YouTube Transcript:
Learn Network Design From Scratch - Complete 9-Hour Course

Skip watching entire videos - get the full transcript, search for keywords, and copy with one click.

Video Transcript

hi this is david voss ccie11372

ccie11372

and in this video you're going to learn

about the osi model

in preparation for your cisco ccda exam

first i will teach you about the osi

model and then i'm going to give you

some challenges within the video

so that you can make sure you've

absorbed what you need to know for the

ccda exam

let's just do a quick overview of the

osi model before we dig in

the open system interconnection

reference model

is a seven layer model used in networking

networking

the model specifies layer by layer how

information from an application on a

network device

moves from the source to the destination

using a physical medium

and then how it interacts with the

software application

on that specific network device

so the osi model defines the network

functions required for sending data and

divides them into seven unique

categories the physical layer data link

layer network layer transport layer

session layer

presentation layer and then the

application layer you're going to get to

know each of these layers in detail in

this video

the upper three layers are concerned

with application issues such as the user

interface for data formatting

and then the lower four layers relate to

transport issues such as data

transmission and the physical

characteristics of the network

the osi model is a key concept in the

networking industry and you must know it

by heart in each of the layers

in detail because it plays a very

important role in the design phase of a

network using this modular approach

obviously you need to know it as well

for for troubleshooting issues as well

so the overall goals of the

osi model are to enhance

interoperability and functionality

between different applications and

vendors so for example

a cisco router can also communicate with

a juniper router

or an application

that is running on a network that

supports ip can communicate to another

network that happens to be running let's

say apple talk the osi model ensures

that everybody can communicate together

because it is based on and requires that

players on the network

adhere to set standards at each layer of

the osi model

so as you can see here

here are the seven detailed layers of

the osi model and i created this chart

for you and you can download it from

howtonetwork.com as well

this chart will help you study there are

many charts out there so feel free to

google osi model

and maybe find the one that works best

for you

but this one really does lay it out it

shows you all seven layers one through seven

seven

then the name of that specific layer so

you will need to memorize that for sure

and then the responsibilities

for each layer i give you a high level

of overview of each layer's responsibilities

responsibilities

and then the functions so

what is its function what's it supposed

to be doing

what is it supposed to be supporting

and then i give you some examples

of how those functions are actually put

into use

or actually defined

and then next is the data type

the terminology that is used to describe

the data then when it's at that level of

the osi model

and then finally the devices

that are actually participating

at that specific layer of the osi model

the fact is if you memorize this chart

you're going to be well on your way to

passing your ccda exam

but that being said we still need to

dive much deeper so you have a

comprehensive foundation of the osi

model you'll see how i have it color coded

coded

the top three layers five six and seven

generally these are the layers that

really tie in with the application

itself and a lot of application specific

information is set here

now the lower four layers typically are

considered more of the networks layers

when you think of actual networking

although all these layers participate in networking

networking

when you're talking to a network professional

professional

ninety percent of their job is spent on

layers one through four uh 95 percent of

their job probably is working at layers

one through four

and if there is troubleshooting in the

osi model

oftentimes uh between layer four and

five is where the handoff would would be

between the network team troubleshooting

versus the application team troubleshooting

troubleshooting

so if the network team for example

if they can say

you know what we can confirm that

traffic is passing over the physical

layer we can see that it's being routed

at layer three and we can see it's being

received by the tcp port

we've done our job we've transferred

your data you your port has sent and

received it

um that's where they would hand it off

and then the application team would

start saying

all right well now that we've now that

we've received the data

are we actually handling it correctly

so the color coding there should help you

you

so let's go ahead and get granular let's

learn about these these layers in detail

and let's start with actually let's

start with the application layer

everything at this layer is application specific

specific

that is this layer supports the

application in the end user processes

but also then defines who the

communication partners are

quality of service and user authentication

authentication

all of these application specific

settings are determined here

and will be dealt with at the lower

layers of the osi model

this layer provides application services

for such thing as file transfers email

and other networked software services

next is the presentation layer

this layer provides independence from

differences in data representation

such as encryption

by translating from application to the

network format and vice versa so it's

the intermediary

between the application

and the lower layers of the osi osi model

model

so this layer works to transform data

into the form that the application layer

can accept

this layer also formats and encrypts data

data

to be sent across the network

which provides freedom from

compatibility issues

the session layer establishes terminates

or manages connections between applications

applications

so the session layer will actually set

up and then coordinate and then

terminate a conversation

or dialogue between the applications at

each end of the conversation over the network

network

so it deals with session and connection coordination

coordination

now once we go ahead and scroll over to

the examples of each of these layers i

think these are going to look very

familiar to you

examples of applications that run at

layer 7 are telnet or email or a web browser

the presentation layer surely also looks

familiar to you in the examples given

file types such as jpeg or mpeg or mp4

all of these serve as compression types or

ways that the data is actually handled

and then the session layer these should

look familiar to to you as well such as

sql communications or windows operating

systems communications so you can see

there are things that you already know

about you just didn't know where they

fit in the osi model now all these data types

types

are considered a part of the application

stream so when we talk about data type

and devices you know when we get down to

the network layers these are going to be

a bit more unique but all of these three

layers what they have in common is that

they're a part of this application

stream which is why i say this is kind

of the d mark point between

the network and the application when

troubleshooting does occur or when

you're designing

oftentimes these higher layers

are designed

now let's go ahead and take a look at

the first four layers

of the osi model and these will probably

be the ones that look more familiar to

you in your day-to-day job or in your

studies because

this is where a lot of the very specific

network tasks

the transport layer ensures that there

is a transparent communication process

or transfer of data between the end

systems or hosts so it takes care of

error recovery and flow control

to ensure that the data transfer has

layer 4 is the transport layer and that

obviously defines ports such as tcp or

udp ports

so for example if we have a

pc that is communicating to a website

it's communicated communicating to that

and let's say it has multiple brows

let's say the user has multiple browsers

open they are communicating over and

over again over port 80. now how does

the website or websites know how to

communicate back to the user

well the user has his own port numbers

and they're all different

that way he can maintain three different

conversations at the same time to let's

say three different servers over port 80

and they can communicate back to the laptop

laptop

by communicating to individual ports

in this case we'll just use an example 65009

65009

and at this layer 2 five this is where

firewalls participate so let's say we

have a firewall here that's allowing

port 80. any traffic that's coming in

for let's say port 21 that will be

blocked the firewall will not allow it

based on the port number but any traffic

destined for port 80 the firewall will

allow it to come in

so for example if users need to get to 443

443

and they will not be able to unless the

firewall administrator enables port 443

on that firewall and then when they try

to communicate to port 443 it will work

so firewalls play a key role in

maintaining security at layer 4.

the network layer provides the routing

technologies it uses the logical paths

throughout the network to ensure that

data is forwarded to the correct location

location

so such thing as

ip addressing and subnetting

now the routed layer is probably the

most well-known layer especially if

you're in networking and this actually

makes sure that packets for example here

are packet destined for 172 31 1.1

is received by the router but the router

then knows what to do with it at this

layer it then

asks well what interface do i need to

forward this out of and it will then

choose based on the layer 3 information

of the osi model what port to send it

the data link layer data packets are

encoded and decoded into bits

so it's the intermediary between the

network and physical layer

it furnishes transmission protocol

knowledge and manages and handles errors

at the physical layer including flow

control and frame synchronization

as you know switches normally

participate at layer 2

and it is broken into two sections the

mac sub layer

and the llc sub layer now you know the

mac sub layer probably very well

because if you're looking at mac

addresses on a switch for example when

you're troubleshooting

this is the layer that

is assisting with your troubleshooting

methodology so for example we pull up a

mac address

and we take a look at the mac address in

the switch

this is the sub layer that we we are

referring to

the llc layer is going to allow the

communication between layer 2 and layer

3 and layer 1. it's the it's going to

allow that communication flow between

those two layers

and then finally

the physical layer this layer conveys

the actual bit stream that is the

electrical impulse light or radio signal

through the network at the electrical or

mechanical level

so it provides the hardware means of

sending and receiving data on a carrier

and it includes defining the cable type

network interface cards and any other

so at the physical layer this is

actually where the bits are

are

heading onto the wire so literally

1 0 1 0 etc etc

are hitting

the wire

so at this layer all of the other layers

from two through seven all of that information

information

is now transmitted very simply as binary

on or off

over the wire and then when it reaches

the destination this will be decoded by

the upper layers as appropriate so

obviously now that we see these binary

numbers hitting the wire we can

appreciate what the osi model actually

does for us it take it can take this information

information

can pass it all the way back up to an

so now that you've learned about the

first four layers of the osi model let's

go ahead and take a look at what

actually operates at these layers specifically

specifically

a lot of it is a lot of this is going to

look very familiar i'm sure

so some examples of what's actually

working at layer one is one example

would be cat6 cabling which surely

you've worked with in the past

but again these are just examples so it

could be

a network interface card it could be

any type of transport

that is your physical layer

next at the data link layer

this should

next is data link layer this should look

familiar it's broken into the llc and

the mac sub layers obviously mac

addresses are something you know about

but now you know where it fits within

the osi model

next on layer 3

obviously ip or apple talk but also the

routing protocol such as ospf or bgp

these are all operating at layer three

and then layer four is some examples are

your tcp or udp ports the many different

ports that are used as the channels for

communications between applications

now when data is passing through each of

these layers it does have a unique signifier

signifier

so at the physical layer you've already

learned that it's a binary digit it's

one or zero

at layer two we call them frames

layer three we consider them packets

and layer four is considered a segment

these are all terms you should know for

your ccda exam

and finally here are some examples of

network devices that run at each of

these layers so at layer one

hubs run at layer one they're

essentially repeaters

network interface cards

layer two switches

layer three routers and firewalls

surely you will do some reading about

layer 3 switches as well but really this

is where the routing functionality comes

or if a firewall is operating at this

level it's filtering on a layer 3

address only

not the tcp or udp port number and then

layer four would be typically firewalls

are operating at this level and this is

where the filtering is occurred solely

on the port

so be prepared to pause the video

here's your challenge this chart is

going to disappear in about 10 seconds

what i want you to do is to the best

your ability on a piece of paper

fill out columns one two

two 4

and 7.

i want to know

the layer

the name of the layer

the functions within that layer what

it's responsible for and then the

devices that run at that layer

do your best columns one two

two four

four

and seven

go ahead and pause the video at this time

so let's pull the chart up again how did

you do go ahead and pause the video with

now if you didn't get 100 my advice to

you is to keep studying because the osi

model is something you have to know

for your ccda exam but obviously you

need to know it to be a good engineer as well

well

in this video which is complemented the

ccda study guide which how to network

provides for you

you've received a good overview of the

osi model layer by layer

my suggestion to you is do not move on

to anything else

until you've mastered this

because everything else you learn

will ultimately

in some way shape or form relate back to

this model

i wish you the best of luck in your studies

studies

hi this is david voss ccie 11372 and in

this video

we're going to cover the unique

attributes of networking devices

this video is the companion to the how

to network ccda study guide

you will receive instruction on the

individual network devices

but you will also be challenged with

some exercises to make sure the

when it comes to networking technology

it's important to understand the

different products that cisco offers for

different solutions

especially when designing lan and wan solutions

solutions

if you have already watched video 1-1

which covers the osi model

then you will appreciate how network

devices can play a very unique role in a network

network

if you haven't watched video 1-1 then i

encourage you to do so because this

information will build off of that video

the three most common network devices in

use today are routers switches and hubs

but i will also add a fourth which are firewalls

firewalls

as they may not necessarily be

considered devices used for quote

unquote networking

but they can in fact participate in

layer 3 routing of traffic

and they most certainly filter traffic

based on layer 3 and 4 qualities

so let's work our way up through the osi model

model

starting at layer one to learn about the

at layer one we begin with hubs

became necessary when the need to

connect more than two devices first arose

arose

because a cable can only connect two endpoints

endpoints

hubs are network devices that operate at

this layer and connect multiple devices

which are all on the same local area network

network

unlike switches hubs do not have any

intelligence and therefore they do not

process packets in any way they simply

forward them

their main function is to send all the

data received on a port to all other ports

ports

so devices

receive all the packets that traverse a

specific network

even if they are not addressed to them

for this reason

hubs are also called repeaters

hubs work fine in very small offices

or at someone's desk

but imagine if you have 20 50 or even

100 devices on a network

using hubs is certainly not efficient

so in order to improve performance

especially from a bandwidth and security standpoint

standpoint

local area networks are divided into

multiple smaller lands

called collision domains

and these collision domains are

interconnected by a lan switch

switches have some intelligence unlike

hubs because they send data to a port

only if the data needs to reach that

particular segment

when using switches only the destination device

device

in a communication flow receives the

data sent by the source device

however multiple conversations between

devices connected to a switch can happen

simultaneously as you see here

these are each unique flows that the

switch is processing it's receiving it

on one port and forwarding it out the

other another

and forwarding it out a different port

see the difference between this and hubs

is that it's receiving one port sending

it out one port versus all ports

switching intelligence functions based

on the mac table

the mac table contains mac address to

port mappings and is populated as

traffic traverses the switch the switch

uses that information to build the mac

address table

in this example a frame is received by

the switch but the switch does not know

the location or does not have in its mac

address table the location for this frame

frame

therefore it sends the frame out to all ports

ports

now ultimately the server receives it

and then forwards it back

and with that information the switch can

then build the mac table

so the next time

that a frame is destined for server c

the switch will know exactly which port

it is off of and it will not have to

now notice that the most important

feature of a switch is the separation of

collision domains

all the devices on a switch

may be on separate collision domains per port

port

but note that they are all a part of the

same broadcast domain

it is routers that separate broadcast

domains and switches that separate

routers operate at layer 3 of the osi

model and thus they use layer 3 addresses

addresses

the primary purpose of a router

is to forward traffic to the correct subnet

subnet

so a router is consistently looking up

destination paths in its routing table

to understand where to forward the

traffic to

that is out which specific port

now as i said earlier

routers break up broadcast domains

switches do not do that

so for example each port on this router

is its own separate broadcast domain

this ensures network efficiency so that

broadcasts are not forward throughout

the entire network when they do not have

to be

generally speaking

for each interface you have a specific

subnet is assigned to that interface and

therefore broadcasts for that subnet are

limited to that interface only

now as a reminder switches typically

connect to routers and those

ensure the segmentation of collision domains

so for example

if there was an endpoint

sending a packet to destination address

192 168 1.10

the router would receive it

and then it would check its routing table

table

in this case it looks in its routing

table and it sees that it knows of a

and that it is located off of ethernet 0.

therefore the packet comes in

the router says i am aware of that destination

destination

and then forwards it out ethernet 0

and the host then receives the packet

at a high level this is the primary

function of a router

now let's say

a router does not have many entries in

the routing table only a default gateway

and that default gateway in this case is

off of the serial interface serial zero zero

zero

that means any packet

regardless of destination that is sent

to the router will be forwarded

now this is a very basic description of

how routers work routers can use static

routes but that's not ideal especially

when you have networks that are quite large

large

so in this case we have six routers all interconnected

interconnected

and to try to manage static routes for

all of the possible paths

administratively not only would be a burden

burden but

but

if you had certain static routes

pointing to specific routers and beyond

that router there was a failure of an interface

interface

due to the static nature of the routes

the routers downstream would not really

understand the true topology

therefore routers speak to one another

and they do that using routing protocols

and the in this case the entire routing

domain all six routers can be a part of

a routing protocol such as ospf

eigrp or any of the other routing protocols

protocols

and in this way they are communicating

back and forth

layer 3 information

so for example if an interface went down

on a router that would that information

would be forwarded to its neighbors and

its neighbors would then forward that

information to all of their neighbors

therefore the entire domain would

quickly be updated with this information

if you effectively have a routing

protocol enrolled out to your entire campus

campus really

really

no static routes should be required

and i want to emphasize one more point

no static routes are desired

static routes should only be used as a

last resort

next let's talk about firewalls now

please understand firewalls are not

typically considered a networking device

when people think of networking devices

they generally think of hubs switches

and routers

but the fact is firewalls do operate at

layer 3 and layer 4

and they can be used as routed devices

although it's not always the ideal there

definitely are situations where you are

going to find firewalls acting as

now as we talk about firewalls let's see

how firewalls fit in the big picture

let's just recap everything we've

learned so

first you've learned about the layer one

device which is a hub

hubs are normally found on desktops or

in very small offices

hubs generally

connect up to switches

switches are your aggregation points and remember

remember

they segment collision domains

switches then connect into routers

and routers are your aggregation points

for your separate subnets

and they often will connect to for example

example

exterior networks or in this case the internet

internet

so the firewall

protects the network from these exterior networks

networks

so the firewall is the protection point

for the networks one possible way of

doing it there are many ways of doing it

is to simply put the firewall

and directly connect it into the router

so that all traffic from the router must

go through the firewall

and then on a separate nick on the

firewall you would connect that to the

internal switch now again there's many

ways you can do this

but you'll get the general idea that all

layer 3 traffic

must go through this firewall

the firewall will have set rules at

layer 3

only allowing specific layer 3

conversations through the firewall or

what is generally seen more often

is layer 4 rules on the firewall only

allowing specific ports inbound

so let's say if you had an internal

web server that you wanted users on the

internet to hit

you could allow only that traffic

inbound to port 80 to hit this specific

ip this specific web server

now that being said

firewalls do this filtering function and

the reason they're in this video as a

network device

is that sometimes

it can occur

where a firewall can actually act as a

routed device

so if you had a dmz off of the firewall

for example

and its own switch

you're running an actual ecommerce site

and you have your web server here

because you have a lot of traffic coming in

and you want to make sure that you keep

it secure so you have your web server

your ids

which monitors all traffic etc

in this case

the traffic's coming into the router the

firewall is actually actually making a

decision here

do i forward it inbound or do i forward

it over to a separate nic over to this dmz

dmz

so although you won't see firewalls

listed as network devices per se

the fact is sometimes they very much can

play a part in the network and the

routing decisions

and actually there are even times where

firewalls can run routing protocols it's

not the norm but there are times where

you will see

bgp especially configured

configured

to a firewall

security experts would probably take

issue with that but that doesn't mean

you won't see it

so therefore there's your overview of

firewalls understanding that they

operate at both layer 3 and layer 4 and

then again they can operate as actual

forwarding devices making routing

decisions on the network

so why do you see a blank screen well

it's your term please get a blank piece

of paper and write down vertically one

two three and four

and then write down which devices match

which layer of the osi model

go ahead and do that now write down one

two three and four on your piece of

paper and write down which network devices

devices match

match

so how did you do

as you can see here are the layers of

the osi model and the network hardware

that matches with each layer

you're going to need to know this for sure

sure

as you proceed in your ccda studies but

so just to recap what we've learned

you've gone through

layer one two three and four of the osi

model and specifically you can see

how the network devices work within each

of these layers of the osi model so

again if you are not an expert at the

osi model yet please revisit video one

one and study it because as you can see

everything you're beginning to learn is

based off of that

hubs are at layer one switches work at

layer two

just a note switches can also work at

layer three there are such thing as

layer three switches that have some

routing functionality um

routers and firewalls work at layer three

three

and then firewalls work at layer four

this provides you a really solid

foundation moving forward so that when

you do hear about hubs switches routers

and firewalls

you understand where they fit in the osi

model and what their primary task is on

hi this is david voss

cci11372 and in this video you are going

to learn about network types

specifically wide area and local area networks

networks

let's go ahead and dig in

and learn about local area networks

local area networks are local computer

networks used to communicate between

host systems

generally for sharing information such

as documents audio files video email

they have limited reach and they connect

devices generally in the same building

or the same campus if you're using fiber

to extend the local area network

usually they're private and belong

solely to the companies in which they

are deployed

now in the past the topologies were ring bus

bus

mesh and star but today the most common

topology is switched ethernet

the different lan technologies available

today that are the most popular are

ethernet fast ethernet

gigabit ethernet

and now 10 gigabit ethernet is becoming

more and more popular

and then finally what is obviously very

popular at this point is wireless lan

where you can reach up to 600 megabits

per second

under the 802.11n specification

now at the higher layers of the osi

model it's the tcpip is the standard

which has replaced net buoy ipx spx and

apple talk among others although

if you travel around enough you

certainly are going to see some of these

older protocols

still out there so let's just go ahead

and draw out a typical local area

network first you're going to have an

access layer switch and if you remember

from typical design there's core

distribution and access layer well we're

in the access layer now

and the access layer switch is going to

connect out to let's say pcs or

ip based phones

these are all things that can be

connected into the local area network

including wireless access points

so the local area network can be extended

extended

as you can see here to a wireless access point

point

and then other systems wireless systems

can communicate such as laptops

or mobile phones

can be a part of can connect to the

local area network as well

now this access switch connects up to a

distribution switch

and the distribution switch ultimately

connects back into the core

and this would all still be considered

part of the local area network

but once we connect into a router then

we start talking about what the edge is

so we're moving off the edge into the

router then the wind would be off the

router itself

so there's kind of a dmarc point

if you think of local area network and

it's right about here between the router

and the core switch

now this distribution layer switch would

often be a layer three switch this would

this would be where your gateway is and

i bring this up because systems on your

local area network generally are on the

same subnet so in this case 192.168.1.0.24

and then here we have 1.10 1.11. now the

wireless access point may be 1.12 for

management and maybe that wireless

access point extends out another let's

say 10 dot network that assigns ip

addresses to anything that's wireless

these even those are even though these

are different subnets this would all be

considered a part of your local area network

so as you can see whether it's wired or

wireless that is your

lan and then the when is anything off of

your router and we'll talk about winds

in a minute

now the wide area network is used to

connect lands or other types of networks

together we'll briefly cover some of the

other types of networks as well

it allows users and computers in one

location to communicate with users and

computers in other locations

these are usually private networks

and they're usually built for one

but that being said

if you have an internet connection and

most businesses do nowaday nowadays

nowadays

there is a public connection from an organization

organization

to the internet

and at the end of each wan connection a

router connects the lan on one side with

now again you can connect over a private

network or you can connect over the internet

internet

as you can see there are five primary

types of wide area network technologies

lease line circuit switching packet switching

switching

connection oriented packet switching

connection lists and then cell relay

some are still very popular and some are

not used much at all anymore but that

being said you should be aware of all five

five

for your ccda exam

let's begin with discussing least line

now at least line very simply

would be connecting two routers

over a dedicated circuit so in this case

let's say chicago over to washington dc

a wide area can network a wide area

network connection is one single circuit

purchased by the company no other traffic

traffic

can go on that circuit except for the

traffic from this company

and it's connecting two local area

networks so yes

this is a very secure method of

transferring data between chicago

and dc

and this connection will be the wide

area network

next let's talk about

circuit switching now circuit switching

was once very popular and is still often used

used

for backup solutions so circuit

switching provides

temporary data communications over a

wide area network

which requires a call setup procedure

but that being said you will not be

charged for using the circuit when it's

not in use

so a circuit switching you would have

and then if interesting traffic hit one

and that is traffic destined for the

other location it would then place a

call or set up the wide area network connection

connection

and once that session was initiated

the traffic would then flow over the circuit

next let's talk about packet switched

connection oriented

some popular types of implementations of

this are frame relay

x25 and

more recently mpls

now in this case let's say we have one

hub site

and three remote sites you can set up a pvc

pvc

permanent virtual circuit which means

that that circuit is always up regardless

regardless

or an svc switch virtual circuit where

if there's interesting traffic

it will bring up

a virtual circuit and then forward

traffic and then tear it down again

now that being said

all this traffic is floating over a

provider network so

making sure that your

circuits are secure is going to be key

working with your vendor to ensure

security is a high priority not only for them

them

but additional measures that you can

take on your end to ensure all data

transmissions are secure over their

network where many customers are sharing it

next there is packet switched connectionless

connectionless

you certainly know of this or you

certainly use this already

whenever you connect to the internet

you're using this type of service

the system is relying on the i p

forwarding of routers on the network

it's not so concerned about the exact

path it takes

rather it just makes sure it relies on

the upper layer protocols to make sure

that the traffic reaches reaches its

destination so in this case we have an

internet edge

connecting to an internet service provider

provider

and let's say we have another location

with an edge connected to another

internet service provider

now how it gets there we don't know i

mean there we can't it can't be guaranteed

guaranteed

the path it will take it'll be going

over the internet

and um certainly we can look up how it's

getting there and how it's returning

but it can take many different paths

to get there

so that means traffic might not arrive

in order it may not be taking the path

you expect and you don't have ultimate

control over that now that being said if

you want more control and you want more

security you can connect two devices

into the internet and create your own

little private wide area network connection

connection

by creating tunnel interfaces on your

routers and then creating a gre tunnel or

an ipsec tunnel

which would encrypt the data

and to you it would look like a

point-to-point connection even though

it's going over the internet you're not

exactly sure which router just going over

over

but according to your systems and your

routing protocols it could look like a

point-to-point connection

and that's one very popular way of

saving money

is by rolling out

secure communications

and then finally there is cell relay now

this was very popular about 15 years ago

but due to the increase in bandwidth and

availability of ethernet and other options

options

this fell by the wayside due to the

large overhead but that being said

you should be aware of it

with atm it is a fixed cell technology

technology

so all the cells are the same size

and data is then placed inside

and is forwarded

so think of a train heading down the tracks

tracks

all the compartments are the same size

data is placed in it's very efficient

that way

but that being said there is a lot of

overhead because you don't always need

to use

that size of cell so here's what you

learned you learned about local area and

wide area networks

these are the two network types that you

are going to need to understand in and

out to pass your ccda exam

so this just got you started in the very basics

basics

and i encourage you to watch the rest of

the videos

so that you master the knowledge

necessary to understand all the

components of local and wide area networks

networks

enough information so that you can pass

your ccda exam

hi this is david voss ccie 11372

and in this video we're going to cover

tcpip fundamentals

as well as we're going to discuss udp

and icmp to bundle it in there for you

as you prepare for your ccda exam

so let's begin

begin

in this video you will specifically

learn about the different types of

headers used on the network the ip tcp

and udp header as well as how they

operate on the network

you will then review how routing works

and some of the issues faced or tools

used when routing

so let's begin

the tcp stack maps to the network and

transport layers of the osi model

ip or internet protocol has become the

de facto standard for network

what you see before you is the ip header

you will need to know the functions for

each of the fields you see before you

let me cover some of the functions that

you will most likely need to know for

your exam and in real world troubleshooting

troubleshooting

first there's the version field

the version field indicates that it is

ipv4 in this instance with a value of 0

1 0 0.

then there's the type of service field

this field is

commonly referred to as the type of

service byte it has 8 bits used to set

quality of service markings

and specifically within this

field is dscp the six left most bits are

used for dscp

which obviously commonly is associated

with quality of service marking

next is the ip flags field this is a

three bit field

the second bit of this field is the df

or do not fragment fragment bit

and that indicates that a packet should

not be fragmented

then there's the time to live field

this is an eight bit field that is

decremented by one each time a packet is

routed from one ip network to another if

ttl ever reaches zero the packet is discarded

discarded

the protocol field which is an eight bit

field specifies what kind of data

type of data is encapsulated

in the packet

tcp and udp are common protocols

identified by this field

finally the source address field which

is a 32-bit field indicating the source

of the ipv4 packet and then the

destination address field which again is

a 32-bit destination destination address

which indicates the destination

for that packet

first you have the version field just

like ipv4 but in ipv6

the value is 0 1 1 0.

the traffic class field

performs the same function as the type

of service field in ipv4

header the flow label field

is used by a router to use a specific

outbound connection for a traffic flow

if a router has multiple outbound connections

connections

the hot limit field probably sounds

familiar it's the same as the ipv4 ttl field

field

and then you have your source and

destination address field which is

similar to ib ipv4 headers 32-bit source

address field but in this case because

it's ipv6 it's 128 bits for both

obviously source and destination

next let's move on to the tcp segment

header here are some of the fields you

will certainly need to know you have the

source port field which is the 16-bit

field indicating the sending port number

and the destination port field again a

16-bit field so for example

if you connect to howtonetwork.com

you're connecting

to a destination port of 80 which is the

tcp port for http the sequence number

field is a 32-bit field indicating the

amount of data sent during a tcp session

the sending party uses this field to

make sure the receiving party actually

receive the data

the receiving party uses the sequence

number from this field as the basis for

the acknowledgment number

in the next segment that it sends back

to the sender and then the window field

which is a 16-bit field it specifies the

number of bytes a sender is willing to

transmit before receiving an

acknowledgement from the receiver and

we're going to follow this up in a few

minutes as we talk more about tcp window sizes

sizes

now that you've learned about what is in

a tcp header you need to understand the

basics of how tcp initiates traffic

flows over a network it's not complex

but you certainly need to know it if

you're tested on it

the process of setting up a tcp session

involves a three-way handshake

step one

the session initiator sends a sin packet

or a send message to the target host

and then

the host the target host acknowledges

the receipt of that sin message and

sends an act or acknowledgement message

and it also sends a sin message of its own

own

finally the session initiator receives

the send message from the target and

again it acknowledges receipt by sending

an ack message

and therefore you have a tcp session established

established

you need to know each of those steps one

two and three for your exam

earlier you learned about the window

field so let's circle back and talk

about that a little bit

tcp communication uses windowing

one or more segments can be sent at one time

time

the receiver acknowledges the receipt of

all segments in a window with an

acknowledgement now tcp can use a

sliding window

the window size can begin with one

segment and then if there's a successful

acknowledgement of that segment the

window size doubles to two segments

and then if those two segments are

received the next window can contain

four segments

this increase in window size continues

until the receiver does not acknowledge

successful receipt of all segments

within a certain time frame

known as the round-trip time the other

iplayer for transport protocol is udp

udp is considered to be an unreliable

protocol because it lacks all of the

features of tcp there's no sequence

numbering no window size no acknowledgements

acknowledgements

you can see here the header is quite simple

simple

it contains only source and destination

port numbers

and then a udp checksum and then segment

length so why use udp well it's best for

servicing applications that need to

maximize bandwidth and do not require

acknowledgments such as video streams or

audio and in fact the primary protocol

used to carry voice and video traffic

over networks is rtp

rtp

real-time transport protocol and that's

a layer 4 protocol that is encapsulated

inside of udp

now that you have a good understanding

of the individual headers in the tcpip stack

stack

cisco wants you to understand how this

traffic actually traverses the network

so let's go ahead and use this basic example

example

we have a pc that wants to send data

over to a server

the first step in this process is that

the pc will compare its ip address and

subnet mask to that of the destination

the pc by doing this is aware that the

destination ip address is on a remote

network and it cannot directly reach it

so the pc understands it needs to send

this packet now to its default gateway

it doesn't do that automatically yet it

needs to know actually who the default

gateway is

the pc needs to know the layer 2 address

of the default gateway so it sends an

arp request

for router 1's mac address and then it

receives a response

the pc adds router 1's mac address to

its arp cache and then now it can send

the data in a frame destined for server

1 to the default gateway because it has

the matching layer 2 and layer 3

information needed to forward that

request or to forward that message onto

the gateway

router 1 then receives the frame sent

from the personal computer

and looks at the ip header

and remember the ttl field it decrements

that field by one

now if the ttl field happened to be zero

which is not but if it happened to be

zero the router would discard the frame

and then send a time exceeded icmp

message back to the pc

the ttl is not decremented to zero here

so router one checks its routing table

and then understands that the best path

to re to reach network 192.168.4.0 is

the wan connection or over serial one

so it then forwards that message over to router2

router2

note that it does not need to do an arp

request because this is a serial

interface and serial interface types do

not have mac addresses

so then router 2 receives the frame and

again it decrements the ttl and the ip header

header

looks at the ip header

and then

determines where is this destination

network the destination network is

directly connected off the ethernet interface

interface so

router 2

needs to understand

now that it has the destination what the

mac address is for that destination

and it sends out an arp request

receives the information back the arp reply

from server one

and then router two forwards the frame

out it's fast ethernet interface to

server one

so that's a really basic example

but cisco wants you to understand all

the individual steps and how routing

actually works

now let's dig even deeper into what's

occurring on the network and an

important concept that cisco wants you

to know which is mtu or maximum

transmission unit

an mtu refers to the largest packet size

supported on a router interface and

typically 1500 is the common value

smaller mtu sizes result in more

overhead because more packets have to be sent

sent

but if you're sending data over slower

speed links

large mtu values could cause delay for latency

latency

sensitive traffic

when you have high speed connections let

me give you an example of let's say a

private interconnect between two servers

what happens is administrators often

enable jumbo frames

those are frames over the standard size

or the standard mtu size so that more

data can be forwarded in fewer number of

packets and therefore

fewer headers that routers have to

process on the network or systems need

to process on the network

now if you're going to run a network

you're going to need to troubleshoot it

and icmp messages are something that you

probably are going to be tested on

in the ccnp route exam

icmp is most often associated with the

ping utility and you use that obviously

you've used that in the past to check connectivity

connectivity

but it has many other roles beyond ping

it uses a variety of message types as

you can see here

but there's two that it appears cisco

wants you to focus on the first is

destination unreachable which you're

probably already aware of but if a packet

packet

enters a router which is destined for an

address that the router has no idea how

to reach the router will let the sender

know by sending a destination

unreachable icmp message back to the senator

senator

the other message that you may not be

aware of is the redirect a host may have

routing information

that will help it reach a particular

destination network

so it'll send it to that next top ip address

address

but network conditions can change

and a different next hop ip address may

need to be used

in that case the original next hop

router can let the host know to use a

different path by sending a host

redirect icmp message

so you've learned a lot in this video

when you started it you probably thought

it would be a simple review but surely

you've picked up quite a bit of information

information

hi this is david voss ccie 11372 and in this video we will be covering

and in this video we will be covering the first of two videos on layer 2

the first of two videos on layer 2 technologies

technologies we will start with spanning tree

we will start with spanning tree in this video you will learn about

in this video you will learn about spanning tree

spanning tree bpdus or bridge protocol data units

bpdus or bridge protocol data units stp port states

stp port states cost and

cost and priority stp port types

priority stp port types and then finally bpdu timers

and then finally bpdu timers all of this information is not only

all of this information is not only going to help you on your ccda exam

going to help you on your ccda exam but will certainly make you a better

but will certainly make you a better engineer as well

engineer as well so let's begin

so let's begin stp is defined in the ieee 802.1d

stp is defined in the ieee 802.1d standard and its primary purpose is to

standard and its primary purpose is to make sure that your network is loop free

make sure that your network is loop free it operates by making the following

it operates by making the following assumptions that all links are

assumptions that all links are bi-directional and that they can in fact

bi-directional and that they can in fact send and receive bpdus

send and receive bpdus and that the switch itself

and that the switch itself is able to regularly receive process and

is able to regularly receive process and send

bpdus now all switches that reside in the same stp domain regularly regularly

the same stp domain regularly regularly exchange these bridge protocol data

exchange these bridge protocol data units these messages with one another

and ultimately the network uses the information from

the network uses the information from these data units

these data units to determine the network topology and

to determine the network topology and the flows of traffic

the flows of traffic the topology of an active switch network

the topology of an active switch network is determined by the following three

is determined by the following three variables the unique mac address or the

variables the unique mac address or the switch identifier associated with each

switch identifier associated with each switch

switch the path cost to the root bridge

the path cost to the root bridge associated with each port on the switch

associated with each port on the switch and the port identifier

and the port identifier all these play a big role in the

all these play a big role in the decision making

decision making of how traffic will flow on a network

some basic facts bpdus are sent to the stp multicast destination address as you

stp multicast destination address as you see here

see here and by default they are sent every two

and by default they are sent every two seconds

seconds now there are two type of data units

now there are two type of data units that we should know of

that we should know of configuration bpdus and tcns or topology

configuration bpdus and tcns or topology change notification bpd use

change notification bpd use now switch has determined the best

now switch has determined the best configuration bpdu

configuration bpdu based on the following criteria

based on the following criteria which is lowest root bridge id which is

which is lowest root bridge id which is based on root bridge id

based on root bridge id root path cost to the root bridge

root path cost to the root bridge sender bridge id and sender port id

before we can continue we should really understand

understand how things work in spanning tree

how things work in spanning tree regarding just the ports themselves so

regarding just the ports themselves so spanning tree ports so in a typical

spanning tree ports so in a typical environment we're going to have one root

environment we're going to have one root switch and we have three switches

switch and we have three switches connected here switch one two and three

connected here switch one two and three and switch one is the root and this is

and switch one is the root and this is gonna help us understand how

gonna help us understand how spanning tree

spanning tree designates ports so

designates ports so in spanning tree the root never has root

in spanning tree the root never has root ports because root is always the

ports because root is always the forwarding port that is closest to the

forwarding port that is closest to the root bridge so this root only has

root bridge so this root only has designated ports switch 2 and switch 3

designated ports switch 2 and switch 3 both have root ports that is the

both have root ports that is the forwarding port that is closest to the

forwarding port that is closest to the root bridge in terms of path cost

root bridge in terms of path cost and then

and then switch 3 has a designated port this is

switch 3 has a designated port this is one forwarding port on each lan segment

one forwarding port on each lan segment and then switch 2 is the alternate port

and then switch 2 is the alternate port this is the best alternate path to the

this is the best alternate path to the root bridge on that very same segment

root bridge on that very same segment segment

segment next to switch 3 we're going to connect

next to switch 3 we're going to connect switch 4.

switch 4. switch 3 is going to have a designated

switch 3 is going to have a designated port but it's going to also here have a

port but it's going to also here have a backup port a backup port

backup port a backup port is a backup redundant path to a segment

is a backup redundant path to a segment where another bridge port already

where another bridge port already connects

the backup port applies only when a single switch has two links to the same

single switch has two links to the same segment

now we can better understand the following slide at the completion of

following slide at the completion of configuration bpdu exchange the

configuration bpdu exchange the following results a root switch is

following results a root switch is elected for the entire spanning tree

elected for the entire spanning tree domain

domain and a root port is elected on every

and a root port is elected on every non-root switch in the spanning tree

non-root switch in the spanning tree domain

domain as you will remember a root port is a

as you will remember a root port is a forwarding port that is the closest to

forwarding port that is the closest to the root bridge in terms of path cost

the root bridge in terms of path cost a designated switch is elected for every

a designated switch is elected for every land segment and a designated port is

land segment and a designated port is elected on the designated switch for

elected on the designated switch for every segment

every segment and if we and if you will remember a

and if we and if you will remember a designated port is a forwarding port

designated port is a forwarding port for every lan segment the chosen

for every lan segment the chosen forwarding

forwarding port then finally based on all this

port then finally based on all this information and all these calculations

information and all these calculations loops are avoided in the network

now topology change bpdus play a key role

role in handling changes in the active

in handling changes in the active topology

they are proactively originated by any switch and sent upstream toward the root

switch and sent upstream toward the root bridge

bridge providing information that would be key

providing information that would be key to keeping the network loop free

let's next let's talk about spanning tree port states

802.1d has five different port states disabled blocking listening learning and

disabled blocking listening learning and forwarding

forwarding let's talk about each of these in depth

when a switch port is in blocking mode the port is not transmitting or

the port is not transmitting or receiving data

receiving data and it's prevented from transmitting

and it's prevented from transmitting bpdus

bpdus packets arriving on the port are not

packets arriving on the port are not learned by the bridges filtering

learned by the bridges filtering database

database a block port though can receive bpdus

a block port though can receive bpdus and is included in the spanning tree

and is included in the spanning tree algorithm calculation

algorithm calculation so

so ultimately it could be used to transfer

ultimately it could be used to transfer data but it's not it's blocking at this

data but it's not it's blocking at this point

next let's talk about the port state of listening

a listening port is not transmitting or receiving data and packets on the port

receiving data and packets on the port are not learned by the bridges filtering

are not learned by the bridges filtering database

database but it can transmit and receive bbdus

but it can transmit and receive bbdus and is included in the spanning tree

and is included in the spanning tree algorithm calculation

algorithm calculation the listening state is a transitional

the listening state is a transitional state

state that will change to the learning state

that will change to the learning state after a settable time of period which we

after a settable time of period which we know as the forward delay timer

in a learning state the port is not transmitting or receiving data but it

transmitting or receiving data but it can receive and transmit bpd use

can receive and transmit bpd use it is included in the spanning tree

it is included in the spanning tree algorithm calculation

algorithm calculation and the packets arriving on the port are

and the packets arriving on the port are in fact learned by the bridges filtering

in fact learned by the bridges filtering database

database this also is a transitional state that

this also is a transitional state that will automatically change to a

will automatically change to a forwarding state after a settable period

forwarding state after a settable period of time which is called the forward

of time which is called the forward delay timer

and as appropriate let's move on to the forwarding state

the forwarding state is the only state in which data is being transmitted and

in which data is being transmitted and received by the port

received by the port it can receive and transmit bpdus and is

it can receive and transmit bpdus and is included in the spanning tree algorithm

included in the spanning tree algorithm calculation

calculation the packets arriving on the port are

the packets arriving on the port are learned by the bridge's filtering

learned by the bridge's filtering database

finally let's talk about the disabled port state

a port is disabled or in a disabled state

state when the port is not transmitting or

when the port is not transmitting or receiving data packets or bpdus and is

receiving data packets or bpdus and is not considered in the spanning tree

not considered in the spanning tree algorithm

so as you can see once a port is enabled by a network administrator or through

by a network administrator or through initialization

initialization it goes through a process or these

it goes through a process or these different port states

different port states the port will move into a listening and

the port will move into a listening and learning and ultimately a forwarding

learning and ultimately a forwarding state if the spanning tree algorithm

state if the spanning tree algorithm has chosen it as a root port or a

has chosen it as a root port or a designated port if spanning tree has not

designated port if spanning tree has not chosen the port

chosen the port as a root or designated port

as a root or designated port it will put the port into a blocking

it will put the port into a blocking state

you know that also as an alternate port or a backup port

now spanning tree uses the bridge id to uniquely identify each switch and

to uniquely identify each switch and it's actually used to assist in the

it's actually used to assist in the election of a spanning tree root bridge

election of a spanning tree root bridge unless of course the root bridge has

unless of course the root bridge has been manually configured

been manually configured in the 802.1d standard each vlan

in the 802.1d standard each vlan requires a unique bridge id

requires a unique bridge id so spanning tree root bridge election

so spanning tree root bridge election following initialization all switches

following initialization all switches initially assume that they are root but

initially assume that they are root but the switch with the highest bridge

the switch with the highest bridge priority is elected this the spanning

priority is elected this the spanning tree root bridge

tree root bridge now all things being equal if nothing's

now all things being equal if nothing's been configured and all things set are

been configured and all things set are set to default

set to default then the root bridge is chosen

then the root bridge is chosen by the lowest order mac address

by the lowest order mac address during route election no traffic is

during route election no traffic is forwarded over any switch in the same

forwarded over any switch in the same spanning tree domain until things are

spanning tree domain until things are stabilized and there's a loop free

stabilized and there's a loop free topology

spanning tree uses cost and priority values to determine the best path to the

values to determine the best path to the root bridge

root bridge in the 802.1d specification it assigns a

in the 802.1d specification it assigns a 16-bit default port cost values to each

16-bit default port cost values to each port now

port now note this before we dig into the actual

note this before we dig into the actual port values

port values the port cost is globally significant

the port cost is globally significant and is included in all propagated bpdus

and is included in all propagated bpdus by default the lower number the lower

by default the lower number the lower costs are more preferred

costs are more preferred so you're going to see this in a second

so you're going to see this in a second as we draw this out

as we draw this out but in the event that multiple ports

but in the event that multiple ports have the same path cost then spanning

have the same path cost then spanning tree will consider the port priority the

tree will consider the port priority the default value is 128

default value is 128 but you should note that the port

but you should note that the port priority is locally significant

priority is locally significant and not included in spanning tree

and not included in spanning tree protocol bpdus

so the spanning tree protocol default port cost

port cost it depends on the interface speed and

it depends on the interface speed and you'll notice here from this chart

you'll notice here from this chart that the higher the speed the lower the

that the higher the speed the lower the cost and this comes into play

cost and this comes into play when spanning tree is actually trying to

when spanning tree is actually trying to calculate

calculate the best path to root

the best path to root so for example

so for example let's draw out a network with five

let's draw out a network with five switches

switches and we're going to bring each of these

and we're going to bring each of these switches online

switches online and lets spinning tree decide which is

and lets spinning tree decide which is the best path

the best path and which ports should be root which

and which ports should be root which ports should be designated ports

ports should be designated ports so they are all

interconnected and let's pretend we are powering them all on

powering them all on now let's say the switches aren't all of

now let's say the switches aren't all of the same speed so

the same speed so for example

for example we have a 10 megabit switch

100 megabit switch and we'll just say all the interfaces on the switch

all the interfaces on the switch are that speed

are that speed a one gigabit switch

a one gigabit switch 100 megabit switch here

so as you remember from the chart these numbers should start to look

these numbers should start to look the cost of two is assigned to a 10

the cost of two is assigned to a 10 gigabit interface cost of four a one

gigabit interface cost of four a one gigabit interface

gigabit interface cost of a 19 100 megabit interface

cost of a 19 100 megabit interface and a cost of 100 to a 10 megabit

and a cost of 100 to a 10 megabit interface

interface and spanning tree will calculate as you

and spanning tree will calculate as you can see

can see it's doing right here spanning tree is

it's doing right here spanning tree is calculating best path

calculating best path to

to to the root and let's say we've let's

to the root and let's say we've let's say we've assigned the one gigabit

say we've assigned the one gigabit switch as our we've manually set it

switch as our we've manually set it spanning tree would then calculate

spanning tree would then calculate and as you can see here from the 10

and as you can see here from the 10 megabit switch through the 100 meg over

megabit switch through the 100 meg over to the one gig

to the one gig it's a hundred and the total cost is

it's a hundred and the total cost is 123.

123. and then the other path the total cost

and then the other path the total cost is 119. that's the lower cost

is 119. that's the lower cost that would be the root port

that would be the root port because that would be the preferred path

so as you know we've already talked about some of these

we've already talked about some of these ports but spanning tree elects two types

ports but spanning tree elects two types of ports that are used to forward bpd

of ports that are used to forward bpd use

use and that's the root port

and that's the root port now note the root switch never has any

now note the root switch never has any root ports because

root ports because this is the port that provides the best

this is the port that provides the best path to the root bridge

path to the root bridge so every other switch is going to have

so every other switch is going to have one root port that's the best path to

one root port that's the best path to the root bridge the root bridge will not

the root bridge the root bridge will not have a root port for obvious reasons

have a root port for obvious reasons the root path cost is calculated based

the root path cost is calculated based on the

on the cumulative cost to the root

the designated port actually points away from the spanning tree root and it sits

from the spanning tree root and it sits in a blocking state

in a blocking state all ports on the root are designated

all ports on the root are designated ports because the root path cost will

ports because the root path cost will always be zero

always be zero the designated port

the designated port is the best port on a segment

is the best port on a segment so for example

so for example on a segment you will have

on a segment you will have on a segment where there is no root

on a segment where there is no root switch you will have one designated port

switch you will have one designated port and all the other ports will be either

and all the other ports will be either alternate or backup ports

we talked about quite a bit about bpd use in

use in in video lesson three module one but

in video lesson three module one but let's build upon that further

let's build upon that further bpdus includes several timers that play

bpdus includes several timers that play an integral role in the operation of the

an integral role in the operation of the protocol

protocol and the modification of these timers

and the modification of these timers should always be made at the root bridge

should always be made at the root bridge there are three configurable spanning

there are three configurable spanning tree timer values which is hello

tree timer values which is hello forward delay and max age

forward delay and max age the hello time is two seconds by default

the hello time is two seconds by default forward delay is 15 seconds by default

forward delay is 15 seconds by default and max age is 20 seconds by default

so here's what you've learned you've learned about the foundation of spanning

learned about the foundation of spanning tree which is bpdus

tree which is bpdus port states

port states cost and priority and the stp port types

cost and priority and the stp port types so this provides you a solid foundation

so this provides you a solid foundation for designing your networks and your

for designing your networks and your ccda exam good luck in your studies

hi this is david voss ccie 11372 and in this video you're going to learn

and in this video you're going to learn about the layer 2 technology vlans

about the layer 2 technology vlans so here's what you'll learn you'll learn

so here's what you'll learn you'll learn about vlans and then you're going to

about vlans and then you're going to learn specifically about what makes

learn specifically about what makes voice vlans unique so let's go ahead and

voice vlans unique so let's go ahead and begin our video with just some of the

begin our video with just some of the basics about what vlans are

what exactly is a vlan well cisco says it's a group of end stations with a

it's a group of end stations with a common set of requirements

common set of requirements using vlans allows you to put

using vlans allows you to put many different devices in many different

many different devices in many different locations on the same

locations on the same logical network on the same layer 2

logical network on the same layer 2 network

network in the past without vlans

in the past without vlans you would have to rely upon

you would have to rely upon simple hardware solutions but a vlan

simple hardware solutions but a vlan allows you to virtualize your layer 2

allows you to virtualize your layer 2 segment

segment vlans are usually associated by the same

vlans are usually associated by the same subnet so normally devices on a vlan

subnet so normally devices on a vlan are are sharing the same subnet

are are sharing the same subnet and and with this in mind

and and with this in mind they're sharing the same broadcast

they're sharing the same broadcast domain that is the norm

domain that is the norm and then vlans must be routed to

and then vlans must be routed to communicate with other vlans so it is a

communicate with other vlans so it is a true layer 2 segment

true layer 2 segment a vlan is not going to be able to

a vlan is not going to be able to communicate with another vlan

communicate with another vlan unless it is passed through a layer 3

unless it is passed through a layer 3 device which can route it

device which can route it now there are two types of switch port

now there are two types of switch port types

types for vlan membership that we need to

for vlan membership that we need to understand

understand and the first is

and the first is the access port

the access port now access ports can only belong to a

now access ports can only belong to a single vlan now when you think of an

single vlan now when you think of an access port

access port it's pretty much probably what you think

it's pretty much probably what you think of it's usually for end devices like a

of it's usually for end devices like a workstation

workstation or a server

or a server it is a device that is an end station

it is a device that is an end station and again accessport can only belong to

and again accessport can only belong to a single vlan

a single vlan typically used to connect end devices

typically used to connect end devices and there are two methods to assign

and there are two methods to assign ports

ports uh to vlans

uh to vlans for these access ports the first which

for these access ports the first which is by far the the most popular

is by far the the most popular is the static vlan assignment so an

is the static vlan assignment so an administrator actually doing it and then

administrator actually doing it and then dynamic vlan assignment

dynamic vlan assignment which is done by a server so let's dig a

which is done by a server so let's dig a little bit more into that into those two

little bit more into that into those two concepts

concepts so

so when we have a static vlan assignment

when we have a static vlan assignment the network administrator is actually

the network administrator is actually manually configuring a switch port to be

manually configuring a switch port to be a part of a vlan

a part of a vlan the network administrator is saying is

the network administrator is saying is programming the port to say you are

programming the port to say you are going to be an access port

going to be an access port and you're going to be associated with

and you're going to be associated with this specific vlan

this specific vlan now you can do this dynamically and this

now you can do this dynamically and this is not as popular but there is something

is not as popular but there is something called a vlan management policy server

called a vlan management policy server which can assign a desired vlan to users

which can assign a desired vlan to users connecting to a switch

connecting to a switch we don't need to get much deeper than

we don't need to get much deeper than that

that for your exam but you need to you do

for your exam but you need to you do need to know these two methods

need to know these two methods now there's another type of port that we

now there's another type of port that we need to understand to understand the

need to understand to understand the concept of vlans and that is trunk ports

concept of vlans and that is trunk ports and trunk ports are used to carry data

and trunk ports are used to carry data from multiple vlans

from multiple vlans so

so access ports only allow communication

access ports only allow communication from

from one end device over a specific vlan

one end device over a specific vlan well ultimately if you're hosting many

well ultimately if you're hosting many vlans

vlans this traffic's gonna need to be able to

this traffic's gonna need to be able to communicate

communicate um throughout your network uh so that

um throughout your network uh so that they're not limited

they're not limited uh limited by a hardware device so your

uh limited by a hardware device so your vlan may your vlans may be spread

vlan may your vlans may be spread throughout

throughout many floors or

many floors or maybe even many buildings

maybe even many buildings trunk ports allow you to carry data from

trunk ports allow you to carry data from all these different vlans between all

all these different vlans between all your different hardware devices

your different hardware devices now there are some standard vlan numbers

now there are some standard vlan numbers and ranges you should know specifically

and ranges you should know specifically let's focus on two 1001 these vlans are

let's focus on two 1001 these vlans are created and used and deleted on all

created and used and deleted on all cisco catalyst switches

cisco catalyst switches and another one that you should really

and another one that you should really focus in on is the range of 1006 to

focus in on is the range of 1006 to 4094.

4094. these are

these are extended this is an extended range of

extended this is an extended range of vlans for ethernet vlans only

vlans for ethernet vlans only now you may be asked about these other

now you may be asked about these other ranges but i would focus in on

ranges but i would focus in on vlan ranges two to one thousand and one

vlan ranges two to one thousand and one and one thousand six to four thousand

and one thousand six to four thousand ninety four

now we talked a little bit about vlan trunks earlier but let's just

trunks earlier but let's just hit upon let's just hit upon vlan trunks

hit upon let's just hit upon vlan trunks a little bit more so we can understand

a little bit more so we can understand it now again i want to remind you that

it now again i want to remind you that there is another video that is dedicated

there is another video that is dedicated solely to vlan trunks

solely to vlan trunks but let's just get a basic understanding

but let's just get a basic understanding here

here vlan trunks are used to carry data from

vlan trunks are used to carry data from multiple vlans which you already know

multiple vlans which you already know now there are two methods two protocols

now there are two methods two protocols that can be used

that can be used to build these trunks and the first is

to build these trunks and the first is inner switch link or isl

inner switch link or isl and that's a cisco proprietary protocol

and that's a cisco proprietary protocol that is used to preserve the source vlan

that is used to preserve the source vlan identification information

identification information for frames that traverse trunk links

for frames that traverse trunk links and then

and then there is i would say the more popular

there is i would say the more popular 802.1 q

802.1 q which is an open standard

which is an open standard and then it performs a little bit

and then it performs a little bit differently than the cisco proprietary

differently than the cisco proprietary protocol

protocol now the reason

now the reason 802.1q is so popular is you probably

802.1q is so popular is you probably understand that for obvious reasons

understand that for obvious reasons that if you want to trunk between

that if you want to trunk between two devices like one is cisco and one is

two devices like one is cisco and one is non-cisco

non-cisco you're able to do that

you're able to do that so

so this standard works very effectively and

this standard works very effectively and 802.1q is very popular but you will

802.1q is very popular but you will definitely be asked about isl and you

definitely be asked about isl and you will definitely be asked about the

will definitely be asked about the differences between isl and 802.1q

now so you've received a lot of information

so you've received a lot of information right now so let's go ahead and kind of

right now so let's go ahead and kind of draw out some of these concepts that

draw out some of these concepts that we've been talking about

we've been talking about so

so when we think of vlans we think first of

when we think of vlans we think first of we need to connect

we need to connect endpoints need to connect on a local

endpoints need to connect on a local area network so

area network so here we have

here we have four endpoints

and we have one switch and each of these endpoints

and each of these endpoints need to communicate and not all of them

need to communicate and not all of them need to communicate with with each other

need to communicate with with each other so let's say we have two workstations

so let's say we have two workstations and two servers

and two servers and we're gonna put this one workstation

and we're gonna put this one workstation in vlan 10 and this other workstation in

in vlan 10 and this other workstation in vlan 10

vlan 10 and then these two servers in vlan 2.

and then these two servers in vlan 2. these two servers are segmented on their

these two servers are segmented on their own vlan and as are the workstations

own vlan and as are the workstations they cannot communicate between each

they cannot communicate between each other

other between vlan 2 and 10

between vlan 2 and 10 but anything on vlan 10 can communicate

but anything on vlan 10 can communicate with vlan 10. now here's another

with vlan 10. now here's another dedicated vlan we'll say vlan 3 to a

dedicated vlan we'll say vlan 3 to a dedicated device

dedicated device now

now and here is a router so for any of these

and here is a router so for any of these vlans to communicate with one another

vlans to communicate with one another they need to pass through a layer 3

they need to pass through a layer 3 device so this this workstation that

device so this this workstation that from vlan 10 if it wants to communicate

from vlan 10 if it wants to communicate over to a server it needs to be routed

over to a server it needs to be routed and go through the router and passed

and go through the router and passed over to vlan 2.

over to vlan 2. um let's say you want to keep vlan 3

um let's say you want to keep vlan 3 devices

devices not accessible from the network you can

not accessible from the network you can prevent that

prevent that so here we have other devices on vlan 3

so here we have other devices on vlan 3 and we will say let's say this is a

and we will say let's say this is a back-end connection between two servers

back-end connection between two servers that we have no need to route it vlan 3

that we have no need to route it vlan 3 can be segmented from the entire network

can be segmented from the entire network nobody can reach it so there's some

nobody can reach it so there's some security built into vlans as well

security built into vlans as well now vlans can extend

now vlans can extend obviously over to other hardware

obviously over to other hardware platforms so this router is connected to

platforms so this router is connected to another switch

another switch and on this switch let's say that's in a

and on this switch let's say that's in a different building we have another

different building we have another device on vlan 2

device on vlan 2 another device

another device another endpoint

another endpoint on an access port to vlan 10

on an access port to vlan 10 and if they want to communicate over to

and if they want to communicate over to the other building let's say vlan 2 or

the other building let's say vlan 2 or vlan 10 they simply go over this trunk

vlan 10 they simply go over this trunk port you know that term

port you know that term goes over the trunk port and can

goes over the trunk port and can communicate over to

communicate over to the other sites

the other sites configuring a vlan is rather

configuring a vlan is rather straightforward

straightforward you simply go into configuration mode

you simply go into configuration mode and type in vlan

and type in vlan and for the sake of this example we're

and for the sake of this example we're assigning it number 10

assigning it number 10 and then normally you would name the

and then normally you would name the vlan so anybody logging in would

vlan so anybody logging in would understand what that vlan what the

understand what that vlan what the purpose of the vlan actually is so the

purpose of the vlan actually is so the purpose of this vlan is actually to host

purpose of this vlan is actually to host servers

servers um you can name it obviously anything

um you can name it obviously anything you want but in this case we'll just say

you want but in this case we'll just say servers and then you have the vlan build

servers and then you have the vlan build but you still need to assign ports to

but you still need to assign ports to that vlan

that vlan so you assign a port to a vlan by

so you assign a port to a vlan by actually going into interface

actually going into interface configuration mode and in this example

configuration mode and in this example it's fast ethernet 0 two

it's fast ethernet 0 two and then you need to make the ethernet

and then you need to make the ethernet port in access port now remember those

port in access port now remember those two port types that we're concerned

two port types that we're concerned about

about accessport and trunk port we're making

accessport and trunk port we're making this an access port

this an access port and then you enter in the command switch

and then you enter in the command switch port access vlan in the vlan you want it

port access vlan in the vlan you want it to participate in and let's say on fast

to participate in and let's say on fast ethernet 02 we have a server we're

ethernet 02 we have a server we're connecting so we're going to assign it

connecting so we're going to assign it to vlan 10

to vlan 10 and that is it that is it

and that is it that is it next let's learn about the unique

next let's learn about the unique attributes of voice vlans

a cisco ip phone provides a data connection for a user's

provides a data connection for a user's personal computer

personal computer in addition to voice data coming from

in addition to voice data coming from itself

itself so this allows one single ethernet

so this allows one single ethernet connection to be installed per user and

connection to be installed per user and makes maximum use of your ports

makes maximum use of your ports even though several different types of

even though several different types of data can pass over that port

data can pass over that port the voice and user pc ports always

the voice and user pc ports always function as access mode switch ports

function as access mode switch ports but the port that connects to the switch

but the port that connects to the switch that can operate as an 802.1q trunk

that can operate as an 802.1q trunk or it can operate as an access port

or it can operate as an access port now when bringing up a trunk between an

now when bringing up a trunk between an ip phone and a switch

ip phone and a switch this is normally negotiated

this is normally negotiated but you can specify that the ports at

but you can specify that the ports at both ends are brought up as an 802.1q

both ends are brought up as an 802.1q trunk

trunk now you could bring the switch port up

now you could bring the switch port up as an access port

as an access port but that would not allow you to segment

but that would not allow you to segment voice and data appropriately

voice and data appropriately the trunk allows you to segment voice

the trunk allows you to segment voice and data on separate vlans

and data on separate vlans and this would allow you to easily

and this would allow you to easily provide quality of service capabilities

provide quality of service capabilities to the voice traffic since it's already

to the voice traffic since it's already segmented

segmented to configure the iphone uplink you just

to configure the iphone uplink you just need to configure the switch port

need to configure the switch port where the phone connects

where the phone connects the switch then instructs the phone

the switch then instructs the phone to follow the mode that is selected

to follow the mode that is selected if an 802.1q trunk is needed the trunk

if an 802.1q trunk is needed the trunk is automatically negotiated by dtp and

is automatically negotiated by dtp and cdp

cdp so here's what you've learned you've

so here's what you've learned you've learned about vlans

learned about vlans and specifically what makes voice vlans

and specifically what makes voice vlans unique

unique and all of this information not only

and all of this information not only will help you with passing your ccda

will help you with passing your ccda exam

exam it will help you

it will help you design your networks moving forward

design your networks moving forward good luck in your studies

hi this is david voss ccie 11372 and in this video you're going to learn

and in this video you're going to learn basic layer 3 technologies

basic layer 3 technologies specifically you're going to learn the

specifically you're going to learn the basics of

basics of ipv4 and v6 addressing

ipv4 and v6 addressing and routing

and routing so let's go ahead and begin

so let's go ahead and begin network addresses are logical addresses

network addresses are logical addresses assigned when a device is placed in the

assigned when a device is placed in the network and change when the device is

network and change when the device is moved

moved network layer addresses have a

network layer addresses have a hierarchical structure

hierarchical structure comprised of two parts

comprised of two parts the network address and the host address

the network address and the host address logical addresses can be assigned

logical addresses can be assigned manually by the administrator or

manually by the administrator or dynamically via a dedicated protocol

dynamically via a dedicated protocol such as dhcp or dynamic host

such as dhcp or dynamic host configuration protocol

configuration protocol using a server on the network

using a server on the network all the devices in a network have the

all the devices in a network have the same network portion of the address

same network portion of the address but different host identifiers

routers analyze the network portion of ip addresses and compare them with

ip addresses and compare them with entries from its routing table

entries from its routing table if a match is found the packet is sent

if a match is found the packet is sent to the appropriate interface

ipv4 addresses are 32-bit numbers represented as strings of zeros and ones

represented as strings of zeros and ones for a more intuitive representation of

for a more intuitive representation of ipv4 addresses

ipv4 addresses the 32 bits can be divided into four

the 32 bits can be divided into four octet groupings separated by dots which

octet groupings separated by dots which is called dotted decibel notation

is called dotted decibel notation the octets can be converted into decimal

the octets can be converted into decimal numbers

numbers for example considering the following

for example considering the following for example consider the following

for example consider the following 32-bit string

32-bit string if you were to divide it into four

if you were to divide it into four octets it results in the following

octets it results in the following binary representation

binary representation this translates into an easy to read

this translates into an easy to read decimal representation of 192 168

decimal representation of 192 168 128.169

ipv4 addresses are categorized into five classes a b and c are used for

classes a b and c are used for addressing devices

addressing devices d is for multicast groups

d is for multicast groups and e is reserved for experimental use

and e is reserved for experimental use the first bits of the address define

the first bits of the address define which class it belongs to as illustrated

which class it belongs to as illustrated in this chart

in this chart knowing the class of an ipv4 address

knowing the class of an ipv4 address helps to determine which part of the

helps to determine which part of the address represents the network

address represents the network and which part represents the host bits

and which part represents the host bits ipv4 addresses can be classified into

ipv4 addresses can be classified into the following categories

the following categories there are public addresses which are

there are public addresses which are used for external communication

used for external communication private addresses which are reserved and

private addresses which are reserved and used only internally within a company

used only internally within a company the private address ranges are defined

the private address ranges are defined by rfc 1918

by rfc 1918 and include the following ranges

so far we've been talking about classful networks

networks class less addressing allows class a b

class less addressing allows class a b and c addresses to be divided into even

and c addresses to be divided into even smaller networks called subnets

smaller networks called subnets this results in a larger number of

this results in a larger number of possible networks

possible networks each with fewer host addresses

each with fewer host addresses the subnets are created by borrowing

the subnets are created by borrowing bits from the host portion and using

bits from the host portion and using them as subnet bits

them as subnet bits an important aspect of ipv4 addressing

an important aspect of ipv4 addressing is separating the network and the host

is separating the network and the host part of the addressing string

part of the addressing string this is accomplished by using a subnet

this is accomplished by using a subnet mask

mask also represented by a 32-bit number

also represented by a 32-bit number the subnet mask starts with the

the subnet mask starts with the continuous strings of bits

continuous strings of bits with the value of 1 and ends with a

with the value of 1 and ends with a string of zeros

string of zeros the number of bits with the value of 1

the number of bits with the value of 1 represents the number of bits in the ip

represents the number of bits in the ip address that must be considered in order

address that must be considered in order to calculate the network address

to calculate the network address a subnet mask

a subnet mask bit of 0 indicates that the

bit of 0 indicates that the corresponding bit in the ipv4 address is

corresponding bit in the ipv4 address is a host bit

a host bit using the same example

using the same example that we've used earlier and then add a

255.255.255.0 mask results in the following situation

results in the following situation with a string of 24 bits of one in the

with a string of 24 bits of one in the subnet mask

subnet mask we're going to consider only the first

we're going to consider only the first 24 bits in the ip address as the network

24 bits in the ip address as the network portion

portion this results in the network address of

this results in the network address of 192 168

192 168 128.0

128.0 with a subnet mask of 255-255-255-0

the last eight bits in the ip address are called the host portion of the ip

are called the host portion of the ip address and can be assigned to network

address and can be assigned to network devices so let's ask the basic question

devices so let's ask the basic question why even upgrade to ipv6 other than the

why even upgrade to ipv6 other than the fact that you simply get more ip

fact that you simply get more ip addresses

addresses well there's a lot of reasons why you

well there's a lot of reasons why you would want to upgrade to ipv6

would want to upgrade to ipv6 and here are a few of them spelled out

and here are a few of them spelled out for you but please note you no longer

for you but please note you no longer need nat or pat it has inherent ipsec

need nat or pat it has inherent ipsec support these are key and critical

support these are key and critical updates now once you've committed to

updates now once you've committed to using ipv6 you need to understand

using ipv6 you need to understand how these different ip addresses are

how these different ip addresses are labeled there's a global unicast address

labeled there's a global unicast address these are unicast packets sent through

these are unicast packets sent through the public internet with public ipa

the public internet with public ipa addresses unique local which are unicast

addresses unique local which are unicast packets inside one organization which is

packets inside one organization which is basically equal to your private ipa

basically equal to your private ipa addressing

addressing link local which are packets sent to a

link local which are packets sent to a local subnet and are not rotter audible

local subnet and are not rotter audible across networks

and and then finally take note of the loopback address which you know from

loopback address which you know from ipv4 is 127.001

ipv4 is 127.001 ipv6 also has a loopback addressing as

ipv6 also has a loopback addressing as well

well an ipv6 address has 128 bits

an ipv6 address has 128 bits broken out into 32 hexadecimal numbers

broken out into 32 hexadecimal numbers organized into eight quartets

organized into eight quartets so here is the hexadecimal numbering

so here is the hexadecimal numbering system

system which i'm sure we won't need much of a

which i'm sure we won't need much of a refresher on but we do need to use it to

refresher on but we do need to use it to understand ipv6

understand ipv6 and here is an ipv6 ip address and as

and here is an ipv6 ip address and as you can see it looks quite long mainly

you can see it looks quite long mainly because we're used to looking at ipv4

because we're used to looking at ipv4 addresses so

addresses so this ups the game a little bit and we

this ups the game a little bit and we may begin to wonder how we're going to

may begin to wonder how we're going to support this on our network or document

support this on our network or document this and we get concerned about managing

this and we get concerned about managing a network of addressing this long well

a network of addressing this long well there are built-in mechanisms within ib

there are built-in mechanisms within ib version 6 to help us manage it and we're

version 6 to help us manage it and we're going to cover that

going to cover that there's ways you can summarize ipv6

there's ways you can summarize ipv6 addresses to make it more manageable not

addresses to make it more manageable not only to read but to understand and

only to read but to understand and explain to other people

explain to other people so you can shorten ipv6 by omit by

so you can shorten ipv6 by omit by omitting the leading zeros in any given

omitting the leading zeros in any given quartet or you can represent one or more

quartet or you can represent one or more consecutive quartets

consecutive quartets with a double colon

with a double colon so here you see an ipv version six

so here you see an ipv version six address with many zeros in it here's how

address with many zeros in it here's how we can summarize it

we can summarize it on the left hand side you can see that

on the left hand side you can see that we used a double colon to represent the

we used a double colon to represent the first

first the second and third quartet

the second and third quartet and then we summarize the remaining

and then we summarize the remaining quartets of zeros and in the second

quartets of zeros and in the second example we did the opposite

example we did the opposite we summarized the first two quartets

we summarized the first two quartets with zeros and then used a double colon

with zeros and then used a double colon for the end you can only use the double

for the end you can only use the double colon once in an ipv version six ipa

colon once in an ipv version six ipa address

address so here we see an ipv6 ip address and

so here we see an ipv6 ip address and this is the subnet it's this remember

this is the subnet it's this remember it's a slash 64. so we're matching the

it's a slash 64. so we're matching the first 64 bits as you see here

first 64 bits as you see here and this also can be summarized you

and this also can be summarized you don't need to write out all these zeros

don't need to write out all these zeros so to explain what the subnet is to

so to explain what the subnet is to somebody you can simply write it out

somebody you can simply write it out this way

this way so ipv6 is manageable it gives you tools

so ipv6 is manageable it gives you tools to manage it

to manage it so whether you're reviewing

so whether you're reviewing documentation or holding a general

documentation or holding a general discussion about your network or simply

discussion about your network or simply logging into a cisco rudder to take a

logging into a cisco rudder to take a look at what's going on

look at what's going on understanding abbreviation is key to

understanding abbreviation is key to ipv6

ipv6 here are some other ways we can

here are some other ways we can understand ipv6 addressing

understand ipv6 addressing in our first example you'll see that

in our first example you'll see that it's two zero zero zero and then a

it's two zero zero zero and then a double colon slash four

double colon slash four the slash four would match the first

the slash four would match the first four bits and hex that would be zero

four bits and hex that would be zero zero one zero

zero one zero so all addresses whose first four bits

so all addresses whose first four bits are equal to the first four bits of the

are equal to the first four bits of the hex number

hex number two zero zero zero

two zero zero zero in the second second example we're

in the second second example we're matching all addresses whose first 20

matching all addresses whose first 20 bits match the listed hex number and you

bits match the listed hex number and you can see in red

can see in red what

what match that would be

match that would be and then the final example all addresses

and then the final example all addresses whose first 32 bits match the listed hex

whose first 32 bits match the listed hex number

here's another ipv6 address how do we break it out into subnets well here you

break it out into subnets well here you have it

have it we're honoring the first 48 bits of this

we're honoring the first 48 bits of this range and then we are breaking this out

range and then we are breaking this out into smaller subnets as you can see here

each subnet matching the first 112 bits now that you've learned about ipv4 and

now that you've learned about ipv4 and v6 let's learn about ip routing

v6 let's learn about ip routing every machine in a particular lan will

every machine in a particular lan will have the same network address and subnet

have the same network address and subnet mask

mask however the host portion of the ip

however the host portion of the ip address will be different

the process of choosing the best path is called routing

called routing although routers are the most popular

although routers are the most popular devices that make routing decisions

devices that make routing decisions other network devices can have routing

other network devices can have routing functionality

functionality such as layer 3 switches or security

such as layer 3 switches or security appliances

appliances a router is responsible for sending the

a router is responsible for sending the packet the correct way

packet the correct way no matter what is happening above the

no matter what is happening above the network layer

network layer routers look at the packet's destination

routers look at the packet's destination address to determine where the packet is

address to determine where the packet is going

going so they can select the best route to get

so they can select the best route to get the packet there

the packet there in order to calculate the best path

in order to calculate the best path routers must know what interface should

routers must know what interface should be used in order to reach the packet's

be used in order to reach the packet's destination network

destination network routers learn about networks by either

routers learn about networks by either being connected to them physically

being connected to them physically or by having a network administrator

or by having a network administrator program the routes

program the routes or by learning them dynamically from

or by learning them dynamically from other routers using routing protocols

other routers using routing protocols routers keep the best path to

routers keep the best path to destinations learned via direct

destinations learned via direct connections

connections static routing or dynamic routing in the

static routing or dynamic routing in the internal data structures called routing

internal data structures called routing tables

tables a routing table consists of networks the

a routing table consists of networks the router has learned about and information

router has learned about and information about how to reach them

about how to reach them as mentioned before dynamic routing is

as mentioned before dynamic routing is the process by which a router exchanges

the process by which a router exchanges routing information and learns about

routing information and learns about remote networks from other routers

remote networks from other routers different routing protocols can

different routing protocols can accomplish this task

accomplish this task including the following

including the following rip

rip eigrp

eigrp ospf

ospf isis and bgp

isis and bgp the most important information a routing

the most important information a routing table contains includes the following

table contains includes the following items

items how the route was learned

how the route was learned the address of the neighbor router from

the address of the neighbor router from which the network was learned

which the network was learned the interface through which the network

the interface through which the network can be reached

can be reached and the route metric which is a

and the route metric which is a measurement that gives routers

measurement that gives routers information about how far or how

information about how far or how preferred a network is

so here's what you've learned you've learned about ipv4 and ipv6

you've learned about ipv4 and ipv6 addressing

addressing but you've also learned about how ip

but you've also learned about how ip routing basically works which is a good

routing basically works which is a good foundation as you move forward in your

foundation as you move forward in your ccda studies good luck in your studies

ccda studies good luck in your studies thank you

hi this is david voss ccie11372 and in this video we're going to cover

and in this video we're going to cover network design principles

network design principles specifically in this video you're going

specifically in this video you're going to learn about the design of a cisco

to learn about the design of a cisco ecosystem

ecosystem then we're going to talk about the

then we're going to talk about the modern organization

modern organization specifically organizational i.t

specifically organizational i.t architecture

architecture and the policy cycle

and the policy cycle and then finally we will talk about

and then finally we will talk about infrastructure design considerations and

infrastructure design considerations and by the end of this video you will be

by the end of this video you will be well versed in all five areas

well versed in all five areas when building a network choosing the

when building a network choosing the network hardware and software components

network hardware and software components must be performed with consideration for

must be performed with consideration for design planning deployment and support

design planning deployment and support all phases have design principles that

all phases have design principles that must be taken into account

must be taken into account and which will be covered in this video

and which will be covered in this video today's modern organizational models

today's modern organizational models try to leverage internet working power

try to leverage internet working power and the benefits of the global internet

and the benefits of the global internet the modern approach is different in many

the modern approach is different in many ways from the traditional organizational

ways from the traditional organizational model that was based on an isolated

model that was based on an isolated network design

network design traditional companies have closed

traditional companies have closed structure and a limited ability to

structure and a limited ability to integrate with other organizations and

integrate with other organizations and other companies from an i.t standpoint

other companies from an i.t standpoint which results in limited access to

which results in limited access to information

information these companies are difficult to both

these companies are difficult to both partner and interact with

partner and interact with because most of the processes and

because most of the processes and applications aren't done internally

applications aren't done internally therefore companies that adopt this

therefore companies that adopt this model

model are unable to adapt and take advantage

are unable to adapt and take advantage of new technologies

of new technologies let me give you an example

let me give you an example if i roll out a network

if i roll out a network with private leased lines

with private leased lines over a specific provider

over a specific provider using non-standard hardware such as hp

using non-standard hardware such as hp juniper and cisco

juniper and cisco and maybe dell

and maybe dell and then protocol a variety of protocols

and then protocol a variety of protocols such as ospf and isis

such as ospf and isis when it comes time to merge with a

when it comes time to merge with a company or connect with a company i'm

company or connect with a company i'm not ready to do that unless they happen

not ready to do that unless they happen to support the same technologies

to support the same technologies in the same areas or the locations

in the same areas or the locations as you can see how are we supposed to

as you can see how are we supposed to connect with this new strategic partner

connect with this new strategic partner using our existing infrastructure

using our existing infrastructure with the wide array of technology

with the wide array of technology platforms and private lines is very

platforms and private lines is very difficult

difficult this is the old way of doing things

this is the old way of doing things these disadvantages create the need for

these disadvantages create the need for a new modern networking organizational

a new modern networking organizational model based on a network design that

model based on a network design that allows partnership in collaboration with

allows partnership in collaboration with other entities

other entities it also provides a more focused

it also provides a more focused expertise over the products and services

expertise over the products and services vital to a company's business model the

vital to a company's business model the reality is is that it's much easier for

reality is is that it's much easier for companies running simply just cisco with

companies running simply just cisco with let's say ospf and bgp

let's say ospf and bgp and who are already leveraging internet

and who are already leveraging internet based technologies

based technologies to communicate with one another

to communicate with one another because the infrastructure that is

because the infrastructure that is needed is already in place

needed is already in place as you can see here because this company

as you can see here because this company leverages internet technologies and

leverages internet technologies and standard platforms and protocols

standard platforms and protocols it's very easy to integrate with

it's very easy to integrate with external entities whether it's a

external entities whether it's a strategic partner or a customer

strategic partner or a customer anybody you need to communicate with or

anybody you need to communicate with or create private connections to

create private connections to this can easily be done with the

this can easily be done with the leveraging of internet technologies and

leveraging of internet technologies and standard platforms which can be

standard platforms which can be implemented with a strong policy

implemented with a strong policy governance which we'll talk about very

governance which we'll talk about very shortly

shortly the design of an ecosystem

the design of an ecosystem must include a scalable and flexible

must include a scalable and flexible network infrastructure

network infrastructure that will be able to leverage enterprise

that will be able to leverage enterprise networking and the internet

networking and the internet creating an environment that is highly

creating an environment that is highly accessible and collaborative and that

accessible and collaborative and that can break geographical boundaries and

can break geographical boundaries and will promote an efficient integration of

will promote an efficient integration of all stakeholders

all stakeholders the modern organizational model includes

the modern organizational model includes the following four entities

the following four entities employees

employees who consume hr information data about

who consume hr information data about such things as benefits and job openings

such things as benefits and job openings stock reports schedules or even expense

stock reports schedules or even expense reporting

reporting these all depend on the corporate

these all depend on the corporate intranet

intranet this intranet provides instant access to

this intranet provides instant access to all the most recent information and

all the most recent information and services and application updates used by

services and application updates used by the employees

the employees the customer related aspects of a

the customer related aspects of a company are online support technical

company are online support technical support or providing different types of

support or providing different types of customer services

customer services depending on the situation customers

depending on the situation customers might need to access some of the

might need to access some of the company's resources for example opening

company's resources for example opening a support ticket

a support ticket the vendors and suppliers are involved

the vendors and suppliers are involved in the process of ordering billing and

in the process of ordering billing and delivery of the products the company

delivery of the products the company uses

uses these processes can be very time and

these processes can be very time and labor intensive so organizations can

labor intensive so organizations can leverage their existing internet works

leverage their existing internet works to create links to their suppliers and

to create links to their suppliers and vendors which lowers costs per

vendors which lowers costs per transaction

transaction strategic partners work to create

strategic partners work to create strategic relationships in order to

strategic relationships in order to leverage resources

leverage resources and services to complete in-house

and services to complete in-house expertise and skills

expertise and skills this modern organizational model applies

this modern organizational model applies to small medium and large companies

to small medium and large companies designs that support this model are

designs that support this model are built around a modular architecture that

built around a modular architecture that uses technology consistent with the

uses technology consistent with the needs of the organization

needs of the organization and allows companies to have a network

and allows companies to have a network infrastructure

infrastructure that is better suited for scalable

that is better suited for scalable applications

applications now when discussing the architectural

now when discussing the architectural components of the network

components of the network the architecture that cisco recommends

the architecture that cisco recommends is divided into multiple layers which

is divided into multiple layers which make the processes in the organization

make the processes in the organization easier to expand

easier to expand implement and scale

implement and scale so let's go ahead and cover those now

so let's go ahead and cover those now applications and services comprise the

applications and services comprise the top layer and include organizational

top layer and include organizational goals

goals applications and services offer a

applications and services offer a concrete set of functions that can be

concrete set of functions that can be accessed by the network

accessed by the network but only by authorized users

but only by authorized users this layer also includes productivity

this layer also includes productivity tools

tools such as word processing databases and

such as word processing databases and email

email the next layer is intelligent solutions

the next layer is intelligent solutions and then there is structured data in

and then there is structured data in business logic

business logic these comprise this middle layer these

these comprise this middle layer these elements make the modern network much

elements make the modern network much more intelligent

more intelligent and help support applications and

and help support applications and services in an efficient manner

services in an efficient manner this level includes such functions as

this level includes such functions as messaging

messaging such as chat

such as chat voip or video conferencing

voip or video conferencing database structures

database structures and other content networking solutions

and other content networking solutions the bottom layer is the foundation of

the bottom layer is the foundation of the organizational architecture the

the organizational architecture the network infrastructure

network infrastructure this is composed of the network platform

this is composed of the network platform the connections that work together to

the connections that work together to provide a highly available secure and

provide a highly available secure and scalable network

scalable network all of these layers are combined

all of these layers are combined to offer a foundation for all

to offer a foundation for all organizational policies goals and

organizational policies goals and procedures

procedures that are put in place by management

that are put in place by management and then handed down to the other

and then handed down to the other departments in the company to support

departments in the company to support the overall goals and mission of the

the overall goals and mission of the organization

organization before designing a network an important

before designing a network an important aspect must be considered

aspect must be considered all organizations have policies at one

all organizations have policies at one level or another

level or another even if the procedures are not written

even if the procedures are not written well

well there is some kind of understanding at

there is some kind of understanding at the management level about the goals of

the management level about the goals of the organization

the organization organizational policy and procedures are

organizational policy and procedures are generally a collection of very specific

generally a collection of very specific guidelines and rules which are in

guidelines and rules which are in written form

written form for all to understand and implement and

for all to understand and implement and maintain at every level of the

maintain at every level of the organization

organization in order to reach the well-defined

in order to reach the well-defined business goals

business goals the organizational policy cycle contains

the organizational policy cycle contains the following three components or steps

the following three components or steps first set the policy

first set the policy next enforce the policy

next enforce the policy and then the final step is to maintain

and then the final step is to maintain and or adapt the policy as needed

and or adapt the policy as needed now the policy makers include the

now the policy makers include the following from top to bottom

following from top to bottom you have your board of directors and

you have your board of directors and other executives

other executives departmental management

departmental management employees

employees these can be subject matter experts who

these can be subject matter experts who can be relied upon to formulate

can be relied upon to formulate procedures

procedures external consultants and strategic

external consultants and strategic partners can also provide

partners can also provide outside input to set policy within an

outside input to set policy within an organization

organization now a flexible network infrastructure

now a flexible network infrastructure helps the organization and its customer

helps the organization and its customer meets the needs policies and procedures

meets the needs policies and procedures to help facilitate these information

to help facilitate these information flows

flows and designing that network

and designing that network infrastructure involves considering the

infrastructure involves considering the following essential features recommended

following essential features recommended by cisco

by cisco first availability

first availability critical business applications must have

critical business applications must have access to network resources

access to network resources on a 24x7 basis

on a 24x7 basis all components of the network

all components of the network infrastructure should be redundant and

infrastructure should be redundant and resilient

resilient efficiency

efficiency the best equipment and software that is

the best equipment and software that is tuned for optimal results should be

tuned for optimal results should be provided

provided obviously this should be accomplished

obviously this should be accomplished with reasonable costs in investment

with reasonable costs in investment functionality the network infrastructure

functionality the network infrastructure must support the business applications

must support the business applications and services regardless of what is being

and services regardless of what is being rolled out today or tomorrow

rolled out today or tomorrow manageability using management tools

manageability using management tools such as cisco works

such as cisco works should include technology

should include technology that improves the control of the network

that improves the control of the network such as snmp

such as snmp performance

performance obviously important applications need to

obviously important applications need to get the bandwidth they need in order to

get the bandwidth they need in order to operate correctly

operate correctly and the latency on the network needs to

and the latency on the network needs to be within an acceptable range

be within an acceptable range and finally scalability

and finally scalability this includes the ability to grow and

this includes the ability to grow and expand depending on the organizational

expand depending on the organizational goals of today

goals of today and tomorrow

and tomorrow so take three quick challenges for me

so take three quick challenges for me and pause the video when i say so

and pause the video when i say so on a piece of paper

on a piece of paper write down the four primary entities of

write down the four primary entities of the modern organizational model

the modern organizational model go ahead and pause the video and write

go ahead and pause the video and write those down now

the four entities of the modern organizational model are employees

organizational model are employees customers

customers vendors and suppliers and partners

next on a piece of paper draw out the

on a piece of paper draw out the organizational architecture of the

organizational architecture of the network that cisco recommends

network that cisco recommends go ahead and do that now

as you will see here on the top layer there's applications and services

there's applications and services on the middle layer there is

on the middle layer there is intelligence solutions

intelligence solutions and then structured data in business

and then structured data in business logic

logic and on the bottom layer there is the

and on the bottom layer there is the network infrastructure

network infrastructure finally see if you can list at least

finally see if you can list at least four of the essential features

four of the essential features recommended by cisco

recommended by cisco when considering a network design

when considering a network design at least four essential features to be

at least four essential features to be considered

considered go ahead and pause the video

let's see how you did there's availability

availability efficiency

efficiency functionality

functionality manageability

manageability performance

performance and scalability

and scalability so here's what you've learned you've

so here's what you've learned you've learned the design of an

learned the design of an ecosystem you've learned about the

ecosystem you've learned about the modern organization

modern organization and organizational i.t architecture

and organizational i.t architecture as well as the organizational policy

as well as the organizational policy cycle

cycle which can and does play a role in

which can and does play a role in infrastructure design considerations all

infrastructure design considerations all of this you will need to know for your

of this you will need to know for your ccda exam and i'm confident if you've

ccda exam and i'm confident if you've mastered the material in this video

mastered the material in this video you're going to do very well in this

you're going to do very well in this area

area thank you and good luck in your studies

and in this video you are going to learn about cisco's intelligent information

about cisco's intelligent information network

network and service oriented network

and service oriented network architecture

architecture we are going to cover these two topics

we are going to cover these two topics in detail

in detail so that you are fully prepared to handle

so that you are fully prepared to handle these topics when they come up on your

these topics when they come up on your ccda exam

ccda exam first let's begin with cisco intelligent

first let's begin with cisco intelligent information network

information network iin represents a multi-phased

iin represents a multi-phased architecture that injects intelligence

architecture that injects intelligence into a network infrastructure

into a network infrastructure its single integrated system provides

its single integrated system provides intelligence across multiple layers as

intelligence across multiple layers as you see here

you see here and aligns the network infrastructure

and aligns the network infrastructure with the rest of the it infrastructure

with the rest of the it infrastructure integrating the network

integrating the network with applications software servers and

with applications software servers and services

services in other words the network becomes an

in other words the network becomes an active participant in the total delivery

active participant in the total delivery of applications and services

of applications and services cisco sees this as an evolving

cisco sees this as an evolving environment or what they would call an

environment or what they would call an ecosystem

ecosystem that responds to constantly changing

that responds to constantly changing business requirements

business requirements the intelligent information network

the intelligent information network is a cisco ideal

is a cisco ideal where network and application services

where network and application services are integrated

are integrated allowing for cost savings and improved

allowing for cost savings and improved user productivity

user productivity it allows the network to be used as a

it allows the network to be used as a strategic asset

strategic asset and provides capabilities which include

and provides capabilities which include some of the following such as cdp which

some of the following such as cdp which is a simple broadcast protocol that

is a simple broadcast protocol that network devices use to advertise their

network devices use to advertise their presence it operates in the background

presence it operates in the background and facilitates communication between

and facilitates communication between for example a cisco unified iphone

for example a cisco unified iphone plugged into a network and the network

plugged into a network and the network switch itself

switch itself qos

qos cisco provides an end-to-end solution

cisco provides an end-to-end solution with qos to ensure that packets are

with qos to ensure that packets are serviced the way they need to be as

serviced the way they need to be as traffic flows through the access layer

traffic flows through the access layer for example priority queueing and buffer

for example priority queueing and buffer management ensure that real-time traffic

management ensure that real-time traffic is prioritized over less

is prioritized over less time critical data

time critical data next is vlans with vlans

next is vlans with vlans the lan infrastructure can distinguish

the lan infrastructure can distinguish between a phone for example from a pc

between a phone for example from a pc using vlan tagging wireless

using vlan tagging wireless cisco wireless access points allow cisco

cisco wireless access points allow cisco wireless users to roam a campus without

wireless users to roam a campus without losing connectivity if a user roams to a

losing connectivity if a user roams to a different site the system will discover

different site the system will discover the new physical location of that user

the new physical location of that user power over ethernet

power over ethernet this eliminates the need for local power

this eliminates the need for local power connections to every phone

connections to every phone and finally gigabit ethernet which

and finally gigabit ethernet which allows voice video and data to take

allows voice video and data to take advantage of high bandwidth speeds on

advantage of high bandwidth speeds on the lan infrastructure

the lan infrastructure as you saw before the iin is broken up

as you saw before the iin is broken up into three individual phases phase one

into three individual phases phase one of the iin is the integrated systems

of the iin is the integrated systems phase

phase this phase involves the convergence of

this phase involves the convergence of voice data and video

voice data and video into a single transport network or

into a single transport network or across a system of networks

across a system of networks this phase is facilitated by platforms

this phase is facilitated by platforms such as cisco isr routers

such as cisco isr routers phase 2 of the iin is the integrated

phase 2 of the iin is the integrated services phase

services phase this phase merges common elements such

this phase merges common elements such as storage and data center server

as storage and data center server capacity

capacity additionally virtualization technologies

additionally virtualization technologies allow for the integration of servers

allow for the integration of servers storage and network devices

storage and network devices and finally phase three of the iin is

and finally phase three of the iin is the integrated applications phase

the integrated applications phase this phase is the ultimate goal of the

this phase is the ultimate goal of the iin in that it allows the network to

iin in that it allows the network to become application aware

become application aware cisco refers to this as aon application

cisco refers to this as aon application oriented networking

oriented networking now

now iin

iin should not be mentioned without

should not be mentioned without discussing cisco sona or cisco service

discussing cisco sona or cisco service oriented network architecture

oriented network architecture this framework applies iin within the

this framework applies iin within the enterprise network

enterprise network sona divides the iin and ideal into the

sona divides the iin and ideal into the following three different layers

following three different layers the network infrastructure layer

the network infrastructure layer also referred to as the physical

also referred to as the physical infrastructure layer

infrastructure layer facilitates the transport of services

facilitates the transport of services across the network

across the network it refers to a hierarchical converged

it refers to a hierarchical converged network that includes servers storage

network that includes servers storage and clients

and clients this is where the server storage and

this is where the server storage and clients are located and includes

clients are located and includes different modular design areas

different modular design areas such as the wan or enterprise edge

such as the wan or enterprise edge branch campus data center or teleworker

branch campus data center or teleworker the interactive services layer also

the interactive services layer also referred to as the core common services

referred to as the core common services layer

layer optimizes the communication between

optimizes the communication between applications and services

applications and services using intelligent network functions such

using intelligent network functions such as security

as security identity voice virtualization and qos

identity voice virtualization and qos the application layer

the application layer contains the business and collaboration

contains the business and collaboration applications

applications used by end users

used by end users these applications include commercial

these applications include commercial and internally developed applications

and internally developed applications such as software as a service

such as software as a service and composite applications within the

and composite applications within the service oriented architecture

service oriented architecture the sauna network is built from the

the sauna network is built from the ground up with redundancy and resiliency

ground up with redundancy and resiliency to prevent network downtime

to prevent network downtime the goal of sona is to provide high

the goal of sona is to provide high performance

performance fast response times and throughput by

fast response times and throughput by assuring quality of service on an

assuring quality of service on an application by application basis

application by application basis the sauna network is configured in order

the sauna network is configured in order to maximize the throughput of all

to maximize the throughput of all critical applications such as voice and

critical applications such as voice and video

video sona also provides built-in

sona also provides built-in manageability configuration management

manageability configuration management performance monitoring fault detection

performance monitoring fault detection and analysis tools sauna provides an

and analysis tools sauna provides an efficient design with the goal of

efficient design with the goal of reducing the total cost of ownership

reducing the total cost of ownership and maximizing the company's existing

and maximizing the company's existing resources when application demands

resources when application demands increase

increase so now that you've learned about iin and

so now that you've learned about iin and sona let's take two challenges first

sona let's take two challenges first on a piece of paper

on a piece of paper please write out the three phases of iin

please write out the three phases of iin the three phases and their names

the three phases and their names go ahead and pause the video now

let's see how you've done there's phase one which is integrated

there's phase one which is integrated systems

systems phase two which is integrated services

phase two which is integrated services and then phase three

and then phase three which is integrated applications

which is integrated applications next on a piece of paper what i'd like

next on a piece of paper what i'd like you to try to the best of your ability

you to try to the best of your ability and as detailed as possible

and as detailed as possible draw out the cisco service oriented

draw out the cisco service oriented network architecture framework

network architecture framework see if you can draw it out to the best

see if you can draw it out to the best of your ability and try to include some

of your ability and try to include some modules

modules within your layers to see how well you

within your layers to see how well you do

let's see how you've done there's the network infrastructure layer

there's the network infrastructure layer and you can see the modules here there's

and you can see the modules here there's the interactive services layer

the interactive services layer and you can see the sub modules here

and you can see the sub modules here and then there's the application layer

and then there's the application layer and you can see the sub modules here

and you can see the sub modules here so in this video you learned about

so in this video you learned about cisco intelligent information network

cisco intelligent information network and cisco service oriented network

and cisco service oriented network architecture framework

architecture framework and how they work together

and how they work together you will be tested on both of these in

you will be tested on both of these in your ccda exam

your ccda exam so if you understand the concepts in

so if you understand the concepts in this video very well

this video very well i'm confident you're going to do well on

i'm confident you're going to do well on this portion of your ccda exam

this portion of your ccda exam good luck in your studies

hi this is david voss ccie 11372 and in this video we're going to be

and in this video we're going to be covering the cisco ppd io lifecycle

covering the cisco ppd io lifecycle in this video you will learn about the

in this video you will learn about the benefits of ppd-io

benefits of ppd-io as well as its design methodology

as well as its design methodology you will also learn about how to

you will also learn about how to identify customer requirements

identify customer requirements for network design

for network design and the characteristics of a customer

and the characteristics of a customer network

network and then finally we'll discuss

and then finally we'll discuss design approaches

design approaches and design documentation

and design documentation so let's

so let's begin cisco has formalized a network's

begin cisco has formalized a network's life cycle into six phases

life cycle into six phases prepare

prepare plan

plan design

design implement

implement operate and optimize

operate and optimize and these phases are collectively known

and these phases are collectively known as ppdio

as ppdio the life cycle has four main benefits

the life cycle has four main benefits it lowers the total cost of ownership

it lowers the total cost of ownership it increases network availability

it increases network availability it improves business agility

it improves business agility and it speeds access to applications and

and it speeds access to applications and services

services let's discuss the ppdio

let's discuss the ppdio phases in detail

phases in detail first the prepare phase

first the prepare phase this phase establishes organization and

this phase establishes organization and business requirements

business requirements develops a network strategy and proposes

develops a network strategy and proposes a high level conceptual architecture to

a high level conceptual architecture to support that strategy

support that strategy technologies that support the

technologies that support the architecture are identified in this

architecture are identified in this phase

phase as well as a business case to establish

as well as a business case to establish the financial justification for the

the financial justification for the strategy

strategy the plan phase identifies the network

the plan phase identifies the network requirements based on goals facilities

requirements based on goals facilities and user needs

and user needs this phase characterizes sites and

this phase characterizes sites and assesses the network performs a gap

assesses the network performs a gap analysis against best practice

analysis against best practice architectures and looks at the

architectures and looks at the operational environment

operational environment in the design phase the network design

in the design phase the network design is developed based on the technical and

is developed based on the technical and business requirements

business requirements obtained from the previous phases

obtained from the previous phases a good design will provide high

a good design will provide high availability reliability security

availability reliability security scalability and performance

scalability and performance in the implement phase new equipment is

in the implement phase new equipment is installed and configured according to

installed and configured according to the design specifications

the design specifications in this phase any planned network

in this phase any planned network changes should be communicated in change

changes should be communicated in change control meetings and with the necessary

control meetings and with the necessary approvals to proceed

approvals to proceed the operate phase maintains the

the operate phase maintains the network's day-to-day operational health

network's day-to-day operational health operations include managing

operations include managing and monitoring network components and

and monitoring network components and performing the appropriate maintenances

performing the appropriate maintenances and then finally the optimize phase

and then finally the optimize phase which involves proactive network

which involves proactive network management

management by identifying and resolving issues

by identifying and resolving issues before they affect the network

now there is a design methodology for the first three phases of the ppdio

the first three phases of the ppdio methodology

methodology and there are three steps to it

and there are three steps to it in step one

in step one decision makers identify the

decision makers identify the requirements and a conceptual

requirements and a conceptual architecture is proposed

architecture is proposed in step two the network is assessed

in step two the network is assessed the network is assessed on function

the network is assessed on function performance and quality

performance and quality and then in step three

and then in step three the network topology is designed to meet

the network topology is designed to meet the requirements

the requirements and close the network gaps identified in

and close the network gaps identified in the previous two steps

the previous two steps let's review these three phases in

let's review these three phases in detail

detail to obtain customer requirements

to obtain customer requirements you need not only to talk to network

you need not only to talk to network engineers but you need to talk to the

engineers but you need to talk to the business

business personnel and company managers

personnel and company managers networks are designed to support

networks are designed to support applications

applications and you want to determine the network

and you want to determine the network services that you need to support

services that you need to support both now

both now and in the future

and in the future this this analysis is broken into five

this this analysis is broken into five steps

steps first identifying network applications

first identifying network applications and services

and services then define the organizational goals

then define the organizational goals define the possible organizational

define the possible organizational constraints

constraints and then define the technical goals

and then define the technical goals and finally define the possible

and finally define the possible technical constraints

when you're characterizing an existing network

an existing network you need to obtain all the existing

you need to obtain all the existing documentation

documentation sometimes no formal documentation exists

sometimes no formal documentation exists so you need to be prepared to use tools

so you need to be prepared to use tools to obtain the information needed and to

to obtain the information needed and to get access to log into network devices

get access to log into network devices to obtain the information required

to obtain the information required here are the steps you want to take to

here are the steps you want to take to gather information

gather information first you're going to identify all

first you're going to identify all existing organization information and

existing organization information and documentation

documentation then you'll perform a network audit that

then you'll perform a network audit that adds detail to the description of the

adds detail to the description of the network

network and then finally you're going to use

and then finally you're going to use traffic analysis information to augment

traffic analysis information to augment information on applications and

information on applications and protocols used

when you're designing the network topology and solutions

topology and solutions cisco recommends that you use the

cisco recommends that you use the top-down approach for network design

top-down approach for network design top-down simply means starting your

top-down simply means starting your design from the top layer of the osi

design from the top layer of the osi model and working your way down

model and working your way down top-down design adapts the network and

top-down design adapts the network and physical infrastructure to the network

physical infrastructure to the network applications needs

applications needs with a top-down approach network devices

with a top-down approach network devices and technologies are not selected until

and technologies are not selected until the application's requirements are

the application's requirements are analyzed

analyzed here you can compare and contrast top

here you can compare and contrast top down versus bottom up

down versus bottom up a bottom-up design may result in an

a bottom-up design may result in an inappropriate design

inappropriate design because the requirements of the

because the requirements of the organization that is those requirements

organization that is those requirements of the applications and the users using

of the applications and the users using those applications are not included in

those applications are not included in this type of design

next the design document itself

the design document itself the design document

the design document should include the following sections

should include the following sections the introduction

the introduction the design requirements

the design requirements existing network infrastructure

existing network infrastructure including layer 3 topology diagrams

including layer 3 topology diagrams physical topology diagrams audit results

physical topology diagrams audit results network health analysis routing

network health analysis routing protocols

protocols applications and a list of routers and

applications and a list of routers and switches and other devices

switches and other devices among many other things

among many other things then the design portion which actually

then the design portion which actually contains the specific design information

contains the specific design information such as logical physical topology ip

such as logical physical topology ip addressing routing protocols etc

addressing routing protocols etc proof of concept

proof of concept which results from the live pilot or

which results from the live pilot or prototype testing

prototype testing and then the implementation plan

and then the implementation plan which includes the detailed steps for

which includes the detailed steps for the network staff to implement the new

the network staff to implement the new installation

installation and then the appendixes which will list

and then the appendixes which will list all the existing network devices

all the existing network devices configurations and additional

configurations and additional information used in the design of a

information used in the design of a network

so now it's your turn go ahead and on a piece of paper or whiteboard

piece of paper or whiteboard go ahead and draw out the ppd io

go ahead and draw out the ppd io methodology

methodology uh start with the first step the first p

uh start with the first step the first p i guess you could say

i guess you could say and write it out

and write it out and then write out the

and then write out the full chart of ppdio

full chart of ppdio what each letter stands for

what each letter stands for and also put a sentence next to each

and also put a sentence next to each word

word to summarize the activity that occurs at

to summarize the activity that occurs at that phase

that phase go ahead and do that now and pause the

go ahead and do that now and pause the video

so let's see how you did the first phase is prepare

and the final phase is optimize this is a life cycle

this is a life cycle that is

that is it doesn't mean once you hit optimize

it doesn't mean once you hit optimize that it's over it's a continual process

that it's over it's a continual process going from prepare plan over to design

going from prepare plan over to design implement operate and optimize

implement operate and optimize and then around again on a regular basis

and then around again on a regular basis you're constantly looking at the network

you're constantly looking at the network seeing what can be done to make it run

seeing what can be done to make it run more efficiently and more cost effective

now assuming you went ahead and added a sentence or two after each word here are

sentence or two after each word here are some good foundational sentences or

some good foundational sentences or questions

questions regarding what is going on in each phase

so here's what you've learned you've learned about the benefits and the

learned about the benefits and the design methodology of ppd io

design methodology of ppd io you've learned how to identify customer

you've learned how to identify customer requirements in the characteristics of a

requirements in the characteristics of a network

network and then you dug into the design

and then you dug into the design approach

approach as far as top down versus bottom up and

as far as top down versus bottom up and how to properly document a design

how to properly document a design it appears from the study materials that

it appears from the study materials that cisco does want you to focus in

cisco does want you to focus in on the first three phases of ppd-io

on the first three phases of ppd-io which is why this video also focused on

which is why this video also focused on the first three phases

the first three phases we wish you the best of luck in your

we wish you the best of luck in your studies thank you

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about sla resources

to learn about sla resources specifically we're going to talk about

specifically we're going to talk about how sla and specifically slcs

how sla and specifically slcs affect network design

affect network design so many companies vendors and service

so many companies vendors and service providers must provide

providers must provide service level contract or slcs

service level contract or slcs to their partners or customers

to their partners or customers in an sla which is a service level

in an sla which is a service level agreement is a component of the overall

agreement is a component of the overall service level

service level contract

contract the slc

the slc designates connectivity

designates connectivity and the performance level that the

and the performance level that the service provider guarantees to its

service provider guarantees to its customers

customers and the organization guarantees to its

and the organization guarantees to its end users

end users the sla

the sla defines specific parameters and

defines specific parameters and performance measurements between devices

performance measurements between devices such as routers servers

such as routers servers workstations or other equipment on the

workstations or other equipment on the network

network so here's an example of a service level

so here's an example of a service level agreement as you can see things are

agreement as you can see things are spelled out in detail

spelled out in detail regarding service to the customer

regarding service to the customer but also software updates

but also software updates customer support and then even a part of

customer support and then even a part of the contract states what the customer

the contract states what the customer responsibility is

responsibility is so that they're in the event of an

so that they're in the event of an outage or just on day-to-day disputes

outage or just on day-to-day disputes you can refer back to the contract so

you can refer back to the contract so the customer

the customer and the provider are both very clear

and the provider are both very clear about what is expected

about what is expected this protects

this protects both the customer and the provider

both the customer and the provider so that roles and responsibilities are

so that roles and responsibilities are very clear but when there is confusion

very clear but when there is confusion or when there is a major outage

or when there is a major outage there is a legal backing

there is a legal backing for operation procedures

for operation procedures and decisions

and decisions now that being said

now that being said some of this needs to be measured and

some of this needs to be measured and cisco allows you to do that using cisco

cisco allows you to do that using cisco ipsla

let's do a refresh on how cisco ipsla works

works ipsla allows you to monitor analyze and

ipsla allows you to monitor analyze and verify

verify ip service levels

ip service levels it's comprised of two components a

it's comprised of two components a source and a target

source and a target operations can broadly be categorized

operations can broadly be categorized into five functional areas

into five functional areas let's take a look at an example

you can use ipslas to monitor the performance between any area in the

performance between any area in the network core distribution and edge

network core distribution and edge without deploying a physical probe

without deploying a physical probe it uses generated traffic to measure

it uses generated traffic to measure network performance between two

network performance between two networking devices

networking devices so as we draw this out this shows how

so as we draw this out this shows how ipslas begins when the source device

ipslas begins when the source device sends a generated packet to the

sends a generated packet to the destination device

destination device after the destination device receives

after the destination device receives the packet depending on the type of

the packet depending on the type of ipsla's operation it responds with the

ipsla's operation it responds with the timestamp information for the source to

timestamp information for the source to make the calculation on performance

make the calculation on performance metrics

it then can communicate with a performance management application via

performance management application via snmp

snmp to provide real-time analysis of the

to provide real-time analysis of the network

it should be noticed that ipsla can communicate with any i p device on the

communicate with any i p device on the network

network that's enabled for these types of

that's enabled for these types of measurements

although this video has covered what you need to know for cisco sla

need to know for cisco sla be aware that there are other white

be aware that there are other white papers out there should you want to read

papers out there should you want to read more

more and here they are service level

and here they are service level management best practices

management best practices deploying service level management in an

deploying service level management in an enterprise

enterprise and service level management defining

and service level management defining and monitoring service levels in the

and monitoring service levels in the enterprise

enterprise now again that being said

now again that being said within this video and throughout this

within this video and throughout this video series you will have the

video series you will have the information you need to do well on your

information you need to do well on your ccda exam

ccda exam but again we want to apply this to

but again we want to apply this to our work environments so if you want to

our work environments so if you want to do additional reading please refer to

do additional reading please refer to this

this so here's what you've learned you've

so here's what you've learned you've received an overview of cisco sla we

received an overview of cisco sla we talked about slc service level contracts

talked about slc service level contracts so you have a foundational understanding

so you have a foundational understanding of how this applies to any enterprise

of how this applies to any enterprise campus network

hi this is david voss ccie113 and in this video you're going to learn

and in this video you're going to learn about the cisco hierarchical network

about the cisco hierarchical network model

model specifically you're going to learn about

specifically you're going to learn about what cisco calls the core

what cisco calls the core distribution and access layers of a

distribution and access layers of a campus network

campus network the information is rather

the information is rather straightforward but it is information

straightforward but it is information you'll need to know very well to do well

you'll need to know very well to do well on your ccda exam

on your ccda exam so let's begin

so let's begin the most important idea concerning the

the most important idea concerning the cisco hierarchical network model

cisco hierarchical network model is the step-by-step construction of the

is the step-by-step construction of the network which implements one module at a

network which implements one module at a time

time starting with the foundation the

starting with the foundation the implementation of each module can be

implementation of each module can be supervised by a network architect

supervised by a network architect but the details are covered by a

but the details are covered by a specialized team such as routing or

specialized team such as routing or security or voice teams

security or voice teams this modular approach is the key to

this modular approach is the key to simplifying the network

simplifying the network before we cover each module within the

before we cover each module within the network model

network model let's talk about the main advantages of

let's talk about the main advantages of the cisco hierarchical network model

the cisco hierarchical network model there are eight key advantages

there are eight key advantages ease to understand and implement

ease to understand and implement flexibility

flexibility cost savings

cost savings modularity

modularity it's easily modified

it's easily modified it allows for network growth

it allows for network growth it facilitates summarization of networks

it facilitates summarization of networks and there is also built-in fault

and there is also built-in fault isolation

isolation the three-tier model was created in

the three-tier model was created in order to make the construction of

order to make the construction of networks easier to understand

networks easier to understand cisco has always tried to make

cisco has always tried to make efficient and cost effective networks

efficient and cost effective networks with a modular structure

with a modular structure so they can easily be divided into

so they can easily be divided into building blocks

building blocks the modular network design facilitates

the modular network design facilitates modifications in certain modules

modifications in certain modules after their implementation

after their implementation it makes it easy to track faults in the

it makes it easy to track faults in the network

network the cisco hierarchical network model is

the cisco hierarchical network model is defined by three layers

defined by three layers the core or backbone layer

the core or backbone layer the distribution layer

the distribution layer and the access layer

and the access layer now if you're working for a small

now if you're working for a small company

company these layers might be collapsed core and

these layers might be collapsed core and distribution are often collapsed into a

distribution are often collapsed into a single layer

single layer or sometimes all three layers are

or sometimes all three layers are collapsed

that being said let's dive into each of the layers

the layers the access layer is the on-ramp to the

the access layer is the on-ramp to the network

network so for the most part any end user or

so for the most part any end user or device that wants to connect to the

device that wants to connect to the network will do so via the access layer

network will do so via the access layer as you can see access layer switches

as you can see access layer switches should have redundant connectivity to

should have redundant connectivity to the distribution layer

the distribution layer this will ensure network connectivity

this will ensure network connectivity for the hosts even when there is an

for the hosts even when there is an equipment failure

equipment failure you could take it another step further

you could take it another step further and provide redundant connectivity for

and provide redundant connectivity for the host to the access layer switches

the host to the access layer switches but this is the exception to the rule

but this is the exception to the rule and certainly not the norm

and certainly not the norm the access layer is comprised of layer

the access layer is comprised of layer two switches workstations ip telephones

two switches workstations ip telephones or any other device that requires access

or any other device that requires access to the network

here are some specific features you should be aware of at the access layer

should be aware of at the access layer it should provide high availability

it should provide high availability and flexible security features

and flexible security features you can also implement authentication

you can also implement authentication broadcast control

broadcast control and it's where you would define qos

and it's where you would define qos trust boundaries

trust boundaries in the access layer you would also

in the access layer you would also implement rate limiting techniques

implement rate limiting techniques and it's where you would often program

and it's where you would often program spanning tree protocol

spanning tree protocol include power over ethernet for your

include power over ethernet for your phones

phones and configure voice vlan settings

as you can see the distribution layer has redundant connectivity to both the

has redundant connectivity to both the access and core layers

access and core layers the distribution layer is often where

the distribution layer is often where the brains of the network resides since

the brains of the network resides since many decisions such as filtering quality

many decisions such as filtering quality of service and policy based routing are

of service and policy based routing are performed in the distribution layer

performed in the distribution layer as you can see the distribution layer

as you can see the distribution layer has redundant connectivity to the axis

has redundant connectivity to the axis and core layers

and core layers the distribution layer normally has

the distribution layer normally has advanced layer 3 switches that can

advanced layer 3 switches that can support a wide array of functionality to

support a wide array of functionality to support the services required from this

support the services required from this layer

here are the attributes of the distribution layer

distribution layer it gives access control to core devices

it gives access control to core devices it has redundancy to access devices

it has redundancy to access devices it's where the boundaries are for

it's where the boundaries are for routing protocols

redistribution occurs at this layer as well as filtering

well as filtering route summarization

route summarization policy routing

policy routing and here you will see your security

and here you will see your security implemented

implemented it provides separate multicast and

it provides separate multicast and broadcast domains

broadcast domains using layer 2 and layer 3 technologies

using layer 2 and layer 3 technologies and provides routing between vlans

and provides routing between vlans it is a media translation and provides

it is a media translation and provides boundaries for media

boundaries for media and also provides

redistribution there is a lot going on in the core layer the high speed

in the core layer the high speed switching fabric ensures that all

switching fabric ensures that all modules which connect to the core are

modules which connect to the core are serviced immediately

serviced immediately you rarely will put any programming on

you rarely will put any programming on these switches that could cause them to

these switches that could cause them to slow down processing for example no qos

slow down processing for example no qos no acls

no acls rather you want to keep it so that these

rather you want to keep it so that these high-end switches

high-end switches spend their time processing forwarding

spend their time processing forwarding traffic rather than doing anything else

traffic rather than doing anything else although it's not always required to

although it's not always required to have redundancy to and from the

have redundancy to and from the distribution and access layers

distribution and access layers redundancy is certainly required in the

redundancy is certainly required in the core

core as you can see the core is the hub for

as you can see the core is the hub for the interconnects in the network

the interconnects in the network it connects to the server farm

it connects to the server farm to the distribution layer and then off

to the distribution layer and then off to the enterprise edge as well

to the enterprise edge as well so having a high performing core is

so having a high performing core is critical

critical here are some key features of the core

here are some key features of the core layer that you will want to memorize

layer that you will want to memorize the core layer is high speed

the core layer is high speed it's reliable

it's reliable it's redundant

it's redundant it has fault tolerance

it has fault tolerance and load balancing

and load balancing it has manageability and scalability

it has manageability and scalability in the core layer there are no filters

in the core layer there are no filters packet handling or other overhead that

packet handling or other overhead that would slow traffic down or the

would slow traffic down or the processing of traffic down

processing of traffic down it has a limited but consistent diameter

it has a limited but consistent diameter and it can provide quality of service

the cisco core distribution and access layer hierarchical model is rather

layer hierarchical model is rather straightforward but that's the point

straightforward but that's the point cisco wants you to know this

cisco wants you to know this by memory

by memory and the features of each of the modules

and the features of each of the modules in preparation for your ccda exam

in preparation for your ccda exam not only by watching this video are you

not only by watching this video are you prepared for your ccda exam regarding

prepared for your ccda exam regarding these areas you're also a much better

these areas you're also a much better engineer

engineer now that you understand

now that you understand the basic organization of a campus

the basic organization of a campus network good luck in your studies

hi this is david voss ccie 11372 and in this video you're going to learn

and in this video you're going to learn about cisco intelligent network services

about cisco intelligent network services intelligent network services are

intelligent network services are essential support services

essential support services that are part of the network and enable

that are part of the network and enable applications

applications this involves a rich set of different

this involves a rich set of different processes that enable packet forwarding

processes that enable packet forwarding on an ip network and may include

on an ip network and may include network management tools quality of

network management tools quality of service

service security mechanisms high availability

security mechanisms high availability voice transport and content networking

voice transport and content networking we will cover all of these topics in

we will cover all of these topics in this video

this video so let's begin with network management

so let's begin with network management network management is an intelligent

network management is an intelligent network service that allows the

network service that allows the management and monitoring of the server

management and monitoring of the server farm

farm and network devices in different blocks

and network devices in different blocks also when or lan connections

also when or lan connections this also involves system administration

this also involves system administration for servers with software tools specific

for servers with software tools specific to each operating system provider or

to each operating system provider or third-party tools network management

third-party tools network management also includes logging

also includes logging usually through a syslog server

usually through a syslog server implementation

implementation or security features such as

or security features such as one-time password or otp

one-time password or otp next let's discuss quality of service

next let's discuss quality of service quality of service invokes a wide

quality of service invokes a wide variety of techniques used

variety of techniques used especially in networks that offer

especially in networks that offer multimedia services voice and or video

multimedia services voice and or video because these services are usually delay

because these services are usually delay sensitive and require low latency and

sensitive and require low latency and low jitter

low jitter traffic generated by these applications

traffic generated by these applications must be prioritized which is the role of

must be prioritized which is the role of qos techniques

qos techniques in this example we have voice coming

in this example we have voice coming from a telephone hitting a switch

from a telephone hitting a switch and that's fine but as soon as it goes

and that's fine but as soon as it goes upstream let's say to the distribution

upstream let's say to the distribution layer or the core layer there's going to

layer or the core layer there's going to be contention other traffic is going to

be contention other traffic is going to be fighting

be fighting with this traffic for priority so we

with this traffic for priority so we want to move the voice because of its

want to move the voice because of its very nature to quote unquote a fast lane

very nature to quote unquote a fast lane or an express lane

or an express lane and therefore through qos

and therefore through qos proper marking of traffic and servicing

proper marking of traffic and servicing of those markings

of those markings the voice traffic can be given higher

the voice traffic can be given higher priority

priority that's just one example of how qos can

that's just one example of how qos can be used in your network

be used in your network please note qos is never supposed to be

please note qos is never supposed to be the first solution to solve problems

the first solution to solve problems it's really supposed to be used as a

it's really supposed to be used as a last resort ideally you have enough

last resort ideally you have enough bandwidth to service any application

bandwidth to service any application that needs to communicate over your

that needs to communicate over your network for the times that you do not

network for the times that you do not have enough bandwidth or you're

have enough bandwidth or you're concerned about performance then quality

concerned about performance then quality of service would be crucial to give

of service would be crucial to give priority to the traffic when there is

priority to the traffic when there is contention to give priority to the high

contention to give priority to the high priority traffic such as voice or video

priority traffic such as voice or video next let's talk about network security

next let's talk about network security security is an intelligent service and

security is an intelligent service and it's vital to the health of a network

it's vital to the health of a network security invokes such features as

security invokes such features as authentication services such as radius

authentication services such as radius or attack x

or attack x encryption

encryption and filtering

and filtering network security design principles are

network security design principles are presented later in the ccda

presented later in the ccda video series but please note that this

video series but please note that this is a part of intelligent network

is a part of intelligent network services from cisco

next is network availability network availability and network management are

availability and network management are two of the most critical technology

two of the most critical technology areas in network design

areas in network design these areas impact all other

these areas impact all other technologies presented to you in the

technologies presented to you in the ccda studies

ccda studies the focus of this section or this video

the focus of this section or this video right now is high availability network

right now is high availability network design

design high availability is often a factor

high availability is often a factor taken into consideration when designing

taken into consideration when designing end-to-end solutions

end-to-end solutions this assures redundancy for network

this assures redundancy for network services and for the end users and is

services and for the end users and is accomplished by ensuring that the

accomplished by ensuring that the network devices are reliable and fault

network devices are reliable and fault tolerant

tolerant many redundancy options can be utilized

many redundancy options can be utilized in different components of modern

in different components of modern networks

networks here are some examples

here are some examples workstation to router redundancy at the

workstation to router redundancy at the access layer

access layer server redundancy in the server farm

server redundancy in the server farm route redundancy

route redundancy media redundancy in the access layer

media redundancy in the access layer block each of these areas are now going

block each of these areas are now going to be covered in detail because you may

to be covered in detail because you may be tested in detail on any of these in

be tested in detail on any of these in your ccda exam

your ccda exam the most important topic in the list of

the most important topic in the list of redundancy that we've just spoken about

redundancy that we've just spoken about is workstation to router redundancy

is workstation to router redundancy because access devices must maintain

because access devices must maintain their default gateway information

their default gateway information if they don't most likely they're going

if they don't most likely they're going to lose network connectivity

to lose network connectivity as mentioned before modern networks

as mentioned before modern networks respect the 80 20 model which states

respect the 80 20 model which states that 80 of traffic will pass through a

that 80 of traffic will pass through a default gateway and 20 percent of the

default gateway and 20 percent of the destinations will be local

destinations will be local so this is a perfect example of why a

so this is a perfect example of why a default gateway

default gateway must be available

must be available workstation to router redundancy

workstation to router redundancy can be accomplished in multiple ways

can be accomplished in multiple ways first proxy arp this involves a

first proxy arp this involves a workstation that has no default gateway

workstation that has no default gateway configured but wants to communicate with

configured but wants to communicate with a remote host

a remote host a request for the address of the host is

a request for the address of the host is sent and the router that hears this

sent and the router that hears this request

request realizes that it can service it

realizes that it can service it that is it knows it can reach the client

that is it knows it can reach the client so it responds on behalf of the client

so it responds on behalf of the client using a proxy arp

using a proxy arp the router actually pretends to be the

the router actually pretends to be the host so the workstation can send traffic

host so the workstation can send traffic destined to that specific client to the

destined to that specific client to the router

router next is explicit configuration

next is explicit configuration this allows you to create multiple

this allows you to create multiple default gateways within the

default gateways within the configuration of an endpoint

configuration of an endpoint many operating systems allow for this

many operating systems allow for this programming of multiple default gateways

programming of multiple default gateways to be configured

to be configured but the most common way of establishing

but the most common way of establishing workstation redundancy is to use first

workstation redundancy is to use first hop redundancy protocols

hop redundancy protocols these are hsrp

these are hsrp vrrp and glbp

vrrp and glbp hsrp is a cisco proprietary first hop

hsrp is a cisco proprietary first hop redundancy protocol

redundancy protocol two versions of hsrp are supported on

two versions of hsrp are supported on ios software version one and this is the

ios software version one and this is the default hsrp version

default hsrp version and this restricts the number

and this restricts the number of configurable hsrp groups to 255.

of configurable hsrp groups to 255. i don't expect you should be exceeding

i don't expect you should be exceeding that anytime soon

that anytime soon and then there's version two

and then there's version two some updates to version two

some updates to version two it uses a new multicast address among

it uses a new multicast address among many other things that you can see here

finally hsrp authentication gives you the option of plain text or md5

the option of plain text or md5 authentication

md5 authentication can be configured with or without keychains

when implementing hsrp two or more routers are configured with a standby ip

routers are configured with a standby ip address on a broadcast interface usually

address on a broadcast interface usually an ethernet segment so while they will

an ethernet segment so while they will each have

each have a local ip address in this case dot two

a local ip address in this case dot two and dot three

and dot three a passive election is held to determine

a passive election is held to determine the active router which is actually

the active router which is actually answering for the gateway ip address dot

answering for the gateway ip address dot one the active router answers arp

one the active router answers arp requests for the standby ip address with

requests for the standby ip address with a virtual mac address so that the host

a virtual mac address so that the host sends packets to the gateway ip address

sends packets to the gateway ip address winds up sending it to the active router

winds up sending it to the active router now if the active router dies then

now if the active router dies then another election is held and in this

another election is held and in this case traffic would go out the dot 3

case traffic would go out the dot 3 interface even though

interface even though traffic would still be pointing to the

traffic would still be pointing to the virtual one ip address

vrrp is an open standard first hop redundancy protocol which elects a

redundancy protocol which elects a virtual router master and then virtual

virtual router master and then virtual router backups

router backups you can configure up to

you can configure up to 255 virtual routers on an interface

255 virtual routers on an interface that is if your system is capable of

that is if your system is capable of handling it

handling it the default vrrp priority value is 100

the default vrrp priority value is 100 and that's important to note because the

and that's important to note because the lower you set it the less likely it's

lower you set it the less likely it's going to take over as the master the

going to take over as the master the higher you set it the more likely it

higher you set it the more likely it will be

the virtual router master is in charge of sending advertisements to the other

of sending advertisements to the other routers in the same group and vrrp it

routers in the same group and vrrp it should be noted can support both

should be noted can support both plaintext and md5 authentication

so let's say we have three switches with vrrp which is non-proprietary

vrrp which is non-proprietary in vrrp one router is elected as the

in vrrp one router is elected as the virtual router master and the other

virtual router master and the other routers are acting as backups in case

routers are acting as backups in case the virtual router master fails

the virtual router master fails so in this case the master has been

so in this case the master has been elected

dot 3 and dot 4 will serve as backups 2.2

0.2 will answer to the virtual ip address and if it were to fail

address and if it were to fail then a backup device would take over

in this example that would be the dot 3 device

device and if the dot 3 system failed

and if the dot 3 system failed then the final backup system.4 would

then the final backup system.4 would take over

take over next let's cover glbp

next let's cover glbp glpp allows multiple gateways in the

glpp allows multiple gateways in the same glbp group to actively forward

same glbp group to actively forward traffic

traffic so instead of just one device forwarding

so instead of just one device forwarding traffic you can have multiple

traffic you can have multiple gateway gateways communicate via hellos

gateway gateways communicate via hellos messages that are sent by default every

messages that are sent by default every three seconds

three seconds the glbp group members elect one gateway

the glbp group members elect one gateway to be the avg

to be the avg now the avg answers all arp requests to

now the avg answers all arp requests to the virtual router address and assigns a

the virtual router address and assigns a virtual mac address to each member of

virtual mac address to each member of the glbp group

the glbp group glbp has many other features

glbp has many other features but you should really focus on the fact

but you should really focus on the fact that glbp does provide

that glbp does provide load sharing and many different load

load sharing and many different load sharing methods host dependent round

sharing methods host dependent round robin in weighted

robin in weighted and it does support plain text and or

and it does support plain text and or md5 authentication

md5 authentication but the big advantage and the question

but the big advantage and the question you're most likely to get regarding glbp

you're most likely to get regarding glbp is when would you use it and you would

is when would you use it and you would use it if you would like to load balance

use it if you would like to load balance between devices

between devices glbp provides a standby ip just as hsrp

glbp provides a standby ip just as hsrp but it also provides multiple virtual

but it also provides multiple virtual mac addresses so when a host on the

mac addresses so when a host on the connected network sends an arp request

connected network sends an arp request one of the routers answers with the

one of the routers answers with the virtual mac address

now this does allow for load balancing you can load balance across multiple

you can load balance across multiple systems instead of just relying on one

systems instead of just relying on one system to serve all the traffic

system to serve all the traffic in this case we're going to load balance

in this case we're going to load balance 50 percent to router 1 20 percent to

50 percent to router 1 20 percent to router 2 and 30 percent of the traffic

router 2 and 30 percent of the traffic to router three

this can be done because you're using virtual mac addresses

which take turns answering traffic requests

requests if a router were to fail the other

if a router were to fail the other remaining routers could take over for

remaining routers could take over for all the traffic

all the traffic next let's talk about server redundancy

next let's talk about server redundancy server-based redundancy technologies can

server-based redundancy technologies can be implemented in server farms or data

be implemented in server farms or data centers

centers this is often needed to ensure high

this is often needed to ensure high availability for key server functions

availability for key server functions such as file or application sharing

such as file or application sharing one way to solve this problem is to

one way to solve this problem is to mirror multiple servers so that if one

mirror multiple servers so that if one server fails the network can dynamically

server fails the network can dynamically fail over to another server

fail over to another server with cloud computing this obviously

with cloud computing this obviously becomes a non-issue the servers become

becomes a non-issue the servers become more virtual in nature the only time you

more virtual in nature the only time you would truly need redundancy would be if

would truly need redundancy would be if you're concerned about an entire area or

you're concerned about an entire area or entire city losing connectivity due to a

entire city losing connectivity due to a major catastrophe

major catastrophe then you could make sure that your data

then you could make sure that your data is replicated throughout the cloud maybe

is replicated throughout the cloud maybe even to different cloud

even to different cloud providers next let's talk about route

providers next let's talk about route redundancy with wan configuration

redundancy with wan configuration configuring redundancy between the

configuring redundancy between the campus infrastructures

campus infrastructures is a best practice

is a best practice in order to achieve this you can

in order to achieve this you can implement load balancing at the routing

implement load balancing at the routing protocols level this increases

protocols level this increases availability because in the case of a

availability because in the case of a direct path failure as you can see here

direct path failure as you can see here between two sites

between two sites these two sites can still reach each

these two sites can still reach each other by going via a different location

other by going via a different location next is media redundancy

next is media redundancy this is useful in case one link fails

this is useful in case one link fails media redundancy demands the

media redundancy demands the configuration of spanning tree protocol

configuration of spanning tree protocol at layer two

at layer two in order to avoid loops that can bring

in order to avoid loops that can bring the network down

another technology used to achieve media redundancy is ether channel

redundancy is ether channel this layer 2 logical bundling or channel

this layer 2 logical bundling or channel aggregation technique can be used

aggregation technique can be used between switches the bundled links can

between switches the bundled links can appear as one single link between

appear as one single link between specific devices

specific devices now should there be a link failure

now should there be a link failure between two switches data will continue

between two switches data will continue to pass using the existing configuration

to pass using the existing configuration even though there would not be as much

even though there would not be as much bandwidth available but data would still

bandwidth available but data would still pass because you have this redundant

pass because you have this redundant connectivity through ether channel

connectivity through ether channel next let's talk about voice transport

next let's talk about voice transport voice transport is a network solution

voice transport is a network solution that is implemented on top of the

that is implemented on top of the existing network infrastructure

existing network infrastructure when designing voice transport solutions

when designing voice transport solutions you must carefully consider the existing

you must carefully consider the existing enterprise network already in place

enterprise network already in place and it's very important that you first

and it's very important that you first implement the data solution

implement the data solution after that you can integrate voice and

after that you can integrate voice and data on the same network infrastructure

data on the same network infrastructure next let's talk about content networking

next let's talk about content networking content networking is also known as cdn

content networking is also known as cdn or content delivery networking

or content delivery networking it's a service that is used more and

it's a service that is used more and more in modern and large enterprise

more in modern and large enterprise networks and it offers more

networks and it offers more sophisticated types of network solutions

sophisticated types of network solutions and applications that accommodate video

and applications that accommodate video and voice for online services

and voice for online services using intranet in internet broadcast

using intranet in internet broadcast this can be delivered as training

this can be delivered as training modules using different audio and visual

modules using different audio and visual streaming technologies

streaming technologies but content networking demands content

but content networking demands content aware technologies from a cisco

aware technologies from a cisco environment in the campus infrastructure

environment in the campus infrastructure including content and wear hardware and

including content and wear hardware and content aware software

content aware software so there are three technologies we want

so there are three technologies we want to talk about

to talk about content routing

content routing content caching and content switching

content caching and content switching the first component of cdn content

the first component of cdn content routing is the process that actually

routing is the process that actually redirects a user to the best device in

redirects a user to the best device in the network

the network based on a set of well-defined user

based on a set of well-defined user policies there are specific rules for

policies there are specific rules for the different types of content delivered

the different types of content delivered in the network infrastructure

in the network infrastructure one rule might be the server load if it

one rule might be the server load if it is high in one place the rule may

is high in one place the rule may dictate that traffic is forwarded in a

dictate that traffic is forwarded in a different way

different way content routing can deliver the contents

content routing can deliver the contents as quickly as possible using high

as quickly as possible using high availability techniques and fast server

availability techniques and fast server responses

responses next is content caching

next is content caching from a cisco standpoint content caching

from a cisco standpoint content caching could be delivered by a cce or cisco

could be delivered by a cce or cisco content engine

content engine and this module can be found on a router

and this module can be found on a router this speeds up the delivery of content

this speeds up the delivery of content for end users because it transparently

for end users because it transparently caches information

caches information used on a regular basis as well as

used on a regular basis as well as frequently accessed content so the

frequently accessed content so the request can be fulfilled locally

request can be fulfilled locally finally content switching the third

finally content switching the third component of cdn which is known as web

component of cdn which is known as web switching or content switching this is

switching or content switching this is used for content delivery to different

used for content delivery to different network modules

network modules and is a sophisticated mechanism for

and is a sophisticated mechanism for load balancing and for accelerating the

load balancing and for accelerating the intelligence of the content

intelligence of the content content switching gives users a much

content switching gives users a much better web experience

better web experience by delivering the content much more

by delivering the content much more quickly and by customizing the content

quickly and by customizing the content for individual users

for individual users so here's what you've learned you've

so here's what you've learned you've learned about cisco intelligent network

learned about cisco intelligent network services

services specifically network management tools

specifically network management tools quality of service mechanisms

quality of service mechanisms security mechanisms high availability

security mechanisms high availability voice transport and content networking

voice transport and content networking for some of these we cover them higher

for some of these we cover them higher level because the information is

level because the information is available for you in other videos such

available for you in other videos such as network management tools and security

as network management tools and security mechanisms

mechanisms all of this information you'll need to

all of this information you'll need to do well on your cca exam and i hope this

do well on your cca exam and i hope this video has been helpful good luck in your

video has been helpful good luck in your studies thank you

hi this is david voss ccie113 and in this video you're going to learn

and in this video you're going to learn about geographical and application

about geographical and application considerations in network design

considerations in network design first let's begin with geographical

first let's begin with geographical considerations

considerations the geographical considerations

the geographical considerations regarding the enterprise campus network

regarding the enterprise campus network design

design involve locating the entire campus

involve locating the entire campus building blocks and the components of

building blocks and the components of those blocks

those blocks and then determining the distance

and then determining the distance between them

between them the geographical structures can be

the geographical structures can be broken down into four different types of

broken down into four different types of geography

geography intra building which is inside the

intra building which is inside the building

building inter building

inter building between buildings

between buildings remote building which is relatively

remote building which is relatively close which is less than 100 kilometers

close which is less than 100 kilometers away

away or a remote building that is greater

or a remote building that is greater than 100 kilometers away

than 100 kilometers away first let's begin with intra building

first let's begin with intra building design

an intra building structure can be comprised of a single floor or multiple

comprised of a single floor or multiple floors

floors but it's in a single building

but it's in a single building the goal is to connect all the different

the goal is to connect all the different components such as servers workstations

components such as servers workstations printers

printers and give all of them access to the

and give all of them access to the network resources depending on their

network resources depending on their type of system

type of system the access and distribution layers are

the access and distribution layers are typically located in an intra building

typically located in an intra building area

area user workstations are connected either

user workstations are connected either to a wiring closet or directly to an

to a wiring closet or directly to an access layer switch

access layer switch that is connected to a distribution

that is connected to a distribution layer switches and then ultimately those

layer switches and then ultimately those are connected into the core

are connected into the core interior building design

interior building design now with this network structure links

now with this network structure links this links individual buildings in the

this links individual buildings in the campus

campus or corporate complex using the

or corporate complex using the distribution layer or it could be at the

distribution layer or it could be at the core layer as well depending on the size

core layer as well depending on the size of the organization the distance between

of the organization the distance between buildings

buildings should range from a few hundred meters

should range from a few hundred meters to a few kilometers usually less than

to a few kilometers usually less than one mile

one mile the connection between the building

the connection between the building should provide as high bandwidth and

should provide as high bandwidth and throughput as possible

throughput as possible now another issue is ensuring that there

now another issue is ensuring that there is very little environmental

is very little environmental interference

interference so the typical medium

so the typical medium used in this case is optical fiber

used in this case is optical fiber the optical fiber used can be either

the optical fiber used can be either multi-mode fiber or single mode fiber

multi-mode and single-mode fiber share common characteristics

common characteristics the cabling uses glass or plastic fibers

the cabling uses glass or plastic fibers to move the information from building to

to move the information from building to building

building they're made the cables are made from a

they're made the cables are made from a bundle of threads each of which can

bundle of threads each of which can transmit messages

transmit messages modulated under light waves

modulated under light waves optical fiber has greater bandwidth than

optical fiber has greater bandwidth than copper cables so it can carry more data

copper cables so it can carry more data and it is less susceptible to

and it is less susceptible to interference

interference fiber optic cables

fiber optic cables are also much thinner and lighter than

are also much thinner and lighter than metal wires

metal wires and data can be transmitted digitally

and data can be transmitted digitally which is the natural way in which

which is the natural way in which computer data moves rather than through

computer data moves rather than through analog signaling signaling

analog signaling signaling now the big disadvantage of fiber optic

now the big disadvantage of fiber optic is that the cables are more expensive to

is that the cables are more expensive to install they're often more fragile and

install they're often more fragile and difficult to split up

difficult to split up but despite these disadvantages fiber

but despite these disadvantages fiber optic cabling is becoming more and more

optic cabling is becoming more and more popular for local area networking and

popular for local area networking and telecom provider infrastructure

let's look at the differences between multi-mode and single mode fiber

multi-mode and single mode fiber multi-mode has the following

multi-mode has the following characteristics

characteristics specific installation and performance

specific installation and performance guidelines it also has specific

guidelines it also has specific connectors

connectors concurrently transports multiple

concurrently transports multiple lightweight waves and modes within the

lightweight waves and modes within the core

core used for relatively short distances

used for relatively short distances typical diameter is 50 to 62.5

typical diameter is 50 to 62.5 micrometers bandwidth is usually up to

micrometers bandwidth is usually up to 10 gigabits per second

10 gigabits per second range is 550 meters when using gigabit

range is 550 meters when using gigabit ethernet

ethernet used between nodes and between buildings

used between nodes and between buildings and it's obviously more expensive than

and it's obviously more expensive than copper

copper single mode fiber has the following

single mode fiber has the following characteristics

characteristics specific installation and performance

specific installation and performance guidelines

guidelines carries a single light laser

carries a single light laser typical diameter of core is 2 to 10

typical diameter of core is 2 to 10 micrometers

micrometers bandwidth is usually up to 10 gigabits

bandwidth is usually up to 10 gigabits per second

per second range is up to 100 kilometers when using

range is up to 100 kilometers when using gigabit ethernet

but the key to remember is single mode is used between nodes and buildings for

is used between nodes and buildings for longer distances than multi-mode fiber

next let's talk about remote buildings the campus infrastructure can be spread

the campus infrastructure can be spread over a metropolitan area

over a metropolitan area or over a larger area than that so

or over a larger area than that so different parts of a city

different parts of a city and if you're dealing with distances

and if you're dealing with distances within a few miles you might focus on

within a few miles you might focus on the physical needs first you need to

the physical needs first you need to determine whether the company owns any

determine whether the company owns any of the copper lines and if it does you

of the copper lines and if it does you can build from there

can build from there but you also might need to connect an

but you also might need to connect an enterprise campus network through the

enterprise campus network through the wan block

wan block now if this is the case you should

now if this is the case you should leverage the existing telecom providers

leverage the existing telecom providers in that specific area

in that specific area then you also may want to consider using

then you also may want to consider using satellite or various wireless

satellite or various wireless technologies to connect your site as

technologies to connect your site as well

well but as the distance between the sites

but as the distance between the sites grows the following actions will occur

grows the following actions will occur connectivity costs increase

connectivity costs increase required throughput will decrease

required throughput will decrease and importance of availability will

and importance of availability will decrease

decrease next let's talk about network

next let's talk about network applications

applications another important factor when designing

another important factor when designing campus switching is considering the

campus switching is considering the network applications that will be used

network applications that will be used once the physical and geographical

once the physical and geographical aspects are clear the network designer

aspects are clear the network designer needs to characterize what types of

needs to characterize what types of applications will be processed within

applications will be processed within the network

the network the first category of applications that

the first category of applications that must be identified involves the critical

must be identified involves the critical or core applications

or core applications and the rest of the services fall under

and the rest of the services fall under the optional intelligence category

the optional intelligence category the network applications can be divided

the network applications can be divided into four types

into four types client to client applications

client to client applications client to distributed server

client to distributed server applications

applications client to server farm applications and

client to server farm applications and client enterprise edge applications

client enterprise edge applications so here's what you've learned you've

so here's what you've learned you've learned about design considerations

learned about design considerations not only for geography but also for

not only for geography but also for application types

application types and then you need to know how to break

and then you need to know how to break out

out systematically

systematically what type of design challenges are you

what type of design challenges are you facing

facing so that you just aren't trying to design

so that you just aren't trying to design generally but you're being specific

generally but you're being specific about the geographical issues you're

about the geographical issues you're facing but also the network applications

facing but also the network applications that you need to support

that you need to support i wish you the best of luck in your

i wish you the best of luck in your studies thank you

hi this is david voss ccie 11372 and in this video you're going to learn about

this video you're going to learn about layer 2 technologies

layer 2 technologies and layer 3 switching

and layer 3 switching let's begin first with layer 2

let's begin first with layer 2 technologies

technologies layer 2 technologies relate to the osi

layer 2 technologies relate to the osi data link layer

data link layer now today's modern enterprise which is a

now today's modern enterprise which is a distributed networking world of

distributed networking world of multimedia and client applications

multimedia and client applications dictates the need for greater bandwidth

dictates the need for greater bandwidth and a greater degree of control

and a greater degree of control over the past 10 years almost all

over the past 10 years almost all organizations have replaced their shared

organizations have replaced their shared networking technology such as hubs

networking technology such as hubs with switches to create switched

with switches to create switched technologies

a concept you need to understand is a collision domain and what exactly a

collision domain and what exactly a collision domain is

collision domain is a collision domain is comprised of nodes

a collision domain is comprised of nodes and devices that share the same

and devices that share the same bandwidth

bandwidth and this is called a bandwidth domain

and this is called a bandwidth domain for instance everything that is

for instance everything that is connected to a switch port via a hub is

connected to a switch port via a hub is in the same collision domain

in the same collision domain this means there is always the

this means there is always the possibility of a collision in the

possibility of a collision in the operations of that particular ethernet

operations of that particular ethernet a broadcast domain on the other hand

a broadcast domain on the other hand represents a collection of devices that

represents a collection of devices that can see each other's broadcast

can see each other's broadcast or multicast packets

or multicast packets nodes that are in the same collision

nodes that are in the same collision domain are also in the same broadcast

domain are also in the same broadcast domain

domain for example all devices associated with

for example all devices associated with the port of a router are in the same

the port of a router are in the same broadcast domain

broadcast domain and by default broadcasts do not

and by default broadcasts do not traverse a router's port interface

traverse a router's port interface when a shared technology is used such as

when a shared technology is used such as hubs

hubs all the devices share the bandwidth of

all the devices share the bandwidth of the specific network segment

the specific network segment when using switched technologies each

when using switched technologies each device in the switch port is its own

device in the switch port is its own collision domain

collision domain however all the devices are in the same

however all the devices are in the same broadcast domain

now here's some of the basics you know why land switches why did they overtake

why land switches why did they overtake the market there was a time when bridges

the market there was a time when bridges were quite popular well land switches

were quite popular well land switches have quite a few advantages over bridges

have quite a few advantages over bridges specifically they have more ports than a

specifically they have more ports than a bridge would ever be capable of

bridge would ever be capable of supporting

supporting micro segmentation allows individual

micro segmentation allows individual hosts to be connected to individual

hosts to be connected to individual ports

ports they operate at hardware speed using

they operate at hardware speed using asics versus software used by bridges

asics versus software used by bridges they support layer 3 and layer 4 packet

they support layer 3 and layer 4 packet switching by using mls features we'll

switching by using mls features we'll talk about that a little bit later

talk about that a little bit later and finally probably the most important

and finally probably the most important feature of land switching nowadays is

feature of land switching nowadays is the the vlan so they can use vlans to

the the vlan so they can use vlans to create smaller logical broadcast domains

create smaller logical broadcast domains on your network

now let's just see let's just get back to basics here land switching is a form

to basics here land switching is a form of packet switching

of packet switching which is used on local area networks

which is used on local area networks land switches provide

land switches provide and as you already know they provide

and as you already know they provide much higher port density and at a much

much higher port density and at a much lower cost than traditional bridges did

lower cost than traditional bridges did now there are three

now there are three now there are three main forwarding

now there are three main forwarding techniques that can be used by switches

techniques that can be used by switches store and forward

store and forward cut through

cut through and fragment free

let's just do a basic drawing here to better understand these concepts so

better understand these concepts so let me draw out first a frame that is

let me draw out first a frame that is passing through a switch

passing through a switch and then after i draw this frame i'm

and then after i draw this frame i'm going to draw a line here and that will

going to draw a line here and that will designate the memory of the switch so

designate the memory of the switch so if the frame is passed into memory we

if the frame is passed into memory we will designate it by going underneath

will designate it by going underneath this line

let's cover cut through switching first with cut through switching the lan

with cut through switching the lan switch

switch copies into its memory only the

copies into its memory only the destination mac address which is located

destination mac address which is located in the first six bytes of the frame

in the first six bytes of the frame the switch looks up the destination mac

the switch looks up the destination mac address in its switching table and

address in its switching table and determines the outgoing interface port

determines the outgoing interface port then forwards the frame to its

then forwards the frame to its destination through the designated

destination through the designated switch port

switch port a cut through switch reduces delay

a cut through switch reduces delay because the switch begins to forward the

because the switch begins to forward the frame as soon as it reads the

frame as soon as it reads the destination mac address

destination mac address this is in contrast to store and forward

this is in contrast to store and forward switching

switching store and forward switching means that

store and forward switching means that the lan switch copies each complete

the lan switch copies each complete frame into its switch memory buffers

frame into its switch memory buffers and then it computes a crc check for

and then it computes a crc check for errors

errors the crc check uses a mathematical

the crc check uses a mathematical formula to determine whether the frame

formula to determine whether the frame is errored and if an error is found it's

is errored and if an error is found it's discarded but if it's error free the

discarded but if it's error free the switch will forward the frame out the

switch will forward the frame out the appropriate interface port

appropriate interface port finally there's fragment free switching

finally there's fragment free switching which is also known as runtless

which is also known as runtless switching

switching basically

basically frames that are damaged which often

frames that are damaged which often happen by collisions are often shorter

happen by collisions are often shorter than the minimum valid ethernet frame

than the minimum valid ethernet frame size of 64 bytes

size of 64 bytes if a frame is smaller than 64 bytes

if a frame is smaller than 64 bytes the switch will discard that frame

the switch will discard that frame fragment free is a faster mode than

fragment free is a faster mode than storing forward but there still exists a

storing forward but there still exists a risk of forwarding bad frames

risk of forwarding bad frames because you do not have the crc check

because you do not have the crc check now land switching can be characterized

now land switching can be characterized as either symmetric or asymmetric now

as either symmetric or asymmetric now symmetric switching provides evenly

symmetric switching provides evenly distributed bandwidth to each port on

distributed bandwidth to each port on the switch this is typically used in a

the switch this is typically used in a peer-to-peer desktop environment where

peer-to-peer desktop environment where you see asymmetric switching is when

you see asymmetric switching is when we're talking about

we're talking about endpoints communicating with

endpoints communicating with bandwidth intensive services such as

bandwidth intensive services such as servers so this provides unequal

servers so this provides unequal bandwidth between ports on a switch this

bandwidth between ports on a switch this is actually the most common type of

is actually the most common type of switching and it's optimized for client

switching and it's optimized for client server environments you may have a

server environments you may have a server that demands a 10 gigabit port

server that demands a 10 gigabit port where many of your clients obviously

where many of your clients obviously don't need that much speed and may only

don't need that much speed and may only have a one gigabit port or if you have

have a one gigabit port or if you have an older switch 100 megabit port

now in the old days

in the old days basic rule of thumb in designing a local

basic rule of thumb in designing a local area network and wide area network was

area network and wide area network was that 80 of the traffic was going to

that 80 of the traffic was going to remain on the local area network thus it

remain on the local area network thus it was called the 80 20 rule 80 of the

was called the 80 20 rule 80 of the traffic stays local and you should plan

traffic stays local and you should plan for that

for that well with the advent and the with the

well with the advent and the with the popularity of the internet and server

popularity of the internet and server farms uh this has really resulted in the

farms uh this has really resulted in the flipping of those numbers now we need to

flipping of those numbers now we need to design our networks

design our networks with with the idea that probably only 20

with with the idea that probably only 20 percent of the traffic is going to stay

percent of the traffic is going to stay local

local on the local area network whereas 80

on the local area network whereas 80 percent is going to be is going to leave

percent is going to be is going to leave the local area network so this new

the local area network so this new paradigm this new 20 20 80 rule

paradigm this new 20 20 80 rule places a much greater burden on the

places a much greater burden on the network backbone

next let's talk about layer 3 switching historically land switching typically

historically land switching typically involves layer 2 switching at the access

involves layer 2 switching at the access layer and sometimes at the distribution

layer and sometimes at the distribution layer

layer layer 2 switches forward information

layer 2 switches forward information based only on the mac address that is

based only on the mac address that is the layer 2 frame address

the layer 2 frame address layer 3 switching however uses the mac

layer 3 switching however uses the mac address in addition to the layer 3

address in addition to the layer 3 address which is typically

address which is typically nowadays an ip address

nowadays an ip address the following three options exist when

the following three options exist when considering designing a switched

considering designing a switched environment

environment layer 2 switching throughout the network

layer 2 switching throughout the network a combination of layer 2 and layer 3

a combination of layer 2 and layer 3 switching

switching and then layer 3 stitching throughout

and then layer 3 stitching throughout the network

the network using layer 2 switching layer 3

using layer 2 switching layer 3 switching or a combination of the two

switching or a combination of the two also depends on the available switching

also depends on the available switching platforms

platforms as not all switches support layer 3

as not all switches support layer 3 technologies

at the heart of a switch network is the concept of vlans

concept of vlans so what exactly is a vlan well cisco

so what exactly is a vlan well cisco says it's a group of end stations with a

says it's a group of end stations with a common set of requirements

common set of requirements using vlans allows you to put

using vlans allows you to put many different devices in many different

many different devices in many different locations on the same

locations on the same logical network on the same layer 2

logical network on the same layer 2 network

network in the past without vlans

in the past without vlans you would have to rely upon

you would have to rely upon simple hardware solutions but a vlan

simple hardware solutions but a vlan allows you to virtualize your layer 2

allows you to virtualize your layer 2 segment

segment vlans are usually associated by the same

vlans are usually associated by the same subnet so normally devices on a vlan

subnet so normally devices on a vlan are are sharing the same subnet

are are sharing the same subnet and and with this in mind

and and with this in mind they're sharing the same broadcast

they're sharing the same broadcast domain that is the norm

domain that is the norm and then vlans must be routed to

and then vlans must be routed to communicate with other vlans so it is a

communicate with other vlans so it is a true layer 2 segment

true layer 2 segment a vlan is not going to be able to

a vlan is not going to be able to communicate with another vlan

communicate with another vlan unless it is passed through a layer 3

unless it is passed through a layer 3 device which can route it

device which can route it now there are two types of switch port

now there are two types of switch port types

types for vlan membership that we need to

for vlan membership that we need to understand

understand and the first is

and the first is the access port

the access port now access ports can only belong to a

now access ports can only belong to a single vlan now when you think of an

single vlan now when you think of an access port

access port it's pretty much probably what you think

it's pretty much probably what you think of it's usually for end devices like a

of it's usually for end devices like a workstation or a server

workstation or a server it is a device that is an end station

it is a device that is an end station and again accessport can only belong to

and again accessport can only belong to a single vlan

a single vlan typically used to connect end devices

typically used to connect end devices and there are two methods to assign

and there are two methods to assign ports

ports uh to vlans

uh to vlans for these access ports the first which

for these access ports the first which is by far the the most popular

is by far the the most popular is the static vlan assignment so an

is the static vlan assignment so an administrator actually doing it and then

administrator actually doing it and then dynamic vlan assignment

dynamic vlan assignment which is done by a server so let's dig a

which is done by a server so let's dig a little bit more into that into those two

little bit more into that into those two concepts

concepts so

so when we have a static vlan assignment

when we have a static vlan assignment the network administrator is actually

the network administrator is actually manually configuring a switch port to be

manually configuring a switch port to be a part of a vlan

a part of a vlan the network administrator is saying is

the network administrator is saying is programming the port to say you are

programming the port to say you are going to be an access port and you're

going to be an access port and you're going to be associated with this

going to be associated with this specific vlan now you can do this

specific vlan now you can do this dynamically and this is not as popular

dynamically and this is not as popular but there is something called a vlan

but there is something called a vlan management policy server which can

management policy server which can assign a desired vlan to users

assign a desired vlan to users connecting to a switch

connecting to a switch we don't need to get much deeper than

we don't need to get much deeper than that

that for your exam but you need to do you do

for your exam but you need to do you do need to know these two methods

need to know these two methods now there's another type of port that we

now there's another type of port that we need to understand to understand the

need to understand to understand the concept of vlans and that is trunk ports

concept of vlans and that is trunk ports and trunk ports are used to carry data

and trunk ports are used to carry data from multiple vlans

from multiple vlans so

so access ports only allow communication

access ports only allow communication from one end device over a specific vlan

from one end device over a specific vlan well ultimately if you're hosting many

well ultimately if you're hosting many vlans

vlans this traffic's going to need to be able

this traffic's going to need to be able to communicate

to communicate throughout your network so that they're

throughout your network so that they're not limited

not limited limited by a hardware device so your

limited by a hardware device so your vlan may your vlans may be spread

vlan may your vlans may be spread throughout

throughout um many floors or

um many floors or maybe even many buildings

maybe even many buildings trunk ports allow you to carry data from

trunk ports allow you to carry data from all these different vlans between all

all these different vlans between all your different hardware devices

your different hardware devices now there are some standard vlan numbers

now there are some standard vlan numbers and ranges you should know um

and ranges you should know um specifically let's focus on two to 1001

specifically let's focus on two to 1001 these vlans are created and used and

these vlans are created and used and deleted on all cisco catalyst switches

deleted on all cisco catalyst switches and another one that you should really

and another one that you should really focus in on

focus in on is the range of 1006 to 4094.

is the range of 1006 to 4094. these are

these are extended this is an extended range of

extended this is an extended range of vlans for ethernet vlans only

vlans for ethernet vlans only now you may be asked about these other

now you may be asked about these other ranges but i would focus in on

ranges but i would focus in on vlan ranges 2 to 1001

vlan ranges 2 to 1001 and 1006 to 4094.

vlan trunks are used to carry data from multiple vlans which you already know

multiple vlans which you already know now there are two methods two protocols

now there are two methods two protocols that can be used

that can be used to build these trunks and the first is

to build these trunks and the first is inner switch link or isl

inner switch link or isl and that's a cisco proprietary protocol

and that's a cisco proprietary protocol that is used to preserve the source vlan

that is used to preserve the source vlan identification information

identification information for frames that traverse trunk links

for frames that traverse trunk links and then there is i would say the more

and then there is i would say the more popular 802.1 q

popular 802.1 q which is an open standard

which is an open standard and then it performs a little bit

and then it performs a little bit differently than the cisco proprietary

differently than the cisco proprietary protocol

protocol now the reason

now the reason 802.1q is so popular is you probably

802.1q is so popular is you probably understand that for obvious reasons that

understand that for obvious reasons that if you want a trunk between

if you want a trunk between two devices like one is cisco and one is

two devices like one is cisco and one is non-cisco

non-cisco you're able to do that

you're able to do that so this standard works very effectively

so this standard works very effectively and 802.1 q is very popular but you will

and 802.1 q is very popular but you will definitely be asked about isl

definitely be asked about isl and you will definitely be asked about

and you will definitely be asked about the differences between isl and 802.1q

now so you've received a lot of information

so you've received a lot of information right now so let's go ahead and kind of

right now so let's go ahead and kind of draw out some of these concepts that

draw out some of these concepts that we've been talking about

we've been talking about so

so when we think of vlans we think first of

when we think of vlans we think first of we need to connect

we need to connect endpoints need to connect on a local

endpoints need to connect on a local area network so

area network so here we have

here we have four endpoints

four endpoints and we have one switch

and we have one switch and each of these endpoints

and each of these endpoints need to communicate and not all of them

need to communicate and not all of them need to communicate with with each other

need to communicate with with each other so let's say we have two

so let's say we have two workstations and two servers

workstations and two servers and we're gonna put this one workstation

and we're gonna put this one workstation in vlan 10 and this other workstation in

in vlan 10 and this other workstation in vlan 10

vlan 10 and then these two servers in vlan 2.

and then these two servers in vlan 2. these two servers are segmented on their

these two servers are segmented on their own vlan and as are the workstations

own vlan and as are the workstations they cannot communicate between each

they cannot communicate between each other

other between vlan 2 and 10

between vlan 2 and 10 but anything on vlan 10 can communicate

but anything on vlan 10 can communicate with vlan 10. now here's another

with vlan 10. now here's another dedicated vlan we'll say vlan 3 to a

dedicated vlan we'll say vlan 3 to a dedicated device

dedicated device now and here is a router so for any of

now and here is a router so for any of these vlans to communicate with one

these vlans to communicate with one another they need to pass through a

another they need to pass through a layer 3 device

layer 3 device so this this workstation that from vlan

so this this workstation that from vlan 10 if it wants to communicate over to a

10 if it wants to communicate over to a server it needs to be routed and go

server it needs to be routed and go through the router and passed over to

through the router and passed over to vlan 2.

vlan 2. let's say you want to keep vlan 3

let's say you want to keep vlan 3 devices

devices not accessible from the network

not accessible from the network you can prevent that

you can prevent that so here we have other devices on vlan 3

so here we have other devices on vlan 3 and we'll say let's say this is a back

and we'll say let's say this is a back end connection between two servers that

end connection between two servers that we have no need to route it vlan 3 can

we have no need to route it vlan 3 can be segmented from the entire network

be segmented from the entire network nobody can reach it so there's some

nobody can reach it so there's some security built into vlans as well

security built into vlans as well now vlans can extend

now vlans can extend obviously over to other hardware

obviously over to other hardware platforms so this router is connected to

platforms so this router is connected to another switch

another switch and on this switch let's say that's in a

and on this switch let's say that's in a different building we have another

different building we have another device on vlan 2

device on vlan 2 another device

another device another endpoint

another endpoint on an access port to vlan 10

on an access port to vlan 10 and if they want to communicate over to

and if they want to communicate over to the other building let's say vlan 2 or

the other building let's say vlan 2 or vlan 10

vlan 10 they simply go over this trunk port you

they simply go over this trunk port you know that term

know that term goes over the trunk port and can

goes over the trunk port and can communicate over to

communicate over to the other sites

the other sites when designing a full layer 2

when designing a full layer 2 environment using vlans a router might

environment using vlans a router might be used to provide routing between the

be used to provide routing between the vlans

vlans this technique is called router on a

this technique is called router on a stick because only one router interface

stick because only one router interface is used to carry all the vlans

is used to carry all the vlans exclusively using layer 2 switches and

exclusively using layer 2 switches and vlans throughout the network all the

vlans throughout the network all the policies access lists and quality

policies access lists and quality service rules

service rules will be managed at the data link layer

will be managed at the data link layer the policy capabilities are very limited

the policy capabilities are very limited at the data link layer but they are

at the data link layer but they are greatly enhanced in layer 3 switches

greatly enhanced in layer 3 switches another area in which layer 2 switches

another area in which layer 2 switches are limited is load sharing capabilities

are limited is load sharing capabilities used to ensure redundant links

used to ensure redundant links that is multiple paths throughout the

that is multiple paths throughout the network

network this is because layer 2 switches only

this is because layer 2 switches only know about mac addresses and they cannot

know about mac addresses and they cannot perform intelligent load sharing

perform intelligent load sharing for example based on a destination

for example based on a destination network

network layer 3 switches can do that

layer 3 switches can do that layer 3 switches also support dynamic

layer 3 switches also support dynamic routing protocols

routing protocols therefore with layer 2 switching the

therefore with layer 2 switching the load can be shared only on a per vlan

load can be shared only on a per vlan basis

basis in addition when using layer 2 switches

in addition when using layer 2 switches only the basis of all failures or the

only the basis of all failures or the failure domain will be isolated to the

failure domain will be isolated to the vlan only

vlan only on the other hand in a multi-layer

on the other hand in a multi-layer environment the failures can be better

environment the failures can be better isolated at the access layer to the core

isolated at the access layer to the core layer or even particular network

layer or even particular network segments

segments in a layer 2 switched environment only

in a layer 2 switched environment only stp that is spanning tree protocol

stp that is spanning tree protocol offers convergence and loop control

offers convergence and loop control however when using layer 3 switching

however when using layer 3 switching this feature can also be implemented at

this feature can also be implemented at the distribution in core layers using

the distribution in core layers using routing protocol technologies such as

routing protocol technologies such as ospf or eigrp

ospf or eigrp and when considering cost using layer 2

and when considering cost using layer 2 everywhere is the cheapest solution but

everywhere is the cheapest solution but this is also much less flexible and much

this is also much less flexible and much less manageable

less manageable using layer 3 switches throughout the

using layer 3 switches throughout the network is the most expensive option

network is the most expensive option but it's very powerful and flexible

but it's very powerful and flexible a compromise would be to implement layer

a compromise would be to implement layer 3 switches only in the distribution

3 switches only in the distribution layer

layer and then eventually as the budget allows

and then eventually as the budget allows and the network scales extend the layer

and the network scales extend the layer 3 switches into the core layer

3 switches into the core layer for full layer 3 switching at the

for full layer 3 switching at the distribution

distribution and core layers

so in this video you've learned about layer 2 technologies and layer 3

layer 2 technologies and layer 3 switching and this will

switching and this will this information will provide you with a

this information will provide you with a solid foundation to do well on your ccda

solid foundation to do well on your ccda exam thank you

hi this is david voss ccie113 and in this video we're going to be

and in this video we're going to be covering the cable specifications for

covering the cable specifications for local area networks

local area networks specifically this video is going to

specifically this video is going to review

review land media and its components

land media and its components we need to identify some of the

we need to identify some of the constraints you should consider when

constraints you should consider when provisioning various land media types

provisioning various land media types ethernet is the underlying basis for the

ethernet is the underlying basis for the technologies most widely used in local

technologies most widely used in local area networks today

area networks today in the 1980s and early 1990s most

in the 1980s and early 1990s most networks used 10 megabit per second

networks used 10 megabit per second ethernet

ethernet defined initially by digital intel in

defined initially by digital intel in xerox

xerox and then later by the ieee 802.3 working

and then later by the ieee 802.3 working group the ieee

group the ieee 802.3-2002 standard

802.3-2002 standard contains physical specifications for

contains physical specifications for ethernet technologies

ethernet technologies up to 10 gigabits per second

up to 10 gigabits per second the following table is something you

the following table is something you should know well for your ccda exam it

should know well for your ccda exam it describes

describes the physical ethernet specifications up

the physical ethernet specifications up to 100 megabits per second

to 100 megabits per second it provides scalability information that

it provides scalability information that you can use when provisioning ieee 802.3

you can use when provisioning ieee 802.3 networks

networks of these specifications the 10 base 5

of these specifications the 10 base 5 and 10 base 2 are no longer used but are

and 10 base 2 are no longer used but are included for completeness

included for completeness fast ethernet is preferred over 10 base

fast ethernet is preferred over 10 base t ethernet

let's talk about some of the 100 megabit per second

per second fast ethernet design rules

fast ethernet design rules ieee introduced ieee 802.3

ieee introduced ieee 802.3 u-1995 standard to provide ethernet

u-1995 standard to provide ethernet speeds of 100 megabit per second over

speeds of 100 megabit per second over utp and fiber cabling

utp and fiber cabling the 100 base t standard is similar to 10

the 100 base t standard is similar to 10 megabits per second ethernet

megabits per second ethernet and that it uses carrier sense multiple

and that it uses carrier sense multiple access collision detect which you

access collision detect which you probably know is csma slash cd

let's discuss the following specifications for fast ethernet

specifications for fast ethernet 100 base tx fast ethernet

100 base tx fast ethernet this specification uses cat 5 utp wiring

this specification uses cat 5 utp wiring like 10 base t fast ethernet uses only

like 10 base t fast ethernet uses only two pairs of the four pair utp wiring

two pairs of the four pair utp wiring if cat5 cabling is already in place

if cat5 cabling is already in place upgrading to fast ethernet requires only

upgrading to fast ethernet requires only a hub or a switch

a hub or a switch and any network interface card upgrades

and any network interface card upgrades because of the low cost most of today's

because of the low cost most of today's installations use switches

installations use switches the specifications for the standard are

the specifications for the standard are as follows

as follows transmission over cat5 utp

transmission over cat5 utp an rj45 connector

an rj45 connector punch down blocks in the wiring closet

punch down blocks in the wiring closet must be cat5 certified

must be cat5 certified and

and 4b5b coding

let's discuss now the 100 base t4 fast ethernet standard

ethernet standard the hunter base t4 specification was

the hunter base t4 specification was developed to support utp wiring at the

developed to support utp wiring at the cat 3 level

cat 3 level this specification takes advantage of

this specification takes advantage of higher speed ethernet without re-cabling

higher speed ethernet without re-cabling to cat5 utp

to cat5 utp this implementation is not widely

this implementation is not widely deployed

deployed but here are the specifications it can

but here are the specifications it can transmit over cat 3 4 or 5 utp wiring

transmit over cat 3 4 or 5 utp wiring three pairs are used for transmission

three pairs are used for transmission and the fourth pair is used for

and the fourth pair is used for collision detection

collision detection no separate transmit and receive pairs

no separate transmit and receive pairs are present so full duplex operation is

are present so full duplex operation is not possible

not possible and the coating is 8b 6t

and the coating is 8b 6t next let's discuss 100 base fx fest

next let's discuss 100 base fx fest ethernet

ethernet this is a specification for fiber

this is a specification for fiber it operates over two strands of

it operates over two strands of multi-mode or single more fiber cabling

multi-mode or single more fiber cabling it can transmit over greater distances

it can transmit over greater distances than copper media

than copper media it uses a media interface connector

it uses a media interface connector st stab and twist

st stab and twist or sc stab and click fiber connectors

or sc stab and click fiber connectors defined for fddi

defined for fddi and 10 base fx networks

to make 100 megabit per second ethernet work distance limitations are much more

work distance limitations are much more severe than those required for 10

severe than those required for 10 megabits per second ethernet

megabits per second ethernet repeater networks have no five hub rule

repeater networks have no five hub rule fast ethernet is limited to two

fast ethernet is limited to two repeaters

repeaters the general rule is that a hundred

the general rule is that a hundred megabit per second ethernet has a

megabit per second ethernet has a maximum diameter of 205 meters with utp

maximum diameter of 205 meters with utp cabling

cabling whereas 10 megabit per second ethernet

whereas 10 megabit per second ethernet has a maximum diameter of 500 meters

has a maximum diameter of 500 meters with 10 base t

with 10 base t and 2500 meters with 10 base 5.

and 2500 meters with 10 base 5. most networks today use switches rather

most networks today use switches rather than repeaters which limits the length

than repeaters which limits the length of 10 base t

of 10 base t and 100 base tx

and 100 base tx to 100 meters between the switch and

to 100 meters between the switch and host

host now the distance limitation imposed

now the distance limitation imposed depends on the type of repeater

depends on the type of repeater the ieee 100 base t specification

the ieee 100 base t specification defines two types of repeaters

defines two types of repeaters class 1

class 1 and class 2.

and class 2. class 1 repeaters have a latency of 0.7

class 1 repeaters have a latency of 0.7 microseconds

microseconds or less

or less only one repeater hop is allowed

only one repeater hop is allowed class 2 repeaters have a latency of 0.46

class 2 repeaters have a latency of 0.46 microseconds or less

microseconds or less and one or two repeater hops are allowed

now let's talk about gigabit ethernet design rules

design rules gigabit ethernet

gigabit ethernet was first specified by two standards

was first specified by two standards ieee 802.3z-1998

and 802.3 a b

802.3 a b 1999.

1999. the ieee 802.3z standard specifies the

the ieee 802.3z standard specifies the operation of gigabit ethernet over fiber

operation of gigabit ethernet over fiber and coax cable

and coax cable and introduces the gigabit media

and introduces the gigabit media independent interface the gmii

independent interface the gmii these standards are superseded by the

these standards are superseded by the latest revision of all the 802.3

latest revision of all the 802.3 standards included in ieee 802.3-2002

the ieee 802.3 a b standard specified the operation of

a b standard specified the operation of gigabit ethernet over cat5utp

gigabit ethernet over cat5utp gigabit ethernet still retains the frame

gigabit ethernet still retains the frame formats and frame sizes and it still

formats and frame sizes and it still uses csma cd

uses csma cd as with ethernet and fast ethernet full

as with ethernet and fast ethernet full duplex operation is possible

duplex operation is possible differences appear in the encoding

differences appear in the encoding gigabit ethernet uses eight bravo 10

gigabit ethernet uses eight bravo 10 bravo coding with simple non-return to

bravo coding with simple non-return to zero

zero because of the twenty percent overhead

because of the twenty percent overhead pulses run at one thousand two hundred

pulses run at one thousand two hundred fifty megahertz

fifty megahertz to achieve a one thousand megabits per

to achieve a one thousand megabits per second throughput

second throughput this chart you will definitely want to

this chart you will definitely want to know in preparation

know in preparation for your ccda exam

for your ccda exam let's talk about the gigabit ethernet

let's talk about the gigabit ethernet standards in detail

standards in detail the 1000 base lx that is the long

the 1000 base lx that is the long wavelength gigabit ethernet standard

wavelength gigabit ethernet standard uses long wavelength optics over a pair

uses long wavelength optics over a pair of fiber strands

of fiber strands the specifications are as follows

the specifications are as follows it uses long wave

it uses long wave on multi-mode or single mode fiber

on multi-mode or single mode fiber the maximum lengths for multi-mode fiber

the maximum lengths for multi-mode fiber are 62.5 micrometer fiber which is 450

are 62.5 micrometer fiber which is 450 meters or 50 micrometer fiber at 550

meters or 50 micrometer fiber at 550 meters

meters maximum length for single mode fiber is

maximum length for single mode fiber is 5 kilometers

the ieee 1000 base sx standard uses short wavelength

short wavelength optics over a pair of multi-mode fiber

optics over a pair of multi-mode fiber strands

strands its maximum lengths are 260 and 550

its maximum lengths are 260 and 550 meters respectively

meters respectively the ieee 1000 base dash cx standard is

the ieee 1000 base dash cx standard is for short copper runs between servers

for short copper runs between servers it runs over a pair of 150 ohm balance

it runs over a pair of 150 ohm balance coax

coax cables maximum length is 25 meters

cables maximum length is 25 meters and this is obviously mainly used for

and this is obviously mainly used for server connections

server connections and then finally the 1000 base t gigabit

and then finally the 1000 base t gigabit ethernet over utp standard

ethernet over utp standard it was approved in june 1999

it was approved in june 1999 and now included in ieee 802.3 2002

and now included in ieee 802.3 2002 this standard uses the four pairs in the

this standard uses the four pairs in the cable

cable maximum length is 100 meters encoding

maximum length is 100 meters encoding defined is a five level coding scheme

defined is a five level coding scheme and one byte is sent over the four pairs

and one byte is sent over the four pairs at

at twelve hundred and fifty megahertz

twelve hundred and fifty megahertz the ieee 802.3 ae supplement to the

the ieee 802.3 ae supplement to the 802.3 standard was published in august

802.3 standard was published in august of 2002

of 2002 and it specifies the standard for 10

and it specifies the standard for 10 gigabit ethernet

gigabit ethernet it is defined for full duplex operation

it is defined for full duplex operation over optical media

over optical media utp and copper 10 gige has several

utp and copper 10 gige has several physical media specifications

physical media specifications based on different fiber types and

based on different fiber types and encoding

encoding multimedia fiber and single mode fiber

multimedia fiber and single mode fiber are used

are used and if you look at this diagram this is

and if you look at this diagram this is something you will definitely want to

something you will definitely want to memorize in preparation for your ccda

memorize in preparation for your ccda exam

now as noted previously in this video there are several media types that are

there are several media types that are used for campus networks

used for campus networks and this chart is one you'll want to

and this chart is one you'll want to remember because it provides a good

remember because it provides a good summary of the information you'll need

summary of the information you'll need to know for the different media types

to know for the different media types and when you may want to use them

so here's what you've learned you've learned about campus lan media types and

learned about campus lan media types and this is something you will definitely be

this is something you will definitely be tested on in your ccda exam

tested on in your ccda exam you've learned about the different

you've learned about the different ethernet standards as well as the

ethernet standards as well as the different campus transmission media

different campus transmission media types

types and i'm confident if you master the

and i'm confident if you master the material in this video you'll do very

material in this video you'll do very well in this portion of your ccda exam

well in this portion of your ccda exam good luck in your studies

hi this is david voss cciu11372 and in this video you're going to learn

and in this video you're going to learn about

about analyzing traffic in preparation for

analyzing traffic in preparation for your ccda exam

your ccda exam first let's start with analyzing

first let's start with analyzing application traffic

application traffic one of the first enterprise campus

one of the first enterprise campus design issues refers to

design issues refers to analyzing the application traffic as it

analyzing the application traffic as it relates to the switched network design

relates to the switched network design the traffic patterns usually fall into

the traffic patterns usually fall into one of the following scenarios

one of the following scenarios local with a segment module and

local with a segment module and or distant

or distant remote traffic patterns this implies

remote traffic patterns this implies traversing different segments

traversing different segments or crossing sub-modules or modules in

or crossing sub-modules or modules in the campus design

the campus design networks were originally designed

networks were originally designed according to the 80 20 rule which states

according to the 80 20 rule which states that 80 percent of the traffic is

that 80 percent of the traffic is internal

internal 20 is remote

20 is remote this concept has changed with the

this concept has changed with the evolution of enterprise networking and

evolution of enterprise networking and distributed server networking

distributed server networking in modern campus networks so the ratio

in modern campus networks so the ratio now is twenty eighty

now is twenty eighty whereas twenty percent is for local

whereas twenty percent is for local traffic and eighty percent is for

traffic and eighty percent is for traffic

traffic that crosses between modules and

that crosses between modules and segments

segments this change occurred as a result of

this change occurred as a result of servers no longer sitting in the

servers no longer sitting in the workgroup areas

generally the application and backbone servers are placed in a server farm area

servers are placed in a server farm area this puts a much higher load on the

this puts a much higher load on the backbone because much of the traffic

backbone because much of the traffic from the client side is going to the

from the client side is going to the servers in the server farm through the

servers in the server farm through the core layer devices

core layer devices this changes the way you will analyze

this changes the way you will analyze application traffic

application traffic in order to exemplify the 80 20 rule

in order to exemplify the 80 20 rule consider a work group area with various

consider a work group area with various devices

devices connected to a basic layer 2 switch

connected to a basic layer 2 switch using vlans

using vlans the inner vlan routing is accomplished

the inner vlan routing is accomplished on the routers that also allow access to

on the routers that also allow access to an email server according to the eighty

an email server according to the eighty twenty rule eighty percent of traffic

twenty rule eighty percent of traffic stays within the vlan

stays within the vlan where twenty whereas twenty percent of

where twenty whereas twenty percent of the traffic is going to the email server

on the other hand for example in the modern 2080 rule consider a situation in

modern 2080 rule consider a situation in which there are multiple logical

which there are multiple logical departments

departments using common resources with applications

using common resources with applications distributed throughout the organization

distributed throughout the organization this means there are no dedicated

this means there are no dedicated servers located within the department

servers located within the department for example database or file servers

for example database or file servers all the data is stored in the server

all the data is stored in the server farm block

farm block the end user's devices connect to a

the end user's devices connect to a series of layer 2 or low end layer 3

series of layer 2 or low end layer 3 switches

switches before reaching the distribution layer

before reaching the distribution layer block

block where the high end layer 3 switches with

where the high end layer 3 switches with high availability

high availability are located

are located the data flow finally reaches the server

the data flow finally reaches the server farm block consisting of modern database

farm block consisting of modern database servers such as email

servers such as email applications databases

applications databases in this example the traffic distribution

in this example the traffic distribution reflects the 2080 rule meaning 20

reflects the 2080 rule meaning 20 percent of the network traffic stays

percent of the network traffic stays local while 80 of the traffic is moving

local while 80 of the traffic is moving across the distribution layer

across the distribution layer and backbone of the network

and backbone of the network this is the reason you want your

this is the reason you want your distribution and core layer links

distribution and core layer links to be highly available and fast in order

to be highly available and fast in order to move data across the enterprise

to move data across the enterprise quickly

quickly the diagrams presented here represent a

the diagrams presented here represent a single building

single building but in large campus enterprise you would

but in large campus enterprise you would have multiple buildings connected by the

have multiple buildings connected by the network backbone module

network backbone module the network backbone is connected to the

the network backbone is connected to the edge distribution sub-module in order to

edge distribution sub-module in order to provide external access from the network

next let's discuss analyzing multicast traffic

traffic with the incredible advances of

with the incredible advances of collaboration tools using the world wide

collaboration tools using the world wide web and the internet it is very likely

web and the internet it is very likely that the organization will have to

that the organization will have to support multicast traffic

support multicast traffic the process of multicasting opposed to

the process of multicasting opposed to the process of broadcasting

the process of broadcasting or unicasting

or unicasting has the advantage of saving bandwidth

has the advantage of saving bandwidth because it sends a single stream of data

because it sends a single stream of data to multiple nodes

to multiple nodes the multicasting concept is used by

the multicasting concept is used by every modern corporation around the

every modern corporation around the world to deliver data to groups via the

world to deliver data to groups via the following methods

following methods corporate meetings video conferencing

corporate meetings video conferencing e-learning solutions webcasting

e-learning solutions webcasting information

information distributing applications streaming news

distributing applications streaming news feeds and streaming stock quotes

feeds and streaming stock quotes multicast data is sent as a multicast

multicast data is sent as a multicast group and users receive the information

group and users receive the information by joining that group using igmp or

by joining that group using igmp or internet group management protocol

internet group management protocol cisco multicast enabled routers can be

cisco multicast enabled routers can be used

used running multicast routing protocols such

running multicast routing protocols such as pim

as pim protocol independent multicast

protocol independent multicast so that

so that they can forward the incoming multicast

they can forward the incoming multicast stream to a particular switch port

stream to a particular switch port cisco switches effectively implement

cisco switches effectively implement multicasting using two main protocols

multicasting using two main protocols cgmp which is cisco group management

cgmp which is cisco group management protocol and igmp snooping

protocol and igmp snooping cgmp allows switches to communicate with

cgmp allows switches to communicate with multicast enabled routers

multicast enabled routers to figure out whether any users attached

to figure out whether any users attached to the switches are part of any

to the switches are part of any particular multicasting groups and

particular multicasting groups and whether they are qualified to receive

whether they are qualified to receive the special stream of data

the special stream of data igmp snipping allows the switch to

igmp snipping allows the switch to intercept the monthly cash receiver

intercept the monthly cash receiver registration message and based on the

registration message and based on the gathered information it makes changes to

gathered information it makes changes to its forwarding table

its forwarding table igmp snooping works only on layer 3

igmp snooping works only on layer 3 switches because igmp is a layer 3

switches because igmp is a layer 3 protocol

protocol next let's discuss analyzing delay

next let's discuss analyzing delay sensitive traffic

sensitive traffic if using multicasting or web streaming

if using multicasting or web streaming e-commerce e-learning solutions or ip

e-commerce e-learning solutions or ip telephony the traffic involved in this

telephony the traffic involved in this process will be delay sensitive and qos

process will be delay sensitive and qos techniques might be necessary to ensure

techniques might be necessary to ensure that this type of traffic is treated

that this type of traffic is treated with priority

with priority in layer 3 applications such as frame

in layer 3 applications such as frame relay environments

relay environments using eigrp ospf or bgp

using eigrp ospf or bgp as routing protocols with the isp

as routing protocols with the isp it is very common to use qos techniques

it is very common to use qos techniques to shape and control traffic at the

to shape and control traffic at the iplayer

iplayer you can also use qos at layer 2.

you can also use qos at layer 2. when using qos or analyzing or

when using qos or analyzing or controlling delay sensitive traffic at

controlling delay sensitive traffic at layer two there are four categories of

layer two there are four categories of qos techniques as follows

qos techniques as follows tagging and traffic classification

tagging and traffic classification congestion control

congestion control policy and shaping and scheduling

as you can see in this diagram you'll see that tagging and traffic

see that tagging and traffic classification have between having

classification have between having between the end user nodes

between the end user nodes through the excess layer up to the

through the excess layer up to the distribution layer this is where packets

distribution layer this is where packets are classified grouped and partitioned

are classified grouped and partitioned based on different priority levels or

based on different priority levels or classes of service

this incurs this occurs by inspecting the layer two

this occurs by inspecting the layer two packet headers and determining the

packet headers and determining the priority of the traffic based on the

priority of the traffic based on the traffic type

traffic type in this way the traffic can be tagged

in this way the traffic can be tagged and classified

and classified the next three techniques congestion

the next three techniques congestion control policy and traffic shaping and

control policy and traffic shaping and scheduling occur in the distribution

scheduling occur in the distribution layer block and the edge distribution

layer block and the edge distribution layer

layer sub module

sub module primarily on layer 3 switches

primarily on layer 3 switches you want to avoid applying any qos

you want to avoid applying any qos technique at the core layer

technique at the core layer because you want as little overhead as

because you want as little overhead as possible on the backbone

possible on the backbone so that they can successfully achieve

so that they can successfully achieve their goals

their goals which is fast connectivity high

which is fast connectivity high availability and reliability

availability and reliability congestion control involves the

congestion control involves the interfaces of the access layer switches

interfaces of the access layer switches and the cueing mechanisms configured on

and the cueing mechanisms configured on them

them cueing techniques are used in order to

cueing techniques are used in order to deal with the congestion of packets

deal with the congestion of packets coming into and out of the switch ports

coming into and out of the switch ports this method ensures the traffic from

this method ensures the traffic from critical applications

critical applications will be forwarded properly

will be forwarded properly especially when using real-time

especially when using real-time so let's summarize what you've learned

so let's summarize what you've learned in this video you've learned about the

in this video you've learned about the different types of traffic that can

different types of traffic that can traverse a switch to network

traverse a switch to network and how to handle that traffic and some

and how to handle that traffic and some of this information's been at a higher

of this information's been at a higher level

level such as qos

such as qos but that being said this is what cisco

but that being said this is what cisco expects you to know for the ccda exam

expects you to know for the ccda exam with the understanding that things will

with the understanding that things will get quite a bit more granular in the

get quite a bit more granular in the follow-up videos

follow-up videos but also as you work your way up to ccdp

but also as you work your way up to ccdp this is a good foundation for you to

this is a good foundation for you to begin and i wish you the best of luck in

begin and i wish you the best of luck in your studies thank you

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about enterprise campus design

to learn about enterprise campus design specifically we're going to go through

specifically we're going to go through the questions that you need to ask or

the questions that you need to ask or cisco at least expects you to ask when

cisco at least expects you to ask when you are designing

you are designing the access

the access distribution

distribution and core layer

and core layer so we're going to work our way up we'll

so we're going to work our way up we'll begin with the access layer

whenever a network designer is in the process of designing the campus

process of designing the campus infrastructures access layer block

infrastructures access layer block the following important questions must

the following important questions must be answered and you may be tested on

be answered and you may be tested on this in your ccda exam

this in your ccda exam what are the current and future needs

what are the current and future needs for end users or node ports in the

for end users or node ports in the existing wiring closets of that

existing wiring closets of that particular building

particular building what kind of hardware can the company or

what kind of hardware can the company or the client afford

the client afford can afford modular devices

can afford modular devices this will determine the degree of

this will determine the degree of scalability in the access layer an

scalability in the access layer an important factor that will allow the

important factor that will allow the business to grow

business to grow is the existing cabling adequate do you

is the existing cabling adequate do you have cat

have cat 5 or cat 6 utp cabling

5 or cat 6 utp cabling can you afford fiber cabling

can you afford fiber cabling if you are moving into a new building

if you are moving into a new building you might consider installing fiber

you might consider installing fiber optic cabling

optic cabling even at the access layer

even at the access layer what are the performance and bandwidth

what are the performance and bandwidth requirements

requirements what level of high availability is

what level of high availability is needed at the access layer

needed at the access layer generally in the access layer block you

generally in the access layer block you will not need as much redundancy

will not need as much redundancy a certain degree of high availability

a certain degree of high availability might be needed if using modular network

might be needed if using modular network devices

devices what are the requirements to support

what are the requirements to support vlan vtp and stp

vlan vtp and stp in a large enterprise campus design you

in a large enterprise campus design you might not need to use multiple vlans

might not need to use multiple vlans so you can go straight to using layer 3

so you can go straight to using layer 3 technologies in the access layer to

technologies in the access layer to avoid having multiple broadcast domains

avoid having multiple broadcast domains and to decrease the complexity of stp

and to decrease the complexity of stp what are the layer two traffic patterns

what are the layer two traffic patterns for applications

for applications and what multi-casting needs and quality

and what multi-casting needs and quality of service services are necessary

of service services are necessary at layer two

at layer two next we move up to the distribution

next we move up to the distribution layer

layer the distribution layer block combines

the distribution layer block combines and aggregates the access layer block

and aggregates the access layer block components

components and it uses layer 2 and layer 3

and it uses layer 2 and layer 3 switching to break up the work groups or

switching to break up the work groups or vlans

vlans and isolate the different network

and isolate the different network segments as failure domains

segments as failure domains and it also allows for the reduction of

and it also allows for the reduction of broadcast storms

broadcast storms it acts as a transit module between the

it acts as a transit module between the access and core layers

access and core layers here are some important questions that

here are some important questions that must be answered before designing the

must be answered before designing the distribution layer block

distribution layer block should layer 2 or layer 3 switches be

should layer 2 or layer 3 switches be used

used cost is a big issue in this decision

cost is a big issue in this decision the available budget will dictate the

the available budget will dictate the hardware that's going to be used

hardware that's going to be used how many total users will you have to

how many total users will you have to support

support with a high number of users such as

with a high number of users such as greater than 500 layer 3 switching

greater than 500 layer 3 switching will be essential in the distribution

will be essential in the distribution layer

layer one of the high availability needs

one of the high availability needs are the distribution layer switches

are the distribution layer switches modular and scalable

modular and scalable what type of intelligence services will

what type of intelligence services will be used in the distribution layer

be used in the distribution layer you must consider different features

you must consider different features that will be implemented in the

that will be implemented in the distribution layer

distribution layer such as security

such as security quality of service or multicasting

quality of service or multicasting if any of these features are implemented

if any of these features are implemented layer 3 switching is mandatory

layer 3 switching is mandatory is the company prepared to manage and

is the company prepared to manage and configure the distribution layer block

configure the distribution layer block should training or consultancy be added

should training or consultancy be added to the project budget to ensure that

to the project budget to ensure that this particular block will be properly

this particular block will be properly managed

managed will advanced stp features be

will advanced stp features be implemented

implemented you should think about features such as

you should think about features such as rstp backbone fast or uplink fast when

rstp backbone fast or uplink fast when connecting to the backbone layer

connecting to the backbone layer when connecting to the backbone block

when connecting to the backbone block via layer 2.

via layer 2. these kinds of features can be found on

these kinds of features can be found on almost all high-end modern switches

almost all high-end modern switches and can help optimize and speed up the

and can help optimize and speed up the stp process

stp process if a complete layer 3 switching model is

if a complete layer 3 switching model is used you do not have to think about stp

used you do not have to think about stp or additional features

finally the campus backbone block or core layer

the campus backbone block or core layer the campus backbone design occurs very

the campus backbone design occurs very early in the overall infrastructure

early in the overall infrastructure design process

design process as such what follows are a few important

as such what follows are a few important questions you should ask yourself and

questions you should ask yourself and your customers when it is time to design

your customers when it is time to design the

the campus backbone block

campus backbone block do you have three or more separate

do you have three or more separate locations that is buildings in the

locations that is buildings in the campus

campus that are connected through an enterprise

that are connected through an enterprise campus infrastructure

campus infrastructure if you only have two buildings you might

if you only have two buildings you might not need a separate backbone block

not need a separate backbone block a possible solution in this scenario

a possible solution in this scenario would be to use high high-speed fiber

would be to use high high-speed fiber connections

connections between the two buildings distribution

between the two buildings distribution layers

layers based on the present infrastructure will

based on the present infrastructure will the solution to the campus backbone be a

the solution to the campus backbone be a layer 2

layer 2 layer 2 and 3 or just the layer 3

layer 2 and 3 or just the layer 3 switching solution

switching solution in the case of a large enterprise campus

in the case of a large enterprise campus do you have the budget for a full

do you have the budget for a full multi-layer backbone solution throughout

multi-layer backbone solution throughout is the organization ready for a high

is the organization ready for a high performance multi-layer switching

performance multi-layer switching environment

environment things to consider here are training

things to consider here are training personnel

personnel budget

budget applications

applications support services and intelligence

support services and intelligence services

services does the customer want to simplify and

does the customer want to simplify and lower the number of links between the

lower the number of links between the distribution layer switches

distribution layer switches and the server farm block edge

and the server farm block edge distribution submodule

distribution submodule if so you could make changes to or

if so you could make changes to or augment the present network

augment the present network infrastructure

infrastructure and redesign the campus backbone

and redesign the campus backbone what are the performance needs the

what are the performance needs the bandwidth needs for all the applications

bandwidth needs for all the applications and services should be analyzed

and services should be analyzed how many high capacity links or ports

how many high capacity links or ports are necessary for the campus backbone

are necessary for the campus backbone block

block and what are the high availability

and what are the high availability redundancy redundancy demands

redundancy redundancy demands multiple aspects should be taken into

multiple aspects should be taken into consideration

consideration such as redundant connections modules

such as redundant connections modules and hardware

and hardware platforms obviously in this video

platforms obviously in this video there's been a lot of questions asked

there's been a lot of questions asked but all of them are very important

but all of them are very important questions to ask we do not design in

questions to ask we do not design in ivory towers we must communicate with

ivory towers we must communicate with the customer and understand the needs

the customer and understand the needs all the questions you've learned today

all the questions you've learned today are not only questions you need to know

are not only questions you need to know to perform your job well they could be

to perform your job well they could be questions that you would be expected to

questions that you would be expected to select if cisco were to ask you on the

select if cisco were to ask you on the ccda exam how would you prepare to

ccda exam how would you prepare to design the enterprise campus network

design the enterprise campus network good luck in your studies

hi this is david voss cci11372 and in this video we are going to cover

and in this video we are going to cover data setter design considerations

data setter design considerations we are going to walk you through each of

we are going to walk you through each of the components of the data center

the components of the data center so that we can talk about

so that we can talk about the individual questions and the

the individual questions and the individual considerations that need to

individual considerations that need to be taken into account when planning out

be taken into account when planning out a data center all this is fair game for

a data center all this is fair game for the ccda exam so let's go ahead and dig

the ccda exam so let's go ahead and dig in

in the data center concept has greatly

the data center concept has greatly evolved over the last few years passing

evolved over the last few years passing through many phases because of evolving

through many phases because of evolving technology

technology at the time of their appearance data

at the time of their appearance data centers were centralized

centers were centralized and they used mainframes to manage the

and they used mainframes to manage the data

data mainframes were then managed using

mainframes were then managed using terminals which are still used in modern

terminals which are still used in modern data centers because of their resiliency

data centers because of their resiliency although they are definitely considered

although they are definitely considered legacy components of data centers now

legacy components of data centers now the third generation data centers are

the third generation data centers are focused on modern technologies such as

focused on modern technologies such as virtualization

virtualization which further reduce costs

which further reduce costs these factors make this approach more

these factors make this approach more efficient than the distributed data

efficient than the distributed data center model

center model virtualization results in higher

virtualization results in higher utilization of computing and network

utilization of computing and network resources by sharing and allocating them

resources by sharing and allocating them on a temporary basis

on a temporary basis the top layer of the data center

the top layer of the data center topology includes virtual machines that

topology includes virtual machines that are hardware abstracted into software

are hardware abstracted into software entities

entities running a guest operating system on top

running a guest operating system on top of a hypervisor

of a hypervisor below this layer are the unified

below this layer are the unified computing resources

computing resources which contain the service profiles that

which contain the service profiles that map to the identity of the server

map to the identity of the server the identity of the server contains

the identity of the server contains details such as the following

details such as the following memory

memory cpu

cpu network interfaces storage information

network interfaces storage information and boot image

and boot image the next layer which is consolidated

the next layer which is consolidated connectivity

connectivity contains technology such as 10 gigabit

contains technology such as 10 gigabit ethernet

ethernet fiber channel over ethernet and fiber

fiber channel over ethernet and fiber channel

channel and all of these are supported on the

and all of these are supported on the cisco nexus series

cisco nexus series next let's talk about server

next let's talk about server considerations

considerations some very important aspects to consider

some very important aspects to consider when deploying servers in a data center

when deploying servers in a data center include the following

include the following the required power

the required power the rack space needed

the rack space needed server security

server security virtualization support and server

virtualization support and server management

management the increasing number of servers used

the increasing number of servers used necessitates more power and this has led

necessitates more power and this has led to the need for energy efficiency in the

to the need for energy efficiency in the data center

data center rack servers usually consume a great

rack servers usually consume a great deal of energy even though they are low

deal of energy even though they are low cost and provide high performance

cost and provide high performance an alternative to standalone servers are

an alternative to standalone servers are blade servers

blade servers they provide similar computing power but

they provide similar computing power but require less space power and cabling

server virtualization is supported on both standalone and blade servers and

both standalone and blade servers and provides scalability and better

provides scalability and better utilization of hardware resources

utilization of hardware resources next let's talk about data center

next let's talk about data center facility spacing considerations

facility spacing considerations facility spacing and other

facility spacing and other considerations help to size the overall

considerations help to size the overall data center and decide where to position

data center and decide where to position the equipment in order in order to

the equipment in order in order to provide scalability

provide scalability the available space defines the number

the available space defines the number of racks that can be installed for

of racks that can be installed for servers and network equipment

servers and network equipment an important factor to consider is the

an important factor to consider is the floor loading parameters

floor loading parameters estimating the correct size of the data

estimating the correct size of the data center has great influence on costs

center has great influence on costs longevity

longevity and flexibility

and flexibility several factors must be considered

several factors must be considered including the following

including the following the number of servers

the number of servers the amount of storage equipment the

the amount of storage equipment the amount of network equipment

amount of network equipment the number of employees served by the

the number of employees served by the data center infrastructure

data center infrastructure space needed for non-infrastructure

space needed for non-infrastructure areas such as storage rooms office space

areas such as storage rooms office space and other areas the weight of the

and other areas the weight of the equipment

equipment loading

loading heat dissipation

heat dissipation and power consumption and power type

and power consumption and power type physical security is another important

physical security is another important consideration because data centers

consideration because data centers contain equipment that hosts sensitive

contain equipment that hosts sensitive company data

company data which must be secured from outsiders

which must be secured from outsiders access to the data center must be well

access to the data center must be well controlled

controlled next let's talk about data center power

next let's talk about data center power considerations

considerations the power in the data center facility is

the power in the data center facility is used to power server storage network

used to power server storage network equipment cooling devices sensors and

equipment cooling devices sensors and other additional systems

other additional systems estimating necessary power capacity

estimating necessary power capacity involves collecting the requirements for

involves collecting the requirements for all the current and future equipment

all the current and future equipment such as the following servers storage

such as the following servers storage network devices ups generators hvac

network devices ups generators hvac and lighting

and lighting next let's discuss data center cooling

next let's discuss data center cooling considerations

considerations based on the type of equipment used

based on the type of equipment used careful heating and cooling calculations

careful heating and cooling calculations must be provided

must be provided blade server deployments allow for more

blade server deployments allow for more efficient use of space

efficient use of space but increased the amount of heat per

but increased the amount of heat per server

server some cooling solutions to address

some cooling solutions to address increased heat production include the

increased heat production include the following

following increase the space between the racks

increase the space between the racks increase the number of hvac units

increase the number of hvac units increase the airflow between devices

next let's talk about data center cabling considerations

cabling considerations a passive infrastructure for the data

a passive infrastructure for the data center is essential for optimal system

center is essential for optimal system performance

performance the physical network cabling between

the physical network cabling between devices determines how these devices

devices determines how these devices communicate with one another and with

communicate with one another and with external systems the cabling

external systems the cabling infrastructure type chosen impacts the

infrastructure type chosen impacts the physical connectors

physical connectors and the media type of the connectors

and the media type of the connectors this must be compatible with the

this must be compatible with the equipment interfaces

equipment interfaces two options are widely used today copper

two options are widely used today copper and fiber optic cabling

and fiber optic cabling the advantages of fiber optics are that

the advantages of fiber optics are that they are less susceptible to external

they are less susceptible to external interfaces and they operate over greater

interfaces and they operate over greater distances than copper cables do

distances than copper cables do cabling must remain well organized in

cabling must remain well organized in order to maintain the passive

order to maintain the passive infrastructure easily

infrastructure easily cabling infrastructure usability and

cabling infrastructure usability and simplicity is influenced by the

simplicity is influenced by the following

following the number of connections

the number of connections media selection and type of cabling

media selection and type of cabling termination organizers

as with any enterprise network the enterprise data center architecture

enterprise data center architecture follows the multi-layer approach and can

follows the multi-layer approach and can be structured in the core

be structured in the core aggregation and access layers

aggregation and access layers i won't repeat all the information for

i won't repeat all the information for the data center core as you will find

the data center core as you will find much of that information in the other

much of that information in the other videos

videos and the same is true for the

and the same is true for the distribution layer or what the in the

distribution layer or what the in the data center what is considered the

data center what is considered the aggregation layer

aggregation layer where we want to focus in this video is

where we want to focus in this video is the data center access layer

the data center access layer the main purpose of the data center's

the main purpose of the data center's access layer is to provide layer 2 and

access layer is to provide layer 2 and layer 3 physical port access

layer 3 physical port access to different kinds of servers remember

to different kinds of servers remember we're talking about a data center here

we're talking about a data center here so we're not talking about pcs or phones

so we're not talking about pcs or phones per se but the actual servers that

per se but the actual servers that support them

support them this layer consists of high performance

this layer consists of high performance and low latency switches

and low latency switches most data centers are built using layer

most data centers are built using layer 2 connectivity although

2 connectivity although layer 3 is also available from a design

layer 3 is also available from a design standpoint

standpoint positive possible physical loops that

positive possible physical loops that might be presented at layer two are

might be presented at layer two are managed by a spanning tree

managed by a spanning tree so here's what you've learned you've

so here's what you've learned you've learned about the important subtopics

learned about the important subtopics within data center design

within data center design it's not just about passing packets

it's not just about passing packets anymore it's literally about providing

anymore it's literally about providing the proper environment in space and

the proper environment in space and power

power to support all of your network

to support all of your network infrastructure

infrastructure so in this video you've learned some key

so in this video you've learned some key categories or key topics within data

categories or key topics within data center planning that you definitely will

center planning that you definitely will be asked about in your ccda exam and you

be asked about in your ccda exam and you definitely will use should you plan out

definitely will use should you plan out a data center for yourself

a data center for yourself good luck in your studies

hi this is david voss cciu11372 and in this video you're going to learn

and in this video you're going to learn about data center components

about data center components specifically you're going to learn about

specifically you're going to learn about all the components you see here

all the components you see here that you can find in a data center much

that you can find in a data center much of this may look new to you especially

of this may look new to you especially if you do not work in the data center

if you do not work in the data center but you're expected to know all of it

but you're expected to know all of it for your ccda exam especially the new

for your ccda exam especially the new version of it which seems to have more

version of it which seems to have more of a focus on data center technologies

of a focus on data center technologies so we're going to go ahead and cover

so we're going to go ahead and cover fibre channel over ethernet data center

fibre channel over ethernet data center bridging

bridging unified ports

unified ports intercloud fabric

intercloud fabric fabric path

fabric path overlay transport virtualization

overlay transport virtualization fabric management and extended sand

fabric management and extended sand so let's go ahead and begin

first let's begin with fiber channel over ethernet

over ethernet a classic data center design features a

a classic data center design features a dedicated ethernet lan and a separate

dedicated ethernet lan and a separate dedicated fiber channel san

dedicated fiber channel san with fibre channel over ethernet it is

with fibre channel over ethernet it is possible to run a single converged

possible to run a single converged network

network as a standards-based protocol that

as a standards-based protocol that allows fiber channel frames to be

allows fiber channel frames to be carried over ethernet links

carried over ethernet links fiber channel over ethernet

fiber channel over ethernet obviates the need to run separate lan

obviates the need to run separate lan and san networks

and san networks fiber channel over ethernet allows an

fiber channel over ethernet allows an evolutionary approach to i o

evolutionary approach to i o consolidation

consolidation by preserving all fiber channel

by preserving all fiber channel constructs maintaining the latency

constructs maintaining the latency security and traffic management

security and traffic management attributes of fiber channel

attributes of fiber channel while preserving investments in

while preserving investments in fibrochannel tools training in sands

fibrochannel tools training in sands based on lossless reliable ethernet

based on lossless reliable ethernet fibre channel over ethernet networks

fibre channel over ethernet networks combine lan and multiple storage

combine lan and multiple storage protocols on a converged network

protocols on a converged network next let's talk about data center

next let's talk about data center bridging

bridging ieee 802.1 data center bridging is a

ieee 802.1 data center bridging is a collection of standards-based extensions

collection of standards-based extensions to classical ethernet

to classical ethernet it provides a lossless data center

it provides a lossless data center transport layer that helps enable the

transport layer that helps enable the convergence of lands and sands onto a

convergence of lands and sands onto a single unified fabric

single unified fabric in addition to supporting fibril channel

in addition to supporting fibril channel over ethernet

over ethernet data center bridging can enhance the

data center bridging can enhance the operation of iscsi network attached

operation of iscsi network attached storage

storage and other business critical storage

and other business critical storage traffic

next let's discuss unified ports as a part of the network foundation of

as a part of the network foundation of unified fabric the cisco nexus switches

unified fabric the cisco nexus switches specifically the nexus 5548 up switch

specifically the nexus 5548 up switch delivers innovative architectural

delivers innovative architectural flexibility infrastructure simplicity

flexibility infrastructure simplicity and business agility

and business agility with support for networking standards

with support for networking standards for traditional virtualized unified and

for traditional virtualized unified and high performance computing environments

high performance computing environments it offers a long list of it and business

it offers a long list of it and business advantages

advantages this includes architectural flexibility

this includes architectural flexibility such as unified ports which support

such as unified ports which support traditional ethernet fiber channel and

traditional ethernet fiber channel and fiber channel over ethernet has a common

fiber channel over ethernet has a common high density high performance data

high density high performance data center class fixed form factor platform

center class fixed form factor platform and can consolidate lan and storage

and can consolidate lan and storage business agility it meets the diverse

business agility it meets the diverse data center deployments on one platform

data center deployments on one platform next let's talk about intercloud fabric

next let's talk about intercloud fabric you can build a highly secure hybrid

you can build a highly secure hybrid clouds and extend your existing data

clouds and extend your existing data center to public clouds as needed on

center to public clouds as needed on demand with consistent network and

demand with consistent network and security policies

security policies with cisco intercloud fabric you can do

with cisco intercloud fabric you can do all this

all this cloud providers can now provide a

cloud providers can now provide a complete hybrid cloud solution

complete hybrid cloud solution cloud providers can differentiate their

cloud providers can differentiate their offerings as a premium service

offerings as a premium service and provide a robust set of cloud

and provide a robust set of cloud deployment options

next let's talk about cisco fabric path cisco fabric path is a cisco nexus

cisco fabric path is a cisco nexus operating system

operating system software innovation combining the

software innovation combining the plug-and-play simplicity of ethernet

plug-and-play simplicity of ethernet with the reliability and scalability of

with the reliability and scalability of layer 3 routing

layer 3 routing using fabric path you can build highly

using fabric path you can build highly scalable

scalable layer 2 multi-path networks without

layer 2 multi-path networks without using the spanning tree protocol

using the spanning tree protocol such networks are particularly suitable

such networks are particularly suitable for large virtualization deployments

for large virtualization deployments private clouds in high performance

private clouds in high performance computing environments

computing environments when deployed across multiple cisco

when deployed across multiple cisco nexus chassis

nexus chassis the fabric path creates a flat data

the fabric path creates a flat data center switching fabric with high

center switching fabric with high switching capacity

switching capacity high cross sectional bandwidth and low

high cross sectional bandwidth and low predictable latency

overlay transport virtualization otv or overlay transport virtualization

otv or overlay transport virtualization on the nexus 7000

on the nexus 7000 is an industry first technology that

is an industry first technology that significantly simplifies

significantly simplifies extending layer 2 applications across

extending layer 2 applications across distributed data centers

distributed data centers you can now deploy data center

you can now deploy data center interconnect between sites without

interconnect between sites without changing or reconfiguring your existing

changing or reconfiguring your existing network design

network design with otv you can deploy virtual

with otv you can deploy virtual computing resources

computing resources and clusters across geographically

and clusters across geographically distributed data centers

distributed data centers delivering transparent workload mobility

delivering transparent workload mobility business resiliency

business resiliency and superior computing resource

and superior computing resource effectiveness

next fabric management and operations cisco dynamic fabric automation or dfa

cisco dynamic fabric automation or dfa boosts network flexibility and

boosts network flexibility and efficiency

efficiency dfa innovations simplify fabric

dfa innovations simplify fabric management

management optimize fabric infrastructure and

optimize fabric infrastructure and automate provisioning across physical

automate provisioning across physical and virtual environments

and virtual environments you gain unsurpassed operational

you gain unsurpassed operational simplicities through superior

simplicities through superior integration

integration dfa offers customers a number of

dfa offers customers a number of significant advantages

significant advantages optimized fabric infrastructure for

optimized fabric infrastructure for enhanced efficiency and scale

enhanced efficiency and scale optimized spine leaf topologies provide

optimized spine leaf topologies provide enhanced forwarding in a distributed

enhanced forwarding in a distributed control plane

control plane and integrated physical and virtual

and integrated physical and virtual environments

environments the topologies help enable

the topologies help enable any network anywhere supporting

any network anywhere supporting transparent mobility for physical

transparent mobility for physical servers and virtual machines plus

servers and virtual machines plus network extensibility

network extensibility you benefit from extensible resiliency

you benefit from extensible resiliency with smaller failure domains and

with smaller failure domains and multi-tenant scale

multi-tenant scale simplified fabric management with open

simplified fabric management with open apis for ease of operations

apis for ease of operations the cisco prime data center network

the cisco prime data center network manager

manager offers centralized fabric management

offers centralized fabric management across both physical

across both physical and virtual machines

and virtual machines automated provisioning for greater

automated provisioning for greater agility

agility having complete mobility access across

having complete mobility access across the fabric dfa uses network automation

the fabric dfa uses network automation and provisioning to simplify physical

and provisioning to simplify physical server and virtual machine deployments

server and virtual machine deployments network admin defined profile templates

network admin defined profile templates are used for both physical and the

are used for both physical and the virtual machine

when a server administrator provisions virtual machine and physical servers

virtual machine and physical servers instances of network policies are

instances of network policies are automatically created and applied to the

automatically created and applied to the network leaf switch as virtual machines

network leaf switch as virtual machines move across the fabric the network

move across the fabric the network policy is automatically applied to the

policy is automatically applied to the leaf switch

extended sand extended sand service to any device

extended sand service to any device storage network managers have long been

storage network managers have long been challenges

extended sand service to any device storage network managers

storage network managers have long been challenged to deliver

have long been challenged to deliver services such as encryption

services such as encryption data migration compression and

data migration compression and acceleration

acceleration the best way to optimize data center

the best way to optimize data center resources

resources is to deploy

is to deploy high performance storage networking

high performance storage networking services using the cisco mds 9000

services using the cisco mds 9000 products as the platform

products as the platform the benefits of mds 9000 services

the benefits of mds 9000 services oriented sands are services are

oriented sands are services are integrated into the sand fabric without

integrated into the sand fabric without wasted ports

wasted ports the benefits of mds 9000 services

the benefits of mds 9000 services oriented sands are services are

oriented sands are services are integrated into the sand fabric without

integrated into the sand fabric without wasted ports re-cabling

wasted ports re-cabling sand reconfigurations or deployment

sand reconfigurations or deployment disruption

disruption deployment times are dramatically

deployment times are dramatically reduced because performance is added by

reduced because performance is added by adding service engines

adding service engines automatic load balancing and traffic

automatic load balancing and traffic redirect failure help ensure high

redirect failure help ensure high availability

availability and consolidating important tasks into

and consolidating important tasks into the fabric supports transparent

the fabric supports transparent extension

extension of any sand service to any device

of any sand service to any device intelligent fabric applications

intelligent fabric applications optimize your data center resources by

optimize your data center resources by providing integrated

providing integrated high performance applications to cisco

high performance applications to cisco storage networks

storage networks support disaster recovery security

support disaster recovery security data mobility and other heterogeneous

data mobility and other heterogeneous storage requirements without adding

storage requirements without adding appliances

appliances or using host or array resources cisco

or using host or array resources cisco mds 9000 family service at nodes provide

mds 9000 family service at nodes provide network hosted services to cisco storage

network hosted services to cisco storage networks

networks such as stand extension

such as stand extension io acceleration

io acceleration xrc acceleration

xrc acceleration storage media encryption or data

storage media encryption or data mobility manager

mobility manager network-assisted applications are

network-assisted applications are enabled through the open intelligence

enabled through the open intelligence services api

services api cisco makes this development platform

cisco makes this development platform available to original storage

available to original storage manufacturers

manufacturers and independent software vendors who

and independent software vendors who want to develop storage applications on

want to develop storage applications on the cisco storage network's platform

the cisco storage network's platform storage network administrators get

storage network administrators get flexibility to extend any service to any

flexibility to extend any service to any device in the storage network

device in the storage network i o intensive data path processing tasks

i o intensive data path processing tasks at wire speed

at wire speed transparent to host and array

transparent to host and array applications

applications and much more

and much more so here's what you've learned you've

so here's what you've learned you've learned about key components of the data

learned about key components of the data center all this you'll need to know for

center all this you'll need to know for your ccda exam

your ccda exam we covered fiber channel over ethernet

we covered fiber channel over ethernet data center bridging unified ports

data center bridging unified ports intercloud fabric fabric path

intercloud fabric fabric path overlay transport virtualization

overlay transport virtualization fabric management and extended sand you

fabric management and extended sand you can expect questions on any of these

can expect questions on any of these technologies in your ccda exam and i'm

technologies in your ccda exam and i'm confident because you've watched this

confident because you've watched this video

video that if you know it well you will be

that if you know it well you will be prepared to answer any question they may

prepared to answer any question they may pose to you good luck in your studies

hi this is david voss cci11372 and in this video you're going

cci11372 and in this video you're going to learn about cisco virtualization

to learn about cisco virtualization in this video you're going to learn

in this video you're going to learn about the advantages of virtualization

about the advantages of virtualization it's drivers

it's drivers the types of virtualization

the types of virtualization and finally the platforms that support

and finally the platforms that support virtualization

virtualization so let's begin

so let's begin the official definition of computer

the official definition of computer virtualization is the pooling and

virtualization is the pooling and abstraction of resources and services

abstraction of resources and services in a way that masks the physical nature

in a way that masks the physical nature and boundaries of those resources and

and boundaries of those resources and services

services a good example is a vlan because it

a good example is a vlan because it masks the physical nature of resources

masks the physical nature of resources the concept of virtualization dates all

the concept of virtualization dates all the way back to the 1970s with ibm

the way back to the 1970s with ibm mainframes

mainframes these mainframes were separated into

these mainframes were separated into virtual machines so that different tasks

virtual machines so that different tasks could run separately

could run separately and to prevent a process failure that

and to prevent a process failure that could affect the entire system

could affect the entire system one of the issues that i t departments

one of the issues that i t departments face today is called server sprawl

face today is called server sprawl this concept implies that each

this concept implies that each application is installed on its own

application is installed on its own server

server and every time another server is added

and every time another server is added issues such as power

issues such as power space and cooling must be

space and cooling must be addressed these are just a few of the

addressed these are just a few of the many issues and none of them are cost

many issues and none of them are cost effective

effective however these challenges can be

however these challenges can be mitigated with server virtualization

mitigated with server virtualization that allows the partitioning of a

that allows the partitioning of a physical server to work with multiple

physical server to work with multiple operating systems and application

operating systems and application instances

instances the most important advantages are

the most important advantages are improved failover capabilities

improved failover capabilities better utilization of resources and a

better utilization of resources and a smaller footprint

smaller footprint virtualization is a concept that applies

virtualization is a concept that applies to many areas in modern i.t

to many areas in modern i.t infrastructures

infrastructures and it's not limited to servers

it can include networks storage

storage applications and desktop

applications and desktop network virtualization refers to one

network virtualization refers to one physical network

physical network supporting a wide array of logical

supporting a wide array of logical topologies

topologies this allows actions such as outsourcing

this allows actions such as outsourcing by the i t department

by the i t department where a logical topology can be created

where a logical topology can be created that can be accessed by external ite

that can be accessed by external ite professionals

professionals network virtualization with cisco

network virtualization with cisco products

products is typically classified into four areas

is typically classified into four areas control plane virtualization

control plane virtualization this is making sure processes like

this is making sure processes like routing are separated

routing are separated and distinct so

and distinct so routing process failure will not affect

routing process failure will not affect the entire device

the entire device data plane virtualization

data plane virtualization this is done

this is done every time different streams of data

every time different streams of data traffic are multiplexed that is

traffic are multiplexed that is different forms of traffic are placed on

different forms of traffic are placed on the same medium

the same medium the simplest example of data plane

the simplest example of data plane virtualization is a trunk link between

virtualization is a trunk link between two devices

two devices management plane virtualization

management plane virtualization this implies the ability to make a

this implies the ability to make a software upgrade on a device without

software upgrade on a device without rebooting that device

or having it loses capabilities to communicate on the network

communicate on the network and then pooling and clustering

and then pooling and clustering this for example is used on the cisco

this for example is used on the cisco catalyst 6500

catalyst 6500 virtual switching system

virtual switching system and it works by creating pools of

and it works by creating pools of devices that act as a single device

another example is the nexus vpc or virtual port channel

virtual port channel which allows either channels to be

which allows either channels to be created that span across multiple

created that span across multiple devices

virtualization has become a critical component in most enterprise networks

component in most enterprise networks because of modern demands in it

because of modern demands in it including increasing efficiency while

including increasing efficiency while reducing capital and operational costs

reducing capital and operational costs virtualization is a critical component

virtualization is a critical component of the cisco enterprise network

of the cisco enterprise network architecture

architecture virtualization can represent a variety

virtualization can represent a variety of technologies including extracting the

of technologies including extracting the logical components from hardware or

logical components from hardware or networks and implementing them into a

networks and implementing them into a virtual environment

some of the drivers behind implementing a virtualized environment are as follows

a virtualized environment are as follows the need to reduce the number of

the need to reduce the number of physical devices that perform individual

physical devices that perform individual tasks the need to reduce operational

tasks the need to reduce operational costs

costs the need to increase productivity

the need to increase productivity the need for flexible connectivity

the need for flexible connectivity and the need to eliminate underutilized

and the need to eliminate underutilized hardware

hardware virtualization can be implemented at

virtualization can be implemented at both the network and the device level

both the network and the device level network virtualization involves the

network virtualization involves the creation of network partitions that run

creation of network partitions that run on physical infrastructure

on physical infrastructure with each logical partition acting as an

with each logical partition acting as an independent network

independent network network virtualization can include vlans

network virtualization can include vlans vsans vpns and vrfs

on the other hand device virtualization allows logical devices to run

allows logical devices to run independently of each other on a single

independently of each other on a single physical machine

physical machine virtual hardware devices are created in

virtual hardware devices are created in software and have the same functionality

software and have the same functionality as real hardware devices

as real hardware devices the possibility of combining multiple

the possibility of combining multiple physical devices into one single logical

physical devices into one single logical unit also exists

unit also exists the cisco enterprise network

the cisco enterprise network architecture contains multiple forms of

architecture contains multiple forms of network and device virtualization such

network and device virtualization such as the following

as the following virtual machines virtual switches

virtual machines virtual switches virtual lans

virtual lans virtual private networks

virtual private networks virtual storage area networks

virtual storage area networks virtual switching systems

virtual switching systems virtual routing and forwarding virtual

virtual routing and forwarding virtual port channels and virtual device

port channels and virtual device contexts

contexts device contacts allow the partitioning

device contacts allow the partitioning of a single partition into multiple

of a single partition into multiple virtual devices called contexts a

virtual devices called contexts a context acts as an independent device

context acts as an independent device with its own set of policies

with its own set of policies the majority of features implemented on

the majority of features implemented on the real device are also functional on

the real device are also functional on the virtual context

the virtual context some of the devices in the cisco

some of the devices in the cisco portfolio that support virtual contexts

portfolio that support virtual contexts include the following

include the following cisco asa

cisco asa cisco ase

cisco ase cisco ips and cisco nexus series

cisco ips and cisco nexus series server virtualization allows the

server virtualization allows the server's resources to be extracted in

server's resources to be extracted in order to offer flexibility and usage

order to offer flexibility and usage optimization in the infrastructure

optimization in the infrastructure the result is that data center

the result is that data center applications are no longer tied to

applications are no longer tied to specific hardware resources

specific hardware resources so the applications are unaware of the

so the applications are unaware of the underlying hardware

underlying hardware server virtualization solutions are

server virtualization solutions are produced by companies such as vmware

produced by companies such as vmware microsoft and citrix

now all this being said there are unique design considerations to network

design considerations to network virtualization

network solutions are needed to solve the challenges of sharing network

the challenges of sharing network resources

resources but keeping users totally separate from

but keeping users totally separate from one another

one another although the users are separate we need

although the users are separate we need to ensure that the network is highly

to ensure that the network is highly available

available secure and can scale along with business

secure and can scale along with business growth

growth network virtualization offers solutions

network virtualization offers solutions to these challenges

to these challenges and provides design considerations

and provides design considerations around access control

around access control path isolation and services edge

path isolation and services edge regarding access control access needs to

regarding access control access needs to be controlled to ensure that users and

be controlled to ensure that users and devices are identified

devices are identified and authorized for entry to their

and authorized for entry to their assigned network segment

assigned network segment security at the access layer is critical

security at the access layer is critical for protecting the network from threats

for protecting the network from threats both internal and external

both internal and external path isolation this involves the

path isolation this involves the creation of independent logical network

creation of independent logical network paths

paths over a shared network infrastructure

over a shared network infrastructure mpls vpn is an example of path isolation

mpls vpn is an example of path isolation technique where devices are mapped to a

technique where devices are mapped to a vrf to access the correct set of network

vrf to access the correct set of network resources

resources other segmentation options include vlans

other segmentation options include vlans and vsans which logically separate lands

and vsans which logically separate lands and sands

and sands the main goal when segmenting the

the main goal when segmenting the network is to improve the scalability

network is to improve the scalability resiliency and security services

resiliency and security services as with non-segmented networks

services edge the services edge refers to making

the services edge refers to making network services available to the

network services available to the intended users

intended users and devices with an enforced centralized

and devices with an enforced centralized managed policy

managed policy separate groups or devices occasionally

separate groups or devices occasionally need to share information that may be on

need to share information that may be on different vlans

different vlans each with corresponding group policies

in such cases the network should have a central way to manage the policy and

central way to manage the policy and control access to the resources

control access to the resources so here's what you've learned you've

so here's what you've learned you've learned about cisco virtualization the

learned about cisco virtualization the different types of virtualization but

different types of virtualization but also the platforms that support this

also the platforms that support this type of virtualization

type of virtualization the fact is this type of software

the fact is this type of software defined networking is radically changing

defined networking is radically changing how

how engineers

engineers are going to design their networks and

are going to design their networks and to understand this is not only important

to understand this is not only important for your ccda exam

for your ccda exam but as you go forward in your career

but as you go forward in your career good luck in your studies

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about network programmability

to learn about network programmability specifically we're going to talk about

specifically we're going to talk about cisco's implementation of scn cisco aci

cisco's implementation of scn cisco aci and we'll discuss its benefits

and we'll discuss its benefits and its attributes

and its attributes all this you should know for your ccda

all this you should know for your ccda exam

exam so let's go ahead and begin

i t departments and lines of business are looking at cloud automation tools

are looking at cloud automation tools and software-defined networking

and software-defined networking architectures

architectures to accelerate application delivery

to accelerate application delivery reduce operating costs and greatly

reduce operating costs and greatly increased business agility

increased business agility cisco application-centric infrastructure

cisco application-centric infrastructure or cisco aci

or cisco aci is a comprehensive sdn architecture

is a comprehensive sdn architecture this policy-based automation solution

this policy-based automation solution supports a business relevant application

supports a business relevant application policy language

policy language greater scalability through a

greater scalability through a distributed enforcement system and

distributed enforcement system and greater network visibility

greater network visibility these benefits are achieved through the

these benefits are achieved through the integration of physical in virtual

integration of physical in virtual environments under one policy model for

environments under one policy model for networks server storage services and

networks server storage services and security

security through cisco aci customers are reducing

through cisco aci customers are reducing application deployment times from weeks

application deployment times from weeks to minutes it also dramatically improves

to minutes it also dramatically improves i.t alignment with business objectives

i.t alignment with business objectives and policy requirements

and policy requirements cisco aci is built on the application

cisco aci is built on the application centric policy

centric policy based on cisco application policy

based on cisco application policy infrastructure controller or what is

infrastructure controller or what is known as apec

known as apec the cisco aci fabric which is based on

the cisco aci fabric which is based on the cisco nexus 9000 series switches

the cisco nexus 9000 series switches and the cisco application virtual switch

and the cisco application virtual switch and the cisco aci partner ecosystem

and the cisco aci partner ecosystem aci provides a network that is deployed

aci provides a network that is deployed monitored and managed in a way that

monitored and managed in a way that benefits different teams in the it

benefits different teams in the it organization including

organization including sdn network cloud and devops and

sdn network cloud and devops and security

security it supports rapid application change by

it supports rapid application change by reducing complexity with a common policy

reducing complexity with a common policy framework that can automate provisioning

framework that can automate provisioning and resource management

you can facilitate rapid systems integration and customization for

integration and customization for network services monitoring

network services monitoring management and orchestration

management and orchestration cisco aci is a comprehensive sdn

cisco aci is a comprehensive sdn solution making the application the

solution making the application the focal point it is delivered in an agile

focal point it is delivered in an agile open and highly secure architecture

open and highly secure architecture and its application based policy model

and its application based policy model offers speed through automation reducing

offers speed through automation reducing errors and accelerating application

errors and accelerating application deployment in it processes from weeks to

deployment in it processes from weeks to minutes

minutes application-based policies decouple

application-based policies decouple high-level application connectivity

high-level application connectivity needs from the complicated details of

needs from the complicated details of network configuration

network configuration this results in automated it processes

this results in automated it processes that simplify operations

that simplify operations aci provides transparent support of

aci provides transparent support of heterogeneous physical and virtual

heterogeneous physical and virtual endpoints such as bare metal servers and

endpoints such as bare metal servers and virtual servers on any hypervisor with

virtual servers on any hypervisor with layer 2 to 7 network services using

layer 2 to 7 network services using consistent policy

consistent policy this provides faster troubleshooting

this provides faster troubleshooting through increased visibility of the

through increased visibility of the entire infrastructure

entire infrastructure cisco aci supports open apis open source

cisco aci supports open apis open source and open standards to optimize customer

and open standards to optimize customer choice and flexibility

choice and flexibility in fact cisco contributes technology

in fact cisco contributes technology specifications to open source and

specifications to open source and standards communities

standards communities the open integration with existing data

the open integration with existing data center management tools and

center management tools and comprehensive open partner ecosystem

comprehensive open partner ecosystem helps to ensure flexibility while

helps to ensure flexibility while decreasing costs and increasing

decreasing costs and increasing innovation

innovation provisioning applications has become

provisioning applications has become easy with programmable infrastructure

easy with programmable infrastructure yet onboarding them is still difficult

yet onboarding them is still difficult cloud architects have to know what

cloud architects have to know what infrastructure design will support

infrastructure design will support frequent application changes to

frequent application changes to performance security availability and

performance security availability and scale

scale devops has to work with both application

devops has to work with both application and admin teams to understand how

and admin teams to understand how numerous application changes

numerous application changes affect the configuration of switches

affect the configuration of switches ports vlans firewalls

ports vlans firewalls security appliances load balancers and

security appliances load balancers and other application delivery functions

other application delivery functions all changes must work within a shared

all changes must work within a shared production and infrastructure

production and infrastructure without affecting existing attendance

without affecting existing attendance and applications

and applications cisco aci introduces a simple

cisco aci introduces a simple application level policy based approach

application level policy based approach application intentions are automatically

application intentions are automatically translated to infrastructure design

translated to infrastructure design without requiring knowledge of devices

without requiring knowledge of devices or the effort to translate to

or the effort to translate to configurations

configurations this helps to enable policy aware

this helps to enable policy aware resource orchestration real-time

resource orchestration real-time governance and open choice in cloud

governance and open choice in cloud software cisco aci and the apic sdn

software cisco aci and the apic sdn controller allow for security policies

controller allow for security policies down to the individual tenant

down to the individual tenant application or workload

application or workload they provide protection that meets the

they provide protection that meets the most stringent business and compliance

most stringent business and compliance requirements

requirements the whitelist model permits the

the whitelist model permits the communication only were explicitly

communication only were explicitly allowed

allowed helping to ensure that policy omissions

helping to ensure that policy omissions do not leave security vulnerabilities

do not leave security vulnerabilities through cisco aci all security device

through cisco aci all security device provisioning

provisioning and configuration can be automated

and configuration can be automated according to the centrally managed

according to the centrally managed application policies and requirements

application policies and requirements this simplifies i.t security tasks and

this simplifies i.t security tasks and accelerates application deployments

cisco nexus 9000 series switches bring new industry-leading performance power

new industry-leading performance power port density and open programming

port density and open programming innovations

innovations the products that support cisco aci are

the products that support cisco aci are the cisco nexus 9000 series

the cisco nexus 9000 series in addition the cisco application

in addition the cisco application virtual switch which provides a

virtual switch which provides a consistent virtual switch infrastructure

consistent virtual switch infrastructure between aci fabrics and the cisco nexus

between aci fabrics and the cisco nexus 1000v virtual switch

1000v virtual switch the cisco application policy

the cisco application policy infrastructure controller which

infrastructure controller which programmatically automates network

programmatically automates network provisioning and control based on

provisioning and control based on application requirements and policies

application requirements and policies and the cisco application centric

and the cisco application centric infrastructure security for data centers

infrastructure security for data centers solves many complexities in customer

solves many complexities in customer environments

environments it treats firewalls as a pool of

it treats firewalls as a pool of resources and intelligently stitches

resources and intelligently stitches them according to application network

them according to application network policies

policies aci security offers full acceleration

aci security offers full acceleration dynamically in hardware and directly

dynamically in hardware and directly integrates into cisco aci

integrates into cisco aci when considering cisco aci it's

when considering cisco aci it's important to define desired business

important to define desired business outcomes and plan each stage of the

outcomes and plan each stage of the journey

journey then you'll want to know how to

then you'll want to know how to accelerate the benefits of aci while

accelerate the benefits of aci while mitigating the risks

mitigating the risks you need to develop an aci adoption

you need to develop an aci adoption strategy based on business and

strategy based on business and technology needs

technology needs you need to provide a migration strategy

you need to provide a migration strategy and operational readiness

and operational readiness you need to deploy proof of concept to

you need to deploy proof of concept to gain experience and reduce the

gain experience and reduce the deployment risk

deployment risk and then design application-centric data

and then design application-centric data centers based on the aci fabric pods and

centers based on the aci fabric pods and policy templates

so here's what you've learned you've learned about cisco's deployment of

learned about cisco's deployment of software-defined networking

software-defined networking which is cisco aci

which is cisco aci this you'll need to know for your ccda

this you'll need to know for your ccda exam

exam but more importantly you will need to

but more importantly you will need to know this if you're going to work in the

know this if you're going to work in the future

future of network engineering

of network engineering good luck in your studies

hi this is david voss cci11372 and in this video

and in this video you're going to learn about network

you're going to learn about network resiliency

resiliency and fault domains in preparation for

and fault domains in preparation for your cisco ccda exam

your cisco ccda exam specifically you're going to learn about

specifically you're going to learn about network device and operational

network device and operational resiliency

resiliency and also the concept of fault domains

and also the concept of fault domains so let's go ahead and begin

there are three major resiliency requirements which encompass most of the

requirements which encompass most of the common types of failure conditions

common types of failure conditions depending on the land design tier the

depending on the land design tier the resiliency option appropriate for the

resiliency option appropriate for the role and network service type must be

role and network service type must be deployed

deployed there is network resiliency which

there is network resiliency which provides redundancy through physical

provides redundancy through physical link failures such as a fiber cut

link failures such as a fiber cut device resiliency which protects the

device resiliency which protects the network during abnormal mode failure

network during abnormal mode failure triggered by hardware or software

triggered by hardware or software and then operational resiliency which

and then operational resiliency which enables resiliency capabilities to the

enables resiliency capabilities to the next level

next level providing complete network availability

providing complete network availability even during planned network outages

even during planned network outages we'll talk about all of these in this

we'll talk about all of these in this video

first we'll talk about network resiliency

resiliency the most common network fault occurrence

the most common network fault occurrence in the lan network is a link failure

in the lan network is a link failure between two systems

between two systems link failures can be caused by issues

link failures can be caused by issues such as a fiber cut miswiring

such as a fiber cut miswiring line card module failure etc

line card module failure etc in the modular platform design the

in the modular platform design the redundant parallel physical links

redundant parallel physical links between distributed models in two

between distributed models in two systems

systems reduces fault probabilities and can

reduces fault probabilities and can increase network availability

increase network availability it is important to remember how multiple

it is important to remember how multiple parallel paths between two systems also

parallel paths between two systems also affect how higher layer protocols

affect how higher layer protocols into adjacencies and loop free

into adjacencies and loop free forwarding topologies

forwarding topologies deploying redundant parallel paths in

deploying redundant parallel paths in the recommended borderless campus design

the recommended borderless campus design by default develops a non-optimal

by default develops a non-optimal topology

topology that keeps the network underutilized and

that keeps the network underutilized and requires protocol-based network recovery

requires protocol-based network recovery in the same network design the routered

in the same network design the routered access module eliminates such

access module eliminates such limitations and enables full load

limitations and enables full load balancing capabilities to increase

balancing capabilities to increase bandwidth capacity and minimize

bandwidth capacity and minimize application impact during a single path

application impact during a single path failure

failure to develop consistent network resiliency

to develop consistent network resiliency service in the centralized main and

service in the centralized main and remote campus sites the following basic

remote campus sites the following basic principles apply

principles apply deploying redundant parallel paths is a

deploying redundant parallel paths is a basic requirement for network resiliency

basic requirement for network resiliency at any tier it is critical to simplify

at any tier it is critical to simplify the control plane and forwarding plane

the control plane and forwarding plane operation by bundling all physical paths

operation by bundling all physical paths into a single logical

into a single logical logical bundled interface such as ether

logical bundled interface such as ether channel

channel implement a defense in-depth approach to

implement a defense in-depth approach to failure detection and recovery

failure detection and recovery an example of this is configuring the

an example of this is configuring the udld protocol that's unidirectional link

udld protocol that's unidirectional link detection

detection which uses a layer to keep alive to test

which uses a layer to keep alive to test that the switch to switch links are

that the switch to switch links are connected and operating correctly and

connected and operating correctly and acts as a backup to the native layer 1

acts as a backup to the native layer 1 unidirectional link detection

unidirectional link detection capabilities provided by 802.3z

capabilities provided by 802.3z and

and 802.3ae standards

802.3ae standards ensure that the network design is

ensure that the network design is self-stabilizing

self-stabilizing hardware or software errors may cause

hardware or software errors may cause ports to flap which creates fault false

ports to flap which creates fault false alarms and destabilizes the network

alarms and destabilizes the network topology

topology implementing route summarization

implementing route summarization advertises a concise topology view of

advertises a concise topology view of the network

the network which prevents core network instability

next let's talk about device resiliency another major component of an overall

another major component of an overall campus high availability framework is

campus high availability framework is providing the device or node level

providing the device or node level protection

protection that can be triggered during any type of

that can be triggered during any type of abnormal internal hardware or software

abnormal internal hardware or software process within the system

process within the system some of the common internal failures are

some of the common internal failures are software triggered crash

software triggered crash power outages line card failures etc

lan network devices can be considered as a single point of failure and are

a single point of failure and are considered to be a major failure

considered to be a major failure conditions because recovery may require

conditions because recovery may require a network administrator to mitigate the

a network administrator to mitigate the failure and recover the system the

failure and recover the system the network recovery time can remain

network recovery time can remain undeterministic

undeterministic causing complete or partial network

causing complete or partial network outage depending on the network design

outage depending on the network design redundant hardware components for device

redundant hardware components for device resiliency vary between fixed

resiliency vary between fixed configuration and modular cisco catalyst

configuration and modular cisco catalyst switches

switches to protect against common network faults

to protect against common network faults or resets all critical borderless campus

or resets all critical borderless campus network devices must be deployed with a

network devices must be deployed with a similar device resiliency

similar device resiliency configuration let's talk about the basic

configuration let's talk about the basic redundant hardware deployment guidelines

redundant hardware deployment guidelines at the access layer and collapse core

at the access layer and collapse core switching platforms in the campus

switching platforms in the campus network

network redundant power system so redundant

redundant power system so redundant power supplies for network systems

power supplies for network systems protect against power outages

protect against power outages power supply failures

power supply failures and so on it is important not only to

and so on it is important not only to protect the internal network system but

protect the internal network system but also the endpoints that rely on power

also the endpoints that rely on power delivery over the ethernet network

delivery over the ethernet network redundant power systems can be deployed

redundant power systems can be deployed in the following two configuration modes

in the following two configuration modes modular switch

modular switch this is where dual power supplies can be

this is where dual power supplies can be deployed in modular switching platforms

deployed in modular switching platforms such as the cisco catalyst 6500 or 4500

such as the cisco catalyst 6500 or 4500 e-series platforms

e-series platforms by default the power supply operates in

by default the power supply operates in a redundant mode

a redundant mode offering one plus one redundant option

offering one plus one redundant option in modular catalyst and nexus switching

in modular catalyst and nexus switching systems the network administrator must

systems the network administrator must perform overall power capacity planning

perform overall power capacity planning to allow for dynamic network growth with

to allow for dynamic network growth with new line card modules

new line card modules the other option is fixed configuration

the other option is fixed configuration switch

switch depending on the switch that you're

depending on the switch that you're running fixed configuration switches

running fixed configuration switches offer a wide range of power redundancy

offer a wide range of power redundancy options

options cisco stack power can be one of them

cisco stack power can be one of them especially in the cisco catalyst

especially in the cisco catalyst 3750x series platform

3750x series platform to prevent network outages on fixed

to prevent network outages on fixed configuration catalyst switches they

configuration catalyst switches they must be deployed with power redundancy

next redundant control plane device or known resiliency in modular

device or known resiliency in modular cisco catalyst 6500e

cisco catalyst 6500e or nexus 7000 4500e in cisco stackwise

or nexus 7000 4500e in cisco stackwise plus platforms provides one plus one

plus platforms provides one plus one redundancy with enterprise class high

redundancy with enterprise class high availability and deterministic network

availability and deterministic network recovery time

recovery time the following subsections provide high

the following subsections provide high availability design details as well as

availability design details as well as graceful network recovery techniques

graceful network recovery techniques that do not impact the control plane and

that do not impact the control plane and provide constant forwarding capabilities

provide constant forwarding capabilities during failure events though

during failure events though to minimize the amount of time the

to minimize the amount of time the network is unavailable to users

network is unavailable to users following a switchover from a primary to

following a switchover from a primary to a secondary device

a secondary device the main goal is to continue forwarding

the main goal is to continue forwarding ip packets after the route processor

ip packets after the route processor switchover

switchover nsf is supported by a wide variety of

nsf is supported by a wide variety of dynamic routing protocols

dynamic routing protocols if a router is running one of these

if a router is running one of these protocols it can detect the internal

protocols it can detect the internal switchover and take the proper steps to

switchover and take the proper steps to continue forwarding network traffic

continue forwarding network traffic using and leveraging the forwarding

using and leveraging the forwarding information base

information base while recovering route information from

while recovering route information from its peer devices

its peer devices cisco nsf with sso is a mechanism of

cisco nsf with sso is a mechanism of supervisor redundancy

supervisor redundancy that is part of the ios software

that is part of the ios software and provides extremely fast supervisor

and provides extremely fast supervisor switchover at layer 2 3 and 4.

switchover at layer 2 3 and 4. sso allows the standby route processor

sso allows the standby route processor to take control of the device once a

to take control of the device once a hardware or software fault occurs on the

hardware or software fault occurs on the active route processor

active route processor sso synchronizes the following

sso synchronizes the following parameters

parameters startup configuration

startup configuration startup variables

startup variables the running configuration

the running configuration layer 2 protocol states for ports and

layer 2 protocol states for ports and trunks

trunks layer 2 and layer 3 tables

layer 2 and layer 3 tables access control lists and qos tables

next let's talk about operational resiliency

resiliency designing the network to recover from

designing the network to recover from failure events is only one aspect of the

failure events is only one aspect of the overall campus non-stop design

overall campus non-stop design converged network environments are

converged network environments are continuing to move forward requiring

continuing to move forward requiring true 7x24 by 365 availability

true 7x24 by 365 availability the borderless campus network is a part

the borderless campus network is a part of the backbone of the enterprise

of the backbone of the enterprise network and must be designed to enable

network and must be designed to enable standard operational processes

standard operational processes configuration changes and software and

configuration changes and software and hardware upgrades without disrupting

hardware upgrades without disrupting network services

network services the ability to make changes and upgrade

the ability to make changes and upgrade software and or replace or upgrade

software and or replace or upgrade hardware becomes challenging without a

hardware becomes challenging without a redundant system in the campus core

redundant system in the campus core upgrading individual devices without

upgrading individual devices without taking them out of service is similarly

taking them out of service is similarly based on having internal component

based on having internal component redundancy

redundancy the cisco in-service software upgrade

the cisco in-service software upgrade issu an enhanced fast software upgrade

issu an enhanced fast software upgrade efsu

efsu leverage nsf sso technology to provide

leverage nsf sso technology to provide continuous network availability while

continuous network availability while upgrading critical systems

upgrading critical systems this helps to greatly reduce the need

this helps to greatly reduce the need for planned service downtime and

for planned service downtime and maintenance

next let's talk about fault domains each network tier can be classified as a

each network tier can be classified as a fault domain

fault domain with the deployment of redundant

with the deployment of redundant components and systems increasing

components and systems increasing redundancy and load sharing capabilities

redundancy and load sharing capabilities however

however this introduces a new set of challenges

this introduces a new set of challenges namely higher costs and increased

namely higher costs and increased complexity in managing a greater number

complexity in managing a greater number of systems

of systems network reliability and availability can

network reliability and availability can be simplified using several cisco high

be simplified using several cisco high availability and virtual system

availability and virtual system technologies such as vss

technologies such as vss which offers complete failure

which offers complete failure transparency to end users

transparency to end users and applications during planned or

and applications during planned or unplanned network outages

unplanned network outages in this sense minor or major network

in this sense minor or major network failures are considered broad terms that

failures are considered broad terms that include several types of network faults

include several types of network faults which must be taken into consideration

which must be taken into consideration in order to implement a rapid recovery

in order to implement a rapid recovery solution

solution cisco high availability technologies can

cisco high availability technologies can be deployed based on whether platforms

be deployed based on whether platforms have critical or non-critical role in

have critical or non-critical role in the network

the network some of the high availability techniques

some of the high availability techniques can be achieved in the campus network

can be achieved in the campus network design

design without making major network changes

without making major network changes however the critical network systems

however the critical network systems that are deployed in the center of the

that are deployed in the center of the network to provide global connectivity

network to provide global connectivity may require additional hardware and

may require additional hardware and software components to offer non-stop

software components to offer non-stop communication

so here's what you've learned you've learned about network

learned about network device in operation resiliency

device in operation resiliency this is a key part of your ccda exam and

this is a key part of your ccda exam and then you also learned about the

then you also learned about the terminology of fault domains

terminology of fault domains and again this is something you could be

and again this is something you could be asked on your exam so now that you've

asked on your exam so now that you've watched this video i'm confident if

watched this video i'm confident if you're asked any questions regarding

you're asked any questions regarding resiliency or fault domains on your ccda

resiliency or fault domains on your ccda exam

exam you'll do very well good luck in your

you'll do very well good luck in your studies

hi this is david voss ccie 11372 and this video you're going to receive

and this video you're going to receive an overview of wan design we're going to

an overview of wan design we're going to cover some of the basics of wide area

cover some of the basics of wide area networking

networking so that you can properly lay a

so that you can properly lay a foundation

foundation for the topics that come up after this

for the topics that come up after this video

video so you can understand

so you can understand what specific wan technologies are out

what specific wan technologies are out there

there and where they fit within the enterprise

and where they fit within the enterprise campus

when technologies operate at the enterprise edge in the modular cisco

enterprise edge in the modular cisco enterprise infrastructure

enterprise infrastructure wands span across large geographical

wands span across large geographical distances

distances in order to provide connectivity for

in order to provide connectivity for various parts of the network

various parts of the network infrastructure

infrastructure unlike the lan environment some lan

unlike the lan environment some lan components are not owned by the specific

components are not owned by the specific enterprise

enterprise instead when equipment or connectivity

instead when equipment or connectivity can be rented or leased from service

can be rented or leased from service providers

providers most service providers are well trained

most service providers are well trained in supporting not only traditional data

in supporting not only traditional data traffic but also voice and video

traffic but also voice and video services

services in addition unlike lands winds typically

in addition unlike lands winds typically have an initial fixed cost

have an initial fixed cost and thereafter periodic recurring fees

and thereafter periodic recurring fees for services

for services which is one reason you never want to

which is one reason you never want to over provision your wide area network

over provision your wide area network because it's money down the drain

because it's money down the drain this cost and fee structure requires

this cost and fee structure requires implementing effective quality of

implementing effective quality of service mechanisms

service mechanisms in order to avoid buying additional land

in order to avoid buying additional land bandwidth when it's not necessary

bandwidth when it's not necessary when technology's design requirements

when technology's design requirements are typically derived from the following

are typically derived from the following application type

application type application availability

application availability application reliability

application reliability the costs associated with a particular

the costs associated with a particular wan technology

wan technology and usage levels for the application

and usage levels for the application all of these will dictate what type of

all of these will dictate what type of wan technology you're going to want to

wan technology you're going to want to use

use the enterprise edge represents a large

the enterprise edge represents a large block or it could be several blocks of

block or it could be several blocks of equipment

equipment this large module is typically split

this large module is typically split into smaller blocks

into smaller blocks each with a specialized functionality

each with a specialized functionality here are the following components you

here are the following components you will find in an enterprise

the wan block for branch offices and remote access connectivity

the e-commerce block which is a part of the organization and obviously serves

the organization and obviously serves the business customer facing business

the business customer facing business applications

applications the internet connectivity block which

the internet connectivity block which offers robust internet access

offers robust internet access with some level of availability and

with some level of availability and redundancy and also you'll find within

redundancy and also you'll find within this block

this block often your dmz services

often your dmz services and then the remote access or vpn block

and then the remote access or vpn block which provides secure connectivity for a

which provides secure connectivity for a large number of employees who work out

large number of employees who work out of a home office

an important topic when considering ccda certification

certification is the common categories within various

is the common categories within various wind technologies

wind technologies an essential concept is circuit switched

an essential concept is circuit switched technology

technology the most relevant example of this is the

the most relevant example of this is the pstn or public switch telephone network

pstn or public switch telephone network one of the technologies that falls under

one of the technologies that falls under this category is isdn

this category is isdn the way circuit switched wan connections

the way circuit switched wan connections function

function is by being established when needed and

is by being established when needed and terminated when they are no longer

terminated when they are no longer required

required another example that reflects the

another example that reflects the circuit switching behaviors is the

circuit switching behaviors is the old-fashioned dial-up connection

old-fashioned dial-up connection you may remember or maybe you don't

you may remember or maybe you don't using a dial-up modem analog access over

using a dial-up modem analog access over the pstn to access the internet

the pstn to access the internet in the late 1990s

in the late 1990s the opposite of circuit switched option

the opposite of circuit switched option is the least line technology

is the least line technology this is a fully dedicated connection

this is a fully dedicated connection that is permanently up and owned by the

that is permanently up and owned by the company

company examples of lease lines include

examples of lease lines include tdm or time division multiplexing based

tdm or time division multiplexing based leased lines

leased lines and these are usually very expensive

and these are usually very expensive because a single customer

because a single customer has full use of the offered connectivity

has full use of the offered connectivity and you're paying for that bandwidth

and you're paying for that bandwidth whether you're using it or not

whether you're using it or not another popular category of wide area

another popular category of wide area networking technology involves packet

networking technology involves packet switched concepts

switched concepts in a packet switch infrastructure

in a packet switch infrastructure shared bandwidth utilizes virtual

shared bandwidth utilizes virtual circuits the customer can create a

circuits the customer can create a virtual path which is similar to a

virtual path which is similar to a leased line

leased line through the service provider's

through the service provider's infrastructure cloud

infrastructure cloud this virtual circuit has a dedicated

this virtual circuit has a dedicated bandwidth even though technically it's

bandwidth even though technically it's not a real leased line

not a real leased line frame relay is an example of this type

frame relay is an example of this type of technology

of technology some legacy wand technologies you may

some legacy wand technologies you may have heard of such as x25 that's the

have heard of such as x25 that's the predecessor of frame relay

predecessor of frame relay an example of cell switch technology is

an example of cell switch technology is asynchronous transfer mode or atm

asynchronous transfer mode or atm this operates by using fixed sized cells

this operates by using fixed sized cells self-switch technologies form a shared

self-switch technologies form a shared bandwidth environment from the service

bandwidth environment from the service provider standpoint that can guarantee

provider standpoint that can guarantee customers some level of bandwidth

customers some level of bandwidth through their infrastructure

through their infrastructure broadband is another hugely growing

broadband is another hugely growing category for wide area networking and

category for wide area networking and this includes technologies such as dsl

this includes technologies such as dsl cable and wireless

cable and wireless broadband involves making a connection

broadband involves making a connection such as an old-fashioned coax cable that

such as an old-fashioned coax cable that carries tv signals and figuring out how

carries tv signals and figuring out how to use the different aspects of that

to use the different aspects of that bandwidth

bandwidth for example by using multiplexing an

for example by using multiplexing an additional data signal could be

additional data signal could be transmitted along with the original tv

transmitted along with the original tv signals

signals and obviously wireless continues to

and obviously wireless continues to expand at a rapid pace

as detailed so far there are many options when discussing when categories

options when discussing when categories all of these technologies can support

all of these technologies can support the needs of modern networks that

the needs of modern networks that operate under the 80 20 rule that is

operate under the 80 20 rule that is 80 of the network traffic

80 of the network traffic uses some kind of wan technology to

uses some kind of wan technology to access remote resources

access remote resources next let's talk about wand topologies

next let's talk about wand topologies there are three you should know of

there are three you should know of first let's talk about full mesh

first let's talk about full mesh topologies

topologies which for obvious reasons require a

which for obvious reasons require a large number of nodes and added extra

large number of nodes and added extra overhead

overhead referring back to the formula n times n

referring back to the formula n times n minus 1 divided by 2

minus 1 divided by 2 where n denotes the nodes

this obviously can get very expensive very fast

very fast that being said the full mesh topology

that being said the full mesh topology is the best option when considering

is the best option when considering availability and reliability failover

availability and reliability failover will occur on the other links and

will occur on the other links and devices assuming you have your routing

devices assuming you have your routing protocols

protocols programmed correctly

programmed correctly the downside of full mesh topology

the downside of full mesh topology obviously is the extra overhead

obviously is the extra overhead associated with building and maintaining

associated with building and maintaining all of the connections

all of the connections and the high costs required to install

and the high costs required to install all of the links

all of the links a more popular design is the hub and

a more popular design is the hub and spoke topology the hub router is usually

spoke topology the hub router is usually located at the headquarters location

located at the headquarters location and connects to branch office routers in

and connects to branch office routers in a hub and spoke fashion

a hub and spoke fashion the hub spoke topology is not the best

the hub spoke topology is not the best topology as far as redundancy and

topology as far as redundancy and availability are concerned

availability are concerned as the hub device is the most common

as the hub device is the most common point of failure

point of failure so obviously in the hub area you're

so obviously in the hub area you're going to want to have redundant systems

going to want to have redundant systems with redundant power supplies redundant

with redundant power supplies redundant route processors etc etc

route processors etc etc hub and spoke topologies are obviously

hub and spoke topologies are obviously less complex and less expensive than

less complex and less expensive than full mesh topologies so the added

full mesh topologies so the added investment in the hub site is well worth

investment in the hub site is well worth it

it next there's partial mesh this involves

next there's partial mesh this involves a combination of full mesh and hub and

a combination of full mesh and hub and spoke

spoke the partial mesh topology falls in the

the partial mesh topology falls in the middle of full mesh and hub and spoke

middle of full mesh and hub and spoke topologies in terms of availability and

topologies in terms of availability and costs

costs this topology is useful when a high

this topology is useful when a high level of availability and redundancy is

level of availability and redundancy is required only in some areas

so it's a good time to begin discussing network architecture types

network architecture types the first network architecture type is

the first network architecture type is point to point

point to point now this is rather self-explanatory as

now this is rather self-explanatory as you can see we have two network devices

you can see we have two network devices connected by a single network link

connected by a single network link the typical point-to-point connection is

the typical point-to-point connection is a serial link

a serial link the next architecture type is broadcast

the next architecture type is broadcast network

network a broadcast is sent from one of the

a broadcast is sent from one of the routers and then propagated to all other

routers and then propagated to all other routers on that segment

routers on that segment ethernet networks like the one you see

ethernet networks like the one you see below are common examples of a broadcast

below are common examples of a broadcast network

the next architecture type is nbma or non-broadcast

non-broadcast multi-access

multi-access as the name implies it does not support

as the name implies it does not support broadcasts therefore when an interface

broadcasts therefore when an interface on a router needs to send out data to

on a router needs to send out data to all other routers it must send

all other routers it must send individual messages to each router

individual messages to each router nbma

nbma also doesn't support multicast so here's

also doesn't support multicast so here's what you've learned you've learned about

what you've learned you've learned about the basics of when topologies and wide

the basics of when topologies and wide area network types all these things will

area network types all these things will help you

help you in laying this foundation you need as

in laying this foundation you need as you begin to learn about how to design

you begin to learn about how to design for wide area networks

for wide area networks laying a foundation for the terminology

laying a foundation for the terminology that you'll need to understand such as

that you'll need to understand such as hub and spoke

hub and spoke full mesh

full mesh but also as you begin to design wide

but also as you begin to design wide area networks or you're asked questions

area networks or you're asked questions about wide area networks in the ccda

about wide area networks in the ccda exam

exam this information is going to be in any

this information is going to be in any question you would receive

question you would receive because they're going to assume you

because they're going to assume you understand the topics that are covered

understand the topics that are covered in this video very well

in this video very well good luck in your studies

hi this is david voss cci11372 and in this video you're going

cci11372 and in this video you're going to learn about dial-up technology

to learn about dial-up technology we're going to do an overview of isdn

we're going to do an overview of isdn technology and then dig into some of the

technology and then dig into some of the details

details such as isdn bri and pri

such as isdn bri and pri so let's begin

so let's begin although dial-up technologies are not

although dial-up technologies are not very common in today's modern network

very common in today's modern network it is a topic you can expect to see on

it is a topic you can expect to see on the ccda certification

the ccda certification dial-up falls under the category of

dial-up falls under the category of circuit switching

circuit switching and it uses the public switch telephone

and it uses the public switch telephone network or pstn

network or pstn a connection is established when a user

a connection is established when a user wants to use the dial-up option

wants to use the dial-up option and the connection ends when the user is

and the connection ends when the user is done using the link

done using the link considering dial-up connections use an

considering dial-up connections use an analog signal users need to use a modem

analog signal users need to use a modem in order to take the digital signal from

in order to take the digital signal from the computer and then convert it into

the computer and then convert it into analog communication on the pstn and

analog communication on the pstn and vice versa

vice versa dial-up access offers very limited

dial-up access offers very limited bandwidth capabilities

bandwidth capabilities but its advantage is that it's available

but its advantage is that it's available just about everywhere

just about everywhere because obviously pstns span across

because obviously pstns span across almost every geographical location

almost every geographical location the technologies used over the pstn

the technologies used over the pstn should not utilize much bandwidth

should not utilize much bandwidth modern networks may use dial-up

modern networks may use dial-up technology as a backup connection that

technology as a backup connection that can be activated in an emergency when no

can be activated in an emergency when no other wan connection type is available

other wan connection type is available and this is one of the most popular uses

and this is one of the most popular uses of isdn or was in the past especially

of isdn or was in the past especially was as a backup connection should the

was as a backup connection should the wan connection fail

wan connection fail now isdn is a technology that allows

now isdn is a technology that allows digital communication over a traditional

digital communication over a traditional analog phone line so that both voice and

analog phone line so that both voice and data can be transmitted digitally over

data can be transmitted digitally over the pstn

the pstn isdn never reached the level of

isdn never reached the level of popularity it was expected to because it

popularity it was expected to because it emerged when alternate technologies were

emerged when alternate technologies were also being developed

also being developed the two flavors of isdn include isdn bri

the two flavors of isdn include isdn bri basic rate interface

basic rate interface and isdn pri primary rate interface

and isdn pri primary rate interface isdn bri connectivity contains two b

isdn bri connectivity contains two b bearer channels for carrying data in 1d

bearer channels for carrying data in 1d delta channel for signaling

delta channel for signaling and is abbreviated as 2b plus d

and is abbreviated as 2b plus d each of these bare channels in the isdn

each of these bare channels in the isdn operates at a speed of 64 kilobits per

operates at a speed of 64 kilobits per second

second multi-link ppp can be configured on top

multi-link ppp can be configured on top of these interfaces to allow the user to

of these interfaces to allow the user to reach a bandwidth total of 128 kilobits

reach a bandwidth total of 128 kilobits per second

per second this bandwidth is considered very low

this bandwidth is considered very low obviously

obviously according to modern network requirements

according to modern network requirements the delta channel in isd mbri is a

the delta channel in isd mbri is a dedicated 16 kilobit per second traffic

dedicated 16 kilobit per second traffic control

control there are also 48 kilobits per seconds

there are also 48 kilobits per seconds overall for framing control and other

overall for framing control and other overhead in the isdn environment

overhead in the isdn environment therefore the total isdn bandwidth for

therefore the total isdn bandwidth for pri

pri is 192 kilobits per second

is 192 kilobits per second 128 kilobits per second from the b

128 kilobits per second from the b channels plus 16 for the d channel plus

channels plus 16 for the d channel plus 48 of overhead

48 of overhead isdn pri has 23 b channels and 1d

isdn pri has 23 b channels and 1d channel

channel in the united states and japan

in the united states and japan the bare channels and the delta channels

the bare channels and the delta channels all support 64 kilobits per second

all support 64 kilobits per second including overhead

including overhead the total pri bandwidth is 1.544

the total pri bandwidth is 1.544 megabits per second

megabits per second in other parts of the world like europe

in other parts of the world like europe and australia the pr connection

and australia the pr connection is 30b channels and 1d channel and

is 30b channels and 1d channel and therefore you have more bandwidth as

therefore you have more bandwidth as well

well the isdn technologies we've been

the isdn technologies we've been describing are called tdm or time

describing are called tdm or time division multiplexing technologies

division multiplexing technologies tdm refers to being able to combine

tdm refers to being able to combine multiple channels

multiple channels over a single overall transmission

over a single overall transmission medium

medium and using these different channels for

and using these different channels for voice video and data

voice video and data time division refers to

time division refers to splitting the connection into small

splitting the connection into small windows of time for various

windows of time for various communication channels

communication channels isdn speaking devices are called

isdn speaking devices are called terminal emulation equipment and they

terminal emulation equipment and they can be categorized as either native isdn

can be categorized as either native isdn or non-native isdn equipment

or non-native isdn equipment native isdn equipment is comprised of

native isdn equipment is comprised of devices that were built to be isdn ready

devices that were built to be isdn ready and they are called te1 devices terminal

and they are called te1 devices terminal equipment one

equipment one non-native isdn equipment is comprised

non-native isdn equipment is comprised of te2 devices non-native isdn equipment

of te2 devices non-native isdn equipment can be integrated with native isdn

can be integrated with native isdn equipment by using a special ta or

equipment by using a special ta or terminal adapter

terminal adapter which only te2 devices require

which only te2 devices require the isdn service provider uses

the isdn service provider uses termination devices called

termination devices called nt1s or network termination 1 and nt2

nt1s or network termination 1 and nt2 network termination 2.

network termination 2. these are translation devices for media

these are translation devices for media transforming five wire connections

transforming five wire connections into two wire connections

into two wire connections the local loop is the two-wire

the local loop is the two-wire connection it's a two-wire link

connection it's a two-wire link for users in north america the customer

for users in north america the customer is responsible for the nt-1 device

is responsible for the nt-1 device while in other parts of the world this

while in other parts of the world this falls under the service provider's

falls under the service provider's responsibility

responsibility because of this issue some cisco routers

because of this issue some cisco routers provide built-in nt1 functionality that

provide built-in nt1 functionality that features a visible u under the port so

features a visible u under the port so the user can see this capability quickly

the user can see this capability quickly the u notation is found in the isdn

the u notation is found in the isdn reference point terminology these

reference point terminology these reference points are important for

reference points are important for troubleshooting or maintaining issues in

troubleshooting or maintaining issues in an isdn network

an isdn network the isdn switch is usually located at

the isdn switch is usually located at the service provider's location

the service provider's location the different isdn reference points are

the different isdn reference points are as follows

as follows the u reference point is between the

the u reference point is between the isdn switch

isdn switch and the nt1 device

and the nt1 device the t reference point is between the nt2

the t reference point is between the nt2 device and the nt1 device

device and the nt1 device the s reference point is between the

the s reference point is between the terminals te1 or

terminals te1 or the ta

the ta and the nt2 device

and the nt2 device the r reference point is between

the r reference point is between non-isdn native devices and tas

so here's what you've learned you've learned a basic overview of isdn

learned a basic overview of isdn you've gotten also granular enough

you've gotten also granular enough with learning about isdm bri

with learning about isdm bri and then pri and the different types of

and then pri and the different types of isdn equipment that you should be able

isdn equipment that you should be able to answer correctly any isdn related

to answer correctly any isdn related question on the ccda exam

question on the ccda exam i wish you the best of luck in your

i wish you the best of luck in your studies thank you

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about frame relay

to learn about frame relay in previous videos you learned about

in previous videos you learned about non-broadcast multi-access technologies

non-broadcast multi-access technologies well

well frame relay is a nbma technology and it

frame relay is a nbma technology and it requires

requires dealing with address resolution issues

dealing with address resolution issues except for situations in which

except for situations in which point-to-point interfaces are used

point-to-point interfaces are used the local layer 2 addresses in frame

the local layer 2 addresses in frame relay are called data link connection

relay are called data link connection identifiers or dulces

identifiers or dulces and they are only locally significant

and they are only locally significant so for example in a hub and spoke

so for example in a hub and spoke environment

environment the hub device should have a unique

the hub device should have a unique delcy to communicate to each of its

delcy to communicate to each of its spokes

spokes as you can see here

as you can see here the delcy number at the end of each link

the delcy number at the end of each link may or may not be identical

may or may not be identical the delci is the frame relay address so

the delci is the frame relay address so this needs to be resolved to a layer 3

this needs to be resolved to a layer 3 ip address

ip address another fundamental frame relay

another fundamental frame relay component is the lmi or local management

component is the lmi or local management interface

interface the service provider operates a dce

the service provider operates a dce frame relay device and this is usually a

frame relay device and this is usually a switch

switch and the customer provides a dte frame

and the customer provides a dte frame relay device and this is usually a

relay device and this is usually a router

router the lmi is a language that permits these

the lmi is a language that permits these two devices to communicate

two devices to communicate one of its duties is to report the

one of its duties is to report the status information of the virtual

status information of the virtual circuit that makes up the frame relay

circuit that makes up the frame relay communication

communication the lmi also provides the delci

the lmi also provides the delci information

information the lmi is enabled automatically when

the lmi is enabled automatically when frame relay is initiated

frame relay is initiated and when it's enabled on a cisco device

and when it's enabled on a cisco device interface

interface so when you inspect the frame relay pvc

so when you inspect the frame relay pvc or permanent virtual circuit on a cisco

or permanent virtual circuit on a cisco device you will see a status code

device you will see a status code defined by the lmi

defined by the lmi that there will be one of the following

that there will be one of the following active

active which is what you would hope for that

which is what you would hope for that everything is working correctly

everything is working correctly inactive which means there's no problems

inactive which means there's no problems on the local node but there are possible

on the local node but there are possible issues on the remote node and then

issues on the remote node and then deleted which means there is an issue on

deleted which means there is an issue on the service provider network

the service provider network the three types of lmi are cisco

the three types of lmi are cisco ansi

ansi and q933a

cisco routers are configured to try all of these lmi types automatically

of these lmi types automatically starting with the cisco lmi type

starting with the cisco lmi type and then uses the one that matches

and then uses the one that matches whatever the service provider is using

whatever the service provider is using so in this aspect should not be that

so in this aspect should not be that much of a concern in a design phase for

much of a concern in a design phase for frame relay

frame relay one of the most popular aspects that

one of the most popular aspects that must be considered in the divine pha

must be considered in the divine pha design phase is the address resolution

design phase is the address resolution methodology

methodology if you are using

if you are using multi-point interfaces in your design

multi-point interfaces in your design you need to find a way to provide the

you need to find a way to provide the layer 3 to layer 2 resolution

layer 3 to layer 2 resolution there are two options that can help you

there are two options that can help you achieve this

achieve this and you can do it dynamically

and you can do it dynamically as you can see here using inverse arp

as you can see here using inverse arp one router stating my ip address is 199

one router stating my ip address is 199 17 28 200

17 28 200 and then asking for the ip address of

and then asking for the ip address of router b

router b who then answers back

who then answers back or statically

or statically using the frame relay map command

using the frame relay map command and you can see the specific programming

and you can see the specific programming for that right here

for that right here in order to verify that layer 3 to layer

in order to verify that layer 3 to layer 2 resolution has succeeded use the show

2 resolution has succeeded use the show frame relay map command

frame relay map command on a multi-point interface inverse arp

on a multi-point interface inverse arp happens automatically

happens automatically this functionality is enabled right

this functionality is enabled right after adding an ip address on an

after adding an ip address on an interface configured for frame relay

interface configured for frame relay at that moment requests are sent out all

at that moment requests are sent out all the circuits assigned to that specific

the circuits assigned to that specific interface for any supporting protocol

interface for any supporting protocol the interface is running

the interface is running the request process can be disabled with

the request process can be disabled with the no frame relay inverse arp command

the no frame relay inverse arp command but you can never design a network that

but you can never design a network that will stop responding to requests

will stop responding to requests by design inverse arp replies cannot be

by design inverse arp replies cannot be disabled so the frame relay speaker will

disabled so the frame relay speaker will always attempt to assist anybody

always attempt to assist anybody who attempts to perform a layer 3

who attempts to perform a layer 3 to layer 2 resolution

to layer 2 resolution via frame relay inverse arp

via frame relay inverse arp the inverse art behavior in framework

the inverse art behavior in framework design assists automatically with

design assists automatically with broadcasts

broadcasts through the replicated unicast approach

through the replicated unicast approach discussed

discussed earlier

earlier therefore when using inverse our

therefore when using inverse our broadcast support exists by default

broadcast support exists by default when connecting two routers to the frame

when connecting two routers to the frame relay cloud using physical interfaces

relay cloud using physical interfaces the specific interfaces are multi-point

the specific interfaces are multi-point from a frame relay perspective

from a frame relay perspective because a physical frame relay interface

because a physical frame relay interface by default is multi-point

by default is multi-point therefore even though the connection

therefore even though the connection between the two routers appears as a

between the two routers appears as a point-to-point

point-to-point it is a formulate multi-point connection

it is a formulate multi-point connection because they are using multiple

because they are using multiple interfaces by default the two devices

interfaces by default the two devices will handle the layer three to layer two

will handle the layer three to layer two resolution dynamically

resolution dynamically using inverse arp

using inverse arp if you would like to design a solution

if you would like to design a solution that does not use infosharp then you can

that does not use infosharp then you can turn off the dynamic mapping behavior on

turn off the dynamic mapping behavior on each device

each device and then configure static frame relay

and then configure static frame relay mappings

mappings you can do so by entering in formulae

you can do so by entering in formulae map the protocol address to the dell c

map the protocol address to the dell c the protocol is usually the ip

the protocol is usually the ip address is the remote address

address is the remote address and the dell c represents the local id

and the dell c represents the local id the broadcast keyword can be added

the broadcast keyword can be added optionally in order to activate the

optionally in order to activate the replicated unicast behavior to support

replicated unicast behavior to support broadcast functionality

broadcast functionality static mapping must be configured in

static mapping must be configured in order to override or turn off the

order to override or turn off the the default dynamic inverse arp behavior

the default dynamic inverse arp behavior this helps the administrator maintain

this helps the administrator maintain full control over the layer 3 to layer 2

full control over the layer 3 to layer 2 resolution process in frame relay

resolution process in frame relay a huge error that can appear on cisco

a huge error that can appear on cisco equipment is that physical interfaces

equipment is that physical interfaces have come up an inverse arp starts to

have come up an inverse arp starts to operate

operate you can find that there are dynamic

you can find that there are dynamic mappings to

mappings to 0.0.0.0 these mappings occur

0.0.0.0 these mappings occur because of a clash of two features and

because of a clash of two features and that is inverse arp in cisco auto

that is inverse arp in cisco auto install

install to discard these mappings you issue a

to discard these mappings you issue a clear framerate in arp command

clear framerate in arp command and then the device should be restarted

and then the device should be restarted this mapping can create a failure in the

this mapping can create a failure in the communication path from framelay

communication path from framelay environment

environment point-to-point configurations are the

point-to-point configurations are the ideal choice when it comes to layer 3 to

ideal choice when it comes to layer 3 to layer 2 resolution

layer 2 resolution because the process and multi-point

because the process and multi-point configurations does not occur when such

configurations does not occur when such interface on such interface types

when configuring point-to-point frame relay use point-to-point sub-interfaces

relay use point-to-point sub-interfaces which will not get the delsi assignments

which will not get the delsi assignments from the lmi as in the multi-point

from the lmi as in the multi-point situation

situation the dlc must be assigned manually to the

the dlc must be assigned manually to the sub-interfaces with the frame relay

sub-interfaces with the frame relay interface delsi command

there is no concern about the layer 3 to layer 2 resolution because each router

layer 2 resolution because each router has only one remote device to which it

has only one remote device to which it sends data and it does this by using the

sends data and it does this by using the sub interface

sub interface associated with the delsi

associated with the delsi another option would be creating sub

another option would be creating sub interfaces and declaring them as

interfaces and declaring them as multi-point

multi-point these types of interfaces behave exactly

these types of interfaces behave exactly like the physical multiple interfaces

like the physical multiple interfaces but you need to decide on the resolution

but you need to decide on the resolution method to be used

method to be used inverse arp or static mappings

inverse arp or static mappings a combination of these can be used for

a combination of these can be used for example by implementing inverse arp on

example by implementing inverse arp on one end of the connection

one end of the connection and then defining static maps on the

and then defining static maps on the other end

other end the interface type settings and the

the interface type settings and the selected layer 3 to layer 2 resolution

selected layer 3 to layer 2 resolution method

method is only locally significant so this

is only locally significant so this means there can be all kinds of

means there can be all kinds of variations in your frame relay design

with frame relay environments for quality of service packets can be marked

quality of service packets can be marked with the d e bit and this informs a

with the d e bit and this informs a service provider that those specific

service provider that those specific packets are not that important and can

packets are not that important and can be discarded if there is congestion

be discarded if there is congestion this behavior will prioritize packets

this behavior will prioritize packets that do not have the de bit set

that do not have the de bit set other parameters that can be configured

other parameters that can be configured in the frame relay environment are

in the frame relay environment are feckin and beckons so

feckin and beckons so feckins are forward explicit congestion

feckins are forward explicit congestion notifications beckons are backward

notifications beckons are backward explicit congestion notifications

explicit congestion notifications the frame relay equipment if configured

the frame relay equipment if configured to do so can notify deficit devices of

to do so can notify deficit devices of congestion

congestion and slow down the sending rates as

and slow down the sending rates as illustrated here

illustrated here in summary if you have a chain of frame

in summary if you have a chain of frame relay nodes that supports feckins and

relay nodes that supports feckins and beckons

beckons the first device can forward a feckin

the first device can forward a feckin that informs about existing congestion

that informs about existing congestion and about the need for transmitting at a

and about the need for transmitting at a slower rate

slower rate the feckin marking is then moved

the feckin marking is then moved backward but this can cause problems

backward but this can cause problems when there is no return traffic sent

when there is no return traffic sent backwards

backwards to make sure everybody knows about the

to make sure everybody knows about the congestion use beckons with empty frames

congestion use beckons with empty frames that carry the beckon bit backward

that carry the beckon bit backward this notifies the return path about the

this notifies the return path about the congestion

congestion devices respond to seconds and beckons

devices respond to seconds and beckons by slowing down in terms of transmission

by slowing down in terms of transmission rates in order to

rates in order to to avoid further congestion

to avoid further congestion so here's what you've learned you've

so here's what you've learned you've learned about the basics of frame relay

learned about the basics of frame relay d e beckon and feckin and then the

d e beckon and feckin and then the different types of interfaces and also

different types of interfaces and also the design considerations you need to

the design considerations you need to think about when you're designing frame

think about when you're designing frame relay

relay it's a very important topic although

it's a very important topic although frame relay certainly is not as as

frame relay certainly is not as as popular as it once was it is still

popular as it once was it is still something you need to understand for

something you need to understand for your ccda exam

your ccda exam good luck in your studies

hi this is david voss ccie 1137 and in this video you're going to learn about

this video you're going to learn about mpls

mpls mpls

mpls leverages the intelligence of the ip

leverages the intelligence of the ip routing infrastructure and the

routing infrastructure and the efficiency of cisco express forwarding

efficiency of cisco express forwarding mpls functions by appending a level to

mpls functions by appending a level to any type of packet

any type of packet the packet will then be forwarded

the packet will then be forwarded through the network infrastructure based

through the network infrastructure based on this label's value

on this label's value instead of any layer 3 information

instead of any layer 3 information the ability to label a packet for

the ability to label a packet for efficient forwarding allows mpls to work

efficient forwarding allows mpls to work with a wide range of underlying

with a wide range of underlying technologies

technologies by simply adding a label to the packet

by simply adding a label to the packet header

header mpls can be used in many physical in

mpls can be used in many physical in data link

data link layer when implementation

layer when implementation the mpls label is positioned between the

the mpls label is positioned between the layer 2 header

layer 2 header and the layer 3 header

and the layer 3 header in mpls overhead is added a single time

in mpls overhead is added a single time when the packet goes into the service

when the packet goes into the service provider cloud

provider cloud after entering the mpls network packet

after entering the mpls network packet switching is performed much faster than

switching is performed much faster than in traditional layer 3 networks

in traditional layer 3 networks because it only needs to swap the mpls

because it only needs to swap the mpls label instead of stripping the entire

label instead of stripping the entire layer 3 header

layer 3 header mpls capable routers are also called

mpls capable routers are also called lsrs or label switch routers

lsrs or label switch routers and they will come in the following two

and they will come in the following two flavors edge lsr which is the pe router

flavors edge lsr which is the pe router or lsr the p router

or lsr the p router pe routers are provider edge devices

pe routers are provider edge devices that ensure label distribution the

that ensure label distribution the forward packets based on labels and are

forward packets based on labels and are responsible for label insertion and

responsible for label insertion and removal p routers are provider routers

removal p routers are provider routers and they are responsible for label

and they are responsible for label forwarding and efficient packet

forwarding and efficient packet forwarding based on labels

forwarding based on labels mpls separates the control plane from

mpls separates the control plane from the data plane

the data plane this leads to a great efficiency in how

this leads to a great efficiency in how the lsr routers work

the lsr routers work resources that are constructed for

resources that are constructed for efficient control plane operations

efficient control plane operations include the routing protocol

include the routing protocol the routing table

the routing table the exchange of labels

the exchange of labels and these are completely separated from

and these are completely separated from resources that are designed only to

resources that are designed only to forward traffic in the data plane as

forward traffic in the data plane as quickly as possible

contains a fib or forwarding information base that is a copy of the routing table

base that is a copy of the routing table information

information in the cache memory

in the cache memory and is used for quick forwarding

and is used for quick forwarding mpls contains a label forwarding

mpls contains a label forwarding information base lfib

information base lfib which is for label based traffic

which is for label based traffic exchange

exchange the term forwarding equivalence class

the term forwarding equivalence class describes a class of packets

describes a class of packets that receives the same forwarding

that receives the same forwarding treatment that is traffic forwarded

treatment that is traffic forwarded based on a specific quality of service

based on a specific quality of service marking through the service provider

marking through the service provider cloud

cloud the mpls label has a length of four

the mpls label has a length of four bytes and it is consists of the

bytes and it is consists of the following fields

following fields a 20-bit label value field

a 20-bit label value field 3-bit experimental field such as qos

3-bit experimental field such as qos marking

marking one-bit bottom of the stack field which

one-bit bottom of the stack field which can be used when multiple labels are

can be used when multiple labels are used it's set to 1 for the last label in

used it's set to 1 for the last label in the stack

the stack and then the 8-bit ttl field this helps

and then the 8-bit ttl field this helps you to avoid loops

you to avoid loops you might need to use a stack of labels

you might need to use a stack of labels when dealing with mpls

when dealing with mpls and pls vpn is the most important

and pls vpn is the most important technology that uses mpls

technology that uses mpls which was developed to serve the mpls

which was developed to serve the mpls vpn technology

vpn technology an example of an mpls vpn application

an example of an mpls vpn application would be an isp that offers mpls vpn

would be an isp that offers mpls vpn services

services the pe routers connect to different

the pe routers connect to different customers

customers with the same customer having multiple

with the same customer having multiple sites

sites each connected to a different pe router

each connected to a different pe router with the mpls approach two sites with

with the mpls approach two sites with the same customer receive transparent

the same customer receive transparent secure communication capabilities

secure communication capabilities based on the unique customer labels

based on the unique customer labels assigned

assigned the isp uses mpls to carry the traffic

the isp uses mpls to carry the traffic between the pe routers

between the pe routers through the p devices

through the p devices an important advantage of mpos vpn

an important advantage of mpos vpn technology is that its secure

technology is that its secure connectivity

connectivity is assured without the customer having

is assured without the customer having to run mpls on any device

to run mpls on any device the customer only needs to run a

the customer only needs to run a standard routing protocol with the isp

standard routing protocol with the isp because all the mpls vpn logic is

because all the mpls vpn logic is located in the isp cloud

located in the isp cloud when using mpls vpns a stack of labels

when using mpls vpns a stack of labels is used to identify the customer this is

is used to identify the customer this is the vpn identification

the vpn identification and another label is used to initiate

and another label is used to initiate the forwarding through the isp cloud

the forwarding through the isp cloud layer 3 mpls vpn technology is very

layer 3 mpls vpn technology is very powerful

powerful and a flexible option that allows

and a flexible option that allows service providers to give customers the

service providers to give customers the transparent when access connect

transparent when access connect connectivity they need

connectivity they need this is very scalable for the isp

this is very scalable for the isp because it is very easy for them to add

because it is very easy for them to add customers and sites

customers and sites mpls comes in the following two flavors

mpls comes in the following two flavors frame mode mpls and cell mode mpls

frame mode mpls is the most popular mpls type

type and in this scenario the label is placed

and in this scenario the label is placed between the layer 2 header

between the layer 2 header and the layer 3 header

and the layer 3 header this is why mpls is often considered a

this is why mpls is often considered a layer 2.5 technology

layer 2.5 technology cell mode mpls is used in atm networks

cell mode mpls is used in atm networks and uses fields in the atm header that

and uses fields in the atm header that are used as the label

are used as the label one important issue that must be solved

one important issue that must be solved with mpls is determining the devices

with mpls is determining the devices that will ensure the insertion

that will ensure the insertion and removal of labels

and removal of labels the creation of labels

the creation of labels is performed on the ingress edge lsr and

is performed on the ingress edge lsr and label removing

label removing is performed on the egress edge lsr

is performed on the egress edge lsr the lsrs in the interior of the mpls

the lsrs in the interior of the mpls topology are only responsible for label

topology are only responsible for label swapping

swapping in order to forward the traffic on a

in order to forward the traffic on a specific path

specific path the mpls devices need a way in which to

the mpls devices need a way in which to exchange the labels that will be

exchange the labels that will be utilized for making forwarding decisions

utilized for making forwarding decisions this label exchange process is executed

this label exchange process is executed using a protocol

using a protocol the most popular of these protocols is

the most popular of these protocols is ldp or label distribution protocol ldp

ldp or label distribution protocol ldp is a session based udp technology

is a session based udp technology that allows for the exchange of labels

that allows for the exchange of labels udp and multicast are used initially to

udp and multicast are used initially to set up the peering and then tcp ensures

set up the peering and then tcp ensures there is a reliable transmission on the

there is a reliable transmission on the label information

label information a technology that improves mpls

a technology that improves mpls efficiency is penultimate hot popping

efficiency is penultimate hot popping this allows for the second to last lsr

this allows for the second to last lsr in the mpls path

in the mpls path to be the one that pops out the label

to be the one that pops out the label this adds efficiency to the overall

this adds efficiency to the overall operation of mpls

operation of mpls the rd or route distinguisher is a way

the rd or route distinguisher is a way in which the isp can distinguish between

in which the isp can distinguish between the traffic of different customers

the traffic of different customers this allows different customers who are

this allows different customers who are participating in the mpls vpn to use the

participating in the mpls vpn to use the exact same ip address space

exact same ip address space for example you can have both customer a

for example you can have both customer a and customer b

and customer b using the 10.10.100.0

24 range with the traffic being differentiated between customer rds

differentiated between customer rds devices can create their own virtual

devices can create their own virtual routing tables called vpn routing and

routing tables called vpn routing and forwarding or vrfs

forwarding or vrfs so a pe router can store each customer's

so a pe router can store each customer's specific data in a separate and isolated

specific data in a separate and isolated table

table providing increased security

providing increased security prefixes are carried through the mpls

prefixes are carried through the mpls cloud by relying on m

cloud by relying on m p

p bgp

bgp or multi-protocol bgp

or multi-protocol bgp this carries the vpn version 4 prefixes

this carries the vpn version 4 prefixes the prefix that results after the rd is

the prefix that results after the rd is prepended to the normal prefix

prepended to the normal prefix you can filter customers access to each

you can filter customers access to each other's prefixes with import and export

other's prefixes with import and export targets

targets so in this video you've learned the

so in this video you've learned the basics about mpls

basics about mpls and how to design it

and how to design it these are the basics you'll need to know

these are the basics you'll need to know for your ccda exam and i'm confident if

for your ccda exam and i'm confident if you've mastered the topics in this mpls

you've mastered the topics in this mpls video you will do well on the mpls

video you will do well on the mpls questions in your ccda exam good luck in

questions in your ccda exam good luck in your studies

hi this is david voss cciu11372 and in this video we are covering land

and in this video we are covering land design considerations

design considerations we're going to talk about at a granular

we're going to talk about at a granular level things you need to consider when

level things you need to consider when designing a wide area network

designing a wide area network also we'll do a refresh of a few items

also we'll do a refresh of a few items that you'll need to remember in order to

that you'll need to remember in order to best understand the material that's

best understand the material that's presented in this video

it's important to know this information not only to be a strong engineer but

not only to be a strong engineer but obviously to pass the ccda exam

obviously to pass the ccda exam so let's begin

so let's begin now for your ccda exam

now for your ccda exam you must be aware that the enterprise

you must be aware that the enterprise edge design process

edge design process must follow the ppd io

must follow the ppd io process which is prepare plan design

process which is prepare plan design implement operate and optimize

implement operate and optimize the designer should carefully analyze

the designer should carefully analyze the following network requirements using

the following network requirements using this methodology

this methodology the types of applications and their when

the types of applications and their when requirements

requirements traffic volume

traffic volume and traffic patterns including possible

and traffic patterns including possible points of congestion

points of congestion let's do a quick refresh of the

let's do a quick refresh of the ppd-io

ppd-io methodology

methodology cisco has formalized a network's life

cisco has formalized a network's life cycle into six phases

cycle into six phases plan

plan design

design implement

implement operate and optimize

operate and optimize and these phases are collectively known

and these phases are collectively known as ppdio

as ppdio let's discuss the ppdio phases in detail

let's discuss the ppdio phases in detail first the prepare phase

first the prepare phase this phase establishes organization and

this phase establishes organization and business requirements

business requirements develops a network strategy and proposes

develops a network strategy and proposes a high level conceptual architecture to

a high level conceptual architecture to support that strategy

support that strategy technologies that support the

technologies that support the architecture are identified in this

architecture are identified in this phase

phase as well as a business case to establish

as well as a business case to establish the financial justification for the

the financial justification for the strategy

strategy the plan phase identifies the network

the plan phase identifies the network requirements based on goals facilities

requirements based on goals facilities and user needs

and user needs this phase characterizes sites and

this phase characterizes sites and assesses the network

assesses the network performs a gap analysis against best

performs a gap analysis against best practice architectures

practice architectures and looks at the operational environment

and looks at the operational environment in the design phase the network design

in the design phase the network design is developed based on the technical and

is developed based on the technical and business requirements

business requirements obtained from the previous phases

obtained from the previous phases a good design will provide high

a good design will provide high availability reliability security

availability reliability security scalability and performance

scalability and performance in the implement phase new equipment is

in the implement phase new equipment is installed and configured according to

installed and configured according to the design specifications

the design specifications in this phase any planned network

in this phase any planned network changes should be communicated in change

changes should be communicated in change control meetings and with the necessary

control meetings and with the necessary approvals to proceed

approvals to proceed the operate phase maintains the

the operate phase maintains the network's day-to-day operational health

network's day-to-day operational health operations include managing

operations include managing and monitoring network components

and monitoring network components and performing the appropriate

and performing the appropriate maintenances

maintenances and then finally the optimize phase

and then finally the optimize phase which involves proactive network

which involves proactive network management

management by identifying and resolving issues

by identifying and resolving issues before they affect the network

now there is a design methodology for the first three phases of the ppdio

the first three phases of the ppdio methodology

methodology and there are three steps to it

and there are three steps to it in step one

in step one decision makers identify the

decision makers identify the requirements and a conceptual

requirements and a conceptual architecture is proposed

architecture is proposed in step two the network is assessed

in step two the network is assessed the network is assessed on function

the network is assessed on function performance and quality

performance and quality and then in step three

and then in step three the network topology is designed

the network topology is designed to meet the requirements

to meet the requirements and close the network gaps identified in

and close the network gaps identified in the previous two steps

the previous two steps let's review these three phases in

let's review these three phases in detail

detail to obtain customer requirements

to obtain customer requirements you need not only to talk to network

you need not only to talk to network engineers but you need to talk to the

engineers but you need to talk to the business

business personnel and company managers

personnel and company managers networks are designed to support

networks are designed to support applications

applications and you want to determine the network

and you want to determine the network services that you need to support

services that you need to support both now

both now and in the future

and in the future so an example of design flexibility is

so an example of design flexibility is voip

voip considering the strict requirements of

considering the strict requirements of this technology you want to make sure

this technology you want to make sure that voip can function over the design

that voip can function over the design solution at any given time

solution at any given time even if this is not an initial

even if this is not an initial requirement from the customer

requirement from the customer but maybe a year or two or possibly even

but maybe a year or two or possibly even three years later

three years later you will want to be able to support

you will want to be able to support voice over ip

voice over ip flexibility in enterprise edge design

flexibility in enterprise edge design consists of the ability to incorporate

consists of the ability to incorporate other technologies easily at any given

other technologies easily at any given time

time other key design criteria when

other key design criteria when considering wan design include the

considering wan design include the following

following response time throughput

response time throughput reliability

reliability window size and data compression

window size and data compression response times are of great importance

response times are of great importance to the wide area network as well as to

to the wide area network as well as to its supported applications

its supported applications many modern applications will give an

many modern applications will give an indication of the necessary response

indication of the necessary response times and again voip is an excellent

times and again voip is an excellent example

example when a voip call is made over many

when a voip call is made over many network devices you should know what the

network devices you should know what the necessary response time must be

necessary response time must be for proper voice communications

for proper voice communications generally speaking one-way latency

generally speaking one-way latency should not exceed 120 milliseconds

should not exceed 120 milliseconds you can test a response time using a

you can test a response time using a feature on cisco devices called ipsla

feature on cisco devices called ipsla let's do a quick overview of ipsla for

let's do a quick overview of ipsla for you ipsla allows you to monitor analyze

you ipsla allows you to monitor analyze and verify

and verify ip service levels

ip service levels it's comprised of two components a

it's comprised of two components a source and a target

source and a target operations can broadly be categorized

operations can broadly be categorized into five functional areas

into five functional areas let's take a look at an example

you can use ipslas to monitor the performance between any area in the

performance between any area in the network core distribution and edge

network core distribution and edge without deploying a physical probe it

without deploying a physical probe it uses generated traffic to measure

uses generated traffic to measure network performance between two

network performance between two networking devices

networking devices so as we draw this out this shows how

so as we draw this out this shows how ipslas begins when the source device

ipslas begins when the source device sends a generated packet to the

sends a generated packet to the destination device

destination device after the destination device receives

after the destination device receives the packet depending on the type of

the packet depending on the type of ipsla's operation it responds with the

ipsla's operation it responds with the timestamp information for the source to

timestamp information for the source to make the calculation on performance

make the calculation on performance metrics

it then can communicate with a performance management application via

performance management application via snmp to provide real-time analysis of

snmp to provide real-time analysis of the network

it should be noticed that ipsla can communicate with any ip device on the

communicate with any ip device on the network that's enabled for these types

network that's enabled for these types of measurements

another important design parameter is overall available bandwidth or what many

overall available bandwidth or what many call throughput

call throughput this measures the amount of data that

this measures the amount of data that can be sent in a particular time frame

can be sent in a particular time frame through a special specific wan area

reliability is another aspect to consider this gives information about

consider this gives information about the health of the wan connection and its

the health of the wan connection and its resources so whether this connection is

resources so whether this connection is actually up or down

actually up or down as well as detailed information about

as well as detailed information about how often the wind functions as

how often the wind functions as efficient as efficiently as possible

window size influences the amount of data that can be sent into the wan in

data that can be sent into the wan in one chunk

one chunk tcp uses a sliding window concept that

tcp uses a sliding window concept that works by sending an amount of data

works by sending an amount of data waiting for an acknowledgement of

waiting for an acknowledgement of receipt and then increasing the amount

receipt and then increasing the amount of data until it reaches the maximum

of data until it reaches the maximum window

window in the case of a congested wan link

in the case of a congested wan link everyone in the network that is sending

everyone in the network that is sending data via tcp will start increasing the

data via tcp will start increasing the rate at which they send until the

rate at which they send until the interface starts dropping packets

interface starts dropping packets causing everyone to back off and use the

causing everyone to back off and use the sliding window

sliding window after the congestion disappears everyone

after the congestion disappears everyone will start increasing the rate at which

will start increasing the rate at which they send at the same time until a new

they send at the same time until a new congestion event occurs

congestion event occurs this process which repeats again and

this process which repeats again and again is called tcp global

again is called tcp global synchronization

synchronization this leads to a waste and bandwidth

this leads to a waste and bandwidth during the periods that all hosts

during the periods that all hosts decrease their window size

decrease their window size simultaneously

simultaneously and finally another key wan factor is

and finally another key wan factor is whether traffic can be compressed

whether traffic can be compressed if the data is already highly compressed

if the data is already highly compressed any additional compression mechanisms

any additional compression mechanisms are inefficient

are inefficient but that being said especially today

but that being said especially today with sands on other high capacity

with sands on other high capacity systems

systems compression and compression over the

compression and compression over the wind is critical to ensure

wind is critical to ensure that failover and backup services are

that failover and backup services are ready to go live with the most accurate

ready to go live with the most accurate data possible

data possible so here's what you've learned you've

so here's what you've learned you've learned about some unique land design

learned about some unique land design methodologies specifically a refresh of

methodologies specifically a refresh of the ppd-io process

the ppd-io process and then reviewing the key design

and then reviewing the key design criteria

criteria of wan design such as response time

of wan design such as response time throughput and reliability

throughput and reliability then another refresh of ipsla

then another refresh of ipsla all of this information is fair game for

all of this information is fair game for the ccda exam

the ccda exam if you know the information in this

if you know the information in this video well

video well you will do excellent on this portion of

you will do excellent on this portion of your exam

your exam good luck in your studies

hi this is david voss ccie11372 and in this video you're going to learn

and in this video you're going to learn about designing

about designing quality of service

quality of service specifically we're going to be going

specifically we're going to be going over the following categories of quality

over the following categories of quality of service classification

of service classification congestion management

congestion management link efficiency mechanisms and then

link efficiency mechanisms and then traffic shaping and policing

traffic shaping and policing now it's obvious from the ccda study

now it's obvious from the ccda study materials that cisco does not expect you

materials that cisco does not expect you to be an expert on quality of service

to be an expert on quality of service it is a huge topic

it is a huge topic they just want you to understand the

they just want you to understand the basics so do not spend too much time

basics so do not spend too much time digging into the intricacies of quality

digging into the intricacies of quality of service

of service because there will be time for that in

because there will be time for that in your advanced studies

your advanced studies for now

for now let's talk about quality of service at a

let's talk about quality of service at a higher level

higher level and then discuss the quality of service

and then discuss the quality of service concepts

concepts that cisco wants you to know for the

that cisco wants you to know for the ccda exam

ccda exam quality of service is a tool for

quality of service is a tool for managing a wins available bandwidth

managing a wins available bandwidth now quality service does not and bad ad

now quality service does not and bad ad bandwidth

bandwidth but it helps you make better use of what

but it helps you make better use of what you have

you have if you have chronic congestion issues

if you have chronic congestion issues quality of service should not be the

quality of service should not be the primary answer to resolving that problem

primary answer to resolving that problem you need to add more bandwidth

you need to add more bandwidth however

however by prioritizing traffic using quality of

by prioritizing traffic using quality of service

service you can make sure that your most

you can make sure that your most critical traffic gets the best treatment

critical traffic gets the best treatment and available bandwidth in times of

and available bandwidth in times of congestion

congestion one popular quality of service technique

one popular quality of service technique is to classify your traffic

is to classify your traffic based on a specific protocol type

based on a specific protocol type or matching access list

or matching access list and then giving a policy treatment to

and then giving a policy treatment to that specific class

that specific class you can define many classes to match or

you can define many classes to match or identify your most important traffic

identify your most important traffic classes for example video or voice

classes for example video or voice and then the remaining unmatched traffic

and then the remaining unmatched traffic then uses a default class

then uses a default class which is the traffic that can be treated

which is the traffic that can be treated as best effort

as best effort so let's begin with

so let's begin with classification for a flow to have

classification for a flow to have priority it must first be identified and

priority it must first be identified and marked

marked both of these tasks are referred to as

both of these tasks are referred to as classification

classification the following are popular technologies

the following are popular technologies which support

which support classification nbar

classification nbar it's a technology that uses deep

it's a technology that uses deep packet content inspection

packet content inspection to identify network applications

to identify network applications so an advantage of nbar is that it can

so an advantage of nbar is that it can recognize applications even when they do

recognize applications even when they do not

not use standard network ports

use standard network ports also it matches fields at the

also it matches fields at the application layer

application layer before nbar classification was limited

before nbar classification was limited to

to layer 4 tcp and udp port numbers

layer 4 tcp and udp port numbers but mbar has changed that

but mbar has changed that next is car committed access rate and

next is car committed access rate and uses an acl to set precedence and allows

uses an acl to set precedence and allows customization

customization of the precedence assignment by the user

of the precedence assignment by the user source or destination ip address or even

source or destination ip address or even application type

next let's talk about congestion management there are two types of output

management there are two types of output cues that are available on routers

cues that are available on routers hardware and software the hardware queue

hardware and software the hardware queue simply uses fifo first in first out

simply uses fifo first in first out but the software queue schedules packets

but the software queue schedules packets first and then places them in the

first and then places them in the hardware queue

hardware queue now keep in mind that the software queue

now keep in mind that the software queue is only used during periods of

is only used during periods of congestion

congestion the software queue uses quality of

the software queue uses quality of service techniques such as priority

service techniques such as priority queuing custom cueing

queuing custom cueing weighted fair queueing

weighted fair queueing class based weighted fair queuing

class based weighted fair queuing low latency queuing and traffic shaping

low latency queuing and traffic shaping and policing let's go through each of

and policing let's go through each of one of those cisco does not expect you

one of those cisco does not expect you to know each of these in detail again

to know each of these in detail again that would be later in your ccdp studies

that would be later in your ccdp studies but that being said

but that being said they want you to understand

they want you to understand what each of these are

what each of these are priority queuing is a queuing method

priority queuing is a queuing method that establishes four interface output

that establishes four interface output cues that serve different priority

cues that serve different priority levels

levels which are high medium default and low

which are high medium default and low unfortunately priority queueing can

unfortunately priority queueing can starve other cues if too much data is in

starve other cues if too much data is in one queue

one queue because higher priority queues must be

because higher priority queues must be emptied first

emptied first before lower priority queues

before lower priority queues next there is custom queuing

next there is custom queuing it uses up to 16 individual output

it uses up to 16 individual output queues

queues byte size limits are assigned to each

byte size limits are assigned to each queue so that when the limit is reached

queue so that when the limit is reached it proceeds to the next queue the

it proceeds to the next queue the network operator can customize these

network operator can customize these limits

limits and custom cueing is obviously fairer

and custom cueing is obviously fairer than priority queueing because it allows

than priority queueing because it allows some level of service to all traffic

some level of service to all traffic but this is really a legacy solution

but this is really a legacy solution because there are improvements in the

because there are improvements in the queuing methods which we'll talk about

queuing methods which we'll talk about next

next weighted fair queuing ensures that

weighted fair queuing ensures that traffic is separated into individual

traffic is separated into individual flows or sessions without requiring that

flows or sessions without requiring that you define access lists

you define access lists waited for a curing uses two categories

waited for a curing uses two categories to group sessions high and low bandwidth

to group sessions high and low bandwidth low bandwidth traffic has priority over

low bandwidth traffic has priority over high bandwidth traffic

high bandwidth traffic and high bandwidth traffic shares the

and high bandwidth traffic shares the service according to assigned weight

service according to assigned weight values

values please know that weighted fair cueing is

please know that weighted fair cueing is the default quality service mechanism on

the default quality service mechanism on interfaces below

interfaces below 2 megabits per second

2 megabits per second next is class

next is class based weighted fair queueing

based weighted fair queueing it extends waited for queueing

it extends waited for queueing capabilities by providing support for

capabilities by providing support for modular user-defined traffic classes

modular user-defined traffic classes class-based waiver fair queuing lets you

class-based waiver fair queuing lets you define traffic classes that correspond

define traffic classes that correspond to match criteria

to match criteria including acls protocols and input

including acls protocols and input interfaces

interfaces traffic that matches the class criteria

traffic that matches the class criteria belongs to that specific class and each

belongs to that specific class and each class

class has a defined queue that corresponds to

has a defined queue that corresponds to an output interface

an output interface so after traffic has been matched and

so after traffic has been matched and belongs to a specific class

belongs to a specific class you can modify its characteristics such

you can modify its characteristics such as assigning bandwidth

as assigning bandwidth maximum queue limit and weight

maximum queue limit and weight as you see in the picture here

as you see in the picture here certain classes receive higher priority

certain classes receive higher priority than other classes

than other classes as you see in the diagram here certain

as you see in the diagram here certain classes receive more bandwidth than

classes receive more bandwidth than other classes

other classes and also as you see here this is a form

and also as you see here this is a form of class based waiting for queueing but

of class based waiting for queueing but actually this is called low latency

actually this is called low latency queuing because it has a priority queue

queuing because it has a priority queue and that's the big difference

and that's the big difference the strict priority queue allows delay

the strict priority queue allows delay sensitive traffic such as voice

sensitive traffic such as voice to be sent first before other cues are

to be sent first before other cues are serviced

serviced that gives voice preferential treatment

that gives voice preferential treatment over other traffic types

over other traffic types unlike priority queuing low latency

unlike priority queuing low latency queuing provides for a maximum threshold

queuing provides for a maximum threshold on the priority queue

on the priority queue then this will prevent lower priority

then this will prevent lower priority traffic from being starved by the

traffic from being starved by the priority queue

priority queue now without low latency queuing

now without low latency queuing class based waiting for queuing would

class based waiting for queuing would not have a priority queue for real-time

not have a priority queue for real-time traffic

now that we've talked about queuing let's talk about traffic shaping and

let's talk about traffic shaping and policing

policing traffic shaping and policing are

traffic shaping and policing are mechanisms that inspect traffic and then

mechanisms that inspect traffic and then take action based on the traffic's

take action based on the traffic's characteristics such as dscp

characteristics such as dscp or ip precedence bits set in the ip

or ip precedence bits set in the ip header

header traffic shaping slows down the rate at

traffic shaping slows down the rate at which packets are sent out an interface

which packets are sent out an interface by matching certain criteria

by matching certain criteria traffic shaping uses a token bucket

traffic shaping uses a token bucket technique to release the packets into

technique to release the packets into the output queue

the output queue at a pre-configured rate

at a pre-configured rate so this helps eliminate potential

so this helps eliminate potential bottlenecks by throttling back the

bottlenecks by throttling back the traffic rate at the source

traffic rate at the source traffic shipping is used on larger

traffic shipping is used on larger networks to smooth the flow of traffic

networks to smooth the flow of traffic going out to the provider

going out to the provider this is desirable for a few reasons

this is desirable for a few reasons in provider networks it prevents the

in provider networks it prevents the provider from dropping traffic that

provider from dropping traffic that exceeds the contracted rate

exceeds the contracted rate now policing is a little bit different

now policing is a little bit different because it tags or drops traffic

because it tags or drops traffic depending on the match criteria

depending on the match criteria generally speaking policing is used to

generally speaking policing is used to set the limit of incoming traffic into

set the limit of incoming traffic into an interface

an interface and then it will drop traffic that

and then it will drop traffic that exceeds what the settings were

exceeds what the settings were one example of using policing is to give

one example of using policing is to give preferential treatment to critical

preferential treatment to critical application traffic by elevating to a

application traffic by elevating to a higher class and reducing best effort

higher class and reducing best effort traffic to a lower priority class

traffic to a lower priority class the best way to compare shaping with

the best way to compare shaping with policing is to remember

policing is to remember that shaping buffers packets

that shaping buffers packets policing does not

policing does not it can be configured to drop packets

it can be configured to drop packets our final topic is link efficiency

our final topic is link efficiency within cisco ios there are several link

within cisco ios there are several link efficiency mechanisms available

efficiency mechanisms available as you can see here

as you can see here there's lfi

there's lfi which is used to reduce delay or jitter

which is used to reduce delay or jitter on slower speed links

on slower speed links multi-link ppp

multi-link ppp which bonds multiple links together

which bonds multiple links together between no two nodes which can increase

between no two nodes which can increase available bandwidth and then rtp

available bandwidth and then rtp real-time transport header compression

real-time transport header compression which can pro which provides increased

which can pro which provides increased efficiency for applications

efficiency for applications that take advantage of rtp on slower

that take advantage of rtp on slower lengths

lengths so here's what you've learned you've

so here's what you've learned you've received a high level overview of

received a high level overview of quality of service

quality of service and then you learn about quality of

and then you learn about quality of service functions such as classification

service functions such as classification congestion management

congestion management link efficiency mechanisms and then

link efficiency mechanisms and then traffic shaping and policing

traffic shaping and policing if you know this video well you'll do

if you know this video well you'll do well on your qos portion of your ccda

well on your qos portion of your ccda exam

exam and i wish you the best of luck in your

and i wish you the best of luck in your studies

hi this is david voss ccie11372 and in this video we're going to cover

and in this video we're going to cover the remaining wand technologies or

the remaining wand technologies or considerations that you need to know for

considerations that you need to know for your ccda exam we're going to cover

your ccda exam we're going to cover remote access design

remote access design then vpns

then vpns wide area network backups

wide area network backups and then finally enterprise branch

and then finally enterprise branch module design

let's start with remote access design when designing the remote access block

when designing the remote access block you must ensure that the network users

you must ensure that the network users have transparent access to the network

have transparent access to the network from wherever they are

from wherever they are just as they are connected to the actual

just as they are connected to the actual network

network the users must be able to reach the

the users must be able to reach the resources they are authorized to use as

resources they are authorized to use as they would from the enterprise campus

they would from the enterprise campus in order to provide these services the

in order to provide these services the connection requirements must be analyzed

connection requirements must be analyzed carefully

carefully in order to ensure they are fulfilled

in order to ensure they are fulfilled typical requirements include voip

typical requirements include voip support vpn support

support vpn support high volume traffic or low volume

high volume traffic or low volume traffic permanent connection is it

traffic permanent connection is it needed or not and the type of flows

needed or not and the type of flows now vpn concentrators have often be used

now vpn concentrators have often be used to accept these external sessions but

to accept these external sessions but cisco's multi-function asa platform is

cisco's multi-function asa platform is now the standard platform for providing

now the standard platform for providing both security and vpn services to the

both security and vpn services to the raz block the raz block is normally

raz block the raz block is normally comprised of firewalls and systems that

comprised of firewalls and systems that can provide vpn and security solutions

can provide vpn and security solutions all in one

all in one or they can be broken out such as vpn

or they can be broken out such as vpn concentrators dial up networking

concentrators dial up networking services

services and of course you still want to have

and of course you still want to have your security so ids and ips solutions

your security so ids and ips solutions to actively monitor any unwanted traffic

to actively monitor any unwanted traffic or activity

or activity so let's get more granular and talk

so let's get more granular and talk about vpn network design

about vpn network design even though the vpn concept involves

even though the vpn concept involves security most of the time

security most of the time unsecured vpns exist

unsecured vpns exist a very basic example of this would be

a very basic example of this would be frame relay

frame relay vpn troubleshooting is difficult to

vpn troubleshooting is difficult to manage because of the lack of visibility

manage because of the lack of visibility into the provider infrastructure

into the provider infrastructure the service provider is usually seen as

the service provider is usually seen as a cloud that aggregates all the network

a cloud that aggregates all the network locations connections

locations connections so when performing vpn troubleshooting

so when performing vpn troubleshooting you should first take a look at the

you should first take a look at the problem on your end and make sure it

problem on your end and make sure it does not reside on your devices

does not reside on your devices and then if you are sure or as sure as

and then if you are sure or as sure as you can be

you can be reach out to your isp

reach out to your isp types of vpn technologies include the

types of vpn technologies include the following

following site-to-site vpns

site-to-site vpns these are used to connect different

these are used to connect different locations over a

locations over a public infrastructure

public infrastructure now when using peer-to-peer

now when using peer-to-peer infrastructure you can communicate

infrastructure you can communicate seamlessly

seamlessly between sites without worry about ip

between sites without worry about ip addressing overlap

remote access vpns such as in the older days uh vpdn virtual private dial up

days uh vpdn virtual private dial up network although you may still see that

network although you may still see that here and there

here and there or surely you're aware of vpn software

or surely you're aware of vpn software that you can run on your laptop nowadays

that you can run on your laptop nowadays to connect into your corporate network

to connect into your corporate network and then there's extranet vpns to

and then there's extranet vpns to connect to business partners or customer

connect to business partners or customer networks

with vpns traffic is often tunneled in order to send it over an infrastructure

order to send it over an infrastructure now the tunneling methodology for layer

now the tunneling methodology for layer 3 is called gre or generic routing

3 is called gre or generic routing encapsulation

encapsulation gre allows traffic to tunnel

gre allows traffic to tunnel but it does not provide security so

but it does not provide security so let's talk about gre and then also the

let's talk about gre and then also the options you can use to provide security

options you can use to provide security over gre

over gre gre was developed as a tunneling

gre was developed as a tunneling methodology which can carry layer 3

methodology which can carry layer 3 protocols over an ip network

protocols over an ip network in essence gre creates a private

in essence gre creates a private point-to-point connection like a vpn

point-to-point connection like a vpn except gre does not provide secure

except gre does not provide secure communications but we'll deal with that

communications but we'll deal with that a little bit later

a little bit later gre works by encapsulating payload

gre works by encapsulating payload traffic inside an ip packet

traffic inside an ip packet gre tunnel endpoints send payloads

gre tunnel endpoints send payloads through tunnels by routing encapsulated

through tunnels by routing encapsulated packets through ip

packets through ip here's what makes it work

here's what makes it work the ip routers along the way do not look

the ip routers along the way do not look at the payload they look only at the

at the payload they look only at the outer ip packet as they forward it

outer ip packet as they forward it towards the gre tunnel endpoint

towards the gre tunnel endpoint and upon reaching the tunnel endpoint

and upon reaching the tunnel endpoint gre encapsulation is removed and the

gre encapsulation is removed and the payload is forwarded along to its

payload is forwarded along to its ultimate destination

ultimate destination now this is obviously very useful since

now this is obviously very useful since a gre tunnel can encapsulate almost any

a gre tunnel can encapsulate almost any type of data you want to send out a

type of data you want to send out a physical router interface

physical router interface so let's just walk through an example of

so let's just walk through an example of gre tunneling here you have a cloud and

gre tunneling here you have a cloud and let's say you have two routers and they

let's say you have two routers and they communicate over a provider network so

communicate over a provider network so there are multiple hops over this

there are multiple hops over this network and you need to you need to

network and you need to you need to tunnel traffic that the provider does

tunnel traffic that the provider does not allow the tr the provider does not

not allow the tr the provider does not allow certain traffic over their network

allow certain traffic over their network so what you do is you create two

so what you do is you create two tunnel interfaces one on router one and

tunnel interfaces one on router one and one on router two

one on router two and these are your end points for your

and these are your end points for your gre tunnel now over this jre tunnel you

gre tunnel now over this jre tunnel you can send whatever you want over it

can send whatever you want over it because it has an ip header the provider

because it has an ip header the provider provides support for ip but you can send

provides support for ip but you can send whatever you want

whatever you want over this tr over this tunnel

over this tr over this tunnel by by encapsulating it in an ip header

by by encapsulating it in an ip header and you are adhering to their standards

and you are adhering to their standards but you're also able to send traffic

but you're also able to send traffic that you need to send over your tunnel

that you need to send over your tunnel even if it's not permitted by the

even if it's not permitted by the provider on a normal basis

provider on a normal basis gre gives you that flexibility

gre gives you that flexibility when you hear the word encapsulate

when you hear the word encapsulate now you may think of security but gre by

now you may think of security but gre by itself does not provide any security for

itself does not provide any security for the data it transmits

the data it transmits so again let's take another look at gre

so again let's take another look at gre tunneling with from a secure perspective

tunneling with from a secure perspective we have two routers

we have two routers and we're going to create a jerry tunnel

and we're going to create a jerry tunnel between both of them the traffic that is

between both of them the traffic that is traversing the

traversing the the provider is encapsulated but it's

the provider is encapsulated but it's still not secure it could be viewed if

still not secure it could be viewed if if somebody wanted uh to view it um it's

if somebody wanted uh to view it um it's still in the open so you could run ipsec

still in the open so you could run ipsec and encrypt the data on let's say router

and encrypt the data on let's say router 1

1 and as it's sent over to router 2 it

and as it's sent over to router 2 it stays encrypted over the provider

stays encrypted over the provider network and then router 2 would

network and then router 2 would unencrypt that data and then send it so

unencrypt that data and then send it so again from router tutor 1 1 would work

again from router tutor 1 1 would work as well again the encryption is on the

as well again the encryption is on the routers on our end so anytime it

routers on our end so anytime it traverses the provider that data is

traverses the provider that data is secure so ip2 and gre

secure so ip2 and gre often play hand in hand

often play hand in hand the limitation of ipsec is that it can

the limitation of ipsec is that it can only protect unicast ip packets

only protect unicast ip packets so this causes issues for routing

so this causes issues for routing protocols that use ip multicasts

protocols that use ip multicasts gre allows you to get around this

gre allows you to get around this problem because gre

problem because gre a gre tunnel can encapsulate ip

a gre tunnel can encapsulate ip multicast packets so the resulting gre

multicast packets so the resulting gre packet is an ip unicast packet but which

packet is an ip unicast packet but which can then be protected by an ipsec tunnel

next let's talk about when backup design now when connectivity can achieve backup

now when connectivity can achieve backup through the following approaches

through the following approaches dial-up backup activated when a primary

dial-up backup activated when a primary link fails used to be very popular due

link fails used to be very popular due to cost and bandwidth requirements it's

to cost and bandwidth requirements it's just simply not as popular today

just simply not as popular today secondary wan link which is used for

secondary wan link which is used for backup and or load balancing this tends

backup and or load balancing this tends to be more popular

to be more popular or a shadow vpn and this is used when

or a shadow vpn and this is used when the isp

the isp establishes a second pvc or permanent

establishes a second pvc or permanent virtual circuit

virtual circuit but the user is only charged for its

but the user is only charged for its usage

usage so this can be a

so this can be a very useful when the main pvc fails or

very useful when the main pvc fails or in situations where more bandwidth is

in situations where more bandwidth is needed

finally let's talk about the enterprise branch module

branch module branch modules are sized based on the

branch modules are sized based on the number of users it needs to accommodate

number of users it needs to accommodate for example the enterprise teleworker

for example the enterprise teleworker which is generally one user

which is generally one user single tier tens of users

single tier tens of users dual tier hundreds of users and

dual tier hundreds of users and multi-tier thousands of users

multi-tier thousands of users as the number of users in the branch

as the number of users in the branch modules grows additional layers might be

modules grows additional layers might be needed the internet block generally

needed the internet block generally serves as the gateway for your internal

serves as the gateway for your internal users to the internet if they want to

users to the internet if they want to browse perform file transfers or stream

browse perform file transfers or stream audio or video presentations

audio or video presentations their flows would go in and out of this

their flows would go in and out of this block

block now notice how the internal traffic from

now notice how the internal traffic from your users is not using the same block

your users is not using the same block as those who are coming in from the

as those who are coming in from the internet this ensures that no external

internet this ensures that no external users are trying to hijack internal

users are trying to hijack internal flows

flows that being said oftentimes the internal

that being said oftentimes the internal and e-commerce blocks can share the same

and e-commerce blocks can share the same internet pipe

internet pipe but if you prefer not to do that you can

but if you prefer not to do that you can use what is called a dual homes

use what is called a dual homes connection

connection to two separate internet service

to two separate internet service providers to make sure that that traffic

providers to make sure that that traffic is segmented

is segmented now if one internet service provider did

now if one internet service provider did fail you could then allow all traffic

fail you could then allow all traffic over the same circuit as a fail safe

over the same circuit as a fail safe the internet block is comprised of

the internet block is comprised of firewalls routers http servers smtp

firewalls routers http servers smtp servers ftp servers and dns servers to

servers ftp servers and dns servers to name a few

name a few so here's what you've learned you've

so here's what you've learned you've learned about the remaining items you

learned about the remaining items you need to know for wide area network

need to know for wide area network considerations and technologies for your

considerations and technologies for your ccda exam

ccda exam some of it is granular and some about we

some of it is granular and some about we stayed high level but we definitely

stayed high level but we definitely covered it to the level you will need to

covered it to the level you will need to know

know for your ccda exam if you know what's in

for your ccda exam if you know what's in this video you should do very well

this video you should do very well good luck in your studies

hi this is david voss ccie 11372 and in this video we're covering

this video we're covering branch office design

branch office design specifically in this video you're going

specifically in this video you're going to learn about designing for a very

to learn about designing for a very small office

small office the small office

the small office a medium-sized office 4-hour versus

a medium-sized office 4-hour versus extended service

extended service a medium-sized office layer 2

a medium-sized office layer 2 and then a large size office

and then a large size office all of these are types of branch offices

all of these are types of branch offices that you'll need to know

that you'll need to know for your ccda exam

the cisco enterprise branch architecture takes into account services such as

takes into account services such as voice data video and security

voice data video and security that customers want to deploy at their

that customers want to deploy at their endpoints

endpoints no matter how far away the endpoints are

no matter how far away the endpoints are or how they are connected

or how they are connected using borderless networks the cisco

using borderless networks the cisco enterprise branch office architecture

enterprise branch office architecture should provide seamless connectivity

should provide seamless connectivity an effective network design for

an effective network design for enterprise branches and teleworkers

enterprise branches and teleworkers requires knowledge of campus

requires knowledge of campus technologies

technologies the cisco enterprise branch architecture

the cisco enterprise branch architecture is an integrated

is an integrated flexible and secure framework

flexible and secure framework for extending headquarter applications

for extending headquarter applications in real time to remote sites

in real time to remote sites it uses the cisco network architecture

it uses the cisco network architecture for the enterprise framework

for the enterprise framework but it applies it to the smaller scale

but it applies it to the smaller scale of a branch location

of a branch location common network components that can be

common network components that can be implemented in the branch include

implemented in the branch include routers that provide wan edge

routers that provide wan edge connectivity

connectivity switches that provide the lan

switches that provide the lan infrastructure

infrastructure security appliances that defend the

security appliances that defend the branch offices

branch offices wireless access points for device

wireless access points for device mobility

mobility call processing and video equipment for

call processing and video equipment for ip telephony and video support

ip telephony and video support and end user devices including ip phones

and end user devices including ip phones and computers

cisco has developed six topologies to meet remote office requirements

meet remote office requirements each design is based on a set of

each design is based on a set of requirements which we will discuss now

requirements which we will discuss now first size the primary classification

first size the primary classification criteria is the size of the remote site

criteria is the size of the remote site the size of the remote site is based on

the size of the remote site is based on the number of ports required which is

the number of ports required which is dependent on the number of employees at

dependent on the number of employees at the site

the site and any special application supported in

and any special application supported in the remote site

the remote site some sites allocate two to four ports

some sites allocate two to four ports per employee while others allocate fewer

per employee while others allocate fewer than one port per employee

than one port per employee in addition to head count other factors

in addition to head count other factors that may impact the total poor count

that may impact the total poor count this can be such things as meeting rooms

this can be such things as meeting rooms public areas reception

public areas reception and other it devices or security cameras

next wiring closets different buildings may require only one or more than one

may require only one or more than one wiring closet

wiring closet since some cabling can only carry for

since some cabling can only carry for example 100 megabits per second fast

example 100 megabits per second fast ethernet for about 100 meters

ethernet for about 100 meters any building longer than 200 meters

any building longer than 200 meters should have more than one wiring closet

should have more than one wiring closet multi-storied buildings should also have

multi-storied buildings should also have more than one wiring closet

more than one wiring closet please note that while large and

please note that while large and multi-storey buildings often house more

multi-storey buildings often house more users and more ports that's not always

users and more ports that's not always the case

let's go ahead and take a look at some of the office types

of the office types the very small office model covers

the very small office model covers offices servicing approximately one to

offices servicing approximately one to five people

five people where service level agreements can be

where service level agreements can be negotiated around the lack of redundancy

negotiated around the lack of redundancy for data and voice networking

for data and voice networking examples of small offices include

examples of small offices include the convenient office a small office

the convenient office a small office with a client company

with a client company or a small cisco leased office with

or a small cisco leased office with shared facilities such as phones and

shared facilities such as phones and internet connection

a very small office is defined as having one or all of the following

as having one or all of the following characteristics

characteristics the maximum number of access ports to be

the maximum number of access ports to be supported at the remote site is 23.

supported at the remote site is 23. the site does not require any redundancy

the site does not require any redundancy in terms of leased switches or devices

in terms of leased switches or devices on the network

on the network voice enabled cisco isr 3845

voice enabled cisco isr 3845 router would be a good example of the

router would be a good example of the hardware you would use

hardware you would use using an etherswitch service module

using an etherswitch service module iphones and access points

iphones and access points the site can be supported by a

the site can be supported by a traditional lease line based wan or vpn

traditional lease line based wan or vpn connection over the public internet with

connection over the public internet with reduced sla

the next site we'll discuss is the small office

office the small office model is designed to

the small office model is designed to support offices with a total poor count

support offices with a total poor count not exceeding 288

not exceeding 288 the design is flexible enough to be used

the design is flexible enough to be used in implementations where either all

in implementations where either all access ports are aggregated into a

access ports are aggregated into a single wiring closet or where the access

single wiring closet or where the access ports are broken into different wiring

ports are broken into different wiring closets up to the total of

closets up to the total of five a small office is defined as one

five a small office is defined as one that has the following characteristics

that has the following characteristics maximum number of access ports 288

maximum number of access ports 288 redundancy is achieved by deploying dual

redundancy is achieved by deploying dual wind gateways each with their own when

wind gateways each with their own when circuit where more than one switch is

circuit where more than one switch is present in the same wiring closet the

present in the same wiring closet the switches are deployed in a stack

switches are deployed in a stack at minimum two switches should be

at minimum two switches should be stacked together in the core

stacked together in the core hardware a typical hardware you'd find

hardware a typical hardware you'd find would be a cisco 3845 router

would be a cisco 3845 router and up to six switches

and up to six switches using ip phones and wireless access

using ip phones and wireless access points

points it is the preference for this site to be

it is the preference for this site to be deployed using a permanent wind service

deployed using a permanent wind service but if that is not possible then a

but if that is not possible then a vpn connection over the public internet

vpn connection over the public internet can be used

the next branch office model is the medium-sized office

medium-sized office this design covers medium-sized offices

this design covers medium-sized offices where critical service is required

where critical service is required and this is where we talk about the

and this is where we talk about the cisco smartnet contract or support

cisco smartnet contract or support contract

contract this design is classified into two

this design is classified into two separate models which cisco specifically

separate models which cisco specifically refers to as four hour

refers to as four hour and four hour extended

and four hour extended for our extended model includes an

for our extended model includes an additional switch to support sites with

additional switch to support sites with a secondary communication room or wiring

a secondary communication room or wiring closet

closet a medium office 4-hour extended is

a medium office 4-hour extended is defined as one that has the following

defined as one that has the following characteristics

characteristics up to 336 switch ports

up to 336 switch ports for 4-hour model and 672 ports for the

for 4-hour model and 672 ports for the extended model

extended model one or two communication rooms or wiring

one or two communication rooms or wiring closets

closets redundancy is achieved by deploying dual

redundancy is achieved by deploying dual wind gateways each with their own wind

wind gateways each with their own wind circuit each lan switch is deployed with

circuit each lan switch is deployed with dual supervisors and dual power supplies

the site would have a cisco router with an etherswitch service module

an etherswitch service module supporting iphones and access points

supporting iphones and access points it is the preference for the site to be

it is the preference for the site to be deployed using a permanent win service

deployed using a permanent win service but if that is not possible then a vpn

but if that is not possible then a vpn connection over the public internet

connection over the public internet can be used

the next model is the medium-sized office

office this design caters for medium-sized

this design caters for medium-sized offices where the total pour cone does

offices where the total pour cone does not exceed

not exceed 1344 ports

1344 ports and where there are no more than three

and where there are no more than three wiring closets

wiring closets typically you'll find higher powered

typically you'll find higher powered dual switches that are deployed in the

dual switches that are deployed in the core

core even though they already have dual power

even though they already have dual power supplies and dual processors

supplies and dual processors this is done for offices where shipping

this is done for offices where shipping in local customs may cause replacement

in local customs may cause replacement equipment to be delayed

equipment to be delayed or where the potential impact to the

or where the potential impact to the client is far too great to implement a

client is far too great to implement a four hour model

a medium-sized office is defined as one that has the following characteristics

that has the following characteristics up to 672 switch ports for layer 2

up to 672 switch ports for layer 2 and 1 344 ports using the extended model

between one and three wiring closets redundancy is achieved by deploying dual

redundancy is achieved by deploying dual wind gateways each with their own wind

wind gateways each with their own wind circuit

circuit each lan switch is deployed with dual

each lan switch is deployed with dual supervisors and dual power supplies

supervisors and dual power supplies voice enabled router with up to four

voice enabled router with up to four high powered switches

high powered switches with dual supervisors and dual power

with dual supervisors and dual power supplies the cisco catalyst 6500 series

supplies the cisco catalyst 6500 series is the typical switch you would find in

is the typical switch you would find in the core

the core and this is supporting iphones and

and this is supporting iphones and access points

access points it's the preference for this site to be

it's the preference for this site to be deployed using a permanent wind service

deployed using a permanent wind service but again if that's not possible

but again if that's not possible then a vpn connection over the public

then a vpn connection over the public internet can be used

the next model we'll talk about is large size office

size office the large office model caters to all

the large office model caters to all remaining sites exceeding the

remaining sites exceeding the specification for the proceeding models

specification for the proceeding models typically the sites have a requirement

typically the sites have a requirement of greater than 1 344 points ports and

of greater than 1 344 points ports and or more than three wiring closets the

or more than three wiring closets the large size office has a distribution

large size office has a distribution layer to support the extended network

layer to support the extended network these sites differ from earlier

these sites differ from earlier topologies because the switches are

topologies because the switches are redundant the port capacity is larger

redundant the port capacity is larger and the business supported at these

and the business supported at these sites is critical

sites is critical within cisco i.t this model is typically

within cisco i.t this model is typically referred to as the complex model

referred to as the complex model a large size office is defined as one

a large size office is defined as one that has the following characteristics

that has the following characteristics 1344 access ports and beyond

1344 access ports and beyond no restriction on the number of wiring

no restriction on the number of wiring closets redundancy is achieved by

closets redundancy is achieved by deploying dual wind gateways

deploying dual wind gateways each with their own lan circuit each lan

each with their own lan circuit each lan switch is deployed with dual supervisors

switch is deployed with dual supervisors and dual power supplies

and dual power supplies the hardware would be a voice enabled

the hardware would be a voice enabled cisco router

cisco router with typically higher end cisco switches

with typically higher end cisco switches like the catalyst 6500

like the catalyst 6500 using dual supervisors and dual power

using dual supervisors and dual power supplies

supplies also supporting iphones and access

also supporting iphones and access points

points it is a requirement for this

it is a requirement for this type of site to be deployed using a

type of site to be deployed using a permanent win service and cisco does not

permanent win service and cisco does not suggest or it would not qualify for this

suggest or it would not qualify for this type of

type of deployment

deployment using a vpn solution over the internet

so here's what you've learned you've learned about

learned about branch office design

branch office design specifically the six different models

specifically the six different models that is the very small office small

that is the very small office small office

office medium-sized office four-hour versus

medium-sized office four-hour versus extended service

extended service medium-sized office layer two

medium-sized office layer two and the large size office

and the large size office all this information you'll need to know

all this information you'll need to know for your ccda exam

for your ccda exam but also certainly to make you a

but also certainly to make you a stronger design engineer in your

stronger design engineer in your enterprise

enterprise good luck in your studies

so [Music]

hi this is david voss ccie11372 and in this video you're going to learn

and in this video you're going to learn about ipv4

about ipv4 addressing

addressing specifically you're going to learn about

specifically you're going to learn about ipv4 addresses

ipv4 addresses subnets

subnets and then we'll finish it off

and then we'll finish it off with tcp udp and iep headers

with tcp udp and iep headers so let's go ahead and begin with a basic

so let's go ahead and begin with a basic introduction to ipv4

introduction to ipv4 addresses

addresses an ip address is a unique logical number

an ip address is a unique logical number to a network device or interface

to a network device or interface it is 32 bits in length

it is 32 bits in length and to make the number easier to read

and to make the number easier to read the dotted decimal format is used

the dotted decimal format is used the bits are combined into four 8-bit

the bits are combined into four 8-bit groups

groups each converted into decimal numbers

each converted into decimal numbers for example as you will see here this

for example as you will see here this address is 10.128.0.1

the first octet dictates which class the ip address is it

ip address is it as you see in this diagram

as you see in this diagram the beginning bits of the first octet

the beginning bits of the first octet will dictate what class the ip address

will dictate what class the ip address is

is there are five classes

there are five classes a b c d and e

a b c d and e and let's go ahead and talk about each

and let's go ahead and talk about each of those at this time

of those at this time class a addresses range from 0 to 127 in

class a addresses range from 0 to 127 in the first byte

the first byte network numbers available for assignment

network numbers available for assignment to organizations

to organizations are from 1.0.0.0

are from 1.0.0.0 to 126.0.0.0.

by default for class a addresses

for class a addresses the first byte is the network number

the first byte is the network number and then the three remaining bytes are

and then the three remaining bytes are the host number

the host number class b addresses range from 128 to 191

class b addresses range from 128 to 191 in the first byte

in the first byte network numbers assigned to companies or

network numbers assigned to companies or other organizations are from 128.0.0.0

by default for class b addresses the first two bytes are the network number

first two bytes are the network number and the remaining two bytes are the host

and the remaining two bytes are the host number

class c addresses range from 192 to 223 in the first byte

to 223 in the first byte network numbers assigned to companies

network numbers assigned to companies are from 192.0.0.0

to 223 255 255.0

255.0 the format is the first three bytes are

the format is the first three bytes are the network number and the last byte is

the network number and the last byte is the host number

class d addresses range from 224 to 239 in the first byte

to 239 in the first byte network numbers assigned to multicast

network numbers assigned to multicast groups range from 224.0.0.1

to 239 255 255 2555 please note that these addresses do not

please note that these addresses do not have a host or network portion

class e addresses range from 240 to 254 in the first byte

in the first byte these addresses are reserved for

these addresses are reserved for experimental networks

experimental networks network 255 is reversed it is reserved

network 255 is reversed it is reserved for the broadcast address

for the broadcast address such as all 255's

such as all 255's again take a look at this table and you

again take a look at this table and you will see the summary of the ipv4 address

will see the summary of the ipv4 address classes

classes each address class can be uniquely

each address class can be uniquely identified

identified in binary by the high order bits

now subnetting plays an important role in ipv4 addressing

in ipv4 addressing since you want to be able to break down

since you want to be able to break down the networks into smaller ones

the networks into smaller ones as you can see here we have a class a ip

as you can see here we have a class a ip address

address and if we were to use its default subnet

and if we were to use its default subnet mask

mask it would be a slash eight that is the

it would be a slash eight that is the first eight binary bits

first eight binary bits would be ones and the rest would be

would be ones and the rest would be zeros but this would mean we have

zeros but this would mean we have hundreds of thousands of ip addresses in

hundreds of thousands of ip addresses in this one subnet

this one subnet let's say we want to use this ip address

let's say we want to use this ip address on our internal network and simply

on our internal network and simply assign it to one small portion of our

assign it to one small portion of our network where there are 100 users

network where there are 100 users in that case we would want to assign a

in that case we would want to assign a smaller subnet let's say a slash 24

smaller subnet let's say a slash 24 so subnetting allows us to put it on a

so subnetting allows us to put it on a smaller network with fewer hosts

smaller network with fewer hosts so the subnet mask is a 32-bit number in

so the subnet mask is a 32-bit number in which the bits are set to 1

which the bits are set to 1 to identify this network portion of the

to identify this network portion of the address and the 0 then identifies the

address and the 0 then identifies the host portion of the address

host portion of the address as you can see here we will now set to 1

as you can see here we will now set to 1 the first 24 bits

the first 24 bits and that will mark off the subnet which

and that will mark off the subnet which is now a slash 24

is now a slash 24 which means

which means that 10.128

that 10.128 dot

dot 24

24 is a dedicated network that can host

is a dedicated network that can host 254 hosts

next let's briefly cover the headers for tcp ip and udp

tcp ip and udp what you see before you is the ip header

what you see before you is the ip header you will need to know the functions for

you will need to know the functions for each of the fields you see before you

each of the fields you see before you let me cover some of the functions that

let me cover some of the functions that you will most likely need to know for

you will most likely need to know for your exam and in real world

your exam and in real world troubleshooting

troubleshooting first there's the version field

first there's the version field the version field indicates that it is

the version field indicates that it is ipv4 in this instance with a value of 0

ipv4 in this instance with a value of 0 1 0

1 0 0. then there's the type of service

0. then there's the type of service field

field this field is

this field is commonly referred to as the type of

commonly referred to as the type of service byte it has eight bits used to

service byte it has eight bits used to set quality of service markings and

set quality of service markings and specifically within this field is dscp

specifically within this field is dscp the six left most bits are used for dscp

the six left most bits are used for dscp which obviously commonly is associated

which obviously commonly is associated with quality of service marking

with quality of service marking next is the ip flags field this is a

next is the ip flags field this is a three bit field

three bit field the second bit of this field is the df

the second bit of this field is the df or do not fragment fragment bit

or do not fragment fragment bit and that indicates that a packet should

and that indicates that a packet should not be fragmented

not be fragmented then there's the time to live field this

then there's the time to live field this is an 8-bit field that is decremented by

is an 8-bit field that is decremented by one each time a packet is routed from

one each time a packet is routed from one ip network to another

one ip network to another if ttl ever reaches zero the packet is

if ttl ever reaches zero the packet is discarded

discarded the protocol field which is an 8-bit

the protocol field which is an 8-bit field specifies what kind of data

field specifies what kind of data type of data is encapsulated

type of data is encapsulated in the packet

in the packet tcp and udp are common protocols

tcp and udp are common protocols identified by this field

identified by this field finally the source address field which

finally the source address field which is a 32-bit field indicating the source

is a 32-bit field indicating the source of the ipv4 packet and then the

of the ipv4 packet and then the destination address field which again is

destination address field which again is a 32-bit destination destination address

a 32-bit destination destination address which indicates the destination

which indicates the destination for that packet next let's move on to

for that packet next let's move on to the tcp segment header here are some of

the tcp segment header here are some of the fields you will certainly need to

the fields you will certainly need to know you have the source port field

know you have the source port field which is the 16-bit field indicating the

which is the 16-bit field indicating the sending port number and the destination

sending port number and the destination port field again a 16-bit field so for

port field again a 16-bit field so for example

example if you connect to

if you connect to howtonetwork.com you're connecting

howtonetwork.com you're connecting to a destination port of 80 which is the

to a destination port of 80 which is the tcp port for http the sequence number

tcp port for http the sequence number field is a 32-bit field indicating the

field is a 32-bit field indicating the amount of data sent during a tcp session

amount of data sent during a tcp session the sending party uses this field to

the sending party uses this field to make sure the receiving party actually

make sure the receiving party actually received the data

received the data the receiving party uses the sequence

the receiving party uses the sequence number from this field as the basis for

number from this field as the basis for the acknowledgment number

the acknowledgment number in the next segment that it sends back

in the next segment that it sends back to the sender and then the window field

to the sender and then the window field which is a 16-bit field it specifies the

which is a 16-bit field it specifies the number of bytes a sender is willing to

number of bytes a sender is willing to transmit

transmit before receiving an acknowledgement from

before receiving an acknowledgement from the receiver known as the round trip

the receiver known as the round trip time the other iplayer for transport

time the other iplayer for transport protocol is udp udp is considered to be

protocol is udp udp is considered to be an unreliable protocol because it lacks

an unreliable protocol because it lacks all of the features of tcp there's no

all of the features of tcp there's no sequence numbering no window size no

sequence numbering no window size no acknowledgements

acknowledgements you can see here the header is quite

you can see here the header is quite simple

simple it contains only source and destination

it contains only source and destination port numbers

port numbers and then a udp checksum and then segment

and then a udp checksum and then segment length so why use udp well it's best for

length so why use udp well it's best for servicing applications that need to

servicing applications that need to maximize bandwidth and do not require

maximize bandwidth and do not require acknowledgements such as video streams

acknowledgements such as video streams or audio and in fact the primary

or audio and in fact the primary protocol used to carry voice and video

protocol used to carry voice and video traffic over networks is

traffic over networks is rtp

rtp real-time transport protocol

real-time transport protocol and that's a layer 4 protocol that is

and that's a layer 4 protocol that is encapsulated inside of

encapsulated inside of udp so here's what you learned you

udp so here's what you learned you learned about the basics of ipv4

learned about the basics of ipv4 addressing and subnets

addressing and subnets and then you received a brief overview

and then you received a brief overview of tcp udp and ip headers

of tcp udp and ip headers all this information will come in handy

all this information will come in handy on your ccda exam good luck in your

on your ccda exam good luck in your studies

hi this is david voss ccie11372 in this video we will be

ccie11372 in this video we will be discussing ip version 6 addressing

discussing ip version 6 addressing so let's ask the basic question

so let's ask the basic question why even upgrade to ipv version 6 other

why even upgrade to ipv version 6 other than the fact that you simply get more

than the fact that you simply get more ip addresses

ip addresses well there's a lot of reasons why you

well there's a lot of reasons why you would want to upgrade to ipv version 6

would want to upgrade to ipv version 6 and here are a few of them spelled out

and here are a few of them spelled out for you which i think you'll need to

for you which i think you'll need to know for your ccnp route again exam but

know for your ccnp route again exam but please note you no longer need nat or

please note you no longer need nat or pat it has inherent ipsec support these

pat it has inherent ipsec support these are key and critical updates now once

are key and critical updates now once you've committed to using ipv6 you need

you've committed to using ipv6 you need to understand how these different ip

to understand how these different ip addresses are labeled there's a global

addresses are labeled there's a global unicast address these are unicast

unicast address these are unicast packets sent through the public internet

packets sent through the public internet with public ipa addresses

with public ipa addresses unique local which are unicast packets

unique local which are unicast packets inside one organization which is

inside one organization which is basically equal to your private ipa

basically equal to your private ipa addressing

addressing link local which are packets sent to a

link local which are packets sent to a local subnet and are not rotter audible

local subnet and are not rotter audible across networks

and and then finally take note of the loopback address which you know from

loopback address which you know from ipv4 is 127.001

ipv4 is 127.001 ipv6 also has a loopback addressing as

ipv6 also has a loopback addressing as well

well an ipv6 address has 128 bits

an ipv6 address has 128 bits broken out into 32 hexadecimal numbers

broken out into 32 hexadecimal numbers organized into eight quartets

organized into eight quartets so here is the hexadecimal numbering

so here is the hexadecimal numbering system

system which i'm sure we won't need much of a

which i'm sure we won't need much of a refresher on but we do need to use it to

refresher on but we do need to use it to understand ipv6

understand ipv6 and here is an ipv6 ip address and as

and here is an ipv6 ip address and as you can see it looks quite long mainly

you can see it looks quite long mainly because we're used to looking at ipv4

because we're used to looking at ipv4 addresses so

addresses so this ups the game a little bit and we

this ups the game a little bit and we may begin to wonder how we're going to

may begin to wonder how we're going to support this on our network or document

support this on our network or document this and we get concerned about managing

this and we get concerned about managing a network addressing this long well

a network addressing this long well there are built-in mechanisms within ib

there are built-in mechanisms within ib version 6 to help us manage it and we're

version 6 to help us manage it and we're going to cover that

going to cover that there's ways you can summarize ipv6

there's ways you can summarize ipv6 addresses to make it more manageable not

addresses to make it more manageable not only to read but to understand and

only to read but to understand and explain to other people

explain to other people so you can shorten an ipv6 by omit by

so you can shorten an ipv6 by omit by omitting the leading zeros in any any

omitting the leading zeros in any any given quartet or you can represent one

given quartet or you can represent one or more consecutive quartets

or more consecutive quartets with a double colon

with a double colon so here you see an ipv version six

so here you see an ipv version six address with many zeros in it here's how

address with many zeros in it here's how we can summarize it

we can summarize it on the left hand side you can see that

on the left hand side you can see that we used a double colon to represent the

we used a double colon to represent the first

first the second and third quartet and then we

the second and third quartet and then we summarize the remaining quartets of

summarize the remaining quartets of zeros and in the second example we did

zeros and in the second example we did the opposite we summarized the first two

the opposite we summarized the first two quartets with zeros

quartets with zeros and then use the double colon for the

and then use the double colon for the end you can only use the double colon

end you can only use the double colon once in an ipv version 6 ipa address

once in an ipv version 6 ipa address so here we see an ip version 6ip address

so here we see an ip version 6ip address and this is the subnet it's this

and this is the subnet it's this remember it's a slash 64. so we're

remember it's a slash 64. so we're matching the first 64 bits as you see

matching the first 64 bits as you see here

here and this also can be summarized you

and this also can be summarized you don't need to write out all these zeros

don't need to write out all these zeros so to explain what the subnet is to

so to explain what the subnet is to somebody you can simply write it out

somebody you can simply write it out this way

this way so ipv6 is manageable it gives you tools

so ipv6 is manageable it gives you tools to manage it

to manage it so whether you're reviewing

so whether you're reviewing documentation or holding a general

documentation or holding a general discussion about your network or simply

discussion about your network or simply logging into a cisco router to take a

logging into a cisco router to take a look at what's going on

look at what's going on understanding abbreviation is key to

understanding abbreviation is key to ipv6

ipv6 here are some other ways we can

here are some other ways we can understand ipv6 addressing

understand ipv6 addressing in our first example you'll see that

in our first example you'll see that it's 2 0 0 0 and then a double colon

it's 2 0 0 0 and then a double colon slash four

slash four the slash four would match the first

the slash four would match the first four bits and hex that would be zero

four bits and hex that would be zero zero one zero

zero one zero so all addresses whose first four bits

so all addresses whose first four bits are equal to the first four bits of the

are equal to the first four bits of the hex number

hex number two zero zero zero

two zero zero zero in the second second example we're

in the second second example we're matching all addresses whose first 20

matching all addresses whose first 20 bits match the listed hex number and you

bits match the listed hex number and you can see in red

can see in red what match that would be

what match that would be and then the final example all addresses

and then the final example all addresses whose first 32 bits match the listed hex

whose first 32 bits match the listed hex number

here's another ipv6 address how do we break it out into subnets well here you

break it out into subnets well here you have it

have it we're honoring the first 48 bits of this

we're honoring the first 48 bits of this range and then we are breaking this out

range and then we are breaking this out into smaller subnets as you can see here

so here's what you've learned you've learned about some basic ip version 6

learned about some basic ip version 6 concepts and why you may want to upgrade

concepts and why you may want to upgrade to ipv6 beyond just for the reason of

to ipv6 beyond just for the reason of obtaining more ipa addresses you've also

obtaining more ipa addresses you've also learned about the addressing and how the

learned about the addressing and how the addressing can be abbreviated

addressing can be abbreviated i wish you the best of luck in your

i wish you the best of luck in your studies thank you

hi this is david voss ccie11372 and in this video

ccie11372 and in this video we're going to cover routing protocol

we're going to cover routing protocol concepts to introduce you to routing

concepts to introduce you to routing protocols for your ccda exam cisco wants

protocols for your ccda exam cisco wants you to be able to identify the

you to be able to identify the attributes of routing protocols so you

attributes of routing protocols so you can make the correct design decisions

can make the correct design decisions the fundamental question is which

the fundamental question is which routing protocol should you use

routing protocol should you use when answering that question you must

when answering that question you must keep in mind

keep in mind the following characteristics of routing

the following characteristics of routing protocols

protocols and cisco wants you to remember all of

and cisco wants you to remember all of these

these first is scalability how large is your

first is scalability how large is your network now

network now how large will it become

how large will it become this is important because there are

this is important because there are versions of rip or actually all versions

versions of rip or actually all versions of rip have a maximum hop count of 15

of rip have a maximum hop count of 15 routers

routers ospf and eigrp scale much better and bgp

ospf and eigrp scale much better and bgp is the primary routing protocol used on

is the primary routing protocol used on the internet so obviously it scales very

the internet so obviously it scales very well and many companies in fact use bgp

well and many companies in fact use bgp internally for that reason

internally for that reason vendor interoperability

vendor interoperability will you be using all cisco routers on

will you be using all cisco routers on your network or will be a blend of cisco

your network or will be a blend of cisco and non-cisco

and non-cisco why is that important well rip and ospf

why is that important well rip and ospf work fine regardless of vendor and now

work fine regardless of vendor and now even cisco has taken steps to ensure

even cisco has taken steps to ensure eigrp can be used by any networking

eigrp can be used by any networking vendor the question is do they support

vendor the question is do they support it rip and ospf and bgp most likely

it rip and ospf and bgp most likely eigrp maybe or maybe not by non-cisco

eigrp maybe or maybe not by non-cisco vendors

vendors it staffs familiarity with the protocol

it staffs familiarity with the protocol you and the it staff at your company

you and the it staff at your company might be much more familiar with one

might be much more familiar with one routing protocol over another

routing protocol over another i worked at a company where we had an

i worked at a company where we had an internal debate over eigrp versus ospf

internal debate over eigrp versus ospf and the tipping point for the

and the tipping point for the conversation was what protocols did the

conversation was what protocols did the engineers already know or want to learn

engineers already know or want to learn better

better it was ospf

it was ospf and therefore that's what we went with

and therefore that's what we went with as far as our design decision that was

as far as our design decision that was the tipping point

the tipping point you will have the same debates

you will have the same debates internally and should be prepared for

internally and should be prepared for this in your decision making process

this in your decision making process speed of convergence

speed of convergence a benefit of dynamic routing protocols

a benefit of dynamic routing protocols over static routes is the ability for

over static routes is the ability for dynamic routing protocols to reroute

dynamic routing protocols to reroute around network failures

around network failures when this failure occurs the network

when this failure occurs the network recalculates and reaches a steady state

recalculates and reaches a steady state condition this is called the state of

condition this is called the state of being a converged network

being a converged network the amount of time for the failure to

the amount of time for the failure to occur is called the convergence time

occur is called the convergence time now some routing protocols have faster

now some routing protocols have faster convergence times than others this is

convergence times than others this is important because when a network is not

important because when a network is not in a steady state data can be dropped or

in a steady state data can be dropped or looped within the network you should

looped within the network you should know that because rip and bgp might take

know that because rip and bgp might take up to a few minutes to converge by

up to a few minutes to converge by contrast ospf and eigrp can converge in

contrast ospf and eigrp can converge in just a few seconds

just a few seconds the capability to perform summarization

the capability to perform summarization large enterprise networks can have

large enterprise networks can have routing tables with

routing tables with many route entries and network

many route entries and network summarization allows multiple routes to

summarization allows multiple routes to then be summarized into a single route

then be summarized into a single route advertisement

advertisement so it reduces the number of entries in a

so it reduces the number of entries in a router's routing table that eats up less

router's routing table that eats up less memory and also cpu because it reduces

memory and also cpu because it reduces the number of network advertisements

the number of network advertisements that need to be sent

that need to be sent and that can obviously increase

and that can obviously increase convergence time as well

convergence time as well here's a perfect example let's say we're

here's a perfect example let's say we're looking at the routing table of a core

looking at the routing table of a core router and it knows about all the branch

router and it knows about all the branch offices and let's say there are

offices and let's say there are 255 branch offices and each are a lot of

255 branch offices and each are a lot of the slash 24 and they're assigned a

the slash 24 and they're assigned a 192.168

192.168 x.04 network now sure the core router

x.04 network now sure the core router has

has individual entries for all of these

individual entries for all of these routes and knows how to reach all of

routes and knows how to reach all of them through separate interfaces or

them through separate interfaces or tunnels

tunnels but all these routes do not need to be

but all these routes do not need to be passed individually throughout the

passed individually throughout the network onto a neighbor through a route

network onto a neighbor through a route advertisement they can be summarized

advertisement they can be summarized using one summary route

using one summary route 192.16800 16. so as you can see using

192.16800 16. so as you can see using summarization we're saving a lot of

summarization we're saving a lot of memory and cpu by simply summarizing

memory and cpu by simply summarizing all of these routes

all of these routes into one single route

interior or exterior routing a key term you need to understand is as

a key term you need to understand is as which stands for autonomous system and

which stands for autonomous system and this is a network under a single

this is a network under a single administrative control

administrative control a network

a network might be a single as and when it

might be a single as and when it connects to let's say another network

connects to let's say another network let's say an internet service provider

let's say an internet service provider then it's connecting to a separate as

then it's connecting to a separate as when you're selecting a routing protocol

when you're selecting a routing protocol you need to determine is it running

you need to determine is it running inside your network or will you be

inside your network or will you be running it with somebody outside of your

running it with somebody outside of your network

network to answer the question as to what

to answer the question as to what routing protocol you should run you need

routing protocol you should run you need to understand if you need an igp an

to understand if you need an igp an interior gateway protocol or a egp an

interior gateway protocol or a egp an exterior gateway protocol an igp

exterior gateway protocol an igp exchanges routes between routers in a

exchanges routes between routers in a single as

single as common igps are eigrp or ospf

common igps are eigrp or ospf and then rip and isis are also used but

and then rip and isis are also used but not as much

not as much today the only egp in use is bgp but

today the only egp in use is bgp but please note that bgp is sometimes also

please note that bgp is sometimes also used as an interior gateway protocol as

used as an interior gateway protocol as well

well there are two types of routing protocols

there are two types of routing protocols the first type is distance vector

the first type is distance vector distance vector routing protocols send a

distance vector routing protocols send a full copy of the router's routing table

full copy of the router's routing table to directly attach neighbors

to directly attach neighbors now obviously this is not very efficient

now obviously this is not very efficient because it's sending information to a

because it's sending information to a neighbor even if the neighbor already

neighbor even if the neighbor already has that information

has that information this can lead to slower convergence time

this can lead to slower convergence time with slow convergence time you then

with slow convergence time you then can introduce routing loops the routing

can introduce routing loops the routing protocols that are considered distance

protocols that are considered distance vector are rip and eigrp

vector are rip and eigrp there are two mechanisms that you can

there are two mechanisms that you can use to deal with routing loops that

use to deal with routing loops that cisco wants you to know

cisco wants you to know the first is split horizon

the first is split horizon this prevents a route learned on an

this prevents a route learned on an interface from being advertised back out

interface from being advertised back out that same interface i'll show you a

that same interface i'll show you a diagram in a minute so this makes more

diagram in a minute so this makes more sense and then there's poison reverse

sense and then there's poison reverse which causes a route received on one

which causes a route received on one interface

interface to then be advertised out the same

to then be advertised out the same interface with an infinite metric so

interface with an infinite metric so that nobody actually wants to use it

that nobody actually wants to use it but let's go ahead and take a look at

but let's go ahead and take a look at the diagram so we can better understand

the diagram so we can better understand the issue with routing loops and

the issue with routing loops and distance vector routing protocols and

distance vector routing protocols and then what we can do about it with split

then what we can do about it with split horizon or poison reverse

horizon or poison reverse as you can see here we have a basic

as you can see here we have a basic point-to-point network router one

point-to-point network router one connecting to router two over serial

connecting to router two over serial interface

interface and then a network one nine two one six

and then a network one nine two one six eight one

eight one dot zero slash twenty four

dot zero slash twenty four which is then advertised out serial 0

which is then advertised out serial 0 over to router 1.

over to router 1. router 1 then learns that

router 1 then learns that route and places it in its routing table

route and places it in its routing table as you can see here with a metric of one

as you can see here with a metric of one one hop now what if ethernet 0 on router

one hop now what if ethernet 0 on router 2 were to go down and the network were

2 were to go down and the network were no longer available the problem with

no longer available the problem with distance vector routing

distance vector routing is that router 1 is going to send its

is that router 1 is going to send its full routing table over to router 2.

full routing table over to router 2. while router 2 does not know about

while router 2 does not know about 192.168.1.0 anymore so when it receives

192.168.1.0 anymore so when it receives the subnet advertisement

the subnet advertisement from router 1 of 192.168.1.0

from router 1 of 192.168.1.0 it's going to accept it and place it in

it's going to accept it and place it in its routing table with a metric of two

its routing table with a metric of two and this is where we introduce routing

and this is where we introduce routing loops router two will then forward

loops router two will then forward traffic over to router one router one

traffic over to router one router one thinks it can reach that network via

thinks it can reach that network via router two and traffic will then loop

router two and traffic will then loop between the two routers

between the two routers this obviously is not ideal now you've

this obviously is not ideal now you've already learned about the two solutions

already learned about the two solutions to deal with that and you'll need to

to deal with that and you'll need to know it for your ccmp exam split horizon

know it for your ccmp exam split horizon will prevent a route learned on an

will prevent a route learned on an interface but from being advertised back

interface but from being advertised back out that same interface

out that same interface and then poison reverse which causes a

and then poison reverse which causes a route received on one interface to be

route received on one interface to be advertised out that same interface with

advertised out that same interface with an infinite metric

the next type of routing protocol you need to be aware of is the link state

need to be aware of is the link state routing protocol

routing protocol routers send link state advertisements

routers send link state advertisements or lsa to advertise the networks they

or lsa to advertise the networks they know how to reach

know how to reach so they don't send the full routing

so they don't send the full routing table just the networks they know how to

table just the networks they know how to reach and only when there is a change in

reach and only when there is a change in the topology

the topology they only exchange full routing

they only exchange full routing information when two routers initially

information when two routers initially form their adjacency but from there on

form their adjacency but from there on out it's on a need to know basis

out it's on a need to know basis the routing protocols that are link

the routing protocols that are link state routing protocols are ospf and

state routing protocols are ospf and isis

isis and the final type of routing protocol

and the final type of routing protocol you need to know is path vector bgp is

you need to know is path vector bgp is path vector and it includes information

path vector and it includes information not just about the neighbor but the

not just about the neighbor but the exact path that packets take to reach a

exact path that packets take to reach a specific destination network so when you

specific destination network so when you do look at bgpu advertisements you can

do look at bgpu advertisements you can see exactly over what autonomous systems

see exactly over what autonomous systems that traffic is flowing over

that traffic is flowing over so you've learned about the role of

so you've learned about the role of routing in an enterprise network and the

routing in an enterprise network and the different layers of enterprise network

different layers of enterprise network design and then you learn the basic

design and then you learn the basic characteristics of routing protocols

characteristics of routing protocols which is really going to help you as you

which is really going to help you as you solidify your foundation

solidify your foundation and now you move forward in your ccmp

and now you move forward in your ccmp studies i'm sure you're going to do

studies i'm sure you're going to do great and continue on with the video

great and continue on with the video series and good luck to you in your

series and good luck to you in your studies

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about

to learn about rip design

rip design specifically we're going to

specifically we're going to first learn about rip version one so you

first learn about rip version one so you can lay a foundation for understanding

can lay a foundation for understanding rip version two

rip version two since that is the version most commonly

since that is the version most commonly used today and if you were to design a

used today and if you were to design a network using rip most likely that would

network using rip most likely that would be the version you would choose

be the version you would choose so let's begin with rip version one

so let's begin with rip version one now the major drawback of rip version

now the major drawback of rip version one and why many don't use it today is

one and why many don't use it today is that it has classful behavior meaning

that it has classful behavior meaning that it does not send back subnet mask

that it does not send back subnet mask information

information now if there is no subnet mask

now if there is no subnet mask information in the updates

information in the updates then it assumes that any network is

then it assumes that any network is staying within its class full boundary

staying within its class full boundary which in as you know in most networks

which in as you know in most networks today that's rare

today that's rare as you can see here each class has a

as you can see here each class has a range of ip addresses that it would

range of ip addresses that it would support

support and if it were to remain on classful

and if it were to remain on classful boundaries that would mean that you

boundaries that would mean that you would not be able to provide vlsm or

would not be able to provide vlsm or break down these

break down these assigned subnets into

assigned subnets into smaller subnets

smaller subnets so for example if you were assigned a

so for example if you were assigned a network in the class a range let's say a

network in the class a range let's say a 10 dot network you would not be able to

10 dot network you would not be able to break your 10 dot network down into

break your 10 dot network down into smaller subnets so

smaller subnets so later in this video we will talk about

later in this video we will talk about auto summarization and that if it

auto summarization and that if it summarizes on a classful boundary

summarizes on a classful boundary specifically with 10 dot networks you

specifically with 10 dot networks you can have routing problems

can have routing problems so often you will find that you will

so often you will find that you will want to turn off auto summarization in

want to turn off auto summarization in rip version 2.

rip version 2. another issue with rip version 1 is that

another issue with rip version 1 is that it broadcasts updates

it broadcasts updates so it uses unnecessary bandwidth but it

so it uses unnecessary bandwidth but it also means that routers that are not

also means that routers that are not even running rip will constantly receive

even running rip will constantly receive rip updates even though they won't

rip updates even though they won't process them

process them because routers that run rip will

because routers that run rip will broadcast and mount all interfaces

broadcast and mount all interfaces modern routing protocols use a multicast

modern routing protocols use a multicast approach in order to solve this issue

approach in order to solve this issue by sending updates only to routers that

by sending updates only to routers that really need to receive them

really need to receive them rip version 1 does not allow

rip version 1 does not allow authentication

authentication so there is no element of security that

so there is no element of security that can be added to the routing protocol

can be added to the routing protocol to ensure that it is not sending

to ensure that it is not sending information to devices that should not

information to devices that should not receive it

receive it when examining rip version 2 you can see

when examining rip version 2 you can see that many of version 1 shortcomings have

that many of version 1 shortcomings have been addressed

been addressed rip version 2 has a classless behavior

rip version 2 has a classless behavior meaning that subnet mask information is

meaning that subnet mask information is sent in updates so vlsm can be achieved

sent in updates so vlsm can be achieved version 2 also supports authentication

version 2 also supports authentication to ensure that the person you are

to ensure that the person you are sending the information to is the person

sending the information to is the person authorized to receive that information

authorized to receive that information now in addition to plain text passwords

now in addition to plain text passwords the cisco implementation

the cisco implementation provides the ability to use md5

provides the ability to use md5 authentication

authentication md5

md5 is a hashing algorithm that takes a

is a hashing algorithm that takes a variable length string of text and

variable length string of text and produces a fixed length 128 bit output

produces a fixed length 128 bit output the advantage of hashtag plain text is

the advantage of hashtag plain text is that the original message

that the original message cannot be reconstructed even with the

cannot be reconstructed even with the knowledge of the hash algorithm

knowledge of the hash algorithm now with regards to advertisements rip

now with regards to advertisements rip version 2 multicasts routing updates

version 2 multicasts routing updates instead of broadcasting them as rip

instead of broadcasting them as rip version 1 does

version 1 does so this allows for the efficient

so this allows for the efficient exchange of routing updates

exchange of routing updates another special feature of version 2 is

another special feature of version 2 is automatic summarization feature

automatic summarization feature which is applied to prefixes on classful

which is applied to prefixes on classful boundaries

boundaries this behavior is a double-edged sword

this behavior is a double-edged sword because it can induce problems in real

because it can induce problems in real world scenarios

world scenarios let's look at the following example

let's look at the following example router 1 connects to the following

router 1 connects to the following networks

networks 10.10.10.0 and 10.10.20.0

10.10.10.0 and 10.10.20.0 and

and 10.10.30.0

10.10.30.0 router 1 connects to router 2 and then

router 1 connects to router 2 and then onto router 3 which has connectivity to

onto router 3 which has connectivity to the 10.40.0

the 10.40.0 and

and 10.10.50.0 networks

10.10.50.0 networks there are also other networks between

there are also other networks between the routers such as 172.1600

the routers such as 172.1600 and 192.168.000

and 192.168.000 notice the change in classful boundaries

notice the change in classful boundaries that makes rip automatically summarize

that makes rip automatically summarize the networks behind router 1 and router

the networks behind router 1 and router 3

3 as 10.0.0.0.8

toward router 2. this can lead to a problem or it will

this can lead to a problem or it will lead to a problem router 2 will receive

lead to a problem router 2 will receive the same route from both directions

the same route from both directions if it receives a packet destin for

if it receives a packet destin for 10.10.10.0

10.10.10.0 it can send it in both directions based

it can send it in both directions based on the automatically summarized prefixes

on the automatically summarized prefixes it received

it received this problem is called discontiguous

this problem is called discontiguous subnets

subnets and it's generated by the automatic

and it's generated by the automatic summarization behavior of the routing

summarization behavior of the routing protocol that aggregates those subnets

protocol that aggregates those subnets solutions for this problem involve not

solutions for this problem involve not using discontiguous subnets in different

using discontiguous subnets in different areas in the network topology

areas in the network topology or

or disabling auto summarization

disabling auto summarization let's take a look at the rip version 2

let's take a look at the rip version 2 message format

message format the rib version 2 message format takes

the rib version 2 message format takes advantage of the unused fields in the

advantage of the unused fields in the version 1 message format by adding

version 1 message format by adding subnet masks and other information

subnet masks and other information let's go through some of the key

let's go through some of the key attributes of this message

attributes of this message the command field indicates whether the

the command field indicates whether the packet is a request or response message

packet is a request or response message the request message asks that a router

the request message asks that a router send all or part of its routing table

send all or part of its routing table response messages contain route entries

response messages contain route entries the router sends the response

the router sends the response periodically or as a reply to a request

periodically or as a reply to a request version specifies the rip version used

version specifies the rip version used 2 for rip version 2 and 1 for rip

2 for rip version 2 and 1 for rip version 1.

version 1. afi field specifies the address family

afi field specifies the address family used

used rip is designed to carry routing

rip is designed to carry routing information for several different

information for several different protocols

protocols each entry has an afi to indicate the

each entry has an afi to indicate the type of address specified

type of address specified the afi for ip is 2.

route tag route tags provide a method for distinguishing between internal

for distinguishing between internal routes which are learned by rip and

routes which are learned by rip and external routes which are learned from

external routes which are learned from other routing protocols

other routing protocols you can add this optional attribute

you can add this optional attribute during the redistribution of routing

during the redistribution of routing protocols

protocols ip address specifies the ip address of

ip address specifies the ip address of the destination

the destination subnet mask contains the subnet mask for

subnet mask contains the subnet mask for the destination now if this field is

the destination now if this field is zero no subnet mask has been specified

zero no subnet mask has been specified for the entry

for the entry next hop indicates the ip address of the

next hop indicates the ip address of the next hop where packets are sent to reach

next hop where packets are sent to reach the destination

the destination and metric indicates how many router

and metric indicates how many router hops to reach the destination

hops to reach the destination the metric is always going to be between

the metric is always going to be between 1 and 15 for a valid route

1 and 15 for a valid route since 16 would indicate an unreasonable

since 16 would indicate an unreasonable unreachable or infinite route

another aspect about rip that you need to know is that it relies on a series of

to know is that it relies on a series of timers for its operations

timers for its operations as described here

as described here the update timer this is where updates

the update timer this is where updates are sent and they're sent every 30

are sent and they're sent every 30 seconds by default

seconds by default invalid the route is invalidated if no

invalid the route is invalidated if no update was received before this timer

update was received before this timer expires

expires flush timer determines the time a route

flush timer determines the time a route gets flushed from the rip table

gets flushed from the rip table and hold down timer updates are not

and hold down timer updates are not accepted for a route that keeps getting

accepted for a route that keeps getting a bad metric

a bad metric and finally

and finally the sleep timer which can add delay to

the sleep timer which can add delay to triggered updates

triggered updates the hold down and sleep timers are cisco

the hold down and sleep timers are cisco specific and are used to enhance the rip

specific and are used to enhance the rip functionality

functionality they were not originally specified in

they were not originally specified in the rfcs for rip

the rfcs for rip in summary here are some key points

in summary here are some key points about rip version 2 that you need to

about rip version 2 that you need to memorize for your ccda exam

memorize for your ccda exam it's a distance vector protocol which

it's a distance vector protocol which uses udp port 520

uses udp port 520 it does not scale well since the maximum

it does not scale well since the maximum hop count is 15.

hop count is 15. periodic route updates are sent every 30

periodic route updates are sent every 30 seconds to a multicast address

seconds to a multicast address 25 routes are allowed per rip message or

25 routes are allowed per rip message or 24 if you're using authentication

24 if you're using authentication and obviously it supports authentication

and obviously it supports authentication subnet mask is included in every route

subnet mask is included in every route entry

entry it's a classless protocol

it's a classless protocol it does support vlsm

it does support vlsm and the metric for

and the metric for version 2 is router hop count

version 2 is router hop count now all of these points you need to

now all of these points you need to memorize for your ccda exam this video

memorize for your ccda exam this video has given you a good base foundation for

has given you a good base foundation for preparations for your ccda if you can

preparations for your ccda if you can memorize what you've learned in this

memorize what you've learned in this video you should do very well when asked

video you should do very well when asked questions about rip and how and when you

questions about rip and how and when you would use it in a network design good

would use it in a network design good luck in your studies

hi this is david voss ccie11372 and in this video you're going to learn

and in this video you're going to learn about eigrp design

about eigrp design we're going to do a high-level eigrp

we're going to do a high-level eigrp overview

overview in this video

in this video and then we're going to talk about the

and then we're going to talk about the eigrp components you're going to see

eigrp components you're going to see this constant theme of these four

this constant theme of these four components

components so first there are eigrp messages that

so first there are eigrp messages that are unique to eigrp there's a unique

are unique to eigrp there's a unique eigrp algorithm

eigrp algorithm there are tables that are again unique

there are tables that are again unique to eigrp that you need to know about

to eigrp that you need to know about and then finally you need to know that

and then finally you need to know that eigrp supports

eigrp supports independent modules

independent modules so there are multiple there's multiple

so there are multiple there's multiple support for

support for multiple different network layer

multiple different network layer protocols

now the way we're going to approach this is

the way we're going to approach this is again it's a high level overview of

again it's a high level overview of concepts that are unique to eigrp so we

concepts that are unique to eigrp so we all know that eigrp can support vlsm for

all know that eigrp can support vlsm for example but many routing protocols can

example but many routing protocols can so we're not going to dig into vlsm and

so we're not going to dig into vlsm and eigrp we're going to talk about things

eigrp we're going to talk about things that are unique to eigrp

that are unique to eigrp now for to understand eigrp we first

now for to understand eigrp we first need to understand igrp igrp came out in

need to understand igrp igrp came out in 1986

1986 it is an interior gateway protocol that

it is an interior gateway protocol that was once very popular

was once very popular distance vector a distance vector

distance vector a distance vector routing protocol

routing protocol and

and it used four key attributes to develop

it used four key attributes to develop this distance information on how to

this distance information on how to choose the best path

choose the best path so it looked at the link

so it looked at the link and then it said how much available

and then it said how much available bandwidth is there

bandwidth is there how much delay how much load and how

how much delay how much load and how much link reliability is there on this

much link reliability is there on this link path or on the multiple links to my

link path or on the multiple links to my path

path well

well e-i-g-r-p

e-i-g-r-p is still an interior gateway protocol

is still an interior gateway protocol and it is still a distance vector

and it is still a distance vector protocol although

protocol although many times in the past it had been

many times in the past it had been referred to as hybrid but those days are

referred to as hybrid but those days are pretty much gone

pretty much gone distance vector is what it's classified

distance vector is what it's classified as

as but it has can improve convergence in

but it has can improve convergence in operations so

operations so it uses the dual diffusing update

it uses the dual diffusing update algorithm and i'll show you about that

algorithm and i'll show you about that in a few minutes and then again it has

in a few minutes and then again it has multiple unique tables eigrp

multiple unique tables eigrp which assists in the operations and

which assists in the operations and enhances the operations

enhances the operations and then again it supports multiple

and then again it supports multiple network layer protocols

so how does eigrp actually work well i'll tell you what let's go ahead

well i'll tell you what let's go ahead and open up the hood and take a look

and open up the hood and take a look underneath eigrp has four basic

underneath eigrp has four basic components and these should already

components and these should already start looking familiar to you it has

start looking familiar to you it has messages so messages flow to and from

messages so messages flow to and from neighbors eigrp neighbors there's five

neighbors eigrp neighbors there's five different types we'll dig into that in a

different types we'll dig into that in a little bit

little bit eigrp has the dual algorithm the dual

eigrp has the dual algorithm the dual algorithm takes the information from

algorithm takes the information from those messages and then processes

those messages and then processes best path and possible best path

best path and possible best path then all the information from the

then all the information from the messages and the algorithms get

messages and the algorithms get put into tables so these eigrp tables

put into tables so these eigrp tables hold the data

hold the data from the algorithm and the messages and

from the algorithm and the messages and then finally the modules these protocol

then finally the modules these protocol dependent modules

dependent modules support a variety of network layer

support a variety of network layer protocols so we're not limited eigrp is

protocols so we're not limited eigrp is not limited to just ip

so with regards to messages there are different types of packet formats

different types of packet formats there's five different types of packet

there's five different types of packet formats

formats first there's the hello message a hello

first there's the hello message a hello message is basically a query out to

message is basically a query out to anybody who'll listen asking if

anybody who'll listen asking if anybody's out there so our router

anybody's out there so our router running eigrp sends hello packets by

running eigrp sends hello packets by default and it will send those packets

default and it will send those packets out and hope for a return reply and when

out and hope for a return reply and when it gets a return reply it'll get that

it gets a return reply it'll get that update and that update contains all the

update and that update contains all the messages or all the routes that want to

messages or all the routes that want to be shared via eigrp

be shared via eigrp update messages are messages with a lot

update messages are messages with a lot of routing information in them

of routing information in them and then there's the acknowledgement

and then there's the acknowledgement message which surely you know about from

message which surely you know about from other protocols but it's simply

other protocols but it's simply acknowledging that yes i've received

acknowledging that yes i've received your message

your message and that's key to the reliable nature of

and that's key to the reliable nature of eigrp which we'll talk about in a minute

eigrp which we'll talk about in a minute there's a query message so if eigrp

there's a query message so if eigrp loses a route and does not know how to

loses a route and does not know how to get there anymore it will query its

get there anymore it will query its neighbors saying do you have any

neighbors saying do you have any information about this route because i'd

information about this route because i'd like to get that information

like to get that information and then if a router does have

and then if a router does have information on that route or on that

information on that route or on that path it will reply back saying yes

path it will reply back saying yes i do have information and here it is

i do have information and here it is so these five messages can be broken out

so these five messages can be broken out into two categories some that are

into two categories some that are reliable and some that are not reliable

reliable and some that are not reliable the reliable messages are use reliable

the reliable messages are use reliable transport protocol

transport protocol and this is unique to eigrp but rtp

and this is unique to eigrp but rtp basically makes sure that packets

basically makes sure that packets get to where they're supposed to go in

get to where they're supposed to go in order so an unreliable packet is a hello

order so an unreliable packet is a hello message

message that message is not reliable but the

that message is not reliable but the update message from an eigrp router does

update message from an eigrp router does use rtp

use rtp so it is sequenced and there are

so it is sequenced and there are acknowledgments so there is an

acknowledgments so there is an acknowledgement to that message but the

acknowledgement to that message but the acknowledgement itself is not reliable

acknowledgement itself is not reliable then there's the query message remember

then there's the query message remember the query is to ask do you have

the query is to ask do you have information about this route

information about this route and that is that uses rtp and the

and that is that uses rtp and the response to that query the reply also

response to that query the reply also uses rtp

uses rtp so three different types of messages use

so three different types of messages use rtp the update the query and the reply

rtp the update the query and the reply and i think that's critical to know for

and i think that's critical to know for your exam

your exam now let's talk about the eigrp algorithm

now let's talk about the eigrp algorithm which is dual now to understand dual you

which is dual now to understand dual you need to understand what successor and

need to understand what successor and feasible successor routes are i think

feasible successor routes are i think when you think of successor just think

when you think of successor just think of success that's the best path

of success that's the best path so if eigrp loses connectivity to the

so if eigrp loses connectivity to the best path

best path it will then

it will then run the dual algorithm

run the dual algorithm and ask is there a feasible successor is

and ask is there a feasible successor is there a second best path

there a second best path and if the dual algorithm states yes

and if the dual algorithm states yes there is a feasible successor a second

there is a feasible successor a second best path it will then promote

best path it will then promote that second best path to the to to the

that second best path to the to to the best path so that becomes the successor

best path so that becomes the successor once it's it's the successor it is then

once it's it's the successor it is then installed into the routing table so for

installed into the routing table so for example it would be installed into the

example it would be installed into the ip routing table

ip routing table and then the router would begin to use

and then the router would begin to use that new path

that new path so this chart gives you an overview of

so this chart gives you an overview of base a high-level overview of how the

base a high-level overview of how the dual algorithm runs

dual algorithm runs but it's important to know these

but it's important to know these concepts

concepts of successor and feasible successor as

of successor and feasible successor as you move forward with eigrp and how dual

you move forward with eigrp and how dual uses that information

uses that information now eigrp uses specific tables to help

now eigrp uses specific tables to help make it run and one of the tables that

make it run and one of the tables that eigrp uses is called a neighbor table

eigrp uses is called a neighbor table now a neighbor table is exactly what you

now a neighbor table is exactly what you think it is it's a table that is

think it is it's a table that is comprised of a listing of all the eigrp

comprised of a listing of all the eigrp neighbors so

neighbors so for example we have a hub and spoke

for example we have a hub and spoke design here we have router a

design here we have router a router b and router c

router b and router c and router a and router b are both

and router a and router b are both running eigrp

running eigrp router a sends out a hello packet and

router a sends out a hello packet and router b responds back as well and

router b responds back as well and they've established a neighbor

they've established a neighbor relationship and router a sends out a

relationship and router a sends out a hello packet rudder c does the same and

hello packet rudder c does the same and they've established their eigrp neighbor

they've established their eigrp neighbor relationship

relationship so once that happens router a begins to

so once that happens router a begins to build out its neighbor table

build out its neighbor table by identifying each router that each

by identifying each router that each neighbor by ip address so

neighbor by ip address so for example router b is 172 16

for example router b is 172 16 1.1 and he gets placed into the neighbor

1.1 and he gets placed into the neighbor table

table and then router c is 192.168.10.2

and he is placed in the router table as well

well so

so router a now has two neighbors and they

router a now has two neighbors and they are both listed in its neighbor table

are both listed in its neighbor table but there's also other information in

but there's also other information in the neighbor table as well

the neighbor table as well and it

and it the router a also wants to know what

the router a also wants to know what interface are these routers

interface are these routers off of so router b is off of serial one

off of so router b is off of serial one router c is off of serial two so should

router c is off of serial two so should i need to forward them

i need to forward them traffic or i know exactly which

traffic or i know exactly which interface they will be exiting

interface they will be exiting and then finally

and then finally there's

there's other information that is entered into

other information that is entered into the neighbor table there's quite a bit

the neighbor table there's quite a bit actually but for the sake of this high

actually but for the sake of this high level overview let's just talk about

level overview let's just talk about hold time because this is a key concept

hold time because this is a key concept when you program hold time on a router

when you program hold time on a router it's not local you're not changing the

it's not local you're not changing the whole time locally that information is

whole time locally that information is actually forwarded over to

actually forwarded over to your neighbor router so here we have

your neighbor router so here we have router c

router c who's changed his hold time to 10

who's changed his hold time to 10 seconds he forwards that over to router

seconds he forwards that over to router a

a and here we have router b

and here we have router b and let's say he's going to change his

and let's say he's going to change his hold time

hold time this information that they're changing

this information that they're changing from the default it gets inserted into

from the default it gets inserted into the neighbor table on router a

the neighbor table on router a and remember hold time is basically

and remember hold time is basically telling the router if you don't hear

telling the router if you don't hear from me in this amount of time

from me in this amount of time consider me down and flush the routes

consider me down and flush the routes that you receive from me

that you receive from me so it's important to remember hold time

so it's important to remember hold time is configured on router c and router b

is configured on router c and router b but the actual numeric

but the actual numeric change occurs on router a in the

change occurs on router a in the neighbor table

neighbor table now there's definitely other attributes

now there's definitely other attributes that are in the neighbor table

that are in the neighbor table and we will definitely go over those in

and we will definitely go over those in future videos but on a high level

future videos but on a high level overview of eigrp you need to know about

overview of eigrp you need to know about the ip the interface and the hold time

the ip the interface and the hold time counter and just remember hold time

counter and just remember hold time defaults

defaults are is 180 seconds

are is 180 seconds for low bandwidth links and 15 seconds

for low bandwidth links and 15 seconds for t1 or higher

for t1 or higher so

so that'll come up again again and you'll

that'll come up again again and you'll probably be asked about that as well

probably be asked about that as well but there are other eigrp tables that

but there are other eigrp tables that you should also be aware of

you should also be aware of and a key table to know about is the

and a key table to know about is the topology table topology table contains

topology table topology table contains all destinations advertised by

all destinations advertised by neighboring routers

neighboring routers this includes remember the successor and

this includes remember the successor and feasible successor routes the best path

feasible successor routes the best path to a destination and the next best path

to a destination and the next best path respectively

respectively so topology table is key for eigrp to

so topology table is key for eigrp to run now remember within topology table

run now remember within topology table you can see the route tag so in eigrp

you can see the route tag so in eigrp you can actually perform route tagging

you can actually perform route tagging and all you really need to know for now

and all you really need to know for now is that you can identify routes by their

is that you can identify routes by their origination

origination which allows for custom routing so you

which allows for custom routing so you can tag those routes with a manual entry

can tag those routes with a manual entry so that's all you really need to know

so that's all you really need to know for now

for now but getting back to eigrp tables

but getting back to eigrp tables now here's an example we have again a

now here's an example we have again a hub and spoke design

hub and spoke design router a router b and router c now

router a router b and router c now router a is going to build out as soon

router a is going to build out as soon as it enables eigrp it's going to build

as it enables eigrp it's going to build out these eigrp tables and one of the

out these eigrp tables and one of the tables again is going to be this

tables again is going to be this topology table

topology table the topology table is going to contain

the topology table is going to contain critical information for eigrp to run

critical information for eigrp to run and make the choices upon what the

and make the choices upon what the best path is going to be

best path is going to be so

so in the topology table it's going to

in the topology table it's going to insert routes that it learns from router

insert routes that it learns from router b and router c and then

b and router c and then it's going to ask

it's going to ask now that i know about this route which

now that i know about this route which neighbor did i learn it from

neighbor did i learn it from and then finally it's going to say

and then finally it's going to say i know the route i know the neighbor i

i know the route i know the neighbor i learned from

learned from what metric should i assign to it which

what metric should i assign to it which way should i send traffic or forward

way should i send traffic or forward traffic

traffic so

so in this example

in this example the route itself let's say we'll do a

the route itself let's say we'll do a 10.1.1.0

24 and let's say we learn this route from

and let's say we learn this route from both router b

both router b and from router c

so this topology table is filled out with two entries

with two entries for the same route

for the same route again this is not the routing table yet

again this is not the routing table yet this is a topology table

this is a topology table and it has a metric so let's keep it

and it has a metric so let's keep it simple so the metric to router b is 10

simple so the metric to router b is 10 and their metric to router c is 20.

and their metric to router c is 20. so

so for this simple example let's just say

for this simple example let's just say that

that the router now realizes that the

the router now realizes that the successor route the best route

successor route the best route is going to be

is going to be the path

the path through

through router b

router b now once the dual algorithm has run and

now once the dual algorithm has run and it realizes this it then takes

it realizes this it then takes that route or that path

that route or that path and it places the successor route into

and it places the successor route into the routing table in this case the ip

the routing table in this case the ip routing table

routing table so now we know the successor is to

so now we know the successor is to router b and the feasible successor path

router b and the feasible successor path is to router c

so as we can see it's going to choose

it's going to choose the path out to router b

the path out to router b now what happens

now what happens if this route information is lost

if this route information is lost and

and router a no longer learns about this

router a no longer learns about this this route from router b or from router

this route from router b or from router c and it gets flushed well router a what

c and it gets flushed well router a what he's going to do

he's going to do is he's going to send a query

is he's going to send a query to router b

to router b and to router c

and to router c asking do you know

asking do you know about this route because i've lost it

about this route because i've lost it and i'm hoping you have information on

and i'm hoping you have information on it

it and

and the neighbors will respond back but

the neighbors will respond back but specifically

specifically let's say in this case

let's say in this case that router c is the only one that knows

that router c is the only one that knows about it

about it router c will respond yes i'm aware of

router c will respond yes i'm aware of it and it will send the information over

it and it will send the information over and router a will say thank you very

and router a will say thank you very much

much and router a will then insert it into

and router a will then insert it into the topology table it will become the

the topology table it will become the successor and once it's to the successor

successor and once it's to the successor it will be placed into the routing table

it will be placed into the routing table and then router a

and then router a will then begin using the path through

will then begin using the path through router c to reach that subnet

router c to reach that subnet and last but certainly not least we have

and last but certainly not least we have protocol dependent modules so eigrp

protocol dependent modules so eigrp and the dual algorithm

and the dual algorithm function in a way that protocols can run

function in a way that protocols can run and use eigrp independently of one

and use eigrp independently of one another so ip builds out its own

another so ip builds out its own neighboring topology tables ipx and

neighboring topology tables ipx and apple talk they all build out their own

apple talk they all build out their own neighbor and topology tables and dual

neighbor and topology tables and dual can work with any and all of them

can work with any and all of them so you've learned a lot in this video

so you've learned a lot in this video that will help you with eigrp design

that will help you with eigrp design we've done an overview and we've talked

we've done an overview and we've talked about the individual components of eigrp

about the individual components of eigrp messages algorithms tables and modules

messages algorithms tables and modules you'll need to know all this information

you'll need to know all this information not only to design eigrp but obviously

not only to design eigrp but obviously to do very well on the ccda exam

to do very well on the ccda exam if you study what's in this video and

if you study what's in this video and know it well i'm confident you'll do

know it well i'm confident you'll do really well in the eigrp portion of your

really well in the eigrp portion of your ccda good luck in your studies

hi this is david voss ccie11372 and in this video we're

ccie11372 and in this video we're covering ospf design

covering ospf design we're going to begin with some concepts

we're going to begin with some concepts you need to understand a baseline i

you need to understand a baseline i guess you could say prior to designing

guess you could say prior to designing ospf

ospf and then we're going to get a bit more

and then we're going to get a bit more granular in this video and dig into ospf

granular in this video and dig into ospf concepts such as administrative areas

concepts such as administrative areas virtual links router types designated

virtual links router types designated routers

routers neighbor exchange states link state

neighbor exchange states link state advertisements and

advertisements and best path selection

best path selection if you're going to design ospf properly

if you're going to design ospf properly you need to understand all of these

you need to understand all of these concepts we will not go into

concepts we will not go into configuration examples

configuration examples that you can learn in the ccnp route

that you can learn in the ccnp route exam

exam but for the ccda

but for the ccda you will need to understand these

you will need to understand these concepts so let's begin ospf is one of

concepts so let's begin ospf is one of the most complex routing protocols that

the most complex routing protocols that can be be deployed in modern networks

can be be deployed in modern networks ospf is an open standard protocol that

ospf is an open standard protocol that is it should be able to run on cisco and

is it should be able to run on cisco and non-cisco equipment

non-cisco equipment ospf is a classless routing protocol and

ospf is a classless routing protocol and this allows it to support vlsm similar

this allows it to support vlsm similar to eigrp which uses dual

to eigrp which uses dual ospf uses spf algorithm to select loop

ospf uses spf algorithm to select loop free paths throughout the topology

free paths throughout the topology ospf is designed to be very scalable

ospf is designed to be very scalable because it's hierarchical routing

because it's hierarchical routing protocol

protocol using the concept of areas to split the

using the concept of areas to split the topology into smaller sections

topology into smaller sections so it is a very popular protocol in

so it is a very popular protocol in today's enterprise networks because it

today's enterprise networks because it can scale so well

can scale so well ospf takes bandwidth into consideration

ospf takes bandwidth into consideration when calculating route metrics

when calculating route metrics in ospf it's considered the cost a

in ospf it's considered the cost a higher bandwidth generates a lower cost

higher bandwidth generates a lower cost and lower costs are preferred in ospf

and lower costs are preferred in ospf ospf supports authentication just as

ospf supports authentication just as eigrp does in rip version 2.

eigrp does in rip version 2. ospf is also very extensible it's

ospf is also very extensible it's similar to bgp and isis meaning that the

similar to bgp and isis meaning that the protocol can be modified in the future

protocol can be modified in the future to handle other forms of traffic

to handle other forms of traffic ospf discovers neighbors and exchanges

ospf discovers neighbors and exchanges topology information with its neighbors

topology information with its neighbors acting much as eigrp does in that way

acting much as eigrp does in that way based on the collected information and

based on the collected information and the link costs ospf calculates the

the link costs ospf calculates the shortest paths to each destination using

shortest paths to each destination using as we mentioned before the spf algorithm

as we mentioned before the spf algorithm the formula for calculating the

the formula for calculating the interface cost is reference bandwidth

interface cost is reference bandwidth divided by link bandwidth

divided by link bandwidth the default reference bandwidth is a

the default reference bandwidth is a hundred megabits per second but this can

hundred megabits per second but this can be modified

be modified just as the link bandwidth can be

just as the link bandwidth can be modified using the bandwidth command

modified using the bandwidth command please note that the reference bandwidth

please note that the reference bandwidth should be modified in networks that

should be modified in networks that contain a combination of 100 megabits

contain a combination of 100 megabits per second and one gigabit per second

per second and one gigabit per second links

links because by default all of these

because by default all of these interfaces will be assigned the same

interfaces will be assigned the same ospf cost

ospf cost that's obviously a big design

that's obviously a big design consideration and something you

consideration and something you certainly could be tested on

certainly could be tested on another aspect that adds to the design

another aspect that adds to the design complexity of ospf is that it can be

complexity of ospf is that it can be configured to behave differently

configured to behave differently depending on the topology in which you

depending on the topology in which you are implementing it

are implementing it ospf recognizes different network types

ospf recognizes different network types and this will control following actions

and this will control following actions such as how updates are sent

such as how updates are sent how many adjacencies are made with the

how many adjacencies are made with the ofcpf speakers

ofcpf speakers and how the next hop is calculated

and how the next hop is calculated ospf supports the following network

ospf supports the following network types broadcast

types broadcast non-broadcast

non-broadcast point-to-point

point-to-point point to multipoint

point to multipoint point to multi-point non-broadcast and

point to multi-point non-broadcast and loopback

loopback ospf automatically selects the network

ospf automatically selects the network type that is the most appropriate for

type that is the most appropriate for the given technology so for example if

the given technology so for example if you configure ospf in a broadcast based

you configure ospf in a broadcast based ethernet environment it will default to

ethernet environment it will default to the broadcast type

the broadcast type if you configure it on a frame relay

if you configure it on a frame relay interface it will default to the

interface it will default to the non-broadcast type

non-broadcast type an ospf configured on a point-to-point

an ospf configured on a point-to-point serial link will default to the

serial link will default to the point-to-point network type

point-to-point network type the only network types that you need to

the only network types that you need to manually assign would be 0.2 multi-point

manually assign would be 0.2 multi-point or point to multi-point non-broadcast

or point to multi-point non-broadcast these obviously are most appropriate for

these obviously are most appropriate for the partial mesh which is hub and spoke

the partial mesh which is hub and spoke environments and these must be

environments and these must be configured manually

configured manually so now that you have a high level

so now that you have a high level understanding of ospf let's go ahead and

understanding of ospf let's go ahead and dig into ospf concepts all of which you

dig into ospf concepts all of which you will need to know

will need to know for your ccda exam

for your ccda exam we're going to go through these one by

we're going to go through these one by one to the level of detail you need to

one to the level of detail you need to know for the ccda exam

know for the ccda exam and we're going to begin with

and we're going to begin with administrative areas

administrative areas an autonomous system is broken out into

an autonomous system is broken out into areas so areas are a group of routers

areas so areas are a group of routers that share a same area id

that share a same area id and these different areas these

and these different areas these different groupings have different

different groupings have different functions and and they know different

functions and and they know different types of information so you have

types of information so you have backbone area standard area et cetera et

backbone area standard area et cetera et cetera and each of these areas perform

cetera and each of these areas perform different functions so let's talk in

different functions so let's talk in detail about

detail about what some of these areas know

what some of these areas know and maybe what some of these areas do

and maybe what some of these areas do not know but also how ospf is designed

not know but also how ospf is designed around these these concepts of areas so

around these these concepts of areas so remember we're talking at a higher level

remember we're talking at a higher level here but as is a good rule of thumb

here but as is a good rule of thumb your backbone area in ospf

your backbone area in ospf if anybody ever refers to area 0 you

if anybody ever refers to area 0 you know they're talking about the backbone

know they're talking about the backbone area in ospf

area in ospf and this is probably the most well-known

and this is probably the most well-known area because it is required

area because it is required and all other areas

and all other areas must connect

must connect to the backbone area so if for area to

to the backbone area so if for area to area communication

area communication let's say you have an area one

let's say you have an area one communicating to an area three

communicating to an area three both of those areas must connect to the

both of those areas must connect to the backbone

backbone so let's start here with a standard area

so let's start here with a standard area now a standard area you know you know

now a standard area you know you know what does that really mean

what does that really mean well

well standard areas can be thought of

standard areas can be thought of as equal opportunity employers i guess

as equal opportunity employers i guess you could say

you could say because um

because um they know about every route in the

they know about every route in the autonomous system in the ospf network

autonomous system in the ospf network and they share their routes but they

and they share their routes but they also learn all their routes from other

also learn all their routes from other areas through the backbone

areas through the backbone and this is just fine all this route

and this is just fine all this route sharing is just fine if routers are

sharing is just fine if routers are high-powered enough

high-powered enough to store every route but also to run

to store every route but also to run these

these complex spf calculations

complex spf calculations but just know the standard areas contain

but just know the standard areas contain lsas of type 1 two three four and five

lsas of type 1 two three four and five now next you know if you think of a stub

now next you know if you think of a stub area which we'll talk about next

area which we'll talk about next if you think of a network you know you

if you think of a network you know you have leaf nodes on networks well that's

have leaf nodes on networks well that's what kind of a stub area is

what kind of a stub area is it's handy if devices are lower powered

it's handy if devices are lower powered routers are lower powered or simply do

routers are lower powered or simply do not need to know about every route a

not need to know about every route a stub area is similar to a standard area

stub area is similar to a standard area but routers in it are not aware of

but routers in it are not aware of externally sourced routes directly

externally sourced routes directly and in terms of lsas that means that

and in terms of lsas that means that type 5 lsas are not permitted in a stub

type 5 lsas are not permitted in a stub area stub areas use a default route

area stub areas use a default route to exit for traffic to exit a stub area

to exit for traffic to exit a stub area it uses a default route

it uses a default route now next would be a totally stubby area

now next would be a totally stubby area and let's take this stub area concept

and let's take this stub area concept one step further

one step further in a total stubby area in addition to

in a total stubby area in addition to the lack of type 4 and 5 lsas type 3

the lack of type 4 and 5 lsas type 3 lsas

lsas which carry information about internal

which carry information about internal routes are also prohibited

routes are also prohibited the concept of an injected default route

the concept of an injected default route still applies here just like a stub area

still applies here just like a stub area so all traffic leaving the area

so all traffic leaving the area does so using the default route

and then finally let's go over this concept of not so stubby areas so

concept of not so stubby areas so you know this is an interesting uh i

you know this is an interesting uh i guess you could say concoction because

guess you could say concoction because not so stubby areas can connect to

not so stubby areas can connect to non-ospf networks

non-ospf networks that are not a part of this autonomous

that are not a part of this autonomous system and they and they can receive

system and they and they can receive routes from those non-ospf networks

routes from those non-ospf networks or networks that are not participating

or networks that are not participating in the autonomous system

in the autonomous system and it will receive those routes through

and it will receive those routes through redistribution

redistribution and then it can

and then it can turn those type 7 lsas and kind of you

turn those type 7 lsas and kind of you know basically it's going to

know basically it's going to mask them and make them appear as type 5

mask them and make them appear as type 5 lsas

lsas and then begin sharing them onto the

and then begin sharing them onto the network

network so there's there's your ideas of

so there's there's your ideas of networks in in areas but all areas in an

networks in in areas but all areas in an ospf autonomous system must be as you

ospf autonomous system must be as you know physically connected to the

know physically connected to the backbone area

backbone area well what if you can't do that

well what if you can't do that you know what if you uh what if you

you know what if you uh what if you can't connect an area

can't connect an area to

to area zero

so let's draw out this concept of a virtual link let's imagine we have our

virtual link let's imagine we have our a company on the east coast

a company on the east coast and we have in this company we've

and we have in this company we've deployed ospf already so we have our

deployed ospf already so we have our backbone area zero

backbone area zero and then we have other areas that have

and then we have other areas that have to obviously connect into this backbone

to obviously connect into this backbone area so

area so let's say we have an area one in the

let's say we have an area one in the boston area

boston area and then an area two

and then an area two let's say in florida but let's focus in

let's say in florida but let's focus in on area one so in the boston area we

on area one so in the boston area we have area one in boston and we acquire

have area one in boston and we acquire another company in that area and it's

another company in that area and it's easy enough for us

easy enough for us to connect this new company into our

to connect this new company into our boston resources so

boston resources so we're going to connect them into our

we're going to connect them into our boston router

boston router very simply

very simply the problem is is that even though this

the problem is is that even though this company that we've acquired maybe

company that we've acquired maybe they're already running ospf and we

they're already running ospf and we convert them to ospf area 3

convert them to ospf area 3 to work within our autonomous system

to work within our autonomous system we still need to meet the requirement of

we still need to meet the requirement of ospf where an area must connect into

ospf where an area must connect into area 0.

area 0. so

so ospf allows for

ospf allows for what is called as you know the virtual

what is called as you know the virtual link we will create this virtual link

link we will create this virtual link between area three and area zero

between area three and area zero it's passing through area one

it's passing through area one and this allows us to meet the design

and this allows us to meet the design requirement of ospf so

requirement of ospf so route to area three and area 0 see this

route to area three and area 0 see this as a direct connection and things will

as a direct connection and things will work just fine thanks to the virtual

work just fine thanks to the virtual link

so there are many different ospf router types that you need to be aware of

types that you need to be aware of there's the area border router which

there's the area border router which connects one or more ospf areas to the

connects one or more ospf areas to the backbone area

backbone area there's the asbr or autonomous system

there's the asbr or autonomous system boundary router which will be located

boundary router which will be located between an ospf

between an ospf autonomous system and a non-ospf network

autonomous system and a non-ospf network and then you have your backbone router

and then you have your backbone router which is pretty straightforward a router

which is pretty straightforward a router with at least one interface connected to

with at least one interface connected to area zero

area zero and then another easy concept and

and then another easy concept and internal router a router with all

internal router a router with all interfaces in one area

interfaces in one area let's draw this out real quick let's

let's draw this out real quick let's just to drive it home

just to drive it home so

so let's draw out our area

let's draw out our area zero

and an area zero you know already is the backbone so a router within area zero is

backbone so a router within area zero is a backbone router

a backbone router and then we connect to another area

and then we connect to another area let's say area one this isn't this is an

let's say area one this isn't this is an area border router

area border router pretty straightforward concept there's

pretty straightforward concept there's your abr

your abr and let's say we have another area we're

and let's say we have another area we're connecting to there's another abr

but we are also connecting an asbr here because we have a non-ospf network that

because we have a non-ospf network that we're going to be injecting routes from

we're going to be injecting routes from into our ospf

into our ospf process so

process so we are injecting routes in through an

we are injecting routes in through an asbr converting type 7 lsas to type 5

asbr converting type 7 lsas to type 5 and those are being forwarded on to the

and those are being forwarded on to the network and then you have

network and then you have last but not least internal

last but not least internal routers which have all interfaces in the

routers which have all interfaces in the same area pretty straightforward

so in order for two ospf routers to communicate they need to go through this

communicate they need to go through this process of exchange state so you need to

process of exchange state so you need to understand a basic concept of what these

understand a basic concept of what these are

are here's the following states there's the

here's the following states there's the init state where a hello packet has been

init state where a hello packet has been sent by a router it's waiting for a

sent by a router it's waiting for a reply

reply from the establishment state where

from the establishment state where there's the discovery of that hello and

there's the discovery of that hello and then the election of a dr and

then the election of a dr and multi-access networks

multi-access networks the x start stage where a master slave

the x start stage where a master slave relationship is started between two

relationship is started between two routers the router with the high router

routers the router with the high router id becomes the master and starts the

id becomes the master and starts the exchange

exchange and as such is the only router that can

and as such is the only router that can increment the sequence number

increment the sequence number then there's the exchange state where

then there's the exchange state where the slave acknowledgement acknowledges

the slave acknowledgement acknowledges the master's packets

the master's packets and this information in this state is

and this information in this state is only lsa headers and that does it and it

only lsa headers and that does it and it describes the contents of the entire

describes the contents of the entire link state database then there's loading

link state database then there's loading where there's a request for more

where there's a request for more information in this state the actual

information in this state the actual exchange of link state information

exchange of link state information occurs and then there's full

occurs and then there's full synchronization and in this state

synchronization and in this state routers are fully adjacent with one

routers are fully adjacent with one another

another all the router and network lsas are

all the router and network lsas are exchanged and the router's databases are

exchanged and the router's databases are fully synchronized

fully synchronized now a designated router in ospf is a key

now a designated router in ospf is a key concept that you need to know

concept that you need to know because on multi-access networks a

because on multi-access networks a designated router will establish

designated router will establish adjacencies with all other routers on

adjacencies with all other routers on the multi-access network

the multi-access network learn all their routes and then share

learn all their routes and then share all the routes with all the other

all the routes with all the other routers

routers and then the the bdr the backup

and then the the bdr the backup designated router will fill in should

designated router will fill in should the dr fail and you can set the dr and

the dr fail and you can set the dr and the bdr manually and actually you most

the bdr manually and actually you most you should do it this way you should set

you should do it this way you should set it using the priority command in ospf so

it using the priority command in ospf so understanding ospf priority is key

understanding ospf priority is key because you can manually set who the dr

because you can manually set who the dr is and who the bdr is

is and who the bdr is now it's easy to talk about this and

now it's easy to talk about this and look at a look at a powerpoint and you

look at a look at a powerpoint and you may not fully appreciate how important

may not fully appreciate how important this concept really is so let's actually

this concept really is so let's actually draw it out

draw it out so on a typical multi-access network

so on a typical multi-access network let's say we have five routers

let's say we have five routers and you want to establish adjacencies in

and you want to establish adjacencies in ospf to share routes between them

ospf to share routes between them if they did the that way where they're

if they did the that way where they're all neighboring with one another and

all neighboring with one another and communicating with one another you're

communicating with one another you're gonna see that all these adjacencies are

gonna see that all these adjacencies are gonna add up pretty quickly

gonna add up pretty quickly and that's gonna that's gonna tax the

and that's gonna that's gonna tax the resources on the routers themselves but

resources on the routers themselves but it's really unnecessary we can share

it's really unnecessary we can share this information in a much more

this information in a much more efficient manner

efficient manner so what we're going to do is we elect a

so what we're going to do is we elect a dr in ospf

dr in ospf again it has this built in within the

again it has this built in within the ospf design itself

ospf design itself or a multi-access network you can elect

or a multi-access network you can elect a dr

a dr and then the dr establishes an adjacency

and then the dr establishes an adjacency with all the other routers on the

with all the other routers on the multi-access network it learns all of

multi-access network it learns all of their routes and then shares all their

their routes and then shares all their routes so now we just have four

routes so now we just have four adjacencies required now if the dr fails

adjacencies required now if the dr fails and those adjacencies fail the bdr would

and those adjacencies fail the bdr would take over

now regarding link state advertisements what you really need to know at least

what you really need to know at least just for now in ospf is that a link

just for now in ospf is that a link state advertisement

state advertisement is a packet that contains all relevant

is a packet that contains all relevant information regarding a router's links

information regarding a router's links and the state of those links

and the state of those links now there are many different types and

now there are many different types and i've listed the key types for you here

i've listed the key types for you here and we're going to dig into detail on

and we're going to dig into detail on these different types as we get into the

these different types as we get into the labs but just for now

labs but just for now know that these are these are

know that these are these are informational packets that have

informational packets that have information on a router's links and the

information on a router's links and the state of those links

so now that ospf has gathered all this information it needs to know what to do

information it needs to know what to do with it needs to choose the best path so

with it needs to choose the best path so it puts all the information in a

it puts all the information in a topology table

topology table and then ospf the metric for ospf is

and then ospf the metric for ospf is cost so cost is 10 to the power of eight

cost so cost is 10 to the power of eight divided by bandwidth

divided by bandwidth and lower costs are preferred

and lower costs are preferred so the best way to understand cost is

so the best way to understand cost is actually for us just to draw this out to

actually for us just to draw this out to see how it works

see how it works so let's draw out a six router network

and let's say we have router one which ultimately wants to communicate

which ultimately wants to communicate with a network off of router 6

with a network off of router 6 and it will have two choices two paths

and it will have two choices two paths it can possibly take

it can go via router 2 or via router 4 to this network we'll say

to this network we'll say 192.168.10 network 24.

which is hanging off router 6. now router 1

router 1 then calculates using ospf the cost

then calculates using ospf the cost for each and every link in this path

for each and every link in this path and it's going to do the same

and it's going to do the same for the path from router two and three

for the path from router two and three to six

to six and then what ospf is going to do

and then what ospf is going to do is

is add up

add up the entire cost to get to router six so

the entire cost to get to router six so from going via router 4

from going via router 4 that path has a total cost of 20.

and going via router 2 that path has a total cost of 25 and we know that ospf

total cost of 25 and we know that ospf uses

uses the lower cost to make its decision on

the lower cost to make its decision on which path to take

which path to take so the total cost of 20 wins out

so the total cost of 20 wins out and we will choose router 4.

and we will choose router 4. now that being said let's say a new

now that being said let's say a new network is introduced

and even though we have more routers or more hops through this network

or more hops through this network let's say there are four hops

if the cost is low and for this case we'll say five five one one and one

we'll say five five one one and one if the total cost here is just 13

if the total cost here is just 13 even though there's more hops ospf is

even though there's more hops ospf is going to choose this path

going to choose this path because it's more efficient

so that's cost basically explained that's cost in a

basically explained that's cost in a nutshell

nutshell so here's what you've learned you've

so here's what you've learned you've received an overview of ospf

received an overview of ospf and then we got a bit more granular to

and then we got a bit more granular to the level you'll need to know for the

the level you'll need to know for the ccda exam

ccda exam including administrative areas

including administrative areas virtual links

virtual links router types

router types designated routers

designated routers neighbor exchange states

neighbor exchange states link state advertisements and best path

link state advertisements and best path selection

selection i'm confident after watching this video

i'm confident after watching this video if you know this information well you're

if you know this information well you're going to do excellent on the ospf

going to do excellent on the ospf portion of your ccda exam

portion of your ccda exam good luck in your studies

good luck in your studies hi this is david voss ccie 11372 and in

hi this is david voss ccie 11372 and in this video you're going to learn about

this video you're going to learn about isis design

specifically you're going to learn about isis operations areas

isis operations areas addressing packet types network types

addressing packet types network types and metrics so let's begin

and metrics so let's begin in recent years the isis routing

in recent years the isis routing protocol has become increasingly popular

protocol has become increasingly popular with widespread usage among service

with widespread usage among service providers it is also a very flexible

providers it is also a very flexible protocol

protocol that's been extended to incorporate

that's been extended to incorporate leading edge features such as mpls

leading edge features such as mpls traffic engineering

traffic engineering the isis routing protocol is a link

the isis routing protocol is a link state protocol as opposed to distance

state protocol as opposed to distance vector protocols

vector protocols such as igrp and rip

such as igrp and rip isis protocol is an intra-domain

isis protocol is an intra-domain osi dynamic routing protocol isis uses a

osi dynamic routing protocol isis uses a two-level hierarchy and it's used to

two-level hierarchy and it's used to support these large routing domains

support these large routing domains a large domain may be administratively

a large domain may be administratively divided into areas

divided into areas from a high level isis operates as

from a high level isis operates as follows

follows routers running isas will send hello

routers running isas will send hello packets out all

packets out all isis-enabled interfaces

isis-enabled interfaces to discovered neighbors and establish

to discovered neighbors and establish adjacencies

adjacencies routers sharing a common data link will

routers sharing a common data link will become neighbors if their hello packets

become neighbors if their hello packets contain information that meets the

contain information that meets the criteria for forming an adjacency

criteria for forming an adjacency routers may build a link state packet

routers may build a link state packet lsp

lsp based on their local interfaces that are

based on their local interfaces that are configured for isis

configured for isis and prefixes learned from other adjacent

and prefixes learned from other adjacent routers

routers and a shortest path tree is calculated

and a shortest path tree is calculated by each is

by each is and from this

and from this spt the routing table and from this the

spt the routing table and from this the routing table is built

next let's talk about areas and the routing domain within isis so an isis

routing domain within isis so an isis routing domain is similar to bgp

routing domain is similar to bgp autonomous system a routing domain is a

autonomous system a routing domain is a collection of areas under an

collection of areas under an administration that implements routing

administration that implements routing policies within the domain

first let's talk about the backbone iss does not have a backbone area like ospf

does not have a backbone area like ospf area 0.

area 0. the iss backbone is a contiguous

the iss backbone is a contiguous collection of level 2 capable routers

collection of level 2 capable routers each of which can be in a different area

each of which can be in a different area now speaking of areas within isis an

now speaking of areas within isis an individual router is only in only one

individual router is only in only one area

area and the border between areas on the link

and the border between areas on the link that connects the two routers that are

that connects the two routers that are in different areas

in different areas and the border between areas is on the

and the border between areas is on the link that connects two routers that are

link that connects two routers that are in different areas

in different areas this obviously is in contrast to ospf so

this obviously is in contrast to ospf so as you've already heard isis has a two

as you've already heard isis has a two level hierarchy contiguous level two

level hierarchy contiguous level two capable routers from the backbone

capable routers from the backbone both level 2 and level 1 routers live in

both level 2 and level 1 routers live in areas

areas routers can be level 1 level 2 or both

routers can be level 1 level 2 or both level 1 level 2.

level 1 level 2. within the cisco ios software the

within the cisco ios software the default configuration is both level 1

default configuration is both level 1 and level 2 at the same time

and level 2 at the same time this allows isis network to run with

this allows isis network to run with minimal configuration in more of a

minimal configuration in more of a plug-and-play fashion

plug-and-play fashion level 2 capable routers connect all

level 2 capable routers connect all areas within a routing domain level two

areas within a routing domain level two routers advertise their own nsap address

routers advertise their own nsap address to other two other level two routers in

to other two other level two routers in the backbone

the backbone and all level one routers and hosts in

and all level one routers and hosts in an area must have an nsap with the same

an area must have an nsap with the same area address

area address a level 2 router may have neighbors in

a level 2 router may have neighbors in the same or in different areas

the same or in different areas but it has a level 2 link state database

but it has a level 2 link state database with all information for inter area

with all information for inter area routing

routing level 2 routers know about other areas

level 2 routers know about other areas but will not have level one information

but will not have level one information from its own area

from its own area a level one and level two router may

a level one and level two router may have neighbors in any area

have neighbors in any area it has two link state databases a level

it has two link state databases a level one link state database for intra area

one link state database for intra area routing and a level two link state

routing and a level two link state database for inter area routing

database for inter area routing next let's talk about nsap addresses

next let's talk about nsap addresses an nsap describes an attachment to a

an nsap describes an attachment to a particular service at the network layer

particular service at the network layer of a node

of a node similar to the combination of ip

similar to the combination of ip destination and ip protocol number in an

destination and ip protocol number in an ip packet

ip packet an nsap address has two major parts the

an nsap address has two major parts the idp or initial domain part and the dsp

idp or initial domain part and the dsp the domain specific part

the domain specific part the idp consists of a one byte authority

the idp consists of a one byte authority and format identifier that's the afi

and format identifier that's the afi in a variable variable length initial

in a variable variable length initial domain identifier the idi

domain identifier the idi and the dsp is a string of digits

and the dsp is a string of digits identifying a particular transport

identifying a particular transport implementation

implementation of a specified afi authority

of a specified afi authority everything to the left of the system idb

everything to the left of the system idb can be thought of as the area address of

can be thought of as the area address of a network node

a network node the big difference between end step

the big difference between end step style addressing and ip style addressing

style addressing and ip style addressing is that in general there will be a

is that in general there will be a single nsap address for the entire

single nsap address for the entire router

router all is's and es in a routing domain must

all is's and es in a routing domain must have system ids of the same length

all routers in an area must have the same area address all level 2 routers

same area address all level 2 routers must have a unique system id domain wide

must have a unique system id domain wide and all level 1 routers must have a

and all level 1 routers must have a unique system id area-wide

unique system id area-wide all ess in an area will form an

all ess in an area will form an adjacency with a level 1 router on a

adjacency with a level 1 router on a shared media segment if they share the

shared media segment if they share the same area address

same area address if multiple nets are configured on the

if multiple nets are configured on the same router they must all have the same

same router they must all have the same system id

next let's talk about packet types there are four types of packets each

there are four types of packets each type can be level one or level two

type can be level one or level two first there is the intermediate system

first there is the intermediate system to intermediate system hello packet used

to intermediate system hello packet used by routers to detect neighbors and form

by routers to detect neighbors and form adjacencies

adjacencies then there's the link state packet there

then there's the link state packet there are four types of lsps level one

are four types of lsps level one pseudonode

pseudonode level one non-pseudo node level two

level one non-pseudo node level two pseudonode and level 2 non-pseudonode

pseudonode and level 2 non-pseudonode complete sequence number pdu

complete sequence number pdu csnps contain a list of all lsps in the

csnps contain a list of all lsps in the current database

current database cnsps are used to inform other routers

cnsps are used to inform other routers of lsps that may be outdated or missing

of lsps that may be outdated or missing from their own database

from their own database this ensures all routers have the same

this ensures all routers have the same information and are synchronized

information and are synchronized and then finally partial sequence number

and then finally partial sequence number pdu

pdu psnps are used to request an lsp an

psnps are used to request an lsp an acknowledged receipt of an lsp

next let's talk about network types the types of networks that isis defines

the types of networks that isis defines include point-to-point and broadcast

include point-to-point and broadcast networks

networks point-to-point networks such as serial

point-to-point networks such as serial lines connect a single pair of routers a

lines connect a single pair of routers a router running isas will form an

router running isas will form an adjacency with the neighbor on the other

adjacency with the neighbor on the other side of a point-to-point interface

side of a point-to-point interface automatically

automatically the dis is not elected on this type of

the dis is not elected on this type of link

link the basic mechanism defined

the basic mechanism defined in the standard is that each side of a

in the standard is that each side of a point-to-point link

point-to-point link declares the other side to be reachable

declares the other side to be reachable if a hello packet is received from it

if a hello packet is received from it next there's broadcast networks such as

next there's broadcast networks such as ethernet

ethernet even token ring

even token ring these are multi-access and they are able

these are multi-access and they are able to connect more than two devices all

to connect more than two devices all connected routers will receive

connected routers will receive a packet sent by one router on broadcast

a packet sent by one router on broadcast networks one is will elect itself the

networks one is will elect itself the dis

dis the dis is responsible for flooding and

the dis is responsible for flooding and it will create and flood a new

it will create and flood a new pseudonode lsp for each routing level

pseudonode lsp for each routing level that is participating that it is

that is participating that it is participating in that is level one or

participating in that is level one or level two and for each land to which it

level two and for each land to which it is configured

is configured and connected

and connected a router can be the dis for all

a router can be the dis for all connected lands or a subset of connected

connected lands or a subset of connected lands

lands depending on the configured priority

depending on the configured priority or if no priority is configured the

or if no priority is configured the layer to address

layer to address and then finally nbma networks such as

and then finally nbma networks such as frame relay or atm or x25

frame relay or atm or x25 can connect multiple devices but have no

can connect multiple devices but have no broadcast capability

broadcast capability all of the routers attached to the

all of the routers attached to the network will not receive a packet sent

network will not receive a packet sent by this router

by this router special considerations need to be taken

special considerations need to be taken in account when configuring isis over

in account when configuring isis over these types of networks

these types of networks because isis considers these media to be

because isis considers these media to be just like any other broadcast media such

just like any other broadcast media such as ethernet or token ring

as ethernet or token ring in general it is better configure

in general it is better configure point-to-point networks on wan

point-to-point networks on wan interfaces and sub-interfaces

next let's talk about isis metrics cost is the default metric and is

cost is the default metric and is supported by all routers

supported by all routers while some routing protocols calculate

while some routing protocols calculate the link metric automatically based on

the link metric automatically based on bandwidth such as ospf

bandwidth such as ospf or bandwidth and delay such as eigrp

or bandwidth and delay such as eigrp there is no automatic calculation for

there is no automatic calculation for isis

isis using old style metrics an interface

using old style metrics an interface cost is between 1 and 63.

cost is between 1 and 63. all links use the metric of 10 by

all links use the metric of 10 by default

default the total cost to a destination is the

the total cost to a destination is the sum of all costs on an outgoing

sum of all costs on an outgoing interface

interface along a particular path from the source

along a particular path from the source to the destination

to the destination and least cost paths are preferred

and least cost paths are preferred the total path metric was limited to

the total path metric was limited to 1023

this small metric value proved insufficient for large networks

insufficient for large networks and provided too little granularity for

and provided too little granularity for new features

new features the cisco ios software addresses this

the cisco ios software addresses this issue with the support of a 24-bit

issue with the support of a 24-bit metric field

metric field the so-called wide metric

the so-called wide metric now metrics can have a maximum value of

now metrics can have a maximum value of as you can see right here

as you can see right here deploying isis on the ip network with

deploying isis on the ip network with wide metrics is recommended

wide metrics is recommended to enable finer granularity and to

to enable finer granularity and to support future applications such as

support future applications such as traffic engineering

traffic engineering so you have learned quite a bit about

so you have learned quite a bit about isis you've learned about isis areas and

isis you've learned about isis areas and router types the nsap address

router types the nsap address as well as pekka types network types

as well as pekka types network types and metrics

and metrics all this information will be needed on

all this information will be needed on your ccda exam and i'm confident if

your ccda exam and i'm confident if you've studied this video well

you've studied this video well you're going to do very well on your

you're going to do very well on your exam good luck in your studies

hi this is david voss ccie 11372 and in this video we are going to

11372 and in this video we are going to cover bgp design

cover bgp design the first thing we're going to do is do

the first thing we're going to do is do an overview of bgp and then we're going

an overview of bgp and then we're going to get a little bit more granular and

to get a little bit more granular and we'll talk about bgp path attributes

we'll talk about bgp path attributes bgpas path ebgp versus ibgp

bgpas path ebgp versus ibgp public versus private asn

public versus private asn bgp updates and how bgp advertises

bgp updates and how bgp advertises routes

routes all this information you will need to

all this information you will need to know

know to understand how to properly design bgp

to understand how to properly design bgp and do well on this portion of the ccda

and do well on this portion of the ccda exam

exam so let's go ahead and begin with an

so let's go ahead and begin with an overview of bgp bgp is an exterior

overview of bgp bgp is an exterior gateway protocol that uses autonomous

gateway protocol that uses autonomous system numbers

system numbers uses tcp 179 to communicate between

uses tcp 179 to communicate between neighbors

neighbors and it really is a protocol that

and it really is a protocol that requires manual configuration for almost

requires manual configuration for almost everything it doesn't really do anything

everything it doesn't really do anything unless you tell it to do it which i

unless you tell it to do it which i really like about the protocol

really like about the protocol now it uses path attributes which are

now it uses path attributes which are key in decision making on choosing best

key in decision making on choosing best route so

route so path attributes define information about

path attributes define information about a path

a path but also

but also this information can be used to help

this information can be used to help decide upon the best path

decide upon the best path and we will draw that out in a minute

and we will draw that out in a minute here so you can understand that better

here so you can understand that better now regarding bgp path attributes there

now regarding bgp path attributes there are some that you absolutely have to

are some that you absolutely have to know and memorize the first is weight

know and memorize the first is weight weight influences a best route for the

weight influences a best route for the local router and obviously it's manually

local router and obviously it's manually configured

configured local preference influences the best

local preference influences the best route for all routers in an autonomous

route for all routers in an autonomous system so this is a shared attribute

system so this is a shared attribute a s path

a s path lists the number of autonomous system

lists the number of autonomous system numbers in the path and this can be

numbers in the path and this can be manipulated

manipulated origin is a value implying if the route

origin is a value implying if the route is from an igp

is from an igp or an egp

or an egp and then finally the med which can

and then finally the med which can influence the best route for routers in

influence the best route for routers in another as so you can influence

another as so you can influence traffic flows into uras

traffic flows into uras by sending out the med

by sending out the med to other

to other uh other routers

so here you can see we have two routers that are in autonomous system

that are in autonomous system 700

700 and then

and then upstream

upstream we have another router and autonomous

we have another router and autonomous system 140 and autonomous system 87. so

system 140 and autonomous system 87. so here you see there are four hops

here you see there are four hops but as far as bgp is concerned it's just

but as far as bgp is concerned it's just counting ases

counting ases so it counts one two

so it counts one two three as's the as path is 700

three as's the as path is 700 140 and 87.

140 and 87. why is this important to know because

why is this important to know because here's another flow that has

here's another flow that has two routers in as700 and then one router

two routers in as700 and then one router in as87

in as87 now according to this path there's just

now according to this path there's just two as's that would be the preferred

two as's that would be the preferred path

path it's critical to understand that bgp is

it's critical to understand that bgp is concerned about aes path and not so much

concerned about aes path and not so much about hop count aspath is a key

about hop count aspath is a key attribute to understand

now internal versus external bgp

internal versus external bgp ibgp is something you would run

ibgp is something you would run basically interior to your company it's

basically interior to your company it's bgp connectivity within the same

bgp connectivity within the same autonomous system

autonomous system in this routers do not update as path

in this routers do not update as path normally they should never have to

normally they should never have to because you're running the same

because you're running the same autonomous system

autonomous system and in ibgp

and in ibgp things should always be meshed routers

things should always be meshed routers should always be fully meshed and there

should always be fully meshed and there are ways you can get around this and

are ways you can get around this and we'll talk about that in a little bit

we'll talk about that in a little bit now ebgp is external connectivity to

now ebgp is external connectivity to other ass

other ass and routers do update the as path in

and routers do update the as path in those cases

so let's say we have an autonomous system

we have an autonomous system 200

200 and in our company we're running ibgp

and in our company we're running ibgp full mesh between all routers

and let's say we have connectivity to two upstream providers

two upstream providers one is autonomous system 301 and the

one is autonomous system 301 and the other provider is autonomous system

other provider is autonomous system 450. now between ourselves and our

450. now between ourselves and our providers we are running ebgp

providers we are running ebgp because it's two different as's

because it's two different as's and internally we are running ibgp

and internally we are running ibgp because we are communicating between the

because we are communicating between the same as

now configuration between ibgp and ebgps is quite similar the main difference is

is quite similar the main difference is you're choosing to communicate with the

you're choosing to communicate with the same as or a different as

same as or a different as now let's say we want to communicate to

now let's say we want to communicate to a web server

a web server over the internet

over the internet and we have a certain amount of hops now

and we have a certain amount of hops now let's say

let's say one of those paths

one of those paths through as450 takes us through quite a

through as450 takes us through quite a few more hops

few more hops but

but it takes us through fewer as's so let's

it takes us through fewer as's so let's just say for example we go through

just say for example we go through as900 and then as100

as900 and then as100 so

so that's 450

that's 450 900

900 and 100 those are the three as we

and 100 those are the three as we traverse in order to reach that route

traverse in order to reach that route now let's see on this flow through

now let's see on this flow through autonomous system 301

autonomous system 301 we go through

we go through fewer hops but more as's

now even though there's fewer hops because there are more as's we're not

because there are more as's we're not going to prefer this route

going to prefer this route there are five as's in this path

there are five as's in this path that is not going to be preferred

that is not going to be preferred to the other path which has only three

to the other path which has only three as's so we're going to choose that path

as's so we're going to choose that path we'll choose the 3as path

now let's say we're running a web server inside of our company and we're running

inside of our company and we're running ibgp between these three routers and

ibgp between these three routers and we're connecting to two upstream

we're connecting to two upstream providers using ebgp

and let's say we have users on the internet who are trying to get to this

internet who are trying to get to this web server we can manipulate the a.s

web server we can manipulate the a.s path attribute in bgp

path attribute in bgp to make them prefer one path over the

to make them prefer one path over the other

other and the way we do that well let's say

and the way we do that well let's say our autonomous system is 50

our autonomous system is 50 we can manipulate the aspath attribute

we can manipulate the aspath attribute by adding to

by adding to the as path on one of our links so

the as path on one of our links so for example the users know that they can

for example the users know that they can reach the web server via 1as well we're

reach the web server via 1as well we're going to increase that on the top router

going to increase that on the top router and we're going to manipulate it

and we're going to manipulate it manually

manually and add

and add our as over and over again to the aspath

our as over and over again to the aspath attribute

attribute and

and the users as far as bgp is concerned

the users as far as bgp is concerned that now is a longer path

that now is a longer path and therefore the user will prefer the

and therefore the user will prefer the bottom path

bottom path because it's only one hop one as hop

because it's only one hop one as hop now if that router were to fail

now if that router were to fail users would then prefer the other path

users would then prefer the other path so you see you can manipulate

so you see you can manipulate traffic flows that way now you need to

traffic flows that way now you need to understand the concept of public and

understand the concept of public and private asn's and this shouldn't be

private asn's and this shouldn't be foreign to you because you understand

foreign to you because you understand public and private i p addressing so

public and private i p addressing so autonomous system numbers are chosen

autonomous system numbers are chosen from this pool and you can use them

from this pool and you can use them for private use or public use as need be

for private use or public use as need be but you should be aware of that chart

but you should be aware of that chart now regarding bgp updates that we

now regarding bgp updates that we receive from neighbors you can receive

receive from neighbors you can receive from your provider a default route only

from your provider a default route only which many people do

which many people do or you can receive a full bgp routing

or you can receive a full bgp routing table that is literally every route

table that is literally every route that's available on the internet

that's available on the internet or you can receive just partial updates

or you can receive just partial updates and that is maybe the provider knows

and that is maybe the provider knows about certain routes via a better path

about certain routes via a better path than most other providers you can just

than most other providers you can just receive a partial update from your

receive a partial update from your provider so you should know that you can

provider so you should know that you can receive those three different types of

receive those three different types of updates that should be known for your

updates that should be known for your ccmp route exam

ccmp route exam now regarding advertising routes

now regarding advertising routes advertising bgp routes can be done four

advertising bgp routes can be done four ways either through the manual network

ways either through the manual network command

command redistribution of bgp and igp

redistribution of bgp and igp or propagation of existing bgp routes or

or propagation of existing bgp routes or again manually using the aggregate

again manually using the aggregate address command

address command maybe the best way to explain these is

maybe the best way to explain these is to simply draw it out

now imagine we have a router with an i bgp connection and an ebgp connection to

bgp connection and an ebgp connection to an upstream provider so there's our ebgp

an upstream provider so there's our ebgp connection here's our ibgp connection

connection here's our ibgp connection and we're autonomous system let's say

and we're autonomous system let's say 400. so

400. so on a router we can advertise in four

on a router we can advertise in four different ways we can manually specify

different ways we can manually specify the network we want to advertise by

the network we want to advertise by literally typing it in

literally typing it in network

network 10.10.10.0

10.10.10.0 or

or network

network 198110

198110 and we can forward that via ibgp and or

and we can forward that via ibgp and or ebgp the other way is we can learn

ebgp the other way is we can learn routes via bgp and redistribute that

routes via bgp and redistribute that route

route into let's say an interior routing

into let's say an interior routing protocol let's say if we're running ospf

protocol let's say if we're running ospf we can take the the routes we learned

we can take the the routes we learned from our ebgp neighbor and redistribute

from our ebgp neighbor and redistribute them

them the other way is to simply pass the

the other way is to simply pass the routes we're learning from our ebgp

routes we're learning from our ebgp neighbor via bgp

neighbor via bgp internally to our ibgp neighbor

internally to our ibgp neighbor so that's just pat forwarding the the

so that's just pat forwarding the the information on

information on and finally we can again manually set an

and finally we can again manually set an aggregate address

aggregate address on the router and that's a manual

on the router and that's a manual configuration to aggregate some of the

configuration to aggregate some of the routes

routes and again that can be advertised out

and again that can be advertised out either way

either way so the rule of synchronization in bgp

so the rule of synchronization in bgp you should simply know this that bgp

you should simply know this that bgp will not advertise a route unless it

will not advertise a route unless it knows about that route via an igp

knows about that route via an igp that's what you really need to know for

that's what you really need to know for the exam now you can disable this by

the exam now you can disable this by typing no synchronization on your router

typing no synchronization on your router and then it will simply forward routes

and then it will simply forward routes that are not in the igp so here's what

that are not in the igp so here's what you've learned you received an overview

you've learned you received an overview of bgp

of bgp and we dug in a little bit on bgp path

and we dug in a little bit on bgp path attributes aspath ebgp and ibgp public

attributes aspath ebgp and ibgp public and private asns

and private asns bgp updates and then the advertisement

bgp updates and then the advertisement of routes

of routes all of this you will need to know for

all of this you will need to know for your ccda exam and if you master this

your ccda exam and if you master this material i'm confident you will do very

material i'm confident you will do very well

well on this portion of your ccda exam good

on this portion of your ccda exam good luck in your studies

hi this is david boss ccie11372 and in this video we'll be covering ip

and in this video we'll be covering ip version 6 routing protocols

version 6 routing protocols so here's what you're going to learn

so here's what you're going to learn you're going to learn about ip version 6

you're going to learn about ip version 6 routing protocols an overview of them

routing protocols an overview of them and how to enable them

to support ipv6 all of the ipv4 routing protocols had to go through adaptations

protocols had to go through adaptations each had to be changed to support longer

each had to be changed to support longer addresses and prefixes and the actual

addresses and prefixes and the actual messages used to send and receive

messages used to send and receive routing information

routing information have changed in some cases as well

have changed in some cases as well using ipv6 headers instead of v4 headers

using ipv6 headers instead of v4 headers but in particular like their ipv4

but in particular like their ipv4 versions each version 6 igp

versions each version 6 igp uses v6 multicast addresses those are

uses v6 multicast addresses those are just a few of the changes

just a few of the changes but even with those changes each ipv6

but even with those changes each ipv6 igp

igp has many more similarities than

has many more similarities than differences

differences compared to their respective version

compared to their respective version version 4 cousins

let's start with rip the overall operation of rip next

the overall operation of rip next generation closely matches that of rip

generation closely matches that of rip version 2.

version 2. routers still send periodic full updates

routers still send periodic full updates with all routes

with all routes no neighbor relationships occur

no neighbor relationships occur the continuing periodic updates also

the continuing periodic updates also serve the purpose of confirming that the

serve the purpose of confirming that the neighboring router still works

neighboring router still works the big difference between rip version 2

the big difference between rip version 2 and rip next generation configuration

and rip next generation configuration is that rip next generation discards the

is that rip next generation discards the age-old rip network command and replaces

age-old rip network command and replaces it with an enable interface sub command

it with an enable interface sub command finally rip next generation allows

finally rip next generation allows multiple rip next generation processes

multiple rip next generation processes on a single router

on a single router so an ios requires that each rip next

so an ios requires that each rip next generation process is given a text name

generation process is given a text name that identifies each rip next generation

that identifies each rip next generation process

process for that one router

for that one router and there's another difference compared

and there's another difference compared to rip version 2.

to rip version 2. let's go ahead and jump into our lab

let's go ahead and jump into our lab in our lab we're going to be working on

in our lab we're going to be working on router 2 and router 4

router 2 and router 4 and we're going to go ahead and log in

and we're going to go ahead and log in and enable rip

let's take a look at our interfaces on router 2 and we're going to be working

router 2 and we're going to be working with serial zero zero and loopback one

now the first thing we'll do on router two is we're gonna go ahead and assign

two is we're gonna go ahead and assign ip version six ip addresses so

ip version six ip addresses so on interface zero zero zero even though

on interface zero zero zero even though it has an ipv4 address we obviously can

it has an ipv4 address we obviously can still add an ipv6 address

still add an ipv6 address and again we're going to shorten that so

and again we're going to shorten that so it's a lot easier we're going to use the

it's a lot easier we're going to use the the ability to shorten that address

the ability to shorten that address using the double colon

using the double colon and then the loopback address will place

and then the loopback address will place in a different subnet

in a different subnet so we're going to use 2012 and 2017.

well let's go ahead and enable rip

rip next generation on router two and before

next generation on router two and before we can do that we need to enable

we can do that we need to enable version six routing see by default a

version six routing see by default a router will route version four but not

router will route version four but not version six so

version six so we do that by typing in ipv6 unicast

we do that by typing in ipv6 unicast routing

routing and then we can enable our routing

and then we can enable our routing protocols

protocols so next we go to each interface we want

so next we go to each interface we want to enable

to enable rip on

rip on so first we'll go to interface serial

so first we'll go to interface serial zero zero

zero zero we simply type ipv6 rip and then we need

we simply type ipv6 rip and then we need to give it a process name

to give it a process name the rip process and we can run multiple

the rip process and we can run multiple multiple processes on this router

multiple processes on this router we don't use number we will use actually

we don't use number we will use actually a name

a name and we can name it pretty much anything

and we can name it pretty much anything you want for simplicity's sake we'll

you want for simplicity's sake we'll just say our process name is routing rip

just say our process name is routing rip ipv6 rip routing rip enable so we've

ipv6 rip routing rip enable so we've enabled it on

enabled it on interface serial zero zero

interface serial zero zero we will go ahead and do it on loopback

we will go ahead and do it on loopback one as well

one as well inserting it into the same rip process

inserting it into the same rip process now rip

now rip is still not running on this router

is still not running on this router until we enable it globally

router rip and then the process name which we have chosen as routing rip

now we will verify that it is running on router 2.

router 2. so ipv6 protocols there it is and you

so ipv6 protocols there it is and you see the interfaces as well

see the interfaces as well that are inserted into the rip process

that are inserted into the rip process now that being said we're not learning

now that being said we're not learning any routes

any routes because we are not

because we are not we've not established any neighbor

we've not established any neighbor because we haven't learned any routes

because we haven't learned any routes from any other ipv6 rip routers so on

from any other ipv6 rip routers so on router 4 we're going to go ahead and

router 4 we're going to go ahead and assign ip addresses

assign ip addresses to the appropriate interfaces

to the appropriate interfaces this on serial 0 1

this on serial 0 1 is the point to point

is the point to point so we will end this ip address with a

so we will end this ip address with a dot two

dot two sharing the same subnet

sharing the same subnet and then we will insert loopback one

and then we will insert loopback one into rip ultimately

into rip ultimately and we're gonna go ahead and assign it

and we're gonna go ahead and assign it to 0 1 8 so it's different than router

to 0 1 8 so it's different than router 2.

2. router 2's ip address was 2017

and then we're going to go ahead and enable rip on this router

enable rip on this router and again we need to enable unicast

and again we need to enable unicast routing

routing for version 6.

we need to insert the interfaces into the rip process

and again we'll use routing rip as our process id and here we've enabled it and

process id and here we've enabled it and let's do the same on loopback one

let's do the same on loopback one and it's as simple as typing up arrow

and it's as simple as typing up arrow now

and then finally we will enable it globally

and now you will see when we do show ipv6 protocols that it's enabled on

ipv6 protocols that it's enabled on router 4.

and now we can take a look at ipv6 rip and this shows what interfaces are

and this shows what interfaces are participating the administrative

participating the administrative distance and update intervals

and here's our routing table so we are learning the route from router 2

learning the route from router 2 which begins in 2017 so that is actively

which begins in 2017 so that is actively being advertised via rip and so we have

being advertised via rip and so we have version 6

version 6 that is rip next generation up and

that is rip next generation up and running between router 2 and router 4.

running between router 2 and router 4. it's rather straightforward

it's rather straightforward and on router 2 you will see

and on router 2 you will see the loopback from router 6 in his

the loopback from router 6 in his routing table as well so pretty

routing table as well so pretty straightforward

next let's talk about eigrp cisco originally created eigrp to

cisco originally created eigrp to advertise routes for ipv4

advertise routes for ipv4 ipx and apple talk

ipx and apple talk this original eigrp architecture

this original eigrp architecture easily allowed for yet another layer 3

easily allowed for yet another layer 3 protocol

protocol ipv6 to be added

ipv6 to be added as a result cisco did not have to change

as a result cisco did not have to change eigrp significantly to support version 6

eigrp significantly to support version 6 so there are many similarities that

so there are many similarities that exist between version 4 and version 6

exist between version 4 and version 6 versions of eigrp

versions of eigrp that being said there are some

that being said there are some differences and i've listed what you

differences and i've listed what you really need to know for the ccnp route

really need to know for the ccnp route exam

so let's go ahead and enable eigrp between router 2 and router 4.

so we already have ipv6 up and running let's go ahead under interface serial 0

let's go ahead under interface serial 0 enable eigrp

enable eigrp ipv6 eigrp we're going to use the

ipv6 eigrp we're going to use the process id of 10

process id of 10 and under loopback 1 we will also use

and under loopback 1 we will also use the process id of 10

and then very simply we just need to enable eigrp globally

and we do that via ip version 6 router eigrp process id 10.

router eigrp process id 10. and again we have to do a no shut

and again we have to do a no shut and if we look now we under ipv6

and if we look now we under ipv6 protocols

protocols we can see eigrp is running and the

we can see eigrp is running and the interfaces that are participating

interfaces that are participating pretty straightforward but again there's

pretty straightforward but again there's no communication with any eigrp

no communication with any eigrp neighbors

neighbors so let's go ahead

so let's go ahead and you'll see here

and you'll see here the topology table for router 2

the topology table for router 2 which just shows the local routes but

which just shows the local routes but again this idea of successor and

again this idea of successor and feasible successor should look familiar

feasible successor should look familiar to you

to you as it is in

as it is in ipv4 so now on router 4

ipv4 so now on router 4 we are also going to go ahead and enable

ip or eigrp and again we're going to use eigrp

and again we're going to use eigrp process id 10

process id 10 enable it under each interface that we

enable it under each interface that we would like to participate

would like to participate and then enable it globally

and then enable it globally once we do that the neighbor

once we do that the neighbor relationship between router 2 and router

relationship between router 2 and router 4 will come up

4 will come up over this point to point link

and we will see our neighbor right here

our neighbor right here so again you can see

so again you can see we have hold time up time looks looks

we have hold time up time looks looks very familiar to ipv4

very familiar to ipv4 it should look very familiar so in many

it should look very familiar so in many ways we're kind of slaying the beast

ways we're kind of slaying the beast once you get your hands on ipv6 it

once you get your hands on ipv6 it actually begins to look pretty familiar

let's look at our topology table and we will see what we've learned not only

will see what we've learned not only locally but from our neighbor

and then finally let's take a look at our eigrp routes

and there is the loopback from router 2 which we are learning on router 4 via

which we are learning on router 4 via eigrp

now regarding ospf in order to support ipv6

ipv6 an ietf working group took the ospf

an ietf working group took the ospf version 2 standard and made changes to

version 2 standard and made changes to the protocol to support version 6

the protocol to support version 6 resulting in the new protocol named ospf

resulting in the new protocol named ospf version 3.

version 3. to migrate to ipv6

to migrate to ipv6 routers run ospf version 2 for v4

routers run ospf version 2 for v4 support in version 3 for ipv6 support

finally let's go ahead and enable ospf between router 2 and router 4.

between router 2 and router 4. so on router 2 again we're using serial

so on router 2 again we're using serial 0 0 and loopback 1.

0 0 and loopback 1. we're going to place loopback 1 in a

we're going to place loopback 1 in a different area than serial 0 though

different area than serial 0 though so

so in interface serial zero zero we're

in interface serial zero zero we're gonna make that area zero so ipv6

gonna make that area zero so ipv6 process id10 we're gonna insert it into

process id10 we're gonna insert it into area zero and loopback one we're going

area zero and loopback one we're going to insert into area 24.

so this is not done like ipv4 obviously there's a pretty big difference here

there's a pretty big difference here you're enabling it under the interface

you're enabling it under the interface itself now we do need to enable ospf

itself now we do need to enable ospf globally still though it may not be

globally still though it may not be identical to version 4 but it does need

identical to version 4 but it does need to be enabled globally

to be enabled globally so we do that by ipv6 router ospf the

so we do that by ipv6 router ospf the process id

process id and that is it now let's go ahead and

and that is it now let's go ahead and enable it on router 4 as well

and we're going to do the same it will be for serial 0 1 and loop back 1.

be for serial 0 1 and loop back 1. so again under both interfaces we enable

so again under both interfaces we enable ospf

ospf via the

via the ipv6 ospf process id

ipv6 ospf process id we're going to insert the point-to-point

we're going to insert the point-to-point interface in area 0 and the loopback

interface in area 0 and the loopback interface will assign

interface will assign to a different area which is will create

to a different area which is will create area 34.

and then we enable ospf globally again process id 10.

and let's go ahead and take a look at our

our ospf

ospf routes

and there we have learn via ospf the loopback from router 2.

we can look at our ospf neighbors there is rudder 2 as our neighbor

is rudder 2 as our neighbor again this should look pretty familiar

again this should look pretty familiar to version four

to version four version six

version six ospf support it does not look all that

ospf support it does not look all that different than version four and here you

different than version four and here you see

see the lsas

you can see the similarities between ospf version 2 and version 3. there's

ospf version 2 and version 3. there's quite a few of them and understanding

quite a few of them and understanding the concepts of version 4 will certainly

the concepts of version 4 will certainly help you in understanding how version 6

help you in understanding how version 6 works

works so here's what you've learned you've had

so here's what you've learned you've had an overview of each of the version six

an overview of each of the version six routing protocols that you'll need to

routing protocols that you'll need to know for the exam and then you've seen

know for the exam and then you've seen actually how to enable them in the lab i

actually how to enable them in the lab i wish you the best of luck in your

wish you the best of luck in your studies thank you

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about

to learn about security threats and risks

security threats and risks security is a large portion of the ccda

security is a large portion of the ccda exam so you'll need to know everything

exam so you'll need to know everything in this video

it is important to be aware of the different types of attacks that can

different types of attacks that can impact your systems on the network

impact your systems on the network security threats can be classified into

security threats can be classified into three categories

three categories reconnaissance

reconnaissance gaining unauthorized access and denial

gaining unauthorized access and denial of service

of service the goal of reconnaissance

the goal of reconnaissance reconnaissance is to gather as much

reconnaissance is to gather as much information as possible

information as possible about the target network

about the target network getting unauthorized access obviously

getting unauthorized access obviously refers to the act of actually

refers to the act of actually attacking or exploiting the network

attacking or exploiting the network or host and then denial of service

or host and then denial of service these aim to overwhelm the resources on

these aim to overwhelm the resources on the network such as memory cpu

the network such as memory cpu and bandwidth and thus impact

and bandwidth and thus impact the target system

the target system and affect the devices on the network

and affect the devices on the network negatively

reconnaissance network tools are used to gather information

gather information from hosts attached to the network and

from hosts attached to the network and they have many capabilities they can

they have many capabilities they can determine the operating system

determine the operating system identify file permissions

identify file permissions trust relationships

trust relationships and user permissions as well

and user permissions as well here are some of the popular scanning

here are some of the popular scanning tools that are used

tools that are used kismet is an 802.11

kismet is an 802.11 wireless sniffer

wireless sniffer an ids system

an ids system and it can collect traffic from

and it can collect traffic from any 802.11

any 802.11 network

network it does this by detecting wireless

it does this by detecting wireless networks

networks even when they were hidden

even when they were hidden and then it can collect packets from

and then it can collect packets from those networks

those networks netstumbler

netstumbler is another wireless network scanner

is another wireless network scanner and it can

and it can discover and scan networks even if the

discover and scan networks even if the ssid

ssid is not being broadcast

is not being broadcast and then arguably the most popular is

and then arguably the most popular is nmap or network mapper

nmap or network mapper and it's designed to scan large networks

and it's designed to scan large networks or it can actually be used to

or it can actually be used to scan a single host

scan a single host it's an open source utility and it's

it's an open source utility and it's used for network exploration

used for network exploration and security audits

now there are different types of scanners such as vulnerability scanners

scanners such as vulnerability scanners and they determine the potential

and they determine the potential exposures that are present in the

exposures that are present in the network

network here are some of the more popular tools

here are some of the more popular tools used for vulnerability scanning

used for vulnerability scanning saint which is security administrators

saint which is security administrators integrated network tool is a

integrated network tool is a vulnerability assessment application

vulnerability assessment application mbsa microsoft baseline security

mbsa microsoft baseline security analyzer is used to scan systems and

analyzer is used to scan systems and identify whether

identify whether patches are missing from windows

patches are missing from windows products

products and nessus is designed to automate

and nessus is designed to automate testing discovery

testing discovery of known vulnerabilities it's an open

of known vulnerabilities it's an open source tool that runs on a variety

source tool that runs on a variety of operating systems

hackers use several techniques to gain system access

system access one approach is when unauthorized people

one approach is when unauthorized people use usernames and passwords

use usernames and passwords to escalate the accounts privilege

to escalate the accounts privilege levels

levels some system user accounts have default

some system user accounts have default administrative username and password

administrative username and password pairings

pairings that are common knowledge

that are common knowledge in some environments

in some environments there are passwords that are well known

there are passwords that are well known i'll give you one example

i'll give you one example i was at a large

i was at a large fortune 500 company

fortune 500 company and we did a security audit

and we did a security audit and we ran a password scanning tool

and we ran a password scanning tool and we found over 50 percent of the

and we found over 50 percent of the passwords

passwords were easily cracked within minutes

were easily cracked within minutes because

because those passwords were set to the name of

those passwords were set to the name of the company

the company obviously it would be rather easy to

obviously it would be rather easy to gain access to whatever system you would

gain access to whatever system you would like

like if half the company is using the same

if half the company is using the same password which can be easily guessed

password which can be easily guessed needless to say they fixed that problem

needless to say they fixed that problem with better security policies

with better security policies but

but unauthorized access isn't just about

unauthorized access isn't just about setting the appropriate password

setting the appropriate password it can also be obtained through the use

it can also be obtained through the use of social engineering

of social engineering actually most confidential information

actually most confidential information such as badges and usernames and

such as badges and usernames and passwords

passwords can be uncovered simply by walking

can be uncovered simply by walking around an organization

around an organization in addition to social engineering

in addition to social engineering hackers can obtain account information

hackers can obtain account information by using password cracking utilities

by using password cracking utilities or capturing network traffic

or capturing network traffic these automated software tools are very

these automated software tools are very powerful and as long as you have network

powerful and as long as you have network access in any way

access in any way they can easily be run

they can easily be run and you can easily obtain the

and you can easily obtain the information you need

information you need if security is not properly implemented

if security is not properly implemented next let's talk about security risks

next let's talk about security risks to protect network resources processes

to protect network resources processes and procedures

and procedures technology needs to address several

technology needs to address several security risks

security risks important network characteristics that

important network characteristics that can be at risk from security threats

can be at risk from security threats include data confidentiality

include data confidentiality data integrity and system availability

data integrity and system availability let's talk about that now

let's talk about that now daily confidentiality should ensure that

daily confidentiality should ensure that only legitimate users can view sensitive

only legitimate users can view sensitive information

information data integrity should ensure that only

data integrity should ensure that only authorized users can change critical

authorized users can change critical information

information and system availability should ensure

and system availability should ensure uninterrupted access to critical network

uninterrupted access to critical network and computing resources

in addition the use of redundant hardware and encryption

hardware and encryption can significantly reduce the risks

can significantly reduce the risks associated with all these three

associated with all these three system availability data integrity and

system availability data integrity and data confidentiality

data confidentiality next let's discuss targets

next let's discuss targets given the wide range of threats just

given the wide range of threats just about anything on the network is

about anything on the network is vulnerable and is a potential target

vulnerable and is a potential target individual hosts are usually the number

individual hosts are usually the number one thing that hackers are looking to

one thing that hackers are looking to access

access but they're especially susceptible to

but they're especially susceptible to worms and viruses

worms and viruses other high value targets include devices

other high value targets include devices that support the network

that support the network obviously this would be routers and

obviously this would be routers and switches

switches possibly even firewalls

possibly even firewalls dhcp servers and dns servers certainly

dhcp servers and dns servers certainly and management stations such as snmp or

and management stations such as snmp or even ip phones

even ip phones next let's talk about loss of

next let's talk about loss of availability or denial of service

availability or denial of service dos attacks try to block or deny access

dos attacks try to block or deny access to impact the availability of network

to impact the availability of network services

services here are some common failure points due

here are some common failure points due to ddos attacks a network device a host

to ddos attacks a network device a host or an application fails to process large

or an application fails to process large amounts of data sent to it

amounts of data sent to it that then crashes or breaks

that then crashes or breaks communication ability for that device

communication ability for that device a host or application is unable to

a host or application is unable to handle an unexpected condition that was

handle an unexpected condition that was sent to it

sent to it and therefore

and therefore there's resource depletion or failure

there's resource depletion or failure and nearly all dos attacks are carried

and nearly all dos attacks are carried out with spoofing or flooding methods

now that being said cisco provides you many tools to deal with this

many tools to deal with this and here they are for you now

and here they are for you now dhcp snooping

dynamic arp inspection unicast reverse path forwarding

access control lists and rate limiting

and rate limiting if you study this chart and know it well

if you study this chart and know it well you will most certainly be prepared for

you will most certainly be prepared for the ccda exam

the ccda exam when it comes to how to manage against

when it comes to how to manage against denial of service attacks

denial of service attacks when attackers change sensitive data

when attackers change sensitive data without authorization it's called an

without authorization it's called an integrity violation

integrity violation so for example an attacker might access

so for example an attacker might access financial data

financial data change it or delete it

change it or delete it it's important to use restrictive access

it's important to use restrictive access controls to prevent integrity violations

controls to prevent integrity violations and confidentiality attacks

and confidentiality attacks and here are some ways you can enforce

and here are some ways you can enforce access control and reduce risks

access control and reduce risks you can separate networks using vlans

you can separate networks using vlans and packet filtering firewalls

and packet filtering firewalls restrict access with operating system

restrict access with operating system based controls

based controls limit user access by using user profiles

limit user access by using user profiles and then use encryption techniques to

and then use encryption techniques to store your data

the security policies and organization employees

employees use what are called risk assessments and

use what are called risk assessments and cost benefit analysis

cost benefit analysis to reduce security risks

the following figure shows the three components of risk assessment

components of risk assessment control refers to how do you use the

control refers to how do you use the security policy

security policy to minimize potential risks

to minimize potential risks severity describes the level of the risk

severity describes the level of the risk to the organization

to the organization and probability is the likeness that an

and probability is the likeness that an attack against the assets will occur

attack against the assets will occur a risk assessment should explain

a risk assessment should explain what assets to secure

what assets to secure the value of those assets

the value of those assets the loss that would result from an

the loss that would result from an attack

attack the severity and probability of an

the severity and probability of an attack against the assets

attack against the assets and how to use a security policy to

and how to use a security policy to minimize the risks

minimize the risks of the attack

of the attack in many cases security costs can be

in many cases security costs can be justified by describing the loss of

justified by describing the loss of productivity or revenue

productivity or revenue that could occur during security

that could occur during security incidents

a risk index is used to consider the risks of potential threats

risks of potential threats the risk index is based on the risk

the risk index is based on the risk assessment components

assessment components which are severity of loss if the asset

which are severity of loss if the asset is compromised

is compromised probability of the risk actually

probability of the risk actually occurring and ability to control and

occurring and ability to control and manage the risk

manage the risk one approach to determining a risk index

one approach to determining a risk index is to give each risk factor a value from

is to give each risk factor a value from one to three one being the lowest risk

one to three one being the lowest risk and three being the highest

and three being the highest so for example a high severity risk

so for example a high severity risk would have a substantial impact

would have a substantial impact on the users or the organization

on the users or the organization medium severity risks would have an

medium severity risks would have an effect on a single department

effect on a single department and low severity risks would have

and low severity risks would have limited impact

limited impact the risk index is calculated by

the risk index is calculated by multiplying the severity times the

multiplying the severity times the probability factor

probability factor and then dividing by the control factor

and then dividing by the control factor the following is an example of a risk

the following is an example of a risk index calculation for a typical large

index calculation for a typical large corporation

so here's what you've learned you've received a really good introduction to

received a really good introduction to security and i know there's a lot in

security and i know there's a lot in this video actually but yes it is just

this video actually but yes it is just an introduction still

an introduction still you've learned about network attacks

you've learned about network attacks reconnaissance scanners vulnerability

reconnaissance scanners vulnerability software

software security risks and targets denial of

security risks and targets denial of service

service preventing breaches

preventing breaches and performing risk assessments all of

and performing risk assessments all of these

these were basic introductions

were basic introductions but at the level you will need for your

but at the level you will need for your ccda exam

ccda exam there again is plenty to learn after

there again is plenty to learn after this but this lays a solid foundation

this but this lays a solid foundation for you moving forward in your studies

for you moving forward in your studies good luck

hi this is david voss ccie11372 and in this video we're

ccie11372 and in this video we're covering security policy and process

covering security policy and process in this video you're going to learn

in this video you're going to learn about network security elements and then

about network security elements and then we're going to dig a deep dive into

we're going to dig a deep dive into security policies including their

security policies including their purpose

purpose the development of security policies and

the development of security policies and the security policy life cycle

the security policy life cycle so let's begin

so let's begin to provide the proper levels of security

to provide the proper levels of security and increased network availability a

and increased network availability a policy a security policy

policy a security policy is a crucial element in providing secure

is a crucial element in providing secure network services

network services it's an important concept to understand

it's an important concept to understand not just for the ccda exam but

not just for the ccda exam but to function in today's environments

to function in today's environments where security is so crucial

where security is so crucial business requirements and risk analysis

business requirements and risk analysis are used in the development of security

are used in the development of security policy and it is often a balance between

policy and it is often a balance between ease of access versus the security risk

ease of access versus the security risk and cost of implementing the security

and cost of implementing the security technology when making decisions

technology when making decisions in terms of network security in the

in terms of network security in the system life cycle the business needs are

system life cycle the business needs are a key area to consider

a key area to consider these needs define what the business

these needs define what the business wants to do with the network

wants to do with the network risk analysis is another part of the

risk analysis is another part of the system life cycle which explains the

system life cycle which explains the risks and their costs

risks and their costs so business needs and risk assessment

so business needs and risk assessment feed information to formulate the

feed information to formulate the security policy

security policy the security policy describes the

the security policy describes the organization's processes procedures

organization's processes procedures guidelines and standards

finally an organization security team needs to have the processes and

needs to have the processes and procedures defined

procedures defined this information helps explain what

this information helps explain what needs to happen for instance response

needs to happen for instance response security monitoring

security monitoring maintenance

maintenance and compliance

and compliance as you can see here the concerti

as you can see here the concerti consideration

consideration is prefaced with a question

is prefaced with a question and then you can see what aspect

and then you can see what aspect of security preparation and policies and

of security preparation and policies and procedures

procedures can deal with that consideration

can deal with that consideration it's key that you memorize this chart

it's key that you memorize this chart for the ccda exam

rfc 2196 says a security policy is a formal statement of the rules by which

formal statement of the rules by which people who are given access

people who are given access to an organization's technology and

to an organization's technology and information assets must abide

information assets must abide so when you are developing security

so when you are developing security policies for an organization

policies for an organization rfc 2196 can serve as a guide

rfc 2196 can serve as a guide for developing security processes and

for developing security processes and procedures

procedures the basic approach of creating a

the basic approach of creating a security policy is to identify what you

security policy is to identify what you are trying to protect

are trying to protect determine what you're trying to protect

determine what you're trying to protect it from

it from determine how likely the threats are

determine how likely the threats are implement measures that protect your

implement measures that protect your assets in a cost effective manner

assets in a cost effective manner and then review the process continuously

and then review the process continuously and make improvements each time a

and make improvements each time a weakness is found

weakness is found one of the main purposes of a security

one of the main purposes of a security policy is to describe the roles and

policy is to describe the roles and requirements for securing technology and

requirements for securing technology and information assets

information assets the policy defines the ways in which

the policy defines the ways in which these requirements will be met

these requirements will be met there are two main reasons for having a

there are two main reasons for having a security policy first it provides the

security policy first it provides the framework for the security

framework for the security implementation

implementation and then it creates a security baseline

and then it creates a security baseline of the current security posture

of the current security posture here are some questions you might ask

here are some questions you might ask when developing a security policy

when developing a security policy what data and assets will be included in

what data and assets will be included in the policy what network communication is

the policy what network communication is permitted between hosts

permitted between hosts how will policies be implemented

how will policies be implemented and how the latest attacks impact your

and how the latest attacks impact your network in security systems

network in security systems a security policy is divided into

a security policy is divided into smaller parts that help describe the

smaller parts that help describe the overall risk management policy

overall risk management policy identification of assets and where

identification of assets and where security should be applied

security should be applied there are other documents which

there are other documents which concentrate on specific areas of risk

concentrate on specific areas of risk management

management the acceptable use policy

the acceptable use policy this document defines the roles and

this document defines the roles and responsibilities within risk management

responsibilities within risk management network access control policy

network access control policy defines access control principles used

defines access control principles used in the network

in the network and how data is classified

and how data is classified security management policy explains how

security management policy explains how to manage the security infrastructure

to manage the security infrastructure and then incident handling policy

and then incident handling policy defines the processes

defines the processes and procedures for managing security

and procedures for managing security incidents

incidents if you look at this chart and memorize

if you look at this chart and memorize it you'll do excellent on this portion

it you'll do excellent on this portion of your ccda exam

as requirements change and new technology is developed the network

technology is developed the network security policy needs to be updated to

security policy needs to be updated to reflect those changes

reflect those changes so here are some steps that are used to

so here are some steps that are used to facilitate the continuing efforts

facilitate the continuing efforts in the maintenance of security policies

in the maintenance of security policies secure monitor test and improve

secure monitor test and improve secure means identification

secure means identification authentication acls

authentication acls vpns

vpns monitor intrusion and content-based

monitor intrusion and content-based detection and response

detection and response test is assessment vulnerability

test is assessment vulnerability scanning and security auditing

scanning and security auditing and improve is for data analysis

and improve is for data analysis reporting and intelligent network

reporting and intelligent network security

today's network designs demonstrate an increased use of security mechanisms

increased use of security mechanisms and have become more tightly integrated

and have become more tightly integrated with network design

with network design trust and identity management is a part

trust and identity management is a part of the safe security reference

of the safe security reference architecture

architecture and is crucial for the development of a

and is crucial for the development of a secure network design

secure network design this management of trust and identity

this management of trust and identity defines who and what can access the

defines who and what can access the network when

network when where and how that access can occur

where and how that access can occur if you take a look at the following

if you take a look at the following diagram

diagram it shows the main three components of

it shows the main three components of trust and identity identity management

trust and identity identity management our trust

our trust identity and access control so let's

identity and access control so let's talk about each of these three

talk about each of these three trust is the relationship between two or

trust is the relationship between two or more network entities

more network entities that are permitted to communicate

that are permitted to communicate domains of trust are a way

domains of trust are a way to group network systems that share a

to group network systems that share a common policy or function

common policy or function network segments have different trust

network segments have different trust values depending on the resources they

values depending on the resources they are securing

are securing therefore domains of trust can be

therefore domains of trust can be applied

applied these types of security controls can be

these types of security controls can be applied to network segments

applied to network segments as it is important to consider the trust

as it is important to consider the trust relationships

relationships between segments

between segments here's an example of domains of trust

here's an example of domains of trust you have your internet

you have your internet internet access edge

internet access edge and then your dmz and then your internal

and then your dmz and then your internal network each of those are separate

network each of those are separate domains

domains obviously on the internal network you

obviously on the internal network you just want the appropriate internal users

just want the appropriate internal users in the dmz you're allowing a blending of

in the dmz you're allowing a blending of the two and on the internet obviously

the two and on the internet obviously you just are expecting for there only to

you just are expecting for there only to be exterior

be exterior users on that portion of the network so

users on that portion of the network so how you apply security will greatly

how you apply security will greatly depend on the domain of trust you are

depend on the domain of trust you are trying to protect

trying to protect identity is the who of a trust

identity is the who of a trust relationship these can be users devices

relationship these can be users devices or organizations or or a combination of

or organizations or or a combination of all of the above

all of the above network entities are validated by

network entities are validated by credentials and authentication of the

credentials and authentication of the identity is based on the following

identity is based on the following attributes

attributes something the subject knows such as a

something the subject knows such as a password

password something the subject has such as a

something the subject has such as a possession

possession and something the subject is such as a

and something the subject is such as a human characteristic fingerprint retina

human characteristic fingerprint retina scan etc

scan etc the first two are the most likely and

the first two are the most likely and the most popular ways of securing

the most popular ways of securing something you know and something you

something you know and something you have with you

have with you most companies are now expecting

most companies are now expecting two-factor authentication

so here's what you've learned you've learned about network security elements

learned about network security elements and then we dug into security policies

and then we dug into security policies in detail

in detail at least enough for you to know for your

at least enough for you to know for your ccda exam by digging into the purpose

ccda exam by digging into the purpose development and life cycle of security

development and life cycle of security policies

policies if you know what's in this video i'm

if you know what's in this video i'm confident you'll do well in this portion

confident you'll do well in this portion of the ccda

of the ccda good luck in your studies

hi this is david voss ccie 11372 and in this video you're going to learn about

this video you're going to learn about cisco safe

cisco safe specifically we're going to do an

specifically we're going to do an overview of cisco safe and then we will

overview of cisco safe and then we will talk about securing the individual

talk about securing the individual modules of the enterprise campus

modules of the enterprise campus so let's begin

so let's begin the cisco safe or security architecture

the cisco safe or security architecture for the enterprise

for the enterprise blueprint provides to network and

blueprint provides to network and security designers guidelines for

security designers guidelines for implementing security mechanisms for the

implementing security mechanisms for the cisco campus design

cisco campus design the safe blueprint follows the

the safe blueprint follows the enterprise composite network modular

enterprise composite network modular approach

approach presented throughout this entire

presented throughout this entire video series

video series all of the safe strategies are applied

all of the safe strategies are applied to each module and component of the

to each module and component of the enterprise architecture model's design

enterprise architecture model's design from a network design standpoint the

from a network design standpoint the safe blueprint is a security

safe blueprint is a security architecture that covers the following

architecture that covers the following aspects

aspects attack mitigation policy

attack mitigation policy enterprise-wide deployment

enterprise-wide deployment secure reporting and management

secure reporting and management authentication and authorization

authentication and authorization ids and ongoing support for emerging

ids and ongoing support for emerging technology

technology the policy for attack mitigation ensures

the policy for attack mitigation ensures that possible attacks and threats

that possible attacks and threats to the organization can be identified

to the organization can be identified and defines the countermeasures that

and defines the countermeasures that will be used against those attacks

will be used against those attacks the safe blueprint is usually applied in

the safe blueprint is usually applied in an enterprise-wide deployment

an enterprise-wide deployment not just to an isolated component

not just to an isolated component it also provides methods and mechanisms

it also provides methods and mechanisms for ensuring that the reporting

for ensuring that the reporting management and auditing

management and auditing are accomplished in a secure fashion

are accomplished in a secure fashion it includes secure authentication and

it includes secure authentication and authorization

authorization with strong encryption and digital

with strong encryption and digital signing techniques including public key

signing techniques including public key infrastructure pki

infrastructure pki it also includes intrusion detection

it also includes intrusion detection services for critical resources and

services for critical resources and networks

networks the safe blueprint provides ongoing

the safe blueprint provides ongoing support from cisco for all the emerging

support from cisco for all the emerging technologies it provides

the safe blueprint allows you to apply a systematic approach to security from a

systematic approach to security from a modular standpoint

modular standpoint risk at the internet connectivity block

risk at the internet connectivity block would include the following

would include the following reconnaissance tools

reconnaissance tools port scanning tools

port scanning tools ip mapping tools mail relay

ip mapping tools mail relay distributed denial of service

distributed denial of service and malware including malicious code

and malware including malicious code viruses

viruses trojan horses and worms

trojan horses and worms in order to secure the internet

in order to secure the internet connectivity block the safe blueprint

connectivity block the safe blueprint recommends the use of firewalls

recommends the use of firewalls router access lists and network ids to

router access lists and network ids to mitigate the risks presented

mitigate the risks presented already

already you should also consider hardening the

you should also consider hardening the network devices and servers in that

network devices and servers in that particular block

particular block you can also build dmz networks

you can also build dmz networks to isolate specific devices from the

to isolate specific devices from the network infrastructure for many

network infrastructure for many organizations the e-commerce block may

organizations the e-commerce block may get its internet connectivity through

get its internet connectivity through the internet connectivity block

the internet connectivity block or it may have its own connections to an

or it may have its own connections to an isp

isp regardless of this aspect

regardless of this aspect the risks and guidelines for the

the risks and guidelines for the e-commerce block are very similar to the

e-commerce block are very similar to the internet con connectivity block

internet con connectivity block recommendations

recommendations according to the safe blueprint in this

according to the safe blueprint in this block you should protect high profile

block you should protect high profile ecommerce servers

ecommerce servers as this is where you will also encounter

as this is where you will also encounter the defacing of web services technique

the defacing of web services technique the e-commerce block is also vulnerable

the e-commerce block is also vulnerable to denial of service and distributed

to denial of service and distributed denial of service attacks

denial of service attacks counter measures in the e-commerce block

counter measures in the e-commerce block involve using access lists filtering and

involve using access lists filtering and firewalls that protect the database

firewalls that protect the database applications

applications or transaction servers

or transaction servers the server should be hardened by using

the server should be hardened by using only the necessary applications and

only the necessary applications and ports

ports ensure that the e-commerce applications

ensure that the e-commerce applications are secure

are secure by frequently updating and patching them

by frequently updating and patching them cisco ids should also be used and the

cisco ids should also be used and the e-commerce block should be placed into a

e-commerce block should be placed into a dedicated dmz zone

dedicated dmz zone to isolate it from other blocks of the

to isolate it from other blocks of the network

the vpn and remote access block is often connected through the internet

connected through the internet connectivity block to various internet

connectivity block to various internet service providers so you should use

service providers so you should use common techniques for securing it

common techniques for securing it however

however because you will be using vpn

because you will be using vpn technologies some unique security

technologies some unique security mechanisms can be implemented

mechanisms can be implemented because remote access and vpn networks

because remote access and vpn networks often use the public internet or pstn as

often use the public internet or pstn as their carrier you should be aware of

their carrier you should be aware of possible spoofing techniques that will

possible spoofing techniques that will allow an attacker to impersonate a

allow an attacker to impersonate a legitimate client and get remote access

legitimate client and get remote access or vpn access to the enterprise network

or vpn access to the enterprise network the network becomes vulnerable to

the network becomes vulnerable to spoofing if the attacker is able to

spoofing if the attacker is able to steal credentials or guess the

steal credentials or guess the authentication key

authentication key in order to secure the remote access

in order to secure the remote access block you should carefully implement vpn

block you should carefully implement vpn technologies using dedicated equipment

technologies using dedicated equipment which includes advanced security

which includes advanced security mechanisms

mechanisms you can use the ipsec protocol to assure

you can use the ipsec protocol to assure proper authentication authorization and

proper authentication authorization and and ids and firewall equipment can be

and ids and firewall equipment can be used as well

used as well in order to secure the wam block

in order to secure the wam block according to the safe blueprint vpn

according to the safe blueprint vpn techniques are used to ensure

techniques are used to ensure point-to-point secure connections

point-to-point secure connections you should also use strong cryptography

you should also use strong cryptography methods such as triple des or aes

methods such as triple des or aes to provide the confidentiality and

to provide the confidentiality and integrity of the data packets

integrity of the data packets in addition use authentication with all

in addition use authentication with all the wan peers and harden the lan routers

the wan peers and harden the lan routers to ensure that only the necessary

to ensure that only the necessary protocols and ports are used

protocols and ports are used additional security measures including

additional security measures including using filtering techniques based on

using filtering techniques based on cisco access lists and on network

cisco access lists and on network devices

the network management sub-module must be secured and it's especially

be secured and it's especially vulnerable to inside attacks

vulnerable to inside attacks the written security policy should

the written security policy should describe the procedures that apply to

describe the procedures that apply to this sub-module

this sub-module and a best practice is using aaa

and a best practice is using aaa services these are usually based on

services these are usually based on radius or tacx servers that will provide

radius or tacx servers that will provide authentication

authentication other possible problems might involve

other possible problems might involve administrator impersonation for

administrator impersonation for individuals who might want to get

individuals who might want to get administrative level privileges

administrative level privileges that will provide them access to all the

that will provide them access to all the other blocks in the enterprise campus

other blocks in the enterprise campus module

module in order to mitigate these threats you

in order to mitigate these threats you should use strong encryption techniques

should use strong encryption techniques and ssh instead of telnet for remote

and ssh instead of telnet for remote administration

in the server farm block the main goal is to protect the servers using strong

is to protect the servers using strong and secure operating systems and

and secure operating systems and applications

applications the servers should be periodically

the servers should be periodically verified to ensure that they have all

verified to ensure that they have all the proper updates and patches

the proper updates and patches and that they are hardened

and that they are hardened the server farm block can include

the server farm block can include firewall policies that will assure

firewall policies that will assure proper access control as well as switch

proper access control as well as switch acls that will only allow certain

acls that will only allow certain traffic to flow at the data length layer

traffic to flow at the data length layer ids should also be used in this block to

ids should also be used in this block to ensure connectivity

ensure connectivity to other campus blocks

to other campus blocks the access layer block is the place

the access layer block is the place where the end hosts and the lower end

where the end hosts and the lower end access switches are located

access switches are located in order to secure them you should use

in order to secure them you should use hiddes hids technologies

hiddes hids technologies in addition to the standard hardening

in addition to the standard hardening techniques

techniques which will only allow the necessary

which will only allow the necessary application services and ports to run if

application services and ports to run if the access layer block also includes

the access layer block also includes complex ip telephony integration

complex ip telephony integration special measures must be taken to a

special measures must be taken to a secure the voip infrastructure

so here's what you've learned you've received an overview of cisco safe

received an overview of cisco safe and then you've learned about securing

and then you've learned about securing the individual modules of the enterprise

the individual modules of the enterprise campus

campus all this information you will definitely

all this information you will definitely need to know for your ccda exam good

need to know for your ccda exam good luck in your studies

and in this video you're going to learn about security management

about security management specifically you're going to learn about

specifically you're going to learn about security threats and risks

security threats and risks security targets security policies and

security targets security policies and then threat defense

then threat defense so let's begin

so let's begin the ccda candidate must understand the

the ccda candidate must understand the reasons for network security

reasons for network security including the systematic approaches to

including the systematic approaches to managing security

managing security cisco invented a concept called

cisco invented a concept called self-defending network

self-defending network which describes the network

which describes the network infrastructure and the services used

infrastructure and the services used in order for the network to respond to

in order for the network to respond to attacks

attacks first let's talk about security threats

first let's talk about security threats and risks

and risks efficient security mechanisms must

efficient security mechanisms must address organizational threats

address organizational threats and mitigate risks successfully

and mitigate risks successfully the network designer

the network designer should create a secure environment for

should create a secure environment for the organization

the organization by doing everything he can to prevent

by doing everything he can to prevent attacks

attacks while ensuring that the security

while ensuring that the security features have minimal effect on end user

features have minimal effect on end user productivity

productivity a network security implementation must

a network security implementation must mitigate multiple factors

mitigate multiple factors and accomplish the following

and accomplish the following block outside malicious users from

block outside malicious users from getting access to the network

getting access to the network allow only system hardware and

allow only system hardware and application access to authorized users

application access to authorized users prevent attacks from being sourced

prevent attacks from being sourced internally

internally support different levels of user access

support different levels of user access using an access control policy and

using an access control policy and safeguard the data from being changed

safeguard the data from being changed modified or stolen

modified or stolen the next thing we will concern ourselves

the next thing we will concern ourselves with are the targets what are the

with are the targets what are the targets on the network and this helps

targets on the network and this helps you develop a good security policy and

you develop a good security policy and posture

posture targets on the network include the

targets on the network include the following any kind of network

following any kind of network infrastructure device such as a switch

infrastructure device such as a switch router security appliance or wireless

router security appliance or wireless access point

access point network services such as dns icmp dhcp

network services such as dns icmp dhcp endpoint devices especially management

endpoint devices especially management stations that perform in-band or

stations that perform in-band or out-of-band management

out-of-band management and network bandwidth which can be

and network bandwidth which can be overwhelmed by denial of service attacks

overwhelmed by denial of service attacks the security policy is a small part of a

the security policy is a small part of a larger network security system life

larger network security system life cycle

cycle that is driven by an assessment of the

that is driven by an assessment of the business needs and comprehensive risk

business needs and comprehensive risk analysis

analysis risk assessment may also need to be

risk assessment may also need to be performed

performed using penetration testing and

using penetration testing and vulnerability scanning tools

vulnerability scanning tools the security policy

the security policy should contain written documents

should contain written documents that include the following

that include the following guidelines

guidelines processes

processes standards

standards acceptable use policies

acceptable use policies architectures and infrastructure

architectures and infrastructure elements used

elements used and then granular areas of security

and then granular areas of security policy such as internet use policy

policy such as internet use policy or access control policy

or access control policy the most important aspects covered by

the most important aspects covered by the written security policy and

the written security policy and procedures are

procedures are identifying the company's assets

identifying the company's assets determining how the organization owns

determining how the organization owns assets are used

assets are used defining communication roles and

defining communication roles and responsibilities

responsibilities describing existing tools and processes

describing existing tools and processes defining the security incident handling

defining the security incident handling process

process and then a steering committee will

and then a steering committee will review and eventually publish

review and eventually publish this security policy after all the

this security policy after all the important documents have been finalized

important documents have been finalized some of the best practices for

some of the best practices for protecting the network infrastructure

protecting the network infrastructure through trust and identity include the

through trust and identity include the following

following use

use aaa services with the cisco acs server

use 802.1x port authentication

port authentication logging using syslog

logging using syslog and

and sde this is a protocol used by cisco ids

sde this is a protocol used by cisco ids and ips sensors to send information

and ips sensors to send information to the management stations

to the management stations using ssh instead of telnet to avoid any

using ssh instead of telnet to avoid any management traffic crossing the the

management traffic crossing the the network in clear text

network in clear text using secure versions of management

using secure versions of management protocols such as snmp version 3

protocols such as snmp version 3 ntp version 3 and sftp

ntp version 3 and sftp harden all network devices by making

harden all network devices by making sure unnecessary services are disabled

sure unnecessary services are disabled use authentication between devices that

use authentication between devices that are running dynamic routing protocols

are running dynamic routing protocols use the cisco one step lockdown feature

use the cisco one step lockdown feature on network devices to harden them

on network devices to harden them use acls to restrict management access

use acls to restrict management access allowing only certain hosts to access

allowing only certain hosts to access the network devices

the network devices use ipsec as an internal encryption

use ipsec as an internal encryption method

method or external vpn solution

or external vpn solution and then use cisco network admission

and then use cisco network admission control solution

control solution which ensures that network clients and

which ensures that network clients and servers are patched and updated in an

servers are patched and updated in an automated and centralized fashion

so here's what you've learned you've learned about security threats and risks

learned about security threats and risks security targets

security targets security policies and threat defense all

security policies and threat defense all these you will need to understand

these you will need to understand not only for your ccda exam but also to

not only for your ccda exam but also to support your own network good luck in

support your own network good luck in your studies

hi this is david voss cci11372 and in this video you're going

cci11372 and in this video you're going to learn about traditional voice systems

to learn about traditional voice systems specifically we're going to do an

specifically we're going to do an overview

overview and then we'll dig into a pbx telephony

and then we'll dig into a pbx telephony signaling

signaling public switch telephone number numbering

public switch telephone number numbering plan

plan and then pstn services

and then pstn services so let's begin

so let's begin the network designer's role in voice

the network designer's role in voice solutions is very important because

solutions is very important because regardless of the infrastructure vendor

regardless of the infrastructure vendor voice transport scenarios

voice transport scenarios often suffer from poor planning and

often suffer from poor planning and implementation

implementation most large organizations choose their

most large organizations choose their voice architecture including

voice architecture including pstn and pbx solutions

pstn and pbx solutions based on the financial stability

based on the financial stability of the manufacturer

of the manufacturer the support level they offer

the support level they offer and the competitive pricing of the

and the competitive pricing of the hardware

hardware software

software and maintenance components

and maintenance components cisco is one of the main providers of

cisco is one of the main providers of emerging integrated voice and video

emerging integrated voice and video solutions

when human voice is transported digitally over a network infrastructure

digitally over a network infrastructure a process of analog to digital

a process of analog to digital conversion takes place

conversion takes place the most common conversion mechanism is

the most common conversion mechanism is pcm pulse code

pcm pulse code modulation

modulation this is the process

this is the process of digitizing analog voice signals

of digitizing analog voice signals as you see here

during the pcm process the following things occur

things occur excess noise is filtered so the only

excess noise is filtered so the only basic human voice frequency is captured

basic human voice frequency is captured a process called

a process called pam or pulse amplitude modulation

pam or pulse amplitude modulation is used to sample the analog signal the

is used to sample the analog signal the signal is digitized and transposed into

signal is digitized and transposed into a series of ones and zeros this process

a series of ones and zeros this process includes quantizing the signal and

includes quantizing the signal and companding that is compressing and

companding that is compressing and expanding the signal

expanding the signal pstn and pbx are traditionally the main

pstn and pbx are traditionally the main processes of providing voice services

processes of providing voice services throughout the industry

throughout the industry pstn is a network that provides

pstn is a network that provides residential telephony services while pbx

residential telephony services while pbx provides telephony services to users

provides telephony services to users within an organization

within an organization pbx's are business phone systems that

pbx's are business phone systems that offer the following features

offer the following features call forwarding call transferring

call forwarding call transferring call parking

call parking conference calls music on hold

conference calls music on hold call history and voicemail

call history and voicemail most pbxs are digital devices that are

most pbxs are digital devices that are used in the private sector

used in the private sector and are miniature versions of phone

and are miniature versions of phone switches

switches they can scale to thousands of phones

they can scale to thousands of phones within a company

within a company a downside of pbx technology for from an

a downside of pbx technology for from an administrator

administrator point of view

point of view is that it is generally difficult to

is that it is generally difficult to configure and maintain

configure and maintain and each vendor has a unique

and each vendor has a unique configuration process so

configuration process so special training is required when

special training is required when working with a new pbx solution

working with a new pbx solution pbx systems also connect and link to

pbx systems also connect and link to remote offices and branch offices that

remote offices and branch offices that include their own pbx systems

include their own pbx systems one of the advantages of using such a

one of the advantages of using such a technology is that phone calls between

technology is that phone calls between the same business phone systems are free

the same business phone systems are free because the entire infrastructure is

because the entire infrastructure is owned by the company

owned by the company call savings are also included

call savings are also included from the fact that the company does not

from the fact that the company does not use the entire trunk to the pstn

use the entire trunk to the pstn usually the number of phones in an

usually the number of phones in an organization is much greater than the

organization is much greater than the actual trunk size

actual trunk size or the overall call volume to the pstn

or the overall call volume to the pstn pstn is composed of a group of digital

pstn is composed of a group of digital devices used in the public sector

devices used in the public sector offered by telecommunications companies

offered by telecommunications companies pstn switches are used to connect

pstn switches are used to connect residential telephones to business users

residential telephones to business users pstns generally use open standard

pstns generally use open standard protocols for control and transparent

protocols for control and transparent communication between telephones

communication between telephones circuits switches and pbx systems pstns

circuits switches and pbx systems pstns can even link to other pstns pbx systems

can even link to other pstns pbx systems or telephones

or telephones as in pbx systems pstns aggregate t1 and

as in pbx systems pstns aggregate t1 and e1 circuits

e1 circuits but they can scale up to hundreds of

but they can scale up to hundreds of thousands of phones

thousands of phones pstns connect business pbx systems using

pstns connect business pbx systems using switches located in

switches located in telecommunication

telecommunication companies premises

companies premises the following figure is an example of an

the following figure is an example of an organization with multiple locations

organization with multiple locations that use a voice system based on pbx and

that use a voice system based on pbx and pstn technologies

pstn technologies the headquarters location has a pbx that

the headquarters location has a pbx that connects to the pstn on the outside as

connects to the pstn on the outside as well as many phones and fax machines

well as many phones and fax machines inside the network

inside the network the connection between the local pbx and

the connection between the local pbx and the pstn

the pstn can be based on one or more

can be based on one or more t1 or e1 lines

t1 or e1 lines the internal network can support a

the internal network can support a greater number of phones than the number

greater number of phones than the number of phone calls supported by the t1 or e1

of phone calls supported by the t1 or e1 line

line the reason for this is that not everyone

the reason for this is that not everyone will use the telephone at the same time

will use the telephone at the same time and some of the phone calls will be

and some of the phone calls will be between internal phones

between internal phones the regional office location also uses a

the regional office location also uses a pbx system

pbx system to connect to the pstn and it aggregates

to connect to the pstn and it aggregates a few user phones

a few user phones the branch and remote offices do not use

the branch and remote offices do not use a pbx system

a pbx system because they use very few devices

because they use very few devices which do not need special features

which do not need special features and they can connect directly to a pstn

and they can connect directly to a pstn switch

switch the branch and home office users can

the branch and home office users can have

have phone conversations with users

phone conversations with users at the headquarters or regional offices

at the headquarters or regional offices because they are all connected

because they are all connected to the

to the pstn the headquarters or the regional

pstn the headquarters or the regional office were located on the same campus

office were located on the same campus the pbx systems could have been

the pbx systems could have been connected directly through a pbx tie

connected directly through a pbx tie trunk

trunk without any link to the pstn

the connections from the internal phones to the local pbx system are also called

to the local pbx system are also called station lines

station lines the connection that connects the pstn

the connection that connects the pstn switches is called a pstn switch trunk

switches is called a pstn switch trunk voice systems also use different kinds

voice systems also use different kinds of signaling between system nodes such

of signaling between system nodes such as the following

as the following signaling between the internal phones

signaling between the internal phones and the pbx

and the pbx signaling between the pbx and the pb

signaling between the pbx and the pb pstn switch

pstn switch signaling between pstn switches

signaling between pstn switches and signaling between pbx systems

and signaling between pbx systems trunks

trunks generally use a special type of

generally use a special type of signaling called common channel

signaling called common channel signaling ccs

signaling ccs that can be divided into the following

that can be divided into the following types of signaling

types of signaling e1 signaling

e1 signaling dpn ss signaling

dpn ss signaling isdn signaling

isdn signaling qcig signaling and ss7 signaling

qcig signaling and ss7 signaling the way pstns use their numbering plans

the way pstns use their numbering plans defines the fundamental basis for

defines the fundamental basis for routing voice calls through the pstn

routing voice calls through the pstn switch

switch matrix the north american numbering plan

matrix the north american numbering plan is also known as nanp or the oneplus 10

is also known as nanp or the oneplus 10 plan the format for this numbering plan

plan the format for this numbering plan is as follows

is as follows where n is any number between 2 and 9

where n is any number between 2 and 9 and x is any number between 0 and 9.

and x is any number between 0 and 9. the number is split into the following

the number is split into the following three parts

three parts the first group of numbers represents

the first group of numbers represents the area code

the area code the second group of numbers represents

the second group of numbers represents the prefix

the prefix and the final four digits

and the final four digits represent the line number

the way phone numbers are represented determines the way they are routed

determines the way they are routed across the pstn and this is similar to

across the pstn and this is similar to the ip address representation scheme

the ip address representation scheme that determines ip routing mechanisms

that determines ip routing mechanisms pstn offers a wide variety of services

pstn offers a wide variety of services to organizations the most important

to organizations the most important services are as follows

services are as follows call center services

call center services which represent a combination of

which represent a combination of automated systems and individuals that

automated systems and individuals that take inbound calls for a wide variety of

take inbound calls for a wide variety of customer service needs

customer service needs centric solutions these are specialized

centric solutions these are specialized business solutions that can be

business solutions that can be outsourced to different organizations

outsourced to different organizations that cannot afford investing in their

that cannot afford investing in their own solution

own solution virtual private voice networks

virtual private voice networks pstn ambulance emulates pbx to pbx

pstn ambulance emulates pbx to pbx connections

connections in order to form a private network of

in order to form a private network of pbx systems

pbx systems interactive voice response this

interactive voice response this technique allows automatic response

technique allows automatic response schemes to be applied when customer

schemes to be applied when customer when customers call special numbers and

when customers call special numbers and finally voicemail

finally voicemail voicemail systems allow callers to

voicemail systems allow callers to record voice messages

so here's what you've learned you've received an overview of traditional

received an overview of traditional voice systems you've dug into detail

voice systems you've dug into detail about the importance of pbx and how it

about the importance of pbx and how it works

works we talked about telephony signaling and

we talked about telephony signaling and then the public switch telephone network

then the public switch telephone network numbering plan and services

numbering plan and services all this information will be very

all this information will be very helpful for you

helpful for you in your ccda exam good luck in your

in your ccda exam good luck in your studies

hi this is david voss ccie-113 and in this video you are going to learn

and in this video you are going to learn about integrated voice and telephony

about integrated voice and telephony systems

systems for the ccda exam

for the ccda exam so obviously we will focus in on the

so obviously we will focus in on the design aspect of video and voice

design aspect of video and voice we will specifically look at the

we will specifically look at the deployment models

deployment models and then voip control and transport

and then voip control and transport protocols and then finally because it's

protocols and then finally because it's likely you will be asked we will cover

likely you will be asked we will cover h323 protocols

h323 protocols so let's begin

so let's begin network designers must be aware of the

network designers must be aware of the following ip telephony deployment models

following ip telephony deployment models single site design

single site design multi-site centralized when call

multi-site centralized when call processing design

processing design multi-site distributed wan call

multi-site distributed wan call processing design

processing design internet ip telephony design

internet ip telephony design and call manager express deployment

and call manager express deployment the single site deployment model is used

the single site deployment model is used by enterprises that own a single large

by enterprises that own a single large building or a campus area with no voice

building or a campus area with no voice technologies being transported on the

technologies being transported on the wan links

wan links a single call manager node is deployed

a single call manager node is deployed at the enterprise campus server farm

at the enterprise campus server farm block

block the main component of a single site ip

the main component of a single site ip telephony solution is the call manager

telephony solution is the call manager node

node this is actually a server platform that

this is actually a server platform that can be installed on a wide variety of

can be installed on a wide variety of hardware devices

hardware devices the cisco ip telephony application

the cisco ip telephony application server is a high availability server

server is a high availability server platform

platform purchased by the company to be used as a

purchased by the company to be used as a platform for the cisco call manager

platform for the cisco call manager solution

solution cisco offers a compatibility matrix that

cisco offers a compatibility matrix that helps customers choose

helps customers choose the appropriate hardware platform that

the appropriate hardware platform that will be used with call manager

will be used with call manager implementation

implementation the call manager application system

the call manager application system brings enterprise telephony

brings enterprise telephony functionality and offers advanced

functionality and offers advanced features to various telephony devices

features to various telephony devices such as ip telephones

such as ip telephones media processing devices and voice over

media processing devices and voice over ipa gateways

ipa gateways other components of the single site ip

other components of the single site ip telephony design are ip telephones and

telephony design are ip telephones and switches that have inline power

switches that have inline power functionality power over ethernet

functionality power over ethernet used to power the ip phones

used to power the ip phones voice enabled routers are also present

voice enabled routers are also present in the design and they are usually

in the design and they are usually located in the same physical location

located in the same physical location with all the other devices presented

with all the other devices presented previously

previously next let's talk about multi-site

next let's talk about multi-site centralized design

centralized design centralized ip telephony is a low-cost

centralized ip telephony is a low-cost design for medium-sized enterprises

design for medium-sized enterprises that have one large location and

that have one large location and multiple remote sites

multiple remote sites the central location hosts the cisco

the central location hosts the cisco communications manager server

communications manager server in all the important applications

in all the important applications the remote locations host only voice

the remote locations host only voice switches and ip telephones

switches and ip telephones this design allows remote

this design allows remote site ip telephony functionality to be

site ip telephony functionality to be controlled from a central location

controlled from a central location without the need for a dedicated call

without the need for a dedicated call manager at each location

manager at each location all the features are managed from the

all the features are managed from the centralized site

centralized site the call manager node is deployed only

the call manager node is deployed only at the central location

at the central location and includes a multi-server cluster

and includes a multi-server cluster redundant architecture

redundant architecture the remote site ip phones register with

the remote site ip phones register with the call manager

the call manager from the main site

from the main site the pstn connection is also hosted by

the pstn connection is also hosted by the central site

the central site and the voice enabled router is

and the voice enabled router is connected through the wind to each

connected through the wind to each remote location

remote location the remote site office uses ip

the remote site office uses ip connectivity to connect to the central

connectivity to connect to the central site through the wan connection

site through the wan connection and to access all the ip telephony

and to access all the ip telephony services

services since the ip phones convert voice to ip

since the ip phones convert voice to ip the remote site router does not have to

the remote site router does not have to include any special capability

include any special capability however the router located in the

however the router located in the central location

central location must be a voice enabled router because

must be a voice enabled router because it also connects to the

it also connects to the pstn remote sites may use voice enabled

pstn remote sites may use voice enabled gateway routers with survivable remote

gateway routers with survivable remote site telephony functionality

site telephony functionality that allows them to function even if the

that allows them to function even if the connection to the central site is down

connection to the central site is down next let's talk about multi-site

next let's talk about multi-site distributed design

distributed design the multi-site distributed architecture

the multi-site distributed architecture is a solution used by large enterprises

is a solution used by large enterprises that have several large locations

that have several large locations this design involves deploying several

this design involves deploying several call manager clusters for redundancy

call manager clusters for redundancy which can include one cluster per site

which can include one cluster per site or several clusters only in the large

or several clusters only in the large sites

sites inner cluster trunks are configured to

inner cluster trunks are configured to establish communications between call

establish communications between call manager

manager nodes this deployment model is similar

nodes this deployment model is similar to the multi-site centralized deployment

to the multi-site centralized deployment type

type with ip phones

with ip phones and voice enabled switches installed at

and voice enabled switches installed at every site

every site this solution is very flexible and

this solution is very flexible and allows voice application services

allows voice application services to be deployed in a single location or

to be deployed in a single location or in every location that has a call

in every location that has a call manager cluster

manager cluster internet ip telephony is another design

internet ip telephony is another design type commonly used and it involves

type commonly used and it involves connecting the central and remote sites

connecting the central and remote sites through an isp

through an isp this ensures end-to-end ip telephony

this ensures end-to-end ip telephony across all sites

across all sites in addition there is no pstn connection

in addition there is no pstn connection at any of the enterprise sites

at any of the enterprise sites the central site still hosts the call

the central site still hosts the call manager node in application servers

manager node in application servers but regular routers are used in all

but regular routers are used in all network locations because of the lack of

network locations because of the lack of connectivity to the pstn

connectivity to the pstn all the intersight links are plain ip

all the intersight links are plain ip connections another difference from the

connections another difference from the centralized ip telephony design

centralized ip telephony design is that all the enterprise sites have

is that all the enterprise sites have their own call manager node

their own call manager node for proper voice traffic to cross

for proper voice traffic to cross between sites

between sites the isp must ensure a proper connection

the isp must ensure a proper connection with low latency and delay

with low latency and delay this can be enforced through a strict

this can be enforced through a strict sla when signing

sla when signing the internet connectivity contract

the call manager express deployment provides companies with the express

provides companies with the express version of cisco call manager

version of cisco call manager unity and contact center solutions

unity and contact center solutions call manager express and cisco unity

call manager express and cisco unity express can be installed on routers to

express can be installed on routers to provide limited functionalities of the

provide limited functionalities of the communications manager solution

communications manager solution pstn connectivity can be offered by a

pstn connectivity can be offered by a dedicated gateway router or by the cme

dedicated gateway router or by the cme router to further reduce costs

cisco call manager express supports a limited number of users

limited number of users as opposed to the enterprise level

as opposed to the enterprise level solution that can scale up to tens of

solution that can scale up to tens of thousands of users

thousands of users this is a lower cost solution for small

this is a lower cost solution for small branch offices

branch offices network designers should understand the

network designers should understand the protocols that are used for voip control

protocols that are used for voip control and transport the most important

and transport the most important protocols are

dhcp which is used to establish ip

which is used to establish ip configuration parameters for ip phones

configuration parameters for ip phones dns

dns which obtains ip addresses for the tftp

which obtains ip addresses for the tftp servers that will provide the

servers that will provide the configuration files

configuration files tftp

tftp sccp which is the skinny call control

sccp which is the skinny call control protocol

protocol used for call establishment

used for call establishment rtp

rtp which is used for voice stream or voice

which is used for voice stream or voice station to station traffic in ongoing

station to station traffic in ongoing calls

calls rtcp

rtcp which is used for voip call control

which is used for voip call control mgcp

mgcp which is used for call establishment

which is used for call establishment with gateways h323

with gateways h323 which is another call establishment

which is another call establishment protocol

protocol and sip

and sip which is session initiation protocol

which is session initiation protocol which is an alternative multimedia

which is an alternative multimedia framework to h323

now referring to h323 that is implemented in terminals such as ip

implemented in terminals such as ip phones

phones workstations

workstations with soft phones installed

with soft phones installed gateways

gateways gatekeepers and other conferencing

gatekeepers and other conferencing software

software the h323 standard uses the following

the h323 standard uses the following protocols to ensure its functionality

protocols to ensure its functionality q931 for call setup

q931 for call setup h.225 for signaling

h.225 for signaling h.245 for control

h.245 for control and h.255 for registration admission and

and h.255 for registration admission and status

status so here's what you've learned you've

so here's what you've learned you've learned about the deployment models for

learned about the deployment models for voice and video and then voip control

voice and video and then voip control and transport protocols

and transport protocols and then finally h323 protocols all of

and then finally h323 protocols all of these are fair game on the ccda exam

these are fair game on the ccda exam and if you know this video well i'm sure

and if you know this video well i'm sure you'll do

you'll do very well on this portion

very well on this portion of the exam good luck in your studies

and in this video you're going to learn about integrated video systems

about integrated video systems specifically

specifically we're going to do an overview of

we're going to do an overview of multimedia traffic design

multimedia traffic design then we'll talk about video formats

then we'll talk about video formats and then finally video design

and then finally video design considerations and challenges you may

considerations and challenges you may face but certainly all this information

face but certainly all this information you'll need to know for your ccda exam

you'll need to know for your ccda exam so let's begin

so let's begin video traffic has the same requirements

video traffic has the same requirements and design consideration as voice

and design consideration as voice traffic

traffic voice and video applications can be

voice and video applications can be grouped in the multimedia traffic

grouped in the multimedia traffic category and in many cases they should

category and in many cases they should be treated similarly by network devices

be treated similarly by network devices this involves ensuring the necessary

this involves ensuring the necessary bandwidth and providing low delay jitter

bandwidth and providing low delay jitter and packet loss

and packet loss media applications underwent a

media applications underwent a significant development process

significant development process regarding ip networks

regarding ip networks resulting in many different combinations

resulting in many different combinations of audio video and data media

of audio video and data media video streams can range from low

video streams can range from low definition webcams to high definition

definition webcams to high definition enterprise level video conferencing

enterprise level video conferencing systems

systems as demand for quality video increases

as demand for quality video increases network infrastructure requirements must

network infrastructure requirements must also increase

also increase companies might have another source of

companies might have another source of media streams on their network in the

media streams on their network in the form of unmanaged not business critical

form of unmanaged not business critical applications

applications in response to the explosion of media

in response to the explosion of media content and applications

content and applications network designers must revise their

network designers must revise their media application provisioning strategy

media application provisioning strategy without a properly selected strategy the

without a properly selected strategy the network infrastructure might not support

network infrastructure might not support all the multimedia traffic that is

all the multimedia traffic that is demanded by users

demanded by users and the network could easily become

and the network could easily become congested

congested common high resolution video formats

common high resolution video formats include 720i

include 720i 720p

720p 1080i and 1080p

1080i and 1080p the numerical value of the format

the numerical value of the format represents the number of rows in the

represents the number of rows in the frame

frame high definition video uses a 16 by 9

high definition video uses a 16 by 9 aspect ratio

aspect ratio which results in

which results in 1920 columns

1920 columns the most common video formats and

the most common video formats and typical bandwidth usages are summarized

typical bandwidth usages are summarized here

and you would do well to pause the video at this point and study this make sure

at this point and study this make sure you memorize it for your ccda exam

you memorize it for your ccda exam now we we reviewed at a high level how

now we we reviewed at a high level how video impacts the network but let's get

video impacts the network but let's get a little bit more granular so you can

a little bit more granular so you can understand how it specifically applies

understand how it specifically applies to network design

to network design and to do that we need to get a bit more

and to do that we need to get a bit more granular on the technical details of

granular on the technical details of video and what you need to take in

video and what you need to take in account when designing for video

account when designing for video there are three types of video solutions

there are three types of video solutions h323

h323 cisco unified video advantage and cisco

cisco unified video advantage and cisco telepresence

telepresence with h323

with h323 multiple third parties offer h.323 video

multiple third parties offer h.323 video conferencing systems

conferencing systems which can be used to set up a video

which can be used to set up a video conference over an ip or isdn network

conference over an ip or isdn network the cisco unified video advantage

the cisco unified video advantage product uses a pc video camera and a

product uses a pc video camera and a cisco ip phone

cisco ip phone as a video conferencing station now when

as a video conferencing station now when a voice call is placed between two users

a voice call is placed between two users running the cisco unified video

running the cisco unified video advantage product

advantage product a video call can automatically be

a video call can automatically be started

started with a video appearing on each user's pc

with a video appearing on each user's pc finally the cisco telepresence

finally the cisco telepresence this solution uses cd quality audio

this solution uses cd quality audio and high definition video

and high definition video displayed on large monitors to create

displayed on large monitors to create lifelike video conferences

now due to the bandwidth intensive and latency sensitive nature of video

latency sensitive nature of video consider the following when designing or

consider the following when designing or troubleshooting a video network

troubleshooting a video network like voice video packets need to be

like voice video packets need to be allocated an appropriate amount of

allocated an appropriate amount of bandwidth and treated with high priority

bandwidth and treated with high priority the following are qos metrics that cisco

the following are qos metrics that cisco recommends for various types of video

recommends for various types of video applications

applications one-way delay should be between 150

one-way delay should be between 150 millisecond and 500 milliseconds maximum

millisecond and 500 milliseconds maximum now please note for cisco telepresence

now please note for cisco telepresence it should be closer to 150 milliseconds

it should be closer to 150 milliseconds maximum

maximum cisco unified video advantage can be

cisco unified video advantage can be around 200 milliseconds and video

around 200 milliseconds and video surveillance can be up to 500

surveillance can be up to 500 millisecond maximum

millisecond maximum now regardless for jitter and packet

now regardless for jitter and packet loss

loss regardless of whether or not it's cisco

regardless of whether or not it's cisco unified video advantage

unified video advantage cisco telepresence or video surveillance

cisco telepresence or video surveillance all three platforms

all three platforms should be no greater than 10 millisecond

should be no greater than 10 millisecond maximum regard with regards to jitter

maximum regard with regards to jitter and 0.05 percent maximum packet loss

now if you're going to design for video you're going to have to understand the

you're going to have to understand the basics of multicast

basics of multicast the complete multicast topic itself is

the complete multicast topic itself is beyond the scope of this video

beyond the scope of this video but certain things you simply will need

but certain things you simply will need to know for the exam

to know for the exam and you can count on the fact that

and you can count on the fact that you're going to need to understand that

you're going to need to understand that there are three versions of igmp

there are three versions of igmp however only two versions are in wide

however only two versions are in wide scale deployment first is igmp version

scale deployment first is igmp version 1.

1. when a pc wants to join a multicast

when a pc wants to join a multicast group it sends an igmp report message to

group it sends an igmp report message to the router

the router letting the router know that it wants to

letting the router know that it wants to receive traffic for a specific group now

receive traffic for a specific group now every 60 seconds by default the router

every 60 seconds by default the router sends an igmp query message to determine

sends an igmp query message to determine if the pc

if the pc still wants to belong to the group

still wants to belong to the group there can be up to three a three minute

there can be up to three a three minute delay before the time the router

delay before the time the router realizes that the receiver has left the

realizes that the receiver has left the group

group the destination address of this router

the destination address of this router query is 224.0.0.1

which addresses all ip multicast hosts now there is also igmp version 2 version

now there is also igmp version 2 version 2 is similar to version 1 except that

2 is similar to version 1 except that version 2 can send queries to a specific

version 2 can send queries to a specific group

group and a leave message is supported

and a leave message is supported specifically a receiver can proactively

specifically a receiver can proactively send a leave message when it no longer

send a leave message when it no longer wants to participate

wants to participate in a multicast group

in a multicast group allowing the router to prune its

allowing the router to prune its interface earlier in an environment with

interface earlier in an environment with a version 2 router and a mixture of

a version 2 router and a mixture of version 1 and version 2 receivers

version 1 and version 2 receivers the version 1 receivers respond normally

the version 1 receivers respond normally to version 1 or version 2 however

to version 1 or version 2 however a version 2 router must ignore any leave

a version 2 router must ignore any leave message

message while version 1 receivers are present

while version 1 receivers are present because if the router processed the

because if the router processed the version 2 leave message it would send a

version 2 leave message it would send a group specific query

group specific query which would not be correctly interpreted

which would not be correctly interpreted by a version 1 receiver

if you're going to effectively troubleshoot video you need to

troubleshoot video you need to understand the concept of distribution

understand the concept of distribution trees

trees to combat the issue of receiving

to combat the issue of receiving duplicate packets cisco routers perform

duplicate packets cisco routers perform a reverse path forwarding check to

a reverse path forwarding check to determine

determine if a multicast packet is entering a

if a multicast packet is entering a router on the appropriate interface

router on the appropriate interface an rpf check examines the source address

an rpf check examines the source address of an incoming packet and checks it

of an incoming packet and checks it against the router's unicast routing

against the router's unicast routing table to see what interface should be

table to see what interface should be used to get back to the source network

used to get back to the source network if the incoming multicast packet is

if the incoming multicast packet is using that interface the rpf check

using that interface the rpf check passes and the packet is forwarded

passes and the packet is forwarded if the multicast packet is coming in on

if the multicast packet is coming in on a different interface the rpf check

a different interface the rpf check fails and the packet is discarded

fails and the packet is discarded multicast traffic flows from a source to

multicast traffic flows from a source to a destination

a destination over a distribution tree which is a loop

over a distribution tree which is a loop free path

free path now there are two types of distribution

now there are two types of distribution trees

trees a source distribution tree

this creates an optimal path between each source router and each last hop

each source router and each last hop router

router and then there's a shared distribution

and then there's a shared distribution tree

tree this creates a tree from a central

this creates a tree from a central rendezvous point or rp

rendezvous point or rp to all last top routers now please note

to all last top routers now please note cisco routers can use the protocol

cisco routers can use the protocol independent multicast protocol or pim

independent multicast protocol or pim to construct ip multicast distribution

to construct ip multicast distribution trees

trees pims protocol independence means that it

pims protocol independence means that it can run over any ip network

can run over any ip network regardless of the underlying unicast

regardless of the underlying unicast routing protocol

so here's what you've learned you received an overview of multimedia

received an overview of multimedia traffic design

traffic design we talked about the unique video formats

we talked about the unique video formats and then design considerations you need

and then design considerations you need to take into account whether preparing

to take into account whether preparing for the ccda exam or actually designing

for the ccda exam or actually designing video for your own network

video for your own network good luck in your studies

hi this is david voss ccie 11372 and in this video you're going to receive an

this video you're going to receive an introduction to wireless lans

introduction to wireless lans specifically we're going to do an

specifically we're going to do an overview of wireless lans talk about

overview of wireless lans talk about wireless lan components

wireless lan components we'll talk about the 802.11 standard in

we'll talk about the 802.11 standard in the osi model how it fits in the osi

the osi model how it fits in the osi model

model then max sub layer coordination how that

then max sub layer coordination how that applies to wireless 802.11 frame types

applies to wireless 802.11 frame types and finally

and finally wireless lan standards

wireless lan standards so wireless lans provide network

so wireless lans provide network connectivity almost anywhere surely you

connectivity almost anywhere surely you use wireless lans if

use wireless lans if if you're in technology surely you're

if you're in technology surely you're using them whether it's your mobile

using them whether it's your mobile phone or your laptop

phone or your laptop whether you're at a coffee shop or at

whether you're at a coffee shop or at your place of business doing byod

your place of business doing byod wireless lands typically can be

wireless lands typically can be implemented at much less cost than

implemented at much less cost than traditional wired lands the wired

traditional wired lands the wired infrastructure is of course based on the

infrastructure is of course based on the 802.3 standards

802.3 standards but a wireless network uses radio waves

but a wireless network uses radio waves to transmit data and can and to connect

to transmit data and can and to connect devices

devices so as you surely know our wireless

so as you surely know our wireless network uses radio waves to transmit

network uses radio waves to transmit data and connect devices

wireless lans are defined by the 802.11 standards

standards now some additional advantages of

now some additional advantages of wireless lans over wired lands include

wireless lans over wired lands include the following

the following monetary cost

monetary cost flexibility uh that you allow users to

flexibility uh that you allow users to roam in places where they normally

roam in places where they normally cannot or uh use their devices in places

cannot or uh use their devices in places they always wish they could

they always wish they could load distribution

load distribution and finally redundancy and we'll get

and finally redundancy and we'll get into this in a little bit but

into this in a little bit but using these wireless access points

using these wireless access points multiple wireless access points

multiple wireless access points in one area can provide redundancy and

in one area can provide redundancy and load distribution at a much more

load distribution at a much more affordable cost

affordable cost than wired lands

now there are there are certain components

components that make up wireless lands and let's

that make up wireless lands and let's start with the client

start with the client uh specifically you or any of our

uh specifically you or any of our customers

customers clients are basically

clients are basically an appliance that interfaces with the

an appliance that interfaces with the wireless medium now again that could be

wireless medium now again that could be a mobile device it could be a laptop it

a mobile device it could be a laptop it could be a tablet

could be a tablet it could be a pc but it's basically a

it could be a pc but it's basically a device that operates as an end user

device that operates as an end user device

an access point functions as a bridge basically between the end points

basically between the end points and the existing network backbone

and the existing network backbone so the access point is what the

so the access point is what the endpoints are actually communicating

endpoints are actually communicating with and as they roam they may change

with and as they roam they may change access points throughout the building

access points throughout the building but the access points are actually what

but the access points are actually what are getting them access

are getting them access to the network

to the network as you can see in this picture access

as you can see in this picture access points come in many different shapes and

points come in many different shapes and sizes these are just a few examples of

sizes these are just a few examples of access points

access points the distribution system plays a key role

the distribution system plays a key role in communications between the customer

in communications between the customer who's trying to get on the wireless

who's trying to get on the wireless network

network and the major wireless lan components

and the major wireless lan components that are actually switching routing the

that are actually switching routing the traffic

traffic the distribution system allows for the

the distribution system allows for the interconnection of the aps of multiple

interconnection of the aps of multiple cells

cells think of your organization if you have

think of your organization if you have one area that's considered a lab and

one area that's considered a lab and it's a wireless lab and that ultimately

it's a wireless lab and that ultimately needs to communicate with marketing on

needs to communicate with marketing on the eighth floor there's you're going to

the eighth floor there's you're going to need a distribution system to

need a distribution system to communicate between those two locations

communicate between those two locations the wireless distribution system allows

the wireless distribution system allows you to connect multiple access points

you to connect multiple access points so with wireless distribution systems

so with wireless distribution systems aps can communicate with one another

aps can communicate with one another without wires in a standardized way now

without wires in a standardized way now that being said distributions could be

that being said distributions could be wired or integrated but this capability

wired or integrated but this capability of communications between access points

of communications between access points is absolutely critical in providing a

is absolutely critical in providing a seamless experience for roaming clients

seamless experience for roaming clients and for managing multiple wireless

and for managing multiple wireless networks it can also simplify the

networks it can also simplify the network infrastructure by reducing the

network infrastructure by reducing the amount of cabling required

amount of cabling required another concept you need to understand

another concept you need to understand is the basic service set

is the basic service set the wireless architecture

the wireless architecture divides the system into cells referred

divides the system into cells referred to as basic service set

to as basic service set and it's controlled by a base station or

and it's controlled by a base station or more commonly an access point

more commonly an access point now an extended service set is a set of

now an extended service set is a set of connected bss

connected bss and then there's the independent basic

and then there's the independent basic service set which is a wireless network

service set which is a wireless network consisting of at least

consisting of at least two endpoints and no distribution system

two endpoints and no distribution system so

so let's draw this out

let's draw this out so we can get a better understanding

so we can get a better understanding of what we learned thus far

of what we learned thus far so

so in any wireless implementation you're

in any wireless implementation you're going to have endpoints that need to

going to have endpoints that need to connect so for example here's a laptop

connect so for example here's a laptop that is connecting to the wireless

that is connecting to the wireless network it connects to the wireless

network it connects to the wireless network through an access point

network through an access point the access point is sending out

the access point is sending out the radio waves which are being received

the radio waves which are being received by the laptop

by the laptop the laptop endpoint

the laptop endpoint then connects onto the wireless network

then connects onto the wireless network assuming it has the proper security

assuming it has the proper security configurations

configurations and it can then

and it can then reach the network

reach the network now access points can communicate not

now access points can communicate not only with laptops but again mobile

only with laptops but again mobile phones

and you can think of this as a basic service set

now let's say in a different area we have

let's say in a different area we have another access point

another access point which is also serving customers or users

and this again could be a server it could be a workstation could be a

could be a workstation could be a printer

printer but regardless it's servicing endpoints

but regardless it's servicing endpoints it's a different implementation

it's a different implementation different part of the building or a

different part of the building or a different building altogether but this

different building altogether but this is another basic service set

so how do these two basic service sets communicate

communicate well they use as you as you have already

well they use as you as you have already learned they use a distribution system

these two ds's can uplink in many ways via wireless or

can uplink in many ways via wireless or in this case they were looking here's a

in this case they were looking here's a wired connection

wired connection this is the distribution system

this is the distribution system that is allowing these two separate

that is allowing these two separate wireless implementations or basic

wireless implementations or basic service sets to communicate

now if we look at the big picture both of these basic service sets and the

of these basic service sets and the distribution system

distribution system the big picture this is the extended

the big picture this is the extended service set

service set this includes all of the wireless

this includes all of the wireless equipment and any equipment used to

equipment and any equipment used to connect the wireless equipment together

the ieee 802 standards define two separate layers for the data link of the

separate layers for the data link of the osi model as you know these two layers

osi model as you know these two layers are the llc and the mac sub layers

are the llc and the mac sub layers the 802.11 standards cover the operation

the 802.11 standards cover the operation of the max sublayer and the physical

of the max sublayer and the physical layer

layer the 802.11 frame consists of a 32 byte

the 802.11 frame consists of a 32 byte mac header variable length and a frame

mac header variable length and a frame check sequence

there are two types of coordinated functions

functions used to ensure collision free access on

used to ensure collision free access on a wireless network

a wireless network first distributed coordinated

first distributed coordinated coordination function

coordination function the mac sub layer technique employs the

the mac sub layer technique employs the well-known csma-ca to avoid collisions

well-known csma-ca to avoid collisions it's used to manage access to the radio

it's used to manage access to the radio frequency medium and it's composed of

frequency medium and it's composed of the following two main components inner

the following two main components inner frame spaces and random back off

frame spaces and random back off and then there's point coordination

and then there's point coordination function and the pcf is used by the ap

function and the pcf is used by the ap to coordinate communications

to coordinate communications with the wireless network

with the wireless network the 802.11 standard uses three main

the 802.11 standard uses three main types of frames control frames

types of frames control frames to control access to the medium

to control access to the medium management frames to enable stations to

management frames to enable stations to establish and maintain communications

establish and maintain communications and then data frames sent by any

and then data frames sent by any endpoint

endpoint and these contain higher layer protocol

and these contain higher layer protocol information or data

now there are many 802.11 standards but you should definitely know of these and

you should definitely know of these and you probably already do know many of

you probably already do know many of them these standards have been rolled

them these standards have been rolled out over the years and you've been on

out over the years and you've been on many of these networks

many of these networks whether it's in your home or at your

whether it's in your home or at your local coffee shop or at work

local coffee shop or at work the initial 802.11 standard was serviced

the initial 802.11 standard was serviced up to 2 megabits per second at this

up to 2 megabits per second at this point we're at the 802.11 n standard

point we're at the 802.11 n standard which theoretically can provide up to

which theoretically can provide up to 600 megabits per second

600 megabits per second of bandwidth

so here's what you've learned you we've we've done a wireless lan overview we've

we've done a wireless lan overview we've talked about wireless lan components

talked about wireless lan components and how the 802.11 standard works with

and how the 802.11 standard works with the osi model

the osi model we've talked about max sub layer

we've talked about max sub layer coordination and how that applies to

coordination and how that applies to wireless 802.11 frame types and

wireless 802.11 frame types and finally wireless lan standards good luck

finally wireless lan standards good luck with your studies

hi this is david voss ccie11372 and in this video you're going

ccie11372 and in this video you're going to learn about the cisco unified

to learn about the cisco unified wireless solution

wireless solution specifically you're going to learn about

specifically you're going to learn about access points

access points lightweight access points and

lightweight access points and lightweight access point protocol

lightweight access point protocol wireless lan controllers

wireless lan controllers discussing both the modes that it

discussing both the modes that it operates in and the interface types and

operates in and the interface types and then mobility groups so plenty to cover

then mobility groups so plenty to cover and let's begin

and let's begin the cisco unified wireless network

the cisco unified wireless network concept includes the following elements

concept includes the following elements wireless clients this includes laptops

wireless clients this includes laptops workstations etc

workstations etc access points this provides access to

access points this provides access to the wireless network

the wireless network network management this is accomplished

network management this is accomplished through network wireless control system

through network wireless control system it's a centralized management tool that

it's a centralized management tool that allows for design and control of

allows for design and control of wireless networks

wireless networks network unification

network unification the wireless lan system needs to be able

the wireless lan system needs to be able to support wireless applications by

to support wireless applications by offering unified security policies such

offering unified security policies such as quality of service

as quality of service and rf management so the the wlc's our

and rf management so the the wlc's our wireless lan controllers offer this

wireless lan controllers offer this unified integration functionality

unified integration functionality and then network services

and then network services wireless network services are also

wireless network services are also referred to as mobility services

referred to as mobility services and include guest access or voice

and include guest access or voice services location services and even

services location services and even threat detection and mitigation

stand-alone access points are also known as autonomous access points they're

as autonomous access points they're obviously very easy to install but the

obviously very easy to install but the thing is they can be difficult to manage

thing is they can be difficult to manage in large deployments they're not as

in large deployments they're not as desirable as the lightweight access

desirable as the lightweight access points

points from cisco because they must be managed

from cisco because they must be managed individually

individually in addition different parameters must be

in addition different parameters must be configured manually on each device

configured manually on each device including ssid vlan and security

including ssid vlan and security features

features the cisco unified wireless network

the cisco unified wireless network introduced the concept of lightweight

introduced the concept of lightweight access points and wireless lan

access points and wireless lan controllers that's lwaps and wlc's

controllers that's lwaps and wlc's these two types of wireless devices

these two types of wireless devices divide responsibilities and

divide responsibilities and functionalities that an autonomous

functionalities that an autonomous access point would normally perform on

access point would normally perform on its own

its own this technology adds scalability by

this technology adds scalability by separating the wireless lan data plane

separating the wireless lan data plane from the control plane into a split mac

from the control plane into a split mac design

design lightweight access points focus only on

lightweight access points focus only on the actual rf transmissions and the

the actual rf transmissions and the necessary real-time control operations

necessary real-time control operations such as beaconing probing and buffering

such as beaconing probing and buffering now wireless lan controllers manage all

now wireless lan controllers manage all non-real-time tasks such as ssid

non-real-time tasks such as ssid management vlan management

management vlan management access point association management

access point association management authentication and quality of service

authentication and quality of service when using lightweight access points

when using lightweight access points all rf traffic they receive must first

all rf traffic they receive must first go to the wireless lan controller device

go to the wireless lan controller device that manage this manages the specific

that manage this manages the specific access point

access point this changes the way in which

this changes the way in which traditional wireless lan communication

traditional wireless lan communication works even for hosts associated to the

works even for hosts associated to the same access point

same access point the rf communication between lightweight

the rf communication between lightweight access points and wireless lan

access points and wireless lan controllers is handled

controllers is handled using the lightweight access point

using the lightweight access point protocol

protocol the lightweight access point tunnel can

the lightweight access point tunnel can operate in either layer 2 or layer 3

operate in either layer 2 or layer 3 mode

mode in layer 2 mode the access point and

in layer 2 mode the access point and wireless lan controllers share the same

wireless lan controllers share the same vlan subnet and functions

vlan subnet and functions with the lightweight access point

with the lightweight access point receiving 802.11 frames and

receiving 802.11 frames and encapsulating them inside ethernet

encapsulating them inside ethernet toward the wireless lan controller

toward the wireless lan controller when the lightweight access point tunnel

when the lightweight access point tunnel operates in layer 3 mode the lightweight

operates in layer 3 mode the lightweight access point receives 802.11 frames and

access point receives 802.11 frames and encapsulates them inside of udp toward

encapsulates them inside of udp toward the wireless lan controller

the wireless lan controller so this implies that the wireless lan

so this implies that the wireless lan controller can be anywhere as long as it

controller can be anywhere as long as it is reachable by the access point

is reachable by the access point the cisco lightweight access point

the cisco lightweight access point protocol can operate in the following

protocol can operate in the following six modes

six modes local mode

local mode reap or remote edge access point mode

reap or remote edge access point mode monitor

monitor road detector mode sniffer mode in

road detector mode sniffer mode in bridge mode

bridge mode every 180 seconds the access point

every 180 seconds the access point spends 60 milliseconds on channels on

spends 60 milliseconds on channels on which it does not operate

which it does not operate during the 60 millisecond time period

during the 60 millisecond time period the access point performs noise in

the access point performs noise in interference measurements and scans for

interference measurements and scans for intrusion detection events

intrusion detection events the reap mode allows the lightweight

the reap mode allows the lightweight access point to reside across a land

access point to reside across a land link and still be able to communicate

link and still be able to communicate with the wireless lan controller and

with the wireless lan controller and provide the functionality of a regular

provide the functionality of a regular lightweight access point

lightweight access point reap mode is not supported on all

reap mode is not supported on all lightweight access point models

lightweight access point models monitor mode is a special feature that

monitor mode is a special feature that allows lightweight access point enabled

allows lightweight access point enabled aps to exclude themselves from dealing

aps to exclude themselves from dealing with data traffic between clients

with data traffic between clients instead they act as dedicated sensors

instead they act as dedicated sensors for location based services rogue ap

for location based services rogue ap detection and for ids

detection and for ids in rd mode

in rd mode the lightweight access point monitors

the lightweight access point monitors for rogue aps

for rogue aps the road the goal of this rogue

the road the goal of this rogue detection of aps

detection of aps is to see all the vlans in the network

is to see all the vlans in the network because rogue aps can be connected to

because rogue aps can be connected to any of those vlans

sniffer mode allows the lightweight access point to capture and forward all

access point to capture and forward all the packets on a particular channel to a

the packets on a particular channel to a remote machine that is running packet

remote machine that is running packet capturing software and finally bridge

capturing software and finally bridge mode typically operates on outdoor aps

mode typically operates on outdoor aps that function in a mesh topology

that function in a mesh topology this cost effective high bandwidth

this cost effective high bandwidth wireless bridging connectivity mechanism

wireless bridging connectivity mechanism includes point-to-point or multi-point

includes point-to-point or multi-point bridging

wireless lan controllers have the following three components wireless lan

following three components wireless lan interfaces and ports the wireless lan is

interfaces and ports the wireless lan is the ssid network name

the ssid network name every wireless lan is assigned to an

every wireless lan is assigned to an interface in the wireless lan controller

interface in the wireless lan controller and each wireless lan is configured with

and each wireless lan is configured with policies for rf qs and other lan

policies for rf qs and other lan attributes

attributes the interfaces are logical connections

the interfaces are logical connections that map to a vlan on the wired network

that map to a vlan on the wired network every interface is configured with a

every interface is configured with a unique ip address default gateway

unique ip address default gateway and physical ports

and physical ports wireless lan controllers support the

wireless lan controllers support the following five interface types the

following five interface types the management interface which is used for

management interface which is used for in-band management or connect

in-band management or connect connectivity to a aaa server

connectivity to a aaa server an optional service port interface for

an optional service port interface for out of band management that is

out of band management that is statically configured

statically configured the access point manager interface used

the access point manager interface used for layer 3 discovery and association

for layer 3 discovery and association dynamic interfaces these are the vlans

dynamic interfaces these are the vlans designated for wireless lan client data

designated for wireless lan client data and virtual interfaces used for layer 3

and virtual interfaces used for layer 3 security authentication dhcp relay and

security authentication dhcp relay and management of mobility features

management of mobility features one of the main features of a wireless

one of the main features of a wireless lan solution is the user's ability to

lan solution is the user's ability to access network resources from different

access network resources from different areas

areas end users most likely move from one

end users most likely move from one location to another so designers should

location to another so designers should scale the wireless network carefully to

scale the wireless network carefully to allow for client roaming

allow for client roaming wireless roaming can be divided into the

wireless roaming can be divided into the following two categories

following two categories intra controller roaming or inter

intra controller roaming or inter controller roaming

controller roaming intracontroller roaming occurs when a

intracontroller roaming occurs when a client moves its association from one ap

client moves its association from one ap to another ap controlled by the same

to another ap controlled by the same wireless lan controller

wireless lan controller inter controller roaming can operate in

inter controller roaming can operate in either layer 2 or layer 3 mode

either layer 2 or layer 3 mode in layer two inner control roaming moves

in layer two inner control roaming moves users from ap

users from ap to ap and from wlc to wlc but they

to ap and from wlc to wlc but they remain in the same subnet

remain in the same subnet layer three inner controller roaming is

layer three inner controller roaming is more difficult to implement because

more difficult to implement because users can move from ap to ap and wlc to

users can move from ap to ap and wlc to wlc from subnet to subnet as well

wlc from subnet to subnet as well in this scenario the wireless lan

in this scenario the wireless lan controllers must be configured with

controllers must be configured with mobility groups

now speaking of mobility groups you may be tested on the following communication

be tested on the following communication ports for mobility groups

ports for mobility groups the lightweight access point protocol

the lightweight access point protocol control udp

control udp one

one two

two lightweight access point protocol data

lightweight access point protocol data udp

udp 12 222

12 222 wireless lan controller exchange

wireless lan controller exchange unencrypted messages

unencrypted messages udp

udp 16660 and wireless lan controller

16660 and wireless lan controller exchange encrypted messages

exchange encrypted messages 16667

so here's what you've learned you've learned about access points

learned about access points lightweight access points and

lightweight access points and lightweight access point protocol

lightweight access point protocol wireless lan controller modes and

wireless lan controller modes and interface types as well as mobility

interface types as well as mobility groups this gives you a good foundation

groups this gives you a good foundation for the wireless portion at least for

for the wireless portion at least for unified wireless solutions and your

unified wireless solutions and your cisco's ccda exam good luck in your

cisco's ccda exam good luck in your studies

hi this is david voss ccie 11372 and in this video we're covering wireless lan

this video we're covering wireless lan design

design we're first going to learn about

we're first going to learn about redundancy and the importance of

redundancy and the importance of redundancy in wireless design

redundancy in wireless design then you'll learn about rf groups and

then you'll learn about rf groups and then we'll also talk about mesh design

then we'll also talk about mesh design so let's begin

so let's begin wireless lan controllers can be

wireless lan controllers can be configured for dynamic or deterministic

configured for dynamic or deterministic redundancy

redundancy for deterministic redundancy the ap is

for deterministic redundancy the ap is configured with a primary secondary and

configured with a primary secondary and tertiary controller

tertiary controller this requires more upfront planning but

this requires more upfront planning but allows for better predictability and

allows for better predictability and faster failover times

faster failover times deterministic redundancy is the

deterministic redundancy is the recommended best practice n plus 1

recommended best practice n plus 1 n plus n and m plus n plus 1 are

n plus n and m plus n plus 1 are examples of deterministic redundancy

with n plus one redundancy a single wireless lan controller acts as the

wireless lan controller acts as the backup of multiple wireless lan

backup of multiple wireless lan controllers

controllers the backup wlc is configured as the

the backup wlc is configured as the secondary wlc on each ap

secondary wlc on each ap one design constraint is that the backup

one design constraint is that the backup wlc might become oversubscribed if there

wlc might become oversubscribed if there are too many failures of the primary

are too many failures of the primary controllers

controllers the secondary wlc is the backup and

the secondary wlc is the backup and controller for all aps and is normally

controller for all aps and is normally placed in the data center

with n plus n redundancy an equal number of controllers back each other up for

of controllers back each other up for example a pair of wlc's on one floor

example a pair of wlc's on one floor serves as a backup to a second pair on

serves as a backup to a second pair on another floor

another floor the top wlc is primary for ap1 and ap2

the top wlc is primary for ap1 and ap2 and the secondary for ap3 and ap4

and the secondary for ap3 and ap4 the bottom wlc is the primary for ap3

the bottom wlc is the primary for ap3 and ap4 and secondary for ap1 and ap2

and ap4 and secondary for ap1 and ap2 there should be enough capacity on each

there should be enough capacity on each controller to manage a failover

controller to manage a failover situation

situation with m plus m plus one redundancy an

with m plus m plus one redundancy an equal number of controllers back each

equal number of controllers back each other up

other up plus a backup wlc is configured as the

plus a backup wlc is configured as the tertiary

tertiary m plus m plus one redundancy functions

m plus m plus one redundancy functions the same as m plus n redundancy

the same as m plus n redundancy plus a tertiary controller that backs up

plus a tertiary controller that backs up the secondary controllers

the secondary controllers the tertiary wlc is placed in the data

the tertiary wlc is placed in the data center or network operations center

center or network operations center here is a summary of wireless lan

here is a summary of wireless lan controller redundancy it would be good

controller redundancy it would be good to memorize this in preparation for your

to memorize this in preparation for your exam

next let's talk about radio management and radio groups

and radio groups the limit of available channels in the

the limit of available channels in the ism frequencies used by ieee 802.11 bgnn

ism frequencies used by ieee 802.11 bgnn standard

standard presents challenges to the network

presents challenges to the network designer

designer there are three non-overlapping channels

there are three non-overlapping channels channels 1 6 and 11.

channels 1 6 and 11. the recommended best practice is to

the recommended best practice is to limit the number of data devices

limit the number of data devices connected to each ap to 20.

connected to each ap to 20. or not more than seven concurrent voice

or not more than seven concurrent voice over wireless lan calls using g711

over wireless lan calls using g711 an rf group is a cluster of wlc devices

an rf group is a cluster of wlc devices that coordinate their rrm calculations

that coordinate their rrm calculations rf groups are formed with the following

rf groups are formed with the following process ap send out neighbor messages

process ap send out neighbor messages over the air

over the air the message includes an encrypted shared

the message includes an encrypted shared secret that is configured on the wlc and

secret that is configured on the wlc and pushed to each ap

pushed to each ap aps sharing the same secret are able to

aps sharing the same secret are able to validate messages from each other

validate messages from each other the members in the rf group elect an rf

the members in the rf group elect an rf group leader to maintain a master power

group leader to maintain a master power and channel scheme for the rf group

and channel scheme for the rf group similar to performing an assessment for

similar to performing an assessment for a wired network design

a wired network design rf surveys are done to determine design

rf surveys are done to determine design parameters for wireless lans and

parameters for wireless lans and customer requirements

customer requirements rf site surveys help determine the

rf site surveys help determine the coverage areas and check for rf

coverage areas and check for rf interference

interference this helps determine the appropriate

this helps determine the appropriate placement of wireless aps

placement of wireless aps the rf site survey has the following

the rf site survey has the following steps

steps to find customer requirements such as

to find customer requirements such as service levels and support for voip

service levels and support for voip determine devices to support

determine devices to support obtain a facility diagram to identify

obtain a facility diagram to identify the potential rf obstacles

the potential rf obstacles visually inspect the facility to look

visually inspect the facility to look for potential barriers to the

for potential barriers to the propagation of rf signals

propagation of rf signals identify user areas that may be

identify user areas that may be intensively used such as conference

intensively used such as conference rooms

rooms in areas that are not heavily used such

in areas that are not heavily used such as stairwells

as stairwells determine preliminary ap locations which

determine preliminary ap locations which need power wired network access

need power wired network access cell coverage and overlap

cell coverage and overlap not to mention channel selection

not to mention channel selection mounting locations and antennas

mounting locations and antennas let's talk about wireless mesh for

let's talk about wireless mesh for outdoor wireless

outdoor wireless traditionally outdoor wireless solutions

traditionally outdoor wireless solutions have been limited to point-to-point

have been limited to point-to-point point to multi-point bridging between

point to multi-point bridging between buildings

buildings with these solutions each ap is wired to

with these solutions each ap is wired to the network the cisco wireless mesh

the network the cisco wireless mesh networking solution eliminates the need

networking solution eliminates the need to wire each ap

to wire each ap and allows users to roam from one area

and allows users to roam from one area to another without having to reconnect

to another without having to reconnect the wireless mesh components are shown

the wireless mesh components are shown here

here the wcs

the wcs the wlc

the wlc the rap and the map

the following are cisco recommendations for mesh design

for mesh design there is under 10 millisecond latency

there is under 10 millisecond latency per hop typically two to three

per hop typically two to three millisecond

millisecond for outdoor deployment four or fewer

for outdoor deployment four or fewer hops are recommended for best

hops are recommended for best performance with a maximum of eight

performance with a maximum of eight for indoor deployment one hop is

for indoor deployment one hop is supported

supported for best performance 20 map nodes per

for best performance 20 map nodes per wrap is recommended

wrap is recommended up to 32 maps is supported per wrap

up to 32 maps is supported per wrap throughput one hop 14 megabits per

throughput one hop 14 megabits per second two hops seven megabits per

second two hops seven megabits per second

second three hops three megabit and four hops

three hops three megabit and four hops one megabits per second

as you can see here you have five primary design items number of aps

five primary design items number of aps placement of aps

placement of aps power for aps

power for aps number of wlc's and placement of wlc's

number of wlc's and placement of wlc's the following points summarize wireless

the following points summarize wireless lan design

lan design an rf site survey is used to determine a

an rf site survey is used to determine a wireless network's rf characteristics

wireless network's rf characteristics and ap placement

and ap placement outdoor wireless networks are supported

outdoor wireless networks are supported using outdoor aps and cisco wireless

using outdoor aps and cisco wireless mesh networking aps

mesh networking aps campus wireless network design provides

campus wireless network design provides rf coverage for wireless clients in the

rf coverage for wireless clients in the campus using lwp's

campus using lwp's each ap should be limited to 20 data

each ap should be limited to 20 data devices and a data

devices and a data wireless lan

wireless lan so here's what you've learned you've

so here's what you've learned you've learned about wireless redundancy rf

learned about wireless redundancy rf groups and mesh design all are key

groups and mesh design all are key points on the ccda exam

points on the ccda exam that you will need to know

that you will need to know and be able to answer not only on your

and be able to answer not only on your exam but of course if you support

exam but of course if you support wireless in your own network good luck

wireless in your own network good luck in your studies

Click on any text or timestamp to jump to that moment in the video

Most transcripts ready in under 5 seconds

One-Click Copy125+ LanguagesSearch ContentJump to Timestamps

Paste YouTube URL

Enter any YouTube video link to get the full transcript

Most transcripts ready in under 5 seconds

Get Our Chrome Extension

Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.

Add to Chrome — Free

Works with YouTube, Coursera, Udemy and more educational platforms

Get Instant Transcripts: Just Edit the Domain in Your Address Bar!

YouTube

←

→

↻

https://www.youtube.com/watch?v=UF8uR6Z6KLc

YoutubeToText

←

→

↻

https://youtubetotext.net/watch?v=UF8uR6Z6KLc

YouTube TranscriptPreparing your results…

YouTube Transcript:Learn Network Design From Scratch - Complete 9-Hour Course

Video Transcript

Paste YouTube URL

Transcript Extraction Form

Get Our Chrome Extension

Get Instant Transcripts: Just Edit the Domain in Your Address Bar!

YouTube Transcript:
Learn Network Design From Scratch - Complete 9-Hour Course