Enterprise Campus Network Design – switch block

Jason Jackal · ‎01-27-2015

Folks, I am having a hard time understanding some concepts I am reading about for Enterprise campus network design, more specifically the switch block design.

On page 19 of the new SWITCH 300-115 Official Cert Guide details Figure 1-14, and shows the Layer 2 v-type links. Since this is Layer 2, I believe 802.1Q will be utilized on the connected interfaces; however, the book says

“All Layer 2 connectivity is contained within the access layer, and the distribution layer has only Layer 3 links. Without any potential Layer 2 loops, the switch block can become much more stable and much less reliant on any mechanisms to detect and prevent loops. Also, because each access switch has two dedicated paths into the distribution layer, both links can be fully utilized with traffic load balanced across them”.

If these are layer 2 links would they be 802.1Q trunk ports? In addition, how can Layer 2 traffic be load-balanced between the two distribution layer switches? Would an Etherchannel be used between two different switches?

Thank you

Leo Laohoo · ‎01-27-2015

If these are layer 2 links would they be 802.1Q trunk ports?

Depends on the nature of the network. I've seen the links between the Access layer switch and Distribution Layer switch to be a Layer 3 link but it's common to see them as Layer 2 links.

In addition, how can Layer 2 traffic be load-balanced between the two distribution layer switches? Would an Etherchannel be used between two different switches?

With the advent of VSS, this design is about to get irrelevant. The only time you'll still want to stick to this design is when you can't go to VSS due to various reasons.

Jon Marshall · ‎01-28-2015

The book is saying that each access layer switch has a dedicated vlan ie. that vlan only exists on one access switch.

Because of this the only traffic that comes from an access switch is traffic destined for another vlan/IP subnet, in other words, traffic that is going to be L3 switched by the distribution switches.

Because there is a L3 link between the distribution switches and a particular vlan only exists on one access switch then you have no L2 loops for STP to block so both links can be forwarding.

The links may well be etherchannels but they might not be trunks ie.they could just be access ports in the vlan on the switch. If you had multiple vlans on a single switch but again they were only on that switch then the links would be trunks as well.

But the design principle would still hold ie. L2 traffic would be contained on the access switch and only traffic destined for another vlan/IP subnet, even if it was on the same switch, would be sent to the distribution switches ie. L3 switched.

It's worth noting that the phrase the book uses about L2 traffic being contained is a bit misleading because the links to the distribution switches are L2 but it really means traffic within the same vlan stays on the access switch.

So if a client in a vlan wants to talk to another client in the same vlan that traffic will never go to the distribution switches, that is what it is saying

To understand better compare it with a design where you had the same vlan on multiple access switches, whether using a L2 trunk between your distribution switches or a L3 link.

Now if a client connected to one access switch wanted to communicate with a client in the same vlan but connected to another access switch that traffic would have to go via the distribution switches but it would not be L3 switched because it is in the same vlan.

So you have extended the L2 vlan between switches and not all traffic going to the distribution switches is going to be L3 switched.

Hope that makes sense.

Jon

KRISTOF SLACHMUYLDERS · ‎12-10-2018

Thank you for this clarification. It was a bit misleading to me as well. The main catch is to understand that the L2 loop is no longer possible due to routed links at the distribution layer. I do understand however, why there's some confusion!