Your SlideShare is downloading. ×
0
Albert Garcia, SE  [email_address] Ken Constantino, AM  [email_address] Cisco Systems May 21, 2002  (Edited October 2002) ...
Contents <ul><li>Cisco CE Gear Recommendations </li></ul><ul><li>Cisco Router Configuration requirements </li></ul><ul><ul...
Device Options - Revised <ul><li>Customer Edge Devices (CE) - 2651, 3662, 7206VXR (NPE400 & NSE1) </li></ul><ul><ul><li>IP...
NJEDge Recommended Basic Connectivity  Firewall H.323 GK QoS & Multicast-capable  Switched LAN Infrastructure Customer Edg...
Sample Cisco Configurations Router Gatekeeper Firewall Caching VPN DS-1 1.5Mbps fDS-3  10-20Mbps DS-3 45Mbps Intrusion Det...
BGP Configuration Main Campus NJ Edge Member Edge Router <ul><ul><li>Member Edge Router </li></ul></ul><ul><ul><li>ROUTER ...
QOS Configuration Main Campus NJ Edge Member Edge Router <ul><ul><li>QOS Classification </li></ul></ul><ul><ul><li>0 – Bes...
QOS Configuration Continue Main Campus NJ Edge Member Edge Router <ul><ul><li>Mark Traffic & Set Limits </li></ul></ul><ul...
Summary <ul><li>Reference Documents: BGP </li></ul><ul><li>http://www.cisco.com/warp/public/459/bgp-toc.html </li></ul><ul...
© 2002, Cisco Systems, Inc. All rights reserved.
Upcoming SlideShare
Loading in...5
×

IP/VPN-CE Recommendations

244

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
244
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "IP/VPN-CE Recommendations"

  1. 1. Albert Garcia, SE [email_address] Ken Constantino, AM [email_address] Cisco Systems May 21, 2002 (Edited October 2002) NJEDge.Net Update
  2. 2. Contents <ul><li>Cisco CE Gear Recommendations </li></ul><ul><li>Cisco Router Configuration requirements </li></ul><ul><ul><ul><ul><li>BGP Configuration </li></ul></ul></ul></ul><ul><ul><ul><ul><li>QOS Configuration </li></ul></ul></ul></ul><ul><li>Late Night Reading </li></ul>
  3. 3. Device Options - Revised <ul><li>Customer Edge Devices (CE) - 2651, 3662, 7206VXR (NPE400 & NSE1) </li></ul><ul><ul><li>IP Software only </li></ul></ul><ul><ul><li>MAX Memory (DRAM and Flash) </li></ul></ul><ul><ul><li>Redundant Power Supplies (where available) </li></ul></ul><ul><li>Separate Cisco IOS H.323 Gatekeeper positioned behind Firewall </li></ul><ul><ul><li>Security – Protects Gatekeeper from Internet & NJEDge Members </li></ul></ul><ul><ul><li>Performance – Isolates functionality of Internet Router and Call Admission Control and Scheduling </li></ul></ul>
  4. 4. NJEDge Recommended Basic Connectivity Firewall H.323 GK QoS & Multicast-capable Switched LAN Infrastructure Customer Edge Device (CE) NJEdge Net H.323
  5. 5. Sample Cisco Configurations Router Gatekeeper Firewall Caching VPN DS-1 1.5Mbps fDS-3 10-20Mbps DS-3 45Mbps Intrusion Detection OC-3 155Mbps 2651 $15K 3662 $23K PIX525 $18-25K CE507 $6K 3015 $12K 4210 $8K 3621 $30K 7206 $32K 7206VXR $37K 7206 $41K 2651 $12K 3621 $22K 3662 $22K 7206 $29K 7206 $29K PIX525 $18-25K PIX525 $18-25K PIX535 $62-82K CE560 $12K CE590 $25-37K 3030 $22K 3030 $22K 3060 $40K 4210 $8K 4230 $19K 4230 $19K Note: List Prices Shown 2651 $12K CE7320 $90-114K
  6. 6. BGP Configuration Main Campus NJ Edge Member Edge Router <ul><ul><li>Member Edge Router </li></ul></ul><ul><ul><li>ROUTER BGP 65201 </li></ul></ul><ul><ul><li>NETWORK 130.219.0.0 MASK 255.255.0.0 </li></ul></ul><ul><ul><li>NEIGHBOR 10.1.1.2 REMOTE-AS 19262 </li></ul></ul><ul><ul><li>NEIGHBOR 10.1.1.2 PREFIX-LIST ADVERTISE-OUT OUT </li></ul></ul><ul><ul><li>IP PREFIX-LIST ADVERTISE-OUT PERMIT 130.219.0.0/16 </li></ul></ul><ul><ul><li>IP ROUTE 0.0.0.0 0.0.0.0 141.11.56.1 </li></ul></ul><ul><ul><li>IP ROUTE 130.219.0.0 255.255.0.0 <Firewall IP Address> </li></ul></ul><ul><ul><li>Main Campus Router </li></ul></ul><ul><ul><li>ROUTER EIGRP 1 (OR OSPF, RIP, ETC) </li></ul></ul><ul><ul><li>REDISTRIBUTE STATIC </li></ul></ul><ul><ul><li>DEFAULT-METRIC 1544 1 255 1 1500 (JUST FOR EIGRP) </li></ul></ul><ul><ul><li>IP ROUTE 0.0.0.0 0.0.0.0 <Firewall IP Address> </li></ul></ul>Firewall Gatekeeper <ul><ul><li>STATIC ROUTE TO INTERNET (NO BGP) </li></ul></ul><ul><ul><li>RECEIVE NJ EDGE MEMBER ROUTES </li></ul></ul><ul><ul><li>ASSUME ONE INTERNET PVC AND ONE NJ EDGE PVC </li></ul></ul>
  7. 7. QOS Configuration Main Campus NJ Edge Member Edge Router <ul><ul><li>QOS Classification </li></ul></ul><ul><ul><li>0 – Best Effort </li></ul></ul><ul><ul><li>1 – Priority Data </li></ul></ul><ul><ul><li>4 – Real-time Video </li></ul></ul><ul><ul><li>5 – Real-time Voice </li></ul></ul><ul><ul><li>Identify Traffic </li></ul></ul><ul><ul><li>Class-map REAL-TIME-VIDEO </li></ul></ul><ul><ul><li>match access-group 101 </li></ul></ul><ul><ul><li>access-list 101 permit udp 192.168.1.1 any </li></ul></ul><ul><ul><li>access-list 101 permit tcp 192.168.1.1 any range 1720 1731 </li></ul></ul>Firewall Gatekeeper <ul><ul><li>ASSUMING NO OTHER QOS IN CAMPUS </li></ul></ul><ul><ul><li>MARKING PACKETS </li></ul></ul><ul><ul><li>RATE-LIMITING MARKING </li></ul></ul><ul><ul><li>ONLY PRIORITIZE 75% OF CIRCUIT </li></ul></ul>
  8. 8. QOS Configuration Continue Main Campus NJ Edge Member Edge Router <ul><ul><li>Mark Traffic & Set Limits </li></ul></ul><ul><ul><li>policy-map NJ-EDGE </li></ul></ul><ul><ul><li>class REAL-TIME-VIDEO </li></ul></ul><ul><ul><li>priority percent 75 </li></ul></ul><ul><ul><li>set ip precedence 4 </li></ul></ul><ul><ul><li>class class-default </li></ul></ul><ul><ul><li>set ip precedence 0 </li></ul></ul><ul><ul><li>Apply to Interface </li></ul></ul><ul><ul><li>Interface atm1/0.1 point-to-point </li></ul></ul><ul><ul><li>description “NJ Edge IP-VPN” </li></ul></ul><ul><ul><li>ip address 10.1.1.1 255.255.255.252 </li></ul></ul><ul><ul><li>pvc 8/101 </li></ul></ul><ul><ul><li>vbr-nrt 1544 1544 100 </li></ul></ul><ul><ul><li>service-policy output NJ-EDGE </li></ul></ul>Firewall Gatekeeper
  9. 9. Summary <ul><li>Reference Documents: BGP </li></ul><ul><li>http://www.cisco.com/warp/public/459/bgp-toc.html </li></ul><ul><li>http://www.cisco.com/warp/public/459/18.html </li></ul><ul><li>QOS </li></ul><ul><li>http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt2/qcfwfq.htm#xtocid9 </li></ul><ul><li>http://www.cisco.com/warp/public/105/video-qos.html </li></ul>
  10. 10. © 2002, Cisco Systems, Inc. All rights reserved.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×