ISBN-13: 9781931836913 / Angielski / Miękka / 2003 / 1122 str.
ISBN-13: 9781931836913 / Angielski / Miękka / 2003 / 1122 str.
The Best Damn Cisco Internetworking Book Period shows readers everything they need to know about all Cisco internetworking topics. The book provides an understanding of Cisco's current VoIP solutions and the means to put them to work, showing how to configure all of Cisco's core VoIP products--among them Cisco CallManager software, Cisco 7910 series phones, and server-based IP PBXs. It discusses IPv6 Protocols, as well as IP Quality of Service (QoS) and how it applies to Enterprise and Internet Service Provider (ISP) environments.
In addition, Cisco wireless technologies are covered in detail. Cisco has placed a high priority on security and here readers will find complete coverage of all the Cisco Security products such as the PIX firewall suite of products, Network Address Translation (NAT), Cisco VPN Concentrator and IPSec, Cisco Authentication, Authorization, and Accounting (AAA), Content Services Switch (CSS), and the Cisco Secure Network Intrusion Detection System. This book is sure to become a dog eared reference for all Cisco engineers and administrators. - The one book that covers all major Cisco Internetworking concepts and configurations.Chapter 1 Cisco Technologies, Routers, and Switches
Introduction
The OSI Model
Layer 1:The Physical Layer
Layer 2:The Data-Link Layer
Layer 3:The Network Layer
Layer 4:The Transport Layer
Layer 5:The Session Layer
Layer 6:The Presentation Layer
Layer 7:The Application Layer
The TCP/IP Model, the DoD Model, or the Internet Model
Process/Application Layer (Application, Presentation, and Session)
Host-to-Host Layer (Transport)
Networking Basics
Network Topologies
CSMA/CD versus Deterministic Access
Ethernet
Wireless LANs
OSI and Wireless: Layer 2 and Down
OSI and Wireless: Layer 3 and Up
Cisco Hardware
Switches
Spanning Tree Protocol
Spanning Tree Port States
Cisco Catalyst Series Models
Switch Architecture
Backplane
Memory
Switch Commands
Routers
Router Architecture
Connecting to the Router
Console Port Connections
Telnet Connection
SSH
Cisco Software
Cisco Software - IOS
IOS Command Syntax and Basic Configuration
SNMP Configurations
Web
Config Maker
Entering Commands to Configure a Cisco Router
Using Configuration Commands
Using show Commands
CATOS Command Syntax and Basic Configuration
Configuring Network Parameters
Securing the Switch
Creating VLANs
Port Configuration
Enabling Trunking
Networking Monitoring and Packet Capture
You are Not Alone-Resources for Cisco Hardware and Software
Cisco Technical Support-General
CCO
TAC
NPC
Software Advisor
Software Center
Groupstudy.com
Summary
Chapter 2 Wide Area Networking (WAN)
Introduction
Wide Area Network Topologies
Point-to-Point Topology
Fully Meshed Topology
Hub-and-Spoke Topology
High-Level Data Link Control
Point to Point Protocol
PPP Features
Configuring PPP
PPP Authentication
PPP Compression
Multilink PPP
Circuit Types and Terminology
T1 and Fractional T1
Frame Relay
Frame Relay Topologies
Configuring Frame Relay
Verifying and Troubleshooting Frame Relay
Asynchronous Transfer Mode (ATM)
ATM Cell Format
ATM Adaptation Layer (AAL)
ATM Virtual Circuits
Configuring ATM
Verifying and Troubleshooting ATM
Integrated Services Digital Network
Basic Rate Interface (BRI)
BRI Reference Points and Functional Groups
Primary Rate Interface (PRI)
ISDN Protocol Layers
ISDN Call Setup and Teardown
Dialer Interfaces
Supported Interfaces
Configuring ISDN and DDR
ISDN and DDR commands
ISDN Troubleshooting
Backing up Permanent Connections
Backup Interface
The backup load Command
Floating Static Routes and Default Routes
Dialer Watch
Configuring a Dialer Profile
Redundant Hardware and Links/ Design and Performance Issues
Load Balancing
Summary
Chapter 3 Wireless Networking
Introduction
Understanding the Fundamentals of Radio Frequencies
Understanding Wireless Radio Signal Transmission and Reception
Radio Frequencies
What is Bandwidth?
Radio Wave Modulation
Communicating with WLAN Technologies
Infrared Technology
Spread Spectrum Technology
Wireless Networking Standards
IEEE
Wireless Design Considerations
Attenuation
Accounting for the Fresnel Zone and Earth Bulge
RF Interference
Application Considerations
Structural Considerations
Implementing a WLAN Architecture
The OSI Reference Model
Logical Wireless System Components
Physical Wireless System Components
Security Fundamentals for Wireless Networks
Ensuring Confidentiality
Ensuring Integrity
Ensuring Availability
Ensuring Authentication
Ensuring Authorization
Where in the Authentication/Association Process Does MAC Filtering Occur?
Accounting and Audit Trails
Wireless Equivalency Privacy (WEP)
Addressing the Issues with Policy
Creating Privacy with WEP
WEP Benefits and Advantages
WEP Disadvantages
The WEP Authentication Process
Implementing WEP on the Cisco Aironet AP 340
Security of 64-Bit versus 128-Bit Keys
Cisco Wireless Systems
Cisco's WLAN Product Line
Cisco's Aironet 3X0 Series APs and Bridges
The Cisco Aironet 350 Series
Features of the Cisco Aironet 340 Series - End-of-Sale
Cisco's Aironet Wireless NICs
Installing the Cisco Aironet 3X0 APs
Power Requirements
Network Connectivity
Initial Configuration of the Cisco 3X0 Series AP
IP Setup Utility
Terminal Emulator Setup
Web-Based Configuration of the Cisco 340 BSE/BSM Series AP
Troubleshooting the Cisco 340 BSE/BSM Series AP
Cisco Aironet Wireless Bridges
Cisco Aironet Wireless Bridge - Point-to-Point
Cisco Aironet Wireless Bridge - Point-to-Multipoint
Cisco Wireless Bridge - Repeater
Installation of the Cisco Aironet Bridge Unit
Installing the Antenna
Configuring the Network Port
Applying Power
Working with Root and Non-Root Modes on a Wireless Bridge
Initial Configuration of Wireless Bridge Using the CLI
Assigning the Radio Parameters
Assigning IP Information
Operational Configuration of the Cisco Aironet Wireless Bridge
Using the Cisco Aironet Wireless Bridge Radio Main Menu
Configuring the Ethernet Port
Configuring the Network Identifiers
Console Management Access
Configuring the Time Service
Setting Up Association Tables
Using Filters
Event Logging
Viewing Statistics
Cisco Aironet Wireless Bridge Troubleshooting
Network Menu Option
Linktest Menu Options
Restart Option
Default and Reset Options
Loading Firmware and Configurations
Backing Up Wireless Bridge Configurations
Cisco Aironet Antennas
Ceiling Mount Omni-Directional Antenna
Mast Mount Omni-Directional Antenna
High-Gain Mast Mount Omni-Directional Antenna
Pillar Mount Diversity Omni-Directional Antenna
POS Diversity Dipole Omni-Directional Antenna
Diversity Ceiling Mount Omni-Directional Patch Antenna
Directional Wall Mount Patch Antenna
Diversity Directional Wall Mount Patch
Yagi Antenna
Dish Antenna
Antenna Accessories
Lightning Arrestor with Grounding Ring
Bridge and AP Accessories
Bridge Mounting Kit
AP/Bridge Spare Power Supplies
AP/Bridge Serial Cable
Cabling, Connectors, and Bulkhead Extenders
Cabling
Connectors
Bulkhead Extenders
Summary
Chapter 4 IP Addressing, Multicasting, and IPv6
Introduction
IPv4 Address and Header Format
Classful Addressing - Structure and Size of Each Type
IP Address Classes
Strategies to Conserve Addresses
CIDR
VLSM
Private Addresses
RFC 1918 - Private Network Addresses
The Three Address Blocks
Considerations
The Fundamentals of Subnetting
What the Mask Does
Subnet Mask Components
Binary Determination of Mask Values
Decimal Equivalent Mask Values
Addresses and Mask Interaction
Reserved and Restricted Addresses
Determining the Range of Addresses within Subnets
Determining Subnet Addresses Given a Single Address and Mask
Strategies for Subnetting
Creating and Managing Variable Length Subnets
Multicast Addresses and Protocols
Understanding the Basics of Multicasting
Unicast Traffic
Broadcast Traffic
Multicast Traffic
Multicast IP Addressing
IP Address Designations
Scope of Multicast Addresses Using the Time-to-Live Field
Administrative Scopes
Participating in Multicasting
Internet Group Management Protocol Versions
Multicasting via Switches
Distribution Trees
Shared
Source
Multicast Routing
Sparse Mode Routing Protocols
Dense Mode Routing Protocols
NAT
NAT Terminology and Concepts
NAT Operation
Configuring NAT on Cisco IOS
NAT Architectures
Traditional NAT or Outbound NAT
Dynamic Translation
Static NAT
Dual Address Translation (Overlapping Networks)
Port Address Translation
TCP Load Distribution
NAT Monitoring and Troubleshooting Commands
Considerations about NAT and PAT
IP Address Information in Data
Bundled Session Applications
IPv6
Benefits of IPv6
IPv4 versus IPv6
IPv6 Addresses
IPv6 Address Space
The Fundamentals of IPv6 Addresses
IPv6 Unicast Addresses
IPv6 Multicast Addressing
IPv6 Anycast Addresses
IPv6 Address Autoconfiguration
IPv6 Headers
Hop-by-Hop Options Header
Routing Header
Fragment Header
Destination Options Header
IPv6 Security
AH
ESP
Upper-Layer Protocol Issues
Understanding ICMPv6
Error Messages
Informational Messages
Understanding Neighbor Discovery
Configuring IPv6 Addressing
Configuring LAN Addresses
Configuring WAN Addresses
Configuring ICMPv6 and Neighbor Discovery
Monitoring and Troubleshooting IPv6
Summary
Chapter 5 IP Routing
Introduction
Routing Terminology
CIDR
Contiguous Subnets
Cisco Routing in General
Static Routes
Default Routes and Networks
Many Are Learned, Few Are Chosen
Routing Information Protocol (RIP)
Routing Update Impact
RIP Timers
RIPv1
RIPv2
Configuring RIP
IGRP
RIP versus IGRP
EIGRP
EIGRP Concepts
OSPF
Becoming Neighbors
Types of OSPF Packets
Link State Advertisements
Types of OSPF Areas
Multiple OSPF Areas
Types of OSPF Routers
OSPF Router ID and Loopback Interfaces
Types of OSPF Databases
Processing of Received Updates
Types of Recognized Networks
Basic OSPF Configuration
OSPF over Frame Relay Point to Point (Subinterfaces)
OSPF over Frame Relay (NBMA and Physical Interfaces)
OSPF over Frame Relay Point-to-Multipoint Subinterfaces
OSPF over Frame Relay Point-to-Multipoint Subinterfaces
OSPF on Broadcast Networks
OSPF Summarization
Authentication
OSPF Virtual Links
Monitoring and Troubleshooting OSPF
debug Commands
Intermediate System to Intermediate System (IS-IS)
ISO Terminology
ISO Addressing and Topologies
IS-IS View of NSAP Address
Configuring CLNS-Only IS-IS
Configuring Integrated IS-IS
Border Gateway Protocol (BGP)
BGP Terminology
BGP Concepts
Configuring BGP
Monitoring and Verifying BGP
Dial-on-Demand Routing
Static and Default Routes
Snapshot Routing
Monitoring Snapshot Routing
OSPF Demand Circuits
Do Not Age (DNA)
Configuring an OSPF Demand Circuit
IPv6 Routing
Configuring RIP for IPv6
Basic IPv6 RIP Configuration
Default Routes and RIPng
Verifying RIPng Operation
Integrated IS-IS
Configuring IS-IS for IPv6
IS-IS Default Routes
Maximum Paths for IS-IS
Configuring BGP Extensions for IPv6
Configuring an IPv6 Neighbor Relationship
Configuring a BGP Router ID
Configuring BGP Peer Groups
Configuring Link-Local Addressing
Verifying BGP Operation
Summary
Chapter 6 Quality of Service (QoS)
Introduction
QoS Overview
Bandwidth Reservation
Real-Time Transport Protocol
Compressed Real-Time Transport Protocol
Resource Reservation Protocol
Queuing
Selecting a Cisco IOS Queuing Method
First-In, First-Out Queuing
Low Latency Queuing (LLQ)
Priority Queuing (PQ)
Configuring Priority Queuing
Custom Queuing (CQ)
Configuring Custom Queuing
Weighted Fair Queuing
WFQ and IP Precedence
Planning Considerations
VIP Distributed Weight Fair Queuing (DWFQ)
Class-Based Weighted Fair Queuing (CB-WFQ)
Configuring Class-Based Weighted Fair Queuing
Why Packet Classification?
IP Precedence
IP QoS
Traffic Shaping
Configuring Traffic Shaping
Verifying Traffic Shaping
Link Fragmentation and Interleaving
Configuring Link Fragmentation and Interleaving
Verifying Link Fragmentation and Interleaving
Weighted Random Early Detection
Tail Drop
Flow-Based WRED
Configuring Congestion Avoidance with WRED
Verifying WRED
Data Compression Overview
The Data Compression Mechanism
Selecting a Cisco IOS Compression Method
Header Compression
Link and Payload Compression
Per-Virtual Circuit Compression (Payload Compression)
Hardware Compression
Verifying Compression Operation
Configuring Packet Classification
IP Precedence
Verifying IP Precedence
Policy Routing
Configuring Policy Routing
Verifying Policy Routing
Call Admission Control
Configuring Call Admission Control (CAC)
Verifying Call Admission Control
Summary
Chapter 7 Cisco Network Security
Introduction
Attacks and Threats
Active Attacks
Passive Attacks
Password Attacks
Brute Force Attacks
Dictionary-based Attacks
Malicious Code Attacks
Malware
Attacker Aids
Bad Key Exchanges
Hashing Pieces Separately
Using a Short Password to Generate a Long Key
Improperly Stored Private or Secret Keys
Detecting Breaches
What are the Key Steps after a Breach is Detected?
Reducing Vulnerabilities
Providing a Simple Security Network Architecture
Developing a Security Policy
AAA Overview
Authentication
Authorization
Accounting
AAA Servers
Method-Lists
Configuring AAA
Security Protocols
RADIUS
TACACS+
Comparing TACACS+ and RADIUS
Using RADIUS and TACACS+ for AAA Services
Configuring the RADIUS or TACACS+ Parameters
Configuring AAA Authentication
Configuring AAA Authorization
Configuring AAA Accounting
Typical RAS Configuration Using AAA
Virtual Profiles and AAA
Example of Virtual Profiles Using Virtual Templates
Configuring Virtual Profiles Using AAA Configuration
Per-user Configuration Example
Monitoring and Verifying AAA Access Control
Complete AAA Configuration Example
Authentication Proxy
How the Authentication Proxy Works
Benefits of Authentication Proxy
Restrictions of Authentication Proxy
Configuring Authentication Proxy
Cisco Secure ACS
Overview of the Cisco Secure ACS
Benefits of the Cisco Secure ACS
Configuration Example: Adding and Configuring an AAA Client
Cisco IP Security Hardware and Software
Cisco PIX Firewall
Cisco IOS Firewall Feature Set
Cisco Secure Intrusion Detection System
CSPM
ACLs
ACL Operation
Types of ACLs
Standard IP ACLs
Extended IP ACLs
Named ACLs
Applying and Editing ACLs
Problems with ACLs
Lock-and-Key ACLs
Reflexive ACLs
Building Reflexive ACLs
Applying Reflexive ACLs
Context-based Access Control
The CBAC Process
Configuring CBAC
Inspection Rules
Applying the Inspection Rule
Configuring Port to Application Mapping
Configuring PAM
Protecting a Private Network
Protecting a Network Connected to the Internet
Protecting Server Access using Lock-and-Key
Protecting Public Servers Connected to the Internet
Applying Perimeter Security in IPv6
ACL Control Manager
Configuration Example: Creating ACLs with ACLM
CSPM
Overview of VPN Technologies
Tunneling VPNs
Virtual Private Dial Networks
Intranet VPNs
Extranet VPNs
Access VPNs
L2TP
Configuring Cisco L2TP
PPTP Overview
Understanding Cryptography Concepts
Encryption Key Types
Standard Cryptographic Algorithms
Understanding Asymmetric Algorithms
IPsec Concepts
VPN Terminology
IPsec
IPsec Architecture
IKE
SAs
VPN Operation
Configuring ISAKMP/IKE
Configuring IPsec
RAS VPN
Configuring Cisco IPsec
Verifying and Debugging VPN Operation
Wireless Security
Ensuring Authorization
MAC Filtering
Where in the Authentication/Association Process does MAC Filtering Occur?
MAC Spoofing
Accounting and Audit Trails
Implementing WEP
Defining WEP
Creating Privacy with WEP
The WEP Authentication Process
WEP Benefits and Advantages
WEP Disadvantages
Implementing WEP on the Cisco Aironet AP 3x0
Exploiting WEP
Security of 64-bit versus 128-bit Keys
Strengthening WEP
Summary
Chapter 8 Cisco PIX Firewall
Introduction
PIX Firewall Features
Embedded Operating System
The Adaptive Security Algorithm
Advanced Protocol Handling
VPN Support
URL Filtering
NAT and PAT
High Availability
PIX Hardware
Software Licensing and Upgrades
Licensing
Upgrading Software
Password Recovery
Factory Default Configurations
Access Modes
Basic Commands
Managing Configurations
Resetting the System
Allowing Outbound Traffic
Configuring Dynamic Address Translation
Blocking Outbound Traffic
Allowing Inbound Traffic
Static Address Translation
ACLs
Conduits
ICMP
Port Redirection
TurboACLs
Object Grouping
Configuring and Using Object Groups
Handling Advanced Protocols
Filtering Web Traffic
Filtering URLs
Active Code Filtering
Configuring Intrusion Detection
Supported Signatures
Configuring Auditing
Configuring Shunning
Dynamic Host Control Protocol Functionality
DHCP Clients
DHCP Servers
Fragmentation Guard
Authentication, Authorization, and Accounting Floodguard
SYN Floodguard
Reverse-Path Forwarding
Unicast Routing
Stub Multicast Routing
Point-to-Point Protocol over Ethernet
Configuring Console Authentication
Configuring Local Console Authentication
Configuring RADIUS and TACACS+ Console Authentication
Configuring Local Command Authorization
Configuring Authentication for Traffic Through the Firewall
Configuring Cut-through Proxy
Virtual HTTP
Virtual Telnet
Configuring Authorization for Traffic Through the Firewall
Configuring Accounting for Traffic Through the Firewall
Failover Concepts
Configuration Replication
IP and MAC Addresses Used for Failover
Failure Detection
Stateful Failover
Standard Failover Using a Failover Cable
Configuring and Enabling Failover
Monitoring Failover
LAN-Based Failover
Configuring and Enabling Failover
Monitoring Failover
Failing Back
Disabling Failover
Configuring Logging
Local Logging
Syslog
Logging Levels
Logging Facility
Disabling Specific Syslog Messages
Configuring Remote Access
Telnet
Configuring SNMP
Configuring System Identification
Configuring Polling
Configuring Traps
Configuring System Date and Time
Setting and Verifying the Clock and Time Zone
Configuring and Verifying the Network Time Protocol
Configuring VPN
Allowing IPsec Traffic
Enabling IKE
Creating an ISAKMP Protection Suite
Defining an ISAKMP Pre-shared Key
Configuring Certificate Authority Support
Configuring Crypto ACLs
Defining a Transform Set
Bypassing NAT
Configuring a Crypto Map
Configuring Site-to-site IPsec without IKE (Manual IPsec)
Configuring PPTP
Configuration
Configuring L2TP with IPsec
Dynamic Crypto Maps
Configuration
Configuring Support for the Cisco Software VPN Client
Mode Configuration
Extended Authentication
VPN Groups
Sample Configurations of PIX and VPN Clients
Troubleshooting PIX Firewall Hardware, Software, and Performance
Troubleshooting PIX Cabling
Troubleshooting Connectivity
Troubleshooting IPsec
Capturing Traffic
Monitoring and Troubleshooting Performance
Summary
Chapter 9 Cisco Voice over IP
Introduction
Telephone Calls - The "Traditional Way
Toll Bypass
Analog
Basic Telephony
Dissecting an Analog Network
Voice Encoding: Standards and Techniques
DSP Provisioning
Analog Signaling
E&M Signaling
Analog Loop and Ground Start
Dial-Pulse Signaling
Dual-Tone Multifrequency (AKA Touch Tone)
Digital Transmission Techniques and Formats
Time-Division Multiplexing
Integrated Services Digital Network Signaling
Call Control Signaling
Channel Associated Signaling
Common Channel Signaling
Inside the Private Branch eXchange
Extension Termination
Trunk Termination
Call Processing and System Logic
Switching
PBX Terminology
Non-IP Alternatives to Traditional Telephony
Voice over Frame Relay
Voice over ATM
Voice over HDLC
Introduction to IP Telephony
Conferencing and Transcoding, and Other Services
IP Telephony Components
Cisco CallManager
Cisco IP Phones
Cisco Gateways
Switches
Cisco IP SoftPhone
Cisco IP Telephony Applications
Cisco Web Attendant
Internet Communications Software
Prepping the Network for Voice Service
Analog Voice Interfaces
Signaling Between Routers and PBXs
VoIP Protocols
H.323 Standard and Protocol Stack
H.323 Call Stages
H.323 Discovery and Registration
H.323 Call Setup
Call Termination
H.323 Endpoint-to-Endpoint Signaling
Session Initiation Protocol
Session Initiation Protocol Components
Session Initiation Protocol Messages
Media Gateway Control Protocol
MGCP Connections
Skinny Station Protocol
Simplified Messaging Desk Interface
Cisco VoIP Hardware and Software
Voice Modules and Cards
Installing VNMs and VICs
E-1/T-1 Voice Connectivity
1700 Series Router Configurations
3600 and 3700 Series Router Configurations
7500 Series Router Configurations
AS5350 and 5850 Universal Gateway Configuration
Cisco Switches
Quality of Service
What Is Quality of Service?
Applications for Quality of Service
Levels of QoS
Why QoS Is Essential in VOIP Networks
Configuring Voice Ports
Configuring FXO or FXS Voice Ports
Configuring E&M Ports
Voice Port-Tuning Commands
Concepts of Delay and Echo
Fine-Tuning FXS/FXO Ports
Fine-Tuning E&M Ports
Configuring Dial Plans and Dial Peers
Call Legs: POTS vs.Voice Network Dial Peers
Creating and Implementing Dial Plans
Configuring Dial Peers
Number Expansion
Direct Inward Dialing
Configuring Trunking
Trunks
Tie Lines
Private Line Automatic Ringdown
Direct Voice Trunking versus Dial-Digit Interpretation
Supervisory Disconnect
Trunk Seizure:Wink-Start Signaling versus Immediate-Start Signaling versus Delay-Start
Configuring ISDN for Voice
Configuring ISDN BRI Voice Ports
Configuring ISDN PRI Voice Ports
Configuring Q.931 Support
Configuring CAS
Configuring CCS
Configuring T-CCS
Configuring Gateways and Gatekeepers
Configuring H.323 Gateway
Configuring H.323 Gatekeeper
Troubleshooting VoIP
Troubleshooting Equipment, from Power On to Operating State
Layer 2 Troubleshooting
Layer 3 Troubleshooting
Troubleshooting Voice Ports
Troubleshooting Dial Peers
Summary
Index
1997-2024 DolnySlask.com Agencja Internetowa