In order to achieve the desired level of fault and change isolation, the logical control plane design and the data flow design must also follow hierarchical design principles. Most importantly, mapping all three elements—physical connectivity, logical control plane, and data flows—together in the same hierarchical model is necessary to produce an optimal network implementation. From a physical perspective, the distribution layer provides the boundary between the access-distribution block and the core of the network.
It provides the physical demarcation between the core infrastructure and the access-distribution blocks. It should also be the demarcation and summarization point between the cores control plane and the access-distribution block control plane. Having a summarized view of the connectivity and control plane within the access-distribution block allows the core and the remainder of the network to be managed and changed without constantly considering the specific internal details of the access-distribution block.
The third aspect of the hierarchical design—how data traffic flows through the campus—is configured in the network, but is a desirable property or goal of the design. One of the advantages of the hierarchical design is that we can achieve a degree of specialization in each of the layers, but this specialization assumes certain network behavior. One of the assumptions or requirements that allows this specialization is that traffic is always going to flow in the same upstream or downstream hierarchical fashion access to distribution to core.
When we know that the alternative path for any traffic flow will follow the same hierarchical pattern as the original path, we can avoid making certain design decisions—such as ensuring the access layer can support extra traffic loads. Similarly, knowing that traffic always flows from the access layer through a distribution layer and then to the core, it is easier to implement consistent policy mechanisms in each layer. It reduces design complications when there is no need to consider the possibility of traffic flowing around or through a policy layer twice.
Designing the hierarchy of the network to support consistent data flow behavior also has the effect of improving the network convergence time in the event of a failure. The second of the two principles of structured design is modularity. The modules of the system are the building blocks that are assembled into the larger campus.
- Enterprise Architecture Overview?
- Develop Top-Level System Design.
- Enterprise Architecture Overview!
The advantage of the modular approach is largely due to the isolation that it can provide. Failures that occur within a module can be isolated from the remainder of the network, providing for both simpler problem detection and higher overall system availability. Network changes, upgrades, or the introduction of new services can be made in a controlled and staged fashion, allowing greater flexibility in the maintenance and operation of the campus network.
When a specific module no longer has sufficient capacity or is missing a new function or service, it can be updated or replaced by another module that has the same structural role in the overall hierarchical design. The campus network architecture is based on the use of two basic blocks or modules that are connected together via the core of the network:.
Design, Enterprise and Innovation MSci
The following sections introduce the underlying campus building blocks. For detailed design guidance, see each of the appropriate design document that addresses each specific module. The access-distribution block also referred to as the distribution block is probably the most familiar element of the campus architecture. It is the fundamental component of a campus design.
Properly designing the distribution block goes a long way to ensuring the success and stability of the overall architecture. The access-distribution block consists of two of the three hierarchical tiers within the multi-layer campus architecture: the access and distribution layers. While each of these layers has specific service and feature requirements, it is the network topology control plane design choices—such as routing and spanning tree protocols—that are central to determining how the distribution block glues together and fits within the overall architecture.
There are currently three basic design choices for configuring the access-distribution block and the associated control plane:. While all three of these designs use the same basic physical topology and cabling plant there are differences in where the Layer-2 and Layer-3 boundaries exist, how the network topology redundancy is implemented, and how load-balancing works—along with a number of other key differences between each of the design options. While a complete configuration description of each access-distribution block model can found within the detailed design documents, the following provides a short description of each design option.
All of the access switches are configured to run in Layer-2 forwarding mode and the distribution switches are configured to run both Layer-2 and Layer-3 forwarding. VLAN-based trunks are used to extend the subnets from the distribution switches down to the access layer.
What is an Enterprise Architect?
A default gateway protocol—such as HSRP or GLBP—is run on the distribution layer switches along with a routing protocol to provide upstream routing to the core of the campus. One version of spanning tree and the use of the spanning tree hardening features such as Loopguard, Rootguard, and BPDUGuard are configured on the access ports and switch-to-switch links as appropriate. In the looped design, one-to-many VLANs are configured to span multiple access switches. The other alternative—the V or loop-free design—follows the current best practice guidance for the multi-tier design and defines unique VLANs for each access switch.
The removal of loops in the topology provides a number of benefits—including per device uplink load balancing with the use of GLBP, a reduced dependence on spanning tree to provide for network recovery, reduction in the risk of broadcast storms, and the ability to avoid unicast flooding and similar design challenges associated with non-symmetrical Layer-2 and Layer-3 forwarding topologies.
Design, Enterprise and Innovation MSci - Aston University
As alternative configuration to the traditional multi-tier distribution block model is one in which the access switch acts as a full Layer-3 routing node provides both Layer-2 and Layer-3 switching and the access to distribution Layer-2 uplink trunks are replaced with Layer-3 point-to-point routed links. In the best practice multi-tier and routed access design, each access switch is configured with unique voice, data, and any other required VLANs.
In the routed access design, the default gateway and root bridge for these VLANs is simply moved from the distribution switch to the access switch. Addressing for all end stations and for the default gateway remains the same. VLAN and specific port configuration remains unchanged on the access switch.
What differentiates Enterprise Architect from other UML tools?
Router interface configuration, access lists, ip helper and any other configurations for each VLAN remain identical. There are notable configuration changes associated with the move of the Layer-3 interface down to the access switch. The routed access distribution block design has a number of advantages over the multi-tier design with its use of Layer-2 access to distribution uplinks. While it is the appropriate design for many environments, it is not suitable for all environments, because it requires that no VLAN span multiple access switches.
The Virtual Switching System VSS distribution block design is radical change from either the routed access or multi-tier designs. In the past, multiple access switches were connected to two redundant distribution switches and the configuration of the network control protocols such as HSRP, By converting the redundant physical distribution switches into a single logical switch, a significant change is made to the topology of the network.
Rather than an access switch configured with two uplinks to two distribution switches—and needing a control protocol to determine which of the uplinks to use—now the access switch has a single multi-chassis Etherchannel MEC upstream link connected to a single distribution switch. The change from two independent uplinks to a single multi-chassis Etherchannel uplink has a number of advantages.
Load balancing of traffic and recovery from uplink failure now leverage Etherchannel capabilities. Traffic is load-balanced per flow, rather than per client or per subnet. In the event that one of the uplinks fails, the Etherchannel automatically redistributes all traffic to the remaining links in the uplink bundle rather than waiting for spanning tree, HSRP, or other protocol to converge.
- Plastics Engineering.
- What does an Enterprise Architect do?!
- Physics and Chemistry of Low-Dimensional Inorganic Conductors.
- Confronting Hitler: German Social Democrats in Defense of the Weimar Republic, 1929-1933!
- Islamic History (The Islamic World).
- Develop Top-Level System Design | The MITRE Corporation!
The ability to remove physical Layer-2 loops from the topology—and to no longer be dependent on spanning tree to provide for topology maintenance and link redundancy—results in a distribution block design that allows for subnets and VLANs to be spanned across multiple access switches without the traditional challenges and limitations of a spanning tree-based Layer-2 design.
The ability to remove physical loops from the topology, and no longer be dependent on spanning tree, is one of the significant advantages of the virtual switch design. However, it is not the only difference. The virtual switch design allows for a number of fundamental changes to be made to the configuration and operation of the distribution block. By simplifying the network topology to use a single virtual distribution switch, many other aspects of the network design are either greatly simplified or, in some cases, no longer necessary.
What is enterprise architecture? A framework for transformation
Configuration for both per-subnet or VLAN features such as access lists, ip-helper, and others must be made only once, not replicated and kept in sync between two separate switches. Similarly, any switch configuration must be done only once and is synchronized across the redundant supervisors.
- High-level design - Wikipedia.
- Oriental Lawrence: The Quest for the Secrets of Sex?
- Writing for journalists!
- Enterprise Design Thinking - IBM Garage Practices.
- High-level design.
Note While the virtual switch design does remove the dependency on spanning tree for active topology maintenance, spanning tree should not be turned off. Spanning tree should remain configured as a backup resiliency mechanism. The virtual switch is not limited to the campus distribution. A virtual switch can be used in any location in the campus design where it is desirable to replace the current control plane and hardware redundancy with the simplified topology offered by the use of a virtual switch. The virtual switch simplifies the network topology by reducing the number of devices as seen by the spanning tree or routing protocol.
Where two or more nodes existed with multiple independent links connecting the topology, a virtual switch can replace portions of the network with a single logical node with fewer links. Here, the topology is both drastically simplified and now all links are actively forwarding with no spanning tree loops.
While the use of a virtual switch to simplify the campus topology can help address many design challenges, the overall design must follow the hierarchical design principles.
The appropriate use of Layer-2 and Layer-3 summarization, security, and QoS boundaries all apply to a virtual switch environment. Most campus environments will gain the greatest advantages of a virtual switch in the distribution layer. While each of the three access-distribution block designs provides a viable approach, there are advantages to the virtual switch and routed access designs over the traditional multi-tier approach.
Simpler overall network configuration and operation, per flow upstream and downstream load balancing, and faster convergence are some of the differences between these newer design options and the traditional multi-tier approach. The selection of a specific design option for a given campus network is an important decision in the planning of a campus design. Prior to making a final design decision, review detailed design descriptions provided by Cisco to ensure that all of the factors pertinent to your environment are considered.
Dual distribution switch design requires manual configuration synchronization but allows for independent code upgrades and changes. Single virtual switch auto-syncs the configuration between redundant hardware but does not currently allow independent code upgrades for individual member switches.
See the upcoming Virtual Switch Design Guide for final values. The services block is a relatively new element to the campus design. It will be essential to integrate these services into the campus smoothly—while providing for the appropriate degree of operational change management and fault isolation and continuing to maintain a flexible and scalable design. Such an interim approach allows for a faster introduction of new services without requiring a network-wide, hot cutover. The services block is not necessarily a single entity. There might be multiple services blocks depending on the scale of the network, the level of geographic redundancy required, and other operational and physical factors.
The services block serves a central purpose in the campus design; it isolates or separates specific functions into dedicated services switches allowing for cleaner operational processes and configuration management. While the principles of structured design and the use of modularity and hierarchy are integral to the design of campus networks they are not sufficient to create a sustainable and scalable network infrastructure. Consider the software development analogy.