Building MPLS-Based Broadband Access VPNs (Hardcover)
Kumar Reddy
- 出版商: Cisco Press
- 出版日期: 2004-11-25
- 售價: $2,275
- 貴賓價: 9.5 折 $2,161
- 語言: 英文
- 頁數: 408
- 裝訂: Hardcover
- ISBN: 1587051362
- ISBN-13: 9781587051364
立即出貨(限量) (庫存=1)
買這商品的人也買了...
-
$590$466 -
$290$226 -
$490$417 -
$680$612 -
$2,340$2,223 -
$1,890$1,796 -
$650$553 -
$750$593 -
$860$774 -
$650$585 -
$650$507 -
$2,510$2,385 -
$2,680$2,546 -
$880$792 -
$1,580$1,501 -
$1,093$1,035 -
$3,180$3,021 -
$2,030$1,929 -
$1,800$1,710 -
$1,575$1,496 -
$2,980$2,831 -
$1,440Beginning Linux Programming, 4/e (Paperback)
-
$281Cisco IPSec VPN 實戰指南
-
$499$424 -
$3,160$3,002
相關主題
商品描述
Description:
Implement the design principles and configurations behind MPLS-based VPNs for broadband access networks
The book discusses how MPLS and its VPN service are best used in a broadband environment, concentrating on key design issues and solutions, including
- How to manage tens of thousands of interfaces and host routes and hundreds of dynamic VPNs
- When a Virtual Home Gateway is necessary
- Why use dynamic address assignment
- How routes should be summarized into the core
Deploy MPLS VPNs successfully in broadband networks with Building MPLS-Based Broadband Access VPNs. This book helps you understand why and how today's broadband networks function, covering the principal access technologies: DSL, Ethernet, and cable. The book also examines the different tunneling protocols used for VPN solutions today, namely GRE, IPSec, and L2TP, with examples of how these solutions are deployed and a discussion of their strengths and weaknesses.
Building MPLS-Based Broadband Access VPNs also includes an in-depth description of the IOS VRF Lite, which helps you use VRF-aware features with an IP core.
Detailed descriptions of the technologies, design principles, network configurations, and case studies are provided throughout the book, helping you develop a pragmatic understanding of MPLS-based broadband access VPNs.
- Obtain a realistic understanding of large-scale broadband access network design requirements
- Recognize the business impact of using MPLS to provide access VPN services, including the advantages of QoS, availability, and provisioning
- Use MPLS in access VPN and transport networks and deal with the unique scalability problems that such networks pose
- Leverage VRF-aware features to deploy IP-based VPNs
- Includes detailed Cisco IOS configuration examples based on real-world scenarios
This book is part of the Networking Technology Series from Cisco Press‚ which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
Table of Contents:
Foreword
Introduction
Chapter 1 Introduction: Broadband Access and Virtual Private Networks
Broadband Networks and Operators
The Players in Broadband
DSL Networks
Metropolitan-Area Networks
The Role of the Access Network
Shifting the Location of the Processing
Service Models: Who Buys What
Business Subscribers
Residential Subscribers
IP Virtual Private Networks for Broadband
A VPN Taxonomy
Layer 2 and Layer 3 VPN Alternatives
Overlay VPNs
The Peer Model
A Simplified Framework for Broadband VPN
Data Confidentiality
Efficient Operation
Efficient Routing
High Availability and Resiliency
Device-Level Redundancy
Network-Level Redundancy
Multicast
Quality of Service
Fragmentation
Authentication, Authorization, and Accounting (AAA)
Service Selection
Support for Any IP Addressing Plan
Efficient Address Assignment
Additional Layer 3 Services
Summary
Chapter 2 Delivering Broadband Access Today: An Access Technologies Primer
Architecture 1: Bridged Access Networks
Bridging in DSL Using RFC 2684
RBE Configuration
RBE Quality of Service
RBE Routing
RBE Address Assignment
More Bridged Access—Cable and DOCSIS
DOCSIS Cisco IOS Configuration
Cable Address Assignment
Broadband Ethernet—Ethernet to the Home/Business (ETTX)
Long Reach Ethernet
ETTX Configuration
ETTX Quality of Service
ETTX Address Assignment
Security Considerations for Bridged Broadband Architectures
Security in DSL Broadband Networks
Security in Cable Broadband Networks
Security in Ethernet Broadband Networks
Authentication and Accounting in Bridged Broadband Architectures
Architecture 2: Point-to-Point Protocol Networks
PPP over Ethernet—The CPE as a Bridge
PPPoE Configuration
PPPoE Service Selection and Discovery
PPP over ATM: The CPE as a Router
PPPoA Configuration
PPP Address Assignments
Use of On-Demand Address Pools
PPP Quality of Service
PPP Authentication, Accounting, and Security
Port-Based Authentication
PPP Security
Summary
Chapter 3 VPNs in Broadband Networks
Tunnels, Hubs, and Spokes
To Distribute or Centralize?
Access VPN Requirements Reminder
Case 1: A Site VPN with Non-IP Traffic—GRE
GRE Protocol and Operation
GRE Configuration
GRE Design Considerations
Case 2: VPN over Anything—IPSec
IPSec Protocol and Operation
AH and ESP Headers for Authentication and Encryption
Key Exchange with IKE
IPSec Tunnel and Transport Mode Encapsulations
IPSec Configuration
IPSec Configuration Examples
Simple Site-to-Site IPSec
Encrypted GRE
Dynamic Multicast VPN
IPSec for Remote Access
IPSec Design Considerations
Case 3: L2TP—For Open Access
L2TP Protocol and Operation
L2TP Tunnel Setup
L2TP Session Setup
L2TP Configuration
Scaling L2TP Networks
Data Plane: L2TP LNS Redundancy and Load Balancing
Control Plane: AAA Redundancy and Load Balancing
L2TP Tunnel Switching
L2TP Design Considerations
Other Open Access Solutions
Open Access with Network Address Translation
Open Access with Policy-Based Routing
Summary
Chapter 4 Introduction to MPLS
Definition of MPLS
IP and MPLS Packet Forwarding
MPLS Encapsulation
Label Distribution
LDP Operation
Traffic Engineering
MPLS-TE Cisco IOS Configuration
Layer 3 VPN Services (RFC 2547)
MPLS-VPN Attributes
MPLS-VPN Cisco IOS Configuration
MPLS QoS
QoS in MPLS Packet Headers
Complication 1: DSCP
Complication 2: ATM
Tunnels and Pipes
DiffServ-Aware Traffic Engineering
Summary
Chapter 5 Introduction to MPLS-Based Access VPN Architectures
Architecture Overview of an MPLS-Based Access VPN
The Role of the PE
Mapping Cable Subscribers to VRFs
Mapping Ethernet Subscribers to VRFs
Mapping DSL Subscribers to VRFs
Routed Interfaces
Routed Bridge Encapsulation
PPP
Virtual Home Gateway
VHG for Cable or Ethernet
Examples of the Basic Architectures
Direct PPP Termination Configuration
Monitoring Direct PPP Termination
Two-Box Virtual Home Gateway Example
Monitoring the Two-Box VHG Solution
Multi-VRF CE Configuration
Comparison Using the Broadband VPN Framework
Data Confidentiality
Efficient Operation
Efficient Routing
High Availability and Resiliency
Multicast
Quality of Service
Fragmentation
Authentication, Authorization, and Accounting
Service Selection
Support Any IP Addressing Plan
Efficient Address Management
Additional L3 Services
Summary
Chapter 6 Wholesale MPLS-VPN Related Service Features
Bindings Again—Dynamic VRF Allocation
AAA Again—VRF Name and the AAA Attribute
Direct PPP Termination and Aggregation with AAA
VHG with AAA
DHCP—Life Without AAA
PBR—A Two-Box Solution
Service Selection Gateway—Another Two-Box Solution
VRF Select
Proxy RADIUS and Per-VRF AAA
Per-VRF AAA Configuration
Per-VRF AAA Templates
Per-VRF AAA Accounting
Assigning and Managing Overlapping Addresses
Overlapping Device-Local Pools
On-Demand Address Pools
The Host Route Solution
ODAP and Address Assignments
Summary
Chapter 7 Implementing Network-Based Access VPNs Without MPLS
Introduction to Virtual Routers
Implementing Virtual Routing with Cisco IOS
Using Tunnels to Build Network-Based IP VPN
Using GRE for IP VPN
Using IPSec for IP VPN
Routing Between VRF-Lite PEs
Campus Hop-to-Hop Topology
RIP Between VRF-LITE
RIP to BGP
Summary
Chapter 8 Case Studies for Using MPLS with Broadband VPNs
Case Study 1: Managed LNS
Service Definitions
L2TP-Based Wholesale Service: Managed LNS
Clients
Circuit Aggregation: LAC
IP Aggregation: LNS
Control Plane: AAA
Network and Service Availability
MPLS-Based Wholesale Service
Clients
PTA PE
ISP PE
Address Allocation and Routing
Control Plane: AAA
QoS and Multicast
Case Study 2: D/V/V Over Ethernet
Service Definitions
Network Design
Clients
Access Layer: Circuit Aggregation
Distribution Layer: IP Aggregation
Adding Open Access
An Alternative Open Access Design
Summary
Chapter 9 Future Developments in Broadband Access
Introduction to IPv6
Address Space Size
Addressing
Extensions
Autoconfiguration
Deployment Scenarios of IPv6
Enterprise Deploys IPv6 Internally but Uses an IPv4 VPN Service
A Retail ISP Moves to IPv6
Only the Wholesaler Moves to IPv6
L2 Transport and L2VPN
Pseudo-wires
AToM
L2 Transport over L2TPv3
Applications and Implications for Broadband Access
Summary
Appendix A References and Bibliography
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapters 5, 6, 7, and 8
Chapter 9
Indx
商品描述(中文翻譯)
描述:
實現基於MPLS的寬頻接入網絡的設計原則和配置。
本書討論了MPLS及其VPN服務在寬頻環境中的最佳應用,重點關注關鍵的設計問題和解決方案,包括:
- 如何管理數萬個接口和主機路由以及數百個動態VPN
- 何時需要虛擬家庭網關
- 為什麼使用動態地址分配
- 如何將路由總結到核心網絡中
使用《基於MPLS的寬頻接入VPN構建》在寬頻網絡中成功部署MPLS VPN。本書幫助您了解當今寬頻網絡的運作原理,涵蓋主要的接入技術:DSL、以太網和有線電視。本書還探討了用於VPN解決方案的不同隧道協議,包括GRE、IPSec和L2TP,並提供了這些解決方案的部署示例以及其優點和缺點的討論。
《基於MPLS的寬頻接入VPN構建》還包括對IOS VRF Lite的詳細描述,幫助您在IP核心網絡中使用VRF-aware功能。
本書全書提供了技術、設計原則、網絡配置和案例研究的詳細描述,幫助您對基於MPLS的寬頻接入VPN有實用的理解。
目錄:
- 前言
- 引言
- 第1章:引言:寬頻接入和虛擬私有網絡
- 寬頻網絡和運營商
- 寬頻中的參與者
- 第2章:MPLS和VPN基礎知識
- MPLS和VPN的基本概念
- MPLS和VPN的設計原則
- 第3章:寬頻接入網絡設計
- 寬頻接入網絡的需求
- 寬頻接入網絡的設計原則
- 第4章:MPLS在寬頻接入網絡中的應用
- MPLS在寬頻接入網絡中的優勢
- MPLS在寬頻接入網絡中的部署
- 第5章:VRF Lite
- VRF Lite的基本概念
- VRF Lite的設計和配置
- 第6章:案例研究
- 寬頻接入網絡的案例研究
- MPLS VPN的案例研究
- 第7章:結論
- 寬頻接入網絡的未來發展
- MPLS VPN的未來發展
本書是Cisco Press的Networking Technology Series系列的一部分,為網絡專業人士提供構建高效網絡、了解新技術和建立成功職業的寶貴信息。