Network Designs
Download
Report
Transcript Network Designs
Mr. Mark Welton
Three-tiered Architecture
Collapsed core – no distribution
Collapsed core – no distribution or access
Most common design when network covers
multiple buildings
Physical separation of the three levels usually
occurs when there is a physical need to do so
Access devices are connected at the access-layer
switches
These switches connect to the distribution-layer
switches
Distribution-layer switches then connect to the
core-layer
Internet and server farm (data center) typically
connect to the core-layer
Common in single building designs with
multiple floors
Distribution-layer switches are removed and
access layer goes directly in core
Distribution-layer maybe collapsed into the
core-layer switches or removed completely
This design is most common in smaller
implementations
Core switches act as all layers in the design
For this design Ethernet runs must remain
within the distance limitations of the cable
(100 Meters)
High-density chassis switches are used in
this design
Trunks – will be necessary anywhere switches
are interconnected
EtherChannels or port aggregation – This
allows multiple switch connections to
increase bandwidth between switches
Spanning tree – end devices ports should not
run spanning tree. Ports connecting other
switches must run it and be configured
correctly including setting a correct primary
and secondary root bridge
VTP – allows for centralized control of VLAN
in your network
VLAN – How many? Make sure they are
planned out ahead of time
Internet
Internet inside
Server farm
User VLANS (include all user devices that need
segmented i.e. VoIP)
◦ OOB???
◦
◦
◦
◦
Most web-based applications today use a
three tier design
Internet Layer - Web servers are used by the
end users to access the application
Application layer – used to access the
database layer and provide separation
between the database and users. Also
contains logic and access control for
application
Database layer – contains data needed by
application
There are generally two accepted methods in
the design
Bridging – the lower interfaces of the upper
layer are connected to the same VLAN as the
upper interfaces of the layer beneath them
Routing – routers are placed between the
layers
The advantages of this design are simplicity
and speed
Disadvantages are decreased security
This has changed with the advances in
security devices (layer-2 firewalls)
The advantages of this design are increased
security
Disadvantages increases complexity and adds
processing (which means latency)
Is there any other issue that may need
addressed in the design????
Can not easily manage the server remotely
Can not easily manage the server remotely
Every interface will need an IP address.
In some server high-availability solutions, you’ll need a third IP address for each
VLAN. For example, IP multipathing requires a virtual IP address on each VLAN in
addition to one for each physical interface.
Every IP address you assign may need a DNS entry (including virtual IP addresses).
Which interface is primary?
Does the server need a default gateway? If so, where does it go? Can the server
support multiple defaults? How will this work? Web servers need a default gateway
that points to the Internet. This will require your management VLAN to have
specific routes on the servers.
How many physical network cards do you need in a server to support six Ethernet
interfaces? Make sure you have enough. Extra interfaces are even better.
Will the servers have both interfaces active in each VLAN, or just one? Some server
high-availability solutions require the switches to be configured a certain way,
while others require different configurations. Work this out in a lab before you
build your network.
Will your servers support remote Ethernet consoles? Will you need a dedicated
network for this traffic?
With Virtual environment your access-layer
switches are also virtualized
This will make the server network
requirements more like a access-layer switch
uplink
Multiple 10 Gb ports are common