Cisco Press MPLS and VPN Architectures Volume II pdf pdf

Table of Content s • I ndex • MP LS and V PN Ar chi te ctur e s, V olum e I I By Jim Guichard, I van Pepelnjak, Jeff Apcar Pub lish er: Cisco Press

Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

With MPLS and VPN Ar chit ect u res, Volum e I I , you'll lear n : How to integr ate v ar iou s r em ote access techn ologies in to th e back bone p r ovidin g VPN ser vice to m any d iffer ent typ es of cu stom er s The n ew PE- CE r out in g op tions as w ell as ot her adv anced feat ur es, includ ing per- VPN Netw ork Ad dr ess Tr an slation ( PE- NAT) How VRFs can be ex tended into a custom er site to pr ov ide sep ar ation inside t he custom er netw ork The latest MPLS VPN secur ity featu res an d d esign s aim ed at pr otecting th e MPLS VPN backbone How to carr y custom er m ulticast tr affic insid e a VPN The latest in ter - car rier enh ancem ents t o allow for easier and m or e scalable d ep loym ent of inter - car r ier MPLS VPN services Advanced t rou blesh ooting techn iques includ in g r ou ter outpu ts to en su re high availab ility

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

Ar ch itectu res, Volum e I ( 1 - 587 05- 0 02- 1) , from Cisco Pr ess. Extendin g int o m or e advanced topics an d d ep loym ent architectur es, Volu m e II pr ovid es r eader s w ith the necessar y tools they n eed to d ep loy and m ain tain a secur e, hig hly av ailab le VPN.

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

Ar ch itectu re. Par t II descr ibes adv anced MPLS VPN con nectivity includ in g the integr ation of ser vice pr ovider access t echn olog ies ( dial, DSL, cab le, Ether net) an d a variety of r outin g pr otocols ( I S- I S, EI GRP, and OSPF) , ar m in g the r eader w ith the know ledge of h ow to integr ate th ese feat ur es in to th e VPN b ackbon e. Part I II details adv anced d ep loy m ent issues includin g secu r ity, ou tlining the n ecessar y steps th e ser vice p rovider m ust take to p rotect t he backbone and any attached VPN sites, and also detailin g the latest secu rity featur es to allow m or e advanced top ologies and filterin g. This par t also cover s m ulti- car r ier MPLS VPN deploym en ts. Fin ally, Par t IV pr ovid es a m ethodology for ad van ced MPLS VPN tr oub leshooting .

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer ser vices b ased on MPLS VPN tech nology in a secur e and scalab le w ay. This b ook is par t of the Netw orking Technology Ser ies fr om Cisco Pr ess, w h ich offers netw or kin g p rofessionals valuable in for m ation for constr ucting efficient netw orks, un derstan ding new technolog ies, and bu ild ing su ccessful car eer s.

Table of Content s
I ndex

MP LS and V PN Ar chi te ctur e s, V olum e I I By Jim Guichard, I van Pepelnjak, Jeff Apcar Pub lish er: Cisco Press

Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

Table of Content s
I ndex
Table of Content s
I ndex

MP LS and V PN Ar chi te ctur e s, V olum e I I By Jim Guichard, I van Pepelnjak, Jeff Apcar Pub lish er: Cisco Press

Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

MP LS and V PN Ar chi te ctur e s, V olum e I I By Jim Guichard, I van Pepelnjak, Jeff Apcar Pub lish er: Cisco Press

Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4 Copyright About th e Aut h ors About th e Tech nical Reviewer s About th e Con t en t Reviewer Acknowledgmen ts I n tr oduct ion

Who Shou ld Read This Book? How This Book I s Organized I con s Used in Th is Book Com man d Synt ax Convent ions

Part I . I nt rodu ction Cha pter 1. MPLS VPN Archit ectu re Over view MPLS VPN Termin ology Con nect ion-Orient ed VPNs Con nect ionless VPNs MPLS-Based VPNs New MPLS VPN Developm ent s Sum mar y Part I I . Advan ced PE-CE Con nect ivit y Cha pter 2. Remot e Access t o an MPLS VPN Featu re Enha ncemen ts for MPLS VPN Rem ote Access Overview of Access Prot ocols and Procedu res Providing Dia l- I n Access t o an MPLS VPN Providing Dia l- Out Access via LSDO Providing Dia l- Out Access With out LSDO (Direct I SDN) Providing Dia l Backup for MPLS VPN Access Providing DSL Access t o an MPLS VPN Providing Cable Access t o an MPLS VPN Advanced Feat ur es fo r MPLS VPN Remot e Access Sum mar y Cha pter 3. PE- CE Rout ing Prot ocol En han cem ent s and Ad van ced Feat ures PE- CE Conn ect ivit y: OSPF PE- CE Conn ect ivit y: I nt egrat ed I S- I S PE- CE Conn ect ivit y: EI GRP Sum mar y

Table of Content s
I ndex

MP LS and V PN Ar chi te ctur e s, V olum e I I By Jim Guichard, I van Pepelnjak, Jeff Apcar Pub lish er: Cisco Press

Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer Cha pter 4. Vir tu al Rou t er Con nect ivit y Con figur in g Virt ua l Rout ers on CE Rout ers

Lin kin g t h e Vir tu al Rou t er wit h t he MPLS VPN Backbone

VRF Select ion Based on Sour ce I P Address Performin g NAT in a Virt ual Rout er Environ ment Sum mar y

Part I I I . Ad van ced Deploym ent Scen arios Cha pter 5. Prot ect ing th e MPLS-VPN Backbone I n herent Secur it y Capabilities Neighb or Aut h en t icat io n CE- t o-CE Aut h en t icat io n Con tr ol of Rou tes That Are I n ject ed int o a VRF PE t o CE Circuit s Ext ran et Access I n tern et Access I PSec over MPLS Sum mar y Cha pter 6. Lar ge- Scale Rout in g an d Mult iple Service Provid er Conn ect ivit y La rge Scale Rou tin g: Carrier's Car rier Solut ion Overview Carrier Ba ckb one Con nect ivit y La bel Dist ribu t ion Prot ocols o n PE-CE Links BGP- 4 Bet ween PE/ CE Rout ers Hierarchical VPNs: Carrier's Carr ier MPLS VPNs VPN Conn ect ivit y Bet ween Different Service Providers Sum mar y Cha pter 7. Mu lt icast VPN I n tr oduct ion t o I P Mu lt icast En t er prise Mu lt icast in a Service Provider Environ ment m VPN Arch itect u re MDTs Case St ud y of m VPN Operat ion in Su per Com Sum mar y Cha pter 8. I P Version 6 Tran sport Across an MPLS Backbon e

I Pv6 Business Drivers Dep loym ent of I Pv6 in Exist ing Net works Quick I nt roduction t o I Pv6 I n -Dep th 6 PE Operat ion an d Con figu rat ion Com plex 6PE Deploym ent Scena rios Sum mar y

Part I V. Trou bleshoot ing Cha pter 9. Trou blesh oot ing of MPLS- Based Solut ions I n tr oduct ion t o Tr oubleshoo tin g of MPLS-Based Solu t io ns Trou bleshoot ing t he MPLS Backbon e Ot her Quick Checks MPLS Con tr ol Plan e Trou blesh oot ing MPLS Dat a Plan e Trou bleshoot ing MPLS VPN Troub lesh oot ing I n -Dep th MPLS VPN Trou bleshoot ing Sum mar y I n dex

Copyright Cop yr igh t© 2 003 Cisco Sy st em s, I nc.

Cisco Pr ess log o is a trad em ar k of Cisco Sy stem s, I nc.

Table of Content s
I ndex

Pub lished by:

MP LS and V PN Ar chi te ctur e s, V olum e I I

Cisco Pr ess

By Jim Guichard, I van Pepelnjak, Jeff Apcar

20 1 W est 103 rd Str eet I ndian apolis, IN 462 90 USA

Pub lish er: Cisco Press

All r ights reserved. No par t of th is book m ay b e repr od uced or tr ansm itted in an y for m or b y

Pub Dat e: Ju ne 06, 2 00 3

any m eans, electr onic or mechan ical, includ in g photocopying, r ecor ding, or by an y

I SBN: 1- 58 705 -1 12 -5

inform ation stor age and r etrieval system , w ithout w r itten p er m ission fr om th e pu blish er ,

Pages: 50 4 except for t he inclusion of b rief qu otations in a r eview .

Pr inted in th e Un ited States of Am erica 1 2 3 4 5 6 7 8 9 0 Lib rar y of Con gr ess Cataloging- in - Publication Num ber: 61 947 205 1122 With MPLS and VPN Ar chit ect u res, Volum e I I , you'll lear n :

Warning and Disclaimer

How to integr ate v ar iou s r em ote access techn ologies in to th e back bone p r ovidin g VPN ser vice to m any d iffer ent typ es of cu stom er s This b ook is desig ned to pr ovide infor mat ion ab out MPLS an d VPN ar ch itectu res. Every effor t has been m ade to m ake this book as com p lete an d as accur ate as possib le, b ut no w ar r anty

The n ew PE- CE r out in g op tions as w ell as ot her adv anced feat ur es, includ ing per- VPN or fitness is im p lied. Netw ork Ad dr ess Tr an slation ( PE- NAT)

The in for m ation is p r ovided on an " as is" basis. The au thor s, Cisco Pr ess, and Cisco Syst em s, How VRFs can be ex tended into a custom er site to pr ov ide sep ar ation inside t he

I nc. shall h ave n eith er liab ility n or r espon sib ility t o any person or entity w ith r espect t o any custom er netw ork loss or dam ages ar isin g fr om th e infor m ation con tained in th is book or fr om the u se of the discs or pr ogr am s th at m ay accomp any it.

The latest MPLS VPN secur ity featu res an d d esign s aim ed at pr otecting th e MPLS VPN backbone The op inions expr essed in this b ook belong to the aut hor s and ar e not necessarily th ose of Cisco Sy st em s, I nc.

How to carr y custom er m ulticast tr affic insid e a VPN The latest in ter - car rier enh ancem ents t o allow for easier and m or e scalable d ep loym ent

Trademark Acknowledgments

of inter - car r ier MPLS VPN services All ter ms ment ion ed in this b ook that ar e kn ow n t o be trad em ar k s or serv ice mar ks have Advanced t rou blesh ooting techn iques includ in g r ou ter outpu ts to en su re high availab ility been ap pr opr iately cap it alized. Cisco Press or Cisco Sy stem s, I nc. cann ot att est to th e

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

accu r acy of th is infor m ation. Use of a ter m in this b ook should not be r egar ded as affectin g Ar ch itectu res, Volum e I ( 1 - 587 05- 0 02- 1) , from Cisco Pr ess. Extendin g int o m or e advanced the validity of an y tr adem ark or ser v ice m ar k. topics an d d ep loym ent architectur es, Volu m e II pr ovid es r eader s w ith the necessar y tools they n eed to d ep loy and m ain tain a secur e, hig hly av ailab le VPN.

Feedback Information MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

Ar ch itectu re. Par t II descr ibes adv anced MPLS VPN con nectivity includ in g the integr ation of At Cisco Press, our g oal is to cr eate in- d ep th techn ical books of the h ig hest qu alit y and valu e. ser vice pr ovider access t echn olog ies ( dial, DSL, cab le, Ether net) an d a variety of r outin g Each book is cr afted w ith car e an d p recision , und er g oin g r igor ous developm ent that in volves pr otocols ( I S- I S, EI GRP, and OSPF) , ar m in g the r eader w ith the know ledge of h ow to the uniqu e exp er tise of m em ber s from the pr ofessional technical com m unity . integr ate th ese feat ur es in to th e VPN b ackbon e. Part I II details adv anced d ep loy m ent issues includin g secu r ity, ou tlining the n ecessar y steps th e ser vice p rovider m ust take to p rotect t he Reader s' feed back is a n atur al continu ation of this pr ocess. I f you h ave any com ments backbone and any attached VPN sites, and also detailin g the latest secu rity featur es to allow r eg ar ding how w e cou ld im pr ov e the q uality of this b ook, or other w ise alter it to b ett er su it m or e advanced top ologies and filterin g. This par t also cover s m ulti- car r ier MPLS VPN your n eeds, you can contact us th rou gh e- mail at feedback@ciscopr ess.com . Please make deploym en ts. Fin ally, Par t IV pr ovid es a m ethodology for ad van ced MPLS VPN sur e to in clu de th e book title an d I SBN in your m essag e. tr oub leshooting .

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer Credits

We g reatly app r eciate your assistan ce.

Pub lisher John Wait

Ed it or- I n - Chief John Kane

Cisco Repr esent ative Anth ony Wolfen den

Table of Content s •

Cisco Pr ess Pr ogr am Manager Sonia Torr es Ch avez

I ndex

MP LS and V PN Ar chi te ctur e s, V olum e I I

Man ager, Mar keting Com m unications, Cisco Systems Scott Miller

By Jim Guichard, I van Pepelnjak, Jeff Apcar

Cisco Mar ketin g Pr og ram Manager Ed ie Quir oz

Pub lish er: Cisco Press

Acquisitions Editor Am y Moss

Pub Dat e: Ju ne 06, 2 00 3

Pr oduction Manag er Patr ick Kanouse

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

Developm ent Editor Gr ant Mun r oe

Pr oject Editor Lor i Lyon s

Cop y Editor Kar en A. Gill

Tech nical Ed it ors Matt Birkner , Dan Tap pan

With MPLS and VPN Ar chit ect u res, Volum e I I , you'll lear n : Con ten t Editor

Mon iq ue Mor r ow How to integr ate v ar iou s r em ote access techn ologies in to th e back bone p r ovidin g VPN

Team Coor dinat or Tam m i Ross ser vice to m any d iffer ent typ es of cu stom er s

Book Designer Gina Rexrod e

The n ew PE- CE r out in g op tions as w ell as ot her adv anced feat ur es, includ ing per- VPN Cover Desig ner

Lou isa Adair Netw ork Ad dr ess Tr an slation ( PE- NAT)

Pr oduction Team Mar k Shir ar

How VRFs can be ex tended into a custom er site to pr ov ide sep ar ation inside t he I ndexer

Tim Wr ight custom er netw ork The latest MPLS VPN secur ity featu res an d d esign s aim ed at pr otecting th e MPLS VPN backbone How to carr y custom er m ulticast tr affic insid e a VPN The latest in ter - car rier enh ancem ents t o allow for easier and m or e scalable d ep loym ent

Corpor at e H e a dqua rt er s

of inter - car r ier MPLS VPN services Cisco Sy st em s, I nc. 17 0 W est Tasm an Dr ive

Advanced t rou blesh ooting techn iques includ in g r ou ter outpu ts to en su re high availab ility San Jose, CA 9 513 4- 17 06 USA

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN w w w .cisco.com

Ar ch itectu res, Volum e I ( 1 - 587 05- 0 02- 1) , from Cisco Pr ess. Extendin g int o m or e advanced Tel: 40 8 526- 400 0 topics an d d ep loym ent architectur es, Volu m e II pr ovid es r eader s w ith the necessar y tools 8 00 553 - NETS ( 638 7) they n eed to d ep loy and m ain tain a secur e, hig hly av ailab le VPN. Fax: 40 8 5 26- 4 100

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

Ar ch itectu re. Par t II descr ibes adv anced MPLS VPN con nectivity includ in g the integr ation of Eur ope an H ea dq ua rt e rs Cisco Sy st em s I nter national BV ser vice pr ovider access t echn olog ies ( dial, DSL, cab le, Ether net) an d a variety of r outin g Haar ler ber gpar k pr otocols ( I S- I S, EI GRP, and OSPF) , ar m in g the r eader w ith the know ledge of h ow to Haar ler ber gw eg 1 3- 19 integr ate th ese feat ur es in to th e VPN b ackbon e. Part I II details adv anced d ep loy m ent issues 11 01 CH Am sterd am includin g secu r ity, ou tlining the n ecessar y steps th e ser vice p rovider m ust take to p rotect t he The Neth er lands backbone and any attached VPN sites, and also detailin g the latest secu rity featur es to allow

w w w - eu rop e.cisco.com

m or e advanced top ologies and filterin g. This par t also cover s m ulti- car r ier MPLS VPN Tel: 31 0 20 35 7 100 0 deploym en ts. Fin ally, Par t IV pr ovid es a m ethodology for ad van ced MPLS VPN Fax: 31 0 20 35 7 1 100 tr oub leshooting .

Am e ri ca s H e adq ua rt e rs MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer Cisco Sy st em s, I nc.

17 0 W est Tasm an Dr ive San Jose, CA 9 513 4- 17 06 USA

w w w .cisco.com

Tel: 40 8 526- 766 0 Fax: 40 8 5 27- 0 883

Asia Pa ci fi c H e adq ua rt e rs

Table of Content s Cisco Sy st em s, I nc.

I ndex •

Cap it al Tow er

MP LS and V PN Ar chi te ctur e s, V olum e I I

16 8 Robinson Road

By Jim Guichard, I van Pepelnjak, Jeff Apcar

# 22 - 01 to # 2 9- 01 Singap or e 068 912

w w w .cisco.com Pub lish er: Cisco Press

Tel: + 65 63 17 777 7

Pub Dat e: Ju ne 06, 2 00 3

Fax: + 65 63 17 779 9

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

Cisco Sy st em s h as m ore t han 200 offices in th e follow ing cou ntr ies and r eg ion s. Addr esses, ph one nu m bers, an d fax nu m bers ar e listed on th e Cisco.com W eb sit e a t

w w w .cisco.com / go/ offices .

Ar gentina • Au str alia • Austr ia • Belgiu m • Br azil • Bulgar ia • Canad a • Chile • China PRC • Colom bia • Costa Rica • Cr oatia • Czech Repu blic Denm ar k • D ubai, UAE • Finland • Fr ance • With MPLS and VPN Ar chit ect u res, Volum e I I , you'll lear n : Ger man y • Greece • Hong Kon g SAR • Hu ngar y • I ndia • I nd onesia • I r eland • I sr ael • Italy Japan • Korea • Lu xem bou rg • Malaysia • Mexico • The Neth er land s • New Zealand • Nor w ay

How to integr ate v ar iou s r em ote access techn ologies in to th e back bone p r ovidin g VPN

Per u • Ph ilipp ines • Poland • Por tugal Puert o Rico • Rom ania • Ru ssia • Saud i Ar abia • ser vice to m any d iffer ent typ es of cu stom er s

Scotland • Sing apor e • Slovakia • Slov enia • South Afr ica • Spain • Sw eden Sw itzer land • Taiw an • Thailand • Tur key • Ukr aine • Un it ed Kingd om • Un ited States • Ven ezu ela •

The n ew PE- CE r out in g op tions as w ell as ot her adv anced feat ur es, includ ing per- VPN Viet nam • Zimb abw e

Netw ork Ad dr ess Tr an slation ( PE- NAT) Cop yr igh t © 200 3 Cisco Sy stems, I n c. All rig hts r eser ved . CCI P, CCSP, th e Cisco Ar row logo,

How VRFs can be ex tended into a custom er site to pr ov ide sep ar ation inside t he the Cisco Pow ered Netw or k m ar k, the Cisco System s Ver ified log o, Cisco Un ity, Follow Me custom er netw ork

Br ow sing , For mSh are, iQ Net Readin ess Scor ecar d, Netw or kin g Academ y, and Script Shar e ar e tr adem arks of Cisco System s, I nc.; Chang in g the Way W e Wor k, Live, Play, an d Lear n, The latest MPLS VPN secur ity featu res an d d esign s aim ed at pr otecting th e MPLS VPN

The Fastest Way to I ncrease Your In ter n et Quotient, and iQuick Stud y ar e ser v ice m ar ks of backbone Cisco Sy st em s, I nc.; and Air onet, ASI ST, BPX, Catalyst, CCDA, CCDP, CCI E, CCNA, CCNP, Cisco, the Cisco Cer tified I nter netw ork Expert logo, Cisco I OS, the Cisco I OS logo, Cisco

How to carr y custom er m ulticast tr affic insid e a VPN Pr ess, Cisco Sy stem s, Cisco System s Capital, the Cisco System s logo, Emp ow er ing the I nter net Gener ation, Enter pr ise/ Solv er , EtherChann el, Ether Sw it ch , Fast Step, Gig aStack ,

The latest in ter - car rier enh ancem ents t o allow for easier and m or e scalable d ep loym ent I nter net Qu otien t, I OS, I P/ TV, iQ Exper tise, t he iQ log o, Lig htStr eam, MGX, MI CA, the of inter - car r ier MPLS VPN services Netw ork ers logo, Netw ork Regist rar , Packet , PI X, Post- Routing , Pr e- Routing , RateMUX, Registr ar, Slid eCast , SMARTn et, Strat aView Plu s, Strat m, SwitchPr ob e, TeleRouter ,

Advanced t rou blesh ooting techn iques includ in g r ou ter outpu ts to en su re high availab ility Tr ansPath, and VCO are registered tr adem ark s of Cisco Sy stem s, I nc. an d/ or its affiliates in the U.S. an d cer tain oth er cou ntr ies.

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

Ar ch itectu res, Volum e I ( 1 - 587 05- 0 02- 1) , from Cisco Pr ess. Extendin g int o m or e advanced All oth er t rad em ar ks m en tioned in this d ocum en t or W eb site ar e the p r operty of their topics an d d ep loym ent architectur es, Volu m e II pr ovid es r eader s w ith the necessar y tools r espective ow ners. Th e use of the wor d par tn er d oes not im p ly a par tn er ship relationship they n eed to d ep loy and m ain tain a secur e, hig hly av ailab le VPN. betw een Cisco an d an y other com pany. ( 0 303 R)

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

Pr inted in th e USA Ar ch itectu re. Par t II descr ibes adv anced MPLS VPN con nectivity includ in g the integr ation of ser vice pr ovider access t echn olog ies ( dial, DSL, cab le, Ether net) an d a variety of r outin g pr otocols ( I S- I S, EI GRP, and OSPF) , ar m in g the r eader w ith the know ledge of h ow to integr ate th ese feat ur es in to th e VPN b ackbon e. Part I II details adv anced d ep loy m ent issues

Dedications

includin g secu r ity, ou tlining the n ecessar y steps th e ser vice p rovider m ust take to p rotect t he backbone and any attached VPN sites, and also detailin g the latest secu rity featur es to allow To m y w ife Sadie, for puttin g u p with m e w r iting another b ook and the lon g lon ely n ights m or e advanced top ologies and filterin g. This par t also cover s m ulti- car r ier MPLS VPN associated with such an und er taking. To m y childr en Aim ee and Thom as, w ho alw ays h elp to deploym en ts. Fin ally, Par t IV pr ovid es a m ethodology for ad van ced MPLS VPN keep m e smiling.—Jim tr oub leshooting . To m y w ife Kar men, wh o w as alw ay s ther e w hen I needed encour ag em ent or supp ort. To m y

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

childr en Maj a an d Monika, w ho waited patiently for m y attention on too m any occasions.—I van To m y w ife Anne, w h o is an exceptional person in every w ay . To m y ch ild r en Caitlin, Conor , and especially Ron an: D espite h is constant effor ts to r eb oot m y PC, I m anag ed to lose a dr aft only on ce.—Jeff

Table of Content s
I ndex

MP LS and V PN Ar chi te ctur e s, V olum e I I By Jim Guichard, I van Pepelnjak, Jeff Apcar Pub lish er: Cisco Press

Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

About the Authors Ji m Guicha rd , CCI E N o. 2 0 6 9 , is a Tech nical Leader I I w it hin t he I nt er net Techn ologies

Division ( I TD) at Cisco System s. Du r in g t he past six year s at Cisco an d pr ev iously at I BM, Jim has been inv olved in t he design, im p lem entation, and plannin g of m any lar g e- scale WAN an d

Table of Content s •

LAN netw ork s. His br eadth of ind ustry kn ow ledg e, hand s- on ex perience, and un derstan ding

I ndex •

of comp lex in ter n etw or kin g architectur es hav e enabled him to pr ovid e valu ed assistan ce t o

MP LS and V PN Ar chi te ctur e s, V olum e I I

m any of Cisco's lar ger ser vice pr ovider cu stomer s. His pr evious pub lications in clu de MPLS

By Jim Guichard, I van Pepelnjak, Jeff Apcar and VPN Ar chit ect u res , b y Cisco Pr ess.

Pub lish er: Cisco Press

I v an P ep el nj a k , CCI E N o. 1 3 5 4 , is t h e Ch ief Tech nology Ad visor and m em ber of t he b oard

with NIL Dat a Com m un ications ( w w w .NI L.si ) , a high - tech data comm u nicat ion s comp any

Pub Dat e: Ju ne 06, 2 00 3 that focu ses on pr oviding high - valu e ser v ices in new - wor ld ser vice p r ovider technolog ies.

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

I van h as m ore t han 10 y ear s of exp er ience in design ing, in st alling , tr oub leshooting , and oper ating larg e corp orat e and ser v ice p r ovider WAN and LAN netw ork s, sever al of them alr ead y deploy in g MPLS- based vir tual pr ivate netw orks ( VPNs) . He is t he auth or or lead develop er of a nu mb er of highly successfu l adv anced IP cour ses cover ing MPLS/ VPN, BGP, OSPF, and I P QoS, and he is the ar chitect of NI L's rem ote lab solu tion. I v an' s pr evious With MPLS and VPN Ar chit ect u res, Volum e I I , you'll lear n : pu blication s include MPLS and VPN Ar chit ect u res an d EI GRP Net w or k Design Solu t ion s, b y Cisco Pr ess.

How to integr ate v ar iou s r em ote access techn ologies in to th e back bone p r ovidin g VPN

Je ff A pcar is a Senior Design Consult ing Engineer in t he Asia Pacific Ad van ced Ser v ices

ser vice to m any d iffer ent typ es of cu stom er s gr oup at Cisco System s. He is one of th e Cisco lead consultan ts on MPLS in t he r eg ion an d has design ed MPLS n etw or k s for man y ser vice p rovider s in AsiaPac u sin g p acket- based an d

The n ew PE- CE r out in g op tions as w ell as ot her adv anced feat ur es, includ ing per- VPN cell- based MPLS. Jeff has also d esigned and m aintained larg e I P r outer n etw or ks ( 50 0+ Netw ork Ad dr ess Tr an slation ( PE- NAT) nod es) and has a br oad and deep r ang e of skills cover ing man y facets of netw or kin g com mu nication s.

How VRFs can be ex tended into a custom er site to pr ov ide sep ar ation inside t he custom er netw ork Jeff h as m ore t han 24 year s of exp er ience in data com m unications an d holds D ip . Tech ( I nform ation Pr ocessin g) and B.Ap p.Sc ( Com p uting Science) ( Hon s) fr om the Univer sity of

The latest MPLS VPN secur ity featu res an d d esign s aim ed at pr otecting th e MPLS VPN Tech nology , Sy dney, Austr alia. backbone How to carr y custom er m ulticast tr affic insid e a VPN The latest in ter - car rier enh ancem ents t o allow for easier and m or e scalable d ep loym ent of inter - car r ier MPLS VPN services Advanced t rou blesh ooting techn iques includ in g r ou ter outpu ts to en su re high availab ility

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

About the Technical Reviewers

Ma t t h ew H . Birk n er , CCI E No. 371 9, is a Techn ical Leader at Cisco Sy st ems, sp ecializin g in

I P an d MPLS n etw or k d esign. He has in fluenced m ultip le lar g e car r ier and en terp rise designs w or ld w ide. Matt has spoken at Cisco Netw ork er s on MPLS VPN tech nologies in both the U.S.

Table of Content s

and EMEA over the past few year s. A "d ouble CCI E", h e has p ublished the Cisco Pr ess book,

I ndex

Cisco I nter netw ork Design . Matt holds a BSEE from Tuft s Un iver sity, w her e he maj or ed in

MP LS and V PN Ar chi te ctur e s, V olum e I I electr ical en gineering .

By Jim Guichard, I van Pepelnjak, Jeff Apcar D a n Ta ppa n is a dist ingu ish ed engin eer at Cisco Sy st em s. He has 2 0 year s of exp er ien ce

w ith in tern etw or king, hav in g wor ked on th e ARPANET tr ansit ion from NCP to TCP at Bolt, Pub lish er: Cisco Press Beran ek , an d New m an. For th e past sever al years, D an has been the technical lead for

Pub Dat e: Ju ne 06, 2 00 3 Cisco's im plem en tation of MPLS ( t ag sw itching) and MPLS/ VPNs.

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

About the Content Reviewer Mon iqu e Mor row is cu rr ent ly CTO Con sult ing Eng ineer at Cisco Sy st em s, I nc. She has 20

year s of experience in I P inter netw ork ing th at includ es d esign , im plem entation of com plex custom er pr ojects, and ser vice d evelopm en t for ser v ice pr ovider s. Moniq ue has been involved

Table of Content s •

in developing m anag ed netw or k ser v ices such as r em ote access and LAN sw itching in a

I ndex •

ser vice pr ovider envir onm en t. She has w or ked for both enterp r ise an d ser vice pr ovider

MP LS and V PN Ar chi te ctur e s, V olum e I I

com panies in the United St ates and in Eur ope. She led the Engineer in g Proj ect team for one

By Jim Guichard, I van Pepelnjak, Jeff Apcar of the fir st Eu rop ean MPLS- VPN deploym en ts in 199 9 for a Eur opean ser vice p r ovider .

Pub lish er: Cisco Press Pub Dat e: Ju ne 06, 2 00 3

I SBN: 1- 58 705 -1 12 -5 Pages: 50 4

MPLS and VPN Ar chit ect u res, Volum e I I , b uilds on t he best - sellin g MPLS an d VPN

MPLS and VPN Ar chit ect u res, Volum e I I , b eg in s w it h a br ief ref resher of t he MPLS VPN

MPLS and VPN Ar chit ect u res, Volum e I I , also int rod uces t he lat est adv ances in cu st omer

Acknowledgments

Ev ery maj or pr oj ect is a r esu lt of team w ork, an d t his book is n o exception . We'd like t o th ank ever yon e w ho help ed u s in t he long w r it in g pr ocess: our developm ent ed itor , Gr ant Munr oe, w ho helped u s w ith t he intr icacies of w r iting a book; the r est of the ed it orial t eam fr om Cisco

Table of Content s

Pr ess; an d especially ou r r eviewer s, Dan Tapp an, Matt Bir kn er , an d Monique Mor row . They

I ndex •

not only cor rected ou r err or s an d om ission s, but they also included several useful su ggestions

MP LS and V PN Ar chi te ctur e s, V olum e I I to im p rove th e quality of th is pub lication.

By Jim Guichard, I van Pepelnjak, Jeff Apcar

Jeff w ould like to th ank his m an agement team Tony Sim onsen, Mich ael Lim , and Steve Sm ith , for pr ovid in g the tim e and encour agem ent t o do the b ook. Also sp ecial th ank s to the gu ys in Pub lish er: Cisco Press the AsiaPac Lab Grou p, Nick Stath akis, Ron Masson, an d Geor g e Leran tges, w ho let him hog

Pub Dat e: Ju ne 06, 2 00 3

lots of gear . Last, Jeff w ould lik e to than k Jim and I van for inviting him to collab orate with

I SBN: 1- 58 705 -1 12 -5 them . Pages: 50 4

Finally, t his book w ou ld n ever hav e been wr itten w it hout the cont in uous su ppor t and patience of our fam ilies, esp ecially our w ives, Sad ie, Kar m en, an d An ne. With MPLS and VPN Ar chit ect u res, Volum e I I , you'll lear n :

Cisco Press MPLS and VPN Architectures Volume II pdf pdf

Dokumen yang terkait

Machine Learning and Intelligent Communications Part II 2017 pdf pdf

Network Convergence Ethernet Applications and Next Generation Packet Transport Architectures pdf pdf

Cisco CCNA Network Basics Companion Guide pdf pdf

Mastering Java Machine Learning Architectures 7 pdf pdf

Cisco Press Internetworking Technologies Handbook 4th Edition pdf pdf

Agile Software Architecture Aligning Agile Processes and Software Architectures pdf pdf

Cisco CCENT CCNA ICND1 100 105 Official Cert Guide Academic Edition pdf pdf

IT Convergence and Security 2017 Volume 1 pdf pdf

Configuring Check Point NGX VPN 1 FireWall 1 pdf pdf

Building Cisco Multilayer Switched Networks Vol 2 pdf pdf

Dukungan

Links

Cisco Press MPLS and VPN Architectures Volume II pdf pdf

Dokumen yang terkait

Machine Learning and Intelligent Communications Part II 2017 pdf pdf

Network Convergence Ethernet Applications and Next Generation Packet Transport Architectures pdf pdf

Cisco CCNA Network Basics Companion Guide pdf pdf

Mastering Java Machine Learning Architectures 7 pdf pdf

Cisco Press Internetworking Technologies Handbook 4th Edition pdf pdf

Agile Software Architecture Aligning Agile Processes and Software Architectures pdf pdf

Cisco CCENT CCNA ICND1 100 105 Official Cert Guide Academic Edition pdf pdf

IT Convergence and Security 2017 Volume 1 pdf pdf

Configuring Check Point NGX VPN 1 FireWall 1 pdf pdf

Building Cisco Multilayer Switched Networks Vol 2 pdf pdf

Dokumen yang Anda mencari sudah siap untuk unduhkan