SDWADV: Cisco SD-WAN Day-N Advanced Monitoring & Troubleshooting

Module 1: Cisco SD-WAN Introduction

• High-level Cisco SD-WAN Deployment models
• Application level SD-WAN solution
• Cisco SDWAN plan for HA and Scalability
• Cisco SD-WAN solution components: vManage NMS, vSmart Controller, vBond Orchestrator
• Edge Routers (cEdge & vEdge)
• Cloud Based Deployment vs On-Premises Deployment

Module 2 : Zero Touch Provisioning

• Overview
• User Input Required for the ZTP Automatic Authentication Process
• Authentication between the vBond Orchestrator and WAN Edges
• Authentication between the Edge Routers and the vManage NMS
• Authentication between the vSmart Controller and the Edge Routers

Module 3 : Cisco SD-WAN Solution

• Overlay Management Protocol (OMP)
• Cisco SD-WAN Circuit Aggregation Capabilities
• Secure Connectivity in Cisco SD-WAN
• Performance Tracking Mechanisms
• Application Discovery
• Dynamic Path Selection
• Performance Based Routing
• Direct Internet Access
• Cisco SD-WAN In-built Security features: App Aware FW, Talos IPS, URL Filtering, Umbrella Integration & Advanced Malware Protection
• Dynamic Cloud Access: Cloud On-Ramp for SaaS and IaaS (AWS, Azure & GPC)

Module 4 : Operations Best Practices

• Config: Test Configuration Changes Before Committing
• NAT: Secure Routers Acting as NATs
• Edge Routers: Connect to the Console Port
• vManage Operational Commands
• SD WAN Devices: Site ID Naming Conventions
• SD WAN Devices: Using the System IP Address
• vManage NMS: Disaster Recovery

o Disaster Recovery – Cluster failover scenarios

o vManage Disaster Recovery Checklist

o How to configure Disaster Recovery

Module 5 : Application Monitoring (Including SD-AVC)

• vManage – Application Monitoring
• How to enable DPI on SD-WAN cEdge Routers

o Monitoring Application traffic per device/site

o How to enable SD-AVC on vManage and push to routers.

o Configuring application log collection parameters.

• vAnalytics

o vAnalytics dashboard walk-through

o vAnalytics Network Health

o vAnalytics Network Availability

o vAnalytics Applications

• Ecosystem Partner Solutions

Module 6 : General Troubleshooting

• Check Application-Aware Routing Traffic
• Collect Device Data To Send to Customer Support
• Monitor Alarms and Events
• Monitor TCP Optimization
• Ping an SD WAN Device
• Run a Traceroute
• Simulate Flows
• Troubleshoot Cellular Interfaces
• Troubleshoot Device Bringup
• Use Syslog Messages
• Tunnel Health

Module 7: Troubleshooting: Data Plane Issues

• BFD Session Information and Troubleshooting a BFD Session
• Cflowd Issues
• Data Policies
• DPI Issues
• Symptom: Site Cannot Reach Applications in Datacenter
• Symptom: vManage Showing Edge Router or Interface Down
• Symptom: Site-Wide Loss of Connectivity (Blackout)
• Symptom: Poor Application Performance (Brownout)
• Issue Severity Assessment

Module 8: Troubleshooting: Routing Issues

• Troubleshooting NAT Issues for Control and Data connections
• BGP Information
• Multicast Information
• OMP Information
• OSPF Information
• PIM Information
• Symptom: Some or All Routes Missing from Edge Routing table
• Symptom: Data Traffic Using Suboptimal Path
• Symptom: Data Traffic Not Using All Transports

Module 9: Monitoring and Troubleshooting Application-Aware Routing

• Checking configuration o For Localized Policies

o For Centralized Policies

• How to check if FIA is enabled
• Confirming and troubleshooting TCAM Issues

o Enabling Various Policy Level Logs

o FRM Logs

o EPBR Logs

o FNF Logs during config

o Collecting Log Files

o How to deal with too many logs

Module 11: Network Operations

• Check Alarms and Events
• Check User Accounts and Permissions
• Deploy the SD WAN Overlay Network
• Determine the Status of Network Sites
• Control Connections
• Data Connections
• OMP Status
• Enabling Embedded Packet Captures and Packet Trace on Cisco cEdges

Module 12: Security Certificate Troubleshooting

• Generate a Certificate Signing Request
• Issues when installing a certificate
• Using Cisco Signed Certificates vs 3rd Party Signed Certificates
• Upload the Edge Serial Number File

Module 13: SD WAN Devices Maintenance

• Decommission a vEdge Cloud Router
• Determine the Status of a Network Device
• Migrate a Controller’s Virtual Machine Using vMotion
• Remove an Edge Router’s Serial Number from the vManage NMS
• Replace an Edge Router
• Restore the vManage NMS
• Set Up User Accounts to Access SD-WAN Devices
• Validate or Invalidate an Edge Router
• Software Versions Installed on a Device
• Troubleshooting platform crash issues

Module 14: SD WAN Device Operation and Troubleshooting

• Determine Changes to a Configuration Template
• Determine Why a Device Rejects a Template
• Alarm Severity Levels
• Hardware Alarms
• Checking Alarms and Notifications
• LEDs
• Additional Information
• Restore an Edge Router
• Remove Edge Router Components
• Restore an Edge Router
• Remove Edge Router Components

Lab Outline:

Labs are designed to assure learners a whole practical experience, through the following practical activities:

• Lab 1: Deploy and configure the Cisco SD-WAN Fabric

o Configure and Deploy Control-Plane Connectivity

o Configure and Deploy an Overlay Network

o Provision and Deploy vManage Templates

o Provision and Deploy vManage Policies

• Lab 2: Operational Best Practices
• Lab 3: Installing SD-AVC and monitoring CFlowd & DPI
• Lab 4: Cisco SD-WAN Control Plan Troubleshooting
• Lab 5: Cisco SD-WAN Data Plane Troubleshooting
• Lab 6: Cisco SD-WAN Troubleshoot Routing Issues

o Basic route troubleshooting on the SD-WAN XE Image

o Debugs on the Cisco SD-WAN XE Image

• Lab 7: Troubleshooting Cisco SD-WAN Policies
• Lab 8: Configuring a vManage Disaster Recovery Backup
• Lab 9: Troubleshooting platform crash files
• Lab 10: Configuring Cisco SD-WAN Alarms, Alerts and Notifications