Pages

CCNP Switch - Enterprise Campus Network Design

 - A campus network - is an enterprise network consisting of many LANs in one or more buildings, all connected and all usually in the same geographic area.
 - A company typically owns the entire campus network and the physical wiring.
 - Campus networks commonly consist of wired Ethernet LANs running at speeds of up to 10 Gbps and shared wireless LANs.
 - An understanding of traffic flow is a vital part of the campus network design.
 - Design a network with a predictable behavior in mind to offer low maintenance and high availability.

Provide segmentation at Layer 3 by using either a router or a multilayer switc.
A Layer 3 device cannot propagate a collision condition from one segment to another, and it will not forward broadcasts between segments.

Hierarchical Network Design
Core layer - where distribution switches need to be aggregated
Distribution layer, where access layer switches are aggregated.
Access layer, where switches are placed closest to the end users;

The hierarchy can be collapsed or simplified in certain cases (small or medium-size campus networks).
When the distribution and core layers are combined into a single layer of switches, a collapsed core network results.

Access Layer
 - The access layer is present where the end users are connected to the network.
 - Access switches usually provide Layer 2 (VLAN) connectivity between users.
 - Devices characteristics:
     ■ Low cost per switch port
     ■ High port density
     ■ Scalable uplinks
     ■ VLAN membership, traffic and protocol filtering
     ■ QoS, Resiliency through multiple uplinks

Distribution Layer
 - provides interconnection between the campus network’s access and core layers,
 - switches should have a high port density of high-speed links to support the collection of access-layer switches,
 - VLANs and broadcast domains converge at the distribution layer, requiring routing, filtering, and security,
 - performing multilayer switching with high throughput,
 - usually is a Layer 3 boundary, where routing meets the VLANs of the access layer,
 - devices in this layer, sometimes called building distribution switches (DSW), should  have the following capabilities:
     ■ Aggregation of multiple access-layer devices
     ■ High Layer 3 throughput for packet handling
     ■ Security and policy-based connectivity functions through access lists or packet filters
     ■ QoS features
     ■ Scalable and resilient high-speed links to the core and access layers

Core Layer (aka backbone)
 - provides connectivity of all distribution-layer devices,
 - devices must be capable of switching traffic as efficiently as possible,
 - Core devices, sometimes called campus backbone switches (BSW), should have the following attributes:
     ■ Very high throughput at Layer 3
     ■ No costly or unnecessary packet manipulations (access lists, packet filtering)
     ■ Redundancy and resilience for high availability
     ■ Advanced QoS functions

Fully redundant topology

Modular Network Design
 - To mitigate a potential distribution switch failure, you can add a second, redundant distribution switch.
 - To mitigate a potential link failure, you can add redundant links from each access layer switch to each distribution switch.
 - To mitigate the effects of a core switch failure, you can add a second, redundant core switch.

You can divide enterprise campus networks into the following basic elements:
■ Switch block—A group of access-layer switches, together with their distribution switches.
■ Core block—The campus network’s backbone.

Switch blocks contain a balanced mix of Layer 2 and Layer 3 functionality, as might be present in the access and distribution layers.
 - Layer 2 switches located in wiring closets (access layer) connect end users to the campus network.
 - STP is confined to each switch block, where a VLAN is bounded, keeping the spanning-tree domain well defined and controlled.
 - Usually, no more than 2000 users should be placed within a single switch block.
 - At Layer 3, the two distribution switches can use one of several redundant gateway protocols to provide an active IP gateway and a standby gateway at all times.

Switch block is too large when:
■ MLS at the distribution layer become traffic bottlenecks. (volume of interVLAN traffic, intensive CPU processing, or switching times required by policy or security functions)
■ Broadcast or multicast traffic slows the switches in the switch block. (requires some overhead in the MLS, which can become too great if significant traffic volumes are present)

Switch Block Redundancy
 - Each access layer switch should have a pair of uplinks—one connecting to each distribution switch.
 - RSTP should be used on all the switches to improve the STP convergence time.
 - The link between the two distribution switches must be a Layer 2 link. The access VLAN must extend across this link so that users on either access switch can reach the Layer 3 gateway.
 - As a best practice, all Layer 2 connectivity should be contained within the access layer.
The distribution layer should have only Layer 3 links.
 - Each VLAN is contained within a single access-layer switch, switch chassis, or stacked switch, and extends across Layer 2 uplinks from each access-layer switch to each distribution switch. (No dependence on STP convergence)

Core Block
 A core block is required to connect two or more switch blocks in a campus network.
 - the core must be as efficient and resilient as possible,
 -distribution and core layers provide Layer 3 functionality.
  The links between distribution and core layer switches can be Layer 3 routed interfaces.
  You can also use Layer 2 links that carry a small VLAN bounded by the two switches.

A collapsed core block is one in which the hierarchy’s core layer is collapsed into the distribution layer.
 - The VLANs terminate at DSW because the distribution layer uses Layer 3 switching.
 - At Layer 3, redundancy is provided through a redundant gateway protocol for IP

A dual core connects two or more switch blocks in a redundant fashion.
 - In the past, the dual core usually was built with Layer 2 switches to provide the simplest and most efficient throughput.
 Layer 3 switching was provided in the distribution layer.
 - Building a dual core with multilayer switches is both possible and recommended.
 - The dual core uses two identical switches to provide redundancy.
 - Redundant links connect each switch block’s distribution-layer portion to each of the dual core switches.
 - In a Layer 2 core, the switches cannot be linked to avoid any bridging loops.
 - A Layer 3 core uses routing rather than bridging, so bridging loops are not an issue.
 - At a minimum, each core switch must handle switching each of its incoming distribution links at 100 percent capacity.