Download - Ccda Aula 01
-
8/18/2019 Ccda Aula 01
1/40
Designing for CiscoInternetwork Solutions(DESGN) v2.1
. 1
Aula 01 – Cap 01IdentificandoRequerimentos deDesign
Metodologia para concepção de redes
.
-
8/18/2019 Ccda Aula 01
2/40
Abordagem Cisco PPDIOO
.
Benefícios da abordagem PPDIOO
. 1-3
-
8/18/2019 Ccda Aula 01
3/40
Metodologia de design PPDIOO
Três passos:
1. Identificar os requerimentos do cliente
2. Caracterizar a rede e sites existentes
3. Conceber as topologias e soluções de rede
. 1-4
Identificando os requerimentos do cliente
. 1-5
-
8/18/2019 Ccda Aula 01
4/40
Exemplo: Identificando as aplicações
Criticality Application Type Application (critical/important/ Comments
unimportant)
E-mail Microsoft Outlook Important
GroupwareCisco UnifiedMeetingPlace
ImportantWe need to be able to sharepresentations and applicationsduring remote meetings.
Microsoft Internet
Web browsing Explorer, Opera, ImportantNetscape
Video on demand IP/TV Critical
Database Oracle Critical All data storage will be basedon Oracle.
Customer supportCustomer
applicationsCritical
. 1-7
Exemplo: Identificando serviços de infra
Service
Security
Comments
Deploy security systematically, including firewalls, intrusion detectionsystems (IOSs), and access control li sts (ACLs)
QoS Give priority to delay-sensitive voice traffic and other important traffic
Network management
Use centralized management tools where appropriate and point
product management as required
High availabil ity Eliminate single points of failure and use redundant paths as needed
IP telephony Want to migrate company from regular telephony
Mobility Need client laptop guest access along with mobility of employee PCs
. 1-9
-
8/18/2019 Ccda Aula 01
5/40
-
8/18/2019 Ccda Aula 01
6/40
Exemplo: Identificando objetivos técnicos
Technical Goals Importance Comments
Performance 20Important of the central site, less important in branchoffices
Availability 25 Should be 99.9 percent
Manageability 5
Security 15 Security for critical data transactions is extremelyimportant
Adaptability 10
Scalability 25 Scalability is critical
Total 100
. 5
Exemplo: Identificando restrições técnicas
Technical Constraints Gathered Data Comments
Replace existing coaxial
Existing wiring Coaxial cabling cabling. Use twisted-pair todesktop and fiber optics foruplinks and in the backbone.
Upgrade speeds; consider Bandwidth availability 64-kbps WAN links another service provider w ith
additional services to offer.
Application compatibility IPv6 based applicationsMake sure new networkequipment supports IPv6.
. 6
-
8/18/2019 Ccda Aula 01
7/40
Resumo
The PPDIOO approach reflects the life cycle phases of a standardnetwork.
The design methodology under PPDIOO includes theseprocesses:
- Identifying customer requirements
- Characterizing the existing network and sites
- Designing the network topology and solutions
Key steps in identifying customer requirements include these:
- Identifying network applications and services
- Defining organizational goals and constraints
- Defining technical goals and constraints
. 7
Characterizing theExisting Networkand Sites
Applying a Methodology to Network Design
.
-
8/18/2019 Ccda Aula 01
8/40
Characterizing the Existing Networkand Sites
Gather documentation and query the organization.
Perform a site and network assessment to help detail the network.
Consider performing traffic analysis on the existing network andapplications.
.
Identifying Major Features of the Network
Collect the information about the planned and existing networkinfrastructure:
- Site contact information
- Network topology such as network devices, physical andlogical links, external connections, encapsulations,bandwidths, IP addressing, routing protocols
- Network services such as security, QoS, high availability,IP telephony, storage, and wireless
- Network applications such as unified communications andvideo delivery
Collect the information about expected network functionality.
Identify network modules based on the given information.
. 1-3
-
8/18/2019 Ccda Aula 01
9/40
Sample Site Contact Questions
What is the site location or name?
What is the site address?
What is the shipping address?
Who is the site contact?
Is this site owned and maintained by the customer?
Is this a staffed site?
What are the hours of operation?
What are the building or room access procedures?
Are there any special security or safety procedures?
Are there any union or labor requirements or procedures?
What are the locations of the equipment cabinets and racks?
. 1-4
Example: Customer Network Diagram
. 1-5
-
8/18/2019 Ccda Aula 01
10/40
Network Assessment InformationSources
. 1-6
Example: Network Assessment
. 1-7
-
8/18/2019 Ccda Aula 01
11/40
Network Assessment Tools
Manual assessment:
- Use monitoring commands on network devices on small networks.
- Use scripting tools to collect information on large networks.
Use existing management and auditing tools:
- CiscoWorks
- Third-party tools such as WhatsUp Gold, Castle Rock SNMPc,open source Cacti, Netcordia NetMRI, and NetQoS NetVoyant
Use other tools to collect relevant information for the network devices:- Third-party tools such as Network General Sniffer, AirMagnetsoftware and devices, and WildPacketsAiroPeek
. 1-8
Commands for Manual InformationCollection
. 1-9
-
8/18/2019 Ccda Aula 01
12/40
Example: Manual InformationCollection—Router CPU Utilization
. 0
Example: Manual InformationCollection—Router Memory Utilization
. 1
-
8/18/2019 Ccda Aula 01
13/40
Example: Automatic InformationCollection—Cacti Device List
. 2
Example: Automatic InformationCollection—NetMRI Inventory
. 3
-
8/18/2019 Ccda Aula 01
14/40
Network Traffic Analysis
Use organizational input to identify the applications used in theexisting network and their relative importance.
Perform a traffic analysis to reveal additional applications used inthe network.
Use the results and organizational input to define QoS andsecurity-related requirements for discovered applications.
. 4
Steps in Analyzing Network Traffic
. 5
-
8/18/2019 Ccda Aula 01
15/40
Example: Traffic Analysis
Application No. 8:
Description: Accounting software
Protocol: TCP port 5151
Servers: 2
Clients: 50
Scope: Campus
Importance: High Average rate: 50 kbps with 10-second bursts to 1
Mbps
. 6
Network Analysis Tools
Cisco IOS Software analysis capabilities:
- NBAR
- NetFlow
Cisco software-based network analyzers:
- Cisco CNS NetFlow Collection Engine
Third-party tools, such as:- Open source Cacti
- Network General Sniffer
- WildPackets EtherPeek and AiroPeek
- SolarWinds Orion
- Wireshark
- RMON probes
. 7
-
8/18/2019 Ccda Aula 01
16/40
-
8/18/2019 Ccda Aula 01
17/40
Example: Cacti Graph
. 0
Example: Solarwinds Orion
. 1
-
8/18/2019 Ccda Aula 01
18/40
Summary Report
Characterization of the existing network results in asummary report that is used to:
Describe the software features required in the network
Describe possible problems in the existing network
Identify the actions needed to prepare the network for theimplementation of the required features
Influence the customer requirements
. 2
Example: Equipment Summary Report
The network uses 895 routers:
655 routers use Cisco IOS Software Release 12.2(10).
240 routers use an older Cisco IOS Software version.
. 3
-
8/18/2019 Ccda Aula 01
19/40
Example: Summary ReportProblem Statement
Requirement: Queuing in the WAN
Identified problem:
- Existing Cisco IOS Software version does not support newqueuing technologies.
- 15 out of 19 routers with older Cisco IOS Software are in theWAN.
- 12 out of 15 routers do not have enough memory to upgrade toCisco IOS Software Release 12.3 or later.
- 5 out of 15 routers do not have enough flash memory toupgrade to Cisco IOS Software Release 12.3 or later.
. 4
Example: Summary ReportRecommendations
Recommended action:
- 12 memory upgrades to 64 MB
- 5 flash memory upgrades to 16 MB
Options:
- Replace hardware and software to support queuing.
- Find an alternative mechanism for that part of the network.- Find an alternative mechanism and use it instead of queuing.
- Evaluate the consequences of not implementing the requiredfeature in that part of the network.
. 5
-
8/18/2019 Ccda Aula 01
20/40
Documenting an Existing Network
. 6
Network Characterization Hour Estimates
Small Network Medium N etwork Large Network Huge Network1-20 20-200 200-800 >800
Swit ches /Rout ers Swit ches /Rout ers Swi tches/ Rout er s Swit ches /Rout ers
a) Interview management team 4 4 8 8 12 12 16 16
b) Interview network team 4 4 6 6 8 12 24 24
c) Review documentation 4 4 6 6 8 12 16 16
d) Set up network discovery tool 4 4 6 6 8 8 16 16
e) Resolve SNMP access and similar problems 4 4 8 16 16 48 80 160
f) Allow tools to gather data
g) Analyze captured data 4 8 16 16 24 24 40 40
h) Prepare high level Layer 3 diagrams 4 4 4 8 8 16 16 32
i) Prepare report stating conclusions 16 16 32 32 48 48 80 80
j) Incrementally prepare network diagrams
Estimatedmanpowerin hours 44-48 86-98 132-180 288-384
. 7
-
8/18/2019 Ccda Aula 01
21/40
Summary
Characterizing an existing network entails gathering as muchinformation about the network as possible. Organization input, anetwork audit, and traffic analysis provide the key information thatyou need.
Identifying major features of the network involves gatheringnetwork documentation and querying the organization.
The auditing process adds detail to the initial networkdocumentation that you created from existing documentation andcustomer input.
You can manually audit a small network, but you typically needautomated tools to audit a large network.
Traffic analysis verifies the set of applications and protocols usedin the network and determines the traffic patterns of theapplications.
. 8
Summary (Cont.)
Tools used for traffic analysis range from manual identificationof applications using Cisco IOS Software commands incombination with NBAR or NetFlow to those where dedicatedsoftware- or hardware-based analyzers capture live packets orSNMP data.
The result of the network characterization is a summary report
describing the health of the network.
. 9
-
8/18/2019 Ccda Aula 01
22/40
Using the Top-Down Approach to NetworkDesign
Applying a Methodology to Network Design
.
Top-Down Design Practices
Start your design here.
Design down the OSI model.
.
-
8/18/2019 Ccda Aula 01
23/40
Top-Down and Bottom-Up Approach Comparison
Top-Down Approach Bottom-Up Approach
Incorporates organizational Allows a quick responserequirements to a design request
Benefits Gives the big picture to Facilitates design based
organization and designer on previous experience
Implements little or no notion of actual
Disadvantages
Incorporates organizational
requirementsorganizational requirements
May result in inappropriatenetwork design
. 1-3
Creating a Network Decision Table
Decide which network layer requires decisions.
Gather possible options for a given situation.
Create a table that includes possible options andgiven requirements.
Match given requirements with specific properties ofgiven options.
Select the option with the most matches as the mostappropriate one.
. 1-5
-
8/18/2019 Ccda Aula 01
24/40
Example: Selecting a Routing Protocol
Options
RequiredParameters EIGRP OSPF BGP Network
Parameters
Size of Network(Small/Medium/Large/Very Large)
Enterprise-Focused(Yes/No)
Use of VLSM(Yes/No)
Supports Cisco Routers(Yes/No)
Network Support Staff Knowledge(Good/Fair/Poor)
Large
Yes
Yes
Yes
Good
Large Very Large
Yes No
Yes Yes
Yes Yes
Fair Poor
Large
Yes
Yes
Yes
Good
. 1-6
Assessing the Scope of the NetworkDesign Process
Scope of Design Comments
Entire network All branch off ice LANs upgraded to support Fast Ethernet technology
CampusRedundant equipment and links
Addition of wireless client mobility
WAN Solutions to overcome bottlenecks
. 1-7
-
8/18/2019 Ccda Aula 01
25/40
Example: Assessing the Scope of theNetwork Design Process
Application—Designing voice transport
Network—Designing routing, addressing
Physical, data link—Choosing connectiontype
. 1-8
Structured Design Principles
. 1-9
-
8/18/2019 Ccda Aula 01
26/40
Network Design Tools
. 1
Planning an Implementation
If a design is composed of multiple complex components:
- Implement each component separately; do not implementeverything at once.
Incremental implementation:
- Reduces troubleshooting in case of failure
- Reduces time needed to revert to previous statein case of failure
. 2
-
8/18/2019 Ccda Aula 01
27/40
Major Implementation Components
Each step should contain the following information:
Description
Reference to design sections
Detailed implementation guidelines
Detailed roll-back guidelines in case of failure
Estimated time for implementation
. 3
Example: Summary Implementation Plan
Date, Time DescriptionImplementationDetails
Complete
Phase 3 04/02/2007 Install c ampus hardware Section 6 .2.3
Step 1 Connect switches Section 6.2.3.1
Step 2 Install routers Section 6.2.3.2
Step 3 Complete cabling Section 6.2.3.3
Step 4 Verify data link layer Section 6.2.3.4
Phase 4 04/03/2007 Configure campus hardware Section 6.2.4
Step 1 Configure VLANs Section 6.2.4.1
Step 2 Configure IP addressing Section 6.2.4.2
Step 3 Configure routing Section 6.2.4.3
Step 4
Phase 5 04/05/2007
Step 1
Verify connectivity
Launch campus updates intoproductionComplete connections toexisting network
Section 6.2.4.4
Section 6.2.5
Section 6.2.5.1
Step 2 Verify connectivity Section 6.2.5.2
. 4
-
8/18/2019 Ccda Aula 01
28/40
Example: Detailed Implementation Plan
Section 6.2.7.3, “Configure routing protocols in the WANnetwork module”:
Number of routers involved is 50.
Use template from section 4.3.1, “EIGRP details.”
Per router configuration:
- Use passive-interface command on all nonbackbone LANs.(See section 4.2.3, “EIGRP details.”)
- Use summarization according to the design. (See section 4.2.3,“EIGRP details,” and section 4.2.2, “Addressing details.”)
Estimated time is 10 minutes per router.
Roll-back procedure is not required.
. 5
Pilot vs. Prototype Networks
The pilot or prototype network is used as proof of conceptfor the design:
- A pilot network tests and verifies the design before thenetwork is launched.
- A prototype network tests and verifies a redesign in anisolated network before it is applied to the existing network.
Results:
- Success
- Failure
. 6
-
8/18/2019 Ccda Aula 01
29/40
Example: Prototype Network
. 7
Detailed Structure of a Design Document
. 8
-
8/18/2019 Ccda Aula 01
30/40
Summary
Designing an enterprise network is a complex project.Top-down design facilitates the process by dividing it into smaller,more manageable steps.
Decision tables facilitate the selection of the most appropriateoption from many possibilities.
In assessing the scope of a network design, determine whetherthe design is for a new network or is a modification of the entirenetwork, a single segment or module, a set of LANs, a WAN,or a remote-access network.
The output of the design should be a model of the completesystem. To achieve this, the top-down approach is highlyrecommended.
. 9
Summary (Cont.)
When the design is complete, you are ready to document theimplementation and migration in as much detail as possible.
After a design is complete, you should verify it. You can testthe design in an existing or live network (pi lot) or in a prototypenetwork that will not affect the existing network.
A design document lists the design requirements, documents
the existing network, documents the network design, identifiesthe proof-of-concept strategy, and details an implementation plan.
. 0
-
8/18/2019 Ccda Aula 01
31/40
Aula 01 - Cap. 02Network StructureModels
Structuring and Modularizing the Network
. 2-1
Layers in the Hierarchical Model
. 2-2
-
8/18/2019 Ccda Aula 01
32/40
Example: Hierarchical Network
. 2-3
Access Layer
Concentration point at which clients access the network
Layer 2 switching in the access layer: Defines a single broadcastdomain
Multilayer switching in the campus access layer: Optimallysatisfies the needs of a particular user through routing, filtering,authentication, security, or quality of service
Multilayer switching in the WAN access layer: Helps control WANcosts using dial-on-demand routing (DDR) and static routing
. 2-4
-
8/18/2019 Ccda Aula 01
33/40
Example: Access Layer Connectivity inthe Campus LAN
Workstations are attached to VLANs with Layer 2 switches.
Recommended practice: Implement one VLAN (IP subnet) per access switch.
Access switches connect Layer 3 links (if only one VLAN per access switch)or via VLAN trunk.
If needed, distribution routers route between VLANs.
. 2-5
Distribution Layer
Provides multilayer switching between access and core layers: Provides media transitions
Aggregates bandwidth by concentrating multiple low-speed access links into ahigh-speed core link
Determines department or workgroup access
Provides redundant connections for access devices
Implements policy-based decisions: Filtering by source or destination address
Filtering on input or output ports
Hiding internal network numbers by route filtering
Static routing
Security
Quality of service mechanisms
. 2-6
-
8/18/2019 Ccda Aula 01
34/40
Example: Distribution Layer in theRouted Campus Network
. 2-7
Core Layer
The function of the core layer is to provide fast andefficent data transport that:
Forms a high-speed backbone with fast transport services
Provides redundancy and fault tolerance
Offers good manageability
Note: Core layer should avoid packet manipulationfor filtering or access list checking.
. 2-8
-
8/18/2019 Ccda Aula 01
35/40
Example: Multilayer Switching in theCampus Core
. 2-9
Example: Routing in the WAN Network
. 2-10
-
8/18/2019 Ccda Aula 01
36/40
-
8/18/2019 Ccda Aula 01
37/40
Cisco Enterprise Architecture
. 2-4
Example: Dividing the Network into Areas
. 2-5
-
8/18/2019 Ccda Aula 01
38/40
Enterprise Campus InfrastructureModule
. 2-6
Enterprise Edge Modules
. 2-11
-
8/18/2019 Ccda Aula 01
39/40
Enterprise Edge Guidelines
1. Determine the connectivity needed to the Internet.
2. Create the e-commerce module ID needed.
3. Design the remote access and VPN module if needed.
4. Design the WAN module to support connections to remoteenterprise locations if needed.
. 2-16
Summary
The enterprise campus infrastructure module includes thecampus infrastructure module and the server farm module.
The enterprise edge modules include the e-commerce module,the Internet connectivity module, the remote access and VPNmodule, and the WAN and MAN and site-to-site modules.
The remote enterprise modules include the remote branches,data centers, and teleworkers.
. 2-22
-
8/18/2019 Ccda Aula 01
40/40
. 2-23