YouTube Transcript:
Learn Network Design From Scratch - Complete 9-Hour Course
Skip watching entire videos - get the full transcript, search for keywords, and copy with one click.
Share:
Video Transcript
hi this is david voss ccie11372
ccie11372
and in this video you're going to learn
about the osi model
in preparation for your cisco ccda exam
first i will teach you about the osi
model and then i'm going to give you
some challenges within the video
so that you can make sure you've
absorbed what you need to know for the
ccda exam
let's just do a quick overview of the
osi model before we dig in
the open system interconnection
reference model
is a seven layer model used in networking
networking
the model specifies layer by layer how
information from an application on a
network device
moves from the source to the destination
using a physical medium
and then how it interacts with the
software application
on that specific network device
so the osi model defines the network
functions required for sending data and
divides them into seven unique
categories the physical layer data link
layer network layer transport layer
session layer
presentation layer and then the
application layer you're going to get to
know each of these layers in detail in
this video
the upper three layers are concerned
with application issues such as the user
interface for data formatting
and then the lower four layers relate to
transport issues such as data
transmission and the physical
characteristics of the network
the osi model is a key concept in the
networking industry and you must know it
by heart in each of the layers
in detail because it plays a very
important role in the design phase of a
network using this modular approach
obviously you need to know it as well
for for troubleshooting issues as well
so the overall goals of the
osi model are to enhance
interoperability and functionality
between different applications and
vendors so for example
a cisco router can also communicate with
a juniper router
or an application
that is running on a network that
supports ip can communicate to another
network that happens to be running let's
say apple talk the osi model ensures
that everybody can communicate together
because it is based on and requires that
players on the network
adhere to set standards at each layer of
the osi model
so as you can see here
here are the seven detailed layers of
the osi model and i created this chart
for you and you can download it from
howtonetwork.com as well
this chart will help you study there are
many charts out there so feel free to
google osi model
and maybe find the one that works best
for you
but this one really does lay it out it
shows you all seven layers one through seven
seven
then the name of that specific layer so
you will need to memorize that for sure
and then the responsibilities
for each layer i give you a high level
of overview of each layer's responsibilities
responsibilities
and then the functions so
what is its function what's it supposed
to be doing
what is it supposed to be supporting
and then i give you some examples
of how those functions are actually put
into use
or actually defined
and then next is the data type
the terminology that is used to describe
the data then when it's at that level of
the osi model
and then finally the devices
that are actually participating
at that specific layer of the osi model
the fact is if you memorize this chart
you're going to be well on your way to
passing your ccda exam
but that being said we still need to
dive much deeper so you have a
comprehensive foundation of the osi
model you'll see how i have it color coded
coded
the top three layers five six and seven
generally these are the layers that
really tie in with the application
itself and a lot of application specific
information is set here
now the lower four layers typically are
considered more of the networks layers
when you think of actual networking
although all these layers participate in networking
networking
when you're talking to a network professional
professional
ninety percent of their job is spent on
layers one through four uh 95 percent of
their job probably is working at layers
one through four
and if there is troubleshooting in the
osi model
oftentimes uh between layer four and
five is where the handoff would would be
between the network team troubleshooting
versus the application team troubleshooting
troubleshooting
so if the network team for example
if they can say
you know what we can confirm that
traffic is passing over the physical
layer we can see that it's being routed
at layer three and we can see it's being
received by the tcp port
we've done our job we've transferred
your data you your port has sent and
received it
um that's where they would hand it off
and then the application team would
start saying
all right well now that we've now that
we've received the data
are we actually handling it correctly
so the color coding there should help you
you
so let's go ahead and get granular let's
learn about these these layers in detail
and let's start with actually let's
start with the application layer
everything at this layer is application specific
specific
that is this layer supports the
application in the end user processes
but also then defines who the
communication partners are
quality of service and user authentication
authentication
all of these application specific
settings are determined here
and will be dealt with at the lower
layers of the osi model
this layer provides application services
for such thing as file transfers email
email
and other networked software services
next is the presentation layer
this layer provides independence from
differences in data representation
such as encryption
by translating from application to the
network format and vice versa so it's
the intermediary
between the application
and the lower layers of the osi osi model
model
so this layer works to transform data
into the form that the application layer
can accept
this layer also formats and encrypts data
data
to be sent across the network
which provides freedom from
compatibility issues
the session layer establishes terminates
or manages connections between applications
applications
so the session layer will actually set
up and then coordinate and then
terminate a conversation
or dialogue between the applications at
each end of the conversation over the network
network
so it deals with session and connection coordination
coordination
now once we go ahead and scroll over to
the examples of each of these layers i
think these are going to look very
familiar to you
examples of applications that run at
layer 7 are telnet or email or a web browser
the presentation layer surely also looks
familiar to you in the examples given
file types such as jpeg or mpeg or mp4
all of these serve as compression types or
or
ways that the data is actually handled
and then the session layer these should
look familiar to to you as well such as
sql communications or windows operating
systems communications so you can see
there are things that you already know
about you just didn't know where they
fit in the osi model now all these data types
types
are considered a part of the application
stream so when we talk about data type
and devices you know when we get down to
the network layers these are going to be
a bit more unique but all of these three
layers what they have in common is that
they're a part of this application
stream which is why i say this is kind
of the d mark point between
the network and the application when
troubleshooting does occur or when
you're designing
oftentimes these higher layers
are designed
now let's go ahead and take a look at
the first four layers
of the osi model and these will probably
be the ones that look more familiar to
you in your day-to-day job or in your
studies because
this is where a lot of the very specific
network tasks
the transport layer ensures that there
is a transparent communication process
or transfer of data between the end
systems or hosts so it takes care of
error recovery and flow control
to ensure that the data transfer has
layer 4 is the transport layer and that
obviously defines ports such as tcp or
udp ports
so for example if we have a
a
pc that is communicating to a website
it's communicated communicating to that
and let's say it has multiple brows
let's say the user has multiple browsers
open they are communicating over and
over again over port 80. now how does
the website or websites know how to
communicate back to the user
well the user has his own port numbers
and they're all different
that way he can maintain three different
conversations at the same time to let's
say three different servers over port 80
and they can communicate back to the laptop
laptop
by communicating to individual ports
in this case we'll just use an example 65009
65009
and at this layer 2 five this is where
firewalls participate so let's say we
have a firewall here that's allowing
port 80. any traffic that's coming in
for let's say port 21 that will be
blocked the firewall will not allow it
based on the port number but any traffic
destined for port 80 the firewall will
allow it to come in
so for example if users need to get to 443
443
and they will not be able to unless the
firewall administrator enables port 443
on that firewall and then when they try
to communicate to port 443 it will work
so firewalls play a key role in
maintaining security at layer 4.
the network layer provides the routing
technologies it uses the logical paths
throughout the network to ensure that
data is forwarded to the correct location
location
so such thing as
ip addressing and subnetting
now the routed layer is probably the
most well-known layer especially if
you're in networking and this actually
makes sure that packets for example here
are packet destined for 172 31 1.1
is received by the router but the router
then knows what to do with it at this
layer it then
asks well what interface do i need to
forward this out of and it will then
choose based on the layer 3 information
of the osi model what port to send it
the data link layer data packets are
encoded and decoded into bits
so it's the intermediary between the
network and physical layer
it furnishes transmission protocol
knowledge and manages and handles errors
at the physical layer including flow
control and frame synchronization
as you know switches normally
participate at layer 2
and it is broken into two sections the
mac sub layer
and the llc sub layer now you know the
mac sub layer probably very well
because if you're looking at mac
addresses on a switch for example when
you're troubleshooting
this is the layer that
is assisting with your troubleshooting
methodology so for example we pull up a
mac address
and we take a look at the mac address in
the switch
this is the sub layer that we we are
referring to
the llc layer is going to allow the
communication between layer 2 and layer
3 and layer 1. it's the it's going to
allow that communication flow between
those two layers
and then finally
the physical layer this layer conveys
the actual bit stream that is the
electrical impulse light or radio signal
through the network at the electrical or
mechanical level
so it provides the hardware means of
sending and receiving data on a carrier
and it includes defining the cable type
network interface cards and any other
so at the physical layer this is
actually where the bits are
are
heading onto the wire so literally
1 0 1 0 etc etc
are hitting
the wire
so at this layer all of the other layers
from two through seven all of that information
information
is now transmitted very simply as binary
on or off
over the wire and then when it reaches
the destination this will be decoded by
the upper layers as appropriate so
obviously now that we see these binary
numbers hitting the wire we can
appreciate what the osi model actually
does for us it take it can take this information
information
can pass it all the way back up to an
so now that you've learned about the
first four layers of the osi model let's
go ahead and take a look at what
actually operates at these layers specifically
specifically
a lot of it is a lot of this is going to
look very familiar i'm sure
so some examples of what's actually
working at layer one is one example
would be cat6 cabling which surely
you've worked with in the past
but again these are just examples so it
could be
a network interface card it could be
any type of transport
that is your physical layer
next at the data link layer
this should
next is data link layer this should look
familiar it's broken into the llc and
the mac sub layers obviously mac
addresses are something you know about
but now you know where it fits within
the osi model
next on layer 3
obviously ip or apple talk but also the
routing protocol such as ospf or bgp
these are all operating at layer three
and then layer four is some examples are
your tcp or udp ports the many different
ports that are used as the channels for
communications between applications
now when data is passing through each of
these layers it does have a unique signifier
signifier
so at the physical layer you've already
learned that it's a binary digit it's
one or zero
at layer two we call them frames
layer three we consider them packets
and layer four is considered a segment
these are all terms you should know for
your ccda exam
and finally here are some examples of
network devices that run at each of
these layers so at layer one
hubs run at layer one they're
essentially repeaters
network interface cards
layer two switches
layer three routers and firewalls
surely you will do some reading about
layer 3 switches as well but really this
is where the routing functionality comes
or if a firewall is operating at this
level it's filtering on a layer 3
address only
not the tcp or udp port number and then
layer four would be typically firewalls
are operating at this level and this is
where the filtering is occurred solely
on the port
so be prepared to pause the video
here's your challenge this chart is
going to disappear in about 10 seconds
what i want you to do is to the best
your ability on a piece of paper
fill out columns one two
two 4
4
and 7.
i want to know
the layer
the name of the layer
the functions within that layer what
it's responsible for and then the
devices that run at that layer
do your best columns one two
two four
four
and seven
go ahead and pause the video at this time
so let's pull the chart up again how did
you do go ahead and pause the video with
now if you didn't get 100 my advice to
you is to keep studying because the osi
model is something you have to know
for your ccda exam but obviously you
need to know it to be a good engineer as well
well
in this video which is complemented the
ccda study guide which how to network
provides for you
you've received a good overview of the
osi model layer by layer
my suggestion to you is do not move on
to anything else
until you've mastered this
because everything else you learn
will ultimately
in some way shape or form relate back to
this model
i wish you the best of luck in your studies
studies
hi this is david voss ccie 11372 and in
this video
we're going to cover the unique
attributes of networking devices
this video is the companion to the how
to network ccda study guide
you will receive instruction on the
individual network devices
but you will also be challenged with
some exercises to make sure the
when it comes to networking technology
it's important to understand the
different products that cisco offers for
different solutions
especially when designing lan and wan solutions
solutions
if you have already watched video 1-1
which covers the osi model
then you will appreciate how network
devices can play a very unique role in a network
network
if you haven't watched video 1-1 then i
encourage you to do so because this
information will build off of that video
the three most common network devices in
use today are routers switches and hubs
but i will also add a fourth which are firewalls
firewalls
as they may not necessarily be
considered devices used for quote
unquote networking
but they can in fact participate in
layer 3 routing of traffic
and they most certainly filter traffic
based on layer 3 and 4 qualities
so let's work our way up through the osi model
model
starting at layer one to learn about the
at layer one we begin with hubs
became necessary when the need to
connect more than two devices first arose
arose
because a cable can only connect two endpoints
endpoints
hubs are network devices that operate at
this layer and connect multiple devices
which are all on the same local area network
network
unlike switches hubs do not have any
intelligence and therefore they do not
process packets in any way they simply
forward them
their main function is to send all the
data received on a port to all other ports
ports
so devices
receive all the packets that traverse a
specific network
even if they are not addressed to them
for this reason
hubs are also called repeaters
hubs work fine in very small offices
or at someone's desk
but imagine if you have 20 50 or even
100 devices on a network
using hubs is certainly not efficient
so in order to improve performance
especially from a bandwidth and security standpoint
standpoint
local area networks are divided into
multiple smaller lands
called collision domains
and these collision domains are
interconnected by a lan switch
switches have some intelligence unlike
hubs because they send data to a port
only if the data needs to reach that
particular segment
when using switches only the destination device
device
in a communication flow receives the
data sent by the source device
however multiple conversations between
devices connected to a switch can happen
simultaneously as you see here
these are each unique flows that the
switch is processing it's receiving it
on one port and forwarding it out the
other another
and forwarding it out a different port
see the difference between this and hubs
is that it's receiving one port sending
it out one port versus all ports
switching intelligence functions based
on the mac table
the mac table contains mac address to
port mappings and is populated as
traffic traverses the switch the switch
uses that information to build the mac
address table
in this example a frame is received by
the switch but the switch does not know
the location or does not have in its mac
address table the location for this frame
frame
therefore it sends the frame out to all ports
ports
now ultimately the server receives it
and then forwards it back
and with that information the switch can
then build the mac table
so the next time
that a frame is destined for server c
the switch will know exactly which port
it is off of and it will not have to
now notice that the most important
feature of a switch is the separation of
collision domains
all the devices on a switch
may be on separate collision domains per port
port
but note that they are all a part of the
same broadcast domain
it is routers that separate broadcast
domains and switches that separate
routers operate at layer 3 of the osi
model and thus they use layer 3 addresses
addresses
the primary purpose of a router
is to forward traffic to the correct subnet
subnet
so a router is consistently looking up
destination paths in its routing table
to understand where to forward the
traffic to
that is out which specific port
now as i said earlier
routers break up broadcast domains
switches do not do that
so for example each port on this router
is its own separate broadcast domain
this ensures network efficiency so that
broadcasts are not forward throughout
the entire network when they do not have
to be
generally speaking
for each interface you have a specific
subnet is assigned to that interface and
therefore broadcasts for that subnet are
limited to that interface only
now as a reminder switches typically
connect to routers and those
ensure the segmentation of collision domains
so for example
if there was an endpoint
sending a packet to destination address
192 168 1.10
the router would receive it
and then it would check its routing table
table
in this case it looks in its routing
table and it sees that it knows of a
and that it is located off of ethernet 0.
0.
therefore the packet comes in
the router says i am aware of that destination
destination
and then forwards it out ethernet 0
and the host then receives the packet
at a high level this is the primary
function of a router
now let's say
a router does not have many entries in
the routing table only a default gateway
and that default gateway in this case is
off of the serial interface serial zero zero
zero
that means any packet
regardless of destination that is sent
to the router will be forwarded
now this is a very basic description of
how routers work routers can use static
routes but that's not ideal especially
when you have networks that are quite large
large
so in this case we have six routers all interconnected
interconnected
and to try to manage static routes for
all of the possible paths
administratively not only would be a burden
burden but
but
if you had certain static routes
pointing to specific routers and beyond
that router there was a failure of an interface
interface
due to the static nature of the routes
the routers downstream would not really
understand the true topology
therefore routers speak to one another
and they do that using routing protocols
and the in this case the entire routing
domain all six routers can be a part of
a routing protocol such as ospf
eigrp or any of the other routing protocols
protocols
and in this way they are communicating
back and forth
layer 3 information
so for example if an interface went down
on a router that would that information
would be forwarded to its neighbors and
its neighbors would then forward that
information to all of their neighbors
therefore the entire domain would
quickly be updated with this information
if you effectively have a routing
protocol enrolled out to your entire campus
campus really
really
no static routes should be required
and i want to emphasize one more point
no static routes are desired
static routes should only be used as a
last resort
next let's talk about firewalls now
please understand firewalls are not
typically considered a networking device
when people think of networking devices
they generally think of hubs switches
and routers
but the fact is firewalls do operate at
layer 3 and layer 4
and they can be used as routed devices
although it's not always the ideal there
definitely are situations where you are
going to find firewalls acting as
now as we talk about firewalls let's see
how firewalls fit in the big picture
let's just recap everything we've
learned so
first you've learned about the layer one
device which is a hub
hubs are normally found on desktops or
in very small offices
hubs generally
connect up to switches
switches are your aggregation points and remember
remember
they segment collision domains
switches then connect into routers
and routers are your aggregation points
for your separate subnets
and they often will connect to for example
example
exterior networks or in this case the internet
internet
so the firewall
protects the network from these exterior networks
networks
so the firewall is the protection point
for the networks one possible way of
doing it there are many ways of doing it
is to simply put the firewall
and directly connect it into the router
so that all traffic from the router must
go through the firewall
and then on a separate nick on the
firewall you would connect that to the
internal switch now again there's many
ways you can do this
but you'll get the general idea that all
layer 3 traffic
must go through this firewall
the firewall will have set rules at
layer 3
only allowing specific layer 3
conversations through the firewall or
or
what is generally seen more often
is layer 4 rules on the firewall only
allowing specific ports inbound
so let's say if you had an internal
web server that you wanted users on the
internet to hit
you could allow only that traffic
inbound to port 80 to hit this specific
ip this specific web server
now that being said
firewalls do this filtering function and
the reason they're in this video as a
network device
is that sometimes
it can occur
where a firewall can actually act as a
routed device
so if you had a dmz off of the firewall
for example
and its own switch
you're running an actual ecommerce site
and you have your web server here
because you have a lot of traffic coming in
in
and you want to make sure that you keep
it secure so you have your web server
your ids
which monitors all traffic etc
in this case
the traffic's coming into the router the
firewall is actually actually making a
decision here
do i forward it inbound or do i forward
it over to a separate nic over to this dmz
dmz
so although you won't see firewalls
listed as network devices per se
the fact is sometimes they very much can
play a part in the network and the
routing decisions
and actually there are even times where
firewalls can run routing protocols it's
not the norm but there are times where
you will see
bgp especially configured
configured
to a firewall
security experts would probably take
issue with that but that doesn't mean
you won't see it
so therefore there's your overview of
firewalls understanding that they
operate at both layer 3 and layer 4 and
then again they can operate as actual
forwarding devices making routing
decisions on the network
so why do you see a blank screen well
it's your term please get a blank piece
of paper and write down vertically one
two three and four
and then write down which devices match
which layer of the osi model
go ahead and do that now write down one
two three and four on your piece of
paper and write down which network devices
devices match
match
so how did you do
as you can see here are the layers of
the osi model and the network hardware
that matches with each layer
you're going to need to know this for sure
sure
as you proceed in your ccda studies but
so just to recap what we've learned
you've gone through
layer one two three and four of the osi
model and specifically you can see
how the network devices work within each
of these layers of the osi model so
again if you are not an expert at the
osi model yet please revisit video one
one and study it because as you can see
everything you're beginning to learn is
based off of that
hubs are at layer one switches work at
layer two
just a note switches can also work at
layer three there are such thing as
layer three switches that have some
routing functionality um
um
routers and firewalls work at layer three
three
and then firewalls work at layer four
this provides you a really solid
foundation moving forward so that when
you do hear about hubs switches routers
and firewalls
you understand where they fit in the osi
model and what their primary task is on
hi this is david voss
cci11372 and in this video you are going
to learn about network types
specifically wide area and local area networks
networks
let's go ahead and dig in
and learn about local area networks
local area networks are local computer
networks used to communicate between
host systems
generally for sharing information such
as documents audio files video email
they have limited reach and they connect
devices generally in the same building
or the same campus if you're using fiber
to extend the local area network
usually they're private and belong
solely to the companies in which they
are deployed
now in the past the topologies were ring bus
bus
mesh and star but today the most common
topology is switched ethernet
the different lan technologies available
today that are the most popular are
ethernet fast ethernet
gigabit ethernet
and now 10 gigabit ethernet is becoming
more and more popular
and then finally what is obviously very
popular at this point is wireless lan
where you can reach up to 600 megabits
per second
under the 802.11n specification
now at the higher layers of the osi
model it's the tcpip is the standard
which has replaced net buoy ipx spx and
apple talk among others although
if you travel around enough you
certainly are going to see some of these
older protocols
still out there so let's just go ahead
and draw out a typical local area
network first you're going to have an
access layer switch and if you remember
from typical design there's core
distribution and access layer well we're
in the access layer now
and the access layer switch is going to
connect out to let's say pcs or
or
ip based phones
these are all things that can be
connected into the local area network
including wireless access points
so the local area network can be extended
extended
as you can see here to a wireless access point
point
and then other systems wireless systems
can communicate such as laptops
or mobile phones
can be a part of can connect to the
local area network as well
now this access switch connects up to a
distribution switch
and the distribution switch ultimately
connects back into the core
and this would all still be considered
part of the local area network
but once we connect into a router then
we start talking about what the edge is
so we're moving off the edge into the
router then the wind would be off the
router itself
so there's kind of a dmarc point
if you think of local area network and
it's right about here between the router
and the core switch
now this distribution layer switch would
often be a layer three switch this would
this would be where your gateway is and
i bring this up because systems on your
local area network generally are on the
same subnet so in this case 192.168.1.0.24
and then here we have 1.10 1.11. now the
wireless access point may be 1.12 for
management and maybe that wireless
access point extends out another let's
say 10 dot network that assigns ip
addresses to anything that's wireless
these even those are even though these
are different subnets this would all be
considered a part of your local area network
so as you can see whether it's wired or
wireless that is your
lan and then the when is anything off of
your router and we'll talk about winds
in a minute
now the wide area network is used to
connect lands or other types of networks
together we'll briefly cover some of the
other types of networks as well
it allows users and computers in one
location to communicate with users and
computers in other locations
these are usually private networks
and they're usually built for one
but that being said
if you have an internet connection and
most businesses do nowaday nowadays
nowadays
there is a public connection from an organization
organization
to the internet
and at the end of each wan connection a
router connects the lan on one side with
now again you can connect over a private
network or you can connect over the internet
internet
as you can see there are five primary
types of wide area network technologies
lease line circuit switching packet switching
switching
connection oriented packet switching
connection lists and then cell relay
some are still very popular and some are
not used much at all anymore but that
being said you should be aware of all five
five
for your ccda exam
let's begin with discussing least line
now at least line very simply
would be connecting two routers
over a dedicated circuit so in this case
let's say chicago over to washington dc
a wide area can network a wide area
network connection is one single circuit
purchased by the company no other traffic
traffic
can go on that circuit except for the
traffic from this company
and it's connecting two local area
networks so yes
this is a very secure method of
transferring data between chicago
and dc
and this connection will be the wide
area network
next let's talk about
circuit switching now circuit switching
was once very popular and is still often used
used
for backup solutions so circuit
switching provides
temporary data communications over a
wide area network
which requires a call setup procedure
but that being said you will not be
charged for using the circuit when it's
not in use
so a circuit switching you would have
and then if interesting traffic hit one
and that is traffic destined for the
other location it would then place a
call or set up the wide area network connection
connection
and once that session was initiated
the traffic would then flow over the circuit
next let's talk about packet switched
connection oriented
some popular types of implementations of
this are frame relay
x25 and
more recently mpls
now in this case let's say we have one
hub site
and three remote sites you can set up a pvc
pvc
permanent virtual circuit which means
that that circuit is always up regardless
regardless
or an svc switch virtual circuit where
if there's interesting traffic
it will bring up
a virtual circuit and then forward
traffic and then tear it down again
now that being said
all this traffic is floating over a
provider network so
so
making sure that your
circuits are secure is going to be key
working with your vendor to ensure
security is a high priority not only for them
them
but additional measures that you can
take on your end to ensure all data
transmissions are secure over their
network where many customers are sharing it
it
next there is packet switched connectionless
connectionless
you certainly know of this or you
certainly use this already
whenever you connect to the internet
you're using this type of service
the system is relying on the i p
forwarding of routers on the network
it's not so concerned about the exact
path it takes
rather it just makes sure it relies on
the upper layer protocols to make sure
that the traffic reaches reaches its
destination so in this case we have an
internet edge
connecting to an internet service provider
provider
and let's say we have another location
with an edge connected to another
internet service provider
now how it gets there we don't know i
mean there we can't it can't be guaranteed
guaranteed
the path it will take it'll be going
over the internet
and um certainly we can look up how it's
getting there and how it's returning
but it can take many different paths
to get there
so that means traffic might not arrive
in order it may not be taking the path
you expect and you don't have ultimate
control over that now that being said if
you want more control and you want more
security you can connect two devices
into the internet and create your own
little private wide area network connection
connection
by creating tunnel interfaces on your
routers and then creating a gre tunnel or
or
an ipsec tunnel
which would encrypt the data
and to you it would look like a
point-to-point connection even though
it's going over the internet you're not
exactly sure which router just going over
over
but according to your systems and your
routing protocols it could look like a
point-to-point connection
and that's one very popular way of
saving money
is by rolling out
secure communications
and then finally there is cell relay now
this was very popular about 15 years ago
but due to the increase in bandwidth and
availability of ethernet and other options
options
this fell by the wayside due to the
large overhead but that being said
you should be aware of it
with atm it is a fixed cell technology
technology
so all the cells are the same size
and data is then placed inside
and is forwarded
so think of a train heading down the tracks
tracks
all the compartments are the same size
data is placed in it's very efficient
that way
but that being said there is a lot of
overhead because you don't always need
to use
that size of cell so here's what you
learned you learned about local area and
wide area networks
these are the two network types that you
are going to need to understand in and
out to pass your ccda exam
so this just got you started in the very basics
basics
and i encourage you to watch the rest of
the videos
so that you master the knowledge
necessary to understand all the
components of local and wide area networks
networks
enough information so that you can pass
your ccda exam
hi this is david voss ccie 11372
and in this video we're going to cover
tcpip fundamentals
as well as we're going to discuss udp
and icmp to bundle it in there for you
as you prepare for your ccda exam
so let's begin
begin
in this video you will specifically
learn about the different types of
headers used on the network the ip tcp
and udp header as well as how they
operate on the network
you will then review how routing works
and some of the issues faced or tools
used when routing
so let's begin
the tcp stack maps to the network and
transport layers of the osi model
ip or internet protocol has become the
de facto standard for network
what you see before you is the ip header
you will need to know the functions for
each of the fields you see before you
let me cover some of the functions that
you will most likely need to know for
your exam and in real world troubleshooting
troubleshooting
first there's the version field
the version field indicates that it is
ipv4 in this instance with a value of 0
1 0 0.
then there's the type of service field
this field is
commonly referred to as the type of
service byte it has 8 bits used to set
quality of service markings
and specifically within this
field is dscp the six left most bits are
used for dscp
which obviously commonly is associated
with quality of service marking
next is the ip flags field this is a
three bit field
the second bit of this field is the df
or do not fragment fragment bit
and that indicates that a packet should
not be fragmented
then there's the time to live field
this is an eight bit field that is
decremented by one each time a packet is
routed from one ip network to another if
ttl ever reaches zero the packet is discarded
discarded
the protocol field which is an eight bit
field specifies what kind of data
type of data is encapsulated
in the packet
tcp and udp are common protocols
identified by this field
finally the source address field which
is a 32-bit field indicating the source
of the ipv4 packet and then the
destination address field which again is
a 32-bit destination destination address
which indicates the destination
for that packet
first you have the version field just
like ipv4 but in ipv6
the value is 0 1 1 0.
the traffic class field
performs the same function as the type
of service field in ipv4
header the flow label field
is used by a router to use a specific
outbound connection for a traffic flow
if a router has multiple outbound connections
connections
the hot limit field probably sounds
familiar it's the same as the ipv4 ttl field
field
and then you have your source and
destination address field which is
similar to ib ipv4 headers 32-bit source
address field but in this case because
it's ipv6 it's 128 bits for both
obviously source and destination
next let's move on to the tcp segment
header here are some of the fields you
will certainly need to know you have the
source port field which is the 16-bit
field indicating the sending port number
and the destination port field again a
16-bit field so for example
if you connect to howtonetwork.com
you're connecting
to a destination port of 80 which is the
tcp port for http the sequence number
field is a 32-bit field indicating the
amount of data sent during a tcp session
the sending party uses this field to
make sure the receiving party actually
receive the data
the receiving party uses the sequence
number from this field as the basis for
the acknowledgment number
in the next segment that it sends back
to the sender and then the window field
which is a 16-bit field it specifies the
number of bytes a sender is willing to
transmit before receiving an
acknowledgement from the receiver and
we're going to follow this up in a few
minutes as we talk more about tcp window sizes
sizes
now that you've learned about what is in
a tcp header you need to understand the
basics of how tcp initiates traffic
flows over a network it's not complex
but you certainly need to know it if
you're tested on it
the process of setting up a tcp session
involves a three-way handshake
step one
the session initiator sends a sin packet
or a send message to the target host
and then
the host the target host acknowledges
the receipt of that sin message and
sends an act or acknowledgement message
and it also sends a sin message of its own
own
finally the session initiator receives
the send message from the target and
again it acknowledges receipt by sending
an ack message
and therefore you have a tcp session established
established
you need to know each of those steps one
two and three for your exam
earlier you learned about the window
field so let's circle back and talk
about that a little bit
tcp communication uses windowing
one or more segments can be sent at one time
time
the receiver acknowledges the receipt of
all segments in a window with an
acknowledgement now tcp can use a
sliding window
the window size can begin with one
segment and then if there's a successful
acknowledgement of that segment the
window size doubles to two segments
and then if those two segments are
received the next window can contain
four segments
this increase in window size continues
until the receiver does not acknowledge
successful receipt of all segments
within a certain time frame
known as the round-trip time the other
iplayer for transport protocol is udp
udp is considered to be an unreliable
protocol because it lacks all of the
features of tcp there's no sequence
numbering no window size no acknowledgements
acknowledgements
you can see here the header is quite simple
simple
it contains only source and destination
port numbers
and then a udp checksum and then segment
length so why use udp well it's best for
servicing applications that need to
maximize bandwidth and do not require
acknowledgments such as video streams or
audio and in fact the primary protocol
used to carry voice and video traffic
over networks is rtp
rtp
real-time transport protocol and that's
a layer 4 protocol that is encapsulated
inside of udp
now that you have a good understanding
of the individual headers in the tcpip stack
stack
cisco wants you to understand how this
traffic actually traverses the network
so let's go ahead and use this basic example
example
we have a pc that wants to send data
over to a server
the first step in this process is that
the pc will compare its ip address and
subnet mask to that of the destination
the pc by doing this is aware that the
destination ip address is on a remote
network and it cannot directly reach it
so the pc understands it needs to send
this packet now to its default gateway
it doesn't do that automatically yet it
needs to know actually who the default
gateway is
the pc needs to know the layer 2 address
of the default gateway so it sends an
arp request
for router 1's mac address and then it
receives a response
the pc adds router 1's mac address to
its arp cache and then now it can send
the data in a frame destined for server
1 to the default gateway because it has
the matching layer 2 and layer 3
information needed to forward that
request or to forward that message onto
the gateway
router 1 then receives the frame sent
from the personal computer
and looks at the ip header
and remember the ttl field it decrements
that field by one
now if the ttl field happened to be zero
which is not but if it happened to be
zero the router would discard the frame
and then send a time exceeded icmp
message back to the pc
the ttl is not decremented to zero here
so router one checks its routing table
and then understands that the best path
to re to reach network 192.168.4.0 is
is
the wan connection or over serial one
so it then forwards that message over to router2
router2
note that it does not need to do an arp
request because this is a serial
interface and serial interface types do
not have mac addresses
so then router 2 receives the frame and
again it decrements the ttl and the ip header
header
looks at the ip header
and then
determines where is this destination
network the destination network is
directly connected off the ethernet interface
interface so
so
router 2
needs to understand
now that it has the destination what the
mac address is for that destination
and it sends out an arp request
receives the information back the arp reply
reply
from server one
and then router two forwards the frame
out it's fast ethernet interface to
server one
so that's a really basic example
but cisco wants you to understand all
the individual steps and how routing
actually works
now let's dig even deeper into what's
occurring on the network and an
important concept that cisco wants you
to know which is mtu or maximum
transmission unit
an mtu refers to the largest packet size
supported on a router interface and
typically 1500 is the common value
smaller mtu sizes result in more
overhead because more packets have to be sent
sent
but if you're sending data over slower
speed links
large mtu values could cause delay for latency
latency
sensitive traffic
when you have high speed connections let
me give you an example of let's say a
private interconnect between two servers
what happens is administrators often
enable jumbo frames
those are frames over the standard size
or the standard mtu size so that more
data can be forwarded in fewer number of
packets and therefore
fewer headers that routers have to
process on the network or systems need
to process on the network
now if you're going to run a network
you're going to need to troubleshoot it
and icmp messages are something that you
probably are going to be tested on
in the ccnp route exam
icmp is most often associated with the
ping utility and you use that obviously
you've used that in the past to check connectivity
connectivity
but it has many other roles beyond ping
it uses a variety of message types as
you can see here
but there's two that it appears cisco
wants you to focus on the first is
destination unreachable which you're
probably already aware of but if a packet
packet
enters a router which is destined for an
address that the router has no idea how
to reach the router will let the sender
know by sending a destination
unreachable icmp message back to the senator
senator
the other message that you may not be
aware of is the redirect a host may have
routing information
that will help it reach a particular
destination network
so it'll send it to that next top ip address
address
but network conditions can change
and a different next hop ip address may
need to be used
in that case the original next hop
router can let the host know to use a
different path by sending a host
redirect icmp message
so you've learned a lot in this video
when you started it you probably thought
it would be a simple review but surely
you've picked up quite a bit of information
information
hi this is david voss ccie 11372 and in this video we will be covering
and in this video we will be covering the first of two videos on layer 2
the first of two videos on layer 2 technologies
technologies we will start with spanning tree
we will start with spanning tree in this video you will learn about
in this video you will learn about spanning tree
spanning tree bpdus or bridge protocol data units
bpdus or bridge protocol data units stp port states
stp port states cost and
cost and priority stp port types
priority stp port types and then finally bpdu timers
and then finally bpdu timers all of this information is not only
all of this information is not only going to help you on your ccda exam
going to help you on your ccda exam but will certainly make you a better
but will certainly make you a better engineer as well
engineer as well so let's begin
so let's begin stp is defined in the ieee 802.1d
stp is defined in the ieee 802.1d standard and its primary purpose is to
standard and its primary purpose is to make sure that your network is loop free
make sure that your network is loop free it operates by making the following
it operates by making the following assumptions that all links are
assumptions that all links are bi-directional and that they can in fact
bi-directional and that they can in fact send and receive bpdus
send and receive bpdus and that the switch itself
and that the switch itself is able to regularly receive process and
is able to regularly receive process and send
bpdus now all switches that reside in the same stp domain regularly regularly
the same stp domain regularly regularly exchange these bridge protocol data
exchange these bridge protocol data units these messages with one another
and ultimately the network uses the information from
the network uses the information from these data units
these data units to determine the network topology and
to determine the network topology and the flows of traffic
the flows of traffic the topology of an active switch network
the topology of an active switch network is determined by the following three
is determined by the following three variables the unique mac address or the
variables the unique mac address or the switch identifier associated with each
switch identifier associated with each switch
switch the path cost to the root bridge
the path cost to the root bridge associated with each port on the switch
associated with each port on the switch and the port identifier
and the port identifier all these play a big role in the
all these play a big role in the decision making
decision making of how traffic will flow on a network
some basic facts bpdus are sent to the stp multicast destination address as you
stp multicast destination address as you see here
see here and by default they are sent every two
and by default they are sent every two seconds
seconds now there are two type of data units
now there are two type of data units that we should know of
that we should know of configuration bpdus and tcns or topology
configuration bpdus and tcns or topology change notification bpd use
change notification bpd use now switch has determined the best
now switch has determined the best configuration bpdu
configuration bpdu based on the following criteria
based on the following criteria which is lowest root bridge id which is
which is lowest root bridge id which is based on root bridge id
based on root bridge id root path cost to the root bridge
root path cost to the root bridge sender bridge id and sender port id
before we can continue we should really understand
understand how things work in spanning tree
how things work in spanning tree regarding just the ports themselves so
regarding just the ports themselves so spanning tree ports so in a typical
spanning tree ports so in a typical environment we're going to have one root
environment we're going to have one root switch and we have three switches
switch and we have three switches connected here switch one two and three
connected here switch one two and three and switch one is the root and this is
and switch one is the root and this is gonna help us understand how
gonna help us understand how spanning tree
spanning tree designates ports so
designates ports so in spanning tree the root never has root
in spanning tree the root never has root ports because root is always the
ports because root is always the forwarding port that is closest to the
forwarding port that is closest to the root bridge so this root only has
root bridge so this root only has designated ports switch 2 and switch 3
designated ports switch 2 and switch 3 both have root ports that is the
both have root ports that is the forwarding port that is closest to the
forwarding port that is closest to the root bridge in terms of path cost
root bridge in terms of path cost and then
and then switch 3 has a designated port this is
switch 3 has a designated port this is one forwarding port on each lan segment
one forwarding port on each lan segment and then switch 2 is the alternate port
and then switch 2 is the alternate port this is the best alternate path to the
this is the best alternate path to the root bridge on that very same segment
root bridge on that very same segment segment
segment next to switch 3 we're going to connect
next to switch 3 we're going to connect switch 4.
switch 4. switch 3 is going to have a designated
switch 3 is going to have a designated port but it's going to also here have a
port but it's going to also here have a backup port a backup port
backup port a backup port is a backup redundant path to a segment
is a backup redundant path to a segment where another bridge port already
where another bridge port already connects
the backup port applies only when a single switch has two links to the same
single switch has two links to the same segment
now we can better understand the following slide at the completion of
following slide at the completion of configuration bpdu exchange the
configuration bpdu exchange the following results a root switch is
following results a root switch is elected for the entire spanning tree
elected for the entire spanning tree domain
domain and a root port is elected on every
and a root port is elected on every non-root switch in the spanning tree
non-root switch in the spanning tree domain
domain as you will remember a root port is a
as you will remember a root port is a forwarding port that is the closest to
forwarding port that is the closest to the root bridge in terms of path cost
the root bridge in terms of path cost a designated switch is elected for every
a designated switch is elected for every land segment and a designated port is
land segment and a designated port is elected on the designated switch for
elected on the designated switch for every segment
every segment and if we and if you will remember a
and if we and if you will remember a designated port is a forwarding port
designated port is a forwarding port for every lan segment the chosen
for every lan segment the chosen forwarding
forwarding port then finally based on all this
port then finally based on all this information and all these calculations
information and all these calculations loops are avoided in the network
now topology change bpdus play a key role
role in handling changes in the active
in handling changes in the active topology
they are proactively originated by any switch and sent upstream toward the root
switch and sent upstream toward the root bridge
bridge providing information that would be key
providing information that would be key to keeping the network loop free
let's next let's talk about spanning tree port states
802.1d has five different port states disabled blocking listening learning and
disabled blocking listening learning and forwarding
forwarding let's talk about each of these in depth
when a switch port is in blocking mode the port is not transmitting or
the port is not transmitting or receiving data
receiving data and it's prevented from transmitting
and it's prevented from transmitting bpdus
bpdus packets arriving on the port are not
packets arriving on the port are not learned by the bridges filtering
learned by the bridges filtering database
database a block port though can receive bpdus
a block port though can receive bpdus and is included in the spanning tree
and is included in the spanning tree algorithm calculation
algorithm calculation so
so ultimately it could be used to transfer
ultimately it could be used to transfer data but it's not it's blocking at this
data but it's not it's blocking at this point
next let's talk about the port state of listening
a listening port is not transmitting or receiving data and packets on the port
receiving data and packets on the port are not learned by the bridges filtering
are not learned by the bridges filtering database
database but it can transmit and receive bbdus
but it can transmit and receive bbdus and is included in the spanning tree
and is included in the spanning tree algorithm calculation
algorithm calculation the listening state is a transitional
the listening state is a transitional state
state that will change to the learning state
that will change to the learning state after a settable time of period which we
after a settable time of period which we know as the forward delay timer
in a learning state the port is not transmitting or receiving data but it
transmitting or receiving data but it can receive and transmit bpd use
can receive and transmit bpd use it is included in the spanning tree
it is included in the spanning tree algorithm calculation
algorithm calculation and the packets arriving on the port are
and the packets arriving on the port are in fact learned by the bridges filtering
in fact learned by the bridges filtering database
database this also is a transitional state that
this also is a transitional state that will automatically change to a
will automatically change to a forwarding state after a settable period
forwarding state after a settable period of time which is called the forward
of time which is called the forward delay timer
and as appropriate let's move on to the forwarding state
the forwarding state is the only state in which data is being transmitted and
in which data is being transmitted and received by the port
received by the port it can receive and transmit bpdus and is
it can receive and transmit bpdus and is included in the spanning tree algorithm
included in the spanning tree algorithm calculation
calculation the packets arriving on the port are
the packets arriving on the port are learned by the bridge's filtering
learned by the bridge's filtering database
finally let's talk about the disabled port state
a port is disabled or in a disabled state
state when the port is not transmitting or
when the port is not transmitting or receiving data packets or bpdus and is
receiving data packets or bpdus and is not considered in the spanning tree
not considered in the spanning tree algorithm
so as you can see once a port is enabled by a network administrator or through
by a network administrator or through initialization
initialization it goes through a process or these
it goes through a process or these different port states
different port states the port will move into a listening and
the port will move into a listening and learning and ultimately a forwarding
learning and ultimately a forwarding state if the spanning tree algorithm
state if the spanning tree algorithm has chosen it as a root port or a
has chosen it as a root port or a designated port if spanning tree has not
designated port if spanning tree has not chosen the port
chosen the port as a root or designated port
as a root or designated port it will put the port into a blocking
it will put the port into a blocking state
you know that also as an alternate port or a backup port
now spanning tree uses the bridge id to uniquely identify each switch and
to uniquely identify each switch and it's actually used to assist in the
it's actually used to assist in the election of a spanning tree root bridge
election of a spanning tree root bridge unless of course the root bridge has
unless of course the root bridge has been manually configured
been manually configured in the 802.1d standard each vlan
in the 802.1d standard each vlan requires a unique bridge id
requires a unique bridge id so spanning tree root bridge election
so spanning tree root bridge election following initialization all switches
following initialization all switches initially assume that they are root but
initially assume that they are root but the switch with the highest bridge
the switch with the highest bridge priority is elected this the spanning
priority is elected this the spanning tree root bridge
tree root bridge now all things being equal if nothing's
now all things being equal if nothing's been configured and all things set are
been configured and all things set are set to default
set to default then the root bridge is chosen
then the root bridge is chosen by the lowest order mac address
by the lowest order mac address during route election no traffic is
during route election no traffic is forwarded over any switch in the same
forwarded over any switch in the same spanning tree domain until things are
spanning tree domain until things are stabilized and there's a loop free
stabilized and there's a loop free topology
spanning tree uses cost and priority values to determine the best path to the
values to determine the best path to the root bridge
root bridge in the 802.1d specification it assigns a
in the 802.1d specification it assigns a 16-bit default port cost values to each
16-bit default port cost values to each port now
port now note this before we dig into the actual
note this before we dig into the actual port values
port values the port cost is globally significant
the port cost is globally significant and is included in all propagated bpdus
and is included in all propagated bpdus by default the lower number the lower
by default the lower number the lower costs are more preferred
costs are more preferred so you're going to see this in a second
so you're going to see this in a second as we draw this out
as we draw this out but in the event that multiple ports
but in the event that multiple ports have the same path cost then spanning
have the same path cost then spanning tree will consider the port priority the
tree will consider the port priority the default value is 128
default value is 128 but you should note that the port
but you should note that the port priority is locally significant
priority is locally significant and not included in spanning tree
and not included in spanning tree protocol bpdus
so the spanning tree protocol default port cost
port cost it depends on the interface speed and
it depends on the interface speed and you'll notice here from this chart
you'll notice here from this chart that the higher the speed the lower the
that the higher the speed the lower the cost and this comes into play
cost and this comes into play when spanning tree is actually trying to
when spanning tree is actually trying to calculate
calculate the best path to root
the best path to root so for example
so for example let's draw out a network with five
let's draw out a network with five switches
switches and we're going to bring each of these
and we're going to bring each of these switches online
switches online and lets spinning tree decide which is
and lets spinning tree decide which is the best path
the best path and which ports should be root which
and which ports should be root which ports should be designated ports
ports should be designated ports so they are all
interconnected and let's pretend we are powering them all on
powering them all on now let's say the switches aren't all of
now let's say the switches aren't all of the same speed so
the same speed so for example
for example we have a 10 megabit switch
100 megabit switch and we'll just say all the interfaces on the switch
all the interfaces on the switch are that speed
are that speed a one gigabit switch
a one gigabit switch 100 megabit switch here
so as you remember from the chart these numbers should start to look
these numbers should start to look the cost of two is assigned to a 10
the cost of two is assigned to a 10 gigabit interface cost of four a one
gigabit interface cost of four a one gigabit interface
gigabit interface cost of a 19 100 megabit interface
cost of a 19 100 megabit interface and a cost of 100 to a 10 megabit
and a cost of 100 to a 10 megabit interface
interface and spanning tree will calculate as you
and spanning tree will calculate as you can see
can see it's doing right here spanning tree is
it's doing right here spanning tree is calculating best path
calculating best path to
to to the root and let's say we've let's
to the root and let's say we've let's say we've assigned the one gigabit
say we've assigned the one gigabit switch as our we've manually set it
switch as our we've manually set it spanning tree would then calculate
spanning tree would then calculate and as you can see here from the 10
and as you can see here from the 10 megabit switch through the 100 meg over
megabit switch through the 100 meg over to the one gig
to the one gig it's a hundred and the total cost is
it's a hundred and the total cost is 123.
123. and then the other path the total cost
and then the other path the total cost is 119. that's the lower cost
is 119. that's the lower cost that would be the root port
that would be the root port because that would be the preferred path
so as you know we've already talked about some of these
we've already talked about some of these ports but spanning tree elects two types
ports but spanning tree elects two types of ports that are used to forward bpd
of ports that are used to forward bpd use
use and that's the root port
and that's the root port now note the root switch never has any
now note the root switch never has any root ports because
root ports because this is the port that provides the best
this is the port that provides the best path to the root bridge
path to the root bridge so every other switch is going to have
so every other switch is going to have one root port that's the best path to
one root port that's the best path to the root bridge the root bridge will not
the root bridge the root bridge will not have a root port for obvious reasons
have a root port for obvious reasons the root path cost is calculated based
the root path cost is calculated based on the
on the cumulative cost to the root
the designated port actually points away from the spanning tree root and it sits
from the spanning tree root and it sits in a blocking state
in a blocking state all ports on the root are designated
all ports on the root are designated ports because the root path cost will
ports because the root path cost will always be zero
always be zero the designated port
the designated port is the best port on a segment
is the best port on a segment so for example
so for example on a segment you will have
on a segment you will have on a segment where there is no root
on a segment where there is no root switch you will have one designated port
switch you will have one designated port and all the other ports will be either
and all the other ports will be either alternate or backup ports
we talked about quite a bit about bpd use in
use in in video lesson three module one but
in video lesson three module one but let's build upon that further
let's build upon that further bpdus includes several timers that play
bpdus includes several timers that play an integral role in the operation of the
an integral role in the operation of the protocol
protocol and the modification of these timers
and the modification of these timers should always be made at the root bridge
should always be made at the root bridge there are three configurable spanning
there are three configurable spanning tree timer values which is hello
tree timer values which is hello forward delay and max age
forward delay and max age the hello time is two seconds by default
the hello time is two seconds by default forward delay is 15 seconds by default
forward delay is 15 seconds by default and max age is 20 seconds by default
so here's what you've learned you've learned about the foundation of spanning
learned about the foundation of spanning tree which is bpdus
tree which is bpdus port states
port states cost and priority and the stp port types
cost and priority and the stp port types so this provides you a solid foundation
so this provides you a solid foundation for designing your networks and your
for designing your networks and your ccda exam good luck in your studies
hi this is david voss ccie 11372 and in this video you're going to learn
and in this video you're going to learn about the layer 2 technology vlans
about the layer 2 technology vlans so here's what you'll learn you'll learn
so here's what you'll learn you'll learn about vlans and then you're going to
about vlans and then you're going to learn specifically about what makes
learn specifically about what makes voice vlans unique so let's go ahead and
voice vlans unique so let's go ahead and begin our video with just some of the
begin our video with just some of the basics about what vlans are
what exactly is a vlan well cisco says it's a group of end stations with a
it's a group of end stations with a common set of requirements
common set of requirements using vlans allows you to put
using vlans allows you to put many different devices in many different
many different devices in many different locations on the same
locations on the same logical network on the same layer 2
logical network on the same layer 2 network
network in the past without vlans
in the past without vlans you would have to rely upon
you would have to rely upon simple hardware solutions but a vlan
simple hardware solutions but a vlan allows you to virtualize your layer 2
allows you to virtualize your layer 2 segment
segment vlans are usually associated by the same
vlans are usually associated by the same subnet so normally devices on a vlan
subnet so normally devices on a vlan are are sharing the same subnet
are are sharing the same subnet and and with this in mind
and and with this in mind they're sharing the same broadcast
they're sharing the same broadcast domain that is the norm
domain that is the norm and then vlans must be routed to
and then vlans must be routed to communicate with other vlans so it is a
communicate with other vlans so it is a true layer 2 segment
true layer 2 segment a vlan is not going to be able to
a vlan is not going to be able to communicate with another vlan
communicate with another vlan unless it is passed through a layer 3
unless it is passed through a layer 3 device which can route it
device which can route it now there are two types of switch port
now there are two types of switch port types
types for vlan membership that we need to
for vlan membership that we need to understand
understand and the first is
and the first is the access port
the access port now access ports can only belong to a
now access ports can only belong to a single vlan now when you think of an
single vlan now when you think of an access port
access port it's pretty much probably what you think
it's pretty much probably what you think of it's usually for end devices like a
of it's usually for end devices like a workstation
workstation or a server
or a server it is a device that is an end station
it is a device that is an end station and again accessport can only belong to
and again accessport can only belong to a single vlan
a single vlan typically used to connect end devices
typically used to connect end devices and there are two methods to assign
and there are two methods to assign ports
ports uh to vlans
uh to vlans for these access ports the first which
for these access ports the first which is by far the the most popular
is by far the the most popular is the static vlan assignment so an
is the static vlan assignment so an administrator actually doing it and then
administrator actually doing it and then dynamic vlan assignment
dynamic vlan assignment which is done by a server so let's dig a
which is done by a server so let's dig a little bit more into that into those two
little bit more into that into those two concepts
concepts so
so when we have a static vlan assignment
when we have a static vlan assignment the network administrator is actually
the network administrator is actually manually configuring a switch port to be
manually configuring a switch port to be a part of a vlan
a part of a vlan the network administrator is saying is
the network administrator is saying is programming the port to say you are
programming the port to say you are going to be an access port
going to be an access port and you're going to be associated with
and you're going to be associated with this specific vlan
this specific vlan now you can do this dynamically and this
now you can do this dynamically and this is not as popular but there is something
is not as popular but there is something called a vlan management policy server
called a vlan management policy server which can assign a desired vlan to users
which can assign a desired vlan to users connecting to a switch
connecting to a switch we don't need to get much deeper than
we don't need to get much deeper than that
that for your exam but you need to you do
for your exam but you need to you do need to know these two methods
need to know these two methods now there's another type of port that we
now there's another type of port that we need to understand to understand the
need to understand to understand the concept of vlans and that is trunk ports
concept of vlans and that is trunk ports and trunk ports are used to carry data
and trunk ports are used to carry data from multiple vlans
from multiple vlans so
so access ports only allow communication
access ports only allow communication from
from one end device over a specific vlan
one end device over a specific vlan well ultimately if you're hosting many
well ultimately if you're hosting many vlans
vlans this traffic's gonna need to be able to
this traffic's gonna need to be able to communicate
communicate um throughout your network uh so that
um throughout your network uh so that they're not limited
they're not limited uh limited by a hardware device so your
uh limited by a hardware device so your vlan may your vlans may be spread
vlan may your vlans may be spread throughout
throughout many floors or
many floors or maybe even many buildings
maybe even many buildings trunk ports allow you to carry data from
trunk ports allow you to carry data from all these different vlans between all
all these different vlans between all your different hardware devices
your different hardware devices now there are some standard vlan numbers
now there are some standard vlan numbers and ranges you should know specifically
and ranges you should know specifically let's focus on two 1001 these vlans are
let's focus on two 1001 these vlans are created and used and deleted on all
created and used and deleted on all cisco catalyst switches
cisco catalyst switches and another one that you should really
and another one that you should really focus in on is the range of 1006 to
focus in on is the range of 1006 to 4094.
4094. these are
these are extended this is an extended range of
extended this is an extended range of vlans for ethernet vlans only
vlans for ethernet vlans only now you may be asked about these other
now you may be asked about these other ranges but i would focus in on
ranges but i would focus in on vlan ranges two to one thousand and one
vlan ranges two to one thousand and one and one thousand six to four thousand
and one thousand six to four thousand ninety four
now we talked a little bit about vlan trunks earlier but let's just
trunks earlier but let's just hit upon let's just hit upon vlan trunks
hit upon let's just hit upon vlan trunks a little bit more so we can understand
a little bit more so we can understand it now again i want to remind you that
it now again i want to remind you that there is another video that is dedicated
there is another video that is dedicated solely to vlan trunks
solely to vlan trunks but let's just get a basic understanding
but let's just get a basic understanding here
here vlan trunks are used to carry data from
vlan trunks are used to carry data from multiple vlans which you already know
multiple vlans which you already know now there are two methods two protocols
now there are two methods two protocols that can be used
that can be used to build these trunks and the first is
to build these trunks and the first is inner switch link or isl
inner switch link or isl and that's a cisco proprietary protocol
and that's a cisco proprietary protocol that is used to preserve the source vlan
that is used to preserve the source vlan identification information
identification information for frames that traverse trunk links
for frames that traverse trunk links and then
and then there is i would say the more popular
there is i would say the more popular 802.1 q
802.1 q which is an open standard
which is an open standard and then it performs a little bit
and then it performs a little bit differently than the cisco proprietary
differently than the cisco proprietary protocol
protocol now the reason
now the reason 802.1q is so popular is you probably
802.1q is so popular is you probably understand that for obvious reasons
understand that for obvious reasons that if you want to trunk between
that if you want to trunk between two devices like one is cisco and one is
two devices like one is cisco and one is non-cisco
non-cisco you're able to do that
you're able to do that so
so this standard works very effectively and
this standard works very effectively and 802.1q is very popular but you will
802.1q is very popular but you will definitely be asked about isl and you
definitely be asked about isl and you will definitely be asked about the
will definitely be asked about the differences between isl and 802.1q
now so you've received a lot of information
so you've received a lot of information right now so let's go ahead and kind of
right now so let's go ahead and kind of draw out some of these concepts that
draw out some of these concepts that we've been talking about
we've been talking about so
so when we think of vlans we think first of
when we think of vlans we think first of we need to connect
we need to connect endpoints need to connect on a local
endpoints need to connect on a local area network so
area network so here we have
here we have four endpoints
and we have one switch and each of these endpoints
and each of these endpoints need to communicate and not all of them
need to communicate and not all of them need to communicate with with each other
need to communicate with with each other so let's say we have two workstations
so let's say we have two workstations and two servers
and two servers and we're gonna put this one workstation
and we're gonna put this one workstation in vlan 10 and this other workstation in
in vlan 10 and this other workstation in vlan 10
vlan 10 and then these two servers in vlan 2.
and then these two servers in vlan 2. these two servers are segmented on their
these two servers are segmented on their own vlan and as are the workstations
own vlan and as are the workstations they cannot communicate between each
they cannot communicate between each other
other between vlan 2 and 10
between vlan 2 and 10 but anything on vlan 10 can communicate
but anything on vlan 10 can communicate with vlan 10. now here's another
with vlan 10. now here's another dedicated vlan we'll say vlan 3 to a
dedicated vlan we'll say vlan 3 to a dedicated device
dedicated device now
now and here is a router so for any of these
and here is a router so for any of these vlans to communicate with one another
vlans to communicate with one another they need to pass through a layer 3
they need to pass through a layer 3 device so this this workstation that
device so this this workstation that from vlan 10 if it wants to communicate
from vlan 10 if it wants to communicate over to a server it needs to be routed
over to a server it needs to be routed and go through the router and passed
and go through the router and passed over to vlan 2.
over to vlan 2. um let's say you want to keep vlan 3
um let's say you want to keep vlan 3 devices
devices not accessible from the network you can
not accessible from the network you can prevent that
prevent that so here we have other devices on vlan 3
so here we have other devices on vlan 3 and we will say let's say this is a
and we will say let's say this is a back-end connection between two servers
back-end connection between two servers that we have no need to route it vlan 3
that we have no need to route it vlan 3 can be segmented from the entire network
can be segmented from the entire network nobody can reach it so there's some
nobody can reach it so there's some security built into vlans as well
security built into vlans as well now vlans can extend
now vlans can extend obviously over to other hardware
obviously over to other hardware platforms so this router is connected to
platforms so this router is connected to another switch
another switch and on this switch let's say that's in a
and on this switch let's say that's in a different building we have another
different building we have another device on vlan 2
device on vlan 2 another device
another device another endpoint
another endpoint on an access port to vlan 10
on an access port to vlan 10 and if they want to communicate over to
and if they want to communicate over to the other building let's say vlan 2 or
the other building let's say vlan 2 or vlan 10 they simply go over this trunk
vlan 10 they simply go over this trunk port you know that term
port you know that term goes over the trunk port and can
goes over the trunk port and can communicate over to
communicate over to the other sites
the other sites configuring a vlan is rather
configuring a vlan is rather straightforward
straightforward you simply go into configuration mode
you simply go into configuration mode and type in vlan
and type in vlan and for the sake of this example we're
and for the sake of this example we're assigning it number 10
assigning it number 10 and then normally you would name the
and then normally you would name the vlan so anybody logging in would
vlan so anybody logging in would understand what that vlan what the
understand what that vlan what the purpose of the vlan actually is so the
purpose of the vlan actually is so the purpose of this vlan is actually to host
purpose of this vlan is actually to host servers
servers um you can name it obviously anything
um you can name it obviously anything you want but in this case we'll just say
you want but in this case we'll just say servers and then you have the vlan build
servers and then you have the vlan build but you still need to assign ports to
but you still need to assign ports to that vlan
that vlan so you assign a port to a vlan by
so you assign a port to a vlan by actually going into interface
actually going into interface configuration mode and in this example
configuration mode and in this example it's fast ethernet 0 two
it's fast ethernet 0 two and then you need to make the ethernet
and then you need to make the ethernet port in access port now remember those
port in access port now remember those two port types that we're concerned
two port types that we're concerned about
about accessport and trunk port we're making
accessport and trunk port we're making this an access port
this an access port and then you enter in the command switch
and then you enter in the command switch port access vlan in the vlan you want it
port access vlan in the vlan you want it to participate in and let's say on fast
to participate in and let's say on fast ethernet 02 we have a server we're
ethernet 02 we have a server we're connecting so we're going to assign it
connecting so we're going to assign it to vlan 10
to vlan 10 and that is it that is it
and that is it that is it next let's learn about the unique
next let's learn about the unique attributes of voice vlans
a cisco ip phone provides a data connection for a user's
provides a data connection for a user's personal computer
personal computer in addition to voice data coming from
in addition to voice data coming from itself
itself so this allows one single ethernet
so this allows one single ethernet connection to be installed per user and
connection to be installed per user and makes maximum use of your ports
makes maximum use of your ports even though several different types of
even though several different types of data can pass over that port
data can pass over that port the voice and user pc ports always
the voice and user pc ports always function as access mode switch ports
function as access mode switch ports but the port that connects to the switch
but the port that connects to the switch that can operate as an 802.1q trunk
that can operate as an 802.1q trunk or it can operate as an access port
or it can operate as an access port now when bringing up a trunk between an
now when bringing up a trunk between an ip phone and a switch
ip phone and a switch this is normally negotiated
this is normally negotiated but you can specify that the ports at
but you can specify that the ports at both ends are brought up as an 802.1q
both ends are brought up as an 802.1q trunk
trunk now you could bring the switch port up
now you could bring the switch port up as an access port
as an access port but that would not allow you to segment
but that would not allow you to segment voice and data appropriately
voice and data appropriately the trunk allows you to segment voice
the trunk allows you to segment voice and data on separate vlans
and data on separate vlans and this would allow you to easily
and this would allow you to easily provide quality of service capabilities
provide quality of service capabilities to the voice traffic since it's already
to the voice traffic since it's already segmented
segmented to configure the iphone uplink you just
to configure the iphone uplink you just need to configure the switch port
need to configure the switch port where the phone connects
where the phone connects the switch then instructs the phone
the switch then instructs the phone to follow the mode that is selected
to follow the mode that is selected if an 802.1q trunk is needed the trunk
if an 802.1q trunk is needed the trunk is automatically negotiated by dtp and
is automatically negotiated by dtp and cdp
cdp so here's what you've learned you've
so here's what you've learned you've learned about vlans
learned about vlans and specifically what makes voice vlans
and specifically what makes voice vlans unique
unique and all of this information not only
and all of this information not only will help you with passing your ccda
will help you with passing your ccda exam
exam it will help you
it will help you design your networks moving forward
design your networks moving forward good luck in your studies
hi this is david voss ccie 11372 and in this video you're going to learn
and in this video you're going to learn basic layer 3 technologies
basic layer 3 technologies specifically you're going to learn the
specifically you're going to learn the basics of
basics of ipv4 and v6 addressing
ipv4 and v6 addressing and routing
and routing so let's go ahead and begin
so let's go ahead and begin network addresses are logical addresses
network addresses are logical addresses assigned when a device is placed in the
assigned when a device is placed in the network and change when the device is
network and change when the device is moved
moved network layer addresses have a
network layer addresses have a hierarchical structure
hierarchical structure comprised of two parts
comprised of two parts the network address and the host address
the network address and the host address logical addresses can be assigned
logical addresses can be assigned manually by the administrator or
manually by the administrator or dynamically via a dedicated protocol
dynamically via a dedicated protocol such as dhcp or dynamic host
such as dhcp or dynamic host configuration protocol
configuration protocol using a server on the network
using a server on the network all the devices in a network have the
all the devices in a network have the same network portion of the address
same network portion of the address but different host identifiers
routers analyze the network portion of ip addresses and compare them with
ip addresses and compare them with entries from its routing table
entries from its routing table if a match is found the packet is sent
if a match is found the packet is sent to the appropriate interface
ipv4 addresses are 32-bit numbers represented as strings of zeros and ones
represented as strings of zeros and ones for a more intuitive representation of
for a more intuitive representation of ipv4 addresses
ipv4 addresses the 32 bits can be divided into four
the 32 bits can be divided into four octet groupings separated by dots which
octet groupings separated by dots which is called dotted decibel notation
is called dotted decibel notation the octets can be converted into decimal
the octets can be converted into decimal numbers
numbers for example considering the following
for example considering the following for example consider the following
for example consider the following 32-bit string
32-bit string if you were to divide it into four
if you were to divide it into four octets it results in the following
octets it results in the following binary representation
binary representation this translates into an easy to read
this translates into an easy to read decimal representation of 192 168
decimal representation of 192 168 128.169
ipv4 addresses are categorized into five classes a b and c are used for
classes a b and c are used for addressing devices
addressing devices d is for multicast groups
d is for multicast groups and e is reserved for experimental use
and e is reserved for experimental use the first bits of the address define
the first bits of the address define which class it belongs to as illustrated
which class it belongs to as illustrated in this chart
in this chart knowing the class of an ipv4 address
knowing the class of an ipv4 address helps to determine which part of the
helps to determine which part of the address represents the network
address represents the network and which part represents the host bits
and which part represents the host bits ipv4 addresses can be classified into
ipv4 addresses can be classified into the following categories
the following categories there are public addresses which are
there are public addresses which are used for external communication
used for external communication private addresses which are reserved and
private addresses which are reserved and used only internally within a company
used only internally within a company the private address ranges are defined
the private address ranges are defined by rfc 1918
by rfc 1918 and include the following ranges
so far we've been talking about classful networks
networks class less addressing allows class a b
class less addressing allows class a b and c addresses to be divided into even
and c addresses to be divided into even smaller networks called subnets
smaller networks called subnets this results in a larger number of
this results in a larger number of possible networks
possible networks each with fewer host addresses
each with fewer host addresses the subnets are created by borrowing
the subnets are created by borrowing bits from the host portion and using
bits from the host portion and using them as subnet bits
them as subnet bits an important aspect of ipv4 addressing
an important aspect of ipv4 addressing is separating the network and the host
is separating the network and the host part of the addressing string
part of the addressing string this is accomplished by using a subnet
this is accomplished by using a subnet mask
mask also represented by a 32-bit number
also represented by a 32-bit number the subnet mask starts with the
the subnet mask starts with the continuous strings of bits
continuous strings of bits with the value of 1 and ends with a
with the value of 1 and ends with a string of zeros
string of zeros the number of bits with the value of 1
the number of bits with the value of 1 represents the number of bits in the ip
represents the number of bits in the ip address that must be considered in order
address that must be considered in order to calculate the network address
to calculate the network address a subnet mask
a subnet mask bit of 0 indicates that the
bit of 0 indicates that the corresponding bit in the ipv4 address is
corresponding bit in the ipv4 address is a host bit
a host bit using the same example
using the same example that we've used earlier and then add a
255.255.255.0 mask results in the following situation
results in the following situation with a string of 24 bits of one in the
with a string of 24 bits of one in the subnet mask
subnet mask we're going to consider only the first
we're going to consider only the first 24 bits in the ip address as the network
24 bits in the ip address as the network portion
portion this results in the network address of
this results in the network address of 192 168
192 168 128.0
128.0 with a subnet mask of 255-255-255-0
the last eight bits in the ip address are called the host portion of the ip
are called the host portion of the ip address and can be assigned to network
address and can be assigned to network devices so let's ask the basic question
devices so let's ask the basic question why even upgrade to ipv6 other than the
why even upgrade to ipv6 other than the fact that you simply get more ip
fact that you simply get more ip addresses
addresses well there's a lot of reasons why you
well there's a lot of reasons why you would want to upgrade to ipv6
would want to upgrade to ipv6 and here are a few of them spelled out
and here are a few of them spelled out for you but please note you no longer
for you but please note you no longer need nat or pat it has inherent ipsec
need nat or pat it has inherent ipsec support these are key and critical
support these are key and critical updates now once you've committed to
updates now once you've committed to using ipv6 you need to understand
using ipv6 you need to understand how these different ip addresses are
how these different ip addresses are labeled there's a global unicast address
labeled there's a global unicast address these are unicast packets sent through
these are unicast packets sent through the public internet with public ipa
the public internet with public ipa addresses unique local which are unicast
addresses unique local which are unicast packets inside one organization which is
packets inside one organization which is basically equal to your private ipa
basically equal to your private ipa addressing
addressing link local which are packets sent to a
link local which are packets sent to a local subnet and are not rotter audible
local subnet and are not rotter audible across networks
and and then finally take note of the loopback address which you know from
loopback address which you know from ipv4 is 127.001
ipv4 is 127.001 ipv6 also has a loopback addressing as
ipv6 also has a loopback addressing as well
well an ipv6 address has 128 bits
an ipv6 address has 128 bits broken out into 32 hexadecimal numbers
broken out into 32 hexadecimal numbers organized into eight quartets
organized into eight quartets so here is the hexadecimal numbering
so here is the hexadecimal numbering system
system which i'm sure we won't need much of a
which i'm sure we won't need much of a refresher on but we do need to use it to
refresher on but we do need to use it to understand ipv6
understand ipv6 and here is an ipv6 ip address and as
and here is an ipv6 ip address and as you can see it looks quite long mainly
you can see it looks quite long mainly because we're used to looking at ipv4
because we're used to looking at ipv4 addresses so
addresses so this ups the game a little bit and we
this ups the game a little bit and we may begin to wonder how we're going to
may begin to wonder how we're going to support this on our network or document
support this on our network or document this and we get concerned about managing
this and we get concerned about managing a network of addressing this long well
a network of addressing this long well there are built-in mechanisms within ib
there are built-in mechanisms within ib version 6 to help us manage it and we're
version 6 to help us manage it and we're going to cover that
going to cover that there's ways you can summarize ipv6
there's ways you can summarize ipv6 addresses to make it more manageable not
addresses to make it more manageable not only to read but to understand and
only to read but to understand and explain to other people
explain to other people so you can shorten ipv6 by omit by
so you can shorten ipv6 by omit by omitting the leading zeros in any given
omitting the leading zeros in any given quartet or you can represent one or more
quartet or you can represent one or more consecutive quartets
consecutive quartets with a double colon
with a double colon so here you see an ipv version six
so here you see an ipv version six address with many zeros in it here's how
address with many zeros in it here's how we can summarize it
we can summarize it on the left hand side you can see that
on the left hand side you can see that we used a double colon to represent the
we used a double colon to represent the first
first the second and third quartet
the second and third quartet and then we summarize the remaining
and then we summarize the remaining quartets of zeros and in the second
quartets of zeros and in the second example we did the opposite
example we did the opposite we summarized the first two quartets
we summarized the first two quartets with zeros and then used a double colon
with zeros and then used a double colon for the end you can only use the double
for the end you can only use the double colon once in an ipv version six ipa
colon once in an ipv version six ipa address
address so here we see an ipv6 ip address and
so here we see an ipv6 ip address and this is the subnet it's this remember
this is the subnet it's this remember it's a slash 64. so we're matching the
it's a slash 64. so we're matching the first 64 bits as you see here
first 64 bits as you see here and this also can be summarized you
and this also can be summarized you don't need to write out all these zeros
don't need to write out all these zeros so to explain what the subnet is to
so to explain what the subnet is to somebody you can simply write it out
somebody you can simply write it out this way
this way so ipv6 is manageable it gives you tools
so ipv6 is manageable it gives you tools to manage it
to manage it so whether you're reviewing
so whether you're reviewing documentation or holding a general
documentation or holding a general discussion about your network or simply
discussion about your network or simply logging into a cisco rudder to take a
logging into a cisco rudder to take a look at what's going on
look at what's going on understanding abbreviation is key to
understanding abbreviation is key to ipv6
ipv6 here are some other ways we can
here are some other ways we can understand ipv6 addressing
understand ipv6 addressing in our first example you'll see that
in our first example you'll see that it's two zero zero zero and then a
it's two zero zero zero and then a double colon slash four
double colon slash four the slash four would match the first
the slash four would match the first four bits and hex that would be zero
four bits and hex that would be zero zero one zero
zero one zero so all addresses whose first four bits
so all addresses whose first four bits are equal to the first four bits of the
are equal to the first four bits of the hex number
hex number two zero zero zero
two zero zero zero in the second second example we're
in the second second example we're matching all addresses whose first 20
matching all addresses whose first 20 bits match the listed hex number and you
bits match the listed hex number and you can see in red
can see in red what
what match that would be
match that would be and then the final example all addresses
and then the final example all addresses whose first 32 bits match the listed hex
whose first 32 bits match the listed hex number
here's another ipv6 address how do we break it out into subnets well here you
break it out into subnets well here you have it
have it we're honoring the first 48 bits of this
we're honoring the first 48 bits of this range and then we are breaking this out
range and then we are breaking this out into smaller subnets as you can see here
each subnet matching the first 112 bits now that you've learned about ipv4 and
now that you've learned about ipv4 and v6 let's learn about ip routing
v6 let's learn about ip routing every machine in a particular lan will
every machine in a particular lan will have the same network address and subnet
have the same network address and subnet mask
mask however the host portion of the ip
however the host portion of the ip address will be different
the process of choosing the best path is called routing
called routing although routers are the most popular
although routers are the most popular devices that make routing decisions
devices that make routing decisions other network devices can have routing
other network devices can have routing functionality
functionality such as layer 3 switches or security
such as layer 3 switches or security appliances
appliances a router is responsible for sending the
a router is responsible for sending the packet the correct way
packet the correct way no matter what is happening above the
no matter what is happening above the network layer
network layer routers look at the packet's destination
routers look at the packet's destination address to determine where the packet is
address to determine where the packet is going
going so they can select the best route to get
so they can select the best route to get the packet there
the packet there in order to calculate the best path
in order to calculate the best path routers must know what interface should
routers must know what interface should be used in order to reach the packet's
be used in order to reach the packet's destination network
destination network routers learn about networks by either
routers learn about networks by either being connected to them physically
being connected to them physically or by having a network administrator
or by having a network administrator program the routes
program the routes or by learning them dynamically from
or by learning them dynamically from other routers using routing protocols
other routers using routing protocols routers keep the best path to
routers keep the best path to destinations learned via direct
destinations learned via direct connections
connections static routing or dynamic routing in the
static routing or dynamic routing in the internal data structures called routing
internal data structures called routing tables
tables a routing table consists of networks the
a routing table consists of networks the router has learned about and information
router has learned about and information about how to reach them
about how to reach them as mentioned before dynamic routing is
as mentioned before dynamic routing is the process by which a router exchanges
the process by which a router exchanges routing information and learns about
routing information and learns about remote networks from other routers
remote networks from other routers different routing protocols can
different routing protocols can accomplish this task
accomplish this task including the following
including the following rip
rip eigrp
eigrp ospf
ospf isis and bgp
isis and bgp the most important information a routing
the most important information a routing table contains includes the following
table contains includes the following items
items how the route was learned
how the route was learned the address of the neighbor router from
the address of the neighbor router from which the network was learned
which the network was learned the interface through which the network
the interface through which the network can be reached
can be reached and the route metric which is a
and the route metric which is a measurement that gives routers
measurement that gives routers information about how far or how
information about how far or how preferred a network is
so here's what you've learned you've learned about ipv4 and ipv6
you've learned about ipv4 and ipv6 addressing
addressing but you've also learned about how ip
but you've also learned about how ip routing basically works which is a good
routing basically works which is a good foundation as you move forward in your
foundation as you move forward in your ccda studies good luck in your studies
ccda studies good luck in your studies thank you
hi this is david voss ccie11372 and in this video we're going to cover
and in this video we're going to cover network design principles
network design principles specifically in this video you're going
specifically in this video you're going to learn about the design of a cisco
to learn about the design of a cisco ecosystem
ecosystem then we're going to talk about the
then we're going to talk about the modern organization
modern organization specifically organizational i.t
specifically organizational i.t architecture
architecture and the policy cycle
and the policy cycle and then finally we will talk about
and then finally we will talk about infrastructure design considerations and
infrastructure design considerations and by the end of this video you will be
by the end of this video you will be well versed in all five areas
well versed in all five areas when building a network choosing the
when building a network choosing the network hardware and software components
network hardware and software components must be performed with consideration for
must be performed with consideration for design planning deployment and support
design planning deployment and support all phases have design principles that
all phases have design principles that must be taken into account
must be taken into account and which will be covered in this video
and which will be covered in this video today's modern organizational models
today's modern organizational models try to leverage internet working power
try to leverage internet working power and the benefits of the global internet
and the benefits of the global internet the modern approach is different in many
the modern approach is different in many ways from the traditional organizational
ways from the traditional organizational model that was based on an isolated
model that was based on an isolated network design
network design traditional companies have closed
traditional companies have closed structure and a limited ability to
structure and a limited ability to integrate with other organizations and
integrate with other organizations and other companies from an i.t standpoint
other companies from an i.t standpoint which results in limited access to
which results in limited access to information
information these companies are difficult to both
these companies are difficult to both partner and interact with
partner and interact with because most of the processes and
because most of the processes and applications aren't done internally
applications aren't done internally therefore companies that adopt this
therefore companies that adopt this model
model are unable to adapt and take advantage
are unable to adapt and take advantage of new technologies
of new technologies let me give you an example
let me give you an example if i roll out a network
if i roll out a network with private leased lines
with private leased lines over a specific provider
over a specific provider using non-standard hardware such as hp
using non-standard hardware such as hp juniper and cisco
juniper and cisco and maybe dell
and maybe dell and then protocol a variety of protocols
and then protocol a variety of protocols such as ospf and isis
such as ospf and isis when it comes time to merge with a
when it comes time to merge with a company or connect with a company i'm
company or connect with a company i'm not ready to do that unless they happen
not ready to do that unless they happen to support the same technologies
to support the same technologies in the same areas or the locations
in the same areas or the locations as you can see how are we supposed to
as you can see how are we supposed to connect with this new strategic partner
connect with this new strategic partner using our existing infrastructure
using our existing infrastructure with the wide array of technology
with the wide array of technology platforms and private lines is very
platforms and private lines is very difficult
difficult this is the old way of doing things
this is the old way of doing things these disadvantages create the need for
these disadvantages create the need for a new modern networking organizational
a new modern networking organizational model based on a network design that
model based on a network design that allows partnership in collaboration with
allows partnership in collaboration with other entities
other entities it also provides a more focused
it also provides a more focused expertise over the products and services
expertise over the products and services vital to a company's business model the
vital to a company's business model the reality is is that it's much easier for
reality is is that it's much easier for companies running simply just cisco with
companies running simply just cisco with let's say ospf and bgp
let's say ospf and bgp and who are already leveraging internet
and who are already leveraging internet based technologies
based technologies to communicate with one another
to communicate with one another because the infrastructure that is
because the infrastructure that is needed is already in place
needed is already in place as you can see here because this company
as you can see here because this company leverages internet technologies and
leverages internet technologies and standard platforms and protocols
standard platforms and protocols it's very easy to integrate with
it's very easy to integrate with external entities whether it's a
external entities whether it's a strategic partner or a customer
strategic partner or a customer anybody you need to communicate with or
anybody you need to communicate with or create private connections to
create private connections to this can easily be done with the
this can easily be done with the leveraging of internet technologies and
leveraging of internet technologies and standard platforms which can be
standard platforms which can be implemented with a strong policy
implemented with a strong policy governance which we'll talk about very
governance which we'll talk about very shortly
shortly the design of an ecosystem
the design of an ecosystem must include a scalable and flexible
must include a scalable and flexible network infrastructure
network infrastructure that will be able to leverage enterprise
that will be able to leverage enterprise networking and the internet
networking and the internet creating an environment that is highly
creating an environment that is highly accessible and collaborative and that
accessible and collaborative and that can break geographical boundaries and
can break geographical boundaries and will promote an efficient integration of
will promote an efficient integration of all stakeholders
all stakeholders the modern organizational model includes
the modern organizational model includes the following four entities
the following four entities employees
employees who consume hr information data about
who consume hr information data about such things as benefits and job openings
such things as benefits and job openings stock reports schedules or even expense
stock reports schedules or even expense reporting
reporting these all depend on the corporate
these all depend on the corporate intranet
intranet this intranet provides instant access to
this intranet provides instant access to all the most recent information and
all the most recent information and services and application updates used by
services and application updates used by the employees
the employees the customer related aspects of a
the customer related aspects of a company are online support technical
company are online support technical support or providing different types of
support or providing different types of customer services
customer services depending on the situation customers
depending on the situation customers might need to access some of the
might need to access some of the company's resources for example opening
company's resources for example opening a support ticket
a support ticket the vendors and suppliers are involved
the vendors and suppliers are involved in the process of ordering billing and
in the process of ordering billing and delivery of the products the company
delivery of the products the company uses
uses these processes can be very time and
these processes can be very time and labor intensive so organizations can
labor intensive so organizations can leverage their existing internet works
leverage their existing internet works to create links to their suppliers and
to create links to their suppliers and vendors which lowers costs per
vendors which lowers costs per transaction
transaction strategic partners work to create
strategic partners work to create strategic relationships in order to
strategic relationships in order to leverage resources
leverage resources and services to complete in-house
and services to complete in-house expertise and skills
expertise and skills this modern organizational model applies
this modern organizational model applies to small medium and large companies
to small medium and large companies designs that support this model are
designs that support this model are built around a modular architecture that
built around a modular architecture that uses technology consistent with the
uses technology consistent with the needs of the organization
needs of the organization and allows companies to have a network
and allows companies to have a network infrastructure
infrastructure that is better suited for scalable
that is better suited for scalable applications
applications now when discussing the architectural
now when discussing the architectural components of the network
components of the network the architecture that cisco recommends
the architecture that cisco recommends is divided into multiple layers which
is divided into multiple layers which make the processes in the organization
make the processes in the organization easier to expand
easier to expand implement and scale
implement and scale so let's go ahead and cover those now
so let's go ahead and cover those now applications and services comprise the
applications and services comprise the top layer and include organizational
top layer and include organizational goals
goals applications and services offer a
applications and services offer a concrete set of functions that can be
concrete set of functions that can be accessed by the network
accessed by the network but only by authorized users
but only by authorized users this layer also includes productivity
this layer also includes productivity tools
tools such as word processing databases and
such as word processing databases and email
email the next layer is intelligent solutions
the next layer is intelligent solutions and then there is structured data in
and then there is structured data in business logic
business logic these comprise this middle layer these
these comprise this middle layer these elements make the modern network much
elements make the modern network much more intelligent
more intelligent and help support applications and
and help support applications and services in an efficient manner
services in an efficient manner this level includes such functions as
this level includes such functions as messaging
messaging such as chat
such as chat voip or video conferencing
voip or video conferencing database structures
database structures and other content networking solutions
and other content networking solutions the bottom layer is the foundation of
the bottom layer is the foundation of the organizational architecture the
the organizational architecture the network infrastructure
network infrastructure this is composed of the network platform
this is composed of the network platform the connections that work together to
the connections that work together to provide a highly available secure and
provide a highly available secure and scalable network
scalable network all of these layers are combined
all of these layers are combined to offer a foundation for all
to offer a foundation for all organizational policies goals and
organizational policies goals and procedures
procedures that are put in place by management
that are put in place by management and then handed down to the other
and then handed down to the other departments in the company to support
departments in the company to support the overall goals and mission of the
the overall goals and mission of the organization
organization before designing a network an important
before designing a network an important aspect must be considered
aspect must be considered all organizations have policies at one
all organizations have policies at one level or another
level or another even if the procedures are not written
even if the procedures are not written well
well there is some kind of understanding at
there is some kind of understanding at the management level about the goals of
the management level about the goals of the organization
the organization organizational policy and procedures are
organizational policy and procedures are generally a collection of very specific
generally a collection of very specific guidelines and rules which are in
guidelines and rules which are in written form
written form for all to understand and implement and
for all to understand and implement and maintain at every level of the
maintain at every level of the organization
organization in order to reach the well-defined
in order to reach the well-defined business goals
business goals the organizational policy cycle contains
the organizational policy cycle contains the following three components or steps
the following three components or steps first set the policy
first set the policy next enforce the policy
next enforce the policy and then the final step is to maintain
and then the final step is to maintain and or adapt the policy as needed
and or adapt the policy as needed now the policy makers include the
now the policy makers include the following from top to bottom
following from top to bottom you have your board of directors and
you have your board of directors and other executives
other executives departmental management
departmental management employees
employees these can be subject matter experts who
these can be subject matter experts who can be relied upon to formulate
can be relied upon to formulate procedures
procedures external consultants and strategic
external consultants and strategic partners can also provide
partners can also provide outside input to set policy within an
outside input to set policy within an organization
organization now a flexible network infrastructure
now a flexible network infrastructure helps the organization and its customer
helps the organization and its customer meets the needs policies and procedures
meets the needs policies and procedures to help facilitate these information
to help facilitate these information flows
flows and designing that network
and designing that network infrastructure involves considering the
infrastructure involves considering the following essential features recommended
following essential features recommended by cisco
by cisco first availability
first availability critical business applications must have
critical business applications must have access to network resources
access to network resources on a 24x7 basis
on a 24x7 basis all components of the network
all components of the network infrastructure should be redundant and
infrastructure should be redundant and resilient
resilient efficiency
efficiency the best equipment and software that is
the best equipment and software that is tuned for optimal results should be
tuned for optimal results should be provided
provided obviously this should be accomplished
obviously this should be accomplished with reasonable costs in investment
with reasonable costs in investment functionality the network infrastructure
functionality the network infrastructure must support the business applications
must support the business applications and services regardless of what is being
and services regardless of what is being rolled out today or tomorrow
rolled out today or tomorrow manageability using management tools
manageability using management tools such as cisco works
such as cisco works should include technology
should include technology that improves the control of the network
that improves the control of the network such as snmp
such as snmp performance
performance obviously important applications need to
obviously important applications need to get the bandwidth they need in order to
get the bandwidth they need in order to operate correctly
operate correctly and the latency on the network needs to
and the latency on the network needs to be within an acceptable range
be within an acceptable range and finally scalability
and finally scalability this includes the ability to grow and
this includes the ability to grow and expand depending on the organizational
expand depending on the organizational goals of today
goals of today and tomorrow
and tomorrow so take three quick challenges for me
so take three quick challenges for me and pause the video when i say so
and pause the video when i say so on a piece of paper
on a piece of paper write down the four primary entities of
write down the four primary entities of the modern organizational model
the modern organizational model go ahead and pause the video and write
go ahead and pause the video and write those down now
the four entities of the modern organizational model are employees
organizational model are employees customers
customers vendors and suppliers and partners
next on a piece of paper draw out the
on a piece of paper draw out the organizational architecture of the
organizational architecture of the network that cisco recommends
network that cisco recommends go ahead and do that now
as you will see here on the top layer there's applications and services
there's applications and services on the middle layer there is
on the middle layer there is intelligence solutions
intelligence solutions and then structured data in business
and then structured data in business logic
logic and on the bottom layer there is the
and on the bottom layer there is the network infrastructure
network infrastructure finally see if you can list at least
finally see if you can list at least four of the essential features
four of the essential features recommended by cisco
recommended by cisco when considering a network design
when considering a network design at least four essential features to be
at least four essential features to be considered
considered go ahead and pause the video
let's see how you did there's availability
availability efficiency
efficiency functionality
functionality manageability
manageability performance
performance and scalability
and scalability so here's what you've learned you've
so here's what you've learned you've learned the design of an
learned the design of an ecosystem you've learned about the
ecosystem you've learned about the modern organization
modern organization and organizational i.t architecture
and organizational i.t architecture as well as the organizational policy
as well as the organizational policy cycle
cycle which can and does play a role in
which can and does play a role in infrastructure design considerations all
infrastructure design considerations all of this you will need to know for your
of this you will need to know for your ccda exam and i'm confident if you've
ccda exam and i'm confident if you've mastered the material in this video
mastered the material in this video you're going to do very well in this
you're going to do very well in this area
area thank you and good luck in your studies
and in this video you are going to learn about cisco's intelligent information
about cisco's intelligent information network
network and service oriented network
and service oriented network architecture
architecture we are going to cover these two topics
we are going to cover these two topics in detail
in detail so that you are fully prepared to handle
so that you are fully prepared to handle these topics when they come up on your
these topics when they come up on your ccda exam
ccda exam first let's begin with cisco intelligent
first let's begin with cisco intelligent information network
information network iin represents a multi-phased
iin represents a multi-phased architecture that injects intelligence
architecture that injects intelligence into a network infrastructure
into a network infrastructure its single integrated system provides
its single integrated system provides intelligence across multiple layers as
intelligence across multiple layers as you see here
you see here and aligns the network infrastructure
and aligns the network infrastructure with the rest of the it infrastructure
with the rest of the it infrastructure integrating the network
integrating the network with applications software servers and
with applications software servers and services
services in other words the network becomes an
in other words the network becomes an active participant in the total delivery
active participant in the total delivery of applications and services
of applications and services cisco sees this as an evolving
cisco sees this as an evolving environment or what they would call an
environment or what they would call an ecosystem
ecosystem that responds to constantly changing
that responds to constantly changing business requirements
business requirements the intelligent information network
the intelligent information network is a cisco ideal
is a cisco ideal where network and application services
where network and application services are integrated
are integrated allowing for cost savings and improved
allowing for cost savings and improved user productivity
user productivity it allows the network to be used as a
it allows the network to be used as a strategic asset
strategic asset and provides capabilities which include
and provides capabilities which include some of the following such as cdp which
some of the following such as cdp which is a simple broadcast protocol that
is a simple broadcast protocol that network devices use to advertise their
network devices use to advertise their presence it operates in the background
presence it operates in the background and facilitates communication between
and facilitates communication between for example a cisco unified iphone
for example a cisco unified iphone plugged into a network and the network
plugged into a network and the network switch itself
switch itself qos
qos cisco provides an end-to-end solution
cisco provides an end-to-end solution with qos to ensure that packets are
with qos to ensure that packets are serviced the way they need to be as
serviced the way they need to be as traffic flows through the access layer
traffic flows through the access layer for example priority queueing and buffer
for example priority queueing and buffer management ensure that real-time traffic
management ensure that real-time traffic is prioritized over less
is prioritized over less time critical data
time critical data next is vlans with vlans
next is vlans with vlans the lan infrastructure can distinguish
the lan infrastructure can distinguish between a phone for example from a pc
between a phone for example from a pc using vlan tagging wireless
using vlan tagging wireless cisco wireless access points allow cisco
cisco wireless access points allow cisco wireless users to roam a campus without
wireless users to roam a campus without losing connectivity if a user roams to a
losing connectivity if a user roams to a different site the system will discover
different site the system will discover the new physical location of that user
the new physical location of that user power over ethernet
power over ethernet this eliminates the need for local power
this eliminates the need for local power connections to every phone
connections to every phone and finally gigabit ethernet which
and finally gigabit ethernet which allows voice video and data to take
allows voice video and data to take advantage of high bandwidth speeds on
advantage of high bandwidth speeds on the lan infrastructure
the lan infrastructure as you saw before the iin is broken up
as you saw before the iin is broken up into three individual phases phase one
into three individual phases phase one of the iin is the integrated systems
of the iin is the integrated systems phase
phase this phase involves the convergence of
this phase involves the convergence of voice data and video
voice data and video into a single transport network or
into a single transport network or across a system of networks
across a system of networks this phase is facilitated by platforms
this phase is facilitated by platforms such as cisco isr routers
such as cisco isr routers phase 2 of the iin is the integrated
phase 2 of the iin is the integrated services phase
services phase this phase merges common elements such
this phase merges common elements such as storage and data center server
as storage and data center server capacity
capacity additionally virtualization technologies
additionally virtualization technologies allow for the integration of servers
allow for the integration of servers storage and network devices
storage and network devices and finally phase three of the iin is
and finally phase three of the iin is the integrated applications phase
the integrated applications phase this phase is the ultimate goal of the
this phase is the ultimate goal of the iin in that it allows the network to
iin in that it allows the network to become application aware
become application aware cisco refers to this as aon application
cisco refers to this as aon application oriented networking
oriented networking now
now iin
iin should not be mentioned without
should not be mentioned without discussing cisco sona or cisco service
discussing cisco sona or cisco service oriented network architecture
oriented network architecture this framework applies iin within the
this framework applies iin within the enterprise network
enterprise network sona divides the iin and ideal into the
sona divides the iin and ideal into the following three different layers
following three different layers the network infrastructure layer
the network infrastructure layer also referred to as the physical
also referred to as the physical infrastructure layer
infrastructure layer facilitates the transport of services
facilitates the transport of services across the network
across the network it refers to a hierarchical converged
it refers to a hierarchical converged network that includes servers storage
network that includes servers storage and clients
and clients this is where the server storage and
this is where the server storage and clients are located and includes
clients are located and includes different modular design areas
different modular design areas such as the wan or enterprise edge
such as the wan or enterprise edge branch campus data center or teleworker
branch campus data center or teleworker the interactive services layer also
the interactive services layer also referred to as the core common services
referred to as the core common services layer
layer optimizes the communication between
optimizes the communication between applications and services
applications and services using intelligent network functions such
using intelligent network functions such as security
as security identity voice virtualization and qos
identity voice virtualization and qos the application layer
the application layer contains the business and collaboration
contains the business and collaboration applications
applications used by end users
used by end users these applications include commercial
these applications include commercial and internally developed applications
and internally developed applications such as software as a service
such as software as a service and composite applications within the
and composite applications within the service oriented architecture
service oriented architecture the sauna network is built from the
the sauna network is built from the ground up with redundancy and resiliency
ground up with redundancy and resiliency to prevent network downtime
to prevent network downtime the goal of sona is to provide high
the goal of sona is to provide high performance
performance fast response times and throughput by
fast response times and throughput by assuring quality of service on an
assuring quality of service on an application by application basis
application by application basis the sauna network is configured in order
the sauna network is configured in order to maximize the throughput of all
to maximize the throughput of all critical applications such as voice and
critical applications such as voice and video
video sona also provides built-in
sona also provides built-in manageability configuration management
manageability configuration management performance monitoring fault detection
performance monitoring fault detection and analysis tools sauna provides an
and analysis tools sauna provides an efficient design with the goal of
efficient design with the goal of reducing the total cost of ownership
reducing the total cost of ownership and maximizing the company's existing
and maximizing the company's existing resources when application demands
resources when application demands increase
increase so now that you've learned about iin and
so now that you've learned about iin and sona let's take two challenges first
sona let's take two challenges first on a piece of paper
on a piece of paper please write out the three phases of iin
please write out the three phases of iin the three phases and their names
the three phases and their names go ahead and pause the video now
let's see how you've done there's phase one which is integrated
there's phase one which is integrated systems
systems phase two which is integrated services
phase two which is integrated services and then phase three
and then phase three which is integrated applications
which is integrated applications next on a piece of paper what i'd like
next on a piece of paper what i'd like you to try to the best of your ability
you to try to the best of your ability and as detailed as possible
and as detailed as possible draw out the cisco service oriented
draw out the cisco service oriented network architecture framework
network architecture framework see if you can draw it out to the best
see if you can draw it out to the best of your ability and try to include some
of your ability and try to include some modules
modules within your layers to see how well you
within your layers to see how well you do
let's see how you've done there's the network infrastructure layer
there's the network infrastructure layer and you can see the modules here there's
and you can see the modules here there's the interactive services layer
the interactive services layer and you can see the sub modules here
and you can see the sub modules here and then there's the application layer
and then there's the application layer and you can see the sub modules here
and you can see the sub modules here so in this video you learned about
so in this video you learned about cisco intelligent information network
cisco intelligent information network and cisco service oriented network
and cisco service oriented network architecture framework
architecture framework and how they work together
and how they work together you will be tested on both of these in
you will be tested on both of these in your ccda exam
your ccda exam so if you understand the concepts in
so if you understand the concepts in this video very well
this video very well i'm confident you're going to do well on
i'm confident you're going to do well on this portion of your ccda exam
this portion of your ccda exam good luck in your studies
hi this is david voss ccie 11372 and in this video we're going to be
and in this video we're going to be covering the cisco ppd io lifecycle
covering the cisco ppd io lifecycle in this video you will learn about the
in this video you will learn about the benefits of ppd-io
benefits of ppd-io as well as its design methodology
as well as its design methodology you will also learn about how to
you will also learn about how to identify customer requirements
identify customer requirements for network design
for network design and the characteristics of a customer
and the characteristics of a customer network
network and then finally we'll discuss
and then finally we'll discuss design approaches
design approaches and design documentation
and design documentation so let's
so let's begin cisco has formalized a network's
begin cisco has formalized a network's life cycle into six phases
life cycle into six phases prepare
prepare plan
plan design
design implement
implement operate and optimize
operate and optimize and these phases are collectively known
and these phases are collectively known as ppdio
as ppdio the life cycle has four main benefits
the life cycle has four main benefits it lowers the total cost of ownership
it lowers the total cost of ownership it increases network availability
it increases network availability it improves business agility
it improves business agility and it speeds access to applications and
and it speeds access to applications and services
services let's discuss the ppdio
let's discuss the ppdio phases in detail
phases in detail first the prepare phase
first the prepare phase this phase establishes organization and
this phase establishes organization and business requirements
business requirements develops a network strategy and proposes
develops a network strategy and proposes a high level conceptual architecture to
a high level conceptual architecture to support that strategy
support that strategy technologies that support the
technologies that support the architecture are identified in this
architecture are identified in this phase
phase as well as a business case to establish
as well as a business case to establish the financial justification for the
the financial justification for the strategy
strategy the plan phase identifies the network
the plan phase identifies the network requirements based on goals facilities
requirements based on goals facilities and user needs
and user needs this phase characterizes sites and
this phase characterizes sites and assesses the network performs a gap
assesses the network performs a gap analysis against best practice
analysis against best practice architectures and looks at the
architectures and looks at the operational environment
operational environment in the design phase the network design
in the design phase the network design is developed based on the technical and
is developed based on the technical and business requirements
business requirements obtained from the previous phases
obtained from the previous phases a good design will provide high
a good design will provide high availability reliability security
availability reliability security scalability and performance
scalability and performance in the implement phase new equipment is
in the implement phase new equipment is installed and configured according to
installed and configured according to the design specifications
the design specifications in this phase any planned network
in this phase any planned network changes should be communicated in change
changes should be communicated in change control meetings and with the necessary
control meetings and with the necessary approvals to proceed
approvals to proceed the operate phase maintains the
the operate phase maintains the network's day-to-day operational health
network's day-to-day operational health operations include managing
operations include managing and monitoring network components and
and monitoring network components and performing the appropriate maintenances
performing the appropriate maintenances and then finally the optimize phase
and then finally the optimize phase which involves proactive network
which involves proactive network management
management by identifying and resolving issues
by identifying and resolving issues before they affect the network
now there is a design methodology for the first three phases of the ppdio
the first three phases of the ppdio methodology
methodology and there are three steps to it
and there are three steps to it in step one
in step one decision makers identify the
decision makers identify the requirements and a conceptual
requirements and a conceptual architecture is proposed
architecture is proposed in step two the network is assessed
in step two the network is assessed the network is assessed on function
the network is assessed on function performance and quality
performance and quality and then in step three
and then in step three the network topology is designed to meet
the network topology is designed to meet the requirements
the requirements and close the network gaps identified in
and close the network gaps identified in the previous two steps
the previous two steps let's review these three phases in
let's review these three phases in detail
detail to obtain customer requirements
to obtain customer requirements you need not only to talk to network
you need not only to talk to network engineers but you need to talk to the
engineers but you need to talk to the business
business personnel and company managers
personnel and company managers networks are designed to support
networks are designed to support applications
applications and you want to determine the network
and you want to determine the network services that you need to support
services that you need to support both now
both now and in the future
and in the future this this analysis is broken into five
this this analysis is broken into five steps
steps first identifying network applications
first identifying network applications and services
and services then define the organizational goals
then define the organizational goals define the possible organizational
define the possible organizational constraints
constraints and then define the technical goals
and then define the technical goals and finally define the possible
and finally define the possible technical constraints
when you're characterizing an existing network
an existing network you need to obtain all the existing
you need to obtain all the existing documentation
documentation sometimes no formal documentation exists
sometimes no formal documentation exists so you need to be prepared to use tools
so you need to be prepared to use tools to obtain the information needed and to
to obtain the information needed and to get access to log into network devices
get access to log into network devices to obtain the information required
to obtain the information required here are the steps you want to take to
here are the steps you want to take to gather information
gather information first you're going to identify all
first you're going to identify all existing organization information and
existing organization information and documentation
documentation then you'll perform a network audit that
then you'll perform a network audit that adds detail to the description of the
adds detail to the description of the network
network and then finally you're going to use
and then finally you're going to use traffic analysis information to augment
traffic analysis information to augment information on applications and
information on applications and protocols used
when you're designing the network topology and solutions
topology and solutions cisco recommends that you use the
cisco recommends that you use the top-down approach for network design
top-down approach for network design top-down simply means starting your
top-down simply means starting your design from the top layer of the osi
design from the top layer of the osi model and working your way down
model and working your way down top-down design adapts the network and
top-down design adapts the network and physical infrastructure to the network
physical infrastructure to the network applications needs
applications needs with a top-down approach network devices
with a top-down approach network devices and technologies are not selected until
and technologies are not selected until the application's requirements are
the application's requirements are analyzed
analyzed here you can compare and contrast top
here you can compare and contrast top down versus bottom up
down versus bottom up a bottom-up design may result in an
a bottom-up design may result in an inappropriate design
inappropriate design because the requirements of the
because the requirements of the organization that is those requirements
organization that is those requirements of the applications and the users using
of the applications and the users using those applications are not included in
those applications are not included in this type of design
next the design document itself
the design document itself the design document
the design document should include the following sections
should include the following sections the introduction
the introduction the design requirements
the design requirements existing network infrastructure
existing network infrastructure including layer 3 topology diagrams
including layer 3 topology diagrams physical topology diagrams audit results
physical topology diagrams audit results network health analysis routing
network health analysis routing protocols
protocols applications and a list of routers and
applications and a list of routers and switches and other devices
switches and other devices among many other things
among many other things then the design portion which actually
then the design portion which actually contains the specific design information
contains the specific design information such as logical physical topology ip
such as logical physical topology ip addressing routing protocols etc
addressing routing protocols etc proof of concept
proof of concept which results from the live pilot or
which results from the live pilot or prototype testing
prototype testing and then the implementation plan
and then the implementation plan which includes the detailed steps for
which includes the detailed steps for the network staff to implement the new
the network staff to implement the new installation
installation and then the appendixes which will list
and then the appendixes which will list all the existing network devices
all the existing network devices configurations and additional
configurations and additional information used in the design of a
information used in the design of a network
so now it's your turn go ahead and on a piece of paper or whiteboard
piece of paper or whiteboard go ahead and draw out the ppd io
go ahead and draw out the ppd io methodology
methodology uh start with the first step the first p
uh start with the first step the first p i guess you could say
i guess you could say and write it out
and write it out and then write out the
and then write out the full chart of ppdio
full chart of ppdio what each letter stands for
what each letter stands for and also put a sentence next to each
and also put a sentence next to each word
word to summarize the activity that occurs at
to summarize the activity that occurs at that phase
that phase go ahead and do that now and pause the
go ahead and do that now and pause the video
so let's see how you did the first phase is prepare
and the final phase is optimize this is a life cycle
this is a life cycle that is
that is it doesn't mean once you hit optimize
it doesn't mean once you hit optimize that it's over it's a continual process
that it's over it's a continual process going from prepare plan over to design
going from prepare plan over to design implement operate and optimize
implement operate and optimize and then around again on a regular basis
and then around again on a regular basis you're constantly looking at the network
you're constantly looking at the network seeing what can be done to make it run
seeing what can be done to make it run more efficiently and more cost effective
now assuming you went ahead and added a sentence or two after each word here are
sentence or two after each word here are some good foundational sentences or
some good foundational sentences or questions
questions regarding what is going on in each phase
so here's what you've learned you've learned about the benefits and the
learned about the benefits and the design methodology of ppd io
design methodology of ppd io you've learned how to identify customer
you've learned how to identify customer requirements in the characteristics of a
requirements in the characteristics of a network
network and then you dug into the design
and then you dug into the design approach
approach as far as top down versus bottom up and
as far as top down versus bottom up and how to properly document a design
how to properly document a design it appears from the study materials that
it appears from the study materials that cisco does want you to focus in
cisco does want you to focus in on the first three phases of ppd-io
on the first three phases of ppd-io which is why this video also focused on
which is why this video also focused on the first three phases
the first three phases we wish you the best of luck in your
we wish you the best of luck in your studies thank you
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about sla resources
to learn about sla resources specifically we're going to talk about
specifically we're going to talk about how sla and specifically slcs
how sla and specifically slcs affect network design
affect network design so many companies vendors and service
so many companies vendors and service providers must provide
providers must provide service level contract or slcs
service level contract or slcs to their partners or customers
to their partners or customers in an sla which is a service level
in an sla which is a service level agreement is a component of the overall
agreement is a component of the overall service level
service level contract
contract the slc
the slc designates connectivity
designates connectivity and the performance level that the
and the performance level that the service provider guarantees to its
service provider guarantees to its customers
customers and the organization guarantees to its
and the organization guarantees to its end users
end users the sla
the sla defines specific parameters and
defines specific parameters and performance measurements between devices
performance measurements between devices such as routers servers
such as routers servers workstations or other equipment on the
workstations or other equipment on the network
network so here's an example of a service level
so here's an example of a service level agreement as you can see things are
agreement as you can see things are spelled out in detail
spelled out in detail regarding service to the customer
regarding service to the customer but also software updates
but also software updates customer support and then even a part of
customer support and then even a part of the contract states what the customer
the contract states what the customer responsibility is
responsibility is so that they're in the event of an
so that they're in the event of an outage or just on day-to-day disputes
outage or just on day-to-day disputes you can refer back to the contract so
you can refer back to the contract so the customer
the customer and the provider are both very clear
and the provider are both very clear about what is expected
about what is expected this protects
this protects both the customer and the provider
both the customer and the provider so that roles and responsibilities are
so that roles and responsibilities are very clear but when there is confusion
very clear but when there is confusion or when there is a major outage
or when there is a major outage there is a legal backing
there is a legal backing for operation procedures
for operation procedures and decisions
and decisions now that being said
now that being said some of this needs to be measured and
some of this needs to be measured and cisco allows you to do that using cisco
cisco allows you to do that using cisco ipsla
let's do a refresh on how cisco ipsla works
works ipsla allows you to monitor analyze and
ipsla allows you to monitor analyze and verify
verify ip service levels
ip service levels it's comprised of two components a
it's comprised of two components a source and a target
source and a target operations can broadly be categorized
operations can broadly be categorized into five functional areas
into five functional areas let's take a look at an example
you can use ipslas to monitor the performance between any area in the
performance between any area in the network core distribution and edge
network core distribution and edge without deploying a physical probe
without deploying a physical probe it uses generated traffic to measure
it uses generated traffic to measure network performance between two
network performance between two networking devices
networking devices so as we draw this out this shows how
so as we draw this out this shows how ipslas begins when the source device
ipslas begins when the source device sends a generated packet to the
sends a generated packet to the destination device
destination device after the destination device receives
after the destination device receives the packet depending on the type of
the packet depending on the type of ipsla's operation it responds with the
ipsla's operation it responds with the timestamp information for the source to
timestamp information for the source to make the calculation on performance
make the calculation on performance metrics
it then can communicate with a performance management application via
performance management application via snmp
snmp to provide real-time analysis of the
to provide real-time analysis of the network
it should be noticed that ipsla can communicate with any i p device on the
communicate with any i p device on the network
network that's enabled for these types of
that's enabled for these types of measurements
although this video has covered what you need to know for cisco sla
need to know for cisco sla be aware that there are other white
be aware that there are other white papers out there should you want to read
papers out there should you want to read more
more and here they are service level
and here they are service level management best practices
management best practices deploying service level management in an
deploying service level management in an enterprise
enterprise and service level management defining
and service level management defining and monitoring service levels in the
and monitoring service levels in the enterprise
enterprise now again that being said
now again that being said within this video and throughout this
within this video and throughout this video series you will have the
video series you will have the information you need to do well on your
information you need to do well on your ccda exam
ccda exam but again we want to apply this to
but again we want to apply this to our work environments so if you want to
our work environments so if you want to do additional reading please refer to
do additional reading please refer to this
this so here's what you've learned you've
so here's what you've learned you've received an overview of cisco sla we
received an overview of cisco sla we talked about slc service level contracts
talked about slc service level contracts so you have a foundational understanding
so you have a foundational understanding of how this applies to any enterprise
of how this applies to any enterprise campus network
hi this is david voss ccie113 and in this video you're going to learn
and in this video you're going to learn about the cisco hierarchical network
about the cisco hierarchical network model
model specifically you're going to learn about
specifically you're going to learn about what cisco calls the core
what cisco calls the core distribution and access layers of a
distribution and access layers of a campus network
campus network the information is rather
the information is rather straightforward but it is information
straightforward but it is information you'll need to know very well to do well
you'll need to know very well to do well on your ccda exam
on your ccda exam so let's begin
so let's begin the most important idea concerning the
the most important idea concerning the cisco hierarchical network model
cisco hierarchical network model is the step-by-step construction of the
is the step-by-step construction of the network which implements one module at a
network which implements one module at a time
time starting with the foundation the
starting with the foundation the implementation of each module can be
implementation of each module can be supervised by a network architect
supervised by a network architect but the details are covered by a
but the details are covered by a specialized team such as routing or
specialized team such as routing or security or voice teams
security or voice teams this modular approach is the key to
this modular approach is the key to simplifying the network
simplifying the network before we cover each module within the
before we cover each module within the network model
network model let's talk about the main advantages of
let's talk about the main advantages of the cisco hierarchical network model
the cisco hierarchical network model there are eight key advantages
there are eight key advantages ease to understand and implement
ease to understand and implement flexibility
flexibility cost savings
cost savings modularity
modularity it's easily modified
it's easily modified it allows for network growth
it allows for network growth it facilitates summarization of networks
it facilitates summarization of networks and there is also built-in fault
and there is also built-in fault isolation
isolation the three-tier model was created in
the three-tier model was created in order to make the construction of
order to make the construction of networks easier to understand
networks easier to understand cisco has always tried to make
cisco has always tried to make efficient and cost effective networks
efficient and cost effective networks with a modular structure
with a modular structure so they can easily be divided into
so they can easily be divided into building blocks
building blocks the modular network design facilitates
the modular network design facilitates modifications in certain modules
modifications in certain modules after their implementation
after their implementation it makes it easy to track faults in the
it makes it easy to track faults in the network
network the cisco hierarchical network model is
the cisco hierarchical network model is defined by three layers
defined by three layers the core or backbone layer
the core or backbone layer the distribution layer
the distribution layer and the access layer
and the access layer now if you're working for a small
now if you're working for a small company
company these layers might be collapsed core and
these layers might be collapsed core and distribution are often collapsed into a
distribution are often collapsed into a single layer
single layer or sometimes all three layers are
or sometimes all three layers are collapsed
that being said let's dive into each of the layers
the layers the access layer is the on-ramp to the
the access layer is the on-ramp to the network
network so for the most part any end user or
so for the most part any end user or device that wants to connect to the
device that wants to connect to the network will do so via the access layer
network will do so via the access layer as you can see access layer switches
as you can see access layer switches should have redundant connectivity to
should have redundant connectivity to the distribution layer
the distribution layer this will ensure network connectivity
this will ensure network connectivity for the hosts even when there is an
for the hosts even when there is an equipment failure
equipment failure you could take it another step further
you could take it another step further and provide redundant connectivity for
and provide redundant connectivity for the host to the access layer switches
the host to the access layer switches but this is the exception to the rule
but this is the exception to the rule and certainly not the norm
and certainly not the norm the access layer is comprised of layer
the access layer is comprised of layer two switches workstations ip telephones
two switches workstations ip telephones or any other device that requires access
or any other device that requires access to the network
here are some specific features you should be aware of at the access layer
should be aware of at the access layer it should provide high availability
it should provide high availability and flexible security features
and flexible security features you can also implement authentication
you can also implement authentication broadcast control
broadcast control and it's where you would define qos
and it's where you would define qos trust boundaries
trust boundaries in the access layer you would also
in the access layer you would also implement rate limiting techniques
implement rate limiting techniques and it's where you would often program
and it's where you would often program spanning tree protocol
spanning tree protocol include power over ethernet for your
include power over ethernet for your phones
phones and configure voice vlan settings
as you can see the distribution layer has redundant connectivity to both the
has redundant connectivity to both the access and core layers
access and core layers the distribution layer is often where
the distribution layer is often where the brains of the network resides since
the brains of the network resides since many decisions such as filtering quality
many decisions such as filtering quality of service and policy based routing are
of service and policy based routing are performed in the distribution layer
performed in the distribution layer as you can see the distribution layer
as you can see the distribution layer has redundant connectivity to the axis
has redundant connectivity to the axis and core layers
and core layers the distribution layer normally has
the distribution layer normally has advanced layer 3 switches that can
advanced layer 3 switches that can support a wide array of functionality to
support a wide array of functionality to support the services required from this
support the services required from this layer
here are the attributes of the distribution layer
distribution layer it gives access control to core devices
it gives access control to core devices it has redundancy to access devices
it has redundancy to access devices it's where the boundaries are for
it's where the boundaries are for routing protocols
redistribution occurs at this layer as well as filtering
well as filtering route summarization
route summarization policy routing
policy routing and here you will see your security
and here you will see your security implemented
implemented it provides separate multicast and
it provides separate multicast and broadcast domains
broadcast domains using layer 2 and layer 3 technologies
using layer 2 and layer 3 technologies and provides routing between vlans
and provides routing between vlans it is a media translation and provides
it is a media translation and provides boundaries for media
boundaries for media and also provides
redistribution there is a lot going on in the core layer the high speed
in the core layer the high speed switching fabric ensures that all
switching fabric ensures that all modules which connect to the core are
modules which connect to the core are serviced immediately
serviced immediately you rarely will put any programming on
you rarely will put any programming on these switches that could cause them to
these switches that could cause them to slow down processing for example no qos
slow down processing for example no qos no acls
no acls rather you want to keep it so that these
rather you want to keep it so that these high-end switches
high-end switches spend their time processing forwarding
spend their time processing forwarding traffic rather than doing anything else
traffic rather than doing anything else although it's not always required to
although it's not always required to have redundancy to and from the
have redundancy to and from the distribution and access layers
distribution and access layers redundancy is certainly required in the
redundancy is certainly required in the core
core as you can see the core is the hub for
as you can see the core is the hub for the interconnects in the network
the interconnects in the network it connects to the server farm
it connects to the server farm to the distribution layer and then off
to the distribution layer and then off to the enterprise edge as well
to the enterprise edge as well so having a high performing core is
so having a high performing core is critical
critical here are some key features of the core
here are some key features of the core layer that you will want to memorize
layer that you will want to memorize the core layer is high speed
the core layer is high speed it's reliable
it's reliable it's redundant
it's redundant it has fault tolerance
it has fault tolerance and load balancing
and load balancing it has manageability and scalability
it has manageability and scalability in the core layer there are no filters
in the core layer there are no filters packet handling or other overhead that
packet handling or other overhead that would slow traffic down or the
would slow traffic down or the processing of traffic down
processing of traffic down it has a limited but consistent diameter
it has a limited but consistent diameter and it can provide quality of service
the cisco core distribution and access layer hierarchical model is rather
layer hierarchical model is rather straightforward but that's the point
straightforward but that's the point cisco wants you to know this
cisco wants you to know this by memory
by memory and the features of each of the modules
and the features of each of the modules in preparation for your ccda exam
in preparation for your ccda exam not only by watching this video are you
not only by watching this video are you prepared for your ccda exam regarding
prepared for your ccda exam regarding these areas you're also a much better
these areas you're also a much better engineer
engineer now that you understand
now that you understand the basic organization of a campus
the basic organization of a campus network good luck in your studies
hi this is david voss ccie 11372 and in this video you're going to learn
and in this video you're going to learn about cisco intelligent network services
about cisco intelligent network services intelligent network services are
intelligent network services are essential support services
essential support services that are part of the network and enable
that are part of the network and enable applications
applications this involves a rich set of different
this involves a rich set of different processes that enable packet forwarding
processes that enable packet forwarding on an ip network and may include
on an ip network and may include network management tools quality of
network management tools quality of service
service security mechanisms high availability
security mechanisms high availability voice transport and content networking
voice transport and content networking we will cover all of these topics in
we will cover all of these topics in this video
this video so let's begin with network management
so let's begin with network management network management is an intelligent
network management is an intelligent network service that allows the
network service that allows the management and monitoring of the server
management and monitoring of the server farm
farm and network devices in different blocks
and network devices in different blocks also when or lan connections
also when or lan connections this also involves system administration
this also involves system administration for servers with software tools specific
for servers with software tools specific to each operating system provider or
to each operating system provider or third-party tools network management
third-party tools network management also includes logging
also includes logging usually through a syslog server
usually through a syslog server implementation
implementation or security features such as
or security features such as one-time password or otp
one-time password or otp next let's discuss quality of service
next let's discuss quality of service quality of service invokes a wide
quality of service invokes a wide variety of techniques used
variety of techniques used especially in networks that offer
especially in networks that offer multimedia services voice and or video
multimedia services voice and or video because these services are usually delay
because these services are usually delay sensitive and require low latency and
sensitive and require low latency and low jitter
low jitter traffic generated by these applications
traffic generated by these applications must be prioritized which is the role of
must be prioritized which is the role of qos techniques
qos techniques in this example we have voice coming
in this example we have voice coming from a telephone hitting a switch
from a telephone hitting a switch and that's fine but as soon as it goes
and that's fine but as soon as it goes upstream let's say to the distribution
upstream let's say to the distribution layer or the core layer there's going to
layer or the core layer there's going to be contention other traffic is going to
be contention other traffic is going to be fighting
be fighting with this traffic for priority so we
with this traffic for priority so we want to move the voice because of its
want to move the voice because of its very nature to quote unquote a fast lane
very nature to quote unquote a fast lane or an express lane
or an express lane and therefore through qos
and therefore through qos proper marking of traffic and servicing
proper marking of traffic and servicing of those markings
of those markings the voice traffic can be given higher
the voice traffic can be given higher priority
priority that's just one example of how qos can
that's just one example of how qos can be used in your network
be used in your network please note qos is never supposed to be
please note qos is never supposed to be the first solution to solve problems
the first solution to solve problems it's really supposed to be used as a
it's really supposed to be used as a last resort ideally you have enough
last resort ideally you have enough bandwidth to service any application
bandwidth to service any application that needs to communicate over your
that needs to communicate over your network for the times that you do not
network for the times that you do not have enough bandwidth or you're
have enough bandwidth or you're concerned about performance then quality
concerned about performance then quality of service would be crucial to give
of service would be crucial to give priority to the traffic when there is
priority to the traffic when there is contention to give priority to the high
contention to give priority to the high priority traffic such as voice or video
priority traffic such as voice or video next let's talk about network security
next let's talk about network security security is an intelligent service and
security is an intelligent service and it's vital to the health of a network
it's vital to the health of a network security invokes such features as
security invokes such features as authentication services such as radius
authentication services such as radius or attack x
or attack x encryption
encryption and filtering
and filtering network security design principles are
network security design principles are presented later in the ccda
presented later in the ccda video series but please note that this
video series but please note that this is a part of intelligent network
is a part of intelligent network services from cisco
next is network availability network availability and network management are
availability and network management are two of the most critical technology
two of the most critical technology areas in network design
areas in network design these areas impact all other
these areas impact all other technologies presented to you in the
technologies presented to you in the ccda studies
ccda studies the focus of this section or this video
the focus of this section or this video right now is high availability network
right now is high availability network design
design high availability is often a factor
high availability is often a factor taken into consideration when designing
taken into consideration when designing end-to-end solutions
end-to-end solutions this assures redundancy for network
this assures redundancy for network services and for the end users and is
services and for the end users and is accomplished by ensuring that the
accomplished by ensuring that the network devices are reliable and fault
network devices are reliable and fault tolerant
tolerant many redundancy options can be utilized
many redundancy options can be utilized in different components of modern
in different components of modern networks
networks here are some examples
here are some examples workstation to router redundancy at the
workstation to router redundancy at the access layer
access layer server redundancy in the server farm
server redundancy in the server farm route redundancy
route redundancy media redundancy in the access layer
media redundancy in the access layer block each of these areas are now going
block each of these areas are now going to be covered in detail because you may
to be covered in detail because you may be tested in detail on any of these in
be tested in detail on any of these in your ccda exam
your ccda exam the most important topic in the list of
the most important topic in the list of redundancy that we've just spoken about
redundancy that we've just spoken about is workstation to router redundancy
is workstation to router redundancy because access devices must maintain
because access devices must maintain their default gateway information
their default gateway information if they don't most likely they're going
if they don't most likely they're going to lose network connectivity
to lose network connectivity as mentioned before modern networks
as mentioned before modern networks respect the 80 20 model which states
respect the 80 20 model which states that 80 of traffic will pass through a
that 80 of traffic will pass through a default gateway and 20 percent of the
default gateway and 20 percent of the destinations will be local
destinations will be local so this is a perfect example of why a
so this is a perfect example of why a default gateway
default gateway must be available
must be available workstation to router redundancy
workstation to router redundancy can be accomplished in multiple ways
can be accomplished in multiple ways first proxy arp this involves a
first proxy arp this involves a workstation that has no default gateway
workstation that has no default gateway configured but wants to communicate with
configured but wants to communicate with a remote host
a remote host a request for the address of the host is
a request for the address of the host is sent and the router that hears this
sent and the router that hears this request
request realizes that it can service it
realizes that it can service it that is it knows it can reach the client
that is it knows it can reach the client so it responds on behalf of the client
so it responds on behalf of the client using a proxy arp
using a proxy arp the router actually pretends to be the
the router actually pretends to be the host so the workstation can send traffic
host so the workstation can send traffic destined to that specific client to the
destined to that specific client to the router
router next is explicit configuration
next is explicit configuration this allows you to create multiple
this allows you to create multiple default gateways within the
default gateways within the configuration of an endpoint
configuration of an endpoint many operating systems allow for this
many operating systems allow for this programming of multiple default gateways
programming of multiple default gateways to be configured
to be configured but the most common way of establishing
but the most common way of establishing workstation redundancy is to use first
workstation redundancy is to use first hop redundancy protocols
hop redundancy protocols these are hsrp
these are hsrp vrrp and glbp
vrrp and glbp hsrp is a cisco proprietary first hop
hsrp is a cisco proprietary first hop redundancy protocol
redundancy protocol two versions of hsrp are supported on
two versions of hsrp are supported on ios software version one and this is the
ios software version one and this is the default hsrp version
default hsrp version and this restricts the number
and this restricts the number of configurable hsrp groups to 255.
of configurable hsrp groups to 255. i don't expect you should be exceeding
i don't expect you should be exceeding that anytime soon
that anytime soon and then there's version two
and then there's version two some updates to version two
some updates to version two it uses a new multicast address among
it uses a new multicast address among many other things that you can see here
finally hsrp authentication gives you the option of plain text or md5
the option of plain text or md5 authentication
md5 authentication can be configured with or without keychains
when implementing hsrp two or more routers are configured with a standby ip
routers are configured with a standby ip address on a broadcast interface usually
address on a broadcast interface usually an ethernet segment so while they will
an ethernet segment so while they will each have
each have a local ip address in this case dot two
a local ip address in this case dot two and dot three
and dot three a passive election is held to determine
a passive election is held to determine the active router which is actually
the active router which is actually answering for the gateway ip address dot
answering for the gateway ip address dot one the active router answers arp
one the active router answers arp requests for the standby ip address with
requests for the standby ip address with a virtual mac address so that the host
a virtual mac address so that the host sends packets to the gateway ip address
sends packets to the gateway ip address winds up sending it to the active router
winds up sending it to the active router now if the active router dies then
now if the active router dies then another election is held and in this
another election is held and in this case traffic would go out the dot 3
case traffic would go out the dot 3 interface even though
interface even though traffic would still be pointing to the
traffic would still be pointing to the virtual one ip address
vrrp is an open standard first hop redundancy protocol which elects a
redundancy protocol which elects a virtual router master and then virtual
virtual router master and then virtual router backups
router backups you can configure up to
you can configure up to 255 virtual routers on an interface
255 virtual routers on an interface that is if your system is capable of
that is if your system is capable of handling it
handling it the default vrrp priority value is 100
the default vrrp priority value is 100 and that's important to note because the
and that's important to note because the lower you set it the less likely it's
lower you set it the less likely it's going to take over as the master the
going to take over as the master the higher you set it the more likely it
higher you set it the more likely it will be
the virtual router master is in charge of sending advertisements to the other
of sending advertisements to the other routers in the same group and vrrp it
routers in the same group and vrrp it should be noted can support both
should be noted can support both plaintext and md5 authentication
so let's say we have three switches with vrrp which is non-proprietary
vrrp which is non-proprietary in vrrp one router is elected as the
in vrrp one router is elected as the virtual router master and the other
virtual router master and the other routers are acting as backups in case
routers are acting as backups in case the virtual router master fails
the virtual router master fails so in this case the master has been
so in this case the master has been elected
dot 3 and dot 4 will serve as backups 2.2
0.2 will answer to the virtual ip address and if it were to fail
address and if it were to fail then a backup device would take over
in this example that would be the dot 3 device
device and if the dot 3 system failed
and if the dot 3 system failed then the final backup system.4 would
then the final backup system.4 would take over
take over next let's cover glbp
next let's cover glbp glpp allows multiple gateways in the
glpp allows multiple gateways in the same glbp group to actively forward
same glbp group to actively forward traffic
traffic so instead of just one device forwarding
so instead of just one device forwarding traffic you can have multiple
traffic you can have multiple gateway gateways communicate via hellos
gateway gateways communicate via hellos messages that are sent by default every
messages that are sent by default every three seconds
three seconds the glbp group members elect one gateway
the glbp group members elect one gateway to be the avg
to be the avg now the avg answers all arp requests to
now the avg answers all arp requests to the virtual router address and assigns a
the virtual router address and assigns a virtual mac address to each member of
virtual mac address to each member of the glbp group
the glbp group glbp has many other features
glbp has many other features but you should really focus on the fact
but you should really focus on the fact that glbp does provide
that glbp does provide load sharing and many different load
load sharing and many different load sharing methods host dependent round
sharing methods host dependent round robin in weighted
robin in weighted and it does support plain text and or
and it does support plain text and or md5 authentication
md5 authentication but the big advantage and the question
but the big advantage and the question you're most likely to get regarding glbp
you're most likely to get regarding glbp is when would you use it and you would
is when would you use it and you would use it if you would like to load balance
use it if you would like to load balance between devices
between devices glbp provides a standby ip just as hsrp
glbp provides a standby ip just as hsrp but it also provides multiple virtual
but it also provides multiple virtual mac addresses so when a host on the
mac addresses so when a host on the connected network sends an arp request
connected network sends an arp request one of the routers answers with the
one of the routers answers with the virtual mac address
now this does allow for load balancing you can load balance across multiple
you can load balance across multiple systems instead of just relying on one
systems instead of just relying on one system to serve all the traffic
system to serve all the traffic in this case we're going to load balance
in this case we're going to load balance 50 percent to router 1 20 percent to
50 percent to router 1 20 percent to router 2 and 30 percent of the traffic
router 2 and 30 percent of the traffic to router three
this can be done because you're using virtual mac addresses
which take turns answering traffic requests
requests if a router were to fail the other
if a router were to fail the other remaining routers could take over for
remaining routers could take over for all the traffic
all the traffic next let's talk about server redundancy
next let's talk about server redundancy server-based redundancy technologies can
server-based redundancy technologies can be implemented in server farms or data
be implemented in server farms or data centers
centers this is often needed to ensure high
this is often needed to ensure high availability for key server functions
availability for key server functions such as file or application sharing
such as file or application sharing one way to solve this problem is to
one way to solve this problem is to mirror multiple servers so that if one
mirror multiple servers so that if one server fails the network can dynamically
server fails the network can dynamically fail over to another server
fail over to another server with cloud computing this obviously
with cloud computing this obviously becomes a non-issue the servers become
becomes a non-issue the servers become more virtual in nature the only time you
more virtual in nature the only time you would truly need redundancy would be if
would truly need redundancy would be if you're concerned about an entire area or
you're concerned about an entire area or entire city losing connectivity due to a
entire city losing connectivity due to a major catastrophe
major catastrophe then you could make sure that your data
then you could make sure that your data is replicated throughout the cloud maybe
is replicated throughout the cloud maybe even to different cloud
even to different cloud providers next let's talk about route
providers next let's talk about route redundancy with wan configuration
redundancy with wan configuration configuring redundancy between the
configuring redundancy between the campus infrastructures
campus infrastructures is a best practice
is a best practice in order to achieve this you can
in order to achieve this you can implement load balancing at the routing
implement load balancing at the routing protocols level this increases
protocols level this increases availability because in the case of a
availability because in the case of a direct path failure as you can see here
direct path failure as you can see here between two sites
between two sites these two sites can still reach each
these two sites can still reach each other by going via a different location
other by going via a different location next is media redundancy
next is media redundancy this is useful in case one link fails
this is useful in case one link fails media redundancy demands the
media redundancy demands the configuration of spanning tree protocol
configuration of spanning tree protocol at layer two
at layer two in order to avoid loops that can bring
in order to avoid loops that can bring the network down
another technology used to achieve media redundancy is ether channel
redundancy is ether channel this layer 2 logical bundling or channel
this layer 2 logical bundling or channel aggregation technique can be used
aggregation technique can be used between switches the bundled links can
between switches the bundled links can appear as one single link between
appear as one single link between specific devices
specific devices now should there be a link failure
now should there be a link failure between two switches data will continue
between two switches data will continue to pass using the existing configuration
to pass using the existing configuration even though there would not be as much
even though there would not be as much bandwidth available but data would still
bandwidth available but data would still pass because you have this redundant
pass because you have this redundant connectivity through ether channel
connectivity through ether channel next let's talk about voice transport
next let's talk about voice transport voice transport is a network solution
voice transport is a network solution that is implemented on top of the
that is implemented on top of the existing network infrastructure
existing network infrastructure when designing voice transport solutions
when designing voice transport solutions you must carefully consider the existing
you must carefully consider the existing enterprise network already in place
enterprise network already in place and it's very important that you first
and it's very important that you first implement the data solution
implement the data solution after that you can integrate voice and
after that you can integrate voice and data on the same network infrastructure
data on the same network infrastructure next let's talk about content networking
next let's talk about content networking content networking is also known as cdn
content networking is also known as cdn or content delivery networking
or content delivery networking it's a service that is used more and
it's a service that is used more and more in modern and large enterprise
more in modern and large enterprise networks and it offers more
networks and it offers more sophisticated types of network solutions
sophisticated types of network solutions and applications that accommodate video
and applications that accommodate video and voice for online services
and voice for online services using intranet in internet broadcast
using intranet in internet broadcast this can be delivered as training
this can be delivered as training modules using different audio and visual
modules using different audio and visual streaming technologies
streaming technologies but content networking demands content
but content networking demands content aware technologies from a cisco
aware technologies from a cisco environment in the campus infrastructure
environment in the campus infrastructure including content and wear hardware and
including content and wear hardware and content aware software
content aware software so there are three technologies we want
so there are three technologies we want to talk about
to talk about content routing
content routing content caching and content switching
content caching and content switching the first component of cdn content
the first component of cdn content routing is the process that actually
routing is the process that actually redirects a user to the best device in
redirects a user to the best device in the network
the network based on a set of well-defined user
based on a set of well-defined user policies there are specific rules for
policies there are specific rules for the different types of content delivered
the different types of content delivered in the network infrastructure
in the network infrastructure one rule might be the server load if it
one rule might be the server load if it is high in one place the rule may
is high in one place the rule may dictate that traffic is forwarded in a
dictate that traffic is forwarded in a different way
different way content routing can deliver the contents
content routing can deliver the contents as quickly as possible using high
as quickly as possible using high availability techniques and fast server
availability techniques and fast server responses
responses next is content caching
next is content caching from a cisco standpoint content caching
from a cisco standpoint content caching could be delivered by a cce or cisco
could be delivered by a cce or cisco content engine
content engine and this module can be found on a router
and this module can be found on a router this speeds up the delivery of content
this speeds up the delivery of content for end users because it transparently
for end users because it transparently caches information
caches information used on a regular basis as well as
used on a regular basis as well as frequently accessed content so the
frequently accessed content so the request can be fulfilled locally
request can be fulfilled locally finally content switching the third
finally content switching the third component of cdn which is known as web
component of cdn which is known as web switching or content switching this is
switching or content switching this is used for content delivery to different
used for content delivery to different network modules
network modules and is a sophisticated mechanism for
and is a sophisticated mechanism for load balancing and for accelerating the
load balancing and for accelerating the intelligence of the content
intelligence of the content content switching gives users a much
content switching gives users a much better web experience
better web experience by delivering the content much more
by delivering the content much more quickly and by customizing the content
quickly and by customizing the content for individual users
for individual users so here's what you've learned you've
so here's what you've learned you've learned about cisco intelligent network
learned about cisco intelligent network services
services specifically network management tools
specifically network management tools quality of service mechanisms
quality of service mechanisms security mechanisms high availability
security mechanisms high availability voice transport and content networking
voice transport and content networking for some of these we cover them higher
for some of these we cover them higher level because the information is
level because the information is available for you in other videos such
available for you in other videos such as network management tools and security
as network management tools and security mechanisms
mechanisms all of this information you'll need to
all of this information you'll need to do well on your cca exam and i hope this
do well on your cca exam and i hope this video has been helpful good luck in your
video has been helpful good luck in your studies thank you
hi this is david voss ccie113 and in this video you're going to learn
and in this video you're going to learn about geographical and application
about geographical and application considerations in network design
considerations in network design first let's begin with geographical
first let's begin with geographical considerations
considerations the geographical considerations
the geographical considerations regarding the enterprise campus network
regarding the enterprise campus network design
design involve locating the entire campus
involve locating the entire campus building blocks and the components of
building blocks and the components of those blocks
those blocks and then determining the distance
and then determining the distance between them
between them the geographical structures can be
the geographical structures can be broken down into four different types of
broken down into four different types of geography
geography intra building which is inside the
intra building which is inside the building
building inter building
inter building between buildings
between buildings remote building which is relatively
remote building which is relatively close which is less than 100 kilometers
close which is less than 100 kilometers away
away or a remote building that is greater
or a remote building that is greater than 100 kilometers away
than 100 kilometers away first let's begin with intra building
first let's begin with intra building design
an intra building structure can be comprised of a single floor or multiple
comprised of a single floor or multiple floors
floors but it's in a single building
but it's in a single building the goal is to connect all the different
the goal is to connect all the different components such as servers workstations
components such as servers workstations printers
printers and give all of them access to the
and give all of them access to the network resources depending on their
network resources depending on their type of system
type of system the access and distribution layers are
the access and distribution layers are typically located in an intra building
typically located in an intra building area
area user workstations are connected either
user workstations are connected either to a wiring closet or directly to an
to a wiring closet or directly to an access layer switch
access layer switch that is connected to a distribution
that is connected to a distribution layer switches and then ultimately those
layer switches and then ultimately those are connected into the core
are connected into the core interior building design
interior building design now with this network structure links
now with this network structure links this links individual buildings in the
this links individual buildings in the campus
campus or corporate complex using the
or corporate complex using the distribution layer or it could be at the
distribution layer or it could be at the core layer as well depending on the size
core layer as well depending on the size of the organization the distance between
of the organization the distance between buildings
buildings should range from a few hundred meters
should range from a few hundred meters to a few kilometers usually less than
to a few kilometers usually less than one mile
one mile the connection between the building
the connection between the building should provide as high bandwidth and
should provide as high bandwidth and throughput as possible
throughput as possible now another issue is ensuring that there
now another issue is ensuring that there is very little environmental
is very little environmental interference
interference so the typical medium
so the typical medium used in this case is optical fiber
used in this case is optical fiber the optical fiber used can be either
the optical fiber used can be either multi-mode fiber or single mode fiber
multi-mode and single-mode fiber share common characteristics
common characteristics the cabling uses glass or plastic fibers
the cabling uses glass or plastic fibers to move the information from building to
to move the information from building to building
building they're made the cables are made from a
they're made the cables are made from a bundle of threads each of which can
bundle of threads each of which can transmit messages
transmit messages modulated under light waves
modulated under light waves optical fiber has greater bandwidth than
optical fiber has greater bandwidth than copper cables so it can carry more data
copper cables so it can carry more data and it is less susceptible to
and it is less susceptible to interference
interference fiber optic cables
fiber optic cables are also much thinner and lighter than
are also much thinner and lighter than metal wires
metal wires and data can be transmitted digitally
and data can be transmitted digitally which is the natural way in which
which is the natural way in which computer data moves rather than through
computer data moves rather than through analog signaling signaling
analog signaling signaling now the big disadvantage of fiber optic
now the big disadvantage of fiber optic is that the cables are more expensive to
is that the cables are more expensive to install they're often more fragile and
install they're often more fragile and difficult to split up
difficult to split up but despite these disadvantages fiber
but despite these disadvantages fiber optic cabling is becoming more and more
optic cabling is becoming more and more popular for local area networking and
popular for local area networking and telecom provider infrastructure
let's look at the differences between multi-mode and single mode fiber
multi-mode and single mode fiber multi-mode has the following
multi-mode has the following characteristics
characteristics specific installation and performance
specific installation and performance guidelines it also has specific
guidelines it also has specific connectors
connectors concurrently transports multiple
concurrently transports multiple lightweight waves and modes within the
lightweight waves and modes within the core
core used for relatively short distances
used for relatively short distances typical diameter is 50 to 62.5
typical diameter is 50 to 62.5 micrometers bandwidth is usually up to
micrometers bandwidth is usually up to 10 gigabits per second
10 gigabits per second range is 550 meters when using gigabit
range is 550 meters when using gigabit ethernet
ethernet used between nodes and between buildings
used between nodes and between buildings and it's obviously more expensive than
and it's obviously more expensive than copper
copper single mode fiber has the following
single mode fiber has the following characteristics
characteristics specific installation and performance
specific installation and performance guidelines
guidelines carries a single light laser
carries a single light laser typical diameter of core is 2 to 10
typical diameter of core is 2 to 10 micrometers
micrometers bandwidth is usually up to 10 gigabits
bandwidth is usually up to 10 gigabits per second
per second range is up to 100 kilometers when using
range is up to 100 kilometers when using gigabit ethernet
but the key to remember is single mode is used between nodes and buildings for
is used between nodes and buildings for longer distances than multi-mode fiber
next let's talk about remote buildings the campus infrastructure can be spread
the campus infrastructure can be spread over a metropolitan area
over a metropolitan area or over a larger area than that so
or over a larger area than that so different parts of a city
different parts of a city and if you're dealing with distances
and if you're dealing with distances within a few miles you might focus on
within a few miles you might focus on the physical needs first you need to
the physical needs first you need to determine whether the company owns any
determine whether the company owns any of the copper lines and if it does you
of the copper lines and if it does you can build from there
can build from there but you also might need to connect an
but you also might need to connect an enterprise campus network through the
enterprise campus network through the wan block
wan block now if this is the case you should
now if this is the case you should leverage the existing telecom providers
leverage the existing telecom providers in that specific area
in that specific area then you also may want to consider using
then you also may want to consider using satellite or various wireless
satellite or various wireless technologies to connect your site as
technologies to connect your site as well
well but as the distance between the sites
but as the distance between the sites grows the following actions will occur
grows the following actions will occur connectivity costs increase
connectivity costs increase required throughput will decrease
required throughput will decrease and importance of availability will
and importance of availability will decrease
decrease next let's talk about network
next let's talk about network applications
applications another important factor when designing
another important factor when designing campus switching is considering the
campus switching is considering the network applications that will be used
network applications that will be used once the physical and geographical
once the physical and geographical aspects are clear the network designer
aspects are clear the network designer needs to characterize what types of
needs to characterize what types of applications will be processed within
applications will be processed within the network
the network the first category of applications that
the first category of applications that must be identified involves the critical
must be identified involves the critical or core applications
or core applications and the rest of the services fall under
and the rest of the services fall under the optional intelligence category
the optional intelligence category the network applications can be divided
the network applications can be divided into four types
into four types client to client applications
client to client applications client to distributed server
client to distributed server applications
applications client to server farm applications and
client to server farm applications and client enterprise edge applications
client enterprise edge applications so here's what you've learned you've
so here's what you've learned you've learned about design considerations
learned about design considerations not only for geography but also for
not only for geography but also for application types
application types and then you need to know how to break
and then you need to know how to break out
out systematically
systematically what type of design challenges are you
what type of design challenges are you facing
facing so that you just aren't trying to design
so that you just aren't trying to design generally but you're being specific
generally but you're being specific about the geographical issues you're
about the geographical issues you're facing but also the network applications
facing but also the network applications that you need to support
that you need to support i wish you the best of luck in your
i wish you the best of luck in your studies thank you
hi this is david voss ccie 11372 and in this video you're going to learn about
this video you're going to learn about layer 2 technologies
layer 2 technologies and layer 3 switching
and layer 3 switching let's begin first with layer 2
let's begin first with layer 2 technologies
technologies layer 2 technologies relate to the osi
layer 2 technologies relate to the osi data link layer
data link layer now today's modern enterprise which is a
now today's modern enterprise which is a distributed networking world of
distributed networking world of multimedia and client applications
multimedia and client applications dictates the need for greater bandwidth
dictates the need for greater bandwidth and a greater degree of control
and a greater degree of control over the past 10 years almost all
over the past 10 years almost all organizations have replaced their shared
organizations have replaced their shared networking technology such as hubs
networking technology such as hubs with switches to create switched
with switches to create switched technologies
a concept you need to understand is a collision domain and what exactly a
collision domain and what exactly a collision domain is
collision domain is a collision domain is comprised of nodes
a collision domain is comprised of nodes and devices that share the same
and devices that share the same bandwidth
bandwidth and this is called a bandwidth domain
and this is called a bandwidth domain for instance everything that is
for instance everything that is connected to a switch port via a hub is
connected to a switch port via a hub is in the same collision domain
in the same collision domain this means there is always the
this means there is always the possibility of a collision in the
possibility of a collision in the operations of that particular ethernet
operations of that particular ethernet a broadcast domain on the other hand
a broadcast domain on the other hand represents a collection of devices that
represents a collection of devices that can see each other's broadcast
can see each other's broadcast or multicast packets
or multicast packets nodes that are in the same collision
nodes that are in the same collision domain are also in the same broadcast
domain are also in the same broadcast domain
domain for example all devices associated with
for example all devices associated with the port of a router are in the same
the port of a router are in the same broadcast domain
broadcast domain and by default broadcasts do not
and by default broadcasts do not traverse a router's port interface
traverse a router's port interface when a shared technology is used such as
when a shared technology is used such as hubs
hubs all the devices share the bandwidth of
all the devices share the bandwidth of the specific network segment
the specific network segment when using switched technologies each
when using switched technologies each device in the switch port is its own
device in the switch port is its own collision domain
collision domain however all the devices are in the same
however all the devices are in the same broadcast domain
now here's some of the basics you know why land switches why did they overtake
why land switches why did they overtake the market there was a time when bridges
the market there was a time when bridges were quite popular well land switches
were quite popular well land switches have quite a few advantages over bridges
have quite a few advantages over bridges specifically they have more ports than a
specifically they have more ports than a bridge would ever be capable of
bridge would ever be capable of supporting
supporting micro segmentation allows individual
micro segmentation allows individual hosts to be connected to individual
hosts to be connected to individual ports
ports they operate at hardware speed using
they operate at hardware speed using asics versus software used by bridges
asics versus software used by bridges they support layer 3 and layer 4 packet
they support layer 3 and layer 4 packet switching by using mls features we'll
switching by using mls features we'll talk about that a little bit later
talk about that a little bit later and finally probably the most important
and finally probably the most important feature of land switching nowadays is
feature of land switching nowadays is the the vlan so they can use vlans to
the the vlan so they can use vlans to create smaller logical broadcast domains
create smaller logical broadcast domains on your network
now let's just see let's just get back to basics here land switching is a form
to basics here land switching is a form of packet switching
of packet switching which is used on local area networks
which is used on local area networks land switches provide
land switches provide and as you already know they provide
and as you already know they provide much higher port density and at a much
much higher port density and at a much lower cost than traditional bridges did
lower cost than traditional bridges did now there are three
now there are three now there are three main forwarding
now there are three main forwarding techniques that can be used by switches
techniques that can be used by switches store and forward
store and forward cut through
cut through and fragment free
let's just do a basic drawing here to better understand these concepts so
better understand these concepts so let me draw out first a frame that is
let me draw out first a frame that is passing through a switch
passing through a switch and then after i draw this frame i'm
and then after i draw this frame i'm going to draw a line here and that will
going to draw a line here and that will designate the memory of the switch so
designate the memory of the switch so if the frame is passed into memory we
if the frame is passed into memory we will designate it by going underneath
will designate it by going underneath this line
let's cover cut through switching first with cut through switching the lan
with cut through switching the lan switch
switch copies into its memory only the
copies into its memory only the destination mac address which is located
destination mac address which is located in the first six bytes of the frame
in the first six bytes of the frame the switch looks up the destination mac
the switch looks up the destination mac address in its switching table and
address in its switching table and determines the outgoing interface port
determines the outgoing interface port then forwards the frame to its
then forwards the frame to its destination through the designated
destination through the designated switch port
switch port a cut through switch reduces delay
a cut through switch reduces delay because the switch begins to forward the
because the switch begins to forward the frame as soon as it reads the
frame as soon as it reads the destination mac address
destination mac address this is in contrast to store and forward
this is in contrast to store and forward switching
switching store and forward switching means that
store and forward switching means that the lan switch copies each complete
the lan switch copies each complete frame into its switch memory buffers
frame into its switch memory buffers and then it computes a crc check for
and then it computes a crc check for errors
errors the crc check uses a mathematical
the crc check uses a mathematical formula to determine whether the frame
formula to determine whether the frame is errored and if an error is found it's
is errored and if an error is found it's discarded but if it's error free the
discarded but if it's error free the switch will forward the frame out the
switch will forward the frame out the appropriate interface port
appropriate interface port finally there's fragment free switching
finally there's fragment free switching which is also known as runtless
which is also known as runtless switching
switching basically
basically frames that are damaged which often
frames that are damaged which often happen by collisions are often shorter
happen by collisions are often shorter than the minimum valid ethernet frame
than the minimum valid ethernet frame size of 64 bytes
size of 64 bytes if a frame is smaller than 64 bytes
if a frame is smaller than 64 bytes the switch will discard that frame
the switch will discard that frame fragment free is a faster mode than
fragment free is a faster mode than storing forward but there still exists a
storing forward but there still exists a risk of forwarding bad frames
risk of forwarding bad frames because you do not have the crc check
because you do not have the crc check now land switching can be characterized
now land switching can be characterized as either symmetric or asymmetric now
as either symmetric or asymmetric now symmetric switching provides evenly
symmetric switching provides evenly distributed bandwidth to each port on
distributed bandwidth to each port on the switch this is typically used in a
the switch this is typically used in a peer-to-peer desktop environment where
peer-to-peer desktop environment where you see asymmetric switching is when
you see asymmetric switching is when we're talking about
we're talking about endpoints communicating with
endpoints communicating with bandwidth intensive services such as
bandwidth intensive services such as servers so this provides unequal
servers so this provides unequal bandwidth between ports on a switch this
bandwidth between ports on a switch this is actually the most common type of
is actually the most common type of switching and it's optimized for client
switching and it's optimized for client server environments you may have a
server environments you may have a server that demands a 10 gigabit port
server that demands a 10 gigabit port where many of your clients obviously
where many of your clients obviously don't need that much speed and may only
don't need that much speed and may only have a one gigabit port or if you have
have a one gigabit port or if you have an older switch 100 megabit port
now in the old days
in the old days basic rule of thumb in designing a local
basic rule of thumb in designing a local area network and wide area network was
area network and wide area network was that 80 of the traffic was going to
that 80 of the traffic was going to remain on the local area network thus it
remain on the local area network thus it was called the 80 20 rule 80 of the
was called the 80 20 rule 80 of the traffic stays local and you should plan
traffic stays local and you should plan for that
for that well with the advent and the with the
well with the advent and the with the popularity of the internet and server
popularity of the internet and server farms uh this has really resulted in the
farms uh this has really resulted in the flipping of those numbers now we need to
flipping of those numbers now we need to design our networks
design our networks with with the idea that probably only 20
with with the idea that probably only 20 percent of the traffic is going to stay
percent of the traffic is going to stay local
local on the local area network whereas 80
on the local area network whereas 80 percent is going to be is going to leave
percent is going to be is going to leave the local area network so this new
the local area network so this new paradigm this new 20 20 80 rule
paradigm this new 20 20 80 rule places a much greater burden on the
places a much greater burden on the network backbone
next let's talk about layer 3 switching historically land switching typically
historically land switching typically involves layer 2 switching at the access
involves layer 2 switching at the access layer and sometimes at the distribution
layer and sometimes at the distribution layer
layer layer 2 switches forward information
layer 2 switches forward information based only on the mac address that is
based only on the mac address that is the layer 2 frame address
the layer 2 frame address layer 3 switching however uses the mac
layer 3 switching however uses the mac address in addition to the layer 3
address in addition to the layer 3 address which is typically
address which is typically nowadays an ip address
nowadays an ip address the following three options exist when
the following three options exist when considering designing a switched
considering designing a switched environment
environment layer 2 switching throughout the network
layer 2 switching throughout the network a combination of layer 2 and layer 3
a combination of layer 2 and layer 3 switching
switching and then layer 3 stitching throughout
and then layer 3 stitching throughout the network
the network using layer 2 switching layer 3
using layer 2 switching layer 3 switching or a combination of the two
switching or a combination of the two also depends on the available switching
also depends on the available switching platforms
platforms as not all switches support layer 3
as not all switches support layer 3 technologies
at the heart of a switch network is the concept of vlans
concept of vlans so what exactly is a vlan well cisco
so what exactly is a vlan well cisco says it's a group of end stations with a
says it's a group of end stations with a common set of requirements
common set of requirements using vlans allows you to put
using vlans allows you to put many different devices in many different
many different devices in many different locations on the same
locations on the same logical network on the same layer 2
logical network on the same layer 2 network
network in the past without vlans
in the past without vlans you would have to rely upon
you would have to rely upon simple hardware solutions but a vlan
simple hardware solutions but a vlan allows you to virtualize your layer 2
allows you to virtualize your layer 2 segment
segment vlans are usually associated by the same
vlans are usually associated by the same subnet so normally devices on a vlan
subnet so normally devices on a vlan are are sharing the same subnet
are are sharing the same subnet and and with this in mind
and and with this in mind they're sharing the same broadcast
they're sharing the same broadcast domain that is the norm
domain that is the norm and then vlans must be routed to
and then vlans must be routed to communicate with other vlans so it is a
communicate with other vlans so it is a true layer 2 segment
true layer 2 segment a vlan is not going to be able to
a vlan is not going to be able to communicate with another vlan
communicate with another vlan unless it is passed through a layer 3
unless it is passed through a layer 3 device which can route it
device which can route it now there are two types of switch port
now there are two types of switch port types
types for vlan membership that we need to
for vlan membership that we need to understand
understand and the first is
and the first is the access port
the access port now access ports can only belong to a
now access ports can only belong to a single vlan now when you think of an
single vlan now when you think of an access port
access port it's pretty much probably what you think
it's pretty much probably what you think of it's usually for end devices like a
of it's usually for end devices like a workstation or a server
workstation or a server it is a device that is an end station
it is a device that is an end station and again accessport can only belong to
and again accessport can only belong to a single vlan
a single vlan typically used to connect end devices
typically used to connect end devices and there are two methods to assign
and there are two methods to assign ports
ports uh to vlans
uh to vlans for these access ports the first which
for these access ports the first which is by far the the most popular
is by far the the most popular is the static vlan assignment so an
is the static vlan assignment so an administrator actually doing it and then
administrator actually doing it and then dynamic vlan assignment
dynamic vlan assignment which is done by a server so let's dig a
which is done by a server so let's dig a little bit more into that into those two
little bit more into that into those two concepts
concepts so
so when we have a static vlan assignment
when we have a static vlan assignment the network administrator is actually
the network administrator is actually manually configuring a switch port to be
manually configuring a switch port to be a part of a vlan
a part of a vlan the network administrator is saying is
the network administrator is saying is programming the port to say you are
programming the port to say you are going to be an access port and you're
going to be an access port and you're going to be associated with this
going to be associated with this specific vlan now you can do this
specific vlan now you can do this dynamically and this is not as popular
dynamically and this is not as popular but there is something called a vlan
but there is something called a vlan management policy server which can
management policy server which can assign a desired vlan to users
assign a desired vlan to users connecting to a switch
connecting to a switch we don't need to get much deeper than
we don't need to get much deeper than that
that for your exam but you need to do you do
for your exam but you need to do you do need to know these two methods
need to know these two methods now there's another type of port that we
now there's another type of port that we need to understand to understand the
need to understand to understand the concept of vlans and that is trunk ports
concept of vlans and that is trunk ports and trunk ports are used to carry data
and trunk ports are used to carry data from multiple vlans
from multiple vlans so
so access ports only allow communication
access ports only allow communication from one end device over a specific vlan
from one end device over a specific vlan well ultimately if you're hosting many
well ultimately if you're hosting many vlans
vlans this traffic's going to need to be able
this traffic's going to need to be able to communicate
to communicate throughout your network so that they're
throughout your network so that they're not limited
not limited limited by a hardware device so your
limited by a hardware device so your vlan may your vlans may be spread
vlan may your vlans may be spread throughout
throughout um many floors or
um many floors or maybe even many buildings
maybe even many buildings trunk ports allow you to carry data from
trunk ports allow you to carry data from all these different vlans between all
all these different vlans between all your different hardware devices
your different hardware devices now there are some standard vlan numbers
now there are some standard vlan numbers and ranges you should know um
and ranges you should know um specifically let's focus on two to 1001
specifically let's focus on two to 1001 these vlans are created and used and
these vlans are created and used and deleted on all cisco catalyst switches
deleted on all cisco catalyst switches and another one that you should really
and another one that you should really focus in on
focus in on is the range of 1006 to 4094.
is the range of 1006 to 4094. these are
these are extended this is an extended range of
extended this is an extended range of vlans for ethernet vlans only
vlans for ethernet vlans only now you may be asked about these other
now you may be asked about these other ranges but i would focus in on
ranges but i would focus in on vlan ranges 2 to 1001
vlan ranges 2 to 1001 and 1006 to 4094.
vlan trunks are used to carry data from multiple vlans which you already know
multiple vlans which you already know now there are two methods two protocols
now there are two methods two protocols that can be used
that can be used to build these trunks and the first is
to build these trunks and the first is inner switch link or isl
inner switch link or isl and that's a cisco proprietary protocol
and that's a cisco proprietary protocol that is used to preserve the source vlan
that is used to preserve the source vlan identification information
identification information for frames that traverse trunk links
for frames that traverse trunk links and then there is i would say the more
and then there is i would say the more popular 802.1 q
popular 802.1 q which is an open standard
which is an open standard and then it performs a little bit
and then it performs a little bit differently than the cisco proprietary
differently than the cisco proprietary protocol
protocol now the reason
now the reason 802.1q is so popular is you probably
802.1q is so popular is you probably understand that for obvious reasons that
understand that for obvious reasons that if you want a trunk between
if you want a trunk between two devices like one is cisco and one is
two devices like one is cisco and one is non-cisco
non-cisco you're able to do that
you're able to do that so this standard works very effectively
so this standard works very effectively and 802.1 q is very popular but you will
and 802.1 q is very popular but you will definitely be asked about isl
definitely be asked about isl and you will definitely be asked about
and you will definitely be asked about the differences between isl and 802.1q
now so you've received a lot of information
so you've received a lot of information right now so let's go ahead and kind of
right now so let's go ahead and kind of draw out some of these concepts that
draw out some of these concepts that we've been talking about
we've been talking about so
so when we think of vlans we think first of
when we think of vlans we think first of we need to connect
we need to connect endpoints need to connect on a local
endpoints need to connect on a local area network so
area network so here we have
here we have four endpoints
four endpoints and we have one switch
and we have one switch and each of these endpoints
and each of these endpoints need to communicate and not all of them
need to communicate and not all of them need to communicate with with each other
need to communicate with with each other so let's say we have two
so let's say we have two workstations and two servers
workstations and two servers and we're gonna put this one workstation
and we're gonna put this one workstation in vlan 10 and this other workstation in
in vlan 10 and this other workstation in vlan 10
vlan 10 and then these two servers in vlan 2.
and then these two servers in vlan 2. these two servers are segmented on their
these two servers are segmented on their own vlan and as are the workstations
own vlan and as are the workstations they cannot communicate between each
they cannot communicate between each other
other between vlan 2 and 10
between vlan 2 and 10 but anything on vlan 10 can communicate
but anything on vlan 10 can communicate with vlan 10. now here's another
with vlan 10. now here's another dedicated vlan we'll say vlan 3 to a
dedicated vlan we'll say vlan 3 to a dedicated device
dedicated device now and here is a router so for any of
now and here is a router so for any of these vlans to communicate with one
these vlans to communicate with one another they need to pass through a
another they need to pass through a layer 3 device
layer 3 device so this this workstation that from vlan
so this this workstation that from vlan 10 if it wants to communicate over to a
10 if it wants to communicate over to a server it needs to be routed and go
server it needs to be routed and go through the router and passed over to
through the router and passed over to vlan 2.
vlan 2. let's say you want to keep vlan 3
let's say you want to keep vlan 3 devices
devices not accessible from the network
not accessible from the network you can prevent that
you can prevent that so here we have other devices on vlan 3
so here we have other devices on vlan 3 and we'll say let's say this is a back
and we'll say let's say this is a back end connection between two servers that
end connection between two servers that we have no need to route it vlan 3 can
we have no need to route it vlan 3 can be segmented from the entire network
be segmented from the entire network nobody can reach it so there's some
nobody can reach it so there's some security built into vlans as well
security built into vlans as well now vlans can extend
now vlans can extend obviously over to other hardware
obviously over to other hardware platforms so this router is connected to
platforms so this router is connected to another switch
another switch and on this switch let's say that's in a
and on this switch let's say that's in a different building we have another
different building we have another device on vlan 2
device on vlan 2 another device
another device another endpoint
another endpoint on an access port to vlan 10
on an access port to vlan 10 and if they want to communicate over to
and if they want to communicate over to the other building let's say vlan 2 or
the other building let's say vlan 2 or vlan 10
vlan 10 they simply go over this trunk port you
they simply go over this trunk port you know that term
know that term goes over the trunk port and can
goes over the trunk port and can communicate over to
communicate over to the other sites
the other sites when designing a full layer 2
when designing a full layer 2 environment using vlans a router might
environment using vlans a router might be used to provide routing between the
be used to provide routing between the vlans
vlans this technique is called router on a
this technique is called router on a stick because only one router interface
stick because only one router interface is used to carry all the vlans
is used to carry all the vlans exclusively using layer 2 switches and
exclusively using layer 2 switches and vlans throughout the network all the
vlans throughout the network all the policies access lists and quality
policies access lists and quality service rules
service rules will be managed at the data link layer
will be managed at the data link layer the policy capabilities are very limited
the policy capabilities are very limited at the data link layer but they are
at the data link layer but they are greatly enhanced in layer 3 switches
greatly enhanced in layer 3 switches another area in which layer 2 switches
another area in which layer 2 switches are limited is load sharing capabilities
are limited is load sharing capabilities used to ensure redundant links
used to ensure redundant links that is multiple paths throughout the
that is multiple paths throughout the network
network this is because layer 2 switches only
this is because layer 2 switches only know about mac addresses and they cannot
know about mac addresses and they cannot perform intelligent load sharing
perform intelligent load sharing for example based on a destination
for example based on a destination network
network layer 3 switches can do that
layer 3 switches can do that layer 3 switches also support dynamic
layer 3 switches also support dynamic routing protocols
routing protocols therefore with layer 2 switching the
therefore with layer 2 switching the load can be shared only on a per vlan
load can be shared only on a per vlan basis
basis in addition when using layer 2 switches
in addition when using layer 2 switches only the basis of all failures or the
only the basis of all failures or the failure domain will be isolated to the
failure domain will be isolated to the vlan only
vlan only on the other hand in a multi-layer
on the other hand in a multi-layer environment the failures can be better
environment the failures can be better isolated at the access layer to the core
isolated at the access layer to the core layer or even particular network
layer or even particular network segments
segments in a layer 2 switched environment only
in a layer 2 switched environment only stp that is spanning tree protocol
stp that is spanning tree protocol offers convergence and loop control
offers convergence and loop control however when using layer 3 switching
however when using layer 3 switching this feature can also be implemented at
this feature can also be implemented at the distribution in core layers using
the distribution in core layers using routing protocol technologies such as
routing protocol technologies such as ospf or eigrp
ospf or eigrp and when considering cost using layer 2
and when considering cost using layer 2 everywhere is the cheapest solution but
everywhere is the cheapest solution but this is also much less flexible and much
this is also much less flexible and much less manageable
less manageable using layer 3 switches throughout the
using layer 3 switches throughout the network is the most expensive option
network is the most expensive option but it's very powerful and flexible
but it's very powerful and flexible a compromise would be to implement layer
a compromise would be to implement layer 3 switches only in the distribution
3 switches only in the distribution layer
layer and then eventually as the budget allows
and then eventually as the budget allows and the network scales extend the layer
and the network scales extend the layer 3 switches into the core layer
3 switches into the core layer for full layer 3 switching at the
for full layer 3 switching at the distribution
distribution and core layers
so in this video you've learned about layer 2 technologies and layer 3
layer 2 technologies and layer 3 switching and this will
switching and this will this information will provide you with a
this information will provide you with a solid foundation to do well on your ccda
solid foundation to do well on your ccda exam thank you
hi this is david voss ccie113 and in this video we're going to be
and in this video we're going to be covering the cable specifications for
covering the cable specifications for local area networks
local area networks specifically this video is going to
specifically this video is going to review
review land media and its components
land media and its components we need to identify some of the
we need to identify some of the constraints you should consider when
constraints you should consider when provisioning various land media types
provisioning various land media types ethernet is the underlying basis for the
ethernet is the underlying basis for the technologies most widely used in local
technologies most widely used in local area networks today
area networks today in the 1980s and early 1990s most
in the 1980s and early 1990s most networks used 10 megabit per second
networks used 10 megabit per second ethernet
ethernet defined initially by digital intel in
defined initially by digital intel in xerox
xerox and then later by the ieee 802.3 working
and then later by the ieee 802.3 working group the ieee
group the ieee 802.3-2002 standard
802.3-2002 standard contains physical specifications for
contains physical specifications for ethernet technologies
ethernet technologies up to 10 gigabits per second
up to 10 gigabits per second the following table is something you
the following table is something you should know well for your ccda exam it
should know well for your ccda exam it describes
describes the physical ethernet specifications up
the physical ethernet specifications up to 100 megabits per second
to 100 megabits per second it provides scalability information that
it provides scalability information that you can use when provisioning ieee 802.3
you can use when provisioning ieee 802.3 networks
networks of these specifications the 10 base 5
of these specifications the 10 base 5 and 10 base 2 are no longer used but are
and 10 base 2 are no longer used but are included for completeness
included for completeness fast ethernet is preferred over 10 base
fast ethernet is preferred over 10 base t ethernet
let's talk about some of the 100 megabit per second
per second fast ethernet design rules
fast ethernet design rules ieee introduced ieee 802.3
ieee introduced ieee 802.3 u-1995 standard to provide ethernet
u-1995 standard to provide ethernet speeds of 100 megabit per second over
speeds of 100 megabit per second over utp and fiber cabling
utp and fiber cabling the 100 base t standard is similar to 10
the 100 base t standard is similar to 10 megabits per second ethernet
megabits per second ethernet and that it uses carrier sense multiple
and that it uses carrier sense multiple access collision detect which you
access collision detect which you probably know is csma slash cd
let's discuss the following specifications for fast ethernet
specifications for fast ethernet 100 base tx fast ethernet
100 base tx fast ethernet this specification uses cat 5 utp wiring
this specification uses cat 5 utp wiring like 10 base t fast ethernet uses only
like 10 base t fast ethernet uses only two pairs of the four pair utp wiring
two pairs of the four pair utp wiring if cat5 cabling is already in place
if cat5 cabling is already in place upgrading to fast ethernet requires only
upgrading to fast ethernet requires only a hub or a switch
a hub or a switch and any network interface card upgrades
and any network interface card upgrades because of the low cost most of today's
because of the low cost most of today's installations use switches
installations use switches the specifications for the standard are
the specifications for the standard are as follows
as follows transmission over cat5 utp
transmission over cat5 utp an rj45 connector
an rj45 connector punch down blocks in the wiring closet
punch down blocks in the wiring closet must be cat5 certified
must be cat5 certified and
and 4b5b coding
let's discuss now the 100 base t4 fast ethernet standard
ethernet standard the hunter base t4 specification was
the hunter base t4 specification was developed to support utp wiring at the
developed to support utp wiring at the cat 3 level
cat 3 level this specification takes advantage of
this specification takes advantage of higher speed ethernet without re-cabling
higher speed ethernet without re-cabling to cat5 utp
to cat5 utp this implementation is not widely
this implementation is not widely deployed
deployed but here are the specifications it can
but here are the specifications it can transmit over cat 3 4 or 5 utp wiring
transmit over cat 3 4 or 5 utp wiring three pairs are used for transmission
three pairs are used for transmission and the fourth pair is used for
and the fourth pair is used for collision detection
collision detection no separate transmit and receive pairs
no separate transmit and receive pairs are present so full duplex operation is
are present so full duplex operation is not possible
not possible and the coating is 8b 6t
and the coating is 8b 6t next let's discuss 100 base fx fest
next let's discuss 100 base fx fest ethernet
ethernet this is a specification for fiber
this is a specification for fiber it operates over two strands of
it operates over two strands of multi-mode or single more fiber cabling
multi-mode or single more fiber cabling it can transmit over greater distances
it can transmit over greater distances than copper media
than copper media it uses a media interface connector
it uses a media interface connector st stab and twist
st stab and twist or sc stab and click fiber connectors
or sc stab and click fiber connectors defined for fddi
defined for fddi and 10 base fx networks
to make 100 megabit per second ethernet work distance limitations are much more
work distance limitations are much more severe than those required for 10
severe than those required for 10 megabits per second ethernet
megabits per second ethernet repeater networks have no five hub rule
repeater networks have no five hub rule fast ethernet is limited to two
fast ethernet is limited to two repeaters
repeaters the general rule is that a hundred
the general rule is that a hundred megabit per second ethernet has a
megabit per second ethernet has a maximum diameter of 205 meters with utp
maximum diameter of 205 meters with utp cabling
cabling whereas 10 megabit per second ethernet
whereas 10 megabit per second ethernet has a maximum diameter of 500 meters
has a maximum diameter of 500 meters with 10 base t
with 10 base t and 2500 meters with 10 base 5.
and 2500 meters with 10 base 5. most networks today use switches rather
most networks today use switches rather than repeaters which limits the length
than repeaters which limits the length of 10 base t
of 10 base t and 100 base tx
and 100 base tx to 100 meters between the switch and
to 100 meters between the switch and host
host now the distance limitation imposed
now the distance limitation imposed depends on the type of repeater
depends on the type of repeater the ieee 100 base t specification
the ieee 100 base t specification defines two types of repeaters
defines two types of repeaters class 1
class 1 and class 2.
and class 2. class 1 repeaters have a latency of 0.7
class 1 repeaters have a latency of 0.7 microseconds
microseconds or less
or less only one repeater hop is allowed
only one repeater hop is allowed class 2 repeaters have a latency of 0.46
class 2 repeaters have a latency of 0.46 microseconds or less
microseconds or less and one or two repeater hops are allowed
now let's talk about gigabit ethernet design rules
design rules gigabit ethernet
gigabit ethernet was first specified by two standards
was first specified by two standards ieee 802.3z-1998
and 802.3 a b
802.3 a b 1999.
1999. the ieee 802.3z standard specifies the
the ieee 802.3z standard specifies the operation of gigabit ethernet over fiber
operation of gigabit ethernet over fiber and coax cable
and coax cable and introduces the gigabit media
and introduces the gigabit media independent interface the gmii
independent interface the gmii these standards are superseded by the
these standards are superseded by the latest revision of all the 802.3
latest revision of all the 802.3 standards included in ieee 802.3-2002
the ieee 802.3 a b standard specified the operation of
a b standard specified the operation of gigabit ethernet over cat5utp
gigabit ethernet over cat5utp gigabit ethernet still retains the frame
gigabit ethernet still retains the frame formats and frame sizes and it still
formats and frame sizes and it still uses csma cd
uses csma cd as with ethernet and fast ethernet full
as with ethernet and fast ethernet full duplex operation is possible
duplex operation is possible differences appear in the encoding
differences appear in the encoding gigabit ethernet uses eight bravo 10
gigabit ethernet uses eight bravo 10 bravo coding with simple non-return to
bravo coding with simple non-return to zero
zero because of the twenty percent overhead
because of the twenty percent overhead pulses run at one thousand two hundred
pulses run at one thousand two hundred fifty megahertz
fifty megahertz to achieve a one thousand megabits per
to achieve a one thousand megabits per second throughput
second throughput this chart you will definitely want to
this chart you will definitely want to know in preparation
know in preparation for your ccda exam
for your ccda exam let's talk about the gigabit ethernet
let's talk about the gigabit ethernet standards in detail
standards in detail the 1000 base lx that is the long
the 1000 base lx that is the long wavelength gigabit ethernet standard
wavelength gigabit ethernet standard uses long wavelength optics over a pair
uses long wavelength optics over a pair of fiber strands
of fiber strands the specifications are as follows
the specifications are as follows it uses long wave
it uses long wave on multi-mode or single mode fiber
on multi-mode or single mode fiber the maximum lengths for multi-mode fiber
the maximum lengths for multi-mode fiber are 62.5 micrometer fiber which is 450
are 62.5 micrometer fiber which is 450 meters or 50 micrometer fiber at 550
meters or 50 micrometer fiber at 550 meters
meters maximum length for single mode fiber is
maximum length for single mode fiber is 5 kilometers
the ieee 1000 base sx standard uses short wavelength
short wavelength optics over a pair of multi-mode fiber
optics over a pair of multi-mode fiber strands
strands its maximum lengths are 260 and 550
its maximum lengths are 260 and 550 meters respectively
meters respectively the ieee 1000 base dash cx standard is
the ieee 1000 base dash cx standard is for short copper runs between servers
for short copper runs between servers it runs over a pair of 150 ohm balance
it runs over a pair of 150 ohm balance coax
coax cables maximum length is 25 meters
cables maximum length is 25 meters and this is obviously mainly used for
and this is obviously mainly used for server connections
server connections and then finally the 1000 base t gigabit
and then finally the 1000 base t gigabit ethernet over utp standard
ethernet over utp standard it was approved in june 1999
it was approved in june 1999 and now included in ieee 802.3 2002
and now included in ieee 802.3 2002 this standard uses the four pairs in the
this standard uses the four pairs in the cable
cable maximum length is 100 meters encoding
maximum length is 100 meters encoding defined is a five level coding scheme
defined is a five level coding scheme and one byte is sent over the four pairs
and one byte is sent over the four pairs at
at twelve hundred and fifty megahertz
twelve hundred and fifty megahertz the ieee 802.3 ae supplement to the
the ieee 802.3 ae supplement to the 802.3 standard was published in august
802.3 standard was published in august of 2002
of 2002 and it specifies the standard for 10
and it specifies the standard for 10 gigabit ethernet
gigabit ethernet it is defined for full duplex operation
it is defined for full duplex operation over optical media
over optical media utp and copper 10 gige has several
utp and copper 10 gige has several physical media specifications
physical media specifications based on different fiber types and
based on different fiber types and encoding
encoding multimedia fiber and single mode fiber
multimedia fiber and single mode fiber are used
are used and if you look at this diagram this is
and if you look at this diagram this is something you will definitely want to
something you will definitely want to memorize in preparation for your ccda
memorize in preparation for your ccda exam
now as noted previously in this video there are several media types that are
there are several media types that are used for campus networks
used for campus networks and this chart is one you'll want to
and this chart is one you'll want to remember because it provides a good
remember because it provides a good summary of the information you'll need
summary of the information you'll need to know for the different media types
to know for the different media types and when you may want to use them
so here's what you've learned you've learned about campus lan media types and
learned about campus lan media types and this is something you will definitely be
this is something you will definitely be tested on in your ccda exam
tested on in your ccda exam you've learned about the different
you've learned about the different ethernet standards as well as the
ethernet standards as well as the different campus transmission media
different campus transmission media types
types and i'm confident if you master the
and i'm confident if you master the material in this video you'll do very
material in this video you'll do very well in this portion of your ccda exam
well in this portion of your ccda exam good luck in your studies
hi this is david voss cciu11372 and in this video you're going to learn
and in this video you're going to learn about
about analyzing traffic in preparation for
analyzing traffic in preparation for your ccda exam
your ccda exam first let's start with analyzing
first let's start with analyzing application traffic
application traffic one of the first enterprise campus
one of the first enterprise campus design issues refers to
design issues refers to analyzing the application traffic as it
analyzing the application traffic as it relates to the switched network design
relates to the switched network design the traffic patterns usually fall into
the traffic patterns usually fall into one of the following scenarios
one of the following scenarios local with a segment module and
local with a segment module and or distant
or distant remote traffic patterns this implies
remote traffic patterns this implies traversing different segments
traversing different segments or crossing sub-modules or modules in
or crossing sub-modules or modules in the campus design
the campus design networks were originally designed
networks were originally designed according to the 80 20 rule which states
according to the 80 20 rule which states that 80 percent of the traffic is
that 80 percent of the traffic is internal
internal 20 is remote
20 is remote this concept has changed with the
this concept has changed with the evolution of enterprise networking and
evolution of enterprise networking and distributed server networking
distributed server networking in modern campus networks so the ratio
in modern campus networks so the ratio now is twenty eighty
now is twenty eighty whereas twenty percent is for local
whereas twenty percent is for local traffic and eighty percent is for
traffic and eighty percent is for traffic
traffic that crosses between modules and
that crosses between modules and segments
segments this change occurred as a result of
this change occurred as a result of servers no longer sitting in the
servers no longer sitting in the workgroup areas
generally the application and backbone servers are placed in a server farm area
servers are placed in a server farm area this puts a much higher load on the
this puts a much higher load on the backbone because much of the traffic
backbone because much of the traffic from the client side is going to the
from the client side is going to the servers in the server farm through the
servers in the server farm through the core layer devices
core layer devices this changes the way you will analyze
this changes the way you will analyze application traffic
application traffic in order to exemplify the 80 20 rule
in order to exemplify the 80 20 rule consider a work group area with various
consider a work group area with various devices
devices connected to a basic layer 2 switch
connected to a basic layer 2 switch using vlans
using vlans the inner vlan routing is accomplished
the inner vlan routing is accomplished on the routers that also allow access to
on the routers that also allow access to an email server according to the eighty
an email server according to the eighty twenty rule eighty percent of traffic
twenty rule eighty percent of traffic stays within the vlan
stays within the vlan where twenty whereas twenty percent of
where twenty whereas twenty percent of the traffic is going to the email server
on the other hand for example in the modern 2080 rule consider a situation in
modern 2080 rule consider a situation in which there are multiple logical
which there are multiple logical departments
departments using common resources with applications
using common resources with applications distributed throughout the organization
distributed throughout the organization this means there are no dedicated
this means there are no dedicated servers located within the department
servers located within the department for example database or file servers
for example database or file servers all the data is stored in the server
all the data is stored in the server farm block
farm block the end user's devices connect to a
the end user's devices connect to a series of layer 2 or low end layer 3
series of layer 2 or low end layer 3 switches
switches before reaching the distribution layer
before reaching the distribution layer block
block where the high end layer 3 switches with
where the high end layer 3 switches with high availability
high availability are located
are located the data flow finally reaches the server
the data flow finally reaches the server farm block consisting of modern database
farm block consisting of modern database servers such as email
servers such as email applications databases
applications databases in this example the traffic distribution
in this example the traffic distribution reflects the 2080 rule meaning 20
reflects the 2080 rule meaning 20 percent of the network traffic stays
percent of the network traffic stays local while 80 of the traffic is moving
local while 80 of the traffic is moving across the distribution layer
across the distribution layer and backbone of the network
and backbone of the network this is the reason you want your
this is the reason you want your distribution and core layer links
distribution and core layer links to be highly available and fast in order
to be highly available and fast in order to move data across the enterprise
to move data across the enterprise quickly
quickly the diagrams presented here represent a
the diagrams presented here represent a single building
single building but in large campus enterprise you would
but in large campus enterprise you would have multiple buildings connected by the
have multiple buildings connected by the network backbone module
network backbone module the network backbone is connected to the
the network backbone is connected to the edge distribution sub-module in order to
edge distribution sub-module in order to provide external access from the network
next let's discuss analyzing multicast traffic
traffic with the incredible advances of
with the incredible advances of collaboration tools using the world wide
collaboration tools using the world wide web and the internet it is very likely
web and the internet it is very likely that the organization will have to
that the organization will have to support multicast traffic
support multicast traffic the process of multicasting opposed to
the process of multicasting opposed to the process of broadcasting
the process of broadcasting or unicasting
or unicasting has the advantage of saving bandwidth
has the advantage of saving bandwidth because it sends a single stream of data
because it sends a single stream of data to multiple nodes
to multiple nodes the multicasting concept is used by
the multicasting concept is used by every modern corporation around the
every modern corporation around the world to deliver data to groups via the
world to deliver data to groups via the following methods
following methods corporate meetings video conferencing
corporate meetings video conferencing e-learning solutions webcasting
e-learning solutions webcasting information
information distributing applications streaming news
distributing applications streaming news feeds and streaming stock quotes
feeds and streaming stock quotes multicast data is sent as a multicast
multicast data is sent as a multicast group and users receive the information
group and users receive the information by joining that group using igmp or
by joining that group using igmp or internet group management protocol
internet group management protocol cisco multicast enabled routers can be
cisco multicast enabled routers can be used
used running multicast routing protocols such
running multicast routing protocols such as pim
as pim protocol independent multicast
protocol independent multicast so that
so that they can forward the incoming multicast
they can forward the incoming multicast stream to a particular switch port
stream to a particular switch port cisco switches effectively implement
cisco switches effectively implement multicasting using two main protocols
multicasting using two main protocols cgmp which is cisco group management
cgmp which is cisco group management protocol and igmp snooping
protocol and igmp snooping cgmp allows switches to communicate with
cgmp allows switches to communicate with multicast enabled routers
multicast enabled routers to figure out whether any users attached
to figure out whether any users attached to the switches are part of any
to the switches are part of any particular multicasting groups and
particular multicasting groups and whether they are qualified to receive
whether they are qualified to receive the special stream of data
the special stream of data igmp snipping allows the switch to
igmp snipping allows the switch to intercept the monthly cash receiver
intercept the monthly cash receiver registration message and based on the
registration message and based on the gathered information it makes changes to
gathered information it makes changes to its forwarding table
its forwarding table igmp snooping works only on layer 3
igmp snooping works only on layer 3 switches because igmp is a layer 3
switches because igmp is a layer 3 protocol
protocol next let's discuss analyzing delay
next let's discuss analyzing delay sensitive traffic
sensitive traffic if using multicasting or web streaming
if using multicasting or web streaming e-commerce e-learning solutions or ip
e-commerce e-learning solutions or ip telephony the traffic involved in this
telephony the traffic involved in this process will be delay sensitive and qos
process will be delay sensitive and qos techniques might be necessary to ensure
techniques might be necessary to ensure that this type of traffic is treated
that this type of traffic is treated with priority
with priority in layer 3 applications such as frame
in layer 3 applications such as frame relay environments
relay environments using eigrp ospf or bgp
using eigrp ospf or bgp as routing protocols with the isp
as routing protocols with the isp it is very common to use qos techniques
it is very common to use qos techniques to shape and control traffic at the
to shape and control traffic at the iplayer
iplayer you can also use qos at layer 2.
you can also use qos at layer 2. when using qos or analyzing or
when using qos or analyzing or controlling delay sensitive traffic at
controlling delay sensitive traffic at layer two there are four categories of
layer two there are four categories of qos techniques as follows
qos techniques as follows tagging and traffic classification
tagging and traffic classification congestion control
congestion control policy and shaping and scheduling
as you can see in this diagram you'll see that tagging and traffic
see that tagging and traffic classification have between having
classification have between having between the end user nodes
between the end user nodes through the excess layer up to the
through the excess layer up to the distribution layer this is where packets
distribution layer this is where packets are classified grouped and partitioned
are classified grouped and partitioned based on different priority levels or
based on different priority levels or classes of service
this incurs this occurs by inspecting the layer two
this occurs by inspecting the layer two packet headers and determining the
packet headers and determining the priority of the traffic based on the
priority of the traffic based on the traffic type
traffic type in this way the traffic can be tagged
in this way the traffic can be tagged and classified
and classified the next three techniques congestion
the next three techniques congestion control policy and traffic shaping and
control policy and traffic shaping and scheduling occur in the distribution
scheduling occur in the distribution layer block and the edge distribution
layer block and the edge distribution layer
layer sub module
sub module primarily on layer 3 switches
primarily on layer 3 switches you want to avoid applying any qos
you want to avoid applying any qos technique at the core layer
technique at the core layer because you want as little overhead as
because you want as little overhead as possible on the backbone
possible on the backbone so that they can successfully achieve
so that they can successfully achieve their goals
their goals which is fast connectivity high
which is fast connectivity high availability and reliability
availability and reliability congestion control involves the
congestion control involves the interfaces of the access layer switches
interfaces of the access layer switches and the cueing mechanisms configured on
and the cueing mechanisms configured on them
them cueing techniques are used in order to
cueing techniques are used in order to deal with the congestion of packets
deal with the congestion of packets coming into and out of the switch ports
coming into and out of the switch ports this method ensures the traffic from
this method ensures the traffic from critical applications
critical applications will be forwarded properly
will be forwarded properly especially when using real-time
especially when using real-time so let's summarize what you've learned
so let's summarize what you've learned in this video you've learned about the
in this video you've learned about the different types of traffic that can
different types of traffic that can traverse a switch to network
traverse a switch to network and how to handle that traffic and some
and how to handle that traffic and some of this information's been at a higher
of this information's been at a higher level
level such as qos
such as qos but that being said this is what cisco
but that being said this is what cisco expects you to know for the ccda exam
expects you to know for the ccda exam with the understanding that things will
with the understanding that things will get quite a bit more granular in the
get quite a bit more granular in the follow-up videos
follow-up videos but also as you work your way up to ccdp
but also as you work your way up to ccdp this is a good foundation for you to
this is a good foundation for you to begin and i wish you the best of luck in
begin and i wish you the best of luck in your studies thank you
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about enterprise campus design
to learn about enterprise campus design specifically we're going to go through
specifically we're going to go through the questions that you need to ask or
the questions that you need to ask or cisco at least expects you to ask when
cisco at least expects you to ask when you are designing
you are designing the access
the access distribution
distribution and core layer
and core layer so we're going to work our way up we'll
so we're going to work our way up we'll begin with the access layer
whenever a network designer is in the process of designing the campus
process of designing the campus infrastructures access layer block
infrastructures access layer block the following important questions must
the following important questions must be answered and you may be tested on
be answered and you may be tested on this in your ccda exam
this in your ccda exam what are the current and future needs
what are the current and future needs for end users or node ports in the
for end users or node ports in the existing wiring closets of that
existing wiring closets of that particular building
particular building what kind of hardware can the company or
what kind of hardware can the company or the client afford
the client afford can afford modular devices
can afford modular devices this will determine the degree of
this will determine the degree of scalability in the access layer an
scalability in the access layer an important factor that will allow the
important factor that will allow the business to grow
business to grow is the existing cabling adequate do you
is the existing cabling adequate do you have cat
have cat 5 or cat 6 utp cabling
5 or cat 6 utp cabling can you afford fiber cabling
can you afford fiber cabling if you are moving into a new building
if you are moving into a new building you might consider installing fiber
you might consider installing fiber optic cabling
optic cabling even at the access layer
even at the access layer what are the performance and bandwidth
what are the performance and bandwidth requirements
requirements what level of high availability is
what level of high availability is needed at the access layer
needed at the access layer generally in the access layer block you
generally in the access layer block you will not need as much redundancy
will not need as much redundancy a certain degree of high availability
a certain degree of high availability might be needed if using modular network
might be needed if using modular network devices
devices what are the requirements to support
what are the requirements to support vlan vtp and stp
vlan vtp and stp in a large enterprise campus design you
in a large enterprise campus design you might not need to use multiple vlans
might not need to use multiple vlans so you can go straight to using layer 3
so you can go straight to using layer 3 technologies in the access layer to
technologies in the access layer to avoid having multiple broadcast domains
avoid having multiple broadcast domains and to decrease the complexity of stp
and to decrease the complexity of stp what are the layer two traffic patterns
what are the layer two traffic patterns for applications
for applications and what multi-casting needs and quality
and what multi-casting needs and quality of service services are necessary
of service services are necessary at layer two
at layer two next we move up to the distribution
next we move up to the distribution layer
layer the distribution layer block combines
the distribution layer block combines and aggregates the access layer block
and aggregates the access layer block components
components and it uses layer 2 and layer 3
and it uses layer 2 and layer 3 switching to break up the work groups or
switching to break up the work groups or vlans
vlans and isolate the different network
and isolate the different network segments as failure domains
segments as failure domains and it also allows for the reduction of
and it also allows for the reduction of broadcast storms
broadcast storms it acts as a transit module between the
it acts as a transit module between the access and core layers
access and core layers here are some important questions that
here are some important questions that must be answered before designing the
must be answered before designing the distribution layer block
distribution layer block should layer 2 or layer 3 switches be
should layer 2 or layer 3 switches be used
used cost is a big issue in this decision
cost is a big issue in this decision the available budget will dictate the
the available budget will dictate the hardware that's going to be used
hardware that's going to be used how many total users will you have to
how many total users will you have to support
support with a high number of users such as
with a high number of users such as greater than 500 layer 3 switching
greater than 500 layer 3 switching will be essential in the distribution
will be essential in the distribution layer
layer one of the high availability needs
one of the high availability needs are the distribution layer switches
are the distribution layer switches modular and scalable
modular and scalable what type of intelligence services will
what type of intelligence services will be used in the distribution layer
be used in the distribution layer you must consider different features
you must consider different features that will be implemented in the
that will be implemented in the distribution layer
distribution layer such as security
such as security quality of service or multicasting
quality of service or multicasting if any of these features are implemented
if any of these features are implemented layer 3 switching is mandatory
layer 3 switching is mandatory is the company prepared to manage and
is the company prepared to manage and configure the distribution layer block
configure the distribution layer block should training or consultancy be added
should training or consultancy be added to the project budget to ensure that
to the project budget to ensure that this particular block will be properly
this particular block will be properly managed
managed will advanced stp features be
will advanced stp features be implemented
implemented you should think about features such as
you should think about features such as rstp backbone fast or uplink fast when
rstp backbone fast or uplink fast when connecting to the backbone layer
connecting to the backbone layer when connecting to the backbone block
when connecting to the backbone block via layer 2.
via layer 2. these kinds of features can be found on
these kinds of features can be found on almost all high-end modern switches
almost all high-end modern switches and can help optimize and speed up the
and can help optimize and speed up the stp process
stp process if a complete layer 3 switching model is
if a complete layer 3 switching model is used you do not have to think about stp
used you do not have to think about stp or additional features
finally the campus backbone block or core layer
the campus backbone block or core layer the campus backbone design occurs very
the campus backbone design occurs very early in the overall infrastructure
early in the overall infrastructure design process
design process as such what follows are a few important
as such what follows are a few important questions you should ask yourself and
questions you should ask yourself and your customers when it is time to design
your customers when it is time to design the
the campus backbone block
campus backbone block do you have three or more separate
do you have three or more separate locations that is buildings in the
locations that is buildings in the campus
campus that are connected through an enterprise
that are connected through an enterprise campus infrastructure
campus infrastructure if you only have two buildings you might
if you only have two buildings you might not need a separate backbone block
not need a separate backbone block a possible solution in this scenario
a possible solution in this scenario would be to use high high-speed fiber
would be to use high high-speed fiber connections
connections between the two buildings distribution
between the two buildings distribution layers
layers based on the present infrastructure will
based on the present infrastructure will the solution to the campus backbone be a
the solution to the campus backbone be a layer 2
layer 2 layer 2 and 3 or just the layer 3
layer 2 and 3 or just the layer 3 switching solution
switching solution in the case of a large enterprise campus
in the case of a large enterprise campus do you have the budget for a full
do you have the budget for a full multi-layer backbone solution throughout
multi-layer backbone solution throughout is the organization ready for a high
is the organization ready for a high performance multi-layer switching
performance multi-layer switching environment
environment things to consider here are training
things to consider here are training personnel
personnel budget
budget applications
applications support services and intelligence
support services and intelligence services
services does the customer want to simplify and
does the customer want to simplify and lower the number of links between the
lower the number of links between the distribution layer switches
distribution layer switches and the server farm block edge
and the server farm block edge distribution submodule
distribution submodule if so you could make changes to or
if so you could make changes to or augment the present network
augment the present network infrastructure
infrastructure and redesign the campus backbone
and redesign the campus backbone what are the performance needs the
what are the performance needs the bandwidth needs for all the applications
bandwidth needs for all the applications and services should be analyzed
and services should be analyzed how many high capacity links or ports
how many high capacity links or ports are necessary for the campus backbone
are necessary for the campus backbone block
block and what are the high availability
and what are the high availability redundancy redundancy demands
redundancy redundancy demands multiple aspects should be taken into
multiple aspects should be taken into consideration
consideration such as redundant connections modules
such as redundant connections modules and hardware
and hardware platforms obviously in this video
platforms obviously in this video there's been a lot of questions asked
there's been a lot of questions asked but all of them are very important
but all of them are very important questions to ask we do not design in
questions to ask we do not design in ivory towers we must communicate with
ivory towers we must communicate with the customer and understand the needs
the customer and understand the needs all the questions you've learned today
all the questions you've learned today are not only questions you need to know
are not only questions you need to know to perform your job well they could be
to perform your job well they could be questions that you would be expected to
questions that you would be expected to select if cisco were to ask you on the
select if cisco were to ask you on the ccda exam how would you prepare to
ccda exam how would you prepare to design the enterprise campus network
design the enterprise campus network good luck in your studies
hi this is david voss cci11372 and in this video we are going to cover
and in this video we are going to cover data setter design considerations
data setter design considerations we are going to walk you through each of
we are going to walk you through each of the components of the data center
the components of the data center so that we can talk about
so that we can talk about the individual questions and the
the individual questions and the individual considerations that need to
individual considerations that need to be taken into account when planning out
be taken into account when planning out a data center all this is fair game for
a data center all this is fair game for the ccda exam so let's go ahead and dig
the ccda exam so let's go ahead and dig in
in the data center concept has greatly
the data center concept has greatly evolved over the last few years passing
evolved over the last few years passing through many phases because of evolving
through many phases because of evolving technology
technology at the time of their appearance data
at the time of their appearance data centers were centralized
centers were centralized and they used mainframes to manage the
and they used mainframes to manage the data
data mainframes were then managed using
mainframes were then managed using terminals which are still used in modern
terminals which are still used in modern data centers because of their resiliency
data centers because of their resiliency although they are definitely considered
although they are definitely considered legacy components of data centers now
legacy components of data centers now the third generation data centers are
the third generation data centers are focused on modern technologies such as
focused on modern technologies such as virtualization
virtualization which further reduce costs
which further reduce costs these factors make this approach more
these factors make this approach more efficient than the distributed data
efficient than the distributed data center model
center model virtualization results in higher
virtualization results in higher utilization of computing and network
utilization of computing and network resources by sharing and allocating them
resources by sharing and allocating them on a temporary basis
on a temporary basis the top layer of the data center
the top layer of the data center topology includes virtual machines that
topology includes virtual machines that are hardware abstracted into software
are hardware abstracted into software entities
entities running a guest operating system on top
running a guest operating system on top of a hypervisor
of a hypervisor below this layer are the unified
below this layer are the unified computing resources
computing resources which contain the service profiles that
which contain the service profiles that map to the identity of the server
map to the identity of the server the identity of the server contains
the identity of the server contains details such as the following
details such as the following memory
memory cpu
cpu network interfaces storage information
network interfaces storage information and boot image
and boot image the next layer which is consolidated
the next layer which is consolidated connectivity
connectivity contains technology such as 10 gigabit
contains technology such as 10 gigabit ethernet
ethernet fiber channel over ethernet and fiber
fiber channel over ethernet and fiber channel
channel and all of these are supported on the
and all of these are supported on the cisco nexus series
cisco nexus series next let's talk about server
next let's talk about server considerations
considerations some very important aspects to consider
some very important aspects to consider when deploying servers in a data center
when deploying servers in a data center include the following
include the following the required power
the required power the rack space needed
the rack space needed server security
server security virtualization support and server
virtualization support and server management
management the increasing number of servers used
the increasing number of servers used necessitates more power and this has led
necessitates more power and this has led to the need for energy efficiency in the
to the need for energy efficiency in the data center
data center rack servers usually consume a great
rack servers usually consume a great deal of energy even though they are low
deal of energy even though they are low cost and provide high performance
cost and provide high performance an alternative to standalone servers are
an alternative to standalone servers are blade servers
blade servers they provide similar computing power but
they provide similar computing power but require less space power and cabling
server virtualization is supported on both standalone and blade servers and
both standalone and blade servers and provides scalability and better
provides scalability and better utilization of hardware resources
utilization of hardware resources next let's talk about data center
next let's talk about data center facility spacing considerations
facility spacing considerations facility spacing and other
facility spacing and other considerations help to size the overall
considerations help to size the overall data center and decide where to position
data center and decide where to position the equipment in order in order to
the equipment in order in order to provide scalability
provide scalability the available space defines the number
the available space defines the number of racks that can be installed for
of racks that can be installed for servers and network equipment
servers and network equipment an important factor to consider is the
an important factor to consider is the floor loading parameters
floor loading parameters estimating the correct size of the data
estimating the correct size of the data center has great influence on costs
center has great influence on costs longevity
longevity and flexibility
and flexibility several factors must be considered
several factors must be considered including the following
including the following the number of servers
the number of servers the amount of storage equipment the
the amount of storage equipment the amount of network equipment
amount of network equipment the number of employees served by the
the number of employees served by the data center infrastructure
data center infrastructure space needed for non-infrastructure
space needed for non-infrastructure areas such as storage rooms office space
areas such as storage rooms office space and other areas the weight of the
and other areas the weight of the equipment
equipment loading
loading heat dissipation
heat dissipation and power consumption and power type
and power consumption and power type physical security is another important
physical security is another important consideration because data centers
consideration because data centers contain equipment that hosts sensitive
contain equipment that hosts sensitive company data
company data which must be secured from outsiders
which must be secured from outsiders access to the data center must be well
access to the data center must be well controlled
controlled next let's talk about data center power
next let's talk about data center power considerations
considerations the power in the data center facility is
the power in the data center facility is used to power server storage network
used to power server storage network equipment cooling devices sensors and
equipment cooling devices sensors and other additional systems
other additional systems estimating necessary power capacity
estimating necessary power capacity involves collecting the requirements for
involves collecting the requirements for all the current and future equipment
all the current and future equipment such as the following servers storage
such as the following servers storage network devices ups generators hvac
network devices ups generators hvac and lighting
and lighting next let's discuss data center cooling
next let's discuss data center cooling considerations
considerations based on the type of equipment used
based on the type of equipment used careful heating and cooling calculations
careful heating and cooling calculations must be provided
must be provided blade server deployments allow for more
blade server deployments allow for more efficient use of space
efficient use of space but increased the amount of heat per
but increased the amount of heat per server
server some cooling solutions to address
some cooling solutions to address increased heat production include the
increased heat production include the following
following increase the space between the racks
increase the space between the racks increase the number of hvac units
increase the number of hvac units increase the airflow between devices
next let's talk about data center cabling considerations
cabling considerations a passive infrastructure for the data
a passive infrastructure for the data center is essential for optimal system
center is essential for optimal system performance
performance the physical network cabling between
the physical network cabling between devices determines how these devices
devices determines how these devices communicate with one another and with
communicate with one another and with external systems the cabling
external systems the cabling infrastructure type chosen impacts the
infrastructure type chosen impacts the physical connectors
physical connectors and the media type of the connectors
and the media type of the connectors this must be compatible with the
this must be compatible with the equipment interfaces
equipment interfaces two options are widely used today copper
two options are widely used today copper and fiber optic cabling
and fiber optic cabling the advantages of fiber optics are that
the advantages of fiber optics are that they are less susceptible to external
they are less susceptible to external interfaces and they operate over greater
interfaces and they operate over greater distances than copper cables do
distances than copper cables do cabling must remain well organized in
cabling must remain well organized in order to maintain the passive
order to maintain the passive infrastructure easily
infrastructure easily cabling infrastructure usability and
cabling infrastructure usability and simplicity is influenced by the
simplicity is influenced by the following
following the number of connections
the number of connections media selection and type of cabling
media selection and type of cabling termination organizers
as with any enterprise network the enterprise data center architecture
enterprise data center architecture follows the multi-layer approach and can
follows the multi-layer approach and can be structured in the core
be structured in the core aggregation and access layers
aggregation and access layers i won't repeat all the information for
i won't repeat all the information for the data center core as you will find
the data center core as you will find much of that information in the other
much of that information in the other videos
videos and the same is true for the
and the same is true for the distribution layer or what the in the
distribution layer or what the in the data center what is considered the
data center what is considered the aggregation layer
aggregation layer where we want to focus in this video is
where we want to focus in this video is the data center access layer
the data center access layer the main purpose of the data center's
the main purpose of the data center's access layer is to provide layer 2 and
access layer is to provide layer 2 and layer 3 physical port access
layer 3 physical port access to different kinds of servers remember
to different kinds of servers remember we're talking about a data center here
we're talking about a data center here so we're not talking about pcs or phones
so we're not talking about pcs or phones per se but the actual servers that
per se but the actual servers that support them
support them this layer consists of high performance
this layer consists of high performance and low latency switches
and low latency switches most data centers are built using layer
most data centers are built using layer 2 connectivity although
2 connectivity although layer 3 is also available from a design
layer 3 is also available from a design standpoint
standpoint positive possible physical loops that
positive possible physical loops that might be presented at layer two are
might be presented at layer two are managed by a spanning tree
managed by a spanning tree so here's what you've learned you've
so here's what you've learned you've learned about the important subtopics
learned about the important subtopics within data center design
within data center design it's not just about passing packets
it's not just about passing packets anymore it's literally about providing
anymore it's literally about providing the proper environment in space and
the proper environment in space and power
power to support all of your network
to support all of your network infrastructure
infrastructure so in this video you've learned some key
so in this video you've learned some key categories or key topics within data
categories or key topics within data center planning that you definitely will
center planning that you definitely will be asked about in your ccda exam and you
be asked about in your ccda exam and you definitely will use should you plan out
definitely will use should you plan out a data center for yourself
a data center for yourself good luck in your studies
hi this is david voss cciu11372 and in this video you're going to learn
and in this video you're going to learn about data center components
about data center components specifically you're going to learn about
specifically you're going to learn about all the components you see here
all the components you see here that you can find in a data center much
that you can find in a data center much of this may look new to you especially
of this may look new to you especially if you do not work in the data center
if you do not work in the data center but you're expected to know all of it
but you're expected to know all of it for your ccda exam especially the new
for your ccda exam especially the new version of it which seems to have more
version of it which seems to have more of a focus on data center technologies
of a focus on data center technologies so we're going to go ahead and cover
so we're going to go ahead and cover fibre channel over ethernet data center
fibre channel over ethernet data center bridging
bridging unified ports
unified ports intercloud fabric
intercloud fabric fabric path
fabric path overlay transport virtualization
overlay transport virtualization fabric management and extended sand
fabric management and extended sand so let's go ahead and begin
first let's begin with fiber channel over ethernet
over ethernet a classic data center design features a
a classic data center design features a dedicated ethernet lan and a separate
dedicated ethernet lan and a separate dedicated fiber channel san
dedicated fiber channel san with fibre channel over ethernet it is
with fibre channel over ethernet it is possible to run a single converged
possible to run a single converged network
network as a standards-based protocol that
as a standards-based protocol that allows fiber channel frames to be
allows fiber channel frames to be carried over ethernet links
carried over ethernet links fiber channel over ethernet
fiber channel over ethernet obviates the need to run separate lan
obviates the need to run separate lan and san networks
and san networks fiber channel over ethernet allows an
fiber channel over ethernet allows an evolutionary approach to i o
evolutionary approach to i o consolidation
consolidation by preserving all fiber channel
by preserving all fiber channel constructs maintaining the latency
constructs maintaining the latency security and traffic management
security and traffic management attributes of fiber channel
attributes of fiber channel while preserving investments in
while preserving investments in fibrochannel tools training in sands
fibrochannel tools training in sands based on lossless reliable ethernet
based on lossless reliable ethernet fibre channel over ethernet networks
fibre channel over ethernet networks combine lan and multiple storage
combine lan and multiple storage protocols on a converged network
protocols on a converged network next let's talk about data center
next let's talk about data center bridging
bridging ieee 802.1 data center bridging is a
ieee 802.1 data center bridging is a collection of standards-based extensions
collection of standards-based extensions to classical ethernet
to classical ethernet it provides a lossless data center
it provides a lossless data center transport layer that helps enable the
transport layer that helps enable the convergence of lands and sands onto a
convergence of lands and sands onto a single unified fabric
single unified fabric in addition to supporting fibril channel
in addition to supporting fibril channel over ethernet
over ethernet data center bridging can enhance the
data center bridging can enhance the operation of iscsi network attached
operation of iscsi network attached storage
storage and other business critical storage
and other business critical storage traffic
next let's discuss unified ports as a part of the network foundation of
as a part of the network foundation of unified fabric the cisco nexus switches
unified fabric the cisco nexus switches specifically the nexus 5548 up switch
specifically the nexus 5548 up switch delivers innovative architectural
delivers innovative architectural flexibility infrastructure simplicity
flexibility infrastructure simplicity and business agility
and business agility with support for networking standards
with support for networking standards for traditional virtualized unified and
for traditional virtualized unified and high performance computing environments
high performance computing environments it offers a long list of it and business
it offers a long list of it and business advantages
advantages this includes architectural flexibility
this includes architectural flexibility such as unified ports which support
such as unified ports which support traditional ethernet fiber channel and
traditional ethernet fiber channel and fiber channel over ethernet has a common
fiber channel over ethernet has a common high density high performance data
high density high performance data center class fixed form factor platform
center class fixed form factor platform and can consolidate lan and storage
and can consolidate lan and storage business agility it meets the diverse
business agility it meets the diverse data center deployments on one platform
data center deployments on one platform next let's talk about intercloud fabric
next let's talk about intercloud fabric you can build a highly secure hybrid
you can build a highly secure hybrid clouds and extend your existing data
clouds and extend your existing data center to public clouds as needed on
center to public clouds as needed on demand with consistent network and
demand with consistent network and security policies
security policies with cisco intercloud fabric you can do
with cisco intercloud fabric you can do all this
all this cloud providers can now provide a
cloud providers can now provide a complete hybrid cloud solution
complete hybrid cloud solution cloud providers can differentiate their
cloud providers can differentiate their offerings as a premium service
offerings as a premium service and provide a robust set of cloud
and provide a robust set of cloud deployment options
next let's talk about cisco fabric path cisco fabric path is a cisco nexus
cisco fabric path is a cisco nexus operating system
operating system software innovation combining the
software innovation combining the plug-and-play simplicity of ethernet
plug-and-play simplicity of ethernet with the reliability and scalability of
with the reliability and scalability of layer 3 routing
layer 3 routing using fabric path you can build highly
using fabric path you can build highly scalable
scalable layer 2 multi-path networks without
layer 2 multi-path networks without using the spanning tree protocol
using the spanning tree protocol such networks are particularly suitable
such networks are particularly suitable for large virtualization deployments
for large virtualization deployments private clouds in high performance
private clouds in high performance computing environments
computing environments when deployed across multiple cisco
when deployed across multiple cisco nexus chassis
nexus chassis the fabric path creates a flat data
the fabric path creates a flat data center switching fabric with high
center switching fabric with high switching capacity
switching capacity high cross sectional bandwidth and low
high cross sectional bandwidth and low predictable latency
overlay transport virtualization otv or overlay transport virtualization
otv or overlay transport virtualization on the nexus 7000
on the nexus 7000 is an industry first technology that
is an industry first technology that significantly simplifies
significantly simplifies extending layer 2 applications across
extending layer 2 applications across distributed data centers
distributed data centers you can now deploy data center
you can now deploy data center interconnect between sites without
interconnect between sites without changing or reconfiguring your existing
changing or reconfiguring your existing network design
network design with otv you can deploy virtual
with otv you can deploy virtual computing resources
computing resources and clusters across geographically
and clusters across geographically distributed data centers
distributed data centers delivering transparent workload mobility
delivering transparent workload mobility business resiliency
business resiliency and superior computing resource
and superior computing resource effectiveness
next fabric management and operations cisco dynamic fabric automation or dfa
cisco dynamic fabric automation or dfa boosts network flexibility and
boosts network flexibility and efficiency
efficiency dfa innovations simplify fabric
dfa innovations simplify fabric management
management optimize fabric infrastructure and
optimize fabric infrastructure and automate provisioning across physical
automate provisioning across physical and virtual environments
and virtual environments you gain unsurpassed operational
you gain unsurpassed operational simplicities through superior
simplicities through superior integration
integration dfa offers customers a number of
dfa offers customers a number of significant advantages
significant advantages optimized fabric infrastructure for
optimized fabric infrastructure for enhanced efficiency and scale
enhanced efficiency and scale optimized spine leaf topologies provide
optimized spine leaf topologies provide enhanced forwarding in a distributed
enhanced forwarding in a distributed control plane
control plane and integrated physical and virtual
and integrated physical and virtual environments
environments the topologies help enable
the topologies help enable any network anywhere supporting
any network anywhere supporting transparent mobility for physical
transparent mobility for physical servers and virtual machines plus
servers and virtual machines plus network extensibility
network extensibility you benefit from extensible resiliency
you benefit from extensible resiliency with smaller failure domains and
with smaller failure domains and multi-tenant scale
multi-tenant scale simplified fabric management with open
simplified fabric management with open apis for ease of operations
apis for ease of operations the cisco prime data center network
the cisco prime data center network manager
manager offers centralized fabric management
offers centralized fabric management across both physical
across both physical and virtual machines
and virtual machines automated provisioning for greater
automated provisioning for greater agility
agility having complete mobility access across
having complete mobility access across the fabric dfa uses network automation
the fabric dfa uses network automation and provisioning to simplify physical
and provisioning to simplify physical server and virtual machine deployments
server and virtual machine deployments network admin defined profile templates
network admin defined profile templates are used for both physical and the
are used for both physical and the virtual machine
when a server administrator provisions virtual machine and physical servers
virtual machine and physical servers instances of network policies are
instances of network policies are automatically created and applied to the
automatically created and applied to the network leaf switch as virtual machines
network leaf switch as virtual machines move across the fabric the network
move across the fabric the network policy is automatically applied to the
policy is automatically applied to the leaf switch
extended sand extended sand service to any device
extended sand service to any device storage network managers have long been
storage network managers have long been challenges
extended sand service to any device storage network managers
storage network managers have long been challenged to deliver
have long been challenged to deliver services such as encryption
services such as encryption data migration compression and
data migration compression and acceleration
acceleration the best way to optimize data center
the best way to optimize data center resources
resources is to deploy
is to deploy high performance storage networking
high performance storage networking services using the cisco mds 9000
services using the cisco mds 9000 products as the platform
products as the platform the benefits of mds 9000 services
the benefits of mds 9000 services oriented sands are services are
oriented sands are services are integrated into the sand fabric without
integrated into the sand fabric without wasted ports
wasted ports the benefits of mds 9000 services
the benefits of mds 9000 services oriented sands are services are
oriented sands are services are integrated into the sand fabric without
integrated into the sand fabric without wasted ports re-cabling
wasted ports re-cabling sand reconfigurations or deployment
sand reconfigurations or deployment disruption
disruption deployment times are dramatically
deployment times are dramatically reduced because performance is added by
reduced because performance is added by adding service engines
adding service engines automatic load balancing and traffic
automatic load balancing and traffic redirect failure help ensure high
redirect failure help ensure high availability
availability and consolidating important tasks into
and consolidating important tasks into the fabric supports transparent
the fabric supports transparent extension
extension of any sand service to any device
of any sand service to any device intelligent fabric applications
intelligent fabric applications optimize your data center resources by
optimize your data center resources by providing integrated
providing integrated high performance applications to cisco
high performance applications to cisco storage networks
storage networks support disaster recovery security
support disaster recovery security data mobility and other heterogeneous
data mobility and other heterogeneous storage requirements without adding
storage requirements without adding appliances
appliances or using host or array resources cisco
or using host or array resources cisco mds 9000 family service at nodes provide
mds 9000 family service at nodes provide network hosted services to cisco storage
network hosted services to cisco storage networks
networks such as stand extension
such as stand extension io acceleration
io acceleration xrc acceleration
xrc acceleration storage media encryption or data
storage media encryption or data mobility manager
mobility manager network-assisted applications are
network-assisted applications are enabled through the open intelligence
enabled through the open intelligence services api
services api cisco makes this development platform
cisco makes this development platform available to original storage
available to original storage manufacturers
manufacturers and independent software vendors who
and independent software vendors who want to develop storage applications on
want to develop storage applications on the cisco storage network's platform
the cisco storage network's platform storage network administrators get
storage network administrators get flexibility to extend any service to any
flexibility to extend any service to any device in the storage network
device in the storage network i o intensive data path processing tasks
i o intensive data path processing tasks at wire speed
at wire speed transparent to host and array
transparent to host and array applications
applications and much more
and much more so here's what you've learned you've
so here's what you've learned you've learned about key components of the data
learned about key components of the data center all this you'll need to know for
center all this you'll need to know for your ccda exam
your ccda exam we covered fiber channel over ethernet
we covered fiber channel over ethernet data center bridging unified ports
data center bridging unified ports intercloud fabric fabric path
intercloud fabric fabric path overlay transport virtualization
overlay transport virtualization fabric management and extended sand you
fabric management and extended sand you can expect questions on any of these
can expect questions on any of these technologies in your ccda exam and i'm
technologies in your ccda exam and i'm confident because you've watched this
confident because you've watched this video
video that if you know it well you will be
that if you know it well you will be prepared to answer any question they may
prepared to answer any question they may pose to you good luck in your studies
hi this is david voss cci11372 and in this video you're going
cci11372 and in this video you're going to learn about cisco virtualization
to learn about cisco virtualization in this video you're going to learn
in this video you're going to learn about the advantages of virtualization
about the advantages of virtualization it's drivers
it's drivers the types of virtualization
the types of virtualization and finally the platforms that support
and finally the platforms that support virtualization
virtualization so let's begin
so let's begin the official definition of computer
the official definition of computer virtualization is the pooling and
virtualization is the pooling and abstraction of resources and services
abstraction of resources and services in a way that masks the physical nature
in a way that masks the physical nature and boundaries of those resources and
and boundaries of those resources and services
services a good example is a vlan because it
a good example is a vlan because it masks the physical nature of resources
masks the physical nature of resources the concept of virtualization dates all
the concept of virtualization dates all the way back to the 1970s with ibm
the way back to the 1970s with ibm mainframes
mainframes these mainframes were separated into
these mainframes were separated into virtual machines so that different tasks
virtual machines so that different tasks could run separately
could run separately and to prevent a process failure that
and to prevent a process failure that could affect the entire system
could affect the entire system one of the issues that i t departments
one of the issues that i t departments face today is called server sprawl
face today is called server sprawl this concept implies that each
this concept implies that each application is installed on its own
application is installed on its own server
server and every time another server is added
and every time another server is added issues such as power
issues such as power space and cooling must be
space and cooling must be addressed these are just a few of the
addressed these are just a few of the many issues and none of them are cost
many issues and none of them are cost effective
effective however these challenges can be
however these challenges can be mitigated with server virtualization
mitigated with server virtualization that allows the partitioning of a
that allows the partitioning of a physical server to work with multiple
physical server to work with multiple operating systems and application
operating systems and application instances
instances the most important advantages are
the most important advantages are improved failover capabilities
improved failover capabilities better utilization of resources and a
better utilization of resources and a smaller footprint
smaller footprint virtualization is a concept that applies
virtualization is a concept that applies to many areas in modern i.t
to many areas in modern i.t infrastructures
infrastructures and it's not limited to servers
it can include networks storage
storage applications and desktop
applications and desktop network virtualization refers to one
network virtualization refers to one physical network
physical network supporting a wide array of logical
supporting a wide array of logical topologies
topologies this allows actions such as outsourcing
this allows actions such as outsourcing by the i t department
by the i t department where a logical topology can be created
where a logical topology can be created that can be accessed by external ite
that can be accessed by external ite professionals
professionals network virtualization with cisco
network virtualization with cisco products
products is typically classified into four areas
is typically classified into four areas control plane virtualization
control plane virtualization this is making sure processes like
this is making sure processes like routing are separated
routing are separated and distinct so
and distinct so routing process failure will not affect
routing process failure will not affect the entire device
the entire device data plane virtualization
data plane virtualization this is done
this is done every time different streams of data
every time different streams of data traffic are multiplexed that is
traffic are multiplexed that is different forms of traffic are placed on
different forms of traffic are placed on the same medium
the same medium the simplest example of data plane
the simplest example of data plane virtualization is a trunk link between
virtualization is a trunk link between two devices
two devices management plane virtualization
management plane virtualization this implies the ability to make a
this implies the ability to make a software upgrade on a device without
software upgrade on a device without rebooting that device
or having it loses capabilities to communicate on the network
communicate on the network and then pooling and clustering
and then pooling and clustering this for example is used on the cisco
this for example is used on the cisco catalyst 6500
catalyst 6500 virtual switching system
virtual switching system and it works by creating pools of
and it works by creating pools of devices that act as a single device
another example is the nexus vpc or virtual port channel
virtual port channel which allows either channels to be
which allows either channels to be created that span across multiple
created that span across multiple devices
virtualization has become a critical component in most enterprise networks
component in most enterprise networks because of modern demands in it
because of modern demands in it including increasing efficiency while
including increasing efficiency while reducing capital and operational costs
reducing capital and operational costs virtualization is a critical component
virtualization is a critical component of the cisco enterprise network
of the cisco enterprise network architecture
architecture virtualization can represent a variety
virtualization can represent a variety of technologies including extracting the
of technologies including extracting the logical components from hardware or
logical components from hardware or networks and implementing them into a
networks and implementing them into a virtual environment
some of the drivers behind implementing a virtualized environment are as follows
a virtualized environment are as follows the need to reduce the number of
the need to reduce the number of physical devices that perform individual
physical devices that perform individual tasks the need to reduce operational
tasks the need to reduce operational costs
costs the need to increase productivity
the need to increase productivity the need for flexible connectivity
the need for flexible connectivity and the need to eliminate underutilized
and the need to eliminate underutilized hardware
hardware virtualization can be implemented at
virtualization can be implemented at both the network and the device level
both the network and the device level network virtualization involves the
network virtualization involves the creation of network partitions that run
creation of network partitions that run on physical infrastructure
on physical infrastructure with each logical partition acting as an
with each logical partition acting as an independent network
independent network network virtualization can include vlans
network virtualization can include vlans vsans vpns and vrfs
on the other hand device virtualization allows logical devices to run
allows logical devices to run independently of each other on a single
independently of each other on a single physical machine
physical machine virtual hardware devices are created in
virtual hardware devices are created in software and have the same functionality
software and have the same functionality as real hardware devices
as real hardware devices the possibility of combining multiple
the possibility of combining multiple physical devices into one single logical
physical devices into one single logical unit also exists
unit also exists the cisco enterprise network
the cisco enterprise network architecture contains multiple forms of
architecture contains multiple forms of network and device virtualization such
network and device virtualization such as the following
as the following virtual machines virtual switches
virtual machines virtual switches virtual lans
virtual lans virtual private networks
virtual private networks virtual storage area networks
virtual storage area networks virtual switching systems
virtual switching systems virtual routing and forwarding virtual
virtual routing and forwarding virtual port channels and virtual device
port channels and virtual device contexts
contexts device contacts allow the partitioning
device contacts allow the partitioning of a single partition into multiple
of a single partition into multiple virtual devices called contexts a
virtual devices called contexts a context acts as an independent device
context acts as an independent device with its own set of policies
with its own set of policies the majority of features implemented on
the majority of features implemented on the real device are also functional on
the real device are also functional on the virtual context
the virtual context some of the devices in the cisco
some of the devices in the cisco portfolio that support virtual contexts
portfolio that support virtual contexts include the following
include the following cisco asa
cisco asa cisco ase
cisco ase cisco ips and cisco nexus series
cisco ips and cisco nexus series server virtualization allows the
server virtualization allows the server's resources to be extracted in
server's resources to be extracted in order to offer flexibility and usage
order to offer flexibility and usage optimization in the infrastructure
optimization in the infrastructure the result is that data center
the result is that data center applications are no longer tied to
applications are no longer tied to specific hardware resources
specific hardware resources so the applications are unaware of the
so the applications are unaware of the underlying hardware
underlying hardware server virtualization solutions are
server virtualization solutions are produced by companies such as vmware
produced by companies such as vmware microsoft and citrix
now all this being said there are unique design considerations to network
design considerations to network virtualization
network solutions are needed to solve the challenges of sharing network
the challenges of sharing network resources
resources but keeping users totally separate from
but keeping users totally separate from one another
one another although the users are separate we need
although the users are separate we need to ensure that the network is highly
to ensure that the network is highly available
available secure and can scale along with business
secure and can scale along with business growth
growth network virtualization offers solutions
network virtualization offers solutions to these challenges
to these challenges and provides design considerations
and provides design considerations around access control
around access control path isolation and services edge
path isolation and services edge regarding access control access needs to
regarding access control access needs to be controlled to ensure that users and
be controlled to ensure that users and devices are identified
devices are identified and authorized for entry to their
and authorized for entry to their assigned network segment
assigned network segment security at the access layer is critical
security at the access layer is critical for protecting the network from threats
for protecting the network from threats both internal and external
both internal and external path isolation this involves the
path isolation this involves the creation of independent logical network
creation of independent logical network paths
paths over a shared network infrastructure
over a shared network infrastructure mpls vpn is an example of path isolation
mpls vpn is an example of path isolation technique where devices are mapped to a
technique where devices are mapped to a vrf to access the correct set of network
vrf to access the correct set of network resources
resources other segmentation options include vlans
other segmentation options include vlans and vsans which logically separate lands
and vsans which logically separate lands and sands
and sands the main goal when segmenting the
the main goal when segmenting the network is to improve the scalability
network is to improve the scalability resiliency and security services
resiliency and security services as with non-segmented networks
services edge the services edge refers to making
the services edge refers to making network services available to the
network services available to the intended users
intended users and devices with an enforced centralized
and devices with an enforced centralized managed policy
managed policy separate groups or devices occasionally
separate groups or devices occasionally need to share information that may be on
need to share information that may be on different vlans
different vlans each with corresponding group policies
in such cases the network should have a central way to manage the policy and
central way to manage the policy and control access to the resources
control access to the resources so here's what you've learned you've
so here's what you've learned you've learned about cisco virtualization the
learned about cisco virtualization the different types of virtualization but
different types of virtualization but also the platforms that support this
also the platforms that support this type of virtualization
type of virtualization the fact is this type of software
the fact is this type of software defined networking is radically changing
defined networking is radically changing how
how engineers
engineers are going to design their networks and
are going to design their networks and to understand this is not only important
to understand this is not only important for your ccda exam
for your ccda exam but as you go forward in your career
but as you go forward in your career good luck in your studies
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about network programmability
to learn about network programmability specifically we're going to talk about
specifically we're going to talk about cisco's implementation of scn cisco aci
cisco's implementation of scn cisco aci and we'll discuss its benefits
and we'll discuss its benefits and its attributes
and its attributes all this you should know for your ccda
all this you should know for your ccda exam
exam so let's go ahead and begin
i t departments and lines of business are looking at cloud automation tools
are looking at cloud automation tools and software-defined networking
and software-defined networking architectures
architectures to accelerate application delivery
to accelerate application delivery reduce operating costs and greatly
reduce operating costs and greatly increased business agility
increased business agility cisco application-centric infrastructure
cisco application-centric infrastructure or cisco aci
or cisco aci is a comprehensive sdn architecture
is a comprehensive sdn architecture this policy-based automation solution
this policy-based automation solution supports a business relevant application
supports a business relevant application policy language
policy language greater scalability through a
greater scalability through a distributed enforcement system and
distributed enforcement system and greater network visibility
greater network visibility these benefits are achieved through the
these benefits are achieved through the integration of physical in virtual
integration of physical in virtual environments under one policy model for
environments under one policy model for networks server storage services and
networks server storage services and security
security through cisco aci customers are reducing
through cisco aci customers are reducing application deployment times from weeks
application deployment times from weeks to minutes it also dramatically improves
to minutes it also dramatically improves i.t alignment with business objectives
i.t alignment with business objectives and policy requirements
and policy requirements cisco aci is built on the application
cisco aci is built on the application centric policy
centric policy based on cisco application policy
based on cisco application policy infrastructure controller or what is
infrastructure controller or what is known as apec
known as apec the cisco aci fabric which is based on
the cisco aci fabric which is based on the cisco nexus 9000 series switches
the cisco nexus 9000 series switches and the cisco application virtual switch
and the cisco application virtual switch and the cisco aci partner ecosystem
and the cisco aci partner ecosystem aci provides a network that is deployed
aci provides a network that is deployed monitored and managed in a way that
monitored and managed in a way that benefits different teams in the it
benefits different teams in the it organization including
organization including sdn network cloud and devops and
sdn network cloud and devops and security
security it supports rapid application change by
it supports rapid application change by reducing complexity with a common policy
reducing complexity with a common policy framework that can automate provisioning
framework that can automate provisioning and resource management
you can facilitate rapid systems integration and customization for
integration and customization for network services monitoring
network services monitoring management and orchestration
management and orchestration cisco aci is a comprehensive sdn
cisco aci is a comprehensive sdn solution making the application the
solution making the application the focal point it is delivered in an agile
focal point it is delivered in an agile open and highly secure architecture
open and highly secure architecture and its application based policy model
and its application based policy model offers speed through automation reducing
offers speed through automation reducing errors and accelerating application
errors and accelerating application deployment in it processes from weeks to
deployment in it processes from weeks to minutes
minutes application-based policies decouple
application-based policies decouple high-level application connectivity
high-level application connectivity needs from the complicated details of
needs from the complicated details of network configuration
network configuration this results in automated it processes
this results in automated it processes that simplify operations
that simplify operations aci provides transparent support of
aci provides transparent support of heterogeneous physical and virtual
heterogeneous physical and virtual endpoints such as bare metal servers and
endpoints such as bare metal servers and virtual servers on any hypervisor with
virtual servers on any hypervisor with layer 2 to 7 network services using
layer 2 to 7 network services using consistent policy
consistent policy this provides faster troubleshooting
this provides faster troubleshooting through increased visibility of the
through increased visibility of the entire infrastructure
entire infrastructure cisco aci supports open apis open source
cisco aci supports open apis open source and open standards to optimize customer
and open standards to optimize customer choice and flexibility
choice and flexibility in fact cisco contributes technology
in fact cisco contributes technology specifications to open source and
specifications to open source and standards communities
standards communities the open integration with existing data
the open integration with existing data center management tools and
center management tools and comprehensive open partner ecosystem
comprehensive open partner ecosystem helps to ensure flexibility while
helps to ensure flexibility while decreasing costs and increasing
decreasing costs and increasing innovation
innovation provisioning applications has become
provisioning applications has become easy with programmable infrastructure
easy with programmable infrastructure yet onboarding them is still difficult
yet onboarding them is still difficult cloud architects have to know what
cloud architects have to know what infrastructure design will support
infrastructure design will support frequent application changes to
frequent application changes to performance security availability and
performance security availability and scale
scale devops has to work with both application
devops has to work with both application and admin teams to understand how
and admin teams to understand how numerous application changes
numerous application changes affect the configuration of switches
affect the configuration of switches ports vlans firewalls
ports vlans firewalls security appliances load balancers and
security appliances load balancers and other application delivery functions
other application delivery functions all changes must work within a shared
all changes must work within a shared production and infrastructure
production and infrastructure without affecting existing attendance
without affecting existing attendance and applications
and applications cisco aci introduces a simple
cisco aci introduces a simple application level policy based approach
application level policy based approach application intentions are automatically
application intentions are automatically translated to infrastructure design
translated to infrastructure design without requiring knowledge of devices
without requiring knowledge of devices or the effort to translate to
or the effort to translate to configurations
configurations this helps to enable policy aware
this helps to enable policy aware resource orchestration real-time
resource orchestration real-time governance and open choice in cloud
governance and open choice in cloud software cisco aci and the apic sdn
software cisco aci and the apic sdn controller allow for security policies
controller allow for security policies down to the individual tenant
down to the individual tenant application or workload
application or workload they provide protection that meets the
they provide protection that meets the most stringent business and compliance
most stringent business and compliance requirements
requirements the whitelist model permits the
the whitelist model permits the communication only were explicitly
communication only were explicitly allowed
allowed helping to ensure that policy omissions
helping to ensure that policy omissions do not leave security vulnerabilities
do not leave security vulnerabilities through cisco aci all security device
through cisco aci all security device provisioning
provisioning and configuration can be automated
and configuration can be automated according to the centrally managed
according to the centrally managed application policies and requirements
application policies and requirements this simplifies i.t security tasks and
this simplifies i.t security tasks and accelerates application deployments
cisco nexus 9000 series switches bring new industry-leading performance power
new industry-leading performance power port density and open programming
port density and open programming innovations
innovations the products that support cisco aci are
the products that support cisco aci are the cisco nexus 9000 series
the cisco nexus 9000 series in addition the cisco application
in addition the cisco application virtual switch which provides a
virtual switch which provides a consistent virtual switch infrastructure
consistent virtual switch infrastructure between aci fabrics and the cisco nexus
between aci fabrics and the cisco nexus 1000v virtual switch
1000v virtual switch the cisco application policy
the cisco application policy infrastructure controller which
infrastructure controller which programmatically automates network
programmatically automates network provisioning and control based on
provisioning and control based on application requirements and policies
application requirements and policies and the cisco application centric
and the cisco application centric infrastructure security for data centers
infrastructure security for data centers solves many complexities in customer
solves many complexities in customer environments
environments it treats firewalls as a pool of
it treats firewalls as a pool of resources and intelligently stitches
resources and intelligently stitches them according to application network
them according to application network policies
policies aci security offers full acceleration
aci security offers full acceleration dynamically in hardware and directly
dynamically in hardware and directly integrates into cisco aci
integrates into cisco aci when considering cisco aci it's
when considering cisco aci it's important to define desired business
important to define desired business outcomes and plan each stage of the
outcomes and plan each stage of the journey
journey then you'll want to know how to
then you'll want to know how to accelerate the benefits of aci while
accelerate the benefits of aci while mitigating the risks
mitigating the risks you need to develop an aci adoption
you need to develop an aci adoption strategy based on business and
strategy based on business and technology needs
technology needs you need to provide a migration strategy
you need to provide a migration strategy and operational readiness
and operational readiness you need to deploy proof of concept to
you need to deploy proof of concept to gain experience and reduce the
gain experience and reduce the deployment risk
deployment risk and then design application-centric data
and then design application-centric data centers based on the aci fabric pods and
centers based on the aci fabric pods and policy templates
so here's what you've learned you've learned about cisco's deployment of
learned about cisco's deployment of software-defined networking
software-defined networking which is cisco aci
which is cisco aci this you'll need to know for your ccda
this you'll need to know for your ccda exam
exam but more importantly you will need to
but more importantly you will need to know this if you're going to work in the
know this if you're going to work in the future
future of network engineering
of network engineering good luck in your studies
hi this is david voss cci11372 and in this video
and in this video you're going to learn about network
you're going to learn about network resiliency
resiliency and fault domains in preparation for
and fault domains in preparation for your cisco ccda exam
your cisco ccda exam specifically you're going to learn about
specifically you're going to learn about network device and operational
network device and operational resiliency
resiliency and also the concept of fault domains
and also the concept of fault domains so let's go ahead and begin
there are three major resiliency requirements which encompass most of the
requirements which encompass most of the common types of failure conditions
common types of failure conditions depending on the land design tier the
depending on the land design tier the resiliency option appropriate for the
resiliency option appropriate for the role and network service type must be
role and network service type must be deployed
deployed there is network resiliency which
there is network resiliency which provides redundancy through physical
provides redundancy through physical link failures such as a fiber cut
link failures such as a fiber cut device resiliency which protects the
device resiliency which protects the network during abnormal mode failure
network during abnormal mode failure triggered by hardware or software
triggered by hardware or software and then operational resiliency which
and then operational resiliency which enables resiliency capabilities to the
enables resiliency capabilities to the next level
next level providing complete network availability
providing complete network availability even during planned network outages
even during planned network outages we'll talk about all of these in this
we'll talk about all of these in this video
first we'll talk about network resiliency
resiliency the most common network fault occurrence
the most common network fault occurrence in the lan network is a link failure
in the lan network is a link failure between two systems
between two systems link failures can be caused by issues
link failures can be caused by issues such as a fiber cut miswiring
such as a fiber cut miswiring line card module failure etc
line card module failure etc in the modular platform design the
in the modular platform design the redundant parallel physical links
redundant parallel physical links between distributed models in two
between distributed models in two systems
systems reduces fault probabilities and can
reduces fault probabilities and can increase network availability
increase network availability it is important to remember how multiple
it is important to remember how multiple parallel paths between two systems also
parallel paths between two systems also affect how higher layer protocols
affect how higher layer protocols into adjacencies and loop free
into adjacencies and loop free forwarding topologies
forwarding topologies deploying redundant parallel paths in
deploying redundant parallel paths in the recommended borderless campus design
the recommended borderless campus design by default develops a non-optimal
by default develops a non-optimal topology
topology that keeps the network underutilized and
that keeps the network underutilized and requires protocol-based network recovery
requires protocol-based network recovery in the same network design the routered
in the same network design the routered access module eliminates such
access module eliminates such limitations and enables full load
limitations and enables full load balancing capabilities to increase
balancing capabilities to increase bandwidth capacity and minimize
bandwidth capacity and minimize application impact during a single path
application impact during a single path failure
failure to develop consistent network resiliency
to develop consistent network resiliency service in the centralized main and
service in the centralized main and remote campus sites the following basic
remote campus sites the following basic principles apply
principles apply deploying redundant parallel paths is a
deploying redundant parallel paths is a basic requirement for network resiliency
basic requirement for network resiliency at any tier it is critical to simplify
at any tier it is critical to simplify the control plane and forwarding plane
the control plane and forwarding plane operation by bundling all physical paths
operation by bundling all physical paths into a single logical
into a single logical logical bundled interface such as ether
logical bundled interface such as ether channel
channel implement a defense in-depth approach to
implement a defense in-depth approach to failure detection and recovery
failure detection and recovery an example of this is configuring the
an example of this is configuring the udld protocol that's unidirectional link
udld protocol that's unidirectional link detection
detection which uses a layer to keep alive to test
which uses a layer to keep alive to test that the switch to switch links are
that the switch to switch links are connected and operating correctly and
connected and operating correctly and acts as a backup to the native layer 1
acts as a backup to the native layer 1 unidirectional link detection
unidirectional link detection capabilities provided by 802.3z
capabilities provided by 802.3z and
and 802.3ae standards
802.3ae standards ensure that the network design is
ensure that the network design is self-stabilizing
self-stabilizing hardware or software errors may cause
hardware or software errors may cause ports to flap which creates fault false
ports to flap which creates fault false alarms and destabilizes the network
alarms and destabilizes the network topology
topology implementing route summarization
implementing route summarization advertises a concise topology view of
advertises a concise topology view of the network
the network which prevents core network instability
next let's talk about device resiliency another major component of an overall
another major component of an overall campus high availability framework is
campus high availability framework is providing the device or node level
providing the device or node level protection
protection that can be triggered during any type of
that can be triggered during any type of abnormal internal hardware or software
abnormal internal hardware or software process within the system
process within the system some of the common internal failures are
some of the common internal failures are software triggered crash
software triggered crash power outages line card failures etc
lan network devices can be considered as a single point of failure and are
a single point of failure and are considered to be a major failure
considered to be a major failure conditions because recovery may require
conditions because recovery may require a network administrator to mitigate the
a network administrator to mitigate the failure and recover the system the
failure and recover the system the network recovery time can remain
network recovery time can remain undeterministic
undeterministic causing complete or partial network
causing complete or partial network outage depending on the network design
outage depending on the network design redundant hardware components for device
redundant hardware components for device resiliency vary between fixed
resiliency vary between fixed configuration and modular cisco catalyst
configuration and modular cisco catalyst switches
switches to protect against common network faults
to protect against common network faults or resets all critical borderless campus
or resets all critical borderless campus network devices must be deployed with a
network devices must be deployed with a similar device resiliency
similar device resiliency configuration let's talk about the basic
configuration let's talk about the basic redundant hardware deployment guidelines
redundant hardware deployment guidelines at the access layer and collapse core
at the access layer and collapse core switching platforms in the campus
switching platforms in the campus network
network redundant power system so redundant
redundant power system so redundant power supplies for network systems
power supplies for network systems protect against power outages
protect against power outages power supply failures
power supply failures and so on it is important not only to
and so on it is important not only to protect the internal network system but
protect the internal network system but also the endpoints that rely on power
also the endpoints that rely on power delivery over the ethernet network
delivery over the ethernet network redundant power systems can be deployed
redundant power systems can be deployed in the following two configuration modes
in the following two configuration modes modular switch
modular switch this is where dual power supplies can be
this is where dual power supplies can be deployed in modular switching platforms
deployed in modular switching platforms such as the cisco catalyst 6500 or 4500
such as the cisco catalyst 6500 or 4500 e-series platforms
e-series platforms by default the power supply operates in
by default the power supply operates in a redundant mode
a redundant mode offering one plus one redundant option
offering one plus one redundant option in modular catalyst and nexus switching
in modular catalyst and nexus switching systems the network administrator must
systems the network administrator must perform overall power capacity planning
perform overall power capacity planning to allow for dynamic network growth with
to allow for dynamic network growth with new line card modules
new line card modules the other option is fixed configuration
the other option is fixed configuration switch
switch depending on the switch that you're
depending on the switch that you're running fixed configuration switches
running fixed configuration switches offer a wide range of power redundancy
offer a wide range of power redundancy options
options cisco stack power can be one of them
cisco stack power can be one of them especially in the cisco catalyst
especially in the cisco catalyst 3750x series platform
3750x series platform to prevent network outages on fixed
to prevent network outages on fixed configuration catalyst switches they
configuration catalyst switches they must be deployed with power redundancy
next redundant control plane device or known resiliency in modular
device or known resiliency in modular cisco catalyst 6500e
cisco catalyst 6500e or nexus 7000 4500e in cisco stackwise
or nexus 7000 4500e in cisco stackwise plus platforms provides one plus one
plus platforms provides one plus one redundancy with enterprise class high
redundancy with enterprise class high availability and deterministic network
availability and deterministic network recovery time
recovery time the following subsections provide high
the following subsections provide high availability design details as well as
availability design details as well as graceful network recovery techniques
graceful network recovery techniques that do not impact the control plane and
that do not impact the control plane and provide constant forwarding capabilities
provide constant forwarding capabilities during failure events though
during failure events though to minimize the amount of time the
to minimize the amount of time the network is unavailable to users
network is unavailable to users following a switchover from a primary to
following a switchover from a primary to a secondary device
a secondary device the main goal is to continue forwarding
the main goal is to continue forwarding ip packets after the route processor
ip packets after the route processor switchover
switchover nsf is supported by a wide variety of
nsf is supported by a wide variety of dynamic routing protocols
dynamic routing protocols if a router is running one of these
if a router is running one of these protocols it can detect the internal
protocols it can detect the internal switchover and take the proper steps to
switchover and take the proper steps to continue forwarding network traffic
continue forwarding network traffic using and leveraging the forwarding
using and leveraging the forwarding information base
information base while recovering route information from
while recovering route information from its peer devices
its peer devices cisco nsf with sso is a mechanism of
cisco nsf with sso is a mechanism of supervisor redundancy
supervisor redundancy that is part of the ios software
that is part of the ios software and provides extremely fast supervisor
and provides extremely fast supervisor switchover at layer 2 3 and 4.
switchover at layer 2 3 and 4. sso allows the standby route processor
sso allows the standby route processor to take control of the device once a
to take control of the device once a hardware or software fault occurs on the
hardware or software fault occurs on the active route processor
active route processor sso synchronizes the following
sso synchronizes the following parameters
parameters startup configuration
startup configuration startup variables
startup variables the running configuration
the running configuration layer 2 protocol states for ports and
layer 2 protocol states for ports and trunks
trunks layer 2 and layer 3 tables
layer 2 and layer 3 tables access control lists and qos tables
next let's talk about operational resiliency
resiliency designing the network to recover from
designing the network to recover from failure events is only one aspect of the
failure events is only one aspect of the overall campus non-stop design
overall campus non-stop design converged network environments are
converged network environments are continuing to move forward requiring
continuing to move forward requiring true 7x24 by 365 availability
true 7x24 by 365 availability the borderless campus network is a part
the borderless campus network is a part of the backbone of the enterprise
of the backbone of the enterprise network and must be designed to enable
network and must be designed to enable standard operational processes
standard operational processes configuration changes and software and
configuration changes and software and hardware upgrades without disrupting
hardware upgrades without disrupting network services
network services the ability to make changes and upgrade
the ability to make changes and upgrade software and or replace or upgrade
software and or replace or upgrade hardware becomes challenging without a
hardware becomes challenging without a redundant system in the campus core
redundant system in the campus core upgrading individual devices without
upgrading individual devices without taking them out of service is similarly
taking them out of service is similarly based on having internal component
based on having internal component redundancy
redundancy the cisco in-service software upgrade
the cisco in-service software upgrade issu an enhanced fast software upgrade
issu an enhanced fast software upgrade efsu
efsu leverage nsf sso technology to provide
leverage nsf sso technology to provide continuous network availability while
continuous network availability while upgrading critical systems
upgrading critical systems this helps to greatly reduce the need
this helps to greatly reduce the need for planned service downtime and
for planned service downtime and maintenance
next let's talk about fault domains each network tier can be classified as a
each network tier can be classified as a fault domain
fault domain with the deployment of redundant
with the deployment of redundant components and systems increasing
components and systems increasing redundancy and load sharing capabilities
redundancy and load sharing capabilities however
however this introduces a new set of challenges
this introduces a new set of challenges namely higher costs and increased
namely higher costs and increased complexity in managing a greater number
complexity in managing a greater number of systems
of systems network reliability and availability can
network reliability and availability can be simplified using several cisco high
be simplified using several cisco high availability and virtual system
availability and virtual system technologies such as vss
technologies such as vss which offers complete failure
which offers complete failure transparency to end users
transparency to end users and applications during planned or
and applications during planned or unplanned network outages
unplanned network outages in this sense minor or major network
in this sense minor or major network failures are considered broad terms that
failures are considered broad terms that include several types of network faults
include several types of network faults which must be taken into consideration
which must be taken into consideration in order to implement a rapid recovery
in order to implement a rapid recovery solution
solution cisco high availability technologies can
cisco high availability technologies can be deployed based on whether platforms
be deployed based on whether platforms have critical or non-critical role in
have critical or non-critical role in the network
the network some of the high availability techniques
some of the high availability techniques can be achieved in the campus network
can be achieved in the campus network design
design without making major network changes
without making major network changes however the critical network systems
however the critical network systems that are deployed in the center of the
that are deployed in the center of the network to provide global connectivity
network to provide global connectivity may require additional hardware and
may require additional hardware and software components to offer non-stop
software components to offer non-stop communication
so here's what you've learned you've learned about network
learned about network device in operation resiliency
device in operation resiliency this is a key part of your ccda exam and
this is a key part of your ccda exam and then you also learned about the
then you also learned about the terminology of fault domains
terminology of fault domains and again this is something you could be
and again this is something you could be asked on your exam so now that you've
asked on your exam so now that you've watched this video i'm confident if
watched this video i'm confident if you're asked any questions regarding
you're asked any questions regarding resiliency or fault domains on your ccda
resiliency or fault domains on your ccda exam
exam you'll do very well good luck in your
you'll do very well good luck in your studies
hi this is david voss ccie 11372 and this video you're going to receive
and this video you're going to receive an overview of wan design we're going to
an overview of wan design we're going to cover some of the basics of wide area
cover some of the basics of wide area networking
networking so that you can properly lay a
so that you can properly lay a foundation
foundation for the topics that come up after this
for the topics that come up after this video
video so you can understand
so you can understand what specific wan technologies are out
what specific wan technologies are out there
there and where they fit within the enterprise
and where they fit within the enterprise campus
when technologies operate at the enterprise edge in the modular cisco
enterprise edge in the modular cisco enterprise infrastructure
enterprise infrastructure wands span across large geographical
wands span across large geographical distances
distances in order to provide connectivity for
in order to provide connectivity for various parts of the network
various parts of the network infrastructure
infrastructure unlike the lan environment some lan
unlike the lan environment some lan components are not owned by the specific
components are not owned by the specific enterprise
enterprise instead when equipment or connectivity
instead when equipment or connectivity can be rented or leased from service
can be rented or leased from service providers
providers most service providers are well trained
most service providers are well trained in supporting not only traditional data
in supporting not only traditional data traffic but also voice and video
traffic but also voice and video services
services in addition unlike lands winds typically
in addition unlike lands winds typically have an initial fixed cost
have an initial fixed cost and thereafter periodic recurring fees
and thereafter periodic recurring fees for services
for services which is one reason you never want to
which is one reason you never want to over provision your wide area network
over provision your wide area network because it's money down the drain
because it's money down the drain this cost and fee structure requires
this cost and fee structure requires implementing effective quality of
implementing effective quality of service mechanisms
service mechanisms in order to avoid buying additional land
in order to avoid buying additional land bandwidth when it's not necessary
bandwidth when it's not necessary when technology's design requirements
when technology's design requirements are typically derived from the following
are typically derived from the following application type
application type application availability
application availability application reliability
application reliability the costs associated with a particular
the costs associated with a particular wan technology
wan technology and usage levels for the application
and usage levels for the application all of these will dictate what type of
all of these will dictate what type of wan technology you're going to want to
wan technology you're going to want to use
use the enterprise edge represents a large
the enterprise edge represents a large block or it could be several blocks of
block or it could be several blocks of equipment
equipment this large module is typically split
this large module is typically split into smaller blocks
into smaller blocks each with a specialized functionality
each with a specialized functionality here are the following components you
here are the following components you will find in an enterprise
the wan block for branch offices and remote access connectivity
the e-commerce block which is a part of the organization and obviously serves
the organization and obviously serves the business customer facing business
the business customer facing business applications
applications the internet connectivity block which
the internet connectivity block which offers robust internet access
offers robust internet access with some level of availability and
with some level of availability and redundancy and also you'll find within
redundancy and also you'll find within this block
this block often your dmz services
often your dmz services and then the remote access or vpn block
and then the remote access or vpn block which provides secure connectivity for a
which provides secure connectivity for a large number of employees who work out
large number of employees who work out of a home office
an important topic when considering ccda certification
certification is the common categories within various
is the common categories within various wind technologies
wind technologies an essential concept is circuit switched
an essential concept is circuit switched technology
technology the most relevant example of this is the
the most relevant example of this is the pstn or public switch telephone network
pstn or public switch telephone network one of the technologies that falls under
one of the technologies that falls under this category is isdn
this category is isdn the way circuit switched wan connections
the way circuit switched wan connections function
function is by being established when needed and
is by being established when needed and terminated when they are no longer
terminated when they are no longer required
required another example that reflects the
another example that reflects the circuit switching behaviors is the
circuit switching behaviors is the old-fashioned dial-up connection
old-fashioned dial-up connection you may remember or maybe you don't
you may remember or maybe you don't using a dial-up modem analog access over
using a dial-up modem analog access over the pstn to access the internet
the pstn to access the internet in the late 1990s
in the late 1990s the opposite of circuit switched option
the opposite of circuit switched option is the least line technology
is the least line technology this is a fully dedicated connection
this is a fully dedicated connection that is permanently up and owned by the
that is permanently up and owned by the company
company examples of lease lines include
examples of lease lines include tdm or time division multiplexing based
tdm or time division multiplexing based leased lines
leased lines and these are usually very expensive
and these are usually very expensive because a single customer
because a single customer has full use of the offered connectivity
has full use of the offered connectivity and you're paying for that bandwidth
and you're paying for that bandwidth whether you're using it or not
whether you're using it or not another popular category of wide area
another popular category of wide area networking technology involves packet
networking technology involves packet switched concepts
switched concepts in a packet switch infrastructure
in a packet switch infrastructure shared bandwidth utilizes virtual
shared bandwidth utilizes virtual circuits the customer can create a
circuits the customer can create a virtual path which is similar to a
virtual path which is similar to a leased line
leased line through the service provider's
through the service provider's infrastructure cloud
infrastructure cloud this virtual circuit has a dedicated
this virtual circuit has a dedicated bandwidth even though technically it's
bandwidth even though technically it's not a real leased line
not a real leased line frame relay is an example of this type
frame relay is an example of this type of technology
of technology some legacy wand technologies you may
some legacy wand technologies you may have heard of such as x25 that's the
have heard of such as x25 that's the predecessor of frame relay
predecessor of frame relay an example of cell switch technology is
an example of cell switch technology is asynchronous transfer mode or atm
asynchronous transfer mode or atm this operates by using fixed sized cells
this operates by using fixed sized cells self-switch technologies form a shared
self-switch technologies form a shared bandwidth environment from the service
bandwidth environment from the service provider standpoint that can guarantee
provider standpoint that can guarantee customers some level of bandwidth
customers some level of bandwidth through their infrastructure
through their infrastructure broadband is another hugely growing
broadband is another hugely growing category for wide area networking and
category for wide area networking and this includes technologies such as dsl
this includes technologies such as dsl cable and wireless
cable and wireless broadband involves making a connection
broadband involves making a connection such as an old-fashioned coax cable that
such as an old-fashioned coax cable that carries tv signals and figuring out how
carries tv signals and figuring out how to use the different aspects of that
to use the different aspects of that bandwidth
bandwidth for example by using multiplexing an
for example by using multiplexing an additional data signal could be
additional data signal could be transmitted along with the original tv
transmitted along with the original tv signals
signals and obviously wireless continues to
and obviously wireless continues to expand at a rapid pace
as detailed so far there are many options when discussing when categories
options when discussing when categories all of these technologies can support
all of these technologies can support the needs of modern networks that
the needs of modern networks that operate under the 80 20 rule that is
operate under the 80 20 rule that is 80 of the network traffic
80 of the network traffic uses some kind of wan technology to
uses some kind of wan technology to access remote resources
access remote resources next let's talk about wand topologies
next let's talk about wand topologies there are three you should know of
there are three you should know of first let's talk about full mesh
first let's talk about full mesh topologies
topologies which for obvious reasons require a
which for obvious reasons require a large number of nodes and added extra
large number of nodes and added extra overhead
overhead referring back to the formula n times n
referring back to the formula n times n minus 1 divided by 2
minus 1 divided by 2 where n denotes the nodes
this obviously can get very expensive very fast
very fast that being said the full mesh topology
that being said the full mesh topology is the best option when considering
is the best option when considering availability and reliability failover
availability and reliability failover will occur on the other links and
will occur on the other links and devices assuming you have your routing
devices assuming you have your routing protocols
protocols programmed correctly
programmed correctly the downside of full mesh topology
the downside of full mesh topology obviously is the extra overhead
obviously is the extra overhead associated with building and maintaining
associated with building and maintaining all of the connections
all of the connections and the high costs required to install
and the high costs required to install all of the links
all of the links a more popular design is the hub and
a more popular design is the hub and spoke topology the hub router is usually
spoke topology the hub router is usually located at the headquarters location
located at the headquarters location and connects to branch office routers in
and connects to branch office routers in a hub and spoke fashion
a hub and spoke fashion the hub spoke topology is not the best
the hub spoke topology is not the best topology as far as redundancy and
topology as far as redundancy and availability are concerned
availability are concerned as the hub device is the most common
as the hub device is the most common point of failure
point of failure so obviously in the hub area you're
so obviously in the hub area you're going to want to have redundant systems
going to want to have redundant systems with redundant power supplies redundant
with redundant power supplies redundant route processors etc etc
route processors etc etc hub and spoke topologies are obviously
hub and spoke topologies are obviously less complex and less expensive than
less complex and less expensive than full mesh topologies so the added
full mesh topologies so the added investment in the hub site is well worth
investment in the hub site is well worth it
it next there's partial mesh this involves
next there's partial mesh this involves a combination of full mesh and hub and
a combination of full mesh and hub and spoke
spoke the partial mesh topology falls in the
the partial mesh topology falls in the middle of full mesh and hub and spoke
middle of full mesh and hub and spoke topologies in terms of availability and
topologies in terms of availability and costs
costs this topology is useful when a high
this topology is useful when a high level of availability and redundancy is
level of availability and redundancy is required only in some areas
so it's a good time to begin discussing network architecture types
network architecture types the first network architecture type is
the first network architecture type is point to point
point to point now this is rather self-explanatory as
now this is rather self-explanatory as you can see we have two network devices
you can see we have two network devices connected by a single network link
connected by a single network link the typical point-to-point connection is
the typical point-to-point connection is a serial link
a serial link the next architecture type is broadcast
the next architecture type is broadcast network
network a broadcast is sent from one of the
a broadcast is sent from one of the routers and then propagated to all other
routers and then propagated to all other routers on that segment
routers on that segment ethernet networks like the one you see
ethernet networks like the one you see below are common examples of a broadcast
below are common examples of a broadcast network
the next architecture type is nbma or non-broadcast
non-broadcast multi-access
multi-access as the name implies it does not support
as the name implies it does not support broadcasts therefore when an interface
broadcasts therefore when an interface on a router needs to send out data to
on a router needs to send out data to all other routers it must send
all other routers it must send individual messages to each router
individual messages to each router nbma
nbma also doesn't support multicast so here's
also doesn't support multicast so here's what you've learned you've learned about
what you've learned you've learned about the basics of when topologies and wide
the basics of when topologies and wide area network types all these things will
area network types all these things will help you
help you in laying this foundation you need as
in laying this foundation you need as you begin to learn about how to design
you begin to learn about how to design for wide area networks
for wide area networks laying a foundation for the terminology
laying a foundation for the terminology that you'll need to understand such as
that you'll need to understand such as hub and spoke
hub and spoke full mesh
full mesh but also as you begin to design wide
but also as you begin to design wide area networks or you're asked questions
area networks or you're asked questions about wide area networks in the ccda
about wide area networks in the ccda exam
exam this information is going to be in any
this information is going to be in any question you would receive
question you would receive because they're going to assume you
because they're going to assume you understand the topics that are covered
understand the topics that are covered in this video very well
in this video very well good luck in your studies
hi this is david voss cci11372 and in this video you're going
cci11372 and in this video you're going to learn about dial-up technology
to learn about dial-up technology we're going to do an overview of isdn
we're going to do an overview of isdn technology and then dig into some of the
technology and then dig into some of the details
details such as isdn bri and pri
such as isdn bri and pri so let's begin
so let's begin although dial-up technologies are not
although dial-up technologies are not very common in today's modern network
very common in today's modern network it is a topic you can expect to see on
it is a topic you can expect to see on the ccda certification
the ccda certification dial-up falls under the category of
dial-up falls under the category of circuit switching
circuit switching and it uses the public switch telephone
and it uses the public switch telephone network or pstn
network or pstn a connection is established when a user
a connection is established when a user wants to use the dial-up option
wants to use the dial-up option and the connection ends when the user is
and the connection ends when the user is done using the link
done using the link considering dial-up connections use an
considering dial-up connections use an analog signal users need to use a modem
analog signal users need to use a modem in order to take the digital signal from
in order to take the digital signal from the computer and then convert it into
the computer and then convert it into analog communication on the pstn and
analog communication on the pstn and vice versa
vice versa dial-up access offers very limited
dial-up access offers very limited bandwidth capabilities
bandwidth capabilities but its advantage is that it's available
but its advantage is that it's available just about everywhere
just about everywhere because obviously pstns span across
because obviously pstns span across almost every geographical location
almost every geographical location the technologies used over the pstn
the technologies used over the pstn should not utilize much bandwidth
should not utilize much bandwidth modern networks may use dial-up
modern networks may use dial-up technology as a backup connection that
technology as a backup connection that can be activated in an emergency when no
can be activated in an emergency when no other wan connection type is available
other wan connection type is available and this is one of the most popular uses
and this is one of the most popular uses of isdn or was in the past especially
of isdn or was in the past especially was as a backup connection should the
was as a backup connection should the wan connection fail
wan connection fail now isdn is a technology that allows
now isdn is a technology that allows digital communication over a traditional
digital communication over a traditional analog phone line so that both voice and
analog phone line so that both voice and data can be transmitted digitally over
data can be transmitted digitally over the pstn
the pstn isdn never reached the level of
isdn never reached the level of popularity it was expected to because it
popularity it was expected to because it emerged when alternate technologies were
emerged when alternate technologies were also being developed
also being developed the two flavors of isdn include isdn bri
the two flavors of isdn include isdn bri basic rate interface
basic rate interface and isdn pri primary rate interface
and isdn pri primary rate interface isdn bri connectivity contains two b
isdn bri connectivity contains two b bearer channels for carrying data in 1d
bearer channels for carrying data in 1d delta channel for signaling
delta channel for signaling and is abbreviated as 2b plus d
and is abbreviated as 2b plus d each of these bare channels in the isdn
each of these bare channels in the isdn operates at a speed of 64 kilobits per
operates at a speed of 64 kilobits per second
second multi-link ppp can be configured on top
multi-link ppp can be configured on top of these interfaces to allow the user to
of these interfaces to allow the user to reach a bandwidth total of 128 kilobits
reach a bandwidth total of 128 kilobits per second
per second this bandwidth is considered very low
this bandwidth is considered very low obviously
obviously according to modern network requirements
according to modern network requirements the delta channel in isd mbri is a
the delta channel in isd mbri is a dedicated 16 kilobit per second traffic
dedicated 16 kilobit per second traffic control
control there are also 48 kilobits per seconds
there are also 48 kilobits per seconds overall for framing control and other
overall for framing control and other overhead in the isdn environment
overhead in the isdn environment therefore the total isdn bandwidth for
therefore the total isdn bandwidth for pri
pri is 192 kilobits per second
is 192 kilobits per second 128 kilobits per second from the b
128 kilobits per second from the b channels plus 16 for the d channel plus
channels plus 16 for the d channel plus 48 of overhead
48 of overhead isdn pri has 23 b channels and 1d
isdn pri has 23 b channels and 1d channel
channel in the united states and japan
in the united states and japan the bare channels and the delta channels
the bare channels and the delta channels all support 64 kilobits per second
all support 64 kilobits per second including overhead
including overhead the total pri bandwidth is 1.544
the total pri bandwidth is 1.544 megabits per second
megabits per second in other parts of the world like europe
in other parts of the world like europe and australia the pr connection
and australia the pr connection is 30b channels and 1d channel and
is 30b channels and 1d channel and therefore you have more bandwidth as
therefore you have more bandwidth as well
well the isdn technologies we've been
the isdn technologies we've been describing are called tdm or time
describing are called tdm or time division multiplexing technologies
division multiplexing technologies tdm refers to being able to combine
tdm refers to being able to combine multiple channels
multiple channels over a single overall transmission
over a single overall transmission medium
medium and using these different channels for
and using these different channels for voice video and data
voice video and data time division refers to
time division refers to splitting the connection into small
splitting the connection into small windows of time for various
windows of time for various communication channels
communication channels isdn speaking devices are called
isdn speaking devices are called terminal emulation equipment and they
terminal emulation equipment and they can be categorized as either native isdn
can be categorized as either native isdn or non-native isdn equipment
or non-native isdn equipment native isdn equipment is comprised of
native isdn equipment is comprised of devices that were built to be isdn ready
devices that were built to be isdn ready and they are called te1 devices terminal
and they are called te1 devices terminal equipment one
equipment one non-native isdn equipment is comprised
non-native isdn equipment is comprised of te2 devices non-native isdn equipment
of te2 devices non-native isdn equipment can be integrated with native isdn
can be integrated with native isdn equipment by using a special ta or
equipment by using a special ta or terminal adapter
terminal adapter which only te2 devices require
which only te2 devices require the isdn service provider uses
the isdn service provider uses termination devices called
termination devices called nt1s or network termination 1 and nt2
nt1s or network termination 1 and nt2 network termination 2.
network termination 2. these are translation devices for media
these are translation devices for media transforming five wire connections
transforming five wire connections into two wire connections
into two wire connections the local loop is the two-wire
the local loop is the two-wire connection it's a two-wire link
connection it's a two-wire link for users in north america the customer
for users in north america the customer is responsible for the nt-1 device
is responsible for the nt-1 device while in other parts of the world this
while in other parts of the world this falls under the service provider's
falls under the service provider's responsibility
responsibility because of this issue some cisco routers
because of this issue some cisco routers provide built-in nt1 functionality that
provide built-in nt1 functionality that features a visible u under the port so
features a visible u under the port so the user can see this capability quickly
the user can see this capability quickly the u notation is found in the isdn
the u notation is found in the isdn reference point terminology these
reference point terminology these reference points are important for
reference points are important for troubleshooting or maintaining issues in
troubleshooting or maintaining issues in an isdn network
an isdn network the isdn switch is usually located at
the isdn switch is usually located at the service provider's location
the service provider's location the different isdn reference points are
the different isdn reference points are as follows
as follows the u reference point is between the
the u reference point is between the isdn switch
isdn switch and the nt1 device
and the nt1 device the t reference point is between the nt2
the t reference point is between the nt2 device and the nt1 device
device and the nt1 device the s reference point is between the
the s reference point is between the terminals te1 or
terminals te1 or the ta
the ta and the nt2 device
and the nt2 device the r reference point is between
the r reference point is between non-isdn native devices and tas
so here's what you've learned you've learned a basic overview of isdn
learned a basic overview of isdn you've gotten also granular enough
you've gotten also granular enough with learning about isdm bri
with learning about isdm bri and then pri and the different types of
and then pri and the different types of isdn equipment that you should be able
isdn equipment that you should be able to answer correctly any isdn related
to answer correctly any isdn related question on the ccda exam
question on the ccda exam i wish you the best of luck in your
i wish you the best of luck in your studies thank you
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about frame relay
to learn about frame relay in previous videos you learned about
in previous videos you learned about non-broadcast multi-access technologies
non-broadcast multi-access technologies well
well frame relay is a nbma technology and it
frame relay is a nbma technology and it requires
requires dealing with address resolution issues
dealing with address resolution issues except for situations in which
except for situations in which point-to-point interfaces are used
point-to-point interfaces are used the local layer 2 addresses in frame
the local layer 2 addresses in frame relay are called data link connection
relay are called data link connection identifiers or dulces
identifiers or dulces and they are only locally significant
and they are only locally significant so for example in a hub and spoke
so for example in a hub and spoke environment
environment the hub device should have a unique
the hub device should have a unique delcy to communicate to each of its
delcy to communicate to each of its spokes
spokes as you can see here
as you can see here the delcy number at the end of each link
the delcy number at the end of each link may or may not be identical
may or may not be identical the delci is the frame relay address so
the delci is the frame relay address so this needs to be resolved to a layer 3
this needs to be resolved to a layer 3 ip address
ip address another fundamental frame relay
another fundamental frame relay component is the lmi or local management
component is the lmi or local management interface
interface the service provider operates a dce
the service provider operates a dce frame relay device and this is usually a
frame relay device and this is usually a switch
switch and the customer provides a dte frame
and the customer provides a dte frame relay device and this is usually a
relay device and this is usually a router
router the lmi is a language that permits these
the lmi is a language that permits these two devices to communicate
two devices to communicate one of its duties is to report the
one of its duties is to report the status information of the virtual
status information of the virtual circuit that makes up the frame relay
circuit that makes up the frame relay communication
communication the lmi also provides the delci
the lmi also provides the delci information
information the lmi is enabled automatically when
the lmi is enabled automatically when frame relay is initiated
frame relay is initiated and when it's enabled on a cisco device
and when it's enabled on a cisco device interface
interface so when you inspect the frame relay pvc
so when you inspect the frame relay pvc or permanent virtual circuit on a cisco
or permanent virtual circuit on a cisco device you will see a status code
device you will see a status code defined by the lmi
defined by the lmi that there will be one of the following
that there will be one of the following active
active which is what you would hope for that
which is what you would hope for that everything is working correctly
everything is working correctly inactive which means there's no problems
inactive which means there's no problems on the local node but there are possible
on the local node but there are possible issues on the remote node and then
issues on the remote node and then deleted which means there is an issue on
deleted which means there is an issue on the service provider network
the service provider network the three types of lmi are cisco
the three types of lmi are cisco ansi
ansi and q933a
cisco routers are configured to try all of these lmi types automatically
of these lmi types automatically starting with the cisco lmi type
starting with the cisco lmi type and then uses the one that matches
and then uses the one that matches whatever the service provider is using
whatever the service provider is using so in this aspect should not be that
so in this aspect should not be that much of a concern in a design phase for
much of a concern in a design phase for frame relay
frame relay one of the most popular aspects that
one of the most popular aspects that must be considered in the divine pha
must be considered in the divine pha design phase is the address resolution
design phase is the address resolution methodology
methodology if you are using
if you are using multi-point interfaces in your design
multi-point interfaces in your design you need to find a way to provide the
you need to find a way to provide the layer 3 to layer 2 resolution
layer 3 to layer 2 resolution there are two options that can help you
there are two options that can help you achieve this
achieve this and you can do it dynamically
and you can do it dynamically as you can see here using inverse arp
as you can see here using inverse arp one router stating my ip address is 199
one router stating my ip address is 199 17 28 200
17 28 200 and then asking for the ip address of
and then asking for the ip address of router b
router b who then answers back
who then answers back or statically
or statically using the frame relay map command
using the frame relay map command and you can see the specific programming
and you can see the specific programming for that right here
for that right here in order to verify that layer 3 to layer
in order to verify that layer 3 to layer 2 resolution has succeeded use the show
2 resolution has succeeded use the show frame relay map command
frame relay map command on a multi-point interface inverse arp
on a multi-point interface inverse arp happens automatically
happens automatically this functionality is enabled right
this functionality is enabled right after adding an ip address on an
after adding an ip address on an interface configured for frame relay
interface configured for frame relay at that moment requests are sent out all
at that moment requests are sent out all the circuits assigned to that specific
the circuits assigned to that specific interface for any supporting protocol
interface for any supporting protocol the interface is running
the interface is running the request process can be disabled with
the request process can be disabled with the no frame relay inverse arp command
the no frame relay inverse arp command but you can never design a network that
but you can never design a network that will stop responding to requests
will stop responding to requests by design inverse arp replies cannot be
by design inverse arp replies cannot be disabled so the frame relay speaker will
disabled so the frame relay speaker will always attempt to assist anybody
always attempt to assist anybody who attempts to perform a layer 3
who attempts to perform a layer 3 to layer 2 resolution
to layer 2 resolution via frame relay inverse arp
via frame relay inverse arp the inverse art behavior in framework
the inverse art behavior in framework design assists automatically with
design assists automatically with broadcasts
broadcasts through the replicated unicast approach
through the replicated unicast approach discussed
discussed earlier
earlier therefore when using inverse our
therefore when using inverse our broadcast support exists by default
broadcast support exists by default when connecting two routers to the frame
when connecting two routers to the frame relay cloud using physical interfaces
relay cloud using physical interfaces the specific interfaces are multi-point
the specific interfaces are multi-point from a frame relay perspective
from a frame relay perspective because a physical frame relay interface
because a physical frame relay interface by default is multi-point
by default is multi-point therefore even though the connection
therefore even though the connection between the two routers appears as a
between the two routers appears as a point-to-point
point-to-point it is a formulate multi-point connection
it is a formulate multi-point connection because they are using multiple
because they are using multiple interfaces by default the two devices
interfaces by default the two devices will handle the layer three to layer two
will handle the layer three to layer two resolution dynamically
resolution dynamically using inverse arp
using inverse arp if you would like to design a solution
if you would like to design a solution that does not use infosharp then you can
that does not use infosharp then you can turn off the dynamic mapping behavior on
turn off the dynamic mapping behavior on each device
each device and then configure static frame relay
and then configure static frame relay mappings
mappings you can do so by entering in formulae
you can do so by entering in formulae map the protocol address to the dell c
map the protocol address to the dell c the protocol is usually the ip
the protocol is usually the ip address is the remote address
address is the remote address and the dell c represents the local id
and the dell c represents the local id the broadcast keyword can be added
the broadcast keyword can be added optionally in order to activate the
optionally in order to activate the replicated unicast behavior to support
replicated unicast behavior to support broadcast functionality
broadcast functionality static mapping must be configured in
static mapping must be configured in order to override or turn off the
order to override or turn off the the default dynamic inverse arp behavior
the default dynamic inverse arp behavior this helps the administrator maintain
this helps the administrator maintain full control over the layer 3 to layer 2
full control over the layer 3 to layer 2 resolution process in frame relay
resolution process in frame relay a huge error that can appear on cisco
a huge error that can appear on cisco equipment is that physical interfaces
equipment is that physical interfaces have come up an inverse arp starts to
have come up an inverse arp starts to operate
operate you can find that there are dynamic
you can find that there are dynamic mappings to
mappings to 0.0.0.0 these mappings occur
0.0.0.0 these mappings occur because of a clash of two features and
because of a clash of two features and that is inverse arp in cisco auto
that is inverse arp in cisco auto install
install to discard these mappings you issue a
to discard these mappings you issue a clear framerate in arp command
clear framerate in arp command and then the device should be restarted
and then the device should be restarted this mapping can create a failure in the
this mapping can create a failure in the communication path from framelay
communication path from framelay environment
environment point-to-point configurations are the
point-to-point configurations are the ideal choice when it comes to layer 3 to
ideal choice when it comes to layer 3 to layer 2 resolution
layer 2 resolution because the process and multi-point
because the process and multi-point configurations does not occur when such
configurations does not occur when such interface on such interface types
when configuring point-to-point frame relay use point-to-point sub-interfaces
relay use point-to-point sub-interfaces which will not get the delsi assignments
which will not get the delsi assignments from the lmi as in the multi-point
from the lmi as in the multi-point situation
situation the dlc must be assigned manually to the
the dlc must be assigned manually to the sub-interfaces with the frame relay
sub-interfaces with the frame relay interface delsi command
there is no concern about the layer 3 to layer 2 resolution because each router
layer 2 resolution because each router has only one remote device to which it
has only one remote device to which it sends data and it does this by using the
sends data and it does this by using the sub interface
sub interface associated with the delsi
associated with the delsi another option would be creating sub
another option would be creating sub interfaces and declaring them as
interfaces and declaring them as multi-point
multi-point these types of interfaces behave exactly
these types of interfaces behave exactly like the physical multiple interfaces
like the physical multiple interfaces but you need to decide on the resolution
but you need to decide on the resolution method to be used
method to be used inverse arp or static mappings
inverse arp or static mappings a combination of these can be used for
a combination of these can be used for example by implementing inverse arp on
example by implementing inverse arp on one end of the connection
one end of the connection and then defining static maps on the
and then defining static maps on the other end
other end the interface type settings and the
the interface type settings and the selected layer 3 to layer 2 resolution
selected layer 3 to layer 2 resolution method
method is only locally significant so this
is only locally significant so this means there can be all kinds of
means there can be all kinds of variations in your frame relay design
with frame relay environments for quality of service packets can be marked
quality of service packets can be marked with the d e bit and this informs a
with the d e bit and this informs a service provider that those specific
service provider that those specific packets are not that important and can
packets are not that important and can be discarded if there is congestion
be discarded if there is congestion this behavior will prioritize packets
this behavior will prioritize packets that do not have the de bit set
that do not have the de bit set other parameters that can be configured
other parameters that can be configured in the frame relay environment are
in the frame relay environment are feckin and beckons so
feckin and beckons so feckins are forward explicit congestion
feckins are forward explicit congestion notifications beckons are backward
notifications beckons are backward explicit congestion notifications
explicit congestion notifications the frame relay equipment if configured
the frame relay equipment if configured to do so can notify deficit devices of
to do so can notify deficit devices of congestion
congestion and slow down the sending rates as
and slow down the sending rates as illustrated here
illustrated here in summary if you have a chain of frame
in summary if you have a chain of frame relay nodes that supports feckins and
relay nodes that supports feckins and beckons
beckons the first device can forward a feckin
the first device can forward a feckin that informs about existing congestion
that informs about existing congestion and about the need for transmitting at a
and about the need for transmitting at a slower rate
slower rate the feckin marking is then moved
the feckin marking is then moved backward but this can cause problems
backward but this can cause problems when there is no return traffic sent
when there is no return traffic sent backwards
backwards to make sure everybody knows about the
to make sure everybody knows about the congestion use beckons with empty frames
congestion use beckons with empty frames that carry the beckon bit backward
that carry the beckon bit backward this notifies the return path about the
this notifies the return path about the congestion
congestion devices respond to seconds and beckons
devices respond to seconds and beckons by slowing down in terms of transmission
by slowing down in terms of transmission rates in order to
rates in order to to avoid further congestion
to avoid further congestion so here's what you've learned you've
so here's what you've learned you've learned about the basics of frame relay
learned about the basics of frame relay d e beckon and feckin and then the
d e beckon and feckin and then the different types of interfaces and also
different types of interfaces and also the design considerations you need to
the design considerations you need to think about when you're designing frame
think about when you're designing frame relay
relay it's a very important topic although
it's a very important topic although frame relay certainly is not as as
frame relay certainly is not as as popular as it once was it is still
popular as it once was it is still something you need to understand for
something you need to understand for your ccda exam
your ccda exam good luck in your studies
hi this is david voss ccie 1137 and in this video you're going to learn about
this video you're going to learn about mpls
mpls mpls
mpls leverages the intelligence of the ip
leverages the intelligence of the ip routing infrastructure and the
routing infrastructure and the efficiency of cisco express forwarding
efficiency of cisco express forwarding mpls functions by appending a level to
mpls functions by appending a level to any type of packet
any type of packet the packet will then be forwarded
the packet will then be forwarded through the network infrastructure based
through the network infrastructure based on this label's value
on this label's value instead of any layer 3 information
instead of any layer 3 information the ability to label a packet for
the ability to label a packet for efficient forwarding allows mpls to work
efficient forwarding allows mpls to work with a wide range of underlying
with a wide range of underlying technologies
technologies by simply adding a label to the packet
by simply adding a label to the packet header
header mpls can be used in many physical in
mpls can be used in many physical in data link
data link layer when implementation
layer when implementation the mpls label is positioned between the
the mpls label is positioned between the layer 2 header
layer 2 header and the layer 3 header
and the layer 3 header in mpls overhead is added a single time
in mpls overhead is added a single time when the packet goes into the service
when the packet goes into the service provider cloud
provider cloud after entering the mpls network packet
after entering the mpls network packet switching is performed much faster than
switching is performed much faster than in traditional layer 3 networks
in traditional layer 3 networks because it only needs to swap the mpls
because it only needs to swap the mpls label instead of stripping the entire
label instead of stripping the entire layer 3 header
layer 3 header mpls capable routers are also called
mpls capable routers are also called lsrs or label switch routers
lsrs or label switch routers and they will come in the following two
and they will come in the following two flavors edge lsr which is the pe router
flavors edge lsr which is the pe router or lsr the p router
or lsr the p router pe routers are provider edge devices
pe routers are provider edge devices that ensure label distribution the
that ensure label distribution the forward packets based on labels and are
forward packets based on labels and are responsible for label insertion and
responsible for label insertion and removal p routers are provider routers
removal p routers are provider routers and they are responsible for label
and they are responsible for label forwarding and efficient packet
forwarding and efficient packet forwarding based on labels
forwarding based on labels mpls separates the control plane from
mpls separates the control plane from the data plane
the data plane this leads to a great efficiency in how
this leads to a great efficiency in how the lsr routers work
the lsr routers work resources that are constructed for
resources that are constructed for efficient control plane operations
efficient control plane operations include the routing protocol
include the routing protocol the routing table
the routing table the exchange of labels
the exchange of labels and these are completely separated from
and these are completely separated from resources that are designed only to
resources that are designed only to forward traffic in the data plane as
forward traffic in the data plane as quickly as possible
contains a fib or forwarding information base that is a copy of the routing table
base that is a copy of the routing table information
information in the cache memory
in the cache memory and is used for quick forwarding
and is used for quick forwarding mpls contains a label forwarding
mpls contains a label forwarding information base lfib
information base lfib which is for label based traffic
which is for label based traffic exchange
exchange the term forwarding equivalence class
the term forwarding equivalence class describes a class of packets
describes a class of packets that receives the same forwarding
that receives the same forwarding treatment that is traffic forwarded
treatment that is traffic forwarded based on a specific quality of service
based on a specific quality of service marking through the service provider
marking through the service provider cloud
cloud the mpls label has a length of four
the mpls label has a length of four bytes and it is consists of the
bytes and it is consists of the following fields
following fields a 20-bit label value field
a 20-bit label value field 3-bit experimental field such as qos
3-bit experimental field such as qos marking
marking one-bit bottom of the stack field which
one-bit bottom of the stack field which can be used when multiple labels are
can be used when multiple labels are used it's set to 1 for the last label in
used it's set to 1 for the last label in the stack
the stack and then the 8-bit ttl field this helps
and then the 8-bit ttl field this helps you to avoid loops
you to avoid loops you might need to use a stack of labels
you might need to use a stack of labels when dealing with mpls
when dealing with mpls and pls vpn is the most important
and pls vpn is the most important technology that uses mpls
technology that uses mpls which was developed to serve the mpls
which was developed to serve the mpls vpn technology
vpn technology an example of an mpls vpn application
an example of an mpls vpn application would be an isp that offers mpls vpn
would be an isp that offers mpls vpn services
services the pe routers connect to different
the pe routers connect to different customers
customers with the same customer having multiple
with the same customer having multiple sites
sites each connected to a different pe router
each connected to a different pe router with the mpls approach two sites with
with the mpls approach two sites with the same customer receive transparent
the same customer receive transparent secure communication capabilities
secure communication capabilities based on the unique customer labels
based on the unique customer labels assigned
assigned the isp uses mpls to carry the traffic
the isp uses mpls to carry the traffic between the pe routers
between the pe routers through the p devices
through the p devices an important advantage of mpos vpn
an important advantage of mpos vpn technology is that its secure
technology is that its secure connectivity
connectivity is assured without the customer having
is assured without the customer having to run mpls on any device
to run mpls on any device the customer only needs to run a
the customer only needs to run a standard routing protocol with the isp
standard routing protocol with the isp because all the mpls vpn logic is
because all the mpls vpn logic is located in the isp cloud
located in the isp cloud when using mpls vpns a stack of labels
when using mpls vpns a stack of labels is used to identify the customer this is
is used to identify the customer this is the vpn identification
the vpn identification and another label is used to initiate
and another label is used to initiate the forwarding through the isp cloud
the forwarding through the isp cloud layer 3 mpls vpn technology is very
layer 3 mpls vpn technology is very powerful
powerful and a flexible option that allows
and a flexible option that allows service providers to give customers the
service providers to give customers the transparent when access connect
transparent when access connect connectivity they need
connectivity they need this is very scalable for the isp
this is very scalable for the isp because it is very easy for them to add
because it is very easy for them to add customers and sites
customers and sites mpls comes in the following two flavors
mpls comes in the following two flavors frame mode mpls and cell mode mpls
frame mode mpls is the most popular mpls type
type and in this scenario the label is placed
and in this scenario the label is placed between the layer 2 header
between the layer 2 header and the layer 3 header
and the layer 3 header this is why mpls is often considered a
this is why mpls is often considered a layer 2.5 technology
layer 2.5 technology cell mode mpls is used in atm networks
cell mode mpls is used in atm networks and uses fields in the atm header that
and uses fields in the atm header that are used as the label
are used as the label one important issue that must be solved
one important issue that must be solved with mpls is determining the devices
with mpls is determining the devices that will ensure the insertion
that will ensure the insertion and removal of labels
and removal of labels the creation of labels
the creation of labels is performed on the ingress edge lsr and
is performed on the ingress edge lsr and label removing
label removing is performed on the egress edge lsr
is performed on the egress edge lsr the lsrs in the interior of the mpls
the lsrs in the interior of the mpls topology are only responsible for label
topology are only responsible for label swapping
swapping in order to forward the traffic on a
in order to forward the traffic on a specific path
specific path the mpls devices need a way in which to
the mpls devices need a way in which to exchange the labels that will be
exchange the labels that will be utilized for making forwarding decisions
utilized for making forwarding decisions this label exchange process is executed
this label exchange process is executed using a protocol
using a protocol the most popular of these protocols is
the most popular of these protocols is ldp or label distribution protocol ldp
ldp or label distribution protocol ldp is a session based udp technology
is a session based udp technology that allows for the exchange of labels
that allows for the exchange of labels udp and multicast are used initially to
udp and multicast are used initially to set up the peering and then tcp ensures
set up the peering and then tcp ensures there is a reliable transmission on the
there is a reliable transmission on the label information
label information a technology that improves mpls
a technology that improves mpls efficiency is penultimate hot popping
efficiency is penultimate hot popping this allows for the second to last lsr
this allows for the second to last lsr in the mpls path
in the mpls path to be the one that pops out the label
to be the one that pops out the label this adds efficiency to the overall
this adds efficiency to the overall operation of mpls
operation of mpls the rd or route distinguisher is a way
the rd or route distinguisher is a way in which the isp can distinguish between
in which the isp can distinguish between the traffic of different customers
the traffic of different customers this allows different customers who are
this allows different customers who are participating in the mpls vpn to use the
participating in the mpls vpn to use the exact same ip address space
exact same ip address space for example you can have both customer a
for example you can have both customer a and customer b
and customer b using the 10.10.100.0
24 range with the traffic being differentiated between customer rds
differentiated between customer rds devices can create their own virtual
devices can create their own virtual routing tables called vpn routing and
routing tables called vpn routing and forwarding or vrfs
forwarding or vrfs so a pe router can store each customer's
so a pe router can store each customer's specific data in a separate and isolated
specific data in a separate and isolated table
table providing increased security
providing increased security prefixes are carried through the mpls
prefixes are carried through the mpls cloud by relying on m
cloud by relying on m p
p bgp
bgp or multi-protocol bgp
or multi-protocol bgp this carries the vpn version 4 prefixes
this carries the vpn version 4 prefixes the prefix that results after the rd is
the prefix that results after the rd is prepended to the normal prefix
prepended to the normal prefix you can filter customers access to each
you can filter customers access to each other's prefixes with import and export
other's prefixes with import and export targets
targets so in this video you've learned the
so in this video you've learned the basics about mpls
basics about mpls and how to design it
and how to design it these are the basics you'll need to know
these are the basics you'll need to know for your ccda exam and i'm confident if
for your ccda exam and i'm confident if you've mastered the topics in this mpls
you've mastered the topics in this mpls video you will do well on the mpls
video you will do well on the mpls questions in your ccda exam good luck in
questions in your ccda exam good luck in your studies
hi this is david voss cciu11372 and in this video we are covering land
and in this video we are covering land design considerations
design considerations we're going to talk about at a granular
we're going to talk about at a granular level things you need to consider when
level things you need to consider when designing a wide area network
designing a wide area network also we'll do a refresh of a few items
also we'll do a refresh of a few items that you'll need to remember in order to
that you'll need to remember in order to best understand the material that's
best understand the material that's presented in this video
it's important to know this information not only to be a strong engineer but
not only to be a strong engineer but obviously to pass the ccda exam
obviously to pass the ccda exam so let's begin
so let's begin now for your ccda exam
now for your ccda exam you must be aware that the enterprise
you must be aware that the enterprise edge design process
edge design process must follow the ppd io
must follow the ppd io process which is prepare plan design
process which is prepare plan design implement operate and optimize
implement operate and optimize the designer should carefully analyze
the designer should carefully analyze the following network requirements using
the following network requirements using this methodology
this methodology the types of applications and their when
the types of applications and their when requirements
requirements traffic volume
traffic volume and traffic patterns including possible
and traffic patterns including possible points of congestion
points of congestion let's do a quick refresh of the
let's do a quick refresh of the ppd-io
ppd-io methodology
methodology cisco has formalized a network's life
cisco has formalized a network's life cycle into six phases
cycle into six phases plan
plan design
design implement
implement operate and optimize
operate and optimize and these phases are collectively known
and these phases are collectively known as ppdio
as ppdio let's discuss the ppdio phases in detail
let's discuss the ppdio phases in detail first the prepare phase
first the prepare phase this phase establishes organization and
this phase establishes organization and business requirements
business requirements develops a network strategy and proposes
develops a network strategy and proposes a high level conceptual architecture to
a high level conceptual architecture to support that strategy
support that strategy technologies that support the
technologies that support the architecture are identified in this
architecture are identified in this phase
phase as well as a business case to establish
as well as a business case to establish the financial justification for the
the financial justification for the strategy
strategy the plan phase identifies the network
the plan phase identifies the network requirements based on goals facilities
requirements based on goals facilities and user needs
and user needs this phase characterizes sites and
this phase characterizes sites and assesses the network
assesses the network performs a gap analysis against best
performs a gap analysis against best practice architectures
practice architectures and looks at the operational environment
and looks at the operational environment in the design phase the network design
in the design phase the network design is developed based on the technical and
is developed based on the technical and business requirements
business requirements obtained from the previous phases
obtained from the previous phases a good design will provide high
a good design will provide high availability reliability security
availability reliability security scalability and performance
scalability and performance in the implement phase new equipment is
in the implement phase new equipment is installed and configured according to
installed and configured according to the design specifications
the design specifications in this phase any planned network
in this phase any planned network changes should be communicated in change
changes should be communicated in change control meetings and with the necessary
control meetings and with the necessary approvals to proceed
approvals to proceed the operate phase maintains the
the operate phase maintains the network's day-to-day operational health
network's day-to-day operational health operations include managing
operations include managing and monitoring network components
and monitoring network components and performing the appropriate
and performing the appropriate maintenances
maintenances and then finally the optimize phase
and then finally the optimize phase which involves proactive network
which involves proactive network management
management by identifying and resolving issues
by identifying and resolving issues before they affect the network
now there is a design methodology for the first three phases of the ppdio
the first three phases of the ppdio methodology
methodology and there are three steps to it
and there are three steps to it in step one
in step one decision makers identify the
decision makers identify the requirements and a conceptual
requirements and a conceptual architecture is proposed
architecture is proposed in step two the network is assessed
in step two the network is assessed the network is assessed on function
the network is assessed on function performance and quality
performance and quality and then in step three
and then in step three the network topology is designed
the network topology is designed to meet the requirements
to meet the requirements and close the network gaps identified in
and close the network gaps identified in the previous two steps
the previous two steps let's review these three phases in
let's review these three phases in detail
detail to obtain customer requirements
to obtain customer requirements you need not only to talk to network
you need not only to talk to network engineers but you need to talk to the
engineers but you need to talk to the business
business personnel and company managers
personnel and company managers networks are designed to support
networks are designed to support applications
applications and you want to determine the network
and you want to determine the network services that you need to support
services that you need to support both now
both now and in the future
and in the future so an example of design flexibility is
so an example of design flexibility is voip
voip considering the strict requirements of
considering the strict requirements of this technology you want to make sure
this technology you want to make sure that voip can function over the design
that voip can function over the design solution at any given time
solution at any given time even if this is not an initial
even if this is not an initial requirement from the customer
requirement from the customer but maybe a year or two or possibly even
but maybe a year or two or possibly even three years later
three years later you will want to be able to support
you will want to be able to support voice over ip
voice over ip flexibility in enterprise edge design
flexibility in enterprise edge design consists of the ability to incorporate
consists of the ability to incorporate other technologies easily at any given
other technologies easily at any given time
time other key design criteria when
other key design criteria when considering wan design include the
considering wan design include the following
following response time throughput
response time throughput reliability
reliability window size and data compression
window size and data compression response times are of great importance
response times are of great importance to the wide area network as well as to
to the wide area network as well as to its supported applications
its supported applications many modern applications will give an
many modern applications will give an indication of the necessary response
indication of the necessary response times and again voip is an excellent
times and again voip is an excellent example
example when a voip call is made over many
when a voip call is made over many network devices you should know what the
network devices you should know what the necessary response time must be
necessary response time must be for proper voice communications
for proper voice communications generally speaking one-way latency
generally speaking one-way latency should not exceed 120 milliseconds
should not exceed 120 milliseconds you can test a response time using a
you can test a response time using a feature on cisco devices called ipsla
feature on cisco devices called ipsla let's do a quick overview of ipsla for
let's do a quick overview of ipsla for you ipsla allows you to monitor analyze
you ipsla allows you to monitor analyze and verify
and verify ip service levels
ip service levels it's comprised of two components a
it's comprised of two components a source and a target
source and a target operations can broadly be categorized
operations can broadly be categorized into five functional areas
into five functional areas let's take a look at an example
you can use ipslas to monitor the performance between any area in the
performance between any area in the network core distribution and edge
network core distribution and edge without deploying a physical probe it
without deploying a physical probe it uses generated traffic to measure
uses generated traffic to measure network performance between two
network performance between two networking devices
networking devices so as we draw this out this shows how
so as we draw this out this shows how ipslas begins when the source device
ipslas begins when the source device sends a generated packet to the
sends a generated packet to the destination device
destination device after the destination device receives
after the destination device receives the packet depending on the type of
the packet depending on the type of ipsla's operation it responds with the
ipsla's operation it responds with the timestamp information for the source to
timestamp information for the source to make the calculation on performance
make the calculation on performance metrics
it then can communicate with a performance management application via
performance management application via snmp to provide real-time analysis of
snmp to provide real-time analysis of the network
it should be noticed that ipsla can communicate with any ip device on the
communicate with any ip device on the network that's enabled for these types
network that's enabled for these types of measurements
another important design parameter is overall available bandwidth or what many
overall available bandwidth or what many call throughput
call throughput this measures the amount of data that
this measures the amount of data that can be sent in a particular time frame
can be sent in a particular time frame through a special specific wan area
reliability is another aspect to consider this gives information about
consider this gives information about the health of the wan connection and its
the health of the wan connection and its resources so whether this connection is
resources so whether this connection is actually up or down
actually up or down as well as detailed information about
as well as detailed information about how often the wind functions as
how often the wind functions as efficient as efficiently as possible
window size influences the amount of data that can be sent into the wan in
data that can be sent into the wan in one chunk
one chunk tcp uses a sliding window concept that
tcp uses a sliding window concept that works by sending an amount of data
works by sending an amount of data waiting for an acknowledgement of
waiting for an acknowledgement of receipt and then increasing the amount
receipt and then increasing the amount of data until it reaches the maximum
of data until it reaches the maximum window
window in the case of a congested wan link
in the case of a congested wan link everyone in the network that is sending
everyone in the network that is sending data via tcp will start increasing the
data via tcp will start increasing the rate at which they send until the
rate at which they send until the interface starts dropping packets
interface starts dropping packets causing everyone to back off and use the
causing everyone to back off and use the sliding window
sliding window after the congestion disappears everyone
after the congestion disappears everyone will start increasing the rate at which
will start increasing the rate at which they send at the same time until a new
they send at the same time until a new congestion event occurs
congestion event occurs this process which repeats again and
this process which repeats again and again is called tcp global
again is called tcp global synchronization
synchronization this leads to a waste and bandwidth
this leads to a waste and bandwidth during the periods that all hosts
during the periods that all hosts decrease their window size
decrease their window size simultaneously
simultaneously and finally another key wan factor is
and finally another key wan factor is whether traffic can be compressed
whether traffic can be compressed if the data is already highly compressed
if the data is already highly compressed any additional compression mechanisms
any additional compression mechanisms are inefficient
are inefficient but that being said especially today
but that being said especially today with sands on other high capacity
with sands on other high capacity systems
systems compression and compression over the
compression and compression over the wind is critical to ensure
wind is critical to ensure that failover and backup services are
that failover and backup services are ready to go live with the most accurate
ready to go live with the most accurate data possible
data possible so here's what you've learned you've
so here's what you've learned you've learned about some unique land design
learned about some unique land design methodologies specifically a refresh of
methodologies specifically a refresh of the ppd-io process
the ppd-io process and then reviewing the key design
and then reviewing the key design criteria
criteria of wan design such as response time
of wan design such as response time throughput and reliability
throughput and reliability then another refresh of ipsla
then another refresh of ipsla all of this information is fair game for
all of this information is fair game for the ccda exam
the ccda exam if you know the information in this
if you know the information in this video well
video well you will do excellent on this portion of
you will do excellent on this portion of your exam
your exam good luck in your studies
hi this is david voss ccie11372 and in this video you're going to learn
and in this video you're going to learn about designing
about designing quality of service
quality of service specifically we're going to be going
specifically we're going to be going over the following categories of quality
over the following categories of quality of service classification
of service classification congestion management
congestion management link efficiency mechanisms and then
link efficiency mechanisms and then traffic shaping and policing
traffic shaping and policing now it's obvious from the ccda study
now it's obvious from the ccda study materials that cisco does not expect you
materials that cisco does not expect you to be an expert on quality of service
to be an expert on quality of service it is a huge topic
it is a huge topic they just want you to understand the
they just want you to understand the basics so do not spend too much time
basics so do not spend too much time digging into the intricacies of quality
digging into the intricacies of quality of service
of service because there will be time for that in
because there will be time for that in your advanced studies
your advanced studies for now
for now let's talk about quality of service at a
let's talk about quality of service at a higher level
higher level and then discuss the quality of service
and then discuss the quality of service concepts
concepts that cisco wants you to know for the
that cisco wants you to know for the ccda exam
ccda exam quality of service is a tool for
quality of service is a tool for managing a wins available bandwidth
managing a wins available bandwidth now quality service does not and bad ad
now quality service does not and bad ad bandwidth
bandwidth but it helps you make better use of what
but it helps you make better use of what you have
you have if you have chronic congestion issues
if you have chronic congestion issues quality of service should not be the
quality of service should not be the primary answer to resolving that problem
primary answer to resolving that problem you need to add more bandwidth
you need to add more bandwidth however
however by prioritizing traffic using quality of
by prioritizing traffic using quality of service
service you can make sure that your most
you can make sure that your most critical traffic gets the best treatment
critical traffic gets the best treatment and available bandwidth in times of
and available bandwidth in times of congestion
congestion one popular quality of service technique
one popular quality of service technique is to classify your traffic
is to classify your traffic based on a specific protocol type
based on a specific protocol type or matching access list
or matching access list and then giving a policy treatment to
and then giving a policy treatment to that specific class
that specific class you can define many classes to match or
you can define many classes to match or identify your most important traffic
identify your most important traffic classes for example video or voice
classes for example video or voice and then the remaining unmatched traffic
and then the remaining unmatched traffic then uses a default class
then uses a default class which is the traffic that can be treated
which is the traffic that can be treated as best effort
as best effort so let's begin with
so let's begin with classification for a flow to have
classification for a flow to have priority it must first be identified and
priority it must first be identified and marked
marked both of these tasks are referred to as
both of these tasks are referred to as classification
classification the following are popular technologies
the following are popular technologies which support
which support classification nbar
classification nbar it's a technology that uses deep
it's a technology that uses deep packet content inspection
packet content inspection to identify network applications
to identify network applications so an advantage of nbar is that it can
so an advantage of nbar is that it can recognize applications even when they do
recognize applications even when they do not
not use standard network ports
use standard network ports also it matches fields at the
also it matches fields at the application layer
application layer before nbar classification was limited
before nbar classification was limited to
to layer 4 tcp and udp port numbers
layer 4 tcp and udp port numbers but mbar has changed that
but mbar has changed that next is car committed access rate and
next is car committed access rate and uses an acl to set precedence and allows
uses an acl to set precedence and allows customization
customization of the precedence assignment by the user
of the precedence assignment by the user source or destination ip address or even
source or destination ip address or even application type
next let's talk about congestion management there are two types of output
management there are two types of output cues that are available on routers
cues that are available on routers hardware and software the hardware queue
hardware and software the hardware queue simply uses fifo first in first out
simply uses fifo first in first out but the software queue schedules packets
but the software queue schedules packets first and then places them in the
first and then places them in the hardware queue
hardware queue now keep in mind that the software queue
now keep in mind that the software queue is only used during periods of
is only used during periods of congestion
congestion the software queue uses quality of
the software queue uses quality of service techniques such as priority
service techniques such as priority queuing custom cueing
queuing custom cueing weighted fair queueing
weighted fair queueing class based weighted fair queuing
class based weighted fair queuing low latency queuing and traffic shaping
low latency queuing and traffic shaping and policing let's go through each of
and policing let's go through each of one of those cisco does not expect you
one of those cisco does not expect you to know each of these in detail again
to know each of these in detail again that would be later in your ccdp studies
that would be later in your ccdp studies but that being said
but that being said they want you to understand
they want you to understand what each of these are
what each of these are priority queuing is a queuing method
priority queuing is a queuing method that establishes four interface output
that establishes four interface output cues that serve different priority
cues that serve different priority levels
levels which are high medium default and low
which are high medium default and low unfortunately priority queueing can
unfortunately priority queueing can starve other cues if too much data is in
starve other cues if too much data is in one queue
one queue because higher priority queues must be
because higher priority queues must be emptied first
emptied first before lower priority queues
before lower priority queues next there is custom queuing
next there is custom queuing it uses up to 16 individual output
it uses up to 16 individual output queues
queues byte size limits are assigned to each
byte size limits are assigned to each queue so that when the limit is reached
queue so that when the limit is reached it proceeds to the next queue the
it proceeds to the next queue the network operator can customize these
network operator can customize these limits
limits and custom cueing is obviously fairer
and custom cueing is obviously fairer than priority queueing because it allows
than priority queueing because it allows some level of service to all traffic
some level of service to all traffic but this is really a legacy solution
but this is really a legacy solution because there are improvements in the
because there are improvements in the queuing methods which we'll talk about
queuing methods which we'll talk about next
next weighted fair queuing ensures that
weighted fair queuing ensures that traffic is separated into individual
traffic is separated into individual flows or sessions without requiring that
flows or sessions without requiring that you define access lists
you define access lists waited for a curing uses two categories
waited for a curing uses two categories to group sessions high and low bandwidth
to group sessions high and low bandwidth low bandwidth traffic has priority over
low bandwidth traffic has priority over high bandwidth traffic
high bandwidth traffic and high bandwidth traffic shares the
and high bandwidth traffic shares the service according to assigned weight
service according to assigned weight values
values please know that weighted fair cueing is
please know that weighted fair cueing is the default quality service mechanism on
the default quality service mechanism on interfaces below
interfaces below 2 megabits per second
2 megabits per second next is class
next is class based weighted fair queueing
based weighted fair queueing it extends waited for queueing
it extends waited for queueing capabilities by providing support for
capabilities by providing support for modular user-defined traffic classes
modular user-defined traffic classes class-based waiver fair queuing lets you
class-based waiver fair queuing lets you define traffic classes that correspond
define traffic classes that correspond to match criteria
to match criteria including acls protocols and input
including acls protocols and input interfaces
interfaces traffic that matches the class criteria
traffic that matches the class criteria belongs to that specific class and each
belongs to that specific class and each class
class has a defined queue that corresponds to
has a defined queue that corresponds to an output interface
an output interface so after traffic has been matched and
so after traffic has been matched and belongs to a specific class
belongs to a specific class you can modify its characteristics such
you can modify its characteristics such as assigning bandwidth
as assigning bandwidth maximum queue limit and weight
maximum queue limit and weight as you see in the picture here
as you see in the picture here certain classes receive higher priority
certain classes receive higher priority than other classes
than other classes as you see in the diagram here certain
as you see in the diagram here certain classes receive more bandwidth than
classes receive more bandwidth than other classes
other classes and also as you see here this is a form
and also as you see here this is a form of class based waiting for queueing but
of class based waiting for queueing but actually this is called low latency
actually this is called low latency queuing because it has a priority queue
queuing because it has a priority queue and that's the big difference
and that's the big difference the strict priority queue allows delay
the strict priority queue allows delay sensitive traffic such as voice
sensitive traffic such as voice to be sent first before other cues are
to be sent first before other cues are serviced
serviced that gives voice preferential treatment
that gives voice preferential treatment over other traffic types
over other traffic types unlike priority queuing low latency
unlike priority queuing low latency queuing provides for a maximum threshold
queuing provides for a maximum threshold on the priority queue
on the priority queue then this will prevent lower priority
then this will prevent lower priority traffic from being starved by the
traffic from being starved by the priority queue
priority queue now without low latency queuing
now without low latency queuing class based waiting for queuing would
class based waiting for queuing would not have a priority queue for real-time
not have a priority queue for real-time traffic
now that we've talked about queuing let's talk about traffic shaping and
let's talk about traffic shaping and policing
policing traffic shaping and policing are
traffic shaping and policing are mechanisms that inspect traffic and then
mechanisms that inspect traffic and then take action based on the traffic's
take action based on the traffic's characteristics such as dscp
characteristics such as dscp or ip precedence bits set in the ip
or ip precedence bits set in the ip header
header traffic shaping slows down the rate at
traffic shaping slows down the rate at which packets are sent out an interface
which packets are sent out an interface by matching certain criteria
by matching certain criteria traffic shaping uses a token bucket
traffic shaping uses a token bucket technique to release the packets into
technique to release the packets into the output queue
the output queue at a pre-configured rate
at a pre-configured rate so this helps eliminate potential
so this helps eliminate potential bottlenecks by throttling back the
bottlenecks by throttling back the traffic rate at the source
traffic rate at the source traffic shipping is used on larger
traffic shipping is used on larger networks to smooth the flow of traffic
networks to smooth the flow of traffic going out to the provider
going out to the provider this is desirable for a few reasons
this is desirable for a few reasons in provider networks it prevents the
in provider networks it prevents the provider from dropping traffic that
provider from dropping traffic that exceeds the contracted rate
exceeds the contracted rate now policing is a little bit different
now policing is a little bit different because it tags or drops traffic
because it tags or drops traffic depending on the match criteria
depending on the match criteria generally speaking policing is used to
generally speaking policing is used to set the limit of incoming traffic into
set the limit of incoming traffic into an interface
an interface and then it will drop traffic that
and then it will drop traffic that exceeds what the settings were
exceeds what the settings were one example of using policing is to give
one example of using policing is to give preferential treatment to critical
preferential treatment to critical application traffic by elevating to a
application traffic by elevating to a higher class and reducing best effort
higher class and reducing best effort traffic to a lower priority class
traffic to a lower priority class the best way to compare shaping with
the best way to compare shaping with policing is to remember
policing is to remember that shaping buffers packets
that shaping buffers packets policing does not
policing does not it can be configured to drop packets
it can be configured to drop packets our final topic is link efficiency
our final topic is link efficiency within cisco ios there are several link
within cisco ios there are several link efficiency mechanisms available
efficiency mechanisms available as you can see here
as you can see here there's lfi
there's lfi which is used to reduce delay or jitter
which is used to reduce delay or jitter on slower speed links
on slower speed links multi-link ppp
multi-link ppp which bonds multiple links together
which bonds multiple links together between no two nodes which can increase
between no two nodes which can increase available bandwidth and then rtp
available bandwidth and then rtp real-time transport header compression
real-time transport header compression which can pro which provides increased
which can pro which provides increased efficiency for applications
efficiency for applications that take advantage of rtp on slower
that take advantage of rtp on slower lengths
lengths so here's what you've learned you've
so here's what you've learned you've received a high level overview of
received a high level overview of quality of service
quality of service and then you learn about quality of
and then you learn about quality of service functions such as classification
service functions such as classification congestion management
congestion management link efficiency mechanisms and then
link efficiency mechanisms and then traffic shaping and policing
traffic shaping and policing if you know this video well you'll do
if you know this video well you'll do well on your qos portion of your ccda
well on your qos portion of your ccda exam
exam and i wish you the best of luck in your
and i wish you the best of luck in your studies
hi this is david voss ccie11372 and in this video we're going to cover
and in this video we're going to cover the remaining wand technologies or
the remaining wand technologies or considerations that you need to know for
considerations that you need to know for your ccda exam we're going to cover
your ccda exam we're going to cover remote access design
remote access design then vpns
then vpns wide area network backups
wide area network backups and then finally enterprise branch
and then finally enterprise branch module design
let's start with remote access design when designing the remote access block
when designing the remote access block you must ensure that the network users
you must ensure that the network users have transparent access to the network
have transparent access to the network from wherever they are
from wherever they are just as they are connected to the actual
just as they are connected to the actual network
network the users must be able to reach the
the users must be able to reach the resources they are authorized to use as
resources they are authorized to use as they would from the enterprise campus
they would from the enterprise campus in order to provide these services the
in order to provide these services the connection requirements must be analyzed
connection requirements must be analyzed carefully
carefully in order to ensure they are fulfilled
in order to ensure they are fulfilled typical requirements include voip
typical requirements include voip support vpn support
support vpn support high volume traffic or low volume
high volume traffic or low volume traffic permanent connection is it
traffic permanent connection is it needed or not and the type of flows
needed or not and the type of flows now vpn concentrators have often be used
now vpn concentrators have often be used to accept these external sessions but
to accept these external sessions but cisco's multi-function asa platform is
cisco's multi-function asa platform is now the standard platform for providing
now the standard platform for providing both security and vpn services to the
both security and vpn services to the raz block the raz block is normally
raz block the raz block is normally comprised of firewalls and systems that
comprised of firewalls and systems that can provide vpn and security solutions
can provide vpn and security solutions all in one
all in one or they can be broken out such as vpn
or they can be broken out such as vpn concentrators dial up networking
concentrators dial up networking services
services and of course you still want to have
and of course you still want to have your security so ids and ips solutions
your security so ids and ips solutions to actively monitor any unwanted traffic
to actively monitor any unwanted traffic or activity
or activity so let's get more granular and talk
so let's get more granular and talk about vpn network design
about vpn network design even though the vpn concept involves
even though the vpn concept involves security most of the time
security most of the time unsecured vpns exist
unsecured vpns exist a very basic example of this would be
a very basic example of this would be frame relay
frame relay vpn troubleshooting is difficult to
vpn troubleshooting is difficult to manage because of the lack of visibility
manage because of the lack of visibility into the provider infrastructure
into the provider infrastructure the service provider is usually seen as
the service provider is usually seen as a cloud that aggregates all the network
a cloud that aggregates all the network locations connections
locations connections so when performing vpn troubleshooting
so when performing vpn troubleshooting you should first take a look at the
you should first take a look at the problem on your end and make sure it
problem on your end and make sure it does not reside on your devices
does not reside on your devices and then if you are sure or as sure as
and then if you are sure or as sure as you can be
you can be reach out to your isp
reach out to your isp types of vpn technologies include the
types of vpn technologies include the following
following site-to-site vpns
site-to-site vpns these are used to connect different
these are used to connect different locations over a
locations over a public infrastructure
public infrastructure now when using peer-to-peer
now when using peer-to-peer infrastructure you can communicate
infrastructure you can communicate seamlessly
seamlessly between sites without worry about ip
between sites without worry about ip addressing overlap
remote access vpns such as in the older days uh vpdn virtual private dial up
days uh vpdn virtual private dial up network although you may still see that
network although you may still see that here and there
here and there or surely you're aware of vpn software
or surely you're aware of vpn software that you can run on your laptop nowadays
that you can run on your laptop nowadays to connect into your corporate network
to connect into your corporate network and then there's extranet vpns to
and then there's extranet vpns to connect to business partners or customer
connect to business partners or customer networks
with vpns traffic is often tunneled in order to send it over an infrastructure
order to send it over an infrastructure now the tunneling methodology for layer
now the tunneling methodology for layer 3 is called gre or generic routing
3 is called gre or generic routing encapsulation
encapsulation gre allows traffic to tunnel
gre allows traffic to tunnel but it does not provide security so
but it does not provide security so let's talk about gre and then also the
let's talk about gre and then also the options you can use to provide security
options you can use to provide security over gre
over gre gre was developed as a tunneling
gre was developed as a tunneling methodology which can carry layer 3
methodology which can carry layer 3 protocols over an ip network
protocols over an ip network in essence gre creates a private
in essence gre creates a private point-to-point connection like a vpn
point-to-point connection like a vpn except gre does not provide secure
except gre does not provide secure communications but we'll deal with that
communications but we'll deal with that a little bit later
a little bit later gre works by encapsulating payload
gre works by encapsulating payload traffic inside an ip packet
traffic inside an ip packet gre tunnel endpoints send payloads
gre tunnel endpoints send payloads through tunnels by routing encapsulated
through tunnels by routing encapsulated packets through ip
packets through ip here's what makes it work
here's what makes it work the ip routers along the way do not look
the ip routers along the way do not look at the payload they look only at the
at the payload they look only at the outer ip packet as they forward it
outer ip packet as they forward it towards the gre tunnel endpoint
towards the gre tunnel endpoint and upon reaching the tunnel endpoint
and upon reaching the tunnel endpoint gre encapsulation is removed and the
gre encapsulation is removed and the payload is forwarded along to its
payload is forwarded along to its ultimate destination
ultimate destination now this is obviously very useful since
now this is obviously very useful since a gre tunnel can encapsulate almost any
a gre tunnel can encapsulate almost any type of data you want to send out a
type of data you want to send out a physical router interface
physical router interface so let's just walk through an example of
so let's just walk through an example of gre tunneling here you have a cloud and
gre tunneling here you have a cloud and let's say you have two routers and they
let's say you have two routers and they communicate over a provider network so
communicate over a provider network so there are multiple hops over this
there are multiple hops over this network and you need to you need to
network and you need to you need to tunnel traffic that the provider does
tunnel traffic that the provider does not allow the tr the provider does not
not allow the tr the provider does not allow certain traffic over their network
allow certain traffic over their network so what you do is you create two
so what you do is you create two tunnel interfaces one on router one and
tunnel interfaces one on router one and one on router two
one on router two and these are your end points for your
and these are your end points for your gre tunnel now over this jre tunnel you
gre tunnel now over this jre tunnel you can send whatever you want over it
can send whatever you want over it because it has an ip header the provider
because it has an ip header the provider provides support for ip but you can send
provides support for ip but you can send whatever you want
whatever you want over this tr over this tunnel
over this tr over this tunnel by by encapsulating it in an ip header
by by encapsulating it in an ip header and you are adhering to their standards
and you are adhering to their standards but you're also able to send traffic
but you're also able to send traffic that you need to send over your tunnel
that you need to send over your tunnel even if it's not permitted by the
even if it's not permitted by the provider on a normal basis
provider on a normal basis gre gives you that flexibility
gre gives you that flexibility when you hear the word encapsulate
when you hear the word encapsulate now you may think of security but gre by
now you may think of security but gre by itself does not provide any security for
itself does not provide any security for the data it transmits
the data it transmits so again let's take another look at gre
so again let's take another look at gre tunneling with from a secure perspective
tunneling with from a secure perspective we have two routers
we have two routers and we're going to create a jerry tunnel
and we're going to create a jerry tunnel between both of them the traffic that is
between both of them the traffic that is traversing the
traversing the the provider is encapsulated but it's
the provider is encapsulated but it's still not secure it could be viewed if
still not secure it could be viewed if if somebody wanted uh to view it um it's
if somebody wanted uh to view it um it's still in the open so you could run ipsec
still in the open so you could run ipsec and encrypt the data on let's say router
and encrypt the data on let's say router 1
1 and as it's sent over to router 2 it
and as it's sent over to router 2 it stays encrypted over the provider
stays encrypted over the provider network and then router 2 would
network and then router 2 would unencrypt that data and then send it so
unencrypt that data and then send it so again from router tutor 1 1 would work
again from router tutor 1 1 would work as well again the encryption is on the
as well again the encryption is on the routers on our end so anytime it
routers on our end so anytime it traverses the provider that data is
traverses the provider that data is secure so ip2 and gre
secure so ip2 and gre often play hand in hand
often play hand in hand the limitation of ipsec is that it can
the limitation of ipsec is that it can only protect unicast ip packets
only protect unicast ip packets so this causes issues for routing
so this causes issues for routing protocols that use ip multicasts
protocols that use ip multicasts gre allows you to get around this
gre allows you to get around this problem because gre
problem because gre a gre tunnel can encapsulate ip
a gre tunnel can encapsulate ip multicast packets so the resulting gre
multicast packets so the resulting gre packet is an ip unicast packet but which
packet is an ip unicast packet but which can then be protected by an ipsec tunnel
next let's talk about when backup design now when connectivity can achieve backup
now when connectivity can achieve backup through the following approaches
through the following approaches dial-up backup activated when a primary
dial-up backup activated when a primary link fails used to be very popular due
link fails used to be very popular due to cost and bandwidth requirements it's
to cost and bandwidth requirements it's just simply not as popular today
just simply not as popular today secondary wan link which is used for
secondary wan link which is used for backup and or load balancing this tends
backup and or load balancing this tends to be more popular
to be more popular or a shadow vpn and this is used when
or a shadow vpn and this is used when the isp
the isp establishes a second pvc or permanent
establishes a second pvc or permanent virtual circuit
virtual circuit but the user is only charged for its
but the user is only charged for its usage
usage so this can be a
so this can be a very useful when the main pvc fails or
very useful when the main pvc fails or in situations where more bandwidth is
in situations where more bandwidth is needed
finally let's talk about the enterprise branch module
branch module branch modules are sized based on the
branch modules are sized based on the number of users it needs to accommodate
number of users it needs to accommodate for example the enterprise teleworker
for example the enterprise teleworker which is generally one user
which is generally one user single tier tens of users
single tier tens of users dual tier hundreds of users and
dual tier hundreds of users and multi-tier thousands of users
multi-tier thousands of users as the number of users in the branch
as the number of users in the branch modules grows additional layers might be
modules grows additional layers might be needed the internet block generally
needed the internet block generally serves as the gateway for your internal
serves as the gateway for your internal users to the internet if they want to
users to the internet if they want to browse perform file transfers or stream
browse perform file transfers or stream audio or video presentations
audio or video presentations their flows would go in and out of this
their flows would go in and out of this block
block now notice how the internal traffic from
now notice how the internal traffic from your users is not using the same block
your users is not using the same block as those who are coming in from the
as those who are coming in from the internet this ensures that no external
internet this ensures that no external users are trying to hijack internal
users are trying to hijack internal flows
flows that being said oftentimes the internal
that being said oftentimes the internal and e-commerce blocks can share the same
and e-commerce blocks can share the same internet pipe
internet pipe but if you prefer not to do that you can
but if you prefer not to do that you can use what is called a dual homes
use what is called a dual homes connection
connection to two separate internet service
to two separate internet service providers to make sure that that traffic
providers to make sure that that traffic is segmented
is segmented now if one internet service provider did
now if one internet service provider did fail you could then allow all traffic
fail you could then allow all traffic over the same circuit as a fail safe
over the same circuit as a fail safe the internet block is comprised of
the internet block is comprised of firewalls routers http servers smtp
firewalls routers http servers smtp servers ftp servers and dns servers to
servers ftp servers and dns servers to name a few
name a few so here's what you've learned you've
so here's what you've learned you've learned about the remaining items you
learned about the remaining items you need to know for wide area network
need to know for wide area network considerations and technologies for your
considerations and technologies for your ccda exam
ccda exam some of it is granular and some about we
some of it is granular and some about we stayed high level but we definitely
stayed high level but we definitely covered it to the level you will need to
covered it to the level you will need to know
know for your ccda exam if you know what's in
for your ccda exam if you know what's in this video you should do very well
this video you should do very well good luck in your studies
hi this is david voss ccie 11372 and in this video we're covering
this video we're covering branch office design
branch office design specifically in this video you're going
specifically in this video you're going to learn about designing for a very
to learn about designing for a very small office
small office the small office
the small office a medium-sized office 4-hour versus
a medium-sized office 4-hour versus extended service
extended service a medium-sized office layer 2
a medium-sized office layer 2 and then a large size office
and then a large size office all of these are types of branch offices
all of these are types of branch offices that you'll need to know
that you'll need to know for your ccda exam
the cisco enterprise branch architecture takes into account services such as
takes into account services such as voice data video and security
voice data video and security that customers want to deploy at their
that customers want to deploy at their endpoints
endpoints no matter how far away the endpoints are
no matter how far away the endpoints are or how they are connected
or how they are connected using borderless networks the cisco
using borderless networks the cisco enterprise branch office architecture
enterprise branch office architecture should provide seamless connectivity
should provide seamless connectivity an effective network design for
an effective network design for enterprise branches and teleworkers
enterprise branches and teleworkers requires knowledge of campus
requires knowledge of campus technologies
technologies the cisco enterprise branch architecture
the cisco enterprise branch architecture is an integrated
is an integrated flexible and secure framework
flexible and secure framework for extending headquarter applications
for extending headquarter applications in real time to remote sites
in real time to remote sites it uses the cisco network architecture
it uses the cisco network architecture for the enterprise framework
for the enterprise framework but it applies it to the smaller scale
but it applies it to the smaller scale of a branch location
of a branch location common network components that can be
common network components that can be implemented in the branch include
implemented in the branch include routers that provide wan edge
routers that provide wan edge connectivity
connectivity switches that provide the lan
switches that provide the lan infrastructure
infrastructure security appliances that defend the
security appliances that defend the branch offices
branch offices wireless access points for device
wireless access points for device mobility
mobility call processing and video equipment for
call processing and video equipment for ip telephony and video support
ip telephony and video support and end user devices including ip phones
and end user devices including ip phones and computers
cisco has developed six topologies to meet remote office requirements
meet remote office requirements each design is based on a set of
each design is based on a set of requirements which we will discuss now
requirements which we will discuss now first size the primary classification
first size the primary classification criteria is the size of the remote site
criteria is the size of the remote site the size of the remote site is based on
the size of the remote site is based on the number of ports required which is
the number of ports required which is dependent on the number of employees at
dependent on the number of employees at the site
the site and any special application supported in
and any special application supported in the remote site
the remote site some sites allocate two to four ports
some sites allocate two to four ports per employee while others allocate fewer
per employee while others allocate fewer than one port per employee
than one port per employee in addition to head count other factors
in addition to head count other factors that may impact the total poor count
that may impact the total poor count this can be such things as meeting rooms
this can be such things as meeting rooms public areas reception
public areas reception and other it devices or security cameras
next wiring closets different buildings may require only one or more than one
may require only one or more than one wiring closet
wiring closet since some cabling can only carry for
since some cabling can only carry for example 100 megabits per second fast
example 100 megabits per second fast ethernet for about 100 meters
ethernet for about 100 meters any building longer than 200 meters
any building longer than 200 meters should have more than one wiring closet
should have more than one wiring closet multi-storied buildings should also have
multi-storied buildings should also have more than one wiring closet
more than one wiring closet please note that while large and
please note that while large and multi-storey buildings often house more
multi-storey buildings often house more users and more ports that's not always
users and more ports that's not always the case
let's go ahead and take a look at some of the office types
of the office types the very small office model covers
the very small office model covers offices servicing approximately one to
offices servicing approximately one to five people
five people where service level agreements can be
where service level agreements can be negotiated around the lack of redundancy
negotiated around the lack of redundancy for data and voice networking
for data and voice networking examples of small offices include
examples of small offices include the convenient office a small office
the convenient office a small office with a client company
with a client company or a small cisco leased office with
or a small cisco leased office with shared facilities such as phones and
shared facilities such as phones and internet connection
a very small office is defined as having one or all of the following
as having one or all of the following characteristics
characteristics the maximum number of access ports to be
the maximum number of access ports to be supported at the remote site is 23.
supported at the remote site is 23. the site does not require any redundancy
the site does not require any redundancy in terms of leased switches or devices
in terms of leased switches or devices on the network
on the network voice enabled cisco isr 3845
voice enabled cisco isr 3845 router would be a good example of the
router would be a good example of the hardware you would use
hardware you would use using an etherswitch service module
using an etherswitch service module iphones and access points
iphones and access points the site can be supported by a
the site can be supported by a traditional lease line based wan or vpn
traditional lease line based wan or vpn connection over the public internet with
connection over the public internet with reduced sla
the next site we'll discuss is the small office
office the small office model is designed to
the small office model is designed to support offices with a total poor count
support offices with a total poor count not exceeding 288
not exceeding 288 the design is flexible enough to be used
the design is flexible enough to be used in implementations where either all
in implementations where either all access ports are aggregated into a
access ports are aggregated into a single wiring closet or where the access
single wiring closet or where the access ports are broken into different wiring
ports are broken into different wiring closets up to the total of
closets up to the total of five a small office is defined as one
five a small office is defined as one that has the following characteristics
that has the following characteristics maximum number of access ports 288
maximum number of access ports 288 redundancy is achieved by deploying dual
redundancy is achieved by deploying dual wind gateways each with their own when
wind gateways each with their own when circuit where more than one switch is
circuit where more than one switch is present in the same wiring closet the
present in the same wiring closet the switches are deployed in a stack
switches are deployed in a stack at minimum two switches should be
at minimum two switches should be stacked together in the core
stacked together in the core hardware a typical hardware you'd find
hardware a typical hardware you'd find would be a cisco 3845 router
would be a cisco 3845 router and up to six switches
and up to six switches using ip phones and wireless access
using ip phones and wireless access points
points it is the preference for this site to be
it is the preference for this site to be deployed using a permanent wind service
deployed using a permanent wind service but if that is not possible then a
but if that is not possible then a vpn connection over the public internet
vpn connection over the public internet can be used
the next branch office model is the medium-sized office
medium-sized office this design covers medium-sized offices
this design covers medium-sized offices where critical service is required
where critical service is required and this is where we talk about the
and this is where we talk about the cisco smartnet contract or support
cisco smartnet contract or support contract
contract this design is classified into two
this design is classified into two separate models which cisco specifically
separate models which cisco specifically refers to as four hour
refers to as four hour and four hour extended
and four hour extended for our extended model includes an
for our extended model includes an additional switch to support sites with
additional switch to support sites with a secondary communication room or wiring
a secondary communication room or wiring closet
closet a medium office 4-hour extended is
a medium office 4-hour extended is defined as one that has the following
defined as one that has the following characteristics
characteristics up to 336 switch ports
up to 336 switch ports for 4-hour model and 672 ports for the
for 4-hour model and 672 ports for the extended model
extended model one or two communication rooms or wiring
one or two communication rooms or wiring closets
closets redundancy is achieved by deploying dual
redundancy is achieved by deploying dual wind gateways each with their own wind
wind gateways each with their own wind circuit each lan switch is deployed with
circuit each lan switch is deployed with dual supervisors and dual power supplies
the site would have a cisco router with an etherswitch service module
an etherswitch service module supporting iphones and access points
supporting iphones and access points it is the preference for the site to be
it is the preference for the site to be deployed using a permanent win service
deployed using a permanent win service but if that is not possible then a vpn
but if that is not possible then a vpn connection over the public internet
connection over the public internet can be used
the next model is the medium-sized office
office this design caters for medium-sized
this design caters for medium-sized offices where the total pour cone does
offices where the total pour cone does not exceed
not exceed 1344 ports
1344 ports and where there are no more than three
and where there are no more than three wiring closets
wiring closets typically you'll find higher powered
typically you'll find higher powered dual switches that are deployed in the
dual switches that are deployed in the core
core even though they already have dual power
even though they already have dual power supplies and dual processors
supplies and dual processors this is done for offices where shipping
this is done for offices where shipping in local customs may cause replacement
in local customs may cause replacement equipment to be delayed
equipment to be delayed or where the potential impact to the
or where the potential impact to the client is far too great to implement a
client is far too great to implement a four hour model
a medium-sized office is defined as one that has the following characteristics
that has the following characteristics up to 672 switch ports for layer 2
up to 672 switch ports for layer 2 and 1 344 ports using the extended model
between one and three wiring closets redundancy is achieved by deploying dual
redundancy is achieved by deploying dual wind gateways each with their own wind
wind gateways each with their own wind circuit
circuit each lan switch is deployed with dual
each lan switch is deployed with dual supervisors and dual power supplies
supervisors and dual power supplies voice enabled router with up to four
voice enabled router with up to four high powered switches
high powered switches with dual supervisors and dual power
with dual supervisors and dual power supplies the cisco catalyst 6500 series
supplies the cisco catalyst 6500 series is the typical switch you would find in
is the typical switch you would find in the core
the core and this is supporting iphones and
and this is supporting iphones and access points
access points it's the preference for this site to be
it's the preference for this site to be deployed using a permanent wind service
deployed using a permanent wind service but again if that's not possible
but again if that's not possible then a vpn connection over the public
then a vpn connection over the public internet can be used
the next model we'll talk about is large size office
size office the large office model caters to all
the large office model caters to all remaining sites exceeding the
remaining sites exceeding the specification for the proceeding models
specification for the proceeding models typically the sites have a requirement
typically the sites have a requirement of greater than 1 344 points ports and
of greater than 1 344 points ports and or more than three wiring closets the
or more than three wiring closets the large size office has a distribution
large size office has a distribution layer to support the extended network
layer to support the extended network these sites differ from earlier
these sites differ from earlier topologies because the switches are
topologies because the switches are redundant the port capacity is larger
redundant the port capacity is larger and the business supported at these
and the business supported at these sites is critical
sites is critical within cisco i.t this model is typically
within cisco i.t this model is typically referred to as the complex model
referred to as the complex model a large size office is defined as one
a large size office is defined as one that has the following characteristics
that has the following characteristics 1344 access ports and beyond
1344 access ports and beyond no restriction on the number of wiring
no restriction on the number of wiring closets redundancy is achieved by
closets redundancy is achieved by deploying dual wind gateways
deploying dual wind gateways each with their own lan circuit each lan
each with their own lan circuit each lan switch is deployed with dual supervisors
switch is deployed with dual supervisors and dual power supplies
and dual power supplies the hardware would be a voice enabled
the hardware would be a voice enabled cisco router
cisco router with typically higher end cisco switches
with typically higher end cisco switches like the catalyst 6500
like the catalyst 6500 using dual supervisors and dual power
using dual supervisors and dual power supplies
supplies also supporting iphones and access
also supporting iphones and access points
points it is a requirement for this
it is a requirement for this type of site to be deployed using a
type of site to be deployed using a permanent win service and cisco does not
permanent win service and cisco does not suggest or it would not qualify for this
suggest or it would not qualify for this type of
type of deployment
deployment using a vpn solution over the internet
so here's what you've learned you've learned about
learned about branch office design
branch office design specifically the six different models
specifically the six different models that is the very small office small
that is the very small office small office
office medium-sized office four-hour versus
medium-sized office four-hour versus extended service
extended service medium-sized office layer two
medium-sized office layer two and the large size office
and the large size office all this information you'll need to know
all this information you'll need to know for your ccda exam
for your ccda exam but also certainly to make you a
but also certainly to make you a stronger design engineer in your
stronger design engineer in your enterprise
enterprise good luck in your studies
so [Music]
hi this is david voss ccie11372 and in this video you're going to learn
and in this video you're going to learn about ipv4
about ipv4 addressing
addressing specifically you're going to learn about
specifically you're going to learn about ipv4 addresses
ipv4 addresses subnets
subnets and then we'll finish it off
and then we'll finish it off with tcp udp and iep headers
with tcp udp and iep headers so let's go ahead and begin with a basic
so let's go ahead and begin with a basic introduction to ipv4
introduction to ipv4 addresses
addresses an ip address is a unique logical number
an ip address is a unique logical number to a network device or interface
to a network device or interface it is 32 bits in length
it is 32 bits in length and to make the number easier to read
and to make the number easier to read the dotted decimal format is used
the dotted decimal format is used the bits are combined into four 8-bit
the bits are combined into four 8-bit groups
groups each converted into decimal numbers
each converted into decimal numbers for example as you will see here this
for example as you will see here this address is 10.128.0.1
the first octet dictates which class the ip address is it
ip address is it as you see in this diagram
as you see in this diagram the beginning bits of the first octet
the beginning bits of the first octet will dictate what class the ip address
will dictate what class the ip address is
is there are five classes
there are five classes a b c d and e
a b c d and e and let's go ahead and talk about each
and let's go ahead and talk about each of those at this time
of those at this time class a addresses range from 0 to 127 in
class a addresses range from 0 to 127 in the first byte
the first byte network numbers available for assignment
network numbers available for assignment to organizations
to organizations are from 1.0.0.0
are from 1.0.0.0 to 126.0.0.0.
by default for class a addresses
for class a addresses the first byte is the network number
the first byte is the network number and then the three remaining bytes are
and then the three remaining bytes are the host number
the host number class b addresses range from 128 to 191
class b addresses range from 128 to 191 in the first byte
in the first byte network numbers assigned to companies or
network numbers assigned to companies or other organizations are from 128.0.0.0
by default for class b addresses the first two bytes are the network number
first two bytes are the network number and the remaining two bytes are the host
and the remaining two bytes are the host number
class c addresses range from 192 to 223 in the first byte
to 223 in the first byte network numbers assigned to companies
network numbers assigned to companies are from 192.0.0.0
to 223 255 255.0
255.0 the format is the first three bytes are
the format is the first three bytes are the network number and the last byte is
the network number and the last byte is the host number
class d addresses range from 224 to 239 in the first byte
to 239 in the first byte network numbers assigned to multicast
network numbers assigned to multicast groups range from 224.0.0.1
to 239 255 255 2555 please note that these addresses do not
please note that these addresses do not have a host or network portion
class e addresses range from 240 to 254 in the first byte
in the first byte these addresses are reserved for
these addresses are reserved for experimental networks
experimental networks network 255 is reversed it is reserved
network 255 is reversed it is reserved for the broadcast address
for the broadcast address such as all 255's
such as all 255's again take a look at this table and you
again take a look at this table and you will see the summary of the ipv4 address
will see the summary of the ipv4 address classes
classes each address class can be uniquely
each address class can be uniquely identified
identified in binary by the high order bits
now subnetting plays an important role in ipv4 addressing
in ipv4 addressing since you want to be able to break down
since you want to be able to break down the networks into smaller ones
the networks into smaller ones as you can see here we have a class a ip
as you can see here we have a class a ip address
address and if we were to use its default subnet
and if we were to use its default subnet mask
mask it would be a slash eight that is the
it would be a slash eight that is the first eight binary bits
first eight binary bits would be ones and the rest would be
would be ones and the rest would be zeros but this would mean we have
zeros but this would mean we have hundreds of thousands of ip addresses in
hundreds of thousands of ip addresses in this one subnet
this one subnet let's say we want to use this ip address
let's say we want to use this ip address on our internal network and simply
on our internal network and simply assign it to one small portion of our
assign it to one small portion of our network where there are 100 users
network where there are 100 users in that case we would want to assign a
in that case we would want to assign a smaller subnet let's say a slash 24
smaller subnet let's say a slash 24 so subnetting allows us to put it on a
so subnetting allows us to put it on a smaller network with fewer hosts
smaller network with fewer hosts so the subnet mask is a 32-bit number in
so the subnet mask is a 32-bit number in which the bits are set to 1
which the bits are set to 1 to identify this network portion of the
to identify this network portion of the address and the 0 then identifies the
address and the 0 then identifies the host portion of the address
host portion of the address as you can see here we will now set to 1
as you can see here we will now set to 1 the first 24 bits
the first 24 bits and that will mark off the subnet which
and that will mark off the subnet which is now a slash 24
is now a slash 24 which means
which means that 10.128
that 10.128 dot
dot 24
24 is a dedicated network that can host
is a dedicated network that can host 254 hosts
next let's briefly cover the headers for tcp ip and udp
tcp ip and udp what you see before you is the ip header
what you see before you is the ip header you will need to know the functions for
you will need to know the functions for each of the fields you see before you
each of the fields you see before you let me cover some of the functions that
let me cover some of the functions that you will most likely need to know for
you will most likely need to know for your exam and in real world
your exam and in real world troubleshooting
troubleshooting first there's the version field
first there's the version field the version field indicates that it is
the version field indicates that it is ipv4 in this instance with a value of 0
ipv4 in this instance with a value of 0 1 0
1 0 0. then there's the type of service
0. then there's the type of service field
field this field is
this field is commonly referred to as the type of
commonly referred to as the type of service byte it has eight bits used to
service byte it has eight bits used to set quality of service markings and
set quality of service markings and specifically within this field is dscp
specifically within this field is dscp the six left most bits are used for dscp
the six left most bits are used for dscp which obviously commonly is associated
which obviously commonly is associated with quality of service marking
with quality of service marking next is the ip flags field this is a
next is the ip flags field this is a three bit field
three bit field the second bit of this field is the df
the second bit of this field is the df or do not fragment fragment bit
or do not fragment fragment bit and that indicates that a packet should
and that indicates that a packet should not be fragmented
not be fragmented then there's the time to live field this
then there's the time to live field this is an 8-bit field that is decremented by
is an 8-bit field that is decremented by one each time a packet is routed from
one each time a packet is routed from one ip network to another
one ip network to another if ttl ever reaches zero the packet is
if ttl ever reaches zero the packet is discarded
discarded the protocol field which is an 8-bit
the protocol field which is an 8-bit field specifies what kind of data
field specifies what kind of data type of data is encapsulated
type of data is encapsulated in the packet
in the packet tcp and udp are common protocols
tcp and udp are common protocols identified by this field
identified by this field finally the source address field which
finally the source address field which is a 32-bit field indicating the source
is a 32-bit field indicating the source of the ipv4 packet and then the
of the ipv4 packet and then the destination address field which again is
destination address field which again is a 32-bit destination destination address
a 32-bit destination destination address which indicates the destination
which indicates the destination for that packet next let's move on to
for that packet next let's move on to the tcp segment header here are some of
the tcp segment header here are some of the fields you will certainly need to
the fields you will certainly need to know you have the source port field
know you have the source port field which is the 16-bit field indicating the
which is the 16-bit field indicating the sending port number and the destination
sending port number and the destination port field again a 16-bit field so for
port field again a 16-bit field so for example
example if you connect to
if you connect to howtonetwork.com you're connecting
howtonetwork.com you're connecting to a destination port of 80 which is the
to a destination port of 80 which is the tcp port for http the sequence number
tcp port for http the sequence number field is a 32-bit field indicating the
field is a 32-bit field indicating the amount of data sent during a tcp session
amount of data sent during a tcp session the sending party uses this field to
the sending party uses this field to make sure the receiving party actually
make sure the receiving party actually received the data
received the data the receiving party uses the sequence
the receiving party uses the sequence number from this field as the basis for
number from this field as the basis for the acknowledgment number
the acknowledgment number in the next segment that it sends back
in the next segment that it sends back to the sender and then the window field
to the sender and then the window field which is a 16-bit field it specifies the
which is a 16-bit field it specifies the number of bytes a sender is willing to
number of bytes a sender is willing to transmit
transmit before receiving an acknowledgement from
before receiving an acknowledgement from the receiver known as the round trip
the receiver known as the round trip time the other iplayer for transport
time the other iplayer for transport protocol is udp udp is considered to be
protocol is udp udp is considered to be an unreliable protocol because it lacks
an unreliable protocol because it lacks all of the features of tcp there's no
all of the features of tcp there's no sequence numbering no window size no
sequence numbering no window size no acknowledgements
acknowledgements you can see here the header is quite
you can see here the header is quite simple
simple it contains only source and destination
it contains only source and destination port numbers
port numbers and then a udp checksum and then segment
and then a udp checksum and then segment length so why use udp well it's best for
length so why use udp well it's best for servicing applications that need to
servicing applications that need to maximize bandwidth and do not require
maximize bandwidth and do not require acknowledgements such as video streams
acknowledgements such as video streams or audio and in fact the primary
or audio and in fact the primary protocol used to carry voice and video
protocol used to carry voice and video traffic over networks is
traffic over networks is rtp
rtp real-time transport protocol
real-time transport protocol and that's a layer 4 protocol that is
and that's a layer 4 protocol that is encapsulated inside of
encapsulated inside of udp so here's what you learned you
udp so here's what you learned you learned about the basics of ipv4
learned about the basics of ipv4 addressing and subnets
addressing and subnets and then you received a brief overview
and then you received a brief overview of tcp udp and ip headers
of tcp udp and ip headers all this information will come in handy
all this information will come in handy on your ccda exam good luck in your
on your ccda exam good luck in your studies
hi this is david voss ccie11372 in this video we will be
ccie11372 in this video we will be discussing ip version 6 addressing
discussing ip version 6 addressing so let's ask the basic question
so let's ask the basic question why even upgrade to ipv version 6 other
why even upgrade to ipv version 6 other than the fact that you simply get more
than the fact that you simply get more ip addresses
ip addresses well there's a lot of reasons why you
well there's a lot of reasons why you would want to upgrade to ipv version 6
would want to upgrade to ipv version 6 and here are a few of them spelled out
and here are a few of them spelled out for you which i think you'll need to
for you which i think you'll need to know for your ccnp route again exam but
know for your ccnp route again exam but please note you no longer need nat or
please note you no longer need nat or pat it has inherent ipsec support these
pat it has inherent ipsec support these are key and critical updates now once
are key and critical updates now once you've committed to using ipv6 you need
you've committed to using ipv6 you need to understand how these different ip
to understand how these different ip addresses are labeled there's a global
addresses are labeled there's a global unicast address these are unicast
unicast address these are unicast packets sent through the public internet
packets sent through the public internet with public ipa addresses
with public ipa addresses unique local which are unicast packets
unique local which are unicast packets inside one organization which is
inside one organization which is basically equal to your private ipa
basically equal to your private ipa addressing
addressing link local which are packets sent to a
link local which are packets sent to a local subnet and are not rotter audible
local subnet and are not rotter audible across networks
and and then finally take note of the loopback address which you know from
loopback address which you know from ipv4 is 127.001
ipv4 is 127.001 ipv6 also has a loopback addressing as
ipv6 also has a loopback addressing as well
well an ipv6 address has 128 bits
an ipv6 address has 128 bits broken out into 32 hexadecimal numbers
broken out into 32 hexadecimal numbers organized into eight quartets
organized into eight quartets so here is the hexadecimal numbering
so here is the hexadecimal numbering system
system which i'm sure we won't need much of a
which i'm sure we won't need much of a refresher on but we do need to use it to
refresher on but we do need to use it to understand ipv6
understand ipv6 and here is an ipv6 ip address and as
and here is an ipv6 ip address and as you can see it looks quite long mainly
you can see it looks quite long mainly because we're used to looking at ipv4
because we're used to looking at ipv4 addresses so
addresses so this ups the game a little bit and we
this ups the game a little bit and we may begin to wonder how we're going to
may begin to wonder how we're going to support this on our network or document
support this on our network or document this and we get concerned about managing
this and we get concerned about managing a network addressing this long well
a network addressing this long well there are built-in mechanisms within ib
there are built-in mechanisms within ib version 6 to help us manage it and we're
version 6 to help us manage it and we're going to cover that
going to cover that there's ways you can summarize ipv6
there's ways you can summarize ipv6 addresses to make it more manageable not
addresses to make it more manageable not only to read but to understand and
only to read but to understand and explain to other people
explain to other people so you can shorten an ipv6 by omit by
so you can shorten an ipv6 by omit by omitting the leading zeros in any any
omitting the leading zeros in any any given quartet or you can represent one
given quartet or you can represent one or more consecutive quartets
or more consecutive quartets with a double colon
with a double colon so here you see an ipv version six
so here you see an ipv version six address with many zeros in it here's how
address with many zeros in it here's how we can summarize it
we can summarize it on the left hand side you can see that
on the left hand side you can see that we used a double colon to represent the
we used a double colon to represent the first
first the second and third quartet and then we
the second and third quartet and then we summarize the remaining quartets of
summarize the remaining quartets of zeros and in the second example we did
zeros and in the second example we did the opposite we summarized the first two
the opposite we summarized the first two quartets with zeros
quartets with zeros and then use the double colon for the
and then use the double colon for the end you can only use the double colon
end you can only use the double colon once in an ipv version 6 ipa address
once in an ipv version 6 ipa address so here we see an ip version 6ip address
so here we see an ip version 6ip address and this is the subnet it's this
and this is the subnet it's this remember it's a slash 64. so we're
remember it's a slash 64. so we're matching the first 64 bits as you see
matching the first 64 bits as you see here
here and this also can be summarized you
and this also can be summarized you don't need to write out all these zeros
don't need to write out all these zeros so to explain what the subnet is to
so to explain what the subnet is to somebody you can simply write it out
somebody you can simply write it out this way
this way so ipv6 is manageable it gives you tools
so ipv6 is manageable it gives you tools to manage it
to manage it so whether you're reviewing
so whether you're reviewing documentation or holding a general
documentation or holding a general discussion about your network or simply
discussion about your network or simply logging into a cisco router to take a
logging into a cisco router to take a look at what's going on
look at what's going on understanding abbreviation is key to
understanding abbreviation is key to ipv6
ipv6 here are some other ways we can
here are some other ways we can understand ipv6 addressing
understand ipv6 addressing in our first example you'll see that
in our first example you'll see that it's 2 0 0 0 and then a double colon
it's 2 0 0 0 and then a double colon slash four
slash four the slash four would match the first
the slash four would match the first four bits and hex that would be zero
four bits and hex that would be zero zero one zero
zero one zero so all addresses whose first four bits
so all addresses whose first four bits are equal to the first four bits of the
are equal to the first four bits of the hex number
hex number two zero zero zero
two zero zero zero in the second second example we're
in the second second example we're matching all addresses whose first 20
matching all addresses whose first 20 bits match the listed hex number and you
bits match the listed hex number and you can see in red
can see in red what match that would be
what match that would be and then the final example all addresses
and then the final example all addresses whose first 32 bits match the listed hex
whose first 32 bits match the listed hex number
here's another ipv6 address how do we break it out into subnets well here you
break it out into subnets well here you have it
have it we're honoring the first 48 bits of this
we're honoring the first 48 bits of this range and then we are breaking this out
range and then we are breaking this out into smaller subnets as you can see here
so here's what you've learned you've learned about some basic ip version 6
learned about some basic ip version 6 concepts and why you may want to upgrade
concepts and why you may want to upgrade to ipv6 beyond just for the reason of
to ipv6 beyond just for the reason of obtaining more ipa addresses you've also
obtaining more ipa addresses you've also learned about the addressing and how the
learned about the addressing and how the addressing can be abbreviated
addressing can be abbreviated i wish you the best of luck in your
i wish you the best of luck in your studies thank you
hi this is david voss ccie11372 and in this video
ccie11372 and in this video we're going to cover routing protocol
we're going to cover routing protocol concepts to introduce you to routing
concepts to introduce you to routing protocols for your ccda exam cisco wants
protocols for your ccda exam cisco wants you to be able to identify the
you to be able to identify the attributes of routing protocols so you
attributes of routing protocols so you can make the correct design decisions
can make the correct design decisions the fundamental question is which
the fundamental question is which routing protocol should you use
routing protocol should you use when answering that question you must
when answering that question you must keep in mind
keep in mind the following characteristics of routing
the following characteristics of routing protocols
protocols and cisco wants you to remember all of
and cisco wants you to remember all of these
these first is scalability how large is your
first is scalability how large is your network now
network now how large will it become
how large will it become this is important because there are
this is important because there are versions of rip or actually all versions
versions of rip or actually all versions of rip have a maximum hop count of 15
of rip have a maximum hop count of 15 routers
routers ospf and eigrp scale much better and bgp
ospf and eigrp scale much better and bgp is the primary routing protocol used on
is the primary routing protocol used on the internet so obviously it scales very
the internet so obviously it scales very well and many companies in fact use bgp
well and many companies in fact use bgp internally for that reason
internally for that reason vendor interoperability
vendor interoperability will you be using all cisco routers on
will you be using all cisco routers on your network or will be a blend of cisco
your network or will be a blend of cisco and non-cisco
and non-cisco why is that important well rip and ospf
why is that important well rip and ospf work fine regardless of vendor and now
work fine regardless of vendor and now even cisco has taken steps to ensure
even cisco has taken steps to ensure eigrp can be used by any networking
eigrp can be used by any networking vendor the question is do they support
vendor the question is do they support it rip and ospf and bgp most likely
it rip and ospf and bgp most likely eigrp maybe or maybe not by non-cisco
eigrp maybe or maybe not by non-cisco vendors
vendors it staffs familiarity with the protocol
it staffs familiarity with the protocol you and the it staff at your company
you and the it staff at your company might be much more familiar with one
might be much more familiar with one routing protocol over another
routing protocol over another i worked at a company where we had an
i worked at a company where we had an internal debate over eigrp versus ospf
internal debate over eigrp versus ospf and the tipping point for the
and the tipping point for the conversation was what protocols did the
conversation was what protocols did the engineers already know or want to learn
engineers already know or want to learn better
better it was ospf
it was ospf and therefore that's what we went with
and therefore that's what we went with as far as our design decision that was
as far as our design decision that was the tipping point
the tipping point you will have the same debates
you will have the same debates internally and should be prepared for
internally and should be prepared for this in your decision making process
this in your decision making process speed of convergence
speed of convergence a benefit of dynamic routing protocols
a benefit of dynamic routing protocols over static routes is the ability for
over static routes is the ability for dynamic routing protocols to reroute
dynamic routing protocols to reroute around network failures
around network failures when this failure occurs the network
when this failure occurs the network recalculates and reaches a steady state
recalculates and reaches a steady state condition this is called the state of
condition this is called the state of being a converged network
being a converged network the amount of time for the failure to
the amount of time for the failure to occur is called the convergence time
occur is called the convergence time now some routing protocols have faster
now some routing protocols have faster convergence times than others this is
convergence times than others this is important because when a network is not
important because when a network is not in a steady state data can be dropped or
in a steady state data can be dropped or looped within the network you should
looped within the network you should know that because rip and bgp might take
know that because rip and bgp might take up to a few minutes to converge by
up to a few minutes to converge by contrast ospf and eigrp can converge in
contrast ospf and eigrp can converge in just a few seconds
just a few seconds the capability to perform summarization
the capability to perform summarization large enterprise networks can have
large enterprise networks can have routing tables with
routing tables with many route entries and network
many route entries and network summarization allows multiple routes to
summarization allows multiple routes to then be summarized into a single route
then be summarized into a single route advertisement
advertisement so it reduces the number of entries in a
so it reduces the number of entries in a router's routing table that eats up less
router's routing table that eats up less memory and also cpu because it reduces
memory and also cpu because it reduces the number of network advertisements
the number of network advertisements that need to be sent
that need to be sent and that can obviously increase
and that can obviously increase convergence time as well
convergence time as well here's a perfect example let's say we're
here's a perfect example let's say we're looking at the routing table of a core
looking at the routing table of a core router and it knows about all the branch
router and it knows about all the branch offices and let's say there are
offices and let's say there are 255 branch offices and each are a lot of
255 branch offices and each are a lot of the slash 24 and they're assigned a
the slash 24 and they're assigned a 192.168
192.168 x.04 network now sure the core router
x.04 network now sure the core router has
has individual entries for all of these
individual entries for all of these routes and knows how to reach all of
routes and knows how to reach all of them through separate interfaces or
them through separate interfaces or tunnels
tunnels but all these routes do not need to be
but all these routes do not need to be passed individually throughout the
passed individually throughout the network onto a neighbor through a route
network onto a neighbor through a route advertisement they can be summarized
advertisement they can be summarized using one summary route
using one summary route 192.16800 16. so as you can see using
192.16800 16. so as you can see using summarization we're saving a lot of
summarization we're saving a lot of memory and cpu by simply summarizing
memory and cpu by simply summarizing all of these routes
all of these routes into one single route
interior or exterior routing a key term you need to understand is as
a key term you need to understand is as which stands for autonomous system and
which stands for autonomous system and this is a network under a single
this is a network under a single administrative control
administrative control a network
a network might be a single as and when it
might be a single as and when it connects to let's say another network
connects to let's say another network let's say an internet service provider
let's say an internet service provider then it's connecting to a separate as
then it's connecting to a separate as when you're selecting a routing protocol
when you're selecting a routing protocol you need to determine is it running
you need to determine is it running inside your network or will you be
inside your network or will you be running it with somebody outside of your
running it with somebody outside of your network
network to answer the question as to what
to answer the question as to what routing protocol you should run you need
routing protocol you should run you need to understand if you need an igp an
to understand if you need an igp an interior gateway protocol or a egp an
interior gateway protocol or a egp an exterior gateway protocol an igp
exterior gateway protocol an igp exchanges routes between routers in a
exchanges routes between routers in a single as
single as common igps are eigrp or ospf
common igps are eigrp or ospf and then rip and isis are also used but
and then rip and isis are also used but not as much
not as much today the only egp in use is bgp but
today the only egp in use is bgp but please note that bgp is sometimes also
please note that bgp is sometimes also used as an interior gateway protocol as
used as an interior gateway protocol as well
well there are two types of routing protocols
there are two types of routing protocols the first type is distance vector
the first type is distance vector distance vector routing protocols send a
distance vector routing protocols send a full copy of the router's routing table
full copy of the router's routing table to directly attach neighbors
to directly attach neighbors now obviously this is not very efficient
now obviously this is not very efficient because it's sending information to a
because it's sending information to a neighbor even if the neighbor already
neighbor even if the neighbor already has that information
has that information this can lead to slower convergence time
this can lead to slower convergence time with slow convergence time you then
with slow convergence time you then can introduce routing loops the routing
can introduce routing loops the routing protocols that are considered distance
protocols that are considered distance vector are rip and eigrp
vector are rip and eigrp there are two mechanisms that you can
there are two mechanisms that you can use to deal with routing loops that
use to deal with routing loops that cisco wants you to know
cisco wants you to know the first is split horizon
the first is split horizon this prevents a route learned on an
this prevents a route learned on an interface from being advertised back out
interface from being advertised back out that same interface i'll show you a
that same interface i'll show you a diagram in a minute so this makes more
diagram in a minute so this makes more sense and then there's poison reverse
sense and then there's poison reverse which causes a route received on one
which causes a route received on one interface
interface to then be advertised out the same
to then be advertised out the same interface with an infinite metric so
interface with an infinite metric so that nobody actually wants to use it
that nobody actually wants to use it but let's go ahead and take a look at
but let's go ahead and take a look at the diagram so we can better understand
the diagram so we can better understand the issue with routing loops and
the issue with routing loops and distance vector routing protocols and
distance vector routing protocols and then what we can do about it with split
then what we can do about it with split horizon or poison reverse
horizon or poison reverse as you can see here we have a basic
as you can see here we have a basic point-to-point network router one
point-to-point network router one connecting to router two over serial
connecting to router two over serial interface
interface and then a network one nine two one six
and then a network one nine two one six eight one
eight one dot zero slash twenty four
dot zero slash twenty four which is then advertised out serial 0
which is then advertised out serial 0 over to router 1.
over to router 1. router 1 then learns that
router 1 then learns that route and places it in its routing table
route and places it in its routing table as you can see here with a metric of one
as you can see here with a metric of one one hop now what if ethernet 0 on router
one hop now what if ethernet 0 on router 2 were to go down and the network were
2 were to go down and the network were no longer available the problem with
no longer available the problem with distance vector routing
distance vector routing is that router 1 is going to send its
is that router 1 is going to send its full routing table over to router 2.
full routing table over to router 2. while router 2 does not know about
while router 2 does not know about 192.168.1.0 anymore so when it receives
192.168.1.0 anymore so when it receives the subnet advertisement
the subnet advertisement from router 1 of 192.168.1.0
from router 1 of 192.168.1.0 it's going to accept it and place it in
it's going to accept it and place it in its routing table with a metric of two
its routing table with a metric of two and this is where we introduce routing
and this is where we introduce routing loops router two will then forward
loops router two will then forward traffic over to router one router one
traffic over to router one router one thinks it can reach that network via
thinks it can reach that network via router two and traffic will then loop
router two and traffic will then loop between the two routers
between the two routers this obviously is not ideal now you've
this obviously is not ideal now you've already learned about the two solutions
already learned about the two solutions to deal with that and you'll need to
to deal with that and you'll need to know it for your ccmp exam split horizon
know it for your ccmp exam split horizon will prevent a route learned on an
will prevent a route learned on an interface but from being advertised back
interface but from being advertised back out that same interface
out that same interface and then poison reverse which causes a
and then poison reverse which causes a route received on one interface to be
route received on one interface to be advertised out that same interface with
advertised out that same interface with an infinite metric
the next type of routing protocol you need to be aware of is the link state
need to be aware of is the link state routing protocol
routing protocol routers send link state advertisements
routers send link state advertisements or lsa to advertise the networks they
or lsa to advertise the networks they know how to reach
know how to reach so they don't send the full routing
so they don't send the full routing table just the networks they know how to
table just the networks they know how to reach and only when there is a change in
reach and only when there is a change in the topology
the topology they only exchange full routing
they only exchange full routing information when two routers initially
information when two routers initially form their adjacency but from there on
form their adjacency but from there on out it's on a need to know basis
out it's on a need to know basis the routing protocols that are link
the routing protocols that are link state routing protocols are ospf and
state routing protocols are ospf and isis
isis and the final type of routing protocol
and the final type of routing protocol you need to know is path vector bgp is
you need to know is path vector bgp is path vector and it includes information
path vector and it includes information not just about the neighbor but the
not just about the neighbor but the exact path that packets take to reach a
exact path that packets take to reach a specific destination network so when you
specific destination network so when you do look at bgpu advertisements you can
do look at bgpu advertisements you can see exactly over what autonomous systems
see exactly over what autonomous systems that traffic is flowing over
that traffic is flowing over so you've learned about the role of
so you've learned about the role of routing in an enterprise network and the
routing in an enterprise network and the different layers of enterprise network
different layers of enterprise network design and then you learn the basic
design and then you learn the basic characteristics of routing protocols
characteristics of routing protocols which is really going to help you as you
which is really going to help you as you solidify your foundation
solidify your foundation and now you move forward in your ccmp
and now you move forward in your ccmp studies i'm sure you're going to do
studies i'm sure you're going to do great and continue on with the video
great and continue on with the video series and good luck to you in your
series and good luck to you in your studies
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about
to learn about rip design
rip design specifically we're going to
specifically we're going to first learn about rip version one so you
first learn about rip version one so you can lay a foundation for understanding
can lay a foundation for understanding rip version two
rip version two since that is the version most commonly
since that is the version most commonly used today and if you were to design a
used today and if you were to design a network using rip most likely that would
network using rip most likely that would be the version you would choose
be the version you would choose so let's begin with rip version one
so let's begin with rip version one now the major drawback of rip version
now the major drawback of rip version one and why many don't use it today is
one and why many don't use it today is that it has classful behavior meaning
that it has classful behavior meaning that it does not send back subnet mask
that it does not send back subnet mask information
information now if there is no subnet mask
now if there is no subnet mask information in the updates
information in the updates then it assumes that any network is
then it assumes that any network is staying within its class full boundary
staying within its class full boundary which in as you know in most networks
which in as you know in most networks today that's rare
today that's rare as you can see here each class has a
as you can see here each class has a range of ip addresses that it would
range of ip addresses that it would support
support and if it were to remain on classful
and if it were to remain on classful boundaries that would mean that you
boundaries that would mean that you would not be able to provide vlsm or
would not be able to provide vlsm or break down these
break down these assigned subnets into
assigned subnets into smaller subnets
smaller subnets so for example if you were assigned a
so for example if you were assigned a network in the class a range let's say a
network in the class a range let's say a 10 dot network you would not be able to
10 dot network you would not be able to break your 10 dot network down into
break your 10 dot network down into smaller subnets so
smaller subnets so later in this video we will talk about
later in this video we will talk about auto summarization and that if it
auto summarization and that if it summarizes on a classful boundary
summarizes on a classful boundary specifically with 10 dot networks you
specifically with 10 dot networks you can have routing problems
can have routing problems so often you will find that you will
so often you will find that you will want to turn off auto summarization in
want to turn off auto summarization in rip version 2.
rip version 2. another issue with rip version 1 is that
another issue with rip version 1 is that it broadcasts updates
it broadcasts updates so it uses unnecessary bandwidth but it
so it uses unnecessary bandwidth but it also means that routers that are not
also means that routers that are not even running rip will constantly receive
even running rip will constantly receive rip updates even though they won't
rip updates even though they won't process them
process them because routers that run rip will
because routers that run rip will broadcast and mount all interfaces
broadcast and mount all interfaces modern routing protocols use a multicast
modern routing protocols use a multicast approach in order to solve this issue
approach in order to solve this issue by sending updates only to routers that
by sending updates only to routers that really need to receive them
really need to receive them rip version 1 does not allow
rip version 1 does not allow authentication
authentication so there is no element of security that
so there is no element of security that can be added to the routing protocol
can be added to the routing protocol to ensure that it is not sending
to ensure that it is not sending information to devices that should not
information to devices that should not receive it
receive it when examining rip version 2 you can see
when examining rip version 2 you can see that many of version 1 shortcomings have
that many of version 1 shortcomings have been addressed
been addressed rip version 2 has a classless behavior
rip version 2 has a classless behavior meaning that subnet mask information is
meaning that subnet mask information is sent in updates so vlsm can be achieved
sent in updates so vlsm can be achieved version 2 also supports authentication
version 2 also supports authentication to ensure that the person you are
to ensure that the person you are sending the information to is the person
sending the information to is the person authorized to receive that information
authorized to receive that information now in addition to plain text passwords
now in addition to plain text passwords the cisco implementation
the cisco implementation provides the ability to use md5
provides the ability to use md5 authentication
authentication md5
md5 is a hashing algorithm that takes a
is a hashing algorithm that takes a variable length string of text and
variable length string of text and produces a fixed length 128 bit output
produces a fixed length 128 bit output the advantage of hashtag plain text is
the advantage of hashtag plain text is that the original message
that the original message cannot be reconstructed even with the
cannot be reconstructed even with the knowledge of the hash algorithm
knowledge of the hash algorithm now with regards to advertisements rip
now with regards to advertisements rip version 2 multicasts routing updates
version 2 multicasts routing updates instead of broadcasting them as rip
instead of broadcasting them as rip version 1 does
version 1 does so this allows for the efficient
so this allows for the efficient exchange of routing updates
exchange of routing updates another special feature of version 2 is
another special feature of version 2 is automatic summarization feature
automatic summarization feature which is applied to prefixes on classful
which is applied to prefixes on classful boundaries
boundaries this behavior is a double-edged sword
this behavior is a double-edged sword because it can induce problems in real
because it can induce problems in real world scenarios
world scenarios let's look at the following example
let's look at the following example router 1 connects to the following
router 1 connects to the following networks
networks 10.10.10.0 and 10.10.20.0
10.10.10.0 and 10.10.20.0 and
and 10.10.30.0
10.10.30.0 router 1 connects to router 2 and then
router 1 connects to router 2 and then onto router 3 which has connectivity to
onto router 3 which has connectivity to the 10.40.0
the 10.40.0 and
and 10.10.50.0 networks
10.10.50.0 networks there are also other networks between
there are also other networks between the routers such as 172.1600
the routers such as 172.1600 and 192.168.000
and 192.168.000 notice the change in classful boundaries
notice the change in classful boundaries that makes rip automatically summarize
that makes rip automatically summarize the networks behind router 1 and router
the networks behind router 1 and router 3
3 as 10.0.0.0.8
toward router 2. this can lead to a problem or it will
this can lead to a problem or it will lead to a problem router 2 will receive
lead to a problem router 2 will receive the same route from both directions
the same route from both directions if it receives a packet destin for
if it receives a packet destin for 10.10.10.0
10.10.10.0 it can send it in both directions based
it can send it in both directions based on the automatically summarized prefixes
on the automatically summarized prefixes it received
it received this problem is called discontiguous
this problem is called discontiguous subnets
subnets and it's generated by the automatic
and it's generated by the automatic summarization behavior of the routing
summarization behavior of the routing protocol that aggregates those subnets
protocol that aggregates those subnets solutions for this problem involve not
solutions for this problem involve not using discontiguous subnets in different
using discontiguous subnets in different areas in the network topology
areas in the network topology or
or disabling auto summarization
disabling auto summarization let's take a look at the rip version 2
let's take a look at the rip version 2 message format
message format the rib version 2 message format takes
the rib version 2 message format takes advantage of the unused fields in the
advantage of the unused fields in the version 1 message format by adding
version 1 message format by adding subnet masks and other information
subnet masks and other information let's go through some of the key
let's go through some of the key attributes of this message
attributes of this message the command field indicates whether the
the command field indicates whether the packet is a request or response message
packet is a request or response message the request message asks that a router
the request message asks that a router send all or part of its routing table
send all or part of its routing table response messages contain route entries
response messages contain route entries the router sends the response
the router sends the response periodically or as a reply to a request
periodically or as a reply to a request version specifies the rip version used
version specifies the rip version used 2 for rip version 2 and 1 for rip
2 for rip version 2 and 1 for rip version 1.
version 1. afi field specifies the address family
afi field specifies the address family used
used rip is designed to carry routing
rip is designed to carry routing information for several different
information for several different protocols
protocols each entry has an afi to indicate the
each entry has an afi to indicate the type of address specified
type of address specified the afi for ip is 2.
route tag route tags provide a method for distinguishing between internal
for distinguishing between internal routes which are learned by rip and
routes which are learned by rip and external routes which are learned from
external routes which are learned from other routing protocols
other routing protocols you can add this optional attribute
you can add this optional attribute during the redistribution of routing
during the redistribution of routing protocols
protocols ip address specifies the ip address of
ip address specifies the ip address of the destination
the destination subnet mask contains the subnet mask for
subnet mask contains the subnet mask for the destination now if this field is
the destination now if this field is zero no subnet mask has been specified
zero no subnet mask has been specified for the entry
for the entry next hop indicates the ip address of the
next hop indicates the ip address of the next hop where packets are sent to reach
next hop where packets are sent to reach the destination
the destination and metric indicates how many router
and metric indicates how many router hops to reach the destination
hops to reach the destination the metric is always going to be between
the metric is always going to be between 1 and 15 for a valid route
1 and 15 for a valid route since 16 would indicate an unreasonable
since 16 would indicate an unreasonable unreachable or infinite route
another aspect about rip that you need to know is that it relies on a series of
to know is that it relies on a series of timers for its operations
timers for its operations as described here
as described here the update timer this is where updates
the update timer this is where updates are sent and they're sent every 30
are sent and they're sent every 30 seconds by default
seconds by default invalid the route is invalidated if no
invalid the route is invalidated if no update was received before this timer
update was received before this timer expires
expires flush timer determines the time a route
flush timer determines the time a route gets flushed from the rip table
gets flushed from the rip table and hold down timer updates are not
and hold down timer updates are not accepted for a route that keeps getting
accepted for a route that keeps getting a bad metric
a bad metric and finally
and finally the sleep timer which can add delay to
the sleep timer which can add delay to triggered updates
triggered updates the hold down and sleep timers are cisco
the hold down and sleep timers are cisco specific and are used to enhance the rip
specific and are used to enhance the rip functionality
functionality they were not originally specified in
they were not originally specified in the rfcs for rip
the rfcs for rip in summary here are some key points
in summary here are some key points about rip version 2 that you need to
about rip version 2 that you need to memorize for your ccda exam
memorize for your ccda exam it's a distance vector protocol which
it's a distance vector protocol which uses udp port 520
uses udp port 520 it does not scale well since the maximum
it does not scale well since the maximum hop count is 15.
hop count is 15. periodic route updates are sent every 30
periodic route updates are sent every 30 seconds to a multicast address
seconds to a multicast address 25 routes are allowed per rip message or
25 routes are allowed per rip message or 24 if you're using authentication
24 if you're using authentication and obviously it supports authentication
and obviously it supports authentication subnet mask is included in every route
subnet mask is included in every route entry
entry it's a classless protocol
it's a classless protocol it does support vlsm
it does support vlsm and the metric for
and the metric for version 2 is router hop count
version 2 is router hop count now all of these points you need to
now all of these points you need to memorize for your ccda exam this video
memorize for your ccda exam this video has given you a good base foundation for
has given you a good base foundation for preparations for your ccda if you can
preparations for your ccda if you can memorize what you've learned in this
memorize what you've learned in this video you should do very well when asked
video you should do very well when asked questions about rip and how and when you
questions about rip and how and when you would use it in a network design good
would use it in a network design good luck in your studies
hi this is david voss ccie11372 and in this video you're going to learn
and in this video you're going to learn about eigrp design
about eigrp design we're going to do a high-level eigrp
we're going to do a high-level eigrp overview
overview in this video
in this video and then we're going to talk about the
and then we're going to talk about the eigrp components you're going to see
eigrp components you're going to see this constant theme of these four
this constant theme of these four components
components so first there are eigrp messages that
so first there are eigrp messages that are unique to eigrp there's a unique
are unique to eigrp there's a unique eigrp algorithm
eigrp algorithm there are tables that are again unique
there are tables that are again unique to eigrp that you need to know about
to eigrp that you need to know about and then finally you need to know that
and then finally you need to know that eigrp supports
eigrp supports independent modules
independent modules so there are multiple there's multiple
so there are multiple there's multiple support for
support for multiple different network layer
multiple different network layer protocols
now the way we're going to approach this is
the way we're going to approach this is again it's a high level overview of
again it's a high level overview of concepts that are unique to eigrp so we
concepts that are unique to eigrp so we all know that eigrp can support vlsm for
all know that eigrp can support vlsm for example but many routing protocols can
example but many routing protocols can so we're not going to dig into vlsm and
so we're not going to dig into vlsm and eigrp we're going to talk about things
eigrp we're going to talk about things that are unique to eigrp
that are unique to eigrp now for to understand eigrp we first
now for to understand eigrp we first need to understand igrp igrp came out in
need to understand igrp igrp came out in 1986
1986 it is an interior gateway protocol that
it is an interior gateway protocol that was once very popular
was once very popular distance vector a distance vector
distance vector a distance vector routing protocol
routing protocol and
and it used four key attributes to develop
it used four key attributes to develop this distance information on how to
this distance information on how to choose the best path
choose the best path so it looked at the link
so it looked at the link and then it said how much available
and then it said how much available bandwidth is there
bandwidth is there how much delay how much load and how
how much delay how much load and how much link reliability is there on this
much link reliability is there on this link path or on the multiple links to my
link path or on the multiple links to my path
path well
well e-i-g-r-p
e-i-g-r-p is still an interior gateway protocol
is still an interior gateway protocol and it is still a distance vector
and it is still a distance vector protocol although
protocol although many times in the past it had been
many times in the past it had been referred to as hybrid but those days are
referred to as hybrid but those days are pretty much gone
pretty much gone distance vector is what it's classified
distance vector is what it's classified as
as but it has can improve convergence in
but it has can improve convergence in operations so
operations so it uses the dual diffusing update
it uses the dual diffusing update algorithm and i'll show you about that
algorithm and i'll show you about that in a few minutes and then again it has
in a few minutes and then again it has multiple unique tables eigrp
multiple unique tables eigrp which assists in the operations and
which assists in the operations and enhances the operations
enhances the operations and then again it supports multiple
and then again it supports multiple network layer protocols
so how does eigrp actually work well i'll tell you what let's go ahead
well i'll tell you what let's go ahead and open up the hood and take a look
and open up the hood and take a look underneath eigrp has four basic
underneath eigrp has four basic components and these should already
components and these should already start looking familiar to you it has
start looking familiar to you it has messages so messages flow to and from
messages so messages flow to and from neighbors eigrp neighbors there's five
neighbors eigrp neighbors there's five different types we'll dig into that in a
different types we'll dig into that in a little bit
little bit eigrp has the dual algorithm the dual
eigrp has the dual algorithm the dual algorithm takes the information from
algorithm takes the information from those messages and then processes
those messages and then processes best path and possible best path
best path and possible best path then all the information from the
then all the information from the messages and the algorithms get
messages and the algorithms get put into tables so these eigrp tables
put into tables so these eigrp tables hold the data
hold the data from the algorithm and the messages and
from the algorithm and the messages and then finally the modules these protocol
then finally the modules these protocol dependent modules
dependent modules support a variety of network layer
support a variety of network layer protocols so we're not limited eigrp is
protocols so we're not limited eigrp is not limited to just ip
so with regards to messages there are different types of packet formats
different types of packet formats there's five different types of packet
there's five different types of packet formats
formats first there's the hello message a hello
first there's the hello message a hello message is basically a query out to
message is basically a query out to anybody who'll listen asking if
anybody who'll listen asking if anybody's out there so our router
anybody's out there so our router running eigrp sends hello packets by
running eigrp sends hello packets by default and it will send those packets
default and it will send those packets out and hope for a return reply and when
out and hope for a return reply and when it gets a return reply it'll get that
it gets a return reply it'll get that update and that update contains all the
update and that update contains all the messages or all the routes that want to
messages or all the routes that want to be shared via eigrp
be shared via eigrp update messages are messages with a lot
update messages are messages with a lot of routing information in them
of routing information in them and then there's the acknowledgement
and then there's the acknowledgement message which surely you know about from
message which surely you know about from other protocols but it's simply
other protocols but it's simply acknowledging that yes i've received
acknowledging that yes i've received your message
your message and that's key to the reliable nature of
and that's key to the reliable nature of eigrp which we'll talk about in a minute
eigrp which we'll talk about in a minute there's a query message so if eigrp
there's a query message so if eigrp loses a route and does not know how to
loses a route and does not know how to get there anymore it will query its
get there anymore it will query its neighbors saying do you have any
neighbors saying do you have any information about this route because i'd
information about this route because i'd like to get that information
like to get that information and then if a router does have
and then if a router does have information on that route or on that
information on that route or on that path it will reply back saying yes
path it will reply back saying yes i do have information and here it is
i do have information and here it is so these five messages can be broken out
so these five messages can be broken out into two categories some that are
into two categories some that are reliable and some that are not reliable
reliable and some that are not reliable the reliable messages are use reliable
the reliable messages are use reliable transport protocol
transport protocol and this is unique to eigrp but rtp
and this is unique to eigrp but rtp basically makes sure that packets
basically makes sure that packets get to where they're supposed to go in
get to where they're supposed to go in order so an unreliable packet is a hello
order so an unreliable packet is a hello message
message that message is not reliable but the
that message is not reliable but the update message from an eigrp router does
update message from an eigrp router does use rtp
use rtp so it is sequenced and there are
so it is sequenced and there are acknowledgments so there is an
acknowledgments so there is an acknowledgement to that message but the
acknowledgement to that message but the acknowledgement itself is not reliable
acknowledgement itself is not reliable then there's the query message remember
then there's the query message remember the query is to ask do you have
the query is to ask do you have information about this route
information about this route and that is that uses rtp and the
and that is that uses rtp and the response to that query the reply also
response to that query the reply also uses rtp
uses rtp so three different types of messages use
so three different types of messages use rtp the update the query and the reply
rtp the update the query and the reply and i think that's critical to know for
and i think that's critical to know for your exam
your exam now let's talk about the eigrp algorithm
now let's talk about the eigrp algorithm which is dual now to understand dual you
which is dual now to understand dual you need to understand what successor and
need to understand what successor and feasible successor routes are i think
feasible successor routes are i think when you think of successor just think
when you think of successor just think of success that's the best path
of success that's the best path so if eigrp loses connectivity to the
so if eigrp loses connectivity to the best path
best path it will then
it will then run the dual algorithm
run the dual algorithm and ask is there a feasible successor is
and ask is there a feasible successor is there a second best path
there a second best path and if the dual algorithm states yes
and if the dual algorithm states yes there is a feasible successor a second
there is a feasible successor a second best path it will then promote
best path it will then promote that second best path to the to to the
that second best path to the to to the best path so that becomes the successor
best path so that becomes the successor once it's it's the successor it is then
once it's it's the successor it is then installed into the routing table so for
installed into the routing table so for example it would be installed into the
example it would be installed into the ip routing table
ip routing table and then the router would begin to use
and then the router would begin to use that new path
that new path so this chart gives you an overview of
so this chart gives you an overview of base a high-level overview of how the
base a high-level overview of how the dual algorithm runs
dual algorithm runs but it's important to know these
but it's important to know these concepts
concepts of successor and feasible successor as
of successor and feasible successor as you move forward with eigrp and how dual
you move forward with eigrp and how dual uses that information
uses that information now eigrp uses specific tables to help
now eigrp uses specific tables to help make it run and one of the tables that
make it run and one of the tables that eigrp uses is called a neighbor table
eigrp uses is called a neighbor table now a neighbor table is exactly what you
now a neighbor table is exactly what you think it is it's a table that is
think it is it's a table that is comprised of a listing of all the eigrp
comprised of a listing of all the eigrp neighbors so
neighbors so for example we have a hub and spoke
for example we have a hub and spoke design here we have router a
design here we have router a router b and router c
router b and router c and router a and router b are both
and router a and router b are both running eigrp
running eigrp router a sends out a hello packet and
router a sends out a hello packet and router b responds back as well and
router b responds back as well and they've established a neighbor
they've established a neighbor relationship and router a sends out a
relationship and router a sends out a hello packet rudder c does the same and
hello packet rudder c does the same and they've established their eigrp neighbor
they've established their eigrp neighbor relationship
relationship so once that happens router a begins to
so once that happens router a begins to build out its neighbor table
build out its neighbor table by identifying each router that each
by identifying each router that each neighbor by ip address so
neighbor by ip address so for example router b is 172 16
for example router b is 172 16 1.1 and he gets placed into the neighbor
1.1 and he gets placed into the neighbor table
table and then router c is 192.168.10.2
and he is placed in the router table as well
well so
so router a now has two neighbors and they
router a now has two neighbors and they are both listed in its neighbor table
are both listed in its neighbor table but there's also other information in
but there's also other information in the neighbor table as well
the neighbor table as well and it
and it the router a also wants to know what
the router a also wants to know what interface are these routers
interface are these routers off of so router b is off of serial one
off of so router b is off of serial one router c is off of serial two so should
router c is off of serial two so should i need to forward them
i need to forward them traffic or i know exactly which
traffic or i know exactly which interface they will be exiting
interface they will be exiting and then finally
and then finally there's
there's other information that is entered into
other information that is entered into the neighbor table there's quite a bit
the neighbor table there's quite a bit actually but for the sake of this high
actually but for the sake of this high level overview let's just talk about
level overview let's just talk about hold time because this is a key concept
hold time because this is a key concept when you program hold time on a router
when you program hold time on a router it's not local you're not changing the
it's not local you're not changing the whole time locally that information is
whole time locally that information is actually forwarded over to
actually forwarded over to your neighbor router so here we have
your neighbor router so here we have router c
router c who's changed his hold time to 10
who's changed his hold time to 10 seconds he forwards that over to router
seconds he forwards that over to router a
a and here we have router b
and here we have router b and let's say he's going to change his
and let's say he's going to change his hold time
hold time this information that they're changing
this information that they're changing from the default it gets inserted into
from the default it gets inserted into the neighbor table on router a
the neighbor table on router a and remember hold time is basically
and remember hold time is basically telling the router if you don't hear
telling the router if you don't hear from me in this amount of time
from me in this amount of time consider me down and flush the routes
consider me down and flush the routes that you receive from me
that you receive from me so it's important to remember hold time
so it's important to remember hold time is configured on router c and router b
is configured on router c and router b but the actual numeric
but the actual numeric change occurs on router a in the
change occurs on router a in the neighbor table
neighbor table now there's definitely other attributes
now there's definitely other attributes that are in the neighbor table
that are in the neighbor table and we will definitely go over those in
and we will definitely go over those in future videos but on a high level
future videos but on a high level overview of eigrp you need to know about
overview of eigrp you need to know about the ip the interface and the hold time
the ip the interface and the hold time counter and just remember hold time
counter and just remember hold time defaults
defaults are is 180 seconds
are is 180 seconds for low bandwidth links and 15 seconds
for low bandwidth links and 15 seconds for t1 or higher
for t1 or higher so
so that'll come up again again and you'll
that'll come up again again and you'll probably be asked about that as well
probably be asked about that as well but there are other eigrp tables that
but there are other eigrp tables that you should also be aware of
you should also be aware of and a key table to know about is the
and a key table to know about is the topology table topology table contains
topology table topology table contains all destinations advertised by
all destinations advertised by neighboring routers
neighboring routers this includes remember the successor and
this includes remember the successor and feasible successor routes the best path
feasible successor routes the best path to a destination and the next best path
to a destination and the next best path respectively
respectively so topology table is key for eigrp to
so topology table is key for eigrp to run now remember within topology table
run now remember within topology table you can see the route tag so in eigrp
you can see the route tag so in eigrp you can actually perform route tagging
you can actually perform route tagging and all you really need to know for now
and all you really need to know for now is that you can identify routes by their
is that you can identify routes by their origination
origination which allows for custom routing so you
which allows for custom routing so you can tag those routes with a manual entry
can tag those routes with a manual entry so that's all you really need to know
so that's all you really need to know for now
for now but getting back to eigrp tables
but getting back to eigrp tables now here's an example we have again a
now here's an example we have again a hub and spoke design
hub and spoke design router a router b and router c now
router a router b and router c now router a is going to build out as soon
router a is going to build out as soon as it enables eigrp it's going to build
as it enables eigrp it's going to build out these eigrp tables and one of the
out these eigrp tables and one of the tables again is going to be this
tables again is going to be this topology table
topology table the topology table is going to contain
the topology table is going to contain critical information for eigrp to run
critical information for eigrp to run and make the choices upon what the
and make the choices upon what the best path is going to be
best path is going to be so
so in the topology table it's going to
in the topology table it's going to insert routes that it learns from router
insert routes that it learns from router b and router c and then
b and router c and then it's going to ask
it's going to ask now that i know about this route which
now that i know about this route which neighbor did i learn it from
neighbor did i learn it from and then finally it's going to say
and then finally it's going to say i know the route i know the neighbor i
i know the route i know the neighbor i learned from
learned from what metric should i assign to it which
what metric should i assign to it which way should i send traffic or forward
way should i send traffic or forward traffic
traffic so
so in this example
in this example the route itself let's say we'll do a
the route itself let's say we'll do a 10.1.1.0
24 and let's say we learn this route from
and let's say we learn this route from both router b
both router b and from router c
so this topology table is filled out with two entries
with two entries for the same route
for the same route again this is not the routing table yet
again this is not the routing table yet this is a topology table
this is a topology table and it has a metric so let's keep it
and it has a metric so let's keep it simple so the metric to router b is 10
simple so the metric to router b is 10 and their metric to router c is 20.
and their metric to router c is 20. so
so for this simple example let's just say
for this simple example let's just say that
that the router now realizes that the
the router now realizes that the successor route the best route
successor route the best route is going to be
is going to be the path
the path through
through router b
router b now once the dual algorithm has run and
now once the dual algorithm has run and it realizes this it then takes
it realizes this it then takes that route or that path
that route or that path and it places the successor route into
and it places the successor route into the routing table in this case the ip
the routing table in this case the ip routing table
routing table so now we know the successor is to
so now we know the successor is to router b and the feasible successor path
router b and the feasible successor path is to router c
so as we can see it's going to choose
it's going to choose the path out to router b
the path out to router b now what happens
now what happens if this route information is lost
if this route information is lost and
and router a no longer learns about this
router a no longer learns about this this route from router b or from router
this route from router b or from router c and it gets flushed well router a what
c and it gets flushed well router a what he's going to do
he's going to do is he's going to send a query
is he's going to send a query to router b
to router b and to router c
and to router c asking do you know
asking do you know about this route because i've lost it
about this route because i've lost it and i'm hoping you have information on
and i'm hoping you have information on it
it and
and the neighbors will respond back but
the neighbors will respond back but specifically
specifically let's say in this case
let's say in this case that router c is the only one that knows
that router c is the only one that knows about it
about it router c will respond yes i'm aware of
router c will respond yes i'm aware of it and it will send the information over
it and it will send the information over and router a will say thank you very
and router a will say thank you very much
much and router a will then insert it into
and router a will then insert it into the topology table it will become the
the topology table it will become the successor and once it's to the successor
successor and once it's to the successor it will be placed into the routing table
it will be placed into the routing table and then router a
and then router a will then begin using the path through
will then begin using the path through router c to reach that subnet
router c to reach that subnet and last but certainly not least we have
and last but certainly not least we have protocol dependent modules so eigrp
protocol dependent modules so eigrp and the dual algorithm
and the dual algorithm function in a way that protocols can run
function in a way that protocols can run and use eigrp independently of one
and use eigrp independently of one another so ip builds out its own
another so ip builds out its own neighboring topology tables ipx and
neighboring topology tables ipx and apple talk they all build out their own
apple talk they all build out their own neighbor and topology tables and dual
neighbor and topology tables and dual can work with any and all of them
can work with any and all of them so you've learned a lot in this video
so you've learned a lot in this video that will help you with eigrp design
that will help you with eigrp design we've done an overview and we've talked
we've done an overview and we've talked about the individual components of eigrp
about the individual components of eigrp messages algorithms tables and modules
messages algorithms tables and modules you'll need to know all this information
you'll need to know all this information not only to design eigrp but obviously
not only to design eigrp but obviously to do very well on the ccda exam
to do very well on the ccda exam if you study what's in this video and
if you study what's in this video and know it well i'm confident you'll do
know it well i'm confident you'll do really well in the eigrp portion of your
really well in the eigrp portion of your ccda good luck in your studies
hi this is david voss ccie11372 and in this video we're
ccie11372 and in this video we're covering ospf design
covering ospf design we're going to begin with some concepts
we're going to begin with some concepts you need to understand a baseline i
you need to understand a baseline i guess you could say prior to designing
guess you could say prior to designing ospf
ospf and then we're going to get a bit more
and then we're going to get a bit more granular in this video and dig into ospf
granular in this video and dig into ospf concepts such as administrative areas
concepts such as administrative areas virtual links router types designated
virtual links router types designated routers
routers neighbor exchange states link state
neighbor exchange states link state advertisements and
advertisements and best path selection
best path selection if you're going to design ospf properly
if you're going to design ospf properly you need to understand all of these
you need to understand all of these concepts we will not go into
concepts we will not go into configuration examples
configuration examples that you can learn in the ccnp route
that you can learn in the ccnp route exam
exam but for the ccda
but for the ccda you will need to understand these
you will need to understand these concepts so let's begin ospf is one of
concepts so let's begin ospf is one of the most complex routing protocols that
the most complex routing protocols that can be be deployed in modern networks
can be be deployed in modern networks ospf is an open standard protocol that
ospf is an open standard protocol that is it should be able to run on cisco and
is it should be able to run on cisco and non-cisco equipment
non-cisco equipment ospf is a classless routing protocol and
ospf is a classless routing protocol and this allows it to support vlsm similar
this allows it to support vlsm similar to eigrp which uses dual
to eigrp which uses dual ospf uses spf algorithm to select loop
ospf uses spf algorithm to select loop free paths throughout the topology
free paths throughout the topology ospf is designed to be very scalable
ospf is designed to be very scalable because it's hierarchical routing
because it's hierarchical routing protocol
protocol using the concept of areas to split the
using the concept of areas to split the topology into smaller sections
topology into smaller sections so it is a very popular protocol in
so it is a very popular protocol in today's enterprise networks because it
today's enterprise networks because it can scale so well
can scale so well ospf takes bandwidth into consideration
ospf takes bandwidth into consideration when calculating route metrics
when calculating route metrics in ospf it's considered the cost a
in ospf it's considered the cost a higher bandwidth generates a lower cost
higher bandwidth generates a lower cost and lower costs are preferred in ospf
and lower costs are preferred in ospf ospf supports authentication just as
ospf supports authentication just as eigrp does in rip version 2.
eigrp does in rip version 2. ospf is also very extensible it's
ospf is also very extensible it's similar to bgp and isis meaning that the
similar to bgp and isis meaning that the protocol can be modified in the future
protocol can be modified in the future to handle other forms of traffic
to handle other forms of traffic ospf discovers neighbors and exchanges
ospf discovers neighbors and exchanges topology information with its neighbors
topology information with its neighbors acting much as eigrp does in that way
acting much as eigrp does in that way based on the collected information and
based on the collected information and the link costs ospf calculates the
the link costs ospf calculates the shortest paths to each destination using
shortest paths to each destination using as we mentioned before the spf algorithm
as we mentioned before the spf algorithm the formula for calculating the
the formula for calculating the interface cost is reference bandwidth
interface cost is reference bandwidth divided by link bandwidth
divided by link bandwidth the default reference bandwidth is a
the default reference bandwidth is a hundred megabits per second but this can
hundred megabits per second but this can be modified
be modified just as the link bandwidth can be
just as the link bandwidth can be modified using the bandwidth command
modified using the bandwidth command please note that the reference bandwidth
please note that the reference bandwidth should be modified in networks that
should be modified in networks that contain a combination of 100 megabits
contain a combination of 100 megabits per second and one gigabit per second
per second and one gigabit per second links
links because by default all of these
because by default all of these interfaces will be assigned the same
interfaces will be assigned the same ospf cost
ospf cost that's obviously a big design
that's obviously a big design consideration and something you
consideration and something you certainly could be tested on
certainly could be tested on another aspect that adds to the design
another aspect that adds to the design complexity of ospf is that it can be
complexity of ospf is that it can be configured to behave differently
configured to behave differently depending on the topology in which you
depending on the topology in which you are implementing it
are implementing it ospf recognizes different network types
ospf recognizes different network types and this will control following actions
and this will control following actions such as how updates are sent
such as how updates are sent how many adjacencies are made with the
how many adjacencies are made with the ofcpf speakers
ofcpf speakers and how the next hop is calculated
and how the next hop is calculated ospf supports the following network
ospf supports the following network types broadcast
types broadcast non-broadcast
non-broadcast point-to-point
point-to-point point to multipoint
point to multipoint point to multi-point non-broadcast and
point to multi-point non-broadcast and loopback
loopback ospf automatically selects the network
ospf automatically selects the network type that is the most appropriate for
type that is the most appropriate for the given technology so for example if
the given technology so for example if you configure ospf in a broadcast based
you configure ospf in a broadcast based ethernet environment it will default to
ethernet environment it will default to the broadcast type
the broadcast type if you configure it on a frame relay
if you configure it on a frame relay interface it will default to the
interface it will default to the non-broadcast type
non-broadcast type an ospf configured on a point-to-point
an ospf configured on a point-to-point serial link will default to the
serial link will default to the point-to-point network type
point-to-point network type the only network types that you need to
the only network types that you need to manually assign would be 0.2 multi-point
manually assign would be 0.2 multi-point or point to multi-point non-broadcast
or point to multi-point non-broadcast these obviously are most appropriate for
these obviously are most appropriate for the partial mesh which is hub and spoke
the partial mesh which is hub and spoke environments and these must be
environments and these must be configured manually
configured manually so now that you have a high level
so now that you have a high level understanding of ospf let's go ahead and
understanding of ospf let's go ahead and dig into ospf concepts all of which you
dig into ospf concepts all of which you will need to know
will need to know for your ccda exam
for your ccda exam we're going to go through these one by
we're going to go through these one by one to the level of detail you need to
one to the level of detail you need to know for the ccda exam
know for the ccda exam and we're going to begin with
and we're going to begin with administrative areas
administrative areas an autonomous system is broken out into
an autonomous system is broken out into areas so areas are a group of routers
areas so areas are a group of routers that share a same area id
that share a same area id and these different areas these
and these different areas these different groupings have different
different groupings have different functions and and they know different
functions and and they know different types of information so you have
types of information so you have backbone area standard area et cetera et
backbone area standard area et cetera et cetera and each of these areas perform
cetera and each of these areas perform different functions so let's talk in
different functions so let's talk in detail about
detail about what some of these areas know
what some of these areas know and maybe what some of these areas do
and maybe what some of these areas do not know but also how ospf is designed
not know but also how ospf is designed around these these concepts of areas so
around these these concepts of areas so remember we're talking at a higher level
remember we're talking at a higher level here but as is a good rule of thumb
here but as is a good rule of thumb your backbone area in ospf
your backbone area in ospf if anybody ever refers to area 0 you
if anybody ever refers to area 0 you know they're talking about the backbone
know they're talking about the backbone area in ospf
area in ospf and this is probably the most well-known
and this is probably the most well-known area because it is required
area because it is required and all other areas
and all other areas must connect
must connect to the backbone area so if for area to
to the backbone area so if for area to area communication
area communication let's say you have an area one
let's say you have an area one communicating to an area three
communicating to an area three both of those areas must connect to the
both of those areas must connect to the backbone
backbone so let's start here with a standard area
so let's start here with a standard area now a standard area you know you know
now a standard area you know you know what does that really mean
what does that really mean well
well standard areas can be thought of
standard areas can be thought of as equal opportunity employers i guess
as equal opportunity employers i guess you could say
you could say because um
because um they know about every route in the
they know about every route in the autonomous system in the ospf network
autonomous system in the ospf network and they share their routes but they
and they share their routes but they also learn all their routes from other
also learn all their routes from other areas through the backbone
areas through the backbone and this is just fine all this route
and this is just fine all this route sharing is just fine if routers are
sharing is just fine if routers are high-powered enough
high-powered enough to store every route but also to run
to store every route but also to run these
these complex spf calculations
complex spf calculations but just know the standard areas contain
but just know the standard areas contain lsas of type 1 two three four and five
lsas of type 1 two three four and five now next you know if you think of a stub
now next you know if you think of a stub area which we'll talk about next
area which we'll talk about next if you think of a network you know you
if you think of a network you know you have leaf nodes on networks well that's
have leaf nodes on networks well that's what kind of a stub area is
what kind of a stub area is it's handy if devices are lower powered
it's handy if devices are lower powered routers are lower powered or simply do
routers are lower powered or simply do not need to know about every route a
not need to know about every route a stub area is similar to a standard area
stub area is similar to a standard area but routers in it are not aware of
but routers in it are not aware of externally sourced routes directly
externally sourced routes directly and in terms of lsas that means that
and in terms of lsas that means that type 5 lsas are not permitted in a stub
type 5 lsas are not permitted in a stub area stub areas use a default route
area stub areas use a default route to exit for traffic to exit a stub area
to exit for traffic to exit a stub area it uses a default route
it uses a default route now next would be a totally stubby area
now next would be a totally stubby area and let's take this stub area concept
and let's take this stub area concept one step further
one step further in a total stubby area in addition to
in a total stubby area in addition to the lack of type 4 and 5 lsas type 3
the lack of type 4 and 5 lsas type 3 lsas
lsas which carry information about internal
which carry information about internal routes are also prohibited
routes are also prohibited the concept of an injected default route
the concept of an injected default route still applies here just like a stub area
still applies here just like a stub area so all traffic leaving the area
so all traffic leaving the area does so using the default route
and then finally let's go over this concept of not so stubby areas so
concept of not so stubby areas so you know this is an interesting uh i
you know this is an interesting uh i guess you could say concoction because
guess you could say concoction because not so stubby areas can connect to
not so stubby areas can connect to non-ospf networks
non-ospf networks that are not a part of this autonomous
that are not a part of this autonomous system and they and they can receive
system and they and they can receive routes from those non-ospf networks
routes from those non-ospf networks or networks that are not participating
or networks that are not participating in the autonomous system
in the autonomous system and it will receive those routes through
and it will receive those routes through redistribution
redistribution and then it can
and then it can turn those type 7 lsas and kind of you
turn those type 7 lsas and kind of you know basically it's going to
know basically it's going to mask them and make them appear as type 5
mask them and make them appear as type 5 lsas
lsas and then begin sharing them onto the
and then begin sharing them onto the network
network so there's there's your ideas of
so there's there's your ideas of networks in in areas but all areas in an
networks in in areas but all areas in an ospf autonomous system must be as you
ospf autonomous system must be as you know physically connected to the
know physically connected to the backbone area
backbone area well what if you can't do that
well what if you can't do that you know what if you uh what if you
you know what if you uh what if you can't connect an area
can't connect an area to
to area zero
so let's draw out this concept of a virtual link let's imagine we have our
virtual link let's imagine we have our a company on the east coast
a company on the east coast and we have in this company we've
and we have in this company we've deployed ospf already so we have our
deployed ospf already so we have our backbone area zero
backbone area zero and then we have other areas that have
and then we have other areas that have to obviously connect into this backbone
to obviously connect into this backbone area so
area so let's say we have an area one in the
let's say we have an area one in the boston area
boston area and then an area two
and then an area two let's say in florida but let's focus in
let's say in florida but let's focus in on area one so in the boston area we
on area one so in the boston area we have area one in boston and we acquire
have area one in boston and we acquire another company in that area and it's
another company in that area and it's easy enough for us
easy enough for us to connect this new company into our
to connect this new company into our boston resources so
boston resources so we're going to connect them into our
we're going to connect them into our boston router
boston router very simply
very simply the problem is is that even though this
the problem is is that even though this company that we've acquired maybe
company that we've acquired maybe they're already running ospf and we
they're already running ospf and we convert them to ospf area 3
convert them to ospf area 3 to work within our autonomous system
to work within our autonomous system we still need to meet the requirement of
we still need to meet the requirement of ospf where an area must connect into
ospf where an area must connect into area 0.
area 0. so
so ospf allows for
ospf allows for what is called as you know the virtual
what is called as you know the virtual link we will create this virtual link
link we will create this virtual link between area three and area zero
between area three and area zero it's passing through area one
it's passing through area one and this allows us to meet the design
and this allows us to meet the design requirement of ospf so
requirement of ospf so route to area three and area 0 see this
route to area three and area 0 see this as a direct connection and things will
as a direct connection and things will work just fine thanks to the virtual
work just fine thanks to the virtual link
so there are many different ospf router types that you need to be aware of
types that you need to be aware of there's the area border router which
there's the area border router which connects one or more ospf areas to the
connects one or more ospf areas to the backbone area
backbone area there's the asbr or autonomous system
there's the asbr or autonomous system boundary router which will be located
boundary router which will be located between an ospf
between an ospf autonomous system and a non-ospf network
autonomous system and a non-ospf network and then you have your backbone router
and then you have your backbone router which is pretty straightforward a router
which is pretty straightforward a router with at least one interface connected to
with at least one interface connected to area zero
area zero and then another easy concept and
and then another easy concept and internal router a router with all
internal router a router with all interfaces in one area
interfaces in one area let's draw this out real quick let's
let's draw this out real quick let's just to drive it home
just to drive it home so
so let's draw out our area
let's draw out our area zero
and an area zero you know already is the backbone so a router within area zero is
backbone so a router within area zero is a backbone router
a backbone router and then we connect to another area
and then we connect to another area let's say area one this isn't this is an
let's say area one this isn't this is an area border router
area border router pretty straightforward concept there's
pretty straightforward concept there's your abr
your abr and let's say we have another area we're
and let's say we have another area we're connecting to there's another abr
but we are also connecting an asbr here because we have a non-ospf network that
because we have a non-ospf network that we're going to be injecting routes from
we're going to be injecting routes from into our ospf
into our ospf process so
process so we are injecting routes in through an
we are injecting routes in through an asbr converting type 7 lsas to type 5
asbr converting type 7 lsas to type 5 and those are being forwarded on to the
and those are being forwarded on to the network and then you have
network and then you have last but not least internal
last but not least internal routers which have all interfaces in the
routers which have all interfaces in the same area pretty straightforward
so in order for two ospf routers to communicate they need to go through this
communicate they need to go through this process of exchange state so you need to
process of exchange state so you need to understand a basic concept of what these
understand a basic concept of what these are
are here's the following states there's the
here's the following states there's the init state where a hello packet has been
init state where a hello packet has been sent by a router it's waiting for a
sent by a router it's waiting for a reply
reply from the establishment state where
from the establishment state where there's the discovery of that hello and
there's the discovery of that hello and then the election of a dr and
then the election of a dr and multi-access networks
multi-access networks the x start stage where a master slave
the x start stage where a master slave relationship is started between two
relationship is started between two routers the router with the high router
routers the router with the high router id becomes the master and starts the
id becomes the master and starts the exchange
exchange and as such is the only router that can
and as such is the only router that can increment the sequence number
increment the sequence number then there's the exchange state where
then there's the exchange state where the slave acknowledgement acknowledges
the slave acknowledgement acknowledges the master's packets
the master's packets and this information in this state is
and this information in this state is only lsa headers and that does it and it
only lsa headers and that does it and it describes the contents of the entire
describes the contents of the entire link state database then there's loading
link state database then there's loading where there's a request for more
where there's a request for more information in this state the actual
information in this state the actual exchange of link state information
exchange of link state information occurs and then there's full
occurs and then there's full synchronization and in this state
synchronization and in this state routers are fully adjacent with one
routers are fully adjacent with one another
another all the router and network lsas are
all the router and network lsas are exchanged and the router's databases are
exchanged and the router's databases are fully synchronized
fully synchronized now a designated router in ospf is a key
now a designated router in ospf is a key concept that you need to know
concept that you need to know because on multi-access networks a
because on multi-access networks a designated router will establish
designated router will establish adjacencies with all other routers on
adjacencies with all other routers on the multi-access network
the multi-access network learn all their routes and then share
learn all their routes and then share all the routes with all the other
all the routes with all the other routers
routers and then the the bdr the backup
and then the the bdr the backup designated router will fill in should
designated router will fill in should the dr fail and you can set the dr and
the dr fail and you can set the dr and the bdr manually and actually you most
the bdr manually and actually you most you should do it this way you should set
you should do it this way you should set it using the priority command in ospf so
it using the priority command in ospf so understanding ospf priority is key
understanding ospf priority is key because you can manually set who the dr
because you can manually set who the dr is and who the bdr is
is and who the bdr is now it's easy to talk about this and
now it's easy to talk about this and look at a look at a powerpoint and you
look at a look at a powerpoint and you may not fully appreciate how important
may not fully appreciate how important this concept really is so let's actually
this concept really is so let's actually draw it out
draw it out so on a typical multi-access network
so on a typical multi-access network let's say we have five routers
let's say we have five routers and you want to establish adjacencies in
and you want to establish adjacencies in ospf to share routes between them
ospf to share routes between them if they did the that way where they're
if they did the that way where they're all neighboring with one another and
all neighboring with one another and communicating with one another you're
communicating with one another you're gonna see that all these adjacencies are
gonna see that all these adjacencies are gonna add up pretty quickly
gonna add up pretty quickly and that's gonna that's gonna tax the
and that's gonna that's gonna tax the resources on the routers themselves but
resources on the routers themselves but it's really unnecessary we can share
it's really unnecessary we can share this information in a much more
this information in a much more efficient manner
efficient manner so what we're going to do is we elect a
so what we're going to do is we elect a dr in ospf
dr in ospf again it has this built in within the
again it has this built in within the ospf design itself
ospf design itself or a multi-access network you can elect
or a multi-access network you can elect a dr
a dr and then the dr establishes an adjacency
and then the dr establishes an adjacency with all the other routers on the
with all the other routers on the multi-access network it learns all of
multi-access network it learns all of their routes and then shares all their
their routes and then shares all their routes so now we just have four
routes so now we just have four adjacencies required now if the dr fails
adjacencies required now if the dr fails and those adjacencies fail the bdr would
and those adjacencies fail the bdr would take over
now regarding link state advertisements what you really need to know at least
what you really need to know at least just for now in ospf is that a link
just for now in ospf is that a link state advertisement
state advertisement is a packet that contains all relevant
is a packet that contains all relevant information regarding a router's links
information regarding a router's links and the state of those links
and the state of those links now there are many different types and
now there are many different types and i've listed the key types for you here
i've listed the key types for you here and we're going to dig into detail on
and we're going to dig into detail on these different types as we get into the
these different types as we get into the labs but just for now
labs but just for now know that these are these are
know that these are these are informational packets that have
informational packets that have information on a router's links and the
information on a router's links and the state of those links
so now that ospf has gathered all this information it needs to know what to do
information it needs to know what to do with it needs to choose the best path so
with it needs to choose the best path so it puts all the information in a
it puts all the information in a topology table
topology table and then ospf the metric for ospf is
and then ospf the metric for ospf is cost so cost is 10 to the power of eight
cost so cost is 10 to the power of eight divided by bandwidth
divided by bandwidth and lower costs are preferred
and lower costs are preferred so the best way to understand cost is
so the best way to understand cost is actually for us just to draw this out to
actually for us just to draw this out to see how it works
see how it works so let's draw out a six router network
and let's say we have router one which ultimately wants to communicate
which ultimately wants to communicate with a network off of router 6
with a network off of router 6 and it will have two choices two paths
and it will have two choices two paths it can possibly take
it can go via router 2 or via router 4 to this network we'll say
to this network we'll say 192.168.10 network 24.
which is hanging off router 6. now router 1
router 1 then calculates using ospf the cost
then calculates using ospf the cost for each and every link in this path
for each and every link in this path and it's going to do the same
and it's going to do the same for the path from router two and three
for the path from router two and three to six
to six and then what ospf is going to do
and then what ospf is going to do is
is add up
add up the entire cost to get to router six so
the entire cost to get to router six so from going via router 4
from going via router 4 that path has a total cost of 20.
and going via router 2 that path has a total cost of 25 and we know that ospf
total cost of 25 and we know that ospf uses
uses the lower cost to make its decision on
the lower cost to make its decision on which path to take
which path to take so the total cost of 20 wins out
so the total cost of 20 wins out and we will choose router 4.
and we will choose router 4. now that being said let's say a new
now that being said let's say a new network is introduced
and even though we have more routers or more hops through this network
or more hops through this network let's say there are four hops
if the cost is low and for this case we'll say five five one one and one
we'll say five five one one and one if the total cost here is just 13
if the total cost here is just 13 even though there's more hops ospf is
even though there's more hops ospf is going to choose this path
going to choose this path because it's more efficient
so that's cost basically explained that's cost in a
basically explained that's cost in a nutshell
nutshell so here's what you've learned you've
so here's what you've learned you've received an overview of ospf
received an overview of ospf and then we got a bit more granular to
and then we got a bit more granular to the level you'll need to know for the
the level you'll need to know for the ccda exam
ccda exam including administrative areas
including administrative areas virtual links
virtual links router types
router types designated routers
designated routers neighbor exchange states
neighbor exchange states link state advertisements and best path
link state advertisements and best path selection
selection i'm confident after watching this video
i'm confident after watching this video if you know this information well you're
if you know this information well you're going to do excellent on the ospf
going to do excellent on the ospf portion of your ccda exam
portion of your ccda exam good luck in your studies
good luck in your studies hi this is david voss ccie 11372 and in
hi this is david voss ccie 11372 and in this video you're going to learn about
this video you're going to learn about isis design
specifically you're going to learn about isis operations areas
isis operations areas addressing packet types network types
addressing packet types network types and metrics so let's begin
and metrics so let's begin in recent years the isis routing
in recent years the isis routing protocol has become increasingly popular
protocol has become increasingly popular with widespread usage among service
with widespread usage among service providers it is also a very flexible
providers it is also a very flexible protocol
protocol that's been extended to incorporate
that's been extended to incorporate leading edge features such as mpls
leading edge features such as mpls traffic engineering
traffic engineering the isis routing protocol is a link
the isis routing protocol is a link state protocol as opposed to distance
state protocol as opposed to distance vector protocols
vector protocols such as igrp and rip
such as igrp and rip isis protocol is an intra-domain
isis protocol is an intra-domain osi dynamic routing protocol isis uses a
osi dynamic routing protocol isis uses a two-level hierarchy and it's used to
two-level hierarchy and it's used to support these large routing domains
support these large routing domains a large domain may be administratively
a large domain may be administratively divided into areas
divided into areas from a high level isis operates as
from a high level isis operates as follows
follows routers running isas will send hello
routers running isas will send hello packets out all
packets out all isis-enabled interfaces
isis-enabled interfaces to discovered neighbors and establish
to discovered neighbors and establish adjacencies
adjacencies routers sharing a common data link will
routers sharing a common data link will become neighbors if their hello packets
become neighbors if their hello packets contain information that meets the
contain information that meets the criteria for forming an adjacency
criteria for forming an adjacency routers may build a link state packet
routers may build a link state packet lsp
lsp based on their local interfaces that are
based on their local interfaces that are configured for isis
configured for isis and prefixes learned from other adjacent
and prefixes learned from other adjacent routers
routers and a shortest path tree is calculated
and a shortest path tree is calculated by each is
by each is and from this
and from this spt the routing table and from this the
spt the routing table and from this the routing table is built
next let's talk about areas and the routing domain within isis so an isis
routing domain within isis so an isis routing domain is similar to bgp
routing domain is similar to bgp autonomous system a routing domain is a
autonomous system a routing domain is a collection of areas under an
collection of areas under an administration that implements routing
administration that implements routing policies within the domain
first let's talk about the backbone iss does not have a backbone area like ospf
does not have a backbone area like ospf area 0.
area 0. the iss backbone is a contiguous
the iss backbone is a contiguous collection of level 2 capable routers
collection of level 2 capable routers each of which can be in a different area
each of which can be in a different area now speaking of areas within isis an
now speaking of areas within isis an individual router is only in only one
individual router is only in only one area
area and the border between areas on the link
and the border between areas on the link that connects the two routers that are
that connects the two routers that are in different areas
in different areas and the border between areas is on the
and the border between areas is on the link that connects two routers that are
link that connects two routers that are in different areas
in different areas this obviously is in contrast to ospf so
this obviously is in contrast to ospf so as you've already heard isis has a two
as you've already heard isis has a two level hierarchy contiguous level two
level hierarchy contiguous level two capable routers from the backbone
capable routers from the backbone both level 2 and level 1 routers live in
both level 2 and level 1 routers live in areas
areas routers can be level 1 level 2 or both
routers can be level 1 level 2 or both level 1 level 2.
level 1 level 2. within the cisco ios software the
within the cisco ios software the default configuration is both level 1
default configuration is both level 1 and level 2 at the same time
and level 2 at the same time this allows isis network to run with
this allows isis network to run with minimal configuration in more of a
minimal configuration in more of a plug-and-play fashion
plug-and-play fashion level 2 capable routers connect all
level 2 capable routers connect all areas within a routing domain level two
areas within a routing domain level two routers advertise their own nsap address
routers advertise their own nsap address to other two other level two routers in
to other two other level two routers in the backbone
the backbone and all level one routers and hosts in
and all level one routers and hosts in an area must have an nsap with the same
an area must have an nsap with the same area address
area address a level 2 router may have neighbors in
a level 2 router may have neighbors in the same or in different areas
the same or in different areas but it has a level 2 link state database
but it has a level 2 link state database with all information for inter area
with all information for inter area routing
routing level 2 routers know about other areas
level 2 routers know about other areas but will not have level one information
but will not have level one information from its own area
from its own area a level one and level two router may
a level one and level two router may have neighbors in any area
have neighbors in any area it has two link state databases a level
it has two link state databases a level one link state database for intra area
one link state database for intra area routing and a level two link state
routing and a level two link state database for inter area routing
database for inter area routing next let's talk about nsap addresses
next let's talk about nsap addresses an nsap describes an attachment to a
an nsap describes an attachment to a particular service at the network layer
particular service at the network layer of a node
of a node similar to the combination of ip
similar to the combination of ip destination and ip protocol number in an
destination and ip protocol number in an ip packet
ip packet an nsap address has two major parts the
an nsap address has two major parts the idp or initial domain part and the dsp
idp or initial domain part and the dsp the domain specific part
the domain specific part the idp consists of a one byte authority
the idp consists of a one byte authority and format identifier that's the afi
and format identifier that's the afi in a variable variable length initial
in a variable variable length initial domain identifier the idi
domain identifier the idi and the dsp is a string of digits
and the dsp is a string of digits identifying a particular transport
identifying a particular transport implementation
implementation of a specified afi authority
of a specified afi authority everything to the left of the system idb
everything to the left of the system idb can be thought of as the area address of
can be thought of as the area address of a network node
a network node the big difference between end step
the big difference between end step style addressing and ip style addressing
style addressing and ip style addressing is that in general there will be a
is that in general there will be a single nsap address for the entire
single nsap address for the entire router
router all is's and es in a routing domain must
all is's and es in a routing domain must have system ids of the same length
all routers in an area must have the same area address all level 2 routers
same area address all level 2 routers must have a unique system id domain wide
must have a unique system id domain wide and all level 1 routers must have a
and all level 1 routers must have a unique system id area-wide
unique system id area-wide all ess in an area will form an
all ess in an area will form an adjacency with a level 1 router on a
adjacency with a level 1 router on a shared media segment if they share the
shared media segment if they share the same area address
same area address if multiple nets are configured on the
if multiple nets are configured on the same router they must all have the same
same router they must all have the same system id
next let's talk about packet types there are four types of packets each
there are four types of packets each type can be level one or level two
type can be level one or level two first there is the intermediate system
first there is the intermediate system to intermediate system hello packet used
to intermediate system hello packet used by routers to detect neighbors and form
by routers to detect neighbors and form adjacencies
adjacencies then there's the link state packet there
then there's the link state packet there are four types of lsps level one
are four types of lsps level one pseudonode
pseudonode level one non-pseudo node level two
level one non-pseudo node level two pseudonode and level 2 non-pseudonode
pseudonode and level 2 non-pseudonode complete sequence number pdu
complete sequence number pdu csnps contain a list of all lsps in the
csnps contain a list of all lsps in the current database
current database cnsps are used to inform other routers
cnsps are used to inform other routers of lsps that may be outdated or missing
of lsps that may be outdated or missing from their own database
from their own database this ensures all routers have the same
this ensures all routers have the same information and are synchronized
information and are synchronized and then finally partial sequence number
and then finally partial sequence number pdu
pdu psnps are used to request an lsp an
psnps are used to request an lsp an acknowledged receipt of an lsp
next let's talk about network types the types of networks that isis defines
the types of networks that isis defines include point-to-point and broadcast
include point-to-point and broadcast networks
networks point-to-point networks such as serial
point-to-point networks such as serial lines connect a single pair of routers a
lines connect a single pair of routers a router running isas will form an
router running isas will form an adjacency with the neighbor on the other
adjacency with the neighbor on the other side of a point-to-point interface
side of a point-to-point interface automatically
automatically the dis is not elected on this type of
the dis is not elected on this type of link
link the basic mechanism defined
the basic mechanism defined in the standard is that each side of a
in the standard is that each side of a point-to-point link
point-to-point link declares the other side to be reachable
declares the other side to be reachable if a hello packet is received from it
if a hello packet is received from it next there's broadcast networks such as
next there's broadcast networks such as ethernet
ethernet even token ring
even token ring these are multi-access and they are able
these are multi-access and they are able to connect more than two devices all
to connect more than two devices all connected routers will receive
connected routers will receive a packet sent by one router on broadcast
a packet sent by one router on broadcast networks one is will elect itself the
networks one is will elect itself the dis
dis the dis is responsible for flooding and
the dis is responsible for flooding and it will create and flood a new
it will create and flood a new pseudonode lsp for each routing level
pseudonode lsp for each routing level that is participating that it is
that is participating that it is participating in that is level one or
participating in that is level one or level two and for each land to which it
level two and for each land to which it is configured
is configured and connected
and connected a router can be the dis for all
a router can be the dis for all connected lands or a subset of connected
connected lands or a subset of connected lands
lands depending on the configured priority
depending on the configured priority or if no priority is configured the
or if no priority is configured the layer to address
layer to address and then finally nbma networks such as
and then finally nbma networks such as frame relay or atm or x25
frame relay or atm or x25 can connect multiple devices but have no
can connect multiple devices but have no broadcast capability
broadcast capability all of the routers attached to the
all of the routers attached to the network will not receive a packet sent
network will not receive a packet sent by this router
by this router special considerations need to be taken
special considerations need to be taken in account when configuring isis over
in account when configuring isis over these types of networks
these types of networks because isis considers these media to be
because isis considers these media to be just like any other broadcast media such
just like any other broadcast media such as ethernet or token ring
as ethernet or token ring in general it is better configure
in general it is better configure point-to-point networks on wan
point-to-point networks on wan interfaces and sub-interfaces
next let's talk about isis metrics cost is the default metric and is
cost is the default metric and is supported by all routers
supported by all routers while some routing protocols calculate
while some routing protocols calculate the link metric automatically based on
the link metric automatically based on bandwidth such as ospf
bandwidth such as ospf or bandwidth and delay such as eigrp
or bandwidth and delay such as eigrp there is no automatic calculation for
there is no automatic calculation for isis
isis using old style metrics an interface
using old style metrics an interface cost is between 1 and 63.
cost is between 1 and 63. all links use the metric of 10 by
all links use the metric of 10 by default
default the total cost to a destination is the
the total cost to a destination is the sum of all costs on an outgoing
sum of all costs on an outgoing interface
interface along a particular path from the source
along a particular path from the source to the destination
to the destination and least cost paths are preferred
and least cost paths are preferred the total path metric was limited to
the total path metric was limited to 1023
this small metric value proved insufficient for large networks
insufficient for large networks and provided too little granularity for
and provided too little granularity for new features
new features the cisco ios software addresses this
the cisco ios software addresses this issue with the support of a 24-bit
issue with the support of a 24-bit metric field
metric field the so-called wide metric
the so-called wide metric now metrics can have a maximum value of
now metrics can have a maximum value of as you can see right here
as you can see right here deploying isis on the ip network with
deploying isis on the ip network with wide metrics is recommended
wide metrics is recommended to enable finer granularity and to
to enable finer granularity and to support future applications such as
support future applications such as traffic engineering
traffic engineering so you have learned quite a bit about
so you have learned quite a bit about isis you've learned about isis areas and
isis you've learned about isis areas and router types the nsap address
router types the nsap address as well as pekka types network types
as well as pekka types network types and metrics
and metrics all this information will be needed on
all this information will be needed on your ccda exam and i'm confident if
your ccda exam and i'm confident if you've studied this video well
you've studied this video well you're going to do very well on your
you're going to do very well on your exam good luck in your studies
hi this is david voss ccie 11372 and in this video we are going to
11372 and in this video we are going to cover bgp design
cover bgp design the first thing we're going to do is do
the first thing we're going to do is do an overview of bgp and then we're going
an overview of bgp and then we're going to get a little bit more granular and
to get a little bit more granular and we'll talk about bgp path attributes
we'll talk about bgp path attributes bgpas path ebgp versus ibgp
bgpas path ebgp versus ibgp public versus private asn
public versus private asn bgp updates and how bgp advertises
bgp updates and how bgp advertises routes
routes all this information you will need to
all this information you will need to know
know to understand how to properly design bgp
to understand how to properly design bgp and do well on this portion of the ccda
and do well on this portion of the ccda exam
exam so let's go ahead and begin with an
so let's go ahead and begin with an overview of bgp bgp is an exterior
overview of bgp bgp is an exterior gateway protocol that uses autonomous
gateway protocol that uses autonomous system numbers
system numbers uses tcp 179 to communicate between
uses tcp 179 to communicate between neighbors
neighbors and it really is a protocol that
and it really is a protocol that requires manual configuration for almost
requires manual configuration for almost everything it doesn't really do anything
everything it doesn't really do anything unless you tell it to do it which i
unless you tell it to do it which i really like about the protocol
really like about the protocol now it uses path attributes which are
now it uses path attributes which are key in decision making on choosing best
key in decision making on choosing best route so
route so path attributes define information about
path attributes define information about a path
a path but also
but also this information can be used to help
this information can be used to help decide upon the best path
decide upon the best path and we will draw that out in a minute
and we will draw that out in a minute here so you can understand that better
here so you can understand that better now regarding bgp path attributes there
now regarding bgp path attributes there are some that you absolutely have to
are some that you absolutely have to know and memorize the first is weight
know and memorize the first is weight weight influences a best route for the
weight influences a best route for the local router and obviously it's manually
local router and obviously it's manually configured
configured local preference influences the best
local preference influences the best route for all routers in an autonomous
route for all routers in an autonomous system so this is a shared attribute
system so this is a shared attribute a s path
a s path lists the number of autonomous system
lists the number of autonomous system numbers in the path and this can be
numbers in the path and this can be manipulated
manipulated origin is a value implying if the route
origin is a value implying if the route is from an igp
is from an igp or an egp
or an egp and then finally the med which can
and then finally the med which can influence the best route for routers in
influence the best route for routers in another as so you can influence
another as so you can influence traffic flows into uras
traffic flows into uras by sending out the med
by sending out the med to other
to other uh other routers
so here you can see we have two routers that are in autonomous system
that are in autonomous system 700
700 and then
and then upstream
upstream we have another router and autonomous
we have another router and autonomous system 140 and autonomous system 87. so
system 140 and autonomous system 87. so here you see there are four hops
here you see there are four hops but as far as bgp is concerned it's just
but as far as bgp is concerned it's just counting ases
counting ases so it counts one two
so it counts one two three as's the as path is 700
three as's the as path is 700 140 and 87.
140 and 87. why is this important to know because
why is this important to know because here's another flow that has
here's another flow that has two routers in as700 and then one router
two routers in as700 and then one router in as87
in as87 now according to this path there's just
now according to this path there's just two as's that would be the preferred
two as's that would be the preferred path
path it's critical to understand that bgp is
it's critical to understand that bgp is concerned about aes path and not so much
concerned about aes path and not so much about hop count aspath is a key
about hop count aspath is a key attribute to understand
now internal versus external bgp
internal versus external bgp ibgp is something you would run
ibgp is something you would run basically interior to your company it's
basically interior to your company it's bgp connectivity within the same
bgp connectivity within the same autonomous system
autonomous system in this routers do not update as path
in this routers do not update as path normally they should never have to
normally they should never have to because you're running the same
because you're running the same autonomous system
autonomous system and in ibgp
and in ibgp things should always be meshed routers
things should always be meshed routers should always be fully meshed and there
should always be fully meshed and there are ways you can get around this and
are ways you can get around this and we'll talk about that in a little bit
we'll talk about that in a little bit now ebgp is external connectivity to
now ebgp is external connectivity to other ass
other ass and routers do update the as path in
and routers do update the as path in those cases
so let's say we have an autonomous system
we have an autonomous system 200
200 and in our company we're running ibgp
and in our company we're running ibgp full mesh between all routers
and let's say we have connectivity to two upstream providers
two upstream providers one is autonomous system 301 and the
one is autonomous system 301 and the other provider is autonomous system
other provider is autonomous system 450. now between ourselves and our
450. now between ourselves and our providers we are running ebgp
providers we are running ebgp because it's two different as's
because it's two different as's and internally we are running ibgp
and internally we are running ibgp because we are communicating between the
because we are communicating between the same as
now configuration between ibgp and ebgps is quite similar the main difference is
is quite similar the main difference is you're choosing to communicate with the
you're choosing to communicate with the same as or a different as
same as or a different as now let's say we want to communicate to
now let's say we want to communicate to a web server
a web server over the internet
over the internet and we have a certain amount of hops now
and we have a certain amount of hops now let's say
let's say one of those paths
one of those paths through as450 takes us through quite a
through as450 takes us through quite a few more hops
few more hops but
but it takes us through fewer as's so let's
it takes us through fewer as's so let's just say for example we go through
just say for example we go through as900 and then as100
as900 and then as100 so
so that's 450
that's 450 900
900 and 100 those are the three as we
and 100 those are the three as we traverse in order to reach that route
traverse in order to reach that route now let's see on this flow through
now let's see on this flow through autonomous system 301
autonomous system 301 we go through
we go through fewer hops but more as's
now even though there's fewer hops because there are more as's we're not
because there are more as's we're not going to prefer this route
going to prefer this route there are five as's in this path
there are five as's in this path that is not going to be preferred
that is not going to be preferred to the other path which has only three
to the other path which has only three as's so we're going to choose that path
as's so we're going to choose that path we'll choose the 3as path
now let's say we're running a web server inside of our company and we're running
inside of our company and we're running ibgp between these three routers and
ibgp between these three routers and we're connecting to two upstream
we're connecting to two upstream providers using ebgp
and let's say we have users on the internet who are trying to get to this
internet who are trying to get to this web server we can manipulate the a.s
web server we can manipulate the a.s path attribute in bgp
path attribute in bgp to make them prefer one path over the
to make them prefer one path over the other
other and the way we do that well let's say
and the way we do that well let's say our autonomous system is 50
our autonomous system is 50 we can manipulate the aspath attribute
we can manipulate the aspath attribute by adding to
by adding to the as path on one of our links so
the as path on one of our links so for example the users know that they can
for example the users know that they can reach the web server via 1as well we're
reach the web server via 1as well we're going to increase that on the top router
going to increase that on the top router and we're going to manipulate it
and we're going to manipulate it manually
manually and add
and add our as over and over again to the aspath
our as over and over again to the aspath attribute
attribute and
and the users as far as bgp is concerned
the users as far as bgp is concerned that now is a longer path
that now is a longer path and therefore the user will prefer the
and therefore the user will prefer the bottom path
bottom path because it's only one hop one as hop
because it's only one hop one as hop now if that router were to fail
now if that router were to fail users would then prefer the other path
users would then prefer the other path so you see you can manipulate
so you see you can manipulate traffic flows that way now you need to
traffic flows that way now you need to understand the concept of public and
understand the concept of public and private asn's and this shouldn't be
private asn's and this shouldn't be foreign to you because you understand
foreign to you because you understand public and private i p addressing so
public and private i p addressing so autonomous system numbers are chosen
autonomous system numbers are chosen from this pool and you can use them
from this pool and you can use them for private use or public use as need be
for private use or public use as need be but you should be aware of that chart
but you should be aware of that chart now regarding bgp updates that we
now regarding bgp updates that we receive from neighbors you can receive
receive from neighbors you can receive from your provider a default route only
from your provider a default route only which many people do
which many people do or you can receive a full bgp routing
or you can receive a full bgp routing table that is literally every route
table that is literally every route that's available on the internet
that's available on the internet or you can receive just partial updates
or you can receive just partial updates and that is maybe the provider knows
and that is maybe the provider knows about certain routes via a better path
about certain routes via a better path than most other providers you can just
than most other providers you can just receive a partial update from your
receive a partial update from your provider so you should know that you can
provider so you should know that you can receive those three different types of
receive those three different types of updates that should be known for your
updates that should be known for your ccmp route exam
ccmp route exam now regarding advertising routes
now regarding advertising routes advertising bgp routes can be done four
advertising bgp routes can be done four ways either through the manual network
ways either through the manual network command
command redistribution of bgp and igp
redistribution of bgp and igp or propagation of existing bgp routes or
or propagation of existing bgp routes or again manually using the aggregate
again manually using the aggregate address command
address command maybe the best way to explain these is
maybe the best way to explain these is to simply draw it out
now imagine we have a router with an i bgp connection and an ebgp connection to
bgp connection and an ebgp connection to an upstream provider so there's our ebgp
an upstream provider so there's our ebgp connection here's our ibgp connection
connection here's our ibgp connection and we're autonomous system let's say
and we're autonomous system let's say 400. so
400. so on a router we can advertise in four
on a router we can advertise in four different ways we can manually specify
different ways we can manually specify the network we want to advertise by
the network we want to advertise by literally typing it in
literally typing it in network
network 10.10.10.0
10.10.10.0 or
or network
network 198110
198110 and we can forward that via ibgp and or
and we can forward that via ibgp and or ebgp the other way is we can learn
ebgp the other way is we can learn routes via bgp and redistribute that
routes via bgp and redistribute that route
route into let's say an interior routing
into let's say an interior routing protocol let's say if we're running ospf
protocol let's say if we're running ospf we can take the the routes we learned
we can take the the routes we learned from our ebgp neighbor and redistribute
from our ebgp neighbor and redistribute them
them the other way is to simply pass the
the other way is to simply pass the routes we're learning from our ebgp
routes we're learning from our ebgp neighbor via bgp
neighbor via bgp internally to our ibgp neighbor
internally to our ibgp neighbor so that's just pat forwarding the the
so that's just pat forwarding the the information on
information on and finally we can again manually set an
and finally we can again manually set an aggregate address
aggregate address on the router and that's a manual
on the router and that's a manual configuration to aggregate some of the
configuration to aggregate some of the routes
routes and again that can be advertised out
and again that can be advertised out either way
either way so the rule of synchronization in bgp
so the rule of synchronization in bgp you should simply know this that bgp
you should simply know this that bgp will not advertise a route unless it
will not advertise a route unless it knows about that route via an igp
knows about that route via an igp that's what you really need to know for
that's what you really need to know for the exam now you can disable this by
the exam now you can disable this by typing no synchronization on your router
typing no synchronization on your router and then it will simply forward routes
and then it will simply forward routes that are not in the igp so here's what
that are not in the igp so here's what you've learned you received an overview
you've learned you received an overview of bgp
of bgp and we dug in a little bit on bgp path
and we dug in a little bit on bgp path attributes aspath ebgp and ibgp public
attributes aspath ebgp and ibgp public and private asns
and private asns bgp updates and then the advertisement
bgp updates and then the advertisement of routes
of routes all of this you will need to know for
all of this you will need to know for your ccda exam and if you master this
your ccda exam and if you master this material i'm confident you will do very
material i'm confident you will do very well
well on this portion of your ccda exam good
on this portion of your ccda exam good luck in your studies
hi this is david boss ccie11372 and in this video we'll be covering ip
and in this video we'll be covering ip version 6 routing protocols
version 6 routing protocols so here's what you're going to learn
so here's what you're going to learn you're going to learn about ip version 6
you're going to learn about ip version 6 routing protocols an overview of them
routing protocols an overview of them and how to enable them
to support ipv6 all of the ipv4 routing protocols had to go through adaptations
protocols had to go through adaptations each had to be changed to support longer
each had to be changed to support longer addresses and prefixes and the actual
addresses and prefixes and the actual messages used to send and receive
messages used to send and receive routing information
routing information have changed in some cases as well
have changed in some cases as well using ipv6 headers instead of v4 headers
using ipv6 headers instead of v4 headers but in particular like their ipv4
but in particular like their ipv4 versions each version 6 igp
versions each version 6 igp uses v6 multicast addresses those are
uses v6 multicast addresses those are just a few of the changes
just a few of the changes but even with those changes each ipv6
but even with those changes each ipv6 igp
igp has many more similarities than
has many more similarities than differences
differences compared to their respective version
compared to their respective version version 4 cousins
let's start with rip the overall operation of rip next
the overall operation of rip next generation closely matches that of rip
generation closely matches that of rip version 2.
version 2. routers still send periodic full updates
routers still send periodic full updates with all routes
with all routes no neighbor relationships occur
no neighbor relationships occur the continuing periodic updates also
the continuing periodic updates also serve the purpose of confirming that the
serve the purpose of confirming that the neighboring router still works
neighboring router still works the big difference between rip version 2
the big difference between rip version 2 and rip next generation configuration
and rip next generation configuration is that rip next generation discards the
is that rip next generation discards the age-old rip network command and replaces
age-old rip network command and replaces it with an enable interface sub command
it with an enable interface sub command finally rip next generation allows
finally rip next generation allows multiple rip next generation processes
multiple rip next generation processes on a single router
on a single router so an ios requires that each rip next
so an ios requires that each rip next generation process is given a text name
generation process is given a text name that identifies each rip next generation
that identifies each rip next generation process
process for that one router
for that one router and there's another difference compared
and there's another difference compared to rip version 2.
to rip version 2. let's go ahead and jump into our lab
let's go ahead and jump into our lab in our lab we're going to be working on
in our lab we're going to be working on router 2 and router 4
router 2 and router 4 and we're going to go ahead and log in
and we're going to go ahead and log in and enable rip
let's take a look at our interfaces on router 2 and we're going to be working
router 2 and we're going to be working with serial zero zero and loopback one
now the first thing we'll do on router two is we're gonna go ahead and assign
two is we're gonna go ahead and assign ip version six ip addresses so
ip version six ip addresses so on interface zero zero zero even though
on interface zero zero zero even though it has an ipv4 address we obviously can
it has an ipv4 address we obviously can still add an ipv6 address
still add an ipv6 address and again we're going to shorten that so
and again we're going to shorten that so it's a lot easier we're going to use the
it's a lot easier we're going to use the the ability to shorten that address
the ability to shorten that address using the double colon
using the double colon and then the loopback address will place
and then the loopback address will place in a different subnet
in a different subnet so we're going to use 2012 and 2017.
well let's go ahead and enable rip
rip next generation on router two and before
next generation on router two and before we can do that we need to enable
we can do that we need to enable version six routing see by default a
version six routing see by default a router will route version four but not
router will route version four but not version six so
version six so we do that by typing in ipv6 unicast
we do that by typing in ipv6 unicast routing
routing and then we can enable our routing
and then we can enable our routing protocols
protocols so next we go to each interface we want
so next we go to each interface we want to enable
to enable rip on
rip on so first we'll go to interface serial
so first we'll go to interface serial zero zero
zero zero we simply type ipv6 rip and then we need
we simply type ipv6 rip and then we need to give it a process name
to give it a process name the rip process and we can run multiple
the rip process and we can run multiple multiple processes on this router
multiple processes on this router we don't use number we will use actually
we don't use number we will use actually a name
a name and we can name it pretty much anything
and we can name it pretty much anything you want for simplicity's sake we'll
you want for simplicity's sake we'll just say our process name is routing rip
just say our process name is routing rip ipv6 rip routing rip enable so we've
ipv6 rip routing rip enable so we've enabled it on
enabled it on interface serial zero zero
interface serial zero zero we will go ahead and do it on loopback
we will go ahead and do it on loopback one as well
one as well inserting it into the same rip process
inserting it into the same rip process now rip
now rip is still not running on this router
is still not running on this router until we enable it globally
router rip and then the process name which we have chosen as routing rip
now we will verify that it is running on router 2.
router 2. so ipv6 protocols there it is and you
so ipv6 protocols there it is and you see the interfaces as well
see the interfaces as well that are inserted into the rip process
that are inserted into the rip process now that being said we're not learning
now that being said we're not learning any routes
any routes because we are not
because we are not we've not established any neighbor
we've not established any neighbor because we haven't learned any routes
because we haven't learned any routes from any other ipv6 rip routers so on
from any other ipv6 rip routers so on router 4 we're going to go ahead and
router 4 we're going to go ahead and assign ip addresses
assign ip addresses to the appropriate interfaces
to the appropriate interfaces this on serial 0 1
this on serial 0 1 is the point to point
is the point to point so we will end this ip address with a
so we will end this ip address with a dot two
dot two sharing the same subnet
sharing the same subnet and then we will insert loopback one
and then we will insert loopback one into rip ultimately
into rip ultimately and we're gonna go ahead and assign it
and we're gonna go ahead and assign it to 0 1 8 so it's different than router
to 0 1 8 so it's different than router 2.
2. router 2's ip address was 2017
and then we're going to go ahead and enable rip on this router
enable rip on this router and again we need to enable unicast
and again we need to enable unicast routing
routing for version 6.
we need to insert the interfaces into the rip process
and again we'll use routing rip as our process id and here we've enabled it and
process id and here we've enabled it and let's do the same on loopback one
let's do the same on loopback one and it's as simple as typing up arrow
and it's as simple as typing up arrow now
and then finally we will enable it globally
and now you will see when we do show ipv6 protocols that it's enabled on
ipv6 protocols that it's enabled on router 4.
and now we can take a look at ipv6 rip and this shows what interfaces are
and this shows what interfaces are participating the administrative
participating the administrative distance and update intervals
and here's our routing table so we are learning the route from router 2
learning the route from router 2 which begins in 2017 so that is actively
which begins in 2017 so that is actively being advertised via rip and so we have
being advertised via rip and so we have version 6
version 6 that is rip next generation up and
that is rip next generation up and running between router 2 and router 4.
running between router 2 and router 4. it's rather straightforward
it's rather straightforward and on router 2 you will see
and on router 2 you will see the loopback from router 6 in his
the loopback from router 6 in his routing table as well so pretty
routing table as well so pretty straightforward
next let's talk about eigrp cisco originally created eigrp to
cisco originally created eigrp to advertise routes for ipv4
advertise routes for ipv4 ipx and apple talk
ipx and apple talk this original eigrp architecture
this original eigrp architecture easily allowed for yet another layer 3
easily allowed for yet another layer 3 protocol
protocol ipv6 to be added
ipv6 to be added as a result cisco did not have to change
as a result cisco did not have to change eigrp significantly to support version 6
eigrp significantly to support version 6 so there are many similarities that
so there are many similarities that exist between version 4 and version 6
exist between version 4 and version 6 versions of eigrp
versions of eigrp that being said there are some
that being said there are some differences and i've listed what you
differences and i've listed what you really need to know for the ccnp route
really need to know for the ccnp route exam
so let's go ahead and enable eigrp between router 2 and router 4.
so we already have ipv6 up and running let's go ahead under interface serial 0
let's go ahead under interface serial 0 enable eigrp
enable eigrp ipv6 eigrp we're going to use the
ipv6 eigrp we're going to use the process id of 10
process id of 10 and under loopback 1 we will also use
and under loopback 1 we will also use the process id of 10
and then very simply we just need to enable eigrp globally
and we do that via ip version 6 router eigrp process id 10.
router eigrp process id 10. and again we have to do a no shut
and again we have to do a no shut and if we look now we under ipv6
and if we look now we under ipv6 protocols
protocols we can see eigrp is running and the
we can see eigrp is running and the interfaces that are participating
interfaces that are participating pretty straightforward but again there's
pretty straightforward but again there's no communication with any eigrp
no communication with any eigrp neighbors
neighbors so let's go ahead
so let's go ahead and you'll see here
and you'll see here the topology table for router 2
the topology table for router 2 which just shows the local routes but
which just shows the local routes but again this idea of successor and
again this idea of successor and feasible successor should look familiar
feasible successor should look familiar to you
to you as it is in
as it is in ipv4 so now on router 4
ipv4 so now on router 4 we are also going to go ahead and enable
ip or eigrp and again we're going to use eigrp
and again we're going to use eigrp process id 10
process id 10 enable it under each interface that we
enable it under each interface that we would like to participate
would like to participate and then enable it globally
and then enable it globally once we do that the neighbor
once we do that the neighbor relationship between router 2 and router
relationship between router 2 and router 4 will come up
4 will come up over this point to point link
and we will see our neighbor right here
our neighbor right here so again you can see
so again you can see we have hold time up time looks looks
we have hold time up time looks looks very familiar to ipv4
very familiar to ipv4 it should look very familiar so in many
it should look very familiar so in many ways we're kind of slaying the beast
ways we're kind of slaying the beast once you get your hands on ipv6 it
once you get your hands on ipv6 it actually begins to look pretty familiar
let's look at our topology table and we will see what we've learned not only
will see what we've learned not only locally but from our neighbor
and then finally let's take a look at our eigrp routes
and there is the loopback from router 2 which we are learning on router 4 via
which we are learning on router 4 via eigrp
now regarding ospf in order to support ipv6
ipv6 an ietf working group took the ospf
an ietf working group took the ospf version 2 standard and made changes to
version 2 standard and made changes to the protocol to support version 6
the protocol to support version 6 resulting in the new protocol named ospf
resulting in the new protocol named ospf version 3.
version 3. to migrate to ipv6
to migrate to ipv6 routers run ospf version 2 for v4
routers run ospf version 2 for v4 support in version 3 for ipv6 support
finally let's go ahead and enable ospf between router 2 and router 4.
between router 2 and router 4. so on router 2 again we're using serial
so on router 2 again we're using serial 0 0 and loopback 1.
0 0 and loopback 1. we're going to place loopback 1 in a
we're going to place loopback 1 in a different area than serial 0 though
different area than serial 0 though so
so in interface serial zero zero we're
in interface serial zero zero we're gonna make that area zero so ipv6
gonna make that area zero so ipv6 process id10 we're gonna insert it into
process id10 we're gonna insert it into area zero and loopback one we're going
area zero and loopback one we're going to insert into area 24.
so this is not done like ipv4 obviously there's a pretty big difference here
there's a pretty big difference here you're enabling it under the interface
you're enabling it under the interface itself now we do need to enable ospf
itself now we do need to enable ospf globally still though it may not be
globally still though it may not be identical to version 4 but it does need
identical to version 4 but it does need to be enabled globally
to be enabled globally so we do that by ipv6 router ospf the
so we do that by ipv6 router ospf the process id
process id and that is it now let's go ahead and
and that is it now let's go ahead and enable it on router 4 as well
and we're going to do the same it will be for serial 0 1 and loop back 1.
be for serial 0 1 and loop back 1. so again under both interfaces we enable
so again under both interfaces we enable ospf
ospf via the
via the ipv6 ospf process id
ipv6 ospf process id we're going to insert the point-to-point
we're going to insert the point-to-point interface in area 0 and the loopback
interface in area 0 and the loopback interface will assign
interface will assign to a different area which is will create
to a different area which is will create area 34.
and then we enable ospf globally again process id 10.
and let's go ahead and take a look at our
our ospf
ospf routes
and there we have learn via ospf the loopback from router 2.
we can look at our ospf neighbors there is rudder 2 as our neighbor
is rudder 2 as our neighbor again this should look pretty familiar
again this should look pretty familiar to version four
to version four version six
version six ospf support it does not look all that
ospf support it does not look all that different than version four and here you
different than version four and here you see
see the lsas
you can see the similarities between ospf version 2 and version 3. there's
ospf version 2 and version 3. there's quite a few of them and understanding
quite a few of them and understanding the concepts of version 4 will certainly
the concepts of version 4 will certainly help you in understanding how version 6
help you in understanding how version 6 works
works so here's what you've learned you've had
so here's what you've learned you've had an overview of each of the version six
an overview of each of the version six routing protocols that you'll need to
routing protocols that you'll need to know for the exam and then you've seen
know for the exam and then you've seen actually how to enable them in the lab i
actually how to enable them in the lab i wish you the best of luck in your
wish you the best of luck in your studies thank you
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about
to learn about security threats and risks
security threats and risks security is a large portion of the ccda
security is a large portion of the ccda exam so you'll need to know everything
exam so you'll need to know everything in this video
it is important to be aware of the different types of attacks that can
different types of attacks that can impact your systems on the network
impact your systems on the network security threats can be classified into
security threats can be classified into three categories
three categories reconnaissance
reconnaissance gaining unauthorized access and denial
gaining unauthorized access and denial of service
of service the goal of reconnaissance
the goal of reconnaissance reconnaissance is to gather as much
reconnaissance is to gather as much information as possible
information as possible about the target network
about the target network getting unauthorized access obviously
getting unauthorized access obviously refers to the act of actually
refers to the act of actually attacking or exploiting the network
attacking or exploiting the network or host and then denial of service
or host and then denial of service these aim to overwhelm the resources on
these aim to overwhelm the resources on the network such as memory cpu
the network such as memory cpu and bandwidth and thus impact
and bandwidth and thus impact the target system
the target system and affect the devices on the network
and affect the devices on the network negatively
reconnaissance network tools are used to gather information
gather information from hosts attached to the network and
from hosts attached to the network and they have many capabilities they can
they have many capabilities they can determine the operating system
determine the operating system identify file permissions
identify file permissions trust relationships
trust relationships and user permissions as well
and user permissions as well here are some of the popular scanning
here are some of the popular scanning tools that are used
tools that are used kismet is an 802.11
kismet is an 802.11 wireless sniffer
wireless sniffer an ids system
an ids system and it can collect traffic from
and it can collect traffic from any 802.11
any 802.11 network
network it does this by detecting wireless
it does this by detecting wireless networks
networks even when they were hidden
even when they were hidden and then it can collect packets from
and then it can collect packets from those networks
those networks netstumbler
netstumbler is another wireless network scanner
is another wireless network scanner and it can
and it can discover and scan networks even if the
discover and scan networks even if the ssid
ssid is not being broadcast
is not being broadcast and then arguably the most popular is
and then arguably the most popular is nmap or network mapper
nmap or network mapper and it's designed to scan large networks
and it's designed to scan large networks or it can actually be used to
or it can actually be used to scan a single host
scan a single host it's an open source utility and it's
it's an open source utility and it's used for network exploration
used for network exploration and security audits
now there are different types of scanners such as vulnerability scanners
scanners such as vulnerability scanners and they determine the potential
and they determine the potential exposures that are present in the
exposures that are present in the network
network here are some of the more popular tools
here are some of the more popular tools used for vulnerability scanning
used for vulnerability scanning saint which is security administrators
saint which is security administrators integrated network tool is a
integrated network tool is a vulnerability assessment application
vulnerability assessment application mbsa microsoft baseline security
mbsa microsoft baseline security analyzer is used to scan systems and
analyzer is used to scan systems and identify whether
identify whether patches are missing from windows
patches are missing from windows products
products and nessus is designed to automate
and nessus is designed to automate testing discovery
testing discovery of known vulnerabilities it's an open
of known vulnerabilities it's an open source tool that runs on a variety
source tool that runs on a variety of operating systems
hackers use several techniques to gain system access
system access one approach is when unauthorized people
one approach is when unauthorized people use usernames and passwords
use usernames and passwords to escalate the accounts privilege
to escalate the accounts privilege levels
levels some system user accounts have default
some system user accounts have default administrative username and password
administrative username and password pairings
pairings that are common knowledge
that are common knowledge in some environments
in some environments there are passwords that are well known
there are passwords that are well known i'll give you one example
i'll give you one example i was at a large
i was at a large fortune 500 company
fortune 500 company and we did a security audit
and we did a security audit and we ran a password scanning tool
and we ran a password scanning tool and we found over 50 percent of the
and we found over 50 percent of the passwords
passwords were easily cracked within minutes
were easily cracked within minutes because
because those passwords were set to the name of
those passwords were set to the name of the company
the company obviously it would be rather easy to
obviously it would be rather easy to gain access to whatever system you would
gain access to whatever system you would like
like if half the company is using the same
if half the company is using the same password which can be easily guessed
password which can be easily guessed needless to say they fixed that problem
needless to say they fixed that problem with better security policies
with better security policies but
but unauthorized access isn't just about
unauthorized access isn't just about setting the appropriate password
setting the appropriate password it can also be obtained through the use
it can also be obtained through the use of social engineering
of social engineering actually most confidential information
actually most confidential information such as badges and usernames and
such as badges and usernames and passwords
passwords can be uncovered simply by walking
can be uncovered simply by walking around an organization
around an organization in addition to social engineering
in addition to social engineering hackers can obtain account information
hackers can obtain account information by using password cracking utilities
by using password cracking utilities or capturing network traffic
or capturing network traffic these automated software tools are very
these automated software tools are very powerful and as long as you have network
powerful and as long as you have network access in any way
access in any way they can easily be run
they can easily be run and you can easily obtain the
and you can easily obtain the information you need
information you need if security is not properly implemented
if security is not properly implemented next let's talk about security risks
next let's talk about security risks to protect network resources processes
to protect network resources processes and procedures
and procedures technology needs to address several
technology needs to address several security risks
security risks important network characteristics that
important network characteristics that can be at risk from security threats
can be at risk from security threats include data confidentiality
include data confidentiality data integrity and system availability
data integrity and system availability let's talk about that now
let's talk about that now daily confidentiality should ensure that
daily confidentiality should ensure that only legitimate users can view sensitive
only legitimate users can view sensitive information
information data integrity should ensure that only
data integrity should ensure that only authorized users can change critical
authorized users can change critical information
information and system availability should ensure
and system availability should ensure uninterrupted access to critical network
uninterrupted access to critical network and computing resources
in addition the use of redundant hardware and encryption
hardware and encryption can significantly reduce the risks
can significantly reduce the risks associated with all these three
associated with all these three system availability data integrity and
system availability data integrity and data confidentiality
data confidentiality next let's discuss targets
next let's discuss targets given the wide range of threats just
given the wide range of threats just about anything on the network is
about anything on the network is vulnerable and is a potential target
vulnerable and is a potential target individual hosts are usually the number
individual hosts are usually the number one thing that hackers are looking to
one thing that hackers are looking to access
access but they're especially susceptible to
but they're especially susceptible to worms and viruses
worms and viruses other high value targets include devices
other high value targets include devices that support the network
that support the network obviously this would be routers and
obviously this would be routers and switches
switches possibly even firewalls
possibly even firewalls dhcp servers and dns servers certainly
dhcp servers and dns servers certainly and management stations such as snmp or
and management stations such as snmp or even ip phones
even ip phones next let's talk about loss of
next let's talk about loss of availability or denial of service
availability or denial of service dos attacks try to block or deny access
dos attacks try to block or deny access to impact the availability of network
to impact the availability of network services
services here are some common failure points due
here are some common failure points due to ddos attacks a network device a host
to ddos attacks a network device a host or an application fails to process large
or an application fails to process large amounts of data sent to it
amounts of data sent to it that then crashes or breaks
that then crashes or breaks communication ability for that device
communication ability for that device a host or application is unable to
a host or application is unable to handle an unexpected condition that was
handle an unexpected condition that was sent to it
sent to it and therefore
and therefore there's resource depletion or failure
there's resource depletion or failure and nearly all dos attacks are carried
and nearly all dos attacks are carried out with spoofing or flooding methods
now that being said cisco provides you many tools to deal with this
many tools to deal with this and here they are for you now
and here they are for you now dhcp snooping
dynamic arp inspection unicast reverse path forwarding
access control lists and rate limiting
and rate limiting if you study this chart and know it well
if you study this chart and know it well you will most certainly be prepared for
you will most certainly be prepared for the ccda exam
the ccda exam when it comes to how to manage against
when it comes to how to manage against denial of service attacks
denial of service attacks when attackers change sensitive data
when attackers change sensitive data without authorization it's called an
without authorization it's called an integrity violation
integrity violation so for example an attacker might access
so for example an attacker might access financial data
financial data change it or delete it
change it or delete it it's important to use restrictive access
it's important to use restrictive access controls to prevent integrity violations
controls to prevent integrity violations and confidentiality attacks
and confidentiality attacks and here are some ways you can enforce
and here are some ways you can enforce access control and reduce risks
access control and reduce risks you can separate networks using vlans
you can separate networks using vlans and packet filtering firewalls
and packet filtering firewalls restrict access with operating system
restrict access with operating system based controls
based controls limit user access by using user profiles
limit user access by using user profiles and then use encryption techniques to
and then use encryption techniques to store your data
the security policies and organization employees
employees use what are called risk assessments and
use what are called risk assessments and cost benefit analysis
cost benefit analysis to reduce security risks
the following figure shows the three components of risk assessment
components of risk assessment control refers to how do you use the
control refers to how do you use the security policy
security policy to minimize potential risks
to minimize potential risks severity describes the level of the risk
severity describes the level of the risk to the organization
to the organization and probability is the likeness that an
and probability is the likeness that an attack against the assets will occur
attack against the assets will occur a risk assessment should explain
a risk assessment should explain what assets to secure
what assets to secure the value of those assets
the value of those assets the loss that would result from an
the loss that would result from an attack
attack the severity and probability of an
the severity and probability of an attack against the assets
attack against the assets and how to use a security policy to
and how to use a security policy to minimize the risks
minimize the risks of the attack
of the attack in many cases security costs can be
in many cases security costs can be justified by describing the loss of
justified by describing the loss of productivity or revenue
productivity or revenue that could occur during security
that could occur during security incidents
a risk index is used to consider the risks of potential threats
risks of potential threats the risk index is based on the risk
the risk index is based on the risk assessment components
assessment components which are severity of loss if the asset
which are severity of loss if the asset is compromised
is compromised probability of the risk actually
probability of the risk actually occurring and ability to control and
occurring and ability to control and manage the risk
manage the risk one approach to determining a risk index
one approach to determining a risk index is to give each risk factor a value from
is to give each risk factor a value from one to three one being the lowest risk
one to three one being the lowest risk and three being the highest
and three being the highest so for example a high severity risk
so for example a high severity risk would have a substantial impact
would have a substantial impact on the users or the organization
on the users or the organization medium severity risks would have an
medium severity risks would have an effect on a single department
effect on a single department and low severity risks would have
and low severity risks would have limited impact
limited impact the risk index is calculated by
the risk index is calculated by multiplying the severity times the
multiplying the severity times the probability factor
probability factor and then dividing by the control factor
and then dividing by the control factor the following is an example of a risk
the following is an example of a risk index calculation for a typical large
index calculation for a typical large corporation
so here's what you've learned you've received a really good introduction to
received a really good introduction to security and i know there's a lot in
security and i know there's a lot in this video actually but yes it is just
this video actually but yes it is just an introduction still
an introduction still you've learned about network attacks
you've learned about network attacks reconnaissance scanners vulnerability
reconnaissance scanners vulnerability software
software security risks and targets denial of
security risks and targets denial of service
service preventing breaches
preventing breaches and performing risk assessments all of
and performing risk assessments all of these
these were basic introductions
were basic introductions but at the level you will need for your
but at the level you will need for your ccda exam
ccda exam there again is plenty to learn after
there again is plenty to learn after this but this lays a solid foundation
this but this lays a solid foundation for you moving forward in your studies
for you moving forward in your studies good luck
hi this is david voss ccie11372 and in this video we're
ccie11372 and in this video we're covering security policy and process
covering security policy and process in this video you're going to learn
in this video you're going to learn about network security elements and then
about network security elements and then we're going to dig a deep dive into
we're going to dig a deep dive into security policies including their
security policies including their purpose
purpose the development of security policies and
the development of security policies and the security policy life cycle
the security policy life cycle so let's begin
so let's begin to provide the proper levels of security
to provide the proper levels of security and increased network availability a
and increased network availability a policy a security policy
policy a security policy is a crucial element in providing secure
is a crucial element in providing secure network services
network services it's an important concept to understand
it's an important concept to understand not just for the ccda exam but
not just for the ccda exam but to function in today's environments
to function in today's environments where security is so crucial
where security is so crucial business requirements and risk analysis
business requirements and risk analysis are used in the development of security
are used in the development of security policy and it is often a balance between
policy and it is often a balance between ease of access versus the security risk
ease of access versus the security risk and cost of implementing the security
and cost of implementing the security technology when making decisions
technology when making decisions in terms of network security in the
in terms of network security in the system life cycle the business needs are
system life cycle the business needs are a key area to consider
a key area to consider these needs define what the business
these needs define what the business wants to do with the network
wants to do with the network risk analysis is another part of the
risk analysis is another part of the system life cycle which explains the
system life cycle which explains the risks and their costs
risks and their costs so business needs and risk assessment
so business needs and risk assessment feed information to formulate the
feed information to formulate the security policy
security policy the security policy describes the
the security policy describes the organization's processes procedures
organization's processes procedures guidelines and standards
finally an organization security team needs to have the processes and
needs to have the processes and procedures defined
procedures defined this information helps explain what
this information helps explain what needs to happen for instance response
needs to happen for instance response security monitoring
security monitoring maintenance
maintenance and compliance
and compliance as you can see here the concerti
as you can see here the concerti consideration
consideration is prefaced with a question
is prefaced with a question and then you can see what aspect
and then you can see what aspect of security preparation and policies and
of security preparation and policies and procedures
procedures can deal with that consideration
can deal with that consideration it's key that you memorize this chart
it's key that you memorize this chart for the ccda exam
rfc 2196 says a security policy is a formal statement of the rules by which
formal statement of the rules by which people who are given access
people who are given access to an organization's technology and
to an organization's technology and information assets must abide
information assets must abide so when you are developing security
so when you are developing security policies for an organization
policies for an organization rfc 2196 can serve as a guide
rfc 2196 can serve as a guide for developing security processes and
for developing security processes and procedures
procedures the basic approach of creating a
the basic approach of creating a security policy is to identify what you
security policy is to identify what you are trying to protect
are trying to protect determine what you're trying to protect
determine what you're trying to protect it from
it from determine how likely the threats are
determine how likely the threats are implement measures that protect your
implement measures that protect your assets in a cost effective manner
assets in a cost effective manner and then review the process continuously
and then review the process continuously and make improvements each time a
and make improvements each time a weakness is found
weakness is found one of the main purposes of a security
one of the main purposes of a security policy is to describe the roles and
policy is to describe the roles and requirements for securing technology and
requirements for securing technology and information assets
information assets the policy defines the ways in which
the policy defines the ways in which these requirements will be met
these requirements will be met there are two main reasons for having a
there are two main reasons for having a security policy first it provides the
security policy first it provides the framework for the security
framework for the security implementation
implementation and then it creates a security baseline
and then it creates a security baseline of the current security posture
of the current security posture here are some questions you might ask
here are some questions you might ask when developing a security policy
when developing a security policy what data and assets will be included in
what data and assets will be included in the policy what network communication is
the policy what network communication is permitted between hosts
permitted between hosts how will policies be implemented
how will policies be implemented and how the latest attacks impact your
and how the latest attacks impact your network in security systems
network in security systems a security policy is divided into
a security policy is divided into smaller parts that help describe the
smaller parts that help describe the overall risk management policy
overall risk management policy identification of assets and where
identification of assets and where security should be applied
security should be applied there are other documents which
there are other documents which concentrate on specific areas of risk
concentrate on specific areas of risk management
management the acceptable use policy
the acceptable use policy this document defines the roles and
this document defines the roles and responsibilities within risk management
responsibilities within risk management network access control policy
network access control policy defines access control principles used
defines access control principles used in the network
in the network and how data is classified
and how data is classified security management policy explains how
security management policy explains how to manage the security infrastructure
to manage the security infrastructure and then incident handling policy
and then incident handling policy defines the processes
defines the processes and procedures for managing security
and procedures for managing security incidents
incidents if you look at this chart and memorize
if you look at this chart and memorize it you'll do excellent on this portion
it you'll do excellent on this portion of your ccda exam
as requirements change and new technology is developed the network
technology is developed the network security policy needs to be updated to
security policy needs to be updated to reflect those changes
reflect those changes so here are some steps that are used to
so here are some steps that are used to facilitate the continuing efforts
facilitate the continuing efforts in the maintenance of security policies
in the maintenance of security policies secure monitor test and improve
secure monitor test and improve secure means identification
secure means identification authentication acls
authentication acls vpns
vpns monitor intrusion and content-based
monitor intrusion and content-based detection and response
detection and response test is assessment vulnerability
test is assessment vulnerability scanning and security auditing
scanning and security auditing and improve is for data analysis
and improve is for data analysis reporting and intelligent network
reporting and intelligent network security
today's network designs demonstrate an increased use of security mechanisms
increased use of security mechanisms and have become more tightly integrated
and have become more tightly integrated with network design
with network design trust and identity management is a part
trust and identity management is a part of the safe security reference
of the safe security reference architecture
architecture and is crucial for the development of a
and is crucial for the development of a secure network design
secure network design this management of trust and identity
this management of trust and identity defines who and what can access the
defines who and what can access the network when
network when where and how that access can occur
where and how that access can occur if you take a look at the following
if you take a look at the following diagram
diagram it shows the main three components of
it shows the main three components of trust and identity identity management
trust and identity identity management our trust
our trust identity and access control so let's
identity and access control so let's talk about each of these three
talk about each of these three trust is the relationship between two or
trust is the relationship between two or more network entities
more network entities that are permitted to communicate
that are permitted to communicate domains of trust are a way
domains of trust are a way to group network systems that share a
to group network systems that share a common policy or function
common policy or function network segments have different trust
network segments have different trust values depending on the resources they
values depending on the resources they are securing
are securing therefore domains of trust can be
therefore domains of trust can be applied
applied these types of security controls can be
these types of security controls can be applied to network segments
applied to network segments as it is important to consider the trust
as it is important to consider the trust relationships
relationships between segments
between segments here's an example of domains of trust
here's an example of domains of trust you have your internet
you have your internet internet access edge
internet access edge and then your dmz and then your internal
and then your dmz and then your internal network each of those are separate
network each of those are separate domains
domains obviously on the internal network you
obviously on the internal network you just want the appropriate internal users
just want the appropriate internal users in the dmz you're allowing a blending of
in the dmz you're allowing a blending of the two and on the internet obviously
the two and on the internet obviously you just are expecting for there only to
you just are expecting for there only to be exterior
be exterior users on that portion of the network so
users on that portion of the network so how you apply security will greatly
how you apply security will greatly depend on the domain of trust you are
depend on the domain of trust you are trying to protect
trying to protect identity is the who of a trust
identity is the who of a trust relationship these can be users devices
relationship these can be users devices or organizations or or a combination of
or organizations or or a combination of all of the above
all of the above network entities are validated by
network entities are validated by credentials and authentication of the
credentials and authentication of the identity is based on the following
identity is based on the following attributes
attributes something the subject knows such as a
something the subject knows such as a password
password something the subject has such as a
something the subject has such as a possession
possession and something the subject is such as a
and something the subject is such as a human characteristic fingerprint retina
human characteristic fingerprint retina scan etc
scan etc the first two are the most likely and
the first two are the most likely and the most popular ways of securing
the most popular ways of securing something you know and something you
something you know and something you have with you
have with you most companies are now expecting
most companies are now expecting two-factor authentication
so here's what you've learned you've learned about network security elements
learned about network security elements and then we dug into security policies
and then we dug into security policies in detail
in detail at least enough for you to know for your
at least enough for you to know for your ccda exam by digging into the purpose
ccda exam by digging into the purpose development and life cycle of security
development and life cycle of security policies
policies if you know what's in this video i'm
if you know what's in this video i'm confident you'll do well in this portion
confident you'll do well in this portion of the ccda
of the ccda good luck in your studies
hi this is david voss ccie 11372 and in this video you're going to learn about
this video you're going to learn about cisco safe
cisco safe specifically we're going to do an
specifically we're going to do an overview of cisco safe and then we will
overview of cisco safe and then we will talk about securing the individual
talk about securing the individual modules of the enterprise campus
modules of the enterprise campus so let's begin
so let's begin the cisco safe or security architecture
the cisco safe or security architecture for the enterprise
for the enterprise blueprint provides to network and
blueprint provides to network and security designers guidelines for
security designers guidelines for implementing security mechanisms for the
implementing security mechanisms for the cisco campus design
cisco campus design the safe blueprint follows the
the safe blueprint follows the enterprise composite network modular
enterprise composite network modular approach
approach presented throughout this entire
presented throughout this entire video series
video series all of the safe strategies are applied
all of the safe strategies are applied to each module and component of the
to each module and component of the enterprise architecture model's design
enterprise architecture model's design from a network design standpoint the
from a network design standpoint the safe blueprint is a security
safe blueprint is a security architecture that covers the following
architecture that covers the following aspects
aspects attack mitigation policy
attack mitigation policy enterprise-wide deployment
enterprise-wide deployment secure reporting and management
secure reporting and management authentication and authorization
authentication and authorization ids and ongoing support for emerging
ids and ongoing support for emerging technology
technology the policy for attack mitigation ensures
the policy for attack mitigation ensures that possible attacks and threats
that possible attacks and threats to the organization can be identified
to the organization can be identified and defines the countermeasures that
and defines the countermeasures that will be used against those attacks
will be used against those attacks the safe blueprint is usually applied in
the safe blueprint is usually applied in an enterprise-wide deployment
an enterprise-wide deployment not just to an isolated component
not just to an isolated component it also provides methods and mechanisms
it also provides methods and mechanisms for ensuring that the reporting
for ensuring that the reporting management and auditing
management and auditing are accomplished in a secure fashion
are accomplished in a secure fashion it includes secure authentication and
it includes secure authentication and authorization
authorization with strong encryption and digital
with strong encryption and digital signing techniques including public key
signing techniques including public key infrastructure pki
infrastructure pki it also includes intrusion detection
it also includes intrusion detection services for critical resources and
services for critical resources and networks
networks the safe blueprint provides ongoing
the safe blueprint provides ongoing support from cisco for all the emerging
support from cisco for all the emerging technologies it provides
the safe blueprint allows you to apply a systematic approach to security from a
systematic approach to security from a modular standpoint
modular standpoint risk at the internet connectivity block
risk at the internet connectivity block would include the following
would include the following reconnaissance tools
reconnaissance tools port scanning tools
port scanning tools ip mapping tools mail relay
ip mapping tools mail relay distributed denial of service
distributed denial of service and malware including malicious code
and malware including malicious code viruses
viruses trojan horses and worms
trojan horses and worms in order to secure the internet
in order to secure the internet connectivity block the safe blueprint
connectivity block the safe blueprint recommends the use of firewalls
recommends the use of firewalls router access lists and network ids to
router access lists and network ids to mitigate the risks presented
mitigate the risks presented already
already you should also consider hardening the
you should also consider hardening the network devices and servers in that
network devices and servers in that particular block
particular block you can also build dmz networks
you can also build dmz networks to isolate specific devices from the
to isolate specific devices from the network infrastructure for many
network infrastructure for many organizations the e-commerce block may
organizations the e-commerce block may get its internet connectivity through
get its internet connectivity through the internet connectivity block
the internet connectivity block or it may have its own connections to an
or it may have its own connections to an isp
isp regardless of this aspect
regardless of this aspect the risks and guidelines for the
the risks and guidelines for the e-commerce block are very similar to the
e-commerce block are very similar to the internet con connectivity block
internet con connectivity block recommendations
recommendations according to the safe blueprint in this
according to the safe blueprint in this block you should protect high profile
block you should protect high profile ecommerce servers
ecommerce servers as this is where you will also encounter
as this is where you will also encounter the defacing of web services technique
the defacing of web services technique the e-commerce block is also vulnerable
the e-commerce block is also vulnerable to denial of service and distributed
to denial of service and distributed denial of service attacks
denial of service attacks counter measures in the e-commerce block
counter measures in the e-commerce block involve using access lists filtering and
involve using access lists filtering and firewalls that protect the database
firewalls that protect the database applications
applications or transaction servers
or transaction servers the server should be hardened by using
the server should be hardened by using only the necessary applications and
only the necessary applications and ports
ports ensure that the e-commerce applications
ensure that the e-commerce applications are secure
are secure by frequently updating and patching them
by frequently updating and patching them cisco ids should also be used and the
cisco ids should also be used and the e-commerce block should be placed into a
e-commerce block should be placed into a dedicated dmz zone
dedicated dmz zone to isolate it from other blocks of the
to isolate it from other blocks of the network
the vpn and remote access block is often connected through the internet
connected through the internet connectivity block to various internet
connectivity block to various internet service providers so you should use
service providers so you should use common techniques for securing it
common techniques for securing it however
however because you will be using vpn
because you will be using vpn technologies some unique security
technologies some unique security mechanisms can be implemented
mechanisms can be implemented because remote access and vpn networks
because remote access and vpn networks often use the public internet or pstn as
often use the public internet or pstn as their carrier you should be aware of
their carrier you should be aware of possible spoofing techniques that will
possible spoofing techniques that will allow an attacker to impersonate a
allow an attacker to impersonate a legitimate client and get remote access
legitimate client and get remote access or vpn access to the enterprise network
or vpn access to the enterprise network the network becomes vulnerable to
the network becomes vulnerable to spoofing if the attacker is able to
spoofing if the attacker is able to steal credentials or guess the
steal credentials or guess the authentication key
authentication key in order to secure the remote access
in order to secure the remote access block you should carefully implement vpn
block you should carefully implement vpn technologies using dedicated equipment
technologies using dedicated equipment which includes advanced security
which includes advanced security mechanisms
mechanisms you can use the ipsec protocol to assure
you can use the ipsec protocol to assure proper authentication authorization and
proper authentication authorization and and ids and firewall equipment can be
and ids and firewall equipment can be used as well
used as well in order to secure the wam block
in order to secure the wam block according to the safe blueprint vpn
according to the safe blueprint vpn techniques are used to ensure
techniques are used to ensure point-to-point secure connections
point-to-point secure connections you should also use strong cryptography
you should also use strong cryptography methods such as triple des or aes
methods such as triple des or aes to provide the confidentiality and
to provide the confidentiality and integrity of the data packets
integrity of the data packets in addition use authentication with all
in addition use authentication with all the wan peers and harden the lan routers
the wan peers and harden the lan routers to ensure that only the necessary
to ensure that only the necessary protocols and ports are used
protocols and ports are used additional security measures including
additional security measures including using filtering techniques based on
using filtering techniques based on cisco access lists and on network
cisco access lists and on network devices
the network management sub-module must be secured and it's especially
be secured and it's especially vulnerable to inside attacks
vulnerable to inside attacks the written security policy should
the written security policy should describe the procedures that apply to
describe the procedures that apply to this sub-module
this sub-module and a best practice is using aaa
and a best practice is using aaa services these are usually based on
services these are usually based on radius or tacx servers that will provide
radius or tacx servers that will provide authentication
authentication other possible problems might involve
other possible problems might involve administrator impersonation for
administrator impersonation for individuals who might want to get
individuals who might want to get administrative level privileges
administrative level privileges that will provide them access to all the
that will provide them access to all the other blocks in the enterprise campus
other blocks in the enterprise campus module
module in order to mitigate these threats you
in order to mitigate these threats you should use strong encryption techniques
should use strong encryption techniques and ssh instead of telnet for remote
and ssh instead of telnet for remote administration
in the server farm block the main goal is to protect the servers using strong
is to protect the servers using strong and secure operating systems and
and secure operating systems and applications
applications the servers should be periodically
the servers should be periodically verified to ensure that they have all
verified to ensure that they have all the proper updates and patches
the proper updates and patches and that they are hardened
and that they are hardened the server farm block can include
the server farm block can include firewall policies that will assure
firewall policies that will assure proper access control as well as switch
proper access control as well as switch acls that will only allow certain
acls that will only allow certain traffic to flow at the data length layer
traffic to flow at the data length layer ids should also be used in this block to
ids should also be used in this block to ensure connectivity
ensure connectivity to other campus blocks
to other campus blocks the access layer block is the place
the access layer block is the place where the end hosts and the lower end
where the end hosts and the lower end access switches are located
access switches are located in order to secure them you should use
in order to secure them you should use hiddes hids technologies
hiddes hids technologies in addition to the standard hardening
in addition to the standard hardening techniques
techniques which will only allow the necessary
which will only allow the necessary application services and ports to run if
application services and ports to run if the access layer block also includes
the access layer block also includes complex ip telephony integration
complex ip telephony integration special measures must be taken to a
special measures must be taken to a secure the voip infrastructure
so here's what you've learned you've received an overview of cisco safe
received an overview of cisco safe and then you've learned about securing
and then you've learned about securing the individual modules of the enterprise
the individual modules of the enterprise campus
campus all this information you will definitely
all this information you will definitely need to know for your ccda exam good
need to know for your ccda exam good luck in your studies
and in this video you're going to learn about security management
about security management specifically you're going to learn about
specifically you're going to learn about security threats and risks
security threats and risks security targets security policies and
security targets security policies and then threat defense
then threat defense so let's begin
so let's begin the ccda candidate must understand the
the ccda candidate must understand the reasons for network security
reasons for network security including the systematic approaches to
including the systematic approaches to managing security
managing security cisco invented a concept called
cisco invented a concept called self-defending network
self-defending network which describes the network
which describes the network infrastructure and the services used
infrastructure and the services used in order for the network to respond to
in order for the network to respond to attacks
attacks first let's talk about security threats
first let's talk about security threats and risks
and risks efficient security mechanisms must
efficient security mechanisms must address organizational threats
address organizational threats and mitigate risks successfully
and mitigate risks successfully the network designer
the network designer should create a secure environment for
should create a secure environment for the organization
the organization by doing everything he can to prevent
by doing everything he can to prevent attacks
attacks while ensuring that the security
while ensuring that the security features have minimal effect on end user
features have minimal effect on end user productivity
productivity a network security implementation must
a network security implementation must mitigate multiple factors
mitigate multiple factors and accomplish the following
and accomplish the following block outside malicious users from
block outside malicious users from getting access to the network
getting access to the network allow only system hardware and
allow only system hardware and application access to authorized users
application access to authorized users prevent attacks from being sourced
prevent attacks from being sourced internally
internally support different levels of user access
support different levels of user access using an access control policy and
using an access control policy and safeguard the data from being changed
safeguard the data from being changed modified or stolen
modified or stolen the next thing we will concern ourselves
the next thing we will concern ourselves with are the targets what are the
with are the targets what are the targets on the network and this helps
targets on the network and this helps you develop a good security policy and
you develop a good security policy and posture
posture targets on the network include the
targets on the network include the following any kind of network
following any kind of network infrastructure device such as a switch
infrastructure device such as a switch router security appliance or wireless
router security appliance or wireless access point
access point network services such as dns icmp dhcp
network services such as dns icmp dhcp endpoint devices especially management
endpoint devices especially management stations that perform in-band or
stations that perform in-band or out-of-band management
out-of-band management and network bandwidth which can be
and network bandwidth which can be overwhelmed by denial of service attacks
overwhelmed by denial of service attacks the security policy is a small part of a
the security policy is a small part of a larger network security system life
larger network security system life cycle
cycle that is driven by an assessment of the
that is driven by an assessment of the business needs and comprehensive risk
business needs and comprehensive risk analysis
analysis risk assessment may also need to be
risk assessment may also need to be performed
performed using penetration testing and
using penetration testing and vulnerability scanning tools
vulnerability scanning tools the security policy
the security policy should contain written documents
should contain written documents that include the following
that include the following guidelines
guidelines processes
processes standards
standards acceptable use policies
acceptable use policies architectures and infrastructure
architectures and infrastructure elements used
elements used and then granular areas of security
and then granular areas of security policy such as internet use policy
policy such as internet use policy or access control policy
or access control policy the most important aspects covered by
the most important aspects covered by the written security policy and
the written security policy and procedures are
procedures are identifying the company's assets
identifying the company's assets determining how the organization owns
determining how the organization owns assets are used
assets are used defining communication roles and
defining communication roles and responsibilities
responsibilities describing existing tools and processes
describing existing tools and processes defining the security incident handling
defining the security incident handling process
process and then a steering committee will
and then a steering committee will review and eventually publish
review and eventually publish this security policy after all the
this security policy after all the important documents have been finalized
important documents have been finalized some of the best practices for
some of the best practices for protecting the network infrastructure
protecting the network infrastructure through trust and identity include the
through trust and identity include the following
following use
use aaa services with the cisco acs server
use 802.1x port authentication
port authentication logging using syslog
logging using syslog and
and sde this is a protocol used by cisco ids
sde this is a protocol used by cisco ids and ips sensors to send information
and ips sensors to send information to the management stations
to the management stations using ssh instead of telnet to avoid any
using ssh instead of telnet to avoid any management traffic crossing the the
management traffic crossing the the network in clear text
network in clear text using secure versions of management
using secure versions of management protocols such as snmp version 3
protocols such as snmp version 3 ntp version 3 and sftp
ntp version 3 and sftp harden all network devices by making
harden all network devices by making sure unnecessary services are disabled
sure unnecessary services are disabled use authentication between devices that
use authentication between devices that are running dynamic routing protocols
are running dynamic routing protocols use the cisco one step lockdown feature
use the cisco one step lockdown feature on network devices to harden them
on network devices to harden them use acls to restrict management access
use acls to restrict management access allowing only certain hosts to access
allowing only certain hosts to access the network devices
the network devices use ipsec as an internal encryption
use ipsec as an internal encryption method
method or external vpn solution
or external vpn solution and then use cisco network admission
and then use cisco network admission control solution
control solution which ensures that network clients and
which ensures that network clients and servers are patched and updated in an
servers are patched and updated in an automated and centralized fashion
so here's what you've learned you've learned about security threats and risks
learned about security threats and risks security targets
security targets security policies and threat defense all
security policies and threat defense all these you will need to understand
these you will need to understand not only for your ccda exam but also to
not only for your ccda exam but also to support your own network good luck in
support your own network good luck in your studies
hi this is david voss cci11372 and in this video you're going
cci11372 and in this video you're going to learn about traditional voice systems
to learn about traditional voice systems specifically we're going to do an
specifically we're going to do an overview
overview and then we'll dig into a pbx telephony
and then we'll dig into a pbx telephony signaling
signaling public switch telephone number numbering
public switch telephone number numbering plan
plan and then pstn services
and then pstn services so let's begin
so let's begin the network designer's role in voice
the network designer's role in voice solutions is very important because
solutions is very important because regardless of the infrastructure vendor
regardless of the infrastructure vendor voice transport scenarios
voice transport scenarios often suffer from poor planning and
often suffer from poor planning and implementation
implementation most large organizations choose their
most large organizations choose their voice architecture including
voice architecture including pstn and pbx solutions
pstn and pbx solutions based on the financial stability
based on the financial stability of the manufacturer
of the manufacturer the support level they offer
the support level they offer and the competitive pricing of the
and the competitive pricing of the hardware
hardware software
software and maintenance components
and maintenance components cisco is one of the main providers of
cisco is one of the main providers of emerging integrated voice and video
emerging integrated voice and video solutions
when human voice is transported digitally over a network infrastructure
digitally over a network infrastructure a process of analog to digital
a process of analog to digital conversion takes place
conversion takes place the most common conversion mechanism is
the most common conversion mechanism is pcm pulse code
pcm pulse code modulation
modulation this is the process
this is the process of digitizing analog voice signals
of digitizing analog voice signals as you see here
during the pcm process the following things occur
things occur excess noise is filtered so the only
excess noise is filtered so the only basic human voice frequency is captured
basic human voice frequency is captured a process called
a process called pam or pulse amplitude modulation
pam or pulse amplitude modulation is used to sample the analog signal the
is used to sample the analog signal the signal is digitized and transposed into
signal is digitized and transposed into a series of ones and zeros this process
a series of ones and zeros this process includes quantizing the signal and
includes quantizing the signal and companding that is compressing and
companding that is compressing and expanding the signal
expanding the signal pstn and pbx are traditionally the main
pstn and pbx are traditionally the main processes of providing voice services
processes of providing voice services throughout the industry
throughout the industry pstn is a network that provides
pstn is a network that provides residential telephony services while pbx
residential telephony services while pbx provides telephony services to users
provides telephony services to users within an organization
within an organization pbx's are business phone systems that
pbx's are business phone systems that offer the following features
offer the following features call forwarding call transferring
call forwarding call transferring call parking
call parking conference calls music on hold
conference calls music on hold call history and voicemail
call history and voicemail most pbxs are digital devices that are
most pbxs are digital devices that are used in the private sector
used in the private sector and are miniature versions of phone
and are miniature versions of phone switches
switches they can scale to thousands of phones
they can scale to thousands of phones within a company
within a company a downside of pbx technology for from an
a downside of pbx technology for from an administrator
administrator point of view
point of view is that it is generally difficult to
is that it is generally difficult to configure and maintain
configure and maintain and each vendor has a unique
and each vendor has a unique configuration process so
configuration process so special training is required when
special training is required when working with a new pbx solution
working with a new pbx solution pbx systems also connect and link to
pbx systems also connect and link to remote offices and branch offices that
remote offices and branch offices that include their own pbx systems
include their own pbx systems one of the advantages of using such a
one of the advantages of using such a technology is that phone calls between
technology is that phone calls between the same business phone systems are free
the same business phone systems are free because the entire infrastructure is
because the entire infrastructure is owned by the company
owned by the company call savings are also included
call savings are also included from the fact that the company does not
from the fact that the company does not use the entire trunk to the pstn
use the entire trunk to the pstn usually the number of phones in an
usually the number of phones in an organization is much greater than the
organization is much greater than the actual trunk size
actual trunk size or the overall call volume to the pstn
or the overall call volume to the pstn pstn is composed of a group of digital
pstn is composed of a group of digital devices used in the public sector
devices used in the public sector offered by telecommunications companies
offered by telecommunications companies pstn switches are used to connect
pstn switches are used to connect residential telephones to business users
residential telephones to business users pstns generally use open standard
pstns generally use open standard protocols for control and transparent
protocols for control and transparent communication between telephones
communication between telephones circuits switches and pbx systems pstns
circuits switches and pbx systems pstns can even link to other pstns pbx systems
can even link to other pstns pbx systems or telephones
or telephones as in pbx systems pstns aggregate t1 and
as in pbx systems pstns aggregate t1 and e1 circuits
e1 circuits but they can scale up to hundreds of
but they can scale up to hundreds of thousands of phones
thousands of phones pstns connect business pbx systems using
pstns connect business pbx systems using switches located in
switches located in telecommunication
telecommunication companies premises
companies premises the following figure is an example of an
the following figure is an example of an organization with multiple locations
organization with multiple locations that use a voice system based on pbx and
that use a voice system based on pbx and pstn technologies
pstn technologies the headquarters location has a pbx that
the headquarters location has a pbx that connects to the pstn on the outside as
connects to the pstn on the outside as well as many phones and fax machines
well as many phones and fax machines inside the network
inside the network the connection between the local pbx and
the connection between the local pbx and the pstn
the pstn can be based on one or more
can be based on one or more t1 or e1 lines
t1 or e1 lines the internal network can support a
the internal network can support a greater number of phones than the number
greater number of phones than the number of phone calls supported by the t1 or e1
of phone calls supported by the t1 or e1 line
line the reason for this is that not everyone
the reason for this is that not everyone will use the telephone at the same time
will use the telephone at the same time and some of the phone calls will be
and some of the phone calls will be between internal phones
between internal phones the regional office location also uses a
the regional office location also uses a pbx system
pbx system to connect to the pstn and it aggregates
to connect to the pstn and it aggregates a few user phones
a few user phones the branch and remote offices do not use
the branch and remote offices do not use a pbx system
a pbx system because they use very few devices
because they use very few devices which do not need special features
which do not need special features and they can connect directly to a pstn
and they can connect directly to a pstn switch
switch the branch and home office users can
the branch and home office users can have
have phone conversations with users
phone conversations with users at the headquarters or regional offices
at the headquarters or regional offices because they are all connected
because they are all connected to the
to the pstn the headquarters or the regional
pstn the headquarters or the regional office were located on the same campus
office were located on the same campus the pbx systems could have been
the pbx systems could have been connected directly through a pbx tie
connected directly through a pbx tie trunk
trunk without any link to the pstn
the connections from the internal phones to the local pbx system are also called
to the local pbx system are also called station lines
station lines the connection that connects the pstn
the connection that connects the pstn switches is called a pstn switch trunk
switches is called a pstn switch trunk voice systems also use different kinds
voice systems also use different kinds of signaling between system nodes such
of signaling between system nodes such as the following
as the following signaling between the internal phones
signaling between the internal phones and the pbx
and the pbx signaling between the pbx and the pb
signaling between the pbx and the pb pstn switch
pstn switch signaling between pstn switches
signaling between pstn switches and signaling between pbx systems
and signaling between pbx systems trunks
trunks generally use a special type of
generally use a special type of signaling called common channel
signaling called common channel signaling ccs
signaling ccs that can be divided into the following
that can be divided into the following types of signaling
types of signaling e1 signaling
e1 signaling dpn ss signaling
dpn ss signaling isdn signaling
isdn signaling qcig signaling and ss7 signaling
qcig signaling and ss7 signaling the way pstns use their numbering plans
the way pstns use their numbering plans defines the fundamental basis for
defines the fundamental basis for routing voice calls through the pstn
routing voice calls through the pstn switch
switch matrix the north american numbering plan
matrix the north american numbering plan is also known as nanp or the oneplus 10
is also known as nanp or the oneplus 10 plan the format for this numbering plan
plan the format for this numbering plan is as follows
is as follows where n is any number between 2 and 9
where n is any number between 2 and 9 and x is any number between 0 and 9.
and x is any number between 0 and 9. the number is split into the following
the number is split into the following three parts
three parts the first group of numbers represents
the first group of numbers represents the area code
the area code the second group of numbers represents
the second group of numbers represents the prefix
the prefix and the final four digits
and the final four digits represent the line number
the way phone numbers are represented determines the way they are routed
determines the way they are routed across the pstn and this is similar to
across the pstn and this is similar to the ip address representation scheme
the ip address representation scheme that determines ip routing mechanisms
that determines ip routing mechanisms pstn offers a wide variety of services
pstn offers a wide variety of services to organizations the most important
to organizations the most important services are as follows
services are as follows call center services
call center services which represent a combination of
which represent a combination of automated systems and individuals that
automated systems and individuals that take inbound calls for a wide variety of
take inbound calls for a wide variety of customer service needs
customer service needs centric solutions these are specialized
centric solutions these are specialized business solutions that can be
business solutions that can be outsourced to different organizations
outsourced to different organizations that cannot afford investing in their
that cannot afford investing in their own solution
own solution virtual private voice networks
virtual private voice networks pstn ambulance emulates pbx to pbx
pstn ambulance emulates pbx to pbx connections
connections in order to form a private network of
in order to form a private network of pbx systems
pbx systems interactive voice response this
interactive voice response this technique allows automatic response
technique allows automatic response schemes to be applied when customer
schemes to be applied when customer when customers call special numbers and
when customers call special numbers and finally voicemail
finally voicemail voicemail systems allow callers to
voicemail systems allow callers to record voice messages
so here's what you've learned you've received an overview of traditional
received an overview of traditional voice systems you've dug into detail
voice systems you've dug into detail about the importance of pbx and how it
about the importance of pbx and how it works
works we talked about telephony signaling and
we talked about telephony signaling and then the public switch telephone network
then the public switch telephone network numbering plan and services
numbering plan and services all this information will be very
all this information will be very helpful for you
helpful for you in your ccda exam good luck in your
in your ccda exam good luck in your studies
hi this is david voss ccie-113 and in this video you are going to learn
and in this video you are going to learn about integrated voice and telephony
about integrated voice and telephony systems
systems for the ccda exam
for the ccda exam so obviously we will focus in on the
so obviously we will focus in on the design aspect of video and voice
design aspect of video and voice we will specifically look at the
we will specifically look at the deployment models
deployment models and then voip control and transport
and then voip control and transport protocols and then finally because it's
protocols and then finally because it's likely you will be asked we will cover
likely you will be asked we will cover h323 protocols
h323 protocols so let's begin
so let's begin network designers must be aware of the
network designers must be aware of the following ip telephony deployment models
following ip telephony deployment models single site design
single site design multi-site centralized when call
multi-site centralized when call processing design
processing design multi-site distributed wan call
multi-site distributed wan call processing design
processing design internet ip telephony design
internet ip telephony design and call manager express deployment
and call manager express deployment the single site deployment model is used
the single site deployment model is used by enterprises that own a single large
by enterprises that own a single large building or a campus area with no voice
building or a campus area with no voice technologies being transported on the
technologies being transported on the wan links
wan links a single call manager node is deployed
a single call manager node is deployed at the enterprise campus server farm
at the enterprise campus server farm block
block the main component of a single site ip
the main component of a single site ip telephony solution is the call manager
telephony solution is the call manager node
node this is actually a server platform that
this is actually a server platform that can be installed on a wide variety of
can be installed on a wide variety of hardware devices
hardware devices the cisco ip telephony application
the cisco ip telephony application server is a high availability server
server is a high availability server platform
platform purchased by the company to be used as a
purchased by the company to be used as a platform for the cisco call manager
platform for the cisco call manager solution
solution cisco offers a compatibility matrix that
cisco offers a compatibility matrix that helps customers choose
helps customers choose the appropriate hardware platform that
the appropriate hardware platform that will be used with call manager
will be used with call manager implementation
implementation the call manager application system
the call manager application system brings enterprise telephony
brings enterprise telephony functionality and offers advanced
functionality and offers advanced features to various telephony devices
features to various telephony devices such as ip telephones
such as ip telephones media processing devices and voice over
media processing devices and voice over ipa gateways
ipa gateways other components of the single site ip
other components of the single site ip telephony design are ip telephones and
telephony design are ip telephones and switches that have inline power
switches that have inline power functionality power over ethernet
functionality power over ethernet used to power the ip phones
used to power the ip phones voice enabled routers are also present
voice enabled routers are also present in the design and they are usually
in the design and they are usually located in the same physical location
located in the same physical location with all the other devices presented
with all the other devices presented previously
previously next let's talk about multi-site
next let's talk about multi-site centralized design
centralized design centralized ip telephony is a low-cost
centralized ip telephony is a low-cost design for medium-sized enterprises
design for medium-sized enterprises that have one large location and
that have one large location and multiple remote sites
multiple remote sites the central location hosts the cisco
the central location hosts the cisco communications manager server
communications manager server in all the important applications
in all the important applications the remote locations host only voice
the remote locations host only voice switches and ip telephones
switches and ip telephones this design allows remote
this design allows remote site ip telephony functionality to be
site ip telephony functionality to be controlled from a central location
controlled from a central location without the need for a dedicated call
without the need for a dedicated call manager at each location
manager at each location all the features are managed from the
all the features are managed from the centralized site
centralized site the call manager node is deployed only
the call manager node is deployed only at the central location
at the central location and includes a multi-server cluster
and includes a multi-server cluster redundant architecture
redundant architecture the remote site ip phones register with
the remote site ip phones register with the call manager
the call manager from the main site
from the main site the pstn connection is also hosted by
the pstn connection is also hosted by the central site
the central site and the voice enabled router is
and the voice enabled router is connected through the wind to each
connected through the wind to each remote location
remote location the remote site office uses ip
the remote site office uses ip connectivity to connect to the central
connectivity to connect to the central site through the wan connection
site through the wan connection and to access all the ip telephony
and to access all the ip telephony services
services since the ip phones convert voice to ip
since the ip phones convert voice to ip the remote site router does not have to
the remote site router does not have to include any special capability
include any special capability however the router located in the
however the router located in the central location
central location must be a voice enabled router because
must be a voice enabled router because it also connects to the
it also connects to the pstn remote sites may use voice enabled
pstn remote sites may use voice enabled gateway routers with survivable remote
gateway routers with survivable remote site telephony functionality
site telephony functionality that allows them to function even if the
that allows them to function even if the connection to the central site is down
connection to the central site is down next let's talk about multi-site
next let's talk about multi-site distributed design
distributed design the multi-site distributed architecture
the multi-site distributed architecture is a solution used by large enterprises
is a solution used by large enterprises that have several large locations
that have several large locations this design involves deploying several
this design involves deploying several call manager clusters for redundancy
call manager clusters for redundancy which can include one cluster per site
which can include one cluster per site or several clusters only in the large
or several clusters only in the large sites
sites inner cluster trunks are configured to
inner cluster trunks are configured to establish communications between call
establish communications between call manager
manager nodes this deployment model is similar
nodes this deployment model is similar to the multi-site centralized deployment
to the multi-site centralized deployment type
type with ip phones
with ip phones and voice enabled switches installed at
and voice enabled switches installed at every site
every site this solution is very flexible and
this solution is very flexible and allows voice application services
allows voice application services to be deployed in a single location or
to be deployed in a single location or in every location that has a call
in every location that has a call manager cluster
manager cluster internet ip telephony is another design
internet ip telephony is another design type commonly used and it involves
type commonly used and it involves connecting the central and remote sites
connecting the central and remote sites through an isp
through an isp this ensures end-to-end ip telephony
this ensures end-to-end ip telephony across all sites
across all sites in addition there is no pstn connection
in addition there is no pstn connection at any of the enterprise sites
at any of the enterprise sites the central site still hosts the call
the central site still hosts the call manager node in application servers
manager node in application servers but regular routers are used in all
but regular routers are used in all network locations because of the lack of
network locations because of the lack of connectivity to the pstn
connectivity to the pstn all the intersight links are plain ip
all the intersight links are plain ip connections another difference from the
connections another difference from the centralized ip telephony design
centralized ip telephony design is that all the enterprise sites have
is that all the enterprise sites have their own call manager node
their own call manager node for proper voice traffic to cross
for proper voice traffic to cross between sites
between sites the isp must ensure a proper connection
the isp must ensure a proper connection with low latency and delay
with low latency and delay this can be enforced through a strict
this can be enforced through a strict sla when signing
sla when signing the internet connectivity contract
the call manager express deployment provides companies with the express
provides companies with the express version of cisco call manager
version of cisco call manager unity and contact center solutions
unity and contact center solutions call manager express and cisco unity
call manager express and cisco unity express can be installed on routers to
express can be installed on routers to provide limited functionalities of the
provide limited functionalities of the communications manager solution
communications manager solution pstn connectivity can be offered by a
pstn connectivity can be offered by a dedicated gateway router or by the cme
dedicated gateway router or by the cme router to further reduce costs
cisco call manager express supports a limited number of users
limited number of users as opposed to the enterprise level
as opposed to the enterprise level solution that can scale up to tens of
solution that can scale up to tens of thousands of users
thousands of users this is a lower cost solution for small
this is a lower cost solution for small branch offices
branch offices network designers should understand the
network designers should understand the protocols that are used for voip control
protocols that are used for voip control and transport the most important
and transport the most important protocols are
dhcp which is used to establish ip
which is used to establish ip configuration parameters for ip phones
configuration parameters for ip phones dns
dns which obtains ip addresses for the tftp
which obtains ip addresses for the tftp servers that will provide the
servers that will provide the configuration files
configuration files tftp
tftp sccp which is the skinny call control
sccp which is the skinny call control protocol
protocol used for call establishment
used for call establishment rtp
rtp which is used for voice stream or voice
which is used for voice stream or voice station to station traffic in ongoing
station to station traffic in ongoing calls
calls rtcp
rtcp which is used for voip call control
which is used for voip call control mgcp
mgcp which is used for call establishment
which is used for call establishment with gateways h323
with gateways h323 which is another call establishment
which is another call establishment protocol
protocol and sip
and sip which is session initiation protocol
which is session initiation protocol which is an alternative multimedia
which is an alternative multimedia framework to h323
now referring to h323 that is implemented in terminals such as ip
implemented in terminals such as ip phones
phones workstations
workstations with soft phones installed
with soft phones installed gateways
gateways gatekeepers and other conferencing
gatekeepers and other conferencing software
software the h323 standard uses the following
the h323 standard uses the following protocols to ensure its functionality
protocols to ensure its functionality q931 for call setup
q931 for call setup h.225 for signaling
h.225 for signaling h.245 for control
h.245 for control and h.255 for registration admission and
and h.255 for registration admission and status
status so here's what you've learned you've
so here's what you've learned you've learned about the deployment models for
learned about the deployment models for voice and video and then voip control
voice and video and then voip control and transport protocols
and transport protocols and then finally h323 protocols all of
and then finally h323 protocols all of these are fair game on the ccda exam
these are fair game on the ccda exam and if you know this video well i'm sure
and if you know this video well i'm sure you'll do
you'll do very well on this portion
very well on this portion of the exam good luck in your studies
and in this video you're going to learn about integrated video systems
about integrated video systems specifically
specifically we're going to do an overview of
we're going to do an overview of multimedia traffic design
multimedia traffic design then we'll talk about video formats
then we'll talk about video formats and then finally video design
and then finally video design considerations and challenges you may
considerations and challenges you may face but certainly all this information
face but certainly all this information you'll need to know for your ccda exam
you'll need to know for your ccda exam so let's begin
so let's begin video traffic has the same requirements
video traffic has the same requirements and design consideration as voice
and design consideration as voice traffic
traffic voice and video applications can be
voice and video applications can be grouped in the multimedia traffic
grouped in the multimedia traffic category and in many cases they should
category and in many cases they should be treated similarly by network devices
be treated similarly by network devices this involves ensuring the necessary
this involves ensuring the necessary bandwidth and providing low delay jitter
bandwidth and providing low delay jitter and packet loss
and packet loss media applications underwent a
media applications underwent a significant development process
significant development process regarding ip networks
regarding ip networks resulting in many different combinations
resulting in many different combinations of audio video and data media
of audio video and data media video streams can range from low
video streams can range from low definition webcams to high definition
definition webcams to high definition enterprise level video conferencing
enterprise level video conferencing systems
systems as demand for quality video increases
as demand for quality video increases network infrastructure requirements must
network infrastructure requirements must also increase
also increase companies might have another source of
companies might have another source of media streams on their network in the
media streams on their network in the form of unmanaged not business critical
form of unmanaged not business critical applications
applications in response to the explosion of media
in response to the explosion of media content and applications
content and applications network designers must revise their
network designers must revise their media application provisioning strategy
media application provisioning strategy without a properly selected strategy the
without a properly selected strategy the network infrastructure might not support
network infrastructure might not support all the multimedia traffic that is
all the multimedia traffic that is demanded by users
demanded by users and the network could easily become
and the network could easily become congested
congested common high resolution video formats
common high resolution video formats include 720i
include 720i 720p
720p 1080i and 1080p
1080i and 1080p the numerical value of the format
the numerical value of the format represents the number of rows in the
represents the number of rows in the frame
frame high definition video uses a 16 by 9
high definition video uses a 16 by 9 aspect ratio
aspect ratio which results in
which results in 1920 columns
1920 columns the most common video formats and
the most common video formats and typical bandwidth usages are summarized
typical bandwidth usages are summarized here
and you would do well to pause the video at this point and study this make sure
at this point and study this make sure you memorize it for your ccda exam
you memorize it for your ccda exam now we we reviewed at a high level how
now we we reviewed at a high level how video impacts the network but let's get
video impacts the network but let's get a little bit more granular so you can
a little bit more granular so you can understand how it specifically applies
understand how it specifically applies to network design
to network design and to do that we need to get a bit more
and to do that we need to get a bit more granular on the technical details of
granular on the technical details of video and what you need to take in
video and what you need to take in account when designing for video
account when designing for video there are three types of video solutions
there are three types of video solutions h323
h323 cisco unified video advantage and cisco
cisco unified video advantage and cisco telepresence
telepresence with h323
with h323 multiple third parties offer h.323 video
multiple third parties offer h.323 video conferencing systems
conferencing systems which can be used to set up a video
which can be used to set up a video conference over an ip or isdn network
conference over an ip or isdn network the cisco unified video advantage
the cisco unified video advantage product uses a pc video camera and a
product uses a pc video camera and a cisco ip phone
cisco ip phone as a video conferencing station now when
as a video conferencing station now when a voice call is placed between two users
a voice call is placed between two users running the cisco unified video
running the cisco unified video advantage product
advantage product a video call can automatically be
a video call can automatically be started
started with a video appearing on each user's pc
with a video appearing on each user's pc finally the cisco telepresence
finally the cisco telepresence this solution uses cd quality audio
this solution uses cd quality audio and high definition video
and high definition video displayed on large monitors to create
displayed on large monitors to create lifelike video conferences
now due to the bandwidth intensive and latency sensitive nature of video
latency sensitive nature of video consider the following when designing or
consider the following when designing or troubleshooting a video network
troubleshooting a video network like voice video packets need to be
like voice video packets need to be allocated an appropriate amount of
allocated an appropriate amount of bandwidth and treated with high priority
bandwidth and treated with high priority the following are qos metrics that cisco
the following are qos metrics that cisco recommends for various types of video
recommends for various types of video applications
applications one-way delay should be between 150
one-way delay should be between 150 millisecond and 500 milliseconds maximum
millisecond and 500 milliseconds maximum now please note for cisco telepresence
now please note for cisco telepresence it should be closer to 150 milliseconds
it should be closer to 150 milliseconds maximum
maximum cisco unified video advantage can be
cisco unified video advantage can be around 200 milliseconds and video
around 200 milliseconds and video surveillance can be up to 500
surveillance can be up to 500 millisecond maximum
millisecond maximum now regardless for jitter and packet
now regardless for jitter and packet loss
loss regardless of whether or not it's cisco
regardless of whether or not it's cisco unified video advantage
unified video advantage cisco telepresence or video surveillance
cisco telepresence or video surveillance all three platforms
all three platforms should be no greater than 10 millisecond
should be no greater than 10 millisecond maximum regard with regards to jitter
maximum regard with regards to jitter and 0.05 percent maximum packet loss
now if you're going to design for video you're going to have to understand the
you're going to have to understand the basics of multicast
basics of multicast the complete multicast topic itself is
the complete multicast topic itself is beyond the scope of this video
beyond the scope of this video but certain things you simply will need
but certain things you simply will need to know for the exam
to know for the exam and you can count on the fact that
and you can count on the fact that you're going to need to understand that
you're going to need to understand that there are three versions of igmp
there are three versions of igmp however only two versions are in wide
however only two versions are in wide scale deployment first is igmp version
scale deployment first is igmp version 1.
1. when a pc wants to join a multicast
when a pc wants to join a multicast group it sends an igmp report message to
group it sends an igmp report message to the router
the router letting the router know that it wants to
letting the router know that it wants to receive traffic for a specific group now
receive traffic for a specific group now every 60 seconds by default the router
every 60 seconds by default the router sends an igmp query message to determine
sends an igmp query message to determine if the pc
if the pc still wants to belong to the group
still wants to belong to the group there can be up to three a three minute
there can be up to three a three minute delay before the time the router
delay before the time the router realizes that the receiver has left the
realizes that the receiver has left the group
group the destination address of this router
the destination address of this router query is 224.0.0.1
which addresses all ip multicast hosts now there is also igmp version 2 version
now there is also igmp version 2 version 2 is similar to version 1 except that
2 is similar to version 1 except that version 2 can send queries to a specific
version 2 can send queries to a specific group
group and a leave message is supported
and a leave message is supported specifically a receiver can proactively
specifically a receiver can proactively send a leave message when it no longer
send a leave message when it no longer wants to participate
wants to participate in a multicast group
in a multicast group allowing the router to prune its
allowing the router to prune its interface earlier in an environment with
interface earlier in an environment with a version 2 router and a mixture of
a version 2 router and a mixture of version 1 and version 2 receivers
version 1 and version 2 receivers the version 1 receivers respond normally
the version 1 receivers respond normally to version 1 or version 2 however
to version 1 or version 2 however a version 2 router must ignore any leave
a version 2 router must ignore any leave message
message while version 1 receivers are present
while version 1 receivers are present because if the router processed the
because if the router processed the version 2 leave message it would send a
version 2 leave message it would send a group specific query
group specific query which would not be correctly interpreted
which would not be correctly interpreted by a version 1 receiver
if you're going to effectively troubleshoot video you need to
troubleshoot video you need to understand the concept of distribution
understand the concept of distribution trees
trees to combat the issue of receiving
to combat the issue of receiving duplicate packets cisco routers perform
duplicate packets cisco routers perform a reverse path forwarding check to
a reverse path forwarding check to determine
determine if a multicast packet is entering a
if a multicast packet is entering a router on the appropriate interface
router on the appropriate interface an rpf check examines the source address
an rpf check examines the source address of an incoming packet and checks it
of an incoming packet and checks it against the router's unicast routing
against the router's unicast routing table to see what interface should be
table to see what interface should be used to get back to the source network
used to get back to the source network if the incoming multicast packet is
if the incoming multicast packet is using that interface the rpf check
using that interface the rpf check passes and the packet is forwarded
passes and the packet is forwarded if the multicast packet is coming in on
if the multicast packet is coming in on a different interface the rpf check
a different interface the rpf check fails and the packet is discarded
fails and the packet is discarded multicast traffic flows from a source to
multicast traffic flows from a source to a destination
a destination over a distribution tree which is a loop
over a distribution tree which is a loop free path
free path now there are two types of distribution
now there are two types of distribution trees
trees a source distribution tree
this creates an optimal path between each source router and each last hop
each source router and each last hop router
router and then there's a shared distribution
and then there's a shared distribution tree
tree this creates a tree from a central
this creates a tree from a central rendezvous point or rp
rendezvous point or rp to all last top routers now please note
to all last top routers now please note cisco routers can use the protocol
cisco routers can use the protocol independent multicast protocol or pim
independent multicast protocol or pim to construct ip multicast distribution
to construct ip multicast distribution trees
trees pims protocol independence means that it
pims protocol independence means that it can run over any ip network
can run over any ip network regardless of the underlying unicast
regardless of the underlying unicast routing protocol
so here's what you've learned you received an overview of multimedia
received an overview of multimedia traffic design
traffic design we talked about the unique video formats
we talked about the unique video formats and then design considerations you need
and then design considerations you need to take into account whether preparing
to take into account whether preparing for the ccda exam or actually designing
for the ccda exam or actually designing video for your own network
video for your own network good luck in your studies
hi this is david voss ccie 11372 and in this video you're going to receive an
this video you're going to receive an introduction to wireless lans
introduction to wireless lans specifically we're going to do an
specifically we're going to do an overview of wireless lans talk about
overview of wireless lans talk about wireless lan components
wireless lan components we'll talk about the 802.11 standard in
we'll talk about the 802.11 standard in the osi model how it fits in the osi
the osi model how it fits in the osi model
model then max sub layer coordination how that
then max sub layer coordination how that applies to wireless 802.11 frame types
applies to wireless 802.11 frame types and finally
and finally wireless lan standards
wireless lan standards so wireless lans provide network
so wireless lans provide network connectivity almost anywhere surely you
connectivity almost anywhere surely you use wireless lans if
use wireless lans if if you're in technology surely you're
if you're in technology surely you're using them whether it's your mobile
using them whether it's your mobile phone or your laptop
phone or your laptop whether you're at a coffee shop or at
whether you're at a coffee shop or at your place of business doing byod
your place of business doing byod wireless lands typically can be
wireless lands typically can be implemented at much less cost than
implemented at much less cost than traditional wired lands the wired
traditional wired lands the wired infrastructure is of course based on the
infrastructure is of course based on the 802.3 standards
802.3 standards but a wireless network uses radio waves
but a wireless network uses radio waves to transmit data and can and to connect
to transmit data and can and to connect devices
devices so as you surely know our wireless
so as you surely know our wireless network uses radio waves to transmit
network uses radio waves to transmit data and connect devices
wireless lans are defined by the 802.11 standards
standards now some additional advantages of
now some additional advantages of wireless lans over wired lands include
wireless lans over wired lands include the following
the following monetary cost
monetary cost flexibility uh that you allow users to
flexibility uh that you allow users to roam in places where they normally
roam in places where they normally cannot or uh use their devices in places
cannot or uh use their devices in places they always wish they could
they always wish they could load distribution
load distribution and finally redundancy and we'll get
and finally redundancy and we'll get into this in a little bit but
into this in a little bit but using these wireless access points
using these wireless access points multiple wireless access points
multiple wireless access points in one area can provide redundancy and
in one area can provide redundancy and load distribution at a much more
load distribution at a much more affordable cost
affordable cost than wired lands
now there are there are certain components
components that make up wireless lands and let's
that make up wireless lands and let's start with the client
start with the client uh specifically you or any of our
uh specifically you or any of our customers
customers clients are basically
clients are basically an appliance that interfaces with the
an appliance that interfaces with the wireless medium now again that could be
wireless medium now again that could be a mobile device it could be a laptop it
a mobile device it could be a laptop it could be a tablet
could be a tablet it could be a pc but it's basically a
it could be a pc but it's basically a device that operates as an end user
device that operates as an end user device
an access point functions as a bridge basically between the end points
basically between the end points and the existing network backbone
and the existing network backbone so the access point is what the
so the access point is what the endpoints are actually communicating
endpoints are actually communicating with and as they roam they may change
with and as they roam they may change access points throughout the building
access points throughout the building but the access points are actually what
but the access points are actually what are getting them access
are getting them access to the network
to the network as you can see in this picture access
as you can see in this picture access points come in many different shapes and
points come in many different shapes and sizes these are just a few examples of
sizes these are just a few examples of access points
access points the distribution system plays a key role
the distribution system plays a key role in communications between the customer
in communications between the customer who's trying to get on the wireless
who's trying to get on the wireless network
network and the major wireless lan components
and the major wireless lan components that are actually switching routing the
that are actually switching routing the traffic
traffic the distribution system allows for the
the distribution system allows for the interconnection of the aps of multiple
interconnection of the aps of multiple cells
cells think of your organization if you have
think of your organization if you have one area that's considered a lab and
one area that's considered a lab and it's a wireless lab and that ultimately
it's a wireless lab and that ultimately needs to communicate with marketing on
needs to communicate with marketing on the eighth floor there's you're going to
the eighth floor there's you're going to need a distribution system to
need a distribution system to communicate between those two locations
communicate between those two locations the wireless distribution system allows
the wireless distribution system allows you to connect multiple access points
you to connect multiple access points so with wireless distribution systems
so with wireless distribution systems aps can communicate with one another
aps can communicate with one another without wires in a standardized way now
without wires in a standardized way now that being said distributions could be
that being said distributions could be wired or integrated but this capability
wired or integrated but this capability of communications between access points
of communications between access points is absolutely critical in providing a
is absolutely critical in providing a seamless experience for roaming clients
seamless experience for roaming clients and for managing multiple wireless
and for managing multiple wireless networks it can also simplify the
networks it can also simplify the network infrastructure by reducing the
network infrastructure by reducing the amount of cabling required
amount of cabling required another concept you need to understand
another concept you need to understand is the basic service set
is the basic service set the wireless architecture
the wireless architecture divides the system into cells referred
divides the system into cells referred to as basic service set
to as basic service set and it's controlled by a base station or
and it's controlled by a base station or more commonly an access point
more commonly an access point now an extended service set is a set of
now an extended service set is a set of connected bss
connected bss and then there's the independent basic
and then there's the independent basic service set which is a wireless network
service set which is a wireless network consisting of at least
consisting of at least two endpoints and no distribution system
two endpoints and no distribution system so
so let's draw this out
let's draw this out so we can get a better understanding
so we can get a better understanding of what we learned thus far
of what we learned thus far so
so in any wireless implementation you're
in any wireless implementation you're going to have endpoints that need to
going to have endpoints that need to connect so for example here's a laptop
connect so for example here's a laptop that is connecting to the wireless
that is connecting to the wireless network it connects to the wireless
network it connects to the wireless network through an access point
network through an access point the access point is sending out
the access point is sending out the radio waves which are being received
the radio waves which are being received by the laptop
by the laptop the laptop endpoint
the laptop endpoint then connects onto the wireless network
then connects onto the wireless network assuming it has the proper security
assuming it has the proper security configurations
configurations and it can then
and it can then reach the network
reach the network now access points can communicate not
now access points can communicate not only with laptops but again mobile
only with laptops but again mobile phones
and you can think of this as a basic service set
now let's say in a different area we have
let's say in a different area we have another access point
another access point which is also serving customers or users
and this again could be a server it could be a workstation could be a
could be a workstation could be a printer
printer but regardless it's servicing endpoints
but regardless it's servicing endpoints it's a different implementation
it's a different implementation different part of the building or a
different part of the building or a different building altogether but this
different building altogether but this is another basic service set
so how do these two basic service sets communicate
communicate well they use as you as you have already
well they use as you as you have already learned they use a distribution system
these two ds's can uplink in many ways via wireless or
can uplink in many ways via wireless or in this case they were looking here's a
in this case they were looking here's a wired connection
wired connection this is the distribution system
this is the distribution system that is allowing these two separate
that is allowing these two separate wireless implementations or basic
wireless implementations or basic service sets to communicate
now if we look at the big picture both of these basic service sets and the
of these basic service sets and the distribution system
distribution system the big picture this is the extended
the big picture this is the extended service set
service set this includes all of the wireless
this includes all of the wireless equipment and any equipment used to
equipment and any equipment used to connect the wireless equipment together
the ieee 802 standards define two separate layers for the data link of the
separate layers for the data link of the osi model as you know these two layers
osi model as you know these two layers are the llc and the mac sub layers
are the llc and the mac sub layers the 802.11 standards cover the operation
the 802.11 standards cover the operation of the max sublayer and the physical
of the max sublayer and the physical layer
layer the 802.11 frame consists of a 32 byte
the 802.11 frame consists of a 32 byte mac header variable length and a frame
mac header variable length and a frame check sequence
there are two types of coordinated functions
functions used to ensure collision free access on
used to ensure collision free access on a wireless network
a wireless network first distributed coordinated
first distributed coordinated coordination function
coordination function the mac sub layer technique employs the
the mac sub layer technique employs the well-known csma-ca to avoid collisions
well-known csma-ca to avoid collisions it's used to manage access to the radio
it's used to manage access to the radio frequency medium and it's composed of
frequency medium and it's composed of the following two main components inner
the following two main components inner frame spaces and random back off
frame spaces and random back off and then there's point coordination
and then there's point coordination function and the pcf is used by the ap
function and the pcf is used by the ap to coordinate communications
to coordinate communications with the wireless network
with the wireless network the 802.11 standard uses three main
the 802.11 standard uses three main types of frames control frames
types of frames control frames to control access to the medium
to control access to the medium management frames to enable stations to
management frames to enable stations to establish and maintain communications
establish and maintain communications and then data frames sent by any
and then data frames sent by any endpoint
endpoint and these contain higher layer protocol
and these contain higher layer protocol information or data
now there are many 802.11 standards but you should definitely know of these and
you should definitely know of these and you probably already do know many of
you probably already do know many of them these standards have been rolled
them these standards have been rolled out over the years and you've been on
out over the years and you've been on many of these networks
many of these networks whether it's in your home or at your
whether it's in your home or at your local coffee shop or at work
local coffee shop or at work the initial 802.11 standard was serviced
the initial 802.11 standard was serviced up to 2 megabits per second at this
up to 2 megabits per second at this point we're at the 802.11 n standard
point we're at the 802.11 n standard which theoretically can provide up to
which theoretically can provide up to 600 megabits per second
600 megabits per second of bandwidth
so here's what you've learned you we've we've done a wireless lan overview we've
we've done a wireless lan overview we've talked about wireless lan components
talked about wireless lan components and how the 802.11 standard works with
and how the 802.11 standard works with the osi model
the osi model we've talked about max sub layer
we've talked about max sub layer coordination and how that applies to
coordination and how that applies to wireless 802.11 frame types and
wireless 802.11 frame types and finally wireless lan standards good luck
finally wireless lan standards good luck with your studies
hi this is david voss ccie11372 and in this video you're going
ccie11372 and in this video you're going to learn about the cisco unified
to learn about the cisco unified wireless solution
wireless solution specifically you're going to learn about
specifically you're going to learn about access points
access points lightweight access points and
lightweight access points and lightweight access point protocol
lightweight access point protocol wireless lan controllers
wireless lan controllers discussing both the modes that it
discussing both the modes that it operates in and the interface types and
operates in and the interface types and then mobility groups so plenty to cover
then mobility groups so plenty to cover and let's begin
and let's begin the cisco unified wireless network
the cisco unified wireless network concept includes the following elements
concept includes the following elements wireless clients this includes laptops
wireless clients this includes laptops workstations etc
workstations etc access points this provides access to
access points this provides access to the wireless network
the wireless network network management this is accomplished
network management this is accomplished through network wireless control system
through network wireless control system it's a centralized management tool that
it's a centralized management tool that allows for design and control of
allows for design and control of wireless networks
wireless networks network unification
network unification the wireless lan system needs to be able
the wireless lan system needs to be able to support wireless applications by
to support wireless applications by offering unified security policies such
offering unified security policies such as quality of service
as quality of service and rf management so the the wlc's our
and rf management so the the wlc's our wireless lan controllers offer this
wireless lan controllers offer this unified integration functionality
unified integration functionality and then network services
and then network services wireless network services are also
wireless network services are also referred to as mobility services
referred to as mobility services and include guest access or voice
and include guest access or voice services location services and even
services location services and even threat detection and mitigation
stand-alone access points are also known as autonomous access points they're
as autonomous access points they're obviously very easy to install but the
obviously very easy to install but the thing is they can be difficult to manage
thing is they can be difficult to manage in large deployments they're not as
in large deployments they're not as desirable as the lightweight access
desirable as the lightweight access points
points from cisco because they must be managed
from cisco because they must be managed individually
individually in addition different parameters must be
in addition different parameters must be configured manually on each device
configured manually on each device including ssid vlan and security
including ssid vlan and security features
features the cisco unified wireless network
the cisco unified wireless network introduced the concept of lightweight
introduced the concept of lightweight access points and wireless lan
access points and wireless lan controllers that's lwaps and wlc's
controllers that's lwaps and wlc's these two types of wireless devices
these two types of wireless devices divide responsibilities and
divide responsibilities and functionalities that an autonomous
functionalities that an autonomous access point would normally perform on
access point would normally perform on its own
its own this technology adds scalability by
this technology adds scalability by separating the wireless lan data plane
separating the wireless lan data plane from the control plane into a split mac
from the control plane into a split mac design
design lightweight access points focus only on
lightweight access points focus only on the actual rf transmissions and the
the actual rf transmissions and the necessary real-time control operations
necessary real-time control operations such as beaconing probing and buffering
such as beaconing probing and buffering now wireless lan controllers manage all
now wireless lan controllers manage all non-real-time tasks such as ssid
non-real-time tasks such as ssid management vlan management
management vlan management access point association management
access point association management authentication and quality of service
authentication and quality of service when using lightweight access points
when using lightweight access points all rf traffic they receive must first
all rf traffic they receive must first go to the wireless lan controller device
go to the wireless lan controller device that manage this manages the specific
that manage this manages the specific access point
access point this changes the way in which
this changes the way in which traditional wireless lan communication
traditional wireless lan communication works even for hosts associated to the
works even for hosts associated to the same access point
same access point the rf communication between lightweight
the rf communication between lightweight access points and wireless lan
access points and wireless lan controllers is handled
controllers is handled using the lightweight access point
using the lightweight access point protocol
protocol the lightweight access point tunnel can
the lightweight access point tunnel can operate in either layer 2 or layer 3
operate in either layer 2 or layer 3 mode
mode in layer 2 mode the access point and
in layer 2 mode the access point and wireless lan controllers share the same
wireless lan controllers share the same vlan subnet and functions
vlan subnet and functions with the lightweight access point
with the lightweight access point receiving 802.11 frames and
receiving 802.11 frames and encapsulating them inside ethernet
encapsulating them inside ethernet toward the wireless lan controller
toward the wireless lan controller when the lightweight access point tunnel
when the lightweight access point tunnel operates in layer 3 mode the lightweight
operates in layer 3 mode the lightweight access point receives 802.11 frames and
access point receives 802.11 frames and encapsulates them inside of udp toward
encapsulates them inside of udp toward the wireless lan controller
the wireless lan controller so this implies that the wireless lan
so this implies that the wireless lan controller can be anywhere as long as it
controller can be anywhere as long as it is reachable by the access point
is reachable by the access point the cisco lightweight access point
the cisco lightweight access point protocol can operate in the following
protocol can operate in the following six modes
six modes local mode
local mode reap or remote edge access point mode
reap or remote edge access point mode monitor
monitor road detector mode sniffer mode in
road detector mode sniffer mode in bridge mode
bridge mode every 180 seconds the access point
every 180 seconds the access point spends 60 milliseconds on channels on
spends 60 milliseconds on channels on which it does not operate
which it does not operate during the 60 millisecond time period
during the 60 millisecond time period the access point performs noise in
the access point performs noise in interference measurements and scans for
interference measurements and scans for intrusion detection events
intrusion detection events the reap mode allows the lightweight
the reap mode allows the lightweight access point to reside across a land
access point to reside across a land link and still be able to communicate
link and still be able to communicate with the wireless lan controller and
with the wireless lan controller and provide the functionality of a regular
provide the functionality of a regular lightweight access point
lightweight access point reap mode is not supported on all
reap mode is not supported on all lightweight access point models
lightweight access point models monitor mode is a special feature that
monitor mode is a special feature that allows lightweight access point enabled
allows lightweight access point enabled aps to exclude themselves from dealing
aps to exclude themselves from dealing with data traffic between clients
with data traffic between clients instead they act as dedicated sensors
instead they act as dedicated sensors for location based services rogue ap
for location based services rogue ap detection and for ids
detection and for ids in rd mode
in rd mode the lightweight access point monitors
the lightweight access point monitors for rogue aps
for rogue aps the road the goal of this rogue
the road the goal of this rogue detection of aps
detection of aps is to see all the vlans in the network
is to see all the vlans in the network because rogue aps can be connected to
because rogue aps can be connected to any of those vlans
sniffer mode allows the lightweight access point to capture and forward all
access point to capture and forward all the packets on a particular channel to a
the packets on a particular channel to a remote machine that is running packet
remote machine that is running packet capturing software and finally bridge
capturing software and finally bridge mode typically operates on outdoor aps
mode typically operates on outdoor aps that function in a mesh topology
that function in a mesh topology this cost effective high bandwidth
this cost effective high bandwidth wireless bridging connectivity mechanism
wireless bridging connectivity mechanism includes point-to-point or multi-point
includes point-to-point or multi-point bridging
wireless lan controllers have the following three components wireless lan
following three components wireless lan interfaces and ports the wireless lan is
interfaces and ports the wireless lan is the ssid network name
the ssid network name every wireless lan is assigned to an
every wireless lan is assigned to an interface in the wireless lan controller
interface in the wireless lan controller and each wireless lan is configured with
and each wireless lan is configured with policies for rf qs and other lan
policies for rf qs and other lan attributes
attributes the interfaces are logical connections
the interfaces are logical connections that map to a vlan on the wired network
that map to a vlan on the wired network every interface is configured with a
every interface is configured with a unique ip address default gateway
unique ip address default gateway and physical ports
and physical ports wireless lan controllers support the
wireless lan controllers support the following five interface types the
following five interface types the management interface which is used for
management interface which is used for in-band management or connect
in-band management or connect connectivity to a aaa server
connectivity to a aaa server an optional service port interface for
an optional service port interface for out of band management that is
out of band management that is statically configured
statically configured the access point manager interface used
the access point manager interface used for layer 3 discovery and association
for layer 3 discovery and association dynamic interfaces these are the vlans
dynamic interfaces these are the vlans designated for wireless lan client data
designated for wireless lan client data and virtual interfaces used for layer 3
and virtual interfaces used for layer 3 security authentication dhcp relay and
security authentication dhcp relay and management of mobility features
management of mobility features one of the main features of a wireless
one of the main features of a wireless lan solution is the user's ability to
lan solution is the user's ability to access network resources from different
access network resources from different areas
areas end users most likely move from one
end users most likely move from one location to another so designers should
location to another so designers should scale the wireless network carefully to
scale the wireless network carefully to allow for client roaming
allow for client roaming wireless roaming can be divided into the
wireless roaming can be divided into the following two categories
following two categories intra controller roaming or inter
intra controller roaming or inter controller roaming
controller roaming intracontroller roaming occurs when a
intracontroller roaming occurs when a client moves its association from one ap
client moves its association from one ap to another ap controlled by the same
to another ap controlled by the same wireless lan controller
wireless lan controller inter controller roaming can operate in
inter controller roaming can operate in either layer 2 or layer 3 mode
either layer 2 or layer 3 mode in layer two inner control roaming moves
in layer two inner control roaming moves users from ap
users from ap to ap and from wlc to wlc but they
to ap and from wlc to wlc but they remain in the same subnet
remain in the same subnet layer three inner controller roaming is
layer three inner controller roaming is more difficult to implement because
more difficult to implement because users can move from ap to ap and wlc to
users can move from ap to ap and wlc to wlc from subnet to subnet as well
wlc from subnet to subnet as well in this scenario the wireless lan
in this scenario the wireless lan controllers must be configured with
controllers must be configured with mobility groups
now speaking of mobility groups you may be tested on the following communication
be tested on the following communication ports for mobility groups
ports for mobility groups the lightweight access point protocol
the lightweight access point protocol control udp
control udp one
one two
two lightweight access point protocol data
lightweight access point protocol data udp
udp 12 222
12 222 wireless lan controller exchange
wireless lan controller exchange unencrypted messages
unencrypted messages udp
udp 16660 and wireless lan controller
16660 and wireless lan controller exchange encrypted messages
exchange encrypted messages 16667
so here's what you've learned you've learned about access points
learned about access points lightweight access points and
lightweight access points and lightweight access point protocol
lightweight access point protocol wireless lan controller modes and
wireless lan controller modes and interface types as well as mobility
interface types as well as mobility groups this gives you a good foundation
groups this gives you a good foundation for the wireless portion at least for
for the wireless portion at least for unified wireless solutions and your
unified wireless solutions and your cisco's ccda exam good luck in your
cisco's ccda exam good luck in your studies
hi this is david voss ccie 11372 and in this video we're covering wireless lan
this video we're covering wireless lan design
design we're first going to learn about
we're first going to learn about redundancy and the importance of
redundancy and the importance of redundancy in wireless design
redundancy in wireless design then you'll learn about rf groups and
then you'll learn about rf groups and then we'll also talk about mesh design
then we'll also talk about mesh design so let's begin
so let's begin wireless lan controllers can be
wireless lan controllers can be configured for dynamic or deterministic
configured for dynamic or deterministic redundancy
redundancy for deterministic redundancy the ap is
for deterministic redundancy the ap is configured with a primary secondary and
configured with a primary secondary and tertiary controller
tertiary controller this requires more upfront planning but
this requires more upfront planning but allows for better predictability and
allows for better predictability and faster failover times
faster failover times deterministic redundancy is the
deterministic redundancy is the recommended best practice n plus 1
recommended best practice n plus 1 n plus n and m plus n plus 1 are
n plus n and m plus n plus 1 are examples of deterministic redundancy
with n plus one redundancy a single wireless lan controller acts as the
wireless lan controller acts as the backup of multiple wireless lan
backup of multiple wireless lan controllers
controllers the backup wlc is configured as the
the backup wlc is configured as the secondary wlc on each ap
secondary wlc on each ap one design constraint is that the backup
one design constraint is that the backup wlc might become oversubscribed if there
wlc might become oversubscribed if there are too many failures of the primary
are too many failures of the primary controllers
controllers the secondary wlc is the backup and
the secondary wlc is the backup and controller for all aps and is normally
controller for all aps and is normally placed in the data center
with n plus n redundancy an equal number of controllers back each other up for
of controllers back each other up for example a pair of wlc's on one floor
example a pair of wlc's on one floor serves as a backup to a second pair on
serves as a backup to a second pair on another floor
another floor the top wlc is primary for ap1 and ap2
the top wlc is primary for ap1 and ap2 and the secondary for ap3 and ap4
and the secondary for ap3 and ap4 the bottom wlc is the primary for ap3
the bottom wlc is the primary for ap3 and ap4 and secondary for ap1 and ap2
and ap4 and secondary for ap1 and ap2 there should be enough capacity on each
there should be enough capacity on each controller to manage a failover
controller to manage a failover situation
situation with m plus m plus one redundancy an
with m plus m plus one redundancy an equal number of controllers back each
equal number of controllers back each other up
other up plus a backup wlc is configured as the
plus a backup wlc is configured as the tertiary
tertiary m plus m plus one redundancy functions
m plus m plus one redundancy functions the same as m plus n redundancy
the same as m plus n redundancy plus a tertiary controller that backs up
plus a tertiary controller that backs up the secondary controllers
the secondary controllers the tertiary wlc is placed in the data
the tertiary wlc is placed in the data center or network operations center
center or network operations center here is a summary of wireless lan
here is a summary of wireless lan controller redundancy it would be good
controller redundancy it would be good to memorize this in preparation for your
to memorize this in preparation for your exam
next let's talk about radio management and radio groups
and radio groups the limit of available channels in the
the limit of available channels in the ism frequencies used by ieee 802.11 bgnn
ism frequencies used by ieee 802.11 bgnn standard
standard presents challenges to the network
presents challenges to the network designer
designer there are three non-overlapping channels
there are three non-overlapping channels channels 1 6 and 11.
channels 1 6 and 11. the recommended best practice is to
the recommended best practice is to limit the number of data devices
limit the number of data devices connected to each ap to 20.
connected to each ap to 20. or not more than seven concurrent voice
or not more than seven concurrent voice over wireless lan calls using g711
over wireless lan calls using g711 an rf group is a cluster of wlc devices
an rf group is a cluster of wlc devices that coordinate their rrm calculations
that coordinate their rrm calculations rf groups are formed with the following
rf groups are formed with the following process ap send out neighbor messages
process ap send out neighbor messages over the air
over the air the message includes an encrypted shared
the message includes an encrypted shared secret that is configured on the wlc and
secret that is configured on the wlc and pushed to each ap
pushed to each ap aps sharing the same secret are able to
aps sharing the same secret are able to validate messages from each other
validate messages from each other the members in the rf group elect an rf
the members in the rf group elect an rf group leader to maintain a master power
group leader to maintain a master power and channel scheme for the rf group
and channel scheme for the rf group similar to performing an assessment for
similar to performing an assessment for a wired network design
a wired network design rf surveys are done to determine design
rf surveys are done to determine design parameters for wireless lans and
parameters for wireless lans and customer requirements
customer requirements rf site surveys help determine the
rf site surveys help determine the coverage areas and check for rf
coverage areas and check for rf interference
interference this helps determine the appropriate
this helps determine the appropriate placement of wireless aps
placement of wireless aps the rf site survey has the following
the rf site survey has the following steps
steps to find customer requirements such as
to find customer requirements such as service levels and support for voip
service levels and support for voip determine devices to support
determine devices to support obtain a facility diagram to identify
obtain a facility diagram to identify the potential rf obstacles
the potential rf obstacles visually inspect the facility to look
visually inspect the facility to look for potential barriers to the
for potential barriers to the propagation of rf signals
propagation of rf signals identify user areas that may be
identify user areas that may be intensively used such as conference
intensively used such as conference rooms
rooms in areas that are not heavily used such
in areas that are not heavily used such as stairwells
as stairwells determine preliminary ap locations which
determine preliminary ap locations which need power wired network access
need power wired network access cell coverage and overlap
cell coverage and overlap not to mention channel selection
not to mention channel selection mounting locations and antennas
mounting locations and antennas let's talk about wireless mesh for
let's talk about wireless mesh for outdoor wireless
outdoor wireless traditionally outdoor wireless solutions
traditionally outdoor wireless solutions have been limited to point-to-point
have been limited to point-to-point point to multi-point bridging between
point to multi-point bridging between buildings
buildings with these solutions each ap is wired to
with these solutions each ap is wired to the network the cisco wireless mesh
the network the cisco wireless mesh networking solution eliminates the need
networking solution eliminates the need to wire each ap
to wire each ap and allows users to roam from one area
and allows users to roam from one area to another without having to reconnect
to another without having to reconnect the wireless mesh components are shown
the wireless mesh components are shown here
here the wcs
the wcs the wlc
the wlc the rap and the map
the following are cisco recommendations for mesh design
for mesh design there is under 10 millisecond latency
there is under 10 millisecond latency per hop typically two to three
per hop typically two to three millisecond
millisecond for outdoor deployment four or fewer
for outdoor deployment four or fewer hops are recommended for best
hops are recommended for best performance with a maximum of eight
performance with a maximum of eight for indoor deployment one hop is
for indoor deployment one hop is supported
supported for best performance 20 map nodes per
for best performance 20 map nodes per wrap is recommended
wrap is recommended up to 32 maps is supported per wrap
up to 32 maps is supported per wrap throughput one hop 14 megabits per
throughput one hop 14 megabits per second two hops seven megabits per
second two hops seven megabits per second
second three hops three megabit and four hops
three hops three megabit and four hops one megabits per second
as you can see here you have five primary design items number of aps
five primary design items number of aps placement of aps
placement of aps power for aps
power for aps number of wlc's and placement of wlc's
number of wlc's and placement of wlc's the following points summarize wireless
the following points summarize wireless lan design
lan design an rf site survey is used to determine a
an rf site survey is used to determine a wireless network's rf characteristics
wireless network's rf characteristics and ap placement
and ap placement outdoor wireless networks are supported
outdoor wireless networks are supported using outdoor aps and cisco wireless
using outdoor aps and cisco wireless mesh networking aps
mesh networking aps campus wireless network design provides
campus wireless network design provides rf coverage for wireless clients in the
rf coverage for wireless clients in the campus using lwp's
campus using lwp's each ap should be limited to 20 data
each ap should be limited to 20 data devices and a data
devices and a data wireless lan
wireless lan so here's what you've learned you've
so here's what you've learned you've learned about wireless redundancy rf
learned about wireless redundancy rf groups and mesh design all are key
groups and mesh design all are key points on the ccda exam
points on the ccda exam that you will need to know
that you will need to know and be able to answer not only on your
and be able to answer not only on your exam but of course if you support
exam but of course if you support wireless in your own network good luck
wireless in your own network good luck in your studies
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
Works with YouTube, Coursera, Udemy and more educational platforms
Get Instant Transcripts: Just Edit the Domain in Your Address Bar!
YouTube
←
→
↻
https://www.youtube.com/watch?v=UF8uR6Z6KLc
YoutubeToText
←
→
↻
https://youtubetotext.net/watch?v=UF8uR6Z6KLc