The Cisco Three-Layered Hierarchical Model

By SemSim.com http://www.mcmcse.com/cisco/guides/hierarchical_model.shtml Cisco has defined a hierarchical model known as the hierarchical internetworking model. This model simplifies the task of building a reliable, scalable, and less expensive hierarchical internetwork because rather than focusing on packet construction, it focuses on the three functional areas, or layers, of your network: Core layer: This layer is considered the backbone of the network and includes the high-end switches and high-speed cables such as fiber cables. This layer of the network does not route traffic at the LAN. In addition, no packet manipulation is done by devices in this layer. Rather, this layer is concerned with speed and ensures reliable delivery of packets. Distribution layer: This layer includes LAN-based routers and layer 3 switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer. Access layer: This layer includes hubs and switches. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers. Figure INT.2.1 displays the three layers of the Cisco hierarchical model.

When you implement these layers, each layer might comprise more than two devices or a single device might function across multiple layers.The benefits of the Cisco hierarchical model include:

High Performance: You can design high performance networks, where only certain layers are susceptible to congestion. Efficient management & troubleshooting: Allows you to efficiently organize network management and isolate causes of network trouble. Policy creation: You can easily create policies and specify filters and rules. Scalability: You can grow the network easily by dividing your network into functional areas.

Behavior prediction: When planning or managing a network, the model allows you determine what will happen to the network when new stresses are placed on it.

Core Layer The core layer is responsible for fast and reliable transportation of data across a network. The core layer is often known as the backbone or foundation network because all other layers rely upon it. Its purpose is to reduce the latency time in the delivery of packets. The factors to be considered while designing devices to be used in the core layer are:

High data transfer rate: Speed is important at the core layer. One way that core networks enable high data transfer rates is through load sharing, where traffic can travel through multiple network connections.

Low latency period: The core layer typically uses high-speed low latency circuits which only forward packets and do not enforcing policy.

High reliability: Multiple data paths ensure high network fault tolerance; if one path experiences a problem, then the device can quickly discover a new route.

At the core layer, efficiency is the key term. Fewer and faster systems create a more efficient backbone. There are various equipments available for the core layer. Examples of core layer Cisco equipment include: Cisco switches such as 7000, 7200, 7500, and 12000 (for WAN use) Catalyst switches such as 6000, 5000, and 4000 (for LAN use) T-1 and E-1 lines, Frame relay connections, ATM networks, Switched Multimegabit Data Service (SMDS) Distribution Layer The distribution layer is responsible for routing. It also provides policy-based network connectivity, including:

Packet filtering (firewalling): Processes packets and regulates the transmission of packets based on its source and destination information to create network borders. QoS: The router or layer 3 switches can read packets and prioritize delivery, based on policies you set. Access Layer Aggregation Point: The layer serves the aggregation point for the desktop layer switches. Control Broadcast and Multicast: The layer serves as the boundary for broadcast and multicast domains. Application Gateways: The layer allows you to create protocol gateways to and from different network architectures. The distribution layer also performs queuing and provides packet manipulation of the network traffic.

It is at this layer where you begin to exert control over network transmissions, including what comes in and what goes out of the network. You will also limit and create broadcast domains, create virtual LANs, if necessary, and conduct various management tasks, including obtaining route summaries. In a route summary, you consolidate traffic from many subnets into a core network connection. In Cisco routers, the command to obtain a routing summary is: show ip route summary

You can practice viewing routing information using a free CCNA exam router simulator available from SemSim.com. You can also determine how routers update each others routing tables by choosing specific routing protocols. Examples of Cisco-specific distribution layer equipment include 2600,4000, 4500 series routers Access Layer The access layer contains devices that allow workgroups and users to use the services provided by the distribution and core layers. In the access layer, you have the ability to expand or contract collision domains using a repeater, hub, or standard switch. In regards to the access layer, a switch is not a high-powered device, such as those found at the core layer. Rather, a switch is an advanced version of a hub. A collision domain describes a portion of an Ethernet network at layer 1 of the OSI model where any communication sent by a node can be sensed by any other node on the network. This is different from a broadcast domain which describes any part of a network at layer 2 or 3 of the OSI model where a node can broadcast to any node on the network. At the access layer, you can:

Enable MAC address filtering: It is possible to program a switch to allow only certain systems to access the connected LANs. Create separate collision domains: A switch can create separate collision domains for each connected node to improve performance. Share bandwidth: You can allow the same network connection to handle all data. Handle switch bandwidth: You can move data from one network to another to perform load balancing.

https://supportforums.cisco.com/thread/2061029 I have few questions:

1)What switches are commonly deployed as access layer switches?

2) what switches are commonly deployed as distribution layer switches?

3) what switches are commonly deployed as core layer switches?

Let's start with the easy ones ...

2975, 2960/2960S is definitely an access switch. It doesn't have the functionality or capability to be a distro or even a core switch. 2350/2360 is also an access switch for servers.

3560/3560E/3560X, 3750/3750E/3750X can be used as all three. Sup32 of the 6500 would be used for an access switch. Sup720 and the Sup2T can be used as either distribution or core switch.

For the legacy systems ... 2900/3500XL is access. 2940/2950/2955 is access. 2970 access switch. 3550 can be used as access and the 3508XL, 3550-12T or 12G can be used as a distribution switch. Sup1 and Sup2 distribution or core.

My rule of thumb is simple: If the model has a PoE then it's an access switch. If it has more than 6 SFP ports, then it's a distribution.

Did I miss anyone?

Over years of building network equipment, Cisco Systems has developed a three-layered model. Starting with the basics, the Cisco network is traditionally defined as a three-tier hierarchical model comprising the core, distribution, and access layers. Cisco both developed their system according to this model and recommend their end-users to follow the same philosophy. Cisco's three-layered model is a widely used network model, besides the OSI Layered Model and TCP/IP Layered Model[5]. Cisco also highlighted the importance of the Cisco three-layered model in its famous CCNA certifications.

Contents
[hide]

1 History 2 Description of Cisco layers o 2.1 Core layer o 2.2 Distribution layer o 2.3 Access layer 3 References

[edit] History
The Cisco three-layered model originates from the enterprise campus network [1] which has evolved over the last 20 years. Early LAN-based computer networks were made of a small number of simply connected servers, PCs and printers. The first generation of campus networks came into form by interconnecting these LANs. Problems in one area of the network frequently impacted the entire network and a failure in one part of the campus often affected the entire campus network. To address the above problems, Cisco borrowed the structured programming design principle from software engineering. Based on two complementary principles: hierarchy and modularity, large complex Cisco systems must be built using a set of modularized components that can be assembled in a hierarchical and structured manner. The hierarchy is Cisco's three-layered Model.

[edit] Description of Cisco layers

[edit] Core layer

The core layer is literally the internet backbone, the simplest yet most critical layer. The primary purpose of the core is to provide fault isolation and backbone connectivity; in other words, the core must be highly reliable and switch traffic as fast as possible. Therefore, on one hand, the core must provide the appropriate level of redundancy to allow fault tolerance in case of

hardware or software failure or upgrade; on the other hand, the high-end switches and high-speed cables are implemented to achieve High data transfer rate and Low latency period. The core means to be simple and provides a very limited set of services. Architects and engineers shouldn't implement complex policy services or attach user/server connections directly at this layer. Examples of core layer Cisco equipment include [2]:

Cisco switches such as 7000, 7200, 7500, and 12000 (for WAN use) Catalyst switches such as 6000, 5000, and 4000 (for LAN use) T-1 and E-1 lines, Frame relay connections, ATM networks, Switched Multimegabit Data Service (SMDS)

[edit] Distribution layer

The distribution layer acts as an interface between the access layer and the core layer. The primary function of the distribution layer is to provide routing, filtering, and WAN access and to determine how packets can access the core, if needed [3]. While core layer and access layer are special purpose layers[4], the distribution layer on the other hand serves multiple purposes. It is an aggregation point for all of the access layer switches and also participates in the core routing design. This layer includes LAN-based routers and OSI layer 3 switches. It ensures that packets are properly routed between subnets and VLANs.
[edit] Access layer

The access layer is sometimes referred to as the desktop layer. The network resources the workgroup and users needed will be available locally. The access layer is the edge of the entire network, where a wide variety of types of consumer devices such as PCs, printers, cameras attach to the wired portion of the network, various services are provided, and dynamic configuration mechanisms implemented. As a result, the access layer is most feature-rich layer of the Cisco three-layered model. The following table lists examples of the types of services and capabilities that need to be defined and supported in the access layer of the network.
Examples of Types of Service and Capabilities[1] Service Requirements Discovery and Configuration Services Service Features 802.1AF, CDP, LLDP, LLDP-MED

Security Services Network Identity and Access

IBNS (802.1X), (CISF): port security, DHCP snooping, DAI, IPSG 802.1X, MAB, Web-Auth

802.1X, MAB, Web-Auth QoS marking, policing, queuing, deep packet inspection NBAR, etc. Intelligent Network Control Services Physical Infrastructure Services PVST+, Rapid PVST+, EIGRP, OSPF, DTP, PAgP/LACP, UDLD, FlexLink, Portfast, UplinkFast, BackboneFast, LoopGuard, BPDUGuard, Port Security, RootGuard Power over Ethernet

[edit] References
[1] [2] [3] [4] [5]

1. 2. 3. 4. 5.

^ Cisco : Enterprise Campus 3.0 Architecture: Overview and Framework ^ The Cisco Three-Layered Hierarchical Model ^ Cisco Three Layer Hierarchical Model vs OSI ^ OSI & TCP-IP Tutorial ^ OSI Model v.s. TCP/IP Model v.s. Cisco 3 Layer Model

http://archive.networknewz.com/2004/0206.html By Dan DiNicolo This article focuses on another important network model, the Cisco hierarchical network design model. Very different that the OSI model, this model is used as the basis for designing Cisco networks for security and performance. The article provides an overview of the roles and responsibilities of each of the models 3 layers. While the OSI model is concerned with how different systems communicate over networks, the Cisco hierarchical model is a blueprint of types that defines how networks should be designed in layers. Each layer is meant to have its own roles and responsibilities, but the goal is to create a network that delivers high performance, is manageable, and keeps required roles in their place. While this model was designed by Cisco, its use can by all means be adapted to account for the switching and routing equipment of any vendor. The model is made up of three layers, including Core, Distribution, and Access. The diagram below shows each of these layers relative to one another.

The Core layer of the network would be considered along the same lines as the backbone high speed and redundant. The Distribution layer would contain intermediate switches and routers, such as those used to route between subnets or

VLANs. The Access layer is literally where users PCs plug into their local switch, somewhere like an area wiring closet. While this is a simplified view of the network, it provides a general high-level overview.

Getting a little deeper into things, each layer of the model is actually home to multiple roles and responsibilities. Remember that this is a model, and as such not all networks will necessarily look like this many, especially smaller ones, may not even be close. Instead, think of this model as one that outlines best practices to ensure that the network is reliable, scalable, and meets performance requirements. The Layers Each layer in the model has a general level of responsibility, in terms of what capabilities should be implemented there, and with a particular emphasis on how that layer should perform. Each of the layers is outlined in more detail below. Core Layer The responsibility of the core layer is to act as a high-speed switched backbone. Notice that the backbone is expected to switch traffic, and not route it. Routing can severely impact performance, mainly because each frame needs to be recreated as it passes through each router, as well look at a little later in the series. Switching provides much higher performance, mainly because a frame can travel across the backbone without needing to be recreated at each switch. Thats not to say that the frame isnt inspected at every switch (it will be to varying degrees), but everything stays at OSI layers 1 and 2 instead of having to be considered at Layer 3. The Core layer is usually comprised of a relatively small number of high-end switches. Growth should not add devices, but rather replace devices with higher-speed equipment as necessary. The Core Layer is also responsible for providing a degree of redundancy by providing multiple paths. That is, you want to be sure that even if a backbone link goes down, another path exists over which frames can travel. Well consider this in a diagram shortly. In general, you want to be sure that the only traffic that moves across the backbone is that which is moving between different Distribution-layer devices. A design that moves traffic over the Core layer when it isnt necessary will not provide the best performance. To that end, the core should also never be used to implement traffic filters such as access lists these should be implement at other layers instead. To summarize, the Core Layer should:

Be used to provide high-speed switching.

Provide reliability and fault tolerance.

Grow by using faster, and not more, equipment.

Never implement performance-decreasing elements such as access lists.

Distribution Layer The distribution layer acts as an intermediary between the Core and Access layers, and is usually where the routing functions (and more) on a well-designed network are found. An example of the type of interconnection here includes those between different types of media such as Ethernet and Token Ring. The distribution layer is also where policies are usually implemented using Access Lists. To get a feel for the function of the distribution layer, remember that a great deal of routing will usually happen on a network. Clients on one subnet may need to talk to servers on another. In some cases this traffic is localized, such as with departmental file or database servers. However, there are often servers that need to be accessed by many subnets even within a given location, such as mail servers. The distribution layer would be responsible for this routing function. In all, this layer serves a number of purposes including the implementation of

Security, in the form of Access Lists and filtering.

A boundary for route aggregation and summarization (for example, many subnets can be hidden behind a single routing table entry, making these entries smaller, and routing more efficient).

Broadcast domains. A broadcast domain is a layer 2 concept that defines how far a broadcast will travel on a given network. By default, routers usually do not pass broadcasts, acting as the demarcation point between broadcast domains.

Routing. Almost all routing is done at this layer, which keeps it away from the backbone. This also acts as the intermediate point between where static and dynamic routing are used on the network.

Access Layer The Access Layer acts as the point as which end stations connect to the network, usually by plugging into Layer 2 switches or hubs. As such, this layer is usually used to define network collision domains. The Access layer is also sometimes used to define additional network security policies and filtering if necessary. How it fits together The diagram below shows how a typical network might be configured to account for the Cisco hierarchical network design model. Remember that the Core layer switches might be geographically dispersed, and that the distribution layer routers might be connected to the core via a WAN link of similar.

About the Author: Dan DiNicolo is a technical trainer, consultant, and author as well as the owner and managing editor of 2000Trainers.com. When he's not busy travelling the world as an IT volunteer with organizations like Geekcorps Dan makes his home in hockey-crazed Toronto, Canada. Dan is the author of a number of technical books including the soon-to-be-released CCNA/CCDA Study Guide. He can be reached by email at dan@2000trainers.com.

Hierarchical Network Design

http://www.edrawsoft.com/Hierarchical-Network-Design.php To meet a customer's business and technical goals for a corporate network design, you might need to recommend a network topology consisting of many interrelated components. This task is made easier if you can "divide and conquer" the job and develop the design in layers. Network design experts have developed the hierarchical network design model to help you develop a topology in discrete layers. Each layer can be focused on specific functions, allowing you to choose the right systems and features for the layer. For example, high-speed WAN routers can carry traffic across the enterprise WAN backbone, medium-speed routers can connect buildings at each campus, and switches can connect user devices and servers within buildings. Free Download Hierarchical Network Software and View All Examples A typical hierarchical topology is

A core layer of high-end routers and switches that are optimized for availability and performance. A distribution layer of routers and switches that implement policies. An access layer that connects users via lower-end switches and wireless access points.

Why Use a Hierarchical Network Design Model

Networks that grow unheeded without any plan in place tend to develop in an unstructured format. Dr. Peter Welcher, the author of network design and technology articles for Cisco World and other publications, refers to unplanned networks as fur-ball network. Welcher explains the disadvantages of a fur-ball topology by pointing out the problems that too many CPU adjacencies cause. When network devices communicate with many other devices, the workload required of the CPUs on the devices can be burdensome. For example, in a large flat (switched) network, broadcast packets are burdensome. A broadcast packet interrupts the CPU on each device within the broadcast domain, and demands processing time on every device for which a protocol understanding for that broadcast is installed. This includes routers, workstations, and servers.

Another potential problem with nonhierarchical networks, besides broadcast packets, is the CPU workload required for routers to communicate with many other routers and process numerous route advertisements. A hierarchical network design methodology lets you design a modular topology that limits the number of communicating routers. Using a hierarchical model can help you minimize costs. You can purchase the appropriate internetworking devices for each layer of the hierarchy, thus avoiding spending money on unnecessary features for a layer. Also, the modular nature of the hierarchical design model enables accurate capacity planning within each layer of the hierarchy, thus reducing wasted bandwidth. Network management responsibility and network management systems can be distributed to the different layers of a modular network architecture to control management costs. Modularity lets you keep each design element simple and easy to understand. Simplicity minimizes the need for extensive training for network operations personnel and expedites the implementation of a design. Testing a network design is made easy because there is clear functionality at each layer. Fault isolation is improved because network technicians can easily recognize the transition points in the network to help them isolate possible failure points. Hierarchical design facilitates changes. As elements in a network require change, the cost of making an upgrade is contained to a small subset of the overall network. In large flat or meshed network architectures, changes tend to impact a large number of systems. Replacing one device can affect numerous networks because of the complex interconnections.
How Can You Tell When You Have a Good Design

Here are some wise answers from Peter Welcher that are based on the tenets of hierarchical, modular network design:

When you already know how to add a new building, floor, WAN link, remote site, e-commerce service, and so on. When new additions cause only local change, to the directly connected devices. When your network can double or triple in size without major design changes. When troubleshooting is easy because there are no complex protocol interactions to wrap your brain around.

When scalability is a major goal, a hierarchical topology is recommended because modularity in a design enables creating design elements that can be

replicated as the network grows. Because each instance of a module is consistent, expansion is easy to plan and implement. For example, planning a campus network for a new site might simply be a matter of replicating an existing campus network design.
Flat Versus Hierarchical Topologies

A flat network topology is adequate for very small networks. With a flat network design, there is no hierarchy. Each internetworking device has essentially the same job, and the network is not divided into layers or modules. A flat network topology is easy to design and implement, and it is easy to maintain, as long as the network stays small. When the network grows, however, a flat network is undesirable. The lack of hierarchy makes troubleshooting difficult. Rather than being able to concentrate troubleshooting efforts in just one area of the network, you may need to inspect the entire network.
Flat WAN Topologies

A wide-area network (WAN) for a small company can consist of a few sites connected in a loop. Each site has a WAN router that connects to two other adjacent sites via point-to-point links. As long as the WAN is small (a few sites), routing protocols can converge quickly, and communication with any other site can recover when a link fails. (As long as only one link fails, communication recovers. When more than one link fails, some sites are isolated from others.) A flat loop topology is generally not recommended for networks with many sites, however. A loop topology can mean that there are many hops between routers on opposite sides of the loop, resulting in significant delay and a higher probability of failure. If your analysis of traffic flow indicates that routers on opposite sides of a loop topology exchange a lot of traffic, you should recommend a hierarchical topology instead of a loop. To avoid any single point of failure, redundant routers or switches can be placed at upper layers of the hierarchy.
Flat LAN Topologies

In the early and mid-1990s, a typical design for a LAN was PCs and servers attached to one or more hubs in a flat topology. The PCs and servers implemented a media-access control process, such as token passing or carrier sense multiple access with collision detection (CSMA/CD) to control access to the shared bandwidth. The devices were all part of the same

bandwidth domain and had the ability to negatively affect delay and throughput for other devices. These days, network designers usually recommend attaching the PCs and servers to data link layer (Layer 2) switches instead of hubs. In this case, the network is segmented into small bandwidth domains so that a limited number of devices compete for bandwidth at any one time. (However, the devices do compete for service by the switching hardware and software, so it is important to understand the performance characteristics of candidate switches.
Mesh Versus Hierarchical-Mesh Topologies

Network designers often recommend a mesh topology to meet availability requirements. In a full-mesh topology, every router or switch is connected to every other router or switch. A full-mesh network provides complete redundancy, and offers good performance because there is just a single-link delay between any two sites. A partial-mesh network has fewer connections. To reach another router or switch in a partial-mesh network might require traversing intermediate links.
The Classic Three-Layer Hierarchical Model

Literature published by Cisco Systems, Inc. and other networking vendors talks about a classic three-layer hierarchical model for network design topologies. The three-layer model permits traffic aggregation and filtering at three successive routing or switching levels. This makes the three-layer hierarchical model scalable to large international internet works. Although the model was developed at a time when routers delineated layers, the model can be used for switched networks as well as routed networks. Each layer of the hierarchical model has a specific role. The core layer provides optimal transport between sites. The distribution layer connects network services to the access layer, and implements policies regarding security, traffic loading, and routing. In a WAN design, the access layer consists of the routers at the edge of the campus networks. In a campus network, the access layer provides switches or hubs for end-user access.

Guidelines for Hierarchical Network Design

This section briefly describes some guidelines for hierarchical network design. Following these simple guidelines will help you design networks that take advantage of the benefits of hierarchical design. The first guideline is that you should control the diameter of a hierarchical enterprise network topology. In most cases, three major layers are sufficient:
1. The core layer 2. The distribution layer 3. The access layer

Controlling the network diameter provides low and predictable latency. It also helps you predict routing paths, traffic flows, and capacity requirements. A controlled network diameter also makes troubleshooting and network documentation easier. Finally, one other guideline for hierarchical network design is that you should design the access layer first, followed by the distribution layer, and then finally the core layer. By starting with the access layer, you can more accurately perform capacity planning for the distribution and core layers.

You can also recognize the optimization techniques you will need for the distribution and core layers.