Home Page Icon
Home Page
Table of Contents for
II. Network Case Studies
Close
II. Network Case Studies
by Cisco Systems, Inc.
CCIE Fundamentals: Network Design and Case Studies, Second Edition
Copyright
About the Contributors
Atif Khan: Edited Chapters 1, 2, 3, 4
Ronald W. McCarty, Jr.: Edited Chapter 5
Christopher J. Beveridge: Edited Chapter 6
Nicole Park: Edited Chapters 7, 8
George Sackett and Nancy Sackett: Wrote Chapter 9
Salman Asad: Edited Chapters 10, 11, 19, 20, 21
Christophe Paggen: Edited Chapter 12
Beau Williamson: Wrote Chapter 13
Paul Della Maggiora, et al.: Wrote Chapter 14
Russ White: Wrote Chapter 15
Anthony Bruno: Edited Chapters 16, 17
Himanshu Desai: Wrote Chapter 18
Thomas M. Thomas II: Edited Chapter 22
About the Technical Reviewers
Foreword
Preface
About This Book
Author Acknowledgments
Document Objectives
Audience
Document Conventions
CCIE Program and Cisco Press
CCIE Program Description
CCIE Certification Laboratory
Cisco Press CCIE Series
Disclaimer
I. Network Design
1. Introduction
Designing Campus Networks
Trends in Campus Design
Designing WANs
Trends in WAN Design
Utilizing Remote Connection Design
Trends in Remote Connections
Trends in LAN/WAN Integration
Providing Integrated Solutions
Determining Your Networking Requirements
The Design Problem: Optimizing Availability and Cost
Assessing User Requirements
Assessing Proprietary and Nonproprietary Solutions
Assessing Costs
Estimating Traffic: Workload Modeling
Sensitivity Testing
Summary
2. Network Design Basics
Understanding Basic Networking Concepts
Overview of Networking Devices
Switching Overview
Layer 2 and Layer 3 Switching
Implications of Layer 2 and Layer 3 Switching
Identifying and Selecting Networking Capabilities
Identifying and Selecting a Networking Model
Using the Hierarchical Design Model
Function of the Core Layer
Function of the Distribution Layer
Function of the Access Layer
Evaluating Backbone Services
Path Optimization
Traffic Prioritization
Priority Queuing
Custom Queuing
Weighted Fair Queuing
Load Balancing
Alternative Paths
Switched Access
Encapsulation (Tunneling)
IBM Features
Generic Routing Encapsulation (GRE)
Evaluating Distribution Services
Backbone Bandwidth Management
Area and Service Filtering
Policy-Based Distribution
Gateway Service
Interprotocol Route Redistribution
Media Translation
Evaluating Local-Access Services
Value-Added Network Addressing
Network Segmentation
Broadcast and Multicast Capabilities
Naming, Proxy, and Local Cache Capabilities
Media Access Security
Router Discovery
Choosing Networking Reliability Options
Redundant Links Versus Meshed Topologies
Redundant Power Systems
Fault-Tolerant Media Implementations
Backup Hardware
Identifying and Selecting Networking Devices
Benefits of Switches (Layer 2 Services)
Benefits of Routers (Layer 3 Services)
Backbone Routing Options
Multiprotocol Routing Backbone
Single-Protocol Backbone
Types of Switches
LAN Switches
ATM Switches
Workgroup and Campus ATM Switches
Enterprise ATM Switches
Multiservice Access Switches
Switches and Routers Compared
Role of Switches and Routers in VLANs
Examples of Campus Switched Network Designs
Summary
3. Designing Large-Scale IP Networks with Interior Gateway Protocols
Implementing Routing Protocols
Network Topology
Addressing and Route Summarization
Route Selection
Convergence
Network Scalability
Memory
CPU
Bandwidth
Security
EIGRP Network Design Guidelines
EIGRP Network Topology
EIGRP Addressing
EIGRP Route Summarization
EIGRP Route Selection
EIGRP Convergence
EIGRP Network Scalability
Memory
CPU
Bandwidth
EIGRP Security
OSPF Network Design Guidelines
OSPF Network Topology
Backbone Considerations
Area Considerations
OSPF Addressing and Route Summarization
OSPF Route Summarization
Separate Address Structures for Each Area
Bit-Wise Subnetting and VLSM
Private Addressing
Route Summarization Techniques
Area-to-Backbone Route Advertisement
Backbone-to-Area Route Advertisement
OSPF Route Selection
Tuning OSPF Metrics
Controlling Interarea Traffic
Load Balancing in OSPF Networks
OSPF Convergence
OSPF Network Scalability
Memory
CPU
Bandwidth
OSPF Security
OSPF NSSA (Not-So-Stubby Area) Overview
Using OSPF NSSA
Type 7 LSA Characteristics
Configuring OSPF NSSA
NSSA Implementation Considerations
OSPF On-Demand Circuit
Why Use OSPF On-Demand Circuit?
OSPF On-Demand Circuit Operation
Configuring OSPF On-Demand Circuit
Implementation Considerations for OSPF On-Demand Circuit
OSPF Over Nonbroadcast Networks
NBMA Mode
Point-to-Multipoint Mode
On-Demand Routing
Benefits of On-Demand Routing
Considerations When Using ODR
Summary
4. Designing Large-Scale IP Networks with BGP
BGP Operation
Internal BGP
External BGP
Synchronization
Disabling Synchronization
BGP and Route Maps
Advertising Networks
Redistributing Static Routes
Redistributing Dynamic Routes
Using the network Command
BGP Attributes
AS_path Attribute
Origin Attribute
Next Hop Attribute
Next Hop Attribute and Multiaccess Media
Next Hop Attribute and Nonbroadcast Media Access
Weight Attribute
Using an Access List to Set the Weight Attribute
Using a Route Map to Set the Weight Attribute
Using the neighbor weight Command to Set the Weight Attribute
Local Preference Attribute
Using the bgp default local-preference Command
Using a Route Map to Set Local Preference
Multi-Exit Discriminator Attribute
Community Attribute
BGP Path Selection Criteria
Understanding and Defining BGP Routing Policies
Administrative Distance
BGP Filtering
Prefix Filtering
AS_path Filtering
Route Map Filtering
Community Filtering
BGP Peer Groups
CIDR and Aggregate Addresses
Confederations
Route Reflectors
Route Flap Dampening
Summary
5. Designing ATM Networks
ATM Overview
Role of ATM in Networks
ATM Functional Layers
Physical Layer
Physical Medium Sublayer
Transmission Convergence Sublayer
ATM Layer
ATM Adaptation Layer (AAL)
AAL1
AAL2
AAL3/4
AAL5
ATM Addressing
Fields of an ATM Address
ATM Media
Multiservice Networks
Integrated Solutions
Different Types of ATM Switches
Workgroup and Campus ATM Switches
Enterprise ATM Switches and Routers
Carrier Class Switches
Structure of an ATM Network
Operation on an ATM Network
Role of LANE
LANE Components
How LANE Works
LANE Operation
Finding the LECS
Contacting the LECS
Configuring the LECS Database
Joining the LES
Finding the BUS
Joining the BUS
Address Resolution
LANE Implementation
LANE Design Considerations
PNNI in LANE Networks
Scaling an ELAN—Spanning-Tree Protocol Issues
LANE Redundancy
Issues in a LANE Network
Resiliency in LANE Networks
LECS Redundancy
LES/BUS Redundancy
SSRP Usage Guidelines
SSRP Configuration Guidelines
SSRP Interoperability Notes
Behavior of SSRP with the Well Known LECS Address
Behavior of SSRP in Network Partitions
HSRP over LANE
Redundant Modules for Cisco ATM Switches
Summary
6. Designing Packet Service Networks and Voice over Frame Relay Networks
Understanding Packet-Switched Network Design
Hierarchical Design
Scalability of Hierarchical Networks
Manageability of Hierarchical Networks
Optimization of Broadcast and Multicast Control Traffic
Topology Design
Star Topologies
Fully Meshed Topologies
Partially Meshed Topologies
Broadcast Issues
Performance Issues
Frame Relay Network Design
Hierarchical Design for Frame Relay Networks
Hierarchical Meshed Frame Relay Networks
Hybrid-Meshed Frame Relay Networks
Regional Topologies for Frame Relay Networks
Star Topologies
Fully Meshed Topologies
Partially Meshed Topologies
Broadcast Issues for Frame Relay Networks
Creating a Broadcast Queue for an Interface
Performance Issues for Frame Relay Networks
Packet-Switched Service Provider Tariff Metrics
Multiprotocol Traffic-Management Requirements
Configuring Frame Relay Traffic Shaping
Voice over Frame Relay Design
Human Speech Characteristics
Removing Repetition in Voice Conversations
Silence Suppression in Voice Conversations
Voice Frame Formation and Fragmentation
Voice Compression Algorithms
Echo Phenomenon and Echo Cancelers
Delay and Delay Variation Transport Issues
Frame Loss Issues
Fax and Modem Support
Traffic Prioritization across Frame Relay Transport
Delay Control Using Frame Fragmentation
Silence Removal Using Digital Speech Interpolation
Bandwidth Optimization Using Multiplexing Techniques
Summary
7. Designing APPN Networks
Evolution of SNA
Role of APPN
Types of APPN Nodes
When to Use APPN as Part of a Network Design
APPN Network Node at Every Branch
When CoS Is Required
When Branch-to-Branch Routing Is Required
When to Use APPN Versus Alternative Methods of SNA Transport
Overview of APPN
Defining Nodes
APPN Node Identifiers
Establishing APPN Sessions
Understanding Intermediate Session Routing
Using Dependent Logical Unit Requester/Server
Cisco Implementation of APPN
Scalability Issues
Topology Database Update Reduction
Reducing the Number of Links
Reducing the Number of CP-CP Sessions
Reducing the Number of Network Nodes
APPN over DLSw+
APPN over FRAS BNN/BAN
APPN over RSRB
LOCATE Search Reduction
Safe-Store of Directory Cache
Partial Directory Entries
Central Directory Server (CDS)/Client
Central Resource Registration
Backup Techniques in an APPN Network
Link Backup
Full Redundancy
SSCP Takeover
APPN in a Multiprotocol Environment
Bandwidth Management and Queuing
Other Considerations with a Multiprotocol Environment
Network Management
Configuration Examples
Simple APPN Network Configuration
Sample Configurations
Router A Configuration
Router B Configurations
Router C Configuration
Router D Configuration
APPN Network Configuration with End Stations
Sample Configurations
Sample Configuration for Router A
Sample Configuration for Router B
Sample Configuration for Router C
APPN over DLSw+ Configuration Example
Sample Configurations of DLSw+ Router A
Sample Configuration of DLSw+ ROUTERA
Sample Configuration for Workstation Attached to ROUTERA
Sample Configuration for DLSw+ ROUTERB
Sample Configuration for Workstation Attached to ROUTERB
Example of Subarea to APPN Migration
Example of APPN/CIP in a Sysplex Environment
Sysplex Overview
Sysplex with APPN Using Subarea Routing—Option One
Sysplex Using Subarea/APPN Routing—Option Two
Sysplex Using APPN Routing—Option Three
The Company's Network
Sample Configuration
Example of APPN with FRAS BNN
APPN in the Data Center
APPN in the Remote Site
Future Configuration
Using Border Node on VTAM to Partition the Network into Smaller Subnets
Using FRAS BNN to Reduce the Number of Network Nodes
Summary
8. Designing DLSw+ Networks
Introduction to DLSw+
DLSw+ Defined
DLSw Standard
Establish Peer Connections
Exchange Capabilities
Establish Circuit
Flow Control
DLSw+ Features
DLSw+ Improved Scalability
Peer-Group Concept
Explorer Firewalls
DLSw+ Enhanced Availability
DLSw+ Transport Flexibility
DLSw+ Modes of Operation
How to Proceed
Getting Started with DLSw+
Minimum Required Configuration
Token Ring
Ethernet
SDLC
QLLC
DLSw+ Advanced Features
How DLSw+ Peers Establish Connections
Load Balancing and Redundancy
Controlling Peer Selection
Backup Peers
Backup Peers Compared to Multiple Active Peers
Encapsulation Options
TCP Encapsulation
FST Encapsulation
Direct Encapsulation
LLC2 Encapsulation (DLSw Lite)
Encapsulation Overhead
Port Lists
Peer Groups, Border Peers, and On-Demand Peers
Dynamic Peers
When to Use Dynamic Peers
SNA Dial-on-Demand Routing
Other Considerations
Local Switching
Summary
9. CIP Design and Configuration
Design Criteria
All in One
CIP and SNA Combined
CIP Solo
Design Configurations
ESCON, PCA and MPC Configurations
High Availability Using RSRB to Mainframe Using Dual CIP Routers
High Availability and Load Balancing Using DLSw+ to Dual CIP Routers
VTAM-to-VTAM Communications Through a Single CIP Router with Two CIPs
TN3270 Session Switching Using DLUR/DLUS with VTAM Host Redundancy
CMPC ESCON Connection for APPN HPR to VTAM
Loading the CIP Microcode
Defining CSNA Support
Assigning CSNA to an I/O Device Address
Defining the Internal Virtual LAN
Defining the VTAM XCA Major Node
Defining TN3270 Server Support
TN3270 with DLUR/DLUS Support
CIP CMPC Definition
Transport Resource List Major Node
Define the Local SNA Major Node
Defining the CMPC Subchannels
Defining the CMPC Transmission Group
CIP Configuration Examples
High Availability Using RSRB to Mainframe Using Dual CIP Routers
High Availability and Load Balancing Using DLSw+ to Dual CIP Routers
CMPC Connectivity Between TwoVTAMs over a Single CIP Router
TN3270 Session Switching UsingDLUR/DLUS with VTAM Host Redundancy
VTAM-to-APPN NN Using HPR over CMPC
10. Designing DDR Networks
Introduction to DDR
DDR Design Stack
Dialer Clouds
Traffic and Topology of DDR
Topologies
Point-to-Point Topology
Fully Meshed Topology
Hub-and-Spoke DDR Solutions
Traffic Analysis
Dialer Interfaces
Supported Physical Interfaces
Synchronous Serial Interfaces
ISDN Interfaces
Asynchronous Modem Connections
Dialer Rotary Groups
Dialer Profiles
Encapsulation Methods
Addressing Dialer Clouds
Dialer Maps
Routing Strategies
Static Routing
Dynamic Routing
Selecting a Dynamic Routing Protocol
Passive Interfaces
Split Horizons
Dynamic Connected Routes
Snapshot Routing
Snapshot Model
Enabling Snapshot Routing
Dial Backup for Leased Lines
Backup Interfaces
Floating Static Routes
IPX Static Routes and SAP Updates
Configuring AppleTalk Static Zones
Dialer Filtering
Defining Interesting Packets Using ACLs
SNMP
IPX Packets
Controlling IPX Watchdog Packets
Controlling SPX Keepalive Packets
Time Server and NDS Replica Packets
AppleTalk Filtering
Banyan VINES, DECnet IV, and OSI Packets
Dial-on-Demand and PPP
Authentication
PPP Authentication
CHAP
PAP
ISDN Security
DDR Callback
IPX Access Lists
Summary
11. Designing ISDN Networks
Applications of ISDN in Networking
Dial-On-Demand Routing
Dial Backup
SOHO Connectivity
Modem Aggregation
Building Blocks of ISDN Solutions
ISDN Connectivity
Datagram Encapsulation
DDR: Dial-On-Demand Routing
Security Issues
Cost-Containment Issues
ISDN Connectivity Issues
Establishing BRI Connectivity
BRI Hardware
BRI Configuration
Confirming BRI Operations
BRI Notes
Establishing ISDN Primary Rate Interface (PRI)
PRI Configuration
Confirming PRI Operations
ISDN End-to-End Considerations
Signaling System 7
Data-Path Speed
Datagram-Encapsulation Issues
Point-to-Point Protocol (PPP)
ISDN Security
ISDN Scaling Techniques
Virtual Remote Nodes
Cisco 700 PAT and DHCP
Virtual Profiles
MultiChassis MultiLink PPP (MMP)
ISDN Cost-Containment Issues
Traffic Analysis
Tariff Structure
User Education
Using SNMP
Cisco Enterprise Accounting (CEA) for ISDN
AAA Accounting
Troubleshooting ISDN
Troubleshooting the Physical Layer
The debug bri Command
Troubleshooting PRI Layer 1 Problems
Troubleshooting the Data Link Layer
Troubleshooting the TEI Process
Troubleshooting the Network Layer
Q.931
SPIDs
RELEASE_COMP Messages
Link Control Protocol
PPP Authentication Type
Network Control Protocols
Summary
12. Designing Switched LAN Networks
Evolution from Shared to Switched Networks
Technologies for Building Switched LAN Networks
Role of LAN Switching Technology in Campus Networks
Switched Network Solutions
Components of the Switched Networking Model
Scalable Switching Platforms
ATM Switches
Workgroup and Campus ATM Switches
Enterprise and Multiservice ATM Switches
LAN Switches
Multiservice Access Switches
Routing Platforms
Common Software Infrastructure
VLANs
Problems Inherent to the Spanning-Tree Protocol
Network Management Tools and Applications
Switched LAN Network Designs
The Hub-and-Router Model
The Campus-Wide VLAN Model
Multiprotocol over ATM
The Multilayer Model
The New 80/20 Rule
Components of the Multilayer Model
Redundancy and Load Balancing
Scaling Bandwidth
Policy in the Core
Positioning Servers
ATM/LANE Backbone
IP Multicast
Scaling Considerations
Migration Strategies
Security in the Multilayer Model
Bridging in the Multilayer Model
Advantages of the Multilayer Model
Summary
13. PIM Sparse Mode
Explicit Join Model
PIM-SM Shared Trees
Shared Tree Joins
Shared Tree Prunes
PIM-SM Shortest Path Trees
Shortest Path Tree Joins
Shortest Path Tree Prunes
PIM Join/Prune Messages
PIM-SM State-Refresh
Source Registration
PIM Register Messages
PIM Register-Stop Messages
Source Registration Example
Shortest Path Tree Switchover
SPT Switchover Example
Pruning Sources from the Shared Tree
PIM-SM Designated Router
The Role of the Designated Router
Designated Router Failover
RP Discovery
PIM-SM Suitability/Scalability
Summary
II. Network Case Studies
14. Switched Network Management
Overview
Audience for This Chapter
Terms and Acronyms Used in This Chapter
Network Management Overview
Cisco Device Technical Overview
Introduction to Switches
Central Processing Unit (CPU) and Application-Specific Integrated Circuits (ASICs)
Content-Addressable Memory (CAM) Table
The Path of a Packet
Transparent Versus Translational Bridging
VLANs and VLAN Services
Spanning-Tree Protocol (STP)
Switched Port Analyzer (SPAN) Functionality and Purpose
Introduction to Routers
Introduction to Layer 3 Switches
Technology Common to Switches and Routers
Cisco Discovery Protocol (CDP)
Embedded Remote Monitoring (RMON)
Network Management Protocols
Basic Protocols
Telnet
SNMP
RMON
Syslog
Event Model Overview
Event Types
Syslog Messages
SNMP Traps
Platform Events
Event Processing
Event Collection
Event Knowledge
Event Filtering
Event Correlation
Cisco Event Model
Theoretical Event Model
Commercial Event-Correlation Systems
Network Management Guidelines
Start with a Good Design and Secure Closets
Identify Critical Ports; Leave the Rest Alone
Set Up Fault Monitoring
Monitoring Availability
Setting Up Syslog
Setting Up SNMP Traps
Collect Baseline Data
Define and Set Thresholds
Defining Threshold Values
Adjust Thresholds
Reduce Baseline Data Collection
Revisit and Gather Baseline Data on a Regular Basis
Cisco Catalyst Switch Recommendations
Design and Configuration Recommendations
Network Design
Data Acquisition
Telnet and the CLI
SNMP Polling
Monitor Polling
Threshold Polling
Performance Polling
RMON
RMON Memory Constraints
Catalyst 5000 Family
Syslog Memory Constraints
VLANs and Community String Indexing
SNMP Interface Indexing from ifIndex and ifName
Setting Up SNMP, SPAN, Syslog, and Traps
Switch Resource Status
SNMP MIBS
CLI (Command-Line Interface)
show biga—Switch Resource Errors (RsrcErrors)
show inband—Switch Resource Errors (RsrcErrors)
show mbuf
ps –c
show log
Chassis and Environmental Status
SNMP MIBS
CLI
show system
show test
Module Status
SNMP MIBS
CLI
show module
show test module number
Spanning-Tree Topology
SNMP MIBs
CLI
show spantree
Bridge Forwarding Database (CAM) Information
SNMP MIBs
CLI
show cam count dynamic
Port Errors
SNMP MIBs
CLI
show port counters
Port Utilization, Broadcast, Multicast, and Unicast Ratios
SNMP MIBs
CLI
show mac
Client Usage (Utilization Accounting)
Response-Time Reporting
MIB Variables for Switched Environments
Alignment Errors
FCS Errors
Runts
Other Objects to Monitor
Simple MIB Objects
MIB-II
CISCO-STACK-MIB
System and Chassis Groups
Module Conditions
Port Conditions
Trunk Conditions
VLAN Conditions
EtherChannel Conditions
RSM Conditions
Miscellaneous Conditions
Further Correlation
Cisco Router Recommendations
Fault Management
Monitoring Network Status
Problem Detection and Notification
Syslog Messages
SNMP
RMON
Problem Diagnosis and Service Restoration
System Internals
Environmental Monitor
Performance Management
Establishing a Baseline of Network Performance
Defining Service-Level Agreement and Metrics
Performance Monitoring and Measurement
CPU Utilization and Memory/Buffers Allocation
Network-Based Correlation Scenarios
Periodic Reachability Test
Logical Topology Database
Physical Topology Database
Baselining
Customization
Problems Scenarios
Basic Filtering Functions
Device Restart Conditions #1
Device Restart Conditions #2
Detect Link Up/Down Conditions
Spanning-Tree Topology Changes
Router/Switch Down Problem
Device Performance Problem
Environmental Problem #1
Environmental Problem #2
Summary
15. Packet Switching Architecture
Routing 101: Process Switching
Traffic Load Sharing with Process Switching
Disadvantages of Process Switching
Fast Switching: Caching to the Rescue
Fast Cache Organization
Fast Cache Limitations for IP Routing
Maintaining the Cache
Cache Invalidation
Cache Aging
Traffic Load Sharing Considerations with Fast Switching
Optimum Switching
Cisco Express Forwarding
How CEF Works
The CEF Table
The Adjacency Table
The CEF Method and Its Advantages
Traffic Load Sharing with CEF
CEF in Review
Summary
16. EIGRP and OSPF Redistribution
Setting Up EIGRP and OSPF Mutual Redistribution
Configuration File Examples
Verifying the Redistribution of Routes
Adding a Route to the Redistribution List
Summary
17. Configuring EIGRP for Novell and AppleTalk Networks
Novell IPX Network
Configuring a Novell IPX Network
Adding EIGRP to a Novell IPX Network
Route Selection
Redistribution and Metric Handling
Reducing SAP Traffic
AppleTalk Network
Configuring an AppleTalk Network
Adding EIGRP to an AppleTalk Network
Route Selection
Metric Handling
Redistribution
Summary
18. Designing, Configuring, and Troubleshooting Multiprotocols over ATM
Introduction
Multiprotocols over ATM with AAL5 (RFC 1483)
Using PVCs
Design Considerations
Topology (PVCs)
Configuring with PVCs
Troubleshooting with PVCs
Using SVCs
Topology (SVCs)
Configuring with SVCs
Troubleshooting with SVCs
Classical IP over ATM (RFC 1577)
Design Considerations
Topology
Configuration
Troubleshooting
LAN Emulation Introduction
Design Considerations
Topology
Configuration
Troubleshooting
LEC-to-LECS Connect Phase
LEC-to-LES Control Connections
LEC-to-BUS Connections
LEC-to-LEC Connection
Multiprotocols over ATM ( MPOA)
Design Considerations
Topology
Configuration of MPOA
Troubleshooting
Discovering the MPS
MPOA Resolution Request and Reply
MPOA Cache Imposition Request and Reply
Summary
19. Dial-on-Demand Routing
Having the Central Site Dial Out
Configuring One Interface per Remote Site
Central Site: Dial Out Only
Interface Configuration
Routing Configuration
Access List Configuration
Remote Sites: Dial In Only
Configuring a Single Interface for Multiple Remote Sites
Central Site: Dial Out Only
Interface Configuration
Routing Configuration
Access List Configuration
Remote Sites: Dial In Only
Configuring Multiple Interfaces for Multiple Remote Sites
Central Site: Dial Out Only
Interface Configuration
Routing Configuration
Access List Configuration
Remote Sites: Dial In Only
Having the Central and Remote Sites Dial In and Dial Out
Configuring One Interface per Remote Site
Central Site: Dial In and Dial Out
Remote Sites: Dial In and Dial Out
Hong Kong
Singapore
Tokyo
Configuring a Single Interface for Multiple Remote Sites
Central Site: Dial In and Dial Out
Remote Sites: Dial In and Dial Out
Hong Kong
Singapore
Configuring Multiple Interfaces for Multiple Remote Sites
Central Site: Dial In and Dial Out
Remote Sites: Dial In and Dial Out
Hong Kong
Singapore
Tokyo
Having Remote Sites Dial Out
Configuring Multiple Interfaces for Multiple Remote Sites
Central Site: Dial In Only
Remote Sites: Dial Out Only
Hong Kong
Singapore
Tokyo
Using DDR as a Backup to Leased Lines
Floating Static Routes
Central Site
Remote Sites
Floating Static Routes on Shared Interfaces
Using Leased Lines and Dial Backup
DTR Dialing
Central Site
Remote Sites
V.25bis Dialing
Chat Scripts
Writing and Implementing Chat Scripts
Chat Scripts and Dialer Mapping
Summary
20. Scaling Dial-on-Demand Routing
Network Design Considerations
Traffic Patterns
Media Selection
Application Protocol Requirements
The Hardware Solution
The Software Solution
Authentication
Network Layer Addressing
Subnet Address Assignment
Next-Hop Address
Routing Strategy
Configuring the Central-Site Access Routers
Username Configuration for the Remote Sites
Dialup Configuration for the Remote Sites
Loopback Interface Configuration
Asynchronous Line Configuration
Dialer Interface Configuration
OSPF Routing Configuration
RIP Routing Configuration
Static Routing Configuration
Security Issues
Configuration File Size
Configuring the Remote-Site Routers
Chat Script Configuration for Dialing the Central Site
Configuring the Asynchronous Interface
Using the site Command
Static Routing Configuration
The Complete Configurations
CENTRAL-1 Configuration
Router2 Configuration
Dial Enterprise Networks
Dial ISP Networks
Summary
21. Using ISDN Effectively in Multiprotocol Networks
Configuring DDR over ISDN
Native ISDN Interfaces
Configuring an ISDN Interface
Central Site
Controller Configuration
Interface Configuration
Routing Configuration
Access List Configuration
Home Site
Nick
Dave
Configuring Calling Line Identification Numbers
Central Site
Home Site
Configuring Callback
Configuring Snapshot Routing over ISDN
Upgrading the Telecommuting Network
Central Site Modified for Snapshot Routing
Home Site Modified for Snapshot Routing
Snapshot and Novell IPX Networks
Server Router Configuration
Interface Configuration
Access List Configuration
Client Router Configuration
Interface Configuration
Configuring AppleTalk over ISDN
Router A Configuration
Interface Configuration
Access List Configuration
Router B Configuration
Configuring IPX over ISDN
Example Network Scenario for Configuring IPX over ISDN
Configuration for the C2503 Router
Explanation of the C2503 Configuration
Lines 1–11
Line 12
Line 12
Line 13
Lines 16–17
Line 18
Lines 20–29
Line 30
Line 31
Line 32
Line 33
Line 34
Lines 35–36
Line 37
Line 38
Line 39
Lines 40–41
Line 42
Lines 44–47
Line 48
Line 49
Line 51
Line 54
Lines 56–62
Configuration for the C4000 Router
Summary
22. Increasing Security in IP Networks
Overview of Cisco Security and Network Assessment
Security Posture Assessment
Incident Control and Recovery Service
Cyber-Warfare: Is It Happening?
What Are the Threats?
What Is the Purpose of Cyber-Warfare?
Network Vulnerabilities
Vulnerabilities in Cisco CHAP Authentication
TCP Loopback Denial of Service Attack (land.c) and Cisco Devices
"Smurfing" Denial of Service Attacks
UDP Diagnostic Port Denial of Service Attacks
Cisco IOS Password Encryption
Assessing the Need for Security
Security Policy
How Do I Create a Network Security Policy?
Document and Audit Your Security Policy
Understanding Cisco's Approach to Network Security
Know Your Enemy
Count the Cost
Identify Your Assumptions
Control and Limit Your Secrets
Always Remember Human Factors
Know Your Weaknesses
Limit the Scope of Access
Understand Your Environment
Limit Your Trust
Remember Physical Security
Security Is Pervasive
Controlling Access to Cisco Routers
Console Access
Assigning a Nonprivileged Mode Password
Assigning a Privileged Mode Password
Telnet Access
Assigning a Nonprivileged Mode Password
Assigning a Privileged Mode Password
Simple Network Management Protocol (SNMP) Access
Assigning a Nonprivileged Mode Password
Assigning a Privileged Mode Password
Additional Techniques to Secure a Router
Session Timeouts
Password Encryption
Restricting Telnet Access to Particular IP Addresses
Restricting Telnet Access TCP Ports
Earlier Software Releases
Software Releases 9.1 (11.5), 9.21 (3.2), and 10.0 and Later
Access Control Lists
Operation
Applying Access Lists to the Router
Wildcard Mask
Standard Access Control Lists
Standard Access List Configuration
Standard Access List Example
Extended Access Control Lists
Extended Access List Configuration
Extended Access List Example
Reflexive Access Control Lists
Reflexive Access Control List Example
External Interface
Internal Interface
Configuring a Reflexive Access Control List
Reflexive Access Control List Configuration Example
Golden Rules of Reflexive ACL Implementation
Dynamic Access Lists (Lock-and-Key Security)
Implementation Considerations of Lock-and-Key Access
Configuring User Authentication
Dynamic Access List Golden Rules
Deleting a Dynamic Access List
Dynamic Access List Configuration Example
Terminal Access Controller Access Control System
Nonprivileged Access
Privileged Access
Token Card Access
Further Cisco Security Measures
Controlling Access to Network Servers that Contain Configuration Files
Using Banners to Set Up Unauthorized Use Notifications
Securing Nonstandard Services
Privilege-Level Security
Privilege-Level Command Modes
Privilege-Level Configuration Example
Network Data Encryption
Case Study #1:Routing Protocol Authentication
OSPF Neighbor Router Authentication
Benefits of OSPF Neighbor Authentication
Conditions for Deploying OSPF Neighbor Authentication
How Neighbor Authentication Works
Plain Text Authentication
MD5 Authentication
Troubleshooting OSPF and Authentication
Case Study #2: Designing Your Firewall Architecture
Controlling Traffic Flow
Configuring the Firewall Router
Defining Firewall Access Lists
Applying Access Lists to Interfaces
Configuring the Firewall Communication Server
Defining the Communication Server's Access Lists
Applying Access Lists to Lines
Spoofing and Inbound Access Lists
Well-Known Port Assignments
Bibliography and Recommended Reading
Books and Periodicals
Requests For Comments (RFCs)
Internet Directories
Summary
23. Using HSRP for Fault-Tolerant IP Routing
Understanding How HSRP Works
Configuring HSRP
Configuring Multiple Hot Standby Groups
Interface Tracking
Load Sharing
Using HSRP with Routed Protocols
AppleTalk, Banyan VINES, and Novell IPX
DECnet and XNS
Summary
III. Appendixes
A. Subnetting an IP Address Space
B. IBM Serial Link Implementation
Comparing Half Duplex and Full Duplex
Asynchronous Line Definitions
IBM SNA-Specific Definitions
DCE Definitions
Understanding Multipoint Connections
C. SNA Host Configuration for SRB Networks
FEP Configuration
VTAM-Switched Major Node Definitions
3174 Cluster Controller Configuration Example
D. SNA Host Configuration for SDLC Networks
FEP Configuration for SDLC Links
3174 SDLC Configuration Worksheet
E. Broadcasts in Switched LAN Networks
IP Multicasting
Using Broadcasts with IP Networks
Using Broadcasts with Novell Networks
Using Broadcasts with AppleTalk Networks
Using Broadcasts with Multiprotocol Networks
F. Reducing SAP Traffic in Novell IPX Networks
Configuring Access Lists to Filter SAP Updates
Central Site
Remote Sites
IPX Server and Client
IPX Clients
Configuring Incremental SAP Updates
Central Site
Remote Sites
IPX Server and Client
IPX Clients
Summary
G. Packet Voice Primer
Overview
Introduction
Voice Coding
Voice Coding Standards
Compression Quality
Delay
Packet Voice Transport Options and Issues
Synchronous Circuit-Switched Networks
Frame/Cell Networks
Connectionless Data Networks
X.25 Packet Networks
Private Data Networks
Signaling: Making the Voice Connection
External Signaling
Internal Signaling
Applying Packet Voice
Summary
H. References and Recommended Reading
Books and Periodicals
Technical Publications and Standards
I. Overview of IP Multicast
The Advantages of Multicast
Primer on Multicast Technology
Addressing
Dynamic Registration
Multicast Forwarding
Multicast Routing
Multicast Process
Planning for IP Multicast in Enterprise Network
Enterprise-Wide Multicast: Microsoft NetShow and the Microsoft Multicast Network
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
13. PIM Sparse Mode
Next
Next Chapter
14. Switched Network Management
Part II. Network Case Studies
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset