Sample Video and Course Outline
In this video series, you will learn how to build practical network designs for many solutions and services. The network design is based on the Network Design Cookbook (1st Edition) for building a design step-by-step and to provide a better understanding for how to build your own practical designs.
You will learn how to build several design models that will consider the topology to use, performance, to the reliability that is needed. You will learn how to determine the best hardware to use for each component in the topology. You will learn about what services are recommended and how they should be configured. You will learn how to incorporate security into your design to keep it protected and secure. You will learn what information is needed along with many aspects that are important for building a practical design.
Sample Video
Course Outline
- Introduction
- Step 1: Requirements
- Step 2: General Design
- Step 3: Solution Design
- Local Area Network (LAN) Solution (126 minutes):
- Design #1: This solution design consist of a two-tier LAN topology with resilient redundancy using chassis-based Core switches. The topology is designed to support 10GE interfaces based on the performance requirements including Routing and LAN switching services.
- Internet Edge Solution (70 minutes):
- Design #1: This solution design uses dual ISP clouds and BGP routing to provide full Internet redundancy. This solution uses an Ethernet handoff from the Service Provider to provide performance between 100Mbps and 400Mbps. The hardware used for the edge router component will be a Cisco ISR G2 3925 series router.
- Design #2: This solution design is similar to “Design #1” using dual ISP clouds and BGP routing to provide full Internet redundancy. This solution uses an Ethernet handoff from the Service Provider to provide performance between 100Mbps and 400Mbps. The hardware for the edge component will be a firewall appliance instead of an edge router.
- Firewall Solution (47 minutes):
- Design #1: This solution design builds a redundant (Active/Passive) pair of Next-Generation Firewall appliances between the Internet Edge and the LAN topologies in our existing design. This solution use Gigabit Ethernet interfaces to provide performance between 100Mbps and 400Mbps that is expected on our the Internet edge. The hardware used for the firewall components will be the Fortinet FortiGate 200D series NGFW appliance.
- Wide Area Network (WAN) Solution (80 minutes):
- Design #1: This solution design builds a WAN solution with redundant WAN clouds and Aggregation routers. The primary WAN cloud will be a private L3 WAN which will likely be MPLS. And the secondary WAN cloud will be an Internet WAN that will utilize VPN technologies for providing site connectivity. The hardware for the WAN aggregation routers will be the Cisco ISR G2 2951 series router.
- VPN and Remote Access Solution (22 minutes):
- Design #1: This solution design builds a VPN solution which extends our WAN solution design that we completed earlier. The design was focused on the second WAN router in our topology. Our design for this solution will involve a DMVPN topology between our sites supporting AES encryption, SHA hashing, and pre-shared keys for key management. DMVPN is a service that is supported with our hardware deployment and the router model we are using will be the Cisco ISR G2 2951 series.
- Local Area Network (LAN) Solution (126 minutes):
- Step 4: Service Design
- IP Routing (20 minutes):
- Design #1: This service design will overlay general IP routing on-top of our network topology. It will utilize OSPF for the internal routing protocol and BGP for external routing with our redundant ISP cloud. We will also determine how our default gateways will be implemented including which networks we want to apply security protection to. This is the first step before the actual OSPF and BGP design within our topology.
- LAN Switching (68 minutes):
- Design #1: This service design will overlay LAN switching services on-top of our network topology. It will utilize service designs for the VLAN Trunking Protocol (VTP), VLANs, 802.1Q trunking, Spanning Tree (STP), and other LAN based services based on best practices outlined in the Network Design Cookbook.
- OSPF Routing (76 minutes):
- Design #1: This service design will overlay OSPF on-top of our network topology. Part 1 will include building the hierarchical topology of OSPF. We will determine the areas, routers, and network types within that built topology. And what networks will be advertised among within the topology. In other sections, we will continue to build our OSPF design to include scalability, reliability, and security. For OSPF scalability we will determine what routes should be summarized, areas that should be converted as stub areas, and if enabling iSPF is required for our topology. For OSPF reliability, we will determine if we need to tune the OSPF timers such as the neighbor timers to LSA and SPF throttling. Other reliability design points will include ECP, BFD, and specifying Primary/Secondary paths. And for OSPF security, we want to consider locking down our topology using Passive Interfaces, Authentication, to route control.
- BGP Routing (26 minutes):
- Design #1: In this design workshop, we will focus on the BGP service design on our network. We will determine the BGP peers and how they will be configured. Our BGP design will cover the main BGP properties to include Route Summarization, Authentication, Route Control to Synchronization. And our design will include implementing BGP routing with the Service Providers using several attributes to control inbound and outbound routing based on our requirements. This will include Local Preference and adjusting the AS Path.
- IP Routing (20 minutes):
- Step 5: Building Design Options