CCIE DC: Unfiltered Blog Post from IPExpert Bootcamp day 2 and 3

Hi Guys!

Sorry for no update yesterday, I went out with some of the nice people from the bootcamp so didn't get home until late.

Here are some of those 1 percenters we covered off today in the bootcamp:

• With authentication key chains, the key chain number must match
• Show vpc role is a nice handy once off command to show the roles and configured priorities etc of both switches easily
• Graceful consistency check was explained in greater detail for me, basically it is on by default and allows vPC to turn off the secondary vPC peer's member port for a particular vPC if there are either global vPC config mismatches (consistency parameters) OR issues on a particular member, now if you turn it on, instead BOTH vPC member ports on both switches stay up but the vlan's go into err-disabled state, which is not as nice as the graceful failover, hence 'Graceful consistency check"
• The "Authentication-check" command for ISIS authentication is ON by default, if you turn it OFF, the devices will auth with each other, _BUT_ they will STILL establish adjacency even if there was a password error, but if you have authentication check ON (whcih is the default don't forget) then the adjacency won't work if the passwords are wrong, so saying under an int: no authentication-check is a great way to troubleshoot your auth
• did you know that you can say peer-gateway and then also "Exclude-vlan" to exclude specific vlan's from having the peer-gateway feature if for some reason you need to garuantee that those particular vlan's your excluding are RFC compliant or something like that
• Here was a big one, i think i ran into this before but forgot; OTV INTERFACE ID's _MUST_ match between OTV peers, they MUST or it won't work, because the OTV interface ID becomes the VPN Name
• (One of the guys in the bootcamp came out with this command) show fspf internal route is a great way to see your FC Routes
• Here was another huge one, i totally forgot how to do this, "POWEROFF MODULE 2" to turn off the expansion slot module on a Nexus 5000
• DId you know you can make vsan 1 inactive? you can't delete it, but you can suspend it with: vsan 1 suspend, Rick mur pointed this out, and then you will have problems with your trunk links if you do this
• Did you know you can restrict CFS functions to certain areas of the network using regions

Sorry that it's a bit all over the place guys but i hope it helps someone