Cisco has developed a three-layer hierarchical model to help you design campus networks. Cisco uses this model to simplify designing, implementing, and managing large-scale networks. With traditional network designs, it was common practice to place the networking services at the center of the network and the users at the periphery.
However, many things in networking have changed over the past decade, including advancements in applications, developments in graphical user interfaces (GUIs), the proliferation of multimedia applications, the explosion of the Internet, and fast-paced changes in
your users’ traffic patterns. Cisco developed the three-layer model to accommodate these rapid changes.
Cisco’s hierarchical model, shown in Figure 2-12, contains three layers: core, distribution, and access. A well-designed network typically follows this topology. The following sections cover the functions of the three layers, including the devices that function at the various layers.
Core Layer
The core layer, as its name suggests, is the backbone of the network. It provides a high speed connection between the different distribution layer devices. Because of the need for high-speed connections, the core consists of high-speed switches and will not, typically, perform any type of packet or frame manipulations, such as filtering or Quality of Service. Because switches are used at the core, the core is referred to as a layer-2 core. The traffic that traverses the core is typically to access enterprise corporate resources: connections to the Internet, gateways, e-mail servers, and corporate applications.
Distribution Layer
Of the three layers, the distribution layer performs most of the connectivity tasks. In larger networks, routers are used at the distribution layer to connect the access layers to the core. For smaller networks, sometimes switches are used. The responsibilities of the distribution layer include the following:
■ Containing broadcasts between the layers
■ Securing traffic between the layers
■ Providing a hierarchy through layer-3 logical addressing and route summarization
■ Translating between different media types
As mentioned in the section “Network Layer”, routers give you by far the most flexibility in enforcing your company’s networking policies, since routers deal with logical addresses. And because routers are used at the distribution layer, the implementation of your policies, at least most of them, is done here.
Containing Broadcasts
One of the main functions of the distribution layer is to contain broadcast and multicast traffic that the access layer devices create. If a broadcast storm is created in one access layer, or there is a large amount of multicast traffic from a real-time video stream, the distribution layer, by default, confines this traffic in the access layer and thus prevents it from creating problems in other areas.
Providing Logical Addressing
Routers also provide for logical addressing of devices in your network. This makes it much easier to implement your networking policies, including filtering and QoS since you control how addresses are assigned to machines: it is very difficult to do this with layer-2MACaddresses. Another advantage that logical addressing provides is that, again, with the correct address layout in your network, you should be able to create a highly scalable, hierarchical network.
Performing Security
Another function of this layer is to enforce your security policies. Because switches are used at the core and access layers, security is not typically implemented at these layers, given the issues of filtering MAC addresses. Since routers deal with logical addresses, however, they make it much easier to implement your policies.
Connecting Different Media Types
If you have two different media types that you want to connect, Token Ring and Ethernet, for instance, a router is the best solution; and since routers are used at the distribution layer, this is where this conversion takes place. As mentioned in the section “Data Link Layer”, bridges are not very good at performing translations between different media types. However, routers do not have this problem, as you saw in the section Two Segment Example. Routers don’t translate between media types. Instead, they perform a de-encapsulation and encapsulation process. From layer-2, the router strips off the frame and passes up the packet to layer-3. At layer-3, the router makes its routing decision and queues the packet on the outbound interface. Once again, at layer-2, the packet is encapsulated in the frame type for the corresponding media type the interface is connected to.
Access Layer
The bottom layer of the three-layer hierarchical model is the access layer. Actually, the access layer is at the periphery of your campus network, separated from the core layer by the distribution layer. The main function of the access layer is to provide the user’s initial connection to your network. Typically, this connection is provided by a switch, or sometimes, a hub. Sometimes if the user works at a small branch office or home office, this device can also be a router. But in most cases, the connection is provided by a switch.
Connections
Remember that the three-layer hierarchical model is a logical, not a physical, representation. For example, sometimes the distribution layer device might contain both switches and routers. You might, say, use a Catalyst 5000 switch with a route switch module (RSM) in its chassis—this combination of devices can provide both layer-2 and layer-3 functionality at the distribution layer. This kind of setup is common at the distribution layer: sometimes the routing function sits inside the chassis of the switch, like the MSM card for a Catalyst 6000 switch, and sometimes the routing function is in a separate chassis, like a 3600 series router. No matter what configuration is used, it is important that you configure the layer-3 device correctly to create a boundary between the access and core layer devices. The switching function that can be provided by the distribution layer is used to connect departmental services that the access layer devices commonly access.
Remember that, since this is a hierarchical model, connections should always be made in the upward direction: access-to-distribution and distribution-to-core. You should never cross-connect layers: access-to-access or distribution-to-distribution. If you do this, you’ll be creating a non-scalable flat network. Cisco’s CCDA, BCMSN, and ARCH exams cover this process in more depth.
No comments:
Post a Comment