| ihopeipass 2003-11-07, 10:03 am |
| I found this extremely helpful in passing the CCDA. Be sure you know the difference between Goals/Constraints and SAFE. If you have a decent understanding of the concepts and know the following, you will pass.
Cisco Layered Heirarchial Model:
Core - High-Speed transport between sites, Fault tolerance, Manageability
Distribution Layer - Routing, VLANs, filtering, secuity, summarization, QoS
Access - workgroup/user access to network, uplinks to hubs, WAN interface
Documenting and existing Network:
Network Documentation - Network Topology, Addressing, and List of Concerns
Logical Assessment - Gather info regarding currently used protocols
Router Documentation - Model, Interface configurations, Error statistics, Software versions
Most accurate documentation can be done through traffic analysis and device configurations
CDP and NetFlow can be used
First-hand sources are customer and network performance statistics
Network Design:
- First priority is customer's business goals
- Most important business goals are customer support and projected growth
- Regarding security, most important factor is user policy
Design Document:
- Design specs, Impl. plan, and Proof of concept
- Should include Requirements, Cost, Exec Summary, Appendixes
Security:
Data Confidentiality - Implemented with Encryption. Verify by looking for
cyphertext in captured packets
Data Integrity - Implemented with Digital Signatures and Two-Factor
Authentication
Ending/Slowing DoS Attacks:
1. Ensure patches have been applied and unused services disabled
2. Perform rate-limiting at firewall (not on servers)
3. Move affected servers to DMZ
Routers:
- Separate network into smaller subnets, control broadcasts
- Operate and layers 1, 2, and 3 of OSI model
Static Routes:
Ideal for:
- Small networks
- Dial on Demand (DDR) interfaces
- Hub and Spoke topology
- When interfaces are unreliable and prone to flapping
Benefits:
- Controlled by Network Administrator (better security)
- Uses less router resources (memory & cpu)
Drawbacks:
- Controlled by Network Administrator (human error factor)
- Doesn't scale up to larger, multi-path, or constantly changing networks
Dynamic Routing Protocols:
Link-State (fast convergence) - OSPF, EIGRP, IS-IS
Distance Vector (slow convergence) - RIP, RIPv2, IGRP, BGP
Classless protocols (support VLSM) - RIPv2, EIGRP, OSPF, IS-IS
Classful protocols (don't support VLSM) - RIP, IGRP
BGP - Does not require heirarchial design
IGRP - Uses bandwidth & reliability for metric
Multilayer / Layer 3 Switching:
- Better Performance
- Better Availability (less downtime)
- Better Throughput
Prototype Network:
- Developed and Tested in a lab for added flexibility
- Designed to simulate live network and has most accurate results
- Can be incorporated into live network gradually, but not during peak hours
Pilot Network:
- For small networks, or when only basic functionality must be demonstrated
- Scaled-down version of final design (quick to do and less costly)
- Limited flexibility and accuracy
Implementation Plan:
- Include backout plan for each step
- Designer need not be present
- Each step should include:
1. Description of objective
2. Detailed guidelines
3. Reference to Design Document
Ways to Improve performance and reliability for mission-critial applications:
QoS - Quality of Service
CoS - Class of Service
SAFE Architecture:
Building Module - Users who have access to the corp network, includes Telephony
Management Module - Management of devices and hosts through logging and reporting
Server Module - Provide application services to users and devices
ECM - Enterprise Composite Model
Enterprise Campus: Building, Building Dist, Core, Management, Server, Edge Dist
Enterprise Edge: E-Commerce, Corp Internet, VPN & Remote Access, WAN
Service Provider Edge: ISPs, PSTN, Frame Relay/ATM
IPv6:
Unicast, Multicast, and Anycast addresses (no Broadcast!)
Summarization: Built-in due to heirarchial structure of TLAs, NLAs, and SLAs
No private address space or renumbering recquired
Transistioning - Use Dual-stack on routers and machines
Running over IPv4 - Use Encapsulation (aka tunneling) or Translation
IPv6 headers - Header length is always the same, checksums removed for speed
IS-IS - Supported
OSPF - New protocol called OSPFv
BGP - New protocol MP-BGP4
DNS - Needs server that supports both, and setup duplicate entries
Subnetting - Done by SLAs
VoIP
Dejitter Buffers - Smooth voice traffic on variable-delay connection
Companding - Compressing & Expanding
Codecs Choice - Affects Speech Quality and non-speech packets
"Grade of Service" (GoS) - Probability that calls will be blocked when seizing
circuits
"Tie line" - used between PBXs
PBX Trunk Capacity - depends on busy hour traffic and blocking probability (GoS)
If remote PBX sends busy-back, must increase trunk capacity on remote end
SNMP (Simple Network Management Protocls)
NMS - Network Management Station - Receives traps
Agent - Run on device. Reports to NMS by issuing traps
Trap - When Agent reports event to NMS
V1 - Consists of Get, GetNext, Set, and Traps. Use of Community strings
V2 - Added Vendor Specific MIBs, update of protocol operations and data types
V3 - Expanded support through security module (authentication, encryption)
CDP:
Uses SNAP frames, runs at data link layer, media independent
60 sec message interval, 180 sec default hold time
View directly attached devices (neighbors only)
Shows IOS version, Network addresses, and enabled protocols
NetFlow - Metering for traffic accounting and billing
MRTG - Creates graphs of interface traffic
Cisco View - Physical view of equipment from remote location
FastStep - Configure devices through graphical wizard
SLM - Monitors 3rd party devices to see if SLA is met and where problem is.
SLA Issues
- Which vendors are responsible for the equipment? (Vendor Responsibility)
- Who is responsible for the network management? (Training and Awareness)
- Who owns the network equipment? (Office Politics)
Business Goals:
- Modernize outdated technologies
- Improve security
- Increase productivity / improve corporate communication
- Reduce costs and increase revenue
- Move to global business model
- Improve customer support / satisfaction
Business Constraints:
- Budget
- Timeframe / testing schedule
- Hiring & Elimination of personnel; training costs
- Company policies (security policy, Open vs. Proprietary philosophies, etc)
- Office politics / departmental control
Technical Goals:
- Improve performance and reduce/eliminate bottlenecks
- Centralize servers and resources
- Add new sites
Technical Constraints:
- Availability Requirements
- Network Topology selection
- WAN and LAN type selections
Measuring Network Performance:
- Response time
- Utilization - how much bandwidth in use during a speciic interval
- Effeciency
- Capacity
ISO Network Management Model Areas:
F Fault Management - Detect, log, and notify for network problems
C Configuration Management - Making and logging changes; remote access (Telnet & SSH)
A Accounting Management - Usage tracking for regulation and billing purposes
P Performance Mangagement - Measuring Utilization
S Security Management - Passwords, Filtering, and Physical Security (not encryption) |