Most campus networks have a 3 Tier setup with 3 distinct layers
Access Layer
Where user connect and we have ports that belong to certain VLAN's. Not much routing done here. So here we can have PC's, Printers, VOIP phones. This is where we see our 2960 switches located. We have multiple uplinks to distro switches. QOS is applied here, we can have Port Security here.
Distribution layer
This is where the layer 3 switches are located. The Access switches will meet up here and there are uplinks to the Core Switches. We also Run HSRP/VRRP/GLBP here. Etherchannel is also ran here. This is also where we would summarize addresses to make the routing table smaller.
Core Layer
The most powerful devices and we usually like to have little policy here we like to forward packets as fast as possible. Usually no access list or QOS.
Stay Tuned for more.
We use those building blocks cause its easy to replicate and expand on if we need changes. Blocks can be added or removed with Ease. T/S is also easier as we can isolate faults in individual blocks.
Can you access your VPN in that network?
ReplyDeleteus vpn
Timmy, I think they can access it from that kind of network. We should thank him for this article.
ReplyDeleteChicago Data Center