Cisco Software-Defined Access (SDA) Training With Lab

Explore the control plane, data plane, and management plane in traditional networking and how OSPF, IGP, BGP, and LISP shape routing tables and forwarding decisions.

Explore software defined networking (SDN) and its centralized controller, which decouples the control plane from the data plane to configure devices via APIs for scalable network management.

Examine the benefits of software defined networking, including centralized provisioning and zero-touch, scalable policy deployment, and reduced human error, alongside the single point of failure risk mitigated by controller clustering.

Learn how application programming interfaces enable admin, controller, and switches to communicate in software defined networking, using northbound and southbound APIs and rest APIs for automation.

Compare Cisco SDN solutions, including ACI for data centers, SD-WAN for wide area networks, and software defined access for campus networks, featuring spine-leaf, VXLAN, and epic.

Explore the section three SDA architecture, define Cisco SDA and intent-based networking (IBM), and outline the four operational planes and the four layers of software-defined access.

Explore the Anycast gateway concept and its role in Cisco SDA, as introduced in section four.

Explore how Lisp separates endpoint identifiers from routing locations, using map servers to map eid to rloc and enable mapping and encapsulation in SDA networks.

Explore the lisp data plane, using l3 tunneling and UDP 4341, with idr, etr, and proxy routers managing map lookups and traffic, and compare it to SDA's VXLAN data plane.

Explore how LISP operates in software defined access, renaming tunnel routers to fabric edge nodes and map server/resolver to control plane nodes, with VXLAN handling data forwarding.

Explore why VXLAN is required in SDA, define VXLAN, and explain how it works within Cisco SDA.

Harness VXLAN to create layer two overlays over a layer three underlay, enabling same-subnet hosts to communicate across multi-switch fabrics while avoiding STP limits and expanding VLAN scale.

Explore how VXLAN creates layer-two overlays over layer-three networks to extend VLANs in software-defined access, using UDP-based tunneling (port 4789) between fabric edge nodes.

Explore Cisco risk (CTAs) and Cisco trust, then examine virtual network and scalable group tax, and learn how these concepts work in software-defined access.

Explore protocols powering Cisco SDA: underlay routing with IS-IS (or OSPF), control plane with LISP, data plane via VXLAN, anycast, and Cisco TrustSec using VLAN IDs and scalable group tags.

Explore Cisco SDA fabric components, including underlay, overlay, node fabric, border and control plane nodes, fusion, router, shared services, and the roles of Cisco DNAC, Cisco ISE, and DHCP.

Define the underlay with physical switches and routers, enabling IP connectivity via IGP such as ISIS or OSPF, then build an overlay of layer-2 tunnels that carries end-user subnets only.

Fabric edge node, or fen, acts as the SDA fabric access layer. It handles endpoint registration, ID-to-IP mappings, and VXLAN data plane communication.

Fusion routers provide access to shared services and enable inter-vrf communication in the SDA fabric, connecting clients to DHCP, DNS, IP, SNMP, NAC and ISE.

Explore shared services in the SDA environment, including how the fusion router advertises DHCP, DNS, NTP, and SNMP to all SDA fabric clients.

Explore ISE in the SDA environment, including dynamic mapping of users and devices to scalable groups. Learn policy enforcement, authentication, authorization, and DNA Center integration with REST API and pxGrid.

Use the Cisco SDA compatibility matrix to verify OS version compatibility across controllers and fabric devices for a new deployment, referencing release 2.2.3.6 and Catalyst 3650 iOS versions.

Explore how endpoints reach shared subnets and services (dhcp, dns, ntp, snmp, ise) through fusion routers, edge and border nodes, using vxlan tunnels and vrf-based mp-bgp routing.