Scribd
Upload
65 views

Chapter1 - Architecture

The document discusses the architecture of Cisco CCNP & CCIE Enterprise Core certification. It covers enterprise network design principles including tiered designs, high availability techniques, cloud vs on-premise infrastructure, and SD-WAN and SD-Access solutions. It also discusses quality of service components like classification, marking, policing, shaping, queuing and scheduling.

Uploaded by

poster RM
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
65 views

Chapter1 - Architecture

The document discusses the architecture of Cisco CCNP & CCIE Enterprise Core certification. It covers enterprise network design principles including tiered designs, high availability techniques, cloud vs on-premise infrastructure, and SD-WAN and SD-Access solutions. It also discusses quality of service components like classification, marking, policing, shaping, queuing and scheduling.

Uploaded by

poster RM
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

CHAPTER 1
ARCHITECTURE

1
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- CHAPTER1: ARCHITECTURE
- Chapter’s Agenda:
1.1 Explain the different design principles used in an enterprise network
1.1.1 Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
1.1.2 High availability techniques such as redundancy, FHRP, and SSO

1.2 Differentiate between on-premises and cloud infrastructure deployments

1.3 Explain the working principles of the Cisco SD-WAN solution


1.3.1 SD-WAN control and data planes elements
1.3.2 Traditional WAN and SD-WAN solutions

1.4 Explain the working principles of the Cisco SD-Access solution


1.4.1 SD-Access control and data planes elements
1.4.2 Traditional campus interoperating with SD-Access

1.5 Describe concepts of QoS


1.5.1 QoS components
1.5.2 QoS policy

1.6 Differentiate hardware and software switching mechanisms


1.6.1 Process and CEF
1.6.2 MAC address table and TCAM
1.6.3 FIB vs. RIB

2
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.1 Enterprise Networks Design Principles

1.1.1 Tier 2, Tier 3, and Fabric Capacity planning


- Simplify Scaling
- Simplify Troubleshooting
- Depends on your networks size, and future growing

- Tier 2 will be for Small/Mid networks


- One building network
- only 2 Tiers (Access and Aggregation)
- Access:
- The first layer facies/authenticates
endpoint devices
- Connects the endpoints to their gateways (aggregation)
- Aggregation:
- Aggregates/Communicates all the access layers
- Runs both Layer2 and Layer3 Techs. and Protocols
- Run in pair-devices mode (SSO)

3
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Tier 3 for Mid/Large Enterprises


- Multiple Buildings
- More East-West traffic
- Future scaling (Horizontally)
- 3 Tiers (Access, Distribution, and CORE)
- Core:
- Aggregate multiple networks
- High speed/convergence
- Runs in pair-devices mode
- Runs at Layer 3
- Connects to the WAN/Internet
- Connects to servers and other Data Centers

*Fabric Capacity Planning

4
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.1.2 High Availability


- First Hop Redundancy Protocols
- HSRP, VRRP, and GLBP
- Runs at the Distribution layer
- Provides a GW for endpoints
- Needed when the Access layer is using a Layer2 techs!

Hot-Standby Redundancy Protocol Virtual-Router Redundancy Protocol Gateway Load-Balancing Protocol

- Cisco Only - Open Standard - Cisco Only


- 2 Gateways - 2 Gateways - 4 Gateways
- No Load-Balancing - No Load-Balancing - Load-Balancing

5
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Stateful Switchover (SSO)


- Switches with more than 1 CPU
- when 1 CPU fails, the other continuous (stateful)
- best at Distribution layer

- Virtual Switching System (VSS)


- A clustering technique
- Combines multiple switches
- Act as one switch
- At the distribution layer
- No FHRP will be needed then
- You may also hear “Stackwise”

6
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.2 On-Premise vs Cloud Infrastructure Deployments

- What is the difference? And which one is the Classic known network?

- On-Premise: everything is in the office, Company, Data Center

- Cloud-Based: everything is at the Cloud Company (No Headache)

7
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.3 Software-Defined - Wide Area Networks

- What is SDN?
- where you have a “software” that runs your network
- so, through a “software” you be able to run and administrate
An entire network, with its different types of devices
- that will need either a “Controller”!!!
Or, a built-in scripting (Cisco TCL, or Python)
- SD-WAN is applying SDN to your WAN part of the network!
- the part that connects multiple networks through the Internet
- you will administer the WAN by a software
- also contains multiple layers to achieve this approach
- Application
- Controller
- Infrastructure

8
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.3.1 SD-WAN Planes


- Generally, the SD-WAN solution consists of 4 planes (orchestration,
management, control, and data plane)
- The control plane:
- builds/maintains the network topology
- makes decisions on where traffic flows

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2018/pdf/BRKCRS-2112.pdf
9
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- The data plane:


- responsible for forwarding packets
- based on decisions from the control plane

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2018/pdf/BRKCRS-2112.pdf

10
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.3.2 Traditional WAN and SD-WAN solutions


Traditional WAN SD-WAN

- Each network device has its - Centralized Management


own control plane

- Through a “software” you be able to


- Configuring, modifying, upgrading, run and administrate an entire network
and Monitoring is done “Box-by-Box”

- Automation is easy (API)


- Automation is more difficult

- New devices automatically finds an


- New Installation requires initial configuration (ZTP)
“from scratch” efforts

11
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.4 Software-Defined Access

- So, SDN, SD-WAN, and now SD-Access!!


- is it really that much of different technologies!
- SD-Access is simply:
- applying SDN solution to your access network
- when SDN controls and automates a simple campus network
- And thus, there will be a controller (ex: Cisco DNA Center, Cisco APIC-EM)

12
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- SDN Implementation and Effect upon planes:


- Imperative Approach
- the control plane logic resides completely in the controller
- the controller has a complete control over programing the
forwarding decisions of the networking devices
- devices then will ask the controllers before any forwarding
or routing action

- Declarative Approach
- the control plane resides within the network device (just like before)
- the controller will declare the requirements of the all the
Forwarding/routing decisions to the networking devices
- the network devices will then decide how to translate the
Controller instructions into actions

13
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- How will the Access look like

http://cisco.com/c/en/us/td/docs/solutions/CVD/Campus/sda-sdg-2019oct.pdf
14
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.5 Quality of Service (QoS)

- if traffic was more than bandwidth!


- if congestion WILL happen,
can some traffic be more preferred than another!?
- Generally, UDP will be preferred over TCP (TCP will automatically do
A retransmission)
- QoS Tools that will do the specific desired “Preferring”:
(Classification & Marking, Policing, Shaping, Queuing,
and Scheduling)

15
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.5.1 QoS Components


- Classification & Marking
- for the Ingress traffic/interface
- Classification first, please classify this type of traffic, like: “UDP=High,
Mail=Low”
- Then, Marking, “Marks” the classified traffics to identify them
uniquely in the network

*Classification usually happens by matching port numbers


- if further recognizing is needed
- Network-Based Application Recognition (NBAR)
- recognized, identifies, and classifies a traffic
- based on multiple variety of things
- Word, Phrase, URL!!

16
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Policing & Shaping


- The Provider – Client Relation
- Policing:
- From the Provider side
- Drop the exceeding ingress (Coming) traffic
- or mark-down that traffic, to be dropped later in the network

- Shaping:
- From the Client side
- To avoid misunderstanding, or unwanted behavior with the provide
- Queues the excess egress (Outgoing) traffic in the “Egress Queue”
- This is called “Queuing”

17
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Queuing:
- Dividing the Egress Queue, to multiple sub-queues
- Each, is differentiated by “Priority”
- To deal with classified packets

- Scheduling:
- How to empty the sub-queues, by which criteria

- Congestion Management:
- Tools for Queuing and Scheduling
- Emptying the Queued traffic in the egress queue
- WFQ, CBWFQ, PQ, LLQ, WRR, SRR, Shaping

18
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Congestion Avoidance:
- Tools to avoid congestion
- Before even happening
- At the ingress interface/s (receiving queue)
- RED, WRED, WTD, Policing

- QoS Application in a Network


- Integrated Services
- unified settings all the way
- uses The Resource Reservation Protocol (RSVP)
- Differentiated Services
- each hop has its unique settings
- uses “Per-Hop Behavior” (PHB)

19
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.5.2 QoS Polices


- Modular QoS Command-Line (MQC)
- applying the QoS tools globally
- multiple tools will be available for multiple ports/uses
- requires 3 components to operate
- Class-Maps
- Policy-Maps
- Service-Polices

- Class-Maps
- create a list, that identifies/matches some characteristics of a traffic
- classify those “matched” traffic
- to provoke this list to operate, we will need a “Policy-Map”

20
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Policy-Maps
- MATCH a Class-Map
- to apply a specific action to its traffic (queue it, shape it, police it…)
- the same Class-Map can be matched multiple time on multiple interfaces
- each time, a different “action” will be taken!
- to apply a “Policy-Map” to an interface/s
- we will need a “Service-Policy”

- Service-Policy
- apply a “Policy-Map” to an interface
- either “INBOUND” or “OUTBOUND”

21
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.6 Switching Mechanisms

1.6.1 Device Processing and Cisco Express Forwarding (CEF)


- Process:
- processing the incoming ingress traffic
- to switch it, to the desired egress outgoing interface
- done by the CPU
- even if the CPU is very busy
- known as “IP Input”
- CEF:
- establish an area to store pre-defined decisions, as a reference
- that area = Cache Area
- will be automatically done whenever a new protocol is enabled
- creates FIB & Adjacency Table
- not exactly every thing is CEF switched (a first time ARP, CDP,
Encryption)

22
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.6.2 FIB vs. RIB


- Forwarding Information Base (FIB)
- extracted from the “RIB”
- Routing Information Base
- The Routing Table
- it is the Routing Table of the CEF
- always synchs with the RIB (Routing Table)
- less details
* some operations are handled by the Adjacency Table
- for L2 info (ARP, VLAN, MAC)

23
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

1.6.3 CAM (MAC Table) and TCAM


- Content Addressable Memory (CAM)
- a random memory
- stores MAC Addresses
- used for lookups (by the forwarding engine)
- MACs are represented as “MAC Table”

- Ternary Content Addressable Memory (TCAM)


- also, a random memory
- stores IP Addresses and subnet masks
- used for Longest match lookups
- Addresses and masks are represented as “Routing Table”

24

You might also like