LAN switches Buyer’s Guide part 1 - cdn.ttgtmedia.comcdn.ttgtmedia.com/searchNetworking/Downloads/LAN... · LAN switches in the enterprise Do I need campus switches in my enterprise?
Post on 26-May-2020
12 Views
Preview:
Transcript
E-guide
LAN switches Buyer’s Guide – part 1 Your expert guide to LAN switches management tools
Page 1 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
The evolution of campus LAN switches in the enterprise
Andrew Froehlich, President
The campus LAN switch is a fundamental component of networking.
There is a lot to know about the roles these switches play in a
modern enterprise network.
There's no denying campus LAN switches have made significant strides over
the years in performance, integration and the sheer number of specifications
that can be configured. That being said, the actual design used in most campus
enterprise LANs has remained largely unchanged for the past decade or so.
Yet, because there are so many new features and new marketing jargon
propagated by LAN switch vendors, the once clear-cut dividing lines between
the three tiers of a campus LAN network -- access, distribution and core -- are
becoming blurry. In our first article in this series on campus LAN switches, we
will help you to differentiate what duties each tier of the classic three-tier LAN
design is responsible for and why.
Page 2 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
Campus LAN switch design: The three-tier
model
The primary goal of any campus LAN design is to provide end-to-end
connectivity using the fastest path possible. Secondary goals include things
such as application optimization, redundancy, security and ease of
management. But since our primary goal is speed, most designs revolve around
the idea that a device located on one side of the network can minimize the LAN
hop required to reach a device on the complete opposite side of the campus
LAN. This is where the three-tiered, hierarchical design comes into play, as
shown here:
From a high-level perspective, all end devices, such as PCs, laptops, servers
and wireless devices, connect to what is referred to as the access layer.
Access-layer switches then connect upstream to the next tier -- the distribution
layer. Finally, the distribution-layer switches connect to the top tier -- the core.
And, as you can see, this simple design allows for devices to be at a minimum
number of device hops away in order to communicate.
For the most part, network administrators understand the three-tiered hierarchy
from a data-transport perspective. But where things get difficult is in
differentiating an access, distribution and core switch from the other number of
network services they are so often asked to provide. In the next few sections,
Page 3 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
we will go into detail as to which layer of the three-tier design you are most likely
to deploy various types of network services.
Duties of the access layer
The role of the access layer is to connect end devices to the network for
communication. Typically, access switches operate at Layer 2 of the OSI model
and keep track of a table that maps MAC addresses to switch port interfaces. If
multiple virtual LANs (VLANs) exist on the switch, the uplinks from the access
switch to the distribution-switch tier are configured as trunks that transport
multiple VLANs across a single link using VLAN tags. Because the switches use
Layer 2 for transport, they are configured to support the Spanning Tree Protocol
(STP) to avoid network loops with nearby access switches, as well as with
switches in the distribution tier. In terms of network services, access switches
are commonly configured to either set quality-of-service (QoS) markings or to
trust the markings from end devices. The markings are then used to divide data
into different classes, where traffic policies are then enforced end to end
throughout the rest of the network. Access-control mechanisms such as 802.1x
authentication may also be configured on the device ports to help identify users
who are attempting to gain access to the network.
Page 4 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
Duties of the distribution layer
Seated between the access and core tiers, distribution switches are in charge of
the majority of network services on a campus network. The following duties are
often performed at this layer:
Termination of Layer 2 VLAN trunks coming from the access switches. Serve as the Layer 3 default gateway for access VLANs. Designation as the root bridge for STP. Configuration of most routing protocols and redundancy or high-
availability protocols. Creation and application of access lists to filter traffic. DHCP server services -- or serve as a DHCP relay. Centralized point for multicast configurations.
QoS policies are also set and enforced based on the classification they were
assigned to by the access switches.
Duties of the core layer
The sole purpose of the core layer is to move packets from the distribution tier,
across the core switches and back down to the next distribution block as fast as
possible. There should be no services -- other than basic QoS policy
enforcement -- or filtering at this tier. Remember, those duties are left to the
distribution layer. But because of the likelihood that a great deal of traffic will be
passed from one core switch to the next, this top tier in the hierarchical model is
where the largest amount of throughput is needed. Therefore, you likely see 10,
Page 5 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
40 and 100 Gbps connections and techniques, such as port-channeling, used
heavily on these switches. It used to be that core switches operated at Layer 2,
because Layer 3 switches could not push packets at wire speed. But this hurdle
has been overcome long ago -- and most modern core switches operate at
Layer 3 and use routing protocols for redundancy, as opposed to STP at Layer
2.
It's also important to note that on smaller networks, with less traffic passing
between core switches, a fully separate core switch tier is not always
necessary. Instead, many administrators of smaller enterprise networks choose
to implement what's known as a collapsed-core architecture. This is where the
core takes on the duties of both the core and distribution tiers. It's a cost-
savings measure that also eliminates yet another hop along the path.
Where aggregation, edge and data center
switches fit
Many companies find themselves confused when choosing the correct campus
LAN switch for their networks. Marketing buzzwords from switch vendors don't
make that process any easier. Consider the term aggregation. In one sense, all
switches are aggregation switches. Access switches aggregate end users.
Distribution switches aggregate access switches and core switches aggregate
distribution switches. But, for most switch vendors, the term aggregation switch
Page 6 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
is simply an updated term for distribution switches that aggregate multiple
access switches -- usually in a single building -- together using high-speed
Ethernet connections, such as 10 Gbps fiber.
Another common -- and confusing -- marketing term is the use of edge when
discussing switches. In most networking circles, a network edge resides in one
of two places. The first is the point between the privately owned network and the
internet. The second use for edge -- and the term we're interested in -- is in
describing switches that connect end-user devices to the rest of the network.
So, it's safe to say edge switch equals access switch.
Finally, many engineers wonder where data center switches fit into the campus
LAN three-tier design. Generally speaking, data center switch blocks should be
considered part of the access tier that connects end devices to the rest of the
network. However, because data center switches provide such a different set of
services, such as server virtualization, application-level intelligence and
connectivity into storage networks, the topic of data center switching should
largely be thought of as a separate conversation.
Page 7 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
Conclusion
At this point, we should now have a sound comprehension of the architecture of
three-tiered campus LAN switches. We should also understand what services
each switch layer commonly provides. In the next article in this series, we will
help you to determine your need for the various types of campus switches, and
if you should consider purchasing or upgrading one or more tiers.
Next article
Page 8 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
Do I need campus switches in my enterprise?
Andrew Froehlich, President
The role of campus switches depends on the demands of your
organization. What are the important considerations to help you
make the right choice on whether or not to deploy them?
Every campus network design will be unique. Differences, such as the number
of users, their locations and what types of applications they use, will all affect
how a network is designed -- as well as what types and numbers of campus
LAN switches the design should include. In this article, we will again look at
each of the three tiers of switches -- access, distribution and core -- and point
out some of the most common scenarios when particular types of campus
switches would be necessary or unnecessary.
Everyone needs access switches
Regardless of whether you are building out a massive, enterprise-grade LAN
environment, or just a small remote site, your end-user devices on a campus
network are going to connect to access-grade switches. If you are going to
deploy a network using access switches only, make sure you understand how
Layer 2 and Layer 3 connectivity will operate. Typically, for larger LANs with
Page 9 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
access and distribution switches, the distribution layer performs Layer 3
communication. In smaller environments with no distribution layer, you have a
couple of options to gain Layer 3 connectivity with the rest of your LAN. The first
option is to connect your Layer 2 access switch to a device, such as a router or
firewall. The router or firewall can then be configured as the default gateway for
the various virtual LANs you configure, as well as provide routing between each
and out to the external wide area network (WAN) or internet.
The other option is to use access switches that operate at both Layer 2 and
Layer 3. By doing so, you can create virtual switch interfaces at Layer 3 and
perform all switching and routing on a single device. And since the number of
users is relatively small at remote sites, campus switches can usually handle all
switching and routing for the relatively small amount of traffic the site will create
and consume.
Where distribution/aggregation campus
switches make sense
There are a few reasons to implement an access/distribution collapsed-core
network design. Chief among them is the number of end users the LAN
supports and the geographic proximity among users. If the number of users
exceeds several hundred, the amount of throughput will eventually exceed the
capabilities of the access switches alone. In order to counter this -- while, at the
Page 10 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
same time, keeping LAN costs under control -- a collapsed core strategy makes
sense. This method uses multiple or stacked access switches at the edge to
handle Layer 2 connectivity, while offloading Layer 3 routing, access control and
other network functions to the distribution layer.
From a physical proximity perspective, you should start considering distribution
switches when you begin to reach the limitations of LAN cable lengths. If you
have Category 5 and 6 unshielded twisted pair cabling from an access switch to
end devices, the 1000BASE-T specification stipulates the cabling length
between the end device and switch cannot exceed 100 meters. If that is
surpassed, expect to incur various errors and discards on the switch port. If your
users are dispersed across a building that requires the placement of two or
more access switch closets due to distance limitations, it makes sense that
these access switches are linked to a centralized distribution/aggregation
switch. Doing so ensures all users are within one network-device hop of each
other.
When core switches are truly needed
Much like the primary requirements for moving from an access-only network to
a collapsed-core, access and distribution design, the reason to move to the
traditional three-tier design revolves around physical proximity and number of
users. If your network spans multiple buildings that require all users to be the
same number of device hops away from each other for latency purposes, the
Page 11 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
easiest way to do this is to centralize interdistribution connectivity by pushing all
data up to a core layer. While you could build out full-mesh connectivity -- or
create a ring topology between buildings -- these options may not be feasible,
practical or sufficient for your LAN needs.
The other aspect to consider is the sheer throughput and latency requirements
your end users demand. The three-tier design optimizes connectivity from end
to end on the LAN and ensures uniform latency and quality of service across the
board. Internet and WAN links typically connect into the core from edge routers.
To ensure uniform access for all end users, it's best to have a core layer to
distribute external access to the rest of your LAN. The only other responsibility
of the core, then, is to route packets from one network segment to the other as
quickly as possible.
Other considerations for campus switches
There are two other topics that need to be mentioned when evaluating which
campus switch numbers and types to include in a design. The first is LAN
redundancy. If you are designing and managing a medium-sized to large
campus network, it's common practice to provide high availability (HA) at the
switch and uplink level. That means you use two or more core and two or more
distribution switches in each block -- and configure them so a failure of one
switch does not disrupt traffic flow. Along those same lines, uplink connections
between all switches on the LAN should include more than one physical
Page 12 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
connection. Then, using any number of redundancy configuration methods, the
loss of a single connection will have no effect on end users.
The second topic is when to consider using data center switches as opposed to
traditional access switches on your LAN. If you operate a large and highly
complex data center with virtualization at the compute and storage levels, data
center switches offer plenty of features to squeeze the most out of the hardware
and software. The primary thing to look at is what you think your east-west
traffic -- traffic within a data center -- pattern will look like on your campus
switches. If east-west throughput is going to be higher than what an access-
layer switch can handle, then you're probably going to be able to take
advantage of the processing power and added HA features of a data center
switch. However, if you've only got a handful of bare-metal or virtualized servers
to manage on your campus, you can probably get away with connecting them
using access-grade switches.
The next article in this series will deal with more specific criteria of the various
campus switches and why you might want to create a list of features you can
use when evaluating specific options for vendor campus switches.
Page 13 of 13
In this e-guide
The evolution of campus
LAN switches in the
enterprise
Do I need campus
switches in my
enterprise?
E-guide
About the author
Andrew has been involved in enterprise IT for over 15 years. His primary focus
has been in Cisco wired - wireless - voice network design, implementation and
support as well as network security. This includes project management tasks
dealing with network infrastructure upgrades and new build-outs. He's also been
heavily involved in data center architectures designed to provide fault-tolerant
enterprise applications and services to thousands of users.
top related