You are previewing CCIE Fundamentals: Network Design and Case Studies, Second Edition.
O'Reilly logo
CCIE Fundamentals: Network Design and Case Studies, Second Edition

Book Description

Authorized preparation materials for CCIE candidates.

  • Prepare for the CCIE lab exam while mastering essential protocols and technologies

  • Learn new design and configuration strategies for ATM, IP multicasting, network management, switching architectures, CIP, and network security

  • Implement practical networking techniques to build scalable, reliable, and secure networks

  • Learn to identify key technologies and appropriate implementations for your internetwork design

  • Isolate and solve problems easier with detailed configuration examples and case studies

  • Cisco CCIE Fundamentals: Network Design and Case Studies, Second Edition offers a comprehensive collection of updated configuration scenarios and design recommendations. By reading this book, you will gain insight into the implementation of practical internetworking strategies, identify features and capabilities of routers and switches, and begin the process of mastering the technologies and protocols necessary to become an effective Cisco Certified Internetwork Expert (CCIE).

    This two-part book is the compilation of design and configuration examples authored and previously released by Cisco Systems. Numerous subject matter experts have revised and restructured each chapter and added coverage of several new topics.

    The design guide portion of this book is intended to support the network engineer who designs and implements router-based or switched internetworks. Practical design recommendations include coverage of large-scale networks with IGPs and BGP, ATM, APPN, DLSw+, DDR, ISDN, LAN switching, multicast networks, and more. The case study portion of this book presents real-world configurations that complement the design material. Implementation and troubleshooting advice is offered for EIGRP and OSPF redistribution, ATM, DDR, ISDN, network security, and HSRP.

    Table of Contents

    1. Copyright
    2. About the Contributors
      1. Atif Khan: Edited Chapters 1, 2, 3, 4
      2. Ronald W. McCarty, Jr.: Edited Chapter 5
      3. Christopher J. Beveridge: Edited Chapter 6
      4. Nicole Park: Edited Chapters 7, 8
      5. George Sackett and Nancy Sackett: Wrote Chapter 9
      6. Salman Asad: Edited Chapters 10, 11, 19, 20, 21
      7. Christophe Paggen: Edited Chapter 12
      8. Beau Williamson: Wrote Chapter 13
      9. Paul Della Maggiora, et al.: Wrote Chapter 14
      10. Russ White: Wrote Chapter 15
      11. Anthony Bruno: Edited Chapters 16, 17
      12. Himanshu Desai: Wrote Chapter 18
      13. Thomas M. Thomas II: Edited Chapter 22
      14. About the Technical Reviewers
    3. Foreword
    4. Preface
      1. About This Book
      2. Author Acknowledgments
      3. Document Objectives
      4. Audience
      5. Document Conventions
      6. CCIE Program and Cisco Press
      7. CCIE Program Description
        1. CCIE Certification Laboratory
      8. Cisco Press CCIE Series
      9. Disclaimer
    5. I. Network Design
      1. 1. Introduction
        1. Designing Campus Networks
          1. Trends in Campus Design
        2. Designing WANs
          1. Trends in WAN Design
        3. Utilizing Remote Connection Design
          1. Trends in Remote Connections
          2. Trends in LAN/WAN Integration
        4. Providing Integrated Solutions
        5. Determining Your Networking Requirements
          1. The Design Problem: Optimizing Availability and Cost
            1. Assessing User Requirements
            2. Assessing Proprietary and Nonproprietary Solutions
            3. Assessing Costs
            4. Estimating Traffic: Workload Modeling
            5. Sensitivity Testing
        6. Summary
      2. 2. Network Design Basics
        1. Understanding Basic Networking Concepts
          1. Overview of Networking Devices
          2. Switching Overview
            1. Layer 2 and Layer 3 Switching
              1. Implications of Layer 2 and Layer 3 Switching
        2. Identifying and Selecting Networking Capabilities
          1. Identifying and Selecting a Networking Model
          2. Using the Hierarchical Design Model
            1. Function of the Core Layer
            2. Function of the Distribution Layer
            3. Function of the Access Layer
          3. Evaluating Backbone Services
            1. Path Optimization
            2. Traffic Prioritization
              1. Priority Queuing
              2. Custom Queuing
              3. Weighted Fair Queuing
            3. Load Balancing
            4. Alternative Paths
            5. Switched Access
            6. Encapsulation (Tunneling)
              1. IBM Features
              2. Generic Routing Encapsulation (GRE)
          4. Evaluating Distribution Services
            1. Backbone Bandwidth Management
            2. Area and Service Filtering
            3. Policy-Based Distribution
            4. Gateway Service
            5. Interprotocol Route Redistribution
            6. Media Translation
          5. Evaluating Local-Access Services
            1. Value-Added Network Addressing
            2. Network Segmentation
            3. Broadcast and Multicast Capabilities
            4. Naming, Proxy, and Local Cache Capabilities
            5. Media Access Security
            6. Router Discovery
          6. Choosing Networking Reliability Options
            1. Redundant Links Versus Meshed Topologies
            2. Redundant Power Systems
            3. Fault-Tolerant Media Implementations
            4. Backup Hardware
        3. Identifying and Selecting Networking Devices
          1. Benefits of Switches (Layer 2 Services)
          2. Benefits of Routers (Layer 3 Services)
            1. Backbone Routing Options
              1. Multiprotocol Routing Backbone
              2. Single-Protocol Backbone
          3. Types of Switches
            1. LAN Switches
          4. ATM Switches
            1. Workgroup and Campus ATM Switches
            2. Enterprise ATM Switches
            3. Multiservice Access Switches
          5. Switches and Routers Compared
            1. Role of Switches and Routers in VLANs
            2. Examples of Campus Switched Network Designs
        4. Summary
      3. 3. Designing Large-Scale IP Networks with Interior Gateway Protocols
        1. Implementing Routing Protocols
          1. Network Topology
          2. Addressing and Route Summarization
          3. Route Selection
          4. Convergence
          5. Network Scalability
            1. Memory
            2. CPU
            3. Bandwidth
          6. Security
        2. EIGRP Network Design Guidelines
          1. EIGRP Network Topology
          2. EIGRP Addressing
          3. EIGRP Route Summarization
          4. EIGRP Route Selection
          5. EIGRP Convergence
          6. EIGRP Network Scalability
            1. Memory
            2. CPU
            3. Bandwidth
          7. EIGRP Security
        3. OSPF Network Design Guidelines
          1. OSPF Network Topology
            1. Backbone Considerations
            2. Area Considerations
          2. OSPF Addressing and Route Summarization
            1. OSPF Route Summarization
            2. Separate Address Structures for Each Area
            3. Bit-Wise Subnetting and VLSM
              1. Private Addressing
            4. Route Summarization Techniques
              1. Area-to-Backbone Route Advertisement
              2. Backbone-to-Area Route Advertisement
          3. OSPF Route Selection
            1. Tuning OSPF Metrics
            2. Controlling Interarea Traffic
            3. Load Balancing in OSPF Networks
          4. OSPF Convergence
          5. OSPF Network Scalability
            1. Memory
            2. CPU
            3. Bandwidth
          6. OSPF Security
          7. OSPF NSSA (Not-So-Stubby Area) Overview
            1. Using OSPF NSSA
            2. Type 7 LSA Characteristics
            3. Configuring OSPF NSSA
            4. NSSA Implementation Considerations
          8. OSPF On-Demand Circuit
            1. Why Use OSPF On-Demand Circuit?
            2. OSPF On-Demand Circuit Operation
            3. Configuring OSPF On-Demand Circuit
            4. Implementation Considerations for OSPF On-Demand Circuit
          9. OSPF Over Nonbroadcast Networks
            1. NBMA Mode
            2. Point-to-Multipoint Mode
        4. On-Demand Routing
          1. Benefits of On-Demand Routing
          2. Considerations When Using ODR
        5. Summary
      4. 4. Designing Large-Scale IP Networks with BGP
        1. BGP Operation
          1. Internal BGP
          2. External BGP
            1. Synchronization
            2. Disabling Synchronization
          3. BGP and Route Maps
          4. Advertising Networks
            1. Redistributing Static Routes
            2. Redistributing Dynamic Routes
            3. Using the network Command
        2. BGP Attributes
          1. AS_path Attribute
          2. Origin Attribute
          3. Next Hop Attribute
            1. Next Hop Attribute and Multiaccess Media
            2. Next Hop Attribute and Nonbroadcast Media Access
          4. Weight Attribute
            1. Using an Access List to Set the Weight Attribute
            2. Using a Route Map to Set the Weight Attribute
            3. Using the neighbor weight Command to Set the Weight Attribute
          5. Local Preference Attribute
            1. Using the bgp default local-preference Command
            2. Using a Route Map to Set Local Preference
          6. Multi-Exit Discriminator Attribute
          7. Community Attribute
        3. BGP Path Selection Criteria
        4. Understanding and Defining BGP Routing Policies
          1. Administrative Distance
          2. BGP Filtering
            1. Prefix Filtering
            2. AS_path Filtering
            3. Route Map Filtering
            4. Community Filtering
          3. BGP Peer Groups
          4. CIDR and Aggregate Addresses
          5. Confederations
          6. Route Reflectors
          7. Route Flap Dampening
        5. Summary
      5. 5. Designing ATM Networks
        1. ATM Overview
        2. Role of ATM in Networks
          1. ATM Functional Layers
            1. Physical Layer
              1. Physical Medium Sublayer
              2. Transmission Convergence Sublayer
            2. ATM Layer
            3. ATM Adaptation Layer (AAL)
              1. AAL1
              2. AAL2
              3. AAL3/4
              4. AAL5
          2. ATM Addressing
            1. Fields of an ATM Address
          3. ATM Media
          4. Multiservice Networks
        3. Integrated Solutions
        4. Different Types of ATM Switches
          1. Workgroup and Campus ATM Switches
          2. Enterprise ATM Switches and Routers
          3. Carrier Class Switches
        5. Structure of an ATM Network
          1. Operation on an ATM Network
        6. Role of LANE
          1. LANE Components
          2. How LANE Works
            1. LANE Operation
              1. Finding the LECS
              2. Contacting the LECS
              3. Configuring the LECS Database
              4. Joining the LES
              5. Finding the BUS
              6. Joining the BUS
            2. Address Resolution
        7. LANE Implementation
          1. LANE Design Considerations
            1. PNNI in LANE Networks
            2. Scaling an ELAN—Spanning-Tree Protocol Issues
          2. LANE Redundancy
            1. Issues in a LANE Network
            2. Resiliency in LANE Networks
              1. LECS Redundancy
              2. LES/BUS Redundancy
            3. SSRP Usage Guidelines
            4. SSRP Configuration Guidelines
            5. SSRP Interoperability Notes
            6. Behavior of SSRP with the Well Known LECS Address
            7. Behavior of SSRP in Network Partitions
            8. HSRP over LANE
            9. Redundant Modules for Cisco ATM Switches
        8. Summary
      6. 6. Designing Packet Service Networks and Voice over Frame Relay Networks
        1. Understanding Packet-Switched Network Design
          1. Hierarchical Design
            1. Scalability of Hierarchical Networks
            2. Manageability of Hierarchical Networks
            3. Optimization of Broadcast and Multicast Control Traffic
          2. Topology Design
            1. Star Topologies
            2. Fully Meshed Topologies
            3. Partially Meshed Topologies
          3. Broadcast Issues
          4. Performance Issues
        2. Frame Relay Network Design
          1. Hierarchical Design for Frame Relay Networks
            1. Hierarchical Meshed Frame Relay Networks
          2. Hybrid-Meshed Frame Relay Networks
          3. Regional Topologies for Frame Relay Networks
            1. Star Topologies
            2. Fully Meshed Topologies
            3. Partially Meshed Topologies
          4. Broadcast Issues for Frame Relay Networks
          5. Creating a Broadcast Queue for an Interface
          6. Performance Issues for Frame Relay Networks
            1. Packet-Switched Service Provider Tariff Metrics
            2. Multiprotocol Traffic-Management Requirements
        3. Configuring Frame Relay Traffic Shaping
        4. Voice over Frame Relay Design
          1. Human Speech Characteristics
            1. Removing Repetition in Voice Conversations
            2. Silence Suppression in Voice Conversations
            3. Voice Frame Formation and Fragmentation
          2. Voice Compression Algorithms
          3. Echo Phenomenon and Echo Cancelers
          4. Delay and Delay Variation Transport Issues
          5. Frame Loss Issues
          6. Fax and Modem Support
          7. Traffic Prioritization across Frame Relay Transport
          8. Delay Control Using Frame Fragmentation
          9. Silence Removal Using Digital Speech Interpolation
          10. Bandwidth Optimization Using Multiplexing Techniques
        5. Summary
      7. 7. Designing APPN Networks
        1. Evolution of SNA
          1. Role of APPN
            1. Types of APPN Nodes
        2. When to Use APPN as Part of a Network Design
          1. APPN Network Node at Every Branch
            1. When CoS Is Required
            2. When Branch-to-Branch Routing Is Required
        3. When to Use APPN Versus Alternative Methods of SNA Transport
        4. Overview of APPN
          1. Defining Nodes
            1. APPN Node Identifiers
          2. Establishing APPN Sessions
          3. Understanding Intermediate Session Routing
          4. Using Dependent Logical Unit Requester/Server
        5. Cisco Implementation of APPN
        6. Scalability Issues
          1. Topology Database Update Reduction
            1. Reducing the Number of Links
            2. Reducing the Number of CP-CP Sessions
            3. Reducing the Number of Network Nodes
              1. APPN over DLSw+
              2. APPN over FRAS BNN/BAN
              3. APPN over RSRB
          2. LOCATE Search Reduction
            1. Safe-Store of Directory Cache
            2. Partial Directory Entries
            3. Central Directory Server (CDS)/Client
            4. Central Resource Registration
        7. Backup Techniques in an APPN Network
          1. Link Backup
          2. Full Redundancy
          3. SSCP Takeover
        8. APPN in a Multiprotocol Environment
          1. Bandwidth Management and Queuing
          2. Other Considerations with a Multiprotocol Environment
        9. Network Management
        10. Configuration Examples
          1. Simple APPN Network Configuration
            1. Sample Configurations
              1. Router A Configuration
              2. Router B Configurations
              3. Router C Configuration
              4. Router D Configuration
          2. APPN Network Configuration with End Stations
            1. Sample Configurations
              1. Sample Configuration for Router A
              2. Sample Configuration for Router B
              3. Sample Configuration for Router C
          3. APPN over DLSw+ Configuration Example
            1. Sample Configurations of DLSw+ Router A
              1. Sample Configuration of DLSw+ ROUTERA
              2. Sample Configuration for Workstation Attached to ROUTERA
              3. Sample Configuration for DLSw+ ROUTERB
              4. Sample Configuration for Workstation Attached to ROUTERB
          4. Example of Subarea to APPN Migration
          5. Example of APPN/CIP in a Sysplex Environment
            1. Sysplex Overview
            2. Sysplex with APPN Using Subarea Routing—Option One
            3. Sysplex Using Subarea/APPN Routing—Option Two
            4. Sysplex Using APPN Routing—Option Three
            5. The Company's Network
              1. Sample Configuration
          6. Example of APPN with FRAS BNN
            1. APPN in the Data Center
            2. APPN in the Remote Site
            3. Future Configuration
              1. Using Border Node on VTAM to Partition the Network into Smaller Subnets
              2. Using FRAS BNN to Reduce the Number of Network Nodes
        11. Summary
      8. 8. Designing DLSw+ Networks
        1. Introduction to DLSw+
          1. DLSw+ Defined
          2. DLSw Standard
            1. Establish Peer Connections
            2. Exchange Capabilities
            3. Establish Circuit
            4. Flow Control
          3. DLSw+ Features
            1. DLSw+ Improved Scalability
            2. Peer-Group Concept
            3. Explorer Firewalls
            4. DLSw+ Enhanced Availability
            5. DLSw+ Transport Flexibility
            6. DLSw+ Modes of Operation
          4. How to Proceed
        2. Getting Started with DLSw+
          1. Minimum Required Configuration
          2. Token Ring
          3. Ethernet
        3. SDLC
        4. QLLC
        5. DLSw+ Advanced Features
          1. How DLSw+ Peers Establish Connections
          2. Load Balancing and Redundancy
          3. Controlling Peer Selection
          4. Backup Peers
          5. Backup Peers Compared to Multiple Active Peers
          6. Encapsulation Options
            1. TCP Encapsulation
            2. FST Encapsulation
            3. Direct Encapsulation
            4. LLC2 Encapsulation (DLSw Lite)
            5. Encapsulation Overhead
          7. Port Lists
          8. Peer Groups, Border Peers, and On-Demand Peers
          9. Dynamic Peers
            1. When to Use Dynamic Peers
            2. SNA Dial-on-Demand Routing
            3. Other Considerations
            4. Local Switching
        6. Summary
      9. 9. CIP Design and Configuration
        1. Design Criteria
          1. All in One
          2. CIP and SNA Combined
          3. CIP Solo
        2. Design Configurations
          1. ESCON, PCA and MPC Configurations
            1. High Availability Using RSRB to Mainframe Using Dual CIP Routers
            2. High Availability and Load Balancing Using DLSw+ to Dual CIP Routers
            3. VTAM-to-VTAM Communications Through a Single CIP Router with Two CIPs
            4. TN3270 Session Switching Using DLUR/DLUS with VTAM Host Redundancy
            5. CMPC ESCON Connection for APPN HPR to VTAM
          2. Loading the CIP Microcode
        3. Defining CSNA Support
          1. Assigning CSNA to an I/O Device Address
          2. Defining the Internal Virtual LAN
          3. Defining the VTAM XCA Major Node
        4. Defining TN3270 Server Support
          1. TN3270 with DLUR/DLUS Support
        5. CIP CMPC Definition
          1. Transport Resource List Major Node
          2. Define the Local SNA Major Node
          3. Defining the CMPC Subchannels
          4. Defining the CMPC Transmission Group
        6. CIP Configuration Examples
          1. High Availability Using RSRB to Mainframe Using Dual CIP Routers
          2. High Availability and Load Balancing Using DLSw+ to Dual CIP Routers
          3. CMPC Connectivity Between TwoVTAMs over a Single CIP Router
          4. TN3270 Session Switching UsingDLUR/DLUS with VTAM Host Redundancy
          5. VTAM-to-APPN NN Using HPR over CMPC
      10. 10. Designing DDR Networks
        1. Introduction to DDR
          1. DDR Design Stack
          2. Dialer Clouds
        2. Traffic and Topology of DDR
          1. Topologies
            1. Point-to-Point Topology
            2. Fully Meshed Topology
            3. Hub-and-Spoke DDR Solutions
          2. Traffic Analysis
        3. Dialer Interfaces
          1. Supported Physical Interfaces
            1. Synchronous Serial Interfaces
            2. ISDN Interfaces
            3. Asynchronous Modem Connections
          2. Dialer Rotary Groups
          3. Dialer Profiles
          4. Encapsulation Methods
          5. Addressing Dialer Clouds
          6. Dialer Maps
        4. Routing Strategies
          1. Static Routing
          2. Dynamic Routing
            1. Selecting a Dynamic Routing Protocol
            2. Passive Interfaces
            3. Split Horizons
            4. Dynamic Connected Routes
          3. Snapshot Routing
            1. Snapshot Model
          4. Enabling Snapshot Routing
          5. Dial Backup for Leased Lines
            1. Backup Interfaces
            2. Floating Static Routes
            3. IPX Static Routes and SAP Updates
            4. Configuring AppleTalk Static Zones
        5. Dialer Filtering
          1. Defining Interesting Packets Using ACLs
            1. SNMP
          2. IPX Packets
            1. Controlling IPX Watchdog Packets
            2. Controlling SPX Keepalive Packets
            3. Time Server and NDS Replica Packets
            4. AppleTalk Filtering
            5. Banyan VINES, DECnet IV, and OSI Packets
        6. Dial-on-Demand and PPP
        7. Authentication
          1. PPP Authentication
            1. CHAP
            2. PAP
            3. ISDN Security
            4. DDR Callback
            5. IPX Access Lists
        8. Summary
      11. 11. Designing ISDN Networks
        1. Applications of ISDN in Networking
          1. Dial-On-Demand Routing
          2. Dial Backup
          3. SOHO Connectivity
          4. Modem Aggregation
        2. Building Blocks of ISDN Solutions
          1. ISDN Connectivity
          2. Datagram Encapsulation
            1. DDR: Dial-On-Demand Routing
            2. Security Issues
            3. Cost-Containment Issues
        3. ISDN Connectivity Issues
          1. Establishing BRI Connectivity
            1. BRI Hardware
            2. BRI Configuration
            3. Confirming BRI Operations
            4. BRI Notes
          2. Establishing ISDN Primary Rate Interface (PRI)
            1. PRI Configuration
            2. Confirming PRI Operations
          3. ISDN End-to-End Considerations
            1. Signaling System 7
            2. Data-Path Speed
          4. Datagram-Encapsulation Issues
            1. Point-to-Point Protocol (PPP)
        4. ISDN Security
        5. ISDN Scaling Techniques
          1. Virtual Remote Nodes
            1. Cisco 700 PAT and DHCP
          2. Virtual Profiles
          3. MultiChassis MultiLink PPP (MMP)
        6. ISDN Cost-Containment Issues
          1. Traffic Analysis
          2. Tariff Structure
          3. User Education
          4. Using SNMP
          5. Cisco Enterprise Accounting (CEA) for ISDN
          6. AAA Accounting
        7. Troubleshooting ISDN
          1. Troubleshooting the Physical Layer
            1. The debug bri Command
            2. Troubleshooting PRI Layer 1 Problems
          2. Troubleshooting the Data Link Layer
            1. Troubleshooting the TEI Process
          3. Troubleshooting the Network Layer
            1. Q.931
            2. SPIDs
            3. RELEASE_COMP Messages
            4. Link Control Protocol
            5. PPP Authentication Type
            6. Network Control Protocols
        8. Summary
      12. 12. Designing Switched LAN Networks
        1. Evolution from Shared to Switched Networks
        2. Technologies for Building Switched LAN Networks
          1. Role of LAN Switching Technology in Campus Networks
          2. Switched Network Solutions
        3. Components of the Switched Networking Model
          1. Scalable Switching Platforms
            1. ATM Switches
              1. Workgroup and Campus ATM Switches
              2. Enterprise and Multiservice ATM Switches
            2. LAN Switches
            3. Multiservice Access Switches
            4. Routing Platforms
          2. Common Software Infrastructure
            1. VLANs
              1. Problems Inherent to the Spanning-Tree Protocol
          3. Network Management Tools and Applications
        4. Switched LAN Network Designs
          1. The Hub-and-Router Model
          2. The Campus-Wide VLAN Model
          3. Multiprotocol over ATM
          4. The Multilayer Model
            1. The New 80/20 Rule
            2. Components of the Multilayer Model
            3. Redundancy and Load Balancing
          5. Scaling Bandwidth
          6. Policy in the Core
          7. Positioning Servers
          8. ATM/LANE Backbone
          9. IP Multicast
          10. Scaling Considerations
          11. Migration Strategies
          12. Security in the Multilayer Model
          13. Bridging in the Multilayer Model
          14. Advantages of the Multilayer Model
        5. Summary
      13. 13. PIM Sparse Mode
        1. Explicit Join Model
        2. PIM-SM Shared Trees
          1. Shared Tree Joins
          2. Shared Tree Prunes
        3. PIM-SM Shortest Path Trees
          1. Shortest Path Tree Joins
          2. Shortest Path Tree Prunes
        4. PIM Join/Prune Messages
        5. PIM-SM State-Refresh
        6. Source Registration
          1. PIM Register Messages
          2. PIM Register-Stop Messages
          3. Source Registration Example
        7. Shortest Path Tree Switchover
          1. SPT Switchover Example
          2. Pruning Sources from the Shared Tree
        8. PIM-SM Designated Router
          1. The Role of the Designated Router
          2. Designated Router Failover
        9. RP Discovery
        10. PIM-SM Suitability/Scalability
        11. Summary
    6. II. Network Case Studies
      1. 14. Switched Network Management
        1. Overview
        2. Audience for This Chapter
        3. Terms and Acronyms Used in This Chapter
        4. Network Management Overview
        5. Cisco Device Technical Overview
          1. Introduction to Switches
            1. Central Processing Unit (CPU) and Application-Specific Integrated Circuits (ASICs)
            2. Content-Addressable Memory (CAM) Table
            3. The Path of a Packet
            4. Transparent Versus Translational Bridging
            5. VLANs and VLAN Services
            6. Spanning-Tree Protocol (STP)
            7. Switched Port Analyzer (SPAN) Functionality and Purpose
          2. Introduction to Routers
          3. Introduction to Layer 3 Switches
          4. Technology Common to Switches and Routers
            1. Cisco Discovery Protocol (CDP)
            2. Embedded Remote Monitoring (RMON)
        6. Network Management Protocols
          1. Basic Protocols
            1. Telnet
            2. SNMP
            3. RMON
            4. Syslog
          2. Event Model Overview
            1. Event Types
              1. Syslog Messages
              2. SNMP Traps
              3. Platform Events
            2. Event Processing
              1. Event Collection
              2. Event Knowledge
              3. Event Filtering
              4. Event Correlation
            3. Cisco Event Model
              1. Theoretical Event Model
              2. Commercial Event-Correlation Systems
        7. Network Management Guidelines
          1. Start with a Good Design and Secure Closets
          2. Identify Critical Ports; Leave the Rest Alone
          3. Set Up Fault Monitoring
            1. Monitoring Availability
            2. Setting Up Syslog
            3. Setting Up SNMP Traps
          4. Collect Baseline Data
          5. Define and Set Thresholds
            1. Defining Threshold Values
          6. Adjust Thresholds
          7. Reduce Baseline Data Collection
          8. Revisit and Gather Baseline Data on a Regular Basis
        8. Cisco Catalyst Switch Recommendations
          1. Design and Configuration Recommendations
            1. Network Design
            2. Data Acquisition
              1. Telnet and the CLI
              2. SNMP Polling
            3. Monitor Polling
            4. Threshold Polling
            5. Performance Polling
            6. RMON
            7. RMON Memory Constraints
              1. Catalyst 5000 Family
            8. Syslog Memory Constraints
            9. VLANs and Community String Indexing
            10. SNMP Interface Indexing from ifIndex and ifName
            11. Setting Up SNMP, SPAN, Syslog, and Traps
          2. Switch Resource Status
            1. SNMP MIBS
            2. CLI (Command-Line Interface)
              1. show biga—Switch Resource Errors (RsrcErrors)
              2. show inband—Switch Resource Errors (RsrcErrors)
              3. show mbuf
              4. ps –c
              5. show log
          3. Chassis and Environmental Status
            1. SNMP MIBS
            2. CLI
              1. show system
              2. show test
          4. Module Status
            1. SNMP MIBS
            2. CLI
              1. show module
              2. show test module number
          5. Spanning-Tree Topology
            1. SNMP MIBs
            2. CLI
              1. show spantree
          6. Bridge Forwarding Database (CAM) Information
            1. SNMP MIBs
            2. CLI
              1. show cam count dynamic
          7. Port Errors
            1. SNMP MIBs
            2. CLI
              1. show port counters
          8. Port Utilization, Broadcast, Multicast, and Unicast Ratios
            1. SNMP MIBs
            2. CLI
              1. show mac
          9. Client Usage (Utilization Accounting)
          10. Response-Time Reporting
          11. MIB Variables for Switched Environments
            1. Alignment Errors
            2. FCS Errors
            3. Runts
          12. Other Objects to Monitor
            1. Simple MIB Objects
              1. MIB-II
              2. CISCO-STACK-MIB
                1. System and Chassis Groups
                2. Module Conditions
                3. Port Conditions
                4. Trunk Conditions
                5. VLAN Conditions
                6. EtherChannel Conditions
                7. RSM Conditions
                8. Miscellaneous Conditions
                9. Further Correlation
        9. Cisco Router Recommendations
          1. Fault Management
            1. Monitoring Network Status
            2. Problem Detection and Notification
              1. Syslog Messages
              2. SNMP
              3. RMON
            3. Problem Diagnosis and Service Restoration
              1. System Internals
              2. Environmental Monitor
          2. Performance Management
            1. Establishing a Baseline of Network Performance
            2. Defining Service-Level Agreement and Metrics
            3. Performance Monitoring and Measurement
            4. CPU Utilization and Memory/Buffers Allocation
        10. Network-Based Correlation Scenarios
          1. Periodic Reachability Test
          2. Logical Topology Database
          3. Physical Topology Database
          4. Baselining
          5. Customization
          6. Problems Scenarios
            1. Basic Filtering Functions
            2. Device Restart Conditions #1
            3. Device Restart Conditions #2
            4. Detect Link Up/Down Conditions
            5. Spanning-Tree Topology Changes
            6. Router/Switch Down Problem
            7. Device Performance Problem
            8. Environmental Problem #1
            9. Environmental Problem #2
        11. Summary
      2. 15. Packet Switching Architecture
        1. Routing 101: Process Switching
          1. Traffic Load Sharing with Process Switching
          2. Disadvantages of Process Switching
        2. Fast Switching: Caching to the Rescue
          1. Fast Cache Organization
            1. Fast Cache Limitations for IP Routing
          2. Maintaining the Cache
            1. Cache Invalidation
            2. Cache Aging
          3. Traffic Load Sharing Considerations with Fast Switching
        3. Optimum Switching
        4. Cisco Express Forwarding
          1. How CEF Works
            1. The CEF Table
            2. The Adjacency Table
            3. The CEF Method and Its Advantages
          2. Traffic Load Sharing with CEF
          3. CEF in Review
        5. Summary
      3. 16. EIGRP and OSPF Redistribution
        1. Setting Up EIGRP and OSPF Mutual Redistribution
          1. Configuration File Examples
        2. Verifying the Redistribution of Routes
        3. Adding a Route to the Redistribution List
        4. Summary
      4. 17. Configuring EIGRP for Novell and AppleTalk Networks
        1. Novell IPX Network
          1. Configuring a Novell IPX Network
          2. Adding EIGRP to a Novell IPX Network
            1. Route Selection
            2. Redistribution and Metric Handling
            3. Reducing SAP Traffic
        2. AppleTalk Network
          1. Configuring an AppleTalk Network
          2. Adding EIGRP to an AppleTalk Network
            1. Route Selection
            2. Metric Handling
            3. Redistribution
        3. Summary
      5. 18. Designing, Configuring, and Troubleshooting Multiprotocols over ATM
        1. Introduction
        2. Multiprotocols over ATM with AAL5 (RFC 1483)
          1. Using PVCs
            1. Design Considerations
            2. Topology (PVCs)
            3. Configuring with PVCs
            4. Troubleshooting with PVCs
          2. Using SVCs
            1. Topology (SVCs)
            2. Configuring with SVCs
            3. Troubleshooting with SVCs
        3. Classical IP over ATM (RFC 1577)
          1. Design Considerations
          2. Topology
          3. Configuration
          4. Troubleshooting
        4. LAN Emulation Introduction
          1. Design Considerations
            1. Topology
            2. Configuration
            3. Troubleshooting
              1. LEC-to-LECS Connect Phase
              2. LEC-to-LES Control Connections
              3. LEC-to-BUS Connections
              4. LEC-to-LEC Connection
          2. Multiprotocols over ATM ( MPOA)
            1. Design Considerations
            2. Topology
            3. Configuration of MPOA
            4. Troubleshooting
              1. Discovering the MPS
              2. MPOA Resolution Request and Reply
              3. MPOA Cache Imposition Request and Reply
        5. Summary
      6. 19. Dial-on-Demand Routing
        1. Having the Central Site Dial Out
          1. Configuring One Interface per Remote Site
            1. Central Site: Dial Out Only
            2. Interface Configuration
            3. Routing Configuration
            4. Access List Configuration
              1. Remote Sites: Dial In Only
          2. Configuring a Single Interface for Multiple Remote Sites
            1. Central Site: Dial Out Only
            2. Interface Configuration
            3. Routing Configuration
            4. Access List Configuration
            5. Remote Sites: Dial In Only
          3. Configuring Multiple Interfaces for Multiple Remote Sites
            1. Central Site: Dial Out Only
            2. Interface Configuration
            3. Routing Configuration
            4. Access List Configuration
            5. Remote Sites: Dial In Only
        2. Having the Central and Remote Sites Dial In and Dial Out
          1. Configuring One Interface per Remote Site
            1. Central Site: Dial In and Dial Out
            2. Remote Sites: Dial In and Dial Out
              1. Hong Kong
              2. Singapore
              3. Tokyo
          2. Configuring a Single Interface for Multiple Remote Sites
            1. Central Site: Dial In and Dial Out
            2. Remote Sites: Dial In and Dial Out
              1. Hong Kong
              2. Singapore
          3. Configuring Multiple Interfaces for Multiple Remote Sites
            1. Central Site: Dial In and Dial Out
            2. Remote Sites: Dial In and Dial Out
              1. Hong Kong
              2. Singapore
              3. Tokyo
        3. Having Remote Sites Dial Out
          1. Configuring Multiple Interfaces for Multiple Remote Sites
            1. Central Site: Dial In Only
            2. Remote Sites: Dial Out Only
              1. Hong Kong
              2. Singapore
              3. Tokyo
        4. Using DDR as a Backup to Leased Lines
          1. Floating Static Routes
            1. Central Site
            2. Remote Sites
          2. Floating Static Routes on Shared Interfaces
        5. Using Leased Lines and Dial Backup
          1. DTR Dialing
            1. Central Site
            2. Remote Sites
          2. V.25bis Dialing
        6. Chat Scripts
        7. Writing and Implementing Chat Scripts
        8. Chat Scripts and Dialer Mapping
        9. Summary
      7. 20. Scaling Dial-on-Demand Routing
        1. Network Design Considerations
          1. Traffic Patterns
          2. Media Selection
          3. Application Protocol Requirements
        2. The Hardware Solution
        3. The Software Solution
          1. Authentication
          2. Network Layer Addressing
            1. Subnet Address Assignment
            2. Next-Hop Address
          3. Routing Strategy
        4. Configuring the Central-Site Access Routers
          1. Username Configuration for the Remote Sites
          2. Dialup Configuration for the Remote Sites
          3. Loopback Interface Configuration
          4. Asynchronous Line Configuration
          5. Dialer Interface Configuration
          6. OSPF Routing Configuration
          7. RIP Routing Configuration
          8. Static Routing Configuration
          9. Security Issues
          10. Configuration File Size
        5. Configuring the Remote-Site Routers
          1. Chat Script Configuration for Dialing the Central Site
          2. Configuring the Asynchronous Interface
          3. Using the site Command
          4. Static Routing Configuration
        6. The Complete Configurations
          1. CENTRAL-1 Configuration
          2. Router2 Configuration
        7. Dial Enterprise Networks
        8. Dial ISP Networks
        9. Summary
      8. 21. Using ISDN Effectively in Multiprotocol Networks
        1. Configuring DDR over ISDN
          1. Native ISDN Interfaces
          2. Configuring an ISDN Interface
            1. Central Site
              1. Controller Configuration
              2. Interface Configuration
              3. Routing Configuration
              4. Access List Configuration
            2. Home Site
              1. Nick
              2. Dave
          3. Configuring Calling Line Identification Numbers
            1. Central Site
            2. Home Site
          4. Configuring Callback
        2. Configuring Snapshot Routing over ISDN
          1. Upgrading the Telecommuting Network
            1. Central Site Modified for Snapshot Routing
            2. Home Site Modified for Snapshot Routing
          2. Snapshot and Novell IPX Networks
            1. Server Router Configuration
              1. Interface Configuration
              2. Access List Configuration
            2. Client Router Configuration
              1. Interface Configuration
        3. Configuring AppleTalk over ISDN
          1. Router A Configuration
            1. Interface Configuration
            2. Access List Configuration
          2. Router B Configuration
        4. Configuring IPX over ISDN
          1. Example Network Scenario for Configuring IPX over ISDN
          2. Configuration for the C2503 Router
          3. Explanation of the C2503 Configuration
            1. Lines 1–11
            2. Line 12
            3. Line 12
            4. Line 13
            5. Lines 16–17
            6. Line 18
            7. Lines 20–29
            8. Line 30
            9. Line 31
            10. Line 32
            11. Line 33
            12. Line 34
            13. Lines 35–36
            14. Line 37
            15. Line 38
            16. Line 39
            17. Lines 40–41
            18. Line 42
            19. Lines 44–47
            20. Line 48
            21. Line 49
            22. Line 51
            23. Line 54
            24. Lines 56–62
          4. Configuration for the C4000 Router
        5. Summary
      9. 22. Increasing Security in IP Networks
        1. Overview of Cisco Security and Network Assessment
          1. Security Posture Assessment
          2. Incident Control and Recovery Service
        2. Cyber-Warfare: Is It Happening?
          1. What Are the Threats?
          2. What Is the Purpose of Cyber-Warfare?
        3. Network Vulnerabilities
          1. Vulnerabilities in Cisco CHAP Authentication
          2. TCP Loopback Denial of Service Attack (land.c) and Cisco Devices
          3. "Smurfing" Denial of Service Attacks
          4. UDP Diagnostic Port Denial of Service Attacks
          5. Cisco IOS Password Encryption
        4. Assessing the Need for Security
        5. Security Policy
          1. How Do I Create a Network Security Policy?
          2. Document and Audit Your Security Policy
        6. Understanding Cisco's Approach to Network Security
          1. Know Your Enemy
          2. Count the Cost
          3. Identify Your Assumptions
          4. Control and Limit Your Secrets
          5. Always Remember Human Factors
          6. Know Your Weaknesses
          7. Limit the Scope of Access
          8. Understand Your Environment
          9. Limit Your Trust
          10. Remember Physical Security
          11. Security Is Pervasive
        7. Controlling Access to Cisco Routers
          1. Console Access
            1. Assigning a Nonprivileged Mode Password
            2. Assigning a Privileged Mode Password
          2. Telnet Access
            1. Assigning a Nonprivileged Mode Password
            2. Assigning a Privileged Mode Password
          3. Simple Network Management Protocol (SNMP) Access
            1. Assigning a Nonprivileged Mode Password
            2. Assigning a Privileged Mode Password
          4. Additional Techniques to Secure a Router
            1. Session Timeouts
            2. Password Encryption
            3. Restricting Telnet Access to Particular IP Addresses
            4. Restricting Telnet Access TCP Ports
              1. Earlier Software Releases
              2. Software Releases 9.1 (11.5), 9.21 (3.2), and 10.0 and Later
        8. Access Control Lists
          1. Operation
          2. Applying Access Lists to the Router
          3. Wildcard Mask
          4. Standard Access Control Lists
            1. Standard Access List Configuration
            2. Standard Access List Example
          5. Extended Access Control Lists
            1. Extended Access List Configuration
            2. Extended Access List Example
          6. Reflexive Access Control Lists
            1. Reflexive Access Control List Example
            2. External Interface
            3. Internal Interface
            4. Configuring a Reflexive Access Control List
            5. Reflexive Access Control List Configuration Example
            6. Golden Rules of Reflexive ACL Implementation
          7. Dynamic Access Lists (Lock-and-Key Security)
            1. Implementation Considerations of Lock-and-Key Access
            2. Configuring User Authentication
            3. Dynamic Access List Golden Rules
            4. Deleting a Dynamic Access List
            5. Dynamic Access List Configuration Example
        9. Terminal Access Controller Access Control System
          1. Nonprivileged Access
          2. Privileged Access
          3. Token Card Access
        10. Further Cisco Security Measures
          1. Controlling Access to Network Servers that Contain Configuration Files
          2. Using Banners to Set Up Unauthorized Use Notifications
          3. Securing Nonstandard Services
          4. Privilege-Level Security
            1. Privilege-Level Command Modes
            2. Privilege-Level Configuration Example
          5. Network Data Encryption
        11. Case Study #1:Routing Protocol Authentication
          1. OSPF Neighbor Router Authentication
            1. Benefits of OSPF Neighbor Authentication
            2. Conditions for Deploying OSPF Neighbor Authentication
            3. How Neighbor Authentication Works
            4. Plain Text Authentication
            5. MD5 Authentication
            6. Troubleshooting OSPF and Authentication
        12. Case Study #2: Designing Your Firewall Architecture
          1. Controlling Traffic Flow
          2. Configuring the Firewall Router
          3. Defining Firewall Access Lists
          4. Applying Access Lists to Interfaces
          5. Configuring the Firewall Communication Server
          6. Defining the Communication Server's Access Lists
          7. Applying Access Lists to Lines
          8. Spoofing and Inbound Access Lists
          9. Well-Known Port Assignments
        13. Bibliography and Recommended Reading
          1. Books and Periodicals
          2. Requests For Comments (RFCs)
          3. Internet Directories
        14. Summary
      10. 23. Using HSRP for Fault-Tolerant IP Routing
        1. Understanding How HSRP Works
        2. Configuring HSRP
        3. Configuring Multiple Hot Standby Groups
          1. Interface Tracking
          2. Load Sharing
        4. Using HSRP with Routed Protocols
          1. AppleTalk, Banyan VINES, and Novell IPX
          2. DECnet and XNS
        5. Summary
    7. III. Appendixes
      1. A. Subnetting an IP Address Space
      2. B. IBM Serial Link Implementation
        1. Comparing Half Duplex and Full Duplex
          1. Asynchronous Line Definitions
          2. IBM SNA-Specific Definitions
          3. DCE Definitions
        2. Understanding Multipoint Connections
      3. C. SNA Host Configuration for SRB Networks
        1. FEP Configuration
        2. VTAM-Switched Major Node Definitions
        3. 3174 Cluster Controller Configuration Example
      4. D. SNA Host Configuration for SDLC Networks
        1. FEP Configuration for SDLC Links
        2. 3174 SDLC Configuration Worksheet
      5. E. Broadcasts in Switched LAN Networks
        1. IP Multicasting
        2. Using Broadcasts with IP Networks
        3. Using Broadcasts with Novell Networks
        4. Using Broadcasts with AppleTalk Networks
        5. Using Broadcasts with Multiprotocol Networks
      6. F. Reducing SAP Traffic in Novell IPX Networks
        1. Configuring Access Lists to Filter SAP Updates
          1. Central Site
          2. Remote Sites
            1. IPX Server and Client
            2. IPX Clients
        2. Configuring Incremental SAP Updates
          1. Central Site
          2. Remote Sites
            1. IPX Server and Client
            2. IPX Clients
        3. Summary
      7. G. Packet Voice Primer
        1. Overview
        2. Introduction
        3. Voice Coding
        4. Voice Coding Standards
        5. Compression Quality
        6. Delay
        7. Packet Voice Transport Options and Issues
          1. Synchronous Circuit-Switched Networks
          2. Frame/Cell Networks
          3. Connectionless Data Networks
          4. X.25 Packet Networks
          5. Private Data Networks
        8. Signaling: Making the Voice Connection
        9. External Signaling
        10. Internal Signaling
        11. Applying Packet Voice
        12. Summary
      8. H. References and Recommended Reading
        1. Books and Periodicals
        2. Technical Publications and Standards
      9. I. Overview of IP Multicast
        1. The Advantages of Multicast
        2. Primer on Multicast Technology
          1. Addressing
          2. Dynamic Registration
          3. Multicast Forwarding
          4. Multicast Routing
        3. Multicast Process
        4. Planning for IP Multicast in Enterprise Network
        5. Enterprise-Wide Multicast: Microsoft NetShow and the Microsoft Multicast Network