E s switch_v6_ch01

502 views

Published on

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
502
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
26
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • Cisco Networking Academy Program CCNP SWITCH: Implementing IP Switching Chapter 1: Analyzing The Cisco Enterprise Campus Architecture
  • Chapter 1 Objectives
  • The core interconnects the campus access, the data center, and WAN portions of the network. The campus is the portion of the computing infrastructure that provides access to network communication services and resources to end users and devices spread over a single geographic location. The data center is a facility used to house computing systems and associated components. The branch/WAN portion of the enterprise network contains the routers, switches, and so on to interconnect a main office to branch offices or other main offices Internet Edge is the portion of the enterprise network that encompasses the routers, switches, firewalls, and network devices that interconnect the enterprise network to the Internet. The Internet Edge includes technology necessary to connect telecommuters from the Internet to services in the enterprise.
  • HIPAA ensures that an integrated security infrastructure keeps medical information safe: www.hipaa.com. Sarbanes-Oxley Act specifies legal standards for maintaining the integrity of financial data, and requires public companies to have multiple redundant data centers with synchronous, real-time copies of financial data: www.sarbanes-oxley.com. SEC primary rule 17a-4 allows broker-dealers to store records electronically, including electronic communications and messaging such as email and instant messages: www.sec.gov.
  • Layer 4 switching enables load balancing based on Layer 4 port number Layer 7 switching uses Network-Based Application Recognition (NBAR) to permit or deny traffic based on data passed by an application
  • 6500 Scalable modular switch up to 13 slots Supports up to 16 10-Gigabit Ethernet interfaces per slot in an over-subscription model Up to 80 Gbps of bandwidth per slot in current generation hardware Supports Cisco IOS with a plethora of Layer 2 and Layer 3 switching features Optionally supports up to Layer 7 features with specialized modules Integrated redundant and high-available power supplies, fans, and supervisor engi­neers Supports Layer 3 Non-Stop Forwarding (NSF) whereby routing peers are maintained during a supervisor switchover. Backward capability and investment protection have lead to a long life cycle 4500 Scalable module switch with up to 10 slots Supports multiple 10 Gigabit Ethernet interfaces per slot Supports Cisco IOS Supports both Layer 2 switching and Layer 3 switching Optionally supports integrated redundant and high-available power supplies and supervisor engines 4948G, 3750, and 3560 Available in a variety of fixed port configurations with up to 48 1-Gbps access layer ports and 4 10-Gigabit Ethernet interfaces for uplinks to distribution layer Supports Cisco IOS Supports both Layer 2 and Layer 3 switching   Not architected with redundant hardware 2000 Available in a variety of fixed port configurations with up to 48 1-Gbps access layer ports and multiple 10-Gigabit Ethernet uplinks Supports Cisco IOS Supports only Layer 2 switching   Not architected with redundant hardware Nexus 7000 Modular switch with up to 18 slots Supports up to 230 Gbps per slot Supports Nexus OS (NX-OS) 10-slot chassis is built on front-to-back airflow   Supports redundant supervisor engines, fans, and power supplies Nexus 5000 and 2000 Low-latency switches designed for deployment in the access layer of the data center. Nexus 5000 switches are designed for 10-Gigabit Ethernet applications and also support Fibre Channel over Ethernet (FCOE)
  • ASICs do have memory limitations, depending on the platform.
  • Network bandwidth used to be costly, but today it is cost-effective compared to the application requirements. Switch delay is insignificant for most client/server applications with high-performance Layer 3 switches, locating the servers centrally rather than in the workgroup is technically feasible and reduces support costs. Low latency is extremely important to financial and market data applications–Nexus 7000 family switches are ideal for this For example, traders need access to trading applications anytime with good response times to be competitive with other traders. The ideal is to place servers in a common server farm in a data center. Use of server farms in data centers requires a network infrastructure that is highly resilient and redundant and that provides adequate throughput. Typically, high-end LAN switches with the fastest LAN technologies, such as 10 Gigabit Ethernet, are deployed. For Cisco switches, the current trend is to deploy Nexus switches while the campus deploys Catalyst switches. The use of the Catalyst switches in the campus and Nexus in the data center is a market transition from earlier models that used Catalyst switches throughout the enterprise. Nexus switches do not run the traditional Cisco IOS found on Cisco routers and switches. Instead they run Nexus OS (NX-OS) which was derived from the SAN-OS found on the Cisco MDS SAN platform. Nexus switches have a higher cost than Catalyst switches and do not support telephony, inline power, firewall, or load-balancing services. However, Nexus switches do support higher throughput, lower latency, high-availability, and high-density 10-Gigabit Ethernet suited for data center environments.
  • SONA embeds application-level intelligence into the network infrastructure elements so that the network can recognize and better sup­port applications and services. Benefits: Convergence, virtualization, intelligence, security, and integration in all areas of the network infrastructure Cost savings Increased productivity Faster deployment of new services and applications Enhanced business processes SONA is strictly a model to guide network designs. When designing the campus portion of the enterprise network, you need to understand SONA only from a high level as most of the focus of the campus design is centered on features and functions of Cisco switching.
  • Without a core layer, the distribution layer switches need to be fully meshed. This design is difficult to scale and increases the cabling requirements because each new building distribution switch needs full-mesh connectivity to all the distribution switches. As a recommended practice, deploy a dedicated campus core layer to connect three or more physical segments or four or more pairs of building distribution switches in a large campus. Core layer constituents and functions depend on the size and type of the network. Not all campus implementations require a campus core. Optionally, campus designs can combine the core and distribution layer functions at the distribu­tion layer for a smaller topology.
  • Data center design as part of the enterprise network is based on a layered approach to improve scalability, performance, flexibility, resiliency, and maintenance. Multitier HTTP-based applications supporting web, application, and database tiers of servers dominate the multitier data center model. The access layer network infrastructure can support both Layer 2 and Layer 3 topologies, and Layer 2 adjacency requirements fulfilling the various server broadcast domain or administrative requirements. Layer 2 in the access layer is more prevalent in the data center because some applications support low latency via Layer 2 domains. Most servers in the data center consist of single and dual attached one rack unit (RU) servers, blade servers with integrated switches, blade servers with pass-through cabling, clustered servers, and mainframes with a mix of oversubscription requirements. Multiple aggregation modules in the aggregation layer support connectivity scaling from the access layer. The aggregation layer supports integrated service modules providing services such as security, load balancing, content switching, firewall, SSL offload, intrusion detection, and network analysis.
  • PPDIOO ciclo de vida del enfoque del diseño e implementación de redes
  • Prepare: Involves establishing the organizational requirements, developing a network strategy, and proposing a high-level conceptual architecture identifying technologies that can best support the architecture. The prepare phase can establish a financial justification for network strategy by assessing the business case for the proposed architecture. Plan: Involves identifying initial network requirements based on goals, facilities, user needs, and so on. The plan phase involves characterizing sites and assessing any existing networks and performing a gap analysis to determine whether the existing system infrastructure, sites, and the operational environment can support the proposed system. A project plan is useful for helping manage the tasks, responsibilities, critical milestones, and resources required to implement changes to the network. The project plan should align with the scope, cost, and resource parameters established in the original business requirements. Design: The initial requirements that were derived in the planning phase drive the activities of the network design specialists. The network design specification is a comprehensive detailed design that meets current business and technical requirements, and incorporates specifications to support availability, reliability, security, scalability, and performance. The design specification is the basis for the implementation activities. Implement: The network is built or additional components are incorporated according to the design specifications, with the goal of integrating devices without disrupting the existing network or creating points of vulnerability. Operate: Operation is the final test of the appropriateness of the design. The operational phase involves maintaining network health through day-to-day operations, including maintaining high availability and reducing expenses. The fault detection, correction, and performance monitoring that occur in daily operations provide the ini­tial data for the optimization phase. Optimize: Involves proactive management of the network. The goal of proactive management is to identify and resolve issues before they affect the organization. Reactive fault detection and correction (troubleshooting) is needed when proactive management cannot predict and mitigate failures. In the PPDIOO process, the optimization phase can prompt a network redesign if too many network problems and errors arise, if performance does not meet expectations, or if new applications are identified to support organizational and technical requirements.
  • Características ciclo de vida
  • Also, a rollback plan shall be identified for each step of the implementation phase in case its deployment fails or unforeseen problems arise.
  • E s switch_v6_ch01

    1. 1. Chapter 1: Analyzing The Cisco Enterprise Campus Architecture CCNP SWITCH: Implementing IP SwitchingCourse v6 Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 1
    2. 2. Chapter 1 Objectives  Describe common campus design options and how design choices affect implementation and support of a campus LAN.  Describe the access, distribution, and core layers.  Describe small, medium, and large campus network designs.  Describe the prepare, plan, design, implement, operate, optimize (PPDIOO) methodology.  Describe the network lifecycle approach to campus design.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 2
    3. 3. Introduction toEnterpriseCampusNetwork Design Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 3
    4. 4. Enterprise Network  Core (Backbone)  Campus  Data Center  Branch  WAN  Internet EdgeChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 4
    5. 5. Regulatory Standards (U.S.)  There may be several legal regulations that have an impact on a network’s design.  US regulations on networks include: • Health Insurance Portability and Accountability Act (HIPAA) • Sarbanes-Oxley Act • “Records to Be Preserved by Certain Exchange Members, Brokers and Dealers”: Securities and Exchange Commission (SEC) Rule 17a-4Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 5
    6. 6. Campus Designs  Modular - easily supports growth and change. Scaling the network is eased by adding new modules in lieu of complete redesigns.  Resilient - proper high-availability (HA) characteristics result in near-100% uptime.  Flexible - change in business is a guarantee for any enterprise. These changes drive campus network requirements to adapt quickly.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 6
    7. 7. Multilayer Switches in Campus Networks  Hardware-based routing using Application-Specific Integrated Circuits (ASICs)  RIP, OSPF, and EIGRP are supported  Layer 3 switching speeds approximate that of Layer 2 switches  Layer 4 and Layer 7 switching supported on some switches  Future: Pure Layer 3 environment leveraging inexpensive L3 access layer switchesChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 7
    8. 8. Cisco Switches  Catalyst 6500 Family – used in campus, data center, and core as well as WAN and branch • Up to 13 slots and 16 10-Gigabit Ethernet interfaces • Redundant power supplies, fans, and supervisor engines • Runs Cisco IOS  Catalyst 4500 Family – used in distribution layer and in collapsed core environments • Up to 10 slots and several 10-Gigabit Ethernet interfaces • Runs Cisco IOS  Catalyst 3560 and 3750 Families – used in fixed-port scenarios at the access and distribution layers  Nexus 2000, 5000, and 7000 Families – NX-OS based modular data center switchesChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 8
    9. 9. Multilayer Switching Miscellany  ASIC-based (hardware)  Catalyst 6500 switches with switching is supported even a Supervisor Engine 720 and with QoS and ACLs, a Multilayer Switch Feature depending on the platform; Card (MSFC3) must 6500 switches support software-switch all packets hardware-based switching requiring Network Address with much larger ACLs than Translation. 3560 switches.  Unlike CPUs, ASICs scale in  ASICs on Catalyst switches switching architectures. work in tandem with ternary ASICs integrate onto content addressable memory individual line modules of (TCAM) and packet-matching Catalyst switches to algorithms for high-speed hardware-switch packets in a switching. distributed manner.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 9
    10. 10. Traffic Types  Network Management – BPDU, CDP, SNMP, RMON, SSH traffic (for example); low bandwidth  IP Telephony – Signaling traffic and encapsulated voice traffic; low bandwidth  IP Multicast – IP/TV and market data applications; intensive configuration requirements; very high bandwidth  Normal Data – File and print services, email, Internet browsing, database access, shared network applications; low to medium bandwidth  Scavenger Class – All traffic with protocols or patterns that exceed normal data flows; less than best-effort traffic, such as peer-to-peer traffic (instant messaging, file sharing, IP phone calls, video conferencing); medium to high bandwidthChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 10
    11. 11. Client-Server Applications  Mail servers  File servers  Database servers  Access to applications is fast, reliable, and secureChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 11
    12. 12. Client-Enterprise Edge Applications  Servers on the enterprise edge, exchanging data between an organization and its public servers  Examples: external mail servers, e-commerce servers, and public web servers  Security and high availability are paramountChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 12
    13. 13. Service-Oriented Network Architecture (SONA)  Application Layer – business and collaboration applications; meet business requirements leveraging interactive services layer.  Interactive Services Layer – enable efficient allocation of resources to applications and business processes through the networked infrastructure.  Networked Infrastructure Layer – where all IT resources interconnect.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 13
    14. 14. Borderless Networks  Enterprise architecture launched by Cisco in October 2009.  Model enables businesses to transcend borders, access resources anywhere, embrace business productivity, and lower business and IT costs.  Focuses more on growing enterprises into global companies.  Technical architecture based on three principles: • Decoupling hardware from software • Unifying computation, storage, and network • Policy throughout the unified system  Provides a platform for business innovation.  Serves as the foundation for rich-media communications.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 14
    15. 15. Enterprise Campus DesignChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 15
    16. 16. Building Access, Building Distribution, and Building Core Layers  Building Core Layer: high- speed campus backbone designed to switch packets as fast as possible; provides high availability and adapts quickly to changes.  Building Distribution Layer: aggregate wiring closets and use switches to segment workgroups and isolate network problems.  Building Access Layer: grant user access to network devices.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 16
    17. 17. Core Layer  Aggregates distribution layer switches.  Implements scalable protocols and technologies and load balancing.  High-speed layer 3 switching using 10-Gigabit Ethernet.  Uses redundant L3 links.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 17
    18. 18. Distribution Layer  High availability, fast path recovery, load balancing, QoS, and security  Route summarization and packet manipulation  Redistribution point between routing domains  Packet filtering and policy routing to implement policy-based connectivity  Terminate VLANs  First Hop Redundancy ProtocolChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 18
    19. 19. Access Layer  High availability – supported by many hardware and software features, such as redundant power supplies and First Hop Redundancy Protocols (FHRP).  Convergence – provides inline Power over Ethernet (PoE) to support IP telephony and wireless access points.  Security – includes port security, DHCP snooping, Dynamic ARP inspection, IP source guard.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 19
    20. 20. Small Campus Network  <200 end devices  Collapsed core  Catalyst 3560 and 2960G switches for access layer(Distribución)  Cisco 1900 and 2900 routers to interconnect branch/WAN (Acceso)Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 20
    21. 21. Medium Campus Network  200-1000 end devices  Redundant multilayer switches at distribution layer  Catalyst 4500 or 6500 switches (aces layer)Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 21
    22. 22. Large Campus Network  >2000 end users  Stricter adherence to core, distribution, access delineation  Catalyst 6500 switches in core and distribution layers  Nexus 7000 switches in data centers  Division of labor amongst network engineersChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 22
    23. 23. Data Center Infrastructure  Core layer – high-speed packet switching backplane  Aggregation layer – service module integration, default gateway redundancy, security, load balancing, content switching, firewall, SSL offload, intrusion detection, network analysis  Access layer – connects servers to networkChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 23
    24. 24. PPDIOO Lifecycle Approach to Network Design and ImplementationChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 24
    25. 25. PPDIOO Phases  Prepare – establish organizational requirements.  Plan – identify initial network requirements.  Design – comprehensive, based on planning outcomes.  Implement – build network according to design.  Operate – maintain network health.  Optimize – proactive management of network.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 25
    26. 26. Lifecycle Approach  Lowering the total cost of  Developing a sound network ownership network design aligned with technical  Increasing network requirements and business availability goals  Improving business agility  Accelerating successful  Speeding access to implementation applications and services  Improving the efficiency of  Identifying and validating your network and of the staff supporting it technology requirements  Reducing operating  Planning for infrastructure expenses by improving the changes and resource efficiency of operational requirements processes and toolsChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 26
    27. 27. Lifecycle Approach (1)  Benefits: • Lowering the total cost of network ownership • Increasing network availability • Improving business agility • Speeding access to applications and services  Lower costs: • Identify and validate technology requirements • Plan for infrastructure changes and resource requirements • Develop a sound network design aligned with technical requirements and business goals • Accelerate successful implementation • Improve the efficiency of your network and of the staff supporting it • Reduce operating expenses by improving the efficiency of operational processes and toolsChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 27
    28. 28. Lifecycle Approach (2)  Improve high availability: • Assessing the network’s security state and its capability to support the proposed de-sign • Specifying the correct set of hardware and software releases, and keeping them opera-tional and current • Producing a sound operations design and validating network operations • Staging and testing the proposed system before deployment • Improving staff skills • Proactively monitoring the system and assessing availability trends and alerts  Gain business agility: • Establishing business requirements and technology strategies • Readying sites to support the system that you want to implement • Integrating technical requirements and business goals into a detailed design and demonstrating • that the network is functioning as specified • Expertly installing, configuring, and integrating system components • Continually enhancing performance  Accelerate access to network applications and services: • Assessing and improving operational preparedness to support current and planned network technologies and services • Improving service-delivery efficiency and effectiveness by increasing availability, resource capacity, and performance • Improving the availability, reliability, and stability of the network and the applications running on it • Managing and resolving problems affecting your system and keeping software applications currentChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 28
    29. 29. Planning a Network Implementation  Implementation Components: • Description of the step • Reference to design documents • Detailed implementation guidelines • Detailed roll-back guidelines in case of failure • Estimated time needed for implementation  Summary Implementation Plan – overview of implementation plan  Detailed Implementation Plan – describes exact steps necessary to complete the implementation phase, including steps to verify and check the work of the network engineers implementing the planChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 29
    30. 30. Chapter 1 Summary  Evolutionary changes are occurring within the campus network.  Evolution requires careful planning and deployments based on hierarchical designs.  As the network evolves, new capabilities are added, usually driven by application data flows.  Implementing the increasingly complex set of business- driven capabilities and services in the campus architecture is challenging if done in a piecemeal fashion.  Any successful architecture must be based on a foundation of solid design theory and principles. The adoption of an integrated approach based on solid systems design principles is a key to success.Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 30
    31. 31. Chapter 1 Labs  Lab 1-1 Clearing a Switch  Lab 1-2 Clearing a Switch Connected to a Larger NetworkChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 31
    32. 32. Resources  www.cisco.com/en/US/productsChapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 32
    33. 33. Chapter # © 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 33

    ×