CSIS 4823Data Communications

Networking – Designing Networks

Mr. Mark Welton

Three-tiered Architecture Collapsed core – no distribution Collapsed core – no distribution or access

Network Designs

Most common design when network covers multiple buildings

Physical separation of the three levels usually occurs when there is a physical need to do so

Access devices are connected at the access-layer switches

These switches connect to the distribution-layer switches

Distribution-layer switches then connect to the core-layer

Internet and server farm (data center) typically connect to the core-layer

Three-tiered Architecture

Three-tiered Architecture

Common in single building designs with multiple floors

Distribution-layer switches are removed and access layer goes directly in core

Distribution-layer maybe collapsed into the core-layer switches or removed completely

Collapsed core – no distribution

Collapsed core – no distribution

This design is most common in smaller implementations

Core switches act as all layers in the design For this design Ethernet runs must remain

within the distance limitations of the cable (100 Meters)

High-density chassis switches are used in this design

Collapsed core – no distribution or access

Collapsed core – no distribution or access

Trunks – will be necessary anywhere switches are interconnected

EtherChannels or port aggregation – This allows multiple switch connections to increase bandwidth between switches

Spanning tree – end devices ports should not run spanning tree. Ports connecting other switches must run it and be configured correctly including setting a correct primary and secondary root bridge

Configurations Concerns

VTP – allows for centralized control of VLAN in your network

VLAN – How many? Make sure they are planned out ahead of time◦ Internet◦ Internet inside◦ Server farm◦ User VLANS (include all user devices that need

segmented i.e. VoIP)◦ OOB???

Configurations Concerns

Most web-based applications today use a three tier design

Internet Layer - Web servers are used by the end users to access the application

Application layer – used to access the database layer and provide separation between the database and users. Also contains logic and access control for application

Database layer – contains data needed by application

Server Farm Design

Server Farm Design

There are generally two accepted methods in the design

Bridging – the lower interfaces of the upper layer are connected to the same VLAN as the upper interfaces of the layer beneath them

Routing – routers are placed between the layers

Server Farm Design

Bridged Three-Tier Design

The advantages of this design are simplicity and speed

Disadvantages are decreased security This has changed with the advances in

security devices (layer-2 firewalls)

Bridged Three-Tier Design

Routed Three-Tier Design

The advantages of this design are increased security

Disadvantages increases complexity and adds processing (which means latency)

Routed Three-Tier Design

Is there any other issue that may need addressed in the design????

Server Farm Design

Server Farm Design

Can not easily manage the server remotely

Server Farm Design

Can not easily manage the server remotely

Server Farm Design

Every interface will need an IP address. In some server high-availability solutions, you’ll need a third IP address for each

VLAN. For example, IP multipathing requires a virtual IP address on each VLAN in addition to one for each physical interface.

Every IP address you assign may need a DNS entry (including virtual IP addresses).

Which interface is primary? Does the server need a default gateway? If so, where does it go? Can the server

support multiple defaults? How will this work? Web servers need a default gateway that points to the Internet. This will require your management VLAN to have specific routes on the servers.

How many physical network cards do you need in a server to support six Ethernet interfaces? Make sure you have enough. Extra interfaces are even better.

Will the servers have both interfaces active in each VLAN, or just one? Some server high-availability solutions require the switches to be configured a certain way, while others require different configurations. Work this out in a lab before you build your network.

Will your servers support remote Ethernet consoles? Will you need a dedicated network for this traffic?

Server Farm Design

Server Farm Design

With Virtual environment your access-layer switches are also virtualized

This will make the server network requirements more like a access-layer switch uplink

Multiple 10 Gb ports are common

Modern Virtual Server Environments