Manualshelf

Design Guide

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 3750-48PS Switch
11121314151617181920
15
LAN Baseline Architecture Overview—Branch Office Network
OL-11333-01
Multilayered Branch Architecture
Figure 9 Trust Boundary
Distribution Layer
The distribution layer provides the following services:
High availability
Scalability
An aggregation point to deploy additional services if required
High Availability
Typically, high availability designs at the Layer 3 level or distribution level involve two switches running
HSRP. The topology for a traditional design is shown in
Figure 4. Although this has some advantages,
such as providing active-active distribution switches that share the load between two distribution
switches, the complexity of deployment and troubleshooting in this design is worth considering.
High availability design ensures network availability under failure conditions. High availability is
achieved by providing redundant links and backup devices. High availability design also means
additional complexity in the design to address failover and convergence. In a branch network, more often
the cost is also a contributing factor for design considerations. High availability in the branch networks
can be achieved by avoiding dual homing of access layer switches to the distribution active and backup
switches, and thereby avoiding spanning tree and the problems associated with troubleshooting and
convergence. The loop-free topology can be achieved in three ways:
Using a chassis-based switch, such as a Catalyst 4500 with redundant supervisor and redundant
power supplies, to protect against device and power failure; and using EtherChannels/Link
Aggregation Control Protocol (LACP)/Port Aggregation Protocol (PAgP) between the distribution
and the access layers.
Using an external stackable switch at the distribution to protect against device failure, and using
EtherChannels to protect against link failure between the distribution and the access layers.
Using an EtherSwitch Services Module for the ISR.
Figure 10 shows the options using external distribution switches.
Server Farm
Partially trusted device
Untrusted Device
Voice VLAN
Data VLAN
Trusted Device
180059
IP
To Core or
Branch Edge
Distribution
Layer
Access
Layer
Trust Boundary
Permit or Mark QoS