CONTENIDO Part I. Identifying Your Customer´s Needs and Goals 3 Chapter 1. Analyzing Business Goals and Constraints 5 Using a Top-Down Network Design Methodology 5 Using a Structured Network Design Process 7 Systems Development Life Cycles 7 The Plan Design Implement Operate Optimize (PDIOO) Network Life Cycle 9 Analyzing Business Goals 10 Working with Your Client la Changes in Enterprise Networks 12 Networks Must Make Business Sense 13 The Need to Support Mobile Users 14 The Importance of Network Security and Resiliency 14 Typical Network Design Business Goals 16 Identifying the Scope of a Network Design Project 16 Identifying a Customer's Network Applications 18 Analyzing Business Constraints 21 Politics and Policies 21 Budgetary and Staffing Constraints 23 Project Scheduling 24 Business Goals Checklist 24 Summary 25 Chapter 2. Analyzing Technical Goals and Tradeoffs 27 Scalability 27 Planning for Expansion 27 Expanding Access to Data 28 Constraints on Scalability 29 Availability 29 Disaster Recovery 30 Specifying Availability Requirements 31 Five Nines Availability 32 The Cost of Downtime 34 Mean Time Between Failure and Mean Time to Repair 34 Network Performance 35 Network Performance Definitions 35 Optimum Network Utilization 36 Throughput 39 Throughput of Internetworking Devices 39 Application Layer Throughput 40 Accuracy 42 Efficiency 43 Delay and Delay Variation 45 Causes of Delay 46 Delay Variation 48 Response Time 48 Security 49 Identifying Network Assets 50 Analyzing Security Risks 51 Reconnaissance Attacks 52 Denial-of-Service Attacks 53 Developing Security Requirements 53 Manageability 54 Usability 55 Adaptability 55 Affordability 56 Making Network Design Tradeoffs 57 Technical Goals Checklist 59 Summary 60 Chapter 3. Characterizing the Existing Internetwork 63 Characterizing the Network Infrastructure 63 Developing a Network Map 64 Tools for Developing Network Maps 64 Characterizing Large Internetworks 64 Characterizing the Logical Architecture 66 Developing a Modular Block Diagram 67 Characterizing Network Addressing and Naming 67 Characterizing Wiring and Media 70 Checking Architectural and Environmental Constraints 73 Checking a Site for a Wireless Installation 74 Doing a Wireless Site Survey 75 Checking the Health of the Existing Internetwork 76 Developing a Baseline of Network Performance 77 Analyzing Network Availability 77 Analyzing Network Utilization 78 Measuring Bandwidth Utilization by Protocol 80 Analyzing Network Accuracy 81 Analyzing Errors on Switched Ethemet Networks 82 Analyzing Network Efficiency 84 Analyzing Delay and Response Time 86 Checking the Status of Major Routers, Switches, and Firewalls 87 Tools for Characterizing the Existing Internetwork 89 Protocol Analyzers 89 Network-Monitoring and Management Tools 89 Remote Monitoring Tools 90 Cisco Tools for Characterizing an Existing Internetwork 91 Organizations That Provide Information on Characterizing an Existing Internetwork 92 Network Health Checklist 92 Summary 93 Chapter 4. Characterizing Network Traffic 95 Characterizing Traffic Flow 95 Identifying Major Traffic Sources and Stores 95 Documenting Traffic Flow on the Existing Network 97 Characterizing Types of Traffic Flow for New Network Applications 98 Terminal/Host Traffic Flow 99 Client/Server Traffic Flow 99 Thin Client Traffic Flow 100 Peer-to-Peer Traffic Flow 101 Server/Server Traffic Flow 102 Distributed Computing Traffic Flow 102 Traffic Flow in Voice over IP Networks 103 Documenting Traffic Flow for New and Existing Network Applications 104 Characterizing Traffic Load 105 Calculating Theoretical Traffic Load 106 Documenting Application-Usage Patterns 107 Refining Estimates of Traffic Load Caused by Applications 108 Estimating Traffic Overhead for Various Protocols 109 Estimating Traffic Load Caused by Workstation and Session Initialization 109 Estimating Traffic Load Caused by Routing Protocols 111 Characterizing Traffic Behavior 111 Broadeast/Multieast Behavior 112 Network Efficiency 113 Frame Size 113 Protocol Interaction 114 Windowing and Flow Control 116 Error-Recovery Mechanisms 118 Characterizing Quality of Service Requirements 119 ATM Quality of Service Specifications 119 Constant Bit Rate Service Category 120 Realtime Variable Bit Rate Service Category 121 Non-Realtime Variable Bit Rate Service Category 121 Unspecified Bit Rate Service Category 121 Available Bit Rate Service Category 121 Guaranteed Frame Rate Service Category 122 IETF Integrated Services Working Group Quality of Service Specifications 122 Controlled-Load Service 123 Guaranteed Service 124 IETF Differentiated Services Working Group Quality of Service Specifications 125 Grade of Service Requirements for Voice Applications 126 Documenting QoS Requirements 127 Network Traffic Checklist 128 Summary 128 Summary for Part I 128 Part II. Logical Network Design 131 Chapter 5. Designing a Network Topology 133 Hierarchical Network Design 133 Why Use a Hierarchical Network Design Model? 135 Flat Versus Hierarchical Topologies 136 Mesh Versus Hierarchical-Mesh Topologies 138 The Classic Three-Layer Hierarchical Model 141 The Core Layer 142 The Distribution Layer 142 The Access Layer 143 Guidelines for Hierarchical Network Design 143 Redundant Network Design Topologies 145 Backup Paths 146 Load Sharing 147 Modular Network Design 148 The Enterprise Composite Network Model 148 Designing a Campus Network Design Topology 150 The Spanning Tree Protocol 151 STP Convergence 151 Selecting the Root Bridge 153 The STP Topology Change Process 154 Scaling the Spanning Tree Protocol 155 Rapid Reconfiguration of the Spanning Tree 155 Virtual LANs 156 Fundamental VLAN Designs 157 Wireless LANs 160 Positioning an Access Point for Maximum Coverage 160 WLANs and VLANs 161 Redundant Wireless Access Points 161 Redundancy and Load Sharing in Wired LANs 162 Server Redundancy 163 Workstation-to-Router Redundancy 165 AppleTalk Workstation-to-Router Communication 166 Novell NetWare Workstation-to-Router Communication 167 IP Workstation-to-Router Communication 167 Designing the Enterprise Edge Topology 170 Redundant WAN Segments 170 Circuit Diversity 171 Multihoming the Internet Connection 171 Virtual Private Networking 175 Site-to-Site VPNs 176 Remote-Access VPNs 177 The Service Provider Edge 178 Secure Network Design Topologies 180 Planning for Physical Security 180 Meeting Security Goals with Firewall Topologies 180 Summary 182 Chapter 6. Designing Models for Addressing and Naming 185 Guidelines for Assigning Network Layer Addresses 186 Using a Structured Model for Network Layer Addressing 186 Administering Addresses by a Central Authority 187 Distributing Authority for Addressing 188 Using Dynamic Addressing for End Systems 188 AppleTalk Dynamic Addressing 189 Novell NetWare Dynamic Addressing 190 IP Dynamic Addressing 191 Using Private Addresses in an IP Environment 195 Caveats with Private Addressing 196 Network Address Translation 197 Using a Hierarchical Model for Assigning Addresses 197 Why Use a Hierarchical Model for Addressing and Routing? 198 Hierarchical Routing 198 Classless Interdomain Routing 199 Classless Routing Versus Classful Routing 199 Route Summarization (Aggregation) 201 Route Summarization Example 201 Route Summarization Tips 202 Discontiguous Subnets 203 Mobile Hosts 204 Variable-Length Subnet Masking 204 Hierarchy in IP Version 6 Addresses 205 IPv6 Address Types 206 Strategies for Moving fram IPv4 to IPv6 209 Designing a Model for Naming 209 Distributing Authority for Naming 210 Guidelines for Assigning Names 211 Assigning Names in a NetBIOS Environment 212 NetBIOS in a Bridged or Switched Environment (NetBEUI) 212 NetBIOS in a Novell NetWare Environment (NWLink) 213 NetBIOS in a TCP/IP Environment (NetBT) 213 Assigning Names in an IP Environment 215 The Domain Name System 215 Summary 217 Chapter 7. Selecting Switching and Routing Protocols 221 Making Decisions as Part of the Top-Down Network Design Process 222 Selecting Bridging and Switching Protocols 223 Transparent Bridging 224 Transparent Switching 225 Switching and tue OSI Layers 225 Multilayer Switching 226 Selecting Spanning Tree Protocol Enhancements 227 PortFast 227 UplinkFast and BackboneFast 228 Unidirectional Link Detection 230 Loop Guard 230 Protocols for Transporting VLAN Information 231 Inter-Switch Link Protocol 231 Dynamic Inter-Switch Link Protocol 231 IEEE 802.1Q 232 VLAN Trunk Protocol 233 Selecting Routing Protocols 234 Characterizing Routing Protocols 234 Distance-Vector Versus Link-State Routing Protocols 235 Routing Protocol Metrics 239 Hierarchical Versus Nonhierarchical Routing Protocols 239 Interior Versus Exterior Routing Protocols 239 Classful Versus Classless Routing Protocols 23 Dynamic Versus Static and Default Routing 240 On-Demand Routing 241 Scalability Constraints for Routing Protocols 241 IP Routing 243 Routing Information Protocol 243 Interior Gateway Routing Protocol 244 Enhanced Interior Gateway Routing Protocol 246 Open Shortest Path First 247 Intermediate System-to-Intermediate System 250 Border Gateway Protocol 251 AppleTalk Routing 252 Routing Table Maintenance Protocol 252 AppleTalk Update-Based Routing Protocol 253 EIGRP for AppleTalk 254 Migrating an AppleTalk Network to IP Routing 254 Novell NetWare Routing 254 Internetwork Packet Exchange Routing Information Protocol 255 NetWare Link Services Protocol 255 EIGRP for IPX 256 Migrating a NetWare Network to IP Routing 256 Using Multiple Routing Protocols in an Internetwork 257 Routing Protocols and the Hierarchical Design Model 257 Routing Protocols for the Core Layer 258 Routing Protocols for the Distribution Layer 258 Routing Protocols for the Access Layer 258 Redistribution Between Routing Protocols 259 Integrated Routing and Bridging 261 A Summary of IP, AppleTalk, and IPX Routing Protocols 261 Summary 264 Chapter 8. Developing Network Security Strategies 267 Network Security Design 267 Identifying Network Assets and Risks 268 Analyzing Security Tradeoffs 269 Developing a Security Plan 269 Developing a Security Policy 270 Components of a Security Policy 271 Developing Security Procedures 271 Security Mechanisms 271 Physical Security 272 Authentication 272 Authorization 273 Accounting (Auditing) 274 Data Encryption 274 Public/Private Key Encryption 275 Packet Filters 277 Firewalls 277 Intrusion Detection Systems 278 Modularizing Security Design 278 Securing Internet Connections 279 Securing Public Servers 280 Securing E-Commerce Servers 281 Securing Remote-Access and Virtual Private Networks 281 Securing Dialup Access 282 Securing Virtual Private Networks 283 Securing Network Services and Network Management 284 Securing Server Farms 285 Securing User Services 286 Securing Wireless Networks 287 Authentication in Wireless Networks 28 Data Privacy in Wireless Networks 293 Summary 295 Chapter 9. Developing Network Management Strategies 299 Network Management Strategies 299 Proactive Network Management 300 Network Management Processes 300 Performance Management 301 Fault Management 302 Configuration Management 303 Security Management 304 Accounting Management 304 Network Management Architectures 305 In-Band Versus Out-of-Band Monitoring 306 Centralized Versus Distributed Monitoring 306 Selecting Protocols for Network Management 307 Simple Network Management Protocol 307 Management Information Bases (MIEs) 308 Remote Monitoring (RMON) 309 Cisco Discovery Protocol 311 Estimating Network Traffic Caused by Network Management 312 Selecting Tools for Network Management 312 Cisco Tools 313 Cisco NetFlow Accounting 313 Cisco's Service Assurance Agent (SAA) 314 Summary 315 Summary for Part II 315 Part III Physical Network Design 317 Chapter 10. Selecting Technologies and Devices for Campus Networks 319 LAN Cabling Plant Design 320 Cabling Topologies 320 Building-Cabling Topologies 321 Campus-Cabling Topologies 322 Types of Cables 323 LAN Technologies 325 Ethernet 326 Ethernet and IEEE 802.3 327 Ethernet Technology Choices 328 Campus ATM Networks 339 Selecting Internetworking Devices for a Campus Network Design 341 Optimization Features on Campus Internetworking Devices 344 An Example of a Campus Network Design 344 Background Information for the Campus Network Design Project 345 Business Goals 345 Technical Goals 346 Network Applications 347 User Communities 347 Data Stores (Servers) 349The Current Network at WVCC 349 Traffic Characteristics of Network Applications 352 A Surnmary of Traffic Flows 353 Performance Characteristics of the Current Network 355 The Network Redesign for WVCC 355 Optimized IP Addressing and Routing for the Campus Backbone 355 The Wireless Network 356 Improved Performance and Security for the Edge of the Network 358 Future Enhancements for the WVCC Campus Network 359 Summary 360 Chapter 11. Selecting Technologies and Devices tor Enterprise Networks 363 Remote-Access Technologies 364 Point-to-Point Protocol 365 Multilink PPP and Multichassis Multilink PPP 365 Password Authentication Protocol and Challenge Handshake Authentication Protocol 366 Integrated Services Digital Network 367 ISDN Components 369 Cable Modem Remote Access 370 Challenges Associated with Cable Modem Systems 371 Digital Subscriber Line Remote Access 372 Other DSL Implementations 373 PPP and ADSL 373 Selecting Remote-Access Devices for an Enterprise Network Design 374 Selecting Devices for Remote Users 374 Selecting Devices for the Central Site 375 VPN Concentrators 376 WAN Technologies 377 Systems for Provisioning WAN Bandwidth 377 Leased Lines 379 Synchronous Optical Network 379 Frame Relay 381 Frame Relay Hub-and-Spoke Topologies and Subinterfaces 382 Frame Relay Congestion Control Mechanisms 383 Frame Relay Traffic Control 384 Frame Relay/ATM Interworking 385 ATM Wide-Area Networks 385 Ethernet over ATM 386 Selecting Routers for an Enterprise WAN Design 387 Selecting a WAN Service Provider 387 An Example of a WAN Design 389 Background Information for the WAN Design Project 389 Business and Technical Goals 390 Network Applications 390 User Communities 391 Data Stores (Servers) 392 The Current Network 392 Traffic Characteristics of the Existing WAN 392 The WAN Design for Klamath Paper Products 394 Summary 397 Summary for Part III 398 Part IV. Testing, Optimizing, and Documenting Your Network Design 401 Chapter 12. Testing Your Network Design 403 Using Industry Tests 404 Building and Testing a Prototype Network System 405 Determining the Scope of a Prototype System 405 Writing a Test Plan for the Prototype System 407 Developing Test Objectives and Aeceptance Criteria 407 Determining the Types of Tests to Run 408 Documenting Network Equipment and Other Resources 409 Writing Test Scripts 410 Documenting the Project Timeline 411 Implementing the Test Plan 412 Tools for Testing a Network Design 412 Types of Tools 412 Specific Tools for Testing a Network Design 414 CiscoWorks Internetwork Performance Monitor 414 WANDL's Network-Planning and Analysis Tools 414 OPNET Technologies 415 Agilent's RouterTester 415 NetIQ Voice and Video Management Solution 415 NetPredict's NetPredictor 415 An Example of a Network Design Testing Scenario 416 Background Information for the Design and Testing Project at Umqua Systems, Inc. 416 Goals for the Design and Testing Project 416 Network Applications 417 The Current Network 418 Testing Methods Used 419 Measured Data 419 Load on the FDDI Backbone 419 Load on the DS-1 Circuits 423 Analysis of the New Order-Entry System 424 Delay Characteristics for the New Order-Entry System 425 Conclusions 426 Summary 427 Chapter 13. Optimizing Your Network Design 429 Optimizing Bandwidth Usage with IP Multicast Technologies 430 IP Multicast Addressing 431 The Internet Group Management Protocol 431 Multicast Routing Protocols 432 Multicast Open Shortest Path First 432 Protocol-Independent Multicast 433 Reducing Serialization Delay 435 Link-Layer Fragmentation and Interleaving 435 Compressed Real Time Protocol 436 Optimizing Network Performance to Meet Quality of Service Requirements 437 IP Precedence and Type of Service 438 The IP Precedence Field 439 The IP Type-of-Service Field 439 The IP Differentiated Services Field 440 IP Version 6 QoS 440 The Resource Reservation Protocol 441 The Common Open Policy Service Protocol 443 Classifying LAN Traffic 443 Cisco Internetwork Operating System Features for Optimizing Network Performance 444 Switching Techniques 444 Classic Methods for Layer 3 Packet Switching 445 NetFlow Switching 446 Cisco Express Forwarding 447 Queuing Services 448 First In, First Out Queuing 448 Priority Queuing 449 Custom Queuing 450 Weighted Fair Queuing 451 Class-Based Weighted Fair Queuing 451 Low-Latency Queuing 452 Random Early Detection 453 Weighted Random Early Detection 453 Traffic Shaping 454 Committed Access Rate 454 Summary 455 Chapter 14. Documenting Your Network Design 457 Responding to a Customer's Request for Proposal 458 Contents of a Network Design Document 460 Executive Summary 460 Project Goal 460 Project Scope 460 Design Requirements 461 Business Goals 461 Technical Goals 462 User Communities and Data Stores 463 Network Applications 463 Current State of the Network 463 Logical Design 464 Physical Design 464 Results of Network Design Testing 465 Implementation Plan 465 Project Schedule 466 Project Budget 467 Return on Investment 467 Design Document Appendix 468 Summary 469 Appendix A Characterizing Network Traffic When Workstations Boot 471 Appendix B References and Recommended Reading 479 Glossary 483 Index 535
1587051524
LOGICAL NETWORK DESIGN PHYSICAL NETWORK DESIGN NETWORK DESIGN BUSINESS ENTERPRISES SYSTEMS ANALYSIS