Building a Cisco Network for WIndows 2000

Elliot Lewis, Syngress Publishing

ISBN:1928994008, Edition: 1st, 2000-01-15

Price: $59.95

Contents

Chapter 1—Developing a Windows 2000 and Cisco Internetwork ~ 1
Introduction ~ 2
Directory Enabled Network ~ 2
The DEN Solution ~ 4
About Microsoft’s Windows 2000 and Cisco’s IOS ~ 8
Cisco’s IOS and Software Products ~ 8
Cisco ConfigMaker ~ 9
Cisco Fast Step ~ 11
CiscoWorks 2000 ~ 13
Microsoft’s Windows 2000 ~ 14
Active Directory ~ 17
Merging together with Cisco Networking Services for Active Directory ~ 20
Best Practices for Implementing a Network ~ 20
Networking Basics ~ 22
OSI Protocol Reference Model ~ 23
Physical Layer ~ 26
Data-Link Layer ~ 27
Network Layer ~ 27
Transport Layer ~ 28
The Session Layer ~ 29
The Presentation Layer ~ 29
The Application Layer ~ ~ 29
Internet History ~ ~ 30
IP Networking Primer ~ 31
Case Studies ~ 36
ABC Chemical Company ~ 36
West Coast Accounting, L.L.C. ~ 37
Summary ~ 38
FAQs ~ 41

Chapter 2—A Tour of Windows 2000 ~ 43
Introduction ~ 44
What’s New Since Windows NT 4 ~ 44
Active Directory ~ 45
Installation Options ~ 45
Security Options ~ 47
Internet Information Services ~ 48
Terminal Services ~ 48
Remote Access Protocols ~ 49
Network Load Balancing ~ 50
What Happened to WINS? ~ 52
DNS Support ~ 53
Recovery Console ~ 56
Quality of Service ~ 56
File System Changes and Disk Support ~ 56
Active Directory Architecture ~ 59
Domain Architecture Changes ~ 59
Forest ~ 59
Domain Tree ~ 59
Domain ~ 60
Sites ~ 61
Organizational Units ~ 61
User Accounts ~ 61
Groups ~ 63
FSMOs ~ 63
Global Catalog ~ 64
Configuration ~ 64
Schema ~ 64
LDAP ~ 65
So, You Want to Migrate? ~ 65
Quick! Plan Your Project ~ 65
Windows 2000 Case Studies ~ 67
ABC Chemical Company ~ 68
West Coast Accounting, L.L.C. ~ 68
Summary ~ 69
FAQs ~ 71

Chapter 3—Cisco Hardware and IOS Basics ~ 73
Introduction ~ 74
Networking Basics: The Difference between Routers and Switches ~ 74
Hierarchical Design Model ~ 75
When Is It Appropriate to Use Routers? ~ 76
When Is It Appropriate to Use Switches? ~ 77
Switching Overview and Application ~ 77
Cisco Switch Models ~ 77
Catalyst 6500 Series ~ 77
Catalyst 5000 Series ~ 78
Catalyst 3500 Series XL ~ 79
Catalyst 2900 Series XL ~ 80
GBIC Technologies ~ 81
VLANs and How They Function ~ 82
Trunking Technologies ~ 82
VTP Servers and Clients ~ 83
Layer 3 Switching ~ 84
Onboard Layer 3 Options ~ 85
6500 Series and the MSFC ~ 85
5000 Series and the RSM ~ 85
Routing Overview and Application ~ 87
General Overview of LAN/WAN Technologies ~ 87
Ethernet ~ 87
Token Ring ~ 87
HDLC ~ 88
Frame Relay ~ 88
PPP ~ 89
Routing Models ~ 89
7500 Series ~ 89
7200 Series ~ 90
3600 Series ~ 91
1700 Series ~ 92
1600 Series ~ 93
800 Series ~ 95
Cisco IOS ~ 96
Differences in Switch and Router IOSs ~ 96
Router Feature Sets ~ 97
Enterprise ~ 97
IP/IPX/IBM ~ 97
IP Plus ~ 97
Firewall Feature Set ~ 97
Memory Requirements ~ 97
Command Line Interface (CLI) ~ 98
How to Get Around in the IOS ~ 99
QoS Functionality and How it Works on Switches and Routers ~ 104
RSVP ~ 104
Queuing Techniques ~ 105
Weighted Fair Queuing ~ 105
Priority Queuing ~ 105
Custom Queuing ~ 106
Class-based Weighted Fair Queuing ~ 106
Summary ~ 107
FAQs ~ 108

Chapter 4—Protocols and Networking Concepts ~ 109
Introduction ~ 110
The TCP/IP Protocol Stack ~ 110
Setting an IP Address on Windows 2000 ~ 113
Establishing the Default Router ~ 114
Testing IP with ICMP on Windows 2000 ~ 115
Setting an IP Address on a Cisco Router ~ 115
Establishing the Default Route ~ 116
Testing IP with ICMP on a Cisco Router ~ 116
DNS ~ 117
Setting up DNS Services on Windows 2000 ~ 120
Setting Up DNS Clients on Windows 2000 ~ 123
Setting Up DNS Addresses on a Cisco Router ~ 124
Dynamic Host Configuration Protocol (DHCP) ~ 126
Configuring Windows 2000 DHCP Services ~ 126
Configuring Windows 2000 DHCP Clients ~ 128
Forwarding DHCP Information across a Cisco Router ~ 130
File Transfer Protocol (FTP) ~ 131
Setting Up Windows 2000 FTP Services ~ 131
Running an FTP Client Session on Windows 2000 ~ 134
Blocking FTP Traffic from Crossing a Cisco Router ~ 134
Telnet ~ 135
Setting Up Telnet on a Windows 2000 Server ~ 135
Running a Telnet Session on a Windows 2000 Client ~ 136
HyperText Transfer Protocol (HTTP) ~ 136
Setting Up HTTP Support on Windows 2000 ~ 137
Monitoring a Cisco Router from a Web Interface ~ 138
Network News Transport Protocol (NNTP) ~ 139
Configuring NNTP in Windows 2000 ~ 139
Configuring Outlook Express to Access a Newsgroup ~ 140
Simple Network Management Protocol (SNMP) ~ 140
Configuring the Windows 2000 SNMP Agent ~ 141
Remote Procedure Call (RPC) ~ 141
Simple Mail Transport Protocol (SMTP) ~ 142
Configuring a Site Link to Use SMTP ~ 142
Internetwork Packet Exchange (IPX) ~ 143
Configuring Windows 2000 to Use IPX ~ 144
Managing SAP on a Cisco Router ~ 145
NetBEUI ~ 145
Configuring NetBEUI on Windows 2000 ~ 146
Supporting NetBEUI on Cisco Routers ~ 147
Miscellaneous Protocols and Multiservices ~ 147
Remote Desktop Protocol ~ 148
H.323 ~ 148
Voice-over IP (VoIP) ~ 149
Using Microsoft NetMeeting on a VoIP Network ~ 150
Fax-over IP ~ 151
Summary ~ 154
FAQs ~ 156

Chapter 5—Routing and Remote Access ~ 157
Introduction ~ 158
Remote Access Protocols ~ 158
ISDN ~ 159
ISDN Equipment Types ~ 159
ISDN Protocol ~ 160
Dial-on-Demand Routing ~ 161
Configuring BRI on a Cisco Router ~ 161
Configuring PRI on a Cisco Router ~ 163
Configuring an ISDN Interface on Windows 2000 ~ 164
Digital Subscriber Line (DSL) ~ 165
HDSL ~ 166
ADSL ~ 166
ADSL and Cisco Routers ~ 167
Using ADSL on a Windows 2000 Computer ~ 167
G.Lite ~ 168
VDSL ~ 168
SLIP and PPP ~ 168
Configuring IP over a SLIP Link for Cisco Routers ~ 169
Configuring IP over a PPP Link for Cisco Routers ~ 169
Using TCP Header Compression ~ 170
Configuring a Banner Message for SLIP and PPP Connections ~ 170
Configuring PPP and SLIP in Windows 2000 ~ 171
Routing Protocols ~ 172
RIP ~ 174
Updating the Routing Table ~ 174
Routing Loops ~ 175
Configuring RIP on a Cisco Router ~ 176
Configuring RIP on a Windows 2000 Server ~ 177
IGRP and EIGRP ~ 180
Configuring IGRP on a Cisco Router ~ 181
EIGRP ~ 182
OSPF ~ 182
Configuring OSPF on a Cisco Router ~ 182
Configuring OSPF on a Windows 2000 Computer ~ 184
VPN ~ 184
IPSec ~ 185
Configuring IPSec on Cisco Routers ~ 185
Configuring IPSec on Windows 2000 ~ 187
L2TP ~ 189
Configuring L2TP on a Cisco Router ~ 191
Windows 2000 and L2TP ~ 193
PPTP ~ 195
Configuring Windows 2000 PPTP Connection ~ 196
Summary ~ 196
FAQs ~ 198

Chapter 6—Designing the Windows 2000 Network ~ 201
Introduction ~ 202
Design Planning ~ 203
Forest Plan ~ 204
Forest Plan Objectives ~ 206
Establishing the Number of Forests ~ 206
Overhead Involved with Multiple Forests ~ 208
DNS/Domain Plan ~ 209
DNS Plan ~ 209
Domain Plan ~ 212
Kerberos ~ 217
Site Topology ~ 219
Intrasite Replication Characteristics ~ 219
Intersite Replication Characteristics ~ 221
Establishing the Sites ~ 222
Authentication and Queries in the Site Topology ~ 224
Organizational Unit Hierarchy ~ 224
Designing Other Services ~ 225
DHCP Servers ~ 226
Using Windows 2000 DHCP Services ~ 228
Internet Information Services ~ 229
Installation ~ 230
Cluster Services ~ 230
Security and Active Directory ~ 231
IPSecurity ~ 234
Public Key Infrastructure and Certification Authorities ~ 235
Terminal Services ~ 236
WINS ~ 237
Designing with Media Integration ~ 237
Telephony ~ 237
Remote Access ~ 238
Quality of Service ~ 239
Network Load Balancing ~ 240
ATM ~ 240
Case Studies ~ 241
ABC Chemical Company ~ 242
West Coast Accounting, L.L.C. ~ 246
Summary ~ 248
FAQs ~ 250

Chapter 7—Sizing the Infrastructure for Windows 2000 ~ 251
Introduction ~ 252
Active Directory Replication Topology ~ 252
The Path for Replication Traffic ~ 253
Default-First-Site-Name ~ 256
Partitions within the Active Directory ~ 256
Site Plan ~ 258
Planning the Site Topology ~ 262
Planning Time Synchronization ~ 263
FRS ~ 264
Dfs ~ 266
Preparing the Infrastructure for Windows 2000 ~ 267
Internetwork Considerations ~ 272
Measuring Replication Traffic ~ 273
Server Placement ~ 275
Domain Controllers ~ 276
Global Catalog Servers ~ 280
DNS Servers ~ 281
WINS Servers ~ 281
FSMOs ~ 282
Relative ID (RID) Master ~ 282
PDC Emulator ~ 283
Domain Naming Master ~ 284
Infrastructure Master ~ 285
Schema Master ~ 285
RAS Servers ~ 286
DHCP Servers ~ 286
Terminal Services ~ 287
Infrastructure Components ~ 288
Quality of Service ~ 290
Monitoring the Infrastructure ~ 290
Network Monitor ~ 293
Case Studies ~ 294
ABC Chemical Company ~ 294
West Coast Accounting, L.L.C. ~ 297
Summary ~ 299
FAQs ~ 301

Chapter 8—Designing the Cisco Infrastructure ~ 303
Introduction ~ 304
Getting Started: The Design Process—Campus, WAN, and Remote ~ 304
Campus, WAN, and Remote Links Defined ~ 305
The Design Process—Getting down to Business ~ 306
Site Considerations ~ 308
Physical Space for Equipment ~ 309
Network Equipment Basics ~ 311
Capacity Planning ~ 311
Connection and Expansion ~ 311
Best Practices ~ 312
Protocol Addressing Planning ~ 313
Routing Protocols ~ 313
Interior Protocols ~ 314
Routing Information Protocol (RIP) ~ 315
Interior Gateway Routing Protocol (IGRP) ~ 316
Open Shortest Path First (OSPF) ~ 316
Intermediate System-to-Intermediate System (IS-IS) ~ 316
RIPv2 ~ 316
Enhanced IGRP ~ 316
Choosing the Right Protocol ~ 317
Route Selection ~ 318
Addressing Considerations ~ 319
Topology ~ 321
Application Services ~ 323
Server Farm Placement ~ 324
Positioning Servers ~ 324
Terminal Services Farms ~ 325
LAN and Switching Considerations ~ 326
Scaling Bandwidth ~ 326
Scaling Considerations ~ 326
IP Multicast ~ 327
Virtual LANs and Emulated LANs ~ 329
Policy in the Core ~ 329
Comparing Campus Network Design Models ~ 330
The Hub and Router Model ~ 330
The Campus-wide VLAN Model ~ 331
Multiprotocol over ATM ~ 331
WAN Link Considerations with Windows 2000 ~ 332
Routing and Scalability ~ 333
Planning for the Future Growth of the Company’s Infrastructure Network Scalability ~ 334
Layer 2 Switching ~ 335
Layer 3 Switching ~ 336
Layer 4 Switching ~ 336
ATM/LANE Backbone ~ 337
Bridged Protocol Needs ~ 337
Bridging in the Multilayer Model ~ 338
Security to Other Remote Sites ~ 338
Redundancy and Reliability Design ~ 339
Summary ~ 340
FAQs ~ 341

Chapter 9—Implementing the Cisco Routers ~ 343
Introduction ~ 344
Initial Routing Considerations ~ 344
Different Types of Routers and Their Uses ~ 344
Border Routers: Defining the Geographic Areas ~ 345
Distribution Routers: Controlling the Flow of Traffic ~ 345
Access Routers: Controlling the Flow of Data on the Main Network ~ 346
Segmentation and Why It Is Required ~ 348
Broadcast Storms ~ 348
Protocol Traffic ~ 350
Networking Protocols and “Hidden” Traffic ~ 353
Convergence: The Goal of Any Good Router ~ 353
Static Routes versus Dynamic Routing Protocols ~ 353
Planning Your Routed Architecture ~ 355
Identifying Your Access Points ~ 355
Adding the Internet Securely ~ 357
What Kind of Traffic Will Be Going across the WAN Link? ~ 361
Determining the Transport Method ~ 362
Placement of Routers in the Network ~ 363
High-end Chassis Routers ~ 363
Low-end Chassis Routers ~ 364
Determining How Much Processor and Memory Is Required on the Router ~ 364
Layer 3 Switching: RSM and MSFC Cards ~ 365
Protocol Consolidation and Performance ~ 367
Reducing the Number of Protocols on the Network ~ 367
Network Addressing and Segmentation ~ 368
Benefits and Caveats to Mixing and Matching Protocols ~ 369
Redundancy and Reliability ~ 371
Circuitry Failover Design ~ 371
Hardware Failover Design ~ 372
The Financial Costs of Redundancy ~ 373
How Do Redundancy and Reliability Affect the Windows 2000 Network? ~ 374
Security on the Routed Architecture ~ 374
How Does Windows 2000 Help Manage ACLs? ~ 376
Quality of Service on the LAN/WAN Using Windows 2000 ~ 376
The Real Integration—Prioritizing Traffic on the LAN/WAN ~ 377
Dynamic QoS—Is This Really a Great Idea? ~ 377
When Should Another Method of QoS Be Used? ~ 378
Case Studies ~ 381
ABC Chemical Company ~ 381
Main Router Configuration ~ 382
EastSite Router Configuration ~ 382
WestSite Router Configuration ~ 383
West Coast Accounting, L.L.C. ~ 384
San Francisco Router Configuration ~ 384
Phoenix Router Configuration ~ 385
Portland Router Configuration ~ 386
Los Angeles Router Configuration ~ 386
Seattle Router Configuration ~ 387
Summary ~ 387
FAQs ~ 388

Chapter 10—Implementing the Cisco Switches ~ 391
Introduction ~ 392
Cisco IOS-based Switching Products ~ 393
Catalyst 1900/2820 Series ~ 393
Hardware Features of the 1900 Series ~ 393
Hardware Features of the 2820 Series ~ 395
Software Features of the 1900/2820 Series ~ 396
Catalyst 2900XL/3500XL ~ 397
Gigabit Interface Converters (GBICs) ~ 398
Switch Clustering ~ 398
Additional Network Management Features ~ 400
Hardware Features of the 2900XL Series ~ 401
Hardware Features of the 3500XL Series ~ 402
Software Features of the 2900XL/3500XL Series ~ 402
Cisco Set-based Switching Products ~ 403
Catalyst 4000 ~ 403
Hardware Features of the 4003/4006 Series ~ 404
Hardware Features of the Catalyst 4912G Series ~ 405
Software Features of the 4xxx Series ~ 406
Features of the Catalyst 4908G-L3 ~ 406
Catalyst 5000 ~ 406
Hardware Features of the Catalyst 2900 Series ~ 407
Hardware Features of the Catalyst 5000/5002 Series ~ 408
Hardware Features of the Catalyst 5500 Series ~ 408
Modules for the Catalyst 5000 ~ 409
Software Features of the Catalyst 5xxx Series ~ 410
Catalyst 6000 ~ 410
Hardware Features of the Catalyst 6xxx Series ~ 410
Software Features of the Catalyst 6000 Series ~ 411
Catalyst 8500 ~ 411
Hardware Features of the 85xx Series ~ 412
Software Features of the 8500 Series ~ 413
Catalyst 12000 GSR Switches ~ 413
Supervisor Modules ~ 414
Catalyst 5000 Supervisor Modules ~ 414
Catalyst 4000 Supervisor Modules ~ 416
Catalyst 6000 Supervisor Modules ~ 416
Catalyst 8500 Supervisor Modules ~ 417
Route-Switching Modules ~ 417
Router-on-a-Stick ~ 417
RSM ~ 418
RSFC/MSFC ~ 418
Available Switch Platforms ~ 419
Multilayer Switching Modules ~ 419
NFFC/RSFC ~ 419
MSM ~ 420
MSFC/PFC ~ 420
Route Switch Processor for the 8500 ~ 420
Available Switch Platforms ~ 421
Cisco Switches and Windows 2000 ~ 422
Case Studies ~ 423
ABC Chemical Company ~ 423
West Coast Accounting, L.L.C. ~ 423
Summary ~ 425
FAQs ~ 426

Chapter 11—Implementing the Windows 2000 Servers ~ 429
Introduction ~ 430
Installing Windows 2000 ~ 431
Overview of a Scripted Installation ~ 431
Overview of Disk Duplication Methods ~ 435
SYSPREP ~ 435
RIPREP ~ 436
Windows 2000 Setup Phases ~ 439
WINNT Phase ~ 440
Text Mode ~ 440
GUI Mode ~ 440
Installing the Active Directory ~ 441
Which Domain First? ~ 442
Which Server First? ~ 443
DCPromo ~ 444
Populating a Domain with Organizational Units (OUs) and Objects ~ 448
Create an OU for Hidden Objects ~ 449
Delegating Authority ~ 450
Creating a User Account ~ 452
Creating Groups ~ 455
Publishing Printers ~ 457
Publishing Folders ~ 458
Applying a Group Policy ~ 459
Setting Up Sites ~ 460
Installing and Configuring Windows 2000 Components ~ 463
Configuring DNS ~ 463
Configuring the Distributed File System ~ 465
Public Key Infrastructure ~ 466
Internet Information Services ~ 469
Asynchronous Transfer Mode ~ 471
Terminal Services ~ 471
Configuring Routing and Remote Access Services ~ 478
DHCP ~ 479
WINS ~ 481
Case Studies ~ 481
ABC Chemical Company ~ 481
West Coast Accounting ~ 483
Summary ~ 484

Chapter 12—Fast Track ~ 491
Introduction ~ 492
Directory-Enabled Networks ~ 492
The IP Protocol Stack ~ 493
Cisco Networking Services ~ 495
Microsoft’s Windows 2000 ~ 499
Installation ~ 500
Security ~ 501
Services ~ 502
Active Directory ~ 503
Replication ~ 504
Cisco’s Internetwork Operating System ~ 506
Hierarchical Design Model ~ 506
Cisco Switches ~ 506
Cisco Routers ~ 507
Routing and Remote Access ~ 508
Routing Protocols ~ 510
Network Design ~ 511
Segmentation ~ 513
Redundancy and Failover ~ 513
Summary
FAQs ~ 515

Appendix—Sample FastStep Configuration File ~ 517