Show Menu

CCIE Data Center Cheat Sheet by [deleted]

cciedc

VDC

system hap-re­set
vdc resource template otv-t­emp­late
limi­t-r­esource VRF min 8 max 16

vdc N7K1 id 1
no limit-­res­ource module­-type
allocate interface ethernet 3/1-8
ha-p­olicy single-sup reload
temp­late otv-t­emp­late
Verifi­cation:
sh vdc internal pss
sh int e3/1 capa­bil­ities >>>­>> It will show the port-g­roup.

VLAN

vlan dot1Q tag native
!
vlan 2
name VLAN2
Verifi­cation:
sh int switch­port

SVI (Switch Virtual Interface)

feature interf­ace­-vlan
!
inte­rface vlan 41
no shutdown
ip address 10.1.4­1.2­52/24

VRF

vrf context vpc-k­eep­alive
!
interface Vlan888
vrf member vpc-k­eep­alive
ip address 8.8.8.1/30

VPC

feature vpc
vpc domain 100
role priority 1
syst­em-­pri­ority 1
peer­-ke­epalive destin­ation 8.8.8.2 source 8.8.8.1 vrf vpc-k­eep­alive
dual­-active exclude interf­ace­-vlan 10
!
interface port-­cha­nne­l100
vpc peer-l­ink
Veri­fic­ati­on:
show vpc consis­ten­cy-­par­ameters global

VPC+

vpc domain 200
fabr­icpath switch­-id 200
!
interface port-­cha­nne­l100
swit­chport mode fabric­path
vpc peer-l­ink

Fabricpath

install featur­e-set fabric­path
feat­ure-set fabric­path
!
fabr­icpath switch­-id 300
!
fabr­icpath timers linkup­-de­lay 20
!
fabr­icpath domain default
root­-pr­ior­ity 255
maxi­mum­-pa­ths 2
!
vlan 34
mode fabric­path
!
interface Ether­net1/1
swit­chport mode fabric­path
fabr­icpath isis metric 50

VRRP

feature vrrp
!
interface Vlan31
no shutdown
ip address 10.1.31.2
vrrp 1
prio­rity 254
addr­ess 10.1.3­1.1
no shutdown

HSRP

feature hsrp
!
interface Vlan41
no shutdown
ip address 10.1.4­1.2­52/24
hsrp version 2
hsrp 1
ip 10.1.4­1.254
auth­ent­ication md5 key-­c­hain mychain
timers 1 3
pree­mpt
priority 255
!
key chain mychain
key 1
key­­‐st­ring CCIEDC
Verifi­cation:
sh hsrp brief
sh hsrp group 1*

HSRP Locali­sation

! VACL Filter:
ip access­-list ALL_IPs
10 permit ip any any
!
ip access­-list HSRP_IP
10 permit udp any 224.0.0.2/32 eq 1985
20 permit udp any 224.0.0.1­02/32 eq 1985
!
vlan access­-map HSRP_­Loc­ali­zation 10
match ip address HSRP_IP
action drop
vlan access­-map HSRP_­Loc­ali­zation 20
match ip address ALL_IPs
action forward
!
vlan filter HSRP_­Loc­ali­zation vlan-list 3001-3002
!
! OTV MAC route filter:
mac-­list OTV_H­SRP­_VM­AC_deny seq 10 deny 0000.0­c07.ac00 ffff.f­fff.ff00
mac-­list OTV_H­SRP­_VM­AC_deny seq 20 deny 0000.0­c9f.f000 ffff.f­fff.f000
mac-­list OTV_H­SRP­_VM­AC_deny seq 30 permit 0000.0­000.0000 0000.0­000.0000
!
rout­e-map OTV_H­SRP­_filter permit 10
match mac-list OTV_HS­RP_­VMA­C_deny
!
otv-isis default
vpn Overlay0
redist­ribute filter route-map OTV_HS­RP_­filter

Jumbo Frame

N7K:
system jumbomtu 9216
!
int e3/1
mtu 9216
!
N5K-1:
poli­cy-map type networ­k-qos jumbo
class type networ­k-qos class-­fcoe
pause no-drop
mtu 2158
!
class type networ­k-qos class-­def­ault
mtu 9216
!
system qos
serv­ice­-policy type networ­k-qos jumbo
 

Netflow

feature netflow
!
flow exporter nf_co­lle­ctor
dest­ina­tion 10.1.1.1 use-vrf manage­ment
source mgmt 0
version 9
!
flow monitor nf_mo­nit­or
record netflo­w-o­rig­inal
expo­rter nf_co­lle­ctor
!
interface Vlan1
ip flow monitor nf_mo­nitor input
Veri­fic­ati­on:
show run netflow
show flow exporter
show flow monitor
show flow interface

OSPF

feature ospf
!
router ospf 1
rout­er-id 1.1.1.1
!
interface Ether­net4/1
ip router ospf 1 area 0
ip ospf network point-­to-­point
Verifi­cation:
sh ip ospf neighbors summary
sh ip ospf neighb­ors

EIGRP

feature eigrp
feature bfd
!
rout­e-map SVI permit 10
match interf­ace vlan 40 vlan 50
!
router eigrp 1
bfd
auto­nom­ous­-sy­stem 1
rout­er-id 1.1.1.1
redi­str­ibute direct route-­map SVI
!
interface Ether­net4/1
ip router eigrp 1
no ip redire­cts
ip summar­y-a­ddress eigrp 1 10.1.4­0.0­/22

PIM

feature pim
!
ip pim rp-add­ress 20.0.0.1
!
interface Ether­net4/1
ip pim sparse­-mode
no shutdown
Veri­fic­ati­on:
show run pim
show pim neighbor

OTV

feature otv
!
otv site-v­lan 80
otv site-i­den­tif­ier 0x1
!
interface Overlay1
otv join-i­nte­rface Ether­net4/1
otv contro­l-g­roup 239.1.1.1
otv data-g­roup 232.1.1.0­/24
otv extend­-vlan 90
no shutdown
!
interface Ether­net4/1
ip igmp version 3
no shutdown
Veri­fic­ati­on:
show ip igmp interface brief
show otv
show otv vlan
show otv adjacency
show otv route

Enhanced VPC

feature fex
!
fex 101
diag boot level bypass
!
inter eth 1/1-2
chan­nel­-gr­oup 101
no shut
!
inter po101
swit­chp­ort
swit­chport mode fex
fex associ­ate 101
vpc 101
no shut

ACL

ip access­-list WAN
10 permit ip any 10.1.4­0.0­/24
20 permit tcp any 10.1.4­1.0­/24 eq 23
30 deny ip any 10.1.4­1.0­/24
40 permit ip any any
!
inter eth 4/1
ip access­-gr­oup WAN in

NTP

Default VDC:
clock protocol ntp vdc 3
!
VDC3:
ntp server 10.0.0.1 prefer
ntp source­-in­ter­face eth 4/1

Syslog

logging server 10.0.0.1
logging source­-in­ter­face lo0

MST

span­nin­g-tree mode mst
!
span­nin­g-tree mst config­ura­tion
name ccie
revi­sion 5
inst­ance 1 vlan 41,42
!
span­nin­g-tree mst 1 root primary

STP

! SPT root primary
span­nin­g-tree vlan 1-4094 root primary
Verifi­cation:
sh spanni­ng-tree root
sh spanni­ng-tree summary
 

FCoE - Storage VDC

Default VDC:
!
install featur­e-set fcoe
!
license fcoe module 3
!
system qos
serv­ice­-policy type networ­k-qos defaul­t-n­q-7­e-p­olicy
!
port­-ch­annel load-b­alance src-dst ip-l4port module 3
!
vdc Stora­ge_VDC id 2 type storage
allocate fcoe-v­lan­-ra­nge 100
!
Storage VDC:
feat­ure-set fcoe
feature npiv
feature lacp
feature lldp
!
vsan database
vsan 100
!
vlan 100
fcoe vsan 100
Veri­fic­ati­on:
show vlan fcoe
show policy-map system
show run ipqos

vfc

interface Ethernet 3/1
swit­cport
swit­chport mode trunk
swit­chport trunk allowed vlan 200
span­nin­g-tree port type edge trunk
!
interface vfc 4
bind interf­ace Ethernet 3/1
swit­chport mode F
swit­chport trunk allowed vsan 2
!
vlan 200
fcoe vsan 2
!
vsan database
vsan 2 inte­rface vfc 4
Veri­fic­ati­on:
show int bri fcoe
show int vfc 4 trunk vsan

vfc-po­rtc­hannel

feature lacp
!
interface port-­cha­nnel1
swit­chp­ort
swit­chport mode trunk
swit­chport trunk allowed vlan 100
no shutdown
!
interface Ether­net4/1
chan­nel­-gr­oup 1 force mode active
!
interface vfc-po1
swit­chport mode F
swit­chport trunk allowed vsan 100
no shutdown
!
vsan database
vsan 100 inte­rface vfc-po 1

F san-po­rtc­hannel

feature npiv
feature fport-­cha­nne­l-t­runk
!
interface port-­channel 100
channel mode active
swit­chport mode f
swit­chport mode trunk on
swit­chport trunk allowed vsan 100
swit­chport rate-mode shared
!
interface fc1/9-12
chan­nel­-gr­oup 100 force
no shutdown

E san-po­rtc­hannel

N5K:
feature fcoe
!
vsan database
vsan 200
vsan 200 load­bal­anc­ing src-d­st-id
! SID/DID
port­-ch­annel load-b­alance ethernet source­-de­st-ip
!
fcdomain domain 0x1 static vsan 200
fcdomain restart vsan 200
!
interface san-p­ort­-ch­annel 22
channel mode active
swit­chport mode E
swit­chport trunk mode on
swit­chport trunk allowed vsan add 200
swit­­chport rate-mode dedica­ted

FCIP with FCSP

feature fcip
feature fcsp
!
fcsp dhchap password CCIEDC
fcsp dhchap device­name Neigh­bor­Swi­tchWWN pass­word CCIEDC
!
int Gi1/1
ip address 10.3.1.1 255.25­5.2­55.252
swit­chport mtu 2300
no shutdown
!
fcip profile 1
ip address 10.3.1.1
!
vsan database
vsan 100
!
interface port-­channel 1
channel mode active
fcsp on
swit­chport mode e
swit­chport trunk allowed vsan add 100
!
interface fcip1
use-­pro­file 1
peer­-info ipaddr 10.3.1.2
chan­nel­-gr­oup 1 force
no shutdown
show wwn switch
show fcsp dhchap database
show fcsp interf­ace port-­channel 1
 

FCIP via Firewall

MDS-1:
feature fcip
int gi1/1
ip addr 10.3.1.1 255.25­5.2­55.252
swit­chport mtu 2300
no shut
!
fcip profile 10
ip add 10.3.1.1
port 3005
!
int fcip 10
use-­pro­file 10
peer­-info ipadd 10.3.1.2
pass­ive­-mode
swit­chport mode e
swit­chport trunk allowed vsan 100
no shut
!
MDS-2:
int gi1/1
ip add 10.3.1.2 255.25­5.2­55.252
swit­chport mtu 2300
no shut
!
fcip profile 10
ip add 10.3.1.2
!
int fcip 10
use-­pro­file 10
peer­-info ipadd 10.3.1.1 port­ ­3005
swit­chport mode e
swit­chport trunk allowed vsan 100
no shut
Verifi­cation:
show fcip profile
show fcip summary

NPV

feature fcoe
feature npv
!
slot 2
port 1-16 type fc
poweroff module 2
no poweroff module 2
!
npv auto-l­oad­-ba­lance disrup­tive

FC Zone

Creating zone:
zoneset name zs_vsa­n_100 vsan 100
zone name zone_v­san­_100
member pwwn 20:00­:00­:25­:b5­:00­:00:01
member pwwn 50:00­:00­:00­:00­:00­:00:01
!
zoneset activate name zs_vs­an_100 vsan 100
! No zone (useful for troubl­esh­ooting but not for produc­tion):
zone defaul­t-zone permit vsan 100
! Basic mode - manual full zone database distri­bution:
zoneset distribute vsan 100
! Enhanced mode - Automatic full zone database distri­bution:
zone mode enhanced
!
show zone status vsan 100

Shortcuts

sh cli history config­-mode unform­atted
cli alias name v2 switchto vdc N7K-2

FCoE Host

int eth1/20
swit­chp­ort
swit­chport mode trunk
swit­chport trunk allowed vlan 1,100
span­nin­g-tree port type edge trunk
no shut

int vfc 20
bind interf­ace eth1/20
swit­chport mode F
swit­chport trunk allowed vsan 100
no shut

N1KV - manual subgroup

port-p­rofile type ethernet system­-uplink
chan­nel­-group auto mode on sub-group manual
!
interface e3/1
sub-­gro­up-id 0
To find the interface number:
module vem 3 execute vemcmd show port

N1KV - iSCSI Multipath

port­-pr­ofile type vethernet iscsi
capa­bility iscsi-­mul­tip­ath
system vlan 30
!
port­-pr­ofile type ethernet syste­m-u­plink
system vlan 1,30,40*

N1KV - QoS

poli­cy-map type qos silver
class class-­def­ault
set cos 2
!
port­-pr­ofile type vethernet iscsi
serv­ice­-policy type qos input silver
!
system jumbomtu 9000
!
port­-pr­ofile type ethernet syste­m-u­plink
mtu 9000

N1KV - Setup

! Maximum number of ports in a non-uplink port-p­rofile
port­-pr­ofile default max-po­rts 8
! dv Port ID persists for the life of veth
port­-pr­ofile default port-b­inding static

N1KV - relative subgroup

! Subgroup ID should start from 0 and increase by 1 for each additional uplink
port­-pr­ofile type ethernet system­-up­link
chan­nel­-group auto mode on mac-pi­nning relative

Download the CCIE Data Center Cheat Sheet

7 Pages
//media.cheatography.com/storage/thumb/deleted-25163_ccie-data-center.750.jpg

PDF (recommended)

Alternative Downloads

Share This Cheat Sheet!

 

Comments

AbigailRevan AbigailRevan, 05:54 3 Jul 17

No more CCIE Data Center Cheat Sheet.If you are searching CCIE Data Center Lab Dumps or any other study material then visit:http://lab4ccie.livejournal.com/386.html.Here on this link you can find very helpful article for your preparation.

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.