02/07/2012

Designing for Cisco

Internetwork Solutions
(DESGN) v2.1

Aula 01 Cap 01
Identificando
Requerimentos de
Design

Metodologia para concepo de redes

02/07/2012

Abordagem Cisco PPDIOO

Benefcios da abordagem PPDIOO

1-3

02/07/2012

Metodologia de design PPDIOO

Trs passos:
1. Identificar os requerimentos do cliente
2. Caracterizar a rede e sites existentes
3. Conceber as topologias e solues de rede

1-4

Identificando os requerimentos do cliente

1-5

02/07/2012

Exemplo: Identificando as aplicaes

Application

Criticality
(critical/important/
unimportant)

Microsoft Outlook

Important

Cisco Unified
MeetingPlace

Important

Microsoft Internet
Explorer, Opera,
Netscape

Important

Video on demand

IP/TV

Critical

Database

Oracle

Critical

Customer
applications

Critical

Application Type

E-mail

Groupware

Web browsing

Customer support

Comments

We need to be able to share

presentations and applications
during remote meetings.

All data storage will be based

on Oracle.

1-7

Exemplo: Identificando servios de infra

Service

Comments

Security

Deploy security systematically, including firewalls, intrusion detection

systems (IOSs), and access control lists (ACLs)

QoS

Give priority to delay-sensitive voice traffic and other important traffic

Network management

Use centralized management tools where appropriate and point

product management as required

High availability

Eliminate single points of failure and use redundant paths as needed

IP telephony

Want to migrate company from regular telephony

Mobility

Need client laptop guest access along with mobility of employee PCs

1-9

02/07/2012

Exemplo: Identificando objetivos

organizacionais
Organizational Goal

Gathered Data
(Existing Situation)

Comments

Increase competitiveness

Corporation Y, Corporation Z

Better products

Reduce costs

Reduce costs

Enter data multiple times;

time-consuming tasks

Single data-entry point

Easy-to-learn application

Simple data exchange

Improve customer support

Web-based order tracking

Order tracking and technical

Web-based customer
support supported by individuals
technical support tools

Add new customer services

Telephone and fax orders;

telephone and fax confirmation

Secure web-based ordering

Secure web-based
confirmations

Exemplo: Avaliando restries

organizacionais

Organizational Constraint

Gathered Data
(Existing Situation)

Comments

Budget

$650,000

Budget can be extended by

maximum $78,000

Personnel

Engineers with Cisco CCNA

certificates and Cisco CCNP
certificates

Plans to hire new engineers in

the network department; need
technical development plan

Policy

Prefers single vendor and

standardized protocols

Current equipmentCisco;
prefers to stay with it

Scheduling

Plans to introduce new

applications in the next nine
months

New applications include

video conferencing, groupware,
and IP telephony

02/07/2012

Exemplo: Identificando objetivos tcnicos

Technical Goals

Importance

Comments

Performance

20

Important of the central site, less important in branch

offices

Availability

25

Should be 99.9 percent

Manageability

Security

15

Adaptability

10

Scalability

25

Total

100

Security for critical data transactions is extremely

important

Scalability is critical

Exemplo: Identificando restries tcnicas

Technical Constraints

Gathered Data

Comments

Existing wiring

Coaxial cabling

Replace existing coaxial

cabling. Use twisted-pair to
desktop and fiber optics for
uplinks and in the backbone.

Bandwidth availability

64-kbps WAN links

Upgrade speeds; consider

another service provider with
additional services to offer.

Application compatibility

IPv6 based applications

Make sure new network

equipment supports IPv6.

02/07/2012

Resumo

The PPDIOO approach reflects the life cycle phases of a standard
network.

The design methodology under PPDIOO includes these
processes:
- Identifying customer requirements
- Characterizing the existing network and sites
- Designing the network topology and solutions

Key steps in identifying customer requirements include these:
- Identifying network applications and services
- Defining organizational goals and constraints
- Defining technical goals and constraints

Characterizing the
Existing Network
and Sites

Applying a Methodology to Network Design

02/07/2012

Characterizing the Existing Network

and Sites

Gather documentation and query the organization.

Perform a site and network assessment to help detail the network.

Consider performing traffic analysis on the existing network and
applications.

Identifying Major Features of the Network

Collect the information about the planned and existing network
infrastructure:
- Site contact information
- Network topology such as network devices, physical and
logical links, external connections, encapsulations,
bandwidths, IP addressing, routing protocols
- Network services such as security, QoS, high availability,
IP telephony, storage, and wireless
- Network applications such as unified communications and
video delivery

Collect the information about expected network functionality.

Identify network modules based on the given information.

1-3

02/07/2012

Sample Site Contact Questions

What is the site location or name?

What is the site address?

What is the shipping address?

Who is the site contact?

Is this site owned and maintained by the customer?

Is this a staffed site?

What are the hours of operation?

What are the building or room access procedures?

Are there any special security or safety procedures?

Are there any union or labor requirements or procedures?

What are the locations of the equipment cabinets and racks?
.

1-4

Example: Customer Network Diagram

1-5

02/07/2012

Network Assessment Information

Sources

1-6

Example: Network Assessment

1-7

10

02/07/2012

Network Assessment Tools

Manual assessment:
- Use monitoring commands on network devices on small networks.
- Use scripting tools to collect information on large networks.

Use existing management and auditing tools:
- CiscoWorks
- Third-party tools such as WhatsUp Gold, Castle Rock SNMPc,
open source Cacti, Netcordia NetMRI, and NetQoS NetVoyant

Use other tools to collect relevant information for the network devices:
- Third-party tools such as Network General Sniffer, AirMagnet
software and devices, and WildPackets AiroPeek

1-8

Commands for Manual Information

Collection

1-9

11

02/07/2012

Example: Manual Information

CollectionRouter CPU Utilization

Example: Manual Information

CollectionRouter Memory Utilization

12

02/07/2012

Example: Automatic Information

CollectionCacti Device List

Example: Automatic Information

CollectionNetMRI Inventory

13

02/07/2012

Network Traffic Analysis

Use organizational input to identify the applications used in the
existing network and their relative importance.

Perform a traffic analysis to reveal additional applications used in
the network.

Use the results and organizational input to define QoS and
security-related requirements for discovered applications.

Steps in Analyzing Network Traffic

14

02/07/2012

Example: Traffic Analysis

Application No. 8:

Description:

Accounting software

Protocol:

TCP port 5151

Servers:

Clients:

50

Scope:

Campus

Importance:

High

Average rate:
Mbps

50 kbps with 10-second bursts to 1

Network Analysis Tools

Cisco IOS Software analysis capabilities:
- NBAR
- NetFlow

Cisco software-based network analyzers:
- Cisco CNS NetFlow Collection Engine

Third-party tools, such as:
- Open source Cacti
- Network General Sniffer
- WildPackets EtherPeek and AiroPeek
- SolarWinds Orion
- Wireshark
- RMON probes
.

15

02/07/2012

Example: NBAR Printout

Example: Cisco IOS NetFlow Printout

16

02/07/2012

Example: Cacti Graph

Example: Solarwinds Orion

17

02/07/2012

Summary Report
Characterization of the existing network results in a
summary report that is used to:

Describe the software features required in the network

Describe possible problems in the existing network

Identify the actions needed to prepare the network for the
implementation of the required features

Influence the customer requirements

Example: Equipment Summary Report

The network uses 895 routers:

655 routers use Cisco IOS Software Release 12.2(10).

240 routers use an older Cisco IOS Software version.

18

02/07/2012

Example: Summary Report

Problem Statement

Requirement: Queuing in the WAN

Identified problem:
- Existing Cisco IOS Software version does not support new
queuing technologies.
- 15 out of 19 routers with older Cisco IOS Software are in the
WAN.
- 12 out of 15 routers do not have enough memory to upgrade to
Cisco IOS Software Release 12.3 or later.
- 5 out of 15 routers do not have enough flash memory to
upgrade to Cisco IOS Software Release 12.3 or later.

Example: Summary Report

Recommendations

Recommended action:
- 12 memory upgrades to 64 MB
- 5 flash memory upgrades to 16 MB

Options:
- Replace hardware and software to support queuing.
- Find an alternative mechanism for that part of the network.
- Find an alternative mechanism and use it instead of queuing.
- Evaluate the consequences of not implementing the required
feature in that part of the network.

19

02/07/2012

Documenting an Existing Network

Network Characterization Hour

Estimates
Small Network

Medium Network

Large Network

Huge Network

1-20
Switches/Routers

20-200
Switches/Routers

200-800
Switches/Routers

>800
Switches/Routers

a) Interview management team

12

12

16

b) Interview network team

12

24

16
24

c) Review documentation

12

16

16

d) Set up network discovery tool

16

16

e) Resolve SNMP access and similar problems

16

16

48

80

160

f) Allow tools to gather data

g) Analyze captured data

16

16

24

24

40

40

h) Prepare high level Layer 3 diagrams

16

16

32

16

16

32

32

48

48

80

80

i) Prepare report stating conclusions

j) Incrementally prepare network diagrams
Estimated manpower in hours

44-48

86-98

132-180

288-384

20

02/07/2012

Summary

Characterizing an existing network entails gathering as much
information about the network as possible. Organization input, a
network audit, and traffic analysis provide the key information that
you need.

Identifying major features of the network involves gathering
network documentation and querying the organization.

The auditing process adds detail to the initial network
documentation that you created from existing documentation and
customer input.

You can manually audit a small network, but you typically need
automated tools to audit a large network.

Traffic analysis verifies the set of applications and protocols used
in the network and determines the traffic patterns of the
applications.
.

Summary (Cont.)

Tools used for traffic analysis range from manual identification
of applications using Cisco IOS Software commands in
combination with NBAR or NetFlow to those where dedicated
software- or hardware-based analyzers capture live packets or
SNMP data.

The result of the network characterization is a summary report
describing the health of the network.

21

02/07/2012

Using the Top-Down

Approach to Network
Design

Applying a Methodology to Network Design

Top-Down Design Practices

Start your design here.

Design down the OSI model.

22

02/07/2012

Top-Down and Bottom-Up

Approach Comparison
Top-Down Approach

Benefits

Disadvantages

Bottom-Up Approach

Incorporates organizational
requirements

Allows a quick response

to a design request

Gives the big picture to

organization and designer

Facilitates design based

on previous experience

Incorporates organizational
requirements

Implements little or
no notion of actual
organizational requirements

May result in inappropriate
network design

1-3

Creating a Network Decision Table

Decide which network layer requires decisions.

Gather possible options for a given situation.

Create a table that includes possible options and
given requirements.

Match given requirements with specific properties of
given options.

Select the option with the most matches as the most
appropriate one.

1-5

23

02/07/2012

Example: Selecting a Routing Protocol

Options

Parameters

EIGRP

OSPF

BGP

Required
Network
Parameters

Size of Network
(Small/Medium/Large/Very Large)

Large

Large

Very Large

Large

Enterprise-Focused
(Yes/No)

Yes

Yes

No

Yes

Use of VLSM
(Yes/No)

Yes

Yes

Yes

Yes

Supports Cisco Routers

(Yes/No)

Yes

Yes

Yes

Yes

Good

Fair

Poor

Good

Network Support Staff Knowledge

(Good/Fair/Poor)

1-6

Assessing the Scope of the Network

Design Process
Scope of Design

Comments

Entire network

All branch office LANs upgraded to support Fast Ethernet technology

Campus
WAN

Redundant equipment and links

Addition of wireless client mobility
Solutions to overcome bottlenecks

1-7

24

02/07/2012

Example: Assessing the Scope of the

Network Design Process

ApplicationDesigning voice transport

NetworkDesigning routing, addressing

Physical, data linkChoosing connection
type

1-8

Structured Design Principles

1-9

25

02/07/2012

Network Design Tools

Planning an Implementation

If a design is composed of multiple complex components:
- Implement each component separately; do not implement
everything at once.

Incremental implementation:
- Reduces troubleshooting in case of failure
- Reduces time needed to revert to previous state
in case of failure

26

02/07/2012

Major Implementation Components

Each step should contain the following information:

Description

Reference to design sections

Detailed implementation guidelines

Detailed roll-back guidelines in case of failure

Estimated time for implementation

Example: Summary Implementation Plan

Phase 3

Description

Implementation
Details

04/02/2007

Complete

Install campus hardware

Section 6.2.3

Step 1

Connect switches

Section 6.2.3.1

Step 2

Install routers

Section 6.2.3.2

Step 3

Complete cabling

Section 6.2.3.3

Step 4

Verify data link layer

Section 6.2.3.4

Configure campus hardware

Configure VLANs

Section 6.2.4
Section 6.2.4.1

Step 2

Configure IP addressing

Section 6.2.4.2

Step 3
Step 4

Configure routing
Verify connectivity
Launch campus updates into
production
Complete connections to
existing network
Verify connectivity

Section 6.2.4.3
Section 6.2.4.4

Phase 4
Step 1

04/03/2007

Phase 5

04/05/2007

Step 1

Step 2

Date, Time

Section 6.2.5
Section 6.2.5.1
Section 6.2.5.2

27

02/07/2012

Example: Detailed Implementation Plan

Section 6.2.7.3, Configure routing protocols in the WAN
network module:

Number of routers involved is 50.

Use template from section 4.3.1, EIGRP details.

Per router configuration:
- Use passive-interface command on all nonbackbone LANs.
(See section 4.2.3, EIGRP details.)
- Use summarization according to the design. (See section 4.2.3,
EIGRP details, and section 4.2.2, Addressing details.)

Estimated time is 10 minutes per router.

Roll-back procedure is not required.

Pilot vs. Prototype Networks

The pilot or prototype network is used as proof of concept
for the design:
- A pilot network tests and verifies the design before the
network is launched.
- A prototype network tests and verifies a redesign in an
isolated network before it is applied to the existing network.

Results:
- Success
- Failure

28

02/07/2012

Example: Prototype Network

Detailed Structure of a Design Document

29

02/07/2012

Summary

Designing an enterprise network is a complex project.
Top-down design facilitates the process by dividing it into smaller,
more manageable steps.

Decision tables facilitate the selection of the most appropriate
option from many possibilities.

In assessing the scope of a network design, determine whether
the design is for a new network or is a modification of the entire
network, a single segment or module, a set of LANs, a WAN,
or a remote-access network.

The output of the design should be a model of the complete
system. To achieve this, the top-down approach is highly
recommended.

Summary (Cont.)

When the design is complete, you are ready to document the
implementation and migration in as much detail as possible.

After a design is complete, you should verify it. You can test
the design in an existing or live network (pilot) or in a prototype
network that will not affect the existing network.

A design document lists the design requirements, documents
the existing network, documents the network design, identifies
the proof-of-concept strategy, and details an implementation plan.

30

02/07/2012

Aula 01 - Cap. 02
Network Structure
Models

Structuring and Modularizing the Network

2-1

Layers in the Hierarchical Model

2-2

31

02/07/2012

Example: Hierarchical Network

2-3

Access Layer

Concentration point at which clients access the network

Layer 2 switching in the access layer: Defines a single broadcast
domain

Multilayer switching in the campus access layer: Optimally
satisfies the needs of a particular user through routing, filtering,
authentication, security, or quality of service

Multilayer switching in the WAN access layer: Helps control WAN
costs using dial-on-demand routing (DDR) and static routing

2-4

32

02/07/2012

Example: Access Layer Connectivity in

the Campus LAN

Workstations are attached to VLANs with Layer 2 switches.

Recommended practice: Implement one VLAN (IP subnet) per access switch.

Access switches connect Layer 3 links (if only one VLAN per access switch)
or via VLAN trunk.

If needed, distribution routers route between VLANs.
.

2-5

Distribution Layer
Provides multilayer switching between access and core layers:

Provides media transitions

Aggregates bandwidth by concentrating multiple low-speed access links into a
high-speed core link

Determines department or workgroup access

Provides redundant connections for access devices

Implements policy-based decisions:

Filtering by source or destination address

Filtering on input or output ports

Hiding internal network numbers by route filtering

Static routing

Security

Quality of service mechanisms

2-6

33

02/07/2012

Example: Distribution Layer in the

Routed Campus Network

2-7

Core Layer
The function of the core layer is to provide fast and
efficent data transport that:

Forms a high-speed backbone with fast transport services

Provides redundancy and fault tolerance

Offers good manageability

Note: Core layer should avoid packet manipulation

for filtering or access list checking.

2-8

34

02/07/2012

Example: Multilayer Switching in the

Campus Core

2-9

Example: Routing in the WAN Network

2-10

35

02/07/2012

Summary

The hierarchical network model provides a modular view of a
network, making it easier to design and build a network.

The purpose of the access layer is to grant end-user access to
network resources.

The distribution layer provides aggregation for the access layer
devices and uplinks to the core layer. It is also used to enforce
policy within the network.

The core layer provides a high-speed, highly available backbone
designed to switch packets as fast as possible.

2-11

Using a Modular
Approach in
Network Design

Structuring and Modularizing the Network

2-1

36

02/07/2012

Cisco Enterprise Architecture

2-4

Example: Dividing the Network into

Areas

2-5

37

02/07/2012

Enterprise Campus Infrastructure

Module

2-6

Enterprise Edge Modules

2-11

38

02/07/2012

Enterprise Edge Guidelines

1. Determine the connectivity needed to the Internet.
2. Create the e-commerce module ID needed.
3. Design the remote access and VPN module if needed.
4. Design the WAN module to support connections to remote
enterprise locations if needed.

2-16

Summary

The enterprise campus infrastructure module includes the
campus infrastructure module and the server farm module.

The enterprise edge modules include the e-commerce module,
the Internet connectivity module, the remote access and VPN
module, and the WAN and MAN and site-to-site modules.

The remote enterprise modules include the remote branches,
data centers, and teleworkers.

2-22

39

02/07/2012

2-23

40