About the Author

Priscilla Oppenheimer has been developing data communications and networking systems since 1980 when she earned her master's degree in information science from the University of Michigan. After many years as a software developer, she became a technical instructor and training developer and taught more than 2000 network engineers from most of the Fortune 500 companies. Her employment at such companies as Apple Computer, Network General, and Cisco Systems gave her a chance to troubleshoot...

Accounting Auditing

To effectively analyze the security of a network and to respond to security incidents, procedures should be established for collecting network activity data. Collecting data is called accounting or auditing. For networks with strict security policies, audit data should include all attempts to achieve authentication and authorization by any person. It is especially important to log anonymous or guest access to public servers. The data should also log all attempts by users to change their access...

Accounting Management

Accounting management facilitates usage-based billing, whereby individual departments or projects are charged for network services. Even in cases where there is no money exchange, accounting of network usage can be useful to catch departments or individuals who abuse the network. The abuse could be intentional, for example, a discontented employee or former employee causing network problems, or the abuse could be unintentional. (People playing network games do not intend to harm the network,...

Accuracy

The overall goal for accuracy is that the data received at the destination must be the same as the data sent by the source. Typical causes of data errors include power surges or spikes, impedance mismatch problems, poor physical connections, failing devices, and noise caused by electrical machinery. Sometimes software bugs can cause data errors also, although software problems are a less common cause of errors than physical layer problems. Frames that have an error must be retransmitted, which...

Acknowledgments

I would like to thank the staff and contractors at Cisco Press for their hard work on this book project. I am also grateful for the hard work of the technical reviewers, Matthew Birkner, Blair Buchanan, and Dr. Peter Welcher. They read the entire manuscript and made many helpful suggestions. I take responsibility for any errors and for my decision to retain more legacy material than the reviewers advised. I also wish to thank the technical reviewers for the first edition, Dr. Alex Cannara,...

Adaptability

When designing a network, you should try to avoid incorporating any elements that would make it hard to implement new technologies in the future. A good network design can adapt to new technologies and changes. Changes can come in the form of new protocols, new business practices, new fiscal goals, new legislation, and a myriad of other possibilities. For example, some states have enacted environmental laws that require a reduction in the number of employees driving to work. To meet the legal...

Administering Addresses by a Central Authority

A corporate Information Systems (IS) or enterprise networking department should develop a global model for network layer addressing. As the network designer, you should help the IS department develop the model. The model should identify network numbers for the core of the enterprise network, and blocks of subnets for the distribution and access layers. Depending on the organizational structure of the enterprise, network managers within each region or branch office can further divide the...

Affordability

The final technical goal this chapter covers is affordability. Affordability is sometimes called cost-effectiveness. Most customers have a goal for affordability, although sometimes other goals such as performance and availability are more important. Affordability is partly a business goal, and, in fact, was discussed in Chapter 1. It is covered again in this chapter because of the technical issues involved. For a network design to be affordable, it should carry the maximum amount of traffic...

Aggregatable Global Addresses

Aggregatable global unicast addresses are equivalent to public registered addresses in IPv4. These addresses are designed to support the type of provider-based aggregation currently used on the Internet and a new, geographic type of aggregation based on exchange points. (The latter is experimental, and provider-based aggregation may remain the norm.) The structure of aggregatable global unicast addresses enables aggregation of routing prefixes so that the number of routing table entries in the...

Agilents Router Tester

Agilent's RouterTester is a powerful and flexible test system for generating traffic streams and testing network design and routing scalability. The RouterTester system can generate IPv4 and IPv6 routing, signaling, multicast, and tunneling protocol traffic over a wide range of Packet over SONET (POS), ATM, and Ethernet interfaces. It has the capability of handling up to 2000 individual streams per port. It also includes tools for sending realistic traffic streams, building large test...

An Example of a Network Design Testing Scenario

This section discusses a network design and testing project that was completed for Umqua Systems, Inc., using some of the design steps described in this book and chapter. The example is based on a real network, but the name of the company has been changed, and some facts have been obscured to protect the company's privacy. This particular company still had some old technology, such as FDDI. Don't be thrown off by this. The testing methods described in this section can apply to networks with any...

Analysis of the New Order Entry System

In an attempt to estimate the consequences of adding ten users in Building 4, who will use the new Oracle order-entry system to access a database in Building 1, packet traces were collected during normal work hours for one Oracle user. From the captured data, it can be estimated that a typical order entry creates approximately 2 MB of data traffic, broken down as follows About 220 KB of TCP IP traffic between the user and the Oracle database server in Building 1 on the FDDI backbone. About 1.7...

Analyzing Business Goals

Understanding your customer's business goals and constraints is a critical aspect of network design. Armed with a thorough analysis of your customer's business objectives, you can propose a network design that will meet with your customer's approval. It is tempting to overlook the step of analyzing business goals, because analyzing such technical goals as capacity, performance, security, and so on is more interesting to many network engineers. Analyzing technical goals is covered in the next...

Analyzing Network Accuracy

Chapter 2 talked about specifying network accuracy as a bit error rate (BER). You can use a BER tester (also called a BERT) on serial lines to test the number of damaged bits compared to total bits. As discussed in the Checking the Status of Major Routers, Switches, and Firewalls section later in this chapter, you can also use Cisco show commands to gain an understanding of errors on a serial interface, which is a more common practice on modern networks than using a BERT. With packet-switched...

Analyzing Network Availability

To document availability characteristics of the existing network, gather any statistics that the customer has on the mean time between failure (MTBF) and mean time to repair (MTTR) for the internetwork as a whole as well as major network segments. Compare these statistics with information you have gathered on MTBF and MTTR goals, as discussed in Chapter 2. Does the customer expect your new design to increase MTBF and decrease MTTR Are the customer's goals realistic considering the current state...

Analyzing Network Utilization

Network utilization is a measurement of how much bandwidth is in use during a specific time interval. Utilization is commonly specified as a percentage of capacity. If a network-monitoring tool says that network utilization on a Fast Ethernet segment is 70 percent, for example, this means that 70 percent of the 100-Mbps capacity is in use, averaged over a specified timeframe or window. Different tools use different averaging windows for computing network utilization. Some tools let the user...

Analyzing Security Risks

In addition to identifying assets, an important step in security planning is analyzing potential threats and gaining an understanding of their likelihood and severity. Risk management and the consequent building of a security policy and secure network design is a continuous process, as risks change in their severity and probability on a regular basis. For example, a company's encryption algorithm and the length of the encryption key may need to be reconsidered if a relatively inexpensive and...

Apple Talk Dynamic Addressing

AppleTalk was the first network protocol to support dynamic addressing. AppleTalk's dynamic addressing inspired IP dynamic addressing, so learning a bit about AppleTalk addressing will help you understand modern schemes for dynamic IP addressing. An AppleTalk network layer station address consists of a 16-bit network number and an 8-bit node ID. The address is written as network.node for example, 2210.15 means station 15 on network 2210. When an AppleTalk station boots, it dynamically chooses...

Apple Talk Workstationto Router Communication

An AppleTalk workstation remembers the address of the router that sent the most recent RTMP packet. Although the workstation does not participate in the routing protocol process, it does hear RTMP broadc packets and copy into memory the address of the router that sent the broadcast. As long as there is at least one router on the workstation's network, the workstation can reach remote devices. If there are multiple routers on a workstation's network, the workstation very quickly learns a new way...

Application Layer Throughput

Most end users are concerned about the throughput for applications. Marketing materials from some networking vendors refer to application layer throughput as goodput. Calling it goodput sheds light on the fact that it is a measurement of good and relevant application layer data transmitted per unit of time. It is possible to improve throughput such that more data per second is transmitted, but not increase goodput, because the extra data transmitted is overhead or retransmissions. It is also...

Assigning Names in a NetBIOS Environment

NetBIOS is an application programming interface (API) that includes functions for naming devices, which ensures the uniqueness of names, and finding named services. NetBIOS was developed by IBM and Sytek in the 1980s for use on PC networks. It gained popularity in the late 1980s as a way of connecting PCs using software from the IBM, Microsoft, and 3Com corporations. It is still widely used in Microsoft Windows environments. There are many implementations of the NetBIOS protocol, including...

Assigning Names in an IP Environment

Naming in an IP environment is accomplished by configuring hosts files, DNS servers, or Network Information Service (NIS) servers. DNS is used on the Internet and has also gained widespread popularity for managing names in enterprise networks. It is the recommended naming system for modern networks. A hosts file tells a UNIX workstation how to convert a host name into an IP address. A network administrator maintains a hosts file on each workstation in the internetwork. Both DNS and NIS were...

ATM Quality of Service Specifications

In their document Traffic Management Specification Version 4.1, the ATM Forum does an excellent job of categorizing the types of service that a network can offer to support different sorts of applications. Even if your customer has no plans to use Asynchronous Transfer Mode (ATM) technology, the ATM Forum terminology is still helpful because it identifies the parameters that different sorts of applications must specify to request a certain type of network service. These parameters include delay...

ATM Wide Area Networks

Chapter 10, Selecting Technologies and Devices for Campus Networks, discussed using ATM in a campus network. This chapter discusses using ATM as the core of a WAN enterprise network. Despite the complexity of ATM, ATM is a good choice for WAN backbone networks for customers with accelerating bandwidth requirements and applications with advanced QoS requirements. ATM supports very high bandwidth requirements. When used on copper cabling, ATM can run at T3 or above speeds. When used on...

Audience

This book is for you if you are an internetworking professional responsible for designing and maintaining medium- to large-sized enterprise networks. If you are a network engineer, architect, or technician who has a working knowledge of network protocols and technologies, this book will provide you with practical advice on applying your knowledge to internetwork design. This book also includes useful information for consultants, systems engineers, and sales engineers who design corporate...

Authentication

Authentication identifies who is requesting network services. The term authentication usually refers to authenticating users, but it can refer to authenticating devices or software processes also. For example, some routing protocols support route authentication, whereby a router must pass some criteria before another router accepts its routing updates. Most security policies state that to access a network and its services, a user must enter a login ID and password that are authenticated by a...

Authorization

Whereas authentication controls who can access network resources, authorization says what they can do after they have accessed the resources. Authorization grants privileges to processes and users. Authorization lets a security administrator control parts of a network (for example, directories and files on servers). Authorization varies from user to user, partly depending on a user's department or job function. For example, a policy might state that only Human Resources employees should see...

Availability

Availability refers to the amount of time a network is available to users and is often a critical goal for network design customers. Availability can be expressed as a percent uptime per year, month, week, day, or hour, compared to the total time in that period. For example, in a network that offers 24-hour, seven-days-a-week service, if the network is up 165 hours in the 168-hour week, availability is 98.21 percent. Network design customers don't use the word availability in everyday English...

Available Bit Rate Service Category

With ABR, the transfer characteristics provided by the network can change subsequent to connection establishment. A flow-control mechanism offers several types of feedback to control the source rate in response to changing ATM-layer conditions. This feedback is conveyed to the source through control cells called resource management cells, or RM cells. An end system that adapts its traffic in accordance with the feedback should experience a low CLR and obtain a fair share of the available...

Background Information for the Campus Network Design Project

Wandering Valley Community College (WVCC) is a small college in the western United States that is attended by about 600 full- and part-time students. The students do not live on campus. Approximately 50 professors teach courses in the fields of arts and humanities, business, social sciences, mathematics, computer science, the physical sciences, and health sciences. Many of the professors also have other jobs in the business community, and only about half of them have an office on campus....

Background Information for the WAN Design Project

Klamath Paper Products, Inc., manufactures paper and packaging products, including office paper, newsprint, cartons, and corrugated boxes. They also manufacture wood pulp and chemicals used in the manufacturing of pulp and paper. Klamath Paper Products (which will be called Klamath from now on) has approximately 15 sites in the western United States. Headquarters are in Portland, Oregon. Klamath employs around 1500 people and has customers all over the world, with a large customer base in Asia....

Backup Paths

To maintain interconnectivity even when one or more links are down, redundant network designs include a backup path for packets to travel when there are problems on the primary path. A backup path consists of routers and switches and individual backup links between routers and switches, which duplicate devices and links on the primary path. When estimating network performance for a redundant network design, you should take into consideration two aspects of the backup path How much capacity does...

Boot Time Traffic for Older Protocols

You may be thinking that there's no need to categorize boot-time traffic for older protocols. Be sure to check network traffic with a protocol analyzer before making a quick decision on this. Many universities, schools, governments, and nonprofit organizations still use older protocols. Also, some companies that have theoretically standardized on TCP IP are often surprised when a network engineer studies their network traffic. A lot of equipment that is supposedly running only TCP IP tends to...

Budgetary and Staffing Constraints

Your network design must fit the customer's budget. The budget should include allocations for equipment purchases, software licenses, maintenance and support agreements, testing, training, and staffing. The budget might also include consulting fees (including your fees) and outsourcing expenses. Throughout the project, work with your customer to identify requirements for new personnel, such as additional network managers. Point out the need for personnel training, which will affect the budget...

Building and Testing a Prototype Network System

The goal of this section is to help you itemize the tasks to build a prototype that verifies and demonstrates the behavior of a network system. A secondary goal is to help you determine how much of a network system must be implemented in a prototype to verify the design. A prototype is an initial implementation of a new system that provides a model on which the final implementation will be patterned. A prototype allows a designer to validate the operation and performance of a new system. It...

Building Cabling Topologies

Within a building, either a centralized or distributed architecture can be used, depending on the size of the building. For small buildings, a centralized scheme with all cables terminating in a communications room on one floor is possible, as shown on the left side of Figure 10-1. A centralized scheme offers good manageability but does not scale. For larger buildings, a distributed topology is more appropriate. Many LAN technologies make an assumption that workstations are no more than 100...

Bursty traffic

Network traffic characterized by short intervals of intense activity with lulls between the intervals. Broadcast and Unknown Server. Multicast server used in ELANs that floods traffic addressed to an unknown destination and forwards multicast and broadcast traffic to the appropriate clients.

Business and Technical Goals

Klamath's main business goals for the WAN design project are as follows Increase profits by implementing a WAN that will support the goals of the Conservation Initiative Task Force, in particular the new distance-learning Improve the performance of the existing WAN to support more efficient operations. Contain the rising costs associated with operating the existing WAN. Provide a network that will let employees more easily share ideas for further improving efficiency and increasing the use of...

Business Goals

The college still wants to attract and retain more students. The college Board of Trustees believes that the best way to remain fiscally sound is to continue to increase enrollment and reduce attrition. The college administration and Board of Trustees identified the following business goals Increase the enrollment from 600 to 1000 students in the next 3 years. Reduce the attrition rate from 30 to 15 percent in the next 3 years. Improve faculty efficiency and allow faculty to participate in more...

Business Goals Checklist

You can use the following checklist to determine if you have addressed your client's business-oriented objectives and concerns. If you can't gather every piece of data mentioned in the checklist, make sure you document what is missing in case it becomes critical, but don't stall the project to gather every last detail. This book teaches an ideal network design methodology that you should try to follow, but if real-world constraints, such as uncooperative network design customers, budget cuts,...

Cabling Topologies

Companies such as AT& T, IBM, Digital Equipment Corporation (DEC), Hewlett-Packard, and Northern Telecom have all published cabling specifications and guidelines for developing a cabling topology. In addition, the Electronics Industry Association and the Telecommunications Industry Association publish the EIA TIA guidelines for unshielded twisted-pair (UTP) cabling and installation. Though the guidelines from the different organizations differ slightly, the main goal of all of them is to...

Calculating Theoretical Traffic Load

As described in Chapter 2, traffic load (sometimes called offered load) is the sum of all the data network nodes have ready to send at a particular time. A general goal for most network designs is that the network capacity should be more than adequate to handle the traffic load. The challenge is to determine if the capacity proposed for a new network design is sufficient to handle the potential load. In his book Local and Metropolitan Area Networks, William Stallings provides some...

Campus ATM Networks

ATM can be used in WAN and campus networks. This chapter discusses ATM campus networks Chapter 11 discusses ATM WAN networks. In a campus network, a designer can select ATM as a backbone technology for connecting LANs. The designer also has the option of recommending that workstations be equipped with ATM NICs and protocol stacks. In the mid-1990s some networking experts thought ATM would replace many LAN installations because of its scalability and support for QoS requirements. As Ethernet has...

Campus Cabling Topologies

The cabling that connects buildings is exposed to more physical hazards than the cabling within buildings. A construction worker might dig a trench between buildings and inadvertently cut cables. Flooding, ice storms, earthquakes and other natural disasters can also cause problems, as can manmade disasters such as terrorist attacks. In addition, cables might cross properties outside the control of the organization, making it hard to troubleshoot and fix problems. For these reasons, cables and...

Caveats with Private Addressing

Although the benefits of private addressing outweigh the disadvantages, it is important to be aware of the drawbacks. One drawback is that outsourcing network management is difficult. When a company delegates network management responsibility to an outside company, the outside company typically sets up network consoles at its own site that communicate with internetworking devices inside the client's network. With private addressing, however, the consoles cannot reach the client's devices,...

Centralized Versus Distributed Monitoring

In a centralized monitoring architecture, all NMSs reside in one area of the network, often in a corporate network operations center (NOC). Agents are distributed across the internetwork and send data such as ping and SNMP responses to the centralized NMSs. The data is sent via out-of-band or in-band paths. Distributed monitoring means that NMSs and agents are spread out across the internetwork. A hierarchical distributed arrangement can be used whereby distributed NMSs send data to...

Challenges Associated with Cable Modem Systems

A challenge with implementing a remote-access solution based on cable modems is that the CATV infrastructure was designed for broadcasting TV signals in just one direction from the cable TV company to a person's home. Data transmission, however, is bidirectional. Data travels from the provider to the home (or small office) and from the home to the provider. Because of the design of CATV networks, most cable-network services offer much more bandwidth for downstream traffic (from the service...

Changes for the Second Edition

The first edition of Top-Down Network Design taught a classic method for network design that is still relevant today. A top-down process focuses on requirements analysis and architectural design, which should be completed before the selection of specific network components. A top-down process can be applied to networks of all sorts, including old-fashioned networks with 10-Mbps Ethernet or Token Ring, as well as modern networks with Gigabit Ethernet, Synchronous Optical Network (SONET), and...

Analyzing Business Goals and Constraints

This chapter serves as an introduction to the rest of the book by describing top-down network design. The first section explains how to use a systematic, top-down process when designing computer networks for your customers. Depending on your job, your customers might be other departments within your company, those to whom you are trying to sell products, or clients of your consulting business. After describing the methodology, this chapter focuses on the first step in top-down network design...

Selecting Technologies and Devices for Campus Networks

Physical network design involves the selection of LAN and WAN technologies for campus and enterprise network designs. During this phase of the top-down network design process, choices are made regarding cabling, physical and data link layer protocols, and internetworking devices (such as hubs, switches, routers, and wireless access points). A logical design, which Part II, Logical Network Design, covered, forms the foundation for a physical design. In addition, business goals, technical...

Selecting Technologies and Devices for Enterprise Networks

This chapter presents technologies for the remote-access and wide-area network (WAN) components of an enterprise network design. The chapter discusses physical and data link layer protocols and enterprise network devices, such as remote-access servers, routers, and virtual private network (VPN) concentrators. The chapter begins with a discussion of the following remote-access technologies The Point-to-Point Protocol (PPP) Integrated Services Digital Network (ISDN) Digital Subscriber Line (DSL)...

Testing Your Network Design

Part IV, Testing, Optimizing, and Documenting Your Network Design, of Top-Down Network Design covers the final steps in network design testing, optimizing, and documenting your design. This chapter discusses testing your design, which is a critical step in a systems-analysis approach to network design. Testing will help you prove to yourself and your network design customer that your solution meets business and technical goals. This chapter covers using industry tests to predict the performance...

Optimizing Your Network Design

Optimization is a critical design step for organizations that use high-bandwidth and delay-sensitive applications. To achieve business goals, these organizations expect their networks to use bandwidth efficiently, to control delay and jitter, and to support preferential service for essential applications. Internetworking vendors, such as Cisco Systems, and standards bodies, such as the Institute of Electrical and Electronics Engineers (IEEE) and the Internet Engineering Task Force (IETF), offer...

Documenting Your Network Design

This chapter starts by providing advice on responding to a customer's request for proposal (RFP), and concludes with information on writing a design document when no RFP exists. The section Contents of a Network Design Document provides an outline of a typical design document, and specifies the topics that should be included in each part of the document. The section serves as a summary for Top-Down Network Design because it references each of the major steps of the top-down design methodology...

Analyzing Technical Goals and Tradeoffs

This chapter provides techniques for analyzing a customer's technical goals for a new network design or network upgrade. Analyzing your customer's technical goals can help you confidently recommend technologies that will perform to your customer's expectations. Typical technical goals include scalability, availability, network performance, security, manageability, usability, adaptability, and affordability. Of course, there are tradeoffs associated with these goals. For example, meeting strict...

Designing a Network Topology

In this chapter, you will learn techniques for developing a network topology. A topology is a map of an internetwork that indicates network segments, interconnection points, and user communities. Although geographical sites can appear on the map, the purpose of the map is to show the geometry of the network, not the physical geography or technical implementation. The map is a high-level blueprint of the network, analogous to an architectural drawing that shows the location and size of rooms for...

Designing Models for Addressing and Naming

This chapter provides guidelines for assigning addresses and names to internetwork components, including networks, subnets, routers, servers, and end systems. The chapter focuses on Internet Protocol (IP) addressing and naming. To benefit most from this chapter, you should already have a basic understanding of IP addressing. This chapter illustrates the importance of using a structured model for network layer addressing and naming. Without structure, it is easy to run out of addresses, waste...

Selecting Switching and Routing Protocols

The goal of this chapter is to help you select the right switching and routing protocols for your network design customer. The selections you make will depend on your customer's business and technical goals. To help you select the right protocols for your customer, the chapter covers the following attributes of switching and routing protocols Network traffic characteristics Bandwidth, memory, and CPU usage The approximate number of peer routers or switches supported The capability to quickly...

Developing Network Security Strategies

Developing security strategies that can protect all parts of a complicated network while having a limited effect on ease of use and performance is one of the most important and difficult tasks related to network design. Security design is challenged by the complexity and porous nature of modern networks that include public servers for electronic commerce, extranet connections for business partners, and remoteaccess services for users reaching the network from home, customer sites, hotel rooms,...

Developing Network Management Strategies

This chapter concludes the discussion of logical network design. Network management is one of the most important aspects of logical network design. Management is often overlooked during the design of a network because it is considered an operational issue rather than a design issue. However, if you consider management in the beginning, you can avoid scalability and performance problems that occur when management is added to a design after the design is complete. A good network management design...

Characterizing Network Addressing and Naming

Characterizing the logical infrastructure of a network involves documenting any strategies your customer has for network addressing and naming. Addressing and naming are discussed in greater detail in Part II of this book, Logical Network Design. When drawing detailed network maps, include the names of major sites, routers, network segments, and servers. Also document any standard strategies your customer uses for naming network elements. For example, some customers name sites using airport...

Characterizing Quality of Service Requirements

Analyzing network traffic requirements isn't quite as simple as identifying flows, measuring the load for flows, and characterizing traffic behavior such as broadcast and error-recovery behavior. You need to also characterize the QoS requirements for applications. Just knowing the load (bandwidth) requirement for an application is not sufficient. You also need to know if the requirement is flexible or inflexible. Some applications continue to work (although slowly) when bandwidth is not...

Characterizing Traffic Load

To select appropriate topologies and technologies to meet a customer's goals, it is important to characterize traffic load with traffic flow. Characterizing traffic load can help you design networks with sufficient capacity for local usage and internetwork flows. Because of the many factors involved in characterizing network traffic, traffic load estimates are unlikely to be precise. The goal is simply to avoid a design that has any critical bottlenecks. To avoid bottlenecks, you can research...

Checking a Site for a Wireless Installation

A common goal for modern campus network designs is to install a wireless LAN (WLAN) based on IEEE 802.11 standards. An important aspect of inspecting the architectural and environmental constraints of a site is determining the feasibility of using wireless transmission. The term wireless site survey is often used to describe the process of analyzing a site to see if it will be appropriate for wireless In some ways, doing a wireless site survey is no different from checking an architecture for...

Checking Architectural and Environmental Constraints

When investigating cabling, pay attention to such environmental issues as the possibility that cabling will run near creeks that could flood, railroad tracks or highways where traffic could jostle cables, or construction or manufacturing areas where heavy equipment or digging could break cables. Be sure to determine if there are any legal right-of-way issues that must be dealt with before cabling can be put into place. For example, will cabling need to cross a public street Will it be necessary...

Checking the Health of the Existing Internetwork

Studying the performance of the existing internetwork gives you a baseline measurement from which to measure new network performance. Armed with measurements of the present internetwork, you can demonstrate to your customer how much better the new internetwork performs once your design is implemented. Many of the network-performance goals discussed in Chapter 2, Analyzing Technical Goals and Tradeoffs, are overall goals for an internetwork. Because the performance of existing network segments...

Choosing Between Distance Vector and Link State Protocols

According to Cisco design documents, you can use the following guidelines to help you decide which typ Choose distance-vector protocols when The network uses a simple, flat topology and does not require a hierarchical design. The network uses a simple hub-and-spoke topology. The administrators do not have enough knowledge to operate and troubleshoot link-state protoc Worst-case convergence times in the network are not a concern. The network design is hierarchical, which is usually the case for...

Circuit Diversity

When provisioning backup WAN links, you should learn as much as possible about the actual physical circuit routing. Different carriers sometimes use the same facilities, meaning that your backup path is susceptible to the same failures as your primary path. You should do some investigative work to ensure that your backup really is a backup. Network engineers use the term circuit diversity to refer to the optimum situation of circuits using different paths. Because carriers lease capacity to...

Cisco Discovery Protocol

As mentioned in Chapter 3, Characterizing the Existing Internetwork, CDP specifies a method for Cisco routers and switches to send configuration information to each other on a regular basis. Although some security experts recommend disabling CDP because a hacker could use the information to learn about a network's configuration and topology, many network managers leave CDP enabled because of its usefulness. CDP is enabled by default. With the show cdp neighbors detail command, you can display...

Cisco Ether Channel

The previous three sections migrated into the realm of MAN applications. Getting back to smaller campus networks, one more technology that is a part of many network designers' toolbox of LAN choices is Cisco EtherChannel technology. EtherChannel is a trunking technology that groups full-duplex 802.3 Ethernet links together so that the links can provide extremely high speeds, support load sharing, and back each other up if one link fails. EtherChannel was first introduced by Kalpana in its...

Cisco Express Forwarding

CEF is a Cisco-patented technique for switching packets very quickly across large backbone networks and the Internet. Rather than relying on the caching techniques used by classic switching methods, CEF depends on a forwarding information base (FIB). The FIB allows CEF to be much less processor-intensive than other Layer 3 switching methods because the FIB tables contain forwarding information for all routes in the routing tables (whereas a cache contains only a subset of routing information)....

Cisco Net Flow Accounting

As mentioned in Chapter 3, Cisco IOS NetFlow technology is an integral part of Cisco IOS Software that collects and measures data as it enters router or switch interfaces. The information gathered enables a network manager to characterize utilization of network and application resources. It can also be used to design quality of service (QoS) support. A network flow is defined as a unidirectional sequence of packets between a source and destination endpoint. A flow endpoint is identified both by...

Cisco Tools

For your network design customers who have numerous Cisco products, Cisco offers a wide range of management tools. The CiscoWorks and Cisco Secure family of products consolidate and automate common management tasks. These products support device and infrastructure management, security and identity management, IP telephony management, and critical traffic management. CiscoWorks tools include the CiscoWorks QoS Policy Manager, CiscoWorks Voice Manager for Voice Gateways, CiscoWorks Small Network...

Cisco Tools for Characterizing an Existing Internetwork

Cisco has a complete range of tools for characterizing an existing internetwork, ranging from the simple Cisco Discovery Protocol (CDP) to the sophisticated CiscoWorks. CDP specifies a method for Cisco routers and switches to send configuration information to each other on a regular basis. Analyzing CDP data can help you characterize the existing network (although you should use more sophisticated tools for large networks). If you enable CDP on a device and its neighbors, you can use the show...

Ciscos Service Assurance Agent SAA

Like NetFlow, the Cisco Service Assurance Agent (SAA) is software that is built in to most Cisco platforms. SAA supports active network performance monitoring. Active monitoring means that traffic is generated and analyzed to measure performance between Cisco devices or between Cisco devices and servers. A network manager can use SAA to measure network health, verify service-level agreements, assist with network troubleshooting, and plan network upgrades. SAA can generate UDP, TCP, and ICMP...

Cisco Works Internetwork Performance Monitor

Chapter 3 mentioned the CiscoWorks Internetwork Performance Monitor (IPM), which is a network-management tool that locates bottlenecks, measures response time, and diagnoses latency problems. IPM is available as a component of the CiscoWorks Routed WAN Management Solution. Working with features of the Cisco IOS Software, IPM can identify the possible paths between two devices and display the performance for each of the hops in the paths. Software processes in the Cisco IOS Software that perform...

Class Based Weighted Fair Queuing

CBWFQ combines the best elements of priority, custom, and weighted-fair queuing. CBWFQ results in a more complex configuration than the other queuing methods, but the complexity adds flexibility not found in the other methods. CBWFQ lets you define traffic classes based on match criteria such as protocols, access control lists, and input interfaces. Packets satisfying the criteria for a class constitute the traffic for that class. A FIFO queue is reserved for each class, and traffic belonging...

Classful Versus Classless Routing Protocols

The previous chapter discussed the differences between IP classful and classless routing protocols. To s 6, Designing Models for Addressing and Naming, a classful routing protocol, such as RIP or IGRP, alwi (Class, A, B, or C). Address summarization is automatic by major network number. This means that dis to each other, and variable-length subnet masking (VLSM) is not supported. Classless protocols, on the other hand, transmit prefix length or subnet mask information with IP netwc routing...

Classic Methods for Layer 3 Packet Switching

Process switching is the slowest of the switching methods. With process switching, when an interface processor receives an incoming packet, it transfers the packet to input output memory on the router. The interface processor also generates a receive interrupt of the central processor. The central processor determines the type of packet and places it in the appropriate input queue. For example, if it is an IP packet, the central processor places the packet in the ip_input queue. The next time...

Classifying LAN Traffic

The IEEE specifies a method for tagging LAN frames with a class of service (COS) in its 802.1D document, Standard for Local Area Network MAC (Media Access Control) Bridges. COS for LAN frames was originally published as a supplement to 802.1D that was called 802.1p. Most vendors still refer to the technology as 802.1p, and this book continues to call it 802.1p. 802.1p specifies mechanisms for switches to expedite the delivery of time-critical traffic and to limit the extent of high-bandwidth...

Classless Interdomain Routing

In the mid-1990s, the IETF and IANA realized that the lack of a hierarchical model for assigning network numbers in the Internet was a severe scalability problem. Internet routing tables were growing exponentially, and the amount of overhead to process and transmit the tables was significant. To constrain routing overhead, it became clear that the Internet must adopt a hierarchical addressing and routing scheme. To solve the routing overhead problem, the Internet adopted the classless...

Classless Routing Versus Classful Routing

As shown in Figure 6-1, an IP address contains a prefix part and a host part. Routers use the prefix to determine the path for a destination address that is not local. Routers use the host part to reach local hosts. Figure 6-1. The Two Parts of an IP Address Figure 6-1. The Two Parts of an IP Address A prefix identifies a block of host numbers and is used for routing to that block. Traditional routing, also known as classful routing, does not transmit any information about the prefix length....

Command Syntax Conventions

The conventions used to present command syntax in this book are the same conventions used in the IOS Command Reference. The Command Reference describes these conventions as follows Boldface indicates commands and keywords that are entered literally as shown. In actual configuration examples and output (not general command syntax), boldface indicates commands that are manually input by the user (such as a show command). Italics indicate arguments for which you supply actual values. Vertical bars...

Committed Access Rate

Cisco also supports a feature called committed access rate (CAR) that allows you to classify and police traffic on an incoming interface. CAR supports specifying policies regarding how traffic that exceeds a certain bandwidth allocation should be handled. CAR looks at traffic received on an interface (or a subset of that traffic selected by an access control list), compares its rate to a configured maximum, and then takes action based on the result. For example, it can drop a packet or change...

Components of a Security Policy

In general, a policy should include at least the following items An access policy that defines access rights and privileges. The access policy should provide guidelines for connecting external networks, connecting devices to a network, and adding new software to systems. An access policy might also address how data is categorized (for example, confidential, internal, and top secret.) An accountability policy that defines the responsibilities of users, operations staff, and management. The...

Compressed Real Time Protocol

The Real Time Protocol (RTP), which is defined in RFC 1889, provides end-to-end network transport functions suitable for transmitting real-time data over multicast or unicast network services. Applications typically run RTP on top of the User Datagram Protocol (UDP) to make use of UDP's multiplexing and checksum services. Working together with UDP, RTP implements Layer 4 (transport) functionality. (UDP is not required. RTP can be used with other suitable underlying network or transport...

Conclusions

Based on the testing and data analysis performed for Umqua, the following conclusions were made The network can easily accommodate 10 to 20 people in Building 4 using the new Oracle order-entry system, especially if some efficiency improvement in the SQL requests is made. The minute-by-minute average load on the FDDI backbone is currently about 15 percent to 20 percent of capacity most of the afternoon. Because of traffic bursts, however, the network frequently reaches full capacity, and the...

Configuration Management

Configuration management helps a network manager keep track of network devices and maintain information on how devices are configured. With configuration management, a network manager can define and save a default configuration for similar devices, modify the default configuration for specific devices, and load the configuration on devices. Configuration management also lets a manager maintain an inventory of network assets, and do version-logging. Version-logging refers to keeping track of the...

Constant Bit Rate Service Category

When CBR is used, a source end system reserves network resources in advance and asks for a guarantee that the negotiated QoS be assured to all cells as long as the cells conform to the relevant conformance tests. The source can emit cells at the peak cell rate (PCR) at any time and for any duration and the QoS commitments should pertain. CBR is used by applications that need the capability to request a static amount of bandwidth to be continuously available during a connection lifetime. The...

Contents of a Network Design Document

When your design document does not have to follow a format dictated by an RFP, or when a customer requests a follow-up document to a basic RFP response, you should write a design document that fully describes your network design. The document should include the logical and physical components of the design, information on technologies and devices, and a proposal for implementing the design. The following sections describe the topics that should be included in a comprehensive design document.

Controlled Load Service

Controlled-load service is defined in RFC 2211 and provides a client data flow with a QoS closely approximating the QoS that same flow would receive on an unloaded network. Admission control is applied to requests to ensure that the requested service is received even when the network is overloaded. The controlled-load service is intended for applications that are highly sensitive to overloaded conditions, such as real-time applications. These applications work well on unloaded networks, but...

Copyright

Published by Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the United States of America 1 2 3 4 5 6 7 8 9 0 Library...

Corporate and Government Sales

Cisco Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact U.S. Corporate and Government Sales 1-800-382-3419 corpsales pearsontechgroup.com For sales outside of the U.S. please contact international pearsoned.com At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted with care and precision, undergoing rigorous development that involves the...

Cost

Mean time between failure (MTBF) and mean time to repair (MTTR) Support for packet filters and other security measures Support for hot-swappable components Support for redundant power supplies Availability and quality of technical support Availability and quality of documentation Availability and quality of training (for complex switches and routers) Reputation and viability of the vendor Availability of independent test results that confirm the performance of the device For switches and...

Count to infinity

Problem that can occur in routing algorithms that are slow to converge, in which routers continuously increment the hop count to particular networks. Typically, some arbitrary hop-count limit is imposed to prevent this problem. cyclic redundancy check. Error-checking technique in which the frame recipient calculates a remainder by dividing frame contents by a prime binary divisor and compares the calculated remainder to a value stored in the frame by the sending node.

Credits

John Kane Anthony Wolfenden Nannette M. Noble Development Editor Project Editor Copy Editor Technical Editors Ginny Bess Munroe Keith Cline Matthew H. Birkner Tammi Barnett Louisa Adair Octal Publishing, Inc. Julie Bess Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA 800 553-NETS (6387) Fax 408 526-4100 Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel 31 0 20 357 1000 Fax 31 0 20 357 1100 Cisco...

Csmacd

Carrier sense multiple access with collision detection. Media-access mechanism wherein devices determine if another device is already transmitting before starting their own transmissions. If no transmission is sensed for a specific period of time, a device can transmit. If multiple devices transmit at once, a collision occurs and is detected by all colliding devices. This collision subsequently delays retransmission from those devices for some random length of time. CSMA CD is used by Ethernet...

Current State of the Network

This section briefly describes the structure and performance of the existing network. It should include a high-level network map that identifies the location of major internetworking devices, data processing and storage systems, and network segments. The high-level map should document the names and addresses of major devices and segments and indicate the types and lengths of principal network segments. For very large internetworks, two or three high-level maps might be necessary. Detailed maps,...

Custom Queuing

Custom queuing was designed to allow a network to be shared among applications with different minimum bandwidth or latency requirements. Custom queuing assigns different amounts of queue space to different protocols and handles the queues in round-robin fashion. A particular protocol can be prioritized by assigning it more queue space. Custom queuing is more fair than priority queuing, although priority queuing is more powerful for prioritizing a single critical application. You can use custom...

Data Encryption

Encryption is a process that scrambles data to protect it from being read by anyone but the intended receiver. An encryption device encrypts data before placing it on a network. A decryption device decrypts the data before passing it to an application. A router, server, end system, or dedicated device can act as an encryption or decryption device. Data that is encrypted is called ciphered data (or simply encrypted data). Data that is not encrypted is called plain text or clear text. Encryption...