Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010105343 | TK5105.585 L434 2006 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
The practical guide to building resilient and highly available IP networks
Learn from an all-in-one introduction to new features and developments in building a resilient IP network Enable your organization to meet internal service-level agreements (SLAs) for mission-critical resources Understand how a resilient IP network can help in delivering mission-critical information such as video and voice services Work with configuration examples that are based on real-world issues and customer requirements Get tips and best practices from field personnel who have worked on some of the largest networks with stringent uptime requirements and SLAs More companies are building networks with the intention of using them to conduct business. Because the network has become such a strategic business tool, its availability is of utmost importance to companies and their service providers. The challenges for the professionals responsible for these networks include ensuring that the network remains up all the time, keeping abreast of the latest technologies that help maintain uptime, and reacting to ever-increasing denial-of-service (DoS) attacks. Building Resilient IP Networks helps you meet those challenges. This practical guide to building highly available IP networks captures the essence of technologies that contribute to the uptime of networks. You gain a clear understanding of how to achieve network availability through the use of tools, design strategy, and Cisco IOS® Software. With Building Resilient IP Networks , you examine misconceptions about five-nines availability and learn to focus your attention on the real issues: appreciating the limitations of the protocols, understanding what has been done to improve them, and keeping abreast of those changes. Building Resilient IP Networks highlights the importance of having a modular approach to building an IP network and, most important, illustrates how a modular design contributes to a resilient network. You learn how an IP network can be broken down to various modules and how these modules interconnect with one another. Then you explore new network resiliency features that have been developed recently, categorized with respect to the design modules. Building Resilient IP Networks is relevant to both enterprise and service provider customers of all sizes. Regardless of whether the network connects to the Internet, fortifying IP networks for maximum uptime and prevention of attacks is mandatory for anyone's business. This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.Author Notes
Kok-Keong "KK" Lee , CCIE® No. 8427, a consulting systems engineer for
Cisco Systems® South Asia, works closely with service providers and defense and large enterprise customers in Asia Pacific on network architecture. He has been a networking engineer since 1990 and specializes in IP core and MPLS technologies.
Fung Lim , CCIE No. 11970, is a systems engineer for Cisco and has been working with service providers in areas pertaining to network design, operations, and security. He has also been involved in the design of several provider networks in the Asia region.
Beng-Hui Ong is a product manager for the Cisco Broadband Edge and Midrange Routing Business Unit. He works with service providers and cable operators in the Asia Pacific region on network design and operations.
Table of Contents
Introduction | p. xx |
Chapter 1 Rise of the IP Transport System | p. 3 |
The Internet Explosion | p. 4 |
Next-Generation IP Applications | p. 5 |
Voice over IP | p. 5 |
IP Storage | p. 5 |
MPLS: New Kid on the Block | p. 6 |
Next-Generation IP Transport System | p. 6 |
Continuous Improvements of Protocols | p. 7 |
Chapter 2 Establishing a High-Availability Network | p. 9 |
Understanding the Five-Nines Availability Debate | p. 9 |
Differentiating Between Reliability and Availability | p. 9 |
The Five-Nines Approach | p. 11 |
Idiosyncrasies of the Telcordia GR-512-Core Document | p. 12 |
The Truth About 50-ms Resiliency | p. 15 |
A Practical Approach to Achieving High Availability | p. 16 |
Measuring Availability | p. 17 |
Defining a Metric | p. 19 |
Understanding the Issue of Network Availability | p. 20 |
Setting a Strategy to Achieve High Availability | p. 21 |
Designing a Network for High Availability | p. 22 |
Establishing Continuous Fault Detection and Measurement of Network Availability | p. 22 |
Making Full Use of Scheduled Downtime | p. 23 |
Instituting a Disciplined Approach to Network Operation and Processes | p. 24 |
Summary | p. 25 |
Chapter 3 Fundamentals of IP Resilient Networks | p. 27 |
Revisiting IP, TCP, and UDP | p. 27 |
Internet Protocol | p. 27 |
Transmission Control Protocol | p. 29 |
TCP Three-Way Handshake | p. 31 |
TCP Sliding Window | p. 32 |
User Datagram Protocol | p. 33 |
Device-Level Resiliency | p. 34 |
Online Insertion and Removal (OIR) | p. 34 |
Single Line Card Reload | p. 36 |
High System Availability | p. 37 |
Route Processor Redundancy | p. 40 |
Route Processor Redundancy Plus | p. 41 |
Stateful Switchover | p. 43 |
Nonstop Forwarding | p. 45 |
Impact of Different Switching Paths | p. 48 |
Process Switching | p. 49 |
Cisco Express Forwarding Switching | p. 50 |
Central CEF | p. 53 |
Distributed CEF | p. 54 |
Protecting the Control Plane and Data Plane | p. 55 |
Establishing a Resiliency Strategy | p. 56 |
Redundancy Strategy | p. 56 |
Logical Resiliency | p. 57 |
Physical Resiliency | p. 57 |
Scaling Strategy | p. 58 |
Key Principles for Designing Resilient Networks | p. 59 |
Simplicity | p. 59 |
Modularity | p. 59 |
Security | p. 60 |
Summary | p. 61 |
Chapter 4 Quality of Service | p. 63 |
Protecting the Control Plane with QoS | p. 63 |
Traffic Types That Affect the Control Plane | p. 64 |
Tagging Routing Protocol and Layer 2 Control Packets | p. 65 |
IP Precedence | p. 65 |
The pak_priority Flag | p. 66 |
Selective Packet Discard | p. 67 |
Receive ACL | p. 67 |
Control-Plane Policing | p. 68 |
Protecting Applications with QoS | p. 69 |
Understanding the Need for Application QoS | p. 69 |
Latency | p. 70 |
Jitter | p. 71 |
Loss | p. 72 |
Determining When to Deploy QoS | p. 72 |
Scenario 1 Undercongested Link | p. 72 |
Scenario 2 Occasionally Congested Link | p. 73 |
Scenario 3 Badly Congested Link | p. 74 |
Building Blocks of QoS | p. 74 |
Classification and Marking | p. 75 |
Congestion Avoidance | p. 75 |
Congestion Management | p. 76 |
Traffic Conditioning | p. 76 |
Application QoS and Control-Plane Traffic | p. 76 |
QoS Deployment Strategy | p. 77 |
Classifying Applications | p. 78 |
Defining Policies | p. 81 |
Testing Policies | p. 81 |
Implementing QoS Features | p. 82 |
Monitoring | p. 82 |
Summary | p. 83 |
Chapter 5 Core Module | p. 85 |
Network Convergence in the Core | p. 85 |
OSPF Enhancements | p. 86 |
Shortest Path First (SPF) Throttling | p. 95 |
OSPF LSA Throttling | p. 98 |
OSPF LSA Flooding Reduction | p. 100 |
OSPF Fast Hello | p. 102 |
OSPF Update Packet-Pacing Timer | p. 104 |
OSPF Incremental SPF | p. 105 |
OSPF Graceful Restart | p. 106 |
RFC 3623 | p. 107 |
Cisco Implementation | p. 108 |
IS-IS Enhancements | p. 111 |
IS-IS SPF Throttling | p. 112 |
IS-IS LSP Generation | p. 113 |
IS-IS LSA Flooding Reduction | p. 114 |
IS-IS Fast Hellos | p. 114 |
IS-IS Update Packet-Pacing Timer | p. 115 |
IS-IS Incremental SPF | p. 116 |
IS-IS Graceful Restart | p. 117 |
Cisco Implementation | p. 117 |
IETF Implementation | p. 118 |
EIGRP Enhancements | p. 123 |
EIGRP Graceful Shutdown | p. 123 |
EIGRP Graceful Restart | p. 123 |
EIGRP Stub Router Functionality | p. 123 |
Bidirectional Forwarding Detection (BFD) | p. 124 |
IP Event Dampening | p. 126 |
Multipath Routing | p. 128 |
Load Balancing | p. 128 |
Equal-Cost Multipath (ECMP) | p. 129 |
Per Packet | p. 129 |
Per Destination | p. 130 |
MPLS Traffic Engineering | p. 132 |
Fast Reroute Link Protection | p. 133 |
Fast Reroute Node Protection | p. 136 |
Multicast Subsecond Convergence | p. 137 |
Summary | p. 139 |
Chapter 6 Access Module | p. 141 |
Multilayer Campus Design | p. 141 |
Access Layer | p. 143 |
Distribution Layer | p. 143 |
Core Layer | p. 144 |
Access Module Building Blocks | p. 144 |
Layer 2 Domain | p. 145 |
The Spanning Tree Protocol: IEEE 802.1d | p. 146 |
PortFast | p. 150 |
UplinkFast | p. 151 |
BackboneFast | p. 152 |
Unidirectional Link Detection (UDLD) | p. 154 |
RootGuard | p. 155 |
LoopGuard | p. 157 |
BPDUGuard | p. 157 |
VLANs and Trunking | p. 158 |
Common Spanning Tree (CST) | p. 161 |
Per-VLAN Spanning Tree (PVST) | p. 162 |
Per-VLAN Spanning Tree Plus (PVST+) | p. 164 |
IEEE 802.1w | p. 165 |
IEEE 802.1s | p. 168 |
Channeling Technology | p. 171 |
Layer 2 Best Practices | p. 173 |
Simple Is Better | p. 173 |
Limit the Span of VLANs | p. 174 |
Build Triangles, Not Squares | p. 174 |
Protect the Network from Users | p. 175 |
Selecting Root Bridges | p. 176 |
Use Value-Added Features | p. 176 |
EtherChannel Deployment | p. 177 |
EtherChannel Load Balancing | p. 177 |
Consistent EtherChannel Port Settings | p. 177 |
Layer 2 Setting for EtherChannel | p. 178 |
Turning Off Autonegotiation | p. 178 |
Layer 3 Domain | p. 178 |
Hot Standby Routing Protocol (HSRP) | p. 179 |
Virtual Router Redundancy Protocol (VRRP) | p. 183 |
Global Load Balancing Protocol (GLBP) | p. 183 |
Layer 3 Best Practices | p. 186 |
Adopt Topology-Based Switching | p. 186 |
Using Equal-Cost Multipath | p. 188 |
Conserve Peering Resources | p. 189 |
Adopt a Hierarchical Addressing Scheme | p. 190 |
Summary | p. 190 |
Chapter 7 Internet Module | p. 193 |
Understanding Addressing and Routing in the Internet Module | p. 194 |
Address-Assignment Scheme | p. 194 |
Routing | p. 196 |
Routing for Internal Users | p. 197 |
Routing for External Users | p. 198 |
Establishing Internet Module Redundancy | p. 199 |
Link-Level Redundancy | p. 200 |
Device-Level Redundancy | p. 201 |
ISP-Level Redundancy | p. 202 |
Site-Level Redundancy | p. 203 |
Implementing Security Measures | p. 204 |
Security Policy | p. 204 |
Filtering at the Internet Module | p. 206 |
Resilient Border Gateway Protocol (BGP) Design | p. 210 |
BGP Soft Reconfiguration | p. 210 |
BGP Convergence Optimization | p. 213 |
BGP Next-Hop Address Tracking | p. 214 |
BGP Support for Fast Peering Session Deactivation | p. 214 |
BGP Route Dampening | p. 215 |
Nonstop Forwarding with Stateful Switchover (NSF/SSO) for BGP | p. 216 |
Using Network Address Translation (NAT) | p. 222 |
Enhanced NAT Resiliency | p. 222 |
NAT with Route Map | p. 223 |
Static Mapping with Hot Standby Routing Protocol (HSRP) Support | p. 224 |
Stateful NAT | p. 226 |
Limiting NAT Entries | p. 230 |
Multihoming with NAT | p. 230 |
Effects of NAT on Network and Applications | p. 232 |
Implications on TCP and ICMP Traffic | p. 232 |
Application-Specific Gateways | p. 233 |
Effects on Voice over IP (VoIP) Traffic | p. 234 |
Effects on Router Performance | p. 235 |
Effects on Network Security | p. 235 |
Summary | p. 235 |
Chapter 8 WAN Module | p. 237 |
Leased Line | p. 237 |
Domestic Leased Circuit Versus International Private Leased Circuit | p. 238 |
Leased Circuit Encapsulation | p. 239 |
Equal-Cost Load Balancing | p. 241 |
Multilink Point-to-Point Protocol (MPPP) | p. 242 |
SONET/SDH | p. 244 |
SONET/SDH Framing | p. 245 |
PPP over SONET/SDH | p. 247 |
SONET/SDH Protection Switching | p. 248 |
Resilient Packet Ring | p. 251 |
DPT Architecture | p. 252 |
DPT/SRP Classes of Service | p. 254 |
SRP Queuing | p. 254 |
SRP Fairness Algorithm | p. 255 |
RPR Standards | p. 255 |
Differences Between 802.17 and DPT/SRP | p. 255 |
Dial Backup | p. 258 |
Virtual Private Network (VPN) | p. 261 |
IP Tunnel | p. 261 |
L2TPv3 | p. 265 |
L2TPv3 Deployment | p. 265 |
MPLS-VPN | p. 269 |
Summary | p. 279 |
Chapter 9 Data Center Module | p. 281 |
Data Center Environmental Considerations | p. 282 |
Cabling | p. 282 |
Tagging | p. 282 |
Documentation | p. 283 |
Discipline | p. 283 |
Rack Space | p. 283 |
Server Size | p. 284 |
Power | p. 287 |
Next-Generation Server Architecture | p. 288 |
Data Center Network Considerations | p. 289 |
Security | p. 289 |
Server Performance | p. 290 |
Fault-Tolerant Server Features | p. 290 |
Multifaceted Server | p. 291 |
Data Center Network Architecture | p. 291 |
Access Layer Design | p. 292 |
NIC Teaming | p. 295 |
Clustering | p. 297 |
Aggregation Layer Design | p. 298 |
Trunk Ports on an Aggregation Switch | p. 298 |
Routed Ports on an Aggregation Switch | p. 299 |
Architecture Scaling Consideration | p. 301 |
Data Center Network Security | p. 302 |
Layer 2 Security | p. 303 |
Private VLANs (PVLANs) | p. 304 |
VLAN Access Control List (VACL) | p. 310 |
Port Security | p. 311 |
Dynamic ARP Inspection | p. 312 |
Layer 3 Security | p. 313 |
Switch Forwarding Architecture | p. 314 |
Control Plane Policing | p. 314 |
DHCP Server Protection | p. 314 |
Service Optimization | p. 315 |
Server Load Balancing | p. 316 |
Global Site Selector | p. 320 |
Understanding DNS Resolution | p. 321 |
Using GSS | p. 323 |
Web Cache Communication Protocol (WCCP) | p. 324 |
Integrated Service Modules | p. 328 |
Summary | p. 329 |
Chapter 10 Beyond Implemention: Network Management | p. 331 |
Components of Network Management | p. 331 |
Fault Management | p. 332 |
Configuration Management | p. 333 |
Configuration File Management | p. 333 |
Inventory Management | p. 334 |
Software Management | p. 334 |
Accounting Management | p. 334 |
Performance Management | p. 335 |
Security Management | p. 336 |
ACLs | p. 337 |
User IDs and Passwords | p. 337 |
TACACS | p. 337 |
Establishing a Baseline | p. 337 |
Step 1 Take a Snapshot of Inventory | p. 340 |
Step 2 Collect Relevant Data | p. 340 |
MIB Entries and Object Identifiers | p. 340 |
Multi-Router Traffic Grapher | p. 343 |
Step 3 Analyze Data | p. 344 |
Step 4 Prioritize Problem Areas | p. 345 |
Step 5 Determine a Course of Action | p. 345 |
Managing Cisco IOS Deployment | p. 345 |
Overview of IOS Releases | p. 346 |
Understanding IOS Naming Convention | p. 346 |
IOS Software Life Cycle Management | p. 348 |
Planning | p. 349 |
Design | p. 349 |
Testing | p. 350 |
Implementation | p. 350 |
Operation | p. 350 |
Moving Toward Proactive Management | p. 351 |
IP Service Level Agreement | p. 352 |
ICMP-Based IP SLA Operation | p. 353 |
Responder-Based IP SLA Operation | p. 354 |
Nonresponder-Based IP SLA Operation | p. 354 |
Examples of IP SLA Operations | p. 354 |
Component Outage Online (COOL) Measurement | p. 355 |
Embedded Event Manager (EEM) | p. 358 |
Next-Generation IOS Architecture | p. 362 |
Summary | p. 364 |
End Notes | p. 365 |
Appendix A Calculating Network Availability | p. 367 |
Appendix B RFCs Relevant to Building a Resilient IP Network | p. 375 |
Appendix C The Cisco Powered Network Checklist | p. 383 |
Index | p. 389 |