Introduction
Chapter 1 Rise of the IP Transport System
The Internet Explosion
Next-Generation IP Applications
Voice over IP
IP Storage
MPLS: New Kid on the Block
Next-Generation IP Transport System
Continuous Improvements of Protocols
Chapter 2 Establishing a High-Availability Network
Understanding the Five-Nines Availability Debate
Differentiating Between Reliability and Availability
The Five-Nines Approach
Idiosyncrasies of the Telcordia GR-512-Core Document
The Truth About 50-ms Resiliency
A Practical Approach to Achieving High Availability
Measuring Availability
Defining a Metric
Understanding the Issue of Network Availability
Setting a Strategy to Achieve High Availability
Designing a Network for High Availability
Establishing Continuous Fault Detection and Measurement of Network Availability
Making Full Use of Scheduled Downtime
Instituting a Disciplined Approach to Network Operation and Processes
Summary
Chapter 3 Fundamentals of IP Resilient Networks
Revisiting IP, TCP, and UDP
Internet Protocol
Transmission Control Protocol
TCP Three-Way Handshake
TCP Sliding Window
User Datagram Protocol
Device-Level Resiliency
Online Insertion and Removal (OIR)
Single Line Card Reload
High System Availability
Route Processor Redundancy
Route Processor Redundancy Plus
Stateful Switchover
Nonstop Forwarding
Impact of Different Switching Paths
Process Switching
Cisco Express Forwarding Switching
Central CEF
Distributed CEF
Protecting the Control Plane and Data Plane
Establishing a Resiliency Strategy
Redundancy Strategy
Logical Resiliency
Physical Resiliency
Scaling Strategy
Key Principles for Designing Resilient Networks
Simplicity
Modularity
Security
Summary
Chapter 4 Quality of Service
Protecting the Control Plane with QoS
Traffic Types That Affect the Control Plane
Tagging Routing Protocol and Layer 2 Control Packets
IP Precedence
The pak_priority Flag
Selective Packet Discard
Receive ACL
Control-Plane Policing
Protecting Applications with QoS
Understanding the Need for Application QoS
Latency
Jitter
Loss
Determining When to Deploy QoS
Scenario 1: Undercongested Link
Scenario 2: Occasionally Congested Link
Scenario 3: Badly Congested Link
Building Blocks of QoS
Classification and Marking
Congestion Avoidance
Congestion Management
Traffic Conditioning
Application QoS and Control-Plane Traffic
QoS Deployment Strategy
Classifying Applications
Defining Policies
Testing Policies
Implementing QoS Features
Monitoring
Summary
Chapter 5 Core Module
Network Convergence in the Core
OSPF Enhancements
Shortest Path First (SPF) Throttling
OSPF LSA Throttling
OSPF LSA Flooding Reduction
OSPF Fast Hello
OSPF Update Packet-Pacing Timer
OSPF Incremental SPF
OSPF Graceful Restart
RFC 3623
Cisco Implementation
IS-IS Enhancements
IS-IS SPF Throttling
IS-IS LSP Generation
IS-IS LSA Flooding Reduction
IS-IS Fast Hellos
IS-IS Update Packet-Pacing Timer
IS-IS Incremental SPF
IS-IS Graceful Restart
Cisco Implementation
IETF Implementation
EIGRP Enhancements
EIGRP Graceful Shutdown
EIGRP Graceful Restart
EIGRP Stub Router Functionality
Bidirectional Forwarding Detection (BFD)
IP Event Dampening
Multipath Routing
Load Balancing
Equal-Cost Multipath (ECMP)
Per Packet
Per Destination
MPLS Traffic Engineering
Fast Reroute Link Protection
Fast Reroute Node Protection
Multicast Subsecond Convergence
Summary
Chapter 6 Access Module
Multilayer Campus Design
Access Layer
Distribution Layer
Core Layer
Access Module Building Blocks
Layer 2 Domain
The Spanning Tree Protocol: IEEE 802.1d
PortFast
UplinkFast
BackboneFast
Unidirectional Link Detection (UDLD)
RootGuard
LoopGuard
BPDUGuard
VLANs and Trunking
Common Spanning Tree (CST)
Per-VLAN Spanning Tree (PVST)
Per-VLAN Spanning Tree Plus (PVST+)
IEEE 802.1w
IEEE 802.1s
Channeling Technology
Layer 2 Best Practices
Simple Is Better
Limit the Span of VLANs
Build Triangles, Not Squares
Protect the Network from Users
Selecting Root Bridges
Use Value-Added Features
EtherChannel Deployment
EtherChannel Load Balancing
Consistent EtherChannel Port Settings
Layer 2 Setting for EtherChannel
Turning Off Autonegotiation
Layer 3 Domain
Hot Standby Routing Protocol (HSRP)
Virtual Router Redundancy Protocol (VRRP)
Global Load Balancing Protocol (GLBP)
Layer 3 Best Practices
Adopt Topology-Based Switching
Using Equal-Cost Multipath
Conserve Peering Resources
Adopt a Hierarchical Addressing Scheme
Summary
Chapter 7 Internet Module
Understanding Addressing and Routing in the Internet Module
Address-Assignment Scheme
Routing
Routing for Internal Users
Routing for External Users
Establishing Internet Module Redundancy
Link-Level Redundancy
Device-Level Redundancy
ISP-Level Redundancy
Site-Level Redundancy
Implementing Security Measures
Security Policy
Filtering at the Internet Module
Resilient Border Gateway Protocol (BGP) Design
BGP Soft Reconfiguration
BGP Convergence Optimization
BGP Next-Hop Address Tracking
BGP Support for Fast Peering Session Deactivation
BGP Route Dampening
Nonstop Forwarding with Stateful Switchover (NSF/SSO) for BGP
Using Network Address Translation (NAT)
Enhanced NAT Resiliency
NAT with Route Map
Static Mapping with Hot Standby Routing Protocol (HSRP) Support
Stateful NAT
Limiting NAT Entries
Multihoming with NAT
Effects of NAT on Network and Applications
Implications on TCP and ICMP Traffic
Application-Specific Gateways
Effects on Voice over IP (VoIP) Traffic
Effects on Router Performance
Effects on Network Security
Summary
Chapter 8 WAN Module
Leased Line
Domestic Leased Circuit Versus International Private Leased Circuit
Leased Circuit Encapsulation
Equal-Cost Load Balancing
Multilink Point-to-Point Protocol (MPPP)
SONET/SDH
SONET/SDH Framing
PPP over SONET/SDH
SONET/SDH Protection Switching
Resilient Packet Ring
DPT Architecture
DPT/SRP Classes of Service
SRP Queuing
SRP Fairness Algorithm
RPR Standards
Differences Between 802.17 and DPT/SRP
Dial Backup
Virtual Private Network (VPN)
IP Tunnel
L2TPv3
L2TPv3 Deployment
MPLS-VPN
Summary
Chapter 9 Data Center Module
Data Center Environmental Considerations
Cabling
Tagging
Documentation
Discipline
Rack Space
Server Size
Power
Next-Generation Server Architecture
Data Center Network Considerations
Security
Server Performance
Fault-Tolerant Server Features
Multifaceted Server
Data Center Network Architecture
Access Layer Design
NIC Teaming
Clustering
Aggregation Layer Design
Trunk Ports on an Aggregation Switch
Routed Ports on an Aggregation Switch
Architecture Scaling Consideration
Data Center Network Security
Layer 2 Security
Private VLANs (PVLANs)
VLAN Access Control List (VACL)
Port Security
Dynamic ARP Inspection
Layer 3 Security
Switch Forwarding Architecture
Control Plane Policing
DHCP Server Protection
Service Optimization
Server Load Balancing
Global Site Selector
Understanding DNS Resolution
Using GSS
Web Cache Communication Protocol (WCCP)
Integrated Service Modules
Summary
Chapter 10 Beyond Implemention: Network Managment
Components of Network Management
Fault Management
Configuration Management
Configuration File Management
Inventory Management
Software Management
Accounting Management
Performance Management
Security Management
ACLs
User IDs and Passwords
TACACS
Establishing a Baseline
Step 1: Take a Snapshot of Inventory
Step 2: Collect Relevant Data
MIB Entries and Object Identifiers
Multi-Router Traffic Grapher
Step 3: Analyze Data
Step 4: Prioritize Problem Areas
Step 5: Determine a Course of Action
Managing Cisco IOS Deployment
Overview of IOS Releases
Understanding IOS Naming Convention
IOS Software Life Cycle Management
Planning
Design
Testing
Implementation
Operation
Moving Toward Proactive Management
IP Service Level Agreement
ICMP-Based IP SLA Operation
Responder-Based IP SLA Operation
Nonresponder-Based IP SLA Operation
Examples of IP SLA Operations
Component Outage Online (COOL) Measurement
Embedded Event Manager (EEM)
Next-Generation IOS Architecture
Summary
End Notes
Appendix A Calculating Network Availability
Appendix BRFCs Relevant to Building a Resilient IP Network
Appendix CThe Cisco Powered Network Checklist
Index
1587052156TOC112205
More and more companies are building networks that are used not only for corporate communication, but most importantly, for doing business. Since the network has become such a strategic business tool, its availbality is of utmost importance to these companies and to their service providers. Therefore, the challenge for network professionals is ensuring networks are up at all times; keeping abreast of the latest technology that helps maintain uptime; and reacting to ever-increasing denial of service attacks. Problems faced by network professionals when meeting these challenges include lack of understanding regarding network availability; ignorance of the latest features and tools; hard-to-find documentation; lack of education programs; savvy black hats who attack networks. Building Resilient IP Networks helps network professionals take on these challenges. First it shows what network availability means and focuses on real-life issues: appreciating the limitations of protocols and understanding what's been done to improve them. Next the book addresses the benefits of modular design and illustrates how modular design contributes to a resilient network. The bulk of the book explores new features and tools that recently developed with respect to modular design.
Kok-Keong “KK” Lee, CCIE® No. 8427, a consulting systems engineer for
Cisco Systems® South Asia, works closely with service providers and defense and large enterprise customers in Asia Pacific on network architecture. He has been a networking engineer since 1990 and specializes in IP core and MPLS technologies.
Fung Lim, CCIE No. 11970, is a systems engineer for Cisco and has been working with service providers in areas pertaining to network design, operations, and security. He has also been involved in the design of several provider networks in the Asia region.
Beng-Hui Ong is a product manager for the Cisco Broadband Edge and Midrange Routing Business Unit. He works with service providers and cable operators in the Asia Pacific region on network design and operations.
|
Ask a Question About this Product More... |
|
