1. Trang chủ
  2. » Công Nghệ Thông Tin

Cisco CCIP MPLS Study Guide phần 4 pptx

49 265 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 49
Dung lượng 2,47 MB

Nội dung

114 Chapter 3  MPLS and ATM A. MPLS is being configured for cell mode on an ATM edge-LSR. B. Cell-mode MPLS is being configured on an ATM-LSR. C. Frame-mode MPLS is being configured on an ATM edge-LSR. D. Frame-mode MPLS is being configured on an ATM-LSR. 10. Based on the following code, what is being configured? interface ATM1/0 mpls ip A. MPLS is being configured for cell-mode on an ATM edge-LSR. B. Cell-mode MPLS is being configured on an ATM-LSR. C. Frame-mode MPLS is being configured on an ATM edge-LSR. D. Frame-mode MPLS is being configured on an ATM-LSR. 11. ATM-LSRs use which of the following signaling protocols to exchange labels? A. UNI B. MNI C. PNNI D. LDP 12. Which capability does Cisco use to preserve labels and ensure the proper assembly of cells? A. Cell interleaving B. LDP C. VC merge D. None of the above 13. Which of the following command options configures an ATM edge- LSR for cell-mode MPLS? A. tag-switching B. mpls C. point-to-point D. cell-mode Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com Review Questions 115 14. Which of the following command options configures an ATM edge- LSR for frame-mode MPLS? A. tag-switching B. mpls C. point-to-point D. cell-mode 15. Which of the following command options configures an ATM edge- LSR for cell-mode tag switching? A. tag-switching B. mpls C. point-to-point D. cell-mode 16. Which of the following commands enables VC merge on an ATM-LSR? A. mpls ldp atm vc-merge B. mpls ip atm vc-merge C. mpls ip atm vcmerge D. mpls ip atm vc merge 17. By default, VC merge is ___________. A. Enabled B. Disabled 18. For cell-mode MPLS, the default hop-count object TLV value is ___________. A. 254 B. 16,534 C. 256 D. 16,536 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com 116 Chapter 3  MPLS and ATM 19. Which of the following is used by both frame-mode and cell-mode MPLS to prevent loops? A. TLV B. TTL C. Routing protocol D. None of the above 20. Based on the following code, what is being configured? interface ATM1/0 tag-switching ip A. Tag switching is being configured for cell-mode on an ATM edge-LSR. B. Cell-mode tag switching is being configured on an ATM-LSR. C. Frame-mode tag switching is being configured on an ATM edge-LSR. D. Frame-mode tag switching is being configured on an ATM-LSR. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com Answers to Review Questions 117 Answers to Review Questions 1. B. One of the requirements for MPLS is that control-plane information be exchanged using pure unlabeled IP. 2. D. For frame-mode MPLS, or tag switching, a PVC needs to be set up between LSRs. The ATM switches have no MPLS functionality, and the PVC is set up as normal. 3. A. Routers with interfaces such as Ethernet, PPP (serial), and HDLC (serial) run frame-mode MPLS. 4. A. An ATM switch enabled with MPLS is referred to as an ATM-LSR. 5. C. An LSC communicates with an ATM-LSR over VC 0/32. 6. A, C. Cell-mode MPLS uses ordered control and downstream-on- demand to assign labels. 7. D. ATM switches can’t read labels; therefore they must switch traffic based on the VPI/VCI values. 8. C. The configuration is being performed on an ATM edge LSR. The point-to-point option indicates frame-mode MPLS. 9. A. The configuration is being performed on an ATM edge LSR. The mpls option indicates cell-mode MPLS. 10. B. MPLS is being configured for an ATM interface (not sub-interface), which indicates that MPLS is being enabled on an ATM-LSR. The mpls option indicates cell-mode MPLS. 11. D. When MPLS is enabled on an ATM-LSR, LDP is used to exchange labels. Standard ATM signaling such as UNI and PNNI is still being used on the ATM-LSR. Standard ATM and MPLS control-plane signaling run as “ships passing in the night.” 12. C. VC merge solves both cell-interleaving (ensuring the proper assembly of cells) problems and preserves labels for future use. 13. B. On an ATM edge-LSR, as the sub-interface is configured, the mpls command option is applied for cell-mode MPLS. 14. C. On an ATM edge-LSR, as the sub-interface is configured, the point-to-point command option is applied for frame-mode MPLS. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com 118 Chapter 3  MPLS and ATM 15. A. On an ATM edge-LSR, as the sub-interface is configured, the tag- switching command option is applied for cell-mode tag switching. 16. A. To enable VC merge on an ATM-LSR, use the mpls ldp atm vc-merge command. 17. A. VC merge is enabled by default on a Cisco IOS ATM-LSR. 18. A. The default hop-count object TLV value is 254. This can be changed based on network requirements. 19. C. The routing protocol is used to prevent loops in both frame-mode and cell-mode MPLS. 20. B. Tag switching is being configured for an ATM interface (not sub- interface), which indicates that tag switching is being enabled on an ATM-LSR. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com Chapter 4 VPNs: An Overview CCIP MPLS EXAM TOPICS COVERED IN THIS CHAPTER:  Identify major virtual private network topologies, their characteristics, and usage scenarios.  Describe the differences between an overlay VPN and a peer-to-peer VPN.  List the major technologies supporting overlay VPNs and peer-to-peer VPNs. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com T his chapter is primarily a history lesson. There are many tech- nologies that were used to connect sites together well before the concept of MPLS virtual private networks (VPNs) came along. This chapter starts with a review of dedicated point-to-point, or leased line, connections. Then it explains how, as less expensive alternatives to point-to-point connections, VPNs connect sites together with virtual circuits (VCs). VPN topologies are also covered in this chapter. Just a few years ago, service providers began to offer peer-to-peer VPNs. Peer-to-peer VPNs are very different from traditional VPNs in that customer routers actually peer with service provider routers. This chapter will explain the characteristics of peer-to-peer VPNs in detail. This chapter lays the foundation for you to really understand the mecha- nisms used for MPLS VPNs. Although no material in this chapter deals specifically with MPLS, it does cover the necessary exam objectives. For the MPLS exam, you are required to know about overlay and peer-to-peer VPNs, which MPLS VPNs may replace. You also need to know the usage scenarios, topologies, and the differences between them. VPNs 101 I assume that most of you who have purchased this study guide already know 90% of the material in this chapter. Just to make sure that you’re up to speed on VPNs, this section covers the history of VPNs, including point-to- point connections and how they segued into VPNs. In addition, this section describes the basic VPN technologies and topologies. If you are a seasoned veteran, feel free to skim this section. If you’re wondering what a VPN is, keep reading. Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com VPNs 101 121 Point-to-Point Connections Point-to-point connections , or leased lines , are not VPNs; they’re dedicated private links through a service provider network. Point-to-point connections offer guaranteed bandwidth and privacy through a service provider net- work, but they come at a price. Because the service provider is giving the customer guaranteed bandwidth, they’re paying for it all the time. It doesn’t matter if you’re not using any of the connection between 6 P . M . and 8 A . M .; you’re still paying for it. In addition, since you’re the only person using the connection, you get guaranteed privacy. Point-to-point connections are expensive because the service provider can’t make use of statistical multiplexing. Statistical multiplexing is based on the principle that not everyone needs to use all the bandwidth they are pay- ing for at any given time. Since not everyone will use all the bandwidth all the time, the service provider can sell more bandwidth than is actually present in the network. Figure 4.1 illustrates connectivity with dedicated point-to-point links con- necting customer devices. FIGURE 4.1 Dedicated point-to-point connectivity In Figure 4.1, customer routers R1 and R2 are totally unaware of the infrastructure behind their dedicated point-to-point connection. It’s impor- tant to remember that point-to-point connections are private, secure, and expensive. Virtual Private Networks VPNs emerged as an alternative to dedicated point-to-point connections because VPNs deliver the same benefits of dedicated point-to-point links but without the high cost. The earliest VPNs were made available with Frame Relay and X.25. By establishing VCs between the customer devices, the service provider was able to emulate dedicated point-to-point connections while shar- ing a common service provider infrastructure and therefore reducing costs. In Figure 4.2, customer routers are shown connected through the service provider network with VCs. R1 R2 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com 122 Chapter 4  VPNs: An Overview FIGURE 4.2 Customer connectivity with virtual circuits When customers are connected with virtual circuits through a shared service provider infrastructure, it is called an overlay . There are three common overlay VPN topologies that you need to know about: full-mesh, partial mesh, and hub-and-spoke. Full-Mesh Topology A full-mesh topology is where every site in the network is directly connected to every other site in the network. Figure 4.3 illustrates a full-mesh topology. In Figure 4.3, there are four routers connected together with six VCs. FIGURE 4.3 A full-mesh topology With a full-mesh topology, it’s easy to ensure optimal routing and redun- dancy. For example, in Figure 4.3, traffic from R1 to R2 follows VC1. Traffic from R1 to R4 follows VC5. In a fully meshed environment, traffic takes the most direct route. Figure 4.4 illustrates an example of the redundancy pro- vided with a full-mesh topology, where VC1 and VC2 are unavailable. R1 can still send traffic to R2; since some of the surviving VCs are still up, traffic flows from R1 to R4 to R2, as you can see in Figure 4.5. R1 R2 Virtual circuits (VCs) R1 R2 R3 R4 VC4 VC3VC2 VC1 VC5 VC6 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com VPNs 101 123 FIGURE 4.4 A full-mesh topology with failed VCs FIGURE 4.5 Traffic flow for a full-mesh topology with failed VCs Now that you know about the advantages of a full-mesh topology, let’s discuss some of its drawbacks. In the simple network illustrated in Figure 4.3, with four routers connected together in a full-mesh, only six VCs are required. One of the big problems with a full-mesh overlay is that it does not scale well. The best way to illustrate the scalability problem is to take it to the extreme. How many VCs are required to fully mesh 100 routers together? A total of 4950! Another disadvantage of implementing a full-mesh topology is cost. Try telling your finance person that you need 4950 virtual circuits. They aren’t as expensive as leased lines, but they aren’t cheap. Partial-Mesh Topology So, you don’t want a full-mesh topology, or you can’t afford it. What are your alternatives? One alternative to a full-mesh topology is a partial-mesh topology, where each site is directly connected to one or two other sites in the network. Figure 4.6 illustrates a partial-mesh topology. R1 R2 R3 R4 VC4 VC3 VC5 VC6 R1 R2 R3 R4 VC4 VC3 VC5 VC6 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com [...]... http://www.simpopdf.com 140 Chapter 4 VPNs: An Overview Figure 4. 25 is a simple peer-to-peer VPN with both the customer and relevant service provider networks illustrated New York /3 0 84 0 0/ 30 2 PE1 PE4 20 4 13 4 .9 32 11 6 32 6 11 4 13 4 .9 4 83 0 /3 0 /2 4 A simple peer-to-peer VPN 20 FIGURE 4. 25 D.C The service provider in this VPN needs to know about both customer networks (2 04. 1 34. 83.0 and 2 04. 1 34. 84. 0) What... Version - http://www.simpopdf.com 1 24 Chapter 4 VPNs: An Overview FIGURE 4. 6 A partial-mesh topology R1 VC3 VC1 R2 VC4 VC2 R3 R4 In Figure 4. 6, the connectivity requirements are resource driven For example, all sites (R1, R2, and R3) need to connect to resources located off of R4 Notice in Figure 4. 6 that VC2, VC3, and VC4 give the sites R1, R2, and R3 a direct connection to R4 In addition, R1 needs to connect... Figure 4. 28 illustrates this customer’s network FIGURE 4. 28 A simple VPN using Frame Relay Frame Relay Virtual circuits (VCs) Site 1 Site 2 Now the customer wants a peer-to-peer VPN Figure 4. 29 illustrates the new peer-to-peer network Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com 144 Chapter 4 VPNs: An Overview FIGURE 4. 29... http://www.simpopdf.com 1 34 Chapter 4 VPNs: An Overview TABLE 4. 6 VPN Addressing Device Interface IP Address R1 Serial 0 10.2.0.1 R1 Ethernet0 10.1.0.1 R2 Serial 0 10.2.0.2 R2 Ethernet0 10.3.0.1 Just like the point-to-point example, R1 and R2 build routing tables based on directly connected interfaces Table 4. 7 contains the routing table for R1, and Table 4. 8 contains the routing table for R2 TABLE 4. 7 R1 Routing... Chapter 4 VPNs: An Overview FIGURE 4. 22 A peer-to-peer VPN with four customer sites New York Raleigh PE1 PE3 PE2 PE4 Atlanta D.C Adding a site to a peer-to-peer VPN is illustrated in Figure 4. 23 Notice that the Charlotte site is connected to the service provider router PE3, along with the Raleigh site FIGURE 4. 23 Peer-to-peer VPN provisioning Charlotte New York Raleigh PE1 PE2 Atlanta PE3 PE4 D.C Copyright... network Figure 4. 13 shows multiple sites connected in an intranet FIGURE 4. 13 A simple intranet Miami headquarters VC1 Orlando office VC2 Tampa office Extranet An extranet is a connection between two or more organizations An example of an extranet might be a company with a connection to a partner company Figure 4. 14 shows two company sites connected together in an extranet FIGURE 4. 14 A simple extranet... Unregistered Version - http://www.simpopdf.com 132 Chapter 4 VPNs: An Overview What happens to the routing tables when a routing protocol is enabled such as RIP? The router R1 advertises 10.1.0.0 to R2 The router R2 advertises 10.3.0.0 Table 4. 4 contains the new routing table for R1, and Table 4. 5 contains the new routing table for R2 TABLE 4. 4 R1 Routing Table with RIP Network Interface 10.1.0.0 Directly... VPN In Figure 4. 21, four customer sites in New York, Raleigh, Atlanta, and D.C are connected with VCs in a full-mesh topology FIGURE 4. 21 A full-mesh VPN with four customer sites New York Raleigh VC4 VC6 VC1 VC3 VC5 VC2 Atlanta D.C Figure 4. 21 illustrates optimal routing Notice that traffic from New York to Atlanta is directed over VC1 Traffic from New York to Raleigh is directed over VC4 Traffic from... point-to-point links Figure 4. 18 illustrates a simple VPN with two customer sites connected with a single VC, simulating the original point-to-point connectivity illustrated in Figure 4. 17 FIGURE 4. 18 A simple VPN with two customer sites 10.2.0.0 10.1.0.0 10.3.0.0 Virtual circuits (VCs) R1 R2 Table 4. 6 lists the IP addresses and interfaces of the network devices in Figure 4. 18 Copyright ©2002 SYBEX,... privacy and security Well, there is privacy and security, but only after someone configures it Let’s look at an example Figure 4. 24 illustrates a simple peer-to-peer VPN that I’ll use to discuss peer-to-peer VPN security FIGURE 4. 24 A simple peer-to-peer VPN New York PE1 PE4 D.C How do you provide security to the New York and D.C sites? Access lists? Too risky If someone on the service provider side . 1 14 Chapter 3  MPLS and ATM A. MPLS is being configured for cell mode on an ATM edge-LSR. B. Cell-mode MPLS is being configured on an ATM-LSR. C. Frame-mode MPLS is being configured. tag-switching B. mpls C. point-to-point D. cell-mode 16. Which of the following commands enables VC merge on an ATM-LSR? A. mpls ldp atm vc-merge B. mpls ip atm vc-merge C. mpls ip atm vcmerge D. mpls ip. connected to one or two other sites in the network. Figure 4. 6 illustrates a partial-mesh topology. R1 R2 R3 R4 VC4 VC3 VC5 VC6 R1 R2 R3 R4 VC4 VC3 VC5 VC6 Simpo PDF Merge and Split Unregistered Version

Ngày đăng: 13/08/2014, 15:20

TỪ KHÓA LIÊN QUAN