QUESTION SETLAB 1 Real Labs V1 www.cciedatacenterlabs.com 1 www.cciedatacenterlabs.com Final Release 03-JUNE-2014 This Page is Intentionally Left Blank ` www.cciedatacenterlabs.com www.cciedatacenterlabs.com 2 www.cciedatacenterlabs.com Final Release 03-JUNE-2014 Figure 1 : Logical Topology www.cciedatacenterlabs.com www.cciedatacenterlabs.com 3 www.cciedatacenterlabs.cciedatacenterlabs.com www.com 4 .cciedatacenterlabs.com Final Release 03-JUNE-2014 Figure 1 : Topology with Actual Port Numberings www. 1.1.com 5 .1.cciedatacenterlabs.1.com Final Release 03-JUNE-2014 Figure 2 : N1K/UCS Reference Section Devic UCS-Cluster-IP DC1-FI-0A DC1-FI-B DC1-MDS-1 DC1-N7K-3 DC1-N7K-4 DC1-N1K(VSM) IP 10.1.1.1.1.61 10.52 10.1.1.cciedatacenterlabs. zone_ucs_vsan200 VLAN ID 30 40 50 Name/Purpose iscsi esx-mgmt dmz VLAN ID cont’d 70 100 200 www.1.1.1.53/24 Management GW Fabric-A Password Cisco Cisco Cisco Cisco Cisco Cisco Cisco Value SJ-1(Rack05) BRU(Rack10) SJ2(Rack06) 50:00:40:20:02:14:6a:45 50:00:40:20:14:6b:46 50:00:40:20:02:F4:69:54 SJ-1 (Rack05) BRU (Rack09) SJ2(Rack06) 50:00:40:21:02:14:6a:45 50:00:40:21:14:6b:46 50:00:40:20:02:F4:69:54 FC SAN Boot LUN ID 01 San Boot Policy san-boot-dual Fabric A zone_ucs_vsan100 Zone Name Fabric B Zone Name zone_ucs_vsan200 Zone Sets names zs_vsan100.212 UCS UUID-Suffix WWPN(Fabric A) WWPN(Fabric B) WWNN MACs Management IPs(KVM) Username Admin Admin Admin Admin Admin Admin Admin Pool Name ccie-dc-uuid ccie-dc-wwpn-a ccie-dc-wwpn-b ccie-dc-wwnn ccie-dc-mac 10.1.51 10.1.1.cciedatacenterlabs.254 Storage Object FC Target WWPN Fabric-B FC Target WWPN Qty 10 4 4 4 32 7 Starting Value 1111-0000000000000001 20:00:00:25:B5:10:10:01 20:00:00:25:B5:10:10:0A 20:00:00:25:B5:11:10:01 00:25:B5:00:00:01 10.1.com Name/Purpose vm-data FCoE VLAN for VSAN FCoE VLAN for VSAN www.50 10.1.24 10.25 10. zs_vsan200 Zone names zone_ucs_vsan100.www. 1.22 Mgmt IP:10. Ethernet 4/17-24 Ethernet 3/25-32.1 Device name Use the following credentials when connecting to these devices: DC1-N7K-1 DC1-N7K-3 DC1-N7K-4 Password:cisco Password:cisco Password:cisco Mgmt IP:10.1. www.www.1.1.cciedatacenterlabs.cciedatacenterlabs.com www. Device Name DC1-N7K-1 DC1-N7K-3 DC1-N7K-4 Id 1 3 4 Ports Ethernet 3/1-8. Ethernet 4/1-16 Ethernet 3/17-24.com 6 .com Final Release 03-JUNE-2014 SECTION I: Data Center Infra-NXOS points 38 1. there is one Nexus 7000 switch.1.1.24 Mgmt IP:10. Ethernet 4/25-32 Type Ethernet Ethernet Ethernet Table 1.2 Logical device credentials Assign interfaces to VDCs based on the interface allocation table. where DC1-N7k-3 and DC1-N7K-4 are non-default VDC The device id.1 Data Center 1 – Core Switch Information In Data Centre 1(DC1). port assignment and device name are specified in the table below.25 Table 1.cciedatacenterlabs. DC1-N7K-1 is the default VDC. cciedatacenterlabs. configure L3 interfaces between Nexus 7000 and the core switch.com 10.5/30 www.4.cciedatacenterlabs.com 7 . no configuration is necessary from you part DC1-N7K-3 DC1-N7K-4 Ethernet 4/23 Ethernet 4/31 www.2 Implement Vlans N7K1 vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan N7K3 N7K4 80 90 30 40 50 70 80 90 30 40 50 70 name name name name name name name name name name name name DCI-SITE DCI-DATA iSCSI ESX-MGMT DMZ VM-DATA DCI-SITE DCI-DATA iSCSI ESX-MGMT DMZ VM-DATA 1.1/30 10.www.1.3 Important NXOS L3 Functionality In Data Center 1(DC1).cciedatacenterlabs. The core switch is pre-configured for you.com Final Release 03-JUNE-2014 1.4.1. Prune VLAN 50.com Final Release 03-JUNE-2014 1.cciedatacenterlabs.www.cciedatacenterlabs.4/19 Ethernet4/26. also configure this port-channel as a trunk port with jumbo MTU. 80 and 90 from PO 100.4 Implement NXOS L2 Functionality In Data Center 1 (DC1). Configure trunk port on DC1-N7K-3 e3/18 and DC1-N7K-4 e3/26.cciedatacenterlabs. The link to the DMZ will not be up until UCS port config is completed Address assignment are specified as follows Device Name DC1-N7K-3 DC1-N7K-4 Port channel 100 100 www. configure L2 LACP port-channel between DC1-N7K-3 & DC1-N7K-4. Allow only VLAN 50 and make sure the ports immediately transit to forwarding state.4/27 www.com Member ports Ethernet4/18.com 8 . 1.126 10.255.1.3 10. Enable bridge assurance on the trunk port between DC1-N7K-3 and DC1-N7K-4 1.40.1.126 10.255.com Virtual IP 10.4 10.30.253 Network mask 225.255.40.124 10.7 Implement NXOS High-availability Feature In data center 1(DC1) enable HSRP between DC1-N7K-3 and DC1-N7K-4.125 10.40.30.1.6 Implement Spanning-tree Protocol In data center 1(DC1) configure DC1-N7K-3 as the root for all VLAN without changing the VLAN priority.40.1. Address assignment are specified as follows Device Name DC1-N7K-3 DC1-N7K-3 DC1-N7K-3 DC1-N7K-4 DC1-N7K-4 DC1-N7K-4 Interface Loopback 0 Vlan 30 Vlan 40 Loopback 0 Vlan 30 Vlan 40 IP address 10.255.128 255.5 SVI and Loopback In data center 1(DC1).254 10.255 255.1.30.1.com 9 . ensuring it becomes HSRP active router immediately after configuration is completed address assignment are specified as follows Device name DC1-N7K-3 DC1-N7K-3 DC1-N7K-4 DC1-N7K-4 Interface Vlan Vlan Vlan Vlan HSRP group 0 0 0 0 30 40 30 40 www.com Final Release 03-JUNE-2014 1.255.255.www.252 10.255.1. Configure DC1-N7K-3.1.255 255.0.255.cciedatacenterlabs.255.30.255.255.cciedatacenterlabs.254 www.255.1.0.0 225.cciedatacenterlabs.128 255.0 1. configure SVI and loopback interfaces. cciedatacenterlabs.cciedatacenterlabs. Core WAN router is preconfigured for you. Use the loopbook 0 address as router ID.www. Advertise the following SVI into OSPF. Advertise the following SVI into OSPF.cciedatacenterlabs. Use the loopback to address as router ID.com 10 . Configure interface Ethernet 4/23 in area 1. Make sure switch doesn’t participate in DR/BDR election on WAN LINK. no configuration or troubleshooting is required on your part. • • • • • Configure OSPF with process id 1. MTU size 9100. • • • • • Configure OSPF with process id 1. Make sure switch doesn’t participate in DR/BDR election on WAN LINK. MTU size 9100. • Vlan 30 • Vlan 40 Perform the following tasks on DC1-N7K-4.com www.com Final Release 03-JUNE-2014 1. Perform the following tasks on DC1-N7K-3. Configure interface Ethernet 4/31 in area 1. • Vlan 30 • Vlan 40 www.8 Implement NXOS L3 Routing Protocols In data center 1(DC1) setup OSPF connectivity to the WAN. 40. 70 only Jumbo frame You are free to assign a domain number of your choice between DC1-N7K-3 and DC1. Device name DC1-N7K-3 DC1-N7K-3 DC1-N7K-4 DC1-N7K-4 Interface E4/21 E4/22 E4/29 E4/30 www.cciedatacenterlabs. • • • • LACP Trunk port Allow VLAN 30. Remember DC1-N7K-3 and DC1-N7K-4 are logical devices with a same physical device that share the same management interface. have DC1-N7K-3 and DC1-N7K-4 configure port-channel to DC1-FI-A and DC1-FI-B (as shown in diagram).com Port channel 10 20 10 20 www.cciedatacenterlabs. Make sure DC1-N7K-3 is both operational and role primary. not the host side.cciedatacenterlabs.com Final Release 03-JUNE-2014 1. with absolute certainty.N7K-4. Configure downstream port-channel as specified below. You are not allowed to add new connections between them. Downstream port channel must meet the following requirement.9 Southbound Port-channel connection to UCS FI In Data center 1 (DC1). Use existing L2 and L3 connection between DC1-N7K-3 and DC1-N7K-4. Make sure LACP primary is on the switch side.com 11 .www. 90 31.cciedatacenterlabs. Ethernet 4/1-16 Ethernet 3/17-24.com 12 .com www. Do not create unnecessary VLAN on the device.13 Switch VLAN Assignments www. Device Name DC2-N7K-1 DC2-N7K-3 DC2-N7K-4 Id 1 3 4 Ports Ethernet 3/1-8. Ethernet 4/25-32 Type Ethernet Ethernet Ethernet 1. there is one Nexus 7000 switch. DC2-N7K-4.90 31.41 TABLE 1.cciedatacenterlabs.80. Ethernet 4/17-24 Ethernet 3/25-32. Vlan ID 31 41 80 90 Name FP-DATA1 FP-DATA2 DCI-SITE DCI-DATA Vlan Mode FP FP CE CE TABLE 1.12 VLAN NAMES Device name DC2-N7K-1 DC2-N7K-3 DC2-N7K-4 DC2-N5K-1 DC2-N5K-2 Vlan 80.41.13.41 31. port assignment and device name are specified in the table below. DC2-N7K-3 • Configure Fabricpath (FP) VLANs on DC2-N7K-3.11 Data center 2 . DC2-N7K-1 is the default VDC.com Final Release 03-JUNE-2014 1. VLAN information are specified in the table below.41 31. DC2-N5K-1 and DC2-N5K-2 • Configure VLAN as specified in the table 1. where DC2-N7k-3 and DC2-N7K-4 are non-default VDC The device id.Configure CE and FP VLANS • Configure Classical Ethernet (CE) VLANs on DC2-N7K-1.10 Data Center 2 – Core Switch Information In Data Centre 2(DC2).cciedatacenterlabs.www. 9 10.1.4.13 www.cciedatacenterlabs.255.252 255.cciedatacenterlabs.1.255.255.4.com Final Release 03-JUNE-2014 1.255.12 Implement NXOS L3 functionality In Data Center 2 (DC2) configure L3 interfaces between Nexus 7000 and the core switch Device name DC2-N7K-3 DC2-N7K-4 Interface Ethernet4/23 Ethernet4/31 IP address 10.cciedatacenterlabs.com Network mask 255.www.252 www.com 13 . www.31. Ensure DC2-7K-3 is root for tree 1.13 Implement NXOS L2 Functionality In DC2.2.41. where DC2-7K-3 and DC2-7k-4 will be the spine switches. DC2-5K-1 and DC2-5K-2 will be the leaf switches.cciedatacenterlabs. L2 multipathing topology and port assignment are displayed in the diagram below.1.14 SVI and Loopback In Dc2 configure SVIs and loopback interfaces.125 10.4 10.com www.124 10.15 L2 multipathing assignment 1.41. Device Switch id 7k3 30 7k4 40 5k1 300 5k2 400 Table 1.com 14 .3 10.1.16 SVIs and loopback interface assignment www.com Final Release 03-JUNE-2014 1.1.cciedatacenterlabs.2.1.0. enable L2 multipathing.21.0.252 10. address assignment are specified as follows Device name 7k3 7k4 Interface Loopback 0 Vlan31 Vlan41 Loopback 0 Vlan31 Vlan41 Ip address 10.cciedatacenterlabs. and DC2-7K-4 is root for tree 2.253 Network mask 32 25 24 32 25 24 Table 1. 31.1.254 Table 1.com Final Release 03-JUNE-2014 1. no configuration or troubleshooting is required on your part.cciedatacenterlabs.15 Implement NXOS High-availability Features In Dc2.31.41. enable VRRP between 7k3 and 7k4.cciedatacenterlabs. MTU size 9100 • Make sure switch do not participate in DR/BDR election on WAN link • Advertize the following SVIs into OSPF • Vlan 31 • Vlan 41 Performing the following tasks on DC2-N7K-4: • Configure OSPF with process id 1 • Use the loopback0 address as router-id • Configure int e4/31 in area 2.cciedatacenterlabs.1. configure 7k3 ensure it becomes VRRP master router immediately after configuration is completed Device name 7k3 7k4 Interface Vlan 31 Vlan 41 Vlan 31 Vlan 41 Vrrp Group 2 2 2 2 Virtual IP 10.17 VRRP Assignment 1.126 10. MTU size 9100 • Make sure switch do not participate in DR/BDR election on WAN link • Advertize the following SVIs into OSPF: • Vlan 31 • Vlan 41 www.16 Implement NXOS L3 Routing Protocols In DC2 setup OSPF connectivity to the WAN.1.126 10.www.com www.254 10.41.com 15 . core WAN router is preconfigured for you.1. Performing the following tasks on DC2-N7K-3 • Configure OSPF with process id 1 • Use the loopback0 address as router-id • Configure int e4/23 in area 2. cciedatacenterlabs.www.com 16 .com www.cciedatacenterlabs.cciedatacenterlabs.17 Southbound port-channel (PO) from N5K to FEX Given the following diagram configure the sub section below www.com Final Release 03-JUNE-2014 1. cciedatacenterlabs. Use port-channel 2000 to complete this task Downstream port-channel must to meet the following requirement • • • Trunk port that transition to forwarding immediately Remote host does not support LACP Allow vlan 31 and 41 only www. You are free to assign a switch identifier of your choice between DC2-N5K-1 and DC2-N5K-2 to accomplish the task. you are not allowed to add any L3 connections.17.1 Establish A/A PO From N5k To Fabric Extender In Dc2. build downstream port-channel from Fex to Srv4.com 17 .17. make sure both members in the PO are active. configure active/active connections from DC2-N5K-1 and DC2-N5K-2 to the FEX.www. use Fex 103 and 104 as stated in the diagram above.2 Downstream A/A PO From Fex To UCS Server In DC2.cciedatacenterlabs.com www. Make sure DC2-N5K-1 is both operational and role primary. Port-channel numbering can be found in the diagram above. 1.cciedatacenterlabs. You are free to assign a domain number of your choice between DC2-N5K-1 and DC2-N5K-2 to accomplish the task. You are allowed to configure L2 port channel trunk between DC2-N5K-1 and DC2-N5K-2 as stated in the diagram above.com Final Release 03-JUNE-2014 1. You are allowed to use DC1-N7K-1 and DC2-N7K-1 to assist you in this task. Only vlan 90 is required to be extended between DC1 and DC2 and vlan 80 will stay local to the DC. You will not need to create additional vlan for this task You are allowed to use multicast address range of your choice to achieve the task The rp address is 20. but not MPLS capable.18 Data Center Interconnect (DCI) You are now required to perform Data center interconnect between DC1 and DC2.www.com www.com 18 .0.com Final Release 03-JUNE-2014 1. you are free to configure a site identifier of your choice.cciedatacenterlabs.cciedatacenterlabs. www.0. the WAN core is multicast enable.1 pim sparse-mode is running in the WAN core To property identify site DC1 and site DC2.cciedatacenterlabs. 22 30 7k3 e4/24 10.cciedatacenterlabs.4.18 30 DC1-N7K-3 e4/24 10.1.21 30 Configure L2 trunk between DC2-N7K-1 and DC2-N7K-3 only allow vlan 80 and 90 Configure loopback interface on DC2-N7K-1 www.cciedatacenterlabs.1.4.4.4.1.1.www.cciedatacenterlabs.0. configure VPC tasks as specified in the question In DC2 perform the following tasks: Configure L3 link between DC2-N7K-1 and DC2-N7K-3 Device Name Interface IP Address Network Mask 7k1 e4/5 10.1.com www. only allow vlan 80 and 90 Configure loopback interface on DC1-N7K-1 Device name Interface ip address Network mask DC1-N7K-1 Loopback 0 10.1.1/24 After completing above infrastructure tasks.90.17 30 Configure L2 trunk between DC1-N7K-1 and DC1-N7K-3.com 19 .2 32 Configure SVI 90 on DC1-N7K-3 Int Vlan 90 10.com Final Release 03-JUNE-2014 In DC1 perform the following tasks: Configure L3 link between DC1-N7K-1 and DC1-N7K-3 Device name Interface IP Address Network Mask DC1-N7K-1 e4/5 10. 2/24 After completion above infrastructure tasks.cciedatacenterlabs.90.0. www.com Final Release 03-JUNE-2014 Device name Interface ip address Network mask DC2-N7K-1 Loopback 0 10. configure VPC tasks as specified in the question.www.cciedatacenterlabs.cciedatacenterlabs.com 20 .com www. Verify if DCI is successful by pinging SVI 90 from DC1-N7K-3 to DC2-N7K-3.2.1.2 32 Configure SVI 90 in DC2-N7K-3 Int Vlan 90 10. cciedatacenterlabs.com 21 .cciedatacenterlabs.cciedatacenterlabs. Create VSAN 200 and allow only this VSAN and VSAN1 across this link. Use port channel ID22.www.com Final Release SECTION II: Storage Network 03-JUNE-2014 points 20 2. www.com www.1 Implement FC Portchannel ISL and Trunking Refer to the following diagram Configure a FC port channeling between the DC2-MDS1 and DC2-N5K2 switches. MDS1 and DC2-N5K1 switches.255.cciedatacenterlabs. This link should be configured to use LACP. www. Use the following parameters Device DC2-N7K-2 ID 2 Port Allocations Ethernet 3/9-16 Initialize this logical device with the following parameters Password: cisco Mgmt IP: 10. Use port-channel ID 21.com 22 .255. that is capable in FCoE functionality.www.3 Implement FCoE NPV Features Create a logical device within DC2-N7K-1.com Final Release 03-JUNE-2014 2.2 Implement FC NPV and NPIV Features Configure a FC NPV-NPIV F_Port trunking and port channeling link between the DC2.1.254 Telnet: Enabled Configure a FCoE NPV-NPIV F_Port trunking and Port-channeling link between the DC2-N7K-2 and DC2-N5K-1 switches.com www.1.1. Create VSAN 100 and allow only this VSAN across this link.cciedatacenterlabs. 2.0 Mgmt Gateway: 10. Create VSAN 100 and allow only this VSAN and VSAN1 across this link. Make sure SID/DID/OXID load-balancing is used across this link.1.33 Mgmt Network mask: 255.cciedatacenterlabs. Use port-channel ID 11. 1.3. other link should be used for backup only.com www. IP address details in the table below: Use FCIP profile 10 for primary. Link MTU should be able to accommodate a complete FC frame.3.com Final Release 03-JUNE-2014 2.1.cciedatacenterlabs. Use port channel Id 12.5 Implement IP Storage Based Solution Configure two FCIP links between the DC1-MDS1 and DC2-MDS1 switches. This link should be configured to use LACP. The GE1/3 ports should be primary.6/30 www.2/30 10.1.4 Implement Multihop FCoE Configure a FCoE VE PO between DC2-N7K-2 and DC2-N5K-2 switches.www.cciedatacenterlabs.5/30 DC2-MDS-1 10.3.1/30 10. Device Name Primary Link Address Secondary Link Address DC1-MDS-1 10.3. 2.cciedatacenterlabs. Make sure SID/DID/OXID load-balancing is used across this link. Create VSAN 200 and allow only this VSAN across this link. Allow both VSANs 200 and 100 across both links. and FCIP profile 20 for backup.com 23 .1. 200. 100.cciedatacenterlabs. 20 for this interface.com Final Release 03-JUNE-2014 2.cciedatacenterlabs. use use use use vfc vfc vfc vfc 311 for this interface.6 Implement FCoE Host configuration Configure the FCOE connections from DC2-SRV-3 and DC2-SRV-4. 320 for this interface.com 24 . DC2-SRV-3 DC2-SRV-3 DC2-SRV-4 DC2-SRV-4 port port port port 1 0 0 1 should should should should be be be be in in in in VSAN/VLAN VSAN/VLAN VSAN/VLAN VSAN/VLAN 200. you are only required to configure the N5K side. 420 for this interface. www.cciedatacenterlabs. 100.com www.www. All required configuration of the host side are preconfigured. Incorporate redundant configuration where applicable or as directed below. The table in Diagram 2 contains all the resources & pool information you should need to complete all tasks. You are required to configure all LAN/SAN devices within the topology. DC1 will be hosting your primary computing cluster.cciedatacenterlabs.cciedatacenterlabs. Below are a set of tasks which include setting up the system as well as configuring some basic service profile.com Final Release 03-JUNE-2014 SECTION III: Unified computing system points 32 3.com www. www.www. Here you will be implementing a new system for development purposes. no access is required to the storage array.cciedatacenterlabs.com 25 .0 Implement Unified Computing System You are now tasked to implement and configure the computing solution based on Cisco Unified computing system. Only basic management access has been configured. cciedatacenterlabs.cciedatacenterlabs.cciedatacenterlabs.com 26 .com Final Release www.com 03-JUNE-2014 www.www. The system should only discover chassis with 2 or more IOM links. zones and zonesets on the DC1-MDS-1. Configure four FC ports from each Fabric interconnect to DC-MDS-1: 1. Refer to Diagram 2 www.2. 3. Aggregate Ethernet uplinks where applicable (refer to topology diagram above). On DC1-FI-A. 1. configure the following items: • • • • Create appropriate pools as per reference table in diagram 2 for UUID. Configure UCS Infrastructure Connectivity Referring to Diagram 2. Use Channel Group ID 100 on both sides 2. Zones should belong to their respective zonesets.cciedatacenterlabs. Use same port channel IDs used on N7K side. Configure appropriate VLANs and VSANs as per table in Diagram 2.1 Implement UCS Domain infrastructure Referring to Diagram 2 configure the following items. 3.cciedatacenterlabs. WWNN and KVM Management IPs. Zone all UCS WWPNs for each fabric with their respective target WWPNs.3 Create and Implement UCS Resources Referring to Diagram 2. Use Channel Group ID 200 on both sides 3. 4. Configure a four interface FC Port Channel. Maximum bandwidth between the FI & chassis should be utilized. configure the following items: • • VLAN 50 should be restricted to the DMZ network (1G uplink) Corporate network access should include all VLANs except VLAN 50 With UCS in the default Fiber Channel mode. Configure and activate appropriate ports. 2. Configure a four interface FC Port Channel. On DC1-FI-B.com Final Release 03-JUNE-2014 3.cciedatacenterlabs.com www. MAC.www.WWPN.com 27 . 4. you are required to create a single service profile.5.cciedatacenterlabs. Configure the following: • • • • • Create a service profile called RemoteBoot int the root org The service profile should utilize the resources from pools configured previously. utilize vNIC templates previously created • Refer to table below for object names without creating new policies • Ensure cdp is enabled on all vnics by default. Detailed requirement of the service profile are below and continued with question 3. • Create and assign a san boot policy that includes redundant path. allow corporate network vlans only • Lan fabric failures should be transparent to the host OS. Note: if object names are not explicitly provided you may use your own naming convention. WWPNs from the respective fabric pool should be used 3.com Final Release 03-JUNE-2014 3.5 Create and Implement Advanced Service Profile For the RemoteBoot service profile started in the previous question. Continue with the following requirement (refer to table below for object names).com www. This service profile should be restricted to blades with no locals disks installed. Create and Implement Basic Service Profile As part of this question and the next. Part of your objective is to ensure the previously installed OS successfully boots with your configured service profile.cciedatacenterlabs. • Create an updating vnic template for each fabric. • Configure 2 vNIC per fabric.cciedatacenterlabs. fc1. • Refer to diagram 2 for target information • Associate this service profile with blade 1/1 and boot the blade www.www.com 28 . Configure 1 vHBA per fabric: fc0. your task is to ensure AD authentication within UCS using directory group map while maintaining local user access No access to the AD server is required www. Create a management firmware policy called fwmgmt-ccie.6 Create and Implement UCS Policies Create UCS policies as per the following criteria.www. Create a host firmware policy name fwpol-ccie.cciedatacenterlabs.2 eth1. this policy does not need to be applied to any service profile. modifying only default policies Ensure all changes made on the system require the user to acknowledge them before being implemented.cciedatacenterlabs. this policy does not need to be applied to any service profile 3.7 Configure UCS Authentication The active directory server has been previously configured.com www.cciedatacenterlabs. that contain the latest firmware for only the models of adapters and BIOS in the system.com Final Release 03-JUNE-2014 Object Fabric A Fabric B Vnic-template name vnic-a vnic-b vnic names eth0. that contain the latest management firmware for only blade models in the system.3 vHBA names fc0 fc1 Boot Policy name san-dual-boot 3.com 29 . www.DC=lab base DN DC=ccie. the cloned service profile should remain in the power off state www.1.8 Implement Service Profile Clone Clone the “RemoteBoot” service profile with the name “RemoteBoot-clone” Make minimum necessary modifications to clone service profile for association to succeed to blade 1/3 after association completes.com Final Release 03-JUNE-2014 Refer to table below for active directory details Active Directory Object Value Domain Controller 10.OU=ciscoucs.cciedatacenterlabs.com www.com 30 .214 Bind User CN=ucs binduser.cciedatacenterlabs.DC=ccie. DC=lab Port 389 Filter $AMAccountName=$userid Group Authorization Enabled Authentication Domain Name ldap-domain Group Recursion Recursive Target Attribute Memberof Ldap provider group ldap-group Name AD Group UCS Role ucsaaa aaa ucsnetwork network 3.cciedatacenterlabs.1. Assuming UCS blade has been configured and boot successfully from previous section.2 Implement Nexus 1000v to UCS connection 5 points Review the configuration and ensure all configuration complements UCS infrastructure.cciedatacenterlabs.1 Implement Virtual Switch Module 5 points The N1Kv has been previously installed. The VSM will contain basic configuration. There should be 1 VEM module in service and online on your VSM.cciedatacenterlabs. 4.com 31 . all VMWare configuration has been completed.com Final Release 03-JUNE-2014 SECTION VI: Manage Datacenter Virtualization 4. make any necessary changes. Refer to diagram 2 for VSM access credentials.com www.cciedatacenterlabs.www. www. After reviewing the directives below. no access to vCenter or hosts are required. www.cciedatacenterlabs.cciedatacenterlabs.com 32 .cciedatacenterlabs.com www.com Final Release 03-JUNE-2014 THANK YOU FOR USING CCIEDATACENTERLABS. www.
Report "CCIE Datacenter v1 - Question Set - Final Release - 03-06-2014 - Lab 1 (1)"