Avaya 8800 Planning And Engineering page 7

Chapter 13: Layer 1, 2, and 3 design examples..................................................................235
Navigation.....................................................................................................................................................235
Layer 1 examples..........................................................................................................................................235
Layer 2 examples..........................................................................................................................................238
Layer 3 examples..........................................................................................................................................242
RSMLT redundant network with bridged and routed VLANs in the core.......................................................247
Chapter 14: Network security...............................................................................................249
DoS protection mechanisms.........................................................................................................................249
Broadcast and multicast rate limiting....................................................................................................250
Directed broadcast suppression...........................................................................................................250
Prioritization of control traffic................................................................................................................250
CP-Limit recommendations..................................................................................................................250
ARP request threshold recommendations............................................................................................251
Multicast Learning Limitation................................................................................................................252
Damage prevention.......................................................................................................................................252
Packet spoofing....................................................................................................................................253
High Secure mode................................................................................................................................254
Spanning Tree BPDU filtering...............................................................................................................254
Security and redundancy..............................................................................................................................255
Data plane security.......................................................................................................................................255
EAP......................................................................................................................................................256
VLANs and traffic isolation...................................................................................................................257
DHCP snooping....................................................................................................................................258
Dynamic ARP Inspection (DAI)............................................................................................................259
IP Source Guard...................................................................................................................................260
Security at layer 2.................................................................................................................................260
Security at Layer 3: filtering..................................................................................................................261
Security at Layer 3: announce and accept policies..............................................................................261
Routing protocol security......................................................................................................................262
Control plane security...................................................................................................................................262
Management port.................................................................................................................................263
Management access control.................................................................................................................264
High Secure mode................................................................................................................................265
Security and access policies................................................................................................................265
RADIUS authentication.........................................................................................................................266
RADIUS over IPv6................................................................................................................................268
TACACS+.............................................................................................................................................268
Encryption of control plane traffic.........................................................................................................269
SNMP header network address............................................................................................................270
SNMPv3 support..................................................................................................................................271
Other security equipment.....................................................................................................................271
For more information.....................................................................................................................................272
Chapter 15: QoS design guidelines.....................................................................................273
QoS mechanisms..........................................................................................................................................273
QoS classification and mapping...........................................................................................................274
QoS and queues...................................................................................................................................276
QoS and filters......................................................................................................................................276
Policing and shaping............................................................................................................................278
Provisioning QoS networks using R series modules.....................................................................................279
Planning and Engineering - Network Design November 2010 7