Skip to content

Network Ninja

The Long Road to Cisco

  • Home
  • About
  • Legal Disclaimer
  • Archives
Less
More
Trim
Untrim
« Older
Home
Loading
Newer »

Tag Archive for 'Architecture'

BSCI Design Foundation – Network Models

Published
by
Deon Botha
on July 25, 2008
in BSCI, BSCI Notes, Certification, Cisco Systems, Concepts and Constructs, ECNM, Enterprise Architecture, IIN and SONA
. 0 Comments

Design – Hierarchical

Hierarchical Design

Where networks once were non-hierarchical (layer-1 design, layer-2 design, layer-3 design) they are generally now three-layer hierarchical in design (above). Cisco has been using this model for years and it gave a high-level overview of how a reliable network could be conceived but was largely conceptual because it did not provide specific guidance on “how-to” implement certain things, like:

  • Implementing redundancy,
  • Adding Internet Access,
  • Accounting for remote users,
  • Locating workgroup and enterprise services

Design – Enterprise Composite Network Model (ECNM)

Access-Distribution-Core ECNM

Revisions to the hierarchical design showed redundant distribution and core devices and connections to make the hierarchical model more fault tolerant. The switch block design (above) explained how redundancy fit into a network, but still did not really adequately specify other parts of the network design. This lead to the Enterprise Composite Network Model (ECNM) development to address the failures of both the hierarchical model and switch block model.

This ECNM is broken into three large pieces:

  • Enterprise Campus,
  • Enterprise Edge,
  • Service Provider Edge.

Enterprise Composite Network Model

ECNM – Campus

The enterprise campus looks very much like the above switch block design with some added details:

  • Campus Backbone (like the core layer of the hierarchical model),
  • Building Distribution,
  • Building Access,
  • Management,
  • Server Farm (Enterprise Services).

The ECNM Campus builds onto the Switch block design but gives specific guidance as to where to place servers and management equipment. Take note that the servers look like a switch block and are redundantly attached (dual-homed) to the switches (not really shown nicely in the diagram).

ECNM – Enterprise Edge

The Enterprise edge shows the connections that the enterprise has with the wide area (other networks) and include:

  • E-Commerce,
  • Remote Access,
  • Internet Connectivity,
  • WAN (Internal links to other branches).

ECNM – Service Provider Edge

The service provider edge includes the public networks that facilitate wide area (other networks) connectivity:

  • Internet Service Provider (ISP),
  • Public Switched Telephone Network (PSTN) for dialup,
  • Frame Relay, ATM, and PPP for private connections.

Multiplexing

Historically voice traffic used one set of circuits and data traffic another. Also if you wanted more than one “number” the telecommunications company installed another physical line to your premises. If you wanted access to a data network they installed a data line for that purpose.

With line technologies like the T-carrier system (USA, Japan, Korea) 24 pulse-code modulated (I don’t know need to ask one the engineers about this), time-division multiplexed speech signals are carried over 2 copper pairs. This type of technology saved the telecommunications companies a lot of money in building out subscriber lines. The problem with T1 as a technology is that it cannot adjust as the customer usage requirements changes (see E-carrier system for Europe and other countries).

As technology changes so does the requirements from that technology; Modern networks are designed to carry voice, video, enterprise applications, normal LAN traffic and management traffic all on the same single secure infrastructure (convergence). The traffic is forced (statistically multiplexed) to share access to the network.

Service-Orientated Network Architecture (SONA) and Intelligent Information Network (IIN)

As covered above “Multiplexing” described the idea of a converged network as a system that integrates what was previously disparate systems (voice, video, data). The traffic types usually found on a converged network would include, but may not be limited to:

  • voice signalling and bearer traffic,
  • Core application traffic (ERP and CRM),
  • Transactional traffic related to database interactions (SQL),
  • Network management traffic for monitoring and maintaining the network structure (including routing protocol traffic),
  • Multicast multimedia,
  • Other traffic (web, e-mail, file transfer).

Each of the above traffic types has its own requirements and expectations that govern its successful execution. These requirements include security, QoS, transmission capacity, and delay.

To support this kind of multiplexed traffic, Cisco routers are able to implement filtering, compression, prioritization, and policing (dedicating network capacity). Except for the filtering process these processes are collectively known as QoS.

As an alternative to QoS, Cisco has an ideal called the Intelligent Information Network (IIN). This vision describes a network that integrates network and application functionality cooperatively allowing the network to be “smart” about how it handles traffic to minimize the footprint of applications. The IIN evolution is described in three phases:

  • Phase 1: Integrated Transport, deals with a converged network, built along a similar fashion of the ECNM and based on open standards (cross-compatibility)
  • Phase 2: Integrated Services, posits virtualization of resources such as servers, storage and network access; to move to an “on-demand” model. Don’t think marketing/advertising “virtualization” think practical virtualization the ISR routers (routing, switching, voice, network management, security and wireless) designed as an aio (all-in-one) appliance and Vitalizing Servers (if you have proper designed for the job servers) you can’t be trying this on SMB servers or try recycling 10 year old technology and thinking “bargain let’s load 5 operating systems on this”.
  • Phase 3: Integrated Applications, using application orientated networking (AON) to make the network “aware” allowing the network to actively monitor and participate in service delivery.

Service-Orientated Network Architecture (SONA) is the practical application or “how-to” of IIN in enterprise networks. SONA breaks down IIN into three layers;

  • SONA Infrastructure Layer is basically the same as IIN Phase 1,
  • SONA interactive Services Layer maps to IIN Phase 2,
  • SONA Application Layer has the same concepts as IIN Phase 3.

Resources:

Aragoen Celtdra on BSCI: Network Architecture and Design

Notes and Notices:

This is a part of my personal BSCI notes and research to assist myself in learning and understanding the concepts and theory for the BSCI exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BSCI Certification.

BSCI Design Foundation – Scalability

Published
by
Deon Botha
on July 25, 2008
in BSCI, BSCI Notes, Certification and Cisco Systems
. 0 Comments

As I posted after I passed BCMSN I was going to be doing things a little differently. This is the different I was talking about; I am going to crawl before I am going to try and fling myself off a building (baby steps). In this post I am going to go over the Foundation topics for Network Design.

Defining Scalability

As the course is called Building Scalable Cisco Internetworks (BSCI) one of the underlying topics covered is  scalability. This can be defined as the capacity of a network to keep pace with changes and growth. An example of this would exponential (full-mesh topology) versus linear network growth (hub and spoke topology or Star Topology).

Exponential Growth

When one compares the two topologies a full-mesh topology grows exponential and thus just isn’t realistically scalable, this would be because of the cost element associated to build a large network using this topology.

To illustrate the exponential growth pattern of a network using this topology use the following equation:

Connections = Sites ( Sites – 1 ) ÷ 2

Full-Mesh-Scalability

Using this equation a table can be drawn up (left) where one can see just how quickly a relatively small number of nodes (sites) quickly require many connections to keep the one node has a connection to all other nodes true.

This is the reason why this topology isn’t practically scalable in real life (IRL). Calculating the number of point-to-point connections and related hardware requirements needed there are very few companies that would be able to bankroll this sustainably (maybe if they own the underlying network architecture like a telecom or a company where the network itself is the business).

Hub and Spoke

A hub and spoke topology grows incrementally as the network increases in size. Look at the above diagram and you see 5 nodes and a central switching station in the centre. This type of topology is realistically scalable because adding the 10th node would cost the same as adding the 100th node; the only cost incurred would be a point-to-point connection and network kit.

To illustrate the linear growth pattern of this network using this topology use the following equation:

Connections = Sites – 1

Resources:

Aragoen Celtdra on BSCI: Network Architecture and Design

Notes and Notices:

This is a part of my personal BSCI notes and research to assist myself in learning and understanding the concepts and theory for the BSCI exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BSCI Certification.

Planning Voice on a Data Network

Published
by
Deon Botha
on May 21, 2008
in BCMSN, Certification, Cisco Systems and VoIP
. 0 Comments

There are numerous benefits to packet switched telephony:

  • More efficient use of bandwidth and kit: Traditional telephony networks use a 64-kbps (For argument lets say 1B Channel on a ISDN line) channel for every voice call. Packet telephony shares bandwidth among multiple logical connections and offloads traffic volumes from existing voice switches.
  • Lower costs for telephony network transmissions: A substantial amount of equipment is needed to combine 64-kbps (ISDN) channels into a high-speed link for transport across a network (Lets say an ISDN PRI). Packet telephony statistically multiplexes voice traffic alongside data traffic. This consolidation represents substantial savings on CAPEX and OPEX.
  • Consolidated voice and data network expenses: Data networks functioning separately from voice networks become major traffic carriers. The underlying voice networks can be converted to utilize the packet-switched architecture to create a single integrated communications network with a common switching and transmission system. The benefit is CAPEX and OPEX savings.
  • Increased revenues from new services: Packet telephony enables new integrated services, such as broadcast-quality audio, unified messaging, and real-time voice and data collaboration. These services increase employees productivity and profit margins well above those of basic voice services. In addition, these services enable companies and service providers to differentiate themselves and improve their market position.
  • Greater innovation in services: Unified communications use the IP infrastructure to consolidate communications methods that were previously independent (Fax, voicemail, email, wireline telephone, cellular phone, and the web). The IP Infrastructure provides users with a common method to access messages and initiate real-time communications – independent of time, location, or device.
  • Adding to new communications devices :P acket technology can reach devices that are largely inaccessible to the time-division multiplexing (TDM) infrastructures of today (pcs, wireless devices, household appliances, PDAs). Access to these devices enable companies and service providers to increase the volume of communications they deliver, the breadth of service they offer, and the number of subscribers they serve. Packet technology, therefore, enables companies to market new devices, including videophones, multimedia terminals, and advanced IP Phones.
  • Flexible new pricing structures: Companies and services providers with packet-switched networks can transform their service and pricing models. Because network bandwidth can be dynamically allocated, network usage no longer needs to be measured in minutes or distance. Dynamic allocation gives service providers the flexibility to meet the needs of their customers in ways that bring them the greatest benefits.

The basic components for voice on a IP network are as follows:

  • IP Phones: The end-device on desks
  • Gatekeeper: Provides Connection Admission Control (CAC), bandwidth control and management and address translation.
  • Gateway: Provides translation between voice over Internet Protocol (VoIP) and non-VoIP networks, such as the public switched telephone network (PSTN). It provides physical access for local analog and digital devices (telephones, fax machines, and PBXs)
  • Multipoint Control Unit: Provides real-time connectivity for participants in multiple locations to attend the same videoconference or meeting.
  • Call Agent: Provides call control for IP Phones, CAC, bandwidth control and management, and address translation.
  • Application Server: Provides services such as voicemail, unified messaging, and Cisco CallManager Attendant Console.
  • Videoconference Station: Provides access for end-users participation in videoconferencing. This station has a video camera and a microphone. The user can view video streams and hear the audio that originates from the remote user station.

There are other components not listed here like voice applications, interactive voice response (IVR) systems, and softphones that meet the specific needs of enterprise.

Voice and Data Traffic Characteristics

Voice traffic has extremely stringent QoS requirements (because it is extremely delay sensitive). Voice traffic generates a smooth demand on bandwidth and has minimal impact on other traffic (60 – 120 bytes), as long as voice traffic is managed. Because of the resulting time sensitive nature User Datagram Protocol (UDP) is used to package voice packets; TCP retransmit capabilities have no value (because if it needs to be retransmitted then there is delay in the actual conversation occuring NOW).

For voice quality, delay should be no more than 150ms (one-way) and less than 1% packet loss. A typical voice call requires 17 – 106 kbps of guaranteed priority bandwidth, plus additional 150bps per call for voice-control traffic. Multiplying this out for the maximum calls expected during busiest times the overall bandwidth requirements for voice traffic can be calculated.

Because Data traffic is not as delay sensitive and can tolearate high drop rates the restransmit capabilities of TCP has become important, as a result many applications use by default TCP.

In networks, important business critical applications are ussually easy to identify. Most applications can be identified based on TCP or UDP port numbers (HTTP, HTTPS, FTP, TELNET, SQL, ETC). Some application use dynamic port numbers that, to some extent, make classification more difficult. Cisco IOS software supports network-based application recognition (NBAR), which can be used to recognize dynamic port applications.

VoIP Call Flow

As I mentioned in a previous post (see HSRP Accross Trunk Links) and some other places its best practice to setup voice and data on separate VLANs (I did in my own network). This is done so that QoS can be applied to prioritize the VoIP traffic as it traverses the network. If this is not done then voice and data traffic contend for available traffic without consideration for other devices (one or the other is going to suffer).

A major component of designing a successful IP Telephony network is bandwidth provisioning. The bandwidth requirement is calculated by adding the total required bandwidth for voice, video and data together; the sum should not be more than 75% of the link total.

For a traffic perspective IP Telephony consists of two types of traffic:

  1. Voice Carrier Stream consists of Real-Time Transport Protocol (RTP) packets that contain actual voice samples.
  2. Call Control Signaling that contains packets belonging to one of several protocols used to set up, maintain, tear down, or redirect calls. Depending on the end-point this could be H.323 or Media Gateway Control Protocol (MGCP)

Auxiliary VLANs

Some Cisco Catalyst switches offer a unique feature called “Auxiliary VLAN“. This feature allows one to overlay a voice topology over an existing data network. One can segment phones into a separate logical network, even though the data and voice network are physically the same.

The auxiliary VLAN feature places the phones into their own VLANs without any end-user configuration. Additionally VLAN assignment can be maintained even if the phone is moved.

How this works is that when a phone is plugged into the switch (whichever port), the phone will request a DHCP address, and the phone is placed in a VLAN automatically. With phones in their own VLANs administrators can troubleshoot and identify problems easily. This also makes enforcement of QoS and security policies easier.

QoS

QoS is the application of features and functionality required to actively manage and satisfy the networking requirements of applications that are sensitive to loss, delay and delay variations (jitter). QoS allows preference to be given to critical application flows for the available bandwidth.

Cisco IOS implementations allows for QoS to provid these features:

  • Priority access to resources: QoS allows administrators to control which traffic it allows to access specific network resources such as bandwidth, kit, and WAN links.
  • Efficient management of network resources: If network management and accounting tools indicate that specific traffic is experiencing latency, jitter, and packet loss, then QoS tools can be used to adjust how traffic is handled.
  • Tailored service: The control provided by QoS enables Internet Service Providers to offer carefully tailored grades of service to their customers.
  • Coexistance of mission-citical applications: QoS technologies ensure that mission-critical applications receive priority access to network resources while providing adequate processing for applications that are not delay sensitive.

High Availability

Traditional Telephony networks strive to provide 99.999 (5.25 minutes) of downtime a year. This is less downtime than most data networks. To provide the same experience this means choosing hardware and software with a low mean time between failure (MTBF) or installing redundant links and hardware.

Availability is when a user wants to make a call the network is able to respond to that need. Efforts to ensure availability would include proactive management to predict failure and taking steps to correct problems in design of the network as it grows. When the converged network goes down things downtime can be minutes, hours or days. This is unacceptable in a converged network where downtime means no phone calls. Providing for uninterpretable power supplies (UPS), lighting arrestors and other means to ensure availability at all costs.

High Availability encompases many areas of a network. In a fully redundant network these components need to be duplicated:

  • Servers and call managers,
  • Acces layer devices (layer-2 switches)
  • Distribution layer devices (routers or Layer-3 switches)
  • Core layer devices (layer-3 switches)
  • Interconnections (WAN links, PSTN Gateways, ISP links)
  • Power supplies and UPSs

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

Implementation of a WLAN

Published
by
Deon Botha
on May 20, 2008
in 802.11, Access Point, BCMSN, Certification, Cisco Systems, Concepts and Constructs and Wireless
. 0 Comments

This post brings together the theory into a more practical setting. This post covers the two types of Wireless Local Area Network (WLAN) implementations that Cisco offers namely autonomous WLAN Access Points (AP) and lightweight APs (LAP) with WLAN Controller (WLC).

For ease of my own use and understanding, I am going to use the proper acronums an Autonomous Access Point (AP), a lightweight Access Point (LAP) this is however not to be confused (NB) with Lightweight Access Point Protocol (LWAPP).

So take note of when I talk about hardware and the protocol in my notes. So to round up an AP is a full IOS Access Point able to be used in a stand-alone environment and can be downgraded for use (in most cases) to become an LAP; a LAP is a less extensive IOS feature-set and needs to be used in conjunction with a Wireless LAN Controller (WLC), then finally LWAPP is the protocol.

Autonomous APs

Jumping right in an AP implementation has various components, some of which are considered needed and some of which are considered optional:

  • A Cisco AP that uses Cisco IOS Software. To show this in an example the Cisco product code AIR-AP1131AG-x-K9 is a Aironet (AIR) product, is an autonomous Access Point (AP) of the 1131 product range at least Wireless 802.11 A and G capable (AG) this example product code is non region specific (x) and is an export restricted product range due to cryptology information resident in IOS (K9). If this was region specific the (x) would change to A=FCC, C=China, E=ETSI, I=Israel, J=TELEC (Japan), K=Korea, N=North America (Excluding FCC), P=Japan2, S=Singapore, or T=Taiwan.
  • Network infrastructure like switches and routers. Switches with Power over Ethernet (PoE) can provide power to AP.
  • Wireless Domain Services (WDS) for radio frequency (RF) management and fast, secure roaming. You can run Cisco Structured Wireless Aware Network (SWAN) WDS on Cisco Aironet APs, Cisco Catalyst Switches and Cisco Routers. The following list supports SWAN WDS Aironet 1230 AG, 1240AG, 1200, 1130 AG 1100 Series APs, Catalyst 6500 Series Wireless LAN Services Module (WLSM), Cisco 3800, 3700 Series Integrates Services Routers (ISR) and some models of 2800 and 2600 series ISR that run Cisco IOS version 12.3(11)T or later.
  • CiscoWorks Wireless LAN Solution Engine (WLSE) for Management (optional).
  • Cisco Secure Access Control Server (ACS) for security using RADIUS and TACACS+ protocols.

Lightweight APs

  • A Cisco Lightweight Access Point (LAP) that uses Cisco IOS Software. To show this in an example the Cisco product code AIR-LAP1131AG-x-K9 is a Aironet (AIR) product, is an Lightweight Access Point (LAP) of the 1131 product range at least Wireless 802.11 A and G capable (AG) this example product code is non region specific (x) and is an export restricted product range due to cryptology information resident in IOS (K9). If this was region specific the (x) would change to A=FCC, C=China, E=ETSI, I=Israel, J=TELEC (Japan), K=Korea, N=North America (Excluding FCC), P=Japan2, S=Singapore, or T=Taiwan.
  • Network infrastructure like switches and routers. Switches with Power over Ethernet (PoE) can provide power to AP.
  • Cisco Wireless LAN Controller (WLC) for configuration of the Access Points.
  • Cisco Wireless Control System (WCS) for management (optional).
  • Cisco Wireless Location Appliance for location tracking
  • Cisco Secure Access Control Server (ACS) for security using RADIUS and TACACS+ protocols.

Comparison of WLAN Solutions

The above two bullet lists should show that autonomous and lightweight WLAN solutions have some differences.

The main difference being in Autonomous mode the Cisco IOS feature set is more extensive and as the name denotes autonomy meaning “the right to govern itself” so each AP is configured individually and manage themselves (this can and probably will at some point lead to configuration errors if there are more than a couple of APs). Centralized management is possible through WLSE. Redundancy is achieved at the AP level (do the math if its cheaper to add APs than to add a WLC then this is the option).

In Lightweight mode a Wireless LAN Controller takes the centralized configuration and means the APs are dependant on the WLC (read point of failure) and pushed the configs to the APs. This gives congruence between the APs on the network without much hard work. Centralized management is possible through WCS. Redundancy is achieved at the WLC level (do the math if its cheaper to add a WLC than to just add APs then this is the option).

LAP Solution

LAP architecture splits processing of the 802.11 protocol between two devices; the LAP and the WLC. The processing of the 802.11 data and management protocols and the AP functionality is also divided between the two devices. This approach is called split MAC.

The LAP handles the portions of the protocol that have real-time requirements:

  • Frame Exchange handshake between a end-device and AP when transferring a frame over the air.
  • Transmission of beacon frames.
  • Buffering and transmission of frames for end-devices in power save operation
  • Response to probe request frames from end-devices
  • Forwarding notifications of received probe requests to the controller
  • Providing real-time signal quality information to the controller with every received frame.
  • Monitoring each radio channel for noise, interference, and presence of other WLANs.
  • Monitoring of presence of other LAPs.

The remaining functions are all handled by the WLC because either the function is not time-sensitive or a system wide visibility is required by the function.

  • 802.11 authentication
  • 802.11 association and re-association (mobility)
  • 802.11 frame translation and bridging

The control (management) traffic between the AP and the WLC is encapsulated using LWAPP and encrypted using Advanced Encryption Standard (AES); the data from the LAP and the WLC is also encapsulated using LWAPP but not encrypted. The data is switched once it reaches the WLC where it receives VLAN tagging, quality of service (QoS).

Layer-2 and Layer-3 Mode of LWAPP

Layer-2 LWAPP is in an Ethernet Frame. For layer-2 mode, the WLC and WLAP must be in the same broadcast domain and IP subnet.

Layer-3 LWAPP is in a User Datagram Protocol (UDP)/IP Packet. The WLC and WLAP can be in the same or different broadcast domains and IP Subnets. For layer-3 operation WLAP need IP Addresses. They must obtain these IP Addresses via DHCP.

So to bring this together; think of a network in your mind, if the network is flat/or the WLAP and WLC are located on the same network segment; iow is a switched network then the LAWPs can use either layer-2 or layer-3 mode. If the WLAPs and the WLC find themselves spread across the enterprise (physically) meaning that they would be in different subnets and on different segments (I’m thinking big business) you must use layer-3 mode.

LAP Association

There is a nice explanation on this document. A LAP will search for a WLC first using LWAPP layer-2 mode, then layer-3 mode. The process runs as followings; the LAP requests an IP Address via DHCP, the LAP then sends a LWAPP discovery request to the management IP address of the WLC via a broadcast.

The LWC responds with a discovery response from the management IP Address. This response includes the number of AP associated to the Access Point Manager interface and the Access Point Manager IP address.

The LAP then chooses the Access Point Manager with the least number of associated APs and sends a join request.

All following communication between the LAP and the WLC is done via the Access Point Manager IP Address.

Cisco Aironet WLC

The Cisco Aironet standalone WLCs range (2106, 4402 and 4404) are designed for Small and medium enterprise/business (SMB) to medium to large enterprise.

The 2106 Series allows Small and medium sized enterprise/business (SMB) environments to support up to six LAPs and are fairly cost effective (this is objective). With integrated DHCP services, zero-touch AP configuration, the Cisco 2106 is built for SMB companies that don’t have on-site IT support, like branch offices with distributed offices (i.e. corporate infrastructure and support teams to lean on when things go wrong).

The Cisco 4400 series is built for medium to large enterprise/business.

  • Cisco 4402
    • 2 GigabitEthernet (GE) ports
    • Configurations that support 12, 25, and 50 APs
    • One Expansion Slot
  • Cisco 4404
    • 4 GE ports
    • Support for 100 APs
    • Two Expansion slots

Optional redundant power supplies to ensure maximum availability can be purchased for the 4400 Series.

WLC are also available for the Cisco Catalyst 6500 and Cisco Integrated Sercies Routers (ISR) in the form of Integrated Controllers of Controller Modules.

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

WLAN Infrastructure Topologies

Published
by
Deon Botha
on May 14, 2008
in 802.11, Access Point, BCMSN, Certification, Cisco Systems, Concepts and Constructs and Wireless
. 2 Comments

As talked about in the previous post the difference between a wired LAN and a Wireless Local Area Networks (WLANs) is that the Layer-1 transmission medium of a traditional wired local area network (LAN) (CAT-5 cable) is replaced with Radio Frequency (RF) transmissions.

What follows is the pimping of Cisco Aironet products and where they fit into three main wireless categories:

Wireless in-building LANs for client Access: The Cisco Aironet products can plug into an existing wired infrastructure and function like an overlay to the existing LAN or even replace the wired LAN.

Wireless Building-to-Building bridges: The Cisco Aironet products can provide wireless bridging to connect two or more networks that are physically separated to be connected on one LAN without the time or expense required to get physical lines to be installed.

Wireless mesh networks: Mesh networking is a mixture of the above two categories. Mesh networking provide dynamic, redundant, fault-tolerant links for building and client access.

Service Set Identifier (SSID)

Myth: Hidden (not broadcasting) the SSID makes a wireless network secure.

The SSID is the “name” of a wireless cell, this name is used to logically separate WLANs. The SSID must match exactly between the client and the access point for them to connect. The Access Point (AP) sends the SSID out in beacons.

The beacons are broadcasts that an AP sends to advertise available services, these beacons go out whether SSID is hidden or not (Clients can be configured without a SSID, where they learn the SSID from the beacons of the AP).

The Topology Basic

Wireless

Extended Services Set: Two or more Basic Serve sets (Mobile clients use a single AP to connect) are connected by a common distribution system (backbone) An Extended Service Set includes a common SSID to allow roaming from AP to AP without client config.

The diagram shows the WLAN topology with 2 APs and some devices (Microsoft Icons) that I know to be Wi-Fi capable (from left to right tablet notebook, projector, PDA, smartphone, notebook).

Wireless Cell: The basic area is the RF coverage provided by an AP (Channel 1 or Channel 2 NOT both). This area is also called the “microcell“. To extend/enlarge/make bigger the basic area one simply adds APs (Recently microcell has moved to picocell reducing AP coverage by reducing power and increasing total number of AP deployed).

The basic area of an AP is called the service set, the basic area of the combined APs is called the extended services set (There is a recommended 10 – 15 % overlap between cells for data networks to allow roaming without losing RF connection. There is a 15 – 20% overlap for voice/data/video networks). Bordering cells should be set to different non-overlapping channels for best performance (more on this later).

Access Point: The name is self explanatory reverse the name Point “of” Access. As the name denotes this is the point at which client-devices connect/access the wireless network. The APs connect to then to the Ethernet backbone and facilitate the communication between wired and wireless networks

The AP is the master of a given cell and manages/controls traffic to and from the network (remote devices do not communicate with each other they communicate through the AP).

Picocell: the benefit of a picocell is better coverage, less interference, higher data rates, and fault tolerance through convergence. When an AP goes down, the neighbouring AP expands coverage by increasing power (this increases the RF range) to cover for the lost AP. (Look into WLAN Controllers cause this gets complicated to do manually quickly with say more than 5 APs)

Wireless Repeater

Wireless Repeater

In environments (factory floors, doctors room, large retail, wholesale storehouses) where its just not practical to put down a wired LAN or the application of the network wouldn’t work with a wired system a wireless repeater can be put down.

A wireless repeater is a AP that is not connected to the Wired LAN (Requires 50% overlap of the AP on the Wired LAN side). This setup however has a large throughput impact where throughput is decreased by half due to the receive and retransmit time.

The SSID of the AP (the one on the left) must be configured on the wireless repeater (the one on the right). The wireless repeater uses the same channel as the AP (NB not all implementations support this).

Workgroup Bridge

Wireless Work Group Bridge

Cisco Wireless Workgroup Bridge (WGB) (Reference Cisco Q&A Document) that connects to the Ethernet (RJ-45) port of any end-device (if it has a Ethernet port and is therefore network-able) that doesn’t have a WLAN Network Interface Card (NIC) (either because the end-device doesn’t have the option of a Peripheral Component Interconnect (PCI) slot, Personal Computer Memory Card International Association (PCMCIA) slot or USB slot, or software for WLAN connectivity).

A WGB provides a single MAC address connection into an AP and in turn then onto the Wired LAN backbone (The WGB cannot work in peer-to-peer mode). Another option is to connect a remote workgroups wired LAN. To implement a remote workgroup installation (i.e. multiple MAC addresses) the WGB is connected to a hub/switch switch with a Ethernet patch cable (for single MAC Address use a crossover cable) (NB not all implementations support this).

Ad-hoc mode

Wireless Ad Hoc Mode

Ad-Hoc Mode: This is called Independant Basic Service Set (IBSS). Mobile clients connect directly without an AP.

Peer-to-Peer (P2P) a.k.a Ad-hoc mode networking is the opposite of a Server-Client model (duh). This can be in a wired or wireless environment and is where a group of end-devices come together and form an ad-hoc/P2P network with each other to share files, pictures, music, movies and applications (The ease and current application (Kazaa and Torrents) of this type of network is the main reason the RIAA hates ad-hoc/P2P networks).

In a WLAN the coverage is very limited; where all users must be in wireless reception distance of each other. There are a couple of problems with P2P “office” networks one being that security is almost non-existent, other problems being that there is no central location for any files, applications, or printing.

In most P2P environments I have found that the receptionist is given the “server-role” Pc which creates other larger problems. The person at the front desk in a company is the receptionist, in case of a theft the first computer out the door is the server. In most cases the most “spam” is received by a receptionist (classing teddy-bears, hearts and hugs, chain-mail, friend-mail, etc. as spam) being on numerous forwarding lists increases the risk of virus, trojan, worm infection. If the company allows internet access to employees its only a matter of time before the “server” begins doing its own thing.

In a WLAN it is not a good idea (iow just don’t do it) to connect a Server, or a Server-Role computer using Wireless

Roaming

Wireless Roaming

The roaming “feature” on wireless allows a mobile user to move from one cell to another without a drop in signal or need to manually change network settings. Roaming is enabled by complete coverage with wireless cells.

  1. Seamless roaming allows for users to move around from one cell to another.
  2. Power management lengthens the battery life of portable devices (i.e. they don’t have to search for wireless networks all the time)
  3. Dynamic Load Balancing distributes users among access points to increase throughput for each user.
  4. AP with overlapping coverage cells and redundant switches provide fault tolerant WLAN networks.

A user experiences “roaming” when one of the following conditions is met:

  1. The maximum data retry count is exceeded.
  2. The client has missed too many beacons from the access point.
  3. The client has reduced the data rate.
  4. The client intends to search for a new AP at periodic intervals.

Roaming without service interruption requires identical SSIDs, VLANs and IP subnets on all APs. The client initiates the roaming when he/she searches for another AP with the same SSID and then sends a re-authentication request (for voice and video short roaming times are important).

Layer-2 and Layer-3 Roaming

Wireless Layer-2 and Layer-3 Roaming

Roaming from one AP to another AP on the same subnet (Cell 1 to Cell 2) would be considered Layer-2 roaming (data link layer). Roaming between APs that reside on different subnets (Cell 1 to Cell3) would be considered Layer-3 roaming (network layer).

Layer-2 roaming is managed by the AP, using mulicast packets that inform switches that a devices has moved. The protocol between the APs is called Inter-Access Point Protocol (IAPP).

Layer-3 roaming is managed by either Mobile IP or Lightweight Access Point Protocol (LWAPP) with a WLAN controller.

Mobile IP: allows fixed IP addresses in an IP Subnet of a network. It relies on devices like routers (home agents and foreign agents), to runel traffic for a mobile device. This was used in Legacy WLANs.

Wireless VLAN Support

Switches use VLANs to separate traffic. WLAN APs can in turn extend the VLANs by mapping VLANs to SSIDs. The VLANs then share the same wireless cell and channel end result being virtualization of the AP.

Through the use of trunking (ISL or 802.1q) the VLANs can be mapped to APs from a/the switch allowing roaming throughout the enterprise. A Cisco Aironet AP can be configured with 8 – 16 VLANs for system design flexibility. (Some client NICs require SSID broadcast, the AP can be configured for SSID broadcast per VLAN).

Wireless Enterprise (read business) Voice Architecture

Wired LAN Voice (IP Phone) networks can be extended using the 802.11e standard that specifies QoS upstream and downstram for WLAN networks. This is very important because of the delay sensitive nature of voice.

Wireless Mes Networks

A Mesh network infrastructure is decentralized and inexpensive because each node needs to transmit only as far as the next node (WirelessAfrica). The nodes act as repeaters to transmit data from nearby nodes to peers that are too far away to reach. The result is a network that can span a large area (cost effectively if each node is owned by individuals).

Mesh Networks are reliable because each node connects to several other nodes. Wireless Mesh networks differ from conventional infrastructure wireless networks in that only a subset of nodes need to be directly connected to the wired network. Extra capacity can be added by installing more nodes. Through the use of Cisco Adaptive Wireless Path Protocol (AWP(P)) each device can find a way back to wired APs and thus by extension the network. Paths (of which there are multiple) through the network can change in response traffic load, radio conditions, or traffic prioritization. The network can cover more distance by using wireless to wireless connectivity. Unlicensed bandwidth (cheap) and wireless routing allow microcells to interconnect over wireless backhaul links.

AWP Protocol

AWP allows APs to communicate with each other to determine the best path back to the wired network. After optimal path selection is estalbished, AWP continues to run as a background service to establish alternate paths to the wired network or if topology changes or other conditions causes the link streghth to diminish. (AWP runs on each AP)

AWP is a wireless protocol by design and takes into consideration wireless radio factors like interference to make a mesh network self-configuring and self-healing. Because wireless is dynamic, addition to the network causes AWP to reconfigure paths back to the wired network automatically. AWP also uses stickiness to mitigate route flaps (disconnection/temporary disruption doesnt cause mesh change).

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

Multiple Spanning Tree Protocol

Published
by
Deon Botha
on April 18, 2008
in BCMSN, Certification, Cisco Systems, Concepts and Constructs and MSTP
. 2 Comments

I noticed a hole in my notes that I was getting confuzzled with. Here are the standards that link to the protocols

  • STP IEEE 802.1D
  • MSTP IEEE 802.1S (MERGED LATER INTO IEEE 802.1Q-2003)
  • RSTP IEEE 802.1W (NOW IEEE  802.1D-2004)
  • PVST and PVST+ are both Cisco Proprietary and don’t have IEEE standards

There is one basic problem with Per-VLAN Spanning Tree (PVST) and that is when there are many VLANs present the processing required will create considerable load. Also keep in mind (N.B.) that PVST is only supported on ISL and not 802.1Q (this has problems of its own with ISL not supported on all Catalyst switch platforms)

</p>The alternative to this is Multiple Spanning Tree Protocol (MSTP) that creates a single instance of spanning tree (Common Spanning Tree or CST) to run on multiple VLANs. The objective is to reduce the number of instances to match the physical topology thereby reducing CPU load. The instances of spanning tree are reduced to the number of active links available.

Implemented on a large network any given switch would run 4094 instances of spanning tree, each with its own BPDU conversations, root bridge election and path selections. With MSTP one path runs some VLANs and another path runs the other VLANs then there are only 2 instances of spanning tree.

Using this method MSTP converges even faster than PVST+ and is backward compatible with 802.1D STP, 802.1w Rapid Spanning Tree Protocol (RSTP), and the Cisco Proprietary PVST+ architecture. This implementation is not a requirement of ECNM as the number of active VLAN instances in the model is small and very stable due to design.

MSTP allows one to build multiple spanning trees over trunks and grouping them by VLAN. Each instance can be topology independant of other instances. MSTP provides multiple forwarding paths (instances) for data traffic and enables load balancing.

A set of bridges are configured with the same MSTP configuration, which allows them to participate in a specific set of spanning tree instances. Interconnected bridges that have the same MSTP configuration are referred to as a Multiple Spanning Tree (MST) region. Bridges with a different config or legacy bridges (802.1d) are considered a different region.

Network Fault Tolerance is improved over Common Spanning Tree (CST) because failure in one instance (forwarding path) does not affect another instance. This VLAN-to-MSTP must be consistent across bridges within a MST region.

In PVST+ environments, the spanning tree parameters are tuned so that half the VLANs are forwarding on each up-link trunk. With this configuration the following is true:

  1. Load balancing is achieved
  2. One spanning tree for each VLAN is maintained

MST Regions:

MSTP differs from other spanning tree implementations in that it combines some (if not all) VLANs into a logical spanning tree. This brings with it that the BPDU must be tagged with the VLAN information to be able to say which VLAN goes where.

To provide for this each switch running in a MSTP region passes the following information:

  1. An Alphanumeric name (32 bytes)
  2. A configuration revision number (2 bytes)
  3. A 4096-element table that associates the potential VLANs with the given instance.

As said to part of a given MSTP (MST) region the passed information must share the same configuration.

BID

As with PVST the Extended System ID is used in MSTP where the instance number is carried in the Extended ID field. In 802.1D STP each bridge must have a unique identifier. In PVST each VLAN needs a unique identifier. Before only 1023 VLANs were supported now all 4000 VLANs are supported by MAC address reduction.

MST Interactions with 802.1Q

An issue arises with MSTP design with the interoperability with the CST implementation in IEEE 802.1D. According to IEEE 802.1s a MSTP switch must be able to handle at least one Internal Spanning Tree (IST). The MST region consists of one IST and an arbitrary (one or many) number of MSTP instances.

The MSTP instances are simply RSTP instances that only operate within a region (MST). The IST (instance 0) runs on all bridges within a MST. It provides interaction at the boundary with other MST regions and compatibility with 802.1D (CST) and PVST+ networks connected to that given region.

IST receives and sends BPDUs to the CST for compatibility with 802.1D STP. IST is capable of representing the MST as a CST virtual bridge to switches networks outside the MST region. Think of the MST not of many independant switches but one “virtual bridge unit”.

  • The MST region appears as a single virtual bridge to adjacent CST and MST regions. The MST region uses RSTP port roles and operation.
  • MSTP switches run IST, augmenting CST information and internal information about the MST region.
  • IST connects all the MSTP switches in the region and any CST switched domains.
  • MSTP establishes and maintains additional spanning trees within each MST region. These spanning trees are termed MSTP instances. The IST is numbered 0, and the MSTP instances are numbered 1,2,3 up to 15. Any MSTP instance is local to the MST and is independent of other MST regions.
  • M-Record is a sub-field, within the BPDU of MSTP instances that enables corresponding instances to calculate a final topology.
  • MSTP instances combine at the MST regions to become the CST: M-Records are encapsulated within MSTP BPDUs. The original spanning trees (M-trees) are active only within the MST. M-trees merge with the IST at the MST Region to form the CST.
  • MSTP supports some of the PVST extensions: PortFast is supported, BPDU filter and BPDU Guard supported in MSTP mode, Loop guard and root guard supported in MSTP mode, and private VLANs (PVLANs), you must map a secondary VLAN to the same instance as the primary.

Configuration of MSTP

Entering the MSTP configuration Mode:
switch(config)#spanning-tree mst configuration
Displaying the current MSTP configuration on the Switch:
switch(config-mst)#show current
Setting the MST region name:
switch(config-mst)#name region_1
Set the MSTP configuration revision number:
switch(config-mst)#revision 1

Take note of the revision number, treat this number like a software version number in programming start from 1 and work upwards (1,2,3,4 etc). Keep in mind that you have to change it manually (this isn’t VTP) on all MST switches it doesn’t update automatically

Map the MSTP instance to VLANs:
instance 1 vlan 1-50 OR 1
Show the configuration that hasn’t been applied yet:
switch(config-mst)#show pending
Assign the current switch you are on as the primary or secondary Root:
switch(config-mst)#spanning-tree mst 1 root primary secondary
Apply the configuration and exit MSTP configuration mode:
switch(config-mst)#end
Enable MAC Address reduction (a.k.a Extended System ID):
switch(config)#spanning-tree extend system-id
If a neighbouring switch is using a pre-standard version of 802.1s:
switch(config-if)#spanning-tree mst pre-standard
Display general spanning-tree information for MSTP:
switch#show spanning-tree mst
Displaying the spanning-tree configuration:
switch#show spanning-tree mst configuration
Displaying the spanning-tree configuration for a specific instance:
switch#show spanning-tree mst 1
Displaying the spanning-tree configuration for a specific interface:
switch#show spanning-tree mst interface fastethernet 1/1
Displaying the spanning-tree configuration for a specific instance on a specific interface:
switch#show spanning-tree mst 1 interface fastethernet 1/1
Finally for DETAILED information on a specific instance:
switch#show spanning-tree mst 1 detail
In a situation when a legacy switch is placed then removed and it doesn’t revert back to PVRST+ or MSTP mode:
switch#clear spanning-tree detected-protocols

References:

MST based on IEEE 802.1s

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

Encterprise Composite Network Model

Published
by
Deon Botha
on April 5, 2008
in BCMSN, CCDA, Certification, Cisco Systems, Concepts and Constructs, ECNM and Enterprise Architecture
. 4 Comments

Compared to the previous network models (layer-1 design, layer-2 design, layer-3 design, MLS design) this model introduces modularity and a hierarchical structure over a non-hierarchical structure and divisions for physical, logical and functional areas within the network for different devices and components (servers, wan, wlan, lan, clients) to ease design, implementation and troubleshooting.

This model divides network functional areas into:

  1. Enterprise Campus contains all the functional areas to build a hierarchical, robust network that offers performance, scalability and availability.
  2. Enterprise Edge contains all the functional areas aggregate connectivity externally.
  3. Service Provider Edge contains all the resources external to the enterprise campus which in turn connect to the Enterprise edge modules.

This model divides network physical areas into:

  1. Building Access is used to grant end-users access to network devices and in turn resources.
  2. Building Distribution is used to aggregate (bring together) wiring closets.
  3. Building Core layers (Campus backbone sub-module) is a high-speed backbone used to switch packets as fast as possible.

The model includes the following sub-modules:

  1. Building Access sub-module containing end-user workstations, IP phones, printers, cameras and Layer-2 switches that connect to the Building Distribution module.
  2. Building Distribution sub-module (Building Distribution Layer) containing aggregation of building access devices (layer-3 switching). Traffic flows through this sub-module onto the campus backbone or core. Maintains two equal cost paths in routing table for every layer-3 network.
  3. Campus Backbone sub-module (Campus Core) provides redundant and fast-converging connectivity between between building buildings, server farm, and Edge Distribution.

Enterprise Composite Network Model

*Enterprise Composite Network Model Diagram

This model meets the following criteria:

  • The Enterprise Composite Network Model is a deterministic network (predictable) as opposed to a probabilistic network (likeliness) with clearly defined borders and demarcation points so you know where traffic is located and going.
  • It increases network scalability and integrity allowing the addition of functionality without wholesale replacement.

Resources:

Post by Eric on the blog CCNP Recertification on the same subject dated March 16th 2004 old but still relevant and mentions desings, models and architectures like AVVID and SAFE. Worth a read he summarises it nicely. Take note the links to the pages dont all work.

A Post by Aragoen Celtdra from Baby, You can Route my world deals with these topics. This is an overlap from the BCMSN and BSCI. Worth a look on revision.

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

*Enterprise Composite Network Model Diagram: Graphic linked from the Cisco Website, Copyright Cisco Systems, Inc. If Cisco changes, moves or deletes the image it will no longer display on this bog.

Cisco Enterprise Wide Network Models

Published
by
Deon Botha
on April 3, 2008
in BCMSN, Certification, Cisco Systems and Enterprise Architecture
. 2 Comments

The Enterprise-Wide Architecture is the more specific enterprise level solution design model for the SONA Framework which gears and prepares the enterprise for Cisco IIN Vision.

The materials I have found on this reads like marketing and advertising sales copy and my version I am afraid might not come off much better.

The model focuses on the sites or locations of the enterprise namely campus (i.e. HQ, main building/buildings), data centre (i.e. could also be located at HQ unless farmed out or if you think of Google with their non-descript concrete buildings around the world that house their server), branch (1 or many locations), teleworker (road warrior or home office worker), and WAN/WAN with specific solutions and benefits for each location on implementing the design model.

Also have a look at the ECNM that has a look at a more recent model on this topic; look specifically at the sub-modules or modules and find these locations mentioned there.

Definitions

You will see the term Campus used often, this term I encountered in my CCNA studies and it is carried through further into later studies. A Campus is one or more buildings connected using a LAN infrastructure within the same geographic area.

You will also remember LAN being defined from CCNA studies and this applies to the Campus definition, a LAN is a network of connected devices within a limited geographic area.

This would build onto the Campus definition in a meaningful way. So to join the two terms a Campus as used in these posts wont span the globe (corporation sized wan environment) but be a localized collection of enterprise buildings, that could tie into the corporate wan, or not, but share a limited geographic area.

Think in South African terms the Didata Campus or maybe something like the Innovation Hub. Both Examples have multiple buildings located in close proximity of each other and have connectivity between each building. In international terms Microsoft Redmond Complex and the Googleplex come to mind as prime examples.

I am not saying that these companies use Cisco kit or employ this enterprise wide architecture (DD might being a Cisco Gold Partner but would probably use the ECNM), I am using their campuses as examples to illustrate the definition.

Overview

Cisco provides the enterprise-wide architecture which supports integration of the entire enterprise network (campus, data centre, WAN, branches, and teleworkers). This helps enterprises protect data and information securely and grow infrastructure and offerings by allowing employees, partners, suppliers, and customers secure, any time and anywhere access to tools, resources and services when needed as they need it.

Campus

Cisco Enterprise Campus Architecture empowers employees with advanced services (end-to-end) by combining core infrastructure (intelligent routing and switching) with tightly integrated productivity-enhancing technologies (IP Communications, Mobility, advanced services). This strategy allows enterprise to increase revenue, productivity, and customer satisfaction.

The design provides for high availability (resilient multilayer design), optimized bandwidth consumption (multicast), and quality of service (QoS) (multicast) while still addressing security challenges like worms, viruses, and other attacks on the network, even at the port level. This is done by a multilayered approach to design and implementation.

The architectural model is standards based thereby extending support on the network for additions like 802.1x and Extensible Authentication Protocol (EAP), IP Security (IPSec), Multi protocol Label Switching Virtual Private Networks (MPLS VPN), identity management, and Virtual Local Area Networks (VLANs).

Data Centre

The Cisco Enterprise Data Centre Architecture supports the need for operational efficiency, optimization of utilization while enabling innovative service-orientated architectures, virtualization, and on-demand computing that is found within enterprise. This architecture model allows the data centre to scale without large or wholesale infrastructural change.

Branch

The Cisco enterprise Branch Architecture grants enterprise/corporate headquarters (HQ) the ability to extend applications and services (security, IP Communication, ERP, etc) to numerous (1 or 100s) of remote locations. The Cisco Empowered Branch solutions set makes use of the Integrated Services Routers (ISR) product range that includes single device integrated security, network analysis, caching, switching, converged voice and video.*

*With every benefit comes setbacks and in this case combining multiple solutions into a single chassis either fixed or modular comes single point of failure.

Teleworker

The Cisco enterprise Teleworker Architecture allows enterprise to deliver secure any time access to remote small or home office employees over standard broadband access services (ADSL, Wireless DSL, and at a stretch HSDPA & EDGE cellular technologies). This provides business with real time constant uptime allowing access to information when needed by employees ( i.e. resiliency) while allowing for a flexible work environment. Through the use of the integrated security within the ISR platform (800 Series) corporate (i.e. campus) security policies are extended to the network edge while enabling converged network services and applications (i.e. IP Telephony*, ERP solutions, etc) reach into employees homes and small offices.

*Check latency and lag issues of Wireless solutions before trying voice on them. Classic case of try before you buy, and try for a while before mind you if it works today doesn’t mean it will work at the end and beginning of the month.

WAN and MAN

The Cisco WAN and MAN Architecture allows for the convergence of voice, video and data service over a single IP network.

Resources:

Enterprise Architecture

Have a look at Aragoen Celtdra website on this topic (its for the BSCI but still applies).

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

Intelligent Integrated Network and Service-Orientated Network Architecture

Published
by
Deon Botha
on April 2, 2008
in BCMSN, Certification, Cisco Systems, IIN and SONA
. 1 Comment

This post deals with two concepts that fit into one another or are parts of one another as the Cisco Service-Orientated Network Architecture (SONA) framework outlines the “how-to” for enterprises to evolve their Information Technology (IT) infrastructures into Intelligent Integrated Networks (IIN). The follow on to this post is the enterprise-wide architecture that explains the model a bit clearer.

Overview

The Cisco IIN Vision is one of network integration, intelligence and participation; while SONA is the three layered approach to achieving IIN namely the network services, interactive services and application layers respectively.

IIN Explained

Converged Networking requires a more integrated IT infrastructure (servers, data storage, workstations, etc) and networking infrastructure (switches, routers, etc). This is because of the needs and requirements of IP Protocol based applications that use voice, video and data network information in one interface (MS Dynamcs Applications could be an example iow CRM).

A standards based modular converged network provides for evolutionary (change over time) functionality addition (NAC, Security, voice, video) and IP-based applications (CRM, ERP, Web Applications, Software on Demand) capability. This by extension allows increased productivity by giving more information at once to employees, Information on demand when needed where needed, and reducing cost (long run allowing company to lower OPEX costs of IT; probably bring down IT IS costs and lowering of CAPEX expenditure year-on-year just for maintaining and upgrading) by allowing incremental changes to infrastructure (compared to wholesale replacements). I can go into skill sets, training expenses on new kit, learning curves, downtimes on installations etc.

By leveraging and applying built in component intelligence (ISR, Self Defending Network, etc) within the network components and extending those benefits end-to-end (from the core to the edge) intelligence and paid for features are spread accross the entire network.

With the participation of the network in service delivery; the added intelligence in network components mean active management, monitoring, and optimization by the network in service and application delivery end-to-end. The results is IT resources being pooled and shared or virtualized to changes in the network with the abliity to adapt to business needs and requirements. Through the use of Application-Orientated Networking (AON) the network can optimize performance and efficient delivery of networked application to end-user.

SONA

SONA

CISCO SONA FRAMEWORK LAYERS*

The path or “how-to” for IIN is SONA which explains how integrated systems can both allow for a dynamic, flexible architecture, and provide for operational efficiencies through standardization and virtualization.

This is very broad stroke overview and not in detail; for a more detailed explanation as to the how this all works see the ECNM or Enterprise Wide Architecture.

The Network Infrastructure Layer is where all IT resources (servers, storage, and clients) are interconnected (campus, branch, data centre, WAN, MAN, teleworker) across the converged network foundation. The objective of this layer is to enable anywhere and anytime connectivity.

The Interactive Services Layer enables efficient allocation of resources to applications and business processes that work together to create functionality that can be used by multiple applications and is delivered through the network infrastructure.

The Application layer includes applications (commercial off-the-shelf and homegrown software) and collaboration applications. This layer can also use network services such as presence and location to build innovative solutions that enhance user experience. The objective is to meet business requirements and achieve efficiencies by leveraging the interactive services layer.

Resources:

Cisco SONA Fact Sheet

Cisco SONA Website

Aragoen Celtdra over at Baby, You can Route my World! has a nice explanation on this for the BSCI course

Notes and Notices:

This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.

*CISCO SONA FRAMEWORK LAYERS: Graphic taken from SONA Fact Sheet on the Cisco Website, Copyright Cisco Systems, Inc

Search

About

You are currently browsing the Network Ninja weblog archives for 'architecture' tag.

Latest

RSS
  • Digital Growth with your Job
  • Open Shortest Path First – OSPF Fundamentals – Scenario
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 13
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 12
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 11
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 10
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 9
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 8
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 7
  • Open Shortest Path First – OSPF Fundamentals – Questions and Answers – Question 6

Archives

  • June 2009
  • April 2009
  • March 2009
  • February 2009
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008

Categories

  • 802.11 (7)
  • 802.1Q (1)
  • 802.1X (1)
  • AAA (1)
  • Access Point (7)
  • ACL (4)
  • Addressing (3)
  • Asides (31)
  • auto-summary (3)
  • AutoQoS (1)
  • Bandwidth (2)
  • BCMSN (55)
  • BDR (2)
  • BGP (1)
  • BPDU Filtering (1)
  • BPDU Guard (2)
  • BPDU Root Guard (1)
  • BSCI (67)
  • BSCI Notes (18)
  • BSCI Questions (48)
  • Business (1)
  • Cabling and Equiptment (3)
  • CAM (1)
  • CCDA (1)
  • CDP (1)
  • CEF (1)
  • Certification (123)
  • CIDR (2)
  • CIR (2)
  • Cisco Systems (144)
  • Concepts and Constructs (76)
  • CoS (1)
  • Cost (3)
  • DAI (1)
  • DDNS (1)
  • Debug (2)
  • DHCP Snooping (1)
  • DHCP Spoofing (1)
  • DR (3)
  • DUAL (1)
  • Dynamic ARP Inspection (1)
  • ECNM (5)
  • EIGRP (5)
  • Enterprise Architecture (7)
  • EtherChannel (1)
  • GLBP (1)
  • Hello Timer (2)
  • Hold Timer (2)
  • Hot Standby Router Protocol (1)
  • HSRP (1)
  • IGRP (1)
  • IIN (2)
  • Inter-Vlan Routing (1)
  • Interconnection Technologies (2)
  • IP Source Guard (1)
  • IS-IS (1)
  • ISL (1)
  • LACP (1)
  • Link State Advertisements (2)
  • Load Balancing (2)
  • Loop Guard (1)
  • MAC Address Flooding (1)
  • MLS (1)
  • MSTP (1)
  • NBAR (1)
  • NBMA (1)
  • Off-Topic (12)
  • OSPF (18)
  • PAgP (1)
  • passive-interface (1)
  • PoE (1)
  • Port Security (1)
  • Priority (2)
  • Proxy ARP (1)
  • PVC (1)
  • QoS (2)
  • RIP (1)
  • RIPv2 (1)
  • Root Guard (1)
  • RSTP (1)
  • Show (6)
  • Software (1)
  • SONA (2)
  • SSH (2)
  • STP (5)
  • Stub Router (3)
  • summary-address (1)
  • Support (4)
  • Switch Spoofing (1)
  • TCAM (1)
  • Telnet (2)
  • Troubleshooting (1)
  • Trunk (6)
  • Unidirectional Link Detection (1)
  • VACL (3)
  • VC (1)
  • Vine (20)
  • VLAN (11)
  • VLAN Hopping (1)
  • VLSM (1)
  • VoIP (1)
  • VRRP (1)
  • VTP (4)
  • VTY (1)
  • Wireless (7)

Styled with Sawchuk

Powered by WordPressabc and K21.0-RC7

Entries Feed and Comments Feed

54 queries. 2.1010 seconds.