SlideShare a Scribd company logo

ISP core routing project

Download as PPTX, PDF
vishal sharma
vishal sharma

ISP core Routing

Internet
1 of 32
By: Vishal Sharma Visit: www.ciscoz.com ISP CORE ROUTING 1 http://www.ciscoz.com/2014/04/isp-core-routing topology/
Introduction to Project  The WAN is the networking infrastructure that provides an IP-based interconnection between remote sites that are separated by large geographic distances.  This project was implemented in order to demonstrate how the company accesses its servers through internet.  By using sophisticated technology such as MultiProtocol Label Switching (MPLS), the issue of delays can be eliminated.  MPLS Layer 3 VPNs use a peer-to-peer VPN Model that leverages the Border gateway Protocol (BGP) to distribute VPN-related information. 2 http://www.ciscoz.com/2014/04/isp-core-routing-topology/
Layout of project http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 3
Features of the Project  MPLS Layer 3 VPN  IPv6 Network with IPv6 DNS server  Redundancy  Dynamic Routing Protocols  Linux Server  Security http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 4
MPLS Layer3 VPN  MPLS stands for Multi Protocol Label Switching.  It is a mechanism in high-performance telecommunications networks that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table.  The labels identify virtual paths between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols, like ATM, Frame Relay etc.  MPLS operates at a layer that is generally considered to lie between traditional definitions of layer 2 (data link layer) and layer 3 (network layer), and thus is often referred to as a "layer 2.5" protocol http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 5
 MPLS L3VPN is a kind of PE-based L3VPN technology for service provider VPN solutions. It uses BGP to advertise VPN routes and uses MPLS to forward VPN packets on service provider backbones.  MPLS-labeled packets are switched after a label lookup/switch instead of a lookup into the IP table. When MPLS was conceived, label lookup and label switching were faster than a routing table or RIB (Routing Information Base) lookup.  MPLS-based VPN connects geographically different branches of a private network to form a united network by using LSPs. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 6
Fundamental component of MPLS Network  Label Switching Router (LSR)  Label switched path (LSP)  Provider (P) router  Provider edge router (PE):  Customer edge device (CE)  Label Distribution Protocol (LDP) http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 7
 Label Switching Router :- Router that performs routing based only on the label is called a label switch router (LSR). This is a type of router located in the middle of a MPLS network. It is responsible for switching the labels used to route packets.  When an LSR receives a packet, it uses the label included in the packet header as an index to determine the next hop on the label-switched path (LSP) and a corresponding label for the packet from a lookup table.  The old label is then removed from the header and replaced with the new label before the packet is routed forward.  A label edge router (LER, also known as edge LSR) is a router that operates at the edge of an MPLS network and acts as the entry and exit points for the network. LERs respectively, push an MPLS label onto an incoming packet and pop it off the outgoing packet. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 8
 Provider router :- MPLS-based virtual private network (VPN), LERs that function as ingress and/or egress routers to the VPN are often called PE (Provider Edge) routers. Devices that function only as transit routers are similarly called P (Provider) routers.  Label Distribution Protocol :- Labels are distributed between LERs and LSRs using the Label Distribution Protocol (LDP). LSRs in an MPLS network regularly exchange label and reachability information with each other using standardized procedures in order to build a complete picture of the network they can then use to forward packets. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 9
Label Distribution Protocol (LDP) - Purpose Label distribution ensures that adjacent routers have a common view of FEC <-> label bindings Routing Table: Addr-prefix Next Hop 47.0.0.0/8 LSR2 LSR1 LSR2 LSR3 IP Packet 47.80.55.3 Routing Table: Addr-prefix Next Hop 47.0.0.0/8 LSR3 For 47.0.0.0/8 use label ‘17’ Label Information Base: Label-In FEC Label-Out 17 47.0.0.0/8 XX Label Information Base: Label-In FEC Label-Out XX 47.0.0.0/8 17 Step 1: LSR creates binding between FEC and label value Step 2: LSR communicates binding to adjacent LSR Step 3: LSR inserts label value into forwarding base Common understanding of which FEC the label is referring to! Label distribution can either piggyback on top of an existing routing protocol, or a dedicated label distribution protocol (LDP) can be created http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 10
IPv6 Network with IPv6 DNS server  IPv6 is the version of Internet Protocol.  IPv6 address is of 128 bits Communication of IPv6 with IPv4  IPv6 Tunnelling over IPv4 Network  Dual Stacking http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 11
IPv6 Tunnelling over IPv4 Network IPv6 Tunnel source _router IPv4_router IPv6 Tunnel Des_router IPv6 tunnelling is the one of the method to communicate IPv4 with IPv6 network. IPv6 Tunnel is made over 2 routers which are enabled with IPv6 addresses. IPv4_router is the network with IPv4 address enabled. There is no ipv6 address over this router. IPv6 tunnel is directly over this IPv4_router network. On both router IPv6 Tunnel source router and des router , a tunnel interface has been created on which IPv6 addresses have been given to communicate. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 12
Dual Stacking 2004::1/64 20.3.0.1 2004::2/64 20.3.0.3 2003::1/64 100.0.0.254 Server_router GLBP_router Linux Server Dual Stacking is the another method to communicate IPv4 to IPv6. In this method both IPv4 and IPv6 addresses are given on the same interface, by which when IPv6 packet is received by router then it transfer it using IPv6 address and when IPv4 then by IPv4 address. In this topology Linux server has IPv6 enabled and dual stacking by having IPv4 address. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 13
IPv6 DNS Server In this Project IPv6 DNS server is made on Red Hat Enterprise Linux. DNS server:- Server which resolve IP address to Hostname and Hostname to IP address. And when DNS server resolve IPv6 address with Hostname then it is IPv6 enabled DNS server. In the left picture, it is the configuration of for.zone , which has the entries ofCNAME and IP addresses and on other side it is res.zone, it has entry for PTR records. The longest record is of IPv6 address which is resolved to server. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 14
Redundancy  Redundancy means multiple pathways to reach a single destination.  Methods for Redundancy 1. HSRP 2. VRRP 3. GLBP HSRP stands for Hot Standby Router Protocol. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 15
HSRP  HSRP stands for Hot Standby Router Protocol.  It is a Cisco proprietary protocol.  It allows multiple routers or multilayer switches to masquerade as a single gateway.  Virtual IP address is allocated to all routers participating in HSRP.  In this topology HSRP is used to produce the redundancy in between the vlansmade on layer 3 switches DSw1 & DSw2. When one of the switch connection goes down then the other switch give the redundancy to that switch because on both switches same vlans are created. Layer 2 switches ASw1 -4 are the switches whose ports are used to connect the customers. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 16
VRRP  VRRP stands for Virtual Router Redundancy Protocol.  The industry-standard equivalent of HSRP is the Virtual Router Redundancy Protocol (VRRP).  The router with the highest priority becomes the Master Router.  All other routers become Backup Routers.  By default, the virtual MAC address is 0000.5e00.01xx, where xx is the hexadecimal group number.  VRRP Hellos are sent to multicast address 224.0.0.18.  VRRP redundancy is provided in between SEMBO_TECH_GW , VRRP_router and SEMBO_TECH. VRRP tunnel is made in between these three routers. These have EIGRP routing in between to communicate with each other.  For SEMBO_TECH router have two paths to communicate with linux_server one is SEMBO_TECH_GW router which is connected to MPLS, and other is VRRP_Router which has eBGP in the path. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 17
GLBP  GLBP stands for Gateway Load Balancing Protocol.  Each router is assigned a weight, and the default weight is 100. Weight can be statically configured, or dynamically decided by the router.  In the topology GLBP is configured in between the server_router, SEMBO_TECH_GW2 and GLBP_router. Tunnel is made between all these three routers.  GLBP support the Load balancing of the paths, it means it sends the traffic from both paths with the help of load balancing.  There are 3 methods, by which load balancing can be done 1. Round Robin 2. Weighted 3. Host-Dependent  But by default Round Robin is used. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 18
Dynamic Routing Protocols  Dynamic routing protocols are those who perform there routing with the help of network command.  It is very easy to configure, and to troubleshoot as compare to static .  Dynamic Routing Protocols used in topology :- 1. BGP 2. EIGRP 3. OSPF 4. RIP http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 19
BGP  BGP stands for Border Gateway Protocol.  The Border Gateway Protocol (BGP) routes traffic between autonomous systems. An autonomous system is a network or group of networks under common administration and with common routing policies.  BGP is a very robust and scalable routing protocol, as evidenced by the fact that it is the routing protocol employed on the Internet.  There are two types of BGP 1. iBGP 2. eBGP  iBGP :- iBGP means Internal Border Gateway Protocol. It is used inn between same Autonomous system.  eBGP :- eBGP means External Border Gateway Protocol. It is used inn between different Autonomous system. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 20
 In this topology eBGP routing is used in between GLBP_router, eBGP_router and VRRP-router.  GLBP_router -> eBGP_router AS 65000 and eBGP_router -> VRRP_router AS 65001  On each router loopback addresses are configured on all three routers, loopback address is the Router-ID for all the routers.  #bgp redistribute internal is the command to distribute the internal route of each router to the other router through eBGP.  Redistribution is done over the eBGP router. Redistribution is needed because there are two different AS present. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 21
 iBGP is configured on MPLS network, BGP is used with MPLS, because BGP helps MPLS to speed up the transfer of data.  P router is Provider router which is ISP in the real topology, and other PEs are the Provider Edge router.  Over this network Virtual Private Network VPN is also configured, to connect the SEMBO offices for the secure data transfer.  Over PE1 router EIGRP and RIP is also running because some other offices uses EIGRP and RIP for the connection from internet. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 22
EIGRP  EIGRP stands for Enhanced Interior Gateway Routing Protocol.  EIGRP is an advanced distance-vector routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and processing power in the router.  It uses Diffusing Update Algorithm(DUAL) to calculate the routing path.  In the topology EIGRP is used in these pictures.  SEMBO_TECH_GW_2 is connected through EIGRP with PE1 router which is running MPLS, with Server_router and GLBP_router there is redundancy is created by Gateway Load Balancing Protocol (GLBP).  Here in both cases, there are 2 EIGRP is running in both cases, one is for IPv4 and other is for IPv6. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 23
OSPF  OSPF stands for Open Shortest Path First.  It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system(AS).  In these places OSPF is running in this topology.  DEMBO_TECH_GW, PE2 and SEMBO_TECH_GW are running OSPF10 in between them, to send route to each other. SEMBO_TECH_GW is the gateway of SEMBO_TECH on MPLS path.  Whereas OSPF 100 is running on the SEMBO_TECH_LAN, there are 5 layer 3 switches, each are connected to each other with multiple links to create the redundancy.  Redistribution of multiple protocols are done on SEMBO_TECH router. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 24
Linux Server  Red Hat Enterprise Linux 6.0 is used as a server in this topology.  Linux server is installed on VmwareWorkstation 10 , connected to GNS3 topology through loopback interface of the windows 8.1.  When linux server communicate with any router in GNS3 then, request and all other things goes through this loopback interface.  Servers configured on Linux :- 1. DNS 2. APACHE 3. FTP 4. YUM 5. SSH http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 25
DNS Server :- DNS stands for DOMAIN NAME SERVER.  DNS server is used to translate the IP address to HOSTNAME.  In Linux Environment DNS server installed by BIND Packages. The name of service for DNS is NAMED. DNS Records :-  SOA (start of authority) :- This record automatically created when ZONE fie created. This is the first record which is responsible for accept query and resolve it.  NS (Name Server) :- NS provide the domain name to clients.  CNAME :-Alise name, Duplicate name  Host Record :- It is used to add the IP Address.  SPF (Sender Policy Framework) : - text record  TXT Record :- It is used for authentication purpose. APACHE Server :-APACHE server is called Apache HTTP server. It is a web server.  Virtual hosting allows one Apache installation to serve many different websites. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 26
 WEB Hosting is of two types :- 1. IP Based Hosting :- single ip single site 2. Name Based Hosting :- single ipmultiple sites  Service for APACHE :-httpd  Port number :- 80 (http) , 443 (https)  Default site storage path :- /var/www/html  Configuration file path :- /etc/http/conf/httpd.conf FTP Server :- FTP stands for FILE TRANSFER PROTOCOL.  FTP is a server which is used for download and upload files on internet and intranet.  Website can be uploaded through FTP server. FTP always hits the pub directory directly.  Port number used :- 20(control)/21(access)  Directory used :- /var/ftp/pub  Configuration file :- /etc/vsftpd/vsftpd.conf http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 27
YUM Server :-YUM stands for Yellowdog Updater, Modified.  YUM is an open-source command-line package-management utility for Linux operating systems using the RPM Package Manager.  Though yum has a command-line interface, several other tools provide graphical user interfaces to yum functionality.Yumallows automatic updates, package and dependency management, on RPM-based distributions.  Yum directory :- /etc/yum.repos.d/ SSH Server :- SSH stands for SECURE SHELL.  SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary.  There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection, and then use password authentication to log on.  Service name :-sshd  Configuration file :- /etc/ssh/ssh_config http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 28
Security Basic security in Routers  Enable Secret  Username and password  Console password  VLAN  ACL  Firewall http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 29
Enable Secret :- Enable Secret is the password that we set to restrict the user entry into the enable mode of the router.  The enable secret is secure and is not visible even after the user has successfully logged in. when user logged in and run #show run command then the password comes in encrypted form. Username and Password :- is the login password that has to be entered to log in to the router. It is set in configuration mode-> console line. Console Password :- is the password that is set on the router and the user is prompted for it when trying to enter the router.  Only this password needs to be entered and no username is required. VLAN :- Vlan stands for Virtual LAN.  Vlans are made on switch to divide the switch according to the administrator.  Vlan provide security by dividing the different department into different section. Communication between these vlans is possible through Router. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 30
ACL :-ACL stands for Access Control List.  An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.  Each ACL is identify by its name or number. Firewall :- Firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set.  A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted. firewall hardware firewall Watch guard and pix firewall etc. software firewall Norton (windows). Check-point (linux) Access-control-list (acl) (router and switch) http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 31
Thank you http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 32

Recommended

Implementation of isp mpls backbone network on i pv6 using 6 pe routers main PPT
Implementation of isp mpls backbone network on i pv6 using 6 pe routers main PPTImplementation of isp mpls backbone network on i pv6 using 6 pe routers main PPT
Implementation of isp mpls backbone network on i pv6 using 6 pe routers main PPTSatish Kumar
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ‎
 
MPLS + BGP Presentation
MPLS + BGP PresentationMPLS + BGP Presentation
MPLS + BGP PresentationGino McCarty
 
BGP Overview
BGP OverviewBGP Overview
BGP OverviewMatt Bynum
 
Mpls
MplsMpls
MplsFasih Rehman
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentBangladesh Network Operators Group
 
BGP persistence
BGP persistenceBGP persistence
BGP persistenceBertrand Duvivier
 
EVPN Introduction
EVPN IntroductionEVPN Introduction
EVPN IntroductionBangladesh Network Operators Group
 

Recommended

Implementation of isp mpls backbone network on i pv6 using 6 pe routers main PPT
Implementation of isp mpls backbone network on i pv6 using 6 pe routers main PPTImplementation of isp mpls backbone network on i pv6 using 6 pe routers main PPT
Implementation of isp mpls backbone network on i pv6 using 6 pe routers main PPTSatish Kumar
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ‎
 
MPLS + BGP Presentation
MPLS + BGP PresentationMPLS + BGP Presentation
MPLS + BGP PresentationGino McCarty
 
BGP Overview
BGP OverviewBGP Overview
BGP OverviewMatt Bynum
 
Mpls
MplsMpls
MplsFasih Rehman
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentBangladesh Network Operators Group
 
BGP persistence
BGP persistenceBGP persistence
BGP persistenceBertrand Duvivier
 
EVPN Introduction
EVPN IntroductionEVPN Introduction
EVPN IntroductionBangladesh Network Operators Group
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerAPNIC
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
 
Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
Unified MPLS. Построение современных и масштабируемых MPLS-сетей. Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
Unified MPLS. Построение современных и масштабируемых MPLS-сетей. Cisco Russia
 
Using BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsUsing BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsRowell Dionicio
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Febrian ‎
 
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideNokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideAbel Saduwa
 
IPV6
IPV6 IPV6
IPV6 Arnold Derrick Kinney
 
2011 TWNIC SP IPv6 Transition
2011 TWNIC SP IPv6 Transition2011 TWNIC SP IPv6 Transition
2011 TWNIC SP IPv6 TransitionJohnson Liu
 
MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Trafficalco
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
ipv6 mpls by Patrick Grossetete
ipv6 mpls by Patrick Grosseteteipv6 mpls by Patrick Grossetete
ipv6 mpls by Patrick GrosseteteFebrian ‎
 
Voice over MPLS
Voice over MPLSVoice over MPLS
Voice over MPLSTooba Shaikh
 
Inter as vpn option c
Inter as vpn option c Inter as vpn option c
Inter as vpn option c Goerge Micheal Gerges
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Jhoni Guerrero
 
Nokia IES Configuration guide
Nokia IES Configuration guideNokia IES Configuration guide
Nokia IES Configuration guideAbel Saduwa
 
bgp(border gateway protocol)
bgp(border gateway protocol)bgp(border gateway protocol)
bgp(border gateway protocol)Noor Ul Hudda Memon
 
SEGMENT Routing
SEGMENT RoutingSEGMENT Routing
SEGMENT RoutingBangladesh Network Operators Group
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionAPNIC
 
FreeRangeRouting - A new Quagga fork with more open development
FreeRangeRouting - A new Quagga fork with more open developmentFreeRangeRouting - A new Quagga fork with more open development
FreeRangeRouting - A new Quagga fork with more open developmentAPNIC
 
ISP
ISPISP
ISPaj1974
 
Design and Deployment using the Cisco Smart Business Architecture (SBA)
Design and Deployment using the Cisco Smart Business Architecture (SBA)Design and Deployment using the Cisco Smart Business Architecture (SBA)
Design and Deployment using the Cisco Smart Business Architecture (SBA)Cisco Russia
 

More Related Content

What's hot

BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerAPNIC
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
 
Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
Unified MPLS. Построение современных и масштабируемых MPLS-сетей. Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
Unified MPLS. Построение современных и масштабируемых MPLS-сетей. Cisco Russia
 
Using BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsUsing BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsRowell Dionicio
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Febrian ‎
 
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideNokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideAbel Saduwa
 
2011 TWNIC SP IPv6 Transition
2011 TWNIC SP IPv6 Transition2011 TWNIC SP IPv6 Transition
2011 TWNIC SP IPv6 TransitionJohnson Liu
 
MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Trafficalco
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
ipv6 mpls by Patrick Grossetete
ipv6 mpls by Patrick Grosseteteipv6 mpls by Patrick Grossetete
ipv6 mpls by Patrick GrosseteteFebrian ‎
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Jhoni Guerrero
 
Nokia IES Configuration guide
Nokia IES Configuration guideNokia IES Configuration guide
Nokia IES Configuration guideAbel Saduwa
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionAPNIC
 
FreeRangeRouting - A new Quagga fork with more open development
FreeRangeRouting - A new Quagga fork with more open developmentFreeRangeRouting - A new Quagga fork with more open development
FreeRangeRouting - A new Quagga fork with more open developmentAPNIC
 

What's hot (20)

BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN Controller
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
 
Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
Unified MPLS. Построение современных и масштабируемых MPLS-сетей. Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
Unified MPLS. Построение современных и масштабируемых MPLS-сетей.
 
Using BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsUsing BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet Connections
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010
 
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideNokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration Guide
 
IPV6
IPV6 IPV6
IPV6
 
2011 TWNIC SP IPv6 Transition
2011 TWNIC SP IPv6 Transition2011 TWNIC SP IPv6 Transition
2011 TWNIC SP IPv6 Transition
 
MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Traffic
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
 
ipv6 mpls by Patrick Grossetete
ipv6 mpls by Patrick Grosseteteipv6 mpls by Patrick Grossetete
ipv6 mpls by Patrick Grossetete
 
Voice over MPLS
Voice over MPLSVoice over MPLS
Voice over MPLS
 
Inter as vpn option c
Inter as vpn option c Inter as vpn option c
Inter as vpn option c
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6
 
Nokia IES Configuration guide
Nokia IES Configuration guideNokia IES Configuration guide
Nokia IES Configuration guide
 
bgp(border gateway protocol)
bgp(border gateway protocol)bgp(border gateway protocol)
bgp(border gateway protocol)
 
SEGMENT Routing
SEGMENT RoutingSEGMENT Routing
SEGMENT Routing
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and Discussion
 
FreeRangeRouting - A new Quagga fork with more open development
FreeRangeRouting - A new Quagga fork with more open developmentFreeRangeRouting - A new Quagga fork with more open development
FreeRangeRouting - A new Quagga fork with more open development
 

Viewers also liked

Design and Deployment using the Cisco Smart Business Architecture (SBA)
Design and Deployment using the Cisco Smart Business Architecture (SBA)Design and Deployment using the Cisco Smart Business Architecture (SBA)
Design and Deployment using the Cisco Smart Business Architecture (SBA)Cisco Russia
 
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...sunda2011
 
Final year ece projects in chennai,bangalore,vijayawada
Final year ece projects in chennai,bangalore,vijayawadaFinal year ece projects in chennai,bangalore,vijayawada
Final year ece projects in chennai,bangalore,vijayawadaAshok Kumar.k
 
2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...
2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...
2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...IEEEFINALSEMSTUDENTSPROJECTS
 
Introduction to Adaptive Private Networking
Introduction to Adaptive Private NetworkingIntroduction to Adaptive Private Networking
Introduction to Adaptive Private NetworkingKeith Morris
 
PROJECT LOON
PROJECT LOONPROJECT LOON
PROJECT LOONRamana Kv
 
Mobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital BackboneMobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital BackboneAdeyemi Fowe
 
Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...
Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...
Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...CMC Limited
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 
6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...
6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...
6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...thesakshi12
 
ECE 323 Final Project Report
ECE 323 Final Project ReportECE 323 Final Project Report
ECE 323 Final Project ReportJonathan Lepp
 
Network Design in Cloud-ready IDC
Network Design in Cloud-ready IDCNetwork Design in Cloud-ready IDC
Network Design in Cloud-ready IDCKae Hsu
 
CDN and ISP Operation
CDN and ISP OperationCDN and ISP Operation
CDN and ISP OperationKae Hsu
 
Secure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIPSecure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIPArpan Patel
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALJohn Bernal
 
Final Project presentation on Image processing based intelligent traffic cont...
Final Project presentation on Image processing based intelligent traffic cont...Final Project presentation on Image processing based intelligent traffic cont...
Final Project presentation on Image processing based intelligent traffic cont...Louise Antonio
 
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...Jonathan Donado
 
A University Network Design Exercise
A University Network Design ExerciseA University Network Design Exercise
A University Network Design Exercisejoelavery
 

Viewers also liked (20)

ISP
ISPISP
ISP
 
Design and Deployment using the Cisco Smart Business Architecture (SBA)
Design and Deployment using the Cisco Smart Business Architecture (SBA)Design and Deployment using the Cisco Smart Business Architecture (SBA)
Design and Deployment using the Cisco Smart Business Architecture (SBA)
 
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Communica...
 
Final year ece projects in chennai,bangalore,vijayawada
Final year ece projects in chennai,bangalore,vijayawadaFinal year ece projects in chennai,bangalore,vijayawada
Final year ece projects in chennai,bangalore,vijayawada
 
Ducat
DucatDucat
Ducat
 
2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...
2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...
2014 IEEE DOTNET NETWORKING PROJECT Pricing under constraints_in_access_netwo...
 
Introduction to Adaptive Private Networking
Introduction to Adaptive Private NetworkingIntroduction to Adaptive Private Networking
Introduction to Adaptive Private Networking
 
PROJECT LOON
PROJECT LOONPROJECT LOON
PROJECT LOON
 
Mobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital BackboneMobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital Backbone
 
Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...
Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...
Project based Industrial Training for MCA/B.E./B.Tech./MCA in CMC Ltd - A TCS...
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1
 
6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...
6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...
6 weeks/months project training from CMC Faridabad - Ppt of ccna project from...
 
ECE 323 Final Project Report
ECE 323 Final Project ReportECE 323 Final Project Report
ECE 323 Final Project Report
 
Network Design in Cloud-ready IDC
Network Design in Cloud-ready IDCNetwork Design in Cloud-ready IDC
Network Design in Cloud-ready IDC
 
CDN and ISP Operation
CDN and ISP OperationCDN and ISP Operation
CDN and ISP Operation
 
Secure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIPSecure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIP
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
 
Final Project presentation on Image processing based intelligent traffic cont...
Final Project presentation on Image processing based intelligent traffic cont...Final Project presentation on Image processing based intelligent traffic cont...
Final Project presentation on Image processing based intelligent traffic cont...
 
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
 
A University Network Design Exercise
A University Network Design ExerciseA University Network Design Exercise
A University Network Design Exercise
 

Similar to ISP core routing project

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
ODA000017 MPLS VPN(L3).ppt
ODA000017 MPLS VPN(L3).pptODA000017 MPLS VPN(L3).ppt
ODA000017 MPLS VPN(L3).pptmarwan76
 
MPLS-based Layer 3 VPNs.pdf
MPLS-based Layer 3 VPNs.pdfMPLS-based Layer 3 VPNs.pdf
MPLS-based Layer 3 VPNs.pdfHuynh MVT
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoNMwendwa Kivuva
 
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Ashish Tanwer
 
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncIpv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncAntenna Manufacturer Coco
 

Similar to ISP core routing project (20)

Mpls Services
Mpls ServicesMpls Services
Mpls Services
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Ospf
OspfOspf
Ospf
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpn
 
ODA000017 MPLS VPN(L3).ppt
ODA000017 MPLS VPN(L3).pptODA000017 MPLS VPN(L3).ppt
ODA000017 MPLS VPN(L3).ppt
 
MPLS-based Layer 3 VPNs.pdf
MPLS-based Layer 3 VPNs.pdfMPLS-based Layer 3 VPNs.pdf
MPLS-based Layer 3 VPNs.pdf
 
Day one-poster-vpns
Day one-poster-vpnsDay one-poster-vpns
Day one-poster-vpns
 
QOS of MPLS
QOS of MPLSQOS of MPLS
QOS of MPLS
 
J010136172
J010136172J010136172
J010136172
 
CSC427_Week_11.pdf
CSC427_Week_11.pdfCSC427_Week_11.pdf
CSC427_Week_11.pdf
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
 
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...
 
MPLS-jpl.ppt
MPLS-jpl.pptMPLS-jpl.ppt
MPLS-jpl.ppt
 
C0343015019
C0343015019C0343015019
C0343015019
 
Mpls
MplsMpls
Mpls
 
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncIpv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
 
MPLS-extra.ppt
MPLS-extra.pptMPLS-extra.ppt
MPLS-extra.ppt
 
yun-MPLS.ppt
yun-MPLS.pptyun-MPLS.ppt
yun-MPLS.ppt
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
 
MPLS
MPLSMPLS
MPLS
 

Recently uploaded

VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceEscorts Call Girls
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋nirzagarg
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY
 
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...SUHANI PANDEY
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...nilamkumrai
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 

Recently uploaded (20)

VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
( Pune ) VIP Pimpri Chinchwad Call Girls 🎗️ 9352988975 Sizzling | Escorts | G...
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 

ISP core routing project

  • 1. By: Vishal Sharma Visit: www.ciscoz.com ISP CORE ROUTING 1 http://www.ciscoz.com/2014/04/isp-core-routing topology/
  • 2. Introduction to Project  The WAN is the networking infrastructure that provides an IP-based interconnection between remote sites that are separated by large geographic distances.  This project was implemented in order to demonstrate how the company accesses its servers through internet.  By using sophisticated technology such as MultiProtocol Label Switching (MPLS), the issue of delays can be eliminated.  MPLS Layer 3 VPNs use a peer-to-peer VPN Model that leverages the Border gateway Protocol (BGP) to distribute VPN-related information. 2 http://www.ciscoz.com/2014/04/isp-core-routing-topology/
  • 3. Layout of project http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 3
  • 4. Features of the Project  MPLS Layer 3 VPN  IPv6 Network with IPv6 DNS server  Redundancy  Dynamic Routing Protocols  Linux Server  Security http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 4
  • 5. MPLS Layer3 VPN  MPLS stands for Multi Protocol Label Switching.  It is a mechanism in high-performance telecommunications networks that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table.  The labels identify virtual paths between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols, like ATM, Frame Relay etc.  MPLS operates at a layer that is generally considered to lie between traditional definitions of layer 2 (data link layer) and layer 3 (network layer), and thus is often referred to as a "layer 2.5" protocol http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 5
  • 6.  MPLS L3VPN is a kind of PE-based L3VPN technology for service provider VPN solutions. It uses BGP to advertise VPN routes and uses MPLS to forward VPN packets on service provider backbones.  MPLS-labeled packets are switched after a label lookup/switch instead of a lookup into the IP table. When MPLS was conceived, label lookup and label switching were faster than a routing table or RIB (Routing Information Base) lookup.  MPLS-based VPN connects geographically different branches of a private network to form a united network by using LSPs. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 6
  • 7. Fundamental component of MPLS Network  Label Switching Router (LSR)  Label switched path (LSP)  Provider (P) router  Provider edge router (PE):  Customer edge device (CE)  Label Distribution Protocol (LDP) http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 7
  • 8.  Label Switching Router :- Router that performs routing based only on the label is called a label switch router (LSR). This is a type of router located in the middle of a MPLS network. It is responsible for switching the labels used to route packets.  When an LSR receives a packet, it uses the label included in the packet header as an index to determine the next hop on the label-switched path (LSP) and a corresponding label for the packet from a lookup table.  The old label is then removed from the header and replaced with the new label before the packet is routed forward.  A label edge router (LER, also known as edge LSR) is a router that operates at the edge of an MPLS network and acts as the entry and exit points for the network. LERs respectively, push an MPLS label onto an incoming packet and pop it off the outgoing packet. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 8
  • 9.  Provider router :- MPLS-based virtual private network (VPN), LERs that function as ingress and/or egress routers to the VPN are often called PE (Provider Edge) routers. Devices that function only as transit routers are similarly called P (Provider) routers.  Label Distribution Protocol :- Labels are distributed between LERs and LSRs using the Label Distribution Protocol (LDP). LSRs in an MPLS network regularly exchange label and reachability information with each other using standardized procedures in order to build a complete picture of the network they can then use to forward packets. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 9
  • 10. Label Distribution Protocol (LDP) - Purpose Label distribution ensures that adjacent routers have a common view of FEC <-> label bindings Routing Table: Addr-prefix Next Hop 47.0.0.0/8 LSR2 LSR1 LSR2 LSR3 IP Packet 47.80.55.3 Routing Table: Addr-prefix Next Hop 47.0.0.0/8 LSR3 For 47.0.0.0/8 use label ‘17’ Label Information Base: Label-In FEC Label-Out 17 47.0.0.0/8 XX Label Information Base: Label-In FEC Label-Out XX 47.0.0.0/8 17 Step 1: LSR creates binding between FEC and label value Step 2: LSR communicates binding to adjacent LSR Step 3: LSR inserts label value into forwarding base Common understanding of which FEC the label is referring to! Label distribution can either piggyback on top of an existing routing protocol, or a dedicated label distribution protocol (LDP) can be created http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 10
  • 11. IPv6 Network with IPv6 DNS server  IPv6 is the version of Internet Protocol.  IPv6 address is of 128 bits Communication of IPv6 with IPv4  IPv6 Tunnelling over IPv4 Network  Dual Stacking http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 11
  • 12. IPv6 Tunnelling over IPv4 Network IPv6 Tunnel source _router IPv4_router IPv6 Tunnel Des_router IPv6 tunnelling is the one of the method to communicate IPv4 with IPv6 network. IPv6 Tunnel is made over 2 routers which are enabled with IPv6 addresses. IPv4_router is the network with IPv4 address enabled. There is no ipv6 address over this router. IPv6 tunnel is directly over this IPv4_router network. On both router IPv6 Tunnel source router and des router , a tunnel interface has been created on which IPv6 addresses have been given to communicate. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 12
  • 13. Dual Stacking 2004::1/64 20.3.0.1 2004::2/64 20.3.0.3 2003::1/64 100.0.0.254 Server_router GLBP_router Linux Server Dual Stacking is the another method to communicate IPv4 to IPv6. In this method both IPv4 and IPv6 addresses are given on the same interface, by which when IPv6 packet is received by router then it transfer it using IPv6 address and when IPv4 then by IPv4 address. In this topology Linux server has IPv6 enabled and dual stacking by having IPv4 address. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 13
  • 14. IPv6 DNS Server In this Project IPv6 DNS server is made on Red Hat Enterprise Linux. DNS server:- Server which resolve IP address to Hostname and Hostname to IP address. And when DNS server resolve IPv6 address with Hostname then it is IPv6 enabled DNS server. In the left picture, it is the configuration of for.zone , which has the entries ofCNAME and IP addresses and on other side it is res.zone, it has entry for PTR records. The longest record is of IPv6 address which is resolved to server. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 14
  • 15. Redundancy  Redundancy means multiple pathways to reach a single destination.  Methods for Redundancy 1. HSRP 2. VRRP 3. GLBP HSRP stands for Hot Standby Router Protocol. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 15
  • 16. HSRP  HSRP stands for Hot Standby Router Protocol.  It is a Cisco proprietary protocol.  It allows multiple routers or multilayer switches to masquerade as a single gateway.  Virtual IP address is allocated to all routers participating in HSRP.  In this topology HSRP is used to produce the redundancy in between the vlansmade on layer 3 switches DSw1 & DSw2. When one of the switch connection goes down then the other switch give the redundancy to that switch because on both switches same vlans are created. Layer 2 switches ASw1 -4 are the switches whose ports are used to connect the customers. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 16
  • 17. VRRP  VRRP stands for Virtual Router Redundancy Protocol.  The industry-standard equivalent of HSRP is the Virtual Router Redundancy Protocol (VRRP).  The router with the highest priority becomes the Master Router.  All other routers become Backup Routers.  By default, the virtual MAC address is 0000.5e00.01xx, where xx is the hexadecimal group number.  VRRP Hellos are sent to multicast address 224.0.0.18.  VRRP redundancy is provided in between SEMBO_TECH_GW , VRRP_router and SEMBO_TECH. VRRP tunnel is made in between these three routers. These have EIGRP routing in between to communicate with each other.  For SEMBO_TECH router have two paths to communicate with linux_server one is SEMBO_TECH_GW router which is connected to MPLS, and other is VRRP_Router which has eBGP in the path. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 17
  • 18. GLBP  GLBP stands for Gateway Load Balancing Protocol.  Each router is assigned a weight, and the default weight is 100. Weight can be statically configured, or dynamically decided by the router.  In the topology GLBP is configured in between the server_router, SEMBO_TECH_GW2 and GLBP_router. Tunnel is made between all these three routers.  GLBP support the Load balancing of the paths, it means it sends the traffic from both paths with the help of load balancing.  There are 3 methods, by which load balancing can be done 1. Round Robin 2. Weighted 3. Host-Dependent  But by default Round Robin is used. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 18
  • 19. Dynamic Routing Protocols  Dynamic routing protocols are those who perform there routing with the help of network command.  It is very easy to configure, and to troubleshoot as compare to static .  Dynamic Routing Protocols used in topology :- 1. BGP 2. EIGRP 3. OSPF 4. RIP http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 19
  • 20. BGP  BGP stands for Border Gateway Protocol.  The Border Gateway Protocol (BGP) routes traffic between autonomous systems. An autonomous system is a network or group of networks under common administration and with common routing policies.  BGP is a very robust and scalable routing protocol, as evidenced by the fact that it is the routing protocol employed on the Internet.  There are two types of BGP 1. iBGP 2. eBGP  iBGP :- iBGP means Internal Border Gateway Protocol. It is used inn between same Autonomous system.  eBGP :- eBGP means External Border Gateway Protocol. It is used inn between different Autonomous system. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 20
  • 21.  In this topology eBGP routing is used in between GLBP_router, eBGP_router and VRRP-router.  GLBP_router -> eBGP_router AS 65000 and eBGP_router -> VRRP_router AS 65001  On each router loopback addresses are configured on all three routers, loopback address is the Router-ID for all the routers.  #bgp redistribute internal is the command to distribute the internal route of each router to the other router through eBGP.  Redistribution is done over the eBGP router. Redistribution is needed because there are two different AS present. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 21
  • 22.  iBGP is configured on MPLS network, BGP is used with MPLS, because BGP helps MPLS to speed up the transfer of data.  P router is Provider router which is ISP in the real topology, and other PEs are the Provider Edge router.  Over this network Virtual Private Network VPN is also configured, to connect the SEMBO offices for the secure data transfer.  Over PE1 router EIGRP and RIP is also running because some other offices uses EIGRP and RIP for the connection from internet. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 22
  • 23. EIGRP  EIGRP stands for Enhanced Interior Gateway Routing Protocol.  EIGRP is an advanced distance-vector routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and processing power in the router.  It uses Diffusing Update Algorithm(DUAL) to calculate the routing path.  In the topology EIGRP is used in these pictures.  SEMBO_TECH_GW_2 is connected through EIGRP with PE1 router which is running MPLS, with Server_router and GLBP_router there is redundancy is created by Gateway Load Balancing Protocol (GLBP).  Here in both cases, there are 2 EIGRP is running in both cases, one is for IPv4 and other is for IPv6. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 23
  • 24. OSPF  OSPF stands for Open Shortest Path First.  It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system(AS).  In these places OSPF is running in this topology.  DEMBO_TECH_GW, PE2 and SEMBO_TECH_GW are running OSPF10 in between them, to send route to each other. SEMBO_TECH_GW is the gateway of SEMBO_TECH on MPLS path.  Whereas OSPF 100 is running on the SEMBO_TECH_LAN, there are 5 layer 3 switches, each are connected to each other with multiple links to create the redundancy.  Redistribution of multiple protocols are done on SEMBO_TECH router. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 24
  • 25. Linux Server  Red Hat Enterprise Linux 6.0 is used as a server in this topology.  Linux server is installed on VmwareWorkstation 10 , connected to GNS3 topology through loopback interface of the windows 8.1.  When linux server communicate with any router in GNS3 then, request and all other things goes through this loopback interface.  Servers configured on Linux :- 1. DNS 2. APACHE 3. FTP 4. YUM 5. SSH http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 25
  • 26. DNS Server :- DNS stands for DOMAIN NAME SERVER.  DNS server is used to translate the IP address to HOSTNAME.  In Linux Environment DNS server installed by BIND Packages. The name of service for DNS is NAMED. DNS Records :-  SOA (start of authority) :- This record automatically created when ZONE fie created. This is the first record which is responsible for accept query and resolve it.  NS (Name Server) :- NS provide the domain name to clients.  CNAME :-Alise name, Duplicate name  Host Record :- It is used to add the IP Address.  SPF (Sender Policy Framework) : - text record  TXT Record :- It is used for authentication purpose. APACHE Server :-APACHE server is called Apache HTTP server. It is a web server.  Virtual hosting allows one Apache installation to serve many different websites. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 26
  • 27.  WEB Hosting is of two types :- 1. IP Based Hosting :- single ip single site 2. Name Based Hosting :- single ipmultiple sites  Service for APACHE :-httpd  Port number :- 80 (http) , 443 (https)  Default site storage path :- /var/www/html  Configuration file path :- /etc/http/conf/httpd.conf FTP Server :- FTP stands for FILE TRANSFER PROTOCOL.  FTP is a server which is used for download and upload files on internet and intranet.  Website can be uploaded through FTP server. FTP always hits the pub directory directly.  Port number used :- 20(control)/21(access)  Directory used :- /var/ftp/pub  Configuration file :- /etc/vsftpd/vsftpd.conf http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 27
  • 28. YUM Server :-YUM stands for Yellowdog Updater, Modified.  YUM is an open-source command-line package-management utility for Linux operating systems using the RPM Package Manager.  Though yum has a command-line interface, several other tools provide graphical user interfaces to yum functionality.Yumallows automatic updates, package and dependency management, on RPM-based distributions.  Yum directory :- /etc/yum.repos.d/ SSH Server :- SSH stands for SECURE SHELL.  SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary.  There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection, and then use password authentication to log on.  Service name :-sshd  Configuration file :- /etc/ssh/ssh_config http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 28
  • 29. Security Basic security in Routers  Enable Secret  Username and password  Console password  VLAN  ACL  Firewall http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 29
  • 30. Enable Secret :- Enable Secret is the password that we set to restrict the user entry into the enable mode of the router.  The enable secret is secure and is not visible even after the user has successfully logged in. when user logged in and run #show run command then the password comes in encrypted form. Username and Password :- is the login password that has to be entered to log in to the router. It is set in configuration mode-> console line. Console Password :- is the password that is set on the router and the user is prompted for it when trying to enter the router.  Only this password needs to be entered and no username is required. VLAN :- Vlan stands for Virtual LAN.  Vlans are made on switch to divide the switch according to the administrator.  Vlan provide security by dividing the different department into different section. Communication between these vlans is possible through Router. http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 30
  • 31. ACL :-ACL stands for Access Control List.  An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.  Each ACL is identify by its name or number. Firewall :- Firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set.  A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted. firewall hardware firewall Watch guard and pix firewall etc. software firewall Norton (windows). Check-point (linux) Access-control-list (acl) (router and switch) http://www.ciscoz.com/2014/04/isp-core-routing-topology/ 31