Module1_Scalable Network Design

Page: 1 CCNP: Building Scalable Internetworks v5.0.3.0

Module 1 Scalable Network Design

NOTES

Scalability is the capability of a network to grow and adapt without major redesign or reinstallation.

Good design is the key to the capability of a network to scale. Poor design, not an outdated protocol or

router, will prevent a network from scaling properly. A network design should follow a hierarchical model

to be scalable.

The Cisco vision of the future Intelligent Information Network (IIN) and the Service-Oriented Network

Architecture (SONA) are then introduced, followed by the Cisco Enterprise Architectures and how they

align with the Cisco Enterprise Composite Network Model (ECNM).

1.1.3 The Intelligent Information Network (IIN)

The Intelligent Information Network (IIN) is a strategy that addresses the evolving role of the

network as the platform within business. It directly addresses the desire to align IT resources

with business priorities. The resulting network delivers active participation, process

optimization, service delivery, and application responsiveness, which results in better IT

awareness.

IIN encompasses these features:

Integration of networked resources and information assets that have been largely unlinked: The modern converged networks with integrated voice, video, and data require that IT departments more closely link the IT infrastructure with the network.

Intelligence across multiple products and infrastructure layers: The intelligence built into each component of the network is extended network-wide and applies end-to-end.

Active participation of the network in the delivery of services and applications: With added intelligence, the IIN makes it possible for the network to actively manage, monitor, and optimize service and application delivery across the entire IT environment.


The Intelligent Information Network (IIN) is a strategy that addresses the evolving role of the network as the platform within business.

The IIN offers much more than basic connectivity, bandwidth for users, and access to applications. It offers end-to-end functionality and centralized, unified control that promotes true business transparency and agility.

The IIN technology vision offers an evolutionary approach that consists of three phases in which functionality can be added to the infrastructure as required.


1.1.4 The SONA Framework Service-Oriented Network Architecture (SONA)

The Cisco SONA framework outlines how enterprises can evolve to an IIN.

-It addresses new IT challenges, such as the deployment of service-oriented architectures (SOA), Web services, and virtualization.


The Cisco SONA framework provides the following advantages:

Outlines the path toward the IIN Illustrates how to build integrated systems across a fully converged IIN Improves flexibility and increases efficiency, which results in optimized applications,

processes, and resources

Cisco SONA outlines these three layers of the IIN:

Network infrastructure layer: Interconnects all IT resources across a converged network foundation. The IT resources include servers, storage, and clients. The network infrastructure layer represents how these resources exist in different places in the network, including the campus, branch, data center, WAN and Metropolitan Area Network (MAN), and teleworker. The objective for customers in this layer is to have anywhere and anytime connectivity.

Interactive services layer: Enables efficient allocation of resources to applications and business processes that are delivered through the networked infrastructure. This layer comprises these services:

o Voice and collaboration o Mobility o Security and identity o Storage o Computer o Application networking o Network infrastructure virtualization o Services management o Adaptive management

Application layer: Includes business applications and collaboration applications. The objective for customers in this layer is to meet business requirements and achieve efficiencies by leveraging the interactive services layer.



1.1.5 Cisco Enterprise Architectures

Based on the Cisco SONA framework, Cisco Enterprise Architecture helps organizations evolve to an IIN.

The architecture fully integrates and optimizes the networked infrastructure, interactive services, and applications across entire enterprises. The architectures specifically target campus, data center, branch, teleworker, MAN and WAN locations.

Campus Architecture

The Cisco Enterprise campus architecture combines a core infrastructure of intelligent switching and routing with tightly integrated productivity-enhancing technologies, including IP Communications, mobility, and advanced security. The architecture provides the enterprise with high availability through a resilient multilayer design, redundant hardware and software features, and automatic procedures for reconfiguring network paths when failures occur. Multicast provides optimized bandwidth consumption, and quality of service (QoS) prevents oversubscription to ensure that real-time traffic, such as voice and video or critical data, is not dropped or delayed. Integrated security protects against and mitigates the impact of worms, viruses, and other attacks on the network, even at the port level. Cisco enterprise-wide architecture extends support for standards, such as 802.1x and Extensible Authentication Protocol (EAP). It also provides the flexibility to add IP Security (IPSec) and Multiprotocol Label Switching Virtual Private Networks (MPLS VPNs), identity and access management, and VLANs to compartmentalize access. This helps improve performance and security and decreases costs.

Data Center Architecture The Cisco Enterprise data center architecture is a cohesive, adaptive network architecture that supports the requirements for consolidation, business continuance, and security while enabling emerging SOAs, virtualization, and on-demand computing. IT staff can easily provide departmental staff, suppliers, or customers with secure access to applications and resources. This approach simplifies and streamlines management, significantly reducing overhead. Redundant data centers provide backup using synchronous and asynchronous data and application replication. The network and devices offer server and application load balancing to maximize performance. This solution allows enterprises to scale without major changes to the infrastructure.

Branch Architecture The Cisco Enterprise branch architecture allows enterprises to extend head-office applications and services, such as security, IP Communications, and advanced application performance, to thousands of remote locations and users, or to a small group of branches. Cisco integrates security, switching, network analysis, caching, and converged voice and video services into a series of integrated services routers in the branch so that enterprises can deploy new services when they are ready without buying new equipment. This solution provides secure access to voice, mission-critical data, and video applications anywhere, anytime. Advanced network routing, VPNs, redundant WAN links, application content caching, and local IP telephony call processing provide a robust architecture with high levels of resilience for all the branch offices. An optimized network leverages the WAN and LAN to reduce traffic and save bandwidth and operational expenses. Enterprises can easily support branch offices with the ability to centrally configure, monitor, and manage devices located at remote sites, including tools, such as AutoQoS, that proactively resolve congestion and bandwidth issues before they affect network performance.

Teleworker Architecture

Also called the Enterprise Branch-of-One, the Cisco Enterprise teleworker architecture allows enterprises to securely deliver voice and data services to remote small or home offices over a standard broadband access service, providing a business resiliency solution for the enterprise and a flexible work environment for employees. Centralized management minimizes IT support


costs, and robust integrated security mitigates the unique security challenges of this environment. Integrated security and identity-based networking services enable the enterprise to help extend campus security policies to the teleworker. Staff can securely log into the network over an “always-on” VPN and gain access to authorized applications and services from a single cost-effective platform. The productivity can further be enhanced by adding an IP phone, providing cost-effective access to a centralized IP Communications system with voice and unified messaging services.

WAN and MAN Architectures

The Cisco Enterprise WAN and MAN architectures offer the convergence of voice, video, and data services over a single IP Communications network. This approach enables enterprises to cost-effectively span large geographic areas. QoS, granular service levels, and comprehensive encryption options help ensure the secure delivery of high-quality corporate voice, video, and data resources to all corporate sites, enabling staff to work productively and efficiently from any location. Security is provided with multiservice VPNs (IPSec and MPLS) over Layer 2 or Layer 3 WANs, hub-and-spoke, or full mesh topologies.



Page:

10 CCNP: Building Scalable Internetworks v5.0.3.0

1. 7 The Enterprise Composite Network Model (ECNM)

Page:


Building, with access switches and end devices (PCs and IP phones) Building distribution, with distribution multilayer switches Core, sometimes called the backbone Edge distribution, which concentrates all branches and teleworkers accessing the

campus via WAN or Internet

Page:


Server farm, which represents the data center Management, which represents the network management functionality

Additional modules in the other functional areas represent e-commerce functionality, corporate Internet connections, remote access and VPN connections, and traditional WAN (Frame Relay, ATM, and leased lines with PPP) connections

1.2.1 Scalable Network Design

The ECNM breaks the complex problem of network design into smaller, more manageable

problems. Each level, or tier in the hierarchy, addresses a different set of problems. This helps

the designer optimize network hardware and software to perform specific roles. For example,

devices at the lowest tier are optimized to accept traffic into a network and pass that traffic to

the higher layers.

Layered models are useful because they facilitate modularity. Devices at each layer have similar

and well-defined functions. This allows administrators to easily add, replace, and remove

Page:


individual pieces of the network. This kind of flexibility and adaptability makes a hierarchical

network design highly scalable.

1.2.2 Five Characteristics of a Scalable Network

Although every large internetwork has unique features, all scalable networks have essential

attributes in common. A scalable network has five key characteristics:

Reliable and available

Responsive

Efficient

Adaptable

Accessible but secure

The Cisco IOS offers a rich set of features that support network scalability.

1.2.3 Making the Network Reliable and Available

A reliable and available network provides users with 24 hour a day, seven days a week access.

In a highly reliable and available network, fault tolerance and redundancy make outages and

failures invisible to the end user. However, the high-end devices and telecommunication links

that ensure this kind of performance come with a high price tag. Network designers constantly

have to balance the needs of users with the resources at hand.

When choosing between high performance and low cost at the core layer, the network

administrator should choose the best available routers and dedicated WAN links. The core must

be designed to be the most reliable and available layer. If a core router fails or if a core link

becomes unstable, routing for the entire internetwork might be adversely affected.

Core routers maintain reliability and availability by rerouting traffic in the event of a failure.

Robust networks can adapt to failures quickly and effectively. To build robust networks, the

Cisco IOS offers several features that enhance reliability and availability, including:

Support for scalable routing protocols: Routers in the core of a network should

converge rapidly and maintain reachability to all networks and subnetworks within an

autonomous system. Simple distance vector routing protocols, such as Routing

Information Protocol (RIP), take too long to update and adapt to topology changes to be

Page:


viable core solutions. Compatibility issues may require that some areas of a network run

simple distance vector protocols such as RIP. It is best to use a scalable routing protocol

in the core layer. Good choices include Open Shortest Path First (OSPF), Intermediate

System to Intermediate System (IS-IS), or Enhanced Interior Gateway Routing Protocol

(EIGRP).

Support for alternate paths: Redundant links maximize network reliability and

availability, but they are expensive to deploy throughout a large internetwork. Core links

should always be redundant. Other areas of a network may also need redundant

telecommunication links. If a remote site exchanges mission-critical information with

the rest of the internetwork, that site would be a candidate for redundant links. To

provide another dimension of reliability, an organization may even invest in redundant

routers to connect to these links. A network that consists of multiple links and

redundant routers contains several paths to a given destination. If a network uses a

scalable routing protocol, each router maintains a map of the entire network topology.

This map helps routers select an alternate path quickly if a primary path fails. EIGRP

actually maintains a database of all alternate paths if the primary route is lost.

Support for load balancing: Redundant links do not necessarily remain idle until a link

fails. Routers can distribute the traffic load across multiple links to the same destination.

This process is called load balancing. Equal-cost load balancing can be implemented

using alternate paths with the same cost metric or unequal-cost load balancing can be

implemented over alternate paths with different metrics.

Page:


1.2.4 Making the Network Responsive

End users notice network responsiveness as they use the network to perform

routine tasks. Users expect network resources to respond quickly, as if network

applications were running from a local hard drive.

Networks must be configured to meet the needs of all applications, especially

time delay-sensitive applications, such as voice and video. If the router schedules

these packets for transmission on a first-come, first-served basis, users could

experience an unacceptable lack of responsiveness. For example, an end user

sending delay-sensitive voice traffic may be forced to wait too long while the

router empties its buffer of queued packets.

Cisco IOS addresses priority and responsiveness issues through queuing. Queuing,

sometimes referred to as congestion management, refers to the process that the

router uses to schedule packets for transmission during periods of congestion.

Congestion management features operate to control congestion once it occurs.

By using the queuing feature, a congested router may be configured to reorder

packets so that mission-critical and delay-sensitive traffic is processed first. These

higher priority packets are sent first even if other lower priority packets arrive

ahead of them.

Some of the Cisco IOS software congestion management (queuing) features

include the following:

FIFO queuing

Priority queuing (PQ)

Custom queuing (CQ)

Weighted fair queuing (WFQ) and distributed WFQ (DWFQ)

Class-based WFQ (CBWFQ) and Distributed CBWFQ (DCBWFQ)

Low Latency Queuing (LLQ)

Page:


Each queuing algorithm is designed to solve a specific network traffic problem and

has a particular effect on network performance.

1.2.5 Making the Network Efficient

An efficient network should not waste bandwidth, especially over costly WAN

links. To be efficient, routers should prevent unnecessary traffic from traversing

the WAN and minimize the size and frequency of routing updates.

Cisco IOS includes several features designed to optimize a WAN connection:

Access lists

Route maps

Compression over WANs

Route summarization

Incremental updates

1.2.6 Making the Network Adaptable

An adaptable network should be able to handle the addition and coexistence of

multiple routed and routing protocols, including:

IPv4

IPv6

Legacy protocols, such as IPX and AppleTalk .

1.2.7 Making the Network Accessible But Secure

Page:


Accessible networks let users connect easily over a variety of technologies.

Campus LAN users typically connect to routers at the access layer through

Ethernet. Remote users and sites may have access to several types of WAN

services. Cost and geography play a significant role in determining what type of

WAN services an organization can deploy. Therefore, Cisco routers support all

major WAN connection types. As shown in Figure below (Making the network

accessable but Secure), these services include all of the following:

Circuit-switched networks that use dialup lines

Dedicated networks that use leased lines

Packet-switched networks

Dialup and dedicated access: Cisco routers can be directly connected to basic

telephone service or digital services such as T1/E1. Dialup links can be used for

backup or remote sites that need occasional WAN access, while dedicated leased

lines provide a high-speed, high-capacity WAN core between key sites.

Packet-switched: Cisco routers support Frame Relay, X.25, Switched Multi-

megabit Data Service (SMDS), and ATM. With this variety of support, which WAN

service, or combination of WAN services, to deploy can be determined based on

cost, location, and need.

Often, the easier it is for legitimate remote users to access the network, the

easier it is for unauthorized users to break in. An access strategy must be carefully

planned so that resources, such as remote access routers and servers, are secure.

Network Access Control (NAC) and Identity Based Network Services (IBNS) should

be implemented to ensure secure access.

Page:


1.3 Converged Networks

1.3.1 Traffic Conditions in a Converged Network

Converged networks with integrated voice, video, and data contain various traffic

patterns:

Voice and video traffic, such as IP telephony, and video broadcast and

conferencing

Voice applications traffic generated by voice-related applications (such as

contact centers)

Mission-critical traffic generated, for example, by stock exchange

applications

Transactional traffic generated by e-commerce applications

Routing update traffic from routing protocols like RIP, OSPF, EIGRP, IS-IS,

and Border Gateway Protocol (BGP)

Network management traffic

Page:


The diversity of the traffic mix poses stringent requirements on the network in

terms of performance and security. The requirements significantly differ,

depending on the traffic type.

For example, voice and video require constant bandwidth and low delay and

jitter, while the transactional traffic requires high reliability and security with

relatively low bandwidth. Video traffic is frequently carried as IP multicast traffic.

Also, voice applications, such as IP telephony, require high reliability and

availability because the user expectations for “dial tone” in the IP network are

exactly the same as in traditional phone network. To meet the traffic

requirements in the network, voice and video traffic must be treated differently

from other traffic, such as web-based traffic. QoS mechanisms are mandatory in

converged networks.

Security is a key issue not only in fixed networks but also in wireless mobility,

where access to the network is possible virtually anywhere. Several security

strategies, such as device hardening with strict access control and authentication,

intrusion protection, intrusion detection, traffic protection with encryption, and

others, can minimize or even totally remove network security threats.

Page:


1.3 Converged Networks

1.3.2 Routing and Routing Protocols

The focus of this course is on selecting, planning, implementing, tuning, and

troubleshooting IP advanced routing protocols. All the models and tools described

previously are important in the initial part of this process—selecting and planning.

The best practice is to use one IP routing protocol throughout the enterprise, if

possible. In many cases, this practice is not possible, which will be discussed in

detail in another module.

For example, BGP is a factor in the corporate Internet and e-commerce modules if

multihoming to ISPs is implemented. For remote access and VPN users, static

routes are almost always used. Therefore, dealing with multiple routing protocols

is likely.

The ECNM can assist in determining where each routing protocol is implemented,

where the boundaries are, and how traffic flows are managed.

It is obvious that advanced IP routing protocols must be implemented in all core

networks to support high-availability requirements. Less advanced routing

protocols, such as RIP and static routes, may exist at the access and distribution

levels within modules. Fig 1

Figure 2 represents a simple comparison of three IP routing protocols. The

remainder of this course consists of technical detail on each of these, as well as

BGP, IP multicast, and IP version 6 (IPv6).

Page:


Page:


Summary

This module defined scalability and provided examples of network design that

enable successful network expansion. It highlighted the network as the platform

and explained Cisco’s vision of the future with the Intelligent Information

Network (IIN) and the Service-Oriented Network Architecture (SONA). The Cisco

Enterprise Architectures along with the Cisco Enterprise Composite Network

Model (ECNM) provided examples of scalable network design.

Also discussed were scalable network characteristics, including reliable and

available, responsive, efficient, adaptable, and accessible but secure.

These concepts will apply in the entire CCNP: Building Scalable Internetworks

curriculum.

*******END*******

Page:


MOUDULE 1 Quiz

3

4

Page:


5

6

7

8

Page:


9

10.

Page:


ANSWER KEY TO QUIZ # 1

1. reroute traffic

2. Routing should be done without access lists, address translation, or

other packet manipulation at the core

3. It can schedule packets for transmission based on priority during

periods of congestion.

4. The ability to route traffic while providing Quality of service (QoS) for

various applications and protocols

5. Access

6. Allows routing information to be shared among different routing

protocols

7. Defines policies for the network with route summarization and VLAN

implementation

8. Accessible

9. (i) Access lists (ii) authentication protocols

10. (i) high-speed traffic forwarding (ii)traffic prioritization

Module1_Scalable Network Design

Documents

network infrastructure

resulting network

converged network foundation

reconfiguring network

extended networkwide

metropolitan area network

resources cisco sona

converged iin