In a large organization it
is common to see large and complicated networks consisting of many locations,
devices, services, and protocols. It can be cumbersome to manage and
troubleshoot such networks. In addition to that as technologies evolve, the
network has to evolve also. Making changes to a complex network is often
difficult. Cisco with its years of experience in network equipment as well as
managing its own network has defined a Three-layer hierarchical model. This
model provides a hierarchical and modular method of building networks that
makes it easy to implement, manage, scale and troubleshoot networks.
The model breaks an
internetwork down to the following three layers:
- The Core layer
- The Distribution layer
- The Access layer
These layers are logical
and not physical. They have specific functions in an internetwork which are
discussed below:
The Core Layer – This
layer is the backbone of an internetwork. It is the simplest yet the most
critical layer whose sole function is to transport large amount of data fast.
It gets data from the distribution layer and sends it back to the distribution
layer after transportation. Speed and fault tolerance are the two major
requirements of this layer because it has to transport large amount of data and
any fault at this layer will impact every user. Considering the functions of
this layer, the following should be avoided at this layer:
- Any thing that can slow down the traffic. For example, packet filtering, inter-VLAN routing etc.
- Direct user connections
- Direct server connections
- Complex service policies
- Routing protocol should have low convergence time.
- Network Access layer technologies should be fast with low latency
- Redundancy should be built into this layer.
The Distribution
Layer – This layer acts as an interface between the Core and the Access
layers. The primary function of the distribution layer is to provide routing,
filtering, and WAN access and to determine how packets can access the core, if
needed. Path determination is the most important function at the layer. It has
to select the fastest way an access request can be completed. This layer also
acts as the convergence point for all access layer switches. Hence it is
generally the best place to apply most of the policies. The following are
generally done at this layer:
- Routing between subnets and VLANs and route distribution between routing protocols
- Implementation of security policies, including firewalls, address translations, packet filtering, etc.
- Breaking broadcast domains
The Access Layer –
This layer is the edge of the network where wide variety of devices such as
PCs, printers, iPads etc. connects to the network. Common resources needed by
users are available at this layer while access request to remote resources are
sent to the distribution layer. This layer is also known as the desktop
layer. The following are generally done at this layer:
Access control and
policies in addition to what exists in the distribution layer.
- Dynamic configuration mechanisms
- Breaking collision domains
- Ethernet switching and static routing