CCDA - en/Network Structure models

From Teknologisk videncenter
Jump to: navigation, search

Materialer

Core layer

The core layer is the network’s high-speed switching backbone that is crucial to corporate communications. The core layer should have the following characteristics:

  • Fast transport
  • High reliability
  • Redundancy
  • Fault tolerance
  • Low latency and good manageability
  • Avoidance of slow packet manipulation caused by filters or other processes
  • Limited and consistent diameter
  • Quality of service (QoS)

When a network uses routers, the number of router hops from edge to edge is called the diameter. As noted, it is considered good practice to design for a consistent diameter within a hierarchical network. The trip from any end station to another end station across the backbone should have the same number of hops. The distance from any end station to a server on the backbone should also be consistent.

Limiting the internetwork’s diameter provides predictable performance and ease of troubleshooting. You can add distribution layer routers and client LANs to the hierarchical model without increasing the core layer’s diameter. Use of a block implementation isolates existing end stations from most effects of network growth.

Distribution Layer

The network’s distribution layer is the isolation point between the network’s access and core layers. The distribution layer can have many roles, including implementing the following functions:

  • Policy (for example, ensuring that traffic sent from a particular network is forwarded out one interface while all other traffic is forwarded out another interface)
  • Redundancy and load balancing
  • QoS
  • Security filtering
  • Address or area aggregation or summarization
  • Departmental or workgroup access
  • Broadcast or multicast domain definition
  • Routing between virtual LANs (VLAN)
  • Media translations (for example, between Ethernet and Token Ring)
  • Redistribution between routing domains (for example, between two different routing protocols)
  • Demarcation between static and dynamic routing protocols You can use several Cisco IOS Software features to implement policy at the distribution layer:
  • Filtering by source or destination address
  • Filtering on input or output ports
  • Hiding internal network numbers by route filtering
  • Static routing
  • QoS mechanisms (for example, ensuring that all devices along a path can accommodate the requested parameters)

The distribution layer provides aggregation of routes providing route summarization to the core. In the campus LANs, the distribution layer provides routing between VLANs that also apply security and QoS policies.

Access Layer

The access layer provides user access to local segments on the network. The access layer is characterized by switched and shared-bandwidth LAN segments in a campus environment. Microsegmentation using LAN switches provides high bandwidth to workgroups by reducing collision domains on Ethernet segments. Some functions of the access layer include the following:

  • High availability
  • Port security
  • Broadcast suppression
  • QoS
  • Rate limiting
  • Address Resolution Protocol (ARP) inspection
  • Virtual access control lists (VACL)
  • Spanning tree
  • Trust classification
  • Power over Ethernet (PoE) and auxiliary VLANs for VoIP
  • Auxiliary VLANs

You implement high-availability models at the access layer. The later section Network Availability covers availability models. The LAN switch in the access layer can control access to the port and limit the rate at which traffic is sent to and from the port. You can implement access by identifying the MAC address using ARP, trusting the host, and using access lists.

For small office/home office (SOHO) environments, the entire hierarchy collapses to interfaces on a single device. Remote access to the central corporate network is through traditional WAN technologies such as ISDN, Frame Relay, and leased lines. You can implement features such as dial-on-demand routing (DDR) and static routing to control costs. Remote access can include virtual private network (VPN) technology.

Switched Hierarchical Design
Routed Hierarchical Design

Cisco Enterprise Architecture model

Enterprise Architecture Model

Internet Edge

Internet multihomed muligheder
VPN arkitektur

Network availability

Network Avalability considerations

  • Work station to Router i Access layer
  • Server redundance in Server Farm (Data Center)
  • Redundant Routers

Redundans fra arbejdsstation til Router

Proxy ARP

Proxy arp[1] is a protocol used on Routers. If the default router fails another router would answer ARP Requests even if it has another IP address.

RDP - Router Discovery Protocol

Not to confuse with Remote Desktop Protocol is an expansion of the ICMP protocol and allows a Workstation to learn the IP address of a router.

RIP

A workstation can use RIP to learn external routes.

HSRP

HSRP

GLBP

GLBP

Server redundancy

Mirroring the servers to achieve high availability.

References