Home > Store

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320, 4th Edition

Register your product to gain access to bonus material or receive a coupon.

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide: CCDP ARCH 300-320, 4th Edition


  • Sorry, this book is no longer in print.
Not for Sale

eBook (Watermarked)

  • Your Price: $43.51
  • List Price: $54.39
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Acrobat® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.



  • All-new content throughout, developed with the Cisco certification team, creators of the newest CCDP exams and courses
  • Brings together in-depth coverage of all new exam objectives
  • Covers IGP and BGP connectivity, WAN design, enterprise network-to-data-center integration, security, QoS, IPv6, IP multicast, enterprise SDNs, and more
  • Includes self-assessment review questions and a running case study


  • Copyright 2017
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 944
  • Edition: 4th
  • Book
  • ISBN-10: 1-58714-462-X
  • ISBN-13: 978-1-58714-462-2

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition

· Learn about the Cisco modular enterprise architecture

· Create highly available enterprise network designs

· Develop optimum Layer 3 designs

· Examine advanced WAN services design considerations

· Evaluate data center design considerations

· Design effective modern WAN and data center designs

· Develop effective migration approaches to IPv6

· Design resilient IP multicast networks

· Create effective network security designs

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide , Fourth Edition, is a Cisco-authorized, self-paced learning tool for CCDP foundation learning. This book provides you with the knowledge needed to perform the conceptual, intermediate, and detailed design of a network infrastructure that supports desired network solutions over intelligent network services to achieve effective performance, scalability, and availability. This book presents concepts and examples necessary to design converged enterprise networks. You learn additional aspects of modular campus design, advanced routing designs, WAN service designs, enterprise data center design, IP multicast design, and security design. Advanced and modern network infrastructure solutions, such as virtual private networks (VPN), Cisco Intelligent WAN (IWAN), and Cisco Application-Centric Infrastructure (ACI), are also covered.

Chapter-ending review questions illustrate and help solidify the concepts presented in the book.

Whether you are preparing for CCDP certification or CCDE certification, or simply want to gain a better understanding of designing scalable and reliable network architectures, you will benefit from the foundation information presented in this book.

Designing for Cisco Network Service Architectures (ARCH) Foundation Learning Guide, Fourth Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit https://learningnetwork.cisco.com.

Category: Cisco Certification

Covers: CCDP ARCH 300-320

Sample Content

Sample Pages

Download the sample pages (includes Chapter 16 and Index)

Table of Contents


Part I Designing Reliable and Resilient Enterprise Layer 2 and Layer 3 Networks

Chapter 1 Optimal Enterprise Campus Design

Enterprise Campus Design Principles


Access Layer

Distribution Layer

Core Layer

Enterprise Campus Two-Tier Layer Model

Enterprise Campus Three-Tier Layer Model


Modular Enterprise Campus Architecture and Modular Enterprise Campus with OSPF

Access-Distribution Block


Campus Network Virtualization

Campus Network Virtualization Technologies and Techniques

VLAN Assignment

Virtual Routing and Forwarding

Path Isolation Techniques


Enterprise Campus High-Availability Design Considerations

VLANs, Trunking, and Link Aggregation Design Recommendations

VLAN Design


Link Aggregation

First-Hop Redundancy Protocol (FHRP)

IP Gateway Redundancy Optimization with VSS

Layer 2 to Layer 3 Boundary Design Options and Considerations

Distribution-to-Distribution Link Design Considerations

A Summary of Enterprise Campus HA Designs


Review Questions


Chapter 2 EIGRP Design

Scalable EIGRP Design Overview

EIGRP with Multiple Autonomous Systems

EIGRP Queries

Multiple EIGRP Autonomous System Drivers

EIGRP Multilayer Architectures

EIGRP Two-Layer Hierarchy Architecture

EIGRP Three-Layer Hierarchy Architecture

EIGRP Hub-and-Spoke Design

Summarization Challenges

Route Summarization Black Holes

Route Summarization and Suboptimal Routing

EIGRP Hub-and-Spoke Scalability Optimization

EIGRP Stub Leaking


EIGRP Fast Convergence Design Considerations

Bidirectional Forwarding Detection

EIGRP Graceful Restart/NSF Considerations


Review Questions

Chapter 3 OSPF Design

OSPF Scalability Design Considerations

Adjacent Neighbors

Routing Information in the Area and the Routed Domain

Numbers of Routers in an Area

Number of Areas per ABR

OSPF Area Design Considerations

OSPF Hierarchy

Area and Domain Summarization

OSPF Full-Mesh Design

OSPF Hub-and-Spoke Design

OSPF ABR Placement in Hub-and-Spoke Design

Number of Areas in OSPF Hub-and-Spoke Design

OSPF Network Types in Hub-and-Spoke Design

OSPF Convergence Design Considerations and Optimization Techniques

Event Detection

OSPF Event Propagation

OSPF Event Processing

OSPF Flooding Reduction

OSPF Database Overload Protection


Review Questions

Chapter 4 IS-IS Design

Protocol Overview

IS-IS Characteristics

Integrated IS-IS Routing

IS-IS Hierarchical Architecture Overview

IS-IS Router and Link Types

IS-IS Adjacencies


Similarities Between IS-IS and OSPF

OSPF and IS-IS Characteristics

Integrated IS-IS and OSPF Area Designs

OSPF Area Design

Integrated IS-IS Area Design

IS-IS Technical Deep Dive

IS-IS Addressing

IS-IS Packets

IS-IS Information Data Flow

IS-IS Network Types

IS-IS Protocol Operations

Level 1 and Level 2 LSPs and IIHs

IS-IS Link-State Packets Flooding

IS-IS LSDB Synchronization

IS-IS Design Considerations

IS-IS Routing Logic Overview

Advanced IS-IS Routing

Route Leaking

Asymmetric Versus Symmetric IS-IS Routing

IS-IS Routing over NBMA Hub-and-Spoke

IS-IS Routing over a Full-Mesh Network

Flat IS-IS Routing Design

Hierarchal IS-IS Design

IS-IS Routes Summarization

Integrated IS-IS for IPv6

IS-IS Single-Topology Restrictions

Multitopology IS-IS for IPv6

Final Thoughts on IS-IS Routing Design


Review Questions

Chapter 5 Border Gateway Protocol Design

BGP Overview

BGP Speaker Types

BGP Loop Prevention and Split-Horizon Rule

BGP Path Attributes and Path Selection (Review)

BGP Path Attributes

How BGP Selects Paths

Designing Scalable iBGP Networks

iBGP Scalability Limitations

IBGP Scalability Solutions

BGP Route Reflectors

BGP Confederations

BGP Confederations Versus BGP Route Reflectors

BGP Route Reflector Design

Route Reflector Split-Horizon Rule

BGP Route Reflectors Redundancy Design Options and Considerations

Route Reflector Clusters

Loop-Prevention Mechanisms

Congruence of Physical and Logical Networks

Hierarchical Route Reflector Design

Route Reflector Potential Network Design Issues

Enhancing the Design of BGP Policies with BGP Communities

BGP Community Attribute Overview

Well-Known BGP Communities

BGP Named Community List

Planning for the Use of BGP Communities

Case Study: Designing Enterprise wide BGP Policies Using BGP Communities

Enterprise BGP Policy Requirements

BGP Community Solution Design

Solution Detailed Design and Traffic Flow

BGP Load-Sharing Design

Single-Homing Versus Multihoming

Dual-Homing and Multihoming Design Considerations

Single-Homed, Multiple Links

Dual-Homed to One ISP Using a Single Local Edge Router

Dual-Homed to One ISP Using Multiple Edge Routers

Multihoming with Two ISPs Using a Single Local Edge Router

Multihoming with Two ISPs Using Multiple Local Edge Routers


Review Questions

Part II Enterprise IPv6 Design Considerations and Challenges

Chapter 6 IPv6 Design Considerations in the Enterprise

IPv6 Deployment and Design Considerations

Business and Network Discovery Phase

Assessment Phase

Planning and Design Phase

Implementation and Optimization Phases

Considerations for Migration to IPv6 Design

Acquiring IPv6 Prefixes

Provider Independent Versus Provider Assigned

Where to Start the Migration

Migration Models and Design Considerations

IPv6 Island


IPv6 Transition Mechanisms

Dual Stack

NAT64 and DNS64

Manual Tunnels

Tunnel Brokers

6 Rapid Deployment

Dual-Stack Lite (DS-Lite)

Locator/ID Separation Protocol (LISP)

LISP Site Edge Devices

LISP Infrastructure Devices

Final Thoughts on IPv6 Transition Mechanisms


Review Questions

Chapter 7 Challenges of the Transition to IPv6

IPv6 Services

Name Services

Implementation Recommendations

Addressing Services

Implementation Recommendations

Security Services

Link Layer Security Considerations

Application Support

Application Adaptation

Application Workarounds

Control Plane Security

Dual-Stack Security Considerations

Tunneling Security Considerations



Review Questions

Part III Modern Enterprise Wide-Area Networks Design

Chapter 8 Service ProviderManaged VPNs

Choosing Your WAN Connection

Layer 3 MPLS VPNs

MPLS VPN Architecture

Enterprise Routing Considerations

Provider Edge (PE) Router Architecture

Route Distinguishers

Route Target (RT)

PE-CE Routing Protocol

Using EIGRP as the PE-CE Routing Protocol

Using OSPF as the PE-CE Routing Protocol

Using BGP as the PE-CE Routing Protocol

Case Study: MPLS VPN Routing Propagation

Forwarding in MPLS VPN

Layer 2 MPLS VPN Services

Virtual Private Wire Service (VPWS)

Virtual Private LAN Service (VPLS)

VPLS Scalability Considerations

VPLS Resiliency Considerations



Review Questions

Chapter 9 Enterprise-Managed WANs

Enterprise-Managed VPN Overview

GRE Overview

Multipoint GRE Overview

Point-to-Point and Multipoint GRE Comparison

IPsec Overview

IPsec and GRE

IPsec and Virtual Tunnel Interface

IPsec and Dynamic VTI

DMVPN Overview

DMVPN Phase 1

DMVPN Phase 2

DMVPN Phase 3


EIGRP over DMVPN Phase 1

EIGRP over DMVPN Phase 2

EIGRP over DMVPN Phase 3

DMVPN Phase 13 Summary

DMVPN and Redundancy

Case Study: MPLS/VPN over GRE/DMVPN

SSL VPN Overview

FlexVPN Overview

FlexVPN Architecture

FlexVPN Capabilities

FlexVPN Configuration Blocks



Review Questions

Chapter 10 Enterprise WAN Resiliency Design

WAN Remote-Site Overview

MPLS Layer 3 WAN Design Models

Common Layer 2 WAN Design Models

Common VPN WAN Design Models

3G/4G VPN Design Models

Remote Site Using Local Internet

Remote-Site LAN

Case Study: Redundancy and Connectivity

ATM WAN Design

Remote-Site (Branch Office) WAN Design

Regional Offices WAN Design

Basic Traffic Engineering Techniques

NGWAN, SDWAN, and IWAN Solution Overview

Transport-Independent Design

Intelligent Path Control

Application Optimization

Secure Connectivity


IWAN Design Overview

IWAN Hybrid Design Model

Cisco PfR Overview

Cisco PfR Operations

Cisco IWAN and PfRv3

Cisco PfRv3 Design and Deployment Considerations

Enterprise WAN and Access Management


Design of APIC-EM


Review Questions

Part IV Enterprise Data Center Designs

Chapter 11 Multitier Enterprise Data Center Designs

Case Study 1: Small Data Centers (Connecting Servers to an Enterprise LAN)

Case Study 2: Two-Tier Data Center Network Architecture

Case Study 3: Three-Tier Data Center Network Architecture

Data Center Inter-VLAN Routing

End of Row Versus Top of Rack Design

Fabric Extenders

Data Center High Availability

Network Interface Controller Teaming


Review Questions

Chapter 12 New Trends and Techniques to Design Modern Data Centers

The Need for a New Network Architecture

Limitations of Current Networking Technology

Modern Data Center Design Techniques and Architectures

Spine-Leaf Data Center Design

Network Overlays

Cisco Fabric Path

Virtual Extensible LAN (VXLAN)

VXLAN Tunnel Endpoint

Remote VTEP Discovery and Tenant Address Learning

VXLAN Control-Plane Optimization

Software-Defined Networking

How SDN Can Help

Selection Criteria of SDN Solutions

SDN Requirements

SDN Challenges

Direction of Nontraditional SDN

Multitenant Data Center

Secure Tenant Separation

Layer 3 Separation with VRF-Lite

Device-Level Virtualization and Separation

Case Study: Multitenant Data Center

Microsegmentation with Overlay Networks


Review Questions


Chapter 13 Cisco Application-Centric Infrastructure

ACI Characteristics

How the Cisco ACI Addresses Current Networking Limitations

Cisco ACI Architecture Components

Cisco Application Policy Infrastructure Controller (APIC)

APIC Approach Within the ACI Architecture

Cisco ACI Fabric

ACI Network Virtualization Overlays

Application Design Principles with the Cisco ACI Policy Model

What Is an Endpoint Group in Cisco ACI?

Design EPGs

ACI Fabric Access Polices

Building Blocks of a Tenant in the Cisco ACI

Crafting Applications Design with the Cisco ACI

ACI Interaction with External Layer 2 Connections and Networks

Connecting ACI to the Outside Layer 2 Domain

ACI Integration with STP-Based Layer LAN

ACI Routing

First-Hop Layer 3 Default Gateway in ACI

Border Leaves

Route Propagation inside the ACI Fabric

Connecting the ACI Fabric to External Layer 3 Domains

Integration and Migration to ACI Connectivity Options


Review Questions


Chapter 14 Data Center Connections

Data Center Traffic Flows

Traffic Flow Directions

Traffic Flow Types

The Need for DCI

IP Address Mobility

Case Study: Dark Fiber DCI

Pseudowire DCI

Virtual Private LAN Service DCI

Customer-Managed Layer 2 DCI Deployment Models

Any Transport over MPLS over GRE

Customer-Managed Layer 2 DCI Deployment

Layer 2 DCI Caveats

Overlay Transport Virtualization DCI

Overlay Networking DCI

Layer 3 DCI


Review Questions

Part V Design QoS for Optimized User Experience

Chapter 15 QoS Overview

QoS Overview

IntServ versus DiffServ

Classification and Marking

Classifications and Marking Tools

Layer 2 Marking: IEEE 802.1Q/p Class of Service

Layer 3 Marking: IP Type of Service

Layer 3 Marking: DSCP Per-Hop Behaviors

Layer 2.5 Marking: MPLS Experimental Bits

Mapping QoS Markings between OSI Layers

Layer 7 Classification: NBAR/NBAR2

Policers and Shapers

Token Bucket Algorithms

Policing Tools: Single-Rate Three-Color Marker

Policing Tools: Two-Rate Three-Color Marker

Queuing Tools


Fair Queuing


Dropping Tools




Review Questions

Chapter 16 QoS Design Principles and Best Practices

QoS Overview

Classification and Marking Design Principles

Policing and Remarking Design Principles

Queuing Design Principles

Dropping Design Principles

Per-Hop Behavior Queue Design Principles

RFC 4594 QoS Recommendation

QoS Strategy Models

4-Class QoS Strategy

8-Class QoS Strategy

12-Class QoS Strategy


Review Questions

Chapter 17 Campus, WAN, and Data Center QoS Design

Campus QoS Overview

VoIP and Video

Buffers and Bursts

Trust States and Boundaries

Trust States and Boundaries Example

Dynamic Trust State

Classification/Marking/Policing QoS Model

Queuing/Dropping Recommendations

Link Aggregation EtherChannel QoS Design

Practical Example of Campus QoS Design

WAN QoS Overview

Platform Performance Considerations

Latency and Jitter Considerations

Queuing Considerations

Shaping Considerations

Practical Example of WAN and Branch QoS

Data Center QoS Overview

High-Performance Trading Architecture

Big Data Architecture

Case Study: Virtualized Multiservice Architectures

Data Center Bridging Toolset

Case Study: DC QoS Application


Review Questions

Chapter 18 MPLS VPN QoS Design

The Need for QoS in MPLS VPN

Layer 2 Private WAN QoS Administration

Fully Meshed MPLS VPN QoS Administration

MPLS DiffServ Tunneling Modes

Uniform Tunneling Mode

Short-Pipe Tunneling Mode

Pipe Tunneling Mode

Sample MPLS VPN QoS Roles


Review Questions

Chapter 19 IPsec VPN QoS Design

The Need for QoS in IPsec VPN

VPN Use Cases and Their QoS Models

IPsec Refresher

IOS Encryption and Classification: Order of Operations

MTU Considerations

DMVPN QoS Considerations

GET VPN QoS Considerations


Review Questions

Part VI IP Multicast Design

Chapter 20 Enterprise IP Multicast Design

How Does IP Multicast Work?

Multicast Group

More Information

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020