Campus and WAN Multilayer Network Design
By Shaun Hummel
Multilayer Campus Design
The idea for defining a multilayer campus model was developed by Cisco to improve campus
network performance, availability and scalability. There are three layers that comprise the
campus multilayer model with associated network services for each layer. The layers include
the access layer, distribution layer and core layer.
Access Layer is the network edge where desktops, network servers and various peripherals
including video equipment and IP phones are connected. The access switch is either a Layer
2 switch or a Layer 3 switch for routed access layer designs. Connectivity to the access switch
is typically with standard Gigabit (1000 Mbps) links today.
The access switch uplinks used for forwarding traffic to the distribution layer are Gigabit
as well, sometimes with EtherChannel for increased performance. The access layer is responsible
for defining VLANs and assigning quality of service to various traffic types. In addition,
security is applied at the access layer and packet filtering is deployed to optimize performance
and decrease traffic sent to the distribution switches.
Access Layer Services
• VLAN Assignment
• Access Control Lists
• Static Routing
• QoS Policies
• Switch Stacking
• Port Security
• DHCP Snooping
• Broadcast Filtering
• NIC Teaming
• Power over Ethernet
Distribution Layer is the aggregation layer where traffic from the access layer
switches is forwarded to the core layer. The distribution multilayer switches are responsible
for routing and load balancing of traffic. In addition policy based routing is applied and
route filtering of traffic toward the access layer. Routes are summarized to the core layer
for improved performance and decreased device utilization. The distribution switch is typically
the default gateway for all employees connected to the access switches.
The HSRP protocol is a common default gateway protocol that provides gateway redundancy
and load sharing. The default gateway will ARP for server MAC addresses and maintain the ARP
and CAM table for switch connectivity. The VLANs are terminated at the distribution switches
and any VLANs are pruned there to decrease broadcast traffic between switches. The server farm
traffic is forwarded to the distribution switch where it is forwarded to a connected access
layer switch with attached servers at the data center. Client-server applications use multiple
web, application and database servers that are connected to multiple access switches.
Distribution Layer Services
• Dynamic Routing
• Load Balancing
• Terminate VLANs
• Policy Based Routing
• Route Filtering To Access Layer
• Route Summarization To Core Layer
• First Hop Redundancy Protocol (HSRP, GLBP, VRRP)
• VLAN Pruning
• ARP Services
• Server Farm Connectivity
• Firewall, IPS, SSL, Load Balancer Service Modules
Core Layer is responsible for high speed packet forwarding of traffic from the
distribution layer, WAN core and the Internet DMZ. The Nexus 7000 switches and 6500 switches
are popular as core layer switches for optimized switching performance. Dynamic routing is
deployed at the core switches however the purpose is to forward packets. Most of the routing
decisions are made by the multilayer distribution switches and WAN core routers. The 10 GE
interface uplinks are becoming the standard for core layer and distribution layer switch connectivity.
In addition to high speed packet forwarding, the distribution and core layers are often
designed with equal cost links to improve network convergence with ECMP. That allows for optimized
load balancing to increase network performance.
Core Layer Services
• High Speed Packet Forwarding
• Point to Point Load Balancing
• Decreased Peering of Distribution Switches for Scalability
• Forward Internet DMZ traffic
| 
About BTH
User Agreement
Privacy
Site Map
Contact
News Feeds
RSS Feed
Follow @Stephen Bucaro
Basics and Certification
