Designing Cisco Network Service Architectures - Free Books

More documents

Recommendations

Info

failed link, and it would have no good way to get them to its twin in the other Data Centerwith a good link to the hotel. The same might happen with EIGRP summarization.• There is no failover to Partners. Careful import of routes via BGP and BGP peering throughthe firewalls is one option. Another would be redistribution into OSPF and passing OSPFto the firewalls and the core-facing routers. Network statements could then advertise thePartner prefixes into the EBGP.• The answer for Corporate Internet failover is to use EBGP to the ISPs or some othermethod (see the later Data Center module) to track connectivity. And then pass defaultback into the core. Static default routing is unsatisfactory for failover.Step 3 Redistribution and Default Routing• It would be better to use network statements to selectively inject routes into EBGP. Thiswould mitigate the risk of having a problem with excess or incorrect routes in one Modulespilling over into the core. (Tradeoff: maintenance that control requires versus increasedstability).• If the Partner Module connected into the Corporate Internet Module’s core-facing routers,then traffic to a Partner could follow default, say from a server to the Internet core-facingrouter, which would then have a more-specific route to the Partner.• For Partner failover, dynamic routing is needed. A dedicated link (VLAN) or two to thePartner Module in the other Data Center would also be needed. That way, the more specificroutes would work even if a Partner link were down in one Data Center. (This is the priceof summarization, viewing default routing as an extreme case of summarization.)Step 4 NAC Addressing SchemeAddressing for NAC roles requires some calculations. You will need a subnet per role at eachLayer 3 switch. One design choice is to use 8 or 16 subnets per Layer 3 switch. It is a goodpractice for each HQ building to be summarizable.Figuring that room for expansion requires 16 subnets per Layer 3 switch, we would have:HQ Building Active Ports Number of Layer 3switches1 2500 132 2500 133 3000 154 1000 5The information about 254-user subnets means we need a /24 for each role. Another way ofsaying that: the last 8 bits are host bits. They would be preceded by the 4 bits we need for 16subnets. That gets us to xxxx xxxx.xxxx xxxx.xxxx ssss.hhhh hhhh, using “s” for subnet bitsand “h” for host bits, “x” for unknown bits.Let us use 4 bits for the Layer 3 switch. That brings us to xxxx xxxx.xxxx xxxx.rrrr ssss.hhhhhhhh, using “r” for router or Layer 3 switch.46 Designing Cisco Network Service Architectures (ARCH) v2.0 © 2007 Cisco Systems, Inc.
Another option uses 3 bits for designating the HQ building (building in some room for growth,management always grows). Using “b” for the HQ building brings us to xxxx xxxx.xxxxxbbb.rrrr ssss.hhhh hhhh.Assuming the addresses are available, we might then use 10.80-83 for the four buildings.Within each of those, we would use the third octet to indicate Layer 3 switch (first four bits)and role subnet relative to that switch. All subnets would be /24s, which keeps things simple.This scheme is somewhat wasteful of address space. There are two advantages of the scheme:1. It readily accommodates moves adds and changes of users2. It is uniform, rather than treating four HQ buildings differently.Step 5 Collocation of Web ServersThe simplest thing is to view the collocation site as a WAN extension of the Server FarmModule. That is why we ruled out managed services at the collocation facility, to avoid thecomplexity of firewalls in between the data center and the collocation facility.One design would add a pair of routers into the Server Farm Module, connecting into theaggregation or core switches within that module. The WAN links would terminate to thecollocation facility in those routers. The collocation site would run as a separate OSPF areawith summarization.If firewalls were added, routing OSPF to the firewalls is perhaps the simplest answer. There areother alternatives that are discussed later in the course.© 2007 Cisco Systems, Inc. Lab Guide 47
Page 1 and 2: ARCHDesigning Cisco NetworkService
Page 3 and 4: Table of ContentsLab Guide 1Overvie
Page 5 and 6: ARCHLab GuideOverviewThis guide pre
Page 7: MegaCorp Campus Case Study Scenario
Page 10: MegaCorp Campus Design TasksComplet
Page 13 and 14: Case Study 2: CP Hotels Addressing
Page 15 and 16: The following diagram illustrates t
Page 17 and 18: Note128 x 256 Kbps is approximately
Page 19 and 20: The routing design uses external Bo
Page 21 and 22: Addressing at CP HotelsHQ buildings
Page 23 and 24: CP Hotels Design TasksComplete thes
Page 25 and 26: Case Study 3: CP Hotels Network Ini
Page 27 and 28: Series switches use HSRP and EIGRP
Page 29 and 30: Step 3 (E-Commerce Redesign Stateme
Page 31 and 32: Case Study 4: CP Hotels Security an
Page 33 and 34: The following diagram indicates the
Page 35 and 36: The data centers will be connected
Page 37 and 38: Step 2 Review the CP Hotels design
Page 39 and 40: Case Study 5: DS Medical Research I
Page 41 and 42: DS-MRI Design TasksComplete these s
Page 43 and 44: Activity VerificationYour group has
Page 45 and 46: Answer KeyThe recommended solutions
Page 47 and 48: uplinks, since the speeds on the up
Page 49: Case Study 2 Answer Key: CP Hotels
Page 53 and 54: Case Study 3 Answers: CP Hotels Net
Page 55 and 56: Step 3 E-Commerce Refresh• For th
Page 57 and 58: Case Study 4 Answer Key: CP Hotels
Page 59 and 60: Step 2 CP Hotels Security• The to
Page 61 and 62: Case Study 5 Answer Key: DS Medical
Page 63 and 64: Step 5 High Level Storage Design•
Page 65 and 66: • DS-MRI would also need to ident

Designing Cisco Network Service Architectures - Free Books

Create successful ePaper yourself

Delete template?

Save as template?