Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Designing for Cisco Internetwork Solutions (DESGN)
Foundation Learning Guide
Third Edition
Sean Wilkins
Foundation learning for the CCDA DESGN 640-864 exam
Designing for Cisco Internetwork Solutions (DESGN) Foundation Learning Guide, Third Edition, is a Cisco®-authorized, self-paced learning tool for CCDA® foundation learning. This book provides you with the knowledge needed to design enterprise networks. By reading this book, you will gain a thorough understanding of designing routed and switched network infrastructures and services involving LAN, WAN, and broadband access for businesses and organizations.
Designing for Cisco Internetwork Solutions (DESGN) Foundation Learning Guide, Third Edition teaches you how to gather internetworking requirements, identify solutions, and design the network infrastructure and services to ensure basic functionality using the principles of hierarchical network design to structure and modularize a converged enterprise network design. Specific topics include understanding the design methodology; structuring and modularizing the network design; designing the Enterprise Campus, Enterprise Data Center, Enterprise Edge, and remote modules as needed; designing an addressing plan and selecting suitable routing protocols; designing basic voice transport across the network; designing a basic wireless solution; and evaluating security solutions. Chapter-ending review questions illustrate and help solidify the concepts presented in the book.
Whether you are preparing for CCDA certification or simply want to gain a better understanding of network design principles, you will benefit from the foundation information presented in this book.
Designing for Cisco Internetwork Solutions (DESGN) Foundation Learning Guide, Third Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.
· Understand network design methodologies and the lifecycle of a network
· Learn how to structure and modularize network designs within the Cisco Network Architectures for the Enterprise
· Design basic campus and data center networks
· Build designs for remote connectivity with WAN technologies
· Examine IPv4 and IPv6 addressing schemes
· Select the appropriate routing protocols for various modules in the enterprise architecture
· Evaluate security solutions for the network
· Identify voice and video networking considerations
· Understand design technologies and considerations when implementing a controller-based wireless network
This book is in the Foundation Learning Guide Series. These guides are developed together with Cisco® as the only authorized, self-paced learning tools that help networking professionals build their understanding of networking concepts and prepare for Cisco certification exams.
(Video) Exam Profile: Cisco CCDA Design
An Overview of Cisco IOS Versions and Naming
Cisco ASA Access Lists Concepts and Configuration
Cisco ASA Basic Internet Protocol Inspection
Cisco IOS Image Concepts and Configuration
IPv6 Translation and Tunneling Technologies
IPv6 Tunneling Technology Configuration
Network Architectures for the Enterprise
CCDA DESGN 640-864: Designing Remote Connectivity
Introduction xxiii
Chapter 1 Network Fundamentals Review 1
Introduction to Networks 2
Protocols and the OSI Model 2
OSI Model 3
Protocols 3
OSI Layers 4
Physical Layer: Layer 1 4
Data Link Layer: Layer 2 4
Network Layer: Layer 3 5
Transport Layer: Layer 4 5
Upper Layers: Layers 5 Through 7 6
Communication Among OSI Layers 6
LANs and WANs 8
Network Devices 10
Terminology: Domains, Bandwidth, Unicast, Broadcast, and Multicast 10
Hubs 11
Physical Interfaces and Ports 11
Switches 11
Switches Versus Bridges 12
Routers 12
Introduction to the TCP/IP Suite 13
TCP/IP Transport Layer Protocols 15
Port Numbers 17
TCP Sequencing, Acknowledgment, and Windowing 18
TCP/IP Internet Layer Protocols 22
Protocols 22
IPv4 Datagrams 22
IPv6 Datagrams 24
Routing 25
Routers Work at the Lower Three OSI Layers 26
Routing Tables 27
Routing Protocols 28
Addressing 29
Physical Addresses 29
Logical Addresses 30
Routing and Network Layer Addresses 31
IPv4 Addresses 31
IPv4 Address Classes 31
Private and Public IPv4 Addresses 32
IPv4 Subnets 33
IPv6 Addresses 34
IPv6 Address Types 36
Switching Types 36
Layer 2 Switching 37
Layer 3 Switching 39
Spanning Tree Protocol 40
Redundancy in Layer 2 Switched Networks 40
STP Terminology and Operation 41
STP Terminology 41
STP States 43
Rapid STP 44
Virtual LANs 45
VLAN Membership 45
Trunks 46
STP and VLANs 46
Inter-VLAN Routing 47
Comprehensive Example 49
Summary 52
Review Questions 52
Chapter 2 Network Design Methodology 53
Understanding the Network Architectures for the Enterprise 53
Business Drivers for a New Network Framework 54
Business Forces 54
Technology-Related Forces 54
IT Challenges 55
Cisco Network Architectures for the Enterprise 55
Borderless Networks Architecture 56
Borderless Networks Architecture Approach 57
Collaboration Architecture Approach 58
Data Center/Virtualization Architecture Approach 59
Identifying Design Requirements 61
Using the PPDIOO Approach for Networks 61
Benefits of the Lifecycle Approach 63
Design Methodology 64
Identifying Customer Design Requirements 65
Identifying Network Applications and Network Services 65
Defining Organizational Goals 67
Identifying Organizational Constraints 69
Identifying Technical Goals 71
Assessing Technical Constraints 73
Characterizing the Existing Network and Sites 74
Identifying Major Features of the Network 74
Sample Site Contact Information 75
Sample High-Level Network Diagram 76
Auditing the Existing Network 77
Using Tools for Auditing the Network 79
RSPAN with VACLs for Granular Traffic Analysis 81
Analyzing Network Traffic and Applications 83
Using Tools for Analyzing Network Traffic 84
Reviewing Network Traffic Information 85
Analyzing Network Health 85
Creating a Draft Design Document 86
Time Estimates for Performing Network Characterization 88
Using the Top-Down Approach to Network Design 89
Top-Down Approach to Network Design 90
Top-Down Design Example 91
Decision Tables in Network Design 91
Assessing the Scope of the Network Design Project 93
Using Structured Design Principles 93
Logical Structure 94
Physical Structure 95
Network Design Tools 95
Testing the Design 96
Planning an Implementation 97
Documenting the Design 98
Summary 100
References 100
Review Questions 101
Chapter 3 Structuring and Modularizing the Network 103
Designing the Network Hierarchy 103
Introducing the Hierarchical Network Model 104
Describing Access Layer Functionality 106
Campus Access Layer Connectivity 107
Describing Distribution Layer Functionality 108
Virtual Switches 110
Describing Core Layer Functionality 111
Using a Modular Approach in Network Design 114
Describing the Enterprise Campus Functional Area 117
Enterprise Campus Infrastructure Module 117
Data Center Module 117
Describing the Enterprise Edge Area 119
E-Commerce Module 121
Internet Connectivity Module 121
WAN and MAN and Site-to-Site VPN Module 122
Remote Access and VPN Module 122
Describing the Service Provider Area 122
ISP Module 123
Public Switched Telephone Network Module 123
Frame Relay and ATM Module 123
Describing the Remote Area 124
Enterprise Branch Module 124
Enterprise Data Center Module 125
Enterprise Teleworker Module 125
Supporting Services on Borderless Networks 126
Explaining the Role of Borderless Network Services 126
Mobility Considerations 128
Security Infrastructure Services 129
Designing Security to Protect Against External Threats 132
Application Performance Considerations 134
Resolving Application Issues with Cisco Application Network Services 135
Cisco ANS Components 135
IP Communications 136
Voice Transport 137
High-Availability Network Services 141
Full-Mesh Versus Partial-Mesh Redundancy 142
Identifying Network Management Protocols and Features 145
Network Management Overview 145
SNMP 146
SNMP Message Types 147
SNMP Version 2 148
SNMP Version 3 149
MIB Characteristics 150
MIB Variable Retrieval 152
Using RMON 153
NetFlow Characteristics 155
NetFlow Versus RMON Information Gathering 157
Applications Using NetFlow 158
Cisco Discovery Protocol Features 159
Syslog Features 160
Summary 164
References 164
Review Questions 164
Chapter 4 Designing Basic Campus and Data Center Networks 167
Describing Campus Design Considerations 167
Campus Design Factors 168
Network Application Characteristics and Considerations 168
Peer-Peer Applications 169
Client—Local Server Applications 170
Client—Data Center Applications 170
Client—Enterprise Edge Applications 172
Application Requirements 173
Environmental Characteristics and Considerations 174
Intrabuilding Structure 174
Interbuilding Structure 175
Distant Remote Building Structure 175
Transmission Media Considerations 176
Copper 176
Optical Fiber 177
Wireless 177
Campus Transmission Media Comparison 178
Transmission Media Cabling Example 179
Infrastructure Device Characteristics and Considerations 179
Quality of Service (QoS) 180
Designing the Campus Infrastructure Module 181
Design Considerations for the Campus Network 181
Design Considerations for the Building Access Layer 182
Managing VLANs and STP 183
Managing Trunks Between Switches 186
Managing Default PAgP Settings 186
Consider Implementing Routing in the Building Access Layer 186
Design Considerations for the Building Distribution Layer 187
Best Practices in the Distribution Layer 187
Using First-Hop Redundancy Protocols 188
Deploying Layer 3 Routing Protocols 189
Using the Virtual Switching System at the Distribution Layer 191
Campus Core Design Considerations 192
Small and Medium Campus Design Options 195
Edge Distribution at the Campus Core 196
Describing Enterprise Data Center Considerations 197
Describing the Enterprise Data Center Architectures 197
Cisco Enterprise Data Center Architecture Framework 198
Server Challenges 200
Data Center Facility Aspects 200
Enterprise Data Center Infrastructure 205
Data Center Access Layer 206
Data Center Aggregation Layer 207
Data Center Core Layer 207
Describing Enterprise Network Virtualization Tools 208
Virtualization Challenges 208
What Is Virtualization? 209
Types of Virtualization 209
Virtualization Technologies 210
Network Virtualization Design Considerations 211
Summary 212
References 212
Review Questions 213
Chapter 5 Designing Remote Connectivity 215
Identifying WAN Technology Considerations 215
Review of WAN Features 216
Comparison of WAN Transport Technologies 217
Time-Division Multiplexing 218
ISDN Connectivity 218
Frame Relay 219
Multiprotocol Label Switching 219
Metro Ethernet 219
DSL Technology 220
Cable Technology 221
Wireless Technology 221
SONET and SDH Technology 222
DWDM Technology 223
Dark Fiber 224
WAN Link Categories 224
WAN Transport Technology Pricing and Contract Considerations 225
WAN Design Requirements 226
Response Time 227
Throughput 227
Packet Loss 228
Reliability 228
QoS Considerations for Bandwidth Constraints 228
Classification 229
Congestion Management 230
Traffic Shaping and Policing 231
Link Efficiency 232
Window Size 233
Designing the Enterprise WAN 233
Traditional WAN Designs 234
Star Topology 234
Fully Meshed Topology 235
Partially Meshed Topology 235
Remote-Access Network Design 235
VPN Design 236
Enterprise Versus Service Provider—Managed VPNs 237
Enterprise Managed VPN: IPsec 237
Service Provider—Managed VPNs: MPLS 242
Service Provider—Managed VPNs: Metro Ethernet 242
Service Provider—Managed VPNs: VPLS 243
WAN Backup Strategy Design 244
Using the Internet as a WAN Backup 245
Selecting the Enterprise WAN Architecture 246
Cisco Enterprise MAN and WAN Architecture 247
Selecting Enterprise WAN Components 249
Hardware Selection 249
Designing the Enterprise Branch 251
Enterprise Branch Architecture 251
Enterprise Branch Design 252
New Features on the ISR G2 Routers 253
Small Branch Office Design 254
Medium Branch Office Design 255
Large Branch Office Design 256
Enterprise Teleworker (Cisco Virtual Office Solution) Design 256
New ISRs for Small Offices and Teleworkers 257
Summary 259
References 259
Review Questions 260
Chapter 6 Designing IP Addressing 261
Designing IPv4 Addressing 261
IPv4 Addressing 261
Private and Public Addressing Guidelines 262
Recommended Practices for NAT 262
Developing an Addressing Plan 263
Planning the IP Addressing Hierarchy 266
Design Consideration: Route Summarization Groups 266
Address Blocks by Location 267
Hierarchical IP Addressing Plan 268
Recommended Practices for Name Resolution 270
Locating DHCP and DNS Servers in the Network 272
IP Address Space Planning Road Map 272
Designing IPv6 Addressing 272
IPv6 Addressing 273
Benefits of IPv6 Addressing 273
IPv6 Address Types 274
IPv6 Address Assignment Strategies 277
Identifying IPv6 Name Resolution 277
Making the Transition from IPv4 to IPv6 278
Strategies for IPv6 Deployment 279
Dual-Stack Model 280
Hybrid Model 281
Service Block Model 284
Summary 285
References 286
Review Questions 287
Chapter 7 Designing and Selecting Routing Protocols 289
Reviewing Enterprise Routing Protocols 289
Reviewing Routing Protocol Fundamentals 289
Differentiating Between Distance Vector and Link-State Routing Protocols 289
Differentiating Between Interior and Exterior Routing Protocols 292
Differentiating Between Hierarchical and Flat Routing Protocols 293
Routing Protocol Convergence 294
Routing Protocols for the Enterprise 295
EIGRP 295
Open Shortest Path First 296
Border Gateway Protocol 298
IPv6 Routing 300
Selecting an Enterprise Routing Protocol 301
When to Choose EIGRP 301
When to Choose OSPF 301
Designing a Routing Protocol Deployment 301
Applying Routing Protocols to a Hierarchical Network Structure 301
Routing in the Campus Core 302
Routing in the Building Distribution Layer 302
Routing in the Enterprise Edge Functional Area 302
Route Redistribution 303
Route Redistribution Planning 304
Remote-Access and VPN and Internet Connectivity Module Route Redistribution 305
Route Filtering 306
Route Filtering and Internet Connectivity 306
Route Summarization 306
Recommended Practice: Summarize at the Distribution Layer 307
Recommended Practice: Passive Interfaces for IGP at the Access Layer 308
IPv6 Route Summarization 308
Summary 309
Review Questions 310
Chapter 8 Evaluating Security Solutions for the Network 311
Defining Network Security 311
Network Security Background 312
Security Legislation 312
Threats and Risks 313
Reconnaissance Attacks 314
Vulnerability Assessment 315
Example Threat: Gaining Unauthorized Access to Systems 316
Example Risk: Loss of Availability 318
Everything Is a Potential Target 319
Understanding Network Security Policy and Processes 319
Definition of a Security Policy 319
Risk Assessment and Management 320
Example: Security Policy 322
Network Security Is a Continuous Process 323
Integrating Security Design and Network Design 324
Understanding the Cisco SAFE Approach 325
Cisco SAFE Architecture 325
The Network as a Platform for Security 326
Cisco Security Control Framework 327
Trust and Identity Management 328
Trust 329
Identity 330
Access Control 331
Trust and Identity Management Technologies 331
Example: Cisco IBNS 332
Example: Firewall Filtering Using ACLs 332
Example: Cisco NAC Appliance 333
Identity and Access Control Deployment Locations 333
Threat Defense 335
Incorporating Physical Security 335
Infrastructure Protection 336
Threat Detection and Mitigation 338
Threat Detection and Mitigation Solutions 339
Example: Cisco IronPort ESA 341
Example: Cisco IronPort WSA 341
Secure Connectivity 342
Encryption Fundamentals 343
VPN Protocols 344
Ensuring Privacy 345
Example: Providing Confidentiality over the Internet 347
Example: Protecting Communication over the Public Infrastructure 347
Example: Network Authentication over a VPN 347
Maintaining Data Integrity 347
Example: VPN Tunneling for Data Integrity 348
Example: Implementation of Digital Signatures 349
Security Management 349
Selecting Network Security Solutions 352
Security Integration in Network Devices 352
Cisco IOS Security 352
Security Appliances 354
Intrusion Prevention System 355
Cisco Catalyst Services Modules 356
Endpoint Security Solutions 357
Securing the Enterprise Network 358
Example: Deploying Identity and Access Control in the Enterprise Campus 358
Example: Deploying Threat Detection and Mitigation in the Enterprise Campus 359
Example: Deploying Infrastructure Protection in the Enterprise Campus 359
Example: Deploying Security in the Enterprise Campus 359
Example: Deploying Identity and Access Control in the Enterprise Data Center 361
Example: Deploying Threat Detection and Mitigation in the Enterprise Data Center 361
Example: Deploying Infrastructure Protection in the Enterprise Data Center 361
Example: Deploying Security in the Data Center 361
Example: Deploying Identity and Access Control in the Enterprise Edge 364
Example: Deploying Threat Detection and Mitigation in the Enterprise Edge 364
Example: Deploying Infrastructure Protection in the Enterprise Edge 364
Example: Deploying Security in the Enterprise Edge 366
Summary 367
References 368
Review Questions 369
Chapter 9 Identifying Voice and Video Networking Considerations 371
Integrating Voice and Video Architectures 371
Differentiating Between Analog and Digital Signaling 372
Introducing Voice and Video over IP 373
Voice and Video Standards 376
Terminals 376
Gateways 377
Gatekeepers 377
Multipoint Control Units 378
H.264 379
Introducing VoIP 379
IP Telephony Design Models 381
Introducing Video Considerations 385
Media Application Models 386
Delivery of Media Application 386
Architectural Framework for Media Services 387
Call Control and Transport Protocols 388
Call Control Functions with H.323 388
Voice Conversation with RTP 389
Call Control Functions with SSCP 389
Call Control Functions with SIP 390
Call Control Functions with MGCP 392
Identifying the Requirements of Voice and Video Technologies 393
Minimizing Delay, Jitter, and Loss 394
One-Way Network Delay Recommendations 394
Propagation Delay 394
Serialization Delay 395
Processing Delay 395
Queuing Delay 395
Dejitter Buffers 396
Packet Loss 397
Preventing Echo 398
Echo Canceller Example 399
Echo Cancellation Guidelines 399
Voice Coding and Compression 399
Codec Complexity, DSPs, and Voice Calls 402
Bandwidth Considerations 402
Reducing Voice Traffic with cRTP 403
Reducing Voice Traffic with VAD 403
Voice Bandwidth Calculation 404
Typical Video Resolution and Bandwidth 406
Using QoS for Voice and Video 407
QoS Considerations for Voice and Video in the WAN 413
Call Rerouting Alternatives 414
Call Admission Control Examples 414
Implementing CAC with RSVP 415
Voice Traffic Engineering Overview 416
Summary 418
References 419
Review Questions 420
Chapter 10 Identifying Design Considerations for Basic Wireless Networking 421
Cisco Unified Wireless Network Review 421
Cisco Unified Wireless Network Architecture 421
Cisco Unified Wireless Network Elements 422
CAPWAP and LWAPP Fundamentals 423
Split Media Access Control 425
Local Media Access Control 426
Access Point Modes 427
Wireless Infrastructure 428
Wireless Authentication 430
Overview of WLAN Controllers 432
Access Point Support and Scaling 435
Access Point Scalability Considerations 437
Multiple AP Manager Interface Example 437
Link Aggregation (LAG) with a Single AP Manager Interface Example 439
Wireless Network Controller Technology 440
Lightweight Access Point Connectivity to a WLC 440
WLC Selection 440
Lightweight Access Point Operations 442
Mobility in the Cisco Unified Wireless Network 442
Intracontroller Roaming 443
Intercontroller Roaming–Layer 2 444
Intercontroller Roaming–Layer 3 444
Mobility Groups 446
Mobility Group Requirement Example 447
Recommended Practices for Supporting Roaming 448
Controller Redundancy Design 449
Deterministic Controller Redundancy 449
Dynamic Controller Redundancy 451
N + 1 Redundancy Design 452
N + N Redundancy Design 453
N + N + 1 Redundancy Design 454
Radio Resource Management (RRM) and RF Groups 455
RF Grouping 456
Access Point Self-Healing 458
Designing Wireless Networks Using Controllers 458
RF Site Survey 458
RF Site Survey Process 459
Design Considerations for Campus Wireless Networks 466
CAPWAP Access Point Feature Summary 466
Controller Placement Design 467
Campus Cisco Wireless LAN Controller Options 469
Design Considerations for Branch Wireless Networks 470
Hybrid REAP 470
Branch Office Cisco Wireless LAN Controller Options 472
Design Considerations for Guest Services in Wireless Networks 474
Design Considerations for Outdoor Wireless Networks 474
Wireless Mesh Components 476
Mesh Design Recommendations 477
Summary 478
References 478
Review Questions 479
Appendix A Answers to Review Questions 481
Appendix B Acronyms and Abbreviations 489
9781587204241 TOC 6/29/2011