Cisco’s Hierarchical Network Design Model

When it comes to network design, you’re pretty much left with two options – a flat design, or one that involves some type of hierarchy. A flat design can be very limiting in terms of performance and scalability, and in all but the smallest networks would not be recommended. For example, on a flat network issues like broadcast traffic can quickly overwhelm network systems and negatively impact performance. In contrast, a hierarchical design will allow for unique divisions of responsibility to be created on the network. Thus a higher degree of performance, reliability, scalability and security can be achieved. The Cisco network design model is a reference model for creating hierarchical networks that attempts to account for these factors, while also providing an insight as to where different network elements should be deployed and why.

The Cisco network design model consists of three layers. These include:

  • The Core Layer
  • The Distribution Layer
  • The Access Layer

Figure: Cisco Hierarchical Network Design Model

Core Layer

The core layer describes what is often referred to as the network backbone. Its main responsibility is ensuring that data is passed at high speeds between different sites. Because of this high-speed requirement, the backbone should usually make use of switching technologies instead of routing. While we’ll look at the differences between switching and routing in later chapters, for now it is sufficient to say that switching is significantly faster than routing.

The core layer should also provide a high degree of reliability and fault tolerance. This is usually implemented using higher-end equipment and redundant links. For the most part, the core layer should not be scaled to include additional equipment if performance is deteriorating. In such cases, backbone switches should be replaced with better performing models. By replacing equipment, the core layer maintains a constant diameter, helping to avoid the introduction of additional latency.

As a general rule, anything that slows down performance should be kept away from the core layer. Beyond routing, this also means avoiding features such as access lists, firewall and intrusion detection system (IDS) sensors – these inspect traffic based on network addresses and applications, and can negatively impact performance.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.