Network Design for a Dial NMS Case Study
Configuration Design Parameters
!"
Basic Dial NMS Implementation Guide
Caution
Do not use “public” or “private” strings, which are well known in the industry, are
common hardware defaults, and invite attacks from hackers—regardless if you use filters.
To maximize security, choose community strings that are not associated with your
personal life or company.
Table 7
IP Subnetting Plan for POP #1 and POP #2
Network Name
Assigned IP Subnet
Description
POP #1
172.21.0.0/16
Class B IP subnet assigned to POP #1.
POP #2
172.22.0.0/16
Class B IP subnet assigned to POP #2.
NOC
172.23.10.0/24
Class C IP subnet assigned to the NOC.
Access 172.21.101.0/24
172.21.102.0/24
172.22.101.0/24
172.22.102.0/24
Primary and secondary class C access Ethernet subnets.
All the access devices in each POP are directly connected
to these subnets.
DeviceID
172.21.10.0/24
172.22.10.0/24
Identifies each Cisco IOS device with a unique, fixed, and
stable loopback IP address for network management
purposes.
One IP address is assigned to the loopback 0 interface of
each Cisco IOS device.
One IP address block is used to simplify IP-security
filtering at the NOC. This technique protects the NOC
from devices that should not access management
services, such as , RADIUS, syslog, and
SNMP.
IP pool
172.21.103.0/24
172.21.104.0/22
172.22.103.0/24
172.22.104.0/22
Hosts a pool of IP addresses for the dial access clients
with modems.
This IP assignment provides 1280 IP addresses to each
POP. The access servers create the IP routes to support
the IP pools.
Few IP routes are summarized to the backbone instead of
advertising 1280 host routes.
Table 8
SNMP Community Strings Used at THEnet
Community Strings
Purpose
5urf5h0p
Assigns a read-only (RO) community string to enable SNMP polling and
SNMP get requests.
5crapmeta1
Assigns a read-write (RW) community string to enable router configuration
changes.