Difference between revisions of "Enterprise Data Center Design"

From Teknologisk videncenter
Jump to: navigation, search
m (Active/Active Service Module Design)
m (Lag 2 - Looped design)
 
(12 intermediate revisions by 2 users not shown)
Line 2: Line 2:
 
{{In progress}}
 
{{In progress}}
 
__TOC__
 
__TOC__
[[Cisco Catalyst 6500 serie switches]]
+
*[[Cisco Catalyst 6500 serie switches]]
[http://www.cisco.com/en/US/netsol/ns949/index.html Cisco Data Center Technologies]
+
 
 
= Designing The Core and Aggregation Layers =
 
= Designing The Core and Aggregation Layers =
 
{|
 
{|
Line 54: Line 54:
 
|[[Image:Data Center Active Active service module design.png|Active/Active Service Module Design]]
 
|[[Image:Data Center Active Active service module design.png|Active/Active Service Module Design]]
 
|}
 
|}
====Establisheing  Inbound Path Prefenrece====
+
====Establisheing  Inbound Path Preference====
 
Route Health  Injection(RHI) tillader at en Cisco CSM/ACE i en 6500 switch installerer en hoste route til den virtuelle server. /32 routen fjerner problemer med asymmetriske routing.
 
Route Health  Injection(RHI) tillader at en Cisco CSM/ACE i en 6500 switch installerer en hoste route til den virtuelle server. /32 routen fjerner problemer med asymmetriske routing.
  
Line 69: Line 69:
 
|-
 
|-
 
|[[Image:Data Center Lag 2 looped Square Access.png|400px|thumb| Looped design Square Access]]
 
|[[Image:Data Center Lag 2 looped Square Access.png|400px|thumb| Looped design Square Access]]
 +
|-
 
|[[Image:Data Center Lag 2 looped Triangle Access.png|400px|thumb| Looped design Triangle Access]]
 
|[[Image:Data Center Lag 2 looped Triangle Access.png|400px|thumb| Looped design Triangle Access]]
 
|}
 
|}
 +
 
== Lag 2 - Loop frit design ==
 
== Lag 2 - Loop frit design ==
 
I Lag to Loop frit design er der ikke VLAN på Aggregationslaget modsat Looped design (Se overnfor). Ved omvendt U er det dog muligt at have VLAN på Aggregationslaget. Lag to services er supporteret. Lag tre Routning foregår på Aggregations laget.
 
I Lag to Loop frit design er der ikke VLAN på Aggregationslaget modsat Looped design (Se overnfor). Ved omvendt U er det dog muligt at have VLAN på Aggregationslaget. Lag to services er supporteret. Lag tre Routning foregår på Aggregations laget.
Line 76: Line 78:
 
|[[Image:Data Center Lag 2 loop fri U access.png|400px|thumb|Loop fri Access topologi. - U Access]]
 
|[[Image:Data Center Lag 2 loop fri U access.png|400px|thumb|Loop fri Access topologi. - U Access]]
 
|[[Image:Data Center Lag 2 loop fri omvendt U access.png|400px|thumb|Loop fri Access topologi - Omvendt U Access]]
 
|[[Image:Data Center Lag 2 loop fri omvendt U access.png|400px|thumb|Loop fri Access topologi - Omvendt U Access]]
 +
|-
 +
|[[Image:ScreenShot407.jpg|400px|thumb|Loop free U with Layer 2 Services Modules]]
 
|}
 
|}
 +
 
== Sammenligning af lag to Access designs ==
 
== Sammenligning af lag to Access designs ==
 
{|
 
{|
Line 95: Line 100:
 
|[[Image:ScreenShot401.jpg|800px|left|thumb|6500 Switch Fabrics]]
 
|[[Image:ScreenShot401.jpg|800px|left|thumb|6500 Switch Fabrics]]
 
|}
 
|}
==Active STP, HSRP, and Service Context Alignment==
+
==Optimizing EtherChannel U tilization with Min-Links==
 
{|
 
{|
|[[Image:ScreenShot403.jpg|800px|left|thumb|Active/Standby alignment]]
+
|[[Image:ScreenShot408.jpg|800px|left|thumb|Image text]]
|-
 
|[[Image:ScreenShot402.jpg|800px|left|thumb|Active/Active alignment]]
 
 
|}
 
|}
==Establisheing  Inbound Path Prefenrece==
+
==STP in the DataCenter==
Route Health  Injection(RHI) tillader at en Cisco CSM/ACE i en 6500 switch installerer en hoste route til den virtuelle server. /32 routen fjerner problemer med asymmetriske routing.
+
RPVST+ is the most common STP used in the data center today, and is the implementation
=Designing the Access Layer=
+
recommended by Cisco for the enterprise data center.
 +
*It scales to a large size (about 10,000 logical ports).
 +
*Coupled with UDLD, loop guard, root guard, and BPDU guard, it provides a strong and stable Layer 2 design solution.
 +
*It is a proven solution that is easy to implement and scale.
 +
MST is not as common in the enterprise data center because of its characteristics:
 +
*It permits large-scale STP implementations (about 30,000 logical ports). This is typically more useful for service providers and application service providers.
 +
*It isn’t as flexible as RPVST+.
 +
*It has service module implications for firewalls in transparent mode.
 +
*It is more commonly used with service providers and application service providers.
 +
<br/><br/>
 +
'''Limit HSRP instances''': The number of VLANs is typically tied to the number of
 +
HSRP instances. Cisco recommends a maximum of 500 HSRP instances on the Catalyst 6500 series Supervisor Engine 720 with default timers.<br/>
 +
'''Use MST if it meets the requirements''': If you cannot support the STP scaling issues with RSTP, you can consider implementing MST.
 +
==Cabinet Design with 1RU Switching==
 
{|
 
{|
|[[Image:ScreenShot404.jpg|800px|left|thumb|VRFs in the datacenter]]
+
|[[Image:ScreenShot1134.jpg|800px|left|thumb|Cabinet Design with 1RU Switching]]
 
|}
 
|}
==Layer 2 looped==
+
==Cabinet Design with Modular Access Switches==
VLANs are extended into the aggregation layer. Layer 2 services
 
such as NIC teaming, clustering, and stateful services from the aggregation layer such
 
as a firewall, SLB, and SSL can be provided across Layer 2 models. Layer 3 routing is
 
first performed in the aggregation layer.
 
 
{|
 
{|
|[[Image:ScreenShot405.jpg|800px|left|thumb|Layer 2 Looped designs]]
+
|[[Image:ScreenShot1135.jpg|800px|left|thumb|Modular access switches]]
 
|}
 
|}
The Layer 2 looped triangle in Figure 5-14 has the following features:
+
==Hybrid Design With OOB Switches==
*Supports VLAN extension/Layer 2 adjacency across the access layer.
 
*Resiliency is achieved with dual-homing and RSTP.
 
*Quick convergence with RSTP.
 
*Supports stateful services at the aggregation layer.
 
*Proven and widely used.
 
The Layer 2 looped square in Figure 5-14 has the following features:
 
*Supports VLAN extension/Layer 2 adjacency across the access layer.
 
*Resiliency is achieved with dual homing and STP.
 
*Quick convergence with 802.1w and 802.1s.
 
*Supports stateful services at the aggregation layer.
 
*Supports more access layer switches, optimizing 10 Gigabit Ethernet aggregation layer density.
 
*Active/active uplinks align well to active/active service module designs.
 
==Layer 2 loop free==
 
VLANs are not extended into the aggregation layer. Layer 2 services are supported. Layer 3 routing is first performed in the aggregation layer.
 
 
{|
 
{|
|[[Image:ScreenShot406.jpg|800px|left|thumb|Loop-Free]]
+
|[[Image:ScreenShot1136.jpg|800px|left|thumb|OOB Switches]]
 
|}
 
|}
The following are characteristics of loop-free U access:
+
 
*VLANs are contained in switch pairs (no extension outside of switch pairs).
+
==High Availability and Failover Times==
*No STP blocking; all uplinks are active.
 
*Layer 2 service modules black-hole traffic on uplink failure.
 
The following are characteristics of loop-free inverted U access:
 
*Supports VLAN extension.
 
*No STP blocking; all uplinks are active.
 
*Access switch uplink failure black-holes single attached servers.
 
*ISL scaling considerations.
 
*Supports all service module implementations.
 
 
{|
 
{|
|[[Image:ScreenShot407.jpg|800px|left|thumb|Loop-Free U Design and Layer 2 Service Modules]]
+
|[[Image:ScreenShot409.jpg|800px|left|thumb|Image text]]
 
|}
 
|}
 
+
==High Availability and Cisco NSF with SSO==
==Layer 3==
+
This convergence time and possible lost sessions can be avoided by using dual Catalyst
Stateful services requiring Layer 2 connectivity cannot be provisioned from
+
6500 series Supervisor Engine 720 engines and Cisco NSF with SSO on the primary aggregation switch of the data center.
the aggregation layer. Layer 3 routing is first performed in the access layer.
 
  
 
= Eksterne henvisninger =
 
= Eksterne henvisninger =

Latest revision as of 07:24, 27 August 2012

Kapitel 5 fra CCDP ARCH bogen.

Kate.png This article is under development....

Designing The Core and Aggregation Layers

Data Center Design Architectural Overview

Data Center arkitekturen er baseret på en tre lags model.

  • Core laget består af høj-hastigheds OSI lag 3.
  • Aggregation laget forbinder Access-Laget med enten OSI lag 2 eller OSI lag 3.
  • Access Laget giver fysisk forbindelse til Serverne.

fordele ved tre-lags modellen

  • Hvis det er nødvendigt at samme VLAN skal være på flere Access Switche samtidig kan Aggregation-Switchene-----

Data Center Core layer design

Data Center Core Layer Design
OSI Lag 3 design for Data center Core

Routnings Protokoller

OSPF

OSPF Routnings Protokol design for Data Center Core

EIGRP

EIGRP Routnings Protokol design for Data Center Core

Aggregation Layer

Scalering af Data Center Aggregation laget

Spanning tree design

Cisco anbefaler at benytte sig af RPVST+.

Data Center Spanning Tree design (Aggregation switche Root/HSRP)

Aktiv STP,HSRP og Service Context Alignment

Active/Standby Service Module Design

I tegningen herunder er den ene Aggregation Switch Active og den anden Standby for al trafikken fra Access laget.

  • Cisco 6500 med FSWM 2.x
Aggregation switche Aktiv/Standby STP,HSRP og Service Module design, eksempel 1
Aggregation switche Aktiv/Standby STP,HSRP og Service Module design, eksempel 2

Active/Active Service Module Design

I tegningen herunder er begge Aggregation Switche Active for hver deres VLAN's.

  • Cisco 6500 med FSWM 3.1
Active/Active Service Module Design

Establisheing Inbound Path Preference

Route Health Injection(RHI) tillader at en Cisco CSM/ACE i en 6500 switch installerer en hoste route til den virtuelle server. /32 routen fjerner problemer med asymmetriske routing.

Anvendelse af VRF (MPLS) i Data centeret

Anvendelse af VRF'er i Data Centeret

Access Lag

Lag 2 - Looped design

I Lag to Looped Design er VLAN's termineret i Aggregation laget og Lag 2 services som NIC teaming, Clustering og Statefull Services som for eksempel Firewall, Server Load Balancing, SSL kan udføres på ISO lag 2. Lag tre Routning foregår på Aggregations laget.

Lag 2 - Looped design
Looped design Square Access
Looped design Triangle Access

Lag 2 - Loop frit design

I Lag to Loop frit design er der ikke VLAN på Aggregationslaget modsat Looped design (Se overnfor). Ved omvendt U er det dog muligt at have VLAN på Aggregationslaget. Lag to services er supporteret. Lag tre Routning foregår på Aggregations laget.

Loop fri Access topologi. - U Access
Loop fri Access topologi - Omvendt U Access
Loop free U with Layer 2 Services Modules

Sammenligning af lag to Access designs

Sammenligning af lag 2 Access Designs

Lag 3 på Access laget

Statefull Services som kræver lag to konnektivitet kan ikke udføres af Aggregationslaget hvis Lag tre Routning foregår på Access-laget.

OSI Lag 3 på Access laget

Multicast Source Support

OSI Lag 3 på Access laget Multicast Support

6500 Services Module Placement Considerations

6500 Switch Fabrics

Optimizing EtherChannel U tilization with Min-Links

Image text

STP in the DataCenter

RPVST+ is the most common STP used in the data center today, and is the implementation recommended by Cisco for the enterprise data center.

  • It scales to a large size (about 10,000 logical ports).
  • Coupled with UDLD, loop guard, root guard, and BPDU guard, it provides a strong and stable Layer 2 design solution.
  • It is a proven solution that is easy to implement and scale.

MST is not as common in the enterprise data center because of its characteristics:

  • It permits large-scale STP implementations (about 30,000 logical ports). This is typically more useful for service providers and application service providers.
  • It isn’t as flexible as RPVST+.
  • It has service module implications for firewalls in transparent mode.
  • It is more commonly used with service providers and application service providers.



Limit HSRP instances: The number of VLANs is typically tied to the number of HSRP instances. Cisco recommends a maximum of 500 HSRP instances on the Catalyst 6500 series Supervisor Engine 720 with default timers.
Use MST if it meets the requirements: If you cannot support the STP scaling issues with RSTP, you can consider implementing MST.

Cabinet Design with 1RU Switching

Cabinet Design with 1RU Switching

Cabinet Design with Modular Access Switches

Modular access switches

Hybrid Design With OOB Switches

OOB Switches

High Availability and Failover Times

Image text

High Availability and Cisco NSF with SSO

This convergence time and possible lost sessions can be avoided by using dual Catalyst 6500 series Supervisor Engine 720 engines and Cisco NSF with SSO on the primary aggregation switch of the data center.

Eksterne henvisninger