Welcome to the exciting world of Cisco certification! You have picked up this book because you want something better—namely, a better job with more satisfaction. Rest assured that you have made a good decision. Cisco certification can help you get your first networking job or more money and a promotion if you are already in the field.
Cisco certification can also improve your understanding of the internetworking of more than just Cisco products: you will develop a complete understanding of networking and how different network topologies work together to form a network. This is beneficial to every networking job and is the reason Cisco certification is in such high demand, even at companies with few Cisco devices.
Cisco is the king of routing, switching, voice and security, and now data center technology! The Cisco certifications reach beyond the popular certifications, such as those from CompTIA and Microsoft, to provide you with an indispensable factor in understanding today’s network—insight into the Cisco world of internetworking and beyond. By deciding that you want to become Cisco certified, you are saying that you want to be the best—the best at routing and the best at switching, and now the best at configuring and administering Nexus and data center technologies. This book will lead you in that direction.
Introducing the Cisco Nexus product line—one of the most significant iterations in how Cisco moves data to occur in the past decade! And it didn’t just appear magically either; all things Nexus evolved from a colorfully mixed history of acquisitions, innovation, and a novel business practice Cisco sometimes ventures into known as a spin-in.
A long and storied industry leader, Cisco created some of the earliest routers using IOS, and in the early ’90s, it entered the Ethernet switching market by acquiring Crescendo, Grand Junction, and Kalpana. Cisco’s now legacy Catalyst switches running the CatOS became the leading data center Ethernet switches in the world!
But sometimes, that’s not enough, and Cisco wanted to compete in the Fabric Channel switching market as well. In case you don’t know, Fabric Channel is a type of networking used to communicate with storage arrays. Anyway, a select group of Cisco engineers led a startup company, partially funded by Cisco, called Andiamo Systems and created the MDS product line based on the SAN-OS, or Storage Area Network Operating System. After Cisco acquired the newly successful Andiamo Systems in 2004, thereby spinning it back into the fold, the aforementioned group of engineers cum executives retired from Andiamo to lead another startup company called Nuova. This time, they busily went to work on a data center platform that would embrace virtualization and support I/O consolidation and unified fabric with a composite technology from IOS, CatOS, and SAN-OS. History repeated itself with a twist when Cisco acquired Nuova in 2008, and upon spinning back in the company and its technological advances, the Nexus product line running the Nexus Operating System (NX-OS) was soon unveiled. Nuova was then renamed the Server and Virtualization Business Unit, or SAVBU, which has gone on to create a number of wonderful technologies including Nexus as well as the Unified Computing System (UCS) product line.
Okay—so who cares and why does this matter? Well, the answer is everyone does because data center networking covers a vast array of products and technologies! This generation of equipment is totally about unifying technologies from disparate areas like data networking, storage networking, and server management. In short, it’s huge!
And NX-OS just happens to be the cornerstone of Cisco’s unification strategy. As you’ll soon see, both its form and function are majorly based upon the device’s heritage.
The CCNA Data Center certification includes the first two exams in the Cisco Data Center certification process, and the precursor to all other Cisco Data Center certifications. To become CCNA Data Center certified, you need to pass two exams at $250 a pop:
And once you have your CCNA, you don’t have to stop there—you can choose to continue with your studies and achieve a higher certification, called the Cisco Certified Network Professional (CCNP), which requires passing four more exams. Someone with a CCNP has all the skills and knowledge they need to attempt the CCIE Data Center certification, which entails a written exam and a lab exam. But just getting a CCNA Data Center certification can land you that job you’ve dreamed about.
Cisco, not unlike Microsoft and other vendors that provide certification, has created the certification process to give administrators a set of skills and to equip prospective employers with a way to measure those skills or match certain criteria. Obtaining CCNA Data Center certification can be the initial step of a successful journey toward a new, highly rewarding, and sustainable career.
The CCNA program was created to provide a solid introduction not only to the Cisco Nexus operating system and Cisco hardware but also to internetworking in general, making it helpful to you in areas that are not exclusively Cisco’s. At this point in the certification process, it’s not unrealistic that network managers—even those without Cisco equipment—require Cisco certification for their job applicants.
If you make it through the CCNA and are still interested in Cisco and Data Center technologies, you’re headed down a path to certain success.
None, zippo, nadda! No prior experience needed. Cisco created the Data Center path to stand on its own merits. This might explain to you why this book starts at the very beginning of networking and then moves into Nexus.
This first exam in the CCNA Data Center series is widely considered “CCENT on Nexus,” and I have to agree here. Wouldn’t it have just been better for Cisco to have the CCENT as a prerequisite and then have just one test on Nexus and UCS instead of putting entry-level networking technologies on this first exam? You bet it would! But please remember that I am the messenger here, trying to help you get your certifications, and Cisco does not inquire about my opinion on the certification process, although I think they should.
The way to become CCNA Data Center certified is to pass two written tests. Then—poof!—you’re CCNA Data Center certified. (Don’t you wish it was as easy as that sounds?)
Cisco has only a two-step process that you take to become CCNA Data Center certified—there is not a one-test version as there is for the CCNA Routing and Switching certification.
The two-test method involves passing the following exams:
I can’t stress this enough: it’s critical that you have some hands-on experience with Cisco Nexus switches. I’ll cover how to get hands-on experience with Nexus and UCS next.
Unless you’re related to Donald Trump, it is unlikely you can build your own data center to study for your CCNA, CCNP, or CCIE Data Center certifications. Gone are the days of having racks in your home office or spare bedroom to study for your certifications in your spare time. The Nexus and UCS equipment is extremely expensive, very large, and unbelievably heavy and will suck enough power and need enough cooling to bankrupt some people. So, what can you do to study for your Data Center certification?
I have the answer for you! When John Swartz and I sat down to start the outline for this book, we also drew out plans for a simple Nexus simulator to help you get through the hands-on labs in both of the CCNA Data Center books we are writing. This simulator isn’t a fully functional piece of software that costs hundreds of dollars, but it is very cost effective (free is cost effective, right?) and the software does the job you need it to do. This software provides the hands-on experience you need to build the foundation for the CCNA Data Center exams. I know what you’re thinking: what about studying for my CCNP Data Center certifications after I get my CCNA and what about more advanced features? Yes, we’re planning those simulators as well, but they are not available as this book goes to press.
But wait, there’s more! Since I’m providing a Nexus simulator for you, what about the UCS? I’ve got you covered there as well! I created a new site to help you get started in your Data Center studies, and on this site you will find information on how to download Cisco’s free UCS emulator:
This is a great emulator and can help get you through the CCNA Data Center certification process, but it’s not enough technology for CCNP Data Center studies because you cannot load VMware on the blades. In addition, the website provides information on how to download and install the Nexus 1000v virtual switch, which John and I discuss in our next book in the series.
This book covers everything you need to know to pass the CCNA Data Center 640-911 exam. However, taking the time to study and practice is the real key to success.
You will learn the following information in this book:
On the download link, www.sybex.com/go/ccnadatacenternetworking, you’ll find the bonus exams, flash cards, and glossary, but also as an added bonus: the Nexus simulator! This free tool will allow you to run through the hands-on labs in this book!
If you want a solid foundation for the serious effort of preparing for the 640-911 exam, then look no further. I have spent hundreds of hours putting together this book with the intention of helping you to pass the CCNA exam as well as learning how to configure Nexus switches.
This book is loaded with valuable information, and you will get the most out of your studying time if you understand how it was put together.
To best benefit from this book, I recommend the following study method:
To learn every bit of the material covered in this book, you’ll have to apply yourself regularly, and with discipline. Try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. If you work hard, you will be surprised at how quickly you learn this material.
If you follow these steps and really study—in addition to using the review questions, the practice exams, the electronic flashcards, and all the written labs, it would be hard to fail the CCNA Data Center exam. However, studying for the CCNA exam is like trying to get in shape—and if you do not go to the gym every day, you won’t get in shape.
I worked hard to provide some really great tools to help you with your certification process. All of the following tools should be loaded on your workstation when studying for the test.
The test preparation software prepares you to pass the CCNA Data Center 640-911 exam. In the test engine, you will find all the review and assessment questions from the book, plus two additional bonus practice exams that appear exclusively with this book.
The flashcards include over 50 questions specifically written to hit you hard and make sure you are ready for the exam. Between the review questions, bonus exams, and flashcards, you’ll be more than prepared for the exam.
The glossary is a handy resource for Cisco Data Center terms. This is a great tool for understanding some of the more obscure terms used in this book.
You can use the Nexus simulator to do all of the hands-on labs included in this book.
You may take the CCNA Data Center 640-911 exam at any of the Pearson VUE authorized testing centers; visit www.vue.com or call 877-404-EXAM (3926).
To register for the exam, follow these steps:
The CCNA Data Center 640-911 exam test contains 60 to 75 questions and must be completed in 90 minutes or less. This information can change per exam. You must get a score of about 82 percent to pass this exam, but again, each exam can be different.
Many questions on the exam have answer choices that at first glance look identical—especially the syntax questions! Remember to read through the choices carefully because close doesn’t cut it. If you get commands in the wrong order or forget one measly character, you’ll get the question wrong. So, to practice, do the hands-on exercises at the end of book’s chapters over and over again until they feel natural to you.
Also, never forget that the right answer is the Cisco answer. In many cases, more than one appropriate answer is presented, but the correct answer is the one that Cisco recommends. On the exam, it always tells you to pick one, two, or three, never “choose all that apply.” The CCNA Data Center 640-911 exam may include the following test formats:
Cisco-proctored exams will not show the steps to follow in completing a router interface configuration; however, they do allow partial command responses. For example, Switch#showrunning-config or Switch#sh run would be acceptable.
Here are some general tips for exam success:
After you complete an exam, you’ll get immediate, online notification of your pass or fail status, a printed examination score report that indicates your pass or fail status, and your exam results by section. (The test administrator will give you the printed score report.) Test scores are automatically forwarded to Cisco within five working days after you take the test, so you don’t need to send your score to them. If you pass the exam, you’ll receive confirmation from Cisco, typically within two to four weeks, sometimes longer.
You can reach Todd Lammle and John Swartz through Todd’s forum found at www.lammle.com/forum.
The objectives for the Data Center exams are a constant moving target. As of the time of this writing, the objectives are being updated on www.cisco.com almost weekly. Please always check Cisco’s website for the latest, up-to-date information.
Here are the latest updated objectives as of this writing:
Exam Objective | Chapters |
1.01 Describe the purpose and functions of various network devices | 1, 2 |
(a) interpret a network diagram | 1, 2, 3 |
(b) define physical network topologies | 1, 2 |
1.02 Select the components required to meet a network specification | 1, 2 |
(a) switches | 1, 11, 12 |
1.03 Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network | 4, 6 |
(a) IP | 4, 5 |
(b) TCP | 4 |
(c) UDP | 4 |
1.04 Describe the purpose and basic operation of the protocols in the OSI and TCP models | 4, 6 |
(a) TCP/IP | 4, 5 |
(b) OSI Layers | 2 |
Exam Objective | Chapters |
2.01 Explain the technology and media access control method for Ethernet networks | 3 |
(a) IEEE 802 protocols | 3 |
(b) CSMA/CD | 3 |
2.02 Explain basic switching concepts and the operation of Cisco switches | 3, 11 |
(a) Layer 2 addressing | 2, 3, 11 |
(b) MAC table | 11 |
(c) Flooding | 11 |
2.03 Describe and Configure enhanced switching technologies | 11 |
(a) VTP | 11 |
(b) VLAN | 11 |
(c) 802.1q | 11, 12 |
(d) STP | 12 |
Exam Objective | Chapters |
3.01 Describe the operation and benefits of using private and public IP addressing | 5, 6 |
(a) Classful IP addressing | 5 |
(b) RFC 1918 | 5 |
(c) RFC 4193 | 5 |
3.02 Describe the difference between IPv4 and IPv6 addressing scheme | 5, 6 |
(a) Comparative address space | 5 |
(b) Host addressing | 5 |
Exam Objective | Chapters |
4.01 Describe and Configure basic routing concepts | 8, 9, 10, 11, 12 |
(a) packet forwarding, router lookup process (e.g., Exec mode, Exec commands, Configuration mode) | 8, 9 |
(b) router lookup process (e.g., Exec mode, Exec commands, Configuration mode) | 8, 9 |
4.02 Describe the operation of Cisco routers | 7, 8, 9, 10, 11, 12, 13 |
(a) router bootup process | 7, 8 |
(b) POST | 7, 8 |
(c) router components | 7, 8 |
1. LAN switching uses a physical and logical topology. Which physical topologies are typically used in today’s Ethernet switched networks? (Choose two.)
A. Bus
B. Star
C. Mesh
D. Extended star
2. Each field in an IPv6 address is how many bits long?
A. 4
B. 16
C. 32
D. 128
3. Which two advanced spanning-tree protocols does the NX-OS support?
A. CSTP
B. RSTP
C. MSTP
D. STP
4. Which of the following is true regarding the purpose of flow control?
A. To ensure that data is retransmitted if an acknowledgment is not received
B. To reassemble segments in the correct order at the destination device
C. To provide a means for the receiver to govern the amount of data sent by the sender
D. To regulate the size of each segment
5. How long is an IPv6 address?
A. 32 bits
B. 128 bytes
C. 64 bits
D. 128 bits
6. Why is the DSAP field in an 802.3 frame important?
A. The DSAP field is only used in Ethernet II frames.
B. The DSAP field specifies the TCP or UDP port that is associated with the transport protocol.
C. The DSAP field indicates the Network layer protocol so multiple routed protocols can be used.
D. The DSAP field is only used by the DoD for classified networks.
7. The Internet Protocol (IP) stack has four layers compared to seven for the OSI model. Which layers of the OSI model are combined in the Internet Protocol suite Network Access layer? (Choose two.)
A. 1
B. 2
C. 3
D. 4
8. UDLD is used with Nexus at the Data Link layer. What does UDLD stand for?
A. Unified Direct Link Distribution
B. Unified Data Link Distribution
C. Unified Direct Link Deployment
D. UniDirectional Link Detection
9. What will happen if an RFC 1918 assigned address is configured on a public interface that connects to an ISP?
A. Addresses in a private range will be not routed on the Internet backbone.
B. Only the ISP router will have the capability to access the public network.
C. The NAT process will be used to translate this address in a valid IP address.
D. Several automated methods will be necessary on the private network.
E. A conflict of IP addresses happens, because other public routers can use the same range.
10. You want to configure your Nexus 7010 so that logically the switch is running three separate NX-OS instances. What is the best way to accomplish this?
A. VRF
B. VDC
C. Storage-operator role
D. VSANs and VLANs
11. On a Nexus 5010, what type of connector could you use to connect to an Ethernet network? (Choose two.)
A. SFP
B. TwinAx
C. GBIC
D. GBIC type 2
12. What is the maximum number of IP addresses that can be assigned to hosts on a local subnet that uses a /27 subnet mask?
A. 14
B. 15
C. 16
D. 30
E. 31
F. 62
13. What do the L1 and L2 physical ports provide on a Nexus 5000 series switch?
A. Database synchronization
B. Heartbeat
C. Layer 1 and layer 2 connectivity
D. Nothing
14. On a new Cisco Nexus switch, you receive an error message when you attempt to create a switch virtual interface (SVI). What is the first command you must use to create the SVI?
A. interface vlan (vlanid)
B. vlan (vlanid)
C. feature interface-vlan
D. interface routed
15. If you wanted to delete the configuration stored in NVRAM, what would you type?
A. erase startup
B. erase nvram
C. write erase boot
D. erase running
16. You want to define a port as a layer 3 port on a Nexus OS. What is the command?
A. port routed
B. no switchport
C. switchport
D. port switching
17. A route update packet is considered invalid with the RIP protocol at what hop count?
A. Unlimited
B. 0
C. 15
D. 16
E. 31
F. 32
18. New VLANs have just been configured on a Nexus switch; however, a directly connected switch is not receiving the VLAN via a summary update. What reasons could cause this problem? (Choose two.)
A. The VTP passwords are set incorrectly.
B. The VTP feature has not been enabled.
C. The VTP domain names do not match.
D. VTP is not supported on Nexus switches.
19. RSTP is a great protocol if you are not using Port Channel. Which of the following is true regarding RSTP? (Choose three.)
A. RSTP speeds the recalculation of the spanning tree when the Layer 2 network topology changes.
B. RSTP is an IEEE standard that redefines STP port roles, states, and BPDUs.
C. RSTP is extremely proactive and very quick, and therefore it absolutely needs the 802.1 delay timers.
D. RSTP (802.1w) supersedes 802.1 while remaining proprietary.
E. All of the 802.1d terminology and most parameters have been changed.
F. 802.1w is capable of reverting to 802.1 to interoperate with traditional switches on a per-port basis.
20. Which commands would you use to configure an ACL on a Cisco Nexus switch to deny unencrypted web traffic from any source to destination host 10.10.1.110? (Choose two.)
A. ip access-list 101, deny tcp any host 10.10.1.110 eq 80
B. ip access-list 101, deny ip any host 10.10.1.110 eq 80
C. permit tcp any any
D. permit ip any any
1. B, D. Physical star and physical extended star are the most popular physical LAN networks today. See Chapter 1 for more information.
2. B. Each field in an IPv6 address is 16 bits long. An IPv6 address is a total of 128 bits. See Chapter 5 for more information.
3. B, C. The NX-OS allows you to configure only the RSTP and MSTP protocols. See Chapter 12 for more information.
4. C. Flow control allows the receiving device to control the transmitter so the receiving device’s buffer does not overflow. See Chapter 2 for more information.
5. D. An IPv6 address is 128 bits long, whereas an IPv4 address is only 32 bits long. See Chapter 5 for more information.
6. C. The old Source and Destination Service Access Point fields in a SNAP frame defined the Network Layer protocol that the packet uses. See Chapter 3 for more information.
7. A, B. The OSI Data Link layer (layer 2) and the OSI Physical layer (layer 1) are combined into the Network Access layer of the Internet Protocol suite. See Chapter 4 for more information.
8. D. UniDirectional Link Detection (UDLD) is a Data Link layer protocol used to monitor the physical configuration of the cables and detect when communication is occurring in only one direction. See Chapter 7 for more information.
9. A. Private addresses from RFC 1918 cannot be placed on an interface going to the public Internet. You must configure NAT to translate. See Chapter 5 for more information.
10. B. Virtual device contexts (VDCs) can logically separate a switch into two administrative domains. In this case, one VDC would be assigned all of the Ethernet ports and the other VDC would be assigned all of the storage ports. See Chapter 7 for more information.
11. A, B. Small form-factor pluggable (SPF) modules give you flexibility in selecting what type of cable that you want to use. TwinAx is a copper cable with SFPs embedded in the end and is cost effective. See Chapter 7 for more information.
12. D. A /27 (255.255.255.224) is 3 bits on and 5 bits off. This provides 8 subnets, each with 30 hosts. Does it matter if this mask is used with a Class A, B, or C network address? Not at all. The number of host bits would never change. See Chapter 6 for more information.
13. D. L1 and L2 are not implemented on the Nexus 5010, but they are used on the Fabric Interconnects. See Chapter 7 for more information.
14. C. The feature command turns on a service and enables the commands for that feature. Command will not be visible until enabled. See Chapter 8 for more information.
15. C. The command write erase boot deletes the configuration stored in NVRAM and sets the system back to factory default. See Chapter 8 for more information.
16. B. The switchport command is used to switch between a port being used for layer 2 and layer 3. See Chapter 8 for more information.
17. D. The maximum hop count a route update packet can traverse before considering the route invalid is 15, so 16 hops is invalid for both RIPv1 and RIPv2. See Chapter 10 for more information.
18. A, C. To troubleshoot VTP, you first need to verify that the domain names match, and that they are case sensitive as well. You should also check that the server has a higher revision number than the client or the client won’t update the database. Also, if the passwords are set and do not match, the client will reject the update. See Chapter 11 for more information.
19. A, B, F. RSTP helps with convergence issues that plague traditional STP. Rapid PVST+ is based on the 802.1w standard in the same way that PVST+ is based on 802.1. See Chapter 12 for more information.
20. A, D. In solving this business requirement, you first need to create a deny statement from any source to destination host 10.10.1.110 using HTTP with destination port 80. The second line permits all other traffic. See Chapter 13 for more information.
3.134.118.95