1.1 Hierarchical Network Design Model
1.1.1 Three-layer hierarchical internetworking model
It's always easier to solve a problem if it is broken into smaller pieces, and large-scale internetworks are no exception. The best-built and -managed scalable internetworks are typically designed in layers following a hierarchical model. By using hierarchical layers, you can break a large network into smaller pieces that can be dealt with separately. To understand the importance of layering, consider the Open System Interconnection (OSI) reference model, which is a layered model for understanding and implementing computer communications. By using layers, the OSI model simplifies the task required for two computers to communicate. Hierarchical models for internetwork design also use layers to simplify the task required for internetworking. Each layer can be focused on specific functions, thereby allowing you to choose the right systems and features for the layer. As a result, a hierarchical model simplifies the management of your internetwork and allows you to control the growth without overlooking the network requirements.

Modularity is another benefit of using a hierarchical design because changes in the internetwork can be easily facilitated. In addition, modularity in network design allows you to create design elements that can be replicated as the network grows. As each element in the network design requires change, the cost and complexity of making the upgrade is constrained to a small subset of the overall network. In large flat or meshed network architectures, changes tend to impact a large number of systems. Improved fault isolation is also facilitated by modular structuring of the network into small, easy-to-understand elements; therefore, you can easily understand the transition points in the network, and thus identify failure points.

A typical three-layer hierarchical internetworking model is illustrated in the Figure . It is sometimes mistakenly thought that the three layers (core, distribution, and access) must exist in clear and distinct physical entities, but this does not have to be the case. The layers are defined to aid successful network design and to represent functionality that must exist in a network. The instantiation of each layer can be in distinct routers or switches, can be represented by a physical media, can be combined in a single device, or can be omitted altogether. The way the layers are implemented depends on the needs of the network being designed. Note, however, that for a network to function optimally, hierarchy must be maintained. Generally three layers are defined within a hierarchical network. As indicated in the Figure , each layer has a specific design goal.

Core layer

The core of the network has one goal: switching packets. The following two basic strategies will accomplish this goal:

  • No network policy implementation should take place in the core of the network.
  • Every device in the core should have full reachability to every destination in the network.

Since the core layer is the central internetwork for the entire enterprise and may include LAN and WAN backbones, the primary function of this layer is to provide an optimized and reliable transport structure and to forward traffic at very high speeds. In addition, the core layer is a high-speed switching backbone and because the primary job of a device in the core of the network is to switch packets, you should design the core layer to switch packets as fast as possible. Therefore, the core of the network should not perform any packet manipulation, such as access lists and filtering, that would slow down the switching of packets.

Distribution layer

The distribution layer represents the campus backbone. The primary function of this layer is to provide access to various parts of the internetwork, as well as access to services. The distribution layer of the network is the demarcation point between the access and core layers and helps you define and differentiate the core. The purpose of this layer is to provide boundary definition and is the place at which packet manipulation can take place. In the campus environment, the distribution layer can include several functions, such as the following:

  • Summarizes routes
  • Provides for area, address, or traffic aggregation
  • Offers departmental or workgroup access
  • Defines the broadcast/multicast domain
  • Provides for virtual LAN (VLAN) routing
  • Provides for any media transitions that need to occur
  • Offers security

In the noncampus environment, the distribution layer can be a redistribution point between routing domains or the demarcation between static and dynamic routing protocols. It can also be the point at which remote sites access the corporate network. The distribution layer can be summarized as the layer that provides policy-based connectivity.

Access Layer

The access layer feeds traffic into the network, performs network entry control, and provides other edge services. In doing so, the access layer provides access to corporate resources for a workgroup on a local segment. In addition, because the access layer is the point at which local end users are allowed into the network, you can use access lists or filters at the access layer to further optimize the needs of a particular set of users. In a campus environment, access-layer functions include the following:

  • Shared bandwidth
  • Switched bandwidth
  • Media Access Control (MAC) layer filtering
  • Microsegmentation

In a noncampus environment, the access layer can give remote sites access to the corporate network via some wide-area technology, such as Frame Relay, ISDN, or leased lines.

Now that you have a basic understanding of the layers in a hierarchical design model, you should account for the following fundamental design principles when designing a scalable internetwork:

  • The area affected by a topology change in the network should be bound so that it is as small as possible.
  • Routers and other network devices should carry the minimum amount of information possible.

You can achieve both of these goals through summarization, which is generally done at the distribution layer. Generally, you want to bind the convergence area at the distribution layer. For example, a failing access link shouldn't affect the routing table in the core, and a failing link in the core should produce minimal impact on the routing tables of an access-layer router. In a hierarchical network, traffic is aggregated onto higher-speed links moving from the access layer to the core, and it is split onto smaller links moving from the core toward the access layer. Not only does this scenario imply that access-layer routers can be smaller devices, it also implies that they are required to spend less time switching packets. As a result, they have more processing power, which can be used to implement network policies.