cisco 3layer model


cisco3階層模型
 core layer(核心層):骨幹
 distribution layer(分送層):遶送
 access layer(存取層):交換
用途:
enables network designers to organize the network into distinct layers of devices.
The resulting network is efficient, intelligent, scalable, and easily managed.
to design a network with a predictable behavior to offer low maintenance and high availability
ps:此三層為邏輯性,且未必是實體層的裝置,有時一個設備執行多層,或一層多個設備在執行
ps:
the hierarchy can be collapsed or simplified in certain cases. 
ex:
small or medium-size campus networks might not have the size, multilayer switching, or volume requirements that would require the functions of all three layers.
Here, you could combine the distribution and core layers for simplicity and cost savings.
When the distribution and core layers are combined into a single layer of switches, a collapsed core network results 


core layer
網路的核心,負責可靠且迅速傳送大量流量,目的是盡快交換流量
容錯能力是此層重點,速度與延遅是此層主要考量
通常連接所有distribution layer switch
設計方向:
 不要做會減緩流量的事 ex:acl(使用者存取清單),vlan間遶送,封包過濾,...等
 不要支援工作群組的存取
 不要在流量增高時擴充核心 ex:新增router
 使用高速網路 ex:FDDI,fast ethernet,ATM,...等
 使用較低收斂時間的遶送協定
必備能力
 Very high throughput at Layer 3
 No costly or unnecessary packet manipulations (access lists, packet filtering)
 Redundancy and resilience for high availability
 Advanced QoS functions

distribution layer
又稱workgroup layer(工作群組層),building distribution switches
此層提供routing,filter,wan存取,判斷封包如何存取核心
須決定出處理網路服務請求的最快方式 ex:如何將檔案請求轉送給伺服器
此層定義實行policy(網路政策)的地方,此層在設計上也有大量的彈性
設計方向:
 遶送協定間的重新分送
 存取清單,封包過濾
 網路安全政策實作 ex:nat,firewall
 vlan與其他工作群組支援功能間的遶送
 廣播與多點傳播網域的定義
必備功能
 Aggregation of multiple access-layer devices
 High Layer 3 throughput for packet handling 
 Security and policy-based connectivity functions through access lists or packet filters
 QoS features
 Scalable and resilient high-speed links to the core and access layers
ps:
Notice that the distribution layer usually is a Layer 3 boundary, where routing meets the VLANs of the access layer

access layer
又稱為desktop layer(桌面層),building access switches
會控制使用者與工作群組對互連網路資源的存取
常使用的技術有乙太網路交換,靜態遶送
設計方向:
 延續自distribution layer的存取控制與policy
 建立獨立的碰撞網域
 工作群組對distribution layer的連結
必備能力
 Low cost per switch port
 High port density
 Scalable uplinks to higher layers
 User access functions such as VLAN membership, traffic and protocol filtering, and QoS
 Resiliency through multiple uplinks

...........................................


Modular Network Design
1. each layer of the hierarchical network model can be broken into basic functional units
2. These units, or modules,can then be sized appropriately and connected, while allowing for future scalability and expansion
3. to divide enterprise campus networks into the following basic elements
Switch block:A group of access-layer switches, together with their distribution switches
Core block:The campus network's backbone

.............

Switch Block
1. switch block contains switching devices from the access and distribution layers.
2. All switch blocks then connect into the core block, providing end-to-end connectivity across the campus.
3. each access-layer switch connects to devices in the distribution layer.
Layer 2 functionality:transports data among all connected access switches at a central connection point. 
Layer 3 functionality:also can be provided in the form of routing and other networking services (security, QoS, and so on)

Sizing a Switch Block
1. Consider the following factors
 Traffic types and patterns
 Amount of Layer 3 switching capacity at the distribution layer
 Number of users connected to the access-layer switches
 Geographic boundaries of subnets or VLANs
 Size of spanning-tree domains
2. switch block size should be based primarily on the following:
 Traffic types and behavior
 Size and number of common workgroups

3. a switch block is too large if the following conditions are observed:
 The routers (multilayer switches) at the distribution layer become traffic bottlenecks
 Broadcast or multicast traffic slows the switches in the switch block
 Network congestion occurs

Switch Block Redundancy
A switch block consists of two distribution switches that aggregate one or more access layer switches
1. Each access layer switch should have a pair of uplinks-one connecting to each distribution switch
2. The physical cabling is easy to draw, but the logical connectivity is not always obvious
recommand 
all Layer 2 connectivity should be contained within the access layer.
The distribution layer should have only Layer 3 links.

.................... 

Core Block
1. A core block is required to connect two or more switch blocks in a campus network
2. the core must be as efficient and resilient as possible.
3. The core is the campus network's basic foundation and carries much more traffic than any other block
主要有以下兩類型
 Collapsed Core
 dual core

...

Collapsed Core
1. the hierarchy's core layer is collapsed into the distribution layer
both distribution and core functions are provided within the same switch devices.
ps:keeping these functions distinct and properly designed is important
2. the collapsed core is not an independent building block but is integrated into the distribution layer of the individual standalone switch blocks
常見環境
in smaller campus networks, where a separate core layer (and additional cost or performance) is not warranted.

core/distribute layer透過layer3 link互連
1. Connectivity between the distribution and core switches is accomplished using Layer 3 links (Layer 3 switch interfaces, with no inherent VLANs)
2. The VLANs terminate there because the distribution layer uses Layer 3 switching
it limits the broadcast domains, removes the possibility of Layer 2 bridging loops,and provides fast failover if one uplink fails
3. At Layer 3, redundancy is provided through a redundant gateway protocol for IP

...

Dual Core
1. A dual core connects two or more switch blocks in a redundant fashion
2. this core appears as an independent module and is not merged into any other block or laye
ps:
Although the collapsed core can connect two switch blocks with some redundancy,
the core is not scalable when more switch blocks are added

ps:
In the past
the dual core usually was built with Layer 2 switches to provide the simplest and most efficient throughput
Layer 3 switching was provided in the distribution layer
In a Layer 2 core, the switches cannot be linked to avoid any bridging loops
Now
Multilayer switches now have become cost-effective and offer high switching performance.
Building a dual core with multilayer switches is both possible and recommended
A Layer 3 core uses routing rather than bridging, so bridging loops are not an issue

雙主線同時運作
each distribution switch has two equal-cost paths to the core, allowing the available bandwidth of both paths to be used simultaneously
Both paths remain active because the distribution and core layers use Layer 3 devices that can manage equal-cost paths in routing tables
雙主線機制
manage equal-cost paths in routing tables
If one switch fails, the routing protocol reroutes traffic using an alternative path through the remaining redundant switch.

...

Core Size in a Campus Network
the actual number of directly connected peers is quite small, regardless of the campus network size
ps:
When multilayer switches are used in the distribution and core layers,
the routing protocols running in both layers regard each pair of redundant links between layers as equal-cost paths.
Traffic is routed across both links in a load-sharing fashion, utilizing the bandwidth of both

 

2008-10-10 07:44:48發表 0000-00-00 00:00:00修改   

數據分析
程式開發
計算機組織與結構
資料結構與演算法
Database and MySql
manage tool
windows
unix-like
linux service
network
network layer3
network layer2
network WAN
network service
作業系統
數位鑑識
資訊安全解決方案
資訊安全威脅
Cisco security
Cisco network

Cisco layer3
Cisco layer2



  登入      [牛的大腦] | [單字我朋友] Powered by systw.net