When it comes to network design, you’re pretty much left with two options – a flat design, or one that involves some type of hierarchy. A flat design can be very limiting in terms of performance and scalability, and in all but the smallest networks would not be recommended. For example, on a flat network issues like broadcast traffic can quickly overwhelm network systems and negatively impact performance. In contrast, a hierarchical design will allow for unique divisions of responsibility to be created on the network. Thus a higher degree of performance, reliability, scalability and security can be achieved. The Cisco network design model is a reference model for creating hierarchical networks that attempts to account for these factors, while also providing an insight as to where different network elements should be deployed and why.
The Cisco network design model consists of three layers. These include:
- The Core Layer
- The Distribution Layer
- The Access Layer
The core layer describes what is often referred to as the network backbone. Its main responsibility is ensuring that data is passed at high speeds between different sites. Because of this high-speed requirement, the backbone should usually make use of switching technologies instead of routing. While we’ll look at the differences between switching and routing in later chapters, for now it is sufficient to say that switching is significantly faster than routing.
The core layer should also provide a high degree of reliability and fault tolerance. This is usually implemented using higher-end equipment and redundant links. For the most part, the core layer should not be scaled to include additional equipment if performance is deteriorating. In such cases, backbone switches should be replaced with better performing models. By replacing equipment, the core layer maintains a constant diameter, helping to avoid the introduction of additional latency.
As a general rule, anything that slows down performance should be kept away from the core layer. Beyond routing, this also means avoiding features such as access lists, firewall and intrusion detection system (IDS) sensors – these inspect traffic based on network addresses and applications, and can negatively impact performance.