A question about LAN design came up and I decided to write a blog post about it. This blog post, however, is not going to cover every LAN design possibilities out there since there are other blogs that covers it – such designs talk about TRILL, FabricPath, SPB, vPC, and etc. I will, however, cover some LAN designs that I’ve seen in production and were mentioned in CCDP ARCH book. For people who are still in the CCNA level, the LAN design in this blog post will be covered in CCNP/CCDP books so keep on studying. Hopefully, this blog post will serve a good introduction to the topic.
The picture on the left side is called Layer 2 looped design, per CCDP ARCH FLG (Foundation Learning Guide) book. This is one of the common LAN designs, in a medium sized environment if your access layer switch is only Layer 2 capable. For simplicity sake, I did not include the core layer switches in the diagram. However, this design can be used as well as core/distribution switch, this is called collapsed-core LAN design. Collapsed-core design is mostly found in a small/medium sized network where it doesn’t need a core layer.
As the name implies, this design has a Layer 2 loop. Of course, this is only true if the switches are not running STP. With this design, one of the links is in blocking mode which means the other link won’t be used if you’re running the IEEE 802.1D standard, also known as Common Spanning Tree (CST) or just STP. With Cisco switches, at least the ones I’ve used, run PVST+, by default, which means you can take advantage of the other link to do some load balancing across two links. Though, in reality it is not really balanced since traffic in two VLANs are not normally identical. Books will tell you load balancing but I agree with Brian Dennis where he mentioned in one of the INE videos that it is actually load sharing. Load sharing is accomplished by configuring the STP parameters per VLAN and First Hop Redundancy Protocol (FHRP), like HSRP, VRRP, and GLBP.
One disadvantage of this design is that you can span VLANs across multiple switches, which means the broadcast domain is extended. If a broadcast was sent from a host connected to Access-1, that broadcast will propagate across all the switches in the LAN who has that VLAN configured. Another disadvantage is the STP convergence – if there is a failure in the topology, the network needs to reconverge first before forwarding any traffic. While implementing IEEE 802.1w, also known as RSTP, can help with the reconvergence of the network, there is still a period of time that the traffic is not forwarding.
The design on the right is called Layer 2 loop-free, per CCDP ARCH FLG. As the name implies, the design does not have Layer 2 loop which means STP has been avoided – meaning no more waiting for STP to reconverge and no more blocked ports. However, this design does not avoid the network reconvergence. When there’s a failure in the topology, FHRP will still need to release its duties as a primary traffic forwarder for the other switch to take over. The load sharing is simpler than the first one since there will be no STP configurations on top of the FHRP. While this design is a better choice than the first one, at least in my opinion, it needs to be said that spanning VLANs across multiple switches is not recommended. Make sure that spanning VLANs across other switches is not needed before picking this design. If, for whatever reason, the network needs to span VLANs across other switches, the design can be converted to the Layer 2 looped design by changing the port channel between the distribution switches to Layer 2 link.
This design is called Layer 3 routed, sometimes called routed access. Out of the three diagrams, this is the best design since there’s no STP and FHRP needed which allows equal cost load balancing (again, sharing) and no need to wait for the network to reconverge when topology changes. The diagram depicts that the VLANs are different on each switches but it does not need to be different. The advantage of making it different VLANs on each switches is when the requirement needs to be changed to Layer 2 looped design.
Unfortunately, I do not know the official name for this design since these were not covered in CCDP ARCH or CCNP BCMSN material. Let’s just call it single chassis with dual supervisor Layer 2 loop free. These two are very similar to the first two design presented earlier but without the redundancy of the second chassis. These designs, however, still has some redundancy built into it – dual sup. The obvious advantage of this design is the cost savings, since the design does not require to buy another chassis and line cards. While chassis failure can happen, it is very rare so this is an attractive design to deploy in some environments. The dual sup has some similarities with the HSRP active and standby concept. However, in supervisor redundancy it is called active (primary) and hot (standby or secondary), as shown here.
This design allows you to combine two switches and present it to other switches in the network as one logical switch. With this design, the STP has been eliminated since the downstream switches will see it only as a single logical switch. The downstream switches will run Multichassis EtherChannel (MEC), also known as Multichassis Link Aggregation (MLAG), and the distribution switches will run VSS (Virtual Switching System). I believe this is not very common LAN design in a user environment since this is an expensive solution. I will make an assumption that this is a design that can be deployed in a data center environment. While this can work in a data center environment, there are other designs out there that I consider better than this. Besides, if you’re going to be designing a data center environment you may want to look at other switches offered by other vendors or if your environment is a Cisco shop, then you feel free to look at the Nexus line. Per Ethan Banks, Catalyst 6500 may not be the right choice for a data center environment moving forward.
Running VSS and MEC/MLAG comes with a caveat, the split-brain issue – this has been covered by Ivan Pepelnjak in his blog post. While I have not encountered it in production, I’ve heard stories about it happening in a production environment. While I am familiar with the technology, I’ve never really configured one. Though, I will be configuring it pretty soon during Cisco Live.
I hope this blog post serves a good introduction to LAN design.
Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide
NetworkJutsu.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.