Cover image for Network Warrior

Book description

Written by networking veteran with 20 years of experience, Network Warrior provides a thorough and practical introduction to the entire network infrastructure, from cabling to the routers. What you need to learn to pass a Cisco certification exam such as CCNA and what you need to know to survive in the real world are two very different things. The strategies that this book offers weren 't on the exam, but they 're exactly what you need to do your job well. Network Warrior takes you step by step through the world of hubs, switches, firewalls, and more, including ways to troubleshoot a congested network, and when to upgrade and why. Along the way, you 'll gain an historical perspective of various networking features, such as the way Ethernet evolved. Based on the author 's own experience as well as those he worked for and with, Network Warrior is a Cisco-centric book, focused primarily on the TCP/IP protocol and Ethernet networks -- the realm that Cisco Systems now dominates. The book covers: The type of networks now in use, from LANs, WANs and MANs to CANs

  • The OSI Model and the layers involved in sending data

  • Hubs, repeaters, switches, and trunks in practice

  • Auto negotiation and why it 's a common problem in network slowdowns

  • Route maps, routing protocols, and switching algorithms in Cisco routers

  • The resilient Ethernet -- how to make things truly redundant

  • Cisco 6500 multi-layer switches and the Catalyst 3750 switch

  • Telecom nomenclature -- why it 's different from the data world

  • T1 and DS3

  • Firewall theory, designing access lists, authentication in Cisco devices

  • Server load balancing technology

  • Content switch module in action

  • Designing QOS and what QOS does not do

  • IP design and subnetting made easy

The book also explains how to sell your ideas to management, how networks become a mess as a company grows, and why change control is your friend. Network Warrior will help network administrators and engineers win the complex battles they face every day.

Table of Contents

  1. Network Warrior
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. Preface
      1. Who Should Read This Book
      2. Conventions Used in This Book
      3. Using Code Examples
      4. We'd Like to Hear from You
      5. Safari® Enabled
      6. Acknowledgments
    3. I. Hubs, Switches, and Switching
      1. 1. What Is a Network?
      2. 2. Hubs and Switches
        1. 2.1. Hubs
        2. 2.2. Switches
          1. 2.2.1. Switch Types
          2. 2.2.2. Planning a Chassis-Based Switch Installation
            1. 2.2.2.1. Rack space
            2. 2.2.2.2. Power
            3. 2.2.2.3. Cooling
            4. 2.2.2.4. Installing and removing modules
            5. 2.2.2.5. Routing cables
      3. 3. Auto-Negotiation
        1. 3.1. What Is Auto-Negotiation?
        2. 3.2. How Auto-Negotiation Works
        3. 3.3. When Auto-Negotiation Fails
        4. 3.4. Auto-Negotiation Best Practices
        5. 3.5. Configuring Auto-Negotiation
      4. 4. VLANs
        1. 4.1. Connecting VLANs
        2. 4.2. Configuring VLANs
          1. 4.2.1. CatOS
          2. 4.2.2. IOS Using VLAN Database
          3. 4.2.3. IOS Using Global Commands
      5. 5. Trunking
        1. 5.1. How Trunks Work
          1. 5.1.1. ISL
          2. 5.1.2. 802.1Q
          3. 5.1.3. Which Protocol to Use
          4. 5.1.4. Trunk Negotiation
        2. 5.2. Configuring Trunks
          1. 5.2.1. IOS
          2. 5.2.2. CatOS
      6. 6. VLAN Trunking Protocol
        1. 6.1. VTP Pruning
        2. 6.2. Dangers of VTP
        3. 6.3. Configuring VTP
          1. 6.3.1. VTP Domains
            1. 6.3.1.1. IOS
            2. 6.3.1.2. CatOS
          2. 6.3.2. VTP Mode
            1. 6.3.2.1. IOS
            2. 6.3.2.2. CatOS
          3. 6.3.3. VTP Password
            1. 6.3.3.1. IOS
            2. 6.3.3.2. CatOS
          4. 6.3.4. VTP Pruning
            1. 6.3.4.1. IOS
            2. 6.3.4.2. CatOS
      7. 7. EtherChannel
        1. 7.1. Load Balancing
        2. 7.2. Configuring and Managing EtherChannel
          1. 7.2.1. EtherChannel Protocols
          2. 7.2.2. CatOS Example
          3. 7.2.3. IOS Example
      8. 8. Spanning Tree
        1. 8.1. Broadcast Storms
        2. 8.2. MAC Address Table Instability
        3. 8.3. Preventing Loops with Spanning Tree
          1. 8.3.1. How Spanning Tree Works
        4. 8.4. Managing Spanning Tree
        5. 8.5. Additional Spanning Tree Features
          1. 8.5.1. PortFast
          2. 8.5.2. BPDU Guard
          3. 8.5.3. UplinkFast
          4. 8.5.4. BackboneFast
        6. 8.6. Common Spanning Tree Problems
          1. 8.6.1. Duplex Mismatch
          2. 8.6.2. Unidirectional Links
        7. 8.7. Designing to Prevent Spanning Tree Problems
          1. 8.7.1. Use Routing Instead of Switching for Redundancy
          2. 8.7.2. Always Configure the Root Bridge
    4. II. Routers and Routing
      1. 9. Routing and Routers
        1. 9.1. Routing Tables
        2. 9.2. Route Types
        3. 9.3. The IP Routing Table
          1. 9.3.1. Host Route
          2. 9.3.2. Subnet
          3. 9.3.3. Summary (Group of Subnets)
          4. 9.3.4. Major Network
          5. 9.3.5. Supernet (Group of Major Networks)
          6. 9.3.6. Default Route
      2. 10. Routing Protocols
        1. 10.1. Communication Between Routers
        2. 10.2. Metrics and Protocol Types
        3. 10.3. Administrative Distance
        4. 10.4. Specific Routing Protocols
          1. 10.4.1. RIP
          2. 10.4.2. RIPv2
          3. 10.4.3. EIGRP
          4. 10.4.4. OSPF
          5. 10.4.5. BGP
      3. 11. Redistribution
        1. 11.1. Redistributing into RIP
        2. 11.2. Redistributing into EIGRP
        3. 11.3. Redistributing into OSPF
        4. 11.4. Mutual Redistribution
        5. 11.5. Redistribution Loops
        6. 11.6. Limiting Redistribution
          1. 11.6.1. Route Tags
          2. 11.6.2. A Real-World Example
            1. 11.6.2.1. Another method
      4. 12. Tunnels
        1. 12.1. GRE Tunnels
        2. 12.2. GRE Tunnels and Routing Protocols
        3. 12.3. GRE and Access Lists
      5. 13. Resilient Ethernet
        1. 13.1. HSRP
        2. 13.2. HSRP Interface Tracking
        3. 13.3. When HSRP Isn't Enough
      6. 14. Route Maps
        1. 14.1. Building a Route Map
        2. 14.2. Policy-Routing Example
          1. 14.2.1. Monitoring Policy Routing
      7. 15. Switching Algorithms in Cisco Routers
        1. 15.1. Process Switching
        2. 15.2. Interrupt Context Switching
          1. 15.2.1. Fast Switching
          2. 15.2.2. Optimum Switching
          3. 15.2.3. Cisco Express Forwarding
        3. 15.3. Configuring and Managing Switching Paths
          1. 15.3.1. Process Switching
          2. 15.3.2. Fast Switching
          3. 15.3.3. Cisco Express Forwarding
    5. III. Multilayer Switches
      1. 16. Multilayer Switches
        1. 16.1. Configuring SVIs
          1. 16.1.1. Native Mode (4500, 6500, 3550, 3750)
          2. 16.1.2. Hybrid Mode (4500, 6500)
        2. 16.2. Multilayer Switch Models
      2. 17. Cisco 6500 Multilayer Switches
        1. 17.1. Architecture
          1. 17.1.1. Buses
          2. 17.1.2. Enhanced Chassis
          3. 17.1.3. Supervisors
            1. 17.1.3.1. MSFC
            2. 17.1.3.2. PFC
            3. 17.1.3.3. Models
          4. 17.1.4. Modules
            1. 17.1.4.1. Module interaction
            2. 17.1.4.2. Module types
              1. 17.1.4.2.1. Ethernet modules
              2. 17.1.4.2.2. Firewall Services Modules
              3. 17.1.4.2.3. Content Switch Modules
              4. 17.1.4.2.4. Network Analysis Modules
              5. 17.1.4.2.5. Intrusion Detection System Modules
              6. 17.1.4.2.6. FlexWAN modules
              7. 17.1.4.2.7. Communication Media Modules
        2. 17.2. CatOS Versus IOS
      3. 18. Catalyst 3750 Features
        1. 18.1. Stacking
        2. 18.2. Interface Ranges
        3. 18.3. Macros
        4. 18.4. Flex Links
        5. 18.5. Storm Control
        6. 18.6. Port Security
        7. 18.7. SPAN
        8. 18.8. Voice VLAN
        9. 18.9. QoS
    6. IV. Telecom
      1. 19. Telecom Nomenclature
        1. 19.1. Introduction and History
        2. 19.2. Telecom Glossary
      2. 20. T1
        1. 20.1. Understanding T1 Duplex
        2. 20.2. Types of T1
        3. 20.3. Encoding
          1. 20.3.1. AMI
          2. 20.3.2. B8ZS
        4. 20.4. Framing
          1. 20.4.1. D4/Superframe
          2. 20.4.2. Extended Superframe (ESF)
        5. 20.5. Performance Monitoring
          1. 20.5.1. Loss of Signal (LOS)
          2. 20.5.2. Out of Frame (OOF)
          3. 20.5.3. Bipolar Violation (BPV)
          4. 20.5.4. CRC6
          5. 20.5.5. Errored Seconds (ES)
          6. 20.5.6. Extreme Errored Seconds (EES)
        6. 20.6. Alarms
          1. 20.6.1. Red Alarm
          2. 20.6.2. Yellow Alarm (RAI)
          3. 20.6.3. Blue Alarm (AIS)
        7. 20.7. Troubleshooting T1s
          1. 20.7.1. Loopback Tests
          2. 20.7.2. Integrated CSU/DSUs
        8. 20.8. Configuring T1s
          1. 20.8.1. CSU/DSU Configuration
          2. 20.8.2. CSU/DSU Troubleshooting
      3. 21. DS3
        1. 21.1. Framing
          1. 21.1.1. M13
          2. 21.1.2. C-Bits
          3. 21.1.3. Clear-Channel DS3 Framing
        2. 21.2. Line Coding
        3. 21.3. Configuring DS3s
          1. 21.3.1. Clear-Channel DS3
          2. 21.3.2. Channelized DS3
      4. 22. Frame Relay
        1. 22.1. Ordering Frame-Relay Service
        2. 22.2. Frame-Relay Network Design
        3. 22.3. Oversubscription
        4. 22.4. Local Management Interface (LMI)
          1. 22.4.1. Congestion Avoidance in Frame Relay
        5. 22.5. Configuring Frame Relay
          1. 22.5.1. Basic Frame Relay with Two Nodes
          2. 22.5.2. Basic Frame Relay with More Than Two Nodes
          3. 22.5.3. Frame-Relay Subinterfaces
        6. 22.6. Troubleshooting Frame Relay
    7. V. Security and Firewalls
      1. 23. Access Lists
        1. 23.1. Designing Access Lists
          1. 23.1.1. Wildcard Masks
          2. 23.1.2. Where to Apply Access Lists
          3. 23.1.3. Naming Access Lists
          4. 23.1.4. Top-Down Processing
          5. 23.1.5. Most-Used on Top
          6. 23.1.6. Using Groups in PIX ACLs
          7. 23.1.7. Turbo ACLs
          8. 23.1.8. Allowing Outbound Traceroute and Ping
          9. 23.1.9. Allowing MTU Path Discovery Packets
        2. 23.2. ACLs in Multilayer Switches
          1. 23.2.1. Configuring Port ACLs
          2. 23.2.2. Configuring Router ACLs
          3. 23.2.3. Configuring VLAN Maps
        3. 23.3. Reflexive Access Lists
          1. 23.3.1. Configuring Reflexive Access Lists
      2. 24. Authentication in Cisco Devices
        1. 24.1. Basic (Non-AAA) Authentication
          1. 24.1.1. Line Passwords
          2. 24.1.2. Configuring Local Users
          3. 24.1.3. PPP Authentication
            1. 24.1.3.1. PAP
              1. 24.1.3.1.1. One-way authentication
              2. 24.1.3.1.2. Two-way authentication
              3. 24.1.3.1.3. Debugging PPP authentication
            2. 24.1.3.2. CHAP
              1. 24.1.3.2.1. One-way authentication
              2. 24.1.3.2.2. Two-way authentication
              3. 24.1.3.2.3. Changing the sent hostname
        2. 24.2. AAA Authentication
          1. 24.2.1. Enabling AAA
          2. 24.2.2. Configuring Security Server Information
            1. 24.2.2.1. Default RADIUS and TACACS+ server groups
            2. 24.2.2.2. Custom groups
          3. 24.2.3. Creating Method Lists
            1. 24.2.3.1. Login authentication
            2. 24.2.3.2. PPP authentication
          4. 24.2.4. Applying Method Lists
      3. 25. Firewall Theory
        1. 25.1. Best Practices
        2. 25.2. The DMZ
          1. 25.2.1. Another DMZ Example
          2. 25.2.2. Multiple DMZ Example
        3. 25.3. Alternate Designs
      4. 26. PIX Firewall Configuration
        1. 26.1. Interfaces and Priorities
        2. 26.2. Names
        3. 26.3. Object Groups
        4. 26.4. Fixups
        5. 26.5. Failover
          1. 26.5.1. Failover Terminology
          2. 26.5.2. Understanding Failover
          3. 26.5.3. Configuring Failover
          4. 26.5.4. Monitoring Failover
        6. 26.6. NAT
          1. 26.6.1. NAT Commands
          2. 26.6.2. NAT Examples
            1. 26.6.2.1. Simple PAT using the outside interface
            2. 26.6.2.2. Simple PAT using a dedicated IP address
            3. 26.6.2.3. Simple PAT with public servers on the inside
            4. 26.6.2.4. Port redirection
            5. 26.6.2.5. DMZ
        7. 26.7. Miscellaneous
          1. 26.7.1. Remote Access
          2. 26.7.2. Saving Configuration Changes
          3. 26.7.3. Logging
        8. 26.8. Troubleshooting
    8. VI. Server Load Balancing
      1. 27. Server Load-Balancing Technology
        1. 27.1. Types of Load Balancing
        2. 27.2. How Server Load Balancing Works
          1. 27.2.1. Balancing Algorithms
        3. 27.3. Configuring Server Load Balancing
          1. 27.3.1. IOS SLB
            1. 27.3.1.1. Real servers
            2. 27.3.1.2. Server farms
            3. 27.3.1.3. Virtual servers
            4. 27.3.1.4. Port translation using SLB
          2. 27.3.2. Content Switch Modules
            1. 27.3.2.1. Real servers
            2. 27.3.2.2. Server farms
            3. 27.3.2.3. Virtual servers
            4. 27.3.2.4. Port redirection
      2. 28. Content Switch Modules in Action
        1. 28.1. Common Tasks
        2. 28.2. Upgrading the CSM
    9. VII. Quality of Service
      1. 29. Introduction to QoS
        1. 29.1. Types of QoS
        2. 29.2. QoS Mechanics
          1. 29.2.1. Priorities
          2. 29.2.2. Flavors of QoS
        3. 29.3. Common QoS Misconceptions
      2. 30. Designing a QoS Scheme
        1. 30.1. Determining Requirements
          1. 30.1.1. Protocols
          2. 30.1.2. Priorities
          3. 30.1.3. Determine Bandwidth Requirements
        2. 30.2. Configuring the Routers
          1. 30.2.1. Class Maps
          2. 30.2.2. Policy Maps
          3. 30.2.3. Service Policies
      3. 31. The Congested Network
        1. 31.1. Determining Whether the Network Is Congested
        2. 31.2. Resolving the Problem
      4. 32. The Converged Network
        1. 32.1. Configuration
        2. 32.2. Monitoring QoS
        3. 32.3. Troubleshooting a Converged Network
          1. 32.3.1. Incorrect Queue Configuration
          2. 32.3.2. Priority Queue Too Small
          3. 32.3.3. Priority Queue Too Large
          4. 32.3.4. Nonpriority Queue Too Small
          5. 32.3.5. Nonpriority Queue Too Large
          6. 32.3.6. Default Queue Too Small
          7. 32.3.7. Default Queue Too Large
    10. VIII. Designing Networks
      1. 33. Designing Networks
        1. 33.1. Documentation
          1. 33.1.1. Requirements Documents
          2. 33.1.2. Port Layout Spreadsheets
          3. 33.1.3. IP and VLAN Spreadsheets
          4. 33.1.4. Bay Face Layouts
          5. 33.1.5. Power and Cooling Requirements
          6. 33.1.6. Tips for Network Diagrams
        2. 33.2. Naming Conventions for Devices
        3. 33.3. Network Designs
          1. 33.3.1. Corporate Networks
            1. 33.3.1.1. Three-tiered architecture
            2. 33.3.1.2. Collapsed core—no distribution
            3. 33.3.1.3. Collapsed core—no distribution or access
            4. 33.3.1.4. Configuration concerns
              1. 33.3.1.4.1. Trunks
              2. 33.3.1.4.2. EtherChannels
              3. 33.3.1.4.3. Spanning Tree
              4. 33.3.1.4.4. VTP
              5. 33.3.1.4.5. VLANs
          2. 33.3.2. E-Commerce Web Sites
          3. 33.3.3. Small Networks
      2. 34. IP Design
        1. 34.1. Public Versus Private IP Space
        2. 34.2. VLSM
        3. 34.3. CIDR
        4. 34.4. Allocating IP Network Space
        5. 34.5. Allocating IP Subnets
          1. 34.5.1. Sequential
          2. 34.5.2. Divide by Half
          3. 34.5.3. Reverse Binary
        6. 34.6. IP Subnetting Made Easy
      3. 35. Network Time Protocol
        1. 35.1. What Is Accurate Time?
        2. 35.2. NTP Design
        3. 35.3. Configuring NTP
          1. 35.3.1. NTP Client
          2. 35.3.2. NTP Server
      4. 36. Failures
        1. 36.1. Human Error
        2. 36.2. Multiple Component Failure
        3. 36.3. Disaster Chains
        4. 36.4. No Failover Testing
        5. 36.5. Troubleshooting
          1. 36.5.1. Remain Calm
          2. 36.5.2. Log Your Actions
          3. 36.5.3. Find Out What Changed
          4. 36.5.4. Check the Physical Layer First!
          5. 36.5.5. Assume Nothing; Prove Everything
          6. 36.5.6. Isolate the Problem
          7. 36.5.7. Don't Look for Zebras
          8. 36.5.8. Do a Physical Audit
          9. 36.5.9. Escalate
          10. 36.5.10. Troubleshooting in a Team Environment
          11. 36.5.11. The Janitor Principle
      5. 37. GAD's Maxims
        1. 37.1. Maxim #1
        2. 37.2. Maxim #2
        3. 37.3. Maxim #3
      6. 38. Avoiding Frustration
        1. 38.1. Why Everything Is Messed Up
        2. 38.2. How to Sell Your Ideas to Management
        3. 38.3. When to Upgrade and Why
          1. 38.3.1. The Dangers of Upgrading
          2. 38.3.2. Valid Reasons to Upgrade
        4. 38.4. Why Change Control Is Your Friend
        5. 38.5. How Not to Be a Computer Jerk
    11. Index
    12. About the Author
    13. Colophon
    14. SPECIAL OFFER: Upgrade this ebook with O’Reilly