300-620 Exam Dumps - Implementing Cisco Application Centric Infrastructure (300-620 DCACI)

 To limit management access to the Cisco ACI fabric that originates from a single subnet where the NOC operates, the policy should be configured in the management tenant on the Cisco APIC5.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/ apic/sw/1-x/Operating_ACI/guide/b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_0111.html

 In the Cisco ACI VMM domain configuration, to generate port groups with names formatted as “Tenant=Application=EPG”, the configuration option used is delimiter. The delimiter is a character that separates the elements of the port-group name. By changing the delimiter setting to “=”, the port-group names will be generated with the desired format.

To connect Cisco ACI fabric using Layer 2 with external third-party switches configured using 802.1s protocol, the two constructs required are:

Spanning tree policy for mapping MST Instances to VLANs (Option A): This policy will ensure that the Multiple Spanning Tree (MST) instances on the third-party switches are correctly mapped to the VLANs in the ACI fabric.

Static binding of native VLAN in all existing EPGs (Option E): This construct is necessary to maintain the native VLAN across all EPGs when integrating with third-party switches that use 802.1s protocol.

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKACI-3101.pdf

https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-in frastructure/white-paper-c07-732033.html

To configure communication between the EPGs in different tenants, the subnet scope should be set to “Shared between VRFs”. This allows the subnet to be shared across different VRFs, enabling communication between EPGs that are in different tenants but within the same VRF. By marking the subnet as shared, it becomes visible to other VRFs, which is necessary for inter-tenant communication1.

References :=

Learning ACI - Part 12: Inter-VRF and Inter-Tenant Communication

 When configuring ACI VMM domain integration with Cisco UCS-B Series, the type of port channel policy that must be configured in the vSwitch policy is MAC Pinning-Physical-NIC-load. This policy type allows for the distribution of traffic across physical NICs based on MAC address hashing, which is suitable for environments where dynamic port channels (LACP) are not used.

In a Cisco ACI bridge domain and VRF configured with a default data-plane learning configuration, the two endpoint attributes that are programmed in the leaf switch when receiving traffic are:

Local MAC, IP (Option D)5.

Local Subnet (Option E)5. These attributes are learned by the ACI fabric through common network methods such as ARP, GARP, and ND, as well as through the data-plane. The local MAC and IP addresses are learned and used for traffic routing and bridging, while the local subnet information is used for traffic optimization and endpoint location tracking56.

The engineer configures port 1/2 on Leaf-101 and Leaf-102 to connect to a new server (SVR-12), which belongs to EPG-12 using VLAN-1212 encapsulation. The server is configured as a vPC member port and statically bound to EPG-12. The task is to ensure connectivity, indicating a missing configuration step.

Requirement Analysis

Static binding of a vPC member port to an EPG requires proper VLAN association and domain mapping.

vPC ensures redundancy, and the VLAN (1212) must be allocated and associated with the EPG via a domain (e.g., VMM or physical domain).

Option Evaluation

A. Create a VPC Explicit Protection Group for EPG-12 and VLAN-1212:

vPC Explicit Protection Groups are used for specific vPC configurations, but this is not a standard requirement for EPG binding and VLAN association.