Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is the Distribution Layer Still Needed?

Posted by Cliff on from the it's-a-cisco-thang dept.

arnie_apesacrappin wonders: "I'm in the process of designing the network for a new building in what I would consider a small to medium sized company. It is on the scale of tens of access layer switches, not hundreds. There is a ongoing argument about the need for a distribution layer. My position is that with today's layer 2/3 switches in the core, the distribution layer is outdated for a network of this size. The layer 2/3 core can provide all the aggregation services of the old distribution layer and the routing/filtering functionality of the core with better price and performance. My opponents can only argue that having a distribution layer is the standard. So, are there good reasons for having a distribution layer in a small to medium network? If you were going to argue against the distribution layer, what points would you make?"

3 of 72 comments (clear)

  1. You don't need it by Anonymous Coward · · Score: 4, Informative

    To preface, I am a CCIE, so I know a little about these things.

    You are correct that the layer 3 switches offer a different perspective on how networks can be drawn today.

    It used to be that big switches would sit in the computer room, with clunky slow routers sitting on top of them, acting as Routers-On-a-Stick, with some sort of trunk connecting them to the core switch.

    I think the easiest design that will give you the most benefit would be to just trunk a link to whatever closet, and use a cheap layer 3 switch (perhaps Extreme or a similar variety) in the data closet, for end user hookups.

    Have gateways set up on the switch, use a default route pointing back to the core, and divide up the ports to whatever VLANs you ported over--I prefer to have a management VLAN and a few ports set up for that, maybe an extra one for SPAN/Mirroring if necessary.

    The end user traffic would likely never be routed until it reached the core, unless you'd like to trunk the core traffic over to the closet. Then the access layer switch could route to the core subnet if necessary and save the core switch(es) the effort of doing such routing. If you have a small business, it wouldn't make much difference either way--many chassis based layer 3 switches do 64Gb per second routing with their fabric, and it is unlikely anyone would notice a delay from the routing in the closet or in the core.

    Again, it depends on how you want it to look and how you want trouble shooting to be. But you are absolutely correct--a distribution layer is no longer necessary. I would consider it, really, to be the Core/Distribution and then Access Layers, or the Core and Distribution/Access Layers.

    You still are using the concept of the distribution layer, but it has merged with another layer, depending on your design.

    Oh, and don't forget about spanning tree :) You still need that.

  2. It's usually not needed in a network of that size by jsailor · · Score: 5, Informative

    You didn't state the size of your network other than to say small-to-mid size, but most small to mid-size networks can run fine without a distribution layer. You're also correct that it is an artifact of 1996-1999 switching technology limitations and large vendor propaganda that sells ports. You need to be careful about:

    1. how you link your merged core/distribution switches: if your access uplinks are layer 2, you then have to span VLAN across core/distribution switches. If you plan on having your access switches perform layer 3 routing look into the costs your vendor may charge for that functionality. Some charge as much as $10,000 for the license.

    2. Be careful you grow your VLANs and spanning trees. Definitely use per-VLAN spanning trees. Also seriously consider rapid spanning tree or vendor specific hacks (uplinkfast, backbone fast, etc.)

    3. Use server access switches. Seriously consider redundant control processors in these.

    4. Seriously consider redundant control and switch fabrics for the the core/distribution switches. In the three-layer model, this was not as much of a requirement. Also seriously consider the failover time associated with the redundancy you bought. Times ranges from stateful/1 second failover to 90 second reboots to the redundant processor.

    5. If you do layer 3 routing and the access layer be very careful with your routing protocol design and avoid black-holes. Run through all failure scenarios and make sure you're covered.

    6. Consider where you want to perform filtering for security, QoS, etc. By eliminating the distribution layer, you're forcing this the access layer. (arguably it belongs there, but think about how many places you'll be configuring and monitoring)

    7. Most importantly, consider the costs after you've considered the above. You may find out that you're not saving much. Most of my clients do save, but some find out that after they've added redundancy and possibly upgraded switch models they are close the same cost.

    8. Consider your support group. What are they used to? Can they adapt? Can they handle the added functionality that's been pushed to the core or access switches.

    Again, I have clients with 1500 nodes running fine with a combined core/distribution. I also have a clients with 200 nodes that mandated three layers. IMHO the break point is somewhere around 1000-1500. As always every place is different, be careful, plan and you'll be fine.

  3. I've designed just such a thing by Jjeff1 · · Score: 4, Informative

    For a school, they have 5 buildings on a campus. Within each building was 1 to 5 wiring closets. A total of 900 ports or so. Their requirements were simple, they wanted speed, multicast support, and some access control between VLANs. IP only.

    I'm a consultant and work with hardware from just about anyone, so it makes no difference who they bought. We were hired to design a network for this school using various vendors equipment. Primarily to compare costs.

    In the end, they went with a solution from HP. A single 5300xl in each building connected to a bunch of 48 port edge switches in each closet. Their server room has a 5300xl with a couple Gig blades and a second 48 port Gigbit switch.

    What really decided the issue was cost. They didn't need support for all the assorted protocols and features you get with cisco, and they didn't want to pay for it. With cisco, you had a 6500 series monster in the datacenter, then a distribution switch in each building, and a bunch of edge switches.

    The HP solution was well under a third of the cost of the cisco solution, also free lifetime next day replacement warranty on hardware. For the money they saved, they can afford to have a shelf full of spares, including a spare core switch.

    Personally, instead of looking at what model you want to use, look at what you need your network to do, then talk to your prefered vendors and see who can do it at the best price point.