Selecting MPLS VPN Services (Hardcover)
Chris Lewis, Steve Pickavance
- 出版商: Cisco Press
- 出版日期: 2006-02-23
- 售價: $2,030
- 貴賓價: 9.5 折 $1,929
- 語言: 英文
- 頁數: 456
- 裝訂: Hardcover
- ISBN: 1587051915
- ISBN-13: 9781587051913
立即出貨(限量) (庫存=2)
買這商品的人也買了...
-
$490$382 -
$2,275$2,161 -
$2,520$2,394 -
$299$254 -
$2,680$2,546 -
$490$382 -
$880$695 -
$3,190$3,031 -
$450$405 -
$780$702 -
$680$578 -
$650$507 -
$680$578 -
$980$774 -
$580$458 -
$880$695 -
$680$537 -
$450$356 -
$620$558 -
$680$578 -
$1,800$1,710 -
$720$569 -
$1,575$1,496 -
$2,990$2,841 -
$650$514
相關主題
商品描述
Description:
A guide to using and defining MPLS VPN services
- Analyze strengths and weaknesses of TDM and Layer 2 WAN services
- Understand the primary business and technical issues when evaluating IP/MPLS VPN offerings
- Describe the IP addressing, routing, load balancing, convergence, and services capabilities of the IP VPN
- Develop enterprise quality of service (QoS) policies and implementation guidelines
- Achieve scalable support for multicast services
- Learn the benefits and drawbacks of various security and encryption mechanisms
- Ensure proper use of services and plan for future growth with monitoring and reporting services
- Provide remote access, Internet access, and extranet connectivity to the VPN supported intranet
- Provide a clear and concise set of steps to plan and execute a network migration from existing ATM/Frame Relay/leased line networks to an IP VPN
IP/MPLS VPNs are compelling for many reasons. For enterprises, they enable right-sourcing of WAN services and yield generous operational cost savings. For service providers, they offer a higher level of service to customers and lower costs for service deployment.
Migration comes with challenges, however. Enterprises must understand key migration issues, what the realistic benefits are, and how to optimize new services. Providers must know what aspects of their services give value to enterprises and how they can provide the best value to customers.
Selecting MPLS VPN Services helps you analyze migration options, anticipate migration issues, and properly deploy IP/MPLS VPNs. Detailed configurations illustrate effective deployment while case studies present available migration options and walk you through the process of selecting the best option for your network. Part I addresses the business case for moving to an IP/MPLS VPN network, with a chapter devoted to the business and technical issues you should review when evaluating IP/MPLS VPN offerings from major providers. Part II includes detailed deployment guidelines for the technologies used in the IP/MPLS VPN.
This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
Table of Contents:
Part I Business Analysis and Requirements of IP/MPLS VPN
Chapter 1 Assessing Enterprise Legacy WANs and IP/VPN Migration
Current State of Enterprise NetworksEvolutionary Change of Enterprise Networks
Acme, a Global Manufacturer
Acme’s Global Span
Business Desires of Acme’s Management
Acme’s IT Applications Base
Acme’s IT Communications Infrastructure
New WAN Technologies for Consideration by Acme
Layer 3 IP/MPLS VPN Services
Layer 2 IP/MPLS VPN Services
Convergence Services
Internet Access
Mobile Access and Teleworker Access
Voice Services: Service Provider Hosted PSTN Gateway
Voice Services: Service Provider Hosted IP Telephony
Summary
Chapter 2 Assessing Service Provider WAN Offerings
Enterprise/Service Provider Relationship and Interface
Investigation Required in Selecting a Service Provider
Coverage, Access, and IP
Financial Strength of the Service Provider
Convergence
Transparency
IP Version 6
Provider Cooperation/Tiered Arrangements
Enhanced Service-Level Agreement
Customer Edge Router Management
Service Management
Customer Reports and SLA Validation
Summary
Chapter 3 Analyzing Service Requirements
Application/Bandwidth Requirements
Backup and Resiliency
Enterprise Segmentation Requirements
Mapping VLANs to VPNs in the Campus
Access Technologies
Frame Relay
ATM
Dedicated Circuit from CE to PE
ATM PVC from CE to PE
Frame Relay PVC from CE to PE
Metro Ethernet
QoS Requirements
Bandwidth
Packet Delay and Jitter
Packet Loss
Enterprise Loss, Latency, and Jitter Requirements
QoS at Layer 2
Subscriber Network QoS Design
Baseline New Applications
Develop the Network
Security Requirements
Topological and Network Design Considerations
SP-Managed VPNs
Multiprovider Considerations
Extranets
Case Study: Analyzing Service Requirements for Acme, Inc.
Layer 2 Description
Existing Customer Characteristics That Are Required in the New Network
DefenseCo’s Backbone Is a Single Autonomous System
Reasons for Migrating to MPLS
Evaluation Testing Phase
Routing Convergence
Jitter and Delay
Congestion, QoS, and Load Testing
Vendor Knowledge and Technical Performance
Evaluation Tools
TTCP
Lessons Learned
Transition and Implementation Concerns and Issues
Post-Transition Results
Summary
References
Part II Deployment Guidelines
Chapter 4 IP Routing with IP/MPLS VPNs
Introduction to Routing for the Enterprise MPLS VPN
Implementing Routing Protocols
Network Topology
Addressing and Route Summarization
Route Selection
Convergence
Network Scalability
Memory
CPU
Security
Site Typifying WAN Access: Impact on Topology
Site Type: Topology
WAN Connectivity Standards
Site Type A Attached Sites: Dual CE and Dual PE
Site Type B/3 Dual-Attached Site–Single CE, Dual PE
Site Type B/3 Dual-Attached Site–Single CE, Single PE
Site Type D Single-Attached Site–Single CE with Backup
Convergence: Optimized Recovery
IP Addressing
Routing Between the Enterprise and the Service Provider
Using EIGRP Between the CE and PE
How EIGRP MPLS VPN PE-to-CE Works
PE Router: Non-EIGRP-Originated Routes
PE Router: EIGRP-Originated Internal Routes
PE Router: EIGRP-Originated External Routes
Multiple VRF Support
Extended Communities Defined for EIGRP VPNv4
Metric Propagation
Configuring EIGRP for CE-to-PE Operation
Using BGP Between the CE and PE
Securing CE-PE Peer Sessions
Improving BGP Convergence
Case Study: BGP and EIGRP Deployment in Acme, Inc.
Small Site–Single-Homed, No Backup
Medium Site–Single-Homed with Backup
Medium Site–Single CE Dual-Homed to a Single PE
Large Site–Dual-Homed (Dual CE, Dual PE)
Load Sharing Across Multiple Connections
Very Large Site/Data Center–Dual Service Provider MPLS VPN
Site Typifying Site Type A Failures
Solutions Assessment
Summary
References
Cisco Press
Chapter 5 Implementing Quality of Service
Introduction to QoS
Building a QoS Policy: Framework Considerations
QoS Tool Chest: Understanding the Mechanisms
Classes of Service
Hardware Queuing
Software Queuing
QoS Mechanisms Defined
Pulling It Together: Build the Trust
Building the Policy Framework
Classification and Marking of Traffic
Trusted Edge
Device Trust
Application Trust
CoS and DSCP
Strategy for Classifying Voice Bearer Traffic
QoS on Backup WAN Connections
Shaping/Policing Strategy
Queuing/Link Efficiency Strategy
IP/VPN QoS Strategy
Approaches for QoS Transparency Requirements for the Service Provider
Network
QoS CoS Requirements for the SP Network
WRED Implementations
Identification of Traffic
What Would Constitute This Real-Time Traffic?
QoS Requirements for Voice, Video, and Data
QoS Requirements for Voice
QoS Requirements for Video
QoS Requirements for Data
The LAN Edge: L2 Configurations
Classifying Voice on the WAN Edge
Classifying Video on the WAN Edge
Classifying Data on the WAN Edge
Case Study: QoS in the Acme, Inc. Network
QoS for Low-Speed Links: 64 kbps to 1024 kbps
QoS Reporting
Summary
References
Chapter 6 Multicast in an MPLS VPN
Introduction to Multicast for the Enterprise MPLS VPN
Multicast Considerations
Mechanics of IP Multicast
RPF
Source Trees Versus Shared Trees
Protocol-Independent Multicast
Interdomain Multicast Protocols
Source-Specific Multicast
Multicast Addressing
Administratively Scoped Addresses
Deploying the IP Multicast Service
Default PIM Interface Configuration Mode
Host Signaling
Sourcing
Multicast Deployment Models
Any-Source Multicast
Source-Specific Multicast
Enabling SSM 206
Multicast in an MPLS VPN Environment: TransparencyMulticast Routing Inside the VPN
Case Study: Implementing Multicast over MPLS for Acme
Multicast Addressing
Multicast Address Management
Predeployment Considerations
MVPN Configuration Needs on the CE
Boundary ACL
Positioning of Multicast Boundaries
Configuration to Apply a Boundary Access List
Rate Limiting
MVPN Deployment Plan
Preproduction User Test Sequence
What Happens When There Is No MVPN Support?
Other Considerations and Challenges
Summary
References
Chapter 7 Enterprise Security in an MPLS VPN Environment
Setting the Playing Field
Comparing MPLS VPN Security to Frame Relay Networks
Security Concerns Specific to MPLS VPNs
Issues for Enterprises to Resolve When Connecting at Layer 3 to Provider Networks
History of IP Network Attacks
Strong Password Protection
Preparing for an Attack
Identifying an Attack
Initial Precautions
Basic Attack Mitigation
Basic Security Techniques
Remote-Triggered Black-Hole Filtering
Loose uRPF for Source-Based Filtering
Strict uRPF and Source Address Validation
Sinkholes and Anycast Sinkholes
Backscatter Traceback
Cisco Guard
Distributed DoS, Botnets, and Worms
Anatomy of a DDoS Attack
Botnets
Worm Mitigation
Case Study Selections
Summary
References
Comparing MPLS VPN to Frame Relay Security
ACL Information
Miscellaneous Security Tools
Cisco Reference for MPLS Technology and Operation
Cisco Reference for Cisco Express Forwarding
Public Online ISP Security Bootcamp
Tutorials, Workshops, and Bootcamps
Original Backscatter Traceback and Customer-Triggered Remote- Triggered Black-Hole Techniques
Source for Good Papers on Internet Technologies and Security
Security Work Definitions
NANOG SP Security Seminars and Talks
Birds of a Feather and General Security Discussion Sessions at NANOG
Chapter 8 MPLS VPN Network Management
The Enterprise: Evaluating Service Provider Management Capabilities
Provisioning
SLA Monitoring
Fault Management
Reporting
Root Cause Analysis
The Enterprise: Managing the VPN
Planning
Ordering
Provisioning
Monitoring
Optimization
The Service Provider: How to Meet and Exceed Customer Expectations
Provisioning
Fault Monitoring
OAM and Troubleshooting
Fault Management
SLA Monitoring
Reporting
Summary
References
Chapter 9 Off-Net Access to the VPN
Remote Access
Dial Access via RAS
Dial Access via L2TP
Connecting L2TP Solutions to VRFs
DSL Considerations
Cable Considerations
IPsec Access
GRE + IPsec on the CPE
CE-to-CE IPsec
The Impact of Transporting Multiservice Traffic over IPsec
Split Tunneling in IPsec
Supporting Internet Access in IP VPNs
Case Study Selections
Summary
References
General PPP Information
Configuring Dial-In Ports
L2TP
Layer 2 Tunnel Protocol Fact Sheet
Layer 2 Tunnel Protocol
VPDN Configuration Guide
VPDN Configuration and Troubleshooting
Security Configuration Guide
RADIUS Configuration Guide
Broadband Aggregation to MPLS VPN
Remote Access to MPLS VPN
Network-Based IPsec VPN Solutions
IPsec
GRE + IPsec
DMVPN
Split Tunneling
Prefragmentation 373
Chapter 10 Migration Strategies
Network Planning
Writing the RFP
Architecture and Design Planning with the Service Providers
Project Management
SLAs with the Service Providers
Network Operations Training
Implementation Planning
Phase 1
Phase 2
Phase 3
Phase 4
On-Site Implementation
Case Study Selections
Summary
Part III Appendix
Appendix Questions to Ask Your Provider Regarding Layer 3 IP/MPLS VPN Capability
商品描述(中文翻譯)
描述:
一本關於使用和定義MPLS VPN服務的指南。
- 分析TDM和Layer 2 WAN服務的優點和缺點
- 瞭解評估IP/MPLS VPN方案時的主要商業和技術問題
- 描述IP VPN的IP地址分配、路由、負載平衡、收斂和服務能力
- 制定企業的服務品質(QoS)政策和實施指南
- 實現可擴展的多播服務支持
- 瞭解各種安全和加密機制的優點和缺點
- 通過監控和報告服務確保服務的正確使用和未來增長的計劃
- 為VPN支持的內部網提供遠程訪問、互聯網訪問和外部網連接
- 提供一套明確簡潔的步驟,計劃和執行從現有的ATM/Frame Relay/租用線網絡遷移至IP VPN的網絡遷移。
IP/MPLS VPN具有許多吸引人之處。對於企業來說,它們可以實現WAN服務的合理外包,並節省大量運營成本。對於服務提供商來說,它們可以為客戶提供更高水平的服務,並降低服務部署成本。
然而,遷移也帶來了挑戰。企業必須瞭解關鍵的遷移問題,實際的好處是什麼,以及如何優化新服務。提供商必須知道他們的服務的哪些方面對企業有價值,以及如何為客戶提供最佳價值。
《選擇MPLS VPN服務》幫助您分析遷移選項,預測遷移問題,並正確部署IP/MPLS VPN。詳細的配置示例展示了有效的部署,案例研究介紹了可用的遷移選項,並引導您選擇最佳選項來構建您的網絡。第一部分討論了轉向IP/MPLS VPN網絡的商業案例,其中一章專門介紹了評估主要供應商提供的IP/MPLS VPN方案時應該考慮的商業和技術問題。第二部分包括了IP/MPLS VPN中使用的技術的詳細部署指南。
本書是Cisco Press®的Networking Technology Series系列的一部分,為網絡專業人士提供構建高效網絡、瞭解新技術和建立成功職業的寶貴信息。
目錄:
第一部分:IP/MPLS VPN的商業分析和需求
第1章:評估企業遺留的WAN和IP/VPN遷移
企業網絡的現狀
企業網絡的演變
全球製造商Acme
Acme的全球範圍
Acme的業務需求