Integrated Cisco and Unix Routng

Integrated Cisco and Unix Routng

5 (1 rating by Goodreads)
By (author) 

List price: US$55.00

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

Integrated Cisco and UNIX Network Architectures shows how Cisco routers, switches, and firewalls work together with UNIX operating systems in an integrated routing/networking environment. This book reveals not just the feasibility, but also the desirability and strengths of Cisco/UNIX integrated routing with regards to systems integration and feature requirements. Detailed, progressively complex lab scenarios emphasize enterprise and ISP requirements, casting light on the similarities and differences of these two worlds, forwarding and signaling issues and a comparison of the UNIX network stacks and standard compliance with Cisco IOS. Part I lays the foundation, covering routing software, operating system features, kernel requirements, Layer-2 issues and gateway interfaces. Part II covers the heart of Cisco-UNIX routing by discussing the important concepts of integrated dynamic routing including the UNIX routing table. Advanced concepts are tackled in Part III, beginning with a discussion of tunnels and VPNs and gradually emphasizing on high availability, NAT, bandwidth management, policy routing, and multicast architectures. This book also offers a guide to those features that are best built with Cisco equipment exclusively.show more

Product details

  • Hardback | 600 pages
  • 152.4 x 228.6 x 25.4mm | 628.22g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • New edition
  • 1st New edition
  • 1587051214
  • 9781587051210

About Will Schmied

Gernot Schmied is an independent consultant, analyst, and researcher focusing on systems integration, networking, UNIX, and security. He has worked for several years in enterprise and ISP environments with a focus on senior engineering and architecture projects, service, and portfolio development. Gernot holds two masters' degrees in applied physics and information systems and is currently working on his Ph.D. thesis in his "spare" time. Gernot lives in Vienna, Austria.show more

Table of contents

Introduction Chapter 1 Operating System Issues and Features-The Big Picture Why UNIX Is Viable Routing, Forwarding, and Switching Approaches The Evolution of AT&T System V (SVR4) UNIX and 4.4-Lite BSD Derivatives Operating Systems Design Considerations Kernel-Space Modules Versus User-Space Applications Cisco IOS Software OpenBSD FreeBSD NetBSD Linux GNU Hurd/Mach Other Commercial Unices Summary Recommended Reading Endnotes Chapter 2 User-Space Routing Software The GNU Zebra Routing Software Feature Description and Architecture of Zebra Installation and Startup of Zebra The Development Roadmap of Zebra The Quagga Project The routed Daemon Feature Description of routed Installation of routed Lab 2-1: routed GateD 3.6 Feature Description Installation of GateD 3.6 Reliance on Service Maturity, Scalability, and Stability of GateD 3.6 MRT (Multithreaded Routing Toolkit) Feature Description of MRT Installation of MRT Maturity, Scalability, and Stability of MRT The Bird Project Feature Description of Bird Installation of Bird Maturity, Scalability, and Stability of Bird The XORP Project Feature Description of XORP The MIT Click Modular Router Project XORP Installation Maturity, Scalability, and Stability of XORP Multicast Routing Daemons: mrouted and pimd Summary Recommended Reading Chapter 3 Kernel Requirements for a Full-Featured Lab The sysctl Facility IP Forwarding Control and Special Interfaces VLAN Subinterface Support and Trunk Termination (802.1Q) Alias or Secondary Interfaces Ethernet Channel Bonding Interface Cloning ECMP (Equal-Cost Multi-Path) Driver Support for LAN/WAN Interface Cards Encapsulation Support for WAN Interface Cards Support for Bridging Interfaces TCP Tuning Tunnel Support Multicast Support Firewall and Traffic-Shaping Support The IPv6 Protocol Stack Summary Recommended Reading Chapter 4 Gateway WAN/Metro Interfaces Dial-on-Demand Routing: Analog and ISDN Dialup Wireless Technologies SDH/SONET Powerline Communications Ethernet to the Home/Premises Cisco Long-Reach Ethernet (LRE) Synchronous Serial Interface and PRIs ATM Interfaces Linux ATM Support The FreeBSD HARP ATM Subsystem Cable Access (Ethernet Interfaces) DSL Access Lab 4-1: Synchronous Serial Connection Setup Exercise 4-1: Frame Relay Point-to-Multipoint Setup Summary Recommended Reading Chapter 5 Ethernet and VLANs Ethernet NICs Hubs, Bridges, and Multilayer Switches Access Ports, Uplinks, Trunks, and EtherChannel Port Groups Alias Interfaces VLAN Configurations Linux VLAN Capabilities FreeBSD/OpenBSD VLAN Capabilities A Few Words on Cabling Lab 5-1: FreeBSD Bridge Cluster Lab Lab 5-2: Linux Bridging and the Spanning Tree Lab 5-3: OpenBSD Bridging and Spanning Tree A Few Words on Layer 2 Security Exercise 5-1: Linux/FreeBSD Ethernet Channel Bonding Exercise 5-2: STP Operation Summary Recommended Reading Chapter 6 The Analyzer Toolbox, DHCP, and CDP Terminal Emulation Software Secure Shell Tools Protocol Analyzer Statistical Tools Port Scanners socklist and netstat Ping and Traceroute Combinations DNS Auditing Tools Traffic and Packet Generators What You Need in a Small Toolbox The BSD ipfilter Traffic Generator The Linux Kernel Packet Generator Performance-Testing and Network-Benchmarking Tools Lab 6-1: Using Sniffers-DHCP Example Lab 6-2: UNIX CDP Configuration Summary Recommended Reading Chapter 7 The UNIX Routing and ARP Tables Address Resolution: ARP and RARP Proxy ARP ARP Cache Static ARP Entries Gratuitous ARP Reverse ARP (RARP), the Bootstrap Protocol (BOOTP), and Dynamic H Configuration Protocol (DHCP) TFTP Inverse ARP (InARP), UNARP, and DirectedARP Power of the Linux ip, netstat, and route Utilities ARP-Related Tools Lab 7-1: ARP Security Issues Summary Recommended Reading Endnote Chapter 8 Static Routing Concepts Administrative Distance and Metric Classful Routing, VLSM, and CIDR Default Gateways, Default Routes, and Route(s) of Last Resort Route Caches, Routing Tables, Forwarding Tables, and the ISO Context The Near and Far End of a Link The route Command-Adding and Removing Routes Route Cloning Blackholes and Reject/Prohibit Routes Floating Static Routes Equal-Cost Multi-Path (ECMP) Routing Lab 8-1: Interface Metrics, Floating Static Routes, and Multiple Equal-Cost Rou (ECMP) Linux TEQL (True Link Equalizer) Adding Static Routes via Routing Daemons Summary Recommended Reading Endnotes Chapter 9 Dynamic Routing Protocols-Interior Gateway Protocols Interaction with the UNIX Routing Table Classification of Dynamic Routing Protocols Link-State Protocols Distance-Vector Protocols From RIP to EIGRP RIP-A Distance-Vector Routing Protocol (Bellman-Ford-Fulkerson) (E)IGRP Lab 9-1: RIPv2 Scenario Lab 9-2: RIP Neighbor Granularity Lab 9-3: RIPv2 via GateD Exercise 9-1: RIPv2 over Frame Relay Topologies Exercise 9-2: RIPv2 Metric Manipulation and Redistribution Control Introduction to Link-State Routing Protocols Area Concepts The Full Picture-Autonomous Systems and Areas OSPFv2 Lab 9-4: Leaf-Area Design Featuring GateD and Cisco IOS Exercise 9-3: Exporting Loopback Addresses Lab 9-5: Leaf-Area Design Featuring Zebra and Cisco IOS Software ECMP-Manipulating Metric and Distance The Art of Redistribution Lab 9-6: Route Filtering and Redistribution Lab 9-7: OSPF Authentication Route Tagging and Multiple OSPF Processes/Instances IS-IS (Intermediate System-to-Intermediate System) Disadvantages of IS-IS Advantages of IS-IS Relevant IS-IS Standards Current IS-IS Developments Lab 9-8: IS-IS Flat Backbone Area Lab 9-9: IS-IS Backbone and Leaf Area Lab 9-10: OSPF Point-to-Point Lab Exercise 9-4: Dynamic Routing in Point-to-Multipoint Scenarios Advanced OSPF Features Traffic-Engineering Extensions Opaque LSAs Quagga's Implementation Summary Recommended Reading Endnotes Chapter 10 ISP Connectivity with BGPv4-An Exterior Gateway Path-Vector Rout Protocol for Interdomain Routing Exterior Gateway Protocols: EGP and BGPv4 BGPv4: Introductory Thoughts Neighboring Relations Limitations of IGPs Flavors of BGPv4 BGP Message Types Capabilities Negotiation BGP Finite State Machine BGP Path Attributes BGP Active Path-Selection Criteria BGP Loop Detection Provider-Independent Addresses (PI Prefixes, Provider Aggregates) Internet Exchange Points EBGP and EBGP Multihop Weighted Route Dampening The next-hop-self Command IGP Synchronization The soft-reconfiguration Command Multiple BGP Instances and Views and the Route Server Context IBGP Full Mesh, Route Reflectors, and Confederation Lab 10-1: Route Reflection Exercise 10-1: BGP and IGP Interaction Exercise 10-2: BGP Synchronization Lab 10-2: Confederation Lab 10-3: Multi-AS BGP Topology Lab 10-4: BGP with GateD Avoiding Single Points of Failure Single-Homed Nontransit (Stub) Scenario with a Private AS Multi-Homed Nontransit (Stub) Scenario Transit Services Route Server and Routing Registries Requesting ASNs and IP Addresses Zebra Route Server with Multiple Views The Route Server Next Generation Project (RSng) Internet Routing Registries The Whois/Rwhois Interface IRRd The IRRToolSet Looking Glasses Cisco IOS Configuration The Looking Glass CGI Script and HTML Code Zebra Looking Glasses Routing Policies Defining an AS Policy BGP Route Maps and Filters BGP Communities and Extended Communities Special BGP Topics BGP "Pseudo" Load Balancing BGP Security Considerations Multiprotocol BGP Extensions Summary Recommended Reading Chapter 11 VPN Technologies, Tunnel Interfaces, and Architectures The Rationale for Tunnels in Routing Environments The VPNC Concept of VPNs The OSI Stack Perspective Internet, Intranet, and Extranet Terminology IP-IP Tunnel Lab 11-1: IP-IP Tunnel Linux-to-FreeBSD Lab 11-2: IP-IP Tunnel OpenBSD-to-Cisco Generic Router Encapsulation (GRE) Tunnel Lab 11-3: GRE Tunnel OpenBSD-to-Cisco Lab 11-4: GRE Tunnel Linux-to-FreeBSD (Featuring gre-tun) Lab 11-5: Linux-to-Cisco GRE Tunnel Exercise 11-1: GRE Advanced Features Special Multicast and IPv6 Tunneling (RFC 2473, RFC 3053) Cisco L2F (Layer 2 Forwarding) PPTP (Point-to-Point Tunnel Protocol) Exercise 11-2: PPTP on UNIX L2TP (Layer 2 Tunnel Protocol) Securing L2TP Using IPSec (RFC 3193) L2TP Operation L2TPv3 and Related "Work in Progress" L2TPd for UNIX: A Project in Transition Exercise 11-3: L2TP Mobile IP User-Space Tunneling CIPE (Crypto IP Encapsulation) V-TUN (Virtual Tunnel) OpenVPN Stunnel/SSLwrap-SSL/TLS-Based "Wrapped" Tunnels and SSL Proxying/Relaying Secure Shell (SSH) IPSec Foundation IPSec ESP/AH and Tunnel and Transport Mode Manual/Automatic Keying, Preshared Secrets, and Certificates IKE Phase 1 and 2: Main Mode and Aggressive Mode Resolving the IKE, PKI, SA, ISAKMP, and Oakley Confusion What Is Opportunistic Encryption (OE)? What Is NAT-Traversal (NAT-T)? DHCP Provisioning over IPSec Tunnel Mode IPSec Implementations Linux IPSec KAME FreeBSD OpenBSD General Tunnel and Specific IPSec Caveats Tunnels and Firewalls Tunnels Do Not Like NAT Tunnels Cause MTU Issues Tunnels Add Protocol Overhead Unnumbered Links and Tunnel Routing Multicast Transit via Point-to-Point Tunnels Crypto Performance High Availability VPN Deployment and Scalability Advice About IPSec Lab Scenarios Lab 11-8: An IPSec with IKE (racoon/isakmpd) Scenario (Gateway-to-Gate Tunnel Mode) Road-Warrior Scenarios (Road Warrior-to-OpenBSD/FreeBSD Gateway with IKE) Dynamic Routing Protocols over Point-to-Point Tunnels-Transpar Infrastructure VPN IPSec Development and Evolution Summary Recommended Reading Endnotes Chapter 12 Designing for High Availability Increasing Availability Withstanding a (D)DoS Attack Network HA Approaches Redundant Paths Standby Equipment Simple but Effective Approaches to Server HA DNS Shuffle Records and Round-Robin (DNS RR) Dynamic Routing Protocols Firewall Failover Clustering and Distributed Architectures Linux Virtual Server Project (LVSP) Connection Integrity Issues LVS-Virtual Services Linux Ultra Monkey IP Address Takeover with Heartbeat The Service Routing Redundancy Daemon (SRRD) IPv4/IPv6 Anycast A Few Words About Content Caches and Proxies Load Balancing Firewall Load-Balancing Approaches HighUpTime Project loadd Daemon Pure Load Balancer The PEN Load Balancer Super Sparrow Cisco Gateway Load Balancing Protocol (GLBP) Cisco HA and Load-Balancing Approaches Cisco IOS Server Load Balancing (SLB) Feature Cisco Content Networking Devices and Software VRRP VRRPd Freevrrpd Comparison of the VRRP Implementations OpenBSD CARP IRDP Summary Recommended Reading Endnotes Chapter 13 Policy Routing, Bandwidth Management, and QoS Policy Routing Policy Routing on BSD Linux iproute2 Policy Routing Cisco IOS Policy-Routing Example Traffic Shaping, Queuing, Reservation, and Scheduling Linux QoS Layer 3 QoS: IP ToS, Precedence, CoS, IntServ, and DiffServ Codepoints 802.1P/Q Tagging/Priority-QoS at the Data-Link/MAC Sublayer MPLS Exp Field and MPLS Traffic Engineering DiffServ and RSVP/RSVP-TE Implementations for UNIX Cisco IOS QoS and Queuing Architectures UNIX Firewalling Engines and Queuing OpenBSD ALTQ+pf FreeBSD ipfilter+ALTQ FreeBSD IP Firewall(ipfw) + dummynet Linux Firewall Marking and iproute2 (ip/tc) Bell Labs' Eclipse-An Operating System with QoS Support Summary Recommended Reading Endnote Chapter 14 Multicast Architectures Multicast Deployments Multicast Addresses and Scope Administratively Scoped IP Multicast The Multicast Protocol Cocktail Internet Group Management Protocol (IGMP) and Cisco Group Managem Protocol (CGMP) IGMPv1 Operation IGMPv2 Operation IGMPv3 Implementations Cisco IOS Multicast Router Configuration and IGMP/CGMP Operation Cisco Group Management Protocol (CGMP) The Cisco IOS Multicast Routing Monitor (MRM) mrouted and DVMRP mrouted and the MBONE Lab 14-1: DVMRP via mrouted Native-Multicast Test Applications The ip and smcroute Multicast Utilities PIM Operation and Daemons Lab 14-2: Native Linux and FreeBSD Multicast (PIM-SMv2) in Combination w Cisco PIM-SM-DM Lab 14-3: XORP PIM Operation Multicast Open Shortest Path First (MOSPF) Multicast Source Discovery Protocol (MSDP) BGPv4 Multicast Extensions (Multiprotocol BGP, RFC 2858) Multicast Transport Layer Protocols Multicast Invitations and Session Announcements Multicast Security Summary Recommended Reading Chapter 15 Network Address Translation The NAT Foundation-Basic/Traditional NAT NAT, PAT(NAPT), Masquerading, and Port Mapping/Multiplexing Static NAT and ARP/Routing Issues Redirection (Port Forwarding/Relaying or Transparent Proxying) UNIX NAT Approaches Lab 15-1: OpenBSD ipfilter Lab 15-2: FreeBSD ipfw+natd Lab 15-3: BSD Packet Filter (pf) Lab 15-4: Linux NAT (iptables) NAT-Hostile Protocols Future Developments: NAT-T, MPLS+NAT, Load Balancer NAT Redundancy-Stateful Failover Summary Recommended Reading Appendix A UNIX Kernel Configuration Files Appendix B The FreeBSD Netgraph Facility Indexshow more

Rating details

1 ratings
5 out of 5 stars
5 100% (1)
4 0% (0)
3 0% (0)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X