Module 2: Switches

Objectives:
 Four major goals of LAN design
 Steps in systematic LAN design
 Three-layer design model
 List Cisco three-layer switches and their features

LAN Design

LAN Design Goals

 Design goals in most network include:
 Functionality
 Scalability
 Adaptability
 Manageability

LAN Design Goals: Functionality

 The network must work.
 It must allow users to meet their job requirements.
 The network must provide user-to-user and user-to-application connectivity with reasonable speed and reliability.

LAN Design Goals: Scalability

 The network must be able to grow.
 The initial design should grow without any major changes to the overall design.

LAN Design Goals: Adaptability

 The network must be designed with an eye toward future technologies.
 It should include no element that would limit implementation of new technologies as they become available.

LAN Design Goals: Manageability

 The network should be designed to facilitate network monitoring and management to ensure ongoing stability of
operation.

LAN design considerations

 To maximize available LAN bandwidth and performance, the following LAN design considerations must be
addressed:
 The function and placement of servers
 Collision detection issues
 Segmentation issues
 Broadcast domain issues

The function and placement of servers

 Servers provide network services such as: file sharing, printing, communication, and application services.
 Each server is dedicated to one function, such as email or file sharing.
 Servers can be categorized into two distinct classes:
 Enterprise servers
 Supports all the users on the network (such as e-mail or DNS).
 Should be placed in the main distribution facility (MDF).
 Workgroup servers
 Supports a specific set of users.
  Should be placed in the intermediate distribution facility (IDF) closest to the users accessing
them.
Server placement

Bandwidth Domain
 A bandwidth domain is associated with one port on a bridge or switch.
 In the case of an Ethernet switch, a bandwidth domain is also known as a collision domain.

Systematic steps
1. Gathering the users' requirements and expectations
2. Analyzing requirements
3. Designing the Layer 1, 2, and 3 LAN structure (that is, topology)
4. Documenting the logical and physical network implementation

Availability requirements
 Availability measures the usefulness of the network. Factors that may affect availability:
 Throughput
 Response time
  Access to resources
 Every customer may have a distinct definition of availability.
Analyzing requirements
 The next step in designing a network is to analyze the requirements of the network and its users.
 Network user needs constant change, the necessity to increase network bandwidth grows too.

Develop LAN topology

 LAN topology design can be broken into the following three unique categories of the OSI reference model:
 Network layer
 Data link layer
 Physical layer

LAN topology

Documentation
 The final step in LAN design methodology is to document the physical and logical topology of the network.
 Important LAN design documentation includes the following:
 OSI layer topology map
 LAN logical map
 LAN physical map
 Cut sheets
 VLAN logical map
 Layer 3 logical map
 Addressing maps

Layer1 design goals

 Choose cable type.
 Identify work area and HCC.
 Identify MDF, IDF, HCC, VCC and POP.
 Choose Ethernet or Fast Ethernet.
 Documentation and physical diagrams.

Logical diagram
 The logical diagram is the basic road map of the LAN including the following elements:
 Specify the locations and identification of the MDF and IDF wiring closets.
 Document the type and quantity of cabling used to interconnect the IDFs with the MDF.
 Document how many spare cables are available for increasing the bandwidth between the wiring closets.
  Provide detailed documentation of all cable runs, the identification numbers, and the port the run is
terminated on at the HCC (horizontal cross-connect) or VCC.
Typical MDF in star topology

MDF and IDF

HCC and VCC

Example: Wiring closet location

Example: Rack layout & cable run (to print 27 -13/26)

Example: Logical Diagram

Example: Cable documentation

Common Layer 2 devices

 Layer 2 devices provide: flow control, error detection, error correction, and congestion reduction in the network.
 Layer 2 devices determine the size of the collision domains and broadcast domains.
 The two most common Layer 2 devices are bridges and LAN switches.

Layer 2 switch
Using router
 Allows for segmentation of the LAN into unique physical and logical networks.
 Allow for connectivity to wide-area networks (WANs), such as the Internet.
 Determines traffic flow between unique physical network segments based on Layer 3 addressing.
 Stops broadcasts from reaching other LAN segments.

VLAN and broadcast domains

 By using VLANs, you can:
 limit broadcast traffic to within a VLAN and thus create smaller broadcast domains.
 provide security by creating the VLAN groups according to function.

VLAN communication

VLAN implementation
Diagramming a LAN that uses routers

Documentation: Logical network MAP

LAN Switches

LAN design model

 Network designs tend to follow one of two general strategies: mesh or hierarchical.
 In a mesh structure, the network topology is flat, all routers perform essentially the same functions.
 In a hierarchical structure the network is organized in layers, each of which performs one or more specific
functions.

Hierarchical model
  The construction of a LAN that satisfies the needs of both medium and large-sized organizations is more likely
to be successful if a hierarchical design model is used.
 The use of a hierarchical design model will make it easier to make changes to the network as the organization
grows.

Three layer design

 The hierarchical design model includes the following three layers:
 The access layer provides users in workgroups access to the network.
 The distribution layer provides policy-based connectivity.
 The core layer provides optimal transport between sites. The core layer is often referred to as the
backbone.

Three layer design

Access Layer Overview

 The access layer is the entry point for user workstations and servers to the network.
 In a campus LAN the device used at the access layer can be a switch or a hub.
 Access layer functions also include MAC layer filtering and microsegmentation, VLAN membership.

Access Layer
Common access layer switches
 Access layer switches operate at Layer 2 and should
be low cost and high port density.
 The following Cisco switches are commonly used at
the access layer:
 Catalyst 1900 series
 Catalyst 2820 series
 Catalyst 2950 series
 Catalyst 4000 series
 Catalyst 5000 series

Distribution layer overview

 It helps to define and separate the core.
 Policies can be applied and access control lists can filter packets.
 Isolates network problems to the workgroups in which they occur.
 Aggregation of the wiring closet connections
 Broadcast/multicast domain definition
 Virtual LAN (VLAN) routing
 Any media transitions that need to occur
 Security

Distribution layer
Distribution layer switches
 The distribution layer switch must
have high performance.
 Switches in this layer are referred to
as multilayer switches.
 The following Cisco switches are
suitable for the distribution layer:
 Catalyst 2926G
 Catalyst 5000 family
 Catalyst 6000 family

Core layer overview

 The core layer is a high-speed switching backbone.
 If they do not have an associated router module, an external router is used for the Layer 3 function.
 Should not perform any packet manipulation (as ACL).
 Provided with redundant alternate paths gives stability to the network in the event of a single device failure.
 The core can be designed to use Layer 2 or Layer 3 switching. Asynchronous Transfer Mode (ATM) or Ethernet
switches can be used.

Core layer

Core layer switches

• The following Cisco switches are suitable for the
core layer:
 Catalyst 6500 series
 Catalyst 8500
series
 IGX 8400 series
 Lightstream 1010

Summary
• The four major goals of LAN design The steps in systematic LAN design
• Design issues associated with Layers 1, 2, 3
• The three-layer design model
• The functions of each layer in the three-layer model
• Cisco access layer switches and their features
• Cisco distribution layer switches and their features
• Cisco core layer switches and their features
Note: Please read the modules and understand first the diagram before you answer the assessment.
If necessary you can research in internet to understand the topic.

Introduction to Virtual LAN (VLAN)

Topic 1.1: VLAN Overview

 A virtual LAN, or VLAN, is a group of computers, network printers, network servers, and other network
devices that behave as if they were connected to a single network.
 In its basic form, a VLAN is a broadcast domain. The difference between a traditional broadcast domain
and one defined by a
 VLAN is that a broadcast domain is seen as a distinct physical entity with a router on its boundary.
VLANs are similar to
 broadcast domains because their boundaries are also defined by a router. However, a VLAN is a
logical topology, meaning that
 the VLAN hosts are not grouped within the physical confines of a traditional broadcast domain, such as
an Ethernet LAN.
 If a network is created using hubs, a single large broadcast domain results, as illustrated in Figure 2-1.

Figure 2-1 Two Broadcast Domains Connected Across a WAN

 Because all devices within the broadcast domain see traffic from all other devices within the
domain, the network can become congested. Broadcasts are stopped only at the router, at the
edge of the broadcast domain, before traffic is sent across the wide-area network (WAN)
cloud.
 If the network hubs are replaced with switches, you can create VLANs within the existing

 physical network, as illustrated in Figure 2-2.

 Figure 2-2 Two VLAN Connected Across a WAN

 When a VLAN is implemented, its logical topology is independent of the physical topology,
such as the LAN wiring. Each host on the LAN can be assigned a VLAN identification number
(ID), and hosts with the same VLAN ID behave and work as though they are on the same
physical network. This means the VLAN traffic is isolated from other traffic, and therefore all
communications remain within the VLAN. The VLAN ID assignment made by the switches can
be managed remotely with the right network management software.
 Depending on the type of switching technology used, VLAN switches can function in different
ways; VLANs can be switched at the data link (Open System Interconnection OSI model Layer
2) or the network layer (OSI model Layer 3). The main advantage of using a VLAN is that
users can be grouped together according to their network communications requirements,
regardless of their physical locations, although some limitations apply to the number of nodes
per VLAN (500 nodes). This segmentation and isolation of network traffic helps reduce
unnecessary traffic, resulting in better network performance because segmentation and
isolation of network traffic helps reduce unnecessary traffic, resulting in better network
performance because the network is not flooded. Don't take this advantage lightly, because
VLAN configuration takes considerable planning and work to implement; however, almost any
network manager will tell you it is worth the time and energy.
 An end node can be assigned to a VLAN by inspecting its Layer 3 address, but a broadcast
domain is a Layer 2 function. If a VLAN is switched based on Layer 3 addressing, it is in
essence routed. There are two basic differences between routing and switching: First, the
decision of forwarding is performed by the application-specific integrated circuit (ASIC) at the
port level for switching versus the reduced instruction set circuit (RISC) or main processor for
routing; second, the information used to make the decision is located at a different part of the
data transfer (packet versus frame).
Topic 1.2: VLAN Topology
 VLANs can best be defined as a group of devices on either the same or different physical LAN
segments, interacting with each if they are on the physical LAN segment.
 Suppose, for instance, that you work in a two-floor office building and each floor has a LAN
switch providing network connectivity to every computer on that floor. The first floor is
supported by Switch 1, and the second floor is supported by Switch 2. On each floor of this
building, there is also a marketing staff and an engineering staff. Because of office real estate,
people are sitting wherever an open desk can be found.
 It is safe to say that the marketing and engineering departments have different jobs and
therefore different network requirements. However, the fact that these two departments have
different network requirements does not mean they cannot share the same network. Figure 2-3
illustrates how using VLANs provides virtual dedicated network resources to the marketing
(VLAN 1) and engineering (VLAN 2) departments, while using the same physical network
infrastructure.

Figure 2-3 VLAN 1 and VLAN 2

 If we assign all the marketing staff on the first floor (Switch 1, ports 1 and 2) and all the
marketing staff on the second floor (Switch 2, ports 4, 5, 6, and 7) to a single VLAN (VLAN 1),
they can share resources and bandwidth as if they were connected to the same physical
network segment. Similarly, if we assign all the first-floor engineering staff (Switch 1, ports 3, 4,
5, 6, 7, and 8) and the engineering staff on the second floor (Switch 2, ports 1, 2, 3, and 8), we
create VLAN 2 for the engineering staff, providing the same illusion of physical connectivity
provided to the marketing staff by VLAN 1.
  It is important to remember that members of one VLAN cannot share the resources of any
other VLAN without some sort of routing mechanism, such as a router or Layer 3 switch. For a
member of the marketing staff in VLAN 1 to share resources with the engineering VLAN (VLAN
2), a router or a Layer 3 switch must be in place.
 (Note) Communication between VLANs can occur only if there is a router or a Layer 3 switch in
place enabling such connectivity. Switches with VLAN capability can create the same division
of the network into separate LANs or broadcast domains and is similar to color coding your
switch ports. In Figure 8-4, ports in the light gray area can communicate with other ports in the
light gray area, and ports in the dark gray area can communicate with the other ports in the
dark gray area.

Week 3 and week 4 Assessment Activities ( due on October 9, 2020)

1. Discuss how to design and configure switches. Make a sample design on how to configure
switches.

2. Give and Explain the different network and port security rules.

Week 5 Assessment Activities ( due on October 16, 2020)

1. Give at least 2 samples of VLAN where it can used and make a diagram and explain its
function
2. Make a simple presentation about VLAN ( by group)

Note: Please read the modules and understand first the diagram before you answer the assessment. If necessary you can
research in internet to understand the topic.