Home > Articles > Cisco Certification > CCDA > CCDA DESGN 640-864: Designing Remote Connectivity

CCDA DESGN 640-864: Designing Remote Connectivity

  • Sample Chapter is provided courtesy of Cisco Press.
  • Date: Oct 6, 2011.

Chapter Description

This chapter discusses wide-area network technologies and design and includes sections covering Identifying WAN Technology Considerations, Designing the Enterprise WAN, and Designing the Enterprise Branch.

Connectivity to remote locations such as the Internet, branches, offices, and teleworkers is provided through enterprise edge technologies and the enterprise WAN architecture. Infrastructure support is provided at the remote locations with enterprise branch architectures.

To connect to remote locations, WAN technologies and WAN transport media must be utilized when considering ownership, reliability, and backup issues. In addition, WAN remote access choices include cable and DSL technologies that are used with Virtual Private Networks (VPN). The enterprise branch is a remote location that is smaller than an enterprise campus and can use a simpler architecture.

Identifying WAN Technology Considerations

The enterprise edge connects campus resources to remote enterprise locations. It can include the WAN, Internet connectivity, remote access, and VPN modules. Many WAN technologies exist today, and new technologies are constantly emerging. The following sections explain the role of a WAN and the requirements necessary for achieving a reliable and efficient WAN design. They also describe the characteristics of the WAN technologies that are currently available.

Review of WAN Features

A WAN is a communications network that covers a relatively broad geographic area. Most often, a WAN uses the transmission facilities that are provided by service providers (carriers) such as telephone companies. WANs generally carry various traffic types, such as voice, data, and video. A network provider often charges user fees called tariffs for the services that are provided by the WAN. Therefore, WAN communication is often known as a service; some considerations include

  • Service-level agreements (SLA): Networks carry application information between computers. If the applications are not available to network users, the network is failing to achieve its design objectives. Organizations need to define what level of service, such as bandwidth or allowed latency and loss, is acceptable for the applications that run across the WAN.
  • Cost of investment and usage: WAN designs are always subject to budget limitations. Selecting the right type of WAN technology is critical in providing reliable services for end-user applications in a cost-effective and efficient manner.

The following are the objectives of an effective WAN design:

  • A well-designed WAN must reflect the goals, characteristics, and policies of an organization.
  • The selected technology should be sufficient for current and (to some extent) future application requirements.
  • The associated costs of investment and usage should stay within the budget limitations.

Figure 5-1 illustrates ways that WAN technologies connect the enterprise network modules.

Figure 5-1

Figure 5-1 Types of WAN Interconnections

Typically, the intent is to provide these results:

  • Connectivity between the enterprise edge modules and ISPs
  • Connectivity between enterprise sites across the service provider and public switched telephone network (PSTN) carrier network
  • Connectivity between enterprise sites across the ISP network

WAN connections can be point-to-point between two locations or a connection to a multipoint WAN service offering, such as a Frame Relay or Multiprotocol Label Switching (MPLS) network. An alternative to WAN connections is a service provider IP network that links the remote sites of an enterprise network. Complete cooperation at the IP layer between the enterprise edge and service provider network is required for this type of connection. DSL and cable are technologies that are frequently used for ISP access for teleworkers and very small offices. This type of network service provides no guarantee of the quality of sessions and is considered a "best effort."

Comparison of WAN Transport Technologies

Table 5-1 reviews WAN technologies that are based on the main factors that influence technology selection. The table provides baseline information to help compare the performance and features that different technologies offer. The options that service providers offer usually limit technology decisions.

Table 5-1. WAN Transport Technology Comparison



Latency and Jitter

Connect Time


Initial Cost




L *












Frame Relay





















Metro Ethernet








L/M **






Cable Modem

L/M **



























Dark Fiber







Time-Division Multiplexing

Time-division multiplexing (TDM) reserves point-to-point connection bandwidth for transmissions indefinitely, rather than using bandwidth only as required. TDM is a type of digital multiplexing in which two or more channels are derived from a given data stream by interleaving pulses representing bits from different channels. For example, a North American T1 circuit is made up of 24 channels that run at 64 kbps, for a total of 1.536 Mbps. When framing overhead is included, the total reaches 1.544 Mbps. A T3 circuit is made up of 28 T1s or 672 channels; including overhead, a T3 circuit provides 44.736 Mbps. Corresponding European standards are the E1 standard, which supports 32 64-kbps channels for a total of 2.04 Mbps, and the E3 standard, which supports 480 64-kbps channels that provides 34.368 Mbps. A carrier can establish a connection in the TDM network by dedicating a channel with the use of TDM. By contrast, packet-switched networks traditionally offer the service provider more flexibility and use network bandwidth more efficiently than TDM networks because the network resources are shared dynamically. Subscribers using TDM are charged an amount based on their guaranteed use of the network.

ISDN Connectivity

Integrated Services Digital Network (ISDN) is a system of digital phone connections that has been available as a communications standard since 1984. This system allows voice and data to be transmitted simultaneously across the world using end-to-end digital connectivity. Connectivity over ISDN offers increased bandwidth, reduced call setup time, reduced latency, and lower signal-to-noise ratios than analog dialup. However, the industry is moving from broadband technologies such as DSL, cable, and public wireless to IP Security (IPsec) VPNs. ISDN presents an effective solution solely for remote-user applications, where broadband technologies are not available.

Analog modern dialup or plain old telephone service (POTS) provides data connectivity over the PSTN using analog modems. Dialup supports relatively low-speed connections, while broadband technologies such as DSL, cable, and public wireless are faster. Dialup point-to-point service is typically no longer a cost-effective solution for WAN connectivity. It is only cost-effective as a backup access solution for Internet connectivity in teleworker environments.

Frame Relay

Frame Relay is an example of a packet-switched technology for connecting devices on a WAN. Frame Relay has been deployed since the late 1980s. Frame Relay networks transfer data using one of two connection types:

  • Permanent virtual circuits (PVC), which are permanent connections
  • Switched virtual circuits (SVC), which are temporary connections that are created for each data transfer and are then terminated when the data transfer is complete (not a widely used connection)

Multiprotocol Label Switching

MPLS is a switching mechanism that uses labels (numbers) to forward packets. In a normal routed environment, frames pass from a source to a destination on a hop-by-hop basis. Transit routers evaluate the Layer 3 header of each frame and perform a route table lookup to determine the next hop toward the destination. However, MPLS enables devices to specify paths through the network. This is performed by using labels that are based on initial route lookup and classification of quality of service (QoS), as well as bandwidth needs of the applications, while taking into account Layer 2 attributes. MPLS labels can correspond to parameters such as a QoS value, a source address, or a Layer 2 circuit identifier. After a path has been established, packets that are destined to the same endpoint with the same requirements can be forwarded based on these labels, without a routing decision at every hop. Labels usually correspond to a Layer 3 destination address, which makes MPLS equal to destination-based routing. Label switching occurs regardless of the Layer 3 protocol. One of the strengths of MPLS is that it can be used to carry many kinds of traffic, including IP packets, as well as native ATM, SONET, and Ethernet frames. A designer's main objective is to minimize routing decisions and maximize switching use.

Metro Ethernet

Metro Ethernet uses Ethernet technology to deliver cost-effective, high-speed connectivity for metropolitan-area network (MAN) and WAN applications. Service providers have started to offer Metro Ethernet services to deliver converged voice, video, and data networking. Metro Ethernet provides a data-optimized connectivity solution for the MAN and WAN based on technology that is widely deployed within the enterprise LAN. Metro Ethernet supports high-performance networks in the metropolitan area, meeting the increasing need for faster data speeds and more stringent QoS requirements. Where traditional TDM access is rigid, complex, and costly to provision, Metro Ethernet services provide scalable bandwidth in flexible increments, simplified management, and faster, lower-cost provisioning. This simple, easy-to-use technology appeals to customers who are already using Ethernet throughout their LANs.

DSL Technology

Digital subscriber line (DSL) is a technology that delivers high bandwidth over traditional telephone copper lines. The term xDSL covers a number of similar yet competing forms of DSL. Asymmetric DSL (ADSL) is the most common form of DSL, which utilizes frequencies that normally are not used by a voice telephone call—in particular, frequencies higher than normal human hearing. ADSL can be used only over short distances, typically less than 18,000 ft. The distinguishing characteristic of ADSL over other forms of DSL is that the volume of data flow is greater in one direction than the other; that is, it is asymmetric.

Figure 5-2 illustrates a typical ADSL service architecture.

Figure 5-2

Figure 5-2 ADSL Implementation Example

The network consists of customer premises equipment (CPE), the network access provider (NAP), and the network service provider (NSP):

  • The CPE refers to an end-user workstation, such as a PC, together with an ADSL modem or an ADSL transmission unit-remote (ATU-R).
  • The NAP provides ADSL line termination by using DSL access multiplexers (DSLAM).
  • The DSLAM forwards traffic to the local access concentrator, the NSP, which is used for Layer 3 termination.

An ADSL circuit connects an ADSL modem on each end of a twisted-pair telephone line. This setup creates three information channels:

  • Medium-speed downstream channel
  • Low-speed upstream channel
  • Basic telephone service channel

Filters (splitters) split off the basic telephone service channel from the digital modem. This feature guarantees uninterrupted basic telephone service, even if ADSL fails.

Cable Technology

Cable is a technology for data transport that uses coaxial cable media over cable distribution systems. This technology is a good option for environments where cable television is widely deployed.

The Universal Broadband Router (uBR), also referred to as the cable modem termination system (CMTS), provides high-speed data connectivity and is deployed at the cable company head end. The uBR forwards data upstream to connect with either the PSTN or the Internet. The cable modem (also referred to as the cable access router) at the remote location supports voice, modem, and fax calls over the TCP/IP cable network. The uBR is designed to be installed at the head-end facility or distribution hub of a cable operator and to function as the CMTS for subscriber end devices. In general, cable operators install cable modems at the customer premises to support small businesses, branch offices, and corporate telecommuters.

Wireless Technology

The term wireless describes telecommunications in which electromagnetic waves carry the signal. Common examples of wireless equipment include cellular phones, Global Positioning Systems (GPS), cordless computer peripherals, satellite television, and wireless LANs.

Wireless implementations include the following:

  • Bridged wireless: Designed to connect two or more networks, typically located in different buildings at high data rates for data-intensive, line-of-sight applications. Building-to-building wireless connects two or more networks that are located in different buildings. A series of wireless bridges or routers can connect discrete distant sites into a single LAN and thus interconnect hard-to-wire sites, discontiguous floors, satellite offices, school or corporate campus settings, temporary networks, and warehouses.
  • Mobile wireless: Includes cellular applications and others. Mobile cellular wireless technologies are migrating to digital services on wireless. Second- and third-generation mobile phones are migrating to digital services that offer connectivity and higher speeds. There are three widely deployed mobile wireless technologies:
    • Global System for Mobile Communications (GSM): A GSM is a digital mobile radio that uses the Time Division Multiple Access (TDMA) technology, which allows eight simultaneous calls on the same RF in three bands: 900, 1800, and 1900 MHz. The transfer data rate is 9.6 kbps. A unique benefit of GSM is its international coverage, allowing the use of a GSM phones almost transparently while traveling abroad, without the need to change any settings or configuration parameters.
    • General Packet Radio Service (GPRS): A GPRS extends the capability of GSM speed and supports intermittent and bursty data transfer. Speeds that are offered the client are in the range of ISDN speeds (64 to 128 kbps).
    • Universal Mobile Telecommunications Service (UMTS): Also called third-generation (3G) broadband, UMTS provides packet-based transmission of text, digitized voice, video, and multimedia at data rates of up to 2 Mbps. UMTS offers a consistent set of services to mobile computer and phone users, no matter where they are located in the world.
  • Wireless LAN: Developed to meet the demand for LAN connections over the air. It is often used in intrabuilding connections. Wireless LANs have developed to cover a growing range of applications, such as guest access and voice over wireless. They support services such as advanced security and location of wireless devices.

SONET and SDH Technology

Circuit-based services architecture is the basis for SONET and Synchronous Digital Hierarchy (SDH). This technology uses TDM and delivers high-value services over an optical infrastructure. SONET or SDH provides high-speed, point-to-point connections that guarantee bandwidth, regardless of actual usage (for example, common bit rates are 155 and 622 Mbps, with a maximum of 10 Gbps). SONET or SDH rings offer proactive performance monitoring and automatic recovery ("self-healing") through an automatic protection switching (APS) mechanism.

Figure 5-3 illustrates a typical SONET/SDH implementation example.

Figure 5-3

Figure 5-3 SONET/SDH Example

SONET or SDH rings support two IP encapsulations for user interfaces: ATM or Packet over SONET/SDH (POS), which sends native IP packets directly over SONET or SDH frames. Optical Carrier (OC) rates are the digital hierarchies of the SONET standard. They support the following speeds:

  • OC-1 = 51.85 Mbps
  • OC-3 = 155.52 Mbps
  • OC-12 = 622.08 Mbps
  • OC-24 = 1.244 Gbps
  • OC-48 = 2.488 Gbps
  • OC-192 = 9.962 Gbps
  • OC-255 = 13.21 Gbps

DWDM Technology

Dense wavelength division multiplexing (DWDM) improves the utilization of optical fiber. Multichannel signaling on a single strand of fiber increases its available bandwidth to the equivalent of several Gigabit Ethernet links. DWDM is a crucial component of optical networks. It maximizes the use of installed fiber cable and allows service providers to efficiently offer new services over the existing infrastructure. Flexible add-and-drop modules permit service providers to drop and insert individual channels along a route. An open architecture system allows various devices, including SONET terminals, ATM switches, and IP routers, to be connected.

Dark Fiber

Dark fiber refers to fiber-optic cables that are leased from the service provider, where the framing is provided by the enterprise. Dark fiber connection allows framing options other than SONET/SDH. The edge devices connect directly over the site-to-site dark fiber using other encapsulations, such as Gigabit Ethernet. To transmit data over long distances, regenerators are inserted into the link to maintain signal integrity and provide appropriate jitter control. Depending on the carrier and location, dark fiber is now available on the wholesale market for both metro and wide-area links at prices that were previously associated with leased-line rentals.

In terms of reliability, SONET/SDH networks offer advanced features over DWDM and dark fiber, such as automatic backup and repair mechanisms to cope with system failure. The failure of a single SONET/SDH link or network element does not lead to failure of the entire network.

WAN Link Categories

From the ownership perspective, WAN links are divided into three broad categories:

  • Private WAN: Uses private transmission systems to connect distant LANs. The owner of a private WAN must buy, configure, and maintain the physical layer connectivity (copper, fiber, wireless, coaxial) and the terminal equipment that is required to connect locations. Thus, private WANs are expensive to build, labor-intensive to maintain, and difficult to reconfigure for constantly changing business needs. The advantages of using a private WAN include higher levels of security and transmission quality.
  • Leased WAN: Uses dedicated bandwidth that is leased by an enterprise from a service provider with either private or leased terminal equipment. The provider provisions the circuit and is responsible for maintenance. Some examples include TDM and SONET circuits. The enterprise pays for the allocated bandwidth, whether or not it is used, and operating costs tend to be high.
  • Shared WAN: Shares physical resources with many users. Carriers offer various circuit- or packet-switching transport networks, such as MPLS or Frame Relay, for user traffic. The provider provisions the circuit and is responsible for the maintenance. Linking LANs and private WANs into a shared network involves a compromise among cost, performance, and security.

There are fixed costs in a typical WAN environment:

  • Equipment purchases, such as modems, CSUs and DSUs, and router interfaces
  • Circuit and service provisioning
  • Network management tools and platforms

Recurring costs include the service provider monthly circuit fees and the support and maintenance of the WAN, including any network management center personnel.

WAN Transport Technology Pricing and Contract Considerations

Historically, WAN transport costs include an access circuit charge and, for TDM, a distance-sensitive rate. Some carriers have dropped or reduced distance-based factors as TDM circuits have become a commodity.

Access circuits generally take 60 days or more to be provisioned by the service provider. The higher the bandwidth, the more lead time it can take. For Metro Ethernet, availability can be spotty and the lead times can be long. Construction fees can be required for the fiber access. Service and pricing options between carriers should be compared to reduce fees, depending on competition in the area.

For Frame Relay and ATM, typical charges include a combination of an access circuit charge (per-PVC) and possibly per-bandwidth (committed information rate [CIR] or minimum information rate [MIR]) charges. Some carriers have simplified these rates by charging based on the access circuit and then setting the CIR or MIR to half that speed. This technique allows bursts to two times the guaranteed rate.

Frame Relay generally has been available at up to T3 speeds. In some cases, T3 is the size of trunks between Frame Relay switches, so the service providers do not want to offer T3 access circuits.

For MPLS VPN service, pricing is generally set to compete with Frame Relay and ATM. Some providers are encouraging customers to move to MPLS VPNs by offering lower prices for bandwidth than for Frame Relay and ATM. Other service providers price MPLS VPNs somewhat higher than Frame Relay or ATM because they are providing a routing service, which has value beyond bandwidth alone.

Tariffed commercial services are typically available at published rates and are subject to certain restrictions. Some carriers are moving toward unpublished rates, allowing more flexibility in options and charges.

In general, for a standard carrier package, the time that is needed to contract a WAN circuit is usually one month. If negotiating a service-level agreement (SLA), six months or more of discussions with the service provider, including the legal department, should be expected. Unless a very large customer is represented, it might not be possible to influence many changes in the SLA.

Contract periods usually last from one to five years. Because the telecommunications industry is changing rapidly, enterprises generally do not want to get locked into a long-term contract. Escape clauses that apply in the case of a merger or poor performance can help mitigate the business risks of long-term contracts.

For dark fiber, contract periods are generally 20 years in length. One key factor is the right of nonreversion, meaning that no matter what happens to the provider, the fiber belongs to the customer for 20 years. This way, the enterprise is protected in the case of situations such as a service provider merger, bankruptcy, and so on. The process to repair fiber cuts needs to be defined in the SLA.

WAN Design Requirements

When developing the WAN design by using the Prepare, Plan, Design, Implement, Operate, and Optimize (PPDIOO) methodology, continue the process of designing the topology and network solutions. This should be accomplished after taking the earlier steps of analyzing organizational requirements and characterizing the existing network.

To develop the WAN topology, consider the projected traffic patterns, technology performance constraints, and network reliability. The design document should describe a set of discrete functions that the enterprise edge modules perform. The document should also describe the expected level of service that is provided by each selected technology, based on the services that a service provider offers.

A network design should be adaptable to future technologies and should not include any design elements that limit the adoption of new technologies as they become available. This consideration needs to be balanced with the issue of cost-effectiveness throughout a network design and implementation. For example, many new internetworks are rapidly adopting VoIP. Network designs should support future VoIP without requiring a substantial upgrade by provisioning hardware and software that have options for expansion and upgradability.

Most users seek application availability in their networks. The chief components of application availability are response time, throughput, and reliability. Applications such as voice and video are negatively impacted by jitter and latency. Table 5-2 shows some examples of applications and their requirements.

Table 5-2. Identifying Application Requirements


Data File Transfer

Data-Interactive Application

Real-Time Voice

Real-Time Video

Response time


Within a second

Round trip of less than 250 ms of delay with low jitter

Minimum delay and jitter

Throughput and packet loss tolerance





Downtime (high reliability has low downtime)

Reasonable; zero downtime for mission-critical applications

Low; zero downtime for mission-critical applications

Low; zero downtime for mission-critical applications

Minimum; zero downtime for mission-critical applications

Response Time

Response time is the time between a user request and a response from the host system. Users accept response times up to a certain limit, at which point user satisfaction declines. Applications in which a fast response time is considered critical include interactive online services, such as point-of-sale machines.

Response time is also a measure of usability for end users. They perceive the communication experience in terms of how quickly a screen updates or how much delay is present on a phone call. They view the network in terms of response time, not link utilization.


In data transmission, throughput is the amount of data that is moved successfully from one place to another in a given time period. Applications that put high-volume traffic onto the network have a high impact on throughput. In general, throughput-intensive applications involve file-transfer activities. Usually, throughput-intensive applications do not require short response times, so they can be scheduled when response time–sensitive traffic is low (for example, after normal work hours).

Figure 5-4 illustrates response time and link utilization.

Figure 5-4

Figure 5-4 Utilization/Throughput Correlation

The response time increases with the offered traffic until it becomes unacceptable to the end user. Similarly, the link utilization increases with the offered traffic until the link becomes saturated. The goal of the designer is to determine the maximum offered traffic that is acceptable to both the end user and the network manager. Planning for a WAN capacity increase should begin early, usually when link utilization reaches 50 percent. Additional bandwidth purchases should start at 60 percent utilization. A link utilization of 75 percent typically means that increased WAN capacity is already urgently needed.

Packet Loss

BER is usually expressed as 10 to a negative power. For example, a transmission might have a BER of 10 to the minus 6 (10–6), meaning that 1 out of 1,000,000 bits transmitted was in error. The BER indicates how frequently a packet or other data unit must be retransmitted because of an error. A BER that is too high might indicate that a slower data rate could improve the overall transmission time for a given amount of transmitted data. In other words, a slower data rate can reduce the BER, thereby lowering the number of packets that must be resent.


Although reliability is always important, some applications have requirements that exceed typical needs. Some organizations that require nearly 100 percent uptime for critical applications are

  • Financial services
  • Securities exchanges
  • Emergency
  • Police
  • Military operations

These organizations require a high level of hardware and topological redundancy. Determining the cost of any downtime is essential to identify the relative importance of the reliability of the network.

QoS Considerations for Bandwidth Constraints

WAN links are typically much slower than LAN links. Transmitting data over a WAN is expensive. Therefore, using data compression, adjusting window sizes, or using a combination of queuing, access rate limits, and traffic shaping can optimize bandwidth usage and improve overall efficiency.

Cisco has developed QoS techniques to mitigate temporary congestion and provide preferential treatment for critical applications. QoS mechanisms, such as queuing, policing (limiting) of the access rate, and traffic shaping enable network operators to deploy and operate large-scale networks. These networks can efficiently manage both bandwidth-hungry applications, such as multimedia, and web traffic and mission-critical applications, such as host-based applications.

Figure 5-5 illustrates how the different technologies covered in this section fit together within the enterprise edge.

Figure 5-4

Figure 5-5 Cisco Design Integration with QoS Technologies


To provide priority to certain flows, the flow must first be identified and (if desired) marked. These two tasks are commonly referred to as just classification. The following represents features that support the classification process:

  • Network-Based Application Recognition (NBAR): Allows packets to be classified by matching on fields at the application layer. Prior to the introduction of NBAR, the most granular classification was Layer 4 TCP and User Datagram Protocol (UDP) port numbers.
  • Committed access rate (CAR): Used to set precedence that is based on extended access list classification. This allows considerable flexibility for precedence assignment, including assignment by application or user, by destination and source subnet, and so on.

Congestion Management

One of the ways that network elements manage an overflow of arriving traffic is to use a queuing algorithm. It sorts the traffic and then determines a method of prioritizing it onto an output link.

When positioning the role of queuing in networks, the primary issue is the duration of congestion. If WAN links are constantly congested, an organization either requires greater bandwidth or should use compression. Queuing is required only on congested WAN links.

There are two types of queues:

  • Hardware queue: Uses the first in, first out (FIFO) strategy, which is necessary for the interface drivers to transmit packets one by one. The hardware queue is sometimes referred to as the transmit queue, or TxQ.
  • Software queue: Schedules packets into the hardware queue based on the QoS requirements, custom queuing (CQ), priority queuing (PQ), and weighted fair queuing (WFQ).
Priority Queuing

PQ is useful for time-sensitive, mission-critical protocols. It establishes four interface output queues, each serving a different priority level.

Custom Queuing

CQ establishes up to 16 interface output queues. When the appropriate number of frames is transmitted from a queue, the transmission window size is reached and the next queue is checked. CQ is a much more equitable solution for mission-critical applications than PQ because it guarantees some level of service to all traffic.

Weighted Fair Queuing

WFQ manages problems inherent in the FIFO queuing method. WFQ ensures that different traffic flows are sorted into separate streams, or conversation sessions, and alternately dispatched. WFQ is the default in Cisco IOS Software for links at or below 2.048 Mbps. Faster links use a hardware FIFO default.

Class-Based Weighted Fair Queuing

Class-based weighted fair queuing (CBWFQ) extends the standard WFQ functionality to provide support for user-defined traffic classes. With CBWFQ, traffic classes are defined based on match criteria, including protocols, access control lists (ACL), and input interfaces. Packets that satisfy the match criteria for a class constitute the traffic for that class. A queue is reserved for each class, and traffic that belongs to a class is directed to the appropriate queue.

After a class has been defined according to its match criteria, characteristics can be assigned. To characterize a class, assign it bandwidth, weight, and maximum packet limit. The bandwidth that is assigned to a class is the guaranteed bandwidth that is delivered to the class during congestion.

To characterize a class, the queue limit for that class needs to be specified, which is the maximum number of packets that are allowed to accumulate in the queue for the class. Packets that belong to a class are subject to the bandwidth and queue limits that characterize the class.

Low Latency Queuing

Low latency queuing (LLQ) brings strict PQ to CBWFQ. Strict PQ allows delay-sensitive data such as voice to be dequeued and sent first (before packets in other queues are dequeued), which gives delay-sensitive preferential treatment over other traffic.

Without LLQ, CBWFQ provides WFQ that is based on defined classes with no strict priority queue available for real-time traffic. CBWFQ allows traffic classes to be defined and assigned characteristics. For example, the minimum bandwidth that is delivered to the class during congestion can be designated.

For CBWFQ, the weight for a packet that belongs to a specific class is derived from the bandwidth that is assigned to the class during configuration. Therefore, the bandwidth of a class determines the order in which packets are sent. All packets are serviced fairly based on weight. No class of packets can be granted strict priority. This scheme poses problems for voice traffic, which is largely intolerant of delay, and especially for voice traffic that is intolerant of variation in delay.

Traffic Shaping and Policing

Traffic shaping and traffic policing (also referred to as committed access rate [CAR]) are similar mechanisms. They inspect traffic and then take an action that is based on the characteristics of that traffic (usually the traffic is over or under a given rate). An example of traffic shaping is shown in Figure 5-6. Sometimes, the action is based on bits in the headers, such as the Differentiated Services Code Point (DSCP) or IP precedence.

Figure 5-6

Figure 5-6 Traffic Shaping Example

Policing either discards the packet or modifies some aspect of it, such as its IP precedence. In this case, the policing agent determines that the packet meets given criteria. By comparison, traffic shaping adjusts the transmission rate of packets that match certain criteria. Traffic shaping holds packets in a buffer and releases them based on a preconfigured rate. It is available only on traffic that is leaving an interface.

An enterprise policy management scheme could deem that traffic generated by a particular resource such as voice should be considered "first-class" traffic so that it receives a top-priority marking. Other traffic, such as data, could drop to a lower-priority class.

Topologies that have higher-speed links that feed into lower-speed links (such as from a central site to a branch office) often experience bottlenecks at the remote end. Traffic shaping helps eliminate the bottleneck by throttling back traffic volume at the source. The most common use of traffic shaping in the enterprise is to smooth the flow of traffic across a single link toward a service provider transport network. This is done to ensure compliance with the traffic contract. This technique avoids service provider policing at the receiving end. Shaping reduces the bursty nature of the transmitted data. It is most useful when the contract rate is less than the line rate. Traffic shaping can also be used to respond to signaled congestion from the transport network when the traffic rates exceed the contract guarantee.

Link Efficiency

Currently, Cisco IOS Software offers several efficiency mechanisms: Link Fragmentation and Interleaving (LFI), Multilink PPP (MLP), and Real-Time Transport Protocol (RTP) header compression:

  • Multilink PPP (MLP): Can logically connect multiple links between two systems, as needed, to provide extra bandwidth. Remotely accessing resources through MLP allows an increase in overall throughput. This is done by logically aggregating the bandwidth of two or more physical communication links such as analog modems, ISDN, and other analog or digital links. MLP is based on Internet Engineering Task Force (IETF) standard RFC 1990.

    PPP is commonly used to establish a direct connection between two nodes. It can connect computers using serial cable, phone lines, trunk lines, cellular telephones, specialized radio links, or fiber-optic links. Most ISPs use PPP for their customers' dialup access to the Internet. An encapsulated form of PPP, called PPP over Ethernet, or PPPoE, is commonly used in a similar role with DSL Internet service. PPP is frequently used as a Layer 2 protocol for connection over synchronous and asynchronous circuits.

  • Link Fragmentation and Interleaving (LFI): Interactive traffic (Telnet, VoIP, and so on) is susceptible to increased latency and jitter when the network processes large packets (for example, LAN-to-LAN FTP transfers traversing a WAN link), especially as they are queued on slower links. The Cisco IOS LFI feature reduces delay and jitter on slower-speed links by breaking up large datagrams and interleaving low-delay traffic packets with the resulting smaller packets.
  • Real-Time Transport Protocol (RTP) header compression: Increases efficiency for many of the newer VoIP or multimedia applications that take advantage of RTP, especially on slow links, by compressing the RTP/UDP/IP header from 40 bytes to 2 to 4 bytes.

Window Size

The window size specifies the maximum number of frames that are transmitted without receiving an acknowledgment. Acknowledgment procedures are particularly important in a protocol layer that provides reliability, such as hop-by-hop acknowledgment in a reliable link protocol or end-to-end acknowledgment in a transport protocol.

The current window is defined as the amount of data that can be sent by a protocol without acknowledgment, which is always less than or equal to the window size. This form of data acknowledgment provides a means in which the network is "self-clocked" so that data flows steadily between the two endpoints of the connection. For example, if the TCP window size is set to 8192, the sender must stop after sending 8192 bytes if no acknowledgment comes from the receiver. This value might be unacceptable for long WAN links with significant delays. In these cases, the window size can be adjusted to a higher value. Frequent retransmissions are a risk, however, because of links with high error rates, which reduce the throughput dramatically.

2. Designing the Enterprise WAN | Next Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020