Table of Contents
Introduction xxxi
Part I General Network Design
Chapter 1 Network Design Methodology 5
“Do I Know This Already?” Quiz 5
Foundation Topics 8
Cisco Architectures for the Enterprise 8
Borderless Networks Architecture 9
Collaboration Architecture 9
Data Center/Virtualization Architecture 10
Prepare, Plan, Design, Implement, Operate, and Optimize Phases 11
Prepare Phase 13
Plan Phase 14
Design Phase 14
Implement Phase 14
Operate Phase 14
Optimize Phase 14
Summary of PPDIOO Phases 14
Design Methodology Under PPDIOO 15
Identifying Customer Design Requirements 15
Characterizing the Existing Network 17
Steps in Gathering Information 17
Network Audit Tools 18
Network Analysis Tools 22
Network Checklist 22
Designing the Network Topology and Solutions 23
Top-Down Approach 23
Pilot and Prototype Tests 24
Design Document 25
References and Recommended Reading 26
Exam Preparation Tasks 27
Review All Key Topics 27
Complete Tables and Lists from Memory 27
Define Key Terms 27
Q&A 28
Chapter 2 Network Structure Models 37
“Do I Know This Already?” Quiz 37
Foundation Topics 40
Hierarchical Network Models 40
Benefits of the Hierarchical Model 40
Hierarchical Network Design 41
Core Layer 41
Distribution Layer 42
Access Layer 43
Hierarchical Model Examples 45
Cisco Enterprise Architecture Model 47
Enterprise Campus Module 48
Enterprise Edge Area 50
E-Commerce Module 50
Internet Connectivity Module 51
VPN/Remote Access 52
Enterprise WAN 53
Service Provider Edge Module 54
Remote Modules 55
Enterprise Branch Module 56
Enterprise Data Center Module 56
Enterprise Teleworker Module 56
Borderless Network Services 58
High Availability Network Services 58
Workstation-to-Router Redundancy and LAN High Availability Protocols 59
ARP 59
Explicit Configuration 59
RDP 59
RIP 59
HSRP 60
VRRP 61
GLBP 61
Server Redundancy 61
Route Redundancy 62
Load Balancing 62
Increasing Availability 62
Link Media Redundancy 64
References and Recommended Reading 65
Exam Preparation Tasks 66
Review All Key Topics 66
Complete Tables and Lists from Memory 66
Define Key Terms 66
Q&A 66
Part II LAN and WAN Design
Chapter 3 Enterprise LAN Design 79
“Do I Know This Already?” Quiz 79
Foundation Topics 82
LAN Media 82
Ethernet Design Rules 83
100-Mbps Fast Ethernet Design Rules 84
Gigabit Ethernet Design Rules 86
1000BASE-LX Long-Wavelength Gigabit Ethernet 86
1000BASE-SX Short-Wavelength Gigabit Ethernet 87
1000BASE-CX Gigabit Ethernet over Coaxial Cable 87
1000BASE-T Gigabit Ethernet over UTP 87
10 Gigabit Ethernet Design Rules 88
10GE Media Types 88
EtherChannel 89
Comparison of Campus Media 89
LAN Hardware 89
Repeaters 90
Hubs 90
Bridges 91
Switches 91
Routers 92
Layer 3 Switches 93
Campus LAN Design and Best Practices 94
Best Practices for Hierarchical Layers 95
Access Layer Best Practices 96
Distribution Layer Best Practices 96
Core Layer Best Practices 98
Large-Building LANs 101
Enterprise Campus LANs 102
Edge Distribution 103
Medium-Size LANs 103
Small and Remote Site LANs 103
Server Farm Module 104
Server Connectivity Options 105
Enterprise Data Center Infrastructure 105
Campus LAN QoS Considerations 106
Multicast Traffic Considerations 108
CGMP 108
IGMP Snooping 109
References and Recommended Readings 109
Exam Preparation Tasks 110
Review All Key Topics 110
Complete Tables and Lists from Memory 110
Define Key Terms 110
Q&A 110
Chapter 4 Data Center Design 121
“Do I Know This Already?” Quiz 121
Foundation Topics 124
Enterprise DC Architectures 124
Data Center 3.0 Components 125
Data Center 3.0 Topology Components 127
Challenges in the DC 127
Data Center Facility Aspects 128
Data Center Space 130
Data Center Power 131
Data Center Cooling 132
Data Center Heat 133
Data Center Cabling 133
Enterprise DC Infrastructure 135
Defining the DC Access Layer 136
Defining the DC Aggregation Layer 138
Defining the DC Core Layer 139
Virtualization Overview 141
Challenges 141
Defining Virtualization and Benefits 141
Types of Virtualization 142
Virtualization Technologies 143
VSS 143
VRF 143
vPC 143
Device Contexts 144
Server Virtualization 144
Network Virtualization Design Considerations 144
Access Control 145
Path Isolation 145
Services Edge 145
References and Recommended Readings 145
Exam Preparation Tasks 147
Review All Key Topics 147
Complete Tables and Lists from Memory 148
Define Key Terms 148
Q&A 148
Chapter 5 Wireless LAN Design 153
“Do I Know This Already?” Quiz 153
Foundation Topics 155
Wireless LAN Technologies 155
WLAN Standards 155
ISM and UNII Frequencies 156
Summary of WLAN Standards 157
Service Set Identifier 157
WLAN Layer 2 Access Method 157
WLAN Security 157
Unauthorized Access 158
WLAN Security Design Approach 158
IEEE 802.1X-2001 Port-Based Authentication 159
Dynamic WEP Keys and LEAP 159
Controlling WLAN Access to Servers 159
Cisco Unified Wireless Network 160
Cisco UWN Architecture 160
LWAPP 162
CAPWAP 163
Cisco Unified Wireless Network Split-MAC Architecture 163
Local MAC 164
AP Modes 164
LWAPP Discovery of WLC 166
WLAN Authentication 167
Authentication Options 168
WLAN Controller Components 169
WLC Interface Types 169
AP Controller Equipment Scaling 171
Roaming and Mobility Groups 173
Intracontroller Roaming 173
Layer 2 Intercontroller Roaming 173
Layer 3 Intercontroller Roaming 174
Mobility Groups 174
WLAN Design 176
Controller Redundancy Design: Deterministic vs. Dynamic 176
N+1 WLC Redundancy 176
N+N WLC Redundancy 177
N+N+1 WLC Redundancy 177
Radio Management and Radio Groups 178
RF Groups 179
RF Site Survey 179
Using EoIP Tunnels for Guest Services 181
Wireless Mesh for Outdoor Wireless 181
Mesh Design Recommendations 182
Campus Design Considerations 183
Branch Design Considerations 184
Local MAC 184
REAP 184
Hybrid REAP 184
Branch Office Controller Options 185
References and Recommended Readings 186
Exam Preparation Tasks 187
Review All Key Topics 187
Complete Tables and Lists from Memory 187
Define Key Terms 187
Q&A 188
Chapter 6 WAN Technologies 199
“Do I Know This Already?” Quiz 199
Foundation Topics 202
WAN Overview 202
WAN Defined 202
WAN Connection Modules 203
WAN Transport Technologies 204
ISDN 205
ISDN BRI Service 205
ISDN PRI Service 205
Digital Subscriber Line 206
Cable 206
Wireless 207
Frame Relay 208
Time-Division Multiplexing 209
Metro Ethernet 209
SONET/SDH 209
Multiprotocol Label Switching 211
Dark Fiber 211
Dense Wavelength-Division Multiplexing 212
Ordering WAN Technology and Contracts 212
WAN Design Methodology 213
Response Time 214
Throughput 214
Reliability 215
Bandwidth Considerations 215
WAN Link Categories 216
Optimizing Bandwidth Using QoS 217
Queuing, Traffic Shaping, and Policing 217
Classification 218
Congestion Management 218
Priority Queuing 218
Custom Queuing 218
Weighted Fair Queuing 218
Class-Based Weighted Fair Queuing 218
Low-Latency Queuing 219
Traffic Shaping and Policing 219
Link Efficiency 220
Window Size 220
References and Recommended Readings 220
Exam Preparation Tasks 221
Review All Key Topics 221
Complete Tables and Lists from Memory 221
Define Key Terms 221
Q&A 222
Chapter 7 WAN Design 227
“Do I Know This Already?” Quiz 227
Foundation Topics 230
Traditional WAN Technologies 230
Hub-and-Spoke Topology 230
Full-Mesh Topology 231
Partial-Mesh Topology 231
Remote-Access Network Design 232
VPN Network Design 232
Enterprise VPN vs. Service Provider VPN 233
Enterprise VPNs 234
Service Provider Offerings 234
Enterprise Managed VPN: IPsec 234
IPsec Direct Encapsulation 234
Cisco Easy VPN 235
Generic Routing Encapsulation 236
IPsec DMVPN 236
IPsec Virtual Tunnel Interface Design 237
Layer 2 Tunneling Protocol Version 3 237
Service Provider Managed Offerings 237
Metro Ethernet 237
Virtual Private LAN Services 238
MPLS 238
MPLS Layer 3 Design Overview 239
VPN Benefits 239
WAN Backup Design 240
Load-Balancing Guidelines 240
WAN Backup over the Internet 241
Enterprise WAN Architecture 241
Cisco Enterprise MAN/WAN 243
Enterprise WAN/MAN Architecture Comparison 243
Enterprise WAN Components 245
Comparing Hardware and Software 247
Enterprise Branch Architecture 248
Branch Design 248
Enterprise Branch Profiles 248
ISR G2 New Features 249
Small Branch Design 250
Medium Branch Design 250
Large Branch Design 252
Enterprise Teleworker Design 254
ISRs for Teleworkers 254
References and Recommended Readings 255
Exam Preparation Tasks 256
Review All Key Topics 256
Complete Tables and Lists from Memory 256
Define Key Terms 257
Q&A 257
Part III The Internet Protocol and Routing Protocols
Chapter 8 Internet Protocol Version 4 265
“Do I Know This Already?” Quiz 265
Foundation Topics 268
IPv4 Header 268
ToS 271
IPv4 Fragmentation 274
IPv4 Addressing 275
IPv4 Address Classes 276
Class A Addresses 277
Class B Addresses 277
Class C Addresses 277
Class D Addresses 277
Class E Addresses 278
IPv4 Address Types 278
IPv4 Private Addresses 279
NAT 279
Private and Public IP Address and NAT Guidelines 280
IPv4 Address Subnets 282
Mask Nomenclature 283
IP Address Subnet Design 283
Determining the Network Portion of an IP Address 285
Variable-Length Subnet Masks 286
VLSM Address Assignment: Example 1 286
Loopback Addresses 288
IP Telephony Networks 288
VLSM Address Assignment: Example 2 289
Address Assignment and Name Resolution 290
Recommended Practices of IP Address Assignment 290
BOOTP 291
DHCP 291
DNS 292
ARP 295
References and Recommended Readings 296
Exam Preparation Tasks 297
Review All Key Topics 297
Complete Tables and Lists from Memory 297
Define Key Terms 297
Q&A 298
Chapter 9 Internet Protocol Version 6 305
“Do I Know This Already?” Quiz 305
Foundation Topics 308
Introduction to IPv6 308
IPv6 Header 309
IPv6 Address Representation 311
IPv4-Compatible IPv6 Addresses 312
IPv6 Prefix Representation 312
IPv6 Address Scope Types and Address Allocations 313
IPv6 Address Allocations 313
IPv6 Unicast Address 314
Global Unicast Addresses 314
Link-Local Addresses 315
Unique Local IPv6 Address 315
Global Aggregatable IPv6 Address 316
IPv4-Compatible IPv6 Address 316
IPv6 Anycast Addresses 316
IPv6 Multicast Addresses 317
IPv6 Mechanisms 320
ICMPv6 320
IPv6 Neighbor Discovery Protocol 320
IPv6 Name Resolution 321
Path MTU Discovery 322
IPv6 Address-Assignment Strategies 322
Link-Local Address (Stateless Autoconfiguration) 322
Autoconfiguration of Globally Unique IP address 323
DHCPv6 324
IPv6 Security 324
IPv6 Routing Protocols 325
RIPng 325
EIGRP for IPv6 325
OSPFv3 325
IS-IS for IPv6 325
BGP4 Multiprotocol Extensions (MP-BGP) for IPv6 326
IPv4 to IPv6 Transition Mechanisms and Deployment Models 326
Dual-Stack Mechanism 326
IPv6 over IPv4 Tunnels 326
Protocol Translation Mechanisms 328
IPv6 Deployment Models 329
Dual-Stack Model 329
Hybrid Model 330
Service Block Model 330
IPv6 Deployment Model Comparison 332
IPv6 Comparison with IPv4 333
References and Recommended Readings 334
Exam Preparation Tasks 336
Review All Key Topics 336
Complete Tables and Lists from Memory 337
Define Key Terms 337
Q&A 337
Chapter 10 Routing Protocol Characteristics, RIP, and EIGRP 345
“Do I Know This Already?” Quiz 345
Foundation Topics 348
Routing Protocol Characteristics 348
Static Versus Dynamic Route Assignment 348
Interior Versus Exterior Routing Protocols 350
Distance-Vector Routing Protocols 351
EIGRP 351
Link-State Routing Protocols 352
Distance-Vector Routing Protocols Versus Link-State Protocols 352
Hierarchical Versus Flat Routing Protocols 353
Classless Versus Classful Routing Protocols 353
IPv4 Versus IPv6 Routing Protocols 354
Administrative Distance 355
Routing Protocol Metrics and Loop Prevention 356
Hop Count 356
Bandwidth 357
Cost 358
Load 358
Delay 359
Reliability 359
Maximum Transmission Unit 360
Routing Loop-Prevention Schemes 360
Split Horizon 360
Poison Reverse 361
Counting to Infinity 361
Triggered Updates 361
Summarization 361
RIPv2 and RIPng 362
Authentication 362
MD5 Authentication 362
RIPv2 Routing Database 362
RIPv2 Message Format 363
RIPv2 Timers 364
RIPv2 Design 364
RIPv2 Summary 364
RIPng 365
RIPng Timers 365
Authentication 365
RIPng Message Format 365
RIPng Design 366
RIPng Summary 366
EIGRP 367
EIGRP Components 367
Protocol-Dependent Modules 368
Neighbor Discovery and Recovery 368
RTP 368
DUAL 368
EIGRP Timers 369
EIGRP Metrics 370
EIGRP Packet Types 371
EIGRP Design 372
EIGRP for IPv4 Summary 373
EIGRP for IPv6 (EIGRPv6) Networks 373
EIGRP for IPv6 Design 374
EIGRP for IPv6 Summary 374
References and Recommended Readings 375
Exam Preparation Tasks 377
Review All Key Topics 377
Complete Tables and Lists from Memory 377
Define Key Terms 377
Q&A 377
Chapter 11 OSPF, BGP, Route Manipulation, and IP Multicast 387
“Do I Know This Already?” Quiz 387
Foundation Topics 391
OSPFv2 391
OSPFv2 Metric 391
OSPFv2 Adjacencies and Hello Timers 392
OSPFv2 Areas 393
OSPF Router Types 394
OSPF DRs 395
LSA Types 396
Autonomous System External Path Types 397
OSPF Stub Area Types 397
Stub Areas 397
Totally Stubby Areas 398
NSSAs 398
Virtual Links 399
OSPFv2 Router Authentication 399
OSPFv2 Summary 399
OSPFv3 400
OSPFv3 Changes from OSPFv2 400
OSPFv3 Areas and Router Types 401
OSPFv3 LSAs 401
OSPFv3 Summary 404
BGP 404
BGP Neighbors 405
eBGP 406
iBGP 406
Route Reflectors 407
Confederations 409
BGP Administrative Distance 409
BGP Attributes, Weight, and the BGP Decision Process 409
BGP Path Attributes 410
Next-Hop Attribute 411
Local Preference Attribute 411
Origin Attribute 411
Autonomous System Path Attribute 412
MED Attribute 412
Community Attribute 413
Atomic Aggregate and Aggregator Attributes 413
Weight 414
BGP Decision Process 414
BGP Summary 415
Route Manipulation 416
PBR 416
Route Summarization 416
Route Redistribution 419
Default Metric 420
OSPF Redistribution 421
Route Filtering 421
Routing Protocols on the Hierarchical Network Infrastructure 422
IP Multicast Review 423
Multicast Addresses 423
Layer 3-to-Layer 2 Mapping 424
IGMP 425
IGMPv1 425
IGMPv2 425
IGMPv3 426
CGMP 426
IGMP Snooping 427
Sparse Versus Dense Multicast 427
Multicast Source and Shared Trees 428
PIM 428
PIM-SM 429
PIM DR 429
Auto-RP 429
PIMv2 Bootstrap Router 430
DVMRP 430
IPv6 Multicast Addresses 430
References and Recommended Readings 431
Exam Preparation Tasks 433
Review All Key Topics 433
Complete Tables and Lists from Memory 433
Define Key Terms 433
Q&A 434
Part IV Security, Convergence, Network Management
Chapter 12 Managing Security 445
“Do I Know This Already?” Quiz 445
Foundation Topics 448
Network Security Overview 448
Security Legislation 448
Security Threats 450
Reconnaissance and Port Scanning 450
Vulnerability Scanners 451
Unauthorized Access 452
Security Risks 453
Targets 453
Loss of Availability 454
Integrity Violations and Confidentiality Breaches 455
Security Policy and Process 456
Security Policy Defined 457
Basic Approach of a Security Policy 458
Purpose of Security Policies 458
Security Policy Components 459
Risk Assessment 459
Risk Index 460
Continuous Security 461
Integrating Security Mechanisms into Network Design 462
Trust and Identity Management 462
Trust 463
Domains of Trust 463
Identity 464
Passwords 464
Tokens 464
Certificates 465
Access Control 466
Secure Connectivity 466
Encryption Fundamentals 466
Encryption Keys 467
VPN Protocols 467
Transmission Confidentiality 469
Data Integrity 469
Threat Defense 470
Physical Security 470
Infrastructure Protection 471
Security Management Solutions 472
References and Recommended Readings 473
Exam Preparation Tasks 474
Review All Key Topics 474
Complete Tables and Lists from Memory 474
Define Key Terms 475
Q&A 475
Chapter 13 Security Solutions 481
“Do I Know This Already?” Quiz 481
Foundation Topics 484
Cisco SAFE Architecture 484
Network Security Platforms 485
Cisco Security Control Framework 486
Trust and Identity Technologies 486
Firewall ACLs 487
Cisco NAC Appliance 488
Cisco Identity-Based Network Services 489
Identity and Access Control Deployments 489
Detecting and Mitigating Threats 490
Threat Detection and Mitigation Technologies 491
Threat-Detection and Threat-Mitigation Solutions 492
Cisco IronPort ESA 493
Cisco IronPort WSA 494
Security Management Applications 495
Security Platform Solutions 495
Security Management Network 496
Integrating Security into Network Devices 497
IOS Security 498
ISR G2 Security Hardware Options 499
Cisco Security Appliances 499
Intrusion Prevention 500
Catalyst 6500 Service Modules 500
Endpoint Security 502
Securing the Enterprise 502
Implementing Security in the Campus 502
Implementing Security in the Data Center 503
Implementing Security in the Enterprise Edge and WAN 504
References and Recommended Readings 507
Exam Preparation Tasks 508
Review All Key Topics 508
Complete Tables and Lists from Memory 508
Define Key Terms 509
Q&A 509
Chapter 14 Voice and Video Design 515
“Do I Know This Already?” Quiz 515
Foundation Topics 518
Traditional Voice Architectures 518
PBX and PSTN Switches 518
Local Loop and Trunks 519
Ports 520
Major Analog and Digital Signaling Types 521
Loop-Start Signaling 522
Ground-Start Signaling 522
E&M Signaling 523
CAS and CCS Signaling 524
PSTN Numbering Plan 526
Other PSTN Services 527
Centrex Services 528
Voice Mail 528
Database Services 528
IVR 528
ACD 528
Voice Engineering Terminology 528
Grade of Service 528
Erlangs 528
Centum Call Second 529
Busy Hour 529
Busy-Hour Traffic 529
Blocking Probability 530
Call Detail Records 530
Converged Multiservice Networks 530
VoIP 531
IPT Components 532
Design Goals of IP Telephony 534
IPT Deployment Models 535
Single-Site Deployment 535
Multisite WAN with Centralized Call Processing Model 536
Multisite WAN with Distributed Call Processing Model 536
Unified CallManager Express Deployments 537
Video Deployment Considerations 537
Codecs 539
Analog-to-Digital Signal Conversion 540
Codec Standards 540
VoIP Control and Transport Protocols 541
DHCP, DNS, and TFTP 542
SCCP 542
RTP and RTCP 543
MGCP 544
H.323 544
H.264 547
SIP 548
IPT Design 549
Bandwidth 550
VAD 550
Calculating Voice Bandwidth 551
Delay Components in VoIP Networks 552
Packet Loss 555
Echo Cancellation 555
QoS and Bandwidth Mechanisms for VoIP and Video Networks 555
cRTP 556
IEEE 802.1P 556
Resource Reservation Protocol 557
LFI 557
LLQ 557
Auto QoS 559
IPT Design Recommendations 560
Service Class Recommendations 561
References and Recommended Readings 562
Exam Preparation Tasks 564
Review All Key Topics 564
Complete Tables and Lists from Memory 564
Define Key Terms 565
Q&A 565
Chapter 15 Network Management Protocols 575
“Do I Know This Already?” Quiz 575
Foundation Topics 578
Simple Network Management Protocol 579
SNMP Components 579
MIB 580
SNMP Message Versions 581
SNMPv1 581
SNMPv2 582
SNMPv3 582
Other Network Management Technologies 583
RMON 583
RMON2 584
NetFlow 585
NetFlow Compared to RMON and SNMP 586
CDP 587
Syslog 588
References and Recommended Reading 589
Exam Preparation Tasks 591
Review All Key Topics 591
Complete Tables and Lists from Memory 591
Define Key Terms 591
Q&A 592
Part V Comprehensive Scenarios and Final Prep
Chapter 16 Comprehensive Scenarios 599
Scenario One: Pearland Hospital 599
Scenario One Questions 600
Scenario One Answers 601
Scenario Two: Big Oil and Gas 604
Scenario Two Questions 604
Scenario Two Answers 605
Scenario Three: Beauty Things Store 606
Scenario Three Questions 607
Scenario Three Answers 608
Scenario Four: Falcon Communications 608
Scenario Four Questions 609
Scenario Four Answers 609
Chapter 17 Final Preparation 613
Tools for Final Preparation 613
Pearson Cert Practice Test Engine and Questions on the CD 613
Install the Software from the CD 614
Activate and Download the Practice Exam 614
Activating Other Exams 615
Premium Edition 615
The Cisco Learning Network 615
Memory Tables 615
Chapter-Ending Review Tools 616
Suggested Plan for Final Review/Study 616
Subnetting Practice 616
Using the Exam Engine 617
Summary 618
Part VI Appendixes
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Questions 623
Appendix B CCDA Exam Updates: Version 1.0 657
Appendix C OSI Model, TCP/IP Architecture, and Numeric Conversion 661
Glossary 677
Elements Available on the CD
Appendix D Memory Tables
Appendix E Memory Tables Answer Key
9781587142574 TOC 5/5/2011