Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11455
Views
0
Helpful
4
Replies

Routing at core vs routing at edge?

Go to solution
A00460610
Level 1
Level 1

‎03-30-2011 11:14 AM - edited ‎03-03-2019 06:15 AM

Hi! Thanks in advance for your answers, I have a very basic networkign question

If I have, say, 3750's (or any L3 switch, capable of routing) at the edge and a 4500 at the core, where should I route? At the edge? At the Core? Both?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-31-2011 03:14 AM 

A00460610 wrote:
Hi! Thanks in advance for your answers, I have a very basic networkign question
If I have, say, 3750's (or any L3 switch, capable of routing) at the edge and a 4500 at the core, where should I route? At the edge? At the Core? Both?


Firstly edge and core need to be defined.

Core in a small to medium sized network can mean collapsed distribution/core or it can simply mean a dedicated core. Often a core is seen in campus environments ie. a network spread over multiple buildings all within the same area and each building has a distribution pair of switches that then connect to the core.

Edge would typically mean access-layer in Cisco terminology ie. where you have end user devices connecting to the network. If this isn't what you meant please clarify. A further point is what you are routing ie. are you talking about inter-vlan routing which is typically either done at the distribution layer or the access-layer.

Generally you would want to route at the distribution/core with a 4500 and most designs will do this. L3 switching is as fast as L2 switching to all intents and purposes so there is no performance hit as such.

The edge or access-layer is more interesting in that tradtionally the access-layer has been L2 and each access-layer switch (3750s in your case) would be uplinked to the distro/core (4500) with L2 uplinks, usually trunks. The routing for the vlans would be done on the 4500. However, more recently, another possible design is to route from the access-layer.  So your 3750 switch would have the L3 vlan interfaces and any non-local traffic would simply be routed to the 4500 where it would then route the traffic on, perhaps to another vlan on another L3 access-layer switch.

Each design, L2 from access or L3 access, has it's advantages and disadvantages.

L3 from access layer limits STP to the single switch. Because the uplinks are now L3 routed links you do not get STP extending across the links. In addition because each access-layer switch is usually uplinked to pair of distro/core switches both uplinks are seen as equal cost paths are used to send traffic. With traditional L2 uplinks one uplink per vlan is blocked. If one of the uplinks fails then L3 failover is usually faster than L2 failover even with RSTP.

The big disadvantage of L3 from access-layer is the main advantage of L2 and that is flexibility. With L3 from access-layer a vlan on one of your access-layer switches cannot also be on another access-layer switch in a different part of your network ie. each vlan is local to the L3 switch. With L2 you could have the same vlan on multiple, or every, access-layer switch if that is what you wanted although every switch would not necessarily be good design.

So with L3 you do need to plan carefully and make sure you don't need the same vlan on multple access-layer switches.

It's probably fair to say that the majority of networks still have traditional L2 from the access-layer.

Jon

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-31-2011 03:14 AM 

A00460610 wrote:
Hi! Thanks in advance for your answers, I have a very basic networkign question
If I have, say, 3750's (or any L3 switch, capable of routing) at the edge and a 4500 at the core, where should I route? At the edge? At the Core? Both?


Firstly edge and core need to be defined.

Core in a small to medium sized network can mean collapsed distribution/core or it can simply mean a dedicated core. Often a core is seen in campus environments ie. a network spread over multiple buildings all within the same area and each building has a distribution pair of switches that then connect to the core.

Edge would typically mean access-layer in Cisco terminology ie. where you have end user devices connecting to the network. If this isn't what you meant please clarify. A further point is what you are routing ie. are you talking about inter-vlan routing which is typically either done at the distribution layer or the access-layer.

Generally you would want to route at the distribution/core with a 4500 and most designs will do this. L3 switching is as fast as L2 switching to all intents and purposes so there is no performance hit as such.

The edge or access-layer is more interesting in that tradtionally the access-layer has been L2 and each access-layer switch (3750s in your case) would be uplinked to the distro/core (4500) with L2 uplinks, usually trunks. The routing for the vlans would be done on the 4500. However, more recently, another possible design is to route from the access-layer.  So your 3750 switch would have the L3 vlan interfaces and any non-local traffic would simply be routed to the 4500 where it would then route the traffic on, perhaps to another vlan on another L3 access-layer switch.

Each design, L2 from access or L3 access, has it's advantages and disadvantages.

L3 from access layer limits STP to the single switch. Because the uplinks are now L3 routed links you do not get STP extending across the links. In addition because each access-layer switch is usually uplinked to pair of distro/core switches both uplinks are seen as equal cost paths are used to send traffic. With traditional L2 uplinks one uplink per vlan is blocked. If one of the uplinks fails then L3 failover is usually faster than L2 failover even with RSTP.

The big disadvantage of L3 from access-layer is the main advantage of L2 and that is flexibility. With L3 from access-layer a vlan on one of your access-layer switches cannot also be on another access-layer switch in a different part of your network ie. each vlan is local to the L3 switch. With L2 you could have the same vlan on multiple, or every, access-layer switch if that is what you wanted although every switch would not necessarily be good design.

So with L3 you do need to plan carefully and make sure you don't need the same vlan on multple access-layer switches.

It's probably fair to say that the majority of networks still have traditional L2 from the access-layer.

Jon

0 Helpful

Go to solution
A00460610
Level 1
Level 1
In response to Jon Marshall

‎03-31-2011 09:34 AM

Thank you for your anwser. I was very usefull. To confirm:
Yes, by core, I mean a dedicated core; and by edge I mean the access layer. By routing I mean inter-vlan routing.

0 Helpful

Go to solution
CHRISTOPHER LARSON
Level 1
Level 1

‎04-01-2011 01:48 PM

The Cisco Data Center 3.0 specs still call for a L3 Core and L2 access. It talks about doing L3 and what things you should consider configuring to do L3 to the access, but L2 is still best practice in that doc.

In your environment, I would route at the core and trunk your L2 vlans down to your 3750 , but it really depends on your requirements.

Cisco also recommends a full hierarchy for doing a routed access layer, and then considering things like the CEF hashing at each layer. It should not be the default, and alternate at each layer or you will not enjoy the benefits of equal costs uplinks and traffic will only flow on one side. EIGRP stub only to access layer (if you are doing EIGRP) and proper summarization , and a couple other items, so there are some trade offs and extras you should look into if considering it.

At any rate, in an environment without some specific requirements or reason for doing a routed access layer, I would not at this point in time. I have worked in both routed access layer environments and the old standard and find more fleibility in the L3 Core, L3 distro, L2 access model.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to CHRISTOPHER LARSON

‎04-01-2011 01:56 PM

Christopher

That's a good point and one i usually mention when talking about these designs (but didn't this time).

DC environments are very different from campus setups. I would never recommend running L3 routed access-layer in the DC because in a DC you really do need the L2 flexibility that i mentioned. Server relocation is quite a common thing in DCs plus you have more flexibility when deploying service modules with L2 access-layer.

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents