Implementing Aruba OS-CX Switching (ICX) – Outline

Detailed Course Outline

Introduction to Aruba Switching
  • Switches overview
  • Architectures
NetEdit
  • Overview
  • Centralized configuration
  • Switch groups/templates
  • AOS-CX mobile App
Network Analytics Engine (NAE)
  • Overview
  • Configuration
  • Core NAE feature lab
  • sflow, local mirror, remote mirror
VSX
  • VSF vs. VSX: access and Agg/core design
  • Stacking review
  • VSF and uni/multi packet forwarding
  • Stack fragments / split brain
  • VSX Overview: roles, control, data, management planes
  • VSX components (ISL, Keepalive, VSX LAG, Active Gateway, Active-Forwarding, Link Delay)
  • Split Brain scenario
  • Upstream Connectively Options (ROP single VRF, SVIs with multiple VRF, VSX Lag SVIs with multiple VRFs)
  • Upstream/Downstream unicast traffic flow (South-North and North-South)
  • VSX Configuration: VSX and Active Gateway
  • VSX firmware updates
ACLs
  • Overview: types, components
  • MAC ACL, Standard ACL, Extended ACL,
  • Classifier-based Policies
  • Configuration: wildcard bits, logging, pacl, vacl, racl
Advanced OSPF
  • Review basic OSPF
  • Multi area: setup and aggregation
  • Area-Types Stub, Totally Stub, NSSA, Totally NSSA
  • External routes
  • OSPF tuning: costs, bfd, gr, auth, vrrp, virt link
BGP
  • Overview: i/e bgp, as numbers
  • Best path selection
  • Configuration: route announcement
  • Route filtering to prevent transit as
IGMP
  • Overview
  • Querier
  • Snooping
  • Unknown multicasts
Multicast Routing: PIM
  • Overview
  • PIM DM
802.1X Authentication
  • Overview: roles, requirements, coa, accounting
  • Dynamic port configuration: avp, acl, qos, VLAN
  • Port-based vs. user-based: examples
  • Radius service tracking, critical VLAN
MAC Authentication
  • Overview: Use cases
  • Radius-based MAC Auth
Dynamic Segmentation
  • Leverage dynamic segmentation features
  • Configure tunneled-node on AOS-CX switches
  • Describe when and how to configure PAPI enhanced security, high availability, and fallback switching for tunneled-node
Quality of Service
  • Overview
  • VoQ (Virtual Output Queue)
  • QOS: queueing, QOS marks, dot1p, dscp
  • Trust levels
  • QOS configuration: port, VLAN, policies
  • Interaction with user roles
  • Queue configuration
  • Rate limiters
  • LLDP-MED
Additional Routing Technologies
  • VRF - Management VRF
  • PBR
  • MDNS
  • PIM SM
Capitve Portal Authentication
  • Overview of guest solutions
  • Built-in web auth
  • ClearPass redirect with CPPM