Steve’s CCIE SP Glossary

This is a list of terms I began to build following research on Netflow Configuration – These are CCIE SP specific. Hope they are of use to you.

BGP—Border Gateway Protocol. An interdomain routing protocol that replaces Exterior Border Gateway Protocol (EGP). BGP exchanges reachability information with other BGP systems. It is defined by RFC 1163.

BGP/MPLS/VPN—A VPN solution that uses MPLS and BGP protocol to allow multiple remote customer sites to be connected over an IP backbone. Refer to RFC 2547 for details.

CE router—A customer edge router. A router that is part of a customer network and interfaces to a PE router.

customer network—A network that is under the control of an end customer. A customer network can use private addresses as defined in RFC 1918. Customer networks are logically isolated from each other and from the provider network. A customer network is also known as a C network.

egress PE—The provider edge router through which traffic moves from the backbone to the destination VPN site.

EGP—Exterior Gateway Protocol. Internet protocol for exchanging routing information between autonomous systems. Documented in RFC 904. Not to be confused with the general term exterior gateway protocol. EGP is an obsolete protocol that was replaced by BGP.

export packet—A packet from a device (for example, a router) with NetFlow Services enabled that is addressed to another device (for example, a NetFlow collector). This other device processes the packet (parses, aggregates, and stores information on IP flows).

FEC—Forward Equivalency Class. A set of packets that can be handled equivalently for the purpose of forwarding and thus is suitable for binding to a single label. The set of packets destined for an address prefix is one example of an FEC. A flow is another example.

flow—Stream of data traveling between two endpoints across a network (for example, from one LAN station to another). Multiple flows can be transmitted on a single circuit. Packets with the same value for source address, source port, destination address, and destination port might be considered a flow or A set of packets with the same source IP address, destination IP address, source/destination ports, and type-of-service, and the same interface on which flow is monitored. Ingress flows are associated with the input interface, and egress flows are associated with the output interface.

flowset—A generic term for a collection of records that follow the packet header in an export packet. The flowset contains information that must be parsed and interpreted by the collector device. There are two types of flowsets: template and data. An export packet contains one or more flowsets, and both template and data flowsets can be mixed within the same export packet.

ICMP - Internet Control Message Protocol. Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing. Documented in RFC 792.

ICMP flood - Denial of service attack that sends a host more ICMP echo request (“ping”) packets than the protocol implementation can handle.

IGMP - Internet Group Management Protocol. Used by IP hosts to report their multicast group memberships to an adjacent multicast router.

IGP - Interior Gateway Protocol. Internet protocol used to exchange routing information within an autonomous system. Examples of common Internet IGPs include IGRP, OSPF, and RIP.

IIH - IS-IS Hello. Message sent by all IS-IS systems to maintain adjacencies.

Integrated IS-IS – Routing protocol based on the OSI routing protocol IS-IS but with support for IP and other protocols. Integrated IS-IS implementations send only one set of routing updates, making it more efficient than two separate implementations. Formerly called Dual IS-IS.

Internet Protocol (IP, IPv4) – Network layer for the TCP/IP protocol suite. Internet Protocol (version 4) is a connectionless, best-effort packet switching protocol. Defined in RFC 791

internetwork - Collection of networks interconnected by routers and other devices that functions (generally) as a single network. Sometimes called an internet, which is not to be confused with the Internet.

internetworking - General term used to refer to the industry devoted to connecting networks together. The term can refer to products, procedures, and technologies.

Inverse ARP – Inverse Address Resolution Protocol. Method of building dynamic routes in a network. Allows an access server to discover the network address of a device associated with a virtual circuit.

IP – Internet Protocol. Network layer protocol in the TCP/IP stack offering a connectionless internetwork service. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security. Defined in RFC 791

IP multicast – Routing technique that allows IP traffic to be propagated from one source to a number of destinations or from many sources to many destinations. Rather than sending one packet to each destination, one packet is sent to a multicast group identified by a single IP destination group address.

IP explicit path – A list of IP addresses, each representing a node or a link in the explicit path

IS-IS – Intermediate System-to-Intermediate System. OSI link-state hierarchical routing protocol based on DECnet Phase V routing, whereby ISs (routers) exchange routing information based on a single metric to determine network topology.

ISP - Internet service provider. Company that provides Internet access to other companies and individuals.

IPv6—IP version 6. Replacement for the current version of IP (version 4). IPv6 includes support for flow ID in the packet header, which can be used to identify flows. Formerly called IPng (next generation).

ingress PE—The provider edge router through which traffic enters the backbone (provider network) from a VPN site.

label—A short, fixed-length identifier that tells switching nodes how the data (packets or cells) should be forwarded.

label imposition—The act of putting the first label on a packet.

LDP—label distribution protocol. A standard protocol between MPLS-enabled routers to negotiate the labels (addresses) used to forward packets. The Cisco proprietary version of this protocol is the Tag Distribution Protocol (TDP).

MPLS—Multiprotocol Label Switching. Switching method that forwards IP traffic using a label. This label instructs the routers and the switches in the network where to forward the packets based on preestablished IP routing information.

MPLS flow – A unidirectional sequence of MPLS packets that arrives to a router on the same subinterface, has the same source and destination IP addresses, the same Layer 4 protocol, the same TCP/UDP source and destination ports, and the same type of service (TOS) byte in the IP header. A TCP session is an example of a flow.

MIB - Management Information Base. Database of network management information that is used and maintained by a network management protocol, such as SNMP or CMIP. The value of a MIB object can be changed or retrieved using SNMP or CMIP commands, usually through a GUI network management system. MIB objects are organized in a tree structure that includes public (standard) and private (proprietary) branches.

MTU - maximum transmission unit. Maximum packet size, in bytes, that a particular interface can handle.

multicast - Single packets copied by the network and sent to a specific subset of network addresses. These addresses are specified in the Destination Address Field. Compare with broadcast and unicast.

multicast address – Single address that refers to multiple network devices. Synonymous with group address. Compare with broadcast address and unicast address.

multicast group – Dynamically determined group of IP hosts identified by a single IP multicast address.

options template—A special type of template record used to communicate the format of data related to the NetFlow process.

OSPF—Open Shortest Path First. A link-state, hierarchical Interior Gateway Protocol (IGP) routing algorithm proposed as a successor to RIP in the Internet community. OSPF features include least-cost routing, multipath routing, and load balancing.

packet header—The first part of an export packet that provides basic information about the packet, such as the NetFlow version, number of records contained within the packet, and sequence numbering, so that lost packets can be detected.

PAP - Password Authentication Protocol. Authentication protocol that allows PPP peers to authenticate one another. The remote router attempting to connect to the local router is required to send an authentication request. Unlike CHAP, PAP passes the password and the host name or username in the clear (unencrypted). PAP does not itself prevent unauthorized access but merely identifies the remote end. The router or access server then determines whether that user is allowed access. PAP is supported only on PPP lines.

PIM - Protocol Independent Multicast. Multicast routing architecture that allows the addition of IP multicast routing on existing IP networks. PIM is unicast routing protocol independent and can be operated in two modes: dense and sparse.

PIM sparse mode – One of the two PIM operational modes. PIM sparse mode tries to constrain data distribution so that a minimal number of routers in the network receive it. Packets are sent only if they are explicitly requested at the RP (rendezvous point). In sparse mode, receivers are widely distributed, and the assumption is that downstream networks will not necessarily use the datagrams that are sent to them. The cost of using sparse mode is its reliance on the periodic refreshing of explicit join messages and its need for RPs. Sometimes called sparse mode PIM or PIM SM.

PIM dense mode – One of the two PIM operational modes. PIM dense mode is data-driven and resembles typical multicast routing protocols. Packets are forwarded on all outgoing interfaces until pruning and truncation occurs. In dense mode, receivers are densely populated, and it is assumed that the downstream networks want to receive and will probably use the datagrams that are forwarded to them. The cost of using dense mode is its default flooding behavior. Sometimes called dense mode PIM or PIM DM.

policy routing – Routing scheme that forwards packets to specific interfaces based on user-configured policies. Such policies might specify that traffic sent from a particular network should be forwarded out one interface, and all other traffic should be forwarded out another interface.

POP - 1. point of presence. In OSS, a physical location where an interexchange carrier installed equipment to interconnect with a local exchange carrier (LEC) or 2. Post Office Protocol. Protocol that client e-mail applications use to retrieve mail from a mail server.

PPP - Point-to-Point Protocol. Successor to SLIP that provides router-to-router and host-to-network connections over synchronous and asynchronous circuits. Whereas SLIP was designed to work with IP, PPP was designed to work with several network layer protocols, such as IP, IPX, and ARA. PPP also has built-in security mechanisms, such as CHAP and PAP. PPP relies on two protocols: LCP and NCP.

PQ/CBWFQ – priority queueing/class-based weighted fair queueing (PQ/CBWFQ). Feature that brings strict priority queueing to CBWFQ. Strict priority queueing allows delay-sensitive data, such as voice, to be dequeued and sent first (before packets in other queues are dequeued), giving delay-sensitive data preferential treatment over other traffic.

PE router—A provider edge router. A router at the edge of a provider network that interfaces to CE routers.

provider network—A backbone network that is under the control of a service provider and provides transport among customer sites. A provider network is also known as the P network.

QoS – quality of service. Measure of performance for a transmission system that reflects its transmission quality and service availability.

TDP—Tag Distribution Protocol. The Cisco proprietary version of the protocol (label distribution protocol) between MPLS-enabled routers to negotiate the labels (addresses) used to forward packets.

virtual LAN - Group of devices on one or more LANs that are configured (using management software) so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.

virtual circuit - Logical circuit created to ensure reliable communication between two network devices. A virtual circuit is defined by a VPI/VCI pair, and can be either permanent (PVC) or switched (SVC). Virtual circuits are used in Frame Relay and X.25. In ATM, a virtual circuit is called a virtual channel. Sometimes abbreviated VC. See also PVC, SVC, VCD, virtual route, and VPI.

VCI - virtual channel identifier. 16-bit field in the header of an ATM cell. The VCI, together with the VPI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination. ATM switches use the VPI/VCI fields to identify the next network VCL that a cell needs to transit on its way to its final destination. The function of the VCI is similar to that of the DLCI in Frame Relay. Compare with DLCI. See also VCL and VPI.

VPN—Virtual private network. A network that enables IP traffic to use tunneling to travel securely over a public TCP/IP network.

VRF—VPN routing and forwarding instance. The VRF is a key element in the MPLS VPN technology. VRFs exist on PEs only. A VRF is populated with VPN routes and allows multiple routing tables in a PE. One VRF is required per VPN on each PE in the VPN. A VRF consists of an IP routing table, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols that determine what goes into the forwarding table. In general, a VRF includes the routing information that defines a customer VPN site that is attached to a PE router.

 References:

http://ciscosystems.com/en/US/docs/ios/12_0st/12_0st10/feature/guide/egress.html#wp1020366

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsmnf24.html#wp1027188

http://www.cisco.com/en/US/docs/internetworking/terms_acronyms/ita.html

September 7, 2009 - Posted by cciesplab | SP General | | 4 Comments