So I’ve just started to read the ARCH book and I want to do some posts to help with
my understanding but I’m also very interested in hearing from you readers what
kind of design you like and why. Post in the comments which design you would prefer
and why you prefer it.
So this post is about designing the access to distribution layer. I will show a
couple of different ways of designing this block and give my point of view on
the advantages and disadvantages of each.
First out we have the layer 2 loop free design.
The links between the access and distribution layer are layer 2 trunks but the
link between the distribution switches is layer 3.
All links are forwarding.
No bridging loops possible.
Fast convergence, only dependent on FHRP.
Load balancing possible by tweaking STP and FHRP.
Can’t stretch VLANs across multiple switches.
FHRP traffic must pass through the access layer switch.
This is a good design because we have no layer 2 loops. This also means that we
will have faster convergence in case of a failure since we are not relying on
spanning tree to reconverge. Often it is not possible to use this design because
we have the need to stretch VLANs across multiple switches. Maybe we always have one
VLAN for management, or the same VLAN is used for voice or some requirement like that.
That would keep us from using this design.
Then we have the layer2 loop design. This is the traditional design that is probably
most commonly deployed.
Can use any VLANs we like and stretch them across multiple switches.
Possibility for bridging loops.
Dependent on both STP and FHRP convergence.
Not all links forwarding.
So this is the one most of us uses I think. It’s easy and comfortable and you can
spread your VLANs. You pay by risking bridging loops and you aren’t utilizing
all of your links.
Then we have the layer 3 routed access design.
No risk of bridging loops.
Spanning tree not necessary on ISLs.
No need for FHRP.
More expensive solution to run layer 3 in access layer.
Can’t span VLANs across multiple switches.
This solution is really nice if you can fit it in your budget. You will only rely on IGP
for convergence and you get rid of spanning tree almost entirely. You also don’t need
to run a FHRP since now your default gateway is on the access layer device.
If we have Catalyst 6500 with VSS or something like stacked 3750s in the distribution
layer then we can run a Multichassis EtherChannel (MEC) which would make the two links
to the distribution appear as one logical and we would have more bandwidth and no
blocking links. It would look like this.
So now I’m interested in hearing from you readers which one you like best and which
one you use. Argument why you prefer the one that you use. Are you seeing much layer 3 in
future designs or are you still stuck with L2?