Manualshelf

Design Guide

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 3750-48PS Switch
12345678910
3
LAN Baseline Architecture Overview—Branch Office Network
OL-11333-01
Multilayered Branch Architecture
Multilayered Branch Architecture
Typically, the branch LAN infrastructure is logically similar to the campus LAN infrastructure.
However, because of the differences in scalability, high availability, manageability, and cost
considerations, the network devices deployed can be different in branch and campus environments. Even
when some of the low-end devices that are used in both branch and campus LAN environments are the
same, the devices upstream that aggregate the traffic are different, and the ways in which the network is
designed to accommodate the branch requirements are significantly different from the campus LAN
environment.
The following are the main design criteria for designing a branch office LAN:
High availability—A redundant path should be provided for the traffic in case of device or link
failure.
Scalability—The architecture should accommodate the addition of more users and services without
major changes to the infrastructure.
Security—The network should be secure to exclude unauthorized users and prevent malicious
attacks.
Manageability—The network should be simple to deploy, troubleshoot, and manage without
compromising high availability, security, and scalability.
Multilayered architecture provides several strengths. The layers are clearly defined, providing
modularity; each device in a layer performs the same function, thereby making the configuration simpler
in a modular design. The multilayered design also makes it easier to troubleshoot network problems, and
provides scalability and high availability. Specifically, with a limited number of Layer 2 versus Layer 3
ports available on the router, the multilayered architecture provides support for more users, and also
helps in providing a good integration point with the edge router. The multilayered architecture also
provides traffic separation between layers and reduces CPU utilization on the router; for example, by
transferring some of the functions from the edge to the distribution, the CPU on the router is freed from
performing those functions. If required, this architecture also provides an integration point for various
technologies without the need to redesign.
The benefits of multilayered architecture can be summarized as follows:
Simplifies configuration
Provides modularity
Facilitates troubleshooting
Scales well
Provides traffic separation
Provides CPU load sharing
Provides a hook to add additional services without having to redesign the network
A multilayered branch LAN architecture can be divided into the following layers:
Access layer—Provides connectivity to end users, either via wireless or wired network. L2 security,
authentication, and wireless services are also addressed at this layer.
Distribution layer—Provides DHCP, routing, and policy-based routing (PBR) while migrating to
advanced services such as segmentation or guest access.
Edge layer—Provides WAN, firewall, intrusion protection system (IPS), voice services, L3-type
traffic and an exit point to the rest of the network. Only integration to the edge layer is discussed in
this design guide.