The Best Damn Cisco Internetworking Book Period - 1st Edition - ISBN: 9781931836913, 9780080476056

The Best Damn Cisco Internetworking Book Period

1st Edition

Authors: Syngress
eBook ISBN: 9780080476056
Paperback ISBN: 9781931836913
Imprint: Syngress
Published Date: 13th November 2003
Page Count: 800
Tax/VAT will be calculated at check-out
64.95
49.95
39.99
64.95
Unavailable
File Compatibility per Device

PDF, EPUB, VSB (Vital Source):
PC, Apple Mac, iPhone, iPad, Android mobile devices.

Mobi:
Amazon Kindle eReader.

Institutional Access


Description

The Best Damn Cisco Internetworking Book Period shows readers everything they need to know about all Cisco internetworking topics. The book provides an understanding of Cisco's current VoIP solutions and the means to put them to work, showing how to configure all of Cisco's core VoIP products—among them Cisco CallManager software, Cisco 7910 series phones, and server-based IP PBXs. It discusses IPv6 Protocols, as well as IP Quality of Service (QoS) and how it applies to Enterprise and Internet Service Provider (ISP) environments.

In addition, Cisco wireless technologies are covered in detail. Cisco has placed a high priority on security and here readers will find complete coverage of all the Cisco Security products such as the PIX firewall suite of products, Network Address Translation (NAT), Cisco VPN Concentrator and IPSec, Cisco Authentication, Authorization, and Accounting (AAA), Content Services Switch (CSS), and the Cisco Secure Network Intrusion Detection System.

This book is sure to become a dog eared reference for all Cisco engineers and administrators.

Key Features

  • The one book that covers all major Cisco Internetworking concepts and configurations.
  • The only book to cross reference Cisco internetworking topics: Voice Over IP, Remote Access, Wireless, AVVID, and QoS. In addition, new technologies are covered in depth: AVVID, SIP, MGCP, and more.
  • A 1-stop reference for Cisco professionals needing coverage of core Cisco exam topics.

Readership

Cisco engineers and administrators.Cisco networking professionals.

Table of Contents


Chapter 1 Cisco Technologies, Routers, and Switches

Introduction

The OSI Model

Layer 1:The Physical Layer

Layer 2:The Data-Link Layer

Layer 3:The Network Layer

Layer 4:The Transport Layer

Layer 5:The Session Layer

Layer 6:The Presentation Layer

Layer 7:The Application Layer

The TCP/IP Model, the DoD Model, or the Internet Model

Process/Application Layer (Application, Presentation, and Session)

Host-to-Host Layer (Transport)

Networking Basics

Network Topologies

CSMA/CD versus Deterministic Access

Ethernet

Wireless LANs

OSI and Wireless: Layer 2 and Down

OSI and Wireless: Layer 3 and Up

Cisco Hardware

Switches

Spanning Tree Protocol

Spanning Tree Port States

Cisco Catalyst Series Models

Switch Architecture

Backplane

Memory

Switch Commands

Routers

Router Architecture

Connecting to the Router

Console Port Connections

Telnet Connection

SSH

Cisco Software

Cisco Software - IOS

IOS Command Syntax and Basic Configuration

SNMP Configurations

Web

Config Maker

Entering Commands to Configure a Cisco Router

Using Configuration Commands

Using show Commands

CATOS Command Syntax and Basic Configuration

Configuring Network Parameters

Securing the Switch

Creating VLANs

Port Configuration

Enabling Trunking

Networking Monitoring and Packet Capture

You are Not Alone—Resources for Cisco Hardware and Software

Cisco Technical Support—General

CCO

TAC

NPC

Software Advisor

Software Center

Groupstudy.com

Summary

Chapter 2 Wide Area Networking (WAN)

Introduction

Wide Area Network Topologies

Point-to-Point Topology

Fully Meshed Topology

Hub-and-Spoke Topology

High-Level Data Link Control

Point to Point Protocol

PPP Features

Configuring PPP

PPP Authentication

PPP Compression

Multilink PPP

Circuit Types and Terminology

T1 and Fractional T1

Frame Relay

Frame Relay Topologies

Configuring Frame Relay

Verifying and Troubleshooting Frame Relay

Asynchronous Transfer Mode (ATM)

ATM Cell Format

ATM Adaptation Layer (AAL)

ATM Virtual Circuits

Configuring ATM

Verifying and Troubleshooting ATM

Integrated Services Digital Network

Basic Rate Interface (BRI)

BRI Reference Points and Functional Groups

Primary Rate Interface (PRI)

ISDN Protocol Layers

ISDN Call Setup and Teardown

Dialer Interfaces

Supported Interfaces

Configuring ISDN and DDR

ISDN and DDR commands

ISDN Troubleshooting

Backing up Permanent Connections

Backup Interface

The backup load Command

Floating Static Routes and Default Routes

Dialer Watch

Configuring a Dialer Profile

Redundant Hardware and Links/ Design and Performance Issues

Load Balancing

Summary

Chapter 3 Wireless Networking

Introduction

Understanding the Fundamentals of Radio Frequencies

Understanding Wireless Radio Signal Transmission and Reception

Radio Frequencies

What is Bandwidth?

Radio Wave Modulation

Communicating with WLAN Technologies

Infrared Technology

Spread Spectrum Technology

Wireless Networking Standards

IEEE

Wireless Design Considerations

Attenuation

Accounting for the Fresnel Zone and Earth Bulge

RF Interference

Application Considerations

Structural Considerations

Implementing a WLAN Architecture

The OSI Reference Model

Logical Wireless System Components

Physical Wireless System Components

Security Fundamentals for Wireless Networks

Ensuring Confidentiality

Ensuring Integrity

Ensuring Availability

Ensuring Authentication

Ensuring Authorization

Where in the Authentication/Association Process Does MAC Filtering Occur?

Accounting and Audit Trails

Wireless Equivalency Privacy (WEP)

Addressing the Issues with Policy

Creating Privacy with WEP

WEP Benefits and Advantages

WEP Disadvantages

The WEP Authentication Process

Implementing WEP on the Cisco Aironet AP 340

Security of 64-Bit versus 128-Bit Keys

Cisco Wireless Systems

Cisco’s WLAN Product Line

Cisco’s Aironet 3X0 Series APs and Bridges

The Cisco Aironet 350 Series

Features of the Cisco Aironet 340 Series - End-of-Sale

Cisco’s Aironet Wireless NICs

Installing the Cisco Aironet 3X0 APs

Power Requirements

Network Connectivity

Initial Configuration of the Cisco 3X0 Series AP

IP Setup Utility

Terminal Emulator Setup

Web-Based Configuration of the Cisco 340 BSE/BSM Series AP

Troubleshooting the Cisco 340 BSE/BSM Series AP

Cisco Aironet Wireless Bridges

Cisco Aironet Wireless Bridge - Point-to-Point

Cisco Aironet Wireless Bridge - Point-to-Multipoint

Cisco Wireless Bridge - Repeater

Installation of the Cisco Aironet Bridge Unit

Installing the Antenna

Configuring the Network Port

Applying Power

Working with Root and Non-Root Modes on a Wireless Bridge

Initial Configuration of Wireless Bridge Using the CLI

Assigning the Radio Parameters

Assigning IP Information

Operational Configuration of the Cisco Aironet Wireless Bridge

Using the Cisco Aironet Wireless Bridge Radio Main Menu

Configuring the Ethernet Port

Configuring the Network Identifiers

Console Management Access

Configuring the Time Service

Setting Up Association Tables

Using Filters

Event Logging

Viewing Statistics

Cisco Aironet Wireless Bridge Troubleshooting

Network Menu Option

Linktest Menu Options

Restart Option

Default and Reset Options

Loading Firmware and Configurations

Backing Up Wireless Bridge Configurations

Cisco Aironet Antennas

Ceiling Mount Omni-Directional Antenna

Mast Mount Omni-Directional Antenna

High-Gain Mast Mount Omni-Directional Antenna

Pillar Mount Diversity Omni-Directional Antenna

POS Diversity Dipole Omni-Directional Antenna

Diversity Ceiling Mount Omni-Directional Patch Antenna

Directional Wall Mount Patch Antenna

Diversity Directional Wall Mount Patch

Yagi Antenna

Dish Antenna

Antenna Accessories

Lightning Arrestor with Grounding Ring

Bridge and AP Accessories

Bridge Mounting Kit

AP/Bridge Spare Power Supplies

AP/Bridge Serial Cable

Cabling, Connectors, and Bulkhead Extenders

Cabling

Connectors

Bulkhead Extenders

Summary

Chapter 4 IP Addressing, Multicasting, and IPv6

Introduction

IPv4 Address and Header Format

Classful Addressing - Structure and Size of Each Type

IP Address Classes

Strategies to Conserve Addresses

CIDR

VLSM

Private Addresses

RFC 1918 - Private Network Addresses

The Three Address Blocks

Considerations

The Fundamentals of Subnetting

What the Mask Does

Subnet Mask Components

Binary Determination of Mask Values

Decimal Equivalent Mask Values

Addresses and Mask Interaction

Reserved and Restricted Addresses

Determining the Range of Addresses within Subnets

Determining Subnet Addresses Given a Single Address and Mask

Strategies for Subnetting

Creating and Managing Variable Length Subnets

Multicast Addresses and Protocols

Understanding the Basics of Multicasting

Unicast Traffic

Broadcast Traffic

Multicast Traffic

Multicast IP Addressing

IP Address Designations

Scope of Multicast Addresses Using the Time-to-Live Field

Administrative Scopes

Participating in Multicasting

Internet Group Management Protocol Versions

Multicasting via Switches

Distribution Trees

Shared

Source

Multicast Routing

Sparse Mode Routing Protocols

Dense Mode Routing Protocols

NAT

NAT Terminology and Concepts

NAT Operation

Configuring NAT on Cisco IOS

NAT Architectures

Traditional NAT or Outbound NAT

Dynamic Translation

Static NAT

Dual Address Translation (Overlapping Networks)

Port Address Translation

TCP Load Distribution

NAT Monitoring and Troubleshooting Commands

Considerations about NAT and PAT

IP Address Information in Data

Bundled Session Applications

IPv6

Benefits of IPv6

IPv4 versus IPv6

IPv6 Addresses

IPv6 Address Space

The Fundamentals of IPv6 Addresses

IPv6 Unicast Addresses

IPv6 Multicast Addressing

IPv6 Anycast Addresses

IPv6 Address Autoconfiguration

IPv6 Headers

Hop-by-Hop Options Header

Routing Header

Fragment Header

Destination Options Header

IPv6 Security

AH

ESP

Upper-Layer Protocol Issues

Understanding ICMPv6

Error Messages

Informational Messages

Understanding Neighbor Discovery

Configuring IPv6 Addressing

Configuring LAN Addresses

Configuring WAN Addresses

Configuring ICMPv6 and Neighbor Discovery

Monitoring and Troubleshooting IPv6

Summary

Chapter 5 IP Routing

Introduction

Routing Terminology

CIDR

Contiguous Subnets

Cisco Routing in General

Static Routes

Default Routes and Networks

Many Are Learned, Few Are Chosen

Routing Information Protocol (RIP)

Routing Update Impact

RIP Timers

RIPv1

RIPv2

Configuring RIP

IGRP

RIP versus IGRP

EIGRP

EIGRP Concepts

OSPF

Becoming Neighbors

Types of OSPF Packets

Link State Advertisements

Types of OSPF Areas

Multiple OSPF Areas

Types of OSPF Routers

OSPF Router ID and Loopback Interfaces

Types of OSPF Databases

Processing of Received Updates

Types of Recognized Networks

Basic OSPF Configuration

OSPF over Frame Relay Point to Point (Subinterfaces)

OSPF over Frame Relay (NBMA and Physical Interfaces)

OSPF over Frame Relay Point-to-Multipoint Subinterfaces

OSPF over Frame Relay Point-to-Multipoint Subinterfaces

OSPF on Broadcast Networks

OSPF Summarization

Authentication

OSPF Virtual Links

Monitoring and Troubleshooting OSPF

debug Commands

Intermediate System to Intermediate System (IS-IS)

ISO Terminology

ISO Addressing and Topologies

IS-IS View of NSAP Address

Configuring CLNS-Only IS-IS

Configuring Integrated IS-IS

Border Gateway Protocol (BGP)

BGP Terminology

BGP Concepts

Configuring BGP

Monitoring and Verifying BGP

Dial-on-Demand Routing

Static and Default Routes

Snapshot Routing

Monitoring Snapshot Routing

OSPF Demand Circuits

Do Not Age (DNA)

Configuring an OSPF Demand Circuit

IPv6 Routing

Configuring RIP for IPv6

Basic IPv6 RIP Configuration

Default Routes and RIPng

Verifying RIPng Operation

Integrated IS-IS

Configuring IS-IS for IPv6

IS-IS Default Routes

Maximum Paths for IS-IS

Configuring BGP Extensions for IPv6

Configuring an IPv6 Neighbor Relationship

Configuring a BGP Router ID

Configuring BGP Peer Groups

Configuring Link-Local Addressing

Verifying BGP Operation

Summary

Chapter 6 Quality of Service (QoS)

Introduction

QoS Overview

Bandwidth Reservation

Real-Time Transport Protocol

Compressed Real-Time Transport Protocol

Resource Reservation Protocol

Queuing

Selecting a Cisco IOS Queuing Method

First-In, First-Out Queuing

Low Latency Queuing (LLQ)

Priority Queuing (PQ)

Configuring Priority Queuing

Custom Queuing (CQ)

Configuring Custom Queuing

Weighted Fair Queuing

WFQ and IP Precedence

Planning Considerations

VIP Distributed Weight Fair Queuing (DWFQ)

Class-Based Weighted Fair Queuing (CB-WFQ)

Configuring Class-Based Weighted Fair Queuing

Why Packet Classification?

IP Precedence

IP QoS

Traffic Shaping

Configuring Traffic Shaping

Verifying Traffic Shaping

Link Fragmentation and Interleaving

Configuring Link Fragmentation and Interleaving

Verifying Link Fragmentation and Interleaving

Weighted Random Early Detection

Tail Drop

Flow-Based WRED

Configuring Congestion Avoidance with WRED

Verifying WRED

Data Compression Overview

The Data Compression Mechanism

Selecting a Cisco IOS Compression Method

Header Compression

Link and Payload Compression

Per-Virtual Circuit Compression (Payload Compression)

Hardware Compression

Verifying Compression Operation

Configuring Packet Classification

IP Precedence

Verifying IP Precedence

Policy Routing

Configuring Policy Routing

Verifying Policy Routing

Call Admission Control

Configuring Call Admission Control (CAC)

Verifying Call Admission Control

Summary

Chapter 7 Cisco Network Security

Introduction

Attacks and Threats

Active Attacks

Passive Attacks

Password Attacks

Brute Force Attacks

Dictionary-based Attacks

Malicious Code Attacks

Malware

Attacker Aids

Bad Key Exchanges

Hashing Pieces Separately

Using a Short Password to Generate a Long Key

Improperly Stored Private or Secret Keys

Detecting Breaches

What are the Key Steps after a Breach is Detected?

Reducing Vulnerabilities

Providing a Simple Security Network Architecture

Developing a Security Policy

AAA Overview

Authentication

Authorization

Accounting

AAA Servers

Method-Lists

Configuring AAA

Security Protocols

RADIUS

TACACS+

Comparing TACACS+ and RADIUS

Using RADIUS and TACACS+ for AAA Services

Configuring the RADIUS or TACACS+ Parameters

Configuring AAA Authentication

Configuring AAA Authorization

Configuring AAA Accounting

Typical RAS Configuration Using AAA

Virtual Profiles and AAA

Example of Virtual Profiles Using Virtual Templates

Configuring Virtual Profiles Using AAA Configuration

Per-user Configuration Example

Monitoring and Verifying AAA Access Control

Complete AAA Configuration Example

Authentication Proxy

How the Authentication Proxy Works

Benefits of Authentication Proxy

Restrictions of Authentication Proxy

Configuring Authentication Proxy

Cisco Secure ACS

Overview of the Cisco Secure ACS

Benefits of the Cisco Secure ACS

Configuration Example: Adding and Configuring an AAA Client

Cisco IP Security Hardware and Software

Cisco PIX Firewall

Cisco IOS Firewall Feature Set

Cisco Secure Intrusion Detection System

CSPM

ACLs

ACL Operation

Types of ACLs

Standard IP ACLs

Extended IP ACLs

Named ACLs

Applying and Editing ACLs

Problems with ACLs

Lock-and-Key ACLs

Reflexive ACLs

Building Reflexive ACLs

Applying Reflexive ACLs

Context-based Access Control

The CBAC Process

Configuring CBAC

Inspection Rules

Applying the Inspection Rule

Configuring Port to Application Mapping

Configuring PAM

Protecting a Private Network

Protecting a Network Connected to the Internet

Protecting Server Access using Lock-and-Key

Protecting Public Servers Connected to the Internet

Applying Perimeter Security in IPv6

ACL Control Manager

Configuration Example: Creating ACLs with ACLM

CSPM

Overview of VPN Technologies

Tunneling VPNs

Virtual Private Dial Networks

Intranet VPNs

Extranet VPNs

Access VPNs

L2TP

Configuring Cisco L2TP

PPTP Overview

Understanding Cryptography Concepts

Encryption Key Types

Standard Cryptographic Algorithms

Understanding Asymmetric Algorithms

IPsec Concepts

VPN Terminology

IPsec

IPsec Architecture

IKE

SAs

VPN Operation

Configuring ISAKMP/IKE

Configuring IPsec

RAS VPN

Configuring Cisco IPsec

Verifying and Debugging VPN Operation

Wireless Security

Ensuring Authorization

MAC Filtering

Where in the Authentication/Association Process does MAC Filtering Occur?

MAC Spoofing

Accounting and Audit Trails

Implementing WEP

Defining WEP

Creating Privacy with WEP

The WEP Authentication Process

WEP Benefits and Advantages

WEP Disadvantages

Implementing WEP on the Cisco Aironet AP 3x0

Exploiting WEP

Security of 64-bit versus 128-bit Keys

Strengthening WEP

Summary

Chapter 8 Cisco PIX Firewall

Introduction

PIX Firewall Features

Embedded Operating System

The Adaptive Security Algorithm

Advanced Protocol Handling

VPN Support

URL Filtering

NAT and PAT

High Availability

PIX Hardware

Software Licensing and Upgrades

Licensing

Upgrading Software

Password Recovery

Factory Default Configurations

Access Modes

Basic Commands

Managing Configurations

Resetting the System

Allowing Outbound Traffic

Configuring Dynamic Address Translation

Blocking Outbound Traffic

Allowing Inbound Traffic

Static Address Translation

ACLs

Conduits

ICMP

Port Redirection

TurboACLs

Object Grouping

Configuring and Using Object Groups

Handling Advanced Protocols

Filtering Web Traffic

Filtering URLs

Active Code Filtering

Configuring Intrusion Detection

Supported Signatures

Configuring Auditing

Configuring Shunning

Dynamic Host Control Protocol Functionality

DHCP Clients

DHCP Servers

Fragmentation Guard

Authentication, Authorization, and Accounting Floodguard

SYN Floodguard

Reverse-Path Forwarding

Unicast Routing

Stub Multicast Routing

Point-to-Point Protocol over Ethernet

Configuring Console Authentication

Configuring Local Console Authentication

Configuring RADIUS and TACACS+ Console Authentication

Configuring Local Command Authorization

Configuring Authentication for Traffic Through the Firewall

Configuring Cut-through Proxy

Virtual HTTP

Virtual Telnet

Configuring Authorization for Traffic Through the Firewall

Configuring Accounting for Traffic Through the Firewall

Failover Concepts

Configuration Replication

IP and MAC Addresses Used for Failover

Failure Detection

Stateful Failover

Standard Failover Using a Failover Cable

Configuring and Enabling Failover

Monitoring Failover

LAN-Based Failover

Configuring and Enabling Failover

Monitoring Failover

Failing Back

Disabling Failover

Configuring Logging

Local Logging

Syslog

Logging Levels

Logging Facility

Disabling Specific Syslog Messages

Configuring Remote Access

Telnet

Configuring SNMP

Configuring System Identification

Configuring Polling

Configuring Traps

Configuring System Date and Time

Setting and Verifying the Clock and Time Zone

Configuring and Verifying the Network Time Protocol

Configuring VPN

Allowing IPsec Traffic

Enabling IKE

Creating an ISAKMP Protection Suite

Defining an ISAKMP Pre-shared Key

Configuring Certificate Authority Support

Configuring Crypto ACLs

Defining a Transform Set

Bypassing NAT

Configuring a Crypto Map

Configuring Site-to-site IPsec without IKE (Manual IPsec)

Configuring PPTP

Configuration

Configuring L2TP with IPsec

Dynamic Crypto Maps

Configuration

Configuring Support for the Cisco Software VPN Client

Mode Configuration

Extended Authentication

VPN Groups

Sample Configurations of PIX and VPN Clients

Troubleshooting PIX Firewall Hardware, Software, and Performance

Troubleshooting PIX Cabling

Troubleshooting Connectivity

Troubleshooting IPsec

Capturing Traffic

Monitoring and Troubleshooting Performance

Summary

Chapter 9 Cisco Voice over IP

Introduction

Telephone Calls – The “Traditional” Way

Toll Bypass

Analog

Basic Telephony

Dissecting an Analog Network

Voice Encoding: Standards and Techniques

DSP Provisioning

Analog Signaling

E&M Signaling

Analog Loop and Ground Start

Dial-Pulse Signaling

Dual-Tone Multifrequency (AKA Touch Tone)

Digital Transmission Techniques and Formats

Time-Division Multiplexing

Integrated Services Digital Network Signaling

Call Control Signaling

Channel Associated Signaling

Common Channel Signaling

Inside the Private Branch eXchange

Extension Termination

Trunk Termination

Call Processing and System Logic

Switching

PBX Terminology

Non-IP Alternatives to Traditional Telephony

Voice over Frame Relay

Voice over ATM

Voice over HDLC

Introduction to IP Telephony

Conferencing and Transcoding, and Other Services

IP Telephony Components

Cisco CallManager

Cisco IP Phones

Cisco Gateways

Switches

Cisco IP SoftPhone

Cisco IP Telephony Applications

Cisco Web Attendant

Internet Communications Software

Prepping the Network for Voice Service

Analog Voice Interfaces

Signaling Between Routers and PBXs

VoIP Protocols

H.323 Standard and Protocol Stack

H.323 Call Stages

H.323 Discovery and Registration

H.323 Call Setup

Call Termination

H.323 Endpoint-to-Endpoint Signaling

Session Initiation Protocol

Session Initiation Protocol Components

Session Initiation Protocol Messages

Media Gateway Control Protocol

MGCP Connections

Skinny Station Protocol

Simplified Messaging Desk Interface

Cisco VoIP Hardware and Software

Voice Modules and Cards

Installing VNMs and VICs

E-1/T-1 Voice Connectivity

1700 Series Router Configurations

3600 and 3700 Series Router Configurations

7500 Series Router Configurations

AS5350 and 5850 Universal Gateway Configuration

Cisco Switches

Quality of Service

What Is Quality of Service?

Applications for Quality of Service

Levels of QoS

Why QoS Is Essential in VOIP Networks

Configuring Voice Ports

Configuring FXO or FXS Voice Ports

Configuring E&M Ports

Voice Port-Tuning Commands

Concepts of Delay and Echo

Fine-Tuning FXS/FXO Ports

Fine-Tuning E&M Ports

Configuring Dial Plans and Dial Peers

Call Legs: POTS vs.Voice Network Dial Peers

Creating and Implementing Dial Plans

Configuring Dial Peers

Number Expansion

Direct Inward Dialing

Configuring Trunking

Trunks

Tie Lines

Private Line Automatic Ringdown

Direct Voice Trunking versus Dial-Digit Interpretation

Supervisory Disconnect

Trunk Seizure:Wink-Start Signaling versus Immediate-Start Signaling versus Delay-Start

Configuring ISDN for Voice

Configuring ISDN BRI Voice Ports

Configuring ISDN PRI Voice Ports

Configuring Q.931 Support

Configuring CAS

Configuring CCS

Configuring T-CCS

Configuring Gateways and Gatekeepers

Configuring H.323 Gateway

Configuring H.323 Gatekeeper

Troubleshooting VoIP

Troubleshooting Equipment, from Power On to Operating State

Layer 2 Troubleshooting

Layer 3 Troubleshooting

Troubleshooting Voice Ports

Troubleshooting Dial Peers

Summary

Index




Details

No. of pages:
800
Language:
English
Copyright:
© Syngress 2003
Published:
Imprint:
Syngress
eBook ISBN:
9780080476056
Paperback ISBN:
9781931836913

About the Author