© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Designing Basic Enterprise Campus Networks Designing the Campus Infrastructure Module

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Relative Considerations for the Campus Design Building Access Building Distribution Campus Core Server Farm Technology Data Link Layer/ Multilayer Switched Multilayer Switched ScalabilityHighMediumLowMedium High availabilityMedium High PerformanceMedium High Cost per PortLowMediumHigh Campus Infrastructure

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Building Access Layer Design Considerations Number of users or ports Cabling Performance Redundancy Connectivity speed for hosts and uplinks VLAN deployment Additional features such as QoS and IP multicast

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Overview of Recommended Practices for the Building Access Layer Manage VLANs and STP: –Limit VLANs to a single closet whenever possible. –If STP is required, use RPVST+. –Set trunks to desirable and desirable with negotiate. –Manually prune unused VLANs. –Use VTP transparent mode. Manage trunks between switches. Manage default PAgP settings between the catalyst operating system and Cisco IOS Software. Consider implementing routing in the access layer.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v STP Considerations Use only when you have to! –Required when a VLAN spans access layer switches –Required to protect against user side loops –More common in the data center Use RPVST+ for best convergence. Take advantage of the Spanning Tree Toolkit.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Cisco STP Toolkit PortFast: Bypass listening-learning phase for access port* UplinkFast: Three to five seconds convergence after link failure BackboneFast: Cuts convergence time by max_age for indirect failure LoopGuard: Prevents alternate or root port from becoming designated in absence of BPDUs* RootGuard: Prevents external switches from becoming root* BPDUGuard: Disable PortFast-enabled port if a BPDU is received* * Also supported with RPVST+

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Trunk Considerations Set trunk mode to desirable and desirable and encapsulation negotiate on Manually prune all VLANS except those needed Use VTP transparent mode to decrease potential for operational error Disable trunks on host ports: –Catalyst Operating System: set port host –Cisco IOS Software: switchport host

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Layer 3 Access-to-Distribution Interconnection Best option for fast convergence Equal-cost Layer 3 load balancing on all links No spanning tree required for convergence No HSRP or GLBP configuration required No VLAN spanning possible

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Building Distribution Layer Design Considerations Performance Redundancy Support for network infrastructure services

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Overview of Recommended Practices for the Building Distribution Layer Use first-hop redundancy protocols (HSRP and GLBP). Deploy Layer 3 routing protocols from distribution switches to core switches. If required, connect distribution switches to support Layer 2 VLAN spanning multiple access switches.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Recommended Practices First-Hop Redundancy Provides a resilient default gateway or first-hop address to end stations with HSRP, VRRP, or GLBP HSRP, VRRP, and GLBP provide millisecond timers and excellent convergence performance HSRP common in Cisco environments VRRP if you need multi-vendor interoperability GLBP facilitates uplink load balancing

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Recommended PracticesUse Layer 3 Routing Protocols Build triangles, not squares, for deterministic convergence. Only peer on links that you intend to use as transit. Summarize routes from distribution to core.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Example: Build Redundant Triangles Layer 3 redundant equal cost links support fast convergence. Hardware basedrecovery to remaining path is fast. Convergence is extremely fast (dual equal-cost paths: no need for OSPF or EIGRP to recalculate a new path).

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Layer 3 Distribution Interconnection Recommended practicetried and true No STP convergence required for uplink failure and recovery Distribution-to-distribution link required for route summarization Map Layer 2 VLAN number to Layer 3 subnet for ease of use and management

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Alternate: Layer 2 Distribution Interconnection Use only if Layer 2 VLAN spanning flexibility required STP convergence required for uplink failure and recovery More complex because STP root and HSRP should match Distribution-to-distribution link required for route summarization

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Campus Core Design Considerations Determine if core is needed. Determine performance and capacity needed. Determine redundancy. Determine if enterprise edge and WAN connectivity is to core or data center.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Example: Large Campus Multilayer Switched Backbone Design Reduced multilayer switch peering Topology with no spanning-tree loops Scalability to arbitrarily large size Improved network services support Two equal-cost paths to every destination network Fast recovery from link failure

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Small and Medium Campus Design Options

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Edge Distribution Design Edge distribution switches have to protect the campus core from: Unauthorized access IP spoofing Network reconnaissance Packet sniffers

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Server Placement in a Medium-Sized Network

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Server Placement in a Large Network

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Server Farm Design Guidelines Key design considerations: Access control Traffic demands Oversubscription Server connectivity options: Single NIC Dual-NIC redundancy Content switching (server load balancing)

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Summary Design an enterprise campus network using recommended practices: Use low price per port and high port density on data link layer switches for the building access layer. Use redundant multilayer switching in the building distribution layer for high availability and performance. Use high-performance wire-rate multilayer switching in the campus core design. Group centralized servers into a server farm module for moderate enterprise server requirements.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v