EXAM BLUEPRINT F5 101 – APPLICATION DELIVERY FUNDAMENTALS

Hi ,

My Next  Goal this month is to complete F5 101 certification .I plan to take this exam at the end of December .Here are the study material that I will use to prepare it .

F5 101 blueprint 

F5 study Guide

F5 University 

F5 101 Bootcamp : You must be an F5 patner 

SECTION  1 : OSI

Objective 1.01 Explain, compare, and contrast the OSI layers

• Describe the function of each OSI layer
• Differentiate between the OSI layers
• Describe the purpose of the various address types at different OSI layers

Objective 1.02 Explain protocols and technologies specific to the data link layer

• Explain the purpose of a switch’s forwarding database
• Explain the purpose and functionality of ARP
• Explain the purpose and functionality of MAC addresses
• Explain the purpose and functionality of a broadcast domain
• Explain the purpose and functionality of VLANs
• Explain the purpose and functionality of link aggregation

Objective 1.03 Explain protocols and apply technologies specific to the network layer

• Explain the purpose and functionality of IP addressing and subnetting
• Given an IP address and net mask, determine the network IP and the broadcast IP
• Given a routing table and a destination IP address, identify which routing table entry the destination IP address will match
• Explain the purpose and functionality of Routing protocols
• Explain the purpose of fragmentation
• Given a fragment, identify what information is needed for reassembly
• Explain the purpose of TTL functionality Given a packet traversing a topology, document the source/destination IP address/MAC address changes at each hop

Objective 1.04 Explain the features and functionality of protocols and technologies specific to the transport layer

• Compare/Contrast purpose and functionality of MTU and MSS
• Explain the purpose and functionality of TCP Explain the purpose and functionality of UDP
• Explain the purpose and functionality of ports in general
• Explain how retransmissions occur
• Explain the purpose and process of a reset Describe various TCP options
• Describe a TCP checksum error Describe how TCP addresses error correction
• Describe how the flow control process occurs

Objective 1.05 Explain the features and functionality of protocols and technologies specific to the application layer

• Explain the purpose and functionality of HTTP
• Differentiate between HTTP versions
• Interpret HTTP status codes
• Determine an HTTP request method for a given use case
• Explain the purpose and functionality of HTTP keepalives, HTTP headers, DNS, SIP, FTP
• Differentiate between passive and active FTP
• Explain the purpose and functionality of SMTP
• Explain the purpose and functionality of a cookie
• Given a situation in which a client connects to a remote host, explain how the name resolution process occurs Explain the purpose and functionality of a URL

Section 2: F5 Solutions and Technology

Objective 2.01 Articulate the role of F5 products

Examples Explain the purpose, use, and benefits of APM, LTM, ASM, GTM

Objective 2.02 Explain the purpose, use, and advantages of iRules

• Explain the purpose of iRules
• Explain the advantages of iRules
• Given a list of situations, determine which would be appropriate for the use of iRules

Objective 2.03 Explain the purpose, use, and advantages of iApps

• Examples Explain the purpose of iApps
• Explain the advantages of iApps
• Given a list of situations, determine which would be appropriate for the use of iApps

Objective 2.04 Explain the purpose of and use cases for full proxy and packet forwarding/packet based architectures

• Describe a full proxy architecture
• Describe a packet forwarding/packet based architecture
• Given a list of situations, determine which is appropriate for a full proxy architecture
• Given a list of situations, determine which is appropriate for a packet based architecture

Objective 2.05 Explain the advantages and configurations of high availability (HA)

• Explain active/active
• Explain active/standby
• Explain the benefits of deploying BIG-IP devices in a redundant configuration

Section 3: Load Balancing Essentials

Objective 3.01 Discuss the purpose of, use cases for, and key considerations related to load balancing

• Examples Explain the purpose of distribution of load across multiple servers
• Given an environment, determine the appropriate load balancing algorithm that achieves a desired result
• Explain the concept of persistence

Objective 3.02 Differentiate between a client and server

• Given a scenario, identify the client/server
• Explain the role of a client
• Explain the role of a server

Section 4 : Security

Objective 4.01 Compare and contrast positive and negative security models

• Describe the concept of a positive security model
• Describe the concept of a negative security model
• Given a list of scenarios, identify which is a positive security model
• Given a list of scenarios, identify which is a negative security model
• Describe the benefits of a positive security model
• Describe the benefits of a negative security model

Objective 4.02 Explain the purpose of cryptographic services

• Describe the purpose of signing
• Describe the purpose of encryption
• Describe the purpose of certificates and the certificate chains
• Distinguish between private/public keys
• Compare and contrast symmetric/asymmetric encryption

Objective 4.03 Describe the purpose and advantages of authentication

• Explain the purpose of authentication
• Explain the advantages of single sign on
• Explain the concepts of multifactor authentication
• Describe the role authentication plays in AAA

Objective 4.04 Describe the purpose, advantages, and use cases of IPsec and SSL VPN

• Explain the purpose, advantages, and challenges associated with IPsec
• Explain the purpose, advantages, and challenges associated with SSL VPN
• Given a list of environments/situations, determine which is appropriate for an IPsec solution
• Given a list of environments/situations, determine which is appropriate for an SSL VPN solution

Section 5: Application Delivery Platforms

Objective 5.01 Describe the purpose, advantages, use cases, and challenges associated with hardware based application delivery platforms and virtual machines

• Explain when a hardware based application deliver platform solution is appropriate
• Explain when a virtual machine solution is appropriate
• Explain the purpose, advantages, and challenges associated with hardware based application deliver platform solutions
• Explain the purpose, advantages, and challenges associated with virtual machines
• Given a list of environments/situations, determine which is appropriate for a hardware based application deliver platform solution
• Given a list of environments/situations, determine which is appropriate for a virtual machine solution
• Explain the advantages of dedicated hardware (SSL card, compression card)

Objective 5.02 Describe the purpose of the various types of advanced acceleration techniques

• Describe the purpose of TCP optimization
• Describe the purpose of HTTP keepalives, caching, compression, and pipelining

CCNP RS Version 2 Detail blueprint

Implementing Cisco IP Routing (300-101)

Implementing Cisco IP Switched Networks (300-115)

Troubleshooting and Maintaining Cisco IP Networks (300-135)

Implementing Cisco IP Routing (300-101)

This is the new version of the ROUTE exam. The old version was 642-902. The
new blueprint is here.

The routing protocols are still there, as expected. Let’s go through the blueprint to
see what has been added or clarified from the old blueprint.

1.0 Network Principles 10%

1.1 Identify Cisco Express Forwarding concepts
1.1.a FIB
1.1.b Adjacency table
1.2 Explain general network challenges
1.2.a Unicast
1.2.b Out-of-order packets
1.2.c Asymmetric routing
1.3 Describe IP operations
1.3.a ICMP Unreachable and Redirects
1.3.b IPv4 and IPv6 fragmentation
1.3.c TTL
1.4 Explain TCP operations
1.4.a IPv4 and IPv6 (P)MTU
1.4.b MSS
1.4.c Latency
1.4.d Windowing
1.4.e Bandwidth-delay product
1.4.f Global synchronization
1.5 Describe UDP operations
1.5.a Starvation
1.5.b Latency
1.6 Recognize proposed changes to the network
1.6.a Changes to routing protocol parameters
1.6.b Migrate parts of the network to IPv6
1.6.c Routing protocol migration

This section seems entirely new to me. Although it would have been expected by a CCNP
candidate to know about TTL, CEF and MTU, Cisco is now making it clear that you must
know these concepts. This is great that topics like these are now specifically mentioned
in the blueprint.

The above concepts are all very important and we can also see that
IPv6 is getting more and more attention. Asymmetric routing, MSS, BDP, latency are all
important concepts that you will surely run into in a role as a network engineer.

2.0 Layer 2 Technologies 10%

2.1 Configure and verify PPP
2.1.a Authentication (PAP, CHAP)
2.1.b PPPoE (client side only)
2.2 Explain Frame Relay
2.2.a Operations
2.2.b Point-to-point
2.2.c Multipoint

This is also not really new but Cisco now includes them in the blueprint.
Frame relay is still there, which may seem surprising. However, it says explain Frame Relay,
so it seems only the concepts should be known and not the configuration.
This does make sense in a way because Frame Relay concepts are similar to MPLS, DMVPN etc.

3.0 Layer 3 Technologies 40%

3.1 Identify, configure, and verify IPv4 addressing and subnetting
3.1.a Address types (Unicast, broadcast, multicast, and VLSM)
3.1.b ARP
3.1.c DHCP relay and server
3.1.d DHCP protocol operations
3.2 Identify IPv6 addressing and subnetting
3.2.a Unicast
3.2.b EUI-64
3.2.c ND, RS/RA
3.2.d Autoconfig (SLAAC)
3.2.e DHCP relay and server
3.2.f DHCP protocol operations
3.3 Configure and verify static routing
3.4 Configure and verify default routing
3.5 Evaluate routing protocol types
3.5.a Distance vector
3.5.b Link state
3.5.c Path vector
3.6 Describe administrative distance
3.7 Troubleshoot passive interfaces
3.8 Configure and verify VRF lite
3.9 Configure and verify filtering with any protocol
3.10 Configure and verify redistribution between any routing protocols or routing sources
3.11 Configure and verify manual and autosummarization with any routing protocol
3.12 Configure and verify policy-based routing
3.13 Identify suboptimal routing
3.14 Explain ROUTE maps
3.15 Configure and verify loop prevention mechanisms
3.15.a Route tagging and filtering
3.15.b Split-horizon
3.15.c Route poisoning
3.16 Configure and verify RIPv2
3.17 Describe RIPng
3.18 Describe EIGRP packet types
3.19 Configure and verify EIGRP neighbor relationship and authentication
3.20 Configure and verify EIGRP stubs
3.21 Configure and verify EIGRP load balancing
3.21.a Equal cost
3.21.b Unequal cost
3.22 Describe and optimize EIGRP metrics
3.23 Configure and verify EIGRP for IPv6
3.24 Describe OSPF packet types
3.25 Configure and verify OSPF neighbor relationship and authentication
3.26 Configure and verify network types, area types, and router types
3.26.a Point-to-point, multipoint, broadcast, nonbroadcast
3.26.b LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
3.26.c Internal router, backbone router, ABR, ASBR
3.26.d Virtual link
3.27 Configure and verify OSPF path preference
3.28 Configure and verify OSPF operations
3.29 Configure and verify OSPF for IPv6
3.30 Describe, configure, and verify BGP peer relationships and authentication
3.30.a Peer group
3.30.b Active, passive
3.30.c States and timers
3.31 Configure and verify eBGP (IPv4 and IPv6 address families)
3.31.a eBGP
3.31.b 4-byte AS number
3.31.c Private AS
3.32 Explain BGP attributes and best-path selection

This is the meat of the exam, as expected from a ROUTE exam. What stands out is that
the blueprint holds much more detail. Things like ARP, DHCP and address types were
not specific items on the old blueprint. We also see a continued focus on IPv6 where
v6 is now included for BGP as well. A CCNP candidate now also needs to understand 4 byte
AS numbers and private AS, which is good for real life networks.

We have a very detailed blueprint which is good. Topics like route-maps and tagging are
now specific items. It’s clear that a CCNP candidate must know routing very well to pass
the ROUTE exam. A new topic is VRF lite, this is a good addition and something that is
very common in todays networks.

4.0 VPN Technologies 10%

4.1 Configure and verify GRE
4.2 Describe DMVPN (single hub)
4.3 Describe Easy Virtual Networking (EVN)

GRE was already there, so that is not new. The topics of DMVPN and EVN has been added.
DMVPN is getting more and more common, so that is a good addition. I haven’t seen
much EVN so far but it’s still a concept you should at least have heard of.

5.0 Infrastructure Security 10%

5.1 Describe IOS AAA using local database
5.2 Describe device security using IOS AAA with TACACS+ and RADIUS
5.2.a AAA with TACACS+ and RADIUS
5.2.b Local privilege authorization fallback
5.3 Configure and verify device access control
5.3.a Lines (VTY, AUX, console)
5.3.b Management plane protection
5.3.c Password encryption
5.4 Configure and verify router security features
5.4.a IPv4 access control lists (standard, extended, time-based)
5.4.b IPv6 traffic filter
5.4.c Unicast reverse path forwarding

I don’t see the above topics as new, it’s good that they are now included in the
blueprint though. These are all topics one needs to know for a CCNP level network
engineer.

6.0 Infrastructure Services 10%

6.1 Configure and verify device management
6.1.a Console and VTY
6.1.b Telnet, HTTP, HTTPS, SSH, SCP
6.1.c (T)FTP
6.2 Configure and verify SNMP
6.2.a v2
6.2.b v3
6.3 Configure and verify logging
6.3.a Local logging, syslog, debugs, conditional debugs
6.3.b Timestamps
6.4 Configure and verify Network Time Protocol (NTP)
6.4.a NTP master, client, version 3, version 4
6.4.b NTP authentication
6.5 Configure and verify IPv4 and IPv6 DHCP
6.5.a DHCP client, IOS DHCP server, DHCP relay
6.5.b DHCP options (describe)
6.6 Configure and verify IPv4 Network Address Translation (NAT)
6.6.a Static NAT, dynamic NAT, PAT
6.7 Describe IPv6 NAT
6.7.a NAT64
6.7.b NPTv6
6.8 Describe SLA architecture
6.9 Configure and verify IP SLA
6.9.a ICMP
6.10 Configure and verify tracking objects
6.10.a Tracking objects
6.10.b Tracking different entities (for example, interfaces, IPSLA results)
6.11 Configure and verify Cisco NetFlow
6.11.a NetFlow v5, v9
6.11.b Local retrieval
6.11.c Export (configuration only)

Most of the topics here should be familiar. NAT between IPv4 and IPv6 has been added.
This will be something that will be used, whether we like it or not. It’s good to see
that IP SLA and NTP being included. Also, CCNP candidates must now know Netflow.

Implementing Cisco IP Switched Networks (300-115)

This is the new version of the SWITCH exam. The old version was 642-813. The
new blueprint is here.

1.0 Layer 2 Technologies 65%

1.1 Configure and verify switch administration
1.1.a SDM templates
1.1.b Managing MAC address table
1.1.c Troubleshoot Err-disable recovery
1.2 Configure and verify Layer 2 protocols
1.2.a CDP, LLDP
1.2.b UDLD
1.3 Configure and verify VLANs
1.3.a Access ports
1.3.b VLAN database
1.3.c Normal, extended VLAN, voice VLAN
1.4 Configure and verify trunking
1.4.a VTPv1, VTPv2, VTPv3, VTP pruning
1.4.b dot1Q
1.4.c Native VLAN
1.4.d Manual pruning
1.5 Configure and verify EtherChannels
1.5.a LACP, PAgP, manual
1.5.b Layer 2, Layer 3
1.5.c Load balancing
1.5.d EtherChannel misconfiguration guard
1.6 Configure and verify spanning tree
1.6.a PVST+, RPVST+, MST
1.6.b Switch priority, port priority, path cost, STP timers
1.6.c PortFast, BPDUguard, BPDUfilter
1.6.d Loopguard and Rootguard
1.7 Configure and verify other LAN switching technologies
1.7.a PAN, RSPAN
1.8 Describe chassis virtualization and aggregation technologies
1.8.a Stackwise

The blueprint is more detailed but I don’t see a lot of things added. There are
some real world additions, such as SDM templates and Stackwise. This will be useful
for CCNP candidates at their jobs. VTP version 3 has been added and also topics
on chassis virtualization such as VSS and vPC. All versions of STP are included which
is to be expected. Nothing major added here in my opinion.

2.0 Infrastructure Security 20%

2.1 Configure and verify switch security features
2.1.a DHCP snooping
2.1.b IP Source Guard
2.1.c Dynamic ARP inspection
2.1.d Port security
2.1.e Private VLAN
2.1.f Storm control
2.2 Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
2.2.a AAA with TACACS+ and RADIUS
2.2.b Local privilege authorization fallback

Not many addidions in this area, private VLANs and storm control is there.
DHCP snooping, DAI, port security and IP Source Guard are all important concepts
to secure the layer 2 part of the network.

3.0 Infrastructure Services 15%

3.1 Configure and verify first-hop redundancy protocols
3.1.a HSRP
3.1.b VRRP
3.1.c GLBP

Nothing has been added here, these protocols are well known and they are the
FHRP protocols that we still use.

Overall, I don’t think much has been added to the SWITCH exam. There are no
topics on wireless, voice and video which could indicate that these topics
are getting moved to other CCNP tracks.

Troubleshooting and Maintaining Cisco IP Networks (300-135)

This is the new version of the TSHOOT exam. The old version was 642-832. The
new blueprint is here.

The new blueprint is a lot more detailed than the old one.

1.0 Network Principles 5%

1.1 Use Cisco IOS troubleshooting tools
1.1.a Debug, conditional debug
1.1.b Ping and trace route with extended options
1.2 Apply troubleshooting methodologies
1.2.a Diagnose the root cause of networking issues (analyze symptoms, identify and describe root cause)
1.2.b Design and implement valid solutions
1.2.c Verify and monitor resolution

Nothing new here really, these are all tools expected to be known by a CCNP candidate.

2.0 Layer 2 Technologies 40%

2.1 Troubleshoot switch administration
2.1.a SDM templates
2.1.b Managing MAC address table
2.1.c Troubleshoot Err-disable recovery
2.2 Troubleshoot Layer 2 protocols
2.2.a CDP, LLDP
2.2.b UDLD
2.3 Troubleshoot VLANs
2.3.a Access ports
2.3.b VLAN database
2.3.c Normal, extended VLAN, voice VLAN
2.4 Troubleshoot trunking
2.4.a VTPv1, VTPv2, VTPv3, VTP pruning
2.4.b dot1Q
2.4.c Native VLAN
2.4.d Manual pruning
2.5 Troubleshoot EtherChannels
2.5.a LACP, PAgP, manual
2.5.b Layer 2, Layer 3
2.5.c Load balancing
2.5.d EtherChannel misconfiguration guard
2.6 Troubleshoot spanning tree
2.6.a PVST+, RPVST +, MST
2.6.b Switch priority, port priority, path cost, STP timers
2.6.c PortFast, BPDUguard, BPDUfilter
2.6.d Loopguard, Rootguard
2.7 Troubleshoot other LAN switching technologies
2.7.a SPAN, RSPAN
2.8 Troubleshoot chassis virtualization and aggregation technologies
2.8.a Stackwise

Most topics here are definitely familiar, VTPv3 has been added. Stackwise has also
been added to the blueprint as well as SDM templates. The other topics are not really
new but are specifically mentioned in the blueprint, which is a good clarification.

3.0 Layer 3 Technologies 40%

3.1 Troubleshoot IPv4 addressing and subnetting
3.1.a Address types (Unicast, broadcast, multicast, and VLSM)
3.1.b ARP
3.1.c DHCP relay and server
3.1.d DHCP protocol operations
3.2 Troubleshoot IPv6 addressing and subnetting
3.2.a Unicast
3.2.b EUI-64
3.2.c ND, RS/RA
3.2.d Autoconfig (SLAAC)
3.2.e DHCP relay and server
3.2.f DHCP protocol operations
3.3 Troubleshoot static routing
3.4 Troubleshoot default routing
3.5 Troubleshoot administrative distance
3.6 Troubleshoot passive interfaces
3.7 Troubleshoot VRF lite
3.8 Troubleshoot filtering with any protocol
3.9 Troubleshoot between any routing protocols or routing sources
3.10 Troubleshoot manual and autosummarization with any routing protocol
3.11 Troubleshoot policy-based routing
3.12 Troubleshoot suboptimal routing
3.13 Troubleshoot loop prevention mechanisms
3.13.a Route tagging, filtering
3.13.b Split-horizon
3.13.c Route poisoning
3.14 Troubleshoot RIPv2
3.15 Troubleshoot EIGRP neighbor relationship and authentication
3.16 Troubleshoot loop free path selection
3.16.a RD, FD, FC, successor, feasible successor
3.17 Troubleshoot EIGPR operations
3.17.a Stuck in active
3.18 Troubleshoot EIGRP stubs
3.19 Troubleshoot EIGRP load balancing
3.19.a Equal cost
3.19.b Unequal cost
3.20 Troubleshoot EIGRP metrics
3.21 Troubleshoot EIGRP for IPv6
3.22 Troubleshoot OSPF neighbor relationship and authentication
3.23 Troubleshoot network types, area types, and router types
3.23.a Point-to-point, multipoint, broadcast, nonbroadcast
3.23.b LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
3.23.c Internal router, backbone router, ABR, ASBR
3.23.d Virtual link
3.24 Troubleshoot OSPF path preference
3.25 Troubleshoot OSPF operations
3.26 Troubleshoot OSPF for IPv6
3.27 Troubleshoot BGP peer relationships and authentication
3.27.a Peer group
3.27.b Active, passive
3.27.c States and timers
3.28 Troubleshoot eBGP
3.28.a eBGP
3.28.b 4-byte AS number
3.28.c Private AS

There is added focus on IPv6, as expected. As mentioned before, 4 byte AS numbers
and private AS has been added. VRF lite is also included and I think these are
good additions.

4.0 VPN Technologies 5%

4.1 Troubleshoot GRE

GRE is still there, it’s worth 5% of the exam which is good to know.

5.0 Infrastructure Security 5%

5.1 Troubleshoot IOS AAA using local database
5.2 Troubleshoot device access control
5.2.a Lines (VTY, AUX, console)
5.2.b Management plane protection
5.2.c Password encryption
5.3 Troubleshoot router security features
5.3.a IPv4 access control lists (standard, extended, time-based)
5.3.b IPv6 traffic filter
5.3.c Unicast reverse path forwarding

These topics should not be new, access lists are still there, maybe with the addition of
IPv6. The other topics seem quite straight forward.

6.0 Infrastructure Services 5%

6.1 Troubleshoot device management
6.1.a Console and VTY
6.1.b Telnet, HTTP, HTTPS, SSH, SCP
6.1.c (T) FTP
6.2 Troubleshoot SNMP
6.2.a v2
6.2.b v3
6.3 Troubleshoot logging
6.3.a Local logging, syslog, debugs, conditional debugs
6.3.b Timestamps
6.4 Troubleshoot Network Time Protocol(NTP)
6.4.a NTP master, client, version 3, version 4
6.4.b NTP authentication
6.5 Troubleshoot IPv4 and IPv6 DHCP
6.5.a DHCP client, IOS DHCP server, DHCP relay
6.5.b DHCP options (describe)
6.6 Troubleshoot IPv4 Network Address Translation (NAT)
6.6.a Static NAT, Dynamic NAT, PAT
6.7 Troubleshoot SLA architecture
6.8 Troubleshoot tracking objects
6.8.a Tracking objects
6.8.b Tracking different entities (for example, interfaces, IPSLA results)

This section has some additions such as VTPv3, SNMPv3, NTP and IP SLA.
These are all good additions and something a CCNP level engineer would be expected
to know, at least at a basic level. All these topics are worth 5%, the same as GRE,
so they are not major topics.

Summary

CCNP RS version 2 is here, but there is no reason to panic. This post has taken a look
at the blueprint and it seems it is just a revamped version. It’s not a major overhaul.
A guesstimate would say that maybe 20% of the topics are new, the blueprint is mostly
the same but much more detailed and with weights, this makes it easer for a CCNP
candidate to build a study plan and study at the correct depth.

There are some additions such as VRF lite which are good real world additions.
In summary I think Cisco has done a good job of updating the CCNP curriculum.