Every campus network design will be unique. Differences, such as the number of users, their locations and what types of applications they use, will all affect how a network is designed -- as well as what types and numbers of campus LAN switches the design should include. In this article, we will again look at each of the three tiers of switches -- access, distribution and core -- and point out some of the most common scenarios when particular types of campus switches would be necessary or unnecessary.
Everyone needs access switches
Regardless of whether you are building out a massive, enterprise-grade LAN environment, or just a small remote site, your end-user devices on a campus network are going to connect to access-grade switches. If you are going to deploy a network using access switches only, make sure you understand how Layer 2 and Layer 3 connectivity will operate. Typically, for larger LANs with access and distribution switches, the distribution layer performs Layer 3 communication. In smaller environments with no distribution layer, you have a couple of options to gain Layer 3 connectivity with the rest of your LAN. The first option is to connect your Layer 2 access switch to a device, such as a router or firewall. The router or firewall can then be configured as the default gateway for the various virtual LANs you configure, as well as provide routing between each and out to the external wide area network (WAN) or internet.
The other option is to use access switches that operate at both Layer 2 and Layer 3. By doing so, you can create virtual switch interfaces at Layer 3 and perform all switching and routing on a single device. And since the number of users is relatively small at remote sites, campus switches can usually handle all switching and routing for the relatively small amount of traffic the site will create and consume.
Where distribution/aggregation campus switches make sense
There are a few reasons to implement an access/distribution collapsed-core network design. Chief among them is the number of end users the LAN supports and the geographic proximity among users. If the number of users exceeds several hundred, the amount of throughput will eventually exceed the capabilities of the access switches alone. In order to counter this -- while, at the same time, keeping LAN costs under control -- a collapsed core strategy makes sense. This method uses multiple or stacked access switches at the edge to handle Layer 2 connectivity, while offloading Layer 3 routing, access control and other network functions to the distribution layer.
From a physical proximity perspective, you should start considering distribution switches when you begin to reach the limitations of LAN cable lengths. If you have Category 5 and 6 unshielded twisted pair cabling from an access switch to end devices, the 1000BASE-T specification stipulates the cabling length between the end device and switch cannot exceed 100 meters. If that is surpassed, expect to incur various errors and discards on the switch port. If your users are dispersed across a building that requires the placement of two or more access switch closets due to distance limitations, it makes sense that these access switches are linked to a centralized distribution/aggregation switch. Doing so ensures all users are within one network-device hop of each other.
When core switches are truly needed
Much like the primary requirements for moving from an access-only network to a collapsed-core, access and distribution design, the reason to move to the traditional three-tier design revolves around physical proximity and number of users. If your network spans multiple buildings that require all users to be the same number of device hops away from each other for latency purposes, the easiest way to do this is to centralize interdistribution connectivity by pushing all data up to a core layer. While you could build out full-mesh connectivity -- or create a ring topology between buildings -- these options may not be feasible, practical or sufficient for your LAN needs.
The other aspect to consider is the sheer throughput and latency requirements your end users demand. The three-tier design optimizes connectivity from end to end on the LAN and ensures uniform latency and quality of service across the board. Internet and WAN links typically connect into the core from edge routers. To ensure uniform access for all end users, it's best to have a core layer to distribute external access to the rest of your LAN. The only other responsibility of the core, then, is to route packets from one network segment to the other as quickly as possible.
Other considerations for campus switches
There are two other topics that need to be mentioned when evaluating which campus switch numbers and types to include in a design. The first is LAN redundancy. If you are designing and managing a medium-sized to large campus network, it's common practice to provide high availability (HA) at the switch and uplink level. That means you use two or more core and two or more distribution switches in each block -- and configure them so a failure of one switch does not disrupt traffic flow. Along those same lines, uplink connections between all switches on the LAN should include more than one physical connection. Then, using any number of redundancy configuration methods, the loss of a single connection will have no effect on end users.
The second topic is when to consider using data center switches as opposed to traditional access switches on your LAN. If you operate a large and highly complex data center with virtualization at the compute and storage levels, data center switches offer plenty of features to squeeze the most out of the hardware and software. The primary thing to look at is what you think your east-west traffic -- traffic within a data center -- pattern will look like on your campus switches. If east-west throughput is going to be higher than what an access-layer switch can handle, then you're probably going to be able to take advantage of the processing power and added HA features of a data center switch. However, if you've only got a handful of bare-metal or virtualized servers to manage on your campus, you can probably get away with connecting them using access-grade switches.
Learn about how SDN is changing physical infrastructure in the data center.
Read about Juniper's new access switches with support for the Unite fabric.
Check out our buyer's guide on data center switching for an in-depth explanation of data center switches.