Building Resilient IP Networks
暫譯: 構建韌性IP網路
Kok-Keong Lee, Fung Lim, Beng-Hui Ong
- 出版商: Cisco Press
- 出版日期: 2005-12-22
- 售價: $2,200
- 貴賓價: 9.5 折 $2,090
- 語言: 英文
- 頁數: 432
- 裝訂: Hardcover
- ISBN: 1587052156
- ISBN-13: 9781587052156
已絕版
買這商品的人也買了...
-
ASP.NET 程式設計徹底研究$590$466 -
鳥哥的 Linux 私房菜-伺服器架設篇$750$638 -
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560$476 -
C++ 程式設計$650$514 -
最新 JavaScript 完整語法參考辭典 第三版$490$382 -
Assessing Network Security (Paperback)$2,030$1,929 -
Windows 程式設計使用 MFC (Programming Windows with MFC, 2/e)$990$782 -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507 -
Design Patterns 於 Java 語言上的實習應用, 2/e$560$437 -
網頁設計最重要的 10 堂課$490$417 -
新一代 ASP.NET 2.0 網站開發實戰-使用C# 以及 VB$550$468 -
AutoCAD 2006 實力養成暨評量$350$277 -
深入淺出 Java 程式設計, 2/e (Head First Java, 2/e)$880$695 -
Linux Kernel 完全剖析$750$585 -
Dreamweaver 8 魔法書中文版$490$417 -
Linux Mail Server 技術實務─架設、稽核、防毒、防垃圾信$580$493 -
Linux 嵌入式系統開發$590$466 -
CSS 功能索引式參考手冊$390$332 -
How Networks Work 網路系統是怎麼運作的
$350$273 -
軟體預先架構之美學 (Prefactoring)$580$458 -
深入淺出 Hibernate$650$507 -
ASP.NET 2.0 深度剖析範例集$650$507 -
專案管理黑皮書$270$213 -
ASP.NET AJAX 應用剖析立即上手$580$452 -
Excel VBA 757 個最強活用範例集$640$499
相關主題
商品描述
Description
The practical guide to building resilient and highly available IP networks
- Learn from an all-in-one introduction to new features and developments in building a resilient IP network
- Enable your organization to meet internal service-level agreements (SLAs) for mission-critical resources
- Understand how a resilient IP network can help in delivering mission-critical information such as video and voice services
- Work with configuration examples that are based on real-world issues and customer requirements
- Get tips and best practices from field personnel who have worked on some of the largest networks with stringent uptime requirements and SLAs
More companies are building networks with the intention of using them to conduct business. Because the network has become such a strategic business tool, its availability is of utmost importance to companies and their service providers. The challenges for the professionals responsible for these networks include ensuring that the network remains up all the time, keeping abreast of the latest technologies that help maintain uptime, and reacting to ever-increasing denial-of-service (DoS) attacks.
Building Resilient IP Networks helps you meet those challenges. This practical guide to building highly available IP networks captures the essence of technologies that contribute to the uptime of networks. You gain a clear understanding of how to achieve network availability through the use of tools, design strategy, and Cisco IOS® Software.
With Building Resilient IP Networks, you examine misconceptions about five-nines availability and learn to focus your attention on the real issues: appreciating the limitations of the protocols, understanding what has been done to improve them, and keeping abreast of those changes. Building Resilient IP Networks highlights the importance of having a modular approach to building an IP network and, most important, illustrates how a modular design contributes to a resilient network. You learn how an IP network can be broken down to various modules and how these modules interconnect with one another. Then you explore new network resiliency features that have been developed recently, categorized with respect to the design modules.
Building Resilient IP Networks is relevant to both enterprise and service provider customers of all sizes. Regardless of whether the network connects to the Internet, fortifying IP networks for maximum uptime and prevention of attacks is mandatory for anyone’s business.
This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
Table of Contents
Introduction
Chapter 1 Rise of the IP Transport System
The Internet Explosion
Next-Generation IP Applications
Voice over IP
IP Storage
MPLS: New Kid on the Block
Next-Generation IP Transport System
Continuous Improvements of Protocols
Chapter 2 Establishing a High-Availability Network
Understanding the Five-Nines Availability Debate
Differentiating Between Reliability and Availability
The Five-Nines Approach
Idiosyncrasies of the Telcordia GR-512-Core Document
The Truth About 50-ms Resiliency
A Practical Approach to Achieving High Availability
Measuring Availability
Defining a Metric
Understanding the Issue of Network Availability
Setting a Strategy to Achieve High Availability
Designing a Network for High Availability
Establishing Continuous Fault Detection and Measurement of Network Availability
Making Full Use of Scheduled Downtime
Instituting a Disciplined Approach to Network Operation and Processes
Summary
Chapter 3 Fundamentals of IP Resilient Networks
Revisiting IP, TCP, and UDP
Internet Protocol
Transmission Control Protocol
TCP Three-Way Handshake
TCP Sliding Window
User Datagram Protocol
Device-Level Resiliency
Online Insertion and Removal (OIR)
Single Line Card Reload
High System Availability
Route Processor Redundancy
Route Processor Redundancy Plus
Stateful Switchover
Nonstop Forwarding
Impact of Different Switching Paths
Process Switching
Cisco Express Forwarding Switching
Central CEF
Distributed CEF
Protecting the Control Plane and Data Plane
Establishing a Resiliency Strategy
Redundancy Strategy
Logical Resiliency
Physical Resiliency
Scaling Strategy
Key Principles for Designing Resilient Networks
Simplicity
Modularity
Security
Summary
Chapter 4 Quality of Service
Protecting the Control Plane with QoS
Traffic Types That Affect the Control Plane
Tagging Routing Protocol and Layer 2 Control Packets
IP Precedence
The pak_priority Flag
Selective Packet Discard
Receive ACL
Control-Plane Policing
Protecting Applications with QoS
Understanding the Need for Application QoS
Latency
Jitter
Loss
Determining When to Deploy QoS
Scenario 1: Undercongested Link
Scenario 2: Occasionally Congested Link
Scenario 3: Badly Congested Link
Building Blocks of QoS
Classification and Marking
Congestion Avoidance
Congestion Management
Traffic Conditioning
Application QoS and Control-Plane Traffic
QoS Deployment Strategy
Classifying Applications
Defining Policies
Testing Policies
Implementing QoS Features
Monitoring
Summary
Chapter 5 Core Module
Network Convergence in the Core
OSPF Enhancements
Shortest Path First (SPF) Throttling
OSPF LSA Throttling
OSPF LSA Flooding Reduction
OSPF Fast Hello
OSPF Update Packet-Pacing Timer
OSPF Incremental SPF
OSPF Graceful Restart
RFC 3623
Cisco Implementation
IS-IS Enhancements
IS-IS SPF Throttling
IS-IS LSP Generation
IS-IS LSA Flooding Reduction
IS-IS Fast Hellos
IS-IS Update Packet-Pacing Timer
IS-IS Incremental SPF
IS-IS Graceful Restart
Cisco Implementation
IETF Implementation
EIGRP Enhancements
EIGRP Graceful Shutdown
EIGRP Graceful Restart
EIGRP Stub Router Functionality
Bidirectional Forwarding Detection (BFD)
IP Event Dampening
Multipath Routing
Load Balancing
Equal-Cost Multipath (ECMP)
Per Packet
Per Destination
MPLS Traffic Engineering
Fast Reroute Link Protection
Fast Reroute Node Protection
Multicast Subsecond Convergence
Summary
Chapter 6 Access Module
Multilayer Campus Design
Access Layer
Distribution Layer
Core Layer
Access Module Building Blocks
Layer 2 Domain
The Spanning Tree Protocol: IEEE 802.1d
PortFast
UplinkFast
BackboneFast
Unidirectional Link Detection (UDLD)
RootGuard
LoopGuard
BPDUGuard
VLANs and Trunking
Common Spanning Tree (CST)
Per-VLAN Spanning Tree (PVST)
Per-VLAN Spanning Tree Plus (PVST+)
IEEE 802.1w
IEEE 802.1s
Channeling Technology
Layer 2 Best Practices
Simple Is Better
Limit the Span of VLANs
Build Triangles, Not Squares
Protect the Network from Users
Selecting Root Bridges
Use Value-Added Features
EtherChannel Deployment
EtherChannel Load Balancing
Consistent EtherChannel Port Settings
Layer 2 Setting for EtherChannel
Turning Off Autonegotiation
Layer 3 Domain
Hot Standby Routing Protocol (HSRP)
Virtual Router Redundancy Protocol (VRRP)
Global Load Balancing Protocol (GLBP)
Layer 3 Best Practices
Adopt Topology-Based Switching
Using Equal-Cost Multipath
Conserve Peering Resources
Adopt a Hierarchical Addressing Scheme
Summary
Chapter 7 Internet Module
Understanding Addressing and Routing in the Internet Module
Address-Assignment Scheme
Routing
Routing for Internal Users
Routing for External Users
Establishing Internet Module Redundancy
Link-Level Redundancy
Device-Level Redundancy
ISP-Level Redundancy
Site-Level Redundancy
Implementing Security Measures
Security Policy
Filtering at the Internet Module
Resilient Border Gateway Protocol (BGP) Design
BGP Soft Reconfiguration
BGP Convergence Optimization
BGP Next-Hop Address Tracking
BGP Support for Fast Peering Session Deactivation
BGP Route Dampening
Nonstop Forwarding with Stateful Switchover (NSF/SSO) for BGP
Using Network Address Translation (NAT)
Enhanced NAT Resiliency
NAT with Route Map
Static Mapping with Hot Standby Routing Protocol (HSRP) Support
Stateful NAT
Limiting NAT Entries
Multihoming with NAT
Effects of NAT on Network and Applications
Implications on TCP and ICMP Traffic
Application-Specific Gateways
Effects on Voice over IP (VoIP) Traffic
Effects on Router Performance
Effects on Network Security
Summary
Chapter 8 WAN Module
Leased Line
Domestic Leased Circuit Versus International Private Leased Circuit
Leased Circuit Encapsulation
Equal-Cost Load Balancing
Multilink Point-to-Point Protocol (MPPP)
SONET/SDH
SONET/SDH Framing
PPP over SONET/SDH
SONET/SDH Protection Switching
Resilient Packet Ring
DPT Architecture
DPT/SRP Classes of Service
SRP Queuing
SRP Fairness Algorithm
RPR Standards
Differences Between 802.17 and DPT/SRP
Dial Backup
Virtual Private Network (VPN)
IP Tunnel
L2TPv3
L2TPv3 Deployment
MPLS-VPN
Summary
Chapter 9 Data Center Module
Data Center Environmental Considerations
Cabling
Tagging
Documentation
Discipline
Rack Space
Server Size
Power
Next-Generation Server Architecture
Data Center Network Considerations
Security
Server Performance
Fault-Tolerant Server Features
Multifaceted Server
Data Center Network Architecture
Access Layer Design
NIC Teaming
Clustering
Aggregation Layer Design
Trunk Ports on an Aggregation Switch
Routed Ports on an Aggregation Switch
Architecture Scaling Consideration
Data Center Network Security
Layer 2 Security
Private VLANs (PVLANs)
VLAN Access Control List (VACL)
Port Security
Dynamic ARP Inspection
Layer 3 Security
Switch Forwarding Architecture
Control Plane Policing
DHCP Server Protection
Service Optimization
Server Load Balancing
Global Site Selector
Understanding DNS Resolution
Using GSS
Web Cache Communication Protocol (WCCP)
Integrated Service Modules
Summary
Chapter 10 Beyond Implemention: Network Managment
Components of Network Management
Fault Management
Configuration Management
Configuration File Management
Inventory Management
Software Management
Accounting Management
Performance Management
Security Management
ACLs
User IDs and Passwords
TACACS
Establishing a Baseline
Step 1: Take a Snapshot of Inventory
Step 2: Collect Relevant Data
MIB Entries and Object Identifiers
Multi-Router Traffic Grapher
Step 3: Analyze Data
Step 4: Prioritize Problem Areas
Step 5: Determine a Course of Action
Managing Cisco IOS Deployment
Overview of IOS Releases
Understanding IOS Naming Convention
IOS Software Life Cycle Management
Planning
Design
Testing
Implementation
Operation
Moving Toward Proactive Management
IP Service Level Agreement
ICMP-Based IP SLA Operation
Responder-Based IP SLA Operation
Nonresponder-Based IP SLA Operation
Examples of IP SLA Operations
Component Outage Online (COOL) Measurement
Embedded Event Manager (EEM)
Next-Generation IOS Architecture
Summary
End Notes
Appendix A Calculating Network Availability
Appendix BRFCs Relevant to Building a Resilient IP Network
Appendix CThe Cisco Powered Network Checklist
Index
商品描述(中文翻譯)
**描述**
這本書是關於建立韌性和高可用性 IP 網路的實用指南。
- 從全方位的介紹中學習建立韌性 IP 網路的新功能和發展
- 使您的組織能夠滿足對於關鍵任務資源的內部服務水平協議 (SLA)
- 理解韌性 IP 網路如何幫助傳遞關鍵任務資訊,例如視頻和語音服務
- 使用基於現實世界問題和客戶需求的配置範例
- 獲取來自在一些最大網路上工作過的現場人員的提示和最佳實踐,這些網路有著嚴格的正常運行時間要求和 SLA
越來越多的公司正在建立網路,目的是用來進行商業活動。由於網路已成為一個戰略性的商業工具,其可用性對於公司及其服務提供商至關重要。負責這些網路的專業人員面臨的挑戰包括確保網路始終運行、跟上最新的技術以幫助維持正常運行時間,以及應對日益增加的拒絕服務 (DoS) 攻擊。
《建立韌性 IP 網路》幫助您應對這些挑戰。這本實用指南捕捉了促進網路正常運行時間的技術的本質。您將清楚了解如何通過使用工具、設計策略和 Cisco IOS® 軟體來實現網路可用性。
透過《建立韌性 IP 網路》,您將檢視對五個九可用性 (five-nines availability) 的誤解,並學會將注意力集中在真正的問題上:認識協議的限制、理解為改善它們所做的努力,以及跟上這些變化。《建立韌性 IP 網路》強調了建立 IP 網路時採用模組化方法的重要性,最重要的是,說明了模組化設計如何促進韌性網路。您將學習如何將 IP 網路分解為各種模組,以及這些模組如何相互連接。然後,您將探索最近開發的新網路韌性功能,這些功能根據設計模組進行分類。
《建立韌性 IP 網路》對於各種規模的企業和服務提供商客戶都具有相關性。無論網路是否連接到互聯網,強化 IP 網路以實現最大正常運行時間和防止攻擊對於任何商業活動都是必要的。
這本書是 Cisco Press® 的網路技術系列的一部分,為網路專業人員提供有價值的信息,以構建高效的網路、理解新技術並建立成功的職業生涯。
**目錄**
- 介紹
- 第 1 章 IP 傳輸系統的崛起
- 網際網路的爆炸
- 下一代 IP 應用
- 網路語音 (Voice over IP)
- IP 存儲
- MPLS:新興技術
- 下一代 IP 傳輸系統
- 協議的持續改進
- 第 2 章 建立高可用性網路
- 理解五個九可用性辯論
- 區分可靠性和可用性
- 五個九方法
- Telcordia GR-512-Core 文件的特異性
- 50 毫秒韌性的真相
- 實現高可用性的實用方法
- 測量可用性
- 定義指標
- 理解網路可用性問題
- 設定實現高可用性的策略
- 設計高可用性的網路
- 建立持續故障檢測和網路可用性測量
- 充分利用計劃的停機時間
- 制定有紀律的網路運營和流程方法
- 總結
