Routing/Layer 3 Switching
As this chapter has already mentioned many times, Layer 3 switching is a key ingredient in most successful large campus networks. This section elaborates on some issues specific to Layer 3 switching.
Strive for Modularity
One of the primary benefits of using Layer 3 technology is that it can create a high degree of modularity in a design. For instance, Figure 15-11 illustrates a typical two-building campus using the multilayer model.
Figure 15-11. Using a Layer 3 Barrier to Create a Modular Design
The Layer 3 barrier created by the routing function embedded in the MDF switches separates each building from the core. The primary benefits of this technique are:
- The modularity allows for cookie-cutter designs. Although the IP addresses (as well as other Layer 3 protocol addresses) change, each distribution block can be implemented with almost identical switch and router code.
- The network is very easy to understand and troubleshoot. Technicians can apply most of the same skills used for managing and troubleshooting router and hub networks.
- The network is highly scalable. As new buildings or server farms are added to the campus, they merely become new distribution blocks off the core.
- The network is very deterministic. As devices or links fail, the traffic will failover in clearly defined ways.
Although some degree of modularity can be created with more Layer 2-oriented designs such as campus-wide VLANs, it is much more difficult to get the separation required for true modularity. Without a Layer 3 barrier of scalability, the Layer 2 protocols tend to become intertwined and tightly coupled. Consequently, it becomes more difficult to grow and rearrange the network.
When to Use MLS (and Routing Switches)
The routing switch (MLS) form of the multilayer model is most appropriate when you want to maintain a strong Layer 2 component within each distribution block. By doing so, MLS allows the feature-rich Layer 2 Catalysts to flourish. Options such as VTP and PVST can all be very useful in this environment. Also, by maintaining this strong Layer 2 orientation, you can easily place a single VLAN on multiple IDF/access layer wiring closets (8500s require bridging/IRB to accomplish this). Furthermore, MLS has excellent support for multiprotocol routing, as well as combining routing and bridging within the same device. For more information on the specific benefits and configuration commands for MLS, see Chapter 11, Chapter 14, and Chapter 17.
When to Use Switching Routers (8500s)
Whereas MLS maintains a Layer 2 flavor within the distribution block, switching routers go to the opposite extreme. Switching routers such as the Catalyst 8540 are most easily configured and maintained when functioning as a pure router. Although they do support bridging through the use of IRB and bridge groups, extensive use of these features can lead to configurations that are difficult to maintain.
Instead, by using these devices as very high-speed routers, they can dramatically simplify network design. Issues and problems associated with Spanning Tree all but disappear. Traffic flows become highly deterministic. Support personnel accustomed to working in the traditional router and hub model find switching router designs easy to support and troubleshoot. The superior support of IP multicast technology at Layer 3 provides an excellent migration path to the future.
As with MLS, more information can be found on the pros and cons of switching routers in Chapters 11, 14, and 17.
When to Use IRB
In short, use IRB only when you have to. It is not that IRB is a bad feature. In fact, IRB is a very flexible technology for combining Layer 2 and Layer 3 traffic and it allows precise control over how both bridged and routed traffic is handled. The problem is more likely to be a human one—IRB can be difficult to understand, support, and design.
When considering the use of IRB, also take into account the following issues:
- An advantage to doing IRB on hardware-based platforms such as the Catalyst 8500 is that it can be performed at wire speed (the software-based routers are currently limited to fast-switching speeds).
- There is a limit to the number of Bridged Virtual Interfaces (BVIs) that the IOS supports (currently 64).
- Some features are not supported on BVIs. Because the list is constantly changing, check the release notes or place a call to Cisco’s TAC.
When deciding where to utilize IRB, try to use it only as a tool for specific niche issues—for example, if you need to place several directly-connected servers into a single VLAN or if there is a VLAN that absolutely must transit a switching router.
- Tip
If your design calls for the extensive use of IRB, consider using the Catalyst 6000 “Native IOS Mode” detailed in Chapter 18. In general, it will result in a network that is considerably easier to configure and maintain.
Limit Unnecessary Router Peering
When using routers in VLAN-based networks, it can be important to reduce unnecessary router peering. For example, consider cases such as those illustrated in Figure 15-7 and Figure 15-10. Assume that these routers connect to 30 wiring closet VLANs via ISL or 802.1Q trunks. By default, the routers will form 30 separate adjacencies, wasting valuable router memory and processor power. By listing all or most of these VLANs as passive interfaces for the routing protocol, this can dramatically reduce this unnecessary peering. For wiring closet VLANs where no other routers are located, all VLANs should be removed.
- Tip
Reducing unnecessary peering can be especially important with Catalyst 8500 routers and the Catalyst 6000 MSM.
Load Balancing
As discussed in the Spanning Tree sections, the style of load balancing that is needed depends primarily on the type of Layer 3 switching that is in use. To summarize the earlier discussion, MLS generally requires that a combination of Spanning Tree and HSRP load balancing techniques be used within the distribution block. When using switching routers, MHSRP should be used.
Also, Layer 3 switches automatically load balance across the campus core if equal-cost paths are available.
Try to Use Only Routable Protocols
Unless it is absolutely necessary, try to pass only routable protocols through your Layer 3 switches. This is most often accomplished by relegating non-routable protocols to a single VLAN. If you are migrating to a new network infrastructure, consider leaving the non-routable traffic on the old infrastructure. The lagging performance of that network serves as an incentive for users of non-routable protocols to upgrade to an IP-based application.