|
|
Packet(s)
classifier, 556–57, 600
delay, 604
loss, 566
scheduler, 557, 600
size, 536
switch evolution, 227–28
Packet-filtering routers, 340–42
features, 340
information examined by, 340
problems, 341–42
rules, 341
Packet filters, 479–82
area and network, 481
capabilities, 479
defined, 479
examples, 479–81
issues, 481–82
lack of management, 481
Layer 2 type, 479–80
planning and transparency, 482
processing overhead, 481
security, 481
service type, 480–81
statelessness, 481
Packet switching, 52–53
circuit switching vs., 52–53
defined, 52
Passive backplane design, 457
Password Authentication Protocol (PAP), 330
Passwords
aging, 330
guessing attacks, 307
one-time, 330
static, 330
Path MTU Discovery (PMTUD), 540–41
Paths
best, choosing, 168–69
multipath, 167–68
selection, 167–69
single, 167–68
See also Routing
Peer model, 381
Performance
broadcast, 66
characterizing, 3
CMIP, 666
DNS, 120–21
IKE, 375
Integrated Services (IS), 617
IPv6, 80
management, 635–36
NAT, 136–37
network, 2–3
RIP, 185
SNMP, 653–54
VPN, 384–85
Per Hop Behavior (PHB), 619–20
consistency, 620
default, 620
defined, 619
standard, 620
See also Differentiated Services (DS)
Peripheral switching, 460
Personal firewalls, 345
Phasing, requirements, 6–8
Physical Layer
OSI reference model, 18
TCP/IP protocol suite, 27
Pilot test, 14
PIM, 275–81
defined, 275–76
dense-mode, 276–78
design issues, 280–81
development, 276
interoperability, 282
mixed-mode, 280
RP configuration, 280
RP performance consideration, 280–81
sparse-mode, 278–80
See also Multicast routing
Ping, 682–87
BSD UNIX option definitions, 684–85
defined, 682
MS-DOS option definitions, 683–84
operations, 682–83
options, 683–85
potential problems, 686–87
problems when using, 683
uses, 682
using, 685–86
See also Software diagnostic tools
Ping of death, 315
Ping sweep, 315
Planning
brainstorming and, 13
design, 12–14
documentation and, 13–14
technology choices and, 12–13
Point-to-point meshing, 420–22
Point-to-Point Protocol (PPP), 326
Point-to-Point Tunneling Protocol (PPTP), 353
Policy
clients, 704
console, 702–3
default QoS, 702
default routing, 703
default security, 702
defined, 700–701
distribution, 704–5
peripherals, 702
profiles, 706
repository, 703
security, 316–19
servers, 703–4
Policy-based management, 699–707, 708
benefits, 70, 700
components, 702–5
COPS, 705
defined, 700
deployment illustration, 701
design and implementation issues, 706–7
services, 701
vendors, 707
See also Network management
Policy-Based Routing (PBR), 576–78
defined, 574, 576
implementations, 577
policies, 577
router behavior and, 578
Port Address Translation (PAT), 134
Port hashing techniques, 515–19
Power
faults, 460
fault-tolerance approaches, 461–62
multiple, supplies, 462–63
reliability, 460–63
sags, 460
spikes, 461
surges, 460
Presentation Layer (OSI reference model), 18
Pretty Good Privacy (PGP), 337
Priority queuing, 494–95
defined, 494
illustrated, 494
uses, 495
Private intranet addressing, 73–74
migration to public network access, 74
registered private addresses, 73–74
Proprietary header compression, 485
Protocol analyzers, 694–96
defined, 694
examples, 694–95
expert, 694
illustrated example, 695
performance parameters, 696
Protocol-based security services, 334–38
IPSec, 338
PGP, 337
SET, 338
S-HTTP, 336
S-MIME, 337
SSH, 336–37
SSL, 334–36
See also Security
Protocol-Independent Multicast. See PIM
Protocol optimization, 536–41
fragmentation, 537
frame/packet size, 536
TCP/IP tuning, 538–41
window sizes, 537–38
Protocols, 24–37
ARP, 83–91
BGMP, 288
BGP, 205–19
boot, 475
BOOTP, 92–95
CHAP, 330–31
CMOL, 664
CMOT, 664
COPS, 705
DHCP, 95–102
DVMRP, 264–72
EIGRP, 175, 176–77
GRE, 353, 356
HSRP, 439, 452–54
ICMP, 31, 102–5, 447
IGMP, 239, 256–61
IIOP, 24
IKE, 371–76
IKMP, 371
IP protocol suite, 25–37
IS-IS, 175, 176
L2F, 353
L2TP, 353
LDAP, 59, 125, 126–31, 130–31
LDP, 582
LPP, 664
MBGP, 287
MSDP, 288
OSPF, 175–76, 187–204
PAP, 330
PPP, 326
PPTP, 353
RAMP, 297
RARP, 90–91
RIP, 175, 177–87
RSVP, 563, 604–16
RTCP, 292–93
RTP, 289–92
RTSP, 293–94
SCCP, 298
SDAP, 298
SIP, 298
SKIP, 331
SNMP, 636, 637–55
SSL, 326, 334–36
TFTP, 34–35, 310
types of, 24
unnecessary, disabling, 475–76
VRRP, 439, 442–52
vulnerability, 308–12
WCCP, 531
Proxies, 342–43
Proxy ARP, 88–90
applications, 88
defined, 88
illustrated example applications, 89
issues, 90
See also Address Resolution Protocol (ARP)
Proxy server techniques, 454–55
Proxy services, 520–22
benefits, 520
examples, 520–22
keep-alive spoofing, 521–22
routing announcements, 521
service announcements, 520–21
Pruning and grafting, 253, 269–71
Public Key Infrastructure (PKI), 322–26
applications, 326
architectural model, 323
caching and, 526
Certificate Authorities (CAs), 324–25
Certificate Repositories (CRs), 325
Certificate Revocation Lists (CRLs), 325–26
defined, 322
digital signatures, 324
Registration Authorities (RAs), 325
services, 322
X.509 digital certificates, 323–24
Pulse Code Modulation (PCM), 52
|
|