Scribd Logo
Upload

Welcome to Scribd!

  • 2K views

    01 Campus Network-Design

    Uploaded by

    Prasad Tharanga
    This document provides best practices for campus network design. It recommends separating the network into layers with core, distribution, and access layers. The core layer should route rather than switch and have high reliability. Services should be provisioned near the core. Access layer switches should have high port density. DHCP and DNS should be configured centrally. Network design should use standard solutions and open standards to provide modularity, redundancy, and flexibility.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    01 Campus Network-Design

    Uploaded by

    Prasad Tharanga
    2K views19 pages
    This document provides best practices for campus network design. It recommends separating the network into layers with core, distribution, and access layers. The core layer should route rather than switch and have high reliability. Services should be provisioned near the core. Access layer switches should have high port density. DHCP and DNS should be configured centrally. Network design should use standard solutions and open standards to provide modularity, redundancy, and flexibility.

    Original Title

    01_Campus_network-design

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides best practices for campus network design. It recommends separating the network into layers with core, distribution, and access layers. The core layer should route rather than switch and have high reliability. Services should be provisioned near the core. Access layer switches should have high port density. DHCP and DNS should be configured centrally. Network design should use standard solutions and open standards to provide modularity, redundancy, and flexibility.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    2K views19 pages

    01 Campus Network-Design

    Uploaded by

    Prasad Tharanga
    This document provides best practices for campus network design. It recommends separating the network into layers with core, distribution, and access layers. The core layer should route rather than switch and have high reliability. Services should be provisioned near the core. Access layer switches should have high port density. DHCP and DNS should be configured centrally. Network design should use standard solutions and open standards to provide modularity, redundancy, and flexibility.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 19

    Campus Network Design

    Workshop
    Campus Network Design Best
    Practices
    Campus Network Rules
    •  Separate in layers
    •  Minimize number of network devices in any path
    •  Provision central services near the core
    •  Route near the core, switch at the edges
    •  Use standard solutions for common situations
    •  Use DHCP centrally
    Campus Network Design
    •  A good network design is modular and
    hierarchical, with a clear separation of
    functions:
    –  Core: Resilient, few changes, few features,
    high link and CPU capacity
    –  Distribution: Aggregation, redundancy
    –  Access: Port density, affordability, security
    features, many adds, moves and changes
    Layers Features
    Core

    Complexity
    Capacity
    Distribution

    Access
    Campus Network Design - Simple
    ISP

    Network Border

    Core

    Distribution

    Access
    Campus Network Design - Redundant
    ISP1 ISP2

    Network Border

    Core

    Distribution

    Access
    Core Layer
    •  Core network is the “core” of your network
    –  Reliability is key
    •  Keep it simple!
    –  Always route (not switch) in the core
    –  Reliable power and air conditioning
    –  As you grow:
    •  Add more devices for redundancy or better
    performance
    •  Use dual power supplies fed from separate UPSs
    Separate border from core
    •  Allows you to provision tools centrally
    –  Firewalls
    –  Traffic shaping devices
    –  Intrusion Detection
    –  Intrusion Prevention
    –  Network Address Translation
    –  Etc.
    Border Router
    •  Connects to outside world
    •  RENs and peering are the reason you need
    them
    Internet
    Exchange REN

    Campus
    Network
    Access Layer
    •  Provides service to end users
    •  Each of these networks should be an IP
    subnet
    –  Plan for no more than 250 Computers at
    maximum
    –  Should be one of these for every reasonable
    sized building
    •  Always buy switches that are managed –
    no unmanaged switches!
    Minimize Number of Network
    Devices in the Path
    •  Build star networks

    •  Not daisy chained networks


    Where to put Servers?
    •  Servers should be on a high speed interface off of your
    core router
    •  Servers should be at your core location where there is
    good power and air conditioning
    Firewall/
    Border Router Core Router
    Traffic Shaper

    Fiber optic links to remote buildings

    Servers
    in core
    Use open standards
    •  Avoid using proprietary solutions when
    possible
    –  Keeps your purchasing options open
    –  Avoids having to change later
    –  Open standards are better understood by
    more people
    Notes on IP Addressing
    •  Get your own public IP address space
    –  Get your v6 block when you get your v4 one
    –  Make subnets large enough for growth
    •  Use DHCP to assign addresses to
    individual PCs
    –  Use static addressing only for network
    equipment, printers, and servers
    DHCP
    •  Dynamic Host Configuration Protocol
    –  Used to assign IP address and provide basic IP
    configuration to a host.
    •  Simplifies your life greatly
    –  Faster
    –  Fewer mistakes
    –  Easier renumbering
    •  Should be provisioned centrally
    –  Requires relaying across layer 3 networks
    Central DHCP
    •  In order to centralize your DHCP service, you
    need a DHCP relay on each subnet
    –  Most routers provide this feature
    •  Also possible on Linux routers using ISC DHCPD as
    relay
    –  The central server knows which subnet queries
    are coming from, and assigns addresses from
    the right pool
    •  As you grow, add another server and run as
    a failover pair
    DNS
    •  DNS reliability is essential to your network
    –  No DNS == No services
    •  Server location
    –  On different subnets, off of different routers
    –  Air conditioned, dual power supplies, etc.
    •  Separate duties
    –  Authoritative and recursive on different
    machines
    DNS Authoritative vs. Recursive

    Server Function Information Target audience

    Authoritative Your domains The Internet

    Recursive All other domains Your users


    Questions?
    •  Thank you.

    You might also like