and Cisco Systems Solutions](https://learning.oreilly.com/library/view/interdomain-multicast-routing/0201746123/) 219 | * 📺 [Introduction to IP Multicast - DGTL-BRKIPM-1261](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153548896001JvK2) 220 | * 📺 [Multicast Troubleshooting - BRKIPM-2264](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153548978001J6Mh) 221 | * 1.6.a Layer 2 multicast 222 | * 1.6.a i IGMPv2, IGMPv3 223 | * 1.6.a ii IGMP Snooping, PIM Snooping 224 | * 📝 [RFC 4541](https://datatracker.ietf.org/doc/html/rfc4541) 225 | * 1.6.a iii IGMP Querier 226 | * 1.6.a iv IGMP Filter 227 | * 1.6.a v MLD 228 | * 1.6.b Reverse path forwarding check 229 | * 1.6.c PIM 230 | * 1.6.c i Sparse Mode 231 | * 1.6.c ii Static RP, BSR, AutoRP 232 | * 1.6.c iii Group to RP Mapping 233 | * 1.6.c iv Bidirectional PIM 234 | * 1.6.c v Source-Specific Multicast 235 | * 1.6.c vi Multicast boundary, RP announcement filter 236 | * 1.6.c vii PIMv6 Anycast RP 237 | * [IP Multicast: PIM Configuration Guide, Cisco IOS XE Gibraltar 16.12.x | Chapter: Configuring Basic IP Multicast in IPv6 Networks](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/xe-16-12/imc-pim-xe-16-12-book/imc-basic-ipv6.html) 238 | * 1.6.c viii IPv4 Anycast RP using MSDP 239 | * 1.6.c ix Multicast multipath 240 | * [Load Splitting IP Multicast Traffic over ECMP](https://www.cisco.com/c/en/us/td/docs/ios/12_4t/ip_mcast/configuration/guide/mctlsplt.html) 241 | 242 | ## 2.0 Software Defined Infrastructure 243 | 244 | ### 2.1 Cisco SD Access 245 | 246 | * 🗒️ [Cisco Docs - DNA Assurance User Guide 1.3.1](https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center-assurance/1-3-1-0/b_cisco_dna_assurance_1_3_1_0_ug.html) 247 | * 📺 [Cisco Live - Cisco DNA Center - Network operation and cross architecture integration with IT Service Management - DGTL-BRKNMS-2458](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153550070001JR6j) 248 | * 📺 [Cisco Live - Cisco DNA Center: The evolution from traditional Management to Intent-Based Automation and Assurance - DGTL-BRKNMS-2031](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153549708001JKkm) 249 | * 📺 [Cisco Live - DNA-C Design and Policy - DEMCOC-602](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1590057454471001bDUv) 250 | * 📺 [Cisco Live - Policy and Segmentation with Cisco DNA Center - DEMCRS-601](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1590057460045001bOTB) 251 | * 📺 [Cisco Live - SD-Access Fabric, Why is My Salsa So Tasty? How SD-Access Solves Enterprise Challenges - DLBTEC-51](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/15892240689180019WZ6) 252 | * 📺 [Cisco Live - SD Access : Troubleshooting the fabric - DGTL-BRKARC-2020](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153537677001Jo5z) 253 | * 🗒️ [Cisco CVD - Software Defined Access Design Guide](https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-Access-Design-Sol1dot2-2018DEC.pdf) 254 | * 🗒️ [Cisco CVD - SD Access Deployment Guide](https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-Access-Segmentation-Design-Guide-2018MAY.pdf) 255 | * 📚 [Cisco Software-Defined Access (August 2020)](https://learning.oreilly.com/library/view/cisco-software-defined-access/9780136448341/) 256 | * 📚 [Cisco Digital Network Architecture: Intent-based Networking for the Enterprise](https://learning.oreilly.com/library/view/cisco-digital-network/9780134723952/) 257 | * 2.1.a Design a Cisco SD Access solution 258 | * 2.1.a i Underlay network (IS-IS, manual/PnP) 259 | * 2.1.a ii Overlay fabric design (LISP, VXLAN, Cisco TrustSec) 260 | * 2.1.a iii Fabric domains (single-site and multi-site using SD-WAN transit) 261 | * [Cisco Live BRKCRS-2815 - Cisco SD-Access – Connecting Multiple Sites in a Single Fabric Domain](https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKCRS-2815.pdf) 262 | * [CVD: Cisco SD-Access | SD-WAN Independent Domain Pairwise Integration](https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/Cisco-SD-Access-SD-WAN-Independent-Domain-Guide.pdf) 263 | * [CVD: Cisco SD-Access | SD-WAN Integrated Domain Pairwise Integration](https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/Cisco-SD-Access-SD-WAN-Integrated-Domain-Guide.pdf) 264 | * 2.1.b Cisco SD Access deployment 265 | * 2.1.b i Cisco DNA Center device discovery and device management 266 | * 2.1.b ii Add fabric node devices to an existing fabric 267 | * 2.1.b iii Host onboarding (wired endpoints only) 268 | * 2.1.b iv Fabric border handoff 269 | * 2.1.c Segmentation 270 | * 2.1.c i Macro-level segmentation using VNs 271 | * 2.1.c ii Micro-level segmentation using SGTs (using Cisco ISE) 272 | * 2.1.d Assurance 273 | * 2.1.d i Network and client health (360) 274 | * 2.1.d ii Monitoring and troubleshooting 275 | 276 | ### 2.2 Cisco SD-WAN 277 | 278 | * 🗒️ [Cisco Docs - vManage How Tos](https://sdwan-docs.cisco.com/Product_Documentation/vManage_How-Tos/Configuration) 279 | * 🗒️ [Cisco Docs - Device Configuration Template](https://sdwan-docs.cisco.com/Product_Documentation/vManage_How-Tos/Configuration/Create_a_Device_Configuration_Template) 280 | * 🗒️ [Cisco Design Zone for Branch, WAN, and Internet Edge](https://www.cisco.com/c/en/us/solutions/design-zone/networking-design-guides/branch-wan-edge.html) 281 | * 🗒️ [Cisco SD-WAN Design Guide](https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html) 282 | * 📺 [Cisco Live - SD-WAN](https://www.ciscolive.com/global/on-demand-library.html?search=SD-WAN) 283 | * 📺 [Cisco Live - Building and Using Policies with Cisco SD-WAN](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153553280001Jhr9) 284 | * 📺 [Cisco Live - Delivering Cisco Next Generation SD-WAN with Viptela - BRKCRS-2110](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153542774001Jftj) 285 | * 📺 [Cisco Live - Designing for a Cloud-Ready Secure WAN Architecture - DLBTEC-50](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1588378944558001YIgm) 286 | * 📺 [Cisco Live - SD-WAN and Network Functions Service Chaining - DGTL-BRKENS-1100](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1572617849119001peXV) 287 | * 📺 [Cisco Live - SD-WAN, deployment strategies, managing and monitoring - BRKRST-2519](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153553037001JE2U) 288 | * 📺 [Cisco Live - SD-WAN Enterprise Routing Platform Overview - DGTL-BRKARC-2102](https://www.ciscolive.com/global/on-demand-library.html?search=DGTL-BRKARC-2102#/session/1571753540403001fdv8) 289 | * 📚 [CCNP Enterprise Design ENSLD 300-420 Official Cert Guide Chapter 11](https://learning.oreilly.com/library/view/ccnp-enterprise-design/9780136575160/) 290 | * 📚 [Software Defined Wide Area Networks (Aug 2020)](https://www.ciscopress.com/store/cisco-software-defined-wide-area-networks-designing-9780136533177) 291 | * 2.2.a Design a Cisco SD-WAN solution 292 | * 2.2.a i Orchestration plane (vBond, NAT) 293 | * 2.2.a ii Management plane (vManage) 294 | * 2.2.a iii Control plane (vSmart, OMP) 295 | * 2.2.a iv Data plane (vEdge/cEdge) 296 | * 2.2.b WAN edge deployment 297 | * 2.2.b i Onboarding new edge routers 298 | * 2.2.b ii Orchestration with zero-touch provisioning/Plug-And-Play 299 | * 2.2.b iii OMP 300 | * 2.2.b iv TLOC 301 | * 2.2.c Configuration templates 302 | * 2.2.d Localized policies 303 | * 2.2.e Centralized policies 304 | 305 | 306 | ## 3.0 Transport Technologies and Solutions 307 | 308 | ### 3.1 MPLS 309 | 310 | * 🗒️ [Cisco Docs - MPLS Label Distribution Protocol Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_ldp/configuration/xe-16/mp-ldp-xe-16-book.html) 311 | * 🗒️ [Cisco Docs - MPLS: Layer 3 VPNs Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16-12/mp-l3-vpns-xe-16-12-book.html) 312 | * 📺 [Cisco Live - MPLS](https://www.ciscolive.com/global/on-demand-library.html?search=MPLS#/) 313 | * 📺 [Cisco Live - Introduction to MPLS - DGTL-BRKMPL-1100](https://www.ciscolive.com/global/on-demand-library.html?search.event=ciscoliveus2020&cid=20200618atttu&ccid=cc001205&dtid=oemrft001460&fix=0#/session/1573153549100001JJkV) 314 | * 3.1.a Operations 315 | * 3.1.a i Label stack, LSR, LSP 316 | * 3.1.a ii LDP 317 | * 3.1.a iii MPLS ping, MPLS traceroute 318 | * [INE Blog - MPLS Ping and Traceroute](https://blog.ine.com/2008/11/24/mpls-ping-and-traceroute) 319 | * 3.1.b L3VPN 320 | * 3.1.b i PE-CE routing 321 | * 3.1.b ii MP-BGP VPNv4/VPNv6 322 | * 3.1.b iii Extranet (route leaking) 323 | 324 | ### 3.2 DMVPN 325 | * 🗒️ [Cisco Docs - Dynamic Multipoint VPN Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/xe-16-12/sec-conn-dmvpn-xe-16-12-book.html) 326 | * 📺 [Cisco Live - Demystifying DMVPN BRKSEC-3052](https://www.ciscolive.com/global/on-demand-library.html?search=dmvpn#/session/1484773617788001WfsN) 327 | * 📺 [Cisco Live - DMVPN](https://www.ciscolive.com/global/on-demand-library.html?search=DMVPN#/) 328 | * 📺 [Cisco Live - Advanced Concepts of DMVPN BRKSEC-4054](https://www.ciscolive.com/c/global/on-demand-library.html?search=dmvpn#/session/1484773617075001W8sx) 329 | * 3.2.a Troubleshoot DMVPN Phase 3 with dual-hub 330 | * 📺 [Cisco Live - Troubleshooting Dynamic Multipoint VPN (DMVPN) BRKSEC-3052](https://www.ciscolive.com/global/on-demand-library.html?search=dmvpn#/session/1454486436572001QYT4) 331 | * [Cisco Docs - Most Common DMVPN Troubleshooting Solutions](https://www.cisco.com/c/en/us/support/docs/security/dynamic-multipoint-vpn-dmvpn/111976-dmvpn-troubleshoot-00.html) 332 | * 3.2.a i NHRP 333 | * 3.2.a ii IPsec/IKEv2 using pre-shared key 334 | * 3.2.a iii Per-Tunnel QoS 335 | * 🗒️ [Cisco Docs - DMVPN - Per-Tunnel QoS](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-per-tunnel-qos.html) 336 | * 🗒️ [Networking with Fish: Playing in the Lab: DMVPN and Per-Tunnel QoS](https://www.networkingwithfish.com/playing-in-the-lab-dmvpn-and-per-tunnel-qos/) 337 | * 3.2.b Identify use-cases for FlexVPN 338 | * 🗒️ [Cisco Docs - FlexVPN and Internet Key Exchange Version 2 Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/xe-16-12/sec-flex-vpn-xe-16-12-book.html) 339 | * 📺 [Cisco Live - FlexVPN](https://www.ciscolive.com/global/on-demand-library.html?search=Flexvpn#/) 340 | * 📺 [Cisco Live - Advanced IPSec designs with FlexVPN BRKSEC-3036](https://www.ciscolive.com/global/on-demand-library.html?search=flexvpn#/session/14479207933930017VDW) 341 | * 📺 [Cisco Live - Advanced IOS FlexVPN Lab LTRSEC-3004](https://www.ciscolive.com/global/on-demand-library.html?search=flexvpn#/session/LTRSEC-3004) 342 | * 📺 [Cisco Live - FlexVPN Remote-Access, IoT & Site- to-Site Advanced Crypto Design BRKSEC-3054](https://www.ciscolive.com/global/on-demand-library.html?search=flexvpn#/session/1564677379756001J63z) 343 | * 3.2.b i Site-to-site, Server, Client, Spoke-to-Spoke 344 | * 3.2.b ii IPsec/IKEv2 using pre-shared key 345 | * 3.2.b iii MPLS over FlexVPN 346 | * [FlexVPN and Internet Key Exchange Version 2 Configuration Guide, Cisco IOS Release 15M&T - Configuring MPLS over FlexVPN](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-mt/sec-flex-vpn-15-mt-book/sec-cfg-mpls-flex.html) 347 | * [Dynamic Multipoint VPN Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - Configuring MPLS over DMVPN](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/xe-16-12/sec-conn-dmvpn-xe-16-12-book/sec-conn-dmvpn-xe-configure.html) 348 | 349 | 350 | ## 4.0 Infrastructure Security and Services 351 | 352 | ### 4.1 Device Security on Cisco IOS XE 353 | 354 | * 4.1.a Control plane policing and protection 355 | * 🗒️ [Cisco Docs - QoS: Policing and Shaping Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/xe-16-12/qos-plcshp-xe-16-12-book/qos-plcshp-ctrl-pln-plc.html) 356 | * 4.1.b AAA 357 | * 🗒️ [Cisco Docs - Authentication Authorization and Accounting Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16-12/sec-usr-aaa-xe-16-12-book.html) 358 | * [Cisco Docs - Security Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - Configuring Control Plane Policing](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_control_plane_policing.html) 359 | 360 | ### 4.2 Network Security 361 | 362 | * 4.2.a Switch security features 363 | * [Cisco Live - Attacks on Network Infrastructure](https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKSEC-1032.pdf) 364 | * 4.2.a i VACL, PACL 365 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring Network Security with ACLs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swacl.html) 366 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: IPv4 ACLs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_ipv4_acls.html) 367 | * 4.2.a ii Storm control 368 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring Port-Based Traffic Control](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swtrafc.html) 369 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Port-Based Traffic Control](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_port_based_traffic_control.html) 370 | * 4.2.a iii DHCP Snooping, DHCP option 82 371 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring DHCP Features and IP Source Guard](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swdhcp82.html) 372 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring DHCP](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/configuring_dhcp.html) 373 | * [INE - Understanding DHCP Option 82](https://blog.ine.com/2009/07/22/understanding-dhcp-option-82) 374 | * 4.2.a iv IP Source 375 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring DHCP Features and IP Source Guard](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swdhcp82.html) 376 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring IP Source Guard](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_ip_source_guard.html) 377 | * 4.2.a v Dynamic ARP Inspection 378 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring Dynamic ARP Inspection](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swdynarp.html) 379 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Dynamic ARP Inspection](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_dynamic_arp_inspection.html) 380 | * 4.2.a vi Port Security 381 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring Port-Based Traffic Control](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swtrafc.html) 382 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Port Security](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/port_security.html) 383 | * 4.2.a vii Private VLAN 384 | * 🗒️ [Cisco Docs - C3750X - Chapter: Configuring Private VLANs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swpvlan.html) 385 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Private VLANs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/vlan/b_1612_vlan_9300_cg/configuring_private_vlans.html) 386 | * 4.2.b Router security features 387 | * 4.2.b i IPv6 Traffic Filters 388 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: IPv6 ACLs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_ipv6_acls.html) 389 | * 4.2.b ii IPv4 Access Control Lists 390 | * 🗒️ [Cisco Docs - Security Configuration Guide: Access Control Lists](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-16-10/sec-data-acl-xe-16-10-book.html) 391 | * 🗒️ [Cisco Docs - Chapter: Information about Network Security with ACLs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg/b_1524e_consolidated_3750x_3560x_cg_chapter_0101101.html) 392 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: IPv4 ACLs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_ipv4_acls.html) 393 | * 4.2.b iii Unicast Reverse Path Forwarding 394 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Unicast Reverse Path Forwarding](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/rtng/b_1612_rtng_9300_cg/configuring_unicast_reverse_path_forwarding.html) 395 | * 🗒️ [Cisco Docs - Security Configuration Guide: Unicast Reverse Path Forwarding, Cisco IOS XE Gibraltor 16.12.x](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_urpf/configuration/xe-16-12/sec-data-urpf-xe-16-12-book/cfg-unicast-rpf.html) 396 | * 4.2.c IPv6 infrastructure security features 397 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring IPv6 First Hop Security](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_ipv6_first_hop_security.html) 398 | * 🗒️ [Cisco Docs - C3750X - Configuring First Hop Security in IPv6](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg/b_1524e_consolidated_3750x_3560x_cg_chapter_0110011.html?bookSearch=true#d307081e4854a1635) 399 | * 4.2.c i RA Guard 400 | * 4.2.c ii DHCP Guard 401 | * 4.2.c iii Binding table 402 | * 4.2.c iv Device tracking 403 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring SISF-Based Device Tracking](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_sisf_based_device_tracking.html) 404 | * 4.2.c v ND Inspection/Snooping 405 | * 4.2.c vi Source Guard 406 | * 4.2.d IEEE 802.1X Port-Based Authentication 407 | * 🗒️ [Cisco Docs - 15M&T - Chapter: Configuring IEEE 802.1X Port-Based Authentication](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_8021x/configuration/15-mt/sec-user-8021x-15-mt-book/config-ieee-802x-pba.html) 408 | * 🗒️ [Cisco Docs - 3750X - Chapter: Configuring IEEE 802.1x Port-Based Authentication](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg/b_1524e_consolidated_3750x_3560x_cg_chapter_01010.html) 409 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring IEEE 802.1x Port-Based Authentication](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/configuring_ieee_802_1x_port_based_authentication.html) 410 | * 4.2.d i Device roles, port states 411 | * 4.2.d ii Authentication process 412 | * 4.2.d iii Host modes 413 | 414 | 415 | ### 4.3 System Management 416 | * 🗒️ [Cisco Docs - System Management Configuration Guide, Cisco IOS XE Gibraltar 16.12.x (Catalyst 9300 Switches)](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sys_mgmt/b_1612_sys_mgmt_9300_cg.html) 417 | * 4.3.a Device management 418 | * 4.3.a i Console and VTY 419 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Controlling Switch Access with Passwords and Privilege Levels](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sec/b_1612_sec_9300_cg/controlling_switch_access_with_passwords_and_privilege_levels.html) 420 | * 4.3.a ii SSH, SCP 421 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Secure Copy](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sys_mgmt/b_1612_sys_mgmt_9300_cg/secure_copy.html) 422 | * 4.3.a iii RESTCONF, NETCONF 423 | * 4.3.b SNMP 424 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Simple Network Management Protocol](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_simple_network_management_protocol.html) 425 | * 4.3.b i v2c 426 | * 4.3.b ii v3 427 | * 4.3.c Logging 428 | * 4.3.c i Local logging, syslog, debugs, conditional debugs 429 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring System Message Logs](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sys_mgmt/b_1612_sys_mgmt_9300_cg/configuring_system_message_logs.html)] 430 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Conditional Debug and Radioactive Tracing](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sys_mgmt/b_1612_sys_mgmt_9300_cg/conditional_debug_and_radioactive_tracing.html) 431 | * 4.3.c ii Timestamps 432 | 433 | ### 4.4 Quality of Service 434 | * 🗒️ [Cisco Docs - QoS Modular QoS Command-Line Interface Configuration Guide, Cisco IOS XE Gibraltar 16.12.x](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_mqc/configuration/xe-16-12/qos-mqc-xe-16-12-book.html) 435 | * 📺 [Cisco Live - QoS](https://www.ciscolive.com/global/on-demand-library.html?search=qos#/) 436 | * 4.4.a End to end L3 QoS using MQC 437 | * 4.4.a i DiffServ 438 | * 4.4.a ii CoS and DSCP Mapping 439 | * 4.4.a iii Classification 440 | * 4.4.a iv Network Based Application Recognition (NBAR) 441 | * 4.4.a v Marking using IP Precedence, DSCP, CoS 442 | * 4.4.a vi Policing, shaping 443 | * 4.4.a vii Congestion management and avoidance 444 | * 4.4.a viii HQoS, Sub-rate Ethernet Link 445 | 446 | ### 4.5 Network Services 447 | 448 | * 4.5.a First-Hop Redundancy Protocols 449 | * 🗒️ [Cisco Docs - First Hop Redundancy Protocols Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-16/fhp-xe-16-book.html) 450 | * 4.5.a i HSRP, GLBP, VRRP 451 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring HSRP](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/configuring___hsrp.html) 452 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring GLBP](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/configuring_glbp.html) 453 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: VRRPv3 Protocol Support](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/vrrpv3_protocol___support.html) 454 | * 4.5.a ii Redundancy using IPv6 RS/RA 455 | * 4.5.b Network Time Protocol 456 | * 🗒️ [Cisco Docs - Chapter: Network Time Protocol](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/xe-16/bsm-xe-16-book/bsm-time-calendar-set.html) 457 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Administering the Device](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/sys_mgmt/b_1612_sys_mgmt_9300_cg/administering_the_device.html) 458 | * [Ivan Pepelnjak - Secure Time Management (PDF)](https://learning.nil.com/assets/Tips-/Secure-Time-Management.pdf) 459 | * [Cisco Troubleshooting TechNotes - Troubleshoot Network Time Protocol (NTP)](https://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/108076-ntp-troubleshoot.html) 460 | * [Cisco Technology White Paper - Network Time Protocol: Best Practices White Paper](https://www.cisco.com/c/en/us/support/docs/availability/high-availability/19643-ntpm.html) 461 | * 4.5.b i Master, client 462 | * 4.5.b ii Authentication 463 | * 4.5.c DHCP on Cisco IOS 464 | * 🗒️ [Cisco Docs - IP Addressing: DHCP Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/xe-16-10/dhcp-xe-16-10-book.html) 465 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring DHCP](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/configuring_dhcp.html) 466 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: DHCP Gleaning](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/dhcp_gleaning.html) 467 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: DHCP Options Support](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/dhcp_options_support.html) 468 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: DHCPv6 Options Support](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/dhcpv6_options_support.html) 469 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: DHCPv6 Relay Source Configuration](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/dhcpv6_relay_source_configuration.html) 470 | * 4.5.c i Client, server, relay 471 | * 4.5.c ii Options 472 | * 4.5.c iii SLAAC/DHCPv6 interaction 473 | * 4.5.c iv Stateful, stateless DHCPv6 474 | * 4.5.c v DHCPv6 Prefix Delegation 475 | * 4.5.d IPv4 Network Address Translation 476 | * 🗒️ [Cisco Docs - IP Addressing: NAT Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16-10/nat-xe-16-10-book.html) 477 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Network Address Translation](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/configuring_network_address_translation.html) 478 | * 4.5.d i Static NAT, PAT 479 | * 4.5.d ii Dynamic NAT, PAT 480 | * 4.5.d iii Policy-based NAT, PAT 481 | * 4.5.d iv VRF aware NAT, PAT 482 | * 4.5.d v IOS-XE VRF-Aware Software Infrastructure (VASI) NAT 483 | * 🗒️ [Cisco Docs - Configure VRF-Aware Software Infrastructure (VASI) NAT on IOS-XE](https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/200255-Configure-VRF-Aware-Software-Infrastruct.html) 484 | * [Cisco Docs - Configuring the VRF-Aware Software Infrastructure](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-data-zbf-xe-book/conf-vasi.pdf) 485 | 486 | ### 4.6 Network optimization 487 | 488 | * 4.6.a IP SLA 489 | * 🗒️ [Cisco IOS-XE Docs - IP SLA](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/xe-16-10/sla-xe-16-10-book.html) 490 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Service Level Agreements](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_service_level_agreements.html) 491 | * 4.6.a i ICMP probes 492 | * 4.6.a ii UDP probes 493 | * 4.6.a iii TCP probes 494 | * 4.6.b Tracking object 495 | * 🗒️ [Cisco IOS-XE Docs - IP Application Services Configuration Guide Chapter: Configuring Enhanced Object Tracking](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/xe-16-10/iap-xe-16-10-book/iap-eot.html) 496 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Enhanced Object Tracking](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/ip/b_1612_ip_9300_cg/configuring_enhanced___object_tracking.html) 497 | * 4.6.c Flexible Netflow 498 | * 🗒️ [Cisco IOS-XE Docs Flexible NetFlow Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/xe-16-10/fnf-xe-16-10-book.html) 499 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Flexible NetFlow](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_flexible_netflow.html) 500 | 501 | ### 4.7 Network operations 502 | 503 | * 4.7.a Traffic capture 504 | * 4.7.a i SPAN 505 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring SPAN and RSPAN](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_span_and_rspan.html) 506 | * 4.7.a ii RSPAN 507 | * 🗒️ [Cisco IOS 15.2 Docs - Chapter: Configuring SPAN and RSPAN](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg/b_1524e_consolidated_3750x_3560x_cg_chapter_0101000.html?bookSearch=true) 508 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring SPAN and RSPAN](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_span_and_rspan.html) 509 | * 4.7.a iii ERSPAN 510 | * 🗒️ [Cisco IOS-XE Docs - Chapter: Configuring ERSPAN](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/lanswitch/configuration/xe-16-10/lanswitch-xe-16-10-book/lnsw-conf-erspan.html?bookSearch=true) 511 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring ERSPAN](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_erspan.html) 512 | * 4.7.a iv Embedded Packet Capture 513 | * 🗒️ [Cisco IOS-XE Docs - Chapter: Embedded Packet Capture Overview](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/epc/configuration/xe-16-10/epc-xe-16-10-book/nm-packet-capture-xe.html) 514 | * 🗒️ [Cisco Docs - Embedded Packet Capture for Cisco IOS and IOS-XE Configuration Example](https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-embedded-packet-capture/116045-productconfig-epc-00.html) 515 | * 🗒️ [Cisco Docs - C9300 16.12 - Chapter: Configuring Packet Capture](https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-12/configuration_guide/nmgmt/b_1612_nmgmt_9300_cg/configuring_packet_capture.html) 516 | * 4.7.b Cisco IOS-XE troubleshooting tools 517 | * 4.7.b i Packet Trace 518 | * 🗒️ [Cisco Docs - Troubleshooting Guide, Cisco IOS XE Release 3S (Cisco ASR 1000)](https://www.cisco.com/c/en/us/td/docs/routers/asr1000/troubleshooting/guide/Tblshooting-xe-3s-asr-1000-book.html) 519 | * 🗒️ [Cisco Docs - IOS-XE Datapath Packet Trace Feature](https://www.cisco.com/c/en/us/support/docs/content-networking/adaptive-session-redundancy-asr/117858-technote-asr-00.html) 520 | * [Cisco Live - LTRARC-3500](https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2018/pdf/LTRARC-3500.pdf) 521 | * 4.7.b ii Conditional debugger (debug platform condition) 522 | 523 | ## 5.0 Infrastructure Automation and Programmability 524 | 525 | * 📚 [Network Programmability and Automation](https://learning.oreilly.com/library/view/network-programmability-and/9781491931240/) 526 | * 📺 [Cisco DevNet - Learn network programmability basics](https://developer.cisco.com/video/net-prog-basics/) 527 | 528 | ### 5.1 Data encoding formats 529 | 530 | * 5.1.a JSON 531 | * 📝 [RFC 8259](https://tools.ietf.org/html/rfc8259) 532 | * 📝 [ISO/IEC 21778:2017 Information technology — The JSON data interchange syntax](https://www.iso.org/standard/71616.html) 533 | * 📝 [ECMA-404 The JSON Data Interchange Format (PDF)](https://www.ecma-international.org/publications/files/ECMA-ST-ARCH/ECMA-404%201st%20edition%20October%202013.pdf) 534 | * 5.1.b XML 535 | * 📝 [RFC 3470 / BCP 70 Guidelines for the Use of Extensible Markup Language (XML) within IETF Protocols](https://tools.ietf.org/html/rfc3470) 536 | * 📝 [W3C Extensible Markup Language (XML) 1.0 (Fifth Edition)](https://www.w3.org/TR/REC-xml/) 537 | 538 | 539 | ### 5.2 Automation and scripting 540 | 541 | * 5.2.a EEM applets 542 | * 🗒️ [Cisco IOS-XE Docs - Embedded Event Manager Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/configuration/xe-16-10/eem-xe-16-10-book.html) 543 | * 5.2.b Guest shell 544 | * 🗒️ [Cisco IOS-XE Docs - Programmability Configuration Guide, Cisco IOS XE Gibraltar 16.12.x Chapter: Guest Shell](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/1612/b_1612_programmability_cg/guest_shell.html) 545 | * 5.2.b i Linux environment 546 | * 5.2.b ii CLI Python module 547 | * 🗒️ [Cisco IOS-XE Docs - Programmability Configuration Guide, Cisco IOS XE Gibraltar 16.12.x Chatper: CLI Python Module](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/1612/b_1612_programmability_cg/cli_python_module.html) 548 | * 5.2.b iii EEM Python module 549 | * 🗒️ [Cisco IOS-XE Docs - Programmability Configuration Guide, Cisco IOS XE Gibraltar 16.12.x Chapter: EEM Python Module](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/1612/b_1612_programmability_cg/eem_python_module.html) 550 | 551 | ### 5.3 Programmability 552 | 553 | * [Python requests library](https://requests.readthedocs.io/en/master/) 554 | * [Postman](https://www.postman.com/) 555 | * 5.3.a Interaction with vManage API 556 | * 🗒️ [DevNet Learning Track - Cisco SD-WAN Programmability](https://developer.cisco.com/learning/tracks/sd-wan_programmability) 557 | * 📺 [Pluralsight - Automating Cisco SD-WAN Operations Using APIs](https://app.pluralsight.com/library/courses/automating-cisco-sd-wan-operations-using-apis/table-of-contents) 558 | * [vManage API Docs](https://developer.cisco.com/docs/sdwan/#!introduction) 559 | * 5.3.a i Python requests library and Postman 560 | * 5.3.a ii Monitoring endpoints 561 | * 5.3.a iii Configuration endpoints 562 | * 5.3.b Interaction with Cisco DNA Center API 563 | * 📺 [Pluralsight - Automating Cisco DNA Center Operations Using APIs](https://app.pluralsight.com/library/courses/automating-cisco-dna-center-operations-using-apis/) 564 | * 📺 [Pluralsight - Managing Cisco Products Using Advanced API-based Methods (Module 2)](https://app.pluralsight.com/library/courses/managing-cisco-products-advanced-api-methods/table-of-contents) 565 | * 🗒️ [DevNet Learning Track - Programming the Digital Network Architecture (Cisco DNA)](https://developer.cisco.com/learning/tracks/programming-dna) 566 | * 🗒️ [DevNet Learning Track - Cisco DNA Center Programmability](https://developer.cisco.com/learning/tracks/dnacenter-programmability) 567 | * 5.3.b i HTTP request (GET, PUT, POST) via Python requests library and Postman 568 | * 5.3.c Interaction with Cisco IOS XE API 569 | * 🗒️ [Cisco IOS XE REST API Management Reference Guide](https://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/restapi/restapi/RESTAPIintro.html) 570 | * 📺 [Pluralsight - Provisioning and Managing Networks Using Common Automation Tools](https://app.pluralsight.com/library/courses/provisioning-managing-networks-common-automation-tools/table-of-contents) 571 | * 🗒️ [DevNet Learning Track - IOS XE Programmability](https://developer.cisco.com/learning/tracks/iosxe-programmability) 572 | * 🗒️ [DevNet Learning Track - Network Programmability for Network Engineers](https://developer.cisco.com/learning/tracks/netprog-eng) 573 | * 5.3.c i Via NETCONF/YANG using Python ncclient library 574 | * 5.3.c ii Via RESTCONF/YANG using Python requests library and Postman 575 | * 5.3.d Deploy and verify model-driven telemetry 576 | * 🗒️ [Cisco Docs - Programmability Configuration Guide](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/1610/b_1610_programmability_cg/model_driven_telemetry.html) 577 | * 🗒️ [DevNet Docs - Streaming Telemetry](https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide) 578 | * 🗒️ [DevNet Learning Labs - Introduction to Telemetry on IOS XE](https://developer.cisco.com/learning/modules/iosxe_telemetry/intro_telemetry_on_xe/step/1) 579 | * 🗒️ [DevNet Learning Labs - Enabling Telemetry On IOS XE](https://developer.cisco.com/learning/modules/iosxe_telemetry/enabling_telemetry_on_iosxe/step/1) 580 | * [PluralSight - Deploying Network Configuration Management and Telemetry Solutions](https://app.pluralsight.com/library/courses/deploying-network-configuration-management-telemetry-solutions/table-of-contents) 581 | * 5.3.d i Configure on-change subscription using gRPC 582 | 583 | 584 | --------------------------------------------------------------------------------