Lectures Top-Down Network Design - Chapter 5: Designing a Network Topology

Nội dung text: Lectures Top-Down Network Design - Chapter 5: Designing a Network Topology

1. Top-Down Network Design, Ch. 5: Designing a Network Topology Top-DNtkDiDown Network Design Chapter Five Designing a Network Topology Copyright 2010 Cisco Press & Priscilla Oppenheimer Topology • A branch of mathematics concerned with those properties of geometric configurations that are unaltered by elastic deformations such as stretching or twisting • A term used in the computer networking field to describe the structure of a network Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 1
2. Top-Down Network Design, Ch. 5: Designing a Network Topology Network Topology Design Themes • Hierarchy • Redundancy • Modularity • Well-defined entries and exits • Protected perimeters Why Use a Hierarchical Model? • Reduces workload on network devices – Avoids devices having to communicate with too many other devices (reduces “CPU adjacencies”) • Constrains broadcast domains • Enhances simplicity and understanding • Facilitates changes • Facilitates scaling to a larger size Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 2
3. Top-Down Network Design, Ch. 5: Designing a Network Topology Hierarchical Network Design Enterprise WAN Backbone Core Layer Campus A Campus B Campus C Distribution Campus C Backbone Layer Access Layer Building C-1 Building C-2 Cisco’s Hierarchical Design Model • A core layer of high-end routers and switch es that are opti m ize d for ava ila bility and speed • A distribution layer of routers and switches that implement policies and segment traffic • An access layer that connects users via hubs, switches, and other devices Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 3
4. Top-Down Network Design, Ch. 5: Designing a Network Topology Flat Versus Hierarchy Headquarters in Medford Headquarters in Grants Pass Medford Branch Office Klamath Falls Ashland Grants Pass Klamath Falls Ashland White City Branch Office Branch Branch Branch Office Branch Branch Office Office Office Office Flat Loop Topology Hierarchical Redundant Topology Mesh Designs Partial-Mesh Topology Full-Mesh Topology Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 4
5. Top-Down Network Design, Ch. 5: Designing a Network Topology A Partial-Mesh Hierarchical Design Headquarters (Core Layer) Regional Offices (Distribution Layer) Branch Offices (Access Layer) A Hub-and-Spoke Hierarchical Topology Corporate Headquarters Branch OfficeHome Office Branch Office Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 5
6. Top-Down Network Design, Ch. 5: Designing a Network Topology Avoid Chains and Backdoors Core Layer Distribution Layer ALAccess Layer Backdoor Chain How Do You Know When You Have a Good Design? • When you already know how to add a new building, floor, WAN link, remote site, e- commerce service, and so on • When new additions cause only local change, to the directly-connected devices • When your network can double or triple in size without major design changes • When troubleshooting is easy because there are no complex protocol interactions to wrap your brain around Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 6
7. Top-Down Network Design, Ch. 5: Designing a Network Topology Cisco’s SAFE Security Reference Architecture Campus Topology Design • Use a hierarchical, modular approach • Minimize the size of bandwidth domains • Minimize the size of broadcast domains • Provide redundancy – Mirrored servers – Multiple ways for workstations to reach a router for off-net communications Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 7
8. Top-Down Network Design, Ch. 5: Designing a Network Topology A Simple Campus Redundant Design Host A LAN X Switch 1 Switch 2 LAN Y Host B Bridges and Switches use Spanning- Tree Protocol (STP) to Avoid Loops Host A LAN X Switch 1X Switch 2 LAN Y Host B Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 8
9. Top-Down Network Design, Ch. 5: Designing a Network Topology Bridges (Switches) Running STP • Participate with other bridges in the election of a single bridge as the Root Bridge. • Calculate the distance of the shortest path to the Root Bridge and choose a port (known as the Root Port) that provides the shortest path to the Root Bridge. • For each LAN segment, elect a Designated Bridge and a Designated Port on that bridge. The Designated Port is a port on the LAN segment that is closest to the Root Bridge. (All ports on the Root Bridge are Designated Ports.) • Select bridge ports to be included in the spanning tree. The ports selected are the Root Ports and Designated Ports. These ports forward traffic. Other ports block traffic. Elect a Root Lowest Bridge ID Bridge A ID = Wins! 80.00.00.00.0C.AA.AA.AA Root Bridge A Port 1 Port 2 LAN Segment 1 LAN Segment 2 100-Mbps Ethernet 100-Mbps Ethernet Cost = 19 Cost = 19 Port 1 Port 1 Bridge B Bridge C Port 2 Port 2 Bridge B ID = Bridge C ID = 80.00.00.00.0C.BB.BB.BB 80.00.00.00.0C.CC.CC.CC LAN Segment 3 100-Mbps Ethernet Cost = 19 Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 9
10. Top-Down Network Design, Ch. 5: Designing a Network Topology Determine Root Ports Bridge A ID = 80.00.00.00.0C.AA.AA.AA Root Bridge A Lowest Cost Wins! Port 1 Port 2 LAN Segment 1 LAN Segment 2 100-Mbps Ethernet 100-Mbps Ethernet Cost = 19 Cost = 19 Root Port Root Port Port 1 Port 1 Bridge B Bridge C Port 2 Port 2 Bridge B ID = Bridge C ID = 80.00.00.00.0C.BB.BB.BB 80.00.00.00.0C.CC.CC.CC LAN Segment 3 100-Mbps Ethernet Cost = 19 Determine Designated Ports Bridge A ID = 80.00.00.00.0C.AA.AA.AA Root Bridge A Designated Port Designated Port Port 1 Port 2 LAN Segment 1 LAN Segment 2 100-Mbps Ethernet 100-Mbps Ethernet Cost = 19 Cost = 19 Root Port Root Port Port 1 Port 1 Bridge B Bridge C Port 2 Port 2 Bridge B ID = Bridge C ID = 80.00.00.00.0C.BB.BB.BB 80.00.00.00.0C.CC.CC.CC LAN Segment 3 Designated Port 100-Mbps Ethernet Lowest Bridge ID Cost = 19 Wins! Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 10
11. Top-Down Network Design, Ch. 5: Designing a Network Topology Prune Topology into a Tree! Bridge A ID = 80.00.00.00.0C.AA.AA.AA Root Bridge A Designated Port Designated Port Port 1 Port 2 LAN Segment 1 LAN Segment 2 100-Mbps Ethernet 100-Mbps Ethernet Cost = 19 Cost = 19 Root Port Root Port Port 1 Port 1 Bridge B Bridge C Port 2 Port 2 Bridge B ID = Bridge C ID = X 80.00.00.00.0C.BB.BB.BB 80.00.00.00.0C.CC.CC.CC LAN Segment 3 Designated Port Blocked Port 100-Mbps Ethernet Cost = 19 React to Changes Bridge A ID = 80.00.00.00.0C.AA.AA.AA Root Bridge A Designated Port Designated Port Port 1 Port 2 LAN Segment 1 LAN Segment 2 Root Port Root Port Port 1 Port 1 Bridge B Bridge C Port 2 Port 2 Bridge B ID = Bridge C ID = 80.00.00.00.0C.BB.BB.BB 80.00.00.00.0C.CC.CC.CC Designated Port Becomes LAN Segment 3 Blocked Port Transitions to Disabled Forwarding State Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 11
12. Top-Down Network Design, Ch. 5: Designing a Network Topology Scaling the Spanning Tree Protocol • Keep the switched network small – It shouldn’t span more than seven switches • Use BPDU skew detection on Cisco switches • Use IEEE 802.1w – Provides rappgid reconfiguration of the spanning tree – Also known as RSTP Virtual LANs (VLANs) • An emulation of a standard LAN that allows data transfer to take place without the traditional physical restraints placed on a network • A set of devices that belong to an administrative ggproup • Designers use VLANs to constrain broadcast traffic Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 12
13. Top-Down Network Design, Ch. 5: Designing a Network Topology VLANs versus Real LANs Switch A Switch B Station A1 Station A2 Station A3 Station B1 Station B2 Station B3 Network A Network B A Switch with VLANs VLAN A Station A1 Station A2 Station A3 Station B1 Station B2 Station B3 VLAN B Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 13
14. Top-Down Network Design, Ch. 5: Designing a Network Topology VLANs Span Switches VLAN A VLAN A Station A1 Station A2 Station A3 Station A4 Station A5 Station A6 Switch A Switch B Station B1 Station B2 Station B3 Station B4 Station B5 Station B6 VLAN B VLAN B WLANs and VLANs • A wireless LAN (WLAN) is often implemented as a VLAN • Facilitates roaming • Users remain in the same VLAN and IP subnet as they roam, so there’s no need to change addressing information • Also makes it easier to set up filters (access control lists) to protect the wired network from wireless users Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 14
15. Top-Down Network Design, Ch. 5: Designing a Network Topology Workstation-to-Router Communication • Proxy ARP (not a good idea) • Listen for route advertisements (not a great idea either) • ICMP router solicitations (not widely used) • Default gateway provided by DHCP (better idea but no redundancy) – Use Hot Standby Router Protocol (HSRP) for redundancy HSRP Active Router Enterprise Internetwork Virtual Router Workstation Standby Router Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 15
16. Top-Down Network Design, Ch. 5: Designing a Network Topology Multihoming the Internet Connection ISP 1 ISP 1 Enterprise ParisEnterprise NY Option A Option C ISP 1 ISP 2 ISP 1 ISP 2 Enterprise Paris Enterprise NY Option B Option D Security Topologies DMZ Enterprise Internet Network We b, File, DNS , M ail S ervers Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 16
17. Top-Down Network Design, Ch. 5: Designing a Network Topology Security Topologies Internet Firewall DMZ Enterprise Network Web, File, DNS, Mail Servers Summary • Use a systematic, top-down approach • Plan the logical design before the physical design • Topology design should feature hierarchy, redundancy, modularity, and security Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 17
18. Top-Down Network Design, Ch. 5: Designing a Network Topology Review Questions • Why are hierarchy and modularity important for network designs? • What are the three layers of Cisco’s hierarchical network design? • What are the major components of Cisco’s enterprise composite network model? • What are the advantages and disadvantages of the various options for multihoming an Internet connection? Copyright 2004 Cisco Press & Priscilla Oppenheimer Page 18