ccna discovery 4.0 designing and supporting computer...

2007CiscoSystems,Inc.Allrightsreserved. CiscoPublicITEPCv4.0Chapter1 1

CCNADiscovery4.0DesigningandSupportingComputerNetworks

IdentifyingApplicationImpactsonNetworkDesignChapter4

ITEPCv4.0Chapter1 22007CiscoSystems,Inc.Allrightsreserved. CiscoPublic

Objectives


Theimportanceofapplicationperformance

Mostpeoplewhousenetworkservicesknowverylittleabouttheunderlyingnetworkornetworkdesign.Theirexperienceasusersisbasedonhowtheyinteractwiththeapplicationsthatrunonthenetwork.

Inthecaseofthesportsstadium,networkbasedapplicationsprovideessentialservicestothefans,theteams,andthemanagement.Theseservices,andthenetworkonwhichtheyreside,areamongthebusinesscriticalelementsensuringthatcustomeranduserdemandsaremet.



Gatheringstatisticalinformationfromrouters,servers,andothernetworkdeviceshelpsdeterminewhetherasystemisfunctioningtomanufacturerspecifications.However,technicalconsiderationsalonedonotdeterminesuccessinthemarketplace.

Successdependsonhowthecustomer,thesuppliers,andthevendorsviewtheperformanceofthenetwork.



Forendusers,applicationperformanceisbasedon:

AvailabilityIstheapplicationworkingwhentheyneedit?

ResponsivenessIstheapplicationrespondingasquicklyasexpected?

Forexample,inthestadium,revenuefromticketsales,concessions,andsouvenirssufferswhentransactionprocessesarenotavailableoraretakingtoolongtocomplete.



Stadiumcustomersratetheconvenienceofanapplicationbythelengthoftimeittakestocompletethetransaction.Theyalsoexpecttheapplicationtobeavailablewhenevertheywanttouseit.

Applicationsforwhichfastresponsetimeisconsideredcriticalfortheuserinclude:

Interactivekioskservices

Pointofsaleticketmachines

Concessionregisters



Applicationsconsideredcriticalbystadiumpersonnelinclude:

Emergencyservices

Voiceandvideomonitoringandtransmission

Themeasurementofapplicationperformanceshouldcombineusersatisfactionwithnormaltechnicalmetrics,suchasthroughputonthenetwork,orthenumberofsuccessfultransactions.


CharacteristicsofDifferentApplicationCategories

Inanexistingnetwork,applicationcharacterizationhelpsthenetworkdesignertoincorporatebusinessgoalsandtechnicalrequirementsintothenetworkdesign.

Theapplicationcharacterizationprocessinvolveslookingatthefollowingaspectsofnetworkapplications:

Howtheapplicationsworkonthenetwork

Thetechnicalrequirementsoftheapplication

Howapplicationsinteractwitheachotheronthenetwork



Fromtheinformationgatheredduringtheearlyphasesofthedesignprocess,thedesignerdetermineswhichapplicationsareconsideredbusinesscritical.

Thecharacterizationprocessprovidesinformationaboutnetworkbandwidthusageandresponsetimesforspecificapplications.Theseparametersinfluencedesigndecisions,including:

Selectionofthetransmissionmedium

Estimatesofrequiredbandwidth



Trafficfromdifferenttypesofapplicationsresultsinvaryingnetworkdemands.Thenetworkdesignerrecognizesfourmaintypesofapplicationcommunication:

Clienttoclient

Clienttodistributedserver

Clienttoserverfarm

Clienttoenterpriseedge


Onanexistingnetwork,thefirststepincharacterizingapplicationsistogatherasmuchinformationaboutthenetworkaspossible.Thisincludesgatheringinformationfrom:

Organizationalinput

Networkaudit

Trafficanalysis



OrganizationalInput

Organizationalinputconsistsofexistingdocumentationaboutthenetworkandverbalinputfromthestadiumpersonnel.Duringtheearlyphasesofdesign,obtaininginputiseasybutnotalwaysreliable.Forexample,applicationchangessuchasupgradesoruserinstalledsoftwaremaygoundocumentedorunnoticed.

NetworkAudit

Anetworkauditgathersinformationaboutnetworkdevices,monitorstraffic,andrevealsdetailsofthecurrentnetworkconfiguration.



TrafficAnalysis

Trafficanalysisprovidesinformationabouthowtheapplicationsandprotocolsusethenetwork.Itcanrevealshortcomingsinthenetwork.Forexample,severalhighbandwidthapplicationsusingthesamemediumcangeneratelargeamountsoftraffic.Thiscouldbeapotentialweaknessinthecurrentdesign.



CiscoIOSSoftwareEmbeddedTools

NetworkBasedApplicationRecognition(NBAR)isaCiscoutilitythatconductsauditsandtrafficanalysis.NBARisaclassificationenginethatrecognizesawidevarietyofapplications.NBARrecognizeswebbasedandotherdifficulttoclassifyprotocolsthatutilizedynamicTCPandUDPportassignments.



AnothertoolisCiscoIOSNetFlow.NetFlowefficientlyprovidesasetofservicesforIPapplications.Servicesinclude:

Networktrafficaccounting

Usagebasednetworkbilling

Networkplanning

Security

DenialofServicemonitoringcapabilities

Networkmonitoring



Howtrafficflowaffectsnetworkdesign

InternalTraffic

Internaltrafficisgeneratedbylocalhostsandisdestinedforotherhostswithinthecampusnetwork.Diagramminginternaltrafficflowscanshowareaswherehighbandwidthconnectionsareneeded,aswellasidentifypossiblebottleneckswheretrafficmightbecomecongested.Thesediagramsassistthedesignertoselecttheappropriateequipmentandinfrastructuretosupportthetrafficvolumes.


Howtrafficflowaffectsnetworkdesign

ExternalTraffic

Externaltrafficisdefinedastrafficthatisinitiatedbyusersoutsidethelocalnetworkaswellastrafficsenttodestinationslocatedonremotenetworks.Sometypesofexternaltraffic,suchasemergencyservicesorfinancialservices,requireredundancyandpresentadditionalsecurityconcerns.ThedesignerdiagramsthistrafficinordertodeterminethelocationoffirewallsandDMZnetworks,aswellastheInternetconnectivityrequirements.


HowtrafficflowaffectsnetworkdesignInternalTrafficFlow


HowtrafficflowaffectsnetworkdesignExternalTrafficFlow


Howapplicationcharacteristicsaffectnetworkdesign

Thetypesofhardwareinstalledonanetworkaffecttheperformanceofanapplication.Acomplexnetwork,suchasthesportsstadiumnetwork,containsmanydifferenttypesofhardware.Eachofthesedevicetypescanintroducedelayinapplicationresponsespeedtouserrequests.Delayaffectscustomersatisfactionwiththeapplicationperformance.Hardwaredelayscanbecausedby:

Processingtimethataroutertakestoforwardtraffic

Olderswitchesthatarenotabletohandletrafficloadsgeneratedbymodernapplications



Onewaytoensurehighperformanceistousethetopdownapproach.Thetopdownapproachadaptsthedesignofthephysicalinfrastructuretotheneedsofthenetworkapplications.Networkdevicesarechosenonlyafterathoroughtechnicalrequirementsanalysis.

Networkapplicationsonamodernnetworkproducearangeofpackets.Thesepacketsareofvarioussizes,withdistinctsetsofprotocols,differenttolerancestodelay,andothercharacteristics.Whentheservicerequirementsofthesedifferentapplicationsconflictwithoneanother,performanceproblemscanresult.


TransactionProcessing

Networkedapplicationsarenowthebackboneofbusinessactivity.Tomeetthebusinessgoalsoftheclient,thenetworkdesignermustensureapplicationperformance.

Someofthemorecommonapplicationtypesinclude:

Transactionprocessingapplications

Realtimestreamingapplications

Filetransferandemailapplications

HTTPandwebapplications

Microsoftdomainservices



TransactionProcessingApplications

Transactionprocessingisatypeofprocessinginwhichthecomputerrespondsimmediatelytouserrequests.Eachrequestgeneratedbytheuserisatransaction.Thesetransactionscanrequireadditionaloperationstotakeplaceinresponsetotheoriginalrequest.Forthisreason,applicationtransactionsareauniqueconsiderationinnetworkdesign.

Asanexampleofatransactionprocess,considerwhathappenswhenacustomerpurchasesticketsonlineforaneventatthesportsstadium.



Thissingletransactiongeneratesallthefollowingoperationsonthenetwork:

Webtrafficfromtheclienttothenetwork

Databasetransactions

Customerordertransaction

Orderprocessingtransaction

Shipping/deliverytransaction



Notalltrafficthatentersorexitsanetworkisconsideredatransactionprocess.Avalidtransactionmustmeetthefollowingcriteria:

Itmustbeatomic.

Itmustbeconsistent.

Itmustbeisolated.

Itmustbedurable.



AtomicTransaction

Anatomictransactionguaranteesthateitherallthetasksofatransactionareperformedornoneofthemare.Ifthetransactionisnotfullyprocessed,thentheentiretransactionisvoid.

ConsistentTransaction

Aconsistenttransactionensuresthatincompletetransactionsarenotallowed.Ifanincompletetransactionoccurs,thesystemreturnstothestatethatitwasinbeforethetransactionbegan.



IsolatedTransaction

Anisolatedtransactioniskeptsecurefromalltheothertransactionsonthenetwork.Securityisamajornetworkdesignconsideration.Securityoptionsincludetheadditionofaccesscontrollists(ACLs),encryption,andfirewallstothenetworktopology.



DurableTransaction

Adurabletransactionguaranteesthatoncethetransactioniscompleted,thetransactionwillnotbeundoneevenafterasystemfailure.Adurabledesignfortransactionprocessesrequiresredundancyatmultiplelevels.TheselevelsincludethePhysicalLayerconnections,servers,switchingdevices,androuters.



Thenetworkdesignerevaluatesredundancyandsecuritytoolsthatsupporttransactionprocessingapplications.

Redundancy

Incorporatingtransactionapplicationsrequiresthedesignertoconsidertheimpactofeachtransactiononthenetwork.Thisprocessiscrucial,becauseadditionalcablingordevicesmaybeneededtoprovidetheredundancyoravailablethroughputthatthesetransactionsrequire.Addingredundancytoanetworkbringsthefollowingadvantages:

Reductionoreliminationofnetworkdowntime

Increasedavailabilityofapplications



Networkswithredundancyeliminatetheproblemofsinglepointsoffailure.Ifapathordevicefails,theredundantpathordevicecancompletetheprocessortransaction.Serversthathandletransactionprocesseshaveanalternatepathtoreceiveordelivertraffic.Thishelpsensurethattheapplicationisavailablewhenthecustomerrequestsit.

Networkdevicescanalsobeconfiguredforredundancy.Twocommonprotocolsare:

RapidSpanningTreeProtocol(RSTP)

HotStandbyRoutingProtocol(HSRP)



RSTPpreventsLayer2switchingloopsthatcanoccurwithredundantswitches.

HSRPcanprovideLayer3redundancyinthenetwork.HSRPprovidesimmediateorlinkspecificfailoverandarecoverymechanism.

RedundantlinksanddevicescanbeimplementedintheproposedstadiumnetworkdesignatboththeDistributionandCoreLayers.



Security

Securityisalwaysamajorconsideration.Itaffectsnotonlythetransactionprocesses,butallapplicationsandtrafficwithinaninternalnetworkandanexternalnetwork.Protectingtheprivacyandintegrityoftransactioninformationandthetransactiondatabaseshouldbethefocusofsecurityconsiderations.Thenetworkdesigneranalyzesthepotentialforthetransactiondatatobeaccessedinappropriatelyoraltered.



VPNsuseaprocesscalledtunneling.Tunnelingisoftenreferredtoas"portforwarding".Itisthetransmissionofdatathroughapublicnetworkthatisintendedforaprivatenetwork.Tunnelingisaccomplishedbyencapsulatingtheprivatenetworkdataandprotocolinformationwithinthepublicnetworktransmissionunits.

Intrusiondetectionsystems(IDS)areusedtomonitornetworktrafficforsuspiciousactivity.Ifsuspiciousactivityisdetected,anIDSalertsthesystemoradministrator.AnIDScanbeconfiguredtoblocktheusersourceIPaddressfromaccessingthenetwork.



Firewallsfiltertrafficbasedonasetofcriteria.Thecomplexityofthefirewallconfigurationcancausedelays.Thepotentialimpactofdelaysshouldbeconsideredinthedesignofanetwork.

ACLscanfilterpotentiallyharmfultrafficthatistryingtoenterthenetworkandblockspecifictrafficfromexitingthenetwork.Theseaccesscontrolscanslowthetransactionprocess.ThetimesensitivenatureofsometransactionsshouldbeconsideredwhenconfiguringACLs.


RealtimeStreamingandVoice

RealtimeApplications

Whendesigningthenetworktoaccommodaterealtimeapplications,thenetworkdesignermustconsiderhowthenetworkinfrastructurewillaffectapplicationperformance.

Theseconsiderationsincludethephysicalelementsoftheinfrastructure:

Hardwaredevicesandconnections

Networktopology

Physicalredundancy



LogicalconsiderationsincludehowtheconfigurationofQoSandsecuritysolutionsaffecttraffic.Alloftheseconsiderationsaffecthowthedesignerwillimplementnetworksolutions,suchasIPtelephonyservices.

Realtimestreamingapplicationspresentuniquerequirementsforthenetworkdesign.Theonlyrealtimeapplicationcurrentlyinuseinthestadiumisvideosurveillance.IPtelephonyisincludedintheproposednetworkupgrade.Trafficfromtheseapplicationsmustbeforwardedwiththeleastlatencyandjitterpossible.



Whendeterminingthebusinessgoalsandtechnicalrequirementsforthecustomer,allaspectsofthenetworkshouldbeanalyzedtoensureproperimplementationandsupportoftherealtimeapplications.



Infrastructure

Tosupporttheexistingandproposedrealtimeapplications,theinfrastructuremustaccommodatethecharacteristicsofeachtypeoftraffic.

Thenetworkdesignermustdeterminewhethertheexistingswitchesandcablingcansupportthetrafficthatwillbeaddedtothenetwork.Cablingthatcansupportgigabittransmissionsshouldbeabletocarrythetrafficgeneratedandnotrequireanychangestotheinfrastructure.



VoIP

WhenintroducingVoIPtoanetworkthatusestraditionaltelephones,itisimportanttorememberthatVoIPusesvoiceenabledrouters.TheseroutersconvertanalogvoicefromtraditionaltelephonesignalsintoIPpackets.

OnceconvertedintoIPpackets,theroutersendsthosepacketsbetweencorrespondinglocations.Voiceenabledroutersmustbeaddedtothedesign.



IPTelephony

InIPtelephony,theIPphoneitselfperformsvoicetoIPconversion.Voiceenabledroutersarenotrequiredwithintheenterprisenetwork.IPphonescanuseCiscoUnifiedCommunicationsManagerasaserverforcallcontrolandsignaling.ThestadiumnetworkrequirementsincludeIPtelephony.



RealtimeVideoProtocols

Totransportstreamingmediaeffectively,thenetworkmustbeabletosupportapplicationsthatrequiredelaysensitivedelivery.RealTimeTransportProtocol(RTP)andRealTimeTransportControlProtocol(RTCP)aretwoprotocolsthatsupportthisrequirement.



RTPandRTCPenablecontrolandscalabilityofthenetworkresourcesbyallowingQoSmechanismstobeincorporated.TheseQoSmechanismsprovidevaluabletoolsforminimizinglatencyissuesforrealtimestreamingapplications.Thesetoolsincludepriorityqueuing,customqueuing,lowlatencyqueuing,andclassbasedweightedfairqueuing.


FileTransferandEmail

Filetransfersputhighvolumetrafficontothenetwork.Thistrafficcanhaveagreatereffectonthroughputthaninteractiveendtoendconnections.Althoughfiletransfersarethroughputintensive,theytypicallyhavelowresponsetimerequirements.



Someofthecharacteristicsoffiletransfertrafficinclude:

Unpredictablebandwidthusagethistypeoftrafficisusuallyuserinitiatedandthereforecannotbereliablypredicted.

LargepacketsizeFTPandotherfiletransfertrafficuseslargepacketsizesforefficienttransfer.Theselargepacketscancausedelayforothertypesoftrafficwhenthenetworkbecomescongested.



Aspartoftheinitialcharacterizationofthenetwork,itisimportanttoidentifythenumberofusersthatusefiletransfersonaregularbasis.FTPisnottheonlytypeoffiletransfertrafficusuallypresentonaLAN.CopyingfilesfromsharednetworkdrivesanddownloadinglargefilesusinghttphavesimilarcharacteristicstoFTP.

Fromthisinformation,thenetworkdesignercananticipatethethroughputrequirements.



Email

Emailisoneofthemostpopularnetworkservices.Withitssimplicityandspeed,emailhasrevolutionizedhowpeoplecommunicate.Yet,torunonacomputerorotherenddevice,emailrequiresseveralapplicationsandservices.TwocommonApplicationLayerprotocolsarePostOfficeProtocol(POP)andSimpleMailTransferProtocol(SMTP).



EmailClientProcesses

Emailuserstypicallyaccesstheiremailserviceusinganapplicationcalledanemailclient.Theemailclientenablesuserstocomposeandsendmessages,thenplacesreceivedmessagesintotheuser'smailbox.

EmailServerProcesses

Theemailserveralsotransfersanddeliversmailtotheemailclient.

Althoughasingleemaildoesnotgeneratesignificanttraffic,itispossibleformassemailstobetransmittedthatinundatethenetworkorserverswithtraffic.



SupportingFileTransferandEmailApplications

Customersexpectimmediateaccesstotheiremailsandtothefilesthattheyaresharingorupdating.

Tohelpensurethisavailability,thenetworkdesignertakesthefollowingsteps:

Securingfileandmailserversinacentralizedlocation,suchasaserverfarm.

Protectingthelocationfromunauthorizedaccessbyphysicalandlogicalsecuritymeasures.

Creatingredundancyintheserverfarmthatensuresthatifonedevicefails,allfilesarenotlost.

Configuringredundantpathstotheservers.


HTTPandWebTraffic

HTTPandWebTraffic

HypertextTransferProtocol(HTTP)isoneoftheprotocolsintheTCP/IPsuitethatwasoriginallydevelopedtopublishandretrievewebpages.Itisnowusedfordistributedcollaborativeinformationsystems.HTTPisusedacrosstheWorldWideWebfordatatransfer.Itisoneofthemostwidelyusedapplicationprotocols.

HTTPspecifiesarequest/responseprotocolbetweenaclient,typicallyawebbrowser,andaserver.


HTTPandWebTraffic

Whenaclientsendsarequestmessagetoaserver,theHTTPprotocoldefinesthemessagetypesusedbytheclient.Theprotocolalsospecifiesthemessagetypesthattheserverusestorespond.

Thisprocesswouldappeartobeaminorconsiderationinthedesignprocess.However,iftheserverthatisbeingaccessedisusedforecommerceortostorecustomerinformation,thesecurityandredundancyissuesbecomeevenmoreimportant.


HTTPandWebTraffic

NetworkMedia

TosupportHTTPandwebtraffic,itisnecessarytohaveLayer3devicesthatcancontroltheinternalandexternaltrafficflows.Inanetworkaudit,theinboundtrafficshouldbeconsideredpartofthenetworkbaselinetesting.

Redundancy

Serversusuallyhaveredundantcomponentsandpowersources.TheymaybeequippedwithtwoormoreNICsconnectedtoseparateswitches.


HTTPandWebTraffic

Security

SecurityfeaturessuchasACLs,firewalls,andIDS,arealsousedtopreventunauthorizedtrafficfrombeingsentintooroutoftheprotectednetworks.Aswiththeotherapplicationservers,theHTTPservershouldbelocatedattheISPorinthecentralizedserverfarmforaddedphysicalsecurityandredundancy.


MicrosoftDomainServices

ThestadiumusesMicrosoftActiveDirectoryServices.Therefore,thenetworkdesignermustconsiderbothservertoserverandservertoclientcommunications.Microsoftserverssupportmanydifferenttypesofservicesthatrelyonhighspeedcommunicationsbetweentheserversthemselves.Theseservices,suchasActiveDirectoryreplication,mustbeconsideredwhenrelocatingserversduringanetworkredesign.



PortsusedbyMicrosoftDomainServices

MicrosoftserversandclientscommunicatewitheachotherusingasetofTCPandUDPports.TheseportsareusedforvariousMicrosoftservices,includingauthenticationandauthorization.ManyMicrosoftspecificservicesgeneratelocalbroadcastpacketsontheseports,aswellasunicastrequests.CommonTCPandUDPportsthatmustbeopenforMicrosoftDomainServicestooperatecorrectlyinclude:



UDP53DNSServices

UDP67DHCP

UDP123WindowsTimeService

TCP135RemoteProcedureCall(RPC)

UDP137NetBIOSNameResolution

UDP138NetBIOSDatagramService

TCP139NetBIOSSessionService

TCP389andUDP389LDAPService

TCP445ServerMessageBlocks(SMB)

TCP1433MicrosoftSQLoverTCP

ActiveDirectoryandDNS



ActiveDirectoryandDNS

WhenaMicrosoftWindows2003Serverisinstalledinanetwork,thereisverytightintegrationbetweenActiveDirectoryServicesandDNS.ActiveDirectoryrequiresDNStolocatedomaincontrollers,whichprovideauthenticationandauthorizationservices.Windows2003DomainControllersmustbeDNSserversaswell.ThisDNSservicecanprovidethemainDNSforanorganization,ormaybeinadditiontoInternetDNSserviceslocatedonnonWindowsservers


WhatisQualityofServiceandwhyisitneeded?

QualityofService(QoS)referstothecapabilityofanetworktoprovidepreferentialservicetoselectednetworktraffic.TheprimarygoalofQoSistoprovidepriority,includingdedicatedbandwidth,controlledjitterandlatency,andreducedpacketloss.

WhencreatingQoSpoliciesforanorganization,itisimportanttofocusonwhichtrafficneedspreferentialtreatment.



Usersperceiveservicequalitybasedontwocriteria:

Thespeedwithwhichthenetworkreactstotheirrequests

Theavailabilityoftheapplicationstheywanttouse

QoShelpstomanagetheseissuesfortrafficflowswithinthenetworkinfrastructureandfortheapplicationsthatusethenetwork.

SomeCiscodevices,suchasrouters,havebuiltinQoSmechanisms.



PlayflashfromChapter4.3.1(1)

file:///C:/CISCO_CCNA/Discovery4_English/index.html



Someapplicationsareextremelysensitivetobandwidthrequirements,packetdelays,networkjitter,andpossiblepacketloss.TheseapplicationsincluderealtimeIPtelephonyandstreamingvideo.

IPTelephonyRequirements

TherequirementsofIPtelephonyillustratemanyoftheproblemsofrealtimeapplicationsinaconvergednetwork.Voicetrafficrequiresmorethanasimpleconnectionbetweenusers.Thequalityofthetransmissionsisextremelyimportant.Whendelaysoccur,voicesbreakupandwordsbecomedistorted.


Toavoidsubstandardtransmissionquality,IPtelephonyrequiresthatQoSmechanismsbeinplace.Voicepacketsmustnothaveaonewaydelaygreaterthan150ms.ItiscriticalinthedeploymentofIPtelephonysolutionsthatvoicepacketshavelowlatencyandlowjitterateachhopalongagivenpath.



StreamingVideoRequirements

Streamingvideoisavideofeedthatisusuallysentfromprerecordedfiles.Itcanbedistributedinalivebroadcastconvertingthevideointoacompresseddigitalsignalandthentransmittedbyaspecialwebserver.Thismediastreamissentasamulticastsomultipleuserscanviewthestreamatthesametime.




InanetworkwithoutQoS,allpacketsreceivethesametreatment,andrealtimeapplicationssuffer

QoSdoesnotactuallycreatemorebandwidth.Instead,itprioritizesbandwidthusetosupporttheapplications,suchasIPtelephony,thatneeditmost.Todothis,QoSusestrafficqueuestohelpmanageprioritytrafficonconvergednetworks.



Playflashfromchapter4.3.1(2)

file:///C:/CISCO_CCNA/Discovery4_English/index.html


TrafficQueuing

VoiceandDataTraffic

Inaconvergednetwork,constant,smallpacketvoicetrafficcompeteswithlarger,irregulardataflowsfromserverupdatesandfiletransfers.Althoughtypicallythepacketscarryingvoicetrafficonaconvergednetworkaresmall,delaysthatoccurwhiletheytraversethenetworkwillcausepoorvoicequality.

Datafromrealtimeapplications,suchasIPtelephony,mustbeprocessedatthesamerateasitissent,andthereisnotimetoretransmitpacketswitherrors.Therefore,VoIPusesUDPasabestefforttransportprotocol.


TrafficQueuing

Conversely,packetscarryingfiletransferdatatypicallyarelarge.ThesepacketsusetheerrorcheckingandretransmissionfeaturesofTCPtosurvivedelaysandpacketdrops.

Itispossibletoretransmitpartofadroppeddatafile,butitisnotfeasibletoretransmitpartofavoiceconversation.Forthisreason,critical,timesensitive,voiceandvideotrafficmusthavepriorityoverdatatraffic.


TrafficQueuing

QoSMechanisms

MechanismsmustbeinplacetoprovideQoSpriority.Theprioritiesfortrafficcanbehigh,medium,normal,andlow.TrafficqueuesareonlyoneoftheQoSmechanismsavailableforprioritizingtrafficonthenetwork.Trafficqueuesassistinprovidingsecure,predictable,andguaranteedservices.Evenabriefnetworkoutageonaconvergednetworkcanseriouslydisruptbusinessoperations.


TrafficQueuing


TrafficQueuing

HardwareandSoftwareQueues

QueuesareusedtomanagetrafficflowwithQoS.Hardwarequeuesstoretrafficasitisreceivedandsendpacketsoutintheorderreceived,onafirstcomefirstservedbasis.Thehardwarequeueissometimesreferredtoasthetransmitqueue,orTxQ.Thisisthephysicalqueuewherepacketswaitforforwardingbasedontheirpriority.


TrafficQueuing

Softwarequeuesallowthepacketstobesentoutbasedontheprioritysetbythenetworkdesigneroradministrator.ThequeuesarebasedontheQoSrequirements.Priorityqueuing(PQ)andCustomQueuing(CQ)areexamplesofsoftwarequeues.

ImplementingQoSinTrafficQueues

ToimplementQoSonanetwork,thedesignerfollowsthreebasicstepstoensurethattrafficisproperlyprioritized:


TrafficQueuing

Step1:IdentifyTrafficRequirements

DeterminetheQoSrequirementsneededforthedifferenttypesoftrafficsuchasvoice,missioncriticalapplications,andwhichlowprioritytrafficcanbemarkedasbesteffort.

Step2:DefineTrafficClasses

Aftertraffichasbeenidentified,itcanbeplacedinappropriateclasses,suchasvoicetraffic,whichhasthehighestpriority,followedbymissioncriticalapplications.Allothertrafficcanbeprioritizedasnormalorlowdependingonthepurposeofthedata.


TrafficQueuing

Step3:DefineQoSPolicies

ThelaststepistodefinetheQoSpoliciestobeappliedtoeachclass.Thesepoliciesincludeschedulingtrafficqueuesandrulesformanagingcongestion.


Prioritiesandtrafficmanagement

Manymethodsareavailableformanagingtrafficonanetwork.OnemethodisPriorityQueuing(PQ).AspartofimplementingQoSonanetwork,PriorityQueuingclassifiestrafficashigh,medium,normal,orlowpriority.PriorityQueuingcanthenbeappliedtotheseQoSclasses.

PriorityQueuingisusefulfortimesensitive,missioncriticalprotocols.PQworksbyestablishingfouroutputinterfacequeueshigh,medium,normal,andloweachservingadifferentlevelofpriority.Thesequeuesareconfigurableforthefollowingcharacteristics:

Queuetype

Trafficassignment

Size



Incomingtrafficisclassified,markedtoindicateitsclass,andforwarded.

TrafficisassignedtothevariousqueuesbasedonQoSpoliciesdefinedinaprioritylist.Thesepoliciescanbebasedonprotocol,portnumber,orothercriteriaestablishedforthedesignatedtraffictype.Theyrepresentasetoffiltersthatseparatedifferenttraffictypesintothefourclassbasedqueues.



CiscoisincorporatingtoolstoassistwiththeconfigurationofQoS.OneofthosetoolsisAutoQoS,whichisavailableaspartoftheCiscoIOSsoftware.

CiscoAutoQoSprovidesasimple,intelligentCommandLineInterface(CLI).ThisCLIenablesLANandWANQoSforVoIPonCiscoswitchesandrouters.



AutoQoSincorporatestheCiscobestpracticesforimplementingqualityofserviceandmakesiteasyforcustomerstoconfiguretheirnetworkstosupporthighprioritytraffic,suchasvoiceorvideo.

CiscoAutoQoScanreducethedeploymentcostandtimeframebyasmuchastwothirds,whencomparedtoamanualapproach.


WherecanQoSbeimplemented?

WhenconfiguringQoSfeatures,thenetworkadministratorcanselectthespecificnetworktraffic,prioritizeitaccordingtoitsrelativeimportance,andusecongestionmanagementtechniquestoprovidepreferentialtreatment.QoScanbeimplementedattheAccess,Distribution,andCoreLayersofanetwork.

Layer2Devices

Layer2switchesattheAccessLayercansupportQoSbasedonIEEE802.1pClassofService(CoS).TheLayer2switchQoSusesclassificationandschedulingtoprioritizesendingframesfromtheswitchintothenetwork.



Layer3Devices

Layer3devicescansupportQoSbasedonphysicalinterface,IPaddresses,logicalportnumbers,andQoSbitsintheIPpacket.QoSinDistributionandCoreLayerdevicesmustbesupportedinbothdirectionsoftrafficflow.

ClassificationandMarking

Classificationistheprocessbywhichtrafficisgrouped.Classificationsaremadebasedonhowtrafficismarkedorbyprotocol.



TrafficcanbemarkedbyLayer2classofservice,anIPprecedence,oraDifferentiatedServicesCodePoint(DSCP)value:

Classofservice(CoS)isthefirst3bitsofan802.1qVLANtag.

IPprecedenceisthefirst3bitsoftheTypeofService(ToS)byteintheIPheader.

DSCPcanbeassignedbytherouterorswitch.Itisthefirst6bitsintheToSbyteintheheader.

Classificationandmarkingallowthepartitioningoftrafficintomultipleprioritylevels,orclassesofservice.


ConvergedNetworkConsideration

Modernnetworkscansupportconvergedserviceswherevideoandvoicetrafficaremergedwithdatatraffic.Thenetworkinthestadiumisatypicalexample.

ManagingConvergedNetworks

Controlmethodsforvoiceandvideotrafficonconvergednetworksaredifferentfromcontrolmethodsforothertraffic,suchaswebbased(HTTP)traffic.



QualityofService(QoS)onConvergedNetworks

AllnetworksperformbetterwhenQoScontrols:

Delayandjitter

Bandwidthprovisioning

Packetlossparameters

Convergednetworksrequirestrongperformanceandsecurityfeaturestomanagetheconflictingrequirementsoftheirtraffic.Forthisreason,QoSmechanismsaremandatory.


RequirementsofanIPtelephonysolution

OneofthetechnicalrequirementsofthestadiumnetworkistoupgradetoanIPtelephonysolution.

IPTelephonyDesignConsiderations

Theproposednetworkdesignmustinclude:

Powerandcapacityplanning

Identifyingcontendingtrafficflows

SelectingthecomponentsfortheIPtelephonysolution



ThecomponentsofanIPtelephonysolutioncaninclude:

IPphones

Gateway

Multipointcontrolunit(MCU)

Callagent

Applicationservers

Videoendpoint

Softwaretelephone

Othercomponents,suchassoftwarevoiceapplicationsandinteractivevoiceresponse(IVR)systems,provideadditionalservicestomeettheneedsofenterprisesites.



IsolatingTraffic

IfboththeclientPCandtheIPphoneareonthesameVLAN,eachwilltrytousetheavailablebandwidthwithoutconsideringtheotherdevice.ThesimplestmethodtoavoidaconflictistouseseparateVLANsforIPtelephonytrafficanddatatraffic.

BenefitsofSeparateVLANs

UsingseparateVLANsprovidesthesebenefits:

QoScanprioritizetheIPtelephonytrafficasitcrossesthenetwork.

NetworkadministratorscanidentifyandtroubleshootnetworkproblemsmoreeasilywhenphonesareonseparateIPsubnetsandVLANs.



ThestadiummanagementwantstoreplacetheirdigitaltelephonesystemwithIPtelephony.

TraditionalTelephony

Traditionalbusinesstelephonesystemsaretypicallybuiltaroundacentralcontrolunit,calledaPrivateBranchExchange(PBX).ThePBXroutesvoicecallsviaanalogordigitallines,dependingonthetypeofdevice.Forexample,ananalogfaxmachineoranalogphoneusesananalogline,andadigitaldesktopphoneusesadigitalline.



VoIP

CiscousesthetermVoIPwhenusingvoiceenabledrouterstoconvertanalogvoicefromtraditionaltelephonesintoIPpacketsandroutethosepacketsbetweenlocations.WithintheITindustry,VoIPisusedinterchangeablywithIPtelephony.WithVoIP,thePBXconnectstoavoiceenabledrouter.ItdoesnotconnecttoaPSTNortoanotherPBX.BusinessesuseVoIPtoreducecostsbyconsolidatingWANlinks,decreasinglongdistancecallingchargesandreducingthenumberofsupportstaff.



IPTelephony

IPtelephonyreplacestraditionalphoneswithIPphonesandusesCiscoUnifiedCommunicationsManager,whichisaserverforcallcontrolandsignaling.IPtelephonyhasthefollowingfeatures:

IntegratesvoiceandvoicemessagingapplicationsthatconnectviatheIPnetworkratherthanviatheanalogordigitalsystems.

UsesanIPphonetoperformvoicetoIPconversion.

CreatespeertopeerrelationshipsbetweenthephonesinvolvedinaconversationratherthancentrallyroutingcallsasaPBXdoes.



ThenetworkdesignerandcustomercanincorporateVoIPorIPtelephonyontotheexistingdatanetwork,creatingaconvergednetwork.

ThestadiumcompanyexpectstogainthefollowingbenefitsofIPtelephony:

Simplifiedadministrationofofficemoves,additions,andchanges

Additionalapplications,suchasdirectoriesandwebpages,tothetelephonysystem

Reducedcosttomanagetheseparateinfrastructures


Videoliveandondemand

LiveVideo

Livevideo,orstreamingvideo,enablesuserstoseecontentbeforeallthemediapacketsareinsidetheircomputersystem.Streamingmediafilesdonothaveawaitingperiodforviewing;theyareavailableimmediatelyasacontinuousstreamofdatapackets.Streamingvideoeliminatestheneedtostorelargemediafilesortoallocatestoragespaceforthefilesbeforeplayingthem.Alivevideofeedisoftensentusingmulticastpacketstomanyusersatthesametime.



VoD

WithVoD,userscaneitherstreamordownloadallofthecontenttotheircomputercachebeforetheyviewit.Downloadingthecompletevideofilebeforeviewingisalsocalledstoreandforward.Thismethodminimizestheloadonsystemresources.Installingaservertodirectstreamingmediaintoacomputercacheallowsuserstoretainthecontentandviewitatalatertime.VoDissentusingunicastpacketstothespecificuserrequestingthevideo..


SupportingRemoteuserswithvoiceandvideo

Technologydevelopmentsallowgreaterflexibilitytoworkersintermsofhowandwheretowork.Atthestadium,forexample,workersconnecttothecentralsitefromseveralremotesites.

Totakeadvantageofcentralsiteresourcesandcommunications,ateleworker,branchoffice,ormobileusertypicallyhasatleastoneWANconnectiontothecentralsite.ThebandwidthrequirementsfortheWANconnectiondependonthetypeofnetworkresourcesthattheusersneedtofunctionintheirjob.IfremoteworkersarepartoftheIPtelephonynetwork,acallmanagersystemmayneedtobelocatedremotely.


Thisaccessimpactsbandwidth.Forexample,streamingvideomaybeusedforacorporatemeeting.ThesedesigndecisionsrequireassessingthebandwidthatthecentralsiteWANconnectionaswell.

PermanentLinkorOnDemand?

Thenetworkdesignerdecideswhetheritisbettertousepermanentorondemandlinkstothecentralsite.Thedesignerworkswiththecustomertoconsidercost,security,andavailabilityrequirements.




AhighspeedInternetconnectionisagoodsolutionforteleworkers.Itiseasytosetupinremoteofficesandisalsoavailableinmanyhotels.ThestadiummanagementplanstoprovideanInternetconnectionusingwirelessAPsintheluxuryboxesandthestadiumrestaurant.

Sometimes,asynchronousdialupconnectionsaretheonlyremoteaccesssolutionavailabletotravelers.EmployeeswhotravelcanuseaPCwithamodemandtheexistingtelephonenetworktoconnecttothecompany.



WANconnectionsattelecommutersitescanhavethefollowingfeatures:

Asynchronousdialup

ISDNBRI

Cablemodems

DSL

Wirelessandsatellite

VPN


Whatisatrafficflow

TrafficFlow

Trafficflowonanetworkissimilartothetrafficflowoncitystreets.Justascarsmovefromonelocationtoanotherthroughoutthecity,trafficgeneratedfromapplicationsmovesfromonelocationinthenetworktoanother.

Acaronthestreettravelsfromastartingpointtoadestination.Similarly,atrafficflowcreatedbyanapplicationtravelsasaunidirectionalstreamofpacketsbetweenasourceandadestination.


Whatisatrafficflow

ThepathistypicallydefinedbyaNetworkLayerIPaddress.DependingontheQoSandpoliciesconfiguredinthenetwork,thepathcanbeinfluencedbyotherinformationsuchasTransportLayersourceanddestinationportnumbers.

ThepathistypicallydefinedbyaNetworkLayerIPaddress.DependingontheQoSandpoliciesconfiguredinthenetwork,thepathcanbeinfluencedbyotherinformationsuchasTransportLayersourceanddestinationportnumbers.


Whatisatrafficflow


Whatisatrafficflow

ApplicationTrafficFlows

Theflowofapplicationtrafficinandoutofaportionofthenetworkcanbeminimalattimesandsignificantlyhigheratothers.Forinstance,inthesportsstadium,earlymorningtrafficmayincludeemailrequests,Internetaccess,andfileuploadstothestadiumservers.AfternoontrafficmightincludeVoIP,email,filetransfers,andtransactionprocessesfromticketsales.


Whatisatrafficflow

Ifthenetworkdesignerdoesnotcorrectlyestimatethevolumeofapplicationtrafficduringtheinitialdesignofthestadiumnetwork,allapplicationscouldexperiencenetworkcongestionanddegradedperformance.Customersatconcessionstandsandticketpurchasingkiosksmightencountersignificantdelaysorevenaninabilitytoaccesstheapplications.Customersatisfactionwoulddiminish.


Whatisatrafficflow

Toaidinvisualizingcurrentandfuturetrafficonthenetwork,thedesignercreatesadiagramoftrafficflows.Thefirststepistoidentifytheprojectedapplicationsonthenetwork.Thisinformationisgatheredfromthefollowingsources:

Customerinput

Networkaudit

Trafficanalysis


Whatisatrafficflow


Whatisatrafficflow

Itisextremelyimportanttoidentifytrafficflowsbetweenhosts.Thenetworkdesignerusesthecontentsoflogicalorphysicaldiagramstoplanthedesigntoaccommodatebothexistingandnewapplicationstraffic.

Thenetworkdesignergenerallyusesadesignprogram,suchasMSVisio,tocreateadiagramthatshowstheidentifiedapplicationsandthelogicaltopologyofthenetwork.


Whatisatrafficflow

Fromthelogicaldiagram,thedesigneridentifiespossibleareasofcongestion.Thedesignerthendeterminestheequipmentneededtohandlethetrafficflowingfromhosttohostandfromhosttoserver.

Inthestadium,thelogicaltopologydiagramshowsthetrafficflowsfromhosttohostandfromhosttoservers.Theconnectionofthedevicesalsoshowstheapplicationsthatwillbeused.Thetrafficgeneratedbetweenthehostsisrelativelyminorwhencomparedtothetrafficgeneratedfromthehoststotheservers.


Whatisatrafficflow


DiagrammingInternal(Intranet)trafficflow

Thestadiumnetworkservesacomplexorganizationthathasmanyoperationalareas.Themanagementoffices,servers,vendors,andticketofficesareallapartofthelargernetwork.

EachLANwithinthestadiumhandlestrafficbeingsentfromhosttohostandhosttoserver.Generalfiletransfersfromhosttohostandemailtrafficdonotconsumelargeamountsofbandwidth.However,thedailybackupstotheserverconsumelargeamountsofbandwidthandneedtobeanalyzedduringthedesignphase.



Alltrafficflows,fromboththeinternalandexternalnetworks,mustbecarefullyassessedwhendesigninganewnetworkorproposingupgradesforanexistingnetwork.Thisassessmentposesuniquechallengesforthenetworkdesigner:

Trafficwithintheinternalnetworkiseasytoidentify.Thistrafficcanbeusedtoestimateutilizationofthenetwork.

Trafficfromexternalsourcesisdifficulttocharacterize.Thedesignerneedstoestimatethebandwidthrequirementsforexternaltrafficflows.


Diagrammingtrafficflowstoandfromremotesites

AfterallsectionsoftheinternalLANhavebeencharacterizedanddiagrammed,thenetworkdesignerfocusesontheremotesitesandVPNs.

Theamountoftrafficsenttoorreceivedfromaremotesitecanbesmall.Inthestadiumnetwork,thetrafficflowsmaybesmall,buttheyareprimarilytransactionalprocessessentfromtheticketofficetotheserverslocatedatthestadium.Becausetheseapplicationsaremissioncritical,itisimportanttoidentifytheflowsforQoS,redundancy,andsecuritypurposes.



AswiththeLANtopology,theremotedevicesthatgeneratetrafficonthenetworkneedtobeidentified.Allswitchesandroutersthatareusedtoconnecttheremotesitestothestadiumarepartofthepaththattheapplicationtraffictakes.

Thenetworkdesignershouldcalculatetheamountoftrafficflowingfromtheremotesitesaspartoftheexternaltrafficflowsintothestadiumnetwork.ThedesignershouldalsodetermineifanyACLsorfirewallswillinterferewiththeflowofappropriatetraffic.


DiagrammingExternalTrafficFlows

Althoughmostofthetrafficintheexistingstadiumnetworkisinternal,thenetworkdesignermustconsidertheexternaltrafficthatisdestinedfortheInternet.

DiagrammingtheInternetisimpossible,consideringthenumberofdevicesthatareconnectedtoit.However,itispossibletodetermine:



TheoutgoingtrafficflowsdestinedfortheInternet.Anexampleofoutgoingtrafficinthestadiumnetworkisusersinthestadiumwhorequireaccesstoexternalresources,suchasonlinesportsnews.

TheincomingtrafficflowsfromtheInternettolocallyprovidedservices.Anexampleofincomingtrafficiscustomerspurchasingticketsonlinewhoneedaccesstotheinternalserverstoprocessthepurchases.


DiagrammingExtranetTrafficFlows

ThestadiumhasaremotesiteandavendorthatisallowedtoaccesstheinternalnetworkthroughVPNs.TheseVPNspermitaccesstothestadiuminternetworkviasecure,encryptedconnections.Thestadiumalsohasawebbasedecommerceserverthatallowscustomerstobuytickets.ThisserverisprotectedusingSSL.

vendorandcustomersareusingIPSectosecuretrafficflowsintothestadiumnetwork.


DiagrammingExtranetTrafficFlows

CCNA Discovery 4.0 Designing and Supporting Computer NetworksObjectivesThe importance of application performanceSlide 4Slide 5Slide 6Slide 7Slide 8Characteristics of Different Application CategoriesSlide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21How traffic flow affects network designSlide 23Slide 24Slide 25How application characteristics affect network designSlide 27Slide 28Slide 29Transaction ProcessingSlide 31Slide 32Slide 33Slide 34Slide 35Slide 36Slide 37Slide 38Slide 39Slide 40Slide 41Slide 42Slide 43Slide 44Slide 45Slide 46Slide 47Slide 48Real-time Streaming and VoiceSlide 50Slide 51Slide 52Slide 53Slide 54Slide 55Slide 56Slide 57File Transfer and E-mailSlide 59Slide 60Slide 61Slide 62Slide 63Slide 64Slide 65Slide 66HTTP and Web TrafficSlide 68Slide 69Slide 70Microsoft Domain ServicesSlide 72Slide 73Slide 74Slide 75What is Quality of Service and why is it needed?Slide 77Slide 78Slide 79Slide 80Slide 81Slide 82Slide 83Traffic QueuingSlide 85Slide 86Slide 87Slide 88Slide 89Slide 90Slide 91Priorities and traffic managementSlide 93Slide 94Slide 95Slide 96Slide 97Where can QoS be implemented?Slide 99Slide 100Slide 101Converged Network ConsiderationSlide 103Slide 104Requirements of an IP telephony solutionSlide 106Slide 107Slide 108Slide 109Slide 110Slide 111Slide 112Slide 113Slide 114Slide 115Slide 116Slide 117Video-live and on-demandSlide 119Slide 120Slide 121Supporting Remote users with voice and videoSlide 123Slide 124Slide 125Slide 126What is a traffic flowSlide 128Slide 129Slide 130Slide 131Slide 132Slide 133Slide 134Slide 135Slide 136Slide 137Slide 138Diagramming Internal (Intranet) traffic flowSlide 140Slide 141Diagramming traffic flows to and from remote sitesSlide 143Slide 144Diagramming External Traffic FlowsSlide 146Slide 147Diagramming Extranet Traffic FlowsSlide 149

ccna discovery 4.0 designing and supporting computer...

Documents