Wednesday, November 12, 2014

Chapter 1: Hierarchical Network Designs Part 1

This chapter talks about how to design and organize an enterprise network. The book likes to add a lot of "fluff" words to it's definitions so I will be streamlining it here. The book is also inconstant with its use of capitalization so it's hard to tell when they are using proprietary proper nouns.

The Basics


Good network design states that a network needs to be resilient, flexible, modular, and hierarchical.

  • Resilient means that the network should be designed to stay functioning or to quickly recover in the event of a failure. 
  • A flexible network should be easy to upgrade, change, or add services to without having to change much hardware.
  • Modular is separating the network functions into logical and physical groups for better management and layout. This chapter is primarily about Cisco's predefined modules; enterprise campus, services block, data center, and internet edge. 
  • Hierarchical is a network model that divides the network into two or three layers; access layer, distribution layer, and core layer. This results in a nice easy to manage design. The two or three layer designs are the standard and are used everywhere. The three idea's are used at a smaller level, whereas; the Enterprise network modules are a layout on a bigger scale (Building network layout , WAN, branch offices, teleworkers).

Three Tier Design


Consists of three layers; access layer, distribution layer, and Core layer.

©2014 Cisco Press, Connecting Networks Companion Guide

  • Access layer is where users and end devices connect to the network. Generally consists of layer two switches. Services provided at the access layer are; layer two switching, high availability, port security, QoS classification and marketing and trust boundaries, Address resolution protocol (ARP) inspection, Virtual access control lists (VACLs), spanning tree, Power over Ethernet (PoE) and auxiliary VLANS for VoIP.
  • Distribution layer connects the access layer to the core layer and provides policy based connectivity. It serves as a boundary between the layer two domain and the layer three router network. It aggregates the data from the layer two domain then sends the data to the core for routing. Consists of routers and layer three switches. Services provided at the distribution layer: aggregation of LAN and WAN links, Policy-based security with access control lists (ACLs) and filtering, routing between LANs/VLANs/routing domains, redundancy and load balancing, boundary for route aggregation and summarization configured on interfaces to the core layer, broadcast domain control (because routers or layer 3 switches do not forward broadcasts it acts as a demarcation point between broadcast domains).
  • Core layer is the backbone of the network. Consists of high-speed network devices. Connects between Cisco's predefined Enterprise network modules. Connects the distribution layer to the WAN or Internet edge. The Core layer should be highly available, redundant, capable of forwarding large amounts of data quickly, and redundant.  

Two Tier Design


The distribution layer is combined with the core layer. This results in the two layers being the access layer and a hybrid distribution-core layer. This is often called collapsed core. This is used when the network is either small and doesn't require more expensive hardware or in a virtual database.

©2014 Cisco Press, Connecting Networks Companion Guide


*VMware study* In the instance of the virtual database the virtualization software creates a virtual router/switch/firewall and can process as fast as memory will allow instead of being limited to Mbps.  In both cases this cuts the cost of hardware and Cisco is none to happy with this. Cisco is currently working with Oracle for virtualization. *VMware study*

Modular network design


Modular network design separates the network into modules that target a specific function or place in the network. They may have different physical or logical connectivity.

The benefits of the modular network design:

  • Failures in a single module are isolated from the rest of the network. This makes the network easier to troubleshoot and keeps the rest of the systems online resulting in higher availability.
  • Network changes can be made in a controlled staged fashion. This results in greater flexibility.
  • When a module is lacking in capacity or outdated it can be easily replaced by another module.
  • Security can be implemented on a modular level resulting in better security.

Modules


  • Access-distribution, aka distribution block, consists of the access layer and distribution layer. This includes the end users connecting to the backbone.
  • Services module used to identify services such as centralized Lightweight Access Point Protocol wireless controllers, unified communications services, policy gateways, and others.
  • Data center, or server farm, manages and maintains the data systems.
  • Enterprise edge module consists of the internet edge and WAN edge (often the same thing these days). These blocks connect the enterprise campus to an external location.

The example shows the modules connecting directly to the backbone or core.
©2014 Cisco Press, Connecting Networks Companion Guide


This chapter will be continued in Part 2.


Posted by at
Labels: ,

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )