INSIDE PACKET
CISCO SYSTEMS USERS MAGAZINE
PACKET MAGAZINE
() 999/9 , 28 . 1, !, ! !" 10330
PACKET MAGAZINE # $ % ()
& '() * + - !4 - ' 5 6* & (:;-) + ' 5 $ % = () ' ( > *?
Packet Magazine Packet Magazine ! "# $ % & '# ((#)* ()+* , + * # - ). )% )*/ ! $ +# * #()*
)0++ +#)* & 1)$ -+)*! 1 '#** ! %2 % (# & #** ! +! * +% 1 1. +! ! +2#/01 0 - 3 % 1 ) -+)* )0 Cover Story (## * * )* / # /+ (-+)* ) % % ! +), * )0 Feature (# % #10 4/( #** ! Tech Tips+Training & )0-+)* 1 ' )))* ** (# ! $ +* )0( $ #- ! #** ! ++ 6 # 2 2)* )* , Chalk Talk )0 +#-+)*! 1 ' #** ! #*"0 &* ( 1 1., #+ 1 )*' # 1 7#** ! +, %8.+ #/40
!" # $ % Infrastructure &$ !" " $ '$( ) ('"* ! &# # #$ & &(' +, ! &- " # $ % Service Provider &- &( & * &#+ + * +, ! ('"*&*' .( ! &%& / !
managed service ! +0)%$(1(&- Byond Speeds + Feeds &- # $ %$" & & ' $! &* 345% "6 ',+ +*&7) 345%$"6 "! 3 4 5% 8 #$ *$ !# " !" 8 &* ! #4$ #$$1$"' 345% !& * 9',+
$ $ ! Packet Magazine &- *"*" & * !+7$ $# $ % & (' Packet Magazine # " ! " ( " $#$#&/ &* & * " $1"&$ % $ & * #$# &/ $8
[email protected] #
PACKET CISCO SYSTEMS 2007
p5_Inside.pmd
5
25/1/2550, 10:48
5
TECH
TIPS
+
TRAINING
?
ÇÕ
(Virtual Private Network) ! "#$ % WAN Backbone &'* * ' !!*$%!! %+,-./ * & +01/ %2 **$ $ * $' '%2 %!! ,/&' ' %!! 03'2' 2 ' 5 &'* Site-to-Site VPN *$ Remote Access VPN # Site-to-Site VPN $ + $ 7%+ 8 %+ 9$2* :9; ( $ 2, 5 , ) Fixed-Line Remote Access VPN $ %+ 9 7%+ 9 99*$%,+8 <,%,,'&' * & 03 ' ' ! 9 (Tunnel) &', ./ + + !7%+ 8 , !'$
%==> 9 & *+ 8 ( Encapsulation) %==>%+ /$79+?'' *% %+ ' , %, * !!%+ *$ 0#@CD 9 (CE H Customer Edge) *$0#@CD 9 (PE- Provider Edge) %+ 7**$%==> 9 %==> + ! "#$ !'*$ ! ' # $ / %==>9 . 03 , 9 / 72% , , 9 (Scramble) + 0I,*$/ 9$ % ' J.+ 8 #% + %"#$03+ + %& &'79 !' 9 ' . % KUntrusted NetworkM * & <%, 5 , ! 9 Frame Relay, ATM Multiprotocol Label Switching (MPLS) J.+ & ,,9 $9 $ L2 Virtual Circuit, 6
p6-9_Tech Tips.pmd
!" #$ %& "$'( )$( *"#
PACKET CISCO SYSTEMS 2007
6
25/1/2550, 11:29
%!!%+,8 **$%==> 9 9* /$,' 9 0$:% KTrusted VPNM Secure VPN $ Trusted VPN %+ %==>9$&', 9 , *$ , , '! , */ &'* IP Security (IPsec) VPN, Secure Sockets Layer (SSL) VPN Layer 2 Tunneling Protocol (L2TP) VPN % + IPSec ,,9 03 # Site-to-Site VPN %==>9$ '! $ CE 8 @CD 9 $ PE 8 @CD9 J.++%+ * , =>9 , CE-to-CE !*$ ,< 0':,%+ + $ WAN 7. 7%+9 #$%+=>9, PE-to-PE !$792,' *9 ! 9 Site-to-Site VPN %+ 9 ,' ,/ 7 ,%,*!!&'%,/ %+ 2 *$ 3
J.+%!! 8 L2TP Version 3 Any Transport over MPLS (AToM) $79 2 , !! PPP, Frame Relay, ATM *$ Ethernet #$%+ IEEE 802.1Q (Q-in-Q) 7 !! Ethernet &' ' IPsec, Generic Routing Encapsulation (GRE) *$ MPLS $ 2 ,
!!& *$!! 3 + 8
Layer 2 Site-to-Site VPN - */ + $ 7%+ *$7&' %$ !? *$ ' + $*'' %+ 2 J.+ 0# PE %2 %+ %==>9 !'# 9?''%+ 2 MAC Address Frame Relay DLCI
2 , AToM *$ J 2 L2TPv3 $ 9!!%+ 2 * Point-toPoint J.+ 203 , Virtual Private Wire Service (VPWS) VPN !' AToM %2 %+ =%+ 2 &0 MPLS
$" (+, " #- . / ) 0$ % 1*)"2 ) 0$ "$3 $*"445 # */ )$ "2 #"'0$ MPLS
. %&
PACKET CISCO SYSTEMS 2007
p6-9_Tech Tips.pmd
7
25/1/2550, 11:29
7
TECH TIPS + TRAINING
7 Label Distribution Protocol (LDP) Signaling 7.*% + 8 Virtual Circuit (VC) Label %+ **$%==> 2 J.+, 9 Last-Mile =%+',9 #$' , L2TPv3 #,J*%+ ,8 *$ KSession IDM *$/ , %9 ==> 2 9, =9 * #$%+ VPWS VPN + * Point-to-Point ,/ Virtual Private LAN Service (VPLS) *$ IP-Only LAN Service (IPLS) VPN $79 2 ,+ * Multipoint (Any-to-Any) J.+ VPLS *$ IPLS $;, &'0%!! MPLS, L2TPv3 ' IEEE 802.1Q + Ethernet *$ IP *,2',
Layer 3 Site-to-Site VPN H */ + !?*$ 8 7%+9 ' , J.+ 0#9 / $' !' *'' *$03 %+ 0# PE %+ %==>9 !'# *'' ?''&
IPsec, L2TP *$ SSL/TLS # IPSec VPN *$ L2TP VPN (%+&039' ) $&J=* ',/ !9J J.+ + 7.%, 8 <,%9 2,,+ 9%+2, SSL VPN (:<J! WebVPN) 7 &' ' $& $ ',/ *$,&J=* 03;< %,/& Access Control %+*, ' #, / !9J7. <,% + '&'%+ J *$+ % 9 SSL 79, 9 !''9 0$; ' (Digital Certificate) *$ 9#9 (Integrity Check) *$,< ,9 (Confidentiality) ' %0 !' 5* , , (Secret Key)
BGP/MPLS IP VPN J.+ ./ ,q IETF RFC 4364 ( / + RFC 2547bis) 03%!!
3 %+ 9 ,039 ', J.+ 0# PE $%*$= ''% 2 ,* $ *, % 9 8 9,/ $&', 0$; 0 # PE % %, + 7.,!' Multiprotocol Border Gateway Protocol (MP-BGP) *$ *% 8 BGP **$*''0J %,/% 9 9* $
+ SSL VPN + $ !9J,
%+ ,,& / $'./ ,%*+ , #, %/ 2 &' *, '%+9 77.&' !'#'+ %+ %" 7. 9 *$+ 8 J.+ IPSec VPN %+ 9 %7.%,% &' & J Policy '8 ./ 03;< & #%+ 9 7.%, %+ Clientless VPN & , J$' ! '&J=* + *&' *$ 7. %, K90*M 9 IPSec VPN 0
% Layer 3 Site-to-Site VPN BGP/MPLS VPN * , %!! Virtual Router VPN J.+ , 2 ' IETF ~, .+ %+ + KNetwork based IP VPN Architecture using Virtual RoutersM (cisco.com/packet/182_4b1) #/ , 8 $%2*$ 0# PE 2 ,* $ *$* $, $ Instance !!03
2 ,<,%%+ %,/ SSL VPN *$ IPSec VPN ' , :,# J! VPN 3000 Series Concentrator *$ Cisco ASA 5500 Series Adaptive Security Appliance %+ , '$7% &'%,/* !' ~$ ASA 5500 Seiries %+ * , &= $0I, (IPS) *$ */& , 0#' '
? Remote Access VPN !!*$%!! 8 %+ 03 ' 7 ! * J ,/ 0$' 8
p6-9_Tech Tips.pmd
Site-to-Site VPN %+ 9 ,'$&', =>& 0# CE &=
J% J.+ #/ !
PACKET CISCO SYSTEMS 2007
8
25/1/2550, 11:29
$%'+$ 0# CE 8 $
*$%==>99$&', ,' ' !',
3 %+;,0# CE 0# PE $& %==> 9 +%+%2 %==>9&0,! *''%+ $ #/ ! $%' + $ 0 # CE 8 !' ! ! IPSec GRE J.+,/=>9, / Overlay VPN , &'* Overlay VPN %+ ./!' J Frame Relay
ATM '%+ ./ !' GRE IPSec Tunnel 03 * + '%+0# PE %==> 0# CE $=>9 , / Peer VPN J.+ $*0+ 9%,$ 0# CE *$ PE *$@
9 $03@
,' Peer VPN 9 ,+
Site-to-Site VPN %,/*%+9,' *$ 9 ,' # 2 ',/:
H '9 '%+ # ,/ 03 Point-to-Point Multipoint 9 ,
& ? , BGP/MPLS IP VPN $03+ Multipoint (2 ,=>9, K0M) #$%+ IPSec *$ GRE VPN $03 Point-toPoint ,<#$~$, / + ,' !%!! 8 Full mesh, Hub-and-Spoke *$ Partial Mesh J.+ Point-to-point VPN !%!!%0+ $./ %,* Point-to-Point 8 %,* #$%+ Multipoint VPN 03 Mesh , *9
H '9 7. 2, ' 9 * * !9 7&0%&' & ? %+ / q MPLS %,/ 7. BGP/ MPLS IP VPN *$ AToM VPN ,$2,'%==> 9 #*!%9 * % Layer 3 IPSec *$ GRE $7 * &0 &*$%&'
! "# H %==> MPLS Layer 3 VPN *$ L2TP-based VPN IPSec $ $', 0':,'%+' 9* '+ ./ J.+ 2, L2TPv3 7%2 Tunnel Authentication *$ %/ 0+ I ,!* Blind Insertion ' $$%$! H 7, %==>*,' , & ? 2 K%2&'M ' 2 BGP/MPLS IP VPN *$ IPsec Layer 3 VPN %+;, GRE Tunnel & %!! Multicast VPN (MVPN) 2 ,# BGP/MPLS IP VPN Virtual Tunnel Interface (VTI) 2 ,# IPsec VPN 03
$$%$ Quality of service (QoS) - %!! QoS 2*$', 2, 5 *, J '! *$' &? MPLS !'0$;,+ 2,5 =>' Experimental (EXP) MPLS Shim Header 2* # IPsec VPN, L2TP VPN,
GRE VPN **$%==>$.+ + =>' Type of Service (ToS) Router IP Header ! !!*$%!!
, J.+ 7,' 9 Site-to-Site VPN
& Remote Access VPN / 5 &', ,!' Cisco IOS Software J! *9 &' %+ ', !' 9 9 $:$%2 IPsec VPN *$ SSL VPN &0 0 # J! ASA 5500 Series VPN 3000 Series %2*%&' + + 0$%":
• Comparing, Designing, and Deploying VPNs cisco.com/packet/182_4b2 • Troubleshooting Virtual Private Networks cisco.com/packet/182_4b3 • Cisco ASA 5500 Series cisco.com/packet/182_4b4 • Cisco VPN 3000 Concentrators cisco.com/packet/182_4b5
PACKET CISCO SYSTEMS 2007
p6-9_Tech Tips.pmd
9
25/1/2550, 11:29
9
AT A GLANGE Streaming media protocol support Cisco Application networking Services Accelerating streaming media performance
CHALK
TALK
DESIGN STRATEGY
? !"#$% & '"( )*' ' + +' ',&
ÈÙ
!" #$ % &' ) *+, $ -" . # / ! + & *0 #% !"+
/ 9 !" + # +, ('A & ) &53& 2+&3 * & 7# 8 * !"4 &"! 0 / +, *C*1 +, 3# 3+!1
? 1 !1 ! & 2! *. /
34 !" +,% 3++ # 5"% #% - " 3!" **. 4$3 +,# & *6#& & 7 !" +,7 # 7 ** . */ 5 ! 5 , + &3,*$ !" 4 8 % ! # 0 49 (Load Balancing) +, # 30- &3 * < * # 7 0 +,3* / 8 -" $ 534&' *+,# 8 !" +, # 5" !" +,3*%*2, 9 !" + 3 * 9&2! !" *4 5 , # $.5" 51 !" % 0- & 51 !" !"7=33+ 5" 3&#&9#
/ !! !"!" 2+&3 *8 %3* + 73 !"+-1 D& #& !" ! *& 2& -1 # 37 *973 !"! + -1 * 5" 8 ! 9! *! #%!1:
3!1 5" 4 !" +, 3* % ! & 7 "! 4 /
7 +,*% !" & 7% + !" 5 99# !" & 7 7 5" # * & 7%+ 0 # # 7 0 & 7!# 4" (! #) 10,000 1 # & ! & 7 !1 % 0 4 %#$ !" 3&' 5" ! $# - " 49 * &'-" 5" !"+
10
p10-13_Cisco.pmd
PACKET CISCO SYSTEMS 2007
10
25/1/2550, 11:31
! "#
$%$ &
F 34 &# 8 $#& 1 +,$#& !"4 8 5# 3* . 9# # 73 !" # 7 / 1 4 0 &'9 & -" 5" 5" & & 7# 1 # #-1 % 5 2+&3# 1 # -1 % 3&' 9 & -" *34 C*2+&3 -" ,! !"%7 & / 5 4 ! 9 %'
#!" & # 1 Aggregation Switch 3* 4+ ,%'
- " 4 !" 3& %'
8 Instance % !1 #
!" $"%& '( F 9 " % /
&' ' !" *3*33* 34 *&'# 8 3*% !" (5 !"& ,!) / # 8 !"97 & 13*75"#0- *! #)! 1 D&# & + & * 53 1 # & 7 &' *+,$
# 8 $% / - " 4 73 # +7 / 5" !" % !! * / '= 7 !"0 + 9 & +,#5 7 Cisco Catalyst 6500 Series Switch &'= 7 !1$3*0 / 7 ,! !" Catalyst 6500 !" Redundant 0% 'A 4 Content Switching Module (CSM 49 ); SSL Services Module (SSLM); * Firewall Services Module (FWSM) &+, !1$3*0 / FWSM !" # -" *3 Cisco VPN/ Security Management Solution (CiscoWorks VMS) 3 #0 - %0* 9 1 3* 0- %9 3 Catalyst 6500 Supervisor Engine ,! CSM # Supervisor Engine 07 0* 'A &
&'% 3!1/ !7 34 & !"75"9 +,# 8 * 1: %$#$ ($ ) " * #$ +$+ % #+$$ &, -$ + .- $
/#$( $ &, --%"$ +- &$ %/ /# $ ( $ ) Aggregation-Layer +$+ $((1+ $2 * & - *% /#$( $ + *% /#$( $ & - " !!# 3- /#$( $ "+" !!# 3- /# $ ( $ & - 4 /#$( $) !2 !#+ 32 52 " %#6#7 $ )3$-! $") 3
PACKET CISCO SYSTEMS 2007
p10-13_Cisco.pmd
11
25/1/2550, 11:31
11
CHALK TALK DESIGN STRATEGY
9 $ # & % * 9 & 3*- %''Y3 Catalyst 6500 Series Switch 7 #$ %&, !" ,!+ , 1 7+
F 5"! $#& !" 53& 9 - " # 5 !" *3% 9 + #3* 4% -1 951 ) !" 53& 0- $#& - " (7 %'
) Entity .&7. 5 2+&3# 8 "
F 9 / 3*- 3 *71 4 % Core-Layer, Aggregation-Layer * Access-Layer 9 !" & # 8 $#& 7 #9 %'
5 SSL 3*3% Aggregation-Layer
<,*!1 4/ ! 9 5 # * Aggregation Switch 1 Access Switch !"75"# Aggregation Switch 3* Aggregation Module - " /
$ 4% ! &" Aggregation Module 75" # Core Switch 3 3*79 &&2 Catalyst 6500 Switch 4&9 !" &' 0- &%'
<,* / 9 # 8 Aggregation-Layer 4&' !"75"## Access Switch # Aggregation Switch 07&3 Aggregation Switch % 5&' 75" # Aggregation Switch 1 9#
: End-to-End Load Balancing End-to-End Load Balancing &2!/ !" 8 93*! #& #1 FWSM 5 +,%'
$#& CSM * SSLM #!" & # 1 Aggregation-Layer 9 !" 1 3* 9 99 ! $#& 7& 3&
Y 1 !1 5# 9 * ''A 1 - " ,! !" $&' 4 " 3% $ # 7 3*&" 3 & $# (HTTP port 80) #% 9 %'
12
p10-13_Cisco.pmd
5+,%'
!" 4 Layer 3 5"#3 4 " !" ! #5% 1 !1 FWSM 5 + , % '
) 3*1 ,#* & $# (Untrusted) / (Trusted) 3 ,* !" Aggregation-Layer * Access-Layer 3*% &3, Trusted Zone 31 4" 3*0 #% Catalyst 6500 Aggregation-Layer 9!Y !" Virtual IP (VIP) Address CSM - " 4 Routed Mode - " CSM 3*09 $7 # 8 *3% (!$) 1 % 7 VLAN 5" 4 " 0- 7
&' CSM CSM $3*9 4 " 1% $&'# 8 -" 0&"! 7- " #% & 7&' %,! 34 <,*!1 ''A !"&" 3$&'% & 7&'3*%9 -" 3 *!1 & 7&'34 # #&#) &' 5"& 3 5#. 7 * CSM $3*9 4" 17 1 !1 ! Y4 5" ''A% 9 + 8 /& - " * 75" #%! #0+% !:1 9 &# Multilayer Switch Feature Card (MSFC) Catalyst 6509-Core-1 * Catalyst 6509-Core-2 75"#& $#. ## & 575" #& $#9# 5 " * + 3*$ MSFC 75" # FWSM VLAN 2 FWSM 75 " # MSFC Aggregation Switch VLAN 3 MSFC Aggregation Switch 75 " # CSM VLAN 16 VLAN 49 &' (17 F 19) 3*! !" CSM 75" # * Aggregation Access 3*&-1 !" 4 Layer 2
! " #$ # # ++,$#&3*%3 8 .5" ,! !" + , ! + , !" 3*0
PACKET CISCO SYSTEMS 2007
12
25/1/2550, 11:31
4 !" #% ! 7 #; %'
#; Aggregation Switch # 5 # % Aggregation Switch $# ! 4 -" + Cisco Hot Standby Routing Protocol (HSRP) Catalyst 6500 Series 4'= 7#& /& 0%09 3#% # !" % !"# 3!1 CSM * FWSM +, * Stateful 3- 40*3# -" % !#-" 334 # CSM * FWSM %%5" 4 !"#5" # !" 1 !' ## CSM 5 HSRP Group IP Catalyst 6513 MSFC VLAN 16
vserver ROUTE virtual 0.0.0.0 0.0.0.0 any serverfarm ROUTE persistent rebalance inservice !
*#% 5 'A 7 !"! 3 MSFC Aggregation Switch: MSFC SVI ! interface Vlan16 ip address 10.16.1.2 255.255.255.0
%& '
standby 16 ip 10.16.1.1
#% 'A 7 CSM !"74 # !1:
standby 16 priority 150
()#*+ !" , ! module ContentSwitchingModule 3 vlan 16 client ip address 10.16.1.12 255.255.255.0 gateway 10.16.1.1 alias 10.16.1.11 255.255.255.0 !
1 !1 #< !"%'
# $#& -13*Y C* * & $#-$&' 1 %
+0- #&#* $ ! & 7 ! *# ! # %$! < 97 VLAN Tag CSM * ''A Aggregation-Layer $5" !" 0 4%
vlan 11 server ip address 10.11.1.2 255.255.255.0 alias 10.11.1.1 255.255.255.0 ! vlan 17 server ip address 10.17.1.2 255.255.255.0 alias 10.17.1.1 255.255.255.0 ! vlan 18 server ip address 10.18.1.2 255.255.255.0 alias 10.18.1.1 255.255.255.0 ! vlan 19 server
3!1 'A 7&/< 3 'A 7 49 # % 4 CSM 40- &' *7# 8 !" &' -1 *5" 3 MSFC 0 75"## +, CSM VLAN 16 3- 0!7
+,#& !" ! Route Health Injection (RHI) - " 4 CSM */ !## VIP Address % " 1 $#& % ! 1 +, CSM $#& %+#7 VIP Address ! 4 + , CSM # !" -" !" 9 &' +, CSM # !" % ! ,! !" +, CSM # !" 1
ip address 10.19.1.2 255.255.255.0 alias 10.19.1.1 255.255.255.0 !
4 &"#&!" /
9% !" cisco.com/packet/182_5b1
! serverfarm ROUTE no nat server no nat client predictor forward !
PACKET CISCO SYSTEMS 2007
p10-13_Cisco.pmd
13
25/1/2550, 11:31
13
CHALK TALK
TROUBLESHOOTING
!"# $ Self-Tunnel
(Redundant Path) ! "#$ !!%&! ' *+! %,"#$-. %&!& ' %/& 0 * HSRP (Hot Standby Router Protocol) /&1% *2 / *301%
4 ! Cisco IOS Software 12.3 !9, /: Object Tracking for Reliable Static Routing Backup + Tunneling ( 3* %1!.) ;/ (<.1 ) %1.;;/ ' :#=/& *30 IOS 3 12.3 9 !&*301% &% % +
4 :#=,/& %
';/%1. ; /:% CUST1 < !% /: +' / / &* 2 %,' ISP1 /:% ISP2 / %,"#$/ %1. *'9-. %&!&' % L9 '; 1 .- 0&/ 1 / *+ :2& CUST1 9 + %1 ISP1 & ; ISP2 '; :? ' <!*% track
Self-Tunnel + *;& := # ! ! ; ** MSelf-TunnelQ (> 2) 9 SelfTunnel , -9 3 * % 1 ! . ;:. & % ! 1%& *2 . % /:, CUST1:
' > 1 ISP1 ; ISP2 *+ "#$ / 9 ISP1 :? :2& HSRP 9/&%1 *2 *% track 1 (Serial0/0) & 1!/ , ' ;3 = D;
/:%/ . *& Tunneling && !& CUST1 ; CUST2 *+ "#$. * 9 CUST1 /&1% *2 :?
interface Loopback6000 ip address 10.26.247.1 255.255.255.252 ! see note ! interface Tunnel1000 ip address 10.26.247.9 255.255.255.252 backup interface ser0/0 tunnel source 10.26.247.2
>;: 2 %, &9 : . 10.26.248.0/24 ';< ISP1 (9/&%1 *2
: ip route 10.26.248.0 255.255.255.0 ser0/ 0) + ! CUST1 !%&! ISP1 14
p14-15_Cisco.pmd
tunnel destination 10.26.247.2 no keep-alive ! interface Tunnel2000
PACKET CISCO SYSTEMS 2007
14
25/1/2550, 11:50
ip address 10.26.247.13 255.255.255.252 backup interface Loopback6000 tunnel source 192.168.60.61 tunnel destination 192.168.60.61 no keep-alive ! Interface FastEthernet0/0 Ip address 10.26.248.202 255.255.255.0
2: Self-Tunnel # !"$"% %&' %(
Standby 1 ip 10.26.248.201 Standby 1 preempt Standby 1 priority 105 Standby 1 track Serial0/0 Interface Serial0/0 Ip address 172.16.1.2 255.255.255.252 (omitted)
>;: Tunnel2000 '; +
/, : 192.168.60.60/30 : Y. 1 (9
:?' 1 Fa0/0 ) %, *% backup interface ! T2000 '; Loopback6000 %*& . ; 3, Tunnel1000 ';&/:& ( ; .: 1 , :?%, ;:!3*) ; Serial0/0 '; ( ; Serial0/0 :? 1 % ! Tunnel1000)
ip route 192.168.60.60 255.255.255.252 FastEthernet0/0 ! This subnet is used only to change Tunnel2000 interface status. ip route 10.26.249.0 255.255.255.0 172.16.1.1
+ / , -. Loopback6000 '; / :? ! '
CUST1 - / & (% *+ / * & + /, : 10.26.247.0 1% < 30 : Y. % 10.26.0.0/16 : Y. 1 Tunnel1000 ';
& 9 !%&! / Self-Tunnel /)
- + & FastEthernet0/0 &!%&!
! ';-. 1 ' 1 ; T2000 '; & < Loopback6000 %1 %1 T1000 ;3& Ser0/0 ';&&<! *% backup interface ' >, % / ! ISP1 ' ;& % 9 ; 3 -;! HSRP :' active :? standby &<! *% track *2 /1 ; D;%, 2 ! !'; : /: < ISP2 9 , :? %
%, :? - 04 9
%1!9, *30'' :? :;3
**+& +' Self-Tunnel *2 /& * CUST1-2 + Recursive Lookup
:?
1: !" CUST1 #
PACKET CISCO SYSTEMS 2007
p14-15_Cisco.pmd
15
25/1/2550, 11:50
15
Cisco Unified Communications
16
p16-19_Cisco.pmd
PACKET CISCO SYSTEMS 2007
16
25/1/2550, 11:38
COVER STORY
! "#" $%"!& '() (Unified Communication) !"# $"%& %'" % * "#' % ' "# + , - '.$ Unified Communication * -'"*' . %-# -++$ "%'" /0 + + 12& % 1*' . ($" 3. % ) " /0 +4 - / 56 +, Product and Technology Marketing Organization 13 " ,19& Unified Communications +: + $" / $ -++$- ! " ;# $ - < + ''" 1;# ' ''" (Presense Services) - '= ->4 Cisco Unified Communications ? !%. / 32 ;'09@.%"A " 30 ;'09@. ' % /0 + - % 33 " +: !EA 1 Cisco Unified Communications :
1# < + ''" 1;# ' ''" (Presence Information) 32 $"% + ''" ;# ' ''"" <# '' $" ''" "# + Session Initiation Protocol (SIP) !% +: .+'. --++$%"A SIP 12& + ''"+ 1G"# < $" H+.-# % % Cisco Mobile Connect ?'
Communications, Product and Technology Marketing Organization 13 " ; 1 Sage Research 2005 +" N - / $ 9. " 6 ' -++$ " 0 $" . % - '" A " ..+ 9. " 0 V 2007 ;# $. / <2 66 % $ 9. % +'. ,'%& 9!?'''" + " 9# " " 1 + 9."?# 4 ?- ''" ;# " % "# ;" $" ''" % 9.A & ? " 1 " -. "%E" " / , 1 ''" 1
/ ";% ' !EA " $ -?; '"/ 4 " /0 + ";% -;/H '.' " A $" ;'- * ; '3.3" ; % +/. # % --'" Six Sigma $ & < "; -'"' % '" A -N& +: .3*'. %"' +2 + < 1# E %
;# $ $ E" *"!2" ;# $ $ E %" & "# % *' Y % 1 Cisco Unified Communications $ <1*'. + !?'$ ? +. " % $. !/ % % - ". ,Cisco Unified Communications !% ; 1 !/ + %G '" A <' ' # *12& & $"+ /0 + !/ -+;;' ! 1+ 4 +* '. / 1 Cisco Voice Technology Group % %*
Cisco Unified Communications
!' $ Unified Communications -! '!'&? , +:
"'# ;# $ < 2 ';$E " !?4 - . ;# 56 ' Unified
' " # 1 *'%E" -'"+ 1 ""# '\ 91G "%E" 1 & &' " + 1 $* 3.. - % # 32 <2 & #
3 & "-# 1"- PACKET CISCO SYSTEMS 2007
p16-19_Cisco.pmd
17
25/1/2550, 11:38
17
COVER STORY
+ 1 " $ % <''" H+. & * $ 1 $ 1 % '" + >3 $ $ Cisco Unified MeetingPlace Express $ - ! " ;" * (? -$. . %;# 1 $ <%*% - " - 1 "#% " " ) 1 ( N+ + $H+. Cisco Unified IP Phone 7985 < -%*0 ++A ) 32 !%+ %"
& <%*1' -! <2 - . 32 ";%+ 1 > 1 " *
!!"# ! Unified Communications ! "!#$% & '
Cisco Unified Communications % <%"A $ " " 1 % & < + 1 $ H+.-# % * < # ;" 1" *19 "# + & E E 9 Wi-Fi 1G $"% # "' % 1
& % 1 % 9+ 1 $H+. < H+. ! - * <1$ Cisco Mobile Connect ( Cisco Unified Mobility Manager) + %H+. + & % N+ %2 * " & Cisco Mobile Connect < H+. < 1+ 1 H+.! 1 "# ! ' ' "!% %$ & ' " # 1- 1 "' 3 & Cisco Unified Communications *$" $' ' + -"+ 1 +1 ! ->- $ " Cisco Unified Personal Communicator 12& - *- < + ''";" $" '" A -1# 1;# ' 1
" $ Cisco Unified Presence Server 2 Cisco Unified Communications (# ,Cisco Unified Personal Communicator4)
Cisco Unified Personal Communicator Cisco Unified Personal Communicator ! ( #"% )" % % " *"+ " *" ", -)" + Cisco Unified MeetingPlace !$ "!"!#! #. ' / 0 % % " )" " 12/ !& !/ +)",&&+%" '% +% % ",&&+34 5/ *"& ')"6*"&"#!+$"# Cisco Unity *.3 *"+" * " ", -") + Preference )&
18
p16-19_Cisco.pmd
Cisco Unified Communications H1" N + %' '"<2 ,'4 "!2" $ 9. $ & & Cisco Unified Presence Server -;-+"1 # < + ''" ;" $" '" A 9.--++$'" A +' SIP & %' '& "# 1" $" Cisco Unified CallManager, Cisco Unity Voice Mail, Cisco Unified MeetingPlace % Cisco Unified IP Phone " %" 1# < + ''" ;" $" '" A q"# 9. --++$ SIP 32 Cisco Unified IP Phone - Cisco Unified Personal Communicator + # $ ;'# '" % %12& %
%* E G9.' " A " $& " ;'# '" "# - % %* 1 9" , 5 4 % ,1 < 1;4 ?' , "%E"" < + ''" ;" $" '" A % <2 w9"'# & " {4 .' ;# ! 56 H , Cisco Voice Technology Group " ,3 1 - " "+$"' <1 9. 1;# $ -'" % 9. ''" $" ''" ' 1;# $ " '*4 '" $" Cisco Unified Presence Server Cisco Unified CallManage *# " 1 "$ Cisco Unified MeetingPlace - <$| .$ & ;# $ <+ '% 1 < + ''" ;" $" '" A ' ' Y1# (preference) Cisco Unified Personal Communicator $" " ' %' '" .% 3.." & % % "
<2 10.00 . ,9 ' Cisco Unified Personal Communicator $" %+ < " ''" % "' '";" $"
PACKET CISCO SYSTEMS 2007
18
25/1/2550, 11:38
A *4 - . " ,-& " w% -'' !+ '{4
! ! $% %&' SIP Cisco Unified Communications $ '= '" A " SIP, SIMPLE, SOAP % Ajax + !% 9. $ $" H+.'& '\ H+. < % - "1 " ;;# ''" " <! " " SIP 32 ? '= IETF !%12&& !%/ 9.' " A 3 $ - '-. - 3 $ SIP ";% Cisco Unified Communications ?-+'|. ->32 %;# $ 9.3. % - "1 " ;;# '" ''" & !%;+# : + 9 ' %"A 1 " ,-1 SIP !%;#''" "' " $ 9.'%"#4 - . " , ' 1 " - "1 "<2 + -"H+. < <# -? +#'' " " *?4 3 " < SIP Cisco Unified CallManager 5.0, Cisco Unified Call Manager Express 3.4 - Cisco Unified Survivable Remote Site Telephony 3.4 <2 9.H+. - + " - & SIP !% ?+' + & = Cisco Unified CallManager G '" A ' '& Cisco Unified CallManager < " $ SIP % SCCP " " %2 % $+ & +' -- SCCP 9 ' " -'" - SIP -3% ;#;' 9. <$ 1 '= + | .$ %"A 0 % !E Cisco Unified Communications "+-'" Cisco Unified CallManager " & SIP % <2 Cisco Unified CallManager Express - Cisco Survivable Remote Site Telephony (SRST) 32 $.1 +'. SIP SRST ; H+. (Call-Processing) ! $"- 0 1" WAN $ %" 3|. . Cisco Unified CallManager ! "# " ;# $ * $ 9.- -++$' '
! () ! #!)!' ) & Cisco Unified Presence Server SIP !% <-"1# < + ''" ;" $" '" A 3|. .- < + ''" ' SIP 32 !% 1# < + ''" 1 ,< -; %2 G ''& $ 3|. .- < + ''" SIP "
$" Microsoft Live Communications Server (LCS) % Lotus SameTime --; A $ Cisco Unified Presence Server "# + 1 -; * <$ 9. % -++$1' 1 #1 # < + ''" ;" $" '" A 1+ & %
* Cisco Unified Communications $"0 1 % 5 6 %"< !%% *' . - ,
+ 0 9. -++$*' . " % &-++$ - + &= '$. '. * !E " & 4 - " -! - - " Cisco Unified Operations Manager .|3 % ' A % <'. + % - " 5Y
# < 1 " & % Cisco Unified Communications 32 Cisco Unified CallManager, Cisco Unified IP phones, Cisco Unity Messaging, Cisco Unified MeetingPlace ' '.- '$. & - 1%" " '" A -. $" 3.|. Cisco Unified CallManager 1 " # " H+. !% ?' ,; <' < H+. *$ 9"<2 +Y% 1''"0 1 " & 4 . * . ;# -# *' . 1G Warner Pacific Insurance Services 32 $ % !% Cisco Unified Communications " " - " Cisco Unified Service Monitor 90 +13. '" A 1*' . '- %. <' 3.3 $ + ;+/.?- Mean Opinion Score (MOS) A %2
+ + )( 0 + % !E1 Cisco Unified Communications $$. N0 +1*' . + + /0 + - " 1 !/ & & 3 '. G 0-1*- "<2 '= -> ($" SIP % SIMPLE) -++$ + %9 ; - &
Í‹Ò¹à¾ÔèÁàμÔÁ • Cisco Unified Communications system cisco.com/go/unified • Cisco Unified Presence Server video cisco.com/packet/182_6a1 • Podcast with Cisco Distinguished Engineer Cullen Jennings cisco.com/packet/182_6a2
PACKET CISCO SYSTEMS 2007
p16-19_Cisco.pmd
19
25/1/2550, 11:38
19