Imagine: you are a network architect, your current mission is to set up the network of a company. You start from scratch as the customer company has decided that its speed of evolution justifies a large budget and a complete transformation of its network.
You therefore find yourself in front of a blank page, with only the needs (and therefore the technical obligations that these needs bring) of the customer. Make a decision about the design of the network.
And there ... A good architect must prioritize performance, cost, fault tolerance, speed (exchanges), why not load-balancing ... In short, his job is to create a network the most effective and Optimal possible!
However, if the analysis is poorly done, the major risk is to find ourselves with an ill-adapted network: unforeseen developments, slow exchanges, frequent breakdowns, non-functional services, supervision difficult to implement and assume ... Moreover, Knows that the more we divide, the easier it is to manage afterwards (attention, too divide will be a source of complication ...): this is the principle of LAN, network architecture but also developing classes .
Fortunately for us, since computers were not invented in 2011, other people have already thought about it. And in this case, people much more competent than the first network admin came. It is no longer necessary to reinvent the wheel: models exist!
The "three-layer" hierarchical model
More commonly known as the tree-layers hierarchical internetworking design / model, this model was invented and distributed by Cisco.
The principle is simple: to create a structured network design in three layers, each with a precise role involving differences in hardware, performance and tools.
These three layers are:
- the core layer, "Core layer"
- distribution layer, "Distribution layer".
- the access layer.
Schema of the hierarchical model
Network diagram of the topology. Redundancy is provided by multiple links, in addition to dubbing routers / switches if needed.
1) Core Layer
This is the top layer. Its role is simple: to connect together the different segments of the network, for example remote sites, LANs or floors of a company.
We usually find routers at this level. If the company is really big, this model can be nested: the implementation design of the routers corresponds to this model, but the design of level 2 (OSI model), that is to say the switches, will resume Same hierarchization and the same roles! We therefore have a Core / Distribution / Access model inside the Access or Distribution part of the routers.
But I digress ...
As much traffic passes through these routers or Core switches, the performance requirements are consistent. And in flow, too. The material changes according to the role. For example, at Cisco, the CRS-3 is the reference (322 Tbps, anyway ... and it's not given ...).
The Core is also called Backbone.
2) Distribution Layer
Once our Core layer routers / switches are chosen and implemented in our architecture, the designer is interested in the distribution layer.
Its role is simple: to filter, to router, to authorize or not the packets ... We are between the Core layer and the Access layer, that is to say between the part "connection" and the part "users". Here, we begin to divide the network into a segment by adding several routers / distribution switches, each connected to the Core on one side and the Access layer on the other.
Visualize: 1 core router> several distribution routers connected on the same core router> even more access switches, all connected on a distribution layer. It is exactly like a family tree
Here, too, depending on the size and the means of the company, the architect will have to choose between router and switch. Obviously, the bigger the company, the more router you need at this level. For a small company, switching is enough.
These distribution routers will take care of routing (sending the neophytes on the right path), applying ACLs, ensuring fault tolerance, delimiting broadcast domains, etc.
Note: Of course, if there are only switches in our distribution layer, these actions will be performed at the Core level since only the Core layer has routers.
You can also, as you will probably find in some articles on the Internet, summarize the role of the Distribution layer by saying that it serves to link the Core and Access layers.
3) Access Layer
This is the last layer of our model. Its role is simple but very important: connect end-users devices to the network.
But also, ensure safety!
Only switches, or hubs sometimes, are implemented. This is normal, you will say, since all the work of routers is already done at the level of Distribution or Core. The result is that we only connect our end-users to the network, whether it is Wi-Fi, Ethernet or whatever. And if possible, we do it in a secure way, that is, using switchport on our switches, disabling unused interfaces, etc ... (this could be the subject of a future article, so there Has to say!). As a result, the configuration of this type of switch poses less constraint. No need for special performance because each switch will have - at most - a number of users equal to its port number (minus 1 or 2 for the trunk between Access and Distribution). In addition, treatments remain basic and require few resources. 4) But still? ... It is important to note that each layer brings its imperatives and needs, influencing the hardware set up as well as the configurations and / or solutions. This is the main reason for the existence of this model: more complicated, at first sight, to be implemented, but totally more efficient, profitable, thoughtful and economical in the long term than an improvised architecture time. Other models Of course, the hierarchical model in three layers is a reference that many architectures use. It is usually tailored to the needs of the business. But it is not the only model. There are many other architectural models, such as the "star" model for example or the "Campus LAN". However, this is not the subject of this article (if I were to talk about all the existing designs one would have for a few days), nor in my writing priorities: most of these models are much too theoretical, and - well That they are necessary to any network architect - do not really interest on this blog. To conclude, 3 points to remember: - This hierarchical model is a reference, it is very used. But it must of course be adapted to the needs of his company. - Each layer - Core / Distribution / Access - involves different configurations. In particular the Access layer, which requires certain actions from the administrator (setting the status of each port of the switches, setting up trunk, security, etc ...) - All links (link = link between two points , Encompassing the physical and software side) are doubled / backed up in the majority of cases. (See my previous article for example) And do not forget that think and choose as best as possible the architecture of its network, that is to say the design, the IP ranges for the different LANs, the number of LAN / VLAN and all other parameters is paramount! Especially in the long term ...