CCNP Data Center Application Centric Infrastructure 300-620 DCACI Official Cert Guide
- By Ammar Ahmadi
- Published Feb 11, 2021 by Cisco Press. Part of the Official Cert Guide series.
Best Value Purchase
Book + eBook Bundle
- Your Price: $80.49
- List Price: $139.98
- About Premium Edition eBooks
Individual Purchases
Premium Edition eBook
- Your Price: $55.99
- List Price: $69.99
- About Premium Edition eBooks
Features
- Authoritative coverage of every Implementing Cisco Application Centric Infrastructure (DCACI 300-620) exam topic, with all the context and practical examples students need to succeed
- Logical, well-organized, and practical coverage of Cisco Nexus 9000 in ACI mode: configuration, integration, management, monitoring, networking, interconnections, programmability, orchestration, and more
- Includes realistic practice tests, plus extensive proven features to help students review more efficiently
- Ideal for candidates pursuing CCNP Data Center certification
- Copyright 2021
- Dimensions: 7-3/8" x 9-1/8"
- Pages: 550
- Edition: 1st
- Book
- ISBN-10: 0-13-660266-5
- ISBN-13: 978-0-13-660266-8
Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.
CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide presents you with an organized test-preparation routine using proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
* Master CCNP Data Center Application Centric Infrastructure DCACI 300-620 exam topics
* Assess your knowledge with chapter-opening quizzes
* Review key concepts with exam preparation tasks
* Practice with realistic exam questions in the practice test software
CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Leading Cisco data center technology expert Ammar Ahmadi shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.
This complete study package includes
* A test-preparation routine proven to help you pass the exams
* Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section
* Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
* The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
* A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
* Study plan suggestions and templates to help you organize and optimize your study time
* Video mentoring from the author’s Complete Video Course 
Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.
This official study guide helps you master all the topics on the CCNP Data Center Application Centric Infrastructure DCACI 300-620 exam. It tests your knowledge of Cisco switches in ACI mode, including
• ACI fabric infrastructure
• ACI packet forwarding
• External network connectivity
• Integrations
• ACI management
• ACI Anywhere
Companion Website:
The companion website contains two full practice exams, an interactive Flash Cards application, video mentoring from the author’s Complete Video Course, and much more. 
Includes Exclusive Offers for Up to 80% Off Video Training, Practice Tests, and more
Pearson Test Prep online system requirements:
Browsers: Chrome version 40 and above; Firefox version 35 and above; Safari version 7; Internet Explorer 10, 11; Microsoft Edge; Opera.
Devices: Desktop and laptop computers, tablets running on Android and iOS, smartphones with a minimum screen size of 4.7". Internet access required.
Pearson Test Prep offline system requirements:
Windows 10, Windows 8.1, Windows 7; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases
Also available from Cisco Press for CCNP Data Center DCACI study is the CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Test.
This integrated learning package:
* Allows you to focus on individual topic areas or take complete, timed exams
* Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
* Provides unique sets of exam-realistic practice questions
* Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most
CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide, Premium Edition eBook and Practice Test 
Save 50% - Limited Time, Introductory Offer
The exciting new CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide, Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:
 The CCNP Data Center Application Centric Infrastructure DCACI 300-620 Premium Edition Practice Test, including four full practice exams and enhanced practice test features
 PDF and EPUB formats of the CCNP Data Center Application Centric Infrastructure 300-620 DCACI Official Cert Guide from Cisco Press, which are accessible via your PC, tablet, and smartphone
About the Premium Edition Practice Test
This Premium Edition contains an enhanced version of the Pearson IT Certification Practice Test (PCPT) software with four full practice exams. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package
* Allows you to focus on individual topic areas or take complete, timed exams
* Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
* Provides unique sets of exam-realistic practice questions
* Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most
Pearson IT Certification Practice Test minimum system requirements:
Windows 10, Windows 8.1, Windows 7, or Vista (SP2), Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases
About the Premium Edition eBook
CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide focuses specifically on the objectives for the CCNP DCACI exam. Leading Cisco data center technology expert Ammar Ahmadi shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
CCNP Data Center Application Centric Infrastructure DCACI 300-620 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. Do I Know This Already quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.
This official study guide helps you master all the topics on the CCNP Data Center Application Centric Infrastructure DCACI 300-620 exam. It tests your knowledge of Cisco switches in ACI mode, including
 ACI fabric infrastructure
 ACI packet forwarding
 External network connectivity
 Integrations
 ACI management
 ACI Anywhere
Online Sample Chapter
Understanding ACI Hardware and Topologies
Sample Pages
Download the sample pages (includes Chapter 2)
Table of Contents
Introduction xxv
Part I Introduction to Deployment
Chapter 1 The Big Picture: Why ACI? 2
“Do I Know This Already?” Quiz 2
Foundation Topics 4
Understanding the Shortcomings of Traditional Networks 4
 Network Management 4
 Scalability and Growth 5
 Network Agility 8
 Security 8
 Network Visibility 9
Recognizing the Benefits of Cisco ACI 9
 Network Management Touchpoints 9
 Traffic Flow Optimizations 10
 Scalability Optimizations 10
 Programmability 11
 Stateless Network 11
 Multitenancy 11
 Zero-Trust Security 14
 Cross-Platform Integrations 15
 New Architectural Possibilities 15
 Integrated Health Monitoring and Enhanced Visibility 16
 Policy Reuse 16
Exam Preparation Tasks 16
Review All Key Topics 16
Complete Tables and Lists from Memory 17
Define Key Terms 17
Chapter 2 Understanding ACI Hardware and Topologies 18
“Do I Know This Already?” Quiz 18
Foundation Topics 21
ACI Topologies and Components 21
 Clos Topology 21
 Standard ACI Topology 22
 ACI Stretched Fabric Topology 24
 ACI Multi-Pod Topology 25
 ACI Multi-Site Topology 26
 ACI Multi-Tier Architecture 28
 Remote Leaf Topology 30
APIC Clusters 32
 APIC Cluster Scalability and Sizing 33
Spine Hardware 36
 First-Generation Spine Switches 37
 Second-Generation Spine Switches 37
Leaf Hardware 38
 First-Generation Leaf Switches 38
 Second-Generation Leaf Switches 39
Exam Preparation Tasks 41
Review All Key Topics 41
Complete Tables and Lists from Memory 41
Define Key Terms 41
Chapter 3 Initializing an ACI Fabric 42
“Do I Know This Already?” Quiz 42
Foundation Topics 44
Understanding ACI Fabric Initialization 44
 Planning Fabric Initialization 45
 Understanding Cabling Requirements 45
 Connecting APICs to the Fabric 46
 Initial Configuration of APICs 47
 APIC OOB Configuration Requirements 47
 Out-of-Band Versus In-Band Management 48
 Configuration Information for Fabric Initialization 48
 Switch Discovery Process 49
 Fabric Discovery Stages 51
 Switch Discovery States 51
Initializing an ACI Fabric 52
 Changing the APIC BIOS Password 52
 Configuring the APIC Cisco IMC 52
 Initializing the First APIC 53
 Discovering and Activating Switches 55
 Understanding Graceful Insertion and Removal (GIR) 58
 Initializing Subsequent APICs 59
 Understanding Connectivity Following Switch Initialization 59
Basic Post-Initialization Tasks 63
 Assigning Static Out-of-Band Addresses to Switches and APICs 63
 Applying a Default Contract to Out-of-Band Subnet 64
 Upgrading an ACI Fabric 66
 Understanding Schedulers 73
 Enabling Automatic Upgrades of New Switches 74
 Understanding Backups and Restores in ACI 75
 Making On-Demand Backups in ACI 76
 Making Scheduled Backups in ACI 79
 Taking Configuration Snapshots in ACI 80
 Importing Configuration Backups from Remote Servers 80
 Executing Configuration Rollbacks 82
 Pod Policy Basics 83
 Configuring Network Time Protocol (NTP) Synchronization 84
 Configuring DNS Servers for Lookups 90
 Verifying COOP Group Configurations 92
Exam Preparation Tasks 93
Review All Key Topics 93
Complete Tables and Lists from Memory 94
Define Key Terms 94
Chapter 4 Exploring ACI 96
“Do I Know This Already?” Quiz 96
Foundation Topics 98
ACI Access Methods 98
 GUI 99
 CLI 100
 APIC CLI 100
 Switch CLI 102
 API 103
 Management Access Modifications 103
Understanding the ACI Object Model 105
 Learning ACI Through the Graphical User Interface 107
 Exploring the Object Hierarchy by Using Visore 108
 Why Understand Object Hierarchy Basics for DCACI? 110
 Policy in Context 110
Integrated Health Monitoring and Enhanced Visibility 110
 Understanding Faults 111
 The Life of a Fault 113
 Acknowledging Faults 115
 Faults in the Object Model 116
 Monitoring Policies in ACI 118
 Customizing Fault Management Policies 120
 Squelching Faults and Changing Fault Severity 121
 Understanding Health Scores 124
 Understanding Events 126
 Squelching Events 127
 Understanding Audit Logs 127
Exam Preparation Tasks 128
Review All Key Topics 128
Complete Tables and Lists from Memory 129
Define Key Terms 129
Part II ACI Fundamentals
Chapter 5 Tenant Building Blocks 130
“Do I Know This Already?” Quiz 130
Foundation Topics 132
Understanding the Basic Objects in Tenants 132
 Tenants 133
 Predefined Tenants in ACI 134
 VRF Instances 135
 Bridge Domains (BDs) 137
 Endpoint Groups (EPGs) 137
 Application Profiles 138
 The Pain of Designing Around Subnet Boundaries 139
 BDs and EPGs in Practice 141
 Configuring Bridge Domains, Application Profiles, and EPGs 142
 Classifying Endpoints into EPGs 146
 APIC CLI Configuration of Tenant Objects 147
Contract Security Enforcement Basics 148
 Contracts, Subjects, and Filters 148
 Contract Direction 149
 Contract Scope 150
 Zero-Trust Using EPGs and Contracts 151
Objects Enabling Connectivity Outside the Fabric 151
 External EPGs 151
 Layer 3 Outside (L3Out) 153
Tenant Hierarchy Review 153
Exam Preparation Tasks 154
Review All Key Topics 154
Complete Tables and Lists from Memory 154
Define Key Terms 154
Chapter 6 Access Policies 156
“Do I Know This Already?” Quiz 156
Foundation Topics 158
Pools, Domains, and AAEPs 158
 VLAN Pools 159
 Domains 160
 Common Designs for VLAN Pools and Domains 161
 Challenges with Overlap Between VLAN Pools 164
 Attachable Access Entity Profiles (AAEPs) 165
Policies and Policy Groups 169
 Interface Policies and Interface Policy Groups 169
 Planning Deployment of Interface Policies 173
 Switch Policies and Switch Policy Groups 174
Profiles and Selectors 176
 Configuring Switch Profiles and Interface Profiles 179
 Stateless Networking in ACI 182
Bringing It All Together 183
 Access Policies Hierarchy in Review 183
 Access Policies and Tenancy in Review 184
Exam Preparation Tasks 184
Review All Key Topics 184
Complete Tables and Lists from Memory 185
Define Key Terms 185
Chapter 7 Implementing Access Policies 186
“Do I Know This Already?” Quiz 186
Foundation Topics 188
Configuring ACI Switch Ports 188
 Configuring Individual Ports 188
 Configuring Port Channels 196
 Configuring Virtual Port Channel (vPC) Domains 201
 Configuring Virtual Port Channels 204
 Configuring Ports Using AAEP EPGs 208
 Implications of Initial Access Policy Design on Capabilities 210
Configuring Access Policies Using Quick Start Wizards 211
 The Configure Interface, PC, and VPC Wizard 211
 The Configure Interface Wizard 211
Additional Access Policy Configurations 212
 Configuring Fabric Extenders 212
 Configuring Dynamic Breakout Ports 215
 Configuring Global QoS Class Settings 217
 Configuring DHCP Relay 219
 Configuring MCP 221
 Configuring Storm Control 223
 Configuring CoPP 225
 Modifying BPDU Guard and BPDU Filter Settings 230
 Modifying the Error Disabled Recovery Policy 231
 Configuring Leaf Interface Overrides 232
 Configuring Port Channel Member Overrides 232
Exam Preparation Tasks 235
Review All Key Topics 235
Complete Tables and Lists from Memory 236
Define Key Terms 236
Chapter 8 Implementing Tenant Policies 238
“Do I Know This Already?” Quiz 238
Foundation Topics 241
ACI Endpoint Learning 241
 Lookup Tables in ACI 241
 Local Endpoints and Remote Endpoints 242
 Understanding Local Endpoint Learning 243
 Unicast Routing and Its Impact on Endpoint Learning 243
 Understanding Remote Endpoint Learning 244
 Understanding the Use of VLAN IDs and VNIDs in ACI 245
 Endpoint Movements Within an ACI Fabric 247
 Understanding Hardware Proxy and Spine Proxy 247
 Endpoint Learning Considerations for Silent Hosts 248
 Where Data Plane IP Learning Breaks Down 249
 Endpoint Learning on L3Outs 249
 Limiting IP Learning to a Subnet 249
 Understanding Enforce Subnet Check 250
 Disabling Data Plane Endpoint Learning on a Bridge Domain 250
 Disabling IP Data Plane Learning at the VRF Level 251
Packet Forwarding in ACI 251
 Forwarding Scenario 1: Both Endpoints Attach to the Same Leaf 251
 Understanding Pervasive Gateways 252
 Forwarding Scenario 2: Known Destination Behind Another Leaf 254
 Verifying the Traffic Path Between Known Endpoints 254
 Understanding Learning and Forwarding for vPCs 256
 Forwarding Scenario 3: Spine Proxy to Unknown Destination 258
 Forwarding Scenario 4: Flooding to Unknown Destination 261
 Understanding ARP Flooding 262
Deploying a Multi-Tier Application 263
 Configuring Application Profiles, BDs, and EPGs 264
 Assigning Domains to EPGs 267
 Policy Deployment Following BD and EPG Setup 267
 Mapping EPGs to Ports Using Static Bindings 267
 Verifying EPG-to-Port Assignments 269
 Policy Deployment Following EPG-to-Port Assignment 270
 Mapping an EPG to All Ports on a Leaf 270
 Enabling DHCP Relay for a Bridge Domain 271
Whitelisting Intra-VRF Communications via Contracts 272
 Planning Contract Enforcement 272
 Configuring Filters for Bidirectional Application 273
 Configuring Subjects for Bidirectional Application of Filters 275
 Understanding Apply Both Directions and Reverse Filter Ports 277
 Verifying Subject Allocation to a Contract 278
 Assigning Contracts to EPGs 278
 Understanding the TCP Established Session Rule 279
 Creating Filters for Unidirectional Application 280
 Configuring Subjects for Unidirectional Application of Filters 280
 Additional Whitelisting Examples 282
 Verifying Contract Enforcement 283
 Understanding the Stateful Checkbox in Filter Entries 284
 Contract Scopes in Review 284
Exam Preparation Tasks 285
Review All Key Topics 285
Complete Tables and Lists from Memory 287
Define Key Terms 287
Part III External Connectivity
Chapter 9 L3Outs 288
“Do I Know This Already?” Quiz 288
Foundation Topics 291
L3Out Fundamentals 291
 Stub Network and Transit Routing 291
 Types of L3Outs 292
 Key Functions of an L3Out 293
 The Anatomy of an L3Out 293
 Planning Deployment of L3Out Node and Interface Profiles 295
 Understanding L3Out Interface Types 296
 Understanding L3Out Bridge Domains 296
 Understanding SVI Encap Scope 298
 Understanding SVI Auto State 299
 Understanding Prerequisites for Deployment of L3Outs 301
 L3 Domain Implementation Examples 301
 Understanding the Need for BGP Route Reflection 303
 Implementing BGP Route Reflectors 304
 Understanding Infra MP-BGP Route Distribution 305
Deploying L3Outs 307
 Configuring an L3Out for EIGRP Peering 307
 Deploying External EPGs 310
 Verifying Forwarding Out an L3Out 312
 Advertising Subnets Assigned to Bridge Domains via an L3Out 314
 Enabling Communications over L3Outs Using Contracts 316
 Deploying a Blacklist EPG with Logging 318
 Advertising Host Routes Out an ACI Fabric 321
 Implementing BFD on an EIGRP L3Out 321
 Configuring Authentication for EIGRP 324
 EIGRP Customizations Applied at the VRF Level 324
 Configuring an L3Out for OSPF Peering 325
 A Route Advertisement Problem for OSPF and EIGRP L3Outs 328
 Implementing BFD on an OSPF L3Out 328
 OSPF Customizations Applied at the VRF Level 329
 Adding Static Routes on an L3Out 329
 Implementing IP SLA Tracking for Static Routes 330
 Configuring an L3Out for BGP Peering 334
 Implementing BGP Customizations at the Node Level 337
 Implementing Per-Neighbor BGP Customizations 339
 Implementing BFD on a BGP L3Out 341
 Implementing BGP Customizations at the VRF Level 342
 Implementing OSPF for IP Reachability on a BGP L3Out 343
 Implementing Hot Standby Router Protocol (HSRP) 344
 IPv6 and OSPFv3 Support 344
Implementing Route Control 344
 Route Profile Basics 344
 Modifying Route Attributes to All Peers Behind an L3Out 346
 Modifying Route Attributes to a Specific Peer Behind an L3Out 349
 Assigning Different Policies to Routes at the L3Out Level 351
 Configuring Inbound Route Filtering in ACI 352
Exam Preparation Tasks 353
Review All Key Topics 353
Complete Tables and Lists from Memory 356
Define Key Terms 356
Chapter 10 Extending Layer 2 Outside ACI 358
“Do I Know This Already?” Quiz 358
Foundation Topics 361
Understanding Network Migrations into ACI 361
 Understanding Network-Centric Deployments 361
 Understanding Full-Mesh Network-Centric Contracts 362
 Understanding Any EPG 364
 Understanding Preferred Group Members 365
 Disabling Contract Enforcement at the VRF Instance Level 367
 Flooding Requirements for L2 Extension to Outside Switches 368
 Understanding GARP-Based Detection 370
 Understanding Legacy Mode 371
 Endpoint Learning Considerations for Layer 2 Extension 371
 Preparing for Network-Centric Migrations 372
Implementing Layer 2 Connectivity to Non-ACI Switches 372
 Understanding EPG Extensions 372
 Understanding Bridge Domain Extensions 374
 Comparing EPG Extensions and BD Extensions 374
 Implementing EPG Extensions 375
 Implementing L2Outs 380
 Migrating Overlapping VLANs into ACI 385
Understanding ACI Interaction with Spanning Tree Protocol 386
 Remediating Against Excessive Spanning Tree Protocol TCNs 386
 Configuring MST Instance Mappings in ACI 387
 Understanding Spanning Tree Protocol Link Types 388
 Using MCP to Detect Layer 2 Loops 388
Exam Preparation Tasks 389
Review All Key Topics 389
Complete Tables and Lists from Memory 390
Define Key Terms 390
Part IV Integrations
Chapter 11 Integrating ACI into vSphere Using VDS 392
“Do I Know This Already?” Quiz 392
Foundation Topics 394
Understanding Networking in VMware vSphere 394
 Understanding vSphere Standard Switches 395
 Understanding vSphere Distributed Switches 397
 Understanding vSphere System Traffic 397
 Impact of vCenter Failure on Production Traffic 399
 Understanding Port Bindings in vSphere 400
 Understanding Teaming and Failover Policies 400
Understanding VMM Integration 403
 Planning vCenter VMM Integrations 403
 What Happens After VDS Deployment? 405
 Understanding Immediacy Settings 405
 Connecting ESXi Servers to the Fabric 407
 Configuring Connectivity to ESXi in UCS Domains 407
Integrating ACI into vSphere Using VDS 407
 Prerequisites for VMM Integration with vSphere VDS 408
 Configuring a VMM Domain Profile 408
 Adding ESXi Hosts to a VDS 411
 Pushing EPGs to vCenter as Distributed Port Groups 415
 Assigning VMs to Distributed Port Groups 417
 Less Common VMM Domain Association Settings 418
 Enhanced LACP Policy Support 419
Exam Preparation Tasks 422
Review All Key Topics 422
Complete Tables and Lists from Memory 423
Define Key Terms 423
Chapter 12 Implementing Service Graphs 424
“Do I Know This Already?” Quiz 424
Foundation Topics 426
Service Graph Fundamentals 426
 Service Graphs as Concatenation of Functions 427
 Service Graph Management Models 428
 Understanding Network Policy Mode 428
 Understanding Service Policy Mode 430
 Understanding Service Manager Mode 432
 When to Use Service Graphs 434
 Choosing an L4–L7 Services Integration Method 435
 Understanding Deployment Modes and the Number of BDs Required 435
 Deploying Service Graphs for Devices in GoTo Mode 436
 Deploying Service Graphs for Devices in GoThrough Mode 437
 Deploying Service Graphs for One-Arm Load Balancers 437
 Understanding Route Peering 438
 Understanding Dynamic Endpoint Attach 439
 Understanding Bridge Domain Settings for Service Graphs 439
 Understanding Service Graph Rendering 440
Service Graph Implementation Workflow 441
 Importing Device Packages 441
 Identifying L4–L7 Devices to the Fabric 443
 Creating Custom Function Profiles 444
 Configuring a Service Graph Template 445
 Configuring Device Selection Policies 446
 Applying a Service Graph Template 446
 Configuring Additional Service Graph Parameters 447
 Monitoring Service Graphs and Devices 447
Service Graph Implementation Examples 447
 Deploying an Unmanaged Firewall Pair in a Service Graph 447
 Deploying Service Graphs for a Firewall in Managed Mode 453
Exam Preparation Tasks 460
Review All Key Topics 460
Complete Tables and Lists from Memory 461
Define Key Terms 461
Part V Management and Monitoring
Chapter 13 Implementing Management 462
“Do I Know This Already?” Quiz 462
Foundation Topics 464
Configuring Management in ACI 464
 Understanding Out-of-Band Management Connectivity 464
 Understanding In-Band Management Connectivity 465
 Deploying In-Band and OOB Management Side by Side 467
 Configuring In-Band Management 467
 Configuring Access Policies for APIC In-Band Interfaces 468
 Configuring the In-Band Management Bridge Domain 469
 Configuring In-Band Management IP Addressing 470
 Optionally Extending the In-Band Network Out of the Fabric 474
 Optionally Setting Up Additional Connectivity 476
 Whitelisting Desired Connectivity to and from an In-Band EPG 476
 Evaluating APIC Connectivity Preferences 478
 Out-of-Band Management Contracts in Review 479
Exam Preparation Tasks 481
Review All Key Topics 481
Memory Tables 481
Define Key Terms 481
Chapter 14 Monitoring ACI Using Syslog and SNMP 482
“Do I Know This Already?” Quiz 482
Foundation Topics 485
Understanding System Messages 485
Forwarding System Messages to Syslog Servers 487
 Apply Necessary Contracts to Allow Syslog Forwarding 487
 Configuring Syslog Monitoring Destination Groups 492
 Configuring Syslog Sources for Desired Monitoring Policies 494
 Verify Syslog Forwarding to Desired Syslog Servers 498
Using SNMP in ACI 500
 ACI Support for SNMP 501
 ACI SNMP Configuration Caveats 502
Configuring ACI for SNMP 502
 Apply Necessary Contracts for SNMP 503
 Associate an SNMP Policy with a Pod Policy 504
 Associate SNMP Contexts with Desired VRF Instances 506
 Configure SNMP Monitoring Destination Groups 507
 Configure SNMP Sources for All Desired Monitoring Policies 508
 Verify SNMP Forwarding to Desired SNMP Servers 509
Exam Preparation Tasks 511
Review All Key Topics 511
Complete Tables and Lists from Memory 512
Define Key Terms 512
Chapter 15 Implementing AAA and RBAC 514
“Do I Know This Already?” Quiz 514
Foundation Topics 516
Implementing Role-Based Access Control (RBAC) 516
 Understanding Security Domains 517
 Understanding Privileges and Roles 519
 Creating Local Users and Assigning Access 521
 Tweaking Roles and User Access 525
 Custom RBAC Rules 528
 A Common RBAC Pitfall 531
Integrating with External AAA Servers 532
 Configuring ACI for TACACS+ 532
 Configuring ISE to Authenticate and Authorize Users for ACI 536
 Expected Cisco AV Pair Formatting for ACI 538
 Configuring ACI for RADIUS 540
 Configuring ACI for LDAP 541
 AAA Authentication Policy Settings 547
 Regaining Access to the Fabric via Fallback Domain 550
Exam Preparation Tasks 550
Review All Key Topics 550
Complete Tables and Lists from Memory 551
Define Key Terms 551
Part VI Operations
Chapter 16 ACI Anywhere 552
“Do I Know This Already?” Quiz 552
Foundation Topics 555
ACI Multi-Site Fundamentals 555
 Interconnecting ACI Fabrics with ACI Multi-Site 555
 New ACI Multi-Site Constructs and Configuration Concepts 557
 Locally Governed Versus MSO-Governed Configurations 557
 Schemas and Templates in Practice 557
Building Primary and Disaster Recovery
 Data Centers with ACI 558
 Centralized Orchestration and Management of Multiple Fabrics 559
 Tweaking Broadcast and Stretch Settings on a Per-BD Basis 560
 Cross-Data Center Ingress Routing Optimizations 561
 Simultaneous or Independent Policy Deployment to Sites 561
Building Active/Active Data Centers with ACI 562
 VMM Integrations Applicable to Multiple Data Centers 563
 Stateful-Services Integration in ACI Multi-Pod and Multi-Site 563
Extending ACI to Remote Locations and Public Clouds 564
 Extending ACI into Public Clouds with ACI Multi-Site 564
 Extending ACI into Bare-Metal Clouds with vPod 564
 Integrating Remote Sites into ACI Using Remote Leaf Switches 564
Exam Preparation Tasks 565
Review All Key Topics 565
Memory Tables 565
Define Key Terms 565
Part VII Final Preparation
Chapter 17 Final Preparation 566
Getting Ready 566
Tools for Final Preparation 567
 Pearson Cert Practice Test Engine and Questions on the Website 567
 Accessing the Pearson Test Prep Software Online 567
 Accessing the Pearson Test Prep Software Offline 568
 Customizing Your Exams 568
 Updating Your Exams 569
 Premium Edition 569
Suggested Plan for Final Review/Study 570
Summary 570
Appendix A Answers to the “Do I Know This Already?” Questions 572
Appendix B CCNP Data Center Application Centric Infrastructure DCACI 300-620 Exam Updates 586
Glossary 589
Online Elements
Appendix C Memory Tables
Appendix D Memory Tables Answer Key
Appendix E Study Planner
Glossary
9780136602668 TOC 12/15/2020
- Request an Instructor or Media review copy.
- Corporate, Academic, and Employee Purchases
- International Buying Options
Other Things You Might Like
- CCNP and CCIE Data Center Core DCCOR 350-601 Official Cert Guide Premium Edition and Practice Test, 2nd Edition
- Premium Edition eBook $71.99