Network Design !!
Hi group, I have some questions .. or you can say many :) Q1) In order to be a good Network designer what Skills should you need ..plus the "CCDA or CCIE Design" ? what are the responsibility he have? Q2) What are the type of job or you can say job names for a "CCDA or CCDP" other than Network designer ..!! Q3) For the CCIE Design tarck or exam, is true that you do not need to know "CLI" commands (ex: BCSN, MCNS .. have many IOS commands ..etc" If Yes .. is it true that a person how Pass CCNA, CCDA take the CID than jump to the CCIE Design tarck and pass it (write and Lab) can he have the CCDP "waved" or both the CCNP and the CCDP ? .. for the CCIE R/S I have red he can wave the CCNP and take the CID in order to have CCDP !!. Q4) Anyone who have a good drawing skills "have some good CAD skills ex:Autocad ver 9 to 2000 !! .." can this help him in his work or no need for it .. (as a Network Designer). Q5) I am working on the CCDA right now, but I did not know why is the Deign track "CCDA, CID exam" is hard from the other support "CCNA, CCNP" .. !! is it the Case study stuff !! As I can see no commands is need in the CCDA (DCN Cisco book) is it the same with the CCDP and CCIE Design track .. But in the Lab exams there are some names for routers .. any one take the CCIE Desing Lab. Q6) About the CCIE world wide any categories for there numbers "ex: How many CCIE WAN, CCIE Design ..etc" I say about 35% to 40% are CCIE R/S .. only a guess .. * For the Cisco Design Certifications .. are these books are enough (Cisco Press) .. 1) Top-Down Network Design "Mrs. Priscilla Oppenheimer" 2) Cisco Internetwork Design 3) Cisco CCIE Fundamentals: Network Design & Case Studies, Second Edition 4) Advanced IP Network Design 5) Large-Scale IP Network Solutions (CCIE Professional Development) Thanks for the help, Mohammed Hakim CCNA R/S
Cisco Network Design
Does anyone out there use the Cisco Network Designer tool? If so what are your views on it. Here is the link to view the actual tool. http://www.cisco.com/partner/cnd/inside.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Question
Title: Network Design Question Hey group, A company HQ has two 3620s each with one T1 into the same frame relay cloud. There are 20 branch offices with non-Cisco routers pointing into the same FR cloud. Is there anyway to provide load balancing on the WAN side in this situation? I believe that I can use HSRP on the LAN side of HQ, but that is not possible on the WAN. I cannot use EIGRP because it is Cisco proprietary. The only solution I see is to build two PVCs at each branch office. One pointing to router 1 at HQ and one pointing to router 2 at HQ. Run OSPF and have half of the branches point to each router. Does anyone have a solution/advice for this design? Thanks for your help, Rob |---routerA==~===branch1 Internal | ~ Frame Relay ~===branch2 LAN | ~ Cloud ~===branch3 |---routerB==~=== etc, etc,
RE: Cisco Network Design
This is the Enterprise Design Tool from NetformX. My employer has rolled this out to all us sales engineer types, and I use it regularly. Yes it is fairly decent, and I find it useful. Yes there are a number of irritating bugs. For example, one cannot place a redundant supervisor into a 6509. This is a problem that will be fixed "real soon now" There are devices where available blades do not show up. But I would say in general this is very useful if you are aware of the limits. Oh yeah - some of the product lines are not well handled in the design tool. Aironet, for example. Very high end switches, for example (as if I sell a lot of those ;-> ) Also, it can be difficult to find the IOS image you want. I've sounded negative. Let me assure that I use the tool daily, and in general I like it a lot. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of McCallum, Robert Sent: Monday, February 26, 2001 6:03 AM To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail) Subject:Cisco Network Design Does anyone out there use the Cisco Network Designer tool? If so what are your views on it. Here is the link to view the actual tool. http://www.cisco.com/partner/cnd/inside.html ___ To unsubscribe from the CCIELAB list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe ccielab _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Network Design
Chuck, you're still alive! I was beginning to wonder if studying for the lab had turned you into a vegetable! :-) You've only got a little over a month to go, right? And then it's off to Disneyland for Chuck and family! Regards, John > This is the Enterprise Design Tool from NetformX. My employer has rolled > this out to all us sales engineer types, and I use it regularly. > > Yes it is fairly decent, and I find it useful. > > Yes there are a number of irritating bugs. For example, one cannot place a > redundant supervisor into a 6509. This is a problem that will be fixed "real > soon now" > > There are devices where available blades do not show up. > > But I would say in general this is very useful if you are aware of the > limits. > > Oh yeah - some of the product lines are not well handled in the design tool. > Aironet, for example. Very high end switches, for example (as if I sell a > lot of those ;-> ) > > Also, it can be difficult to find the IOS image you want. > > I've sounded negative. Let me assure that I use the tool daily, and in > general I like it a lot. > > Chuck > > -Original Message- > From:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > McCallum, Robert > Sent: Monday, February 26, 2001 6:03 AM > To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail) > Subject: Cisco Network Design > > Does anyone out there use the Cisco Network Designer tool? If so what are > your views on it. > > Here is the link to view the actual tool. > > http://www.cisco.com/partner/cnd/inside.html > > ___ > To unsubscribe from the CCIELAB list, send a message to > [EMAIL PROTECTED] with the body containing: > unsubscribe ccielab > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Network Design
I have a CCO login, but cannot get to this tool. It keeps on asking for a logon. Any ideas? TIA Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of McCallum, Robert Sent: Monday, February 26, 2001 8:03 AM To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail) Subject: Cisco Network Design Does anyone out there use the Cisco Network Designer tool? If so what are your views on it. Here is the link to view the actual tool. http://www.cisco.com/partner/cnd/inside.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Network Design
Chuck, Hope your preparation is going well. You make some excellent points, that I'd like to take up to the 10,000 foot level and generalize upon. People often misconstrue that there is one proper user interface (GUI, menu, CLI) and/or that a tool should give finished results. The real message, however, is that there really are different user types with different requirements. A fairly basic distinction breaks network folk into planners and operators. Another distinction is on skill level: expert vs. entry-level. Tools like ConfigMaker are appropriate for SMB work, and they have user interfaces appropriate for the entry-level people likely to be setting up their own networks. If I were configuring a bunch of SMB networks, I'd be far more prone to use text-based scripts and templates that emphasize my productivity rather than ease of use. At another level, Routing Policy Specification Language (RPSL) is an appropriate tool for describing interprovider routing, although it isn't a complete solution for defining such problems and doesn't directly help you understand what policies you should be defining. RtConfig is a public tool that can generate most of your eBGP configuration from an RPSL definition, but RtConfig neither is super-friendly to beginning users, or capable of creating a complete configuration. From your description, Enterprise Design Tool should be regarded as expert-friendly, suited for the problem of doing a first rough design that MUST be reviewed by a qualified presales engineer. It does reduce work for that engineer, but doesn't replace her. Was this the tool that was being used to evaluate CCIE/Design solutions? Scary if so...network design is sufficiently an art that I don't think designs can be evaluated by a machine alone. By design, incidentally, I am not referring to a complete set of configurations that can be evaluated by a modeling tool such as Netsys, or by a full Monte Carlo simulator. Nortel's architect level certification has problems if it will scale to cover large numbers of people, but has the reality that design proposals will be evaluated by a panel of human experts. As many of you know, I like to look at medical education as a good model for networking. There is no such thing as a "paper MD." Admittedly, do remember the technical term used for the person that graduates at the bottom of a medical school class: "doctor." There is premedical education that simply deals with skills for understanding specific medical sciences. Traditionally, the first two years of medical school deal with "preclinical sciences" such as biochemistry, physiology, histology, pharmacology, etc., although medical schools increasingly are providing some patient contact in the first two years. The next two years of medical school involve some lectures and reading assignments, but principally closely supervised rotations in patient care. The student watches more experienced physicians coming up with care plans and diagnoses, although the student will take histories and suggest diagnoses and treatments. It is expected the student will come to the wrong conclusions a reasonable amount of the time, but learn by the experience. Moving to the "postgraduate" medical education, one must graduate medical school and pass some tests to be considered for postgraduate training ("intern" and "resident" are less popular terms; they tend to speak of postgraduate year 1, 2, etc.). A PGY-1 physician has an MD, but are limited in the complexity of what they will touch, and have relatively close supervision. It's PGY-3 or -4 before someone is considered fully trained in a "primary" specialty such as family practice, internal medicine, OB/GYN, etc. At this point, there are more exams, and one becomes "board eligible" in a specific field. Typically, one has to practice and present cases before being "board certified" in a given field. Board eligibility and certification in subspecialties takes longer (e.g., 3-4 years of internal medicine, 3 years of cardiology, 1-2 years of interventional cardiology doing angiography). At some point, paper exams simply are no longer important. It's a matter of presenting cases, demonstrating you've taken continuing education, etc. >This is the Enterprise Design Tool from NetformX. My employer has rolled >this out to all us sales engineer types, and I use it regularly. > >Yes it is fairly decent, and I find it useful. > >Yes there are a number of irritating bugs. For example, one cannot place a >redundant supervisor into a 6509. This is a problem that will be fixed "real >soon now" > >There are devices where available blades do not show up. > >But I would say in general this is very useful if you are awar
Re: Cisco Network Design
Perhaps you need a CCO login associated to a Reseller/Partner, not a client CCO login. I can get to the site and what I read on CCO is that the software/tool is part of a course. When you take the course - you get the tool. The course is $435. * * * * * * * Training In order to insure partner success and to maximize the benefit from Cisco Network Designer, the software package has been bundled with training, which is being offered through Global Knowledge for $435.00 per person. * * * * * * * * Then they want $995 a year for maintenance (per user) and I think the Auto-Discover module is an additional $1995. Anyway, don't think it can be downloaded from CCO. Kevin Wigle - Original Message - From: "Mark Rose" <[EMAIL PROTECTED]> To: "Cisco@Groupstudy. Com (E-mail)" <[EMAIL PROTECTED]> Sent: Monday, February 26, 2001 11:39 AM Subject: RE: Cisco Network Design > I have a CCO login, but cannot get to this tool. It keeps on asking for a > logon. Any ideas? > > TIA > Mark > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > McCallum, Robert > Sent: Monday, February 26, 2001 8:03 AM > To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail) > Subject: Cisco Network Design > > > Does anyone out there use the Cisco Network Designer tool? If so what are > your views on it. > > Here is the link to view the actual tool. > > http://www.cisco.com/partner/cnd/inside.html > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Network Design
I have both logins and only the reseller login will work. Kevin is correct. Steve -Original Message- From: Kevin Wigle [mailto:[EMAIL PROTECTED]] Sent: Monday, February 26, 2001 1:42 PM To: Mark Rose; Cisco@Groupstudy. Com (E-mail) Subject: Re: Cisco Network Design Perhaps you need a CCO login associated to a Reseller/Partner, not a client CCO login. I can get to the site and what I read on CCO is that the software/tool is part of a course. When you take the course - you get the tool. The course is $435. * * * * * * * Training In order to insure partner success and to maximize the benefit from Cisco Network Designer, the software package has been bundled with training, which is being offered through Global Knowledge for $435.00 per person. * * * * * * * * Then they want $995 a year for maintenance (per user) and I think the Auto-Discover module is an additional $1995. Anyway, don't think it can be downloaded from CCO. Kevin Wigle - Original Message - From: "Mark Rose" <[EMAIL PROTECTED]> To: "Cisco@Groupstudy. Com (E-mail)" <[EMAIL PROTECTED]> Sent: Monday, February 26, 2001 11:39 AM Subject: RE: Cisco Network Design > I have a CCO login, but cannot get to this tool. It keeps on asking for a > logon. Any ideas? > > TIA > Mark > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > McCallum, Robert > Sent: Monday, February 26, 2001 8:03 AM > To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail) > Subject: Cisco Network Design > > > Does anyone out there use the Cisco Network Designer tool? If so what are > your views on it. > > Here is the link to view the actual tool. > > http://www.cisco.com/partner/cnd/inside.html > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network design [7:12918]
any thoughts welcome we have a lan including proxy server and database server there are two depts in the lan , one public and one private, ther is no vlan and not supported on switch the public department connect to the internet via proxy server which has a acounting software connection to the database server ON GIGABIT in the private lan that logs all the timmings for internet for billing purpose they company wants to put a PIX but want to keep the gigabit conection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12918&t=12918 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design Question
>Hey group, > >A company HQ has two 3620s each with one T1 into the same frame >relay cloud. There are 20 branch offices with non-Cisco routers >pointing into the same FR cloud. Is there anyway to provide load >balancing on the WAN side in this situation? What problem are you trying to solve by load balancing? Equalizing load on the HQ routers? Reconvergence after failures? Equalization of the load on the T1s? Is bandwidth optimization more important than increases in out-of-sequence packets? Is traffic equal among the sites? > I believe that I can use HSRP on the LAN side of HQ, but that is >not possible on the WAN. I cannot use EIGRP because it is Cisco >proprietary. > >The only solution I see is to build two PVCs at each branch office. >One pointing to router 1 at HQ and one pointing to router 2 at HQ. >Run OSPF and have half of the branches point to each router. > >Does anyone have a solution/advice for this design? > >Thanks for your help, >Rob > > |---routerA==~===branch1 > Internal | ~ Frame >Relay ~===branch2 > LAN| ~ >Cloud~===branch3 > >|---routerB==~=== etc, etc, ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design Question
In a message dated 8/8/00 10:48:31 AM Eastern Daylight Time, [EMAIL PROTECTED] writes: << > I believe that I can use HSRP on the LAN side of HQ, but that is >not possible on the WAN. I cannot use EIGRP because it is Cisco >proprietary. >> Isn't HSRP used more for fault tolerance than it is for load balancing? Actually, I've never even heard of the two (HSRP and Load balancing) going together. At least that's what I got from reading up on it. Please let me know where I am confused. Mark Zabludovsky ~ CCNA, CCDA [EMAIL PROTECTED] If the automobile had followed the same development as the computer, a Rolls-Royce would today cost $100, get a million miles per gallon, and explode once a year killing everyone inside. ~Robert Cringely, InfoWorld~ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design Question
Title: RE: Network Design Question The problems I am trying to solve are reconvergence after failures in HQ and equalization of the load on the T1s. The traffic is pretty equal among the remote sites. -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 08, 2000 10:33 AM To: [EMAIL PROTECTED] Subject: Re: Network Design Question >Hey group, > >A company HQ has two 3620s each with one T1 into the same frame >relay cloud. There are 20 branch offices with non-Cisco routers >pointing into the same FR cloud. Is there anyway to provide load >balancing on the WAN side in this situation? What problem are you trying to solve by load balancing? Equalizing load on the HQ routers? Reconvergence after failures? Equalization of the load on the T1s? Is bandwidth optimization more important than increases in out-of-sequence packets? Is traffic equal among the sites? > I believe that I can use HSRP on the LAN side of HQ, but that is >not possible on the WAN. I cannot use EIGRP because it is Cisco >proprietary. > >The only solution I see is to build two PVCs at each branch office. >One pointing to router 1 at HQ and one pointing to router 2 at HQ. >Run OSPF and have half of the branches point to each router. > >Does anyone have a solution/advice for this design? > >Thanks for your help, >Rob > > |---routerA==~===branch1 > Internal | ~ Frame >Relay ~===branch2 > LAN | ~ >Cloud ~===branch3 > >|---routerB==~=== etc, etc, ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design Question
I wouldn't call it load-balancing so much as it's load-sharing. On routers where you have multiple interfaces for VLANs configured, you can make one router the primary for certain interfaces/VLANs and the second router the primary for the rest. Here's a sample config showing what I mean. Router01 === interface FastEthernet0/0 no ip address no ip directed-broadcast speed 100 full-duplex interface FastEthernet0/0.1 description default VLAN encapsulation dot1Q 1 ip address 10.10.0.2 255.255.255.0 standby 1 priority 110 standby 1 preempt standby 1 ip 10.10.0.1 standby 1 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast ! interface FastEthernet0/0.2 description Restricted VLAN encapsulation dot1Q 101 ip address 10.101.0.2 255.255.0.0 standby 1 priority 110 standby 1 preempt standby 1 ip 10.101.0.1 standby 1 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast ! interface FastEthernet0/0.3 description Labs VLAN encapsulation dot1Q 102 ip address 10.102.0.2 255.255.0.0 standby 1 priority 110 standby 1 preempt standby 1 ip 10.102.0.1 standby 1 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast ! interface FastEthernet0/0.4 description Corporate VLAN encapsulation dot1Q 103 ip address 10.103.0.2 255.255.0.0 standby 2 priority 100 standby 2 preempt standby 2 ip 10.103.0.1 standby 2 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast Router02 == interface FastEthernet0/0 no ip address no ip directed-broadcast speed 100 full-duplex interface FastEthernet0/0.1 description default VLAN encapsulation dot1Q 1 ip address 10.10.0.3 255.255.255.0 standby 1 priority 100 standby 1 preempt standby 1 ip 10.10.0.1 standby 1 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast ! interface FastEthernet0/0.2 description Restricted VLAN encapsulation dot1Q 101 ip address 10.101.0.3 255.255.0.0 standby 1 priority 100 standby 1 preempt standby 1 ip 10.101.0.1 standby 1 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast ! interface FastEthernet0/0.3 description Labs VLAN encapsulation dot1Q 102 ip address 10.102.0.3 255.255.0.0 standby 1 priority 100 standby 1 preempt standby 1 ip 10.102.0.1 standby 1 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast ! interface FastEthernet0/0.4 description Corporate VLAN encapsulation dot1Q 103 ip address 10.103.0.3 255.255.0.0 standby 2 priority 110 standby 2 preempt standby 2 ip 10.103.0.1 standby 2 track FastEthernet 0/0 15 ip helper-address 10.103.1.1 ip helper-address 10.103.1.2 no ip directed-broadcast Hope this helps. Karen E Young Network Engineer ELF Technologies, Inc [EMAIL PROTECTED] NeoLink2000@a ol.com To: [EMAIL PROTECTED] Sent by: cc: [EMAIL PROTECTED] nobody@groupsSubject: Re: Network Design Question tudy.com 08/08/00 08:03 AM Please respond to NeoLink2000 In a message dated 8/8/00 10:48:31 AM Eastern Daylight Time, [EMAIL PROTECTED] writes: << > I believe that I
RE: Network Design Question
Title: RE: Network Design Question HSRP is primarily used for fault tolerance, but it can be used for load balancing. If you configure two HSRP groups with the routers as primary in one group, and standby in the other, you will achieve fault tolerance and load balancing. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 08, 2000 11:04 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Network Design Question In a message dated 8/8/00 10:48:31 AM Eastern Daylight Time, [EMAIL PROTECTED] writes: << > I believe that I can use HSRP on the LAN side of HQ, but that is >not possible on the WAN. I cannot use EIGRP because it is Cisco >proprietary. >> Isn't HSRP used more for fault tolerance than it is for load balancing? Actually, I've never even heard of the two (HSRP and Load balancing) going together. At least that's what I got from reading up on it. Please let me know where I am confused. Mark Zabludovsky ~ CCNA, CCDA [EMAIL PROTECTED] If the automobile had followed the same development as the computer, a Rolls-Royce would today cost $100, get a million miles per gallon, and explode once a year killing everyone inside. ~Robert Cringely, InfoWorld~ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network design [7:64422]
I need a scheme of network.It need seven hundreds points.please give me some advice on how to design it.It include that how to select network product,product configuration.They are seted in a building.It have twenty layers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64422&t=64422 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network design [7:54142]
Hi all, Let me start with I am about to start my design track. Every one comments on Priscilla's Book Top Down Network Design I was just looking at it and was wondering since this was written dec 1998 is it still current to today's network topology's (Not trying to flame you Priscilla). Any advice on this would be greatly appreciated. Regards D'Wayne Saunders Data Network Administrator CCNP, CSS1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54142&t=54142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network design for Co-locations
Does any one know of any good books or resources that talk about building networks for co-locations on the Internet. I want to find something that has case examples and recommendations to build co-location Internet sites for e-commerce. The only places I found are small articles on Cisco's website. Thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Proposed Network Design [7:10494]
Hello all, We are migrating off of Banyan to Windows 2000 in late July and through August. Concurrent with the migration will be an infrastructure overhaul. I would like to lay out my plans and thoughts; any comments, advice, criticism, improvements, etc. greatly appreciated. I have 95% of my hardware: Dell Poweredge servers: 1550 (6) - file servers 6450 (2) - SQL and Exchange servers 2450 (1) - SQL Cisco Switches: 2948G (1) - distribution switch 2900xl (8) - access switches various numbers of 1900/2800 to be phased out Cisco Aironet Wireless: 2 parabolic, various yaggi and omni antennae a number of workgroup and access bridges, various sizes. The new environment will consist entirely of new servers, no upgrades from old environment. I've taken my first crack at using Visio 2000 to try and lay out a high level conceptualization of my planned design. If interested, please download the diagram: http://www.tuzzy.org/design.zip 200k Currently our network is on one segment and I am creating vlan's. This is an ambitious project for my experience but I'm confident, although I realize it'll take a lot of work and study as I go. I've been researching this scenario for some time now, and have attended a BCMSN week long course with Global Knowledge. So, I may be in dim light but not totally in the dark ;-) Physical Sites consist of: Main site; includes main administrative building and 6 outlying quonset (huts). Fiber from main building to one hut, fiber between huts. Currently in place and operable. Main server room; distribution switch, access switches in main building and physical locations. Heritage site: approx. 4 miles from main. Will connect to Main Site via Aironet, parabolic at Heritage and at Main. Northstar site: approx. 400 yds. from Heritage, connected via fibre, currently in place and operable. Daycare site: approx. 800 yds. from Heritage, will connect via Aironet. Home: approx. 1 mi. from Heritage, will connect via Aironet. All operations must take place within 10.200.x.x range. Our organization is one of three trees within the 2000 forest. Each tree is an independent organization with close ties. One domain per tree. My plans: All servers are Windows 2000, all desktops 2000 Professional. Each VLAN consists of 6 ports on the 2948 switch, each port (as needed) will go to a 2900xl switch for eventual end user access, possible direct 2948 to desktop in some cases. VLAN 1 10.200.1.x / 24 Serving enterprise; Exchange 2000 / Universal file server box ISA (firewall) box Primary DNS, DC, DHCP, Global Catalog VLAN 2 10.200.2.x / 24 File server for info systems, main building. Secondary DNS, DC DHCP? 3 users VLAN 3 10.200.3.x / 24 File server for huts. SQL backend server for online application, access from huts. DHCP? 50 users, web server. VLAN 4 10.200.4.x / 24 One box, 6450, SQL server and file server for finance and services, main building. DHCP? 6 - 12 users, critical data, high resource demand VLAN 5 10.200.5.x / 24 File server for administrative staff, main building. DHCP? 75 users VLAN 6 10.200.6.0 / 24 Spans from main building to heritage center, approx. 4 miles distant. Parabolic and bridge, Aironet, at main building and Heritage center. Bridge on each end connected to a 2900xl switch. File server for Heritage center, possibly daycare. Daycare connected via workstations -> 2900xl -> aironet -> heritage Northstar has own servers, connected to Heritage via fiber. Home will connect to Heritage via wireless (low priority). Possible (probable) second server at Heritage, possible server at Daycare. DNS (cache only), DC, Global Catalog DHCP? 50 users VLAN 7 Not utilized. VLAN 8 Gateway to existing Banyan network. So there we have it. This is actually my first time writing it out in detail and that in itself has been beneficial. If anyone is feeling ambitious and generous I would more than welcome a picking apart of my logic, diagramming, any input at all welcome. I'm sure I have some gaping omissions, leaps of logic or considerations not yet considered. Chances are I'm going overboard with the segmenting? I realize the extra admin chores but think the trade off is tolerable. If you've read this through, I already owe you my thanks ;-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10494&t=10494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Question [7:37237]
Well . I am reconstructing the Network of a 10 storey building with 10 to 150 nodes per floor . about 75 meters tall . I proposed to use a collapsed backbone structure with 2950T switches for the floor with <50 nodes , and catalyst 4000 switches with multiple 100BaseTx(48) modules for access layer connectivity and a 1000BaseT 8 for core connectivity . For the collapsed backbone , I proposed two catalysts 6000 switches with Supervisor Engine IA and MSFC and PFC (for layer3 connectivity)and multiple 1000BaseT(16) modules for both distribution layer and core connectivity . and redundant connectivity to access layer devices . I proposed to collect all the servers in a server farm and to connect all the servers directly to the 6000 switches(here is one of my problems should I connect to servers directly to core , or should I concentrate them and a seperate switch and to connect that switch to core) . For security , I proposed a DMZ , internal , perimeter structure with a PIX 525 in between . all the remote connections and dialup connections are concentrated on a 3660 router in the perimeter zone . Here are my other problems : Not sure whether I should go for 6500 or 6000 (I don't know whether the CEF and SFM will help me that much or not) I don't know where to find a complete listing for all the components I need for each device and the related part numbers including cables and power supplies ,... Any other comment on the design are appreciated . Thank you all for the time and help . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37237&t=37237 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Question [7:37238]
Well . I am reconstructing the Network of a 10 storey building with 10 to 150 nodes per floor . about 75 meters tall . I proposed to use a collapsed backbone structure with 2950T switches for the floor with <50 nodes , and catalyst 4000 switches with multiple 100BaseTx(48) modules for access layer connectivity and a 1000BaseT 8 for core connectivity . For the collapsed backbone , I proposed two catalysts 6000 switches with Supervisor Engine IA and MSFC and PFC (for layer3 connectivity)and multiple 1000BaseT(16) modules for both distribution layer and core connectivity . and redundant connectivity to access layer devices . I proposed to collect all the servers in a server farm and to connect all the servers directly to the 6000 switches(here is one of my problems should I connect to servers directly to core , or should I concentrate them and a seperate switch and to connect that switch to core) . For security , I proposed a DMZ , internal , perimeter structure with a PIX 525 in between . all the remote connections and dialup connections are concentrated on a 3660 router in the perimeter zone . Here are my other problems : Not sure whether I should go for 6500 or 6000 (I don't know whether the CEF and SFM will help me that much or not) I don't know where to find a complete listing for all the components I need for each device and the related part numbers including cables and power supplies ,... Any other comment on the design are appreciated . Thank you all for the time and help . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37238&t=37238 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network design (updated) [7:12921]
any thoughts welcome we have a lan including proxy server and database server there are two depts in the lan , one public and one private, ther is no vlan and not supported on switch the public department connect to the internet via proxy server which has a acounting software connection to the database server ON GIGABIT AND WANT TO SEPERATE PUBLIC AND PRIVATE LAN , PROXY SERVER SHOULD ONLY ALLOWED TO TALK TO DATABASE SERVER AND NO OTHER PC in the private lan that logs all the timmings for internet for billing purpose they company wants to put a PIX but want to keep the gigabit conection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12921&t=12921 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17130]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17130&t=17130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17132]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17132&t=17132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17128]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17128&t=17128 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17129]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17129&t=17129 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17131]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17131&t=17131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17134]
Hi All, I am designing a network with following requirements. Can somebody suggest me a good book on network design? The requirements are: 1. 2 T1's to 2 different ISP for redundancy 2. Firewall 3. Host own DNS, Webserver 4. Have private network separated from the public network. Please suggest something. Thanks ZZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17134&t=17134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP Network Design Solutions Book
Can anyone give some feedback as to whether this would be a good book to buy to futher my network design knowledge or could someone recommend a better book. EIGRP Network Design Solutions Author: Ivan Pepelnjak, CCIE SRP: $55.00 ISBN: 1578701651 Pages: 366 Pub Date: Oct 1999 Media: Web site Thanks Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP Network Design Solutions Book
It is good, but the daddy of them all ( personal opinion only here- don't want some one to scold me) is Doyle's Routing TCP/IP. That is a awesome book that will knock you socks off. -Original Message- From: S.K. Chan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 16, 2000 6:46 AM To: [EMAIL PROTECTED] Subject: Re: EIGRP Network Design Solutions Book It's a great book, must read for CCIE level exam!!! SK Robert Padjen <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is a very good book, although I wish Ivan would > update it with more information regarding EIGRP. I > would (and have) recommended that no organization > consider implementing EIGRP without reviewing its > contents. > > --- Shane Stockman <[EMAIL PROTECTED]> wrote: > > Can anyone give some feedback as to whether this > > would be a good book to buy > > to futher my network design knowledge or could > > someone recommend a better > > book. > > > > EIGRP Network Design Solutions > > Author: Ivan Pepelnjak, CCIE SRP: $55.00 > > ISBN: 1578701651 Pages: 366 > > Pub Date: Oct 1999 Media: Web site > > > > Thanks > > > > > > > Get Your Private, Free E-mail from MSN Hotmail at > > http://www.hotmail.com > > > > ___ > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > = > Robert Padjen > > __ > Do You Yahoo!? > Yahoo! Mail - Free email you can access from anywhere! > http://mail.yahoo.com/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network design [7:64422]
""ferry ferry"" wrote in message news:[EMAIL PROTECTED] > I need a scheme of network.It need seven hundreds points.please give me some > advice on how to design it.It include that how to select network > product,product configuration.They are seted in a building.It have twenty > layers. Let's see if I understand you correctly. A company is located in a multistory building. There are 700 users spread out among 20 floors. So on average there are 35 users per floor. I'm going to assume a single data center with your servers and internet connection. Got fiber running from your data center to the various floors? How is this structured? how far from the dataccenter to each of the floors? the answer to this will help determine if you use a collapsed backbone or if you connect your switches in series. do you have groups of users who should logically be separated from eachother. Some companies like their payroll department to be on a separate network from other departments, for example. are there some services that need to be separated and unavailable to some users? These days, 700 uses, particularly in a switched environment, is not such a large braodcast domain ( stop grinding your teeth, Priscilla ;-> ) but still, you might just want to separated out logical groups into vlans. or maybe do it by grouping a couple of florrs together into vlans. my knee jerk thought, not knowing too much about the particulars, is determine your port counts per floor, determine connectivity - fiber runs between closets, and where those runs terminate. if it's copper, you got troubles :-> determine your logical / vlan structures. who needs to see what and when. Then go through the provisioning process. Don't be afraid to call in a couple of vendors to help you. ask for proposals. If you have a vendor who works closely with you and wants to help educate you, that's your guy ( or gal, for the politically correct ) hope this helps you get started. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64429&t=64422 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: network design [7:64422]
All, Be kind... GM -Original Message- From: ferry ferry [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 04, 2003 9:02 PM To: [EMAIL PROTECTED] Subject: network design [7:64422] I need a scheme of network.It need seven hundreds points.please give me some advice on how to design it.It include that how to select network product,product configuration.They are seted in a building.It have twenty layers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64430&t=64422 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network design [7:64422]
Great answer Chuck. It sounds like you figured out his/her basic needs, though we would need more detail to provide a detailed design, of course, and payment for design services. :-) Well, actually your idea of asking a vendor to do an RFP might mean a free design (that would be biased toward the vendor, of course, but still a good start.) I'm not in disagreement that today 700 nodes in one broadcast domain might be OK. In other words, I would probably recommend no VLANs as a start. VLANs complicate matters. If the network admins are somewhat new to networking, they should avoid VLANs to start. The reason 700 nodes in one broadcast domain could work is because NICs and CPUs are really not bothered by broadcasts like they were in the mid-1990s. They are much fast, have better buffers, etc. Some would argue they never were affected as much as Cisco claimed! I help out once in a while on a city-wide school network with that many nodes in one broadcast domain. It has all the risk factors: Lots of AppleTalk traffic Lots of Novell traffic Lots of NetBIOS traffic Lots of IP traffic Ancient PCs with slow CPUs There are no performance issues. Priscilla The Long and Winding Road wrote: > > ""ferry ferry"" wrote in message > news:[EMAIL PROTECTED] > > I need a scheme of network.It need seven hundreds > points.please give me > some > > advice on how to design it.It include that how to select > network > > product,product configuration.They are seted in a building.It > have twenty > > layers. > > > Let's see if I understand you correctly. > > A company is located in a multistory building. There are 700 > users spread > out among 20 floors. So on average there are 35 users per floor. > > I'm going to assume a single data center with your servers and > internet > connection. > > Got fiber running from your data center to the various floors? > How is this > structured? how far from the dataccenter to each of the floors? > > the answer to this will help determine if you use a collapsed > backbone or if > you connect your switches in series. > > do you have groups of users who should logically be separated > from > eachother. Some companies like their payroll department to be > on a separate > network from other departments, for example. are there some > services that > need to be separated and unavailable to some users? > > These days, 700 uses, particularly in a switched environment, > is not such a > large braodcast domain ( stop grinding your teeth, Priscilla > ;-> ) but > still, you might just want to separated out logical groups into > vlans. or > maybe do it by grouping a couple of florrs together into vlans. > > my knee jerk thought, not knowing too much about the > particulars, is > determine your port counts per floor, determine connectivity - > fiber runs > between closets, and where those runs terminate. if it's > copper, you got > troubles :-> > > determine your logical / vlan structures. who needs to see what > and when. > > Then go through the provisioning process. > > Don't be afraid to call in a couple of vendors to help you. ask > for > proposals. If you have a vendor who works closely with you and > wants to help > educate you, that's your guy ( or gal, for the politically > correct ) > > hope this helps you get started. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64432&t=64422 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network design [7:64422]
I guess I'm the only one with the problem of that many then. I'll take your words for it that it works OK, but I still keep thinking back to that one study (don't recall its name), and can't help but think effiecency would go by some noticeable degree. anybody can through switch and hubs around, we're supposed to do it right, not just "to get by". I mean if 700 is ok, then why not 1000? at some point you have to agree there is going to be a performance hit. hasn't any manufacturor thought to retest this performance issue with the newer equipment? scott ""Priscilla Oppenheimer"" wrote in message news:[EMAIL PROTECTED] > Great answer Chuck. It sounds like you figured out his/her basic needs, > though we would need more detail to provide a detailed design, of course, > and payment for design services. :-) Well, actually your idea of asking a > vendor to do an RFP might mean a free design (that would be biased toward > the vendor, of course, but still a good start.) > > I'm not in disagreement that today 700 nodes in one broadcast domain might > be OK. In other words, I would probably recommend no VLANs as a start. VLANs > complicate matters. If the network admins are somewhat new to networking, > they should avoid VLANs to start. > > The reason 700 nodes in one broadcast domain could work is because NICs and > CPUs are really not bothered by broadcasts like they were in the mid-1990s. > They are much fast, have better buffers, etc. Some would argue they never > were affected as much as Cisco claimed! > > I help out once in a while on a city-wide school network with that many > nodes in one broadcast domain. It has all the risk factors: > > Lots of AppleTalk traffic > Lots of Novell traffic > Lots of NetBIOS traffic > Lots of IP traffic > Ancient PCs with slow CPUs > > There are no performance issues. > > Priscilla > > The Long and Winding Road wrote: > > > > ""ferry ferry"" wrote in message > > news:[EMAIL PROTECTED] > > > I need a scheme of network.It need seven hundreds > > points.please give me > > some > > > advice on how to design it.It include that how to select > > network > > > product,product configuration.They are seted in a building.It > > have twenty > > > layers. > > > > > > Let's see if I understand you correctly. > > > > A company is located in a multistory building. There are 700 > > users spread > > out among 20 floors. So on average there are 35 users per floor. > > > > I'm going to assume a single data center with your servers and > > internet > > connection. > > > > Got fiber running from your data center to the various floors? > > How is this > > structured? how far from the dataccenter to each of the floors? > > > > the answer to this will help determine if you use a collapsed > > backbone or if > > you connect your switches in series. > > > > do you have groups of users who should logically be separated > > from > > eachother. Some companies like their payroll department to be > > on a separate > > network from other departments, for example. are there some > > services that > > need to be separated and unavailable to some users? > > > > These days, 700 uses, particularly in a switched environment, > > is not such a > > large braodcast domain ( stop grinding your teeth, Priscilla > > ;-> ) but > > still, you might just want to separated out logical groups into > > vlans. or > > maybe do it by grouping a couple of florrs together into vlans. > > > > my knee jerk thought, not knowing too much about the > > particulars, is > > determine your port counts per floor, determine connectivity - > > fiber runs > > between closets, and where those runs terminate. if it's > > copper, you got > > troubles :-> > > > > determine your logical / vlan structures. who needs to see what > > and when. > > > > Then go through the provisioning process. > > > > Don't be afraid to call in a couple of vendors to help you. ask > > for > > proposals. If you have a vendor who works closely with you and > > wants to help > > educate you, that's your guy ( or gal, for the politically > > correct ) > > > > hope this helps you get started. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64756&t=64422 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network design [7:64422]
""Scott Roberts"" wrote in message news:[EMAIL PROTECTED] > I guess I'm the only one with the problem of that many then. I'll take your > words for it that it works OK, but I still keep thinking back to that one > study (don't recall its name), and can't help but think effiecency would go > by some noticeable degree. anybody can through switch and hubs around, > we're supposed to do it right, not just "to get by". > > I mean if 700 is ok, then why not 1000? at some point you have to agree > there is going to be a performance hit. hasn't any manufacturor thought to > retest this performance issue with the newer equipment? to bring a bit of real world into this, I am working with a couple of large organizations, for projects that involve good sized campus switched networks. Several of my coworkers are involved in similar projects. We are finding places where there may well be a couple thousand ddevices in a single broadcast domain. The IT folks in these orgs do know that sometimes there are problems. However, most also say that in general, they don't have a great deal of problems. an apocryhal story, but a couple of years back I interviewed with a large bank in this area. They were looking for detailed sniffer experience ( which I did not have ) because, they said, they had as many as 1000 stations on a segment, and whenever there were network performance issues, they sniffed like crazy, swapped out any nic that they considered "over the edge" and in general did everything they could to limit things that might adversely effect the ability of their users to do what they had to do, much of which was to get wire ( money ) transfers completed quickly and accurately. I worked in brokerage a few years. In that business, broadcast IS the business. About 200 stations in a shared hub domain was too much. Moving folks to 24 stations on a hub, with the hubs connected to switch ports, was quite effective. in terms of reduction of performance complaints. I would never do it this way these days. As for the manufacturers, all they care about is selling equipment, so of course they are going to promote thresholds which support the selling of more equipment. > > scott > > ""Priscilla Oppenheimer"" wrote in message > news:[EMAIL PROTECTED] > > Great answer Chuck. It sounds like you figured out his/her basic needs, > > though we would need more detail to provide a detailed design, of course, > > and payment for design services. :-) Well, actually your idea of asking a > > vendor to do an RFP might mean a free design (that would be biased toward > > the vendor, of course, but still a good start.) > > > > I'm not in disagreement that today 700 nodes in one broadcast domain might > > be OK. In other words, I would probably recommend no VLANs as a start. > VLANs > > complicate matters. If the network admins are somewhat new to networking, > > they should avoid VLANs to start. > > > > The reason 700 nodes in one broadcast domain could work is because NICs > and > > CPUs are really not bothered by broadcasts like they were in the > mid-1990s. > > They are much fast, have better buffers, etc. Some would argue they never > > were affected as much as Cisco claimed! > > > > I help out once in a while on a city-wide school network with that many > > nodes in one broadcast domain. It has all the risk factors: > > > > Lots of AppleTalk traffic > > Lots of Novell traffic > > Lots of NetBIOS traffic > > Lots of IP traffic > > Ancient PCs with slow CPUs > > > > There are no performance issues. > > > > Priscilla > > > > The Long and Winding Road wrote: > > > > > > ""ferry ferry"" wrote in message > > > news:[EMAIL PROTECTED] > > > > I need a scheme of network.It need seven hundreds > > > points.please give me > > > some > > > > advice on how to design it.It include that how to select > > > network > > > > product,product configuration.They are seted in a building.It > > > have twenty > > > > layers. > > > > > > > > > Let's see if I understand you correctly. > > > > > > A company is located in a multistory building. There are 700 > > > users spread > > > out among 20 floors. So on average there are 35 users per floor. > > > > > > I'm going to assume a single data center with your servers and > > > internet > > > connection. > > > > > > Got fiber running from your data center to the various floors? > > > How is this > > > structured? how far from the dataccenter to each of the floors? > > > > > > the answer to this will help determine if you use a collapsed > > > backbone or if > > > you connect your switches in series. > > > > > > do you have groups of users who should logically be separated > > > from > > > eachother. Some companies like their payroll department to be > > > on a separate > > > network from other departments, for example. are there some > > > services that > > > need to be separated and unavailable to some users? > > > > > > These days, 700 uses, particularly in a switched environment, > > > is not such a > > > large
Re: network design [7:64422]
personally, i've had very good luck with vendor designs. in particular if you have some inkling about what your requirements are and the rudiments of a solution set in mind. if you know enough about a solution to intelligently pose questions and negotiate features/costs tradeoffs then you can get a really decent design that is up to date with what your favorite vendor currently offers and it cost you 2 vendor meetings at 1.5 hours each, plus prep time. really a deal. but you do need to know the requirements. so in this case the questions posed earlier by chuck would need to be answered so the vendor can work their magic. off to germany for a week - will return with more "opportunities to excel", no doubt. garrett - Original Message - From: Scott Roberts Date: Friday, March 7, 2003 2:42 pm Subject: Re: network design [7:64422] > I guess I'm the only one with the problem of that many then. I'll > take your > words for it that it works OK, but I still keep thinking back to > that one > study (don't recall its name), and can't help but think effiecency > would go > by some noticeable degree. anybody can through switch and hubs > around,we're supposed to do it right, not just "to get by". > > I mean if 700 is ok, then why not 1000? at some point you have to > agreethere is going to be a performance hit. hasn't any > manufacturor thought to > retest this performance issue with the newer equipment? > > scott > > ""Priscilla Oppenheimer"" wrote in message > news:[EMAIL PROTECTED] > > Great answer Chuck. It sounds like you figured out his/her basic > needs,> though we would need more detail to provide a detailed > design, of course, > > and payment for design services. :-) Well, actually your idea of > asking a > > vendor to do an RFP might mean a free design (that would be > biased toward > > the vendor, of course, but still a good start.) > > > > I'm not in disagreement that today 700 nodes in one broadcast > domain might > > be OK. In other words, I would probably recommend no VLANs as a > start.VLANs > > complicate matters. If the network admins are somewhat new to > networking,> they should avoid VLANs to start. > > > > The reason 700 nodes in one broadcast domain could work is > because NICs > and > > CPUs are really not bothered by broadcasts like they were in the > mid-1990s. > > They are much fast, have better buffers, etc. Some would argue > they never > > were affected as much as Cisco claimed! > > > > I help out once in a while on a city-wide school network with > that many > > nodes in one broadcast domain. It has all the risk factors: > > > > Lots of AppleTalk traffic > > Lots of Novell traffic > > Lots of NetBIOS traffic > > Lots of IP traffic > > Ancient PCs with slow CPUs > > > > There are no performance issues. > > > > Priscilla > > > > The Long and Winding Road wrote: > > > > > > ""ferry ferry"" wrote in message > > > news:[EMAIL PROTECTED] > > > > I need a scheme of network.It need seven hundreds > > > points.please give me > > > some > > > > advice on how to design it.It include that how to select > > > network > > > > product,product configuration.They are seted in a building.It > > > have twenty > > > > layers. > > > > > > > > > Let's see if I understand you correctly. > > > > > > A company is located in a multistory building. There are 700 > > > users spread > > > out among 20 floors. So on average there are 35 users per floor. > > > > > > I'm going to assume a single data center with your servers and > > > internet > > > connection. > > > > > > Got fiber running from your data center to the various floors? > > > How is this > > > structured? how far from the dataccenter to each of the floors? > > > > > > the answer to this will help determine if you use a collapsed > > > backbone or if > > > you connect your switches in series. > > > > > > do you have groups of users who should logically be separated > > > from > > > eachother. Some companies like their payroll department to be > > > on a separate > > > network from other departments, for example. are there some > > > services that > > > need to be separated and unavailable to some users? > > > > > > These days, 700 uses, particularly in a switched environ
RE: network design [7:64422]
Hey Chuck, How did that big design go, the one you mentioned on the list a few months ago? Symon -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED] Sent: 07 March 2003 20:05 To: [EMAIL PROTECTED] Subject: Re: network design [7:64422] ""Scott Roberts"" wrote in message news:[EMAIL PROTECTED] > I guess I'm the only one with the problem of that many then. I'll take your > words for it that it works OK, but I still keep thinking back to that > one study (don't recall its name), and can't help but think effiecency > would go > by some noticeable degree. anybody can through switch and hubs > around, we're supposed to do it right, not just "to get by". > > I mean if 700 is ok, then why not 1000? at some point you have to > agree there is going to be a performance hit. hasn't any manufacturor > thought to retest this performance issue with the newer equipment? to bring a bit of real world into this, I am working with a couple of large organizations, for projects that involve good sized campus switched networks. Several of my coworkers are involved in similar projects. We are finding places where there may well be a couple thousand ddevices in a single broadcast domain. The IT folks in these orgs do know that sometimes there are problems. However, most also say that in general, they don't have a great deal of problems. an apocryhal story, but a couple of years back I interviewed with a large bank in this area. They were looking for detailed sniffer experience ( which I did not have ) because, they said, they had as many as 1000 stations on a segment, and whenever there were network performance issues, they sniffed like crazy, swapped out any nic that they considered "over the edge" and in general did everything they could to limit things that might adversely effect the ability of their users to do what they had to do, much of which was to get wire ( money ) transfers completed quickly and accurately. I worked in brokerage a few years. In that business, broadcast IS the business. About 200 stations in a shared hub domain was too much. Moving folks to 24 stations on a hub, with the hubs connected to switch ports, was quite effective. in terms of reduction of performance complaints. I would never do it this way these days. As for the manufacturers, all they care about is selling equipment, so of course they are going to promote thresholds which support the selling of more equipment. > > scott > > ""Priscilla Oppenheimer"" wrote in message > news:[EMAIL PROTECTED] > > Great answer Chuck. It sounds like you figured out his/her basic > > needs, though we would need more detail to provide a detailed > > design, of course, > > and payment for design services. :-) Well, actually your idea of > > asking a > > vendor to do an RFP might mean a free design (that would be biased toward > > the vendor, of course, but still a good start.) > > > > I'm not in disagreement that today 700 nodes in one broadcast domain might > > be OK. In other words, I would probably recommend no VLANs as a > > start. > VLANs > > complicate matters. If the network admins are somewhat new to networking, > > they should avoid VLANs to start. > > > > The reason 700 nodes in one broadcast domain could work is because > > NICs > and > > CPUs are really not bothered by broadcasts like they were in the > mid-1990s. > > They are much fast, have better buffers, etc. Some would argue they never > > were affected as much as Cisco claimed! > > > > I help out once in a while on a city-wide school network with that > > many nodes in one broadcast domain. It has all the risk factors: > > > > Lots of AppleTalk traffic > > Lots of Novell traffic > > Lots of NetBIOS traffic > > Lots of IP traffic > > Ancient PCs with slow CPUs > > > > There are no performance issues. > > > > Priscilla > > > > The Long and Winding Road wrote: > > > > > > ""ferry ferry"" wrote in message > > > news:[EMAIL PROTECTED] > > > > I need a scheme of network.It need seven hundreds > > > points.please give me > > > some > > > > advice on how to design it.It include that how to select > > > network > > > > product,product configuration.They are seted in a building.It > > > have twenty > > > > layers. > > > > > > > > > Let's see if I understand you correctly. > > > > > > A company is located in a multistory building. There are 700 users > > > spread out among 20 floors. So on average there are 3
Re: network design [7:64422]
i guess that the best way to get around how many hosts can be put in a giving broadcast domain will depend very much on the traffic patterns and the load the users put on the network add to that the diffrent applications behaviors as well as the windows behavior, so i think there is no right answer here, it all depends on the environment. as a rule cisco recomands, no more thatn 500 IIP users per broadcast domain, but then again the above must be drilled, if there is other desktop protocols that rely heavely on broadcasting, it is another story. the big question is not how much of these host i could get away with putting in one domain, but how scalable will the environment be in regards to the companys direction, simply u don't wana redo the hall thing when ur client wants to deploy a new technologie, or more application or what have u, more or less adaptability and scalability and relibility in face of the coming environment should be weighted out agianst how many host a person could get away with puting in a braodcast domain. Regards, Amar. ""Symon Thurlow"" a icrit dans le message de news: [EMAIL PROTECTED] > Hey Chuck, > > How did that big design go, the one you mentioned on the list a few > months ago? > > Symon > > -Original Message- > From: The Long and Winding Road > [mailto:[EMAIL PROTECTED] > Sent: 07 March 2003 20:05 > To: [EMAIL PROTECTED] > Subject: Re: network design [7:64422] > > > ""Scott Roberts"" wrote in message > news:[EMAIL PROTECTED] > > I guess I'm the only one with the problem of that many then. I'll take > your > > words for it that it works OK, but I still keep thinking back to that > > one study (don't recall its name), and can't help but think effiecency > > > would > go > > by some noticeable degree. anybody can through switch and hubs > > around, we're supposed to do it right, not just "to get by". > > > > I mean if 700 is ok, then why not 1000? at some point you have to > > agree there is going to be a performance hit. hasn't any manufacturor > > thought to retest this performance issue with the newer equipment? > > > to bring a bit of real world into this, I am working with a couple of > large organizations, for projects that involve good sized campus > switched networks. Several of my coworkers are involved in similar > projects. We are finding places where there may well be a couple > thousand ddevices in a single broadcast domain. The IT folks in these > orgs do know that sometimes there are problems. However, most also say > that in general, they don't have a great deal of problems. > > an apocryhal story, but a couple of years back I interviewed with a > large bank in this area. They were looking for detailed sniffer > experience ( which I did not have ) because, they said, they had as many > as 1000 stations on a segment, and whenever there were network > performance issues, they sniffed like crazy, swapped out any nic that > they considered "over the edge" and in general did everything they could > to limit things that might adversely effect the ability of their users > to do what they had to do, much of which was to get wire ( money ) > transfers completed quickly and accurately. > > I worked in brokerage a few years. In that business, broadcast IS the > business. About 200 stations in a shared hub domain was too much. Moving > folks to 24 stations on a hub, with the hubs connected to switch ports, > was quite effective. in terms of reduction of performance complaints. I > would never do it this way these days. > > As for the manufacturers, all they care about is selling equipment, so > of course they are going to promote thresholds which support the selling > of more equipment. > > > > > > scott > > > > ""Priscilla Oppenheimer"" wrote in message > > news:[EMAIL PROTECTED] > > > Great answer Chuck. It sounds like you figured out his/her basic > > > needs, though we would need more detail to provide a detailed > > > design, of > course, > > > and payment for design services. :-) Well, actually your idea of > > > asking > a > > > vendor to do an RFP might mean a free design (that would be biased > toward > > > the vendor, of course, but still a good start.) > > > > > > I'm not in disagreement that today 700 nodes in one broadcast domain > might > > > be OK. In other words, I would probably recommend no VLANs as a > > > start. > > VLANs > > > complicate matters. If the network admins are somewhat new to > networking, > > > they should avoid VLANs to
Network Design... Hmmm [7:44417]
I am reading Priscilla's book "Top Down Network Design" for the second time for a refresher and decided to hit the pool after I got home. On the way out I looked on my book shelf and saw "Advanced IP Network Design" that I haven't had a chance to look at yet. So I took it to the pool with me. When lo and behold, what did I read on page 5, "The best place to start when designing a network is at the bottom". Food for thought :-) Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44417&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP network design [7:21019]
Hi everyone I've got a project where I have to design and implement EIGRP in a small to medium sized network of about 50 to 70 routers. One of my main problems is what to do with routing updates at the firewalls at each site, should they be allowed to pass through the firewall or should statics be used either side of the firewalls. Another problem I can see is the routes on the firewalls, is there a way to avoid having to type all those route entries in them, the network has many discontiguous networks. And one last point is the redistribution to the BGP routers at the edge of the network I'm after some tips, experiences and URLs so I can read around the subject myself Regards Pat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21019&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DWDM network design [7:55717]
Does anyone in here have any experience with large scale DWDM design? If so would you be willing to chat with me about using "metro DWDM" equipment vs long haul equipment in a regional (8 runs that can be arranged into one or two rings, each run at 100Km) DWDM network with OC-192? --- Mike Bernico [EMAIL PROTECTED] Illinois Century Network http://www.illinois.net (217) 557-6555 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55717&t=55717 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Proper network design? [7:49536]
Proper network design? I have a few questions for the group that maybe someone can answer. From my studies when I got CCNA certified, I understood that different networks were ALWAYS separated by a router. At my company we have this equipment that was purchased several months ago that acts as a digital cellular network. It was set up and was able to operate, but only in a limited way. Basically, this is the setup - the digital cellular network was on the 192.168.2.0 subnet (subnet mask 255.255.255.0). The company development LAN was on the 192.168.0.0 subnet (subnet mask 255.255.255.0). The two small networks (less than 10 hosts in each subnet) were all tied together at a 24 port hub. The gateway to the Internet was through a Linux box. The digital cellular network was basically a box (with IP address 192.168.0.100) that passed packets to network 192.168.2.0 through a low power transmitter to the cellular hosts in the 192.168.2.0 subnet. With this setup, only one desktop host on the 192.168.0.0 network could communicate to the 192.168.2.0 cellular network (desktop host 192.168.0.20). The problem of only one desktop host in the 192.168.0.0 network being able to communicate with the 192.168.2.0 network was solved by replacing the Linux box with a Cisco 2514 router (with two ethernet interfaces). The configuration for the router was exactly the same as the Linux box except for one small addition. The following line was added as a static route: ip route 192.168.2.0 255.255.255.0 192.168.0.100 Now let me ask you, have you ever seen a router that gets a packet on one interface pass it right back out the SAME interface back to another host on that same network? Our setup basically ties two DIFFERENT class C subnets together through a hub and the Cisco router makes it all work perfectly. This doesn't sound like standard network design as I've seen it described in any text so far. I'll describe it a little more for clarity. If i'm on a desktop PC (IP address 192.168.0.20) and ping IP address 192.168.2.2, windows will send that packet to the default gateway (configured as 192.168.0.1 in windows network applet - which is the Cisco router) since it lies in a different network (since the subnet mask is 255.255.255.0). The Cisco router receives this packet destined for the 192.168.2.0 network and since it matches it with the above static route, sends it back out the same interface it came in on, back to another host (192.168.0.100 - the cellular transmitter box) out to the cellular host (192.168.2.2). This is the way the cellular network equipment manufacturer intended it to work. The setup works, but it sounds really weird and nonstandard. Has anyone else encountered such a setup or something similar before? Is this a kind of network design that is done often? Doesn't a router normally always route packets from one interface to another? Thanks in advance for your responses. Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49536&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network design question [7:52762]
Hi All, Like my previous emails, had a network designed for some 460 ports. Hoever, like yesterday, I have been told now to cater for some 650 ports, and to plan for VOIP in a few months time. My topology looked like [Core Switch - Cisco Catalyst 4006] / \ / \ / \ / \ / \ / \ [Cat2950][Cat2950] [Cat2950][cat2950] and would extend out another level That kind of worked for 460 ports: Would this design work: [---Core Switch - Cisco Catalyst 4006-] Floor Closet-Level 3 (core room) /\ / \ / \/ \ / \ / \ [Cat2950]--[Cat2950]---[Cat2950] [Cat2950]---[Cat2950]---[Cat2950]---[Cat2950] Floor Closet-Level 1 Floor Closet-Level 2 All links back to the core, are fibre connecting to a GBIC on the core 4006. The link between each cat 2950, is also fibre connecting to a GBIC port. Would this design work as my core-distribution model, or would it be better just to have the just 2 switchs at my dist layer ? Thanks for your time. John Sydney Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52762&t=52762 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network design results [7:52909]
First, I wish to thank all of you who contributed to the question of network design. In particular, I would like to thank Larry Letterman who spent a fair bit of time, and explained in detail, why he made changes and what benefits these changes made. The end result: Each switch in the network, has a GBIC connection to the core. Originally, only 2 switch's per floor would have a fibre link to the core, and all other switch's on that level would "daisy chain" from that. It was put forward to me, that in the event of a failue back to the core, I could have a potential problem with STP between switch's. The root switch, would see multiple STP networks. This could leed to a problem. Besides that, just simple configuration will get through the implementation phase. Have trunk links carrying for all VLANS on the switchs. Assign VLAN membership per port and away we go. If any one is interested in seeing the final design, please feel free to ask for the doco. Its really such a simple design. I had around 20 people willing to help. I wish to thank you, the un-sung hero's. John Sydney, Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52909&t=52909 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network design [7:54142]
""Dwayne Saunders"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all, > Let me start with I am about to start my design track. Every one > comments on Priscilla's Book Top Down Network Design I was just looking at > it and was wondering since this was written dec 1998 is it still current to > today's network topology's (Not trying to flame you Priscilla). you must remember this - a kiss is still a kiss a sigh is still a sigh the fundamental things apply as time goes by ;-> > > Any advice on this would be greatly appreciated. > > Regards > > D'Wayne Saunders > Data Network Administrator > CCNP, CSS1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54144&t=54142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: network design [7:54142]
so poetic Tim Medley, CCNP+Voice, CCDP, CWNA Sr. Network Architect VoIP Group iReadyWorld -Original Message- From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 25, 2002 7:25 PM To: [EMAIL PROTECTED] Subject: Re: network design [7:54142] ""Dwayne Saunders"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all, > Let me start with I am about to start my design track. Every one > comments on Priscilla's Book Top Down Network Design I was just looking at > it and was wondering since this was written dec 1998 is it still current to > today's network topology's (Not trying to flame you Priscilla). you must remember this - a kiss is still a kiss a sigh is still a sigh the fundamental things apply as time goes by ;-> > > Any advice on this would be greatly appreciated. > > Regards > > D'Wayne Saunders > Data Network Administrator > CCNP, CSS1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54158&t=54142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: network design [7:54142]
Dwayne Saunders wrote: > > Hi all, > Let me start with I am about to start my design track. Every > one > comments on Priscilla's Book Top Down Network Design I was just > looking at > it and was wondering since this was written dec 1998 is it > still current to > today's network topology's (Not trying to flame you Priscilla). Well the book really shipped January 1999. But yeah, I know that doesn't sound too good. ;-) Seriously, since the book teaches a classic design methodology, almost all of it is still relevant. The top-down methods are based on methods that were designed for software development in the 1970s and are still in use today. It used to be that programmers made the same types of mistakes that nework engineers tend to make. They started writing code and recommending equipment without talking to users, understanding the business and technical requirements, figuring out a high-level logical design, planning for maintainability, etc. Timeless top-down processes avoid the problems that occur with this sort of approach, regardless of new features, technologies, etc. As far as certification goes, there's been this weird feedback loop for many years between my work and Cisco courses and certifications. I hear that CCDA and CID are even more like my book than they were when I wrote it. I welcome suggestions on either of my books. I don't do GroupStudy via e-mail any more, but humans can guess my e-mail address. Hopefully a computer worm/robot can't figure this out. My domain name is my first name in the .com domain. My mail address is my initials, which are also short for Post Office or Purchase Order! ;-) Thanks in advance for any comments you have and suggestions for updating. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Any advice on this would be greatly appreciated. > > Regards > > D'Wayne Saunders > Data Network Administrator > CCNP, CSS1 > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54163&t=54142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
voip network design urgent [7:8928]
HI everybody I am designing a voip network. I want to take ip traffic throug a leased line put them to the pstn through pbx. I am going to use 3640 with vic- E&M card and WIC-2T to get the leased line. I am going to use ericosn DM110 as pbx Will this work or tell me your ideas and sugestions ciscosl __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8928&t=8928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proposed Network Design [7:10494]
Sammi, This may be a bit ungracious but how is your security as it seems now that we have all the plans? Karl - Original Message - From: "Sammi" To: Sent: Saturday, June 30, 2001 12:05 PM Subject: Proposed Network Design [7:10494] > Hello all, > > We are migrating off of Banyan to Windows 2000 in late July and > through August. Concurrent with the migration will be an > infrastructure overhaul. I would like to lay out my plans and > thoughts; any comments, advice, criticism, improvements, etc. greatly > appreciated. > > I have 95% of my hardware: > > Dell Poweredge servers: > 1550 (6) - file servers > 6450 (2) - SQL and Exchange servers > 2450 (1) - SQL > > Cisco Switches: > 2948G (1) - distribution switch > 2900xl (8) - access switches > various numbers of 1900/2800 to be phased out > > Cisco Aironet Wireless: > 2 parabolic, various yaggi and omni antennae > a number of workgroup and access bridges, various sizes. > > The new environment will consist entirely of new servers, no upgrades > from old environment. > > I've taken my first crack at using Visio 2000 to try and lay out a > high level conceptualization of my planned design. If interested, > please download the diagram: http://www.tuzzy.org/design.zip 200k > > Currently our network is on one segment and I am creating vlan's. This > is an ambitious project for my experience but I'm confident, although > I realize it'll take a lot of work and study as I go. I've been > researching this scenario for some time now, and have attended a BCMSN > week long course with Global Knowledge. So, I may be in dim light but > not totally in the dark ;-) > > Physical Sites consist of: > > Main site; includes main administrative building and 6 outlying > quonset (huts). Fiber from main building to one hut, fiber between > huts. Currently in place and operable. Main server room; distribution > switch, access switches in main building and physical locations. > > Heritage site: approx. 4 miles from main. Will connect to Main Site > via Aironet, parabolic at Heritage and at Main. > > Northstar site: approx. 400 yds. from Heritage, connected via fibre, > currently in place and operable. > > Daycare site: approx. 800 yds. from Heritage, will connect via > Aironet. > > Home: approx. 1 mi. from Heritage, will connect via Aironet. > > All operations must take place within 10.200.x.x range. Our > organization is one of three trees within the 2000 forest. Each tree > is an independent organization with close ties. One domain per tree. > > My plans: > > All servers are Windows 2000, all desktops 2000 Professional. > Each VLAN consists of 6 ports on the 2948 switch, each port (as > needed) will go to a 2900xl switch for eventual end user access, > possible direct 2948 to desktop in some cases. > > VLAN 1 > 10.200.1.x / 24 > Serving enterprise; > Exchange 2000 / Universal file server box > ISA (firewall) box > Primary DNS, DC, DHCP, Global Catalog > > VLAN 2 > 10.200.2.x / 24 > File server for info systems, main building. > Secondary DNS, DC > DHCP? > 3 users > > VLAN 3 > 10.200.3.x / 24 > File server for huts. > SQL backend server for online application, access from huts. > DHCP? > 50 users, web server. > > VLAN 4 > 10.200.4.x / 24 > One box, 6450, SQL server and file server for finance and services, > main building. > DHCP? > 6 - 12 users, critical data, high resource demand > > VLAN 5 > 10.200.5.x / 24 > File server for administrative staff, main building. > DHCP? > 75 users > > VLAN 6 > 10.200.6.0 / 24 > Spans from main building to heritage center, approx. 4 miles distant. > Parabolic and bridge, Aironet, at main building and Heritage center. > Bridge on each end connected to a 2900xl switch. > File server for Heritage center, possibly daycare. > Daycare connected via workstations -> 2900xl -> aironet -> heritage > Northstar has own servers, connected to Heritage via fiber. > Home will connect to Heritage via wireless (low priority). > Possible (probable) second server at Heritage, possible server at > Daycare. > DNS (cache only), DC, Global Catalog > DHCP? > 50 users > > VLAN 7 > Not utilized. > > VLAN 8 > Gateway to existing Banyan network. > > > So there we have it. > > This is actually my first time writing it out in detail and that in > itself has been beneficial. > If anyone is feeling ambitious and generous I would more than welcome > a picking apart of my logic, diagramming, any input at all welcome. > I'm sure I have some gaping omissions, leaps of logic or > considerations not yet considered. Chances are I'm
Re: Proposed Network Design [7:10494]
On 30 Jun 2001 08:50:34 -0400, [EMAIL PROTECTED] ("hal9001") wrote: >Sammi, > >This may be a bit ungracious but how is your security as it seems now that >we have all the plans? Don't see that it'd be any different. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10507&t=10494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proposed Network Design [7:10494]
I.E. None then! - Original Message - From: "Sammi" To: Sent: Saturday, June 30, 2001 2:36 PM Subject: Re: Proposed Network Design [7:10494] > On 30 Jun 2001 08:50:34 -0400, [EMAIL PROTECTED] ("hal9001") wrote: > > >Sammi, > > > >This may be a bit ungracious but how is your security as it seems now that > >we have all the plans? > > Don't see that it'd be any different. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10512&t=10494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proposed Network Design [7:10494]
Comments inline. - Original Message - From: Sammi To: Sent: Saturday, June 30, 2001 4:05 AM Subject: Proposed Network Design [7:10494] > Hello all, > > We are migrating off of Banyan to Windows 2000 in late July and > through August. Concurrent with the migration will be an > infrastructure overhaul. I would like to lay out my plans and > thoughts; any comments, advice, criticism, improvements, etc. greatly > appreciated. > > I have 95% of my hardware: > > Dell Poweredge servers: > 1550 (6) - file servers > 6450 (2) - SQL and Exchange servers > 2450 (1) - SQL > > Cisco Switches: > 2948G (1) - distribution switch > 2900xl (8) - access switches > various numbers of 1900/2800 to be phased out I hope that 2948 is a 2948G-L3 layer 3 switch. If not, you going to need some kind of router for inter-vlan connectivity. > Cisco Aironet Wireless: > 2 parabolic, various yaggi and omni antennae > a number of workgroup and access bridges, various sizes. I hope you are using a full bridge at that hub site. I don't think workgroup bridges will do a point to multipoint setup. > The new environment will consist entirely of new servers, no upgrades > from old environment. > > I've taken my first crack at using Visio 2000 to try and lay out a > high level conceptualization of my planned design. If interested, > please download the diagram: http://www.tuzzy.org/design.zip 200k It's not bad for a high level concept drawing. As you progress in your design, add as much detail as you can. Put in mangement ip addresses on network equipment. VLAN ranges, hostnames, etc. I am a firm believer in making a network work on paper before I configure anything. This way you can spot as many issues ahead of time. Also, when you are done, you network is already documented !! > Currently our network is on one segment and I am creating vlan's. This > is an ambitious project for my experience but I'm confident, although > I realize it'll take a lot of work and study as I go. I've been > researching this scenario for some time now, and have attended a BCMSN > week long course with Global Knowledge. So, I may be in dim light but > not totally in the dark ;-) > > Physical Sites consist of: > > Main site; includes main administrative building and 6 outlying > quonset (huts). Fiber from main building to one hut, fiber between > huts. Currently in place and operable. Main server room; distribution > switch, access switches in main building and physical locations. Are you going to use media converters for the uplinks ?? There is a version of the 2900 that comes with a fiber FastE port for uplinks. > Heritage site: approx. 4 miles from main. Will connect to Main Site > via Aironet, parabolic at Heritage and at Main. If you are using a parabolic at your hub site. It won't work for a multipoint setup. Unless you have a bridge for each link or the two branchs are on the same line of sight. Consider using an omni at the hub and parabolics at the branches. > Northstar site: approx. 400 yds. from Heritage, connected via fibre, > currently in place and operable. > > Daycare site: approx. 800 yds. from Heritage, will connect via > Aironet. > > Home: approx. 1 mi. from Heritage, will connect via Aironet. > > All operations must take place within 10.200.x.x range. Our > organization is one of three trees within the 2000 forest. Each tree > is an independent organization with close ties. One domain per tree. > > My plans: > > All servers are Windows 2000, all desktops 2000 Professional. > Each VLAN consists of 6 ports on the 2948 switch, each port (as > needed) will go to a 2900xl switch for eventual end user access, > possible direct 2948 to desktop in some cases. > > VLAN 1 > 10.200.1.x / 24 > Serving enterprise; > Exchange 2000 / Universal file server box > ISA (firewall) box > Primary DNS, DC, DHCP, Global Catalog > > VLAN 2 > 10.200.2.x / 24 > File server for info systems, main building. > Secondary DNS, DC > DHCP? > 3 users > > VLAN 3 > 10.200.3.x / 24 > File server for huts. > SQL backend server for online application, access from huts. > DHCP? > 50 users, web server. > > VLAN 4 > 10.200.4.x / 24 > One box, 6450, SQL server and file server for finance and services, > main building. > DHCP? > 6 - 12 users, critical data, high resource demand > > VLAN 5 > 10.200.5.x / 24 > File server for administrative staff, main building. > DHCP? > 75 users > > VLAN 6 > 10.200.6.0 / 24 > Spans from main building to heritage center, approx. 4 miles distant. > Parabolic and bridge, Aironet, at main building and Heritage center. > Bridge on each end connected to a 2900xl switch. > File server for
Re: Proposed Network Design [7:10494]
Sorry if I sounded abrupt, wasn't meant that way. Fact is, *I* don't see that it'd compromise security, so that doesn't mean it doesn't in fact make a difference. My thinking was; if someone could get to my internal network they'd find that out quick enough. I appreciate the thought, and if there's room for criticism there, then that's exactly what I'm looking for. Constructive criticism is a great learning tool IMO. On 30 Jun 2001 10:22:48 -0400, [EMAIL PROTECTED] ("hal9001") wrote: >I.E. None then! >- Original Message - >From: "Sammi" >To: >Sent: Saturday, June 30, 2001 2:36 PM >Subject: Re: Proposed Network Design [7:10494] > > >> On 30 Jun 2001 08:50:34 -0400, [EMAIL PROTECTED] ("hal9001") wrote: >> >> >Sammi, >> > >> >This may be a bit ungracious but how is your security as it seems now >that >> >we have all the plans? >> >> Don't see that it'd be any different. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10518&t=10494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proposed Network Design [7:10494]
On 30 Jun 2001 11:45:37 -0400, [EMAIL PROTECTED] ("Tony Medeiros") wrote: >Comments inline. Thanks for the input, followups below: >I hope that 2948 is a 2948G-L3 layer 3 switch. If not, you going to need >some kind of router for inter-vlan connectivity. Yes, it is a L3, chosen specifically for its routing capabilities. >I hope you are using a full bridge at that hub site. I don't think >workgroup bridges will do a point to multipoint setup. Full bridges, yes. Model numbers are at the office and I couldn't recall off hand. >It's not bad for a high level concept drawing. As you progress in your >design, add as much detail as you can. Put in mangement ip addresses on >network equipment. VLAN ranges, hostnames, etc. I am a firm believer in >making a network work on paper before I configure anything. This way you >can spot as many issues ahead of time. That was my intent, to put in as much detail as possible. But it seemed my drawing threatened to become so cluttered as to be unreadable. I didn't see that the workspace would "expand" as needed, but will play with it more. > Also, when you are done, you >network is already documented !! That bonus occurred to me as I was constructing my post, the process also brings issues clearer to mind. >Are you going to use media converters for the uplinks ?? There is a version >of the 2900 that comes with a fiber FastE port for uplinks. The uplinks are already in place and operable, using converters. For the outlying buildings it's a matter of upgrading the switches, tidying the mess of cable, and configuring for VLAN. >If you are using a parabolic at your hub site. It won't work for a >multipoint setup. Unless you have a bridge for each link or the two branchs >are on the same line of sight. Consider using an omni at the hub and >parabolics at the branches. The two main sites, 4 mi. distance, I have established a direct line of sight. The other site I'd like to bring into a parabolic is along the same path, slightly to the west. I figure if I'm lucky the dish will catch it, if not I have antennae to do the job. I have yaggis and omnis, I had thought yaggi would be better suited for distance and direct line. Do you feel the omni is a better option? Thanks again for your comments, very much appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10519&t=10494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proposed Network Design [7:10494]
Wasn't having a go but I think you were too specific and pinned exactly down to who you are and where you are etc etc, somebody will go sniffing just for the kicks. Karl - Original Message - From: "Sammi" To: Sent: Saturday, June 30, 2001 7:18 PM Subject: Re: Proposed Network Design [7:10494] > Sorry if I sounded abrupt, wasn't meant that way. > > Fact is, *I* don't see that it'd compromise security, so that doesn't > mean it doesn't in fact make a difference. > My thinking was; if someone could get to my internal network they'd > find that out quick enough. > I appreciate the thought, and if there's room for criticism there, > then that's exactly what I'm looking for. > > Constructive criticism is a great learning tool IMO. > > On 30 Jun 2001 10:22:48 -0400, [EMAIL PROTECTED] ("hal9001") > wrote: > > >I.E. None then! > >----- Original Message - > >From: "Sammi" > >To: > >Sent: Saturday, June 30, 2001 2:36 PM > >Subject: Re: Proposed Network Design [7:10494] > > > > > >> On 30 Jun 2001 08:50:34 -0400, [EMAIL PROTECTED] ("hal9001") wrote: > >> > >> >Sammi, > >> > > >> >This may be a bit ungracious but how is your security as it seems now > >that > >> >we have all the plans? > >> > >> Don't see that it'd be any different. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10521&t=10494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proposed Network Design [7:10494]
Sammi, if it was me ( and yes an cisco co`s in the uk i AM looking for a network designers role) first i would chuck your 2900`s and put in 3548xl`s ..( if you havent already bought them) also i take it (silly question) that you have LINE Of SIGHT for your aironets and that also you are aware of any enviromental issues (such as mobile phone towers/power stations)that are close-by... There no point in responding if you have ...this is just a general reminder as for dhcp i never put my servers on dhcp to-many complications also you seem to have gone for the distributed server model Where will you Domain server`s be .will all the server be domain server`s or will some be app only think about the replication traffic between the servers in each vlan (i presume hut) also the more vlans for server`s you have ...the more switching that needs to be done .make sure MLS is enabled on your G. also are you sure arionet can handle the amount of traffic .can you get some kit and build a mini-lab first...? sorry i can`t seem to get your diag which would really help to look at sorry but thinking some more about this i want to know why you have so many Vlan`s H i really need to look at your diag ...can yo u post it 2 me so i can have a good look cheers steve (oh BTW i am a desinger now ...it`s just i want a better job ,that all ) steve also you are aware of the enviromental >From: "Sammi" >Reply-To: "Sammi" >To: [EMAIL PROTECTED] >Subject: Proposed Network Design [7:10494] >Date: Sat, 30 Jun 2001 07:05:22 -0400 > >Hello all, > >We are migrating off of Banyan to Windows 2000 in late July and >through August. Concurrent with the migration will be an >infrastructure overhaul. I would like to lay out my plans and >thoughts; any comments, advice, criticism, improvements, etc. greatly >appreciated. > >I have 95% of my hardware: > >Dell Poweredge servers: >1550 (6) - file servers >6450 (2) - SQL and Exchange servers >2450 (1) - SQL > >Cisco Switches: >2948G (1) - distribution switch >2900xl (8) - access switches >various numbers of 1900/2800 to be phased out > >Cisco Aironet Wireless: >2 parabolic, various yaggi and omni antennae >a number of workgroup and access bridges, various sizes. > >The new environment will consist entirely of new servers, no upgrades >from old environment. > >I've taken my first crack at using Visio 2000 to try and lay out a >high level conceptualization of my planned design. If interested, >please download the diagram: http://www.tuzzy.org/design.zip 200k > >Currently our network is on one segment and I am creating vlan's. This >is an ambitious project for my experience but I'm confident, although >I realize it'll take a lot of work and study as I go. I've been >researching this scenario for some time now, and have attended a BCMSN >week long course with Global Knowledge. So, I may be in dim light but >not totally in the dark ;-) > >Physical Sites consist of: > >Main site; includes main administrative building and 6 outlying >quonset (huts). Fiber from main building to one hut, fiber between >huts. Currently in place and operable. Main server room; distribution >switch, access switches in main building and physical locations. > >Heritage site: approx. 4 miles from main. Will connect to Main Site >via Aironet, parabolic at Heritage and at Main. > >Northstar site: approx. 400 yds. from Heritage, connected via fibre, >currently in place and operable. > >Daycare site: approx. 800 yds. from Heritage, will connect via >Aironet. > >Home: approx. 1 mi. from Heritage, will connect via Aironet. > >All operations must take place within 10.200.x.x range. Our >organization is one of three trees within the 2000 forest. Each tree >is an independent organization with close ties. One domain per tree. > >My plans: > >All servers are Windows 2000, all desktops 2000 Professional. >Each VLAN consists of 6 ports on the 2948 switch, each port (as >needed) will go to a 2900xl switch for eventual end user access, >possible direct 2948 to desktop in some cases. > >VLAN 1 >10.200.1.x / 24 >Serving enterprise; >Exchange 2000 / Universal file server box >ISA (firewall) box >Primary DNS, DC, DHCP, Global Catalog > >VLAN 2 >10.200.2.x / 24 >File server for info systems, main building. >Secondary DNS, DC >DHCP? >3 users > >VLAN 3 >10.200.3.x / 24 >File server for huts. >SQL backend server for online application, access from huts. >DHCP? >50 users, web server. > >VLAN 4 >10.200.4.x / 24 >One box, 6450, SQL server and file server for finance and services, >main building. >DHCP? >6 - 12 users, critical dat
Network Design Question(revised) [7:37239]
Sorry all . My primary message was quite messed up . I just corrected it . Well . I am reconstructing the Network of a 10 storey building with 10 to 150 nodes per floor . about 75 meters tall . I proposed to use a collapsed backbone structure with 2950T switches for the floor with 50 nodes . For the collapsed backbone , I proposed two catalysts 6000 switches with Supervisor Engine IA and MSFC and PFC (for layer3 connectivity)and multiple 1000BaseT(16) modules for both distribution layer and core functionality . and redundant connectivity to access layer devices . I proposed to collect all the servers in a server farm and to connect all the servers directly to the 6000 switches(here is one of my problems should I connect to servers directly to core , or should I concentrate them on a seperate switch and to connect that switch to core) . For security , I proposed a DMZ , internal , perimeter structure with a PIX 525 in between . all the remote connections and dialup connections are concentrated on a 3660 router in the perimeter zone . Here are my other problems : Not sure whether I should go for 6500 or 6000 (I don't know whether the CEF and SFM will help me that much or not) I don't know where to find a complete listing for all the components I need for each device and the related part numbers including cables and power supplies ,... Any other comment on the design are appreciated . Thank you all for the time and help . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37239&t=37239 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design Book [7:17134]
That's a very simple network... Basic design could be found on the internet without purchasing a book. I personally feel for a person just getting into networking, that the "basic" books are a waste... IF you have the abillity and drive to learn networking then you'll also feel shafted after you spend $50 on a book that only covers the basics. However, alot of the advanced stuff can seriously be overwhelming at times. So use the internet to get you knowledge of basic network design, learn a little as you go, then go to the advanced books. a search on google for "basic network design examples" would be a good place to start. -Patrick >>> "Zolla Zimmerman" 08/24/01 11:16AM >>> Hi All, I am designing a network with following requirements. Can somebody suggest me a good book on network design? The requirements are: 1. 2 T1's to 2 different ISP for redundancy 2. Firewall 3. Host own DNS, Webserver 4. Have private network separated from the public network. Please suggest something. Thanks ZZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17137&t=17134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design Book [7:17134]
goto http://www.priscilla.com/ She has a BOOK about Network Design called "TOP DOWN NETWORK DESIGN" -Original Message- From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 10:16 AM To: [EMAIL PROTECTED] Subject: Network Design Book [7:17134] Hi All, I am designing a network with following requirements. Can somebody suggest me a good book on network design? The requirements are: 1. 2 T1's to 2 different ISP for redundancy 2. Firewall 3. Host own DNS, Webserver 4. Have private network separated from the public network. Please suggest something. Thanks ZZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17139&t=17134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP Network Design Solutions Book
This is a very good book, although I wish Ivan would update it with more information regarding EIGRP. I would (and have) recommended that no organization consider implementing EIGRP without reviewing its contents. --- Shane Stockman <[EMAIL PROTECTED]> wrote: > Can anyone give some feedback as to whether this > would be a good book to buy > to futher my network design knowledge or could > someone recommend a better > book. > > EIGRP Network Design Solutions > Author: Ivan Pepelnjak, CCIE SRP: $55.00 > ISBN: 1578701651 Pages: 366 > Pub Date: Oct 1999 Media: Web site > > Thanks > > > Get Your Private, Free E-mail from MSN Hotmail at > http://www.hotmail.com > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP Network Design Solutions Book
It's a great book, must read for CCIE level exam!!! SK Robert Padjen <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is a very good book, although I wish Ivan would > update it with more information regarding EIGRP. I > would (and have) recommended that no organization > consider implementing EIGRP without reviewing its > contents. > > --- Shane Stockman <[EMAIL PROTECTED]> wrote: > > Can anyone give some feedback as to whether this > > would be a good book to buy > > to futher my network design knowledge or could > > someone recommend a better > > book. > > > > EIGRP Network Design Solutions > > Author: Ivan Pepelnjak, CCIE SRP: $55.00 > > ISBN: 1578701651 Pages: 366 > > Pub Date: Oct 1999 Media: Web site > > > > Thanks > > > > > > > Get Your Private, Free E-mail from MSN Hotmail at > > http://www.hotmail.com > > > > ___ > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > = > Robert Padjen > > __ > Do You Yahoo!? > Yahoo! Mail - Free email you can access from anywhere! > http://mail.yahoo.com/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP Network Design Solutions Book
I'll second that. Jeff Doyle's Routing TCP/IP is one of the first books to delve into the majority of commonly used routing protocols used today at the binary level. Jeff is not only a knowledgeable engineer but a great technical writer. He explains things clear and concise. I owe a great deal of networking knowledge to that book and I definitely wouldn't of passed my written or lab without it... Michael Cohen CCNP, CCDP CCIE #6080 -Original Message- From: Hixon Sgt James R Jr [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 20, 2000 11:30 PM To: 'S.K. Chan'; '[EMAIL PROTECTED]' Subject: EIGRP Network Design Solutions Book It is good, but the daddy of them all ( personal opinion only here- don't want some one to scold me) is Doyle's Routing TCP/IP. That is a awesome book that will knock you socks off. -Original Message- From: S.K. Chan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 16, 2000 6:46 AM To: [EMAIL PROTECTED] Subject: Re: EIGRP Network Design Solutions Book It's a great book, must read for CCIE level exam!!! SK Robert Padjen <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is a very good book, although I wish Ivan would > update it with more information regarding EIGRP. I > would (and have) recommended that no organization > consider implementing EIGRP without reviewing its > contents. > > --- Shane Stockman <[EMAIL PROTECTED]> wrote: > > Can anyone give some feedback as to whether this > > would be a good book to buy > > to futher my network design knowledge or could > > someone recommend a better > > book. > > > > EIGRP Network Design Solutions > > Author: Ivan Pepelnjak, CCIE SRP: $55.00 > > ISBN: 1578701651 Pages: 366 > > Pub Date: Oct 1999 Media: Web site > > > > Thanks > > > > > > > Get Your Private, Free E-mail from MSN Hotmail at > > http://www.hotmail.com > > > > ___ > > UPDATED Posting Guidelines: > > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > = > Robert Padjen > > __ > Do You Yahoo!? > Yahoo! Mail - Free email you can access from anywhere! > http://mail.yahoo.com/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
application-oriented network design [7:42933]
I'm reading Priscilla's "Top-Down Network Design". I recommend it as a complement to the Semester 7 BCMSN books. Is there a design strategy or methodology that I can use to diagram application layers into the logical topology? The application I have in mind is AVVID. Suppose the implementation was to take place in two phases: integration of data and IP telephony in phase I, adding video conferencing in phase II. Suppose also that the design included several VG200's and the MCS 7800 (either 7825-800 or 7835-1000), also a switching backbone consisting of 6509 switch with supervisor engine in module 1 and 48-port IP phone blades in modules 2, 3, etc. Phase I would use external 2600 routers; in phase II routing would be moved to the 6509, keeping one or more of the 2600's as backup. Is there a standard technique for incorporating AVVID applications such as this in the logical and/or physical network diagram? I'd especially like to find a template of the logical components and how they interact with each other. That might help explain how to select the hardware and software, and where to locate them in the logical and physical topologies. -- TIA, TT Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42933&t=42933 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
And what's really interesting, is that in the Cisco Internet Design book, it says to start at the Core layer and work downwards... Personally, I'm going with Priscilla! (It's a girl thing...) -- Leigh Anne > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Steve Watson > Sent: Friday, May 17, 2002 6:50 PM > To: [EMAIL PROTECTED] > Subject: Network Design... Hmmm [7:44417] > > > I am reading Priscilla's book "Top Down Network Design" for the second > time for a refresher and decided to hit the pool after I got home. On > the way out I looked on my book shelf and saw "Advanced IP Network > Design" that I haven't had a chance to look at yet. So I took it to the > pool with me. When lo and behold, what did I read on page 5, "The best > place to start when designing a network is at the bottom". > > > > Food for thought :-) > > > > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44419&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
Honestly speaking, it depends on what the chapter's topic is about. If it's about subnetting, then you work from the core down. If it's about summarization, then you work from the egde up. I guess it boils down to Murhpy's Law: Where you stand on an issue depends on where you sit. ;-) Elmer - Original Message - From: "Leigh Anne Chisholm" To: Sent: Friday, May 17, 2002 11:21 PM Subject: RE: Network Design... Hmmm [7:44417] > And what's really interesting, is that in the Cisco Internet Design book, it > says to start at the Core layer and work downwards... > > Personally, I'm going with Priscilla! (It's a girl thing...) > > > -- Leigh Anne > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Steve Watson > > Sent: Friday, May 17, 2002 6:50 PM > > To: [EMAIL PROTECTED] > > Subject: Network Design... Hmmm [7:44417] > > > > > > I am reading Priscilla's book "Top Down Network Design" for the second > > time for a refresher and decided to hit the pool after I got home. On > > the way out I looked on my book shelf and saw "Advanced IP Network > > Design" that I haven't had a chance to look at yet. So I took it to the > > pool with me. When lo and behold, what did I read on page 5, "The best > > place to start when designing a network is at the bottom". > > > > > > > > Food for thought :-) > > > > > > > > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44429&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
Is it worthwhile to re-examine the assumption that an individual should start at one end of the all-important "stack" and work their way to the other end? As far as the process itself goes (although, all too often there's not a lot of process or method associated with design, but I'm sure we're all at least implicitly aware of that), I'm not sure that the undertakings on behalf of one layer can be as precisely isolated from one another as the data structures themselves. If the strategy adopted is bottom-up (thereby emulating many career paths), I'm not sure that one can tackle layer one decisions without an understanding of they type & volume of traffic they will be forced to contend with. For those of you who acknowledge data connectivity layers > 7, the unreasonable expectations & contradictory demands of the financial backers would probably need to be addressed first. Anyway, I'm just wondering if there exist advantages to working out of order; I'm well aware that certain advantages exist to working IN order . . FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
At 08:49 PM 5/17/02, Steve Watson wrote: >I am reading Priscilla's book "Top Down Network Design" for the second >time for a refresher and decided to hit the pool after I got home. Thanks for reading Top-Down Network Design. I hope you had a nice swim and didn't drink too many beers at the pool. ;-) >On >the way out I looked on my book shelf and saw "Advanced IP Network >Design" that I haven't had a chance to look at yet. So I took it to the >pool with me. When lo and behold, what did I read on page 5, "The best >place to start when designing a network is at the bottom". Out of context, this is completely meaningless. What else does it say? > > >Food for thought :-) > > > >Steve Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44450&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
Network design is an iterative process. I agree with you that it's not entirely linear. Top-Down Network Design doesn't deal so much with stacks or layers as it does with the need to do a logical design before a physical design. Also, it makes the important point that the first steps must involve identifying the customer's needs and requirements. Sounds obvious, but that's the step that is often overlooked. A lot of engineers think of network design as a Lego project or connect-the-dots game. Many of the software packages that help one do design propagate that thinking. Identifying the customers needs and goals involves many business issues, as you mentioned, but it's also a very technical process. A good network design is based on analysis of existing and future network traffic flow, volume, characteristics, (broadcast, client/server, distributed, errors, windowing), etc. I don't want to rewrite the book in this setting, especially since it's Saturday and the sun is fading, but if we are going to discuss this on a serious level, I may write more later. Priscilla At 01:42 PM 5/18/02, Kevin Cullimore wrote: >Is it worthwhile to re-examine the assumption that an individual should >start at one end of the all-important "stack" and work their way to the >other end? > >As far as the process itself goes (although, all too often there's not a lot >of process or method associated with design, but I'm sure we're all at least >implicitly aware of that), I'm not sure that the undertakings on behalf of >one layer can be as precisely isolated from one another as the data >structures themselves. If the strategy adopted is bottom-up (thereby >emulating many career paths), I'm not sure that one can tackle layer one >decisions without an understanding of they type & volume of traffic they >will be forced to contend with. For those of you who acknowledge data >connectivity layers > 7, the unreasonable expectations & contradictory >demands of the financial backers would probably need to be addressed first. > >Anyway, I'm just wondering if there exist advantages to working out of >order; I'm well aware that certain advantages exist to working IN order . . >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44452&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
At 2:03 PM -0400 5/18/02, Priscilla Oppenheimer wrote: >At 08:49 PM 5/17/02, Steve Watson wrote: >>I am reading Priscilla's book "Top Down Network Design" for the second >>time for a refresher and decided to hit the pool after I got home. > >Thanks for reading Top-Down Network Design. I hope you had a nice swim and >didn't drink too many beers at the pool. ;-) Why not? Flow control is an important technical concept, and, in the real Internet operational world, there's as much BGP beering as peering. > >>On >>the way out I looked on my book shelf and saw "Advanced IP Network >>Design" that I haven't had a chance to look at yet. So I took it to the >>pool with me. When lo and behold, what did I read on page 5, "The best >>place to start when designing a network is at the bottom". > >Out of context, this is completely meaningless. What else does it say? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44453&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
This was not a comparison of network design methodologies, it was mean to be humorous (I totally agree with the top down process). The idea of "build a network and they will come" simply does not work! The context of the other book was that no network will function properly if Layer 1 is not designed correctly. BTW, how many is too many? :-) Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Priscilla Oppenheimer Sent: Saturday, May 18, 2002 2:04 PM To: [EMAIL PROTECTED] Subject: Re: Network Design... Hmmm [7:44417] At 08:49 PM 5/17/02, Steve Watson wrote: >I am reading Priscilla's book "Top Down Network Design" for the second >time for a refresher and decided to hit the pool after I got home. Thanks for reading Top-Down Network Design. I hope you had a nice swim and didn't drink too many beers at the pool. ;-) >On >the way out I looked on my book shelf and saw "Advanced IP Network >Design" that I haven't had a chance to look at yet. So I took it to the >pool with me. When lo and behold, what did I read on page 5, "The best >place to start when designing a network is at the bottom". Out of context, this is completely meaningless. What else does it say? > > >Food for thought :-) > > > >Steve Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44454&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
> BTW, how many is too many? :-) Don't know about that, but I heard that one's enough, two's too little ;-) Marko. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44458&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
""Steve Watson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This was not a comparison of network design methodologies, it was mean > to be humorous (I totally agree with the top down process). The idea of > "build a network and they will come" simply does not work! CL: au contraire, mon ami! I give you the small brokerage firm I used to work for. Filled with unsophisticated users. When I arrived there was no WAN and no LAN to speak of - the so called LAN was dictated by the quote service vendor. I put in a real LAN with e-mail. That took off like crazy. I put in a real WAN with the branches able to send e-mail to eachother, and that took off even crazier. I put in an internet connection, and sure there was the usual crap with people checking out the adult entertainment, but you know, I had guys who could prior to my arrival couldn't tun their computers on going out and finding some realy nice investment sites and services that helped them tremendously in their business. At the time of my leaving, the LAN./WAM was starting to show signs of stress. In the course of my cetification pursuit, I have learned all the things I did wrong. But I gotta say, you have to start someplace, and it remains true that if the facilities exist, the user community will find a lot of ways to use those facilities. > > The context of the other book was that no network will function properly > if Layer 1 is not designed correctly. > > BTW, how many is too many? :-) > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Saturday, May 18, 2002 2:04 PM > To: [EMAIL PROTECTED] > Subject: Re: Network Design... Hmmm [7:44417] > > At 08:49 PM 5/17/02, Steve Watson wrote: > >I am reading Priscilla's book "Top Down Network Design" for the second > >time for a refresher and decided to hit the pool after I got home. > > Thanks for reading Top-Down Network Design. I hope you had a nice swim > and > didn't drink too many beers at the pool. ;-) > > >On > >the way out I looked on my book shelf and saw "Advanced IP Network > >Design" that I haven't had a chance to look at yet. So I took it to the > >pool with me. When lo and behold, what did I read on page 5, "The best > >place to start when designing a network is at the bottom". > > Out of context, this is completely meaningless. What else does it say? > > > > > > >Food for thought :-) > > > > > > > >Steve > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44477&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
I was speaking in general terms. While it is conceivable to build a network without customer requirements and (to a degree) it will be functional, the network has no room for growth and more than likely will be hard to manage. The buzzwords scalability and efficiency come to mind. The best place to start (correction the ONLY place to start) is to define the customer's requirements (now and for the 18 - 24 months) so you design and implement a viable solution that has room to grow. I have done, in the past, what you have mentioned below and were met with the same frustration you were (inefficiency and network loading problems). That's why I tell my customers; don't tell me you need a T-1 (nowadays everybody wants a DS3) tell me what will ride this circuit and we will do an analysis of bandwidth to determine what is best... yada.. yada.. yada.. Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chuck Sent: Sunday, May 19, 2002 12:22 PM To: [EMAIL PROTECTED] Subject: Re: Network Design... Hmmm [7:44417] ""Steve Watson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This was not a comparison of network design methodologies, it was mean > to be humorous (I totally agree with the top down process). The idea of > "build a network and they will come" simply does not work! CL: au contraire, mon ami! I give you the small brokerage firm I used to work for. Filled with unsophisticated users. When I arrived there was no WAN and no LAN to speak of - the so called LAN was dictated by the quote service vendor. I put in a real LAN with e-mail. That took off like crazy. I put in a real WAN with the branches able to send e-mail to eachother, and that took off even crazier. I put in an internet connection, and sure there was the usual crap with people checking out the adult entertainment, but you know, I had guys who could prior to my arrival couldn't tun their computers on going out and finding some realy nice investment sites and services that helped them tremendously in their business. At the time of my leaving, the LAN./WAM was starting to show signs of stress. In the course of my cetification pursuit, I have learned all the things I did wrong. But I gotta say, you have to start someplace, and it remains true that if the facilities exist, the user community will find a lot of ways to use those facilities. > > The context of the other book was that no network will function properly > if Layer 1 is not designed correctly. > > BTW, how many is too many? :-) > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Saturday, May 18, 2002 2:04 PM > To: [EMAIL PROTECTED] > Subject: Re: Network Design... Hmmm [7:44417] > > At 08:49 PM 5/17/02, Steve Watson wrote: > >I am reading Priscilla's book "Top Down Network Design" for the second > >time for a refresher and decided to hit the pool after I got home. > > Thanks for reading Top-Down Network Design. I hope you had a nice swim > and > didn't drink too many beers at the pool. ;-) > > >On > >the way out I looked on my book shelf and saw "Advanced IP Network > >Design" that I haven't had a chance to look at yet. So I took it to the > >pool with me. When lo and behold, what did I read on page 5, "The best > >place to start when designing a network is at the bottom". > > Out of context, this is completely meaningless. What else does it say? > > > > > > >Food for thought :-) > > > > > > > >Steve > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44479&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
I'll defend the practice of analyzing humorous statements as a point of origin for inquiries potentially leading to insight until the end of time and beyond. One of the reasons that this is possible is precisely BECAUSE practices such as "build a network and they will come" occur whether or not they work, in turn somewhat contributing to the ecomonic viability of professions shared by some members of the group. - Original Message - From: "Steve Watson" To: Sent: Saturday, May 18, 2002 3:28 PM Subject: RE: Network Design... Hmmm [7:44417] > This was not a comparison of network design methodologies, it was mean > to be humorous (I totally agree with the top down process). The idea of > "build a network and they will come" simply does not work! > > The context of the other book was that no network will function properly > if Layer 1 is not designed correctly. > > BTW, how many is too many? :-) > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Saturday, May 18, 2002 2:04 PM > To: [EMAIL PROTECTED] > Subject: Re: Network Design... Hmmm [7:44417] > > At 08:49 PM 5/17/02, Steve Watson wrote: > >I am reading Priscilla's book "Top Down Network Design" for the second > >time for a refresher and decided to hit the pool after I got home. > > Thanks for reading Top-Down Network Design. I hope you had a nice swim > and > didn't drink too many beers at the pool. ;-) > > >On > >the way out I looked on my book shelf and saw "Advanced IP Network > >Design" that I haven't had a chance to look at yet. So I took it to the > >pool with me. When lo and behold, what did I read on page 5, "The best > >place to start when designing a network is at the bottom". > > Out of context, this is completely meaningless. What else does it say? > > > > > > >Food for thought :-) > > > > > > > >Steve > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44481&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
> Hey Chuck- don't forget your friendly TCP conversations. They too will find ways of using facilities (burst) you thought you had :o) Phil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chuck Sent: Sunday, May 19, 2002 12:22 PM To: [EMAIL PROTECTED] Subject: Re: Network Design... Hmmm [7:44417] ""Steve Watson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This was not a comparison of network design methodologies, it was mean > to be humorous (I totally agree with the top down process). The idea of > "build a network and they will come" simply does not work! CL: au contraire, mon ami! I give you the small brokerage firm I used to work for. Filled with unsophisticated users. When I arrived there was no WAN and no LAN to speak of - the so called LAN was dictated by the quote service vendor. I put in a real LAN with e-mail. That took off like crazy. I put in a real WAN with the branches able to send e-mail to eachother, and that took off even crazier. I put in an internet connection, and sure there was the usual crap with people checking out the adult entertainment, but you know, I had guys who could prior to my arrival couldn't tun their computers on going out and finding some realy nice investment sites and services that helped them tremendously in their business. At the time of my leaving, the LAN./WAM was starting to show signs of stress. In the course of my cetification pursuit, I have learned all the things I did wrong. But I gotta say, you have to start someplace, and it remains true that if the facilities exist, the user community will find a lot of ways to use those facilities. > > The context of the other book was that no network will function properly > if Layer 1 is not designed correctly. > > BTW, how many is too many? :-) > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Saturday, May 18, 2002 2:04 PM > To: [EMAIL PROTECTED] > Subject: Re: Network Design... Hmmm [7:44417] > > At 08:49 PM 5/17/02, Steve Watson wrote: > >I am reading Priscilla's book "Top Down Network Design" for the second > >time for a refresher and decided to hit the pool after I got home. > > Thanks for reading Top-Down Network Design. I hope you had a nice swim > and > didn't drink too many beers at the pool. ;-) > > >On > >the way out I looked on my book shelf and saw "Advanced IP Network > >Design" that I haven't had a chance to look at yet. So I took it to the > >pool with me. When lo and behold, what did I read on page 5, "The best > >place to start when designing a network is at the bottom". > > Out of context, this is completely meaningless. What else does it say? > > > > > > >Food for thought :-) > > > > > > > >Steve > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44482&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design... Hmmm [7:44417]
obviously you've never worked in a brokerage firm ;-> my point being that you can get away with a lot, up to a certain point. When that point is reached, you can throw hardware and/or bandwidth at the thing, and buy some more time. Maybe a lot of time. Or you start over, and do things right, from the start. I would suggest that there are special cases even in the most well designed and planned networks, where there are islands of chaos. I agree that there is nothing like having whomever tell you what the solution is, rather than tell you the problem. We need a T1. We need a P5 machine. We need more RAM. Whatever. Working for whom I work for these days, the answer is always "yes, sir. Sign right here" ;-> ""Steve Watson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I was speaking in general terms. While it is conceivable to build a > network without customer requirements and (to a degree) it will be > functional, the network has no room for growth and more than likely will > be hard to manage. The buzzwords scalability and efficiency come to > mind. > > The best place to start (correction the ONLY place to start) is to > define the customer's requirements (now and for the 18 - 24 months) so > you design and implement a viable solution that has room to grow. > > I have done, in the past, what you have mentioned below and were met > with the same frustration you were (inefficiency and network loading > problems). That's why I tell my customers; don't tell me you need a T-1 > (nowadays everybody wants a DS3) tell me what will ride this circuit and > we will do an analysis of bandwidth to determine what is best... yada.. > yada.. yada.. > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Chuck > Sent: Sunday, May 19, 2002 12:22 PM > To: [EMAIL PROTECTED] > Subject: Re: Network Design... Hmmm [7:44417] > > ""Steve Watson"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > This was not a comparison of network design methodologies, it was mean > > to be humorous (I totally agree with the top down process). The idea > of > > "build a network and they will come" simply does not work! > > > CL: au contraire, mon ami! I give you the small brokerage firm I used to > work for. Filled with unsophisticated users. When I arrived there was no > WAN > and no LAN to speak of - the so called LAN was dictated by the quote > service > vendor. > > I put in a real LAN with e-mail. That took off like crazy. > > I put in a real WAN with the branches able to send e-mail to eachother, > and > that took off even crazier. > > I put in an internet connection, and sure there was the usual crap with > people checking out the adult entertainment, but you know, I had guys > who > could prior to my arrival couldn't tun their computers on going out and > finding some realy nice investment sites and services that helped them > tremendously in their business. > > At the time of my leaving, the LAN./WAM was starting to show signs of > stress. In the course of my cetification pursuit, I have learned all the > things I did wrong. But I gotta say, you have to start someplace, and it > remains true that if the facilities exist, the user community will find > a > lot of ways to use those facilities. > > > > > > > > The context of the other book was that no network will function > properly > > if Layer 1 is not designed correctly. > > > > BTW, how many is too many? :-) > > > > Steve > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > Priscilla Oppenheimer > > Sent: Saturday, May 18, 2002 2:04 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Network Design... Hmmm [7:44417] > > > > At 08:49 PM 5/17/02, Steve Watson wrote: > > >I am reading Priscilla's book "Top Down Network Design" for the > second > > >time for a refresher and decided to hit the pool after I got home. > > > > Thanks for reading Top-Down Network Design. I hope you had a nice swim > > and > > didn't drink too many beers at the pool. ;-) > > > > >On > > >the way out I looked on my book shelf and saw "Advanced IP Network > > >Design" that I haven't had a chance to look at yet. So I took it to > the > > >pool with me. When lo and behold, what did I read on page 5, "The > best > > >place to start when designing a network is at the bottom". > > > > Out of context, this is completely meaningless. What else does it say? > > > > > > > > > > >Food for thought :-) > > > > > > > > > > > >Steve > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44486&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
I don't think Priscilla has to get into too many arguments with Retana, Slice and White (the Advanced IP Network Design authors). While it does claim that the best place to start is at the bottom: the physical layer, it then promptly ignores discussion of the physical layer (this is and IP network design book, after all, not a physical network design book) and states that "A well-designed topology is the basis for all stable networks" (and that bit's in bold). It gets into more specifics than TDND, and I reckon this book is a good complement. TDND for the general design principles that can be applied to any technologies, and AIND (hmm, doesn't have the same ring) for specific ideas on implementing OSPF, providing redundancy, etc etc. Any book that gives me specific quotable ammunition to use against the more peculiar theories of Dilbertian PHBs is a good book, in my opinion. But seriously, taking Cisco books to the pool?? Gawd, no wonder IT people have a reputation for social weirdness ;-) JMcL (no offence intended - and the thought of a pool is a bit chilling here as they're forecasting possible snow). - Forwarded by Jenny Mcleod/NSO/CSDA on 20/05/2002 09:34 am - "Leigh Anne Chisholm" Sent by: [EMAIL PROTECTED] 18/05/2002 01:21 pm Please respond to "Leigh Anne Chisholm" To: [EMAIL PROTECTED] cc: Subject:RE: Network Design... Hmmm [7:44417] Is this part of a business decision process?: And what's really interesting, is that in the Cisco Internet Design book, it says to start at the Core layer and work downwards... Personally, I'm going with Priscilla! (It's a girl thing...) -- Leigh Anne > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Steve Watson > Sent: Friday, May 17, 2002 6:50 PM > To: [EMAIL PROTECTED] > Subject: Network Design... Hmmm [7:44417] > > > I am reading Priscilla's book "Top Down Network Design" for the second > time for a refresher and decided to hit the pool after I got home. On > the way out I looked on my book shelf and saw "Advanced IP Network > Design" that I haven't had a chance to look at yet. So I took it to the > pool with me. When lo and behold, what did I read on page 5, "The best > place to start when designing a network is at the bottom". > > > > Food for thought :-) > > > > Steve Important: This e-mail is intended for the use of the addressee and may contain information that is confidential, commercially valuable or subject to legal or parliamentary privilege. If you are not the intended recipient you are notified that any review, re-transmission, disclosure, use or dissemination of this communication is strictly prohibited by several Commonwealth Acts of Parliament. If you have received this communication in error please notify the sender immediately and delete all copies of this transmission together with any attachments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44502&t=44417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design... Hmmm [7:44417]
Ah yes, the financial industry...I'm glad someone else can feel my pain. I've been consulting in this industry for the last five years and let me say that I'm not surprised by too much anymore. I actually had the pleasure of meeting the authors of the Advanced IP Network Design book when they were writing it. Our paths in life crossed because of a CAP case I had open with one of my previous clients (this is circa 1998). My knowledge if IP routing (EIGRP specifically) was greatly enhanced after a couple of days at the white board with them. Personally, I don't think you could do an "either-or" comparison between their book and the Top-Down Net. Design; it's more of an AND. If only my client had gained as much from the meeting as I did... We implemented the "short-term band-aids" to achieve stability but I couldn't get them to address the root cause of their problem - a bad network design...but I digress. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chuck Sent: Sunday, May 19, 2002 3:01 PM To: [EMAIL PROTECTED] Subject: Re: Network Design... Hmmm [7:44417] obviously you've never worked in a brokerage firm ;-> my point being that you can get away with a lot, up to a certain point. When that point is reached, you can throw hardware and/or bandwidth at the thing, and buy some more time. Maybe a lot of time. Or you start over, and do things right, from the start. I would suggest that there are special cases even in the most well designed and planned networks, where there are islands of chaos. I agree that there is nothing like having whomever tell you what the solution is, rather than tell you the problem. We need a T1. We need a P5 machine. We need more RAM. Whatever. Working for whom I work for these days, the answer is always "yes, sir. Sign right here" ;-> ""Steve Watson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I was speaking in general terms. While it is conceivable to build a > network without customer requirements and (to a degree) it will be > functional, the network has no room for growth and more than likely will > be hard to manage. The buzzwords scalability and efficiency come to > mind. > > The best place to start (correction the ONLY place to start) is to > define the customer's requirements (now and for the 18 - 24 months) so > you design and implement a viable solution that has room to grow. > > I have done, in the past, what you have mentioned below and were met > with the same frustration you were (inefficiency and network loading > problems). That's why I tell my customers; don't tell me you need a T-1 > (nowadays everybody wants a DS3) tell me what will ride this circuit and > we will do an analysis of bandwidth to determine what is best... yada.. > yada.. yada.. > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Chuck > Sent: Sunday, May 19, 2002 12:22 PM > To: [EMAIL PROTECTED] > Subject: Re: Network Design... Hmmm [7:44417] > > ""Steve Watson"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > This was not a comparison of network design methodologies, it was mean > > to be humorous (I totally agree with the top down process). The idea > of > > "build a network and they will come" simply does not work! > > > CL: au contraire, mon ami! I give you the small brokerage firm I used to > work for. Filled with unsophisticated users. When I arrived there was no > WAN > and no LAN to speak of - the so called LAN was dictated by the quote > service > vendor. > > I put in a real LAN with e-mail. That took off like crazy. > > I put in a real WAN with the branches able to send e-mail to eachother, > and > that took off even crazier. > > I put in an internet connection, and sure there was the usual crap with > people checking out the adult entertainment, but you know, I had guys > who > could prior to my arrival couldn't tun their computers on going out and > finding some realy nice investment sites and services that helped them > tremendously in their business. > > At the time of my leaving, the LAN./WAM was starting to show signs of > stress. In the course of my cetification pursuit, I have learned all the > things I did wrong. But I gotta say, you have to start someplace, and it > remains true that if the facilities exist, the user community will find > a > lot of ways to use those facilities. > > > > > > > > The context of the other book was that no network will function > properly > > if Layer 1 is not designed correctly. > > > > BTW, how many is to
Re: EIGRP network design [7:21019]
Patrick, I don't think you will have a choice of passing EIGRP through a firewall because I don't think you can do it. An eigrp packet uses multicast addressing and has no layer 3 address. I would think that a firewall would not pass this traffic. >From: "Patrick Donlon" >Reply-To: "Patrick Donlon" >To: [EMAIL PROTECTED] >Subject: EIGRP network design [7:21019] >Date: Tue, 25 Sep 2001 12:52:28 -0400 > >Hi everyone > >I've got a project where I have to design and implement EIGRP in a small to >medium sized network of about 50 to 70 routers. One of my main problems is >what to do with routing updates at the firewalls at each site, should they >be allowed to pass through the firewall or should statics be used either >side of the firewalls. Another problem I can see is the routes on the >firewalls, is there a way to avoid having to type all those route entries >in >them, the network has many discontiguous networks. And one last point is >the >redistribution to the BGP routers at the edge of the network I'm after some >tips, experiences and URLs so I can read around the subject myself > >Regards Pat _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21052&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
Patric, Jeff is right, I do not think that you can pass EIGRP packets though firewall. My suggestion is create a vpn tunnel and put in some static routes. Alex Jeff Smith wrote: > Patrick, > I don't think you will have a choice of passing EIGRP through a firewall > because I don't think you can do it. An eigrp packet uses multicast > addressing and has no layer 3 address. I would think that a firewall would > not pass this traffic. > > >From: "Patrick Donlon" > >Reply-To: "Patrick Donlon" > >To: [EMAIL PROTECTED] > >Subject: EIGRP network design [7:21019] > >Date: Tue, 25 Sep 2001 12:52:28 -0400 > > > >Hi everyone > > > >I've got a project where I have to design and implement EIGRP in a small to > >medium sized network of about 50 to 70 routers. One of my main problems is > >what to do with routing updates at the firewalls at each site, should they > >be allowed to pass through the firewall or should statics be used either > >side of the firewalls. Another problem I can see is the routes on the > >firewalls, is there a way to avoid having to type all those route entries > >in > >them, the network has many discontiguous networks. And one last point is > >the > >redistribution to the BGP routers at the edge of the network I'm after some > >tips, experiences and URLs so I can read around the subject myself > > > >Regards Pat > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21071&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
What kind of firewalls? Pix? If so, try RIP v2 with redistribution into your routers. As for discontiguous networks, there are many ways around that, with a different cost associated of course. At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: >Hi everyone > >I've got a project where I have to design and implement EIGRP in a small to >medium sized network of about 50 to 70 routers. One of my main problems is >what to do with routing updates at the firewalls at each site, should they >be allowed to pass through the firewall or should statics be used either >side of the firewalls. Another problem I can see is the routes on the >firewalls, is there a way to avoid having to type all those route entries in >them, the network has many discontiguous networks. And one last point is the >redistribution to the BGP routers at the edge of the network I'm after some >tips, experiences and URLs so I can read around the subject myself > >Regards Pat -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21096&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
Yes the firewalls are all PIX. For the PIX can I set up the PIX to receive RIP routes redistributed from the EIGRP routers? If so this will save a lot of admin work, but will this be a security risk, ie. someone being able to inject routes into the PIX? regards ""Carroll Kong"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > What kind of firewalls? Pix? If so, try RIP v2 with redistribution into > your routers. As for discontiguous networks, there are many ways around > that, with a different cost associated of course. > > At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: > >Hi everyone > > > >I've got a project where I have to design and implement EIGRP in a small to > >medium sized network of about 50 to 70 routers. One of my main problems is > >what to do with routing updates at the firewalls at each site, should they > >be allowed to pass through the firewall or should statics be used either > >side of the firewalls. Another problem I can see is the routes on the > >firewalls, is there a way to avoid having to type all those route entries in > >them, the network has many discontiguous networks. And one last point is the > >redistribution to the BGP routers at the edge of the network I'm after some > >tips, experiences and URLs so I can read around the subject myself > > > >Regards Pat > -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21114&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
RIPv1 sends to 255.255.255.255. RIPv2 sends to 224.0.0.9. They both use UDP port 520. Both the source and dest ports are 520. Are you sure static routes wouldn't be the best bet, though? I haven't followed the entire discussion, so if that's off the wall, just ignore it. Priscilla At 09:09 AM 9/26/01, Carroll Kong wrote: >Hm. If you are that worried about internal security, you should probably >make an ACL that allows only the redistributing router's ip, deny all other >udp port 520 reqs (for ripv1, or multicast 224.0.0.5? re-check what it >uses). Also, you might need to write some no nat rules to avoid nat. That >might be more work than statics. > >Yes, IPs are spoofable, and so are MAC addresses. If your internal >security helps avoid this (easy to do), then an ACL for Rip updates should >be fairly secure. > >At 04:41 AM 9/26/01 -0400, Patrick Donlon wrote: > >Yes the firewalls are all PIX. For the PIX can I set up the PIX to receive > >RIP routes redistributed from the EIGRP routers? If so this will save a lot > >of admin work, but will this be a security risk, ie. someone being able to > >inject routes into the PIX? > > > >regards > > > >""Carroll Kong"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > What kind of firewalls? Pix? If so, try RIP v2 with redistribution into > > > your routers. As for discontiguous networks, there are many ways around > > > that, with a different cost associated of course. > > > > > > At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: > > > >Hi everyone > > > > > > > >I've got a project where I have to design and implement EIGRP in a small > >to > > > >medium sized network of about 50 to 70 routers. One of my main problems > >is > > > >what to do with routing updates at the firewalls at each site, should > >they > > > >be allowed to pass through the firewall or should statics be used either > > > >side of the firewalls. Another problem I can see is the routes on the > > > >firewalls, is there a way to avoid having to type all those route >entries > >in > > > >them, the network has many discontiguous networks. And one last point is > >the > > > >redistribution to the BGP routers at the edge of the network I'm after > >some > > > >tips, experiences and URLs so I can read around the subject myself > > > > > > > >Regards Pat > > > -Carroll Kong >-Carroll Kong Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21180&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP network design [7:21019]
my question was the design itself - why are there firewalls at all these branches if this is an internal network? firewalls generally would be placed at network edges? Is this a VPN solution? otherwise, if this is an issue of placing security zones throughout a corporate network, I would make each zone self contained, with static routes into the other zones. I'm not so sure I would want to be running routing protocols through a firewall, if for no other reason than that the routing updates could be sniffed, and would reveal more that should be revealed about network structure. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Wednesday, September 26, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Re: EIGRP network design [7:21019] RIPv1 sends to 255.255.255.255. RIPv2 sends to 224.0.0.9. They both use UDP port 520. Both the source and dest ports are 520. Are you sure static routes wouldn't be the best bet, though? I haven't followed the entire discussion, so if that's off the wall, just ignore it. Priscilla At 09:09 AM 9/26/01, Carroll Kong wrote: >Hm. If you are that worried about internal security, you should probably >make an ACL that allows only the redistributing router's ip, deny all other >udp port 520 reqs (for ripv1, or multicast 224.0.0.5? re-check what it >uses). Also, you might need to write some no nat rules to avoid nat. That >might be more work than statics. > >Yes, IPs are spoofable, and so are MAC addresses. If your internal >security helps avoid this (easy to do), then an ACL for Rip updates should >be fairly secure. > >At 04:41 AM 9/26/01 -0400, Patrick Donlon wrote: > >Yes the firewalls are all PIX. For the PIX can I set up the PIX to receive > >RIP routes redistributed from the EIGRP routers? If so this will save a lot > >of admin work, but will this be a security risk, ie. someone being able to > >inject routes into the PIX? > > > >regards > > > >""Carroll Kong"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > What kind of firewalls? Pix? If so, try RIP v2 with redistribution into > > > your routers. As for discontiguous networks, there are many ways around > > > that, with a different cost associated of course. > > > > > > At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: > > > >Hi everyone > > > > > > > >I've got a project where I have to design and implement EIGRP in a small > >to > > > >medium sized network of about 50 to 70 routers. One of my main problems > >is > > > >what to do with routing updates at the firewalls at each site, should > >they > > > >be allowed to pass through the firewall or should statics be used either > > > >side of the firewalls. Another problem I can see is the routes on the > > > >firewalls, is there a way to avoid having to type all those route >entries > >in > > > >them, the network has many discontiguous networks. And one last point is > >the > > > >redistribution to the BGP routers at the edge of the network I'm after > >some > > > >tips, experiences and URLs so I can read around the subject myself > > > > > > > >Regards Pat > > > -Carroll Kong >-Carroll Kong Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21261&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
The firewalls are for the internet and the intranet. At the moment I thinking of using statics on the outside of internet firewall and possible using RIPv2 for the inside. For the intranet I'm considering using RIP on both sides, but statics haven't been ruled out for either firewall regards ""Chuck Larrieu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > my question was the design itself - why are there firewalls at all these > branches if this is an internal network? firewalls generally would be placed > at network edges? Is this a VPN solution? > > otherwise, if this is an issue of placing security zones throughout a > corporate network, I would make each zone self contained, with static routes > into the other zones. I'm not so sure I would want to be running routing > protocols through a firewall, if for no other reason than that the routing > updates could be sniffed, and would reveal more that should be revealed > about network structure. > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Priscilla Oppenheimer > Sent: Wednesday, September 26, 2001 10:08 AM > To: [EMAIL PROTECTED] > Subject: Re: EIGRP network design [7:21019] > > > RIPv1 sends to 255.255.255.255. RIPv2 sends to 224.0.0.9. They both use UDP > port 520. Both the source and dest ports are 520. > > Are you sure static routes wouldn't be the best bet, though? I haven't > followed the entire discussion, so if that's off the wall, just ignore it. > > Priscilla > > > At 09:09 AM 9/26/01, Carroll Kong wrote: > >Hm. If you are that worried about internal security, you should probably > >make an ACL that allows only the redistributing router's ip, deny all other > >udp port 520 reqs (for ripv1, or multicast 224.0.0.5? re-check what it > >uses). Also, you might need to write some no nat rules to avoid nat. That > >might be more work than statics. > > > >Yes, IPs are spoofable, and so are MAC addresses. If your internal > >security helps avoid this (easy to do), then an ACL for Rip updates should > >be fairly secure. > > > >At 04:41 AM 9/26/01 -0400, Patrick Donlon wrote: > > >Yes the firewalls are all PIX. For the PIX can I set up the PIX to > receive > > >RIP routes redistributed from the EIGRP routers? If so this will save a > lot > > >of admin work, but will this be a security risk, ie. someone being able > to > > >inject routes into the PIX? > > > > > >regards > > > > > >""Carroll Kong"" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > What kind of firewalls? Pix? If so, try RIP v2 with redistribution > into > > > > your routers. As for discontiguous networks, there are many ways > around > > > > that, with a different cost associated of course. > > > > > > > > At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: > > > > >Hi everyone > > > > > > > > > >I've got a project where I have to design and implement EIGRP in a > small > > >to > > > > >medium sized network of about 50 to 70 routers. One of my main > problems > > >is > > > > >what to do with routing updates at the firewalls at each site, should > > >they > > > > >be allowed to pass through the firewall or should statics be used > either > > > > >side of the firewalls. Another problem I can see is the routes on the > > > > >firewalls, is there a way to avoid having to type all those route > >entries > > >in > > > > >them, the network has many discontiguous networks. And one last point > is > > >the > > > > >redistribution to the BGP routers at the edge of the network I'm > after > > >some > > > > >tips, experiences and URLs so I can read around the subject myself > > > > > > > > > >Regards Pat > > > > -Carroll Kong > >-Carroll Kong > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21269&t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DWDM network design [7:55717]
""Mike Bernico"" wrote in message: > Does anyone in here have any experience with large scale DWDM design? > If so would you be willing to chat with me about using "metro DWDM" > equipment vs long haul equipment in a regional (8 runs that can be > arranged into one or two rings, each run at 100Km) DWDM network > with OC-192? >From a strictly Cisco perspective, the ONS 15808 is the LH platform of choice, while "metro DWDM" is typically done today with ONS 15252. The metro DWDM is changing rapidly (I believe Cisco already has started the EOL process on the 252) to the ONS 15530/15540. However, in the long run - they will likely combine these services on the ONS 15454 for Edge and IOF and replace the entire Metro Hub (inside plant, gateway, central office) with the ONS 15600. If you are building MAN and LH networks now, consider keeping the necessary LH with the big DWDM LH boxes (e.g. ONS 15808), and start aggregating your Metro ADM's and W-DCS's into fully redundant, integrated ADM+O/W-DCS solutions (e.g. 15600). Keep the metro edge with strong, long lasting, long lifetime equipment (you don't want to replace CPE ADM's ever, if possible) with a vendor you know is going to be around a long, long time (e.g. Cisco ONS 15454). 10-Gig is also going to be huge in the metro, and available on cheaper, more efficient solutions today (e.g. ONS 15540, 7600) and even more in the future (e.g. ONS 15454, ONS 15600, 7600 SUP3/PFC3), with even higher densities. Today, your only options Cisco-wise for OC-192 are the ONS 15800 and the 12400 series (and in some scenarios, the ONS 15454 and the ONS 15600). It sounds like you can do whatever you want with your fiber, so why use OC-192 completely, instead of at the very least augmenting your OC-192 investments with 10-Gig? It sounds like you need both metro DWDM and OA with the protection of an ADM, so that would be the ONS 15454. If you need a large hub, consider looking at the ONS 15600. More details on Cisco's Optical strategy are here, in the seminar "Cisco ONS 15600 Multiservice Switching Platform": http://www.cisco.com/go/semreg/fallsplaunch Anyone have any comments on these two articles? http://www.lightreading.com/document.asp?doc_id=21795 http://www.lightreading.com/document.asp?doc_id=22374 -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55742&t=55717 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
Can you post the config of the router? Does the Ethernet interface have sub-interfaces? One for each subnet? The answer is probably in the configuration of the interface on the router. What IP and Subnet mask does it have? Could be that the subnet mask of the router Ethernet is 255.255.240.0 or something less than a /24, therefore the router Ethernet network contains both 192.168.0.0/24 and 192.168.2.0/24. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49537&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
No subinterfaces are used. Here's the Cisco 2514 config: Router#show startup-config Using 940 out of 32762 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router ip subnet-zero ! interface Ethernet0 description outside ip address xxx.xxx.xxx.90 255.255.255.128 ip nat outside no cdp enable ! interface Ethernet1 description inside ip address 192.168.0.1 255.255.255.0 ip nat inside no cdp enable ! interface Serial0 no ip address shutdown ! ! no ip address shutdown ! ip nat pool test xxx.xxx.xxx.90 xxx.xxx.xxx.90 netmask 255.255.255.128 ip nat inside source list 1 pool test overload ip classless ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.1 ip route 192.168.2.0 255.255.255.0 192.168.0.100 no ip http server ! access-list 1 permit 192.168.0.0 0.0.0.255 access-list 1 permit 192.168.2.0 0.0.0.255 ! ! line con 0 line aux 0 line vty 0 4 ! end Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49540&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
192.168.0.100 is what is doing the real routing then for 192.168.2.0/24. If you follow the path, from a 192.168.0.20 machine to 192.168.2.20 say, it goes from 192.168.0.20, to the default gateway, 192.168.0.1 which checks the route table and sends it to 192.168.0.100 (which is on the same network as E0 so you're right about routers routing between networks.), then 192.168.0.100 must know where 192.168.2.0/24 is. All the router is doing is routing 192.168.2.0/24 traffic to the Linux box first. Its not that the router knows where 192.168.2.0/24 is, its just sayin 192.168.0.100 knows so go there first. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49543&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
Yes, I have installed a few. It is called a 'one-arm router' or 'router on a stick'. Cisco has some doc's on it, but I would doubt that the hub is a hub. One-arm routers make use of vlans assigned to sub-interfaces. Although I am sure by just assigning the sub-intf the proper segment and the route statement, you could use a hub. Haven't tried that one yet, but I will. It is not a widely know configuration anymore. It was a cheap way to install a router when interface were very expensive. ~Michael -Original Message- From: Frank H [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 24, 2002 11:26 AM To: [EMAIL PROTECTED] Subject: Proper network design? [7:49536] Proper network design? I have a few questions for the group that maybe someone can answer. From my studies when I got CCNA certified, I understood that different networks were ALWAYS separated by a router. At my company we have this equipment that was purchased several months ago that acts as a digital cellular network. It was set up and was able to operate, but only in a limited way. Basically, this is the setup - the digital cellular network was on the 192.168.2.0 subnet (subnet mask 255.255.255.0). The company development LAN was on the 192.168.0.0 subnet (subnet mask 255.255.255.0). The two small networks (less than 10 hosts in each subnet) were all tied together at a 24 port hub. The gateway to the Internet was through a Linux box. The digital cellular network was basically a box (with IP address 192.168.0.100) that passed packets to network 192.168.2.0 through a low power transmitter to the cellular hosts in the 192.168.2.0 subnet. With this setup, only one desktop host on the 192.168.0.0 network could communicate to the 192.168.2.0 cellular network (desktop host 192.168.0.20). The problem of only one desktop host in the 192.168.0.0 network being able to communicate with the 192.168.2.0 network was solved by replacing the Linux box with a Cisco 2514 router (with two ethernet interfaces). The configuration for the router was exactly the same as the Linux box except for one small addition. The following line was added as a static route: ip route 192.168.2.0 255.255.255.0 192.168.0.100 Now let me ask you, have you ever seen a router that gets a packet on one interface pass it right back out the SAME interface back to another host on that same network? Our setup basically ties two DIFFERENT class C subnets together through a hub and the Cisco router makes it all work perfectly. This doesn't sound like standard network design as I've seen it described in any text so far. I'll describe it a little more for clarity. If i'm on a desktop PC (IP address 192.168.0.20) and ping IP address 192.168.2.2, windows will send that packet to the default gateway (configured as 192.168.0.1 in windows network applet - which is the Cisco router) since it lies in a different network (since the subnet mask is 255.255.255.0). The Cisco router receives this packet destined for the 192.168.2.0 network and since it matches it with the above static route, sends it back out the same interface it came in on, back to another host (192.168.0.100 - the cellular transmitter box) out to the cellular host (192.168.2.2). This is the way the cellular network equipment manufacturer intended it to work. The setup works, but it sounds really weird and nonstandard. Has anyone else encountered such a setup or something similar before? Is this a kind of network design that is done often? Doesn't a router normally always route packets from one interface to another? Thanks in advance for your responses. Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49546&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
If I read this correctly ... (always a big assumption :) ) This may also arise when a network outgrows an initial IP range, and rather than redesign/re-address every host they just hemorrhage another block ... Or, the .100 box could be hosting a DMZ ? Or, for some reason, it was decided that one block was going to have 'more access' than another, so the 2.x subnet was thrown behind another router as a choke point? Thanks! TJ -Original Message- From: Frank H [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 24, 2002 12:52 PM To: [EMAIL PROTECTED] Subject: RE: Proper network design? [7:49536] No subinterfaces are used. Here's the Cisco 2514 config: Router#show startup-config Using 940 out of 32762 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router ip subnet-zero ! interface Ethernet0 description outside ip address xxx.xxx.xxx.90 255.255.255.128 ip nat outside no cdp enable ! interface Ethernet1 description inside ip address 192.168.0.1 255.255.255.0 ip nat inside no cdp enable ! interface Serial0 no ip address shutdown ! ! no ip address shutdown ! ip nat pool test xxx.xxx.xxx.90 xxx.xxx.xxx.90 netmask 255.255.255.128 ip nat inside source list 1 pool test overload ip classless ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.1 ip route 192.168.2.0 255.255.255.0 192.168.0.100 no ip http server ! access-list 1 permit 192.168.0.0 0.0.0.255 access-list 1 permit 192.168.2.0 0.0.0.255 ! ! line con 0 line aux 0 line vty 0 4 ! end * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49557&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
Now I understand. I read a few articles on the Cisco site after searching for the term "router on a stick" and found a good explanation. Thanks for your help. Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49558&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proper network design? [7:49536]
I thought you said that this was a 2514. Don't they just have 10Mb Ethernet ports? Can you have sub-interfaces on a 10Mb port? Are you sure you are not using both ports on the 2514? - Original Message - From: "Frank H" To: Sent: Wednesday, July 24, 2002 2:55 PM Subject: RE: Proper network design? [7:49536] > Now I understand. I read a few articles on the Cisco site after searching > for the term "router on a stick" and found a good explanation. Thanks for > your help. > > Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49566&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proper network design? [7:49536]
Yes, I am using a 2514. It does have 2 10BaseT interfaces (through AUI adapters). I am not using subinterfaces. Both ports are used - one port goes to the Internet (for hosts that require Internet access) and the other connects directly to the 24 port hub which resides within the internal LAN. This internal LAN (network 192.168.0.0/24) can also communicate with network 192.168.2.0/24 (also connected on the hub) because the 2514 routes 192.168.2.0/24 traffic back to a cellular network host controller (192.168.0.100/24). The 2514 is acting as a regular router for Internet traffic and a "router on a stick" for 192.168.2.0/24 traffic. It was strange for me at first, but now I get the picture. Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49569&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proper network design? [7:49536]
I assume you are using primary and secondary IP address on this one ethernet interface (which is creating the "router on a stick" effect)? Rob Frank H wrote: > > Yes, I am using a 2514. It does have 2 10BaseT interfaces > (through AUI adapters). I am not using subinterfaces. Both > ports are used - one port goes to the Internet (for hosts that > require Internet access) and the other connects directly to the > 24 port hub which resides within the internal LAN. This > internal LAN (network 192.168.0.0/24) can also communicate with > network 192.168.2.0/24 (also connected on the hub) because the > 2514 routes 192.168.2.0/24 traffic back to a cellular network > host controller (192.168.0.100/24). The 2514 is acting as a > regular router for Internet traffic and a "router on a stick" > for 192.168.2.0/24 traffic. It was strange for me at first, but > now I get the picture. > > Frank > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49576&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proper network design? [7:49536]
No, just one IP address on each interface. Check my earlier post for the full configuration. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49578&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proper network design? [7:49536]
The "router on a stick" effect comes from this: ip route 192.168.2.0 255.255.255.0 192.168.0.100 All traffic destined to any network not on 192.168.0.0 goes to the gateway (192.168.0.1) on interface ethernet 1. The router then re-routes 192.168.2.0 traffic back on the 192.168.0.0 network to 192.168.0.100 (the "router on a stick" effect). Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49579&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proper network design? [7:49536]
This is not the classcial router on a stick model. That model is for routing between VLANs on a router with 1 interface using trunking. All this router is doing is taking packets from its eth1 interface, comparing them to its routing table and forwarding out the same eth1 interface for the gateway which is designated for the 192.168.2.0 network. This is totally legitmate and no secondary or subinterfaces are needed. ""Frank H"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The "router on a stick" effect comes from this: > > ip route 192.168.2.0 255.255.255.0 192.168.0.100 > > All traffic destined to any network not on 192.168.0.0 goes to the gateway > (192.168.0.1) on interface ethernet 1. The router then re-routes 192.168.2.0 > traffic back on the 192.168.0.0 network to 192.168.0.100 (the "router on a > stick" effect). Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49580&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
I was under the assumption that a router on a stick was a router that was performing routing using one interface and virtually trunking 2 or more subnets with interface vlans set up on the router. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 24, 2002 2:32 PM To: [EMAIL PROTECTED] Subject: Re: Proper network design? [7:49536] No, just one IP address on each interface. Check my earlier post for the full configuration. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49581&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Proper network design? [7:49536]
I understand this configuration, but question how the 192.168.2.2 machine knows how to get back to the 192.168.0.20. I don't question that it will work, but if it is not a router interface with 2 addresses from each segment defined, then what default gateway does the 192.168.2.2 machine use? If this configuration is as you stated, and the static route is in place, then there must also be a route defined in the machine on the 192.168.2.2 that routes off it's subnet to the 192.168.0.1 interface of the router. In other words, your 192.168.2.2 machine also has a static route (default route) defined on it to know how to get to the other segment (ie, forwarded to the 192.168.0.1 router interface). Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49584&t=49536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]