8/18/2019 Ccda Aula 01

1/40

Designing for CiscoInternetwork Solutions(DESGN) v2.1

. 1

 Aula 01 – Cap 01IdentificandoRequerimentos deDesign

Metodologia para concepção de redes

.

8/18/2019 Ccda Aula 01

2/40

 Abordagem Cisco PPDIOO

.

Benefícios da abordagem PPDIOO

. 1-3

8/18/2019 Ccda Aula 01

3/40

Metodologia de design PPDIOO

Três passos:

1. Identificar os requerimentos do cliente

2. Caracterizar a rede e sites existentes

3. Conceber as topologias e soluções de rede

. 1-4

Identificando os requerimentos do cliente

. 1-5

8/18/2019 Ccda Aula 01

4/40

Exemplo: Identificando as aplicações

Criticality Application Type  Application (critical/important/ Comments

unimportant)

E-mail Microsoft Outlook Important

GroupwareCisco UnifiedMeetingPlace

ImportantWe need to be able to sharepresentations and applicationsduring remote meetings.

Microsoft Internet

Web browsing Explorer, Opera, ImportantNetscape

Video on demand IP/TV Critical

Database Oracle Critical All data storage will be basedon Oracle.

Customer supportCustomer 

applicationsCritical

. 1-7

Exemplo: Identificando serviços de infra

Service

Security

Comments

Deploy security systematically, including firewalls, intrusion detectionsystems (IOSs), and access control li sts (ACLs)

QoS Give priority to delay-sensitive voice traffic and other important traffic

Network management

Use centralized management tools where appropriate and point

product management as required

High availabil ity Eliminate single points of failure and use redundant paths as needed

IP telephony Want to migrate company from regular telephony

Mobility Need client laptop guest access along with mobility of employee PCs

. 1-9

8/18/2019 Ccda Aula 01

5/40

8/18/2019 Ccda Aula 01

6/40

Exemplo: Identificando objetivos técnicos

Technical Goals Importance Comments

Performance 20Important of the central site, less important in branchoffices

 Availability 25 Should be 99.9 percent

Manageability 5

Security 15 Security for critical data transactions is extremelyimportant

 Adaptability 10

Scalability 25 Scalability is critical

Total 100

. 5

Exemplo: Identificando restrições técnicas

Technical Constraints Gathered Data Comments

Replace existing coaxial

Existing wiring Coaxial cabling cabling. Use twisted-pair todesktop and fiber optics foruplinks and in the backbone.

Upgrade speeds; consider Bandwidth availability 64-kbps WAN links another service provider w ith

additional services to offer.

 Application compatibility IPv6 based applicationsMake sure new networkequipment supports IPv6.

. 6

8/18/2019 Ccda Aula 01

7/40

Resumo

The PPDIOO approach reflects the life cycle phases of a standardnetwork.

The design methodology under PPDIOO includes theseprocesses:

- Identifying customer requirements

- Characterizing the existing network and sites

- Designing the network topology and solutions

Key steps in identifying customer requirements include these:

- Identifying network applications and services

- Defining organizational goals and constraints

- Defining technical goals and constraints

. 7

Characterizing theExisting Networkand Sites

 Applying a Methodology to Network Design

.

8/18/2019 Ccda Aula 01

8/40

Characterizing the Existing Networkand Sites

Gather documentation and query the organization.

Perform a site and network assessment to help detail the network.

Consider performing traffic analysis on the existing network andapplications.

.

Identifying Major Features of the Network

Collect the information about the planned and existing networkinfrastructure:

- Site contact information

- Network topology such as network devices, physical andlogical links, external connections, encapsulations,bandwidths, IP addressing, routing protocols

- Network services such as security, QoS, high availability,IP telephony, storage, and wireless

- Network applications such as unified communications andvideo delivery

Collect the information about expected network functionality.

Identify network modules based on the given information.

. 1-3

8/18/2019 Ccda Aula 01

9/40

Sample Site Contact Questions

What is the site location or name?

What is the site address?

What is the shipping address?

Who is the site contact?

Is this site owned and maintained by the customer?

Is this a staffed site?

What are the hours of operation?

What are the building or room access procedures?

 Are there any special security or safety procedures?

 Are there any union or labor requirements or procedures?

What are the locations of the equipment cabinets and racks?

. 1-4

Example: Customer Network Diagram

. 1-5

8/18/2019 Ccda Aula 01

10/40

Network Assessment InformationSources

. 1-6

Example: Network Assessment

. 1-7

8/18/2019 Ccda Aula 01

11/40

Network Assessment Tools

Manual assessment:

- Use monitoring commands on network devices on small networks.

- Use scripting tools to collect information on large networks.

Use existing management and auditing tools:

- CiscoWorks

- Third-party tools such as WhatsUp Gold, Castle Rock SNMPc,open source Cacti, Netcordia NetMRI, and NetQoS NetVoyant

Use other tools to collect relevant information for the network devices:- Third-party tools such as Network General Sniffer, AirMagnetsoftware and devices, and WildPacketsAiroPeek

. 1-8

Commands for Manual InformationCollection

. 1-9

8/18/2019 Ccda Aula 01

12/40

Example: Manual InformationCollection—Router CPU Utilization

. 0

Example: Manual InformationCollection—Router Memory Utilization

. 1

8/18/2019 Ccda Aula 01

13/40

Example: Automatic InformationCollection—Cacti Device List

. 2

Example: Automatic InformationCollection—NetMRI Inventory

. 3

8/18/2019 Ccda Aula 01

14/40

Network Traffic Analysis

Use organizational input to identify the applications used in theexisting network and their relative importance.

Perform a traffic analysis to reveal additional applications used inthe network.

Use the results and organizational input to define QoS andsecurity-related requirements for discovered applications.

. 4

Steps in Analyzing Network Traffic

. 5

8/18/2019 Ccda Aula 01

15/40

Example: Traffic Analysis

 Application No. 8:

Description: Accounting software

Protocol: TCP port 5151

Servers: 2

Clients: 50

Scope: Campus

Importance: High Average rate: 50 kbps with 10-second bursts to 1

Mbps

. 6

Network Analysis Tools

Cisco IOS Software analysis capabilities:

- NBAR

- NetFlow

Cisco software-based network analyzers:

- Cisco CNS NetFlow Collection Engine

Third-party tools, such as:- Open source Cacti

- Network General Sniffer 

- WildPackets EtherPeek and AiroPeek

- SolarWinds Orion

- Wireshark

- RMON probes

. 7

8/18/2019 Ccda Aula 01

16/40

8/18/2019 Ccda Aula 01

17/40

Example: Cacti Graph

. 0

Example: Solarwinds Orion

. 1

8/18/2019 Ccda Aula 01

18/40

Summary Report

Characterization of the existing network results in asummary report that is used to:

Describe the software features required in the network

Describe possible problems in the existing network

Identify the actions needed to prepare the network for theimplementation of the required features

Influence the customer requirements

. 2

Example: Equipment Summary Report

The network uses 895 routers:

655 routers use Cisco IOS Software Release 12.2(10).

240 routers use an older Cisco IOS Software version.

. 3

8/18/2019 Ccda Aula 01

19/40

Example: Summary ReportProblem Statement

Requirement: Queuing in the WAN

Identified problem:

- Existing Cisco IOS Software version does not support newqueuing technologies.

- 15 out of 19 routers with older Cisco IOS Software are in theWAN.

- 12 out of 15 routers do not have enough memory to upgrade toCisco IOS Software Release 12.3 or later.

- 5 out of 15 routers do not have enough flash memory toupgrade to Cisco IOS Software Release 12.3 or later.

. 4

Example: Summary ReportRecommendations

Recommended action:

- 12 memory upgrades to 64 MB

- 5 flash memory upgrades to 16 MB

Options:

- Replace hardware and software to support queuing.

- Find an alternative mechanism for that part of the network.- Find an alternative mechanism and use it instead of queuing.

- Evaluate the consequences of not implementing the requiredfeature in that part of the network.

. 5

8/18/2019 Ccda Aula 01

20/40

Documenting an Existing Network

. 6

Network Characterization Hour Estimates

Small Network Medium N etwork Large Network Huge Network1-20 20-200 200-800 >800

Swit ches /Rout ers Swit ches /Rout ers Swi tches/ Rout er s Swit ches /Rout ers

a) Interview management team 4 4 8 8 12 12 16 16

b) Interview network team 4 4 6 6 8 12 24 24

c) Review documentation 4 4 6 6 8 12 16 16

d) Set up network discovery tool 4 4 6 6 8 8 16 16

e) Resolve SNMP access and similar problems 4 4 8 16 16 48 80 160

f) Allow tools to gather data

g) Analyze captured data 4 8 16 16 24 24 40 40

h) Prepare high level Layer 3 diagrams 4 4 4 8 8 16 16 32

i) Prepare report stating conclusions 16 16 32 32 48 48 80 80

 j) Incrementally prepare network diagrams

Estimatedmanpowerin hours 44-48 86-98 132-180 288-384

. 7

8/18/2019 Ccda Aula 01

21/40

Summary

Characterizing an existing network entails gathering as muchinformation about the network as possible. Organization input, anetwork audit, and traffic analysis provide the key information thatyou need.

Identifying major features of the network involves gatheringnetwork documentation and querying the organization.

The auditing process adds detail to the initial networkdocumentation that you created from existing documentation andcustomer input.

You can manually audit a small network, but you typically needautomated tools to audit a large network.

Traffic analysis verifies the set of applications and protocols usedin the network and determines the traffic patterns of theapplications.

. 8

Summary (Cont.)

Tools used for traffic analysis range from manual identificationof applications using Cisco IOS Software commands incombination with NBAR or NetFlow to those where dedicatedsoftware- or hardware-based analyzers capture live packets orSNMP data.

The result of the network characterization is a summary report

describing the health of the network.

. 9

8/18/2019 Ccda Aula 01

22/40

Using the Top-Down Approach to NetworkDesign

 Applying a Methodology to Network Design

.

Top-Down Design Practices

Start your design here.

Design down the OSI model.

.

8/18/2019 Ccda Aula 01

23/40

Top-Down and Bottom-Up Approach Comparison

Top-Down Approach Bottom-Up Approach

Incorporates organizational    Allows a quick responserequirements to a design request

Benefits Gives the big picture to   Facilitates design based

organization and designer on previous experience

Implements little or no notion of actual

Disadvantages

  Incorporates organizational

requirementsorganizational requirements

May result in inappropriatenetwork design

. 1-3

Creating a Network Decision Table

Decide which network layer requires decisions.

Gather possible options for a given situation.

Create a table that includes possible options andgiven requirements.

Match given requirements with specific properties ofgiven options.

Select the option with the most matches as the mostappropriate one.

. 1-5

8/18/2019 Ccda Aula 01

24/40

Example: Selecting a Routing Protocol

Options

RequiredParameters EIGRP OSPF BGP Network

Parameters

Size of Network(Small/Medium/Large/Very Large)

Enterprise-Focused(Yes/No)

Use of VLSM(Yes/No)

Supports Cisco Routers(Yes/No)

Network Support Staff Knowledge(Good/Fair/Poor)

Large

Yes

Yes

Yes

Good

Large Very Large

Yes No

Yes Yes

Yes Yes

Fair Poor  

Large

Yes

Yes

Yes

Good

. 1-6

 Assessing the Scope of the NetworkDesign Process

Scope of Design Comments

Entire network All branch off ice LANs upgraded to support Fast Ethernet technology

CampusRedundant equipment and links

 Addition of wireless client mobility

WAN Solutions to overcome bottlenecks

. 1-7

8/18/2019 Ccda Aula 01

25/40

Example: Assessing the Scope of theNetwork Design Process

 Application—Designing voice transport

Network—Designing routing, addressing

Physical, data link—Choosing connectiontype

. 1-8

Structured Design Principles

. 1-9

8/18/2019 Ccda Aula 01

26/40

Network Design Tools

. 1

Planning an Implementation

If a design is composed of multiple complex components:

- Implement each component separately; do not implementeverything at once.

Incremental implementation:

- Reduces troubleshooting in case of failure

- Reduces time needed to revert to previous statein case of failure

. 2

8/18/2019 Ccda Aula 01

27/40

Major Implementation Components

Each step should contain the following information:

Description

Reference to design sections

Detailed implementation guidelines

Detailed roll-back guidelines in case of failure

Estimated time for implementation

. 3

Example: Summary Implementation Plan

Date, Time DescriptionImplementationDetails

Complete

Phase 3 04/02/2007 Install c ampus hardware Section 6 .2.3  

Step 1 Connect switches Section 6.2.3.1  

Step 2 Install routers Section 6.2.3.2  

Step 3 Complete cabling Section 6.2.3.3  

Step 4 Verify data link layer Section 6.2.3.4  

Phase 4 04/03/2007 Configure campus hardware Section 6.2.4

Step 1 Configure VLANs Section 6.2.4.1

Step 2 Configure IP addressing Section 6.2.4.2

Step 3 Configure routing Section 6.2.4.3

Step 4

Phase 5 04/05/2007

Step 1

Verify connectivity

Launch campus updates intoproductionComplete connections toexisting network

Section 6.2.4.4

Section 6.2.5

Section 6.2.5.1

Step 2 Verify connectivity Section 6.2.5.2

. 4

8/18/2019 Ccda Aula 01

28/40

Example: Detailed Implementation Plan

Section 6.2.7.3, “Configure routing protocols in the WANnetwork module”:

Number of routers involved is 50.

Use template from section 4.3.1, “EIGRP details.”

Per router configuration:

- Use passive-interface command on all nonbackbone LANs.(See section 4.2.3, “EIGRP details.”)

- Use summarization according to the design. (See section 4.2.3,“EIGRP details,” and section 4.2.2, “Addressing details.”)

Estimated time is 10 minutes per router.

Roll-back procedure is not required.

. 5

Pilot vs. Prototype Networks

The pilot or prototype network is used as proof of conceptfor the design:

- A pilot network tests and verifies the design before thenetwork is launched.

- A prototype network tests and verifies a redesign in anisolated network before it is applied to the existing network.

Results:

- Success

- Failure

. 6

8/18/2019 Ccda Aula 01

29/40

Example: Prototype Network

. 7

Detailed Structure of a Design Document

. 8

8/18/2019 Ccda Aula 01

30/40

Summary

Designing an enterprise network is a complex project.Top-down design facilitates the process by dividing it into smaller,more manageable steps.

Decision tables facilitate the selection of the most appropriateoption from many possibilities.

In assessing the scope of a network design, determine whetherthe design is for a new network or is a modification of the entirenetwork, a single segment or module, a set of LANs, a WAN,or a remote-access network.

The output of the design should be a model of the completesystem. To achieve this, the top-down approach is highlyrecommended.

. 9

Summary (Cont.)

When the design is complete, you are ready to document theimplementation and migration in as much detail as possible.

 After a design is complete, you should verify it. You can testthe design in an existing or live network (pi lot) or in a prototypenetwork that will not affect the existing network.

 A design document lists the design requirements, documents

the existing network, documents the network design, identifiesthe proof-of-concept strategy, and details an implementation plan.

. 0

8/18/2019 Ccda Aula 01

31/40

 Aula 01 - Cap. 02Network StructureModels

Structuring and Modularizing the Network

. 2-1

Layers in the Hierarchical Model

. 2-2

8/18/2019 Ccda Aula 01

32/40

Example: Hierarchical Network

. 2-3

 Access Layer 

Concentration point at which clients access the network

Layer 2 switching in the access layer: Defines a single broadcastdomain

Multilayer switching in the campus access layer: Optimallysatisfies the needs of a particular user through routing, filtering,authentication, security, or quality of service

Multilayer switching in the WAN access layer: Helps control WANcosts using dial-on-demand routing (DDR) and static routing

. 2-4

8/18/2019 Ccda Aula 01

33/40

Example: Access Layer Connectivity inthe Campus LAN

Workstations are attached to VLANs with Layer 2 switches.

Recommended practice: Implement one VLAN (IP subnet) per access switch.

 Access switches connect Layer 3 links (if only one VLAN per access switch)or via VLAN trunk.

If needed, distribution routers route between VLANs.

. 2-5

Distribution Layer 

Provides multilayer switching between access and core layers: Provides media transitions

 Aggregates bandwidth by concentrating multiple low-speed access links into ahigh-speed core link

Determines department or workgroup access

Provides redundant connections for access devices

Implements policy-based decisions: Filtering by source or destination address

Filtering on input or output ports

Hiding internal network numbers by route filtering

Static routing

Security

Quality of service mechanisms

. 2-6

8/18/2019 Ccda Aula 01

34/40

Example: Distribution Layer in theRouted Campus Network

. 2-7

Core Layer 

The function of the core layer is to provide fast andefficent data transport that:

Forms a high-speed backbone with fast transport services

Provides redundancy and fault tolerance

Offers good manageability

Note: Core layer should avoid packet manipulationfor filtering or access list checking.

. 2-8

8/18/2019 Ccda Aula 01

35/40

Example: Multilayer Switching in theCampus Core

. 2-9

Example: Routing in the WAN Network

. 2-10

8/18/2019 Ccda Aula 01

36/40

8/18/2019 Ccda Aula 01

37/40

Cisco Enterprise Architecture

. 2-4

Example: Dividing the Network into Areas

. 2-5

8/18/2019 Ccda Aula 01

38/40

Enterprise Campus InfrastructureModule

. 2-6

Enterprise Edge Modules

. 2-11

8/18/2019 Ccda Aula 01

39/40

Enterprise Edge Guidelines

1. Determine the connectivity needed to the Internet.

2. Create the e-commerce module ID needed.

3. Design the remote access and VPN module if needed.

4. Design the WAN module to support connections to remoteenterprise locations if needed.

. 2-16

Summary

The enterprise campus infrastructure module includes thecampus infrastructure module and the server farm module.

The enterprise edge modules include the e-commerce module,the Internet connectivity module, the remote access and VPNmodule, and the WAN and MAN and site-to-site modules.

The remote enterprise modules include the remote branches,data centers, and teleworkers.

. 2-22

8/18/2019 Ccda Aula 01

40/40

. 2-23