List of Figures | Cisco: A Beginners Guide, Fourth Edition

Chapter 1: Cisco and the Internet

Figure 1-1: There are four basic elements to internetwork topologies
Figure 1-2: The global Internet is a layered collection of independent systems
Figure 1-3: Switching is encroaching on hubs at the low end and routers at the high end

Chapter 2: Networking Primer

Figure 2-1: Each OSI layer runs protocols to manage connections between devices
Figure 2-2: Messages are processed up and down through the seven-layer stack
Figure 2-3: Ethernet access is controlled by carrier sensing and detecting frame collisions
Figure 2-4: Token ring LANs are logical rings, not actual physical loops
Figure 2-5: FDDI was the backbone choice for years because of its speed and redundancy
Figure 2-6: An ISDN BRI circuit brings three digital channels into a home or business
Figure 2-7: DSL modems split traffic into two directional channels to attain high bandwidth
Figure 2-8: Frame Relay can be an efficient WAN link for intermittent traffic
Figure 2-9: VPNs rely on tunneling and encryption to operate over the Internet
Figure 2-10: The TCP/IP stack is compliant with the seven-layer reference model
Figure 2-11: TCP and UDP handle different network applications (port numbers)
Figure 2-12: The IP datagram format is variable in length
Figure 2-13: Port numbers identify the network application the message is using
Figure 2-14: The TCP packet segment holds data used to closely manage packet transport
Figure 2-15: The three-way TCP handshake process passes SYN and ACK
Figure 2-16: Windowing ensures that the receiving host has the capacity to process incoming packets
Figure 2-17: The UDP segment format doesn't have Sequence or Acknowledgement fields
Figure 2-18: DNS servers find the numerical IP addresses assigned to domain names
Figure 2-19: Thirty-two bits define the IP addresses you see in dotted-decimal format
Figure 2-20: Three IP address classes differ by the octets they use for network addresses
Figure 2-21: NAT temporarily assigns unique, reusable public addresses; PAT assigns a global IP address
Figure 2-22: Subnetting extends network address space rightward
Figure 2-23: Subnetting makes efficient use of address space; this Class B example has room for 254 subnets
Figure 2-24: Usually, only part of an octet is subnetted, as in the Class C example
Figure 2-25: The format of a global unicast IPv6 address
Figure 2-26: IPv6 multicast addresses contain specific information about the addresses' lifetime and scope

Chapter 3: Router Overview

Figure 3-1: Routers make internetworks possible by overcoming incompatibility
Figure 3-2: Routers can be used to improve efficiency within a LAN
Figure 3-3: Routers send packets across the perceived path of least resistance
Figure 3-4: Multiple transmissions can be sent on a single fiber using DWDM
Figure 3-5: Administrative access to routers is obtained in three different ways
Figure 3-6: Console and AUX ports on a Cisco 4500 router make direct, non-network connections possible
Figure 3-7: Cisco IOS can be managed through an HTTP Server screen
Figure 3-8: The SDM home page shows a summary of router information
Figure 3-9: SDM aids configuration with a number of Wizards, like the WAN Wizard
Figure 3-10: Choose the encapsulation type that best meets your needs
Figure 3-11: Enter the connection's IP address and subnet mask
Figure 3-12: SDM allows monitoring of various router details
Figure 3-13: The Interface Status tool allows you to track interface statistics
Figure 3-14: The Router Security Audit tool examines the router's security configuration
Figure 3-15: Security control is managed separately for network traffic and administrative login
Figure 3-16: Motherboards of Cisco routers are similarly designed
Figure 3-17: IOS is arranged by releases and feature sets
Figure 3-18: The process of configuring a specific IOS feature set involves selecting desired attributes
Figure 3-19: There are four major parts in an IOS release number

Chapter 4: Configuring Routers

Figure 4-1: Managing config files involves many steps
Figure 4-2: Configuration can be accomplished by logging on to a router through a Telnet connection
Figure 4-3: Entering a bad command results in an inadvertent broadcast message
Figure 4-4: The IOS command structure has two modes
Figure 4-5: Seven operating modes are made possible by Cisco routers
Figure 4-6: Running-config files and startup-config files are used in different ways
Figure 4-7: The show interface command reports current information
Figure 4-8: CDP bypasses incompatible protocols to keep track of networks
Figure 4-9: A look at the ConfigMaker desktop
Figure 4-10: A look at the ConfigMaker Properties dialog box for a Cisco 4500 router
Figure 4-11: The Firewall Wizard is used to configure firewalls in ConfigMaker
Figure 4-12: Fast Step will prompt you for IP address information
Figure 4-13: Fast Step prompts for a router name and administrative passwords
Figure 4-14: Fast Step will prompt you for the ISP's address information last
Figure 4-15: There are three network segments involved in an intranet remote connection

Chapter 5: Switches

Figure 5-1: Switches mediate between backbones and hosts
Figure 5-2: Early network topologies employed thickand thin-wire connections
Figure 5-3: The star topology is the network's basic building block
Figure 5-4: Broadcast domains are implemented differently
Figure 5-5: Enterprise networks today combine fiber and twisted-pair cable media
Figure 5-6: Signals can be crossed over either in the cable or in the device
Figure 5-7: Switches deliver signals to a specific port
Figure 5-8: How a message moves through a switched network
Figure 5-9: The content of a switch's dynamic address table is topologically flat
Figure 5-10: The switches share physical address information to determine paths through networks
Figure 5-11: Uplink ports aggregate traffic into the switched backbone
Figure 5-12: VLAN offers unlimited flexibility in functional network design
Figure 5-13: Routers are used to allow VLANs to communicate
Figure 5-14: The CMS menu bar is used to navigate the switch configuration options
Figure 5-15: A "live" graphical image reports a Cisco switch's status
Figure 5-16: You enter Cluster Management Suite through this page
Figure 5-17: Click the CMS switch image to configure specific switch ports
Figure 5-18: CMS can build a graphical diagram of the switch's LAN
Figure 5-19: Individual switch ports can be configured here
Figure 5-20: The status of individual switch ports can be monitored here
Figure 5-21: EtherChannel port groups are configured for speed and redundancy
Figure 5-22: Individual switch ports can be selected for real-time monitoring
Figure 5-23: Flooded and broadcast messages can be limited in switched networks
Figure 5-24: The IP Addresses window is used to change IP address information
Figure 5-25: This window is used to configure a Cisco switch for SNMP management
Figure 5-26: In switches, ARP tables resolve VLAN names, not LAN names
Figure 5-27: The address table is the key to how switched networks operate
Figure 5-28: A secure port receives traffic only from user-defined stations
Figure 5-29: CGMP is used to enroll switch ports into multicast groups
Figure 5-30: STP prevents the proliferation of loop paths in switched networks
Figure 5-31: A port can belong to one or more VLANs and use any of four membership modes
Figure 5-32: VTP centrally administers configurations in switched networks
Figure 5-33: VMPS is a way to assign switch ports to VLANs automatically

Chapter 6: Security Overview

Figure 6-1: Internetwork control systems, including security, share certain features
Figure 6-2: Access servers are dedicated to supporting remote dial-in connections
Figure 6-3: User authentication takes place in four scenarios that open into three worlds
Figure 6-4: Authorizations can be enforced by network, command mode, and even by command
Figure 6-5: AAA accounting is a background process that tracks a user's network activity
Figure 6-6: Security systems have evolved along with the computing industry
Figure 6-7: User access requests are granted if attribute-values are matched in the user profilev
Figure 6-8: Once authenticated, a user's authorizations are cleared as needed
Figure 6-9: CHAP authentication doesn't send the password over the network
Figure 6-10: Named method lists enforce security policies in access device interfaces
Figure 6-11: The basic parts of a device security configuration model contain a number of settings
Figure 6-12: A user database can be stored in the access device's NVRAM for local use
Figure 6-13: AAA accounting can use any of the three methods to track user activity

Chapter 7: Security Building Blocks

Figure 7-1: A firewall is partly defined by its position as a traffic bottleneck
Figure 7-2: Firewalls inspect all packets and apply security rules to them
Figure 7-3: Firewalls define security perimeters and classify networks accordingly
Figure 7-4: Many firewall configurations include a DMZ to run public servers
Figure 7-5: An access list fi lters packets at each router interface
Figure 7-6: Access list statements are security rules
Figure 7-7: Context-based firewalls track connection states
Figure 7-8: Internal host addresses can be translated one-to-one or to a global address
Figure 7-9: Proxy-server technology is the basis for advanced firewalls
Figure 7-10: Dual-homed configurations turn off routing services within the device
Figure 7-11: CBAC creates temporary openings based on connection status
Figure 7-12: CBAC can be configured on either internal or external interfaces
Figure 7-13: This access list sets up traffic on Ethernet0 for CABC inspection
Figure 7-14: The security-level command draws a more detailed and powerful security map
Figure 7-15: This three-interface PIX firewall supports a static route with conduit
Figure 7-16: VPNs are encrypted WANs that come in variations
Figure 7-17: A remote user utilizes a VPN to access the corporate network
Figure 7-18: These are the hardware components of a remote access VPN connection
Figure 7-19: Business partners can use VPNs to link their organizations
Figure 7-20: These are the hardware components of a site-to-site VPN solution

Chapter 8: Cisco Wireless Solutions

Figure 8-1: WLANs communicate information like cordless telephones
Figure 8-2: Wireless devices tune out unwanted frequencies and focus on the relevant one
Figure 8-3: Access points serve as wireless hubs, connecting one-or many-wireless devices to the LAN
Figure 8-4: Peer-to-peer, or ad hoc, networks connect individual devices
Figure 8-5: By using multiple access points, the availability of the LAN can be increased
Figure 8-6: Repeaters are simply access points configured to extend the range of a WLAN
Figure 8-7: Wireless bridges bring two networks-located miles apart-together
Figure 8-8: The 802.11 x standard for wireless networking makes an ad hoc network around a conference table possible
Figure 8-9: In this example, the floor plan of a company's first floor shows how APs can be deployed
Figure 8-10: Roaming with a wireless device means moving from one cell to another
Figure 8-11: Once logged onto a Cisco AP, the home page shows you an overview of device settings
Figure 8-12: The AP's Express Setup page allows management of the most prevalent AP settings
Figure 8-13: An Aironet AP's Express Security page allows management of security settings
Figure 8-14: The Encryption Manager is used to set up and manage your AP's encryption
Figure 8-15: WPA can be configured on the Encryption Manager page
Figure 8-16: The SSID Manager can be configured by selecting it from the Security menu on the left of the page
Figure 8-17: Wireless system parameters are easily managed on the client
Figure 8-18: You need to select which profile to use on your WLAN
Figure 8-19: Client security is managed using the Network Security tab

Chapter 9: Cisco Unified Contact Center

Figure 9-1: The numbered steps demonstrate how VoIP works
Figure 9-2: This existing telephone network is common to many organizations
Figure 9-3: Connecting telephones to a VoIP relay and router provides VoIP connectivity
Figure 9-4: With a full-blown IP telephony solution, both PCs and phones are connected to the LAN
Figure 9-5: IP telephone calls are connected inside and outside the IP network with different pieces of equipment
Figure 9-6: An analog wave is converted into a digital datastream by measuring regular "slices"
Figure 9-7: Combining voice and data into a single circuit saves money and resources
Figure 9-8: Sending data and VoIP at the same time can disrupt a phone call
Figure 9-9: Branch offices are great places to implement VoIP solutions
Figure 9-10: Cisco Unified Communications is based on three components
Figure 9-11: Cisco Unified Communications helps connect users

Chapter 10: Storage Tools

Figure 10-1: SANs and LANs operate independently, but are still able to mesh together
Figure 10-2: The Fibre Channel Stack contains five layers
Figure 10-3: The tree model is the basic topology for a SAN
Figure 10-4: A mesh eliminates bottlenecks and single points of failure
Figure 10-5: Connecting to two other devices reduces bottlenecks and increases scalability
Figure 10-6: Inter-VSAN routing allows data to be transferred between VSANs but without compromising them
Figure 10-7: Zones can be configured to access resources on different devices
Figure 10-8: Trunking in a SAN combines multiple VSAN conversations

Chapter 11: Cisco Content Networking and Video Solutions

Figure 11-1: A basic CDN deployment contains a number of components
Figure 11-2: Different types of network traffic include unicasting, broadcasting, and multicasting
Figure 11-3: Multicast distribution trees send content to the appropriate network segments
Figure 11-4: WAEs reduce storage burden on branch offices, centralizing it at a datacenter
Figure 11-5: WAE appliances are configured for specific content duties within the network
Figure 11-6: Web caching stores frequently accessed Web pages locally
Figure 11-7: Proxy-style caching works on the client's behalf
Figure 11-8: Reverse proxy caching with WCCP-enabled routers places the content engine in front of the Web server
Figure 11-9: In a reverse proxy scenario with CSS switches, the content engines are checked first before forwarding the request to the Web server
Figure 11-10: Content engines at different levels in an organization provide greater content availability
Figure 11-11: Multihoming provides reliability in addition to load balancing
Figure 11-12: If need be, the client can bypass the caching infrastructure and go directly to the source
Figure 11-13: An IP/VC solution uses such components as Cisco CallManager, MCUs, Cisco VTA, and IP phones

Chapter 12: Routing Protocols

Figure 12-1: Routing update messages coordinate routing tables
Figure 12-2: Routers use control messages to update routing tables; switches don't
Figure 12-3: The classic example of a static route is a network's default gateway
Figure 12-4: Gateway discovery protocols use timers to detect topology changes
Figure 12-5: Routers must collaborate to locate network problems
Figure 12-6: Only two routing updates are necessary to converge
Figure 12-7: Several factors can influence the length of propagation delay
Figure 12-8: A routing loop can start when routing updates overlap
Figure 12-9: If network events outpace convergence, infinite loops can occur
Figure 12-10: Hold-downs prevent routing loops, but can slow down network performance
Figure 12-11: A split horizon stops a routing update from echoing back to its source
Figure 12-12: Most routing updates are implicit corrections; poison reverse updates are explicit
Figure 12-13: Routing metrics are used to influence decisions that routing algorithms make
Figure 12-14: Distance-vector routing propagates routing updates at fixed intervals
Figure 12-15: Link-state routing is event-driven
Figure 12-16: Link-state routing's SPF algorithm builds the shortest paths from the link up
Figure 12-17: Routing protocols draw maps largely based on administrative control
Figure 12-18: Several differences exist between interior gateway protocols and exterior gateway protocols
Figure 12-19: An external corporate network is a routing domain across autonomous systems
Figure 12-20: Cisco's IGRP eclipsed RIP and helped vault the company to its dominant market position
Figure 12-21: EIGRP defines three types of routes: internal, system, and external
Figure 12-22: OSPF implements routing areas and redirects routes between them
Figure 12-23: The variable-length subnet mask feature makes areas possible
Figure 12-24: MPLS packets contain seven fields

Chapter 13: Network Management

Figure 13-1: Network management tasks follow an intensive cycle
Figure 13-2: Partial SNMP management causes network management blind spots
Figure 13-3: Most network teams use several tools to manage their networks
Figure 13-4: There are a number of network management tools and applications at the network administrator's disposal
Figure 13-5: SNMP is a communications channel for network management
Figure 13-6: SNMP gathers information on managed devices
Figure 13-7: MIBs are the basic building blocks of an SNMP management system
Figure 13-8: MIBs are built using machine-independent SMI data types
Figure 13-9: The Internet's family lineage yields the standard Internet MIB lineage
Figure 13-10: Cisco's private hierarchy branches into four subgroups
Figure 13-11: Polling groups are used to help make SNMP data more manageable
Figure 13-12: Data aggregation summarizes data while preserving its integrity
Figure 13-13: Thresholds set a normal operating range for a managed object
Figure 13-14: An SNMP trap proactively reports an event to the NMS
Figure 13-15: RMON probes provide management visibility across switched networks
Figure 13-16: RMON stores Ethernet management data in nine specialized groups
Figure 13-17: SNMP version 2 emphasizes flexibility and security
Figure 13-18: SNMPv2 messages are secured by authenticating parties and control measures
Figure 13-19: Cisco's SNMP implementation supports several advanced functions
Figure 13-20: This is how a standard Catalyst switch RMON works
Figure 13-21: Roving RMON marshals instrumentation to focus on an emerging problem
Figure 13-22: Cisco Network Assistant's Front Panel view gives an overview of your device's status
Figure 13-23: Cisco Network Assistant's Topology view shows a diagram of your network's managed devices
Figure 13-24: Signpost icons on the Feature bar show items that can be managed in Guide mode
Figure 13-25: The Connect window allows you to select which community you'll connect to
Figure 13-26: Enter the IP address of one of your devices to start the discovery process
Figure 13-27: Port Settings is where you can manage attributes of your device's ports
Figure 13-28: Quality of Service management in Cisco Network Assistant helps control network traffic flow
Figure 13-29: The Bandwidth graphs show line and bar charts showing bandwidth usage
Figure 13-30: Cisco Network Assistant provides Ping and Trace services to help with troubleshooting
Figure 13-31: Your devices' firmware is easily upgraded using Cisco Network Assistant

Chapter 14: Network Design Process

Figure 14-1: The classical three-layer hierarchical topology is based on segmentation
Figure 14-2: The access layer provides both local and remote connectivity to hosts
Figure 14-3: The distribution layer is the key to providing a functional hierarchy
Figure 14-4: The core layer includes campus LAN backbones and WAN backbones
Figure 14-5: Fully meshed and partially meshed topologies each offer their pros and cons
Figure 14-6: Backdoors and chains violate the ideal three-layer hierarchical topology
Figure 14-7: DHCP can dynamically assign IP addresses to end-system hosts
Figure 14-8: Domain names must be resolved by a name server
Figure 14-9: The classical router-switch configuration employs smaller switches connected to a large switch, which is then connected to a router
Figure 14-10: Access switches replace hub ports to connect bandwidth-hungry hosts
Figure 14-11: Switched networks need routers to talk to the outside world
Figure 14-12: Heavy Internet use is driving enterprises to install bigger edge routers
Figure 14-13: An ATM campus backbone can connect central resources
Figure 14-14: Gigabit Ethernet can also be run in high-end Catalyst switches
Figure 14-15: Frame Relay-capable routers are superior to FRADs for managing links
Figure 14-16: ISDN supports both dial-in and dedicated citcuit connections
Figure 14-17: The Cisco 827 ADSL router is ideal for DSL connections

Chapter 15: Troubleshooting Cisco Networks

Figure 15-1: To troubleshoot a host, the place to start is the network interface card
Figure 15-2: The host's IP address settings and those in the default gateway must match
Figure 15-3: The host's IP address must match the one for the gateway router in the ARP file
Figure 15-4: Check to make sure the correct default gateway IP address is configured
Figure 15-5: The trace route command is a great way to pinpoint the source of a problem
Figure 15-6: Here's what happens if a traced route finds a router stopping traffic
Figure 15-7: The show interfaces command is one of the troubleshooter's best tools
Figure 15-8: Each interface item likely has reasons for its statistic being high
Figure 15-9: Most WAN links still use serial lines to connect routers to phone loops
Figure 15-10: Certain fields are usually the focus when troubleshooting a serial link
Figure 15-11: Mistyping a character in the WEP can cause WiFi networks to fail
Figure 15-12: Passphrases can be used to generate WEP keys
Figure 15-13: It's possible to extend your wireless network's range with additional access points
Figure 15-14: The Cisco Aironet Client Utility shows your signal strength and quality