Cisco has defined a hierarchical model
known as the hierarchical internetworking model. This model simplifies the task
of building a reliable, scalable, and less expensive hierarchical internetwork
because rather than focusing on packet construction, it focuses on the three
functional areas, or layers, of your network:
Core layer: This layer is considered the backbone of the network and includes the high-end switches and high-speed cables such as fiber cables. This layer of the network does not route traffic at the LAN. In addition, no packet manipulation is done by devices in this layer. Rather, this layer is concerned with speed and ensures reliable delivery of packets.
Distribution layer: This layer includes LAN-based routers and layer 3switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer.
Access layer: This layer includes hubs and switches. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers.
This figure displays the three layers of the Cisco hierarchical model.
Core layer: This layer is considered the backbone of the network and includes the high-end switches and high-speed cables such as fiber cables. This layer of the network does not route traffic at the LAN. In addition, no packet manipulation is done by devices in this layer. Rather, this layer is concerned with speed and ensures reliable delivery of packets.
Distribution layer: This layer includes LAN-based routers and layer 3switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer.
Access layer: This layer includes hubs and switches. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers.
This figure displays the three layers of the Cisco hierarchical model.
When you implement these layers, each layer might comprise more than two devices or a single device might function across multiple layers.The benefits of the Cisco hierarchical model include:
- High Performance: You can design high performance networks, where only certain layers are susceptible to congestion.
- Efficient management & troubleshooting: Allows you to efficiently organize network management and isolate causes of network trouble.
- Policy creation: You can easily create policies and specify filters and rules.
- Scalability: You can grow the network easily by dividing your network into functional areas.
- Behavior prediction: When planning or managing a network, the model allows you determine what will happen to the network when new stresses are placed on it.
Core Layer
The core layer is responsible for fast and
reliable transportation of data across a network. The core layer is often known
as the backbone or foundation network because all other layers rely upon it.
Its purpose is to reduce the latency time in the delivery of packets. The
factors to be considered while designing devices to be used in the core layer
are:
At the core layer, efficiency is the key term. Fewer and faster systems create a more efficient backbone. There are various equipments available for the core layer. Examples of core layer Cisco equipment include:
- Cisco switches such as 7000, 7200, 7500, and 12000 (for WAN use)
- Catalyst switches such as 6000, 5000, and 4000 (for LAN use)
- T-1 and E-1 lines, Frame relay connections, ATM networks, Switched Multimegabit Data Service (SMDS)
Distribution Layer
The distribution layer is responsible for
routing. It also provides policy-based network connectivity, including:
- Packet filtering (firewalling): Processes packets and regulates the transmission of packets based on its source and destination information to create network borders.
- QoS: The router or layer 3 switches can read packets and prioritize delivery, based on policies you set.
- Access Layer Aggregation Point: The layer serves the aggregation point for the desktop layer switches.
- Control Broadcast and Multicast: The layer serves as the boundary for broadcast and multicast domains.
- Application Gateways: The layer allows you to create protocol gateways to and from different network architectures.
- The distribution layer also performs queuing and provides packet manipulation of the network traffic.
It is at this layer where you begin to
exert control over network transmissions, including what comes in and what goes
out of the network. You will also limit and create broadcast domains, create
virtual LANs, if necessary, and conduct various management tasks, including
obtaining route summaries. In a route summary, you consolidate traffic from
many subnets into a core network connection. In Cisco routers, the command to
obtain a routing summary is:
show ip route summary
You can determine how routers update each other's routing tables by choosing specific routing protocols.
Examples of Cisco-specific distribution layer equipment include 2600,4000, 4500 series routers
show ip route summary
You can determine how routers update each other's routing tables by choosing specific routing protocols.
Examples of Cisco-specific distribution layer equipment include 2600,4000, 4500 series routers
Access Layer
The access layer contains devices that
allow workgroups and users to use the services provided by the distribution and
core layers. In the access layer, you have the ability to expand or contract
collision domains using a repeater, hub, or standard switch. In regards to the
access layer, a switch is not a high-powered device, such as those found at the
core layer.
Rather, a switch is an advanced version of
a hub.
A collision domain describes a portion of an Ethernet network at layer 1 of the OSI model where any communication sent by a node can be sensed by any other node on the network. This is different from a broadcast domain which describes any part of a network at layer 2 or 3 of the OSI model where a node can broadcast to any node on the network.
At the access layer, you can:
A collision domain describes a portion of an Ethernet network at layer 1 of the OSI model where any communication sent by a node can be sensed by any other node on the network. This is different from a broadcast domain which describes any part of a network at layer 2 or 3 of the OSI model where a node can broadcast to any node on the network.
At the access layer, you can:
- Enable MAC address filtering: It is possible to program a switch to allow only certain systems to access the connected LANs.
- Create separate collision domains: A switch can create separate collision domains for each connected node to improve performance.
- Share bandwidth: You can allow the same network connection to handle all data.
- Handle switch bandwidth: You can move data from one network to another to perform load balancing.
More Tips on Cisco Core, Distribution and Access, Reviews:
Most
logical architectures for routing and switching are based around a system
whereby three sets of functions are abstracted logically from one another. A
common one is Core, Distribution and Access. These are often thought of as
layers.
For a
quick refresher, in this system, the Access layer is responsible for connecting
devices to the network. Its defining characteristics generally revolve around
either high port density or the ability to overcome physical "last
mile" type challenges, like wireless 802.11, or remote access via modems
or VPN.
The
Distribution layer is where policies are applied. It's where access-lists, or
QoS, and CPU-intensive routing decisions should occur (as opposed to just a
default route or default gateway). Distribution layer designs usually focus on
aggregating Access devices into boxes with significant processing resources so
that policies can be applied.
Finally,
the Core is the "backbone." Its job is simply to move packets
from point A to point B as fast as possible and with the least possible
manipulation.
This
academic model is probably familiar to most SearchNetworking readers, but in
practice, there is much debate about how to translate these logical roles and
responsibilities into physical boxes. For instance, in your network, when does
it make sense to collapse the Distribution and Access functions into the same
box, while the Core is a separate box? Or vice versa, when would it make sense
to collapse the Core and Distribution into one box, while leaving the Access
layer separate? Or perhaps all three deserve their own boxes? Or all three
could be implemented on the same box.
The
answer is "it depends" on what you need to do. That is, what are your
requirements?
When you
start to design a network, you should get a list of requirements which will
include such things as "availability", and "security" and
of course, a budget. As an example, your network may require that certain
servers always be able to communicate with each other. If they share Access
equipment, then having that hardware separated from the Distribution layer,
means that you can do maintenance on the Core and Distribution boxes without
disrupting these servers. If your Access and Distribution are combined into a
single switch, you can't make changes without a fuss.
Conversely,
you need to compare the amount of data you plan to transport across your
backbone with the types of policies you plan to implement. If your plan
includes few access-control lists, and no traffic-specific routing decisions (e.g. to give preferential treatment to
something like VoIP), and you don't have a lot of data, then you can save
some money by combining layers into a single device (usually at least two for
redundancy, of course). But if you have a large amount of data to transport, or
complex policies to implement, then it may be worth the dollars to separate
those features.
However,
you should realize that this decision is rarely based on hardware constraints,
because most modern network platforms are capable of providing all three
layers, at very high performance. Because of this, many argue that separate
hardware adds points of failure and wastes money. But, you should consider
things like what administrative groups will be supporting each function, and
what additional features are available. For instance, if you need to add a
service like IP telephony services or intrusion detection, does your decision
still make sense?
Generally
speaking, separating all three layers into different hardware is the most
flexible and most expensive option. The real question then is, how much is
flexibility worth? I hate to invoke a phrase like "total cost of
ownership," but if you look at the big picture, I think you'll find that
separating these functions justifies the cost of extra hardware in most
circumstances.
Rs from http://searchnetworking.techtarget.com/tutorial/The-Cisco-three-layered-hierarchical-model
More
Related Cisco Network Topics: