Patrick J. Conlan
Wiley Publishing, Inc., Indianapolis, Indiana
Cisco® Network Professional’s
 |
| Cisco Network Professionals, Advanced Internetworking Guide |
Patrick J. Conlan spent 10 years in the U.S. Navy as a communications technician operating,
maintaining, and designing communication systems of diverse types, including radio, satellite,
non-IP and IP communication systems. The last four years of his naval career were spent as
an IT instructor and curriculum developer. He taught numerous courses ranging from basic
computer networking to advanced IP system integration and design. Pat was also in charge
of developing a new and updated IT curriculum that the U.S. Navy continues to use today to
train their IT personnel.
After the Navy, Pat started his own consulting company where he delivered network
assessment, design, IT instruction, and curriculum development services.
Pat is currently employed by GlobalNet Training as a full-time senior staff instructor and
consultant. He teaches a wide range of curriculum, focusing primarily on Cisco certifications,
including the CCNA, CCDA, CCNP, and CCSP courses. In addition, he provides
consulting services including design and implementation of networks to large companies of all types.
Tim Boyles is a senior consultant with BT Global Services and is the south central region
security practice lead. Tim has over 20 years experience in networking and security and is
an author, speaker, and occasional instructor in the security field.
Tim has held positions with the U.S. Navy, Rockwell Automation, International Network
Services, and others in addition to his current position. He currently holds CISSP, CISM,
CISA, CCNA, GCIH, and GAWN certifications.
Acknowledgments
Tim Boyles, contributing author and technical editor, added Chapters 12 and 15 to the
book. Tim has an unbelievable amount of knowledge and a superb way of explaining and
passing that knowledge on. In his role as technical editor, he always had the missing piece
of information or idea that I needed. Tim caught the tiniest of errors and suggested changes
that made the book that much better.
Mary Ellen Schutz, developmental editor, gets her own paragraph. She may not like it
this way, but she does. Without Mary Ellen this book would be a garbled heap of strewn
together words that no one could read. I cannot thank her enough for the help she gave me
on this book and for making me an infinitely better writer. For the many late nights editing,
giving me ideas for examples, and making sure my technical words come out in intelligible
English, I give her the sincerest Thank You!
Jeff Kellum, acquisitions editor, thank you for giving me the opportunity to write this
book and staying on me to get it done! Thanks also to Kim Cofer and Cheryl Hauser, the
copy editors, who made sure that even my grammar and spelling were perfect; and Eric
Charbonneau, production editor, who worked hard against an impossibly tight timetable
to make sure everything flowed through the production process. Thanks also to the
compositor, Craig Woods; Nancy Bell, proofreader; and the indexer, Ted Laux. The
book couldn’t happen without them.
Finally, I would like to thank Todd Lammle. I work with Todd and he is a great friend.
He definitely helped me through the writing process and helped so that I had the time to
complete this book.
Contents at a Glance
Introduction xxv
Chapter 1 Enterprise Network Design 1
Chapter 2 Switching 29
Chapter 3 Spanning Tree Protocol (STP) 67
Chapter 4 Routing Concepts and Distance Vector Routing Protocols 111
Chapter 5 Advanced Distance Vector Protocols 145
Chapter 6 Link State Routing Protocols 191
Chapter 7 Exterior Gateway Protocols 247
Chapter 8 Multicast 291
Chapter 9 Internet Protocol Version 6 (IPv6) 313
Chapter 10 Redundancy Protocols 337
Chapter 11 WAN and Teleworker Connections 375
Chapter 12 Virtual Private Networks 429
Chapter 13 Device Security 469
Chapter 14 Switch Security 515
Chapter 15 Cisco IOS Firewall 539
Chapter 16 Cisco IOS IPS 573
Chapter 17 Voice 601
Chapter 18 DiffServ Quality of Service (QoS) 623
Chapter 19 Wireless Devices and Topologies 669
Chapter 20 Wireless Management and Security 707
Appendix About the Companion CD 745
Glossary 749
Acronyms 813
Index 825
Introduction
When I started this project, I had two requirements and I strived throughout the book to
balance both of them. My first requirement comes from being an instructor and consultant
for 10 years now. In that time, I have found a consistent void with most of my students
and clients. It is not that clients are unwilling to implement new technologies. It is not that
students are unable to learn about new technologies. The void is between those two. You
learn about new technologies, but often the knowledge you gain does not provide a solid
understanding of where in the network the new technology resides. You get design models,
learn commands to turn features on and off, but you don’t know where to locate the device
or why to implement a particular application or feature.
For this reason, I have written this book in the form of a single case study that runs
through the entire book. The case study revolves around a single, fictitious company that I
created for the sole purpose of explaining where and why technologies should be placed in
a real network. I hope that they do not become just objectives in a book for you to memorize.
The Real World Scenarios are designed to trigger your thought process and allow you
to find practical applications in your own networks.
Speaking of objectives, this brings me to the second requirement for the book. That
requirement is to fill a hole in having a single source of information, a place to learn about
all of the common technologies used by network engineers today.
To provide an outline for those common technologies, I used the objectives in place as of
January 2009 for the Cisco Certified Network Professional (CCNP) certification. It would
be difficult to cover every single objective from this certification track in one book, but you
will find I have covered a vast majority of the objectives. My hope is that you will find this
book a valuable supplemental guide in your studies as you endeavor to attain the coveted
CCNP certification.
The challenge was getting as many technologies into the book with enough detail so you
would to know where and how to use them. There is not enough room in a single book to
cover every possible solution or every single command and option you could use to accomplish
a task. I do recommend some of the best and most common ways to accomplish the tasks.
On that note, I hope that my coverage of wireless technologies in the last two chapters of
the book will pique your interest in the exciting new technologies in wireless LANs. If you
want a more in-depth fundamental look at how wireless networks operate and all of the
fun, new toys (I mean wireless devices) that you can use to implement them, then watch for
the new CCNA wireless book that Todd Lammle and I are currently writing for Sybex.
How to Use This Book
This book not only covers many exciting and complex networking topics but shows you the
steps required to design a full corporate internetwork. If you follow the chapters in order,
I walk you not only through building single VLANs and subnets but through the security,
voice, QoS, and wireless technologies you need to implement an entire campus network.
Screenshot
Purchase Now !
Just with Paypal
Just with Paypal
Product details
Price
|
|
|---|---|
File Size
| 18,164 KB |
Pages
|
887 p |
File Type
|
PDF format |
ISBN
| 978-0-470-38360-5 |
Copyright
| 2009 by Wiley Publishing, Inc |
Table of Contents
Introduction xxv
Chapter 1 Enterprise Network Design
The Three-Layer Hierarchical Design Model 2
Enterprise Composite Network Model 4
Enterprise Campus 5
Enterprise Edge 7
Service Provider Edge 9
IIN and SONA 9
Case Study: FutureTech Corporation 10
Book Organization 10
FutureTech Company Background 11
Test Network 16
Wireless Equipment 21
Summary 23
Review Questions 25
Answers to Review Questions 27
Chapter 2 Switching
Layer 2 Switching 30
Address Learning and Forwarding 31
VLANs 32
Link Types 34
Trunk Protocols 35
Implementing VLANs 38
VLAN Trunk Protocol 40
Configuring VLANs 43
Inter-VLAN Routing 51
Router on a Stick 51
Configuring Router on a Stick 52
Multilayer Switching 53
Cisco Express Forwarding (CEF) 54
Configuring Inter-VLAN Routing 56
EtherChannel 57
Automatic Bundling Protocols 58
Configuring EtherChannel 60
Summary 62
Review Questions 63
Answers to Review Questions 65
Chapter 3 Spanning Tree Protocol (STP)
STP Operation 68
STP Components 69
Switch Identification 71
Determining Paths 72
Configuring Spanning Tree Protocol 76
History of STP 81
PVST+ 82
Rapid Spanning Tree Protocol (RSTP) 90
Multiple Spanning Tree (MST) 93
Protecting Spanning Tree 96
BPDU Guard 97
Root Guard 97
BPDU Filtering 98
Loop Guard 100
UniDirectional Link Detection (UDLD) 100
Verifying and Troubleshooting 102
Checking the STP Process 102
Checking Port Details 104
Checking STP Features 105
Checking the Root and Port Properties 105
Determining UplinkFast and BackboneFast Status 106
Summary 106
Review Questions 107
Answers to Review Questions 109
Chapter 4 Routing Concepts and Distance Vector Routing Protocols
Routing Fundamentals 112
Basic Routing 112
Administrative Distance 116
Static Routing 117
Dynamic Routing 121
Route Information Protocol (RIP) 128
RIP Timers 129
Configuring RIP Routing 129
RIP Version 2 130
Summarization with RIP 132
Verifying Your Configurations 132
Interior Gateway Routing Protocol (IGRP) 137
Route Manipulation 138
Passive Interface 139
Distribute Lists 139
Summary 141
Review Questions 142
Answers to Review Questions 144
Chapter 5 Advanced Distance Vector Protocols
EIGRP Terms and Features 146
EIGRP Capabilities 147
Terms 148
Message Types 153
Tables 155
Enabling EIGRP 158
Autonomous System Numbers 158
Configuring EIGRP on a Router 159
Controlling Interfaces Placed in the Routing Process 161
Configuring EIGRP on a Switch 163
Configuring the Rest of the Network 163
Improving EIGRP Operations 166
Changing the EIGRP Metric 166
Default Routing 167
Summary Routes 169
Stub Routers 171
Load Balancing 173
Using EIGRP over WANs 176
Verifying and Troubleshooting 179
show ip eigrp neighbors 179
show ip eigrp topology 180
show ip route 182
show ip protocols 184
show ip eigrp interfaces 185
show ip eigrp traffic 186
Summary 187
Review Questions 188
Answers to Review Questions 190
Chapter 6 Link State Routing Protocols
Introduction to Link State Protocols 192
Link State Protocol Improvements 192
OSPF 193
OSPF Tables 195
OSPF Packet Types 196
Link State Advertisements (LSA) 198
OSPF Operation 199
Neighbor Discovery 200
BangRtr4Router Identity (RID) 203
Designated Router (DR) Elections 204
The Link State Database 208
The Routing Table 211
OSPF Cost 212
OSPF Features and Benefits 213
OSPF Hierarchy 214
OSPF Link Types 215
Stub Type Areas 218
Configuring OSPF 224
Verifying OSPF 227
Integrated IS-IS 234
IS-IS Features 235
IS-IS Compared to OSPF 238
Configuring IS-IS 240
Summary 241
Review Questions 243
Answers to Review Questions 245
Chapter 7 Exterior Gateway Protocols
BGP Operations 248
When Not to Use BGP 249
When to Use BGP 249
Ways to Connect a Network 250
Path Vectors 252
BGP Transmissions 253
BGP Tables 254
BGP Messages 254
Types of BGP Connections 257
BGP Attributes 262
Choosing a Path 268
Route Maps 270
Configuring BGP 274
Basic Setup 275
Example Configuration 280
Verifying BGP 283
Summary 286
Review Questions 287
Answers to Review Questions 289
Chapter 8 Multicast
What Is Multicast? 292
Transmission Types 292
Multicast Pros and Cons 294
Multicast Addressing 295
Multicast Protocols 299
Internet Group Management Protocol (IGMP) 299
Protocol Independent Multicast (PIM) 302
Multicast Operation and Configuration 305
Verify Multicast 307
Summary 309
Review Questions 310
Answers to Review Questions 312
Chapter 9 Internet Protocol Version 6 (IPv6) 313
Operating Internet Protocol Version 6 314
The Benefits of IPv6 315
IPv6 Addressing 316
Using IPv6 in an Internetwork 320
Interoperating IPv6 with IPv4 329
Dual Stacking 329
Tunneling 330
NAT-PT 332
Summary 333
Review Questions 334
Answers to Review Questions 336
Chapter 10 Redundancy Protocols
Client Redundancy Issues 338
Introducing Redundancy Protocols 340
Hot Standby Router Protocol 341
HSRP Timers 341
Group Roles 342
Virtual MAC Address 343
HSRP States 343
HSRP Group Communication and Configuration 344
Improving HSRP Operations 353
Virtual Router Redundancy Protocol 362
VRRP and HSRP Comparison 362
VRRP Redundancy Characteristics 364
VRRP Timers 365
VRRP Transition 366
Configuring VRRP 366
Gateway Load Balancing Protocol 367
GLBP Functions 367
GLBP Features 368
GLBP Per-Host Traffic Balancing 369
Configuring GLBP 371
Summary 371
Review Questions 372
Answers to Review Questions 374
Chapter 11 WAN and Teleworker Connections
Introduction to the Campus Edge 376
Enterprise Branch 376
Enterprise Teleworker 378
Cable Technologies 379
DSL Technologies 389
ADSL in Detail 395
Configuring the CPE as a PPPoE Client 402
Configuring the CPE with PPPoE and an
ATM Interface 408
Configuring the CPE as a PPPoA Client 409
Minimizing Dropped Packets 412
Enterprise WAN 413
MPLS 413
Switching Types 414
Router Architecture 416
Using Labels in MPLS 417
Summary 425
Review Questions 426
Answers to Review Questions 428
Chapter 12 Virtual Private Networks
Introduction to Virtual Private Networks 430
IPsec 431
Generic Routing Encapsulation (GRE) 434
VPN Operation 435
Cisco-Specific Operation 435
Configuring Site-to-Site VPN 436
Verify and Troubleshoot VPN 442
Cisco Easy VPN 452
Summary 464
Review Questions 465
Answers to Review Questions 467
Chapter 13 Device Security
Why Secure Your Devices? 470
CLI-Based AutoSecure 472
SDM-Based Security Audit Wizard 482
AAA 495
RADIUS 498
TACACS+ 500
Configuring AAA 503
Securing Management Functions 508
SNMP 508
Syslog 508
TFTP 509
NTP 509
Summary 510
Review Questions 511
Answers to Review Questions 513
Chapter 14 Switch Security
Introduction to Layer 2 Security 516
Rogue Devices 517
Layer 2 Attacks 517
Securing Layer 2 526
Port Security 526
AAA 528
802.1x 528
VACLs 530
Private VLANs 531
DHCP Snooping 533
IP Source Guard 533
Dynamic ARP Inspection 534
Summary 535
Review Questions 536
Answers to Review Questions 538
Chapter 15 Cisco IOS Firewall
Function of the Cisco IOS Firewall 540
Authentication Proxy 540
Transparent Firewall 541
Stateful Packet Inspection 541
Configure Cisco IOS Firewall with SDM 545
Basic Firewall 545
Advanced Firewall 552
Verify Cisco IOS Firewall Configurations 560
Basic Firewall 560
Advanced Firewall 564
Summary 569
Review Questions 570
Answers to Review Questions 572
Chapter 16 Cisco IOS IPS
Securing Networks with IDS and IPS 574
Basic Functions of the Intrusion Detection System (IDS) 574
Basic Functions of the Intrusion Prevention System (IPS) 576
Using IDS and IPS Together 577
Benefits and Drawbacks of IPS/IDS Sensors 578
Types of IDS and IPS Sensors 578
Working with Signatures 581
Configuring IOS IPS 585
Summary 597
Review Questions 598
Answers to Review Questions 600
Chapter 17 Voice
Introduction to Voice Networks 602
Converging Voice Traffic 603
Voice Components 604
Making a Phone Call 606
Call Control 606
Converting and Transmitting Voice 609
Introduction to QoS for Voice 611
Configurations for Voice 614
Switch Configuration 614
Gateway Configuration 616
Summary 619
Review Questions 620
Answers to Review Questions 622
Chapter 18 DiffServ Quality of Service (QoS)
Introducing QoS 624
The Problems You Face 625
Bandwidth 626
Delay 628
Packet Loss 630
Preparing to Implement QoS 631
Identifying Traffic 632
Classifying Traffic 633
Models for Implementing QoS 635
QoS Mechanisms 637
Traffic Marking 637
Queuing 644
Traffic Conditioning 645
Congestion Avoidance 646
Configuring QoS 647
Modular QoS CLI 649
SDM QoS Wizard 656
Summary 665
Review Questions 666
Answers to Review Questions 668
Chapter 19 Wireless Devices and Topologies
Wireless Fundamentals 670
The 802.11 Standards 672
2.4GHz (802.11b) 674
2.4GHz (802.11g) 676
5GHz (802.11a) 677
5GHz (802.11h) 677
2.4GHz/5GHz (802.11n) 678
Wireless LAN Modulation Techniques 679
Range Comparisons 680
Wireless Devices 681
Wireless Access Points 681
Wireless Network Interface Card (NIC) 681
Wireless Antennas 681
Wireless Topologies 684
Client Access 685
Service Areas 686
Configuring Wireless Clients 687
Installing Cisco Client Adapters 687
Configuring a Profile 691
Checking the Status of Your Connection 694
Diagnostics 695
Wireless Implementation Strategies 698
Autonomous Solution 698
Lightweight Solution 699
Summary 702
Review Questions 703
Answers to Review Questions 705
Chapter 20 Wireless Management and Security
Wireless Security 708
Open Access 709
Older Wireless Security Types 710
Temporal Key Integrity Protocol (TKIP) 711
WPA and WPA 2 PSK 712
Wireless QoS 713
Queuing and Marking for Wireless 713
Implementing Wireless QoS 715
Configuring Wireless Management Devices 718
The Wireless Control System 718
The Wireless LAN Controller 734
Summary 739
Review Questions 741
Answers to Review Questions 743
Appendix About the Companion CD 745
What You’ll Find on the CD 746
Sybex Test Engine 746
PDF of the Book 746
Adobe Reader 746
System Requirements 747
Using the CD 747
Troubleshooting 747
Customer Care 748
Glossary 749
Acronyms 813
Index 825
●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬❂❂▬▬●
●▬❂▬●
●❂●
═════● ●═════
