Advanced Cisco SD-WAN Routing, Templates, Policy Configure, and Troubleshooting

Outline

Module 0: Introductions

• Module Introduction
  • Topic List
• Lesson 1: Introductions
  • General Administration
  • WebEx Basics
  • Introductions
  • Questions Asked by Companies about SD-WAN
  • What id SD-WAN?
  • SD-WAN Desired Benefits
  • How does Cisco define SD-WAN?
  • Pre-Requisites for the Advanced SD-WAN
• Module Summary

Module 1: Cisco SD-WAN Overview

• Module Introduction
  • Topic List
• Lesson 1: Cisco SD-WAN Overview
  • Dashboard
• SD-WAN Architecture
• Lesson 2: SD-WAN Platform Discussion
  • What’s in a Name?
  • SD-WAN WAN Edges
    • cEdges
    • vEdges
  • SD-WAN Controllers
    • vBond
    • vSmart
    • vManage
  • SD-WAN Fabric
• Module Summary

Module 2: SD-WAN Advanced Settings

• Module Introduction
  • Topic List
• Lesson 1: Design Considerations and Scaling
  • SD-WAN Smart Licensing
  • Advanced Controller Settings
  • Overlay and WAN Edge Recommended Settings
• Lesson 2: Site Design
  • System IP Design
  • Multitenant Design
• Lesson 3: Advanced Settings
• Lesson 4: Ether Channel Support (20.6)
• Lesson 5: Hot Standby Router Protocol (HSRP)
• Lesson 6: LTE Design and Deployment
• Module Summary

Module 3: SD-WAN High Availability

• Module Introduction
  • Topic List
• Lesson 1: Common WAN Topologies Design and Deployment Considerations
  • High Availability
  • Controller Scalability
• Lesson 2: Active vManage, Backup Inactive vManage, Clustering vManage
  • Resource Groups
  • RBAC Enhancements
• Lesson 3: SD-WAN Disaster Recovery
• Lesson 4: Troubleshooting Cluster Operation
• Module Summary

Module 4: SD-WAN Templates

• Module Introduction
  • Topic List
• Lesson 1: Template Overview
  • Future Templates
  • Device template using Future Templates
  • Device template using CLI Templates
  • Designing templates for Reusability
  • Attaching Devices to Templates
• Lesson 2: Using Python to Import / Export Templates
• Lesson 3: Parsing JSON with Python
• Lesson 4: Create / Delete / Import / Export of Templates
• Module Summary

Module 5: SD-WAN APP-QoE, SD-AVC and QoS Policies

• Module Introduction
  • Topic List
• Lesson 1: Application Quality of Experience (APPQoE)
  • SD-AVC
  • Application Aware Routing
• Lesson 2: Custom Application Identification
• Lesson 3: Bidirectional Forwarding Detection (BFD)
  • BFD Hello Timer and Multiplier
  • BFD Measurements
• Lesson 4: Cloud onRamp for SaaS for Office 365
• Lesson 5: Per Tunnel QOS
• Lesson 6: Adaptive QOS
• Lesson 7: SD-WAN 17.6/20.6 - Per VPN QOS
  • vManage Configuration Workflow
• Lesson 8: TCP Optimization
• Lesson 9: Service Nodes for AppQoE
  • Data Redundancy Elimination (DRE)
  • APPNAV Deployment
  • WAAS Integration
• Lesson 10: Forward Error Correction (FEC)
• Lesson 11: Packet Duplication
• Module Summary

Module 6: Bridging

• Module Introduction
  • Topic List
• Lesson 1: Transparent Bridging
• Lesson 2: Bridging Template Configuration
• Lesson 3: cEdge Bridging Template Configuration
• Lesson 4: vEdge Bridging Template Configuration
  • Monitoring Bridging
• Module Summary

Module 7: Routing Protocols

• Module Introduction
  • Topic List
• Lesson 1: SD-WAN Underlay Routing
  • Service-Side Routing vs Transport-Side Routing vs Overlay Routing
  • Traffic Routing Decision Tree
• Lesson 2: Static Routes
• Lesson 3: VRRP Enhancements
• Lesson 4: Dynamic Routing Protocols
  • OMP Routing
  • OMP Templates
  • OMP Policies
  • Border Gateway Protocol (BGP)
  • BGP Review
  • BGP Templates
  • BGP Policies, Local Route Policies
  • BGP Lists
  • BGP Local Route Policies
  • BGP Troubleshooting
  • OSPF
  • OSPF Review
  • SD-WAN OSPF
  • OSPF Templates
  • OSPF Local Policies
  • OSPF Monitoring
  • OSPF Troubleshooting
  • EIGRP
  • EIGRP Template Configuration
  • EIGRP Monitoring and Troubleshooting
• Lesson 5: Routing Information Protocols
• Lesson 6: SD-WAN On Demand Tunnels
• Lesson 7: Route Leaking
• Lesson 8: Hierarchical SD-WAN (Regions)
• Module Summary

Module 8: Multicast

• Module Introduction
  • Topic List
• Lesson 1: Complete Multicast Support on Cisco SD-WAN
• Lesson 2: vEdge Support
  • cEdge Multicast Support
  • Multicast RPs
  • Multicast Replicators
  • PIM IGMP
• Module Summary

Module 9: Direct Internet Access (DIA) Overview

• Module Introduction
  • Topic List
• Lesson 1: SD-WAN Direct Internet Access (DIA)
  • SD-WAN DIA Requirements
  • SD-WAN Direct Internet Access Use Cases
  • SD-WAN Direct Internet Access Design Components
  • SD-WAN Direct Internet Access Design Considerations
  • SD-WAN Direct Internet Access Failover Scenarios
• Lesson 2: Deploying DIA
• Lesson 3: Central Data Policy
• Lesson 4: NAT DIA Route
  • Cisco SD-WAN Direct Internet Access Monitoring
• Module Summary

Module 10: SD-WAN Voice Configuration

• Module Introduction
  • Topic List
• Lesson 1: Voice Integration in SD-WAN
  • T1, PRI
  • DSP Configuration
• Lesson 2: Voice Card Feature Templates
• Lesson 3: Call Routing Feature Templates
• Lesson 4: Survivable Remote Site Telephony (SRST)
• Lesson 5: Voice Policies
• Lesson 6: Create a Voice Port Policy
• Lesson 7: Voice Port Translation Profile
• Lesson 8: FXO Supervisory Disconnect
  • FXO, FXS, FXS DID
• Lesson 9: Cisco Unified Border Element (CUBE)
  • CUBE Functionality
  • IOS-XE UC Device Template
• Module Summary

Module 11: SD-WAN Security Policy

• Module Introduction
  • Topic List
• Lesson 1: SD-WAN Security
• Lesson 2: SD-WAN Base Security
• Lesson 3: SD-WAN Cloud Security
  • Umbrella for SD-WAN
  • Layer 7 Health Check
• Lesson 4: Zscaler Integration
• Lesson 5: SD-WAN Cloud Security Features
  • Web Layer Security
  • DNS Layer Security
  • Firewall
  • IPS (Snort)
  • Interactive Threat Intel
• Lesson 6: SD-WAN Integrated Security
  • TLS Decryption
• Lesson 7: 17.6/20.6 – Geo-Fencing
  • Geo-Fencing
• Lesson 8: SD-WAN Security Configuration
• Module Summary

Module 12: SD-WAN Local Policy

• Module Introduction
  • Topic List
• Lesson 1: Policy Configuration Overview
  • Policy Framework-Localized Policies
  • Local Control Policy
  • QOS Maps
  • Rewrite Policies
  • Policers
  • Device Access Policies
  • Access Control Lists
  • Local Control (Route) Policy
  • Localized Control Policy Configuration
• Lesson 2: Local Data Policies
  • Local Data Policy
  • Configure Localized Data Policy for IPv4
• Module Summary

Module 13: SD-WAN Central Policy

• Module Introduction
  • Topic List
• Lesson 1: Centralized Control Policies
  • Policy Creation and Management Guidelines
  • Hub & Spoke / Mesh / Custom
• Lesson 2: Centralized Data Policies
• Lesson 3: Application Aware Routing
  • QOS Policies
• Lesson 4: Service Chaining
• Lesson 5: Traffic Flow Monitoring with Cflowd
  • cFlowd Policy
• Lesson 6: Policy Construction
• Lesson 7: Platform Support and Scalability
• Module Summary

Module 14: SD-WAN Migration

• Module Introduction
  • Topic List
• Lesson 1: SD-WAN Conversation Tool
• Lesson 2: Cisco Sure Tool
• Lesson 3: Migration and Deployment Models
• Lesson 4: Typical Migrations
• Lesson 5: Data Center / Hub Migration
• Lesson 6: Branch / Spoke Site Migration
• Module Summary

LAB OUTLINE

Lab 1: Review & Troubleshoot Initials SDWAN Environment

• Review Environment
• Troubleshooting Initial Connectivity
• Troubleshooting Initial Control Connections

Lab 2: Create and Troubleshoot SDWAN Clusters

• Create a 3 Node SDWAN Cluster
• Monitor Cluster Troubleshoot Cluster

Lab 3: Template / Configurations Groups

• Advanced Techniques for Template Creation
• Variable Naming Conventions for Reusability
• Create Feature Template for reuse across all vEdge devices
• Export and Import Templates via API
• Troubleshoot Template Deployment

Lab 4: Deploy and Troubleshoot Hardware Routers with ztp 

• Troubleshoot and Deploy 4331 Router
• Troubleshoot and Deploy vEdge Router

Lab 5: Implement Routing Protocol 

• Configure Transparent Routing
• Configure BGP Template and Local Policy on the Transport VPN
• Configure OSPF Template and Local Policy on the Transport VPN
• Configure BGP Template and Local Policy on the Service Side (LAN) VPN
• Configure OSPF Template and Local Policy on the Service Side (LAN) VPN
• Configure EIGRP Template and Local Policy on the Service Side (LAN) VPN
• Configure Multicast on vEdge
• Configure Multicast on IOS-XE
• Monitor Routing
• Troubleshooting Routing Protocols

Lab 6: Advanced Firewall Policy Design

• Setup and deploy a realistic firewall Configuration on vEdge and IOS-XE
• Setup IPS/URL Filtering on IOS-XE Device
• Setup Web Layer Security
• Monitoring Security Policy
• Test and Troubleshoot a Firewall Policy

Lab 7: Designing and Implementing Local Policies and QoS Policies

• Design and Implement Lists to Support Local Policies
• Design Access List
• Advanced QoS Design on Interfaces / Sub Interfaces
• Creating Shapers and Policers
• Rewriting QoS for External MPLS Circuit
• Remarking for Cisco Enterprise QoS Model
• Setup Port Mirroring for traffic analysis

Lab 8: Create Advanced Central Policies

• Advanced List Design Techniques
• Advanced Site Design
• Design and Troubleshoot a Hub and Spoke Topology
• Design, Configure, and Troubleshoot a Full Mesh Topology
• Design, Configure, and Troubleshoot a Hub and Spoke Topology with a Full Mesh Core
• Design, Configure, and Troubleshoot Custom Control Policies with Traffic Engineering
• Design, Configure, and Troubleshoot a Service Chain with an ASA Firewall
• Design, Configure, and Troubleshoot a QoS Policy at the VPN Level
• Design, Configure, and Troubleshoot Extranet with a 3rd Party Provider
• Design, Configure, and Troubleshoot Application Aware Routing Policy

Lab 9: Monitoring the Environment

• Monitoring using vManage
• Monitoring using the CLI
• Monitoring using vAnalytics

Lab 10: Troubleshooting

• Troubleshooting Hardware Issues
• Troubleshooting Control Connections
• Troubleshooting Certificate Issues
• Troubleshooting Controllers
• Troubleshooting BFD Sessions
• Troubleshooting Templates
• Troubleshooting Local Policies
• Troubleshooting Central Policies