Jump to content

mattchi

Members
  • Content Count

    47
  • Joined

  • Last visited

Community Reputation

2 Neutral

About mattchi

  • Rank
    Member
  1. I used short 10-line ACL.I put in two deny lines before permitting any traffic
  2. I am not sure where I went wrong !my scores are low. I followed all the confirmed solution discussed in the forum ! Sec 1 :%60 Sec 2 :%40 Sec 3 :%43 Sec4: %80 -Removed all limit-resource.some exra ports still in the default-vdc! -HSRP up on both sites with MD5 password and preempted on the active node with priority of 255. -Fabrich path :changed metric to 50 on two interfaces on each box.changed the link-dealy timer and max path and Switch IDs.also changed system priority to 2500 and role priority to 1 on the 5K1. -FEX and VPC up -Used short access-list (the question had 5 points!) -MST configured and 7K3 made root .no ports in block mode.Bridge-Assurance also enabled. -EiGRP looked fine ,BFD not asked in the exam! -OTV UP, blocking HSRP Storage all Vsans up 2.3 used src-dst port on both 5k and the 7K vdc. 2.4 used src-dst-ip on the 5K (that is the default mode -so you dont see it in your config) 2.5 FCIPs up allowing vsan 1,100,200 as requested in the exam with passive mode and port 3005. 2.6 all VFCs up with flogi .did static npv mapping to the MDS. UCS. two servers links were down. brought them back up . Vsan 100 down as expected on the 5K1. pools created. qos-policy assigned to the Vnics. LDAP Authentication worked. call-home feature configured with all features disabled except for association failure. Blad booted with two VEM modules. some other pools (WWPN for Fabric A>B and WWNN) were given in the exam but I never used them.just created zoneset and zone having WWXN valurs for both VSANs on the MDS1 but of course just Vsan 200 was in use for the boot. Nexus 1000v 1-channel-group auto mode on sub-group manual + sub group-id based on the output from "show module vem 3/4 execute vemcmd show port " 2- vmware port-group dmz 3-capability iscsi-multipath sytem vlan 30 on uplink : system vlan 1,30,40 and mtu 9000 4-created policy and just assigned it to the inbound of vethernet port-profile
  3. Thanks for your response .Based on the role explanation below ,don't you think the answer might be server-profile ? unless you had a different question ,the question says : ccie-dc user has the administrative rights on the child organization. Operations Read-and-write access to systems logs, including the syslog servers, and faults. Read access to the remaining system. Read-Only Read-only access to system configuration with no privileges to modify the system state. Server Compute Read and write access to most aspects of service profiles. However, the user cannot create, modify or delete vNICs or vHBAs. Server Equipment Administrator Read-and-write access to physical server-related operations. Read access to the remaining system. Server Profile Administrator Read-and-write access to logical server-related operations. Read access to the remaining system. Server Security Administrator Read-and-write access to server security-related operations. Read access to the remaining system. Storage Administrator Read-and-write access to storage operations. Read access to the remaining system.
  4. Hi Thinkakhil, 1-Can you please tell us what role you assigned to the locale for UCS RBAC question ? 2-Also did you have move some ports to VDC 0 or all ports for both modules were all used up in different VDC for DC1 and DC2 as per the table provided in the exam? 3- did you make Vlan30 ,VL40 passive or for OSPF?
  5. The full system access should not be granted by any available admin roles ! in the question it says : ccie-dc user has the administrative rights on the child organization.
  6. is it just Server-profile to assign to the user to meet all the requirement ? I guess Server Profile Administrator (R/W to logicl server [also known as service profile ]) is the right answer ? the admin roles would give write access to the entire system ! can someone please confirm ? The system contains the following default user roles: AAA Administrator Read-and-write access to users, roles, and AAA configuration. Read access to the rest of the system. Administrator Complete read-and-write access to the entire system. The default admin account is assigned this role by default and it cannot be changed. Facility Manager Read-and-write access to power management operations through the power-mgmt privilege. Read access to the rest of the system. Network Administrator Read-and-write access to fabric interconnect infrastructure and network security operations. Read access to the rest of the system. Operations Read-and-write access to systems logs, including the syslog servers, and faults. Read access to the rest of the system. Read-Only Read-only access to system configuration with no privileges to modify the system state. Server Equipment Administrator Read-and-write access to physical server related operations. Read access to the rest of the system. Server Profile Administrator Read-and-write access to logical server related operations. Read access to the rest of the system. Server Security Administrator Read-and-write access to server security related operations. Read access to the rest of the system. Storage Administrator Read-and-write access to storage operations. Read access to the rest of the system.
  7. Folks, how do we assign the MAC pools to the VNICs for the Service profile ? (as per the question the VNICs must be created via VNIC Template).should we modify the VNIC Template and assign the our pool to it ? Thanks,
  8. @FutureSystems are you saying putting in "peer-gateway exclude vlan 40 " is not a valid answer ? just putting in "peer-gateway" will affect all Vlans .But the question just asks for Vlan 30!
  9. @FutureSystems what does F/M module have to do with peer-gateway exclude command ? can you please share your answer ? I guess the solution would be to put in the command "peer-gatey exclude vlan 40" on both 7Ks" peer-gatey exclude vlan 40 ==> F Module peer-gateway ==> M module
  10. can you please share the question re service profile template and also your solution ?
  11. So to summarize , we just need 1- ADD CD-ROM to make it boot from Vmedia meaning also boot from Virtual HDD 2-no action needed (boot from SD is done via bios).
  12. I think given the UCS running version in 2.1 in the lab, 1-There is no way to influence boot from SD ( secondary device as requested in the exam) from Service profile or Service profile template as per Cisco white paper Note: Prior to IMC Release 2.2, booting had to be performed through the BIOS, not through the service profile. 2- I also think what is meant by virtual hard disk is Vmedia(CD-ROM as the fist boot device) because then if we boot from CD ,"Cisco CIMC-MAPPED vHDD" will also be listed on boot screeen (I saw that menu from this link [Hidden Content]). enabling USB is just recommended not mandatory . Virtual Media Boot(vesrion 2.1) You can configure a boot policy to boot one or more servers from a virtual media device that is accessible from the server. A virtual media device mimics the insertion of a physical CD-ROM disk (read-only) or floppy disk (read-write) into a server. This type of server boot is typically used to manually install operating systems on a server. Configuring a Virtual Media Boot for a Boot Policy Configuring a Virtual Media Boot for a Boot Policy You can also create a local boot policy that is restricted to a service profile or service profile template. However, we recommend that you create a global boot policy that can be included in multiple service profiles or service profile templates. You can add more than one type of boot device to a boot policy. For example, you could add a local disk boot as a secondary boot device. Note Virtual Media requires the USB to be enabled. If you modify the BIOS settings that affect the USB functionality, you also affect the Virtual Media. Therefore, we recommend that you leave the following USB BIOS defaults for best performance: Make Device Non Bootable—set to disabled USB Idle Power Optimizing Setting—set to high-performance Procedure Step 1 Click the down arrows to expand the Local Devices area. Step 2 Click one of the following links to add the device to the Boot Order table: Add CD-ROM
  13. Asia pacific .he failed! can you please let me know about that question and the requirements once you took the exam.
×
×
  • Create New...