CCNP SPCOR - Architecture

1.0 Architecture Topics

The Architecture topics section is 15% of the overall exam, the topics and associated study materials I am using/collecting is below. Its difficult to know how deep to go into these topics, we can an idea from the section percentage at 15% I would not expect expert deep dive knowledge on each topic, but perhaps a good introduction and overview of the technologies and how, where and in which situation they would be expected to be used.

For a variety of the below 1.1 topics I am using the free trial of the Cisco SPCOR online e-learning course from Cisco learning. The trial only gives you access to the first section (Describing service provider network architectures) and I haven’t been through it all yet, but there seems to be some good information for the 1.1 architecture section and its free.

1.1 Describe service provider architectures

Cisco SPCOR online e-learning course

1.1a Core architectures (Metro Ethernet, MPLS, unified MPLS, SR)

Cisco SPCOR online e-learning course

Blog: Segment Routing Introduction CLN Blog

Book, Cisco Press: Metro Ethernet by Sam Halabi

1.1.b Transport technologies (Optical, xDSL, DOCSIS, TDM, and xPON)

Cisco SPCOR online e-learning course

Cisco Documentation: Digital Subscriber Line - xDSL

Cisco Documentation: Data-over-Cable Service Interface Specifications (DOCSIS)

Blog: Part I. What is xPON

1.1.c Mobility (packet core, RAN xhaul transport for 4G and 5G)

Cisco Documentation: Cisco Ultra Packet Core At-a-Glance

Cisco SPCOR online e-learning course

Cisco Documentation: Cisco Converged 5G xHaul Transport

1.2 Describe Cisco network software architecture

Book, Cisco Press: IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols

1.2.a IOS

1.2.b IOS XE

1.2.c IOS XR

1.3 Describe service provider virtualization

IOSXRv9000 Cisco Live presentation: Network Function Virtualization(NFV) using IOS-XR

1.3.a NFV infrastructure

Cisco Documentation: The Cisco NFVI solution

1.3.b VNF workloads

Cisco Documentation: Virtual network functions

1.3.c OpenStack

Cisco Documentation: OpenStack Solutions at Cisco

1.4 Describe QoS architecture

1.4.a MPLS QOS models (Pipe, Short Pipe, and Uniform)

Book, Cisco Press: QoS for IP/MPLS Networks

1.4.b MPLS TE QoS (MAM, RDM, CBTS, PBTS, and DS-TE)

Cisco Documentation: Bandwidth Constraint Models

Cisco Documentation: MPLS Traffic Engineering Class-based Tunnel Selection

Cisco Documentation: Policy-Based Tunnel Selection

Cisco Documentation: MPLS Traffic Engineering - DiffServ Aware (DS-TE)

Book, Cisco Press: Traffic Engineering with MPLS

1.4.c DiffServ and IntServ QoS models

Book, Cisco Press: QoS for IP/MPLS Networks

Book, Cisco Press: End-to-End QoS Network Design: Quality of Service in LANs, WANs, and VPNs

1.4.d Trust boundaries between enterprise and SP environments

Book, Cisco Press: End-to-End QoS Network Design: Quality of Service for Rich-Media & Cloud Networks

1.4.e IPv6 flow label

Cisco Documentation: IPv6 QoS AT–A–GLANCE

RFC: RFC 2460 Internet Protocol, Version 6 (IPv6) Specification - Appendix A

1.5 Configure and verify control plan security

1.5.a Control plane protection techniques (LPTS and CoPP)

Cisco Documentation: Implementing LPTS (local Packet Transport Services)

Cisco Press Book Chapter: Infrastructure Security and Segmentation - Securing the Control Plane

Cisco Documentation: Control Plane Policing IOS-XE

Cisco Documentation: Implementing Management Plane Protection IOS-XR

1.5.b BGP-TTL security and protocol authentication

Book, Cisco Press: IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols

Blog: packetlife.net Understanding BGP TTL Security

Cisco Documentation: MD5 Authentication Between BGP Peers Configuration Example

1.5.c BGP prefix suppression

Cisco Documentation: Suppress BGP Advertisements for Inactive Routes

Cisco Documentation: Understand BGP RIB-failure and The Command bgp suppress-inactive

1.5.d LDP security (authentication and label allocation filtering)

Cisco Documentation: MPLS LDP Lossless MD5 Session Authentication

Book, Cisco Press: MPLS Fundamentals

Cisco Documentation: MPLS LDP Local Label Allocation Filtering

1.5.e BGP sec

Blog: RPKI – Use Routinator with Cisco IOS-XR

Nanog Presentation: Cisco’s Origin Validation Implementation

1.5.BGP flowspec

Cisco Community blog: ASR9000/XR: Understanding BGP flowspec (BGP-FS)

Cisco Documentation: Implementing BGP Flowspec - ASR9000

Cisco Live Presentation: SP Security Leveraging BGP FlowSpec to protect your infrastructure

1.6 Describe management plane security

1.6.a Traceback

Cisco Forums: What are traceback logs?

1.6.b AAA and TACACS

Cisco Documentation: Configuring TACACS IOS-XE

Cisco Documentation: Configuring AAA Services ASR9000

1.6.c RestAPI security

Cisco Documentation: Cisco IOS XE REST API Management Reference Guide

1.6.d DdoS

Cisco Documentation: Denial of Service Attack Prevention IOS-XE

Cisco Documentation: Implementing Cisco ASR 9000 vDDoS Mitigation

1.7 Implement data plane security

1.7.a uRPF

Cisco Whitepaper: Unicast reverse path forwarding enhancements for the internet service provider—internet service provider network edge

Cisco Press Chapter: Cisco IOS XR Security - Unicast RPF

Blog: Cisco uRPF

1.7.b ACLs

Cisco Documenation: IP Access List Overview IOS-XE

Cisco Documentation: Implementing Access Lists IOS-XR

1.7.c RTBH

Cisco Whitepaper: Remotely triggered black hole filtering—destination based and source based