Models and Topologies

Cisco Three-Tier Network Design Model

The three-tier networking design model is a Cisco hierarchical model that divides a network into three distinct layers:

• Core layer

• Distribution layer

• Access layer

Core Layer

The core layer typically provides the fastest switching path in the network. It is commonly referred to as the network backbone and is primarily associated with low latency and high reliability.

Distribution Layer

This layer provides router filtering and interVLAN routing. Management ACLs and IPS filtering is typically implemented here as well. The distribution layer also serves as an aggregation point for access layer network links.

Because this layer is the intermediary between the access and core, it is an ideal place to enforce security policies and perform tasks that involved packet manipulation.

Summarization and next-hop redundancy are also performed here.

Access Layer

The access layer provides Network Admission Control (NAC), which is a Cisco feature that prevents hosts from accessing the network if they do not comply with organizational requirements.

NAC Profiler automates the NAC by automatically discovering and inventorying devices attached to the LAN.

This layer serves as a media termination point for servers and endpoints. The access layer is an ideal place to perform user authentication and port security.

This layer typically consists of OSI Layer 2 switches only - when packets must be routed, it is first sent to a Layer 3 switch in the distribution layer.

Some designs employ L3 switches in the access layer which moves the demarcation between L2 and L3 switching to the access layer.

Cisco Two-Tier Network Design Model

This model is sometimes referred to as the collapsed-core model. The functionality of the core layer is collapsed into the distribution layer. The functionality of the core layer is provided by the distribution layer and a distinct core layer does not exist.

The distribution layer infrastructure must be sufficient to meet the design requirements.

Spine-Leaf Topology

Spine-Leaf topologies are generally seen in data centres more than organizations. Spine-Leaf topologies are two-tier, partial mesh network architectures.

Every lower tier leaf switch connects to every top-tier spine switch. Leafs and spines are NOT connected to one another.

Spine switches connect to the network backbone. If link oversubscription occurs, a new spine switch can be added and connections to every leaf switch can be established. Leaf switches connect to nodes such as servers.

When port capacity becomes a problem with addition of new servers, a new leaf can be added and connections to every spine switch can be established.

Because spines have connections to every leaf, the scalability of the fabric is limited to the number of ports on the spine node and not by the number of ports on the leaf node.

Redundant connections between a spine and leaf pair are unnecessary because the nature of the topology ensures that each leaf has multiple connections to the network fabric - each spine requires only a single connection to each leaf node.

Spine and leaf nodes create a scalable network fabric optimized for east-west data transfer. Typically, traffic between an app server and its supporting data services.

Spine-leaf enables nonlocal traffic from any ingress leaf interface to any egress leaf interface through a single dynamically selected spine node.

Because every traffic flow must pass through no more than two network hops, throughput and latency become more even and predictable.

WAN Topologies

A WAN is a network that covers a large geographical area. A WAN is spread across multiple cities or countries.

Geographically dispersed LANs are typically connected together by a WAN. WAN connectivity is generally supplied by a service provider. Customers can connect LANs by tunnelling traffic securely over the WAN, often via a site-to-site VPN. ISPs routers and switches are invisible to the customer LAN.

Older WAN technologies include T1 and T3 leased lines which provide point-to-point connectivity. Frame Relay and Asynchronous Transfer Mode (ATM) provide point-to-multipoint connectivity.

Newer WAN technologies include Multiprotocol Label Switching (MPLS) and Metro Ethernet.

SOHO Topologies

SOHO stands for Small Office/Home Office which is a small LAN or WLAN with one or more computers.

LAN or WLAN is connected to a service provider network typically over satellite, Digital Subscriber Line (DSL), cable, and fibre to the internet.

Satellite and DSL are older/slower technologies. Cable and fibre are faster technologies.