Presentation is loading. Please wait.

Presentation is loading. Please wait.

Designing Network Topology Week 4. Network Topology Cisco has developed several models to help network designers conceptualize Some of the models we will.

Published byCandice Booker Modified over 8 years ago

Similar presentations

Presentation on theme: "Designing Network Topology Week 4. Network Topology Cisco has developed several models to help network designers conceptualize Some of the models we will."— Presentation transcript:

1 Designing Network Topology Week 4

2 Network Topology Cisco has developed several models to help network designers conceptualize Some of the models we will load at are : Hierarchical Enterprise Campus Three Part Firewall Redundancy in Design

3 Overview of the Hierarchical Model Hierarchical model lets you design the internetwork in layers (modular) Why? Simplifies tasks required for two systems to communicate (like the OSI model) Focuses functionality to unique layers Assigns bandwidth appropriately to each layer Network management issues such as training and staff costs are controlled Allows for distributed modular network management

4 Overview of the Hierarchical Model Benefits Cost savings Many organizations report that this model saves them money because they are not always doing all routing/switching on one platform Appropriate bandwidth per module means no wasted capacity

5 Overview of the Hierarchical Model Ease of Understanding Simpler and small design units facilitates understanding An easier system will reduce training and staff costs Different layers of the models can be assigned differing management responsibilities and management systems thus driving down management overheads

6 Overview of the Hierarchical Model Easy Network Growth Growth is facilitated through modules As a network grows specific modules can be replicated to handle the growth The cost and complexity of a making the growth is contained to only the new subset module Compare this to a fully meshed network or flat network were everyone is a peer dropping something in the middle necessitates a change for everything else.

7 Overview of the Hierarchical Model Improved fault Isolation By having limited isolation points between modules a network manager can target and isolate failure points faster and easier. Today’s fast converging protocols are designed for hierarchical topologies such as EIGRP

8 Hierarchical Network Design Layers Core High Speed Switching Distribution Layer Policy Based Connectivity Access Layer Local and Remote Workgroup Access

9 Core Layer Function The core layer is a high-speed switching backbone and should be designed to switch packets as fast as possible. This layer of the network should not perform any packet manipulation, such as access lists and filtering, that would slow down the switching of packets.

10 Core Layer Should Fast transport High reliability Redundancy Fault tolerance Quick adaptation Low latency and good manageability Avoidance of slow packet manipulation Limited And consistent diameter

11 Distribution Layer The distribution layer of the network is the demarcation point between the access and core layers and helps to define and differentiate the core. The purpose of this layer is to provide boundary definition and is the place at which packet manipulation can take place.

12 Distribution Layer Should Implement the following functions Policy and security Address and area aggregation Departmental or workgroup access Broadcast/multicast domain definition Routing between virtual LANs Media Translations Redistribution between routing domains Demarcation between static and dynamic routing protocols

13 Distribution Layer Using Cisco IOS software you can implement policy Filter source or destination addresses Filter input and output ports Hide internal network numbers by route filtering Static routing Quality of Service mechanisms (can every device on the path handle the information being distributed)

14 Access Layer The access layer is the point at which local end users are allowed into the network. This layer may also use access lists or filters to further optimize the needs of a particular set of users.

15 Access Layer Should Provide users on local segments access to the network Be characterized by switched or shared bandwidth LANs Some characteristics of the excess latter include: High-availability Port security ARP inspection Virtual access lists Trust classification

16 Switched Hierarchical Designs

17 Routed Hierarchical Designs

18 Enterprise Composite Model The enterprise composite model facilitates the design of larger and more scalable networks. The network is divided into functional components containing network modules The three major functional components are: Enterprise campus Enterprise edge Service provider edge

19 Enterprise Composite Model

20 Enterprise Campus Modules The modules are: Enterprise infrastructure Edge distribution Server farms Network management

21 Enterprise Edge Modules E-commerce networks Internet connections VPN and remote access Classic WAN

22 Hot Standby Router Protocol (HSRP)

23 Hot Standby Router Protocol (HRSP) Hot Standby Router Protocol. Provides high network availability and transparent network topology changes. HSRP creates a Hot Standby router group with a lead router that services all packets sent to the Hot Standby address. (phantom) The lead router is monitored by other routers in the group, and if it fails, one of these standby routers inherits the lead position and the Hot Standby group address.

24 Server Redundancy Complete server redundancy Servers on different networks and power sources Very expensive but stock traders require it Disk Mirroring Synchronizing two disks Disk Duplexing Disk mirroring plus each disk has a different disk controller

25 Media Redundancy Mission critical requires redundant media (hardware) Media redundancy on the LAN Relies on redundant links between switches Uses spanning tree for loop avoidance Media redundancy on the WAN Relies on backup links

26 Media Redundancy WAN backup links Use different technologies for backups (ISDN) Use floating static routes by specifying higher administrative distance so it won’t be used unless primary route is goes down Beware, different carriers may actual use the same physical circuit

27 Media Redundancy

28 Route Redundancy Provides load balancing IP balances across six parallel links of equal cost Minimizes downtime from link failures Full mesh provides complete redundancy Partial mesh provides redundancy with lower cost and more scalability

29 Route Redundancy

30

31 Three Part Firewall System

32 Bastion Hosts Provide the following services Anonymous FTP server Web server Domain Name server Specialized security software Telnet ??? In the book, on the CCDA test, but don’t do it

33 Three- Part Firewall System Rules The inside packet filter router should allow inbound TCP packets from established sessions The outside packet filter router should allow inbound TCP packets from established TCP sessions The outside packet filter router should also allow packets to specific TCP or UDP ports going to specific bastion hosts.

34 Rules (cont’d) Do not enable any unnecessary services on the outside filter router Turn off Telnet access (no virtual terminals) Use static routing only Do not make it a TFTP server Use password encryption Turn off proxy ARP and finger service Turn off IP redirects and route caching Do not make it a MacIP server

35 PIX Firewalls The Cisco Secure PIX Firewall series delivers strong security in an easy-to-install, integrated hardware/software appliance that offers outstanding performance. The series allows you to rigorously protect your internal network from the outside world— providing full firewall security protection. Unlike typical CPU-intensive full-time proxy servers that perform extensive processing on each data packet at the application level, Cisco Secure PIX Firewalls use a non-UNIX, secure, real-time, embedded system.

36 Cisco Secure PIX Firewall Series Less complex and more robust than packet filters No downtime for installation No upgrading hosts or routers required No day to day management requirement Generally better performance than delivered by other appliance-like firewalls or those based on general-purpose operating systems (Unix NT Netware)

Download ppt "Designing Network Topology Week 4. Network Topology Cisco has developed several models to help network designers conceptualize Some of the models we will."

Similar presentations

Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
Chapter 7: Intranet LAN Design

Chapter 7: Intranet LAN Design
Hierarchical Design.

Hierarchical Design.
UTC-N Overview of Campus Networks Design.

UTC-N Overview of Campus Networks Design.
Cisco Hierarchical Network Model RD-CSY2001-09/101.

Cisco Hierarchical Network Model RD-CSY /101.
Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.

Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.
Cisco 3 - Switches Perrine - Brierley Page 15/10/2015 Module 5 Switches LAN Design LAN Switches.

Cisco 3 - Switches Perrine - Brierley Page 15/10/2015 Module 5 Switches LAN Design LAN Switches.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
WAN Design Semester 4, Chapter 3 Chabot College Cisco Networking Academy.

WAN Design Semester 4, Chapter 3 Chabot College Cisco Networking Academy.
WAN design ผศ. ดร. อนันต์ ผลเพิ่ม Asst.Prof.Anan Phonphoem, Ph.D. Computer Engineering Department Kasetsart.

WAN design ผศ. ดร. อนันต์ ผลเพิ่ม Asst.Prof.Anan Phonphoem, Ph.D. Computer Engineering Department Kasetsart.
Module CSY3021 Network Planning and Programming RD-CSY3021-08/09 1.

Module CSY3021 Network Planning and Programming RD-CSY /09 1.
Scalable Network Design Ryan J. Determan, CCIE 5276 Scalable Network Design Ryan J. Determan, CCIE 5276 Copyright 2002 DDLS.

Scalable Network Design Ryan J. Determan, CCIE 5276 Scalable Network Design Ryan J. Determan, CCIE 5276 Copyright 2002 DDLS.
Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.

Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.
Ch.6 - Switches CCNA 3 version 3.0.

Ch.6 - Switches CCNA 3 version 3.0.
Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.

Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Services in a Converged WAN Accessing the WAN – Chapter 1.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Services in a Converged WAN Accessing the WAN – Chapter 1.
1 CCNA 3 v3.1 Module 5. 2 CCNA 3 Module 5 Switches/LAN Design.

1 CCNA 3 v3.1 Module 5. 2 CCNA 3 Module 5 Switches/LAN Design.
Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.

Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.
Semester 4 - Chapter 3 – WAN Design Routers within WANs are connection points of a network. Routers determine the most appropriate route or path through.

Semester 4 - Chapter 3 – WAN Design Routers within WANs are connection points of a network. Routers determine the most appropriate route or path through.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Similar presentations

Ads by Google