campus lan design

Campus LANDesign

1 NW97_EMEA_301

2 NW97_EMEA_301

Introduction

• Different user requirements dictate different network solutions

• How to decide what model of network to build?

• For each of the models:Define network requirements

Analyze the network design architecture

Review required Technologies

3 NW97_EMEA_301

Agenda

• Building Blocks

• Campus Architectures

• Campus Design

4 NW97_EMEA_301

Building Blocks

5 NW97_EMEA_301

LAN Backbone Technologies

FDDIFDDI

“classical” L1Install & Forget

Robust & Redundant if Concentrators used !Very Fast Failover

todays L2, L3 FDX Topo like EthernetExpensive...

10 Mbps100 Mbps1000 MbpsFDX

“802.3” Ethernet“802.3” Ethernet

•End to End Technology•limited QOS (COS)•Multimedia over IP•FDX = NO Collisions !•Existing Knowhow•Very Low Cost

155 Mbps 622 Mbps FDX

•Backbone only in Campus (rarely Desktops)•Interoperable Redundancy & Loadsharing by PNNI1•VLAN Standard (LANE)•Full QOS (PBX Connection)•Scaling Issues in large Campus•Moderate Cost

ATMATM

7 NW97_EMEA_301

ATM Physical TopologyCampus Backbone

25/155 Mb/sATM

Building Backbone

ATMWAN

4/16 TR

10/100 Mb/s Ethernet

155 or622 Mb/s

Central Switch

155 or622 Mb/s

8 NW97_EMEA_301

Ethernet Physical TopologyBuilding Backbone

up to 2 Gb/s

ATM

10/100 Mb/s

10/100/1000 Mb/s

WAN

Campus Backbone

ATM

up to 8 Gb/s

4/16 TR(Future)

9 NW97_EMEA_301

Gigabit Ethernet Distances

{

{

{1000BaseLX~1300 nm

{1000BaseSX~850 nm

1000BaseCXCopper

550m 3 km260m

Mach. Room Building Backbones Campus Backbone

“Long-Haul Copper” (802.3ab)

100m

Wiring Closet

440m

50u Multimode50u Multimode

50u Multimode50u Multimode

4 pr Cat 5 UTP4 pr Cat 5 UTP

62.5u Multimode62.5u Multimode

62.5u Multimode62.5u Multimode

//

9u Singlemode9u Singlemode

25m

Balanced Shielded Cable

C

Long Reach Lasers:15 to 60 km

10 NW97_EMEA_301

Current Campus Design

VLAN 1

VLAN 4

VLAN 2

L3 less performant L3 less performant

80+% Local Traffic80+% Local Traffic

L2 Wire SpeedL2 Wire Speed

Multi VLAN ServerMulti VLAN Server

Common ServerCommon Server

Smaller L2 Domains:•Faster convergence, better resilience

•Less broadcast traffic

•Security domains

11 NW97_EMEA_301

New Trafficpatterns

•WEB Technology &Distributed Systemsarrived

•Desktop-to-Desktop Video Interactive Applications Intranets

13 NW97_EMEA_301

Emerging Campus Structure

L2 =L3 Performance

Small localized Access VLANsSmall localized Access VLANs

Single VLANBackboneSingle VLANBackbone

Central Server VLANsCentral Server VLANs

95% Non Local Traffic95% Non Local Traffic

Existing StructureExisting Structure

VLAN 2

•Multilayer Switches provide L2/L3 Features

•Control by Access lists

•Selective BC forwarding

•Advanced Services

14 NW97_EMEA_301

Multilayer Switching Solutions

Multilayer Switching Multilayer Switching Fusing Routing and SwitchingFusing Routing and Switching

Multi Protocol Over ATMMulti Protocol Over ATMInter ELAN Cut-through Switching

(MPOA)—ATMF Standard

NetFlowNetFlow™™ Switching SwitchingMultilayer Switch Backbone

Inter VLAN Switching

Tag SwitchingTag SwitchingRouter Backbones

Scalable Internet/Intranet

15 NW97_EMEA_301

Multiprotocol over ATM

AA

ATM BackboneATM Backbone

MPOA ServerHandles Initial FlowMPOA ServerHandles Initial Flow

BB

Cut Through PathRemainder of FlowCut Through PathRemainder of Flow

ATMF StandardBased on LANE & NHRPLimited SecurityNo IP MC Support in Standard

ELAN AELAN A

ELAN BELAN B

MPOA ClientMPOA Client

16 NW97_EMEA_301

NetFlow Switching

SiSi

• NetFlow switching

High performance Layer 3 switching

Fully compliant with all IETF standards

No Host changes required

• Flow managementPlanning, administration and troubleshooting

• NetFlow servicesSecurity services

Class of serviceenablement

18 NW97_EMEA_301

NFLS First Packet of a Flow

Campus Client

VLAN X

VLAN Y

Server

Application• Forwarding:

• Route Table• Security:

• Access list•Management:

• Accounting

• Forwarding: • Route Table

• Security: • Access list

•Management:• Accounting

Route Processor TasksRoute Processor Tasks Catalyst Switch with NFFCCatalyst Switch with NFFC

Full Router or RSMFull Router or RSM

SiSi

Net Flow Lan SwitchingNet Flow Lan Switching

19 NW97_EMEA_301

NFLS Remainder of Flow

Campus Client

VLAN X

VLAN Y

Server

SiSi

L3 cut-through switchingASIC in Catalyst

(Services are maintained)

• Learn Flow• Build Cache: Source Address, Dest. Address, Application• Forward Packets InterVLAN• Gather Statistics

• Learn Flow• Build Cache: Source Address, Dest. Address, Application• Forward Packets InterVLAN• Gather Statistics

Catalyst NFFCCatalyst NFFC

Catalyst Switch with NFFCCatalyst Switch with NFFC

Full Router or RSMFull Router or RSM

20 NW97_EMEA_301

Integrated NetFlow Management

Flow Flow CollectionCollection

Flow Switching Flow Switching and Data Exportand Data Export

RMON ProbeRMON Probe

Si

Si

SwitchesSwitches

RoutersRouters

Flow Flow ConsolidationConsolidation

TrafficTrafficDirectorDirector

Flow Profiling

Accounting/Billing

NetworkPlanning

Network Monitoring

Flow ConsumersFlow Consumers

21 NW97_EMEA_301

Campus Architectures

22 NW97_EMEA_301

Four Basic Campus Architectures

Campuswide VLANCampuswide VLANwith Ethernet with Ethernet

BackboneBackbone

Campuswide VLANCampuswide VLANwith ATM Backbonewith ATM Backbone

Layer 2/Layer 3Layer 2/Layer 3with Ethernet with Ethernet

BackboneBackbone

CampuswideVLANs

HierarchicalL2/L3 Network

Frame-SwitchedBackbone

ATM-SwitchedBackbone

Layer 2/Layer 3 Layer 2/Layer 3 with ATM Backbonewith ATM Backbone

23 NW97_EMEA_301

Campuswide Vlans


BackboneBackbone



BackboneBackbone

CampuswideVLANs





24 NW97_EMEA_301

Campuswide VLANs

• Users are Members of a specific VLAN (Subnet)independent of physical moves

• Each VLAN could have a common set of security requirements for all members

• Today most traffic is local to VLANWith wirespeed L3 Performance no longer required

25 NW97_EMEA_301

Campuswide VLANs

I.e. User VLAN Membership via MAC address with VMPS Feature on moves


Lay

er 3

-4+

Ro

uti

ng

an

d F

ilter

ing

Acc

ess

Co

ntr

ol,

Acc

ou

nti

ng

Lay

er 3

-4+

Ro

uti

ng

an

d F

ilter

ing

Acc

ess

Co

ntr

ol,

Acc

ou

nti

ng

CentralACLNetflow RMON


Issue: Scalability of campuswide L2 VLANs

26 NW97_EMEA_301

Campuswide VLANs



Lay

er 3

-4+

Ro

uti

ng

an

d F

ilter

ing

Acc

ess

Co

ntr

ol,

Acc

ou

nti

ng

Lay

er 3

-4+

Ro

uti

ng

an

d F

ilter

ing

Acc

ess

Co

ntr

ol,

Acc

ou

nti

ng



VirtualMembershipPolicy Server

VirtualMembershipPolicy Server

SRC MAC Address

SRC MAC Address

VLAN IDVLAN ID

27 NW97_EMEA_301

Campuswide Vlans =>Ethernet


BackboneBackbone



BackboneBackbone

CampuswideVLANs





28 NW97_EMEA_301

Campuswide VLAN =>Ethernet Backbone

• Majority of local Traffic

• Static IP addressing is common

(DHCP can be used, too)

• Common security requirements per VLAN

• Lots of adds, moves and changes

• All VLANs across all switches and the backbone over time

• Spanning Tree Loadin Distribution/CoreLayer !!

DistributionDistributionLayerLayer

Core LayerCore Layer

WiringWiringClosetCloset

Switched EthernetSwitched Ethernet

ISL TaggingISL Tagging


Fast/Gigabit Ethernet

Fast/Gigabit Ethernet

WorkgroupServers

WorkgroupServers

EnterpriseServers

EnterpriseServers

Inter-VLANRouting

Inter-VLANRouting

30 NW97_EMEA_301

Campuswide Vlans => ATM


BackboneBackbone



BackboneBackbone

CampuswideVLANs





31 NW97_EMEA_301

Campuswide VLAN => ATM Backbone

• Best for local Traffic• Lots of adds, moves,

and changes

• Static IP addressing common (DHCP can be used)

• Common security requirements per ELAN

• Traditional voice/video in ATM core

• Multiple VLAN (ELAN) membership across all wiring closets

• ATM VC CountScaleability !!!

WorkgroupServers

WorkgroupServers


ATM with PNNI

ATM with PNNI



EnterpriseServers

MultipleELANs

MultipleELANs

Inter-ELANRouting

Inter-ELANRouting

ATM OC-3ATM OC-3

LANELANE

VC Count !!VC Count !!

32 NW97_EMEA_301

LAN Emulation - Scalability Issues

LECS LES BUS

Required SVC´s for 3 Clients...

Required SVC´s for 3 Clients...

Ethernet Clients &Server

Ethernet Clients &Server

ATM attached LANE Clientsneed HIGH Performance ATM Hardwareto handle large number of SVC´s

LAN connected Clients CAN scale better(depends on Switch Implementation)

ATM attached LANE Clientsneed HIGH Performance ATM Hardwareto handle large number of SVC´s

LAN connected Clients CAN scale better(depends on Switch Implementation)

33 NW97_EMEA_301

Campuswide VLAN =>Ethernet Distribution, ATM Core






ATM LaneATM LaneWorkgroupServers

WorkgroupServers

EnterpriseServers

EnterpriseServers

Inter-ELANRouting

Inter-ELANRouting

ATM PNNIATM PNNI

• Best for local Traffic

• Lots of adds, moves, and changes

• Static IP addressing common (DHCP can be used)

• Common security requirements per ELAN

• Traditional voice/video in ATM core

• Multiple VLAN (ELAN) membership across all wiring closets

• Much lower ATM VC Requirements

• SPT Load !

SPT Load !SPT Load !

34 NW97_EMEA_301

Campuswide VLAN with ATM — Required Technologies

• LAN Emulation

• Inter-ELAN switching on routers

• High call/sec setup rate on ATM switch

• High BUS performance (mainly for multicast)

• PNNI for auto-rerouting in ATM core

• LANE Services Redundancy (SSRP)

• HSRP with LANE

• Sophisticated switch debugging tools

35 NW97_EMEA_301

Hierarchical Design


BackboneBackbone



BackboneBackbone

CampuswideVLANs





36 NW97_EMEA_301

Hierarchical L2/L3 Network

• Users are still grouped into VLANS (subnets)for overall network scalability

• Layer 3 performance approaches Layer 2 performance

• User’s VLAN membership changes as they move

• Traffic patterns nonlocal or unknown

37 NW97_EMEA_301

L3L3L3L3

L3L3

Hierarchical L2-L3 Campus

Block 1Block 1 Block nBlock n

Server BlockServer BlockCoreCore

Fully StructuredScaleable L3

Fully StructuredScaleable L3

User VLANsTerminate Here

User VLANsTerminate Here

Introduce Multilayer Switches at the Distribution

Introduce Multilayer Switches at the Distribution

DHCPService

DHCPService

38 NW97_EMEA_301

Hierarchical L2/L3 Network

• Layer 2 and Layer 3 used to advantageNo penalty for L3 with NetFlow™ LAN switching

Matches the new nonlocal traffic pattern

• VLANs for scalability and trunkingVLANS used as a design tool to optimize traffic flows

VLAN membership changes with moves

• Preserves scalability, addressing, policy

• Fast convergence at all layers of the network

39 NW97_EMEA_301

Hierarchical ATM


BackboneBackbone



BackboneBackbone

CampuswideVLANs





40 NW97_EMEA_301

L2/L3 Network=> ATMF MPOA

• L3=L2 performance

• NO L3/L4 Accesscontrol

• Typical single Subnet per Closet

• DHCP for IP mobility

• User’s VLAN membership changes with moves

• Most traffic leaves ELAN

• Traditional Voice/Video in ATM core


ATM with PNNI

ATM with PNNI



Route Server(MPS)

Route Server(MPS)

ATM OC-3ATM OC-3MultiprotocolClient (MPC)

MultiprotocolClient (MPC)

Workgroup andEnterprise Servers

Workgroup andEnterprise Servers

MPCMPC

MPOAMPOA

42 NW97_EMEA_301

L2/L3 Network =>Ethernet Distribution, ATM Core






ATM LaneATM Lane

EnterpriseServers

EnterpriseServers

NetFlowL3/L4

NetFlowL3/L4

ATM PNNIATM PNNI


• L3/4 NetFlow Services




• Most traffic leaves ELAN

• Traditional Voice/Video in ATM core

43 NW97_EMEA_301

Hierarchical Ethernet


BackboneBackbone



BackboneBackbone

CampuswideVLANs





44 NW97_EMEA_301

L2/L3 Network =>Ethernet






EnterpriseServers

EnterpriseServers

FE, GEFE, GE


• L3/4 NetFlow Services




• ISL used to maximize uplink utilization


NetFlowL3/L4

NetFlowL3/L4

45 NW97_EMEA_301

IP Mobility

• DHCP used for those clients who move frequently

• Client receives valid IP address, mask, gateway independent of location

• Similar in principle to Novell client auto addressing

• DHCP is the best solution for IP mobility

• If DHCP is not possible=> Local Area Mobility can be considered

48 NW97_EMEA_301

Campus Design

49 NW97_EMEA_301

Overall L2/L3 Campus Architecture

. . . .. . . .Switched EthernetSwitched Ethernet

WiringClosetWiringCloset

. . . .

Switch DomainSwitch Domain

DistributionLayer(NetFlowLAN Switching)


ISL Fast EthernetISL Fast Ethernet

WorkgroupServersWorkgroupServers

EnterpriseServersEnterpriseServers

CoreLayerCoreLayer

51 NW97_EMEA_301

Desktop Connectivity

•Provision switched Ethernet to the desktop•Use 10/100 ports for Migration to Fast Ethernet•Catalyst™ 5500 for high density

or chassis fault tolerance

•Provision switched Ethernet to the desktop•Use 10/100 ports for Migration to Fast Ethernet•Catalyst™ 5500 for high density

or chassis fault tolerance

Switched Ethernet to the Desktop

. . . .WiringClosetWiringCloset

52 NW97_EMEA_301

VLAN Allocation

•VLANs used to optimize network design•Use VLAN trunking to scale uplink bandwidth •Simple—maximize determinism of traffic flows•Subnet size is approximately the size of a wiring closet

•VLANs used to optimize network design•Use VLAN trunking to scale uplink bandwidth •Simple—maximize determinism of traffic flows•Subnet size is approximately the size of a wiring closet

VLAN#VLAN# 2. . . .

3 2 3 4 5 4 5 6 7 6 7 50 5150 51 etc.

53 NW97_EMEA_301

Wiring Closet Interconnection

. . . .

Fast Ethernet/EtherChannel ISL


•Redundant Fast Ethernet ISL trunks•Switch domain defined by building size•Deploy RSM/NetFlow LAN switching in distribution layer

•Redundant Fast Ethernet ISL trunks•Switch domain defined by building size•Deploy RSM/NetFlow LAN switching in distribution layer

DistributionLayerDistributionLayer

. . . .. . . .Switch DomainSwitch Domain

WiringClosetWiringCloset

54 NW97_EMEA_301

Wiring Closet Detail View

FE ISLFE ISL

Wiring ClosetWiring Closet

Distribution LayerDistribution Layer

VLANs:VLANs: 2 3 2 3 4 5 4 5

X = forwardingY = blockingX = forwardingY = blocking

…

•Both uplinks are used for traffic•Each uplink backs the other up•Each Rootbridge backs the other up•VLAN trunking to optimize design

•Both uplinks are used for traffic•Each uplink backs the other up•Each Rootbridge backs the other up•VLAN trunking to optimize design

Block 1Block 1

STP Root forEven VLANsSTP Root forEven VLANs

STP Root forOdd VLANsSTP Root forOdd VLANs

FE ISLFE ISL

2323

3232

2323

4545

3333

5454

4545

5454

55 NW97_EMEA_301

Redundancy Analysis



VLANs:VLANs: 2 3 2 3 4 5 4 5


…

•Fail any link•Fail any distribution layer switch•Traffic automatically flows on alternate link•UplinkFast used to converge in seconds

•Fail any link•Fail any distribution layer switch•Traffic automatically flows on alternate link•UplinkFast used to converge in seconds

Block 1Block 1

3232

2323

4545

3333

5454

4545

5454

XX

56 NW97_EMEA_301

UplinkFast States

ListeningListening

ForwardingForwarding

LearningLearningBlockingBlocking

TraditionalTraditional

ListeningListening

ForwardingForwarding

LearningLearningBlockingBlocking

UplinkFast FeatureUplinkFast Feature

57 NW97_EMEA_301

UplinkFast



MAC Addresses “1” “2” “3”MAC Addresses “1” “2” “3”

Forwarding tables updated byMulticast “Dummy” Packets Forwarding tables updated byMulticast “Dummy” Packets

MCast

SA “1”

MCast

SA “2”

MCast

SA “3”Multicast “Dummy” Packets with Source MAC AddressesMulticast “Dummy” Packets with Source MAC Addresses

58 NW97_EMEA_301

Scale the Bandwidth with VLANs



VLANs:VLANs: 2 3 2 3 4 5 4 5


…

•Add another VLAN and Trunk between wiring closet and distribution layer•Readdressing is automatic with DHCP

•Add another VLAN and Trunk between wiring closet and distribution layer•Readdressing is automatic with DHCP

Block 1Block 1

2323

4545

3333

5454

4545

5454

2323

3232

2310

2310

3210

3210

59 NW97_EMEA_301

Scaling BW—Fast EtherChannel



VLANs:VLANs: 2 3 2 3 4 5 4 5


…

•Fast EtherChannel to increase uplink BW•400 or 800 Mbps•Needs Spanning Tree support for redundant environment

•Fast EtherChannel to increase uplink BW•400 or 800 Mbps•Needs Spanning Tree support for redundant environment

Block 1Block 12310

2310

3210

3210

2323

4545

3333

5454

4545

5454

Fast EtherChannelFast EtherChannel

60 NW97_EMEA_301

Distribution Layer => Layer 3 Switching

. . . .



• Deploy NetFlow LAN Switching (NFLS)

Catalyst 5000 family switch

Route Switch Module (RSM)

NetFlow Feature Card (NFFC)


. . . .. . . .Switch DomainSwitch Domain

WiringClosetWiringCloset. . . .

NFFC

RSM

61 NW97_EMEA_301

Distribution Layer Redundancy

• Use both Layer 3 Switching engines

• HSRP for IP

Redundancy

Fast failover

VLANs 1-10 (Example)VLANs 1-10 (Example)

Backplane Interconnections to VLANs 1-10 Plus CoreBackplane Interconnections to VLANs 1-10 Plus Core

HSRP Primaryfor VLANs 1-10Even

HSRP Primaryfor VLANs 1-10Even

HSRP Primaryfor VLANs 1-10Odd

HSRP Primaryfor VLANs 1-10Odd

62 NW97_EMEA_301

Core Layer Interconnection


. . . .. . . . WiringClosetWiringCloset. . . .


CoreLayerCoreLayer

. . . .

63 NW97_EMEA_301




Core LayerFast Ethernet/Fast EtherChannel


. . .

Single IP Subnet in Simplified CoreSingle IP Subnet in Simplified Core

Ethernet Core—Single VLAN

• Fast convergence in core with OSPF or EIGRP

• Bandwidth scaling with Fast EtherChannel then Gigabit Ethernet

64 NW97_EMEA_301





. . .

Ethernet Core—Multiple VLANs

• Dual VLAN core for redundant paths

• Separation of Protocols possible

• Dual policies for security

VLAN 100VLAN 100 VLAN 200VLAN 200

65 NW97_EMEA_301

ATM Core Layer Considerations

. . .DistributionLayer NFLSDistributionLayer NFLS

ATM Core LayerATM Core Layer

OC-3OC-12 UplinksOC-3OC-12 Uplinks


• LAN Emulation in the Core• Single or multiple ELANs• Wire speed Layer 3 into the core• Enterprise servers on Fast Ethernet

66 NW97_EMEA_301

ATM Core Redundancy

. . .DistributionLayer NFLSDistributionLayer NFLS

ATM Core LayerATM Core Layer

• Dual Phy uplinks for hot standby

• PNNI provides fast, scalable VC routing

• SSRP for LANE services redundancy

SSRP

PNNI

SSRPSSRP

SSRP

ATMFStandardClientDual Phy

SSRP

67 NW97_EMEA_301

Server Attachments

WorkgroupServers FE ISL NICSeveral VLANs

WorkgroupServers FE ISL NICSeveral VLANs

. . . .. . . . . . . .

. . . .

Local ServerSingle VLANLocal ServerSingle VLAN

Enterprise ServersSingle VLAN attachedL3/4 Connected to all VLANs

Enterprise ServersSingle VLAN attachedL3/4 Connected to all VLANs

69 NW97_EMEA_301

IP MulticastServersIP MulticastServers

Multicast CoreMulticast Core

UnicastServersUnicastServers

DistributionLayer NFLSDistributionLayer NFLS


. . .

Multicast Design

• PIM for multicast tree creation at Layer 3

• CGMP for intelligent multicast at Layer 2

• No performance penalty for IP multicast

70 NW97_EMEA_301

Hierarchical L2/L3 Campus Design

• Hierarchical Layer 2/Layer 3 networks Scale well and are manageable

Solve real problems

• Layer 3 in the distribution layerFull Cisco IOS for multiprotocol with RSM

Scale Layer 3 IP with NetFlow LAN Switching

• Redundant fast converging core

• Ethernet and ATM Backbones will exist

• DHCP is the Tool for IP mobility

71 NW97_EMEA_301

Summary

• Analyze your campus requirements first:

Traffic-flow patterns

Deployment of DHCP

Mobility requirements

• Select the model that best suits

• Build it!

campus lan design

Documents