[c-nsp] Campus Network Design advice

[Brad Hedlund]

On 1/27/09 7:50 PM, "Marc Archer" <marc at archernet.id.au> wrote:

> The other option we have been looking at (see attached) is to have L3
> switches as all our distribution switches and contain VLANS to a particular
> building. This seems to be a neater solution to me

Agree 100%

> I would also
> like to connect adjacent distribution switches together for redundancy, so
> I'm wondering if I should be looking at a heap of /30 links between
> distribution switches & the core (and run OSPF) - or just use a L2 network
> and let STP manage the links.

Definitely use /30 'no switchport' routed links from Dist to Core.  The Dist
to Dist links, on the other hand, can be L2 or L3.  If the Dist-Dist link is
L3 there is no STP blocking links at the access layer switch and you can use
GLBP for load balancing access uplink traffic, however the tradeoff is that
a VLAN should be confined to a single access layer switch.  Another
potential pitfall here is if you are running voice/video and need fast
convergence, which would require you to configure sub-second timers for GLBP
or HSRP.  With sub second GLBP/HSRP timers running on 150+ VLANs this starts
to wreak havoc on the Dist switch CPU.

If the Dist-Dist link is L2 you have a looped design and STP will do its
thing by blocking one of the access switch uplinks on a per VLAN basis.  The
advantage with this design is that you can have VLANs spread across multiple
access layer switches.  The disadvantage of course is having an STP topology
that blocks links and requires additional troubleshooting.

With Catalyst 6500 as the Dist switch there is of course the option to use
VSS, which will result in no STP blocking links from the access switch, you
can have the same VLAN at any access switch, and fast convergence without
sub second timers.

Cheers,

Brad Hedlund
bhedlund at cisco.com
http://www.internetworkexpert.org