What are the benefits of a hierachal network design?
By dividing a flat network into smaller, more manageable hierarchical blocks it causes local traffic to remain local. Only traffic destined for other networks is moved to a higher layer.
What are the four fundamental network design goals?
1. Scalability
2. Availability
3. Security
4. Manageability
What are the three basic layers in a hierarchal design model?
Core Layer, Distribution layer, and Access Layer
What is the purpose of the Core Layer in a hierarchal network design model?
It connects Distribution layer devices
What is the purpose of the Distribution layer in a hierarchal network design model?
It interconnects the smaller local networks
What is purpose of the Access layer in a hierarchal network design model?
It provides connectivity for network hosts and end devices.
What is the benefit of dividing a flat network into smaller, more manageable hierarchical blocks?
Local traffic remains local, and onlly traffic destined for other networks is moved to a higher layer.
What can be used to further divide the three-layer hierarchical design into modular areas?
The Cisco Enterprise Architecture
What do the modular areas in the Cisco Enterprise Architectures represent ?
These modules represent areas that have different physical or logical connectivity. They designate where different functions occur in the network.
What does the modularity in Cisco Enterprise Architectures enable?
It enables flexibility in network design, and facilitates implementation and troubleshooting.
What are the three areas of focus in modular network design?
1. Enterprise campus
2. Server farm
3. Enterprise edge
This area contains the network elements required for independent operation within a single campus or branch location, where the building access, building distribution, and campus core are located.
Enterprise campus
This area protects the server resources and provides redundant, reliable high-speed connectivity.
Server farm
As traffic comes into the campus network, this area filters traffic from the external resources and routes it into the enterprise network.
Enterprise edge
What does the Enterprise edge contain?
All the elements required for efficient and secure communications between the enterprise campus and remote locations, remote users, and the Internet
What three steps are network design projects normally divided into?
1. Identify the network requirements
2. Characterize the existing network
3. Design the network topology and solutions
What are the two categories that network designers usually separate goals into?
1. Business goals
2. Technical requirements
What do business goals focus on?
How the network can make the business more successful
What do technical requirements focus on?
How the technology is implemented within the network
In this type of approach, the network applications and service requirements are identified, and the network is designed to support them.
Top-down approach. This type of approach ensures the new design functions as expected before it is implemented.
What is a common mistake made by network designers?
Failure to correctly determine the scope of the network design project
Network requirements that impact the entire network include:
1. Adding new network apps and making major changes to existing apps
2. Improving the efficiency of network addressing or routing protocol changes
3. Integrating new security measures
4. Adding network services
5. Relocaintg servers to a server farm
Network requirements that may only affect a portion of the network include:
1. Improving internet connectivity
2. Updating access layer LAN cabling
3. Providing redundancy for key services
4. Supporting wireless access in defined areas
5. Upgrading WAN bandwidth
In the Cisco three-layer hierarchal model, which layer is responsible for transporting large amounts of data quickly and reliably?
Core layer
What is the Core layer sometime referred to as?
Network backbone
What are the primary design goals at the Core layer?
1. Provide 100% uptime
2. Maximize throughput
3. Facilitate network growth
What are some examples of technologies that are used at the core layer?
1. Routers or multilayer switches that combine routing and switching in the same device
2. Redundancy and load balancing
3. High-speed and aggregate links
4. Routing protocols that scale well (EIGRP, OSPF)
What protocol disables redundant links unless a primary link fails?
Spanning Tree Protocol (STP)
Most core layers in a network are wired in what two types of topologies?
Full-mesh or partial mesh
Core layer devices should have what type of components whenever possible?
Hot-swappable
What are hot-swappable components?
Components which can be installed or removed without first having to turn off the power to that device.
What is the benefit of using hot-swappable components?
Using hot-swappable components reduces the repair time and disruption to network services.
How is the best routing protocol determined for the core layer?
By the size of the network and the number of redundant links or paths available. A major factor in choosing a protocol is how quickly it recovers from a link or device failure.
At what point does network convergence occur?
When all routers have complete and accurate information about the network
The faster the _______________, the quicker a network can react to a change in topology.
convergence time
What are two factors that affect convergence time?
1. The speed at which the routing tables reach all the routers in the network
2. The time it takes each router to perform the calculation to determine the best paths
Which layer of the Cisco three-layer hierarchical model is associated with routing, filtering, and is the communication point between the Core layer and the Access layer?
Distribution layer
The Access layer is commonly built using Layer ___ switching technology.
2
The Distribution layer is built using Layer __ devices.
3
What type of topologies are Distribution layer networks usually wired in?
Partial-mesh
What is a failure domain?
It is the portion of a network affected when either a device or network application fails.
In a a hierachical design model, it is usually easiest and least expensive to control the size of a failure domain in which layer?
Distribution layer
What is it called when routers or multilayer switches are deployed in pairs, with access layer switches evenly divided between them?
A building or departmental switch block
What is the advantage of using switch blocks?
By using switch blocks in your network, the failure of a single device or even and entire switch block does not impact a significant number of end users.
Providing multiple connections to Layer 2 switches can cause unstable behavior in a network unless what is enabled?
Spanning Tree Protocol (STP)
What does RSTP stand for?
Rapid Spanning Tree Protocol
____________ builds upon the IEEE 802.1d technology and provides rapid convergence of the spanning tree.
Rapid Spanning Tree Protocol (RSTP)
What is one of the most common causes of frequent STP recalculations?
A faulty power supply or power feed to a switch (a faulty PS causes the device to reboot unexpectedly)
_____________ are a tool that can be used at the distribution layer to limit access and to prevent unwanted traffic from entering the core network.
Access Control Lists (ACLs)
What is an ACL?
A list of conditions used to test network traffic that attempts to travel through a router interface. ACL statements identify which packets to accept and which to deny
What do standard ACLs filter traffic based on?
Source address
What do Extended ACLs filter traffic based on?
1. Source address
2. Destination Address
3. Protocols
4. Port numbers or applications
5. Whether the packet is part of an established TCP stream
True or False: Both standard and extended ACLs can be configured as either numbered or named access lists.
TRUE
What three complex ACL features can be configured using Cisco IOS Software?
1. Dynamic ACL
2. Reflexive ACL
3. Time-based ACL
Which complex ACL is sometimes referred to as "lock and key" and why?
Dynamic ACL, because the user is required to log in to obtain access
Which complex ACL requires a user to use telnet to connect to the router and authenticate?
Dynamic ACL. Once authenticated, traffic from the user is permitted.
Which complex ACL allow outbound traffic and then limits inbound traffic to only reponses to those permitted responses?
Reflexive ACL
Which complex ACL permits and denies specified traffic based on the time of day or day of the week?
Time-based ACL
Traffic that travels into an interface is filtered by the _________ ACL.
Inbound
Traffic going out of an interface is filtered by the ___________ ACL.
Outbound
Standard ACLs should be applied closest to the _______________.
destination
Extended ACLs should be applied closest to the _____________.
source
The inbound or outbound interface should be referenced as if looking at the port from where?
from inside the router
How are statements in an ACL processed?
Sequentially from the top of the list to the bottom until a match is found. If no match is found, then the packet is denied and discarded.
What statement is at the end of all ALCs, but does not appear in the configuration listing?
Implicit deny
The network admin should configure ACL entries in an order that filters from __________ to ___________.
from specific to general
____________ should be denied first, and ____________ should come last.
Specific hosts should be denied first, and groups or general filters should come last.
The _____________ is examined first. The ________ or _________ is examined only if the match is true.
match condition, permit or deny
_________________ is also referred to as route aggregation or supernetting.
Route summarization
The ____________ is used to control user access to the internetwork resources.
Access Layer
One of the primary concerns when designing the access layer of a campus infrastructure is what?
The physical location of the equipment
Many access layer switches provide power to end devices, like IP phones and wireless access point, using what?
Power-over-Ethernet (PoE)
______________ and ________________ can be implemented at the access layer to improve reliability and increase availability for the end devices.
Redundant components and failover strategies
What are two reasons why Access layer management is crucial?
1. The increase in the number and types of devices connecting at the access layer
2. The introduction of wireless access points into the LAN
In addition to providing basic connectivity at the access layer, what other things does the network designer need to consider?
1. Naming structures
2. VLAN architecture
3. Traffic patterns
4. Prioritization strategies
Following good design principles improves the manageability and ongoing support of the network in what three ways?
1. Ensurign the network does not become too complex
2. Allowing easy troubleshooting when a problem occurs
3. Making it easier to add new features and services in the future
What is a star topology also referred to as?
A hub-and-spoke topology
Using _________ and __________ is the most common method for segregating user groups and traffic with the access layer network.
VLANs and IP subnets