Tải bản đầy đủ - 0 (trang)
Appendix E. IP Network Design Checklist

Appendix E. IP Network Design Checklist

Tải bản đầy đủ - 0trang

BasicNetworkOperationsQuestions

1: Whatroutingprotocolsareinuseinthenetwork?

Answer:RIP-1,RIP-2,EnhancedInteriorGatewayRoutingProtocol(EIGRP),

OpenShortestPathFirst(OSPF),IntermediateSystem-to-IntermediateSystem

A1: (IS-IS),andBorderGatewayProtocol(BGP)canallbevalidanswerstothis

question.Thepointistotakeaninventoryoftheprotocolsinuseasastarting

pointforunderstandinghowthisnetworkisdesigned.

2: HowareIPaddressesassignedinthenetwork?

Answer:AreIPaddressesassignedbasedontheorderinwhichpeoplerequest

them,basedongeographiclocationsororganizational(political)boundaries,or

A2:

basedonasecuritypolicyofsometype?Alternatively,areIPaddressesassigned

basedonthetopologicallocationofthedeviceorsegmentwithinthenetwork?



3:



Howmanyroutes,onaverage,arepresentintheroutingtablewithineachrouting

domaininthenetwork?



4:



Whatistheratioofthetotalnumberofreachabledestinationswithinthenetwork

tothenumberofrouteswithinanaveragerouter'sroutingtableinthenetwork?



Answer:Thisquestionispointedatfindingouthoweffectivesummarizationof

reachabilityinformationhasbeenimplementedinthenetwork.Forinstance,if

youfindthateachdistribution,access,oraggregationlayerroutingdomain

normallyhasabout500routes,andyoufindapproximately2000routesinthe

coreofthenetwork,youcanprobablyconsideraggregationofrouting

A4: informationasoneareaofinvestigationtoimprovethedeploymentofthis

network.If,however,youfindtheratioofthetotalnumberofsubnetstothe

numberofroutesinanyspecificrouter'sroutingtableishighthenumberofroutes

ishighcomparedtothesizeoftheaveragerouter'sroutingtableaggregationis

probablyfairlyeffectivelydeployedinthisnetwork.



Startingfromanyedgeofthenetworkandworkingtowardanyotheredgeofthe

network,howmanypointsofsummarizationorredistributionwouldyoube

5:

likelytoencounter?Whatwouldtheresultbeifyouconsideredthesemeasures

forthetenmostcriticalpathsthroughthenetwork?

Answer:Thisquestionattemptstoprovidesomeideaofthecomplexityand

depthofthenetworkdesign.Themorepointsofredistributionyouwould

encounterinarepresentativepath,themorecomplexthenetworkdesignislikely

tobe.Encounteringtwopointsofsummarizationfromedgetoedgewould

A5:

probablybenormalinmostnetworkdesigns.Encounteringfewermightindicate

aggregationofroutinginformationisapointwheresomeworkcouldbedone.

Encounteringmorethantwomightindicatealarge,complexnetwork,which

mightbenefitfromsomesimplificationinitsdesign.

6: Howwouldyoucharacterizetheuseofredundancyinthenetwork?

Answer:Howmanyparallellinksorpathsexistbetweenanytwopointsinthe

network?Youwanttoexplorehowmuchredundancyisreliedonforresiliencyin

A6:

thenetwork'sdesign,andhowlikelyyouaretoseefailuresrelatedtoexcessive

redundancywithinthenetwork.

Withineachroutingdomaininthenetwork,ratetheimportanceofresilience.Is

7: resiliencecritical,nicetohave,ornotimportantatall?Canyouquantifyhow

longofanoutageisacceptablewithineachroutingdomain,andwhy?

8: Howimportantisfastconvergencewithinthenetwork?Why?

Answer:Listthoseapplicationsthatmightbenefitfromorrequirefast

convergencetimes,andwhy.Alsoinvestigatewhatthecriticalpathsareforthese

A8:

applications,andwhatimpactfastconvergencehasontheresiliencyofthe

networkdesign.

9: Ingeneral,howdifficultisthenetworktotroubleshoot?



Answer:Exploringspecificareaswheretroubleshootinghasoftenproved

A9: troublesomeinthepastcanleadtoinsightsaboutwhatareasinthenetwork

mightneedsomedesignfocus.Alsoconsiderareasthatdonotbreakoften.How

hardmighttheybetotroubleshootiftheydobreak?

10: Whatistheimpacttosummarizationifspecificlinksordevicesfail?

Answer:Explorehowsummarymetricswouldbeimpactedthroughnetwork

failures,routingblackholes,orotherproblemsthatmightexhibitthemselves

A10:

whenyouinvestigatetheimpactoflinkanddevicefailureontheaggregationof

routinginformation.

11: Whatisthetypicalrateofchangeofroutinginformationwithinthenetwork?

Answer:Examinewhatchangesonaregularbasis,andwhy.Ifparticularareas

ofthenetworkappeartohaveahighrateofchange,itmightbeusefultoexamine

A11:

whythosechangesoccur.Howcanyoudampenthosechangesorreducethearea

acrosswhichthosechangesimpactdevices?



12:



Ifadeviceorlinkfails,howmanyrouters,onaverage,areimpacted,orhow

manyroutersmustrecomputetheirroutingtables?



Answer:Thisquestion,whenappliedacrossthenetwork,specificallywithin

eachroutingdomain,canprovidesomeinsightonhowwellthenetworkhasbeen

A12:

dividedandwhattypesoftechniquesmightbeusefulinimprovingthenetwork's

convergenceproperties.



TopologicalLayout

1:



Canyoudescribeyournetworkintermsofroutingdomainsandhowthose

routingdomainsarelinked?

Answer:Isthenetworkbrokenintosmallerpieces,oritisdesignedtohaveno

natural"breakpoints,"wherehierarchyandinformationaggregationcanbeused

andconfigured?



A1:

Itisoftenhelpfultousetheinformationcontainedjustintheroutingdatabasesto

drawanetworkdiagram,suchasthelink-statedatabasefromIS-ISorOSPF,or

tousetheEIGRPtopologytablefromeachrouter.



2:



Withineachroutingdomain,whatisthedominant,orprimary,topological

construct?



Answer:Eachroutingdomainshouldhaveoneprimarytypeoftopologywithin

thedomain.Forinstance,someareasofthenetworkmightbedominatedbylarge

A2: hubandspoketopologies,whereasafullorpartialmeshmightdominateothers.

Perhapssomeareasofthenetworkcansimplybeclassifiedasafullmess

topology.



3:



Howaretheroutingdomainsinthenetworkinterconnected?Whatsortof

hierarchydotheseinterconnectionsfollow,ifany?



A3:



Answer:Isthenetworkdesignedaroundaflatnetworkdesign,atwo-tier

hierarchy,orathree-layerhierarchy?



4: Canyoupointoutthetwototenmostcomplextopologieswithinthenetwork?

Answer:Usingthisinformation,youcandeterminehowwellthenetworkdesign

separatescomplexareasofthenetworkfromothercomplexareasofthenetwork.

A4: Thisquestionworkswellwithaquestionaboutthenumberofroutersimpacted



byasingledeviceorlinkfailure.



RedistributionandInterconnection

1: Isredistributionbeingusedinthisnetwork?



A1:



2:



Answer:Includeredistributionbetweenstaticroutes,connectedroutes,and

dynamicprotocolshere.

Ifredistributionisconfiguredbetweendynamicroutingprotocols,amonghow

manydifferentareasofthenetworkisitconfigured?



Answer:Forinstance,aretheretwoprimarydomains,orareas,withinthe

network,eachrunningaseparateinstanceofrouting,andredistributionis

A2: configuredbetweenthetwodomains?Domorethantwodomainsexist?How

manyplacesdoesredistributioninterconnectvariousdomainswithinthe

network?



3:



A3:



Foreachpairofroutingdomainsbetweenwhichredistributionisconfigured,how

manypointsofredistributionareconfigured?

Answer:Theprimarypieceofinformationisthenumberofmutualpointsof

redistributionbetweenpairsofroutingdomainswithinthenetwork.



Ateverypointwheremutualredistributionbetweentworoutingdomainsrunning

4: dynamicroutingprotocolsisconfigured,whatsortsoffilteringareconfiguredto

controltheredistributedroutes?

Answer:Here,youaretryingtodeterminewhethermutualredistributioncould

A4: becausingroutingloops,evenifthoseroutingloopshavenotbeennoticedinthe

past.Youarealsolookingforthepotentialforroutingloops.



5:



Aremultipleroutingdomainsbeinginterconnectedthroughsomeother

mechanismthanrouteredistribution?



A5:



Answer:Forinstance,alargenetworkmighthaveseverallargeroutingdomains

interconnectedusingBGPinthecore,orsomeothertechnique.



Security

1: Doesthenetworkhaveawrittensecuritypolicy?

2: Whatisthesecuritypolicyconcerningdevicesthatareattachedtothenetwork?

Answer:Doesadevicethatisconnectingtothenetworkneedtorunoremploy

specificprotocolsortechniques?Forinstance,issomeformofLayer2

A2: authorizationemployedtopreventunauthorizedconnectionstothenetwork?

Doesapolicyexistaboutopenportsorotherwaystopreventunauthorized

accesstothenetwork?

3: Whatisthesecuritypolicyconcerningroutingwithinthenetwork?



A3:



Answer:Hasaspecificpolicybeendesignedtothwartattacksagainsttherouting

system?



4: Whatmechanismsareinplacetoreacttoasecuritybreachorasecurityincident?



5:



Shouldaccessberestrictedtospecificdevicesinthenetwork?Howshouldthis

restrictedaccessbeachieved?



NOTE

Formoreinformationonsecurityasitrelatestoroutingspecifically,

pleaseseeChapter8,"RoutingProtocolSecurity."



AppendixF.AnswerstoReview

Questions

Chapter1

Chapter2

Chapter3

Chapter4

Chapter5

Chapter6

Chapter7

Chapter8

Chapter9



Chapter1

1: Whatisthefirstthingyoushouldthinkaboutwhendesigninganewnetwork?



A1:



Answer:Thinkaboutthepurposeofthenetwork.Whatsortsoftrafficwillthe

networkcarry,andwhattypesofapplicationswillberunningonthenetwork?



2: Whataretheprimarygoalsinanynetworkdesign?



A2:



Answer:Theprimarygoalsarereliabilityandresilience,manageability,and

scalability.



3: Howdoyoudefineareliablenetwork?



A3:



4:



Answer:Areliablenetworkdeliversalmostallacceptedtraffictotheright

destinationwithinareasonableamountoftime.

WhatelementsinLayer3networkdesignimpactthedelayandjitterbudgets

throughthenetwork?



Answer:Thetopologyofthenetworkdeterminesthenumberofhopsanddelays

acrosseachhopthroughthenetwork.Routingprotocolsimpactthepaththat

traffictakesthroughthenetwork,impactingthedelayandjitter(traffic

engineering).ThereliabilityofthenetworkatLayer3impactsthedelayandjitter

A4: throughthenetwork;aconstantlyconvergingnetworkhasconstantlychanging

delayandjitter.

AlthoughthisbookfocusesonLayer3androuting,specifically,itisimportantto

rememberthatLayer2designhasamajorimpactonnetworkresiliencyand

reliability.

Whatarethetwoprimaryconsiderationswhendeterminingwhenanetworkhas



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Appendix E. IP Network Design Checklist

Tải bản đầy đủ ngay(0 tr)

×