ccda exam prep

Monday, March 4, 2013

Exam

Well,

failed by 1 questions.
I guess I'll take again in a few months.

Questions were very poorly worded but what can you do.

Saturday, March 2, 2013

Alright last big chapter.

Network management is done at the last two stages.
Operate, then based on the data accumulated the network will be
optimized...

Statistics will be grabbed on
link utilization - to see if the link needs upgrading
CPU utilization - to see if the device will need upgrading
interface utilization - to see traffic patterns

Cisco Works can centralize configuration changes.

FCAPS is the acronym for this chapter.
Fault management
Configuration management
Accounting Management
Performance management
Security management

This is all done using.
NMS - Network management Systems. This is not a product but a framework for Network management.
In order to run this management the NMS will need.

Network management protocols and standards. - These will be SNMP, RMON,

The NMS will manage devices - these will be the "managed devices"

Inside each device that is being managed there will be a diplomat a "Management Agent".
Snmp Agent
RMON Agent

Netflow can be used instead of RMON.
Syslog can accumulate data from all the devices instead of storing the logs/data locally on each.

SNMP RFC1157
Runs over UDP.

The data in each device is stored in it.
The storage is arranged in a TRee format.
MIB.
The MIB can be queried for the data in the cell/branch by referencing its locations
either by name or number.

Name
Syntax - interger or string
Encoding

Normal Tree would give you basic data like the interface packets.
Cisco has some "private" MIB which will give you the small, med , larg packets.

SNMPv1
Request and Respond mainly.
Get request - let's see get CPU usage - (get response 60%)

Get Request - let's see get route table -(get response 10.0.0.0/24 next-hop 15.15.15.1)
Get Next Request - get response 20.0.0.0/24 next-hop 16.16.16.1)

when the agent responds to the requests he will send a Get response

okay so far we have been reading the fields
Set Request - will enable you to write to a field. set request mib3.3.3.4.5 contactname Saar
pretty useless, I can't find any real implementations of this.

Trap - this is a setting on the agent. When a certain item on the device happens it will try to send an
alert about it to the NMS.
For example on linkdown send to NMS.

SNMPv2
added getbulk that way you don't have to repeat the getnext requests
added inform request basically an improved trap with Confirmation.

SNMPv3
This one finally adds Security.
noAuthnoPriv no authentication at all and no privacy (which means no encryption)
authNoPriv ok, authentication is ok but no privacy. (no encryption)
AuthPriv authentication and Privacy.
Great!!!!

Authentication is MDAC
Encryption is DES, 3DES, AES

RMON
Network Nodes are needed for this.
Can't avoid it.
They are expensive. I think the leader in this is NetScout.
Looks at MAC Layer 2 data.

RMONv1 grabs data from the Layer 1-2
RMONv2 grabs it from the layer 3-7

Netflow is a higher level of the above.
It grabs.
Accounting is the data grabbing
Collectors will grab the data physically.
Analazyers will give you the reporting and GUI for this.

The netflows can be used for billing.
Network planning
Planning for user actions
or Application actions.

CDP
this is a Cisco protocol.
Cisco Discovery Protoocl.
It is helpful for troubleshooting
It runs on Layer 2 level.

syslog allows you to get information from multiple sources.
You can accumulate it all on the Syslog device and then use that to get data.
The levels go from the lowest
Which is the most critical.
0 Emergency
to 6 infomrational
7 debug

Friday, March 1, 2013

Voice and Video

PSTN is circuit switched. Which means that the circuit is built and used for the entire
connection. There is no switching done while the circuit is alive.
CO central office use SS7 in order to route and build the circuit.

The call can be build on Dialup , ISDN , or a TDM.
Each call is 64 kbps of bandwidth and is called a DS0
DS0=64 Kbps.

Old PBXs sit in the enterprise and will give you.
Extension dialing.
VoiceMail
transfers
conferencing

To connect to another site a company can set up a TIE line .
On the TIE line there are no charges to the enterprise.
However the TIE line itself costs money.

Alright, on net which is on the TIE lines.
Off NET to the PSTN.

This will be the same even in VOIP.
If you are using T1's you will call it On-Net
If you are having a call over the internet it will be off-net

PSTN requires you paying charges per each call.
While a Tie line has a fixed monthly cost.

T1 can carry only 24 calls.
24 * 64 = 1280 256 = 1536 Kbps

Now in most books they say T1 is 1.544 Mbps .
So where are the missing 8 bps.
Apparently those are used by the telco for synchronization.

So 23 B channels + 1 D channel = 24 Channel then you need to add 8 Kbps for synchronization.

In the case of Telco. This is ALL used for calls and cannot be used for Data.

Ok.
CO - central office.

This is a map of all the CO (central office) in the USA.
Notice how the west coast has less per mile.

So I drew this up. Since the CCDA one in the book looks pretty useless.

So Tie line is what I buy so I can connect two offices and not pay toll.

Tandem Trunk is what the PSTN provider uses to connect local CO (local exchanges is the correcter term)
Tandem trunks go to a Tandem Switch (class 4)

They will connect to a Class 3 switch which will connect to another Class 3.
Technically if you want to dial abroad then you need to reach a Class 1 switch.
Anyway from Switch 3 to Switch 3 it is and INTER TOLL trunk.

Co to PBX and PBX to Co is just the connection to the CO from the office.

As a note. When you dial in NY. you only need to dial 7 digits since it uses the TANDEM trunks.
When you dial to boston you need the FULL number. it goes on the TOll trunk.

Okay
FXS
Foreign Exchange Service.
We are Exchanging - ie TALKING

In VOIP you will use the same ports to connect OLD equipment to your VOIP network.
Like the ATA from Cisco gives you two FXS ports for the old devices.

So FXS ports
provide Dial tone
Power
Ring Voltage.

Now
FXO is the port that
Ah fuck it.
Just try this.

FXS point to the STATION.
FXO points to the central Office.

So on the phone you have an FXO port
you plug the cable to the FXS port on the PBX
The PBX has an FXO port
that you will plug a cable from the FXO port
to the FXS jack which is the POTS circuit to the Central OFFICE.

E&M ear and mouth - Earth and Magnet.
This is basically a PORT on a PBX. you run an Analog cable which will run to another PORT on PBX2
This allows you to send a signal. This is a TIE trunk for analog.

This has been replaced by BRI PRI digital.

Since we use T1/E1
T1 has 24 channels. It can work either.
CAS Channel associated Signalling - The signalling here is in each channel
In each channel a bit will be robbed for signalling. So 24 channels.

CCS - common channel signalling - This uses one channel for signalling so 23B+D
ISDN uses this and so does SS7

Signalling the state of the phone.
Supervisory signalling tell if it is on hook or off hook
Addressing sends the digits.
Informational sends you the BUSY

Loop start - residential CO to Phone. When you lift the handset the circuit is closed.

Ground Start - CO to phone signals to the switch that it is about to take the line.
helps prevent glaring which is when both take the line at the same time.

E&M - PBX to PBX Two wire - four wire adds more signalling

CAS T1 occurs in band

CSS T1 sets up a separate channel for the signalling

QSig Q.931 used for ISDN between PBX to PBX and Hybrid to CUCM

SS7 inter PSTN switches signalling used by the PhoneProvider.

Loop Start
the CO has the Power 48 DC.
That is why a phone does not need electricity.
When you lift the handset the circuit is closed (off hook) and the power flows all the way to
the phone and back to the CO which sends a dial tone.

Ground Start.
Uses TIP and RING
The PBX has a TIP detector
When the CO grounds the TIP
the PBX detects this and will ground the RING.
Now the CO power 48DC can flow and the arrival of the 48 DC will signal to the CO to send Dial tone.

If the PBX wants to ring.
It will ground the RING which will be detected by the CO.
The CO will ground the TIP
Now the CO power 48 can flow and when it reaches the CO it send Dial tone

E&M
type I and type II are in the USA
type III is everywhere.
Type V is outside the USA.

Immediate start wait 200ms and send

Wink - wait for on hook from other side and then sends.

Delay start - lift wait for 200ms check if on hook. if still off-hook then wait till on-hook.

on hook means

Off- hook means

SS7 signalling

So
Best I can do STP would be internal.
SCP for control - controls 800-900 and credit cards

Sending the Dialing Numbers
Pulse - rotary - sends 5 signals 1 1 1 1 1 = 5
DTMF - sends Two tones at the same time. X+Y = 5

NANP
North American - numbering plan

country-area-office-line
nxx-nxx-xxx-xxxx

Centrex - the CO has the PBX
VoiceMail -
Database or CDR keeps data on the calls. You can get reports.
IVR - interactive for accounting press 5 for Jamil press 2
ACD - used for call centers - how long the calls + statistics.

Grade of service.
P.02 GOS = means 2% of calls won't make it
P.01 GOS - means 1% won't make it and will be blocked.

Earlang B.
You have 24 channels
if one is taken for a whole hour = 1 Earlang.
You measure it at the busy hours.

30 calls * 10 minute per call = 300 minutes 300/60 = 5 Earlangs.

So you run Earlang with the GOS to calculate the number of lines you need.

Earlang B extended
Same thing but takes into account some people will retry to call.

Earlang C
Same thing but instead of blocking calls will put them on HOLD.
Used for C callcenter.

Call second = 1 second of calls.
Centrum = cent 100 seconds
1 Centrum * 36 = 1 Earlng

Busy Hour also called Peak Hour

Busy Hour traffic.
average call duration (20 minutes) * number of calls (6) = 120 minutes/60 = 2 Earlangs.

If you have the length of the calls in seconds.
Then you need to divide it in seconds. So instead of 60 minutes you use 3600 seconds.

So an example.
each call is 300 seconds * 400 calls = 120,000 seconds / 3600 seconds = 33.333 earlangs.

Eventually you will have blocked calls. They are the GOS you plan for.

CDR
call detail records done by the PBX

ACD distributes calls to agents.

Cisco Unified Network

Network is at the base.
Call routing done by the CUCM / SRST dial plans and PST gateway
Call Control on off to the LDAP
Applications and services like chat or voicemail or contact center
Operations and Service Quality

VoFR - over frame relay
VoATM - over ATM

VOIP is now the leader.
Voice over IP.

PSTN is not flexible
Data networks are
You can also save money by adding it all on the DATA network.

SRST - backup goes to PSTN . Overflow of traffic goes to PSTN.

Cisco IPT IP telephony.

Network is the base.

Gateways convert from VOIP to analog
CUCM is the brains of the dial plan and routers VOIP

Single Site - one CUCM at HQ
Multi site CENTRALIZED - CUCM at HQ and SRST at branches
Multi site Distributed - CUCM at each location .

In a multi-site distributed.
Each Cluster up to 30000 users.
To connect clusters use Inter-cluster trunk
GateKeepers will keep them in sync and enforce CAC

CAC is call access control. Which prevents too many calls on the line. So the call quality is kept up.

Call manager express is one appliance that does the mailbox, pstn and voip

Video
Telepresence which is the Cisco Video conferencing is many to many and takes 4-12 Mbps HD
Desktop Video to Video - many to many less demand
cameras to hq - many to few many cameras send data to few(hq)
Streaming Video Few to Many - the VOD to many users.

Access for users
Transport for sending the data
Bridging for converting it.
session provide signalling.
Storage store content

Codecs
G711 8000 samples per second * 8bits per sample 64000 = 64 Kbps = DS0

Analog to Digital
Filter the range you want to record. anything above 4000hz will be dropped
sample the speaking 8000 times per second
Digitize it into 0 1 01 1 01010 1 also called PCM pulse to Code modulation

G711 U for USA 64 Kbps
G711 a for international 64Kbps

G729 8 kbps

G728 16 Kbps

G726 16-40 Kbps

G723.1 6.3 5.3 Kbps

711 is the best then 729 728 726 723.
If you have the bandwidth keep it at 711
if you want to compress and not lose quality 729

Call control
Q931 for ISDN
H225 for the rest.
This is done over the TCP

UDP
G7xx is the Audio over UDP
H.26x H for Hvideo
or RTP real time Protocol does them both.

RTCP is control of the Video/audio
RAS is control

SCCP Cisco proprietary VOIP call cotrol..... IT only sets up the Control
RTP for voip streaming. this is the actual data call stream.

MGCP media Gateway Control Protocol
The HQ Gateway controls everything.

SIP - voip networks for non-cisco proprietary.

IP = 20 bytes
UDP = 8 bytes
RTP = 12 bytes

cRTP compresses the 40 Bytes to 2-4 Bytes
Hop by Hop for small 768 kbps links

MGCP allows the CUCM to control Gateways that go to PSTN
the CUCM is the Call agent endpoints are the phones.

H.323
Terminals are the clients
MCU mixes streams
Gateway converts to PSTn
Gatekeeper - Dial plan + CAC used for multisite distributed CUCM

Gatekeeper works like a OSPF DR and holds the Dial plan.

SIP proxy manages the SIP clients

VAD supresses silence

Propagation delay is the travel time.
Processing delay is the time to convert it to digital
Serailization is how long to put it on the interface. -

Queuing delay is waiting ebcause of other packets. - LFI and QoS helps
Jitter is the change in the delays - use dejitter buffers

Echo delay of 15ms and above must be cancelled.

Classify MATCH
Mark it with the color THEN
Congestion avoidance by using WRED or DWRED to drop tails.
Traffic Policing
Traffic Shaping by buffering and releasing slowly.

AUTO-QoS
Marks
does 802.1Q
LLQ
CBWFQ for control traffic

P>S.
VOICE sucks.
Wait till you have to use the Cisco tools to sell someone a Callmanager.

IPv4

IPv4

Version
0100 = 4 so IPv4
0110 = 6 so IPv6

IHL internet header length.
How long is it in Bytes (IPv4 changes size) (IPv6 is fixed)

TOS Type of service which is your QoS DSCP coloring marking.

Total Length of the packet including the data. Useful for determining if you need to fragment the packet

Identification - identifies the Fragments.

Flags
0 Fragment
1 do not fragment

Fragment offset this is fragment 1 of 40

TTL time to live each hop cuts 1

protocol 8 bits used by IANA
1 ICMP (ping)
2 IGMP (multicast)
6 TCP
17 UDP
50 ESP
51 AH
88 EIGRp
89 OSPF
103 PIM (multicast)
112 VRRP

Header Checksum - used to see if the packet is still ok after transport. Changes every header change.

Source address 32 bits
Destination address 32 bits

IP options not in use. Used for security , route record and similar.

Padding so the packet ends on a 32 bit boundary.

TOS
used for the QoS.

Voip is 101
nothing is 000
PIFFCIN priority imediate flash flash Critical in network

TOS itself is 4 bits.
It can be used to select a route based on.

Money
reliable
throughput
delay

Assured Forwarding (AF) Behavior Group
	Class 1 (lowest)	Class 2	Class 3	Class 4 (highest)
Low Drop	AF11 (DSCP 10)	AF21 (DSCP 18)	AF31 (DSCP 26)	AF41 (DSCP 34)
Med Drop	AF12 (DSCP 12)	AF22 (DSCP 20)	AF32 (DSCP 28)	AF42 (DSCP 36)
High Drop	AF13 (DSCP 14)	AF23 (DSCP 22)	AF33 (DSCP 30)	AF43 (DSCP 38)

With DSCP they dropped the TOS which nobody used.
The way it works now is Class 4 will have a higher priority.
and if there is congestion the high Drop will be dropped first.

Precedence AF 1 AF 2 AF 3 AF 4
Low drop precedence 001010 010010 011010 100010
Medium drop precedence 001100 010100 011100 100100
High drop precedence 001110 010110 011110 100110

So a 1 at the beginning is better. 1xx
A 010 will not be dropped.

MTU ethernet 1518
LAN jumbo frames
TCp will retransmit
UDP wont'

Class A 0xxxxxxx so 0 to 127
Class B 1xxxxxxx so 128 to 191
Class C 11xxxxx so 192 223
class D 111xxxxx so 224 239 multicast
Class E 1111xxxx so 240 to 255 experimental.

Unicast
Broadcast
Multicast

Private are not routed 10/8 172.16/12 192.168/16
1 class A 16 Class B 256 Class C

You can subnet the addresses above.

Static nat is ONE to ONE private to Public.

Dynamic NAT overloading is PAT port Address translation.
Dynamic Overloading is an internal pool to an external one.

Inside Local is the IP of my PC.
Inside Global is the Public IP I get on the web

Outside Global is the IP of a device on the WWW.
Outside Local is his IP when he is in my STUB/LAN

BOOTP
get IP and gateway using UDP replaced

DHCP
Manual is to map a MAC to an IP address.
Automatic does not expire
Dynamic is from a Pool and expires.

DHCPDiscover.
Router can relay this
DHCP Offer
DHCP request
DHCP acknowledge

DHCPNAK not acknowledge I am out of addresses.

DHCP should be in the server farm / datacenter

Internal DNS campus
Edge External
remote datacenter BOTH

ARP

IPV6

128 Bits instead of 32 bits per address.
Each IP is globally unique
Header is fixed at 40 Bytes
Header will reference options so it is a fixed size.
Addresses can autoconfigure if required.
IPSEC is built in
MTU discovery
Multiple IPv6 addresses
No broadcast replaced by multicast

Version 0110 IPV6 = 6
Traffic class 8 bits = TOS
Flow 20 bits for ordering the flow.
Next Header to add more
Hop limit = TTL
source
destination

6
17 udp
50 esp
51 ah
88 eigrp
89 opsf

ipv4 compatible 000000000x.x.x.x

FF multicast
FE link local
FC private addressing

Global is routable
64 bits netowrk 64 bits host (made up from the MAC 48 bits)

To convert a MAC 48 to 64 you add two FF FF in the middle.

FE is link local can be auto configured

FC is private addressing Unique

Globally aggregetable = aggregate of the IPV6

Anycast is to the nearest.

FF:01 1 all nodes
FF: 01 2 all routers
FF:02 5 OSPF
FF:02 6 OSPF designated
FF:02 9 RIPnG
FF:02 A EIGRP
FF:02 C DHCP

ICMPv6 discovers MTu

IPv6 ND neighbor discovery

IPv6 DNS AAAAAAAAAAAA
Use the same DNS server.

Stateless link local
Stateless global
Stateful DHCP

Global
Talk to router and gets the prefix
Prefix + MAC = address

EIGRP for IPv6
RIPnG
OSPFv3
BGP4
ISIS for IPv6

Dual Stack is both IPv4 and IPv6
Tunneling IPv6 into an IPv4 tunnel
Translate IPv6 to IPv4

Dual Stack - if DNS sends AAAAA it uses IPv6

Automatic Tunnel
IPv4 compatible
6 to 4 the destination has an IPV4 in it which is used as the tunnel envelope
6 over 4 Multicast over Multicast

ISATAP - Greek, Chinese

Daul stack can use PAT or NAT-PT

Ciscio 6PE over MPLS

Service Block service the translations.

Thursday, February 28, 2013

WAN design

Circuit Switching - the circuit comes up for the duration. Phone and ISDN
leased lines - dedicated to you by the service provider TDM T1
Packet and Cell - Frame and ATM

Hub and spoke to the HQ. However if the router at HQ fails all are affected.
Full mesh - expensive to maintain. N(N-1)/2
Partial Mesh - flexible to where you want it.

VPN over public networks is limited to a Best effort as you cannot control the traffic in the ISP

Access VPN for users- You can also use a NAC to connect to first which will then set up the VPN
The NAC is a public facing device Portal where you http to it and then type a user password.

Intranet VPN - this is from site to site. Using public or WAN.

Extranet VPN is for business partners so they can access the DMZ

Enterprise VPN is when you set it up.
IPSEC is one VPN usually from firewall to firewall.
It can use ESP to encrypt the data or AH which only encrypts the headers (not secure for data)
HMAC codes in it will protect from man in the middle attacks and replay.
You can also use PKI certificates for an added layer.

Cisco Easy VPN - you set up a server which is the head. Then the remote configuration is easy.
the remote devices are ISRs.

GRE - works for encapsulation all protocols. Does not have any security.
you must add IPSEC tunnel to it in order to have security.

DMVPN - dynamic VPN
NHRP next hop resolution protocol which will point to the HQ.
mGRE Multipoint GRE supports multipoint tunnels.
IP multicast , routing , dynamic spokes all QoS
Each remote site is connected using a GRE tunnel to the HQ.
For redundancy you will need two heads.
DPD dead peer detection can be used to verify tunnel is alive (keepalive)

VTI virtual tunnel interface
Can run routing , does not need GRE or mGRE.

L2tpv3
can run frame relay and ppp ethernet

Service provider VPN.
Can run MetroEthernet

VPLS is a VPN over MPLS
it allows you to run Layer 2 from one location to the next.
Useful for Storage redundancy for example.

MPLS
Uses Labels instead of routing and can run over a variety of media.
Uses VRF

Layer 3 MPLS Tight SLA and QoS.

VPNs are flexible and cost effective.

Dial Backup used for ISDN so it will ring a floating route.

Secondary WAN link - backup or load sharing.

Shadow PVC - used in frame relay.

IPSEC VPN backup tunnel can be used in case the ISP MAN fails.

Load balancing.
Cna be per packet. usually 56kbps or below.
Per flow or destination is better. also called fast switching.

Decision influence.
High Availability - backup power, backup devices, backup WAN
Growth
Expenses -
Complexity - Metro is easier.
Cost to implement -
Network Segmentation to separate traffic.
Voice and Video QoS.

Private WAN - Frame relay and ATM . You own lease the circuit
ISP WAN - basically the internet
SP MPLS/IP VPN - they are good
Private WAN with MPLS - jeez hiring some CCIE's to maintain it is expensive.

considerations
Port Density
Port Type
Modular
throughput
REdundancy / Supervisor or power
Future growth

Software
Bandwidth
Security

ISR can do wan video , voice, security
800 ISR remote user
1800 ISR branch
7200 - 10000 medium routing
7600 high end routing
12000 CSR - service provider grade.
29xx 35xx 37xx are access switches.
45xx chassis
65xx high end chassis.

Router - WAN
Switch LAN
Security appliance at the branch
AP wireless for mobility
CUCM for voice
IP phones and desktops

Small office 50 users 1 TIER
medium office 50-100 2 tier
Large 100 + 3 tier

ISR G2 is better

Small can use an ISR with ports or one switch.

Medium branch redundant routers.
Switches with Stacking.

Large Branch
Dual links
Dual routers
Dual ASA
Dual switches with stacking.

ISR 800 for teleworker.

WAN technologies

WAN

Requirements are
SLA
bandwidth
latency
loss

Cost
utilization.

Goals and policies
Applications and growth
budget

ISDN
BRI - 128kbps
PRI is 1.54 Mbps like a T1.

DSL mainly Async DSL

Cable Cable Modem Termination System CMTS

Wireless
Bridge is point ot point
LAN is 150 - 300 Mbps max
MObile GSM , GPRS ,, UMTS 3G , LTE

FrameRelay.
PVC permanent
SVC switched just for the duration.

Sonet Circuit baed.
OC 1 51
OC 3 155
OC 12
OC 48

MPLS
Goal is to use labels instead of routing tables.
CE--> PE--> P __> p --> PE--> CE

Dark Fiber is Point to Point

DWDM runs on the SONET and increases the ability to split ligh Lambdas.

CIR Commited infra
Burst above

Same PPDIOO
Prepare
plan Desgin
implement operate
optimize.

Voice 250 ms
Video can afford to lose some pakcets voice CAN'T

Private Dark Fiber
Leased TDM sonet
Shared MPLS framerelay.

Fixed cost equipment and setup
recurring are the monthly charges.

QoS
classify it based on protocol or a matching ACL.

Classification orr coloring.
Congestion management
Link Efficiecy for low speed to reduce latency and jitter
traffic shaping use ingress and egress flows.

Classification.
Identify and mark. = classification
NBAR can use layer 7 to recognize applications and then label them with a priority.
CAR commited access rate. -- Basically match a traffic and then apply a priority

Congestion management
FIFO first in first out
PQ priority queiuing sets up 4 levels.
however LEVEL High must be emptied before any of the other three are allowed.
So if you have too much traffic at level High , the other traffic will suffer badly.

Custom Queuing 16 Queues, you can set up the queue limit.
so when it is full. The other queus get serviced.

WFQ - this is for interfaces below 2.0 Mbps .
it creates two queues - high bandwidth. low bandwidth.
low gets service first.

Class Based Weighted Fair Queiuing.
SAme as WFQ but you can use access list and it is modular.

LLQ
Low Latency Queuing.
Basically class based weighted fair queuing + PQ.
So voice EF gets serviced first + there is a limit on it.

Traffic Shaping.
Slowing down traffic so the utilization is high but consistent.
helps to curb bursts into longer flows.

Policing.
Dropping traffic that passes a limit.

'Link Efficiency.
LFI link fragmentation and interleaving - breaks up large packet flows and puts small voip in between
MLP multilink PPP bonds links like 2*T1
RTP real time transport. Compress the RTP header from 40 bytes to 2-5 Bytes.

Window Size.
Extend the Window size to allow more data in before you have to send an acknowledge.

Wednesday, February 27, 2013

Wireless LAN

802.11 1mbps 2mbps dsss
FHSS frequency hop will hop from 1 to 2 so doubles the bandwidth.

802.11b 11mbps uses 11 channels

802.11a 54 Mbps 13 channels on UNII not compatible with 802.11b

802.11g 54 Mbps ISM compatible with 802.11b

802.11N can run on both 600 mbps MIMO multiple in multiple out and OFDM to send the data.

ISM uses 900 2.4 and 5.5 only 2.4 is used for 802.11b g n

UNI uses 5.0 ghz and is for 802.11a and 802.11n

1 6 11 do not overlap.

SSID is used, this is similar to a VLAN to segment the networks.
CSMA /CA collision avoidance.

WEP is insecure
WPA allows you to add security 802.1x and AES

MAC adresses can be spoofed.

EAP-FASt Flexible authentication can be used for the connection.
VPN IPSEC can be used to segment the traffic to the HQ.

802.1x uses EAP and Radius to verify your access.

LEAP uses a radius and 802.1x
Cisco

IDS and firewall to control the traffic.

Cisco UWN unified wireless network.
Client devices laptop
accesspoints cisco AP
Network unification like QoS IPS RF management all of this is done by the controllers.
network management can be done using the WCS server
Mobility services like guest , Voice , threat detect.

benefits.
reduce TCO
enhance visibility
manage the RF (cleanAir)
Security Controller
Unify the wire and wired-less
enhance collaboration.

LWAPP is what the APs use in order to connect to the controller.
AP to WLC
Layer 2 LWAPP controller must be on the same subnet Ethertype 0xbbbb
Layer 3 LWAPP controller can be on a different subnet. 12222 12223

12222 data 12223 control

CAPWAP is the newer one.
Uses AES to secure the com
MTU discovery
Control 5246
data 5247 so the opposite

Split MAC - Lwapp
the AP does
Beacon 802.11
802.11 control
802.11e queue and piroritization
802.11i encryption

The Controller does.
802.11i security
802.11 mac management
802.11e reserve resources.

Local MAC - CAPWAP
802.11 MAC management so the AP does this instead of the controller.

Controller can also proxy.

AP modes
Local Mode - the usual
Hybrid - it will reside across the WAN H-REAP
Monitor - cycle every 60 and do not participate. Used for IDS. Location based.
Rogue Detector - sits on the Trunk and checks if there is a rogue device
Sniffer mode- captures packets and sends them to a Sniffer Airopeak.

Rogue detector gets a list of MACs they hear from other devices.
If that MAC is on the WLC then the rogue detector will let you know.

Bridge mode is for MESH

Connection Lwapp.
Send Lwapp Discovery.
1. local subnet
2. Get WLC from other AP
3. previously stored WLC address.
4. DHCP option 43
5. DNS CISCO_LWAPP_CONTROLLER.local.domain.

WLC will answer
AP gets list of WLCs
Selects AP
1. Previously configured.
2. Master
3. most available.
AP to WLC join

Capwap
does capwap
no response 60 seconds does LWAPP
no response start again.

First
Second
Tertiary
Master
most available.

Supplicant is the client.
WLC is the authenticator
Radius is the Authenticating server.

To WLC is capwap
from WLC to Radius is EAP extensible authentication protocol.

EAP- TLS public key.
EAP - TTLS certificate only on the server.
PEAP - Cisco + mschap.
LEAP - Cisco plus the CCX extensions.
EAP-FAST build a tls tunnel

WLAN is an SSID
Interface maps the VLAN to the SSID
port is a port.

A port goes to the switch
you can use many ports and etherchannel them.

Management interface. - Used for L2 Lwapp. Connection to radius. In-band management
Service port - used for out of band management. Statically configured.
AP manager - L3 discovery static
Dynamic interface - is to map the VLAN to WLAn
Virtual interface - DHCP relay , mobility


1	Redundant port for future use (RJ-45)	6	SFP distribution system ports 1-8
2	Service port (RJ-45)	7	Management port LEDs
3	Console port (RJ-45)	8	SFP distribution port Link and Activity LEDs
4	USB ports 0 and 1 (Type A)	9	Power supply (PS1 and PS2), System (SYS), and Alarm (ALM) LEDs

So port 2 is a physical port.
You configure it as the SERVICE port. It is for out-of band management.

Ports 8 can be aggregated LAGed and will go to a switch.

Sorry, best I can do.
Service Port. is a totally separate port for out of band servicing.

Management port is the in band and old Layer 2 LWAPP.

AP manager is for Layer 3 LWAPP.

Dynamic ones are for each VLAN WLAN they will change dynamically.

Virtual is to connect to another WLC and transfer mobility. So you can ROAM from room to room or building.

2100 25
ISR 25.
So far easy.

3750 Switch with contorller built in 50

4400 100

6500 WLC module 300

5500 500

Intracontroller
ie the same controller.
So no chaneg except you moved IPs.

Inter controller Layer 2.
From one controller to the next
Just moves the MAC from WLC1 to WLC2 database.
A mobility message updates the controller.

Inter controller Layer 3.
From one IP subnet to another.
WLC 2 Creates a shortcut. An ANCHOR and tunnels the data back to WLC1.

Mobility group will create the anchor and tunnel.
Up to 24 WLC s
UDP 16666 unencrypted
UDP 16667 encrypted.

Minimize intercontroller roaming.
less than 10 ms
Layer 2 is better

Detrministic redundancy
Primary secondary tertiary.

Dynamic
Easy and load balance.

N+1 one controller is backup

N+N same number of controllers as the ones you have deployed.

N +N + 1 same number of controllers as you have + tertiary as spare.

Limit to 20 users
7 voWLAN

RRM radio resource management
Adjust RSSI
balance the clients

RF group is a group of WLC that sync their RRM
80 signal will elect a master to set up the strenght
Neighbor messages

EoIP for guests
All the guest traffic goes to one WLC. an anchor WLC.

Mesh
RAP is Root
MAP is not connected to the wire

Four hops max of 8
throughput drops every hop by 50%

20 MAP per RAP max of 30

1100 internal 3500i internal
1200 3500E external

branch
300 ms or less
use H-REAP for WAN

LOCAL mac
allows you to work even if the WAN is down.

REAP
extends lwapp timers.
Layer 2 security limit

H-REAP
Allows NAT