Enterprise Campus Network Design

Enterprise Campus Network Design

This chapter presents a logical design process that you can use to build a new switched campus network or to modify and improve an existing network. Networks can be designed in layers using a set of building blocks that can organize and streamline even a large, complex campus network. These building blocks can then be placed using several campus design models to provide maximum efficiency, functionality, and scalability.

“Do I Know This Already?” Quiz

The “Do I Know This Already?” quiz allows you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt based on your answers to these questions or your own assessment of your knowledge of the topics, read the entire chapter. Table 1-1 outlines the major headings in this chapter and the “Do I Know This Already?” quiz questions that go with them. You can find the answers in Appendix A , “Answers to the ‘Do I Know This Already?’ Quizzes.”

Hierarchical Network Design

A campus network is an enterprise network consisting of many LANs in one or more buildings, all connected and all usually in the same geographic area. A company typically owns the entire campus network and the physical wiring. Campus networks commonly consist of wired Ethernet LANs and shared wireless LANs.

An understanding of traffic flow is a vital part of the campus network design. You might be able to leverage high-speed LAN technologies and “throw bandwidth” at a network to improve traffic movement. However, the emphasis should be on providing an overall design that is tuned to known, studied, or predicted traffic flows. The network traffic can then be effectively moved and managed, and you can scale the campus network to support future needs.

As a starting point, consider the simple network shown in Figure 1-1 . A collection of PCs, printers, and servers are all connected to the same network segment and use the

192.168.1.0 subnet. All devices on this network segment must share the available bandwidth.

Figure 1-1 Simple Shared Ethernet Network

Recall that if two or more hosts try to transmit at the same time on a shared network,

their frames will collide and interfere. When collisions occur, all hosts must become silent

and wait to retransmit their data. The boundary around such a shared network is called

a collision domain . In Figure 1-1 , the entire shared segment represents one collision

domain.

A network segment with six hosts might not seem crowded. Suppose the segment contains hundreds of hosts instead. Now the network might not perform very well if many of the hosts are competing to use the shared media. Through network segmentation, you can reduce the number of stations on a segment. This, in turn, reduces the size of the collision domain and lowers the probability of collisions because fewer stations will try to transmit at a given time.

Broadcast traffic can also present a performance problem on a Layer 2 network because all broadcast frames flood to reach all hosts on a network segment. If the segment is large, the broadcast traffic can grow in proportion and monopolize the available bandwidth. In addition, all hosts on the segment must listen to and process every broadcast frame. To contain broadcast traffic, the idea is to provide a barrier at the edge of a LAN segment so that broadcasts cannot pass or be forwarded outward. The extent of a Layer 2 network, where a broadcast frame can reach, is known as a broadcast domain .

 To limit the size of a collision domain, you can connect smaller numbers of hosts to individual switch interfaces. Ideally, each host should connect to a dedicated switch

interface so that they can operate in full-duplex mode, preventing collisions altogether. Switch interfaces do not propagate collisions, so each interface becomes its own collision domain—even if several interfaces belong to a common VLAN.

 In contrast, when broadcast traffic is forwarded, it is flooded across switch interface boundaries. In fact, broadcast frames will reach every switch interface in a VLAN. In other words, a VLAN defines the extent of a broadcast domain. To reduce the size of a broadcast domain, you can segment a network or break it up into smaller Layer 2 VLANs. The smaller VLANs must be connected by a Layer 3 device, such as a router or a multilayer switch, as shown in Figure 1-2 . The simple network of Figure 1-1 now has two segments or VLANs interconnected by Switch A, a multilayer switch. A Layer 3 device cannot propagate a collision condition from one segment to another, and it will not forward broadcasts between segments.

Figure 1-2 Example of Network Segmentation

The network might continue to grow as more users and devices are added to it. Switch A has a limited number of ports, so it cannot directly connect to every device. Instead, the network segments can be grown by adding a new switch to each, as shown in Figure 1-3 .

Figure 1-3 Expanding a Segmented Network

Switch B aggregates traffic to and from VLAN 1, while Switch C aggregates VLAN 2. As the network continues to grow, more VLANs can be added to support additional applications or user communities. As an example, Figure 1-4 shows how Voice over IP (VoIP) has been implemented by placing IP phones into two new VLANs (10 and 20). The same two aggregating switches can easily support the new VLANs. 

Figure 1-4 Network Growth Through New VLANs