Cisco CCNA Study – Day 10

Posted on by Gregnstuff

I found studying really interesting, I feel like I have covered so much data but there always seems like there is so much more to learn.  There are a total of 309 lectures in the course and I have completed 223 of them and with 72% it is hard not to focus on how much more there is to learn and for me it is stressful.  Then I look at my daughter and I can see that I have passed that on to her also.

This is where I have to remember that I will never know everything and I am learning the information to build my base of knowledge and while it increases that base, the base that I have built to this point of my career is pretty fantastic and there is little if nothing that I can’t grasp so what I continue to learn is just supporting my abilities to support others.

 

Section 31: WAN – Wide Area networks

  • VPN – Virtual Private Network
    • A virtual tunnel between private networks across a shared public network
    • Traffic is encrypted while traveling over the VPN
    • Public internet connections are cheaper than physical links, so they will tend to be cheaper.
    • Type
      • Site to site
        • Terminated between routers/firewalls
        • Invisible to nodes
        • Typically uses IPsec for encryption
      • Remote access
        • Client uses software to connect remotely to a location
        • Can access anywhere there is internet connectivity
        • Usually uses SSL and sometimes IPsec
    • Configuration Options
      • IPsec Tunnel
        • Open standard IP tunnel
        • Does not support multicast
      • GRE (Generic Routing Encapsulation) over IPsec tunnel
        • adds support for multicast
      • IPsec VTI (Virtual Tunnel Interface)
        • Cisco proprietary Simplified Configuration
        • Support multicast
      • DMVPN (Dynamic Multipoint VPN
        • Cisco proprietary
        • Scalable simple hub and spoke config
        • Enables direct full mesh connectivity between all devices
      • FlexVPN
        • Cisco proprietary
        • Similar to DMVPN
        • Newer technology
      • GETVPN (Group Encrypted Transport VPN)
        • Cisco proprietary
        • Scalable centralized policy for VPN over non-public infrastructure (like MPLS)
  • WAN Connectivity Options
    • Service provider will typically provide an SLA (Service Level Agreement)
      • Guarantees for uptime
      • Traffic delay
      • Loss on the link
    • Leased Lines/Satellite
      • Connectivity to the internet
      • Direct Connectivity between offices
      • Connectivity between offices over VPN
      • Dedicated physical connection
      • Reserved bandwidth, not shared with anyone else
      • Bandwidth is available in both directions
      • Commonly lease from a service provider for a monthly fee
      • Common uses
        • point to point connectivity between two offices
        • data center providing multipoint connectivity between offices
        • Data center connected to the internet, providing Internet connectivity and option connectivity over Internet VPN
      • Leased line uses a serial connection
      • Common bandwidth options
        • North America
          • T1 – 1.544 Mbps
          • T2 – 6 Mbps
          • T3 – 45 mbps
          • T4 – 275 Mbps
        • Europe
          • E1 – 2Mbps
          • E2 – 8 Mbps
          • E3 – 34 Mbps
          • E4 – 140 Mbps
      • Typically provide an SLA for uptime, traffic delay and loss on the link.
      • typically more expensive
      • usually a longer lead time for installation
      • Satellite
        • Typically more expensive and low bandwidth, but maybe the only option in hard to reach areas.
    • MPLS – Multi Protocol Label Switching
      • Shared core infrastructure at the service provider
      • Connectivity to the internet
      • Connectivity between the office over VPN
      • MPLS VPN
        • usually operate by a service provider
        • Can travel over the provider’s shared MPLS network
        • Different levels of SLA  for uptime, traffic delay and loss are often available at different price point
        • Typically Ethernet connections to customer router
        • Provides full mesh topology by default
      • Layer 3 MPLS VPN
        • runs across the providers core
        • Customer routers do not run MPLS
        • Static routes or a routing protocol runs between the customer Edge and Provider Edge routers
        • Customer sites are in different IP subnets
      • Layer 2 MPLS VPN
        • Customer and provider routers do not peer with each other
        • provider network acts like a giant swtich
        • Customer sites are in the same  IP subnet
        • Reason to use
          • required for clustering an app over WAN
          • useful for migrating hosts during Disaster Recovery
        • Terminology
          • VPLS – Virtual Private LAN service 
            • Multipoint Layer 2 VPN
          • VPWS – Virtual PseudoWire Service
            • Point to point Layer 2 vpn
    • Optical Fiber
      • More suitable then copper for long distances
      • Commonly used for backhaul connections for service providers 
      • Types of FTTx Services
        • Fiber to the Home
        • Fiber to the Premises
        • Fiber to the aBuilding
        • Fiber to the Neighborhood
    • SONET (North America)/SDH (rest of the world)
      • Standards used in service provider optical fiber networks
        • Sonet STS – SONET OC – SDH STM – Bit Rate Mbps
          • STS-1 – OC-1 –  – 51.84
          • STS-3 – OC-3 – STM-1 – 155.52
          • STS-12 – OC-12 – STM-4 – 155.52
          • STS-48 – OC-48 – STM-16 – 2488.32
          • STS-192 – OC-192 – STM-64 – 9953.28
    • DWDM – Dense Wavelength Division Multiplexing
      • Combines multiple optical signals into one optical signal transmitted over a shingle fiber strand
      • Allows more capacity to be added to existing infrastructure
      • Used in all modern long haul optical connections
    • Dark Fiber
      • Unused fiber that was not needed by a service provider.
    • WAN Backup and small Office Solutions
      • Options often aimed at home user Internet access
      • Typically do not carry a SLA that meets corporate levels
      • Can be used in smaller offices to connect to corporate network
        • DSL – Digital Subscriber Line
        • Cable
        • Wireless – Example 4G
    • Legacy WAN Connectivity Options
      • PSTN – Public Switched Telephone Network
      • ISDN – Integrated Services Digital Network
      • Frame Relay
      • ATM – Asynchronous Transfer Mode
      • X.25
  • PPPoE – Point to Point Protocol over Ethernet
    • Commonly used in DSL deployments
    • Can be configured on either the DSL modem or the router
  • WAN Topology Options
    • Hub and spoke (Star)
      • Advantages
        • Simplicity
        • Centralized security policy
      • Disadvantages
        • Single point of failure
        • Suboptimal traffic flow
    • Redundant Hub and Spoke
      • Advantages
        • Removes single point of failure
        • centralized security policy
      • Disadvantages
        • Higher cost
        • suboptimal traffic flow
    • Full Mesh
      • Advantages
        • Optimal Traffic flow
      • Disadvantages
        • Higher complexity and cost
    • Partial Mesh
      • Advantages
        • Partial optimal traffic flow
      • Disadvantages
        • Her cost