Beruflich Dokumente
Kultur Dokumente
familiar with the use of layers. Many communications systems, computer operating
systems, and software packages are designed in layers or modules. When a
network or operating system is designed and built with layers or modules,
troubleshooting, building, repairing, and, more importantly, understanding that
network all become easier. Additionally, adding a hierarchical structure to the
layered approach allows for a scalable design. Here, I will explain how the three-
layer hierarchical design can be used to create a modular network.
Access layer
Whether you have an Ethernet connection to each end station or a remote access
server, if the device allows users to connect to the network, it's considered an
Access layer device. Typically, these devices are hubs, multistation access units
(MAUs), or switches deployed in wiring closets on each floor of a building. Users'
network cables are then terminated into such an Access layer device, where they
are connected to each user on the local network. Typically, virtual LANs (VLANs)
are implemented to separate broadcast domains on the Access layer.
While the per-port cost of a hub is much less than that of a switch, you must
consider the performance gains of using a switch. Since this device will be used to
connect many users, you should consider the number of ports a device has. You
may want to consider using modular switches, which allow more ports to be added
as needed. This, of course, will increase your per-port cost primarily because you
will be adding the extra cost of paying for the modular functionality of the switch.
Since each access device can serve hundreds of users, you must consider the
reputation and past performance of the equipment that you choose. For more
information, visit the Cisco Web site.
With a layered network, the failure of an Access layer device will only affect users
connected to that device. If no (or very little) downtime is a requirement for your
enterprise, you should also look into redundant power supplies and switching
engines for these devices.
Here are some examples of Cisco Access layer devices. The ranges—low-end,
midlevel, and high-end—refer to the cost and scalability of the devices.
Low-end: The Cisco 1900 and 2800 series of switches provide 10-MB
10Base-T connections to workstations and hubs.
Midlevel: The Cisco 2900 switches can provide both 10-MB and 100-MB
connections to workstations and hubs. The 2900 switches can also be
configured for gigabit ports typically used for uplink connections to the
Distribution layer.
High-end: The Cisco 4000 modular series of switches are capable of
connecting up to 96 end stations or hubs utilizing 10-, 100-, or 1000-MB
connections. The 4000 series switches can also be used for advanced
telecommunications, including IP telephony, unified messaging, and
Internet-based partner and supplier VPNs.
High-end: The Cisco 5000/5500 series switches are modular and provide
very high port densities. The 5000 series can be configured with up to 250
10/100 ports. Gigabit ports can be added for uplinks or server connections.
Route switch modules (RSMs) can also be added to these switches, allowing
them to act as both a Layer 2 switch and a Layer 3 router. (This refers to
Layer 2 and Layer 3 of the networking OSI model.)
Distribution layer
From the OSI model Physical layer perspective, the main function of the
Distribution level is to provide the Access layer with connectivity to the Core
layer. The Distribution layer connects each Access layer device so that the Access
devices can route between themselves and to the Core layer. If VLANs are used to
separate traffic in the Access layer, the Distribution layer can route between the
VLANs.
Redundancy is another important consideration for this layer. While the failure of
an Access layer device could potentially affect hundreds of users, the failure of a
Distribution layer device could affect thousands. Because of this, Distribution layer
devices are usually deployed in pairs with redundant links back to the Access layer
devices. Redundant power supplies and supervisor engines are of critical
importance in highly available networks. Hot Standby Routing Protocol (HSRP)
should be used to provide fault tolerance when utilizing standard routers at the
Distribution layer. For a better understanding of HSRP, see Robert McIntire's
article "Add network redundancy with Cisco HSRP."
Since the Distribution layer typically utilizes routers or multilayer switches, you
should consider the processor demands on them. The demands placed on a router
or switch running interior and exterior routing protocols, redistribution, or access
lists can be overwhelming to the device's CPU and memory. When deciding which
products to use, don't forget the memory and processor needs required at this layer
of your network. For example, a single 64-MB DRAM kit for a Cisco 7500 series
switch will cost $425, and a 128-MB DRAM kit for the same series will run $839.
Because of these costs, you can see why it would be cheaper to purchase a switch
best suited to your needs than to try to shortchange yourself and correct the
shortcoming with upgrades. If you have a need for a high-end switch with a single
gigabit interface, you will want to use the 8510 switch. If you need two gigabit
interfaces, you will want to purchase the 8540.
Midlevel: Cisco 5000/5500 with RSM series switches are modular and
provide very high port densities. The 5000 series can be configured with up
to 250 10/100 ports. Gigabit ports can be added for uplinks or server
connections. RSMs can also be added to the 5000/5500 that allows the 5000
series to act as both an OSI model Layer 2 switch and a Layer 3 router.
High-end: Cisco 6500 with multiswitch feature cards are modular switches
that provide very high port densities. The 6513 can support up to 576 10/100
ports and 192-Gb connections. The 6500 series boasts a 256-Gb back plane.
A multiswitch feature card (MSFC) can be added to allow the 6500 to act as
both a switch and a router. The 6500 also supports a 10-Gb Ethernet module
with a maximum distance of 10 KM.
Switch blocks
The term switch block describes a set of Distribution layer devices and their
associated or connected Access layer switches. For example, in a campus network
consisting of many multifloor buildings, there may be one or more Access layer
switches on each floor of each building. All Access layer switches connect to a pair
of Distribution layer switches. In this scenario, each building is a switch block.
Switch blocks are interconnected to one another via the Core layer.
Core layer
Campus networks that contain two or more switch blocks require a Core layer to
connect each switch block to other switch blocks. The most important
consideration at the Core layer is speed, because devices at the Core layer must
perform switching between the switch blocks at very high speeds. Since speed is
important, the Core layer is not where network policies, firewalls, or any type of
filtering should be performed.
There is no single approved design for the Core layer. Some prefer strictly Layer 2
designs for switching speed, while others prefer Layer 2 and Layer 3 designs to
take advantage of routing protocols, fast convergence, and failover abilities. It is
true that Layer 3 routing protocols converge much faster and provide better
failover protection than the Layer 2 spanning tree protocol, but this comes at some
cost. Switching (at Layer 2) is faster that routing (at Layer 3). So the trade-off is
packet speed vs. convergence and failover speed. This is not a decision that can be
taken lightly, but your network requirements should dictate your design.
Low-End: Cisco 5000/5500. The Cisco 5000 and 5500 series switches are
modular and provide very high port densities. The 5000 series can be
configured with up to 250 10/100 ports. Gb ports can be added for uplinks or
server connections. RSMs can also be added to the 5000/5500 that allows
the 5000 series to act as both a Layer 2 switch and a Layer 3 router.
Low-End: Cisco 6500 with multiswitch feature cards are modular switches
that provide very high port densities. The 6513 can support up to 576 10/100
ports and 192-Gb connections. The 6500 series boasts a 256-Gb back plane.
An MSFC can be added to allow the 6500 to act as both a switch and a
router. The 6500 also supports a 10-Gb Ethernet module with a maximum
distance of 10 KM.
Low-End: Cisco 8500 series switches can perform both Layer 3 switching
at wire speed and ATM switching. The Catalyst 8500 switch provides an
integrated ATM and Gigabit Ethernet solution in a single chassis.
Figure A
The Access layer will be where you will spend the least amount of dollars but
much of your time.
Figure B
Pay close attention to the Distribution layer, because that is where your security
lies.
Figure C