Tuesday, April 29, 2014

The Cisco Three-layered Hierarchical Model Overview and Related

Cisco has defined a hierarchical model known as the hierarchical internetworking model. This model simplifies the task of building a reliable, scalable, and less expensive hierarchical internetwork because rather than focusing on packet construction, it focuses on the three functional areas, or layers, of your network:
Core layer: This layer is considered the backbone of the network and includes the high-end switches and high-speed cables such as fiber cables. This layer of the network does not route traffic at the LAN. In addition, no packet manipulation is done by devices in this layer. Rather, this layer is concerned with speed and ensures reliable delivery of packets.

Distribution layer: This layer includes LAN-based routers and layer 3switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer.

Access layer: This layer includes hubs and switches. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers.

This figure displays the three layers of the Cisco hierarchical model.

When you implement these layers, each layer might comprise more than two devices or a single device might function across multiple layers.The benefits of the Cisco hierarchical model include:
  • High Performance: You can design high performance networks, where only certain layers are susceptible to congestion.
  • Efficient management & troubleshooting: Allows you to efficiently organize network management and isolate causes of network trouble.
  • Policy creation: You can easily create policies and specify filters and rules.
  • Scalability: You can grow the network easily by dividing your network into functional areas.
  • Behavior prediction: When planning or managing a network, the model allows you determine what will happen to the network when new stresses are placed on it.
Core Layer
The core layer is responsible for fast and reliable transportation of data across a network. The core layer is often known as the backbone or foundation network because all other layers rely upon it. Its purpose is to reduce the latency time in the delivery of packets. The factors to be considered while designing devices to be used in the core layer are:

At the core layer, efficiency is the key term. Fewer and faster systems create a more efficient backbone. There are various equipments available for the core layer. Examples of core layer Cisco equipment include:
  •  Cisco switches such as 7000, 7200, 7500, and 12000 (for WAN use)
  •  Catalyst switches such as 6000, 5000, and 4000 (for LAN use)
  •  T-1 and E-1 lines, Frame relay connections, ATM networks, Switched Multimegabit Data Service (SMDS)
Distribution Layer
The distribution layer is responsible for routing. It also provides policy-based network connectivity, including:
  • Packet filtering (firewalling): Processes packets and regulates the transmission of packets based on its source and destination information to create network borders.
  • QoS: The router or layer 3 switches can read packets and prioritize delivery, based on policies you set.
  • Access Layer Aggregation Point: The layer serves the aggregation point for the desktop layer switches.
  • Control Broadcast and Multicast: The layer serves as the boundary for broadcast and multicast domains.
  • Application Gateways: The layer allows you to create protocol gateways to and from different network architectures.
  • The distribution layer also performs queuing and provides packet manipulation of the network traffic.
It is at this layer where you begin to exert control over network transmissions, including what comes in and what goes out of the network. You will also limit and create broadcast domains, create virtual LANs, if necessary, and conduct various management tasks, including obtaining route summaries. In a route summary, you consolidate traffic from many subnets into a core network connection. In Cisco routers, the command to obtain a routing summary is:

show ip route summary

You can determine how routers update each other's routing tables by choosing specific routing protocols.

Examples of Cisco-specific distribution layer equipment include 2600,4000, 4500 series routers

Access Layer
The access layer contains devices that allow workgroups and users to use the services provided by the distribution and core layers. In the access layer, you have the ability to expand or contract collision domains using a repeater, hub, or standard switch. In regards to the access layer, a switch is not a high-powered device, such as those found at the core layer.

Rather, a switch is an advanced version of a hub.

A collision domain describes a portion of an Ethernet network at layer 1 of the OSI model where any communication sent by a node can be sensed by any other node on the network. This is different from a broadcast domain which describes any part of a network at layer 2 or 3 of the OSI model where a node can broadcast to any node on the network.

At the access layer, you can:
  • Enable MAC address filtering: It is possible to program a switch to allow only certain systems to access the connected LANs.
  • Create separate collision domains: A switch can create separate collision domains for each connected node to improve performance.
  • Share bandwidth: You can allow the same network connection to handle all data.
  • Handle switch bandwidth: You can move data from one network to another to perform load balancing.

More Tips on Cisco Core, Distribution and Access, Reviews:
Most logical architectures for routing and switching are based around a system whereby three sets of functions are abstracted logically from one another. A common one is Core, Distribution and Access. These are often thought of as layers.

For a quick refresher, in this system, the Access layer is responsible for connecting devices to the network. Its defining characteristics generally revolve around either high port density or the ability to overcome physical "last mile" type challenges, like wireless 802.11, or remote access via modems or VPN.

The Distribution layer is where policies are applied. It's where access-lists, or QoS, and CPU-intensive routing decisions should occur (as opposed to just a default route or default gateway). Distribution layer designs usually focus on aggregating Access devices into boxes with significant processing resources so that policies can be applied.

Finally, the Core is the "backbone." Its job is simply to move packets from point A to point B as fast as possible and with the least possible manipulation.

This academic model is probably familiar to most SearchNetworking readers, but in practice, there is much debate about how to translate these logical roles and responsibilities into physical boxes. For instance, in your network, when does it make sense to collapse the Distribution and Access functions into the same box, while the Core is a separate box? Or vice versa, when would it make sense to collapse the Core and Distribution into one box, while leaving the Access layer separate? Or perhaps all three deserve their own boxes? Or all three could be implemented on the same box.

The answer is "it depends" on what you need to do. That is, what are your requirements?

When you start to design a network, you should get a list of requirements which will include such things as "availability", and "security" and of course, a budget. As an example, your network may require that certain servers always be able to communicate with each other. If they share Access equipment, then having that hardware separated from the Distribution layer, means that you can do maintenance on the Core and Distribution boxes without disrupting these servers. If your Access and Distribution are combined into a single switch, you can't make changes without a fuss.

Conversely, you need to compare the amount of data you plan to transport across your backbone with the types of policies you plan to implement. If your plan includes few access-control lists, and no traffic-specific routing decisions (e.g. to give preferential treatment to something like VoIP), and you don't have a lot of data, then you can save some money by combining layers into a single device (usually at least two for redundancy, of course). But if you have a large amount of data to transport, or complex policies to implement, then it may be worth the dollars to separate those features.

However, you should realize that this decision is rarely based on hardware constraints, because most modern network platforms are capable of providing all three layers, at very high performance. Because of this, many argue that separate hardware adds points of failure and wastes money. But, you should consider things like what administrative groups will be supporting each function, and what additional features are available. For instance, if you need to add a service like IP telephony services or intrusion detection, does your decision still make sense?

Generally speaking, separating all three layers into different hardware is the most flexible and most expensive option. The real question then is, how much is flexibility worth? I hate to invoke a phrase like "total cost of ownership," but if you look at the big picture, I think you'll find that separating these functions justifies the cost of extra hardware in most circumstances.

Rs from http://searchnetworking.techtarget.com/tutorial/The-Cisco-three-layered-hierarchical-model

More Related Cisco Network Topics:

Friday, April 25, 2014

Cisco AP 700, Aironet 1600 Series for Small and Midsized Networks

Designed with rapidly evolving mobility needs in mind, Cisco offers several 802.11n-based access points for small and midsized networks. The Cisco Aironet 1600 Series is an entry-level access point with advanced features. With the Aironet 1600 Series, customers can modernize their network to handle today’s explosion of more clients, applications, and bandwidth demands. The Cisco Aironet 700 Series offers a compact dual-radio 802.11n access point ideal for value-minded customers.

Cisco Aironet 1600 Series: Enterprise Class
The Cisco Aironet 1600 Series is an entry-level, enterprise-class 802.11n-based access point designed to address the wireless connectivity needs of small and midsize enterprise networks.
With at least six times the throughput of existing 802.11a/g networks, the 1600 Series offers the performance advantage of 802.11n enterprise-class performance with 3 x 3 MIMO technology with two spatial streams
Cisco CleanAir Express* for proactive spectrum intelligence to address RF interference problems
Cisco ClientLink 2.0 for better downlink performance and range and longer battery life on mobile devices
The 1600 Series includes standard 802.3af Power over Ethernet (PoE)
The 1600i model has integrated antennas for typical office deployments
The 1600e model is for RF-challenging indoor environments and requires external dual-band antennas.

Cisco Aironet 700 Series
The Cisco Aironet 700 Series is a dual-radio 802.11n compact access point ideal for value-minded customers.
Simultaneous dual-band dual-radio 2.4-GHz and 5-GHz with 2 x 2 multiple-input multiple output (MIMO) technology with two spatial streams
Up to six times more capacity to support applications and clients than legacy 802.11a/b/g networks
Standard 802.3af PoE
The 702i model has integrated antennas for typical office and indoor deployments

Ease of Deployment with Cisco Network Assistant
For quick and easy setup of your Cisco Aironet 700 and 1600 Series access points, Cisco Network Assistant provides a centralized network view with a user-friendly GUI that simplifies configuration, management and troubleshooting. Using Cisco Network Assistant you can easily discover and initialize your network of stand-alone access points.

The Cisco Advantage
Cisco has true enterprise-class RF technology designed to maximize 802.11n performance. Cisco technologies such as Cisco CleanAir Express, Cisco ClientLink 2.0, and Cisco VideoStream, plus optimized access point radios and antennas, improve performance regardless of where client devices are located. All Cisco Aironet 802.11n access points support:
A limited lifetime hardware warranty
5- or 10-unit Eco-Pack bundles with a single, easy-to-open carton that streamlines the staging and installation process and reduces packaging waste by 50 percent

The benefits of deploying Cisco Aironet access points with a Cisco Unified Wireless Network extend from investment protection and future-proofing to better scalability and reliability of the enterprise network.

Cisco AP 700 Series vs. Cisco Aironet 1600 Series

Rs from

More Cisco Access Points Topics:

Monday, April 14, 2014

Discussion: Need Better 10 Gig Switch Solution

“I am looking for a switch solution that will connect 5 buildings together in a hub and spoke topology. We are using dark fiber to connect the buildings. I am looking for a switch that would have 2 SFP+ connections and 1 or 2 copper gig ports for the far end buildings. I also need a head end switch that would have 5 SFP+ ports and 1 or 2 copper gig ports. The connections will be layer 3 using OSPF or EIGRP between the buildings.”

“I have been looking at the 3750X and 3850X switches but really don't need all the copper ports. Any suggestions on what other switches are available that would do the job would be great.”

Need more info on this.  What you are asking if you want a core or distribution (aka distro) switch.  Can you tell me what switches you have at the far/remote end?

I mean the first thing that popped into my mind is the 6880X and 6800ia combo. The 6800ia is a "dumb" switch and needs a parent switch, in form of the 6880X or 6807X, to manage.

Another option would be the 4500X. This is a good option because you buy the additional ethernet modules you need.  Another option is the 4900M.

Be aware that the 4500X and the 4900M can do Layer 3 functions but not full MPLS.  They will only do VRF-lite.

The 6880X and 6807X will support full MPLS/VRF.

I guess the real question I have is what Cisco switch can do more than 4, SFP+ connections with some copper gig ports and still have layer 3 routing without going to a 4500X. Keeping the price somewhere in the 10,000.00 to 15,000.00 retail price range.

Hmmmmm ... How many SFP+ ports do you need? 3750X-12S or 3750X-24S can do up to two (2) SFP+. 

I was looking for 4 SFP+ ports. I found a 3850-48 that could have a total of 4 SFP+ ports. The 48copper ports are a little overkill but that would work.

It seems Cisco has a gap in its switch line for 10gig ports. To get 5 or more SFP+ ports you really don't have a choice other than multiple 3750X or 3850 switches or Nexus 2K or 4500X switches. 

It isn’t a gap.  It's by design.

No matter how many SFP+ ports a 3650 or 3850 the most basic question is this:  Can each switch really push a total of 40 Gbps?  The answer is no.

The later generation 3k switches specs generally have them as all wire-speed capable.  If you stack them, the stack, though, can become a bottleneck, especially with the 3650 series.
Are you concern buffering?  If so, I would agree.

To OP, realize there's differences between switches other than port speeds.  How data will transverse switch can be very important in selecting a switch.  For example, there's a reason 4948-10Gs are/were used in data centers and 3560X are not.  If you check their port bandwidths, fabric bandwidth, and device PPS capacity, they are about identical, and if you do a typical SmartBits tests, those results will likely be identical, but their real world capacity isn't identical.

Cisco 4500-X vs. Cisco 6800-X

Juniper EX4550
Cisco WS-C4500X

Example List prices
(32 port 1/10G SFP+ model)
(32-port 1/10G SFP+ model)
Bandwidth Gbps
960 Gbps
800 Gbps
Throughput Mpps
714 Mpps
250 Mpps
Max Stack/VC members
Max Bandwidth of stack
1.92 Tbps
1.6 Tbps
Port Densities
48 - 10G with expansion modules
400 - 10G in VC
40 - 10G with expansion modules
80 - 10G in VSS (Stack)

Starting off with the Cisco Catalyst 4500-X, this switch is available both 16 and 32 port versions with support for 10 Gigabit Ethernet (GbE) SFP and SFP+ interfaces.  Offering an 8-port 10GbE SFP+ removable uplink module, Cisco 4500-X switches can scale to up to 40 10GbE SFP/SFP+ ports.

When it comes to the Juniper EX4550 switch, this switch also offers 32 ports. However, the Juniper EX4550 can scale to 48 ports, which is 8 more ports than the Cisco 4500-X, by means of dual 8-port expansion modules. The Juniper EX4550 also offers both copper and fiber models, while the Cisco 4500-X only offers fiber compatibility.

The Cisco Catalyst 4500-X delivers up to 800 Gbps of switching capacity with up to 250 Mpps of throughput, and can scale up to 1.6Tbps with Virtual Switching System (VSS) technology. The Cisco 4500-X switch also offers Virtual Routing and Forwarding Lite (VRF-Lite) and Cisco Easy Virtual Networking (EVN) technologies.

Offering slightly better data rates and significantly better throughput than the Cisco 4500-X, the Juniper EX4550 offers 960 Gbps of switching capacity with up to 714 Mpps of throughput and can be scaled for up to 1.92 Tbps of switching capacity due to Juniper Virtual Chassis Technology. Juniper EX4550 switches also offer the advantage of the JUNOS OS, which we’ve previously found to have several advantages over the Cisco IOS.

More Cisco 4500-X and 6880 Series Switches:

Wednesday, April 9, 2014

Stacking Benefits & Stacking Rules

Cisco’s stackwise technology is pretty cool. You will get more benefits from stacking the switches from behind using their stackwise cables and software instead of your conventional daisy chaining of switches. What’s more important? Let’s check…

Stacking Benefits
  • 32G bandwidth–Cisco likes to advertise 64G of aggregate bandwidth. The keyword is “aggregate”. I find this very misleading because the stackwise cables function bi-directionally. This is where Cisco gets their 64G total speeds. However, when you purchase a 10/100 network card, it’s never advertised as 20/200 is it? The truth is, a 100Mbps card at full duplex technically gets you 200Mbps of available bandwidth. 100Mbps transmit and 100Mbps receive. In any event, all member switches have access to this available bandwidth.
  • Management – When stacked, all your member switches are seen as just one switch. From a management standpoint, this makes configuration easy. One management IP address and one configuration file. Instant access to all your member switches.
  • Cabling – Cleaner cabling since they stack from behind and would not interfere with any other cables you may have. So it is aesthetically pleasing.
  • 9 Member Switch capacity – You can stack up to nine switches in your stackwise switching fabric. This gives you much room for growth and 432 Ethernet 10/100/1000 ports with 18 10GbE ports.
  • Hot pluggable switches – You can remove and add switches while the stack is running. A working stack can accept new members or delete old ones without service interruption.
  • Stackwise Plus – Supports local switching with destination stripping. This allows traffic to stay off the stackwise fabric if the destination is already local to the switch.
Stacking Rules
What you should know and understand before stacking.
  • There are three main software feature sets: LAN Base, IP Base, IP Services
  • You cannot mix software feature sets. You cannot have some switches with LAN Base and some with IP Services for example.
  • The Cisco StackWise technology requires that all units in the stack run the same release of Cisco IOS Software.
  • A standalone switch is a switch stack with one stack member that also operates as the stack master.
  • Make sure that you power off the switches that you add to or remove from the switch stack. I have not found a clear reason for this, perhaps it’s to prevent any corruption of the stack. Obviously you can add or remove a switch during stack production.
  • A new, out-of-the-box switch (one that has not joined a switch stack or has not been manually assigned a stack member number) ships with a default stack member number of 1. When it joins a switch stack, its default stack member number changes to the lowest available member number in the stack.
  • If you manually change the stack member number, it only takes effect when you reset that specific member switch.
  • A higher priority value for a stack member increases its likelihood of being elected stack master and retaining its stack member number. The priority value can be 1 to 15. The default priority value is 1.
  • You can manually define the priority value for a stack member. I always like to define which switch is the MASTER.
  • The configuration that you create on the switch stack is called the provisioned configuration.
  • The switch that is added to the switch stack and that receives this configuration is called the provisioned switch.
  • Each software image includes a stack protocol version. In order to remain compatible, protocol versions should be similar.
  • Connecting to individual console ports on a member switch still talks to MASTER switch. 
Go to Stacking
Once your first switch has been turned on (you don’t need to have the stackwise cables plugged in yet), you can define this switch as the MASTER. To do that you need to go into configuration mode:
switch(config)# switch 1 priority 15
switch# copy run start
switch# reload
switch 1 indicates your current switch. All switches are switch 1 by default. Priority 15 is the highest you can set your switch which causes it to become the MASTER.

If you want your second switch to become the MASTER you can make it priority 14. If you only have two, then there’s no need to since the only remaining switch will become
MASTER by default if the original MASTER fails or goes offline.

Assuming you have at least two Cisco 3750′s, and connect them together in a criss-cross fashion.

Now you can turn on switch#2. You can console into switch#2 as it boots up so you can get an idea of when the bootup process has finished. Once it is done, issue this command:

This command will indicate your MASTER switch and switch#2 as just a member switch.

Stack Verification
How can we tell the stackwise cables were properly inserted?

Here you will see that the ring speed is 32G. If you read my “stacking benefits” further up, you will remember my gripe about this and why I think Cisco is misleading when they advertise 64G. Someone may be looking for 64G as the ring speed and wonder if their setup is incorrect.

LED lights–You can physically verify which switch is the MASTER by looking at the front panel LED lights. The MASTER LED light will be lit solid green.

Stack Notes:
Below are commands and miscellaneous notes that may be useful.
Enable mode commands
show switch = show member switches that have successfully been added to the stack and their priorities. Find which switch is the MASTER switch.
show switch detail = Provide port status of stackwise ports.
show switch stack-ring speed = stack ring status, configuration and protocol. What really matters here are the ring status and configuration.
reload slot <member switch number> = For example: reload slot 4 will only reboot the member switch that is switch#4.
remote command <member switch number> show version = You can specify output specifically for a member switch. If you want the IOS version of member switch#2 you would type: remote command 2 show version. Not every command is supported under “remote command”.
no switch <member switch number> provision = If you’ve removed a member switch physically from your stack, you should run this command to permanently remove it from the stack status when you issue the “show switch” command.
archive copy-sw = copies IOS from one switch to another.

Configuration Mode Commands
switch <switch number> priority <priority number>=Configures the priority for a particular switch. Priorities range from 1 – 15.
switch 1 renumber 2 = Reconfigures switch 1 as switch 2 and only takes effect after this switch reloads. You can use the “reload slot” command do this so you don’t have to reload the entire stack. But you cannot renumber to an already used switch#.

More Notes/ Miscellaneous Notes:
-Cisco recommends that you leave a blank module if your switch supports modules. If you leave it open, the switch will overheat due to airflow issues. Cisco sells blank modules if you don’t have one.
-Only power on/off switches after you already have the switch stacked. For example, if you’re adding a new switch to the stack, don’t have it powered on while you are connecting the stackwise cables. Connect the cables and then power on the new switch.

-archive copy-sw command–What does this command really do? It basically issues this command if you wanted to do it manually.
copy flash1: flashX (where X is your slot number from your member switch)

-Backup original IOS image–You can back up your original image before they become part of the stack. I ran into an issue with a corrupted image once and it was a bad experience. Issue a “show flash:” to find the location of your image. Then issue “copy flash: tftp:” to save it to your TFTP server. You can always use XMODEM to install the image if your switch can’t boot up.

-LED lights–Lights on the switch indicate who is MASTER.

-Once stacked, there are two types of levels: system-level and interface-level.

- Each stack has only one configuration file, which is distributed to each member in the stack. This allows each switch in the stack to share the same network topology, MAC address, and routing information. In addition, it allows for any member to become the master, if the master ever fails.

-A break in any one of the cables will result in the stack bandwidth being reduced to half of its full capacity. Subsecond timing mechanisms detect traffic problems and immediately institute failover.

More Related Cisco Stack Topics: