Thursday, October 1, 2015

Predictable Network Model

Predictable Network Model

Ideally, you should design a network with a predictable behavior in mind to offer low maintenance and high availability. For example, a campus network needs to recover from failures and topology changes quickly and in a predetermined manner. You should scale the network to easily support future expansions and upgrades. With a wide variety of multiprotocol and multicast traffic, the network should be capable of efficiently connecting users with the resources they need, regardless of location.

In other words, design the network around traffic flows rather than a particular type of traffic. Ideally, the network should be arranged so that all end users are located at a
consistent distance from the resources they need to use. If one user at one corner of the network passes through two switches to reach an email server, any other user at any other location in the network should also require two switch hops for email service.

Cisco has refined a hierarchical approach to network design that enables network designers to organize the network into distinct layers of devices. The resulting network is efficient, intelligent, scalable, and easily managed.

Figure 1-4 can be redrawn to emphasize the hierarchy that is emerging. In Figure 1-5 , two layers become apparent: the access layer, where switches are placed closest to the end users; and the distribution layer, where access layer switches are aggregated. 

Figure 1-5 Two-Layer Network Hierarchy Emerges

As the network continues to grow with more buildings, more floors, and larger groups of users, the number of access switches increases. As a result, the number of distribution switches increases. Now things have scaled to the point where the distribution switches need to be aggregated. This is done by adding a third layer to the hierarchy, the core layer , as shown in Figure 1-6 . 

Figure 1-6 Core Layer Emerges

Traffic flows in a campus network can be classified as three types, based on where the network service or resource is located in relation to the end user. Figure 1-7 illustrates the flow types between a PC and some file servers, along with three different paths the traffic might take through the three layers of a network. Table 1-2 also lists the types and the extent of the campus network that is crossed going from any user to the service. 

Figure 1-7 Traffic Flow Paths Through a Network Hierarchy

Table 1-2 Types of Network Services 

Notice how easily the traffic paths can be described. Regardless of where the user is located, the traffic path always begins at the access layer and progresses into the distribution and perhaps into the core layers. Even a path between two users at opposite ends of the network becomes a consistent and predictable access > distribution > core > distribution > access layer.

Each layer has attributes that provide both physical and logical network functions at the appropriate point in the campus network. Understanding each layer and its functions or limitations is important to properly apply the layer in the design process.

Access Layer

The access layer exists where the end users are connected to the network. Access switches usually provide Layer 2 (VLAN) connectivity between users. Devices in this layer,
sometimes called building access switches, should have the following capabilities:
  • Low cost per switch port
  • High port density
  • Scalable uplinks to higher layers
  • High availability
  • Ability to converge network services (that is, data, voice, video)
  • Security features and quality of service (QoS)

Distribution Layer
The distribution layer provides interconnection between the campus network’s access and core layers. Devices in this layer, sometimes called building distribution switches ,
should have the following capabilities:

  • Aggregation of multiple access layer switches
  • High Layer 3 routing throughput for packet handling
  • Security and policy-based connectivity functions
  • QoS features
  • Scalable and redundant high-speed links to the core and access layers

In the distribution layer, uplinks from all access layer devices are aggregated, or come together. The distribution layer switches must be capable of processing the total volume of traffic from all the connected devices. These switches should have a high port density of high-speed links to support the collection of access layer switches.

VLANs and broadcast domains converge at the distribution layer, requiring routing, filtering, and security. The switches at this layer also must be capable of routing packets with high throughput.  Notice that the distribution layer usually is a Layer 3 boundary, where routing meets the VLANs of the access layer.

Core Layer
A campus network’s core layer provides connectivity between all distribution layer devices. The core, sometimes referred to as the backbone, must be capable of switching traffic as efficiently as possible. Core switches should have the following attributes:
  • Very high Layer 3 routing throughput
  • No costly or unnecessary packet manipulations (access lists, packet filtering)
  • Redundancy and resilience for high availability
  • Advanced QoS functions
Devices in a campus network’s core layer or backbone should be optimized for high-performance switching. Because the core layer must handle large amounts of campus-wide data, the core layer should be designed with simplicity and efficiency in mind.

Although campus network design is presented as a three-layer approach (access, distribution, and core layers), the hierarchy can be collapsed or simplified in certain cases. For example, small or medium-size campus networks might not have the size or volume requirements that would require the functions of all three layers. In that case, you could combine the distribution and core layers for simplicity and cost savings. When the distribution and core layers are combined into a single layer of switches, a collapsed core network results.

Enterprise Campus Network Design

Enterprise Campus Network Design

This chapter presents a logical design process that you can use to build a new switched campus network or to modify and improve an existing network. Networks can be designed in layers using a set of building blocks that can organize and streamline even a large, complex campus network. These building blocks can then be placed using several campus design models to provide maximum efficiency, functionality, and scalability.

“Do I Know This Already?” Quiz

The “Do I Know This Already?” quiz allows you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt based on your answers to these questions or your own assessment of your knowledge of the topics, read the entire chapter. Table 1-1 outlines the major headings in this chapter and the “Do I Know This Already?” quiz questions that go with them. You can find the answers in Appendix A , “Answers to the ‘Do I Know This Already?’ Quizzes.”

Hierarchical Network Design

A campus network is an enterprise network consisting of many LANs in one or more buildings, all connected and all usually in the same geographic area. A company typically owns the entire campus network and the physical wiring. Campus networks commonly consist of wired Ethernet LANs and shared wireless LANs.

An understanding of traffic flow is a vital part of the campus network design. You might be able to leverage high-speed LAN technologies and “throw bandwidth” at a network to improve traffic movement. However, the emphasis should be on providing an overall design that is tuned to known, studied, or predicted traffic flows. The network traffic can then be effectively moved and managed, and you can scale the campus network to support future needs.

As a starting point, consider the simple network shown in Figure 1-1 . A collection of PCs, printers, and servers are all connected to the same network segment and use the subnet. All devices on this network segment must share the available bandwidth.

Figure 1-1 Simple Shared Ethernet Network

Recall that if two or more hosts try to transmit at the same time on a shared network,
their frames will collide and interfere. When collisions occur, all hosts must become silent
and wait to retransmit their data. The boundary around such a shared network is called
a collision domain . In Figure 1-1 , the entire shared segment represents one collision

A network segment with six hosts might not seem crowded. Suppose the segment contains hundreds of hosts instead. Now the network might not perform very well if many of the hosts are competing to use the shared media. Through network segmentation, you can reduce the number of stations on a segment. This, in turn, reduces the size of the collision domain and lowers the probability of collisions because fewer stations will try to transmit at a given time.

Broadcast traffic can also present a performance problem on a Layer 2 network because all broadcast frames flood to reach all hosts on a network segment. If the segment is large, the broadcast traffic can grow in proportion and monopolize the available bandwidth. In addition, all hosts on the segment must listen to and process every broadcast frame. To contain broadcast traffic, the idea is to provide a barrier at the edge of a LAN segment so that broadcasts cannot pass or be forwarded outward. The extent of a Layer 2 network, where a broadcast frame can reach, is known as a broadcast domain .

 To limit the size of a collision domain, you can connect smaller numbers of hosts to individual switch interfaces. Ideally, each host should connect to a dedicated switch
interface so that they can operate in full-duplex mode, preventing collisions altogether. Switch interfaces do not propagate collisions, so each interface becomes its own collision domain—even if several interfaces belong to a common VLAN.

 In contrast, when broadcast traffic is forwarded, it is flooded across switch interface boundaries. In fact, broadcast frames will reach every switch interface in a VLAN. In other words, a VLAN defines the extent of a broadcast domain. To reduce the size of a broadcast domain, you can segment a network or break it up into smaller Layer 2 VLANs. The smaller VLANs must be connected by a Layer 3 device, such as a router or a multilayer switch, as shown in Figure 1-2 . The simple network of Figure 1-1 now has two segments or VLANs interconnected by Switch A, a multilayer switch. A Layer 3 device cannot propagate a collision condition from one segment to another, and it will not forward broadcasts between segments.

Figure 1-2 Example of Network Segmentation

The network might continue to grow as more users and devices are added to it. Switch A has a limited number of ports, so it cannot directly connect to every device. Instead, the network segments can be grown by adding a new switch to each, as shown in Figure 1-3 .

Figure 1-3 Expanding a Segmented Network

Switch B aggregates traffic to and from VLAN 1, while Switch C aggregates VLAN 2. As the network continues to grow, more VLANs can be added to support additional applications or user communities. As an example, Figure 1-4 shows how Voice over IP (VoIP) has been implemented by placing IP phones into two new VLANs (10 and 20). The same two aggregating switches can easily support the new VLANs. 

Figure 1-4 Network Growth Through New VLANs