This course teaches you the advanced skills necessary to implement and operate enterprise level Aruba campus switching solutions. You will build on the skills you learned at the Associate level to configure and manage modern, open standards-based networking solutions using Aruba's OS-CX routing and switching technologies. In this course, participants learn about ArubaOS-CX switch technologies including: securing port access with Aruba's dynamic segmentation, redundancy technologies such as Multiple Spanning Tree Protocol (MSTP), link aggregation techniques including Link Aggregation Protocol (LACP) and switch virtualization with Aruba’s Virtual Switching Extension (VSX) and Aruba's Virtual Switching Framework (VSF). This course is approximately 50% lecture and 50% hands-on lab exercises.
Introduction to Aruba Switching
- Switches overview
- Architectures
NetEdit
- Overview
- Centralized configuration
- Switch groups/templates
- AOS-CX mobile A
Network Analytics Engine (NAE)
- Overview
- Configuration
- Core NAE feature lab
- sflow, local mirror, remote mirror
VSX
- VSF vs. VSX: access and Agg/core design
- Stacking review
- VSF and uni/multi packet forwarding
- Stack fragments / split brain
- VSX Overview: roles, control, data, management planes
- VSX components (ISL, Keepalive, VSX LAG, Active Gateway, Active-Forwarding, Link Delay)
- Split Brain scenario
- Upstream Connectively Options (ROP single VRF, SVIs with multiple VRF, VSX Lag SVIs with multiple VRFs)
- Upstream/Downstream unicast traffic flow (South-North and North-South)
- VSX Configuration: VSX and Active Gateway
- VSX firmware updates
ACLs
- Overview: types, components
- MAC ACL, Standard ACL, Extended ACL,
- Classifier-based Policies
- Configuration: wildcard bits, logging, pacl, vacl, racl
Advanced OSPF
- Review basic OSPF
- Multi area: setup and aggregation
- Area-Types Stub, Totally Stub, NSSA, Totally NSSA
- External routes
- OSPF tuning: costs, bfd, gr, auth, vrrp, virt link
BGP
- Overview: i/e bgp, as numbers
- Best path selection
- Configuration: route announcement
- Route filtering to prevent transit as
IGMP
- Overview
- Querier
- Snooping
- Unknown multicasts
Multicast Routing: PIM
802.1X Authentication
- Overview: roles, requirements, coa, accounting
- Dynamic port configuration: avp, acl, qos, VLAN
- Port-based vs. user-based: examples
- Radius service tracking, critical VLAN
MAC Authentication
- Overview: Use cases
- Radius-based MAC Auth
Dynamic Segmentation
- Leverage dynamic segmentation features
- Configure tunneled-node on AOS-CX switches
- Describe when and how to configure PAPI enhanced security, high availability, and fallback switching for tunneled-node
Quality of Service
- Overview
- VoQ (Virtual Output Queue)
- QOS: queueing, QOS marks, dot1p, dscp
- Trust levels
- QOS configuration: port, VLAN, policies
- Interaction with user roles
- Queue configuration
- Rate limiters
- LLDP-MED
Additional Routing Technologies
- VRF - Management VRF
- PBR
- MDNS
- PIM SM
Capitve Portal Authentication
- Overview of guest solutions
- Built-in web auth
- ClearPass redirect with CPPM