Cisco 300-415 Practice Test - Questions Answers, Page 38

* Configuration Analysis: The configurations provided in the images must be evaluated to determine which option correctly classifies the MPLS link based on the given criteria of loss, latency, and jitter.

* Preferred TLOC Configuration: The network engineer needs to configure the SD-WAN policy to prefer the MPLS transport for Telnet traffic, ensuring the link characteristics match the specified thresholds.

*

Reference:

*Cisco SD-WAN Policy Configuration Guide

*Cisco SD-WAN Transport and TLOC Configuration Guide

*

To configure Rome WAN Edge to prefer the MPLS cloud for reaching Paris WAN Edge, and use biz-internet as a backup, the policy must be set correctly to define the preference for each transport link.

1.Understanding TLOCs (Transport Locator): TLOCs represent the transport network paths (MPLS, Internet, etc.) available for SD-WAN. The preference values assigned to TLOCs determine their priority. A lower preference value indicates a higher priority.

1.Policy Configuration Analysis:

oOption A: This option correctly configures the TLOC list for the system IPs representing the MPLS and biz-internet links with the appropriate preferences (500 for MPLS and 400 for biz-internet).

oOther options either repeat the TLOC configuration incorrectly or reference wrong system IPs.

1.Policy Configuration:

policy

lists

tloc-list TLOC-1

tloc 10.1.1.102 color mpls encap ipsec preference 500

tloc 10.1.1.102 color biz-internet encap ipsec preference 400

1.Reference:

oCisco SD-WAN Policy Framework Guide

oCisco SD-WAN Transport Locator Configuration Documentation

In a Cisco SD-WAN network, multicast traffic management is handled differently compared to traditional IP multicast methods due to the nature of the overlay architecture.

1.Multicast Service Routes: In Cisco SD-WAN, multicast receivers use the vSmart controller to request multicast streams. This is done via multicast service routes which the vSmart controller manages. The vSmart controller is responsible for maintaining and distributing multicast routing information to all edge devices in the network.

1.Process:

oWhen a multicast receiver wants to join a multicast stream, it sends an IGMP join request.

oThe WAN Edge device forwards this request to the vSmart controller.

oThe vSmart controller then updates the multicast service routes to include the new receiver, ensuring that multicast traffic is appropriately forwarded to the joining receiver.

1.Reference:

oCisco SD-WAN Multicast Configuration Guide

oCisco SD-WAN vSmart Controller Documentation

To establish a strict hub-and-spoke topology in Cisco SD-WAN for a specific VPN, such as VPN2, a control policy must be configured. This control policy dictates how traffic flows between sites, ensuring that all branch traffic is routed through the hub site.

1.Control Policy Components:

oSite Lists: Define which sites are considered hubs and which are branches.

oVPN Lists: Identify the VPNs to which the policy applies.

oControl Policy: Use sequences to match routes and specify actions to accept or reject traffic based on the defined topology.

1.Policy Analysis:

oOption A: Correctly defines site lists for hub sites (site-id 1-2) and creates a control policy that matches routes for VPN2, accepting routes from hub sites and rejecting routes from others. This ensures that traffic from branches (other sites) is only accepted if it routes through the hubs.

oOther options either incorrectly define the site lists or do not properly match and set the routes to enforce the strict hub-and-spoke topology.

1.Policy Configuration:

policy

lists

vpn-list VPN2

vpn 2

site-list hub_sites

site-id 1-2

!

control-policy vpn_multi_topology

sequence 10

match route

site-list hub_sites

vpn-list VPN2

!

action accept

!

sequence 20

match route

vpn-list VPN2

!

action reject

!

default-action accept

1.Reference:

oCisco SD-WAN Control Policy Configuration Guide

oCisco SD-WAN Hub-and-Spoke Topology Deployment Guide

When dealing with overlapping IP addresses in different branch sites, it's crucial to use NAT (Network Address Translation) to avoid IP conflicts and establish proper communication.

1.NAT Configuration:

oSource NAT: This involves translating the source IP addresses of the packets as they leave a specific interface. This can help avoid IP conflicts by ensuring that the IP addresses used within the network are unique.

oData Policy: A data policy must be created that matches the source IP addresses and applies the NAT pool to translate these addresses.

1.Option A Analysis:

oPolicy Definition: The data policy Srvc_Plane_NAT includes a sequence that matches the source IP 10.0.0.1/32 and accepts the action to apply NAT using nat pool 1.

oInterface Configuration: The interface ge0/0/0 is configured with the IP address 192.168.1.1/32 and is not shut down, ensuring it is active and can handle the NAT translation.

1.Reference:

oCisco SD-WAN NAT Configuration Guide

Adding a new QoS queue to handle business-critical application traffic involves several specific steps in Cisco SD-WAN's vManage:

1.Configure QoS Class and Hardware Queue Relationship:

oNavigate to the 'lists' page within the Local Policy section of vManage.

oDefine the relationship between the new QoS class and the appropriate hardware queue. This step is crucial as it ensures that the new traffic class is mapped correctly to the underlying hardware resources, which are responsible for enforcing the QoS policies.

1.Applying the QoS Map:

oOnce the new QoS class and hardware queue relationship is configured, the updated QoS map must be applied to the relevant interfaces.

oSpecifically, the QoS map should be applied to the WAN interface. This ensures that the new QoS policies are enforced on the traffic as it traverses the WAN, which is typically where QoS management is most critical due to bandwidth constraints and variable network conditions.

1.Reference:

oCisco SD-WAN Quality of Service Configuration Guide

oCisco SD-WAN vManage Policy Configuration Documentation

*Cisco SD-WAN Monitoring and Troubleshooting Guide

*Cisco vManage Alarm Severity Levels Documentation

The Quick Connect workflow in Cisco SD-WAN simplifies the initial setup process by automating many configuration steps. However, certain configurations still need to be performed outside of this automated workflow to ensure a complete and operational SD-WAN overlay.

1.Management VPNs: Management VPNs, specifically VPN 512, are used for device management and are critical for the proper operation and management of the SD-WAN devices. These VPNs are typically configured outside of the Quick Connect workflow to ensure that all devices can be properly managed and monitored.

1.Service and Transport VPNs: While service and transport VPNs are also important, they are often included within the Quick Connect workflow, which sets up the necessary configurations to enable data transport across the SD-WAN fabric.

1.Reference:

oCisco SD-WAN Quick Connect Guide

oCisco SD-WAN Management and Monitoring Guide

In Cisco SD-WAN, application lists are used to identify and manage specific types of application traffic. Preconfigured application lists are provided by Cisco to simplify the management and configuration of common applications.

1.Preconfigured Application Lists: Among the preconfigured application lists provided by Cisco SD-WAN, Microsoft_Office365 is one of them. This list helps in easily identifying and managing traffic related to Microsoft Office 365 applications.

1.Usage: These preconfigured lists can be used in policies to ensure optimized routing and performance for critical applications like Microsoft Office 365, which are widely used in enterprise environments.

1.Reference:

oCisco SD-WAN Application-Aware Routing Configuration Guide

Cisco SD-WAN Policy Framework Documentation