The Switch Block
Recall how a campus network is divided into access, distribution, and core layers. Basically, the
switch block contains switching devices from the access and distribution layers. All switch
blocks then connect into the core block, providing end-to-end connectivity across the campus.
Switch blocks contain a balanced mix of Layer 2 and Layer 3 functionality, as might be present
in the access and distribution layers. Layer 2 switches located in wiring closets (access layer)
connect end users to the campus network. With one end user per switch port, each user receives
dedicated bandwidth access.
Building Z
Switch
blocks
Building A ...
Core
block
Server
block
Mainframe
block
WAN
block
Modular Network Design 41
Upstream, each access layer switch connects to devices in the distribution layer. Here, Layer 2
functionality transports data between all connected access switches at a central connection
point. Layer 3 functionality can also be provided in the form of routing and other networking
services (security, QoS, and so on). Therefore, a distribution layer device can be one of the
following:
• A combination of a switch and an external router
• A multilayer switch
These Layer 3 distribution devices are discussed in more detail in Chapter 7, “InterVLAN
Routing.”
The distribution layer also shields the switch block from certain failures or conditions in other
parts of the network. For example, broadcasts will not be propagated from the switch block into
the core and into other switch blocks. Therefore, the Spanning-Tree Protocol will be confined
to each switch block, where a VLAN is bounded, keeping the Spanning Tree domain well
defined and controlled.
Access layer switches can support VLANs by assigning individual ports to specific VLAN
numbers. In this way, stations connected to the ports configured for the same VLAN will appear
on the same subnet. However, remember that a single VLAN can support multiple subnets.
Because the switch ports are configured for a VLAN number only (and not a network address),
any station connected to a port can present any subnet address range. The VLAN will function
as traditional network media and allow any network address to be connected.
In this network design model, VLANs should not be extended beyond distribution switches.
The distribution layer should always be the boundary of VLANs, subnets, and broadcasts.
Although Layer 2 switches can extend VLANs to other switches and other layers of the
hierarchy, this activity is discouraged. VLAN traffic should not traverse the network core.
(Trunking, or the capability to carry many VLANs over a single connection, is discussed in
Chapter 4.)
Sizing a Switch Block
Containing access and distribution layer devices, the switch block is simple in concept. You
should consider several factors, however, to determine an appropriate size for the switch block.
The range of switch devices available makes the size of the switch block very flexible. At the
access layer, switch selection is usually based on port density or the number of connected users.
The distribution layer must be sized according to the number of access layer switches that are
collapsed or brought into a distribution device. Factors to consider are
• Various types and patterns of traffic
• Amount of Layer 3 switching capacity at the distribution layer
• Number of users connected to the access layer switches
42 Chapter 2: Campus Network Design Models
• Geographical boundaries of subnets or VLANs
• Size of Spanning Tree domains
Designing a switch block based solely on the number of users or stations that are contained
within the block is usually inaccurate. As a rule of thumb, no more than 2000 users should be
placed within a single switch block. Though useful for an initial estimate of a switch block’s
size, this idea doesn’t take into account the many dynamic processes that occur on a functioning
network.
Instead, switch block size should be primarily based on:
• Traffic types and behavior
• Size and number of common workgroups
Due to the dynamic nature of networks, sizing a switch block too large to handle the load that
is placed upon it is possible. Also, the number of users and applications on a network tend to
grow over time. A provision to break up or downsize a switch block is necessary. Again, base
these decisions on the actual traffic flows and patterns present in the switch block. These
parameters can be estimated, modeled, or measured with network analysis applications and
tools.
Generally, a switch block is too large if the following conditions are observed:
• The routers at the distribution layer become traffic bottlenecks. This congestion could be
due to the volume of interVLAN traffic, intensive CPU processing, or switching times
required by policy or security functions (access lists, queuing, and so on).
• Broadcast or multicast traffic slows down the switches and routers in the switch block.
Broadcast and multicast traffic must be replicated and forwarded out many ports. This
process requires some overhead in the router or switch and can become too great if
significant traffic volumes are present.
Access switches can have one or more redundant links to distribution layer devices. This
situation provides a fault tolerant environment, where access layer connectivity is preserved on
a secondary link if the primary link fails. Chapter 5 discusses this matter. Generally, two
distribution switches should be provided in each switch block for redundancy, with each access
layer switch connecting to the two distribution switches with dual links.
Figure 2-8 shows a typical switch block design. Only one of the two links from each access
layer switch will be in use at any time. At Layer 2, the Spanning-Tree Algorithm will keep one
link in a blocking state and will fail over to the redundant link if the primary link fails. The
Spanning-Tree Protocol is discussed in Chapter 5. At Layer 3, the two distribution switches can
use Cisco’s Hot Standby Router Protocol (HSRP) to provide an active IP gateway and a standby
gateway. HSRP is discussed in Chapter 9, “Overview of Hot Standby Routing Protocol.”
Modular Network Design 43
Figure 2-8 Design of a Typical Switch Block
Access
layer
Distribution
layer
X
X
X
HSRP HSRP
To core layer