Implementing Data Center Solutions v.23.41 (IDCS)

 Welcome to this Week's Class



Be sure you have downloaded the course learner guide as per the instructions you received in an email from HPE last week.  Check your email history, spam folder, etc... for the keyword "OnSecure" if you cannot find the email.  You only have 10 days to print this learner guide (PDF or paper), and one year of access to the online document.
    • in this spreadsheet you will find the links for:
      • Lab Guide
      • Lab Guide errata
      • extra study Lab Guide (Lab 19)

Lab Notes

Tips on how to google our site for documentation

    • googling for Aruba AOS-CX related topics
      • site:arubanetworks.com -inurl:pdf inurl:AOS-CX inurl:10\.13 "evpn"

    • googling for Aruba Central related topics
      • site:arubanetworks.com inurl:latest "evpn"

    • search option notes:
      • site:x only searched that domain
      • -inurl:x don't report links with this text in the URL
      • inurl:x only report on links with text
        • (ideal for finding specific version documentation)

Helpful Links

    • about HPEAN training and this course

    • where to find more information
    • where to find online documentation

    • AOS-CX specific links

    Day 1 - Lecture Modules & Labs 

    M00: Course Introduction

    M01: Introduction to data center networks

      Lab 01: Testing lab connectivity

          • 1.1: HPE Aruba Networking Training Lab access
            • do not try to login unless you are 100 percent sure the login page is fully loaded
              • the tab favicon will look similar to an orange triangle
          • 1.2: HPE Aruba Networking Training Lab environment
          • 1.3: Testing device access 

      M02: Data Center Network Products and Technologies

      Lab 2: Design Activity

          • 2.0: Propose a data center topology, switch models, and software required to meet customer expectations

      M03: Data center network design

      Lab 3: Design Activity

          • 3.0: Propose a data center topology, switch models, and software required to meet customer expectations

      M04: Switch staging and provisioning

            Lab 4: Switch provisioning

                • 4.1: Manual switch provisioning
                • 4.2: Preparing for switch ZTP
                • 4.3: Switch provisioning with ZTP and DHCP
                • 4.4: ZTP troubleshooting
                • 4.5: Verify switch hardware status and software version
                • 4.6: Create a configuration checkpoint

            Day 2 - Lecture Modules & Labs 

            M05: Switch staging and provisioning

            Lab 5: Collapsed Core

                • 5.1: Enabling switch ports 
                • 5.2: Interface Configuration

            M06: HPE Aruba Networking Virtual Switching eXtension

            Lab 6: VSX

                • 6.1: Configuring VSX LAG
                • 6.2: VSX base configuration
                • 6.3: Configuring VSX keepalive
                • 6.4: Configuring VSX active gateway and config sync
                • 6.5: Configuring VSX linkup-delay

            M07: Implementing loop prevention and LAG

            Lab 7: Configuring link aggregation groups and loop prevention

                • 7.1: Configuring link aggregation groups
                • 7.2: Configuring MSTP
                • 7.3: Optimizing MSTP and LAG
                • 7.4: Configuring loop protection

            M08Virtual Routing and Forwarding

            Lab 8: Collapsed core topology routing

                • 8.1: Test routing environment and redundancy
                • 8.2: VRF
                • 8.3: Inter-Virtual Router Forwarding (IVRF)
                • 8.4: Multicast routing and forwarding (Optional lab)

            Day 3 - Lecture Modules & Labs

            M09: Spine-Leaf Data Center

              Lab 9: Spine and leaf

                  • 10.1: Prepare the environment
                  • 10.2: Static VXLAN tunnel configuration 

              M11Ethernet VPN

                Lab 11: EVPN

                    • 11.1: Configuring BGP
                    • 11.2: EVPN configuration
                    • 11.3: Centralized routing 

                M12: Ethernet VPN additional features

                  • error in slide 12 notes
                    • says:
                      • you cannot configure the same active gateway virtual IP and physical IP for an EVPN environment
                    • issue: you can without issue  
                    • should say
                      • From10.09.0010 onwards, in an EVPN environment with unicast IPv4 traffic, the same VLAN interface IP and Active Gateway virtual IP can be configured on all distributed L3 gateways
                    • references: 

                Lab 12: EVPN optimization

                Lab 13: Introduction to HPEAN Fabric Composer

                      • 13.01: Revert switches to Lab4-task6 checkpoint
                      • 13.02: HPE Aruba Networking Fabric Composer initial access
                      • 13.03: Customize HPE Aruba Networking Fabric Composer dashboard and appearance theme
                      • 13.04: User management
                      • 13.05: Logs
                      • 13.06: Backup
                    • Data center network setup with AFC
                      • 13.07: Switch discovery
                      • 13.08: Creating fabrics
                      • 13.09: Disable switch ports
                      • 13.10: Configure VSX
                      • 13.11: Link Aggregation Group Configuration
                      • 13.12: leaf-spine configuration
                      • 13.13: Underlay configuration
                      • 13.14: Overlay configuration
                      • 13.15: EVPN configuration

                M14: HPEAN Fabric Composer integrations

                Lab 14: HPEAN Fabric Composer Integrations

                      • 14.1: Creating VRFs and SVIs
                      • 14.2: Configuring ports and VLANs
                      • 14.3: HPE Aruba Networking Fabric Composer and VMware vSphere integration
                      • 14.4: HPE Aruba Networking Fabric Composer and Pensando PSM integration

                  M15Securing data center with the CX 10000 switch 

                  Lab 15: Managing security with Fabric Composer

                      • 15.1: Macro-segmentation
                      • 15.2: Prepare for micro-segmentation
                      • 15.3: Micro-segmentation

                  Lab 16: Configuring converged enhanced Ethernet

                      • 16.1: Prepare the environment
                      • 16.2: Enabling DCBx
                      • 16.3: Priority-based Flow Control (PFC) and APP TLV
                      • 16.4: Enhanced Transmission Selection (ETS)

                  Day 5 - Lecture Modules & Labs

                  M17: HPE Aruba Network Analytics Engine

                  Lab 17: HPEAN Network Analytics Engine (NAE)

                      • 17.1: Test the environment
                      • 17.2: Upload a new script and create an agent
                      • 17.3: NAE troubleshooting 

                  M18REST API

                  Lab 18: REST API

                        • 18.1: Enable access to REST API on the AOS-CX switch
                        • 18.2: REST reference interface

                    M19: HPE Aruba Network Central

                    Appendix

                    Acronyms or Key terms

                      • vSS: virtual standard switch
                        • software emulating an L2 network device
                        • used on a single ESXi host
                        • used to connect VMs to:
                          • virtual networks
                          • each other
                          • physical networks, and external hosts
                        • uses the vmNICs (uplink adapters) associated with the ESXi host to connect the virtual network to the physical network
                      • vDS:virtual distributes switch 
                        • an vSS that can be assigned to one ore more ESXi
                        • can only be configured from vSphere
                      • N-vDS:
                        • a vDS that supports NSX Geneve and non tunneled port groups at the same time
                      • dvPortGroups
                        • specifies port configuration options for each member port on the distributed switch, such as:
                          • VLAN ID
                          • security policy
                          • traffic shaping, and so on
                        • has one or more uplinks, which are templates that map physical NICs of hosts to the distributed switch and define failover and load balancing policies
                      • vNIC
                        • a logical adapter belonging to Virtual Machine Guest Operating System
                      • vmNIC
                        • a real physical interface on an ESXi host that is physically connected to the access-layer switch
                      • vmknic 
                        • virtual network interface that is used by the VMKernel
                      • VMKernel
                        • vNICs that provide connectivity to ESXi and handle the system traffic such as vMotion, IP storage, Fault Tolerance
                      • L2 VNI
                        • an EVPN VXLAN Layer 2 overlay network allows host devices in the same subnet to send bridged or Layer 2 traffic to each other
                        • the network forwards the bridged traffic using a Layer 2 virtual network instance (VNI)
                          • interface vxlan 1
                          •    vni 10010
                          •       vlan 10
                      • L3 VNI
                        • configured per Tenant (VRF) to enable symmetrical IRB
                        • all VTEPs in the same VRF have an identical L3-VNI that is used for inter-vlan routing
                          • interface vxlan 1
                          •    vni 100001
                          •       routing
                          •       vrf VRF1

                      • EVPN type-2:
                        • advertises MAC addresses or MAC and IP addresses of clients connected to VNIs of a VTEP to all BGP routers within the same EVPN fabric (configured in the EVPN context)
                      • EVPN type-3: (aka IMET route)
                        • advertises which VNIs are configured on each VTEP, and the IP address of these VTEPs to all BGP routers within the same EVPN fabric (configured in the EVPN context)
                      • EVPN type-5:
                        • advertise IP prefixes and layer 3 VNIs of the subnets to other VTEPs that share the same global-scope route-target (configured in the VRF context)
                      • Unicast underlay:
                        • The primary purpose of the underlay in the VXLAN EVPN fabric is to advertise the reachability of Virtual Tunnel End Points (VTEPs) and BGP peering addresses.
                        • The primary criterion for choosing an underlay protocol is fast convergence in the event of node failures.

                    Lab Access Errata

                      • when experiencing any problems with remote lab access (WebGate):
                        • be sure your browser is in private (incognito) mode
                        • restart your browser and clear your cache and cookies
                        • do not try to login unless you are 100 percent sure the login page is fully loaded (the tab favicon will look similar to an orange triangle)
                        • during login to Central, did you select the SSO option?
                        • if you need to restart your windows host
                          • in cmd.com type "shutdown /r /t 0"

                    Comments

                    Popular posts from this blog

                    Designing HPE Aruba Data Center Solutions v.23.311

                    Arubanetworks Webgate - Copy and Paste instructions