Mr. Mark Welton

 Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access

 Most common design when network covers multiple buildings  Physical separation of the three levels usually occurs when there is a physical need to do so  Access devices are connected at the access-layer switches  These switches connect to the distribution-layer switches  Distribution-layer switches then connect to the core-layer  Internet and server farm (data center) typically connect to the core-layer

 Common in single building designs with multiple floors  Distribution-layer switches are removed and access layer goes directly in core  Distribution-layer maybe collapsed into the core-layer switches or removed completely

 This design is most common in smaller implementations  Core switches act as all layers in the design  For this design Ethernet runs must remain within the distance limitations of the cable (100 Meters)  High-density chassis switches are used in this design

 Trunks – will be necessary anywhere switches are interconnected  EtherChannels or port aggregation – This allows multiple switch connections to increase bandwidth between switches  Spanning tree – end devices ports should not run spanning tree. Ports connecting other switches must run it and be configured correctly including setting a correct primary and secondary root bridge

 VTP – allows for centralized control of VLAN in your network  VLAN – How many? Make sure they are planned out ahead of time ◦ Internet ◦ Internet inside ◦ Server farm ◦ User VLANS (include all user devices that need segmented i.e. VoIP) ◦ OOB???

 Most web-based applications today use a three tier design  Internet Layer - Web servers are used by the end users to access the application  Application layer – used to access the database layer and provide separation between the database and users. Also contains logic and access control for application  Database layer – contains data needed by application

 There are generally two accepted methods in the design  Bridging – the lower interfaces of the upper layer are connected to the same VLAN as the upper interfaces of the layer beneath them  Routing – routers are placed between the layers

 The advantages of this design are simplicity and speed  Disadvantages are decreased security  This has changed with the advances in security devices (layer-2 firewalls)

 The advantages of this design are increased security  Disadvantages increases complexity and adds processing (which means latency)

 Is there any other issue that may need addressed in the design????

 Can not easily manage the server remotely

 Every interface will need an IP address.  In some server high-availability solutions, you’ll need a third IP address for each VLAN. For example, IP multipathing requires a virtual IP address on each VLAN in addition to one for each physical interface.  Every IP address you assign may need a DNS entry (including virtual IP addresses).  Which interface is primary?  Does the server need a default gateway? If so, where does it go? Can the server support multiple defaults? How will this work? Web servers need a default gateway that points to the Internet. This will require your management VLAN to have specific routes on the servers.  How many physical network cards do you need in a server to support six Ethernet interfaces? Make sure you have enough. Extra interfaces are even better.  Will the servers have both interfaces active in each VLAN, or just one? Some server high-availability solutions require the switches to be configured a certain way, while others require different configurations. Work this out in a lab before you build your network.  Will your servers support remote Ethernet consoles? Will you need a dedicated network for this traffic?

 With Virtual environment your access-layer switches are also virtualized  This will make the server network requirements more like a access-layer switch uplink  Multiple 10 Gb ports are common