Cisco Networking Academy ProgramChapter 3Campus Network Architecture
Virtual Local Area Network (VLAN)•A VLAN is a logical group of end devices.•Broadcasts are contained within VLANs.•Modern design has 1 VLAN = 1 IP subnet.•Trunks carry multiple VLAN tags in order to transport multiple VLANs.•Layer 3 devices interconnect VLANs.
End-to-End VLANs•A single VLAN that is associated with switch ports widely dispersed throughout an enterprise network on multiple switches•Each VLAN is distributed geographically throughout the network. •Users are grouped into each VLAN regardless of the physical location, theoretically easing network management.•As a user moves throughout a campus, the VLAN membership for that user remains the same.•Switches are configured for VTP server or client mode.
Local VLANs•Users of geographically common switches are grouped into a single VLAN, regardless of the organizational function of the users•Create local VLANs with physical boundaries in mind rather than job functions of the users. •Local VLANs exist between the access and distribution layers. •Traffic from a local VLAN is routed at the distribution and core layers. •Switches are configured in VTP transparent mode (or VTP is disabled completely). •Spanning tree is used only to prevent inadvertent loops in the wiring closet.•One to three VLANs per access layer switch recommended.
Benefits of Local VLANs•Deterministic traffic flow: The simple layout provides a predictable Layer 2 and Layer 3 traffic path throughout the network.•Active redundant paths:When implementing Rapid Per VLAN Spanning Tree (RPVST) or Multiple Spanning Tree Protocol (MSTP), all links can be used to make use of the redundant paths.•High availability: Redundant paths exist at all infrastructure levels. •Local VLAN traffic on access switches can be passed to the building distribution switches across an alternative Layer 2 path if a primary path failure occurs. •A First Hop Redundancy Protocol (FHRP) can provide failover if the default gateway for the access VLAN fails.•Layer 2 and Layer 3 redundancy measures and protocols can be configured to failover in a coordinated manner.•Finite failure domain:If VLANs are local to a switch block, and the number of devices on each VLAN is kept small, failures at Layer 2 are confined to a small subset of users. •Scalable design:Following the enterprise campus architecture design, new access switches can be easily incorporated, and new sub-modules can be added when necessary.
VLANs in Enterprise Campus Design•VLANs used at the access layer should extend no further than their associated distribution switch.•Traffic is routed from the local VLAN as it is passed from the distribution layer into the core.