larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide: (CCDP ARCH 642-874), 3rd Edition


  • Sorry, this book is no longer in print.
Not for Sale

eBook (Watermarked)

  • Your Price: $56.79
  • List Price: $70.99
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Acrobat® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

  • Description
  • Sample Content
  • Updates
  • Copyright 2012
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 736
  • Edition: 3rd
  • Book
  • ISBN-10: 1-58714-288-0
  • ISBN-13: 978-1-58714-288-8

Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Third Edition, is a Cisco®-authorized, self-paced learning tool for CCDP® foundation learning. This book provides you with the knowledge needed to perform the conceptual, intermediate, and detailed design of a network infrastructure that supports desired network solutions over intelligent network services, in order to achieve effective performance, scalability, and availability. By reading this book, you will gain a thorough understanding of how to apply solid Cisco network solution models and recommended design practices to provide viable, stable enterprise internetworking solutions. The book presents concepts and examples that are necessary to design converged enterprise networks. Advanced network infrastructure technologies, such as virtual private networks (VPNs) and other security solutions are also covered.

Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Third Edition teaches you the latest development in network design and technologies, including network infrastructure, intelligent network services, and converged network solutions. Specific topics include campus, routing, addressing, WAN services, data center, e-commerce, SAN, security, VPN, and IP multicast design, as well as network management. Chapter-ending review questions illustrate and help solidify the concepts presented in the book.

Whether you are preparing for CCDP certification or simply want to gain a better understanding of designing scalable and reliable network architectures, you will benefit from the foundation information presented in this book.

Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Third Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit

John Tiso, CCIE No. 5162, CCDP is a Product Manager for Cisco Systems. He holds a B.S. Degree in Computer Science and Mathematics from Adelphi University and a Graduate Citation in Strategic Management from Harvard University. John is a published author, has served as a technical editor for Cisco Press, and has participated as a SME for the CCIE program. Prior to Cisco, he was a senior consultant and architect in the Cisco partner channel.

· Learn about the Cisco Enterprise Architecture

· Create highly available campus and data center network designs

· Develop optimum Layer 3 designs

· Examine advanced WAN services design considerations

· Evaluate SAN design considerations

· Deploy effective e-commerce module designs

· Create effective security services and IPsec and SSL VPN designs

· Design IP multicast networks

· Understand the network management capabilities within Cisco IOS Software

This book is in the Foundation Learning Guide Series. These guides are developed together with Cisco® as the only authorized, self-paced learning tools that help networking professionals build their understanding of networking concepts and prepare for Cisco certification exams.

Category: Cisco Certification

Covers: CCDP ARCH 642-874

Online Sample Chapter

Designing Cisco Network Service Architectures (ARCH): Developing an Optimum Design for Layer 3 (CCDP)

Sample Pages

Download the sample pages (includes Chapter 3 and Index)

Table of Contents

Foreword xxx

Introduction xxxi

Chapter 1 The Cisco Enterprise Architecture 1

Reviewing Cisco Enterprise Architecture 1

The Hierarchical Model 2

Example Hierarchical Network 3

Enterprise Network Design for Cisco Architectures 4

Service and Application Integration 7

Network Services 7

Network Applications 9

Modularity in Cisco Network Architectures for the Enterprise 9

Reviewing the Cisco PPDIOO Approach 12

PPDIOO Network Lifecycle Approach 13

Benefits of the Lifecycle Approach 14

Using the Design Methodology Under PPDIOO 16

Identifying Customer Requirements 16

Characterizing the Existing Network and Sites 17

Designing the Topology and Network Solutions 18

Dividing the Network into Areas 18

Summary 20

References 21

Review Questions 21

Chapter 2 Enterprise Campus Network Design 23

Designing High Availability in the Enterprise Campus 24

Enterprise Campus Infrastructure Review 24

Access Layer 24

Distribution Layer 26

Core Layer 27

Collapsed-Core Model 29

High-Availability Considerations 30

Implement Optimal Redundancy 30

Provide Alternate Paths 32

Avoid Single Points of Failure 33

Cisco NSF with SSO 33

Routing Protocol Requirements for Cisco NSF 34

Cisco IOS Software Modularity Architecture 35

Example: Software Modularity Benefits 37

Designing an Optimum Design for Layer 2 38

Recommended Practices for Spanning-Tree Configuration 38

Cisco STP Toolkit 40

STP Standards and Features 40

Recommended Practices for STP Hardening 41

Recommended Practices for Trunk Configuration and Vlan Trunking Protocol 43

Dynamic Trunking Protocol 45

Recommended Practices for UDLD Configuration 46

Recommended Practices for EtherChannel 47

Port Aggregation Protocol 49

Link Aggregation Control Protocol 49

Supporting Virtual Switching Systems Designs 50

Common Access-Distribution Block Designs 51

Multichassis EtherChannels and VSS 52

VSS Design Considerations 53

Dual Active Detection and Recovery 54

VSS Design Best Practices 55

Developing an Optimum Design for Layer 3 55

Managing Oversubscription and Bandwidth 56

Bandwidth Management with EtherChannel 56

Bandwidth Management with 10 Gigabit Interfaces 57

Link Load Balancing 57

Link Load Balancing with EtherChannel 58

EtherChannel Design Versus Equal-Cost Multipathing 59

Routing Protocol Design 60

Build Redundant Triangles 60

Peer Only on Transit Links 60

Summarize at the Distribution Layer 62

First-Hop Redundancy 64

Preempt Delay Tuning 65

Elimination of FHRP in VSS Designs 66

Overview of Gateway Load Balancing Protocol 67

Optimizing FHRP Convergence 69

Supporting a Layer 2 to Layer 3 Boundary Design 71

Layer 2 to Layer 3 Boundary Design Models 71

Layer 2 Distribution Switch Interconnection 71

Layer 3 Distribution Switch Interconnection (with HSRP) 72

Layer 3 Distribution Switch Interconnection (with GLBP) 72

Layer 3 Distribution Switch with VSS Interconnection 73

Layer 3 Access to Distribution Interconnection 74

EIGRP Access Design Recommendations 75

OSPF Access Design Recommendations 76

Potential Design Issues 77

Daisy Chaining Access Layer Switches 77

Cisco StackWise Technology in the Access Layer 78

Too Much Redundancy 79

Too Little Redundancy 80

Example: Impact of an Uplink Failure 80

Example: Impact on Return-Path Traffic 82

Asymmetric Routing (Unicast Flooding) 82

Unicast Flooding Prevention 83

Supporting Infrastructure Services 84

IP Telephony Considerations 84

IP Telephony Extends the Network Edge 84

PoE Requirements 85

Power Budget and Management 87

Multi-VLAN Access Port 89

Soft Phones and Voice VLANs 90

QoS Considerations 90

Recommended Practices for QoS 91

Transmit Queue Congestion 91

QoS Role in the Campus 92

Campus QoS Design Considerations 92

Cisco Catalyst Integrated Security Features 93

Port Security Prevents MAC-Based Attacks 93

DHCP Snooping Protects Against Rogue and Malicious DHCP Servers 94

Dynamic ARP Inspection Protects Against ARP Poisoning 94

IP Source Guard Protects Against Spoofed IP Addresses 95

Example Catalyst Integrated Security Feature Configuration 95

Summary 95

References 96

Review Questions 97

Chapter 3 Developing an Optimum Design for Layer 3 101

Designing Advanced IP Addressing 101

IP Address Planning as a Foundation 102

Summary Address Blocks 102

Summarization for IPv6 103

Changing IP Addressing Needs 104

Planning Addresses 104

Applications of Summary Address Blocks 105

Implementing Role-Based Addressing 105

Bit Splitting for Route Summarization 106

Example: Bit Splitting for Area 1 107

IPv6 Address Planning 107

Bit Splitting for IPv6 108

Addressing for VPN Clients 109

NAT in the Enterprise 109

NAT with External Partners 110

Design Considerations for IPv6 in Campus Networks 111

IPv6 Campus Design Considerations 111

Dual-Stack Model 112

Hybrid Model 112

Service Block Model 114

Designing Advanced Routing 115

Route Summarization and Default Routing 115

Originating Default Routes 116

Stub Areas and Default Route 117

Route Filtering in the Network Design 118

Inappropriate Transit Traffic 118

Defensive Filtering 120

Designing Redistribution 121

Filtered Redistribution 122

Migrating Between Routing Protocols 123

Designing Scalable EIGRP Designs 123

Scaling EIGRP Designs 124

EIGRP Fast Convergence 124

EIGRP Fast-Convergence Metrics 125

Scaling EIGRP with Multiple Autonomous Systems 126

Example: External Route Redistribution Issue 126

Filtering EIGRP Redistribution with Route Tags 127

Filtering EIGRP Routing Updates with Inbound Route Tags 128

Example: Queries with Multiple EIGRP Autonomous Systems 130

Reasons for Multiple EIGRP Autonomous Systems 130

Designing Scalable OSPF Design 131

Factors Influencing OSPF Scalability 131

Number of Adjacent Neighbors and DRs 132

Routing Information in the Area and Domain 132

Designing OSPF Areas 133

Area Size: How Many Routers in an Area? 134

OSPF Hierarchy 134

Area and Domain Summarization 136

Number of Areas in an OSPF Hub-and-Spoke Design 137

OSPF Hub-and-Spoke Design 137

Issues with Hub-and-Spoke Design 138

OSPF Hub-and-Spoke Network Types 140

OSPF Area Border Connection Behavior 141

Fast Convergence in OSPF 142

OSPF Exponential Backoff 143

Tuning OSPF Parameters 143

OSPF LSA Pacing 145

OSPF Event Processing 145

Bidirectional Forwarding Detection 145

Designing Scalable BGP Designs 146

Scaling BGP Designs 146

Full-Mesh IBGP Scalability 147

Scaling IBGP with Route Reflectors 148

BGP Route Reflector Definitions 148

Route Reflector Basics 150

Scaling IBGP with Confederations 151

BGP Confederation Definitions 151

Confederation Basics 151

Confederations Reduce Meshing 152

Deploying Confederations 154

Summary 155

References 157

Review Questions 158

Chapter 4 Advanced WAN Services Design Considerations 161

Advanced WAN Service Layers 161

Enterprise Optical Interconnections 162

Overview of SONET and SDH 163

Enterprise View of SONET 164

WDM Overview 165

CWDM Technical Overview 165

DWDM Technical Overview 166

DWDM Systems 167

RPR Overview 168

RPR in the Enterprise 168

Metro Ethernet Overview 170

Metro Ethernet Service Model 170

Metro Ethernet Architecture 170

Metro Ethernet LAN Services 172

Ethernet Private Line Service 173

Ethernet Relay Service 174

Ethernet Wire Service 175

Ethernet Multipoint Service 175

Ethernet Relay Multipoint Service 176

Any Transport over MPLS 176

Ethernet over MPLS 177

End-to-End QoS 179

Shaping and Policing on Subrate Ethernet WAN 180

Choosing the Right Service 181

VPLS Overview 181

VPLS Architecture Model 182

VPLS in the Enterprise 183

Hierarchical VPLS Overview 184

Scaling VPLS 184

QoS Issues with EMS or VPLS 186

EMS or VPLS and Routing Implications 186

VPLS and IP Multicast 187

VPLS Availability 187

MPLS VPN Overview 187

Customer Considerations with MPLS VPNs 188

Routing Considerations: Backdoor Routes 189

Routing Considerations: Managed Router Combined with Internal Routing 189

Routing Considerations: Managed Router from Two Service Providers 190

Implementing Advanced WAN Services 191

Advanced WAN Service Selection 192

Business Risk Assessment 192

WAN Features and Requirements 194

SLA Overview 195

SLA Monitoring 196

Application Performance Across the WAN 197

WAN CPE Selection Considerations 198

Cisco PfR Overview 200

Cisco PfR Operations 200

Cisco PfR Design and Deployment Considerations 203

Summary 204

References 205

Review Questions 206

Chapter 5 Enterprise Data Center Design 211

Designing the Core and Aggregation Layers 212

Data Center Architecture Overview 213

Benefits of the Three-Layer Model 213

The Services Layer 214

Using Dedicated Service Appliances 215

Data Center Core Layer Design 217

Layer 3 Characteristics for the Data Center Core 218

OSPF Routing Protocol Design Recommendations 220

EIGRP Routing Protocol Design Recommendations 221

Aggregation Layer Design 221

Scaling the Aggregation Layer 223

STP Design 224

Understanding Bridge Assurance 226

Integrated Service Modules 227

Service Module Placement Consideration 227

Service Modules and the Services Layer 228

Active STP, HSRP, and Service Context Alignment 230

Active/Standby Service Module Design 232

Active/Active Service Module Design 232

Establishing Inbound Path Preference 233

Using VRFs in the Data Center 235

Using the Cisco Nexus 7000 Series in the Core and Aggregation Layer 236

VDCs 238

Designs Enabled by VDCs 239

vPCs 241

vPC Best Practices 242

Designs Enabled by vPC 243

Layer 2 Multipathing 244

Designing the Access Layer 245

Overview of the Data Center Access Layer 245

Layer 2 Looped Designs 246

Layer 2 Looped Topologies 247

Layer 2 Looped Design Issues 249

Layer 2 Loop-Free Designs 250

Loop-Free Topologies 251

Example: Loop-Free U Design and Layer 2 Service Modules 253

Example: Loop-Free U Design and Cisco ACE Service Module 254

Layer 2 FlexLink Designs 255

FlexLink Issues and Considerations 256

Comparison of Layer 2 Access Designs 259

Layer 3 Access Layer Designs 260

Multicast Source Support 261

Benefits of Layer 3 Access 262

Drawbacks of Layer 3 Access 262

Blade Server Overview 262

Blade Server Connectivity Options 264

Blade Server Trunk Failover Feature 265

Virtual Blade Switching 266

Cisco Nexus Switch Family in the Access Layer 267

TOR and EOR Designs 267

Static and Dynamic Pinning 267

Cisco Nexus 2000 FEX Dynamic Pinning 268

Virtual Port Channel in the Data Center Access Layer 269

Straight-Through FEX Design 270

Active/Active FEX Design 270

Cisco Nexus 1000V in the Data Center Access Layer 272

Virtual Port Channel Host Mode 273

Design Considerations for the Cisco Nexus 1000V 274

Cisco Nexus 1010 275

Layer 2 or Layer 3 Access Design? 276

Scaling the Data Center Architecture 277

TOR Versus EOR Designs 277

Cabinet Design with TOR Switching 279

Example: Network Topology with TOR Switching Model 280

Cabinet Design with Modular Access Switches 281

Example: Network Topology with Modular Access Switches 281

Cabinet Design with Fabric Extenders 282

Server NIC Density 284

Hybrid Example with a Separate OOB Switch 284

Oversubscription and Uplinks 285

Scaling Bandwidth and Uplink Density 286

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive:

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020