- Cisco's 3 Layered Model
-
Over years of building network equipment, Cisco Systems has developed a three-layered model. Starting with the basics, the Cisco network is traditionally defined as a three-tier hierarchical model comprising the core, distribution, and access layers. Cisco both developed their system according to this model and recommend their end-users to follow the same philosophy. Cisco's three-layered model is a widely used network model, besides the OSI Layered Model and TCP/IP Layered Model[5]. Cisco also highlighted the importance of the Cisco three-layered model in its famous CCNA certifications.
Contents
History
The Cisco three-layered model originates from the enterprise campus network [1] which has evolved over the last 20 years.
Early LAN-based computer networks were made of a small number of simply connected servers, PCs and printers. The first generation of campus networks came into form by interconnecting these LANs. Problems in one area of the network frequently impacted the entire network and a failure in one part of the campus often affected the entire campus network.
To address the above problems, Cisco borrowed the structured programming design principle from software engineering. Based on two complementary principles: hierarchy and modularity, large complex Cisco systems must be built using a set of modularized components that can be assembled in a hierarchical and structured manner. The hierarchy is Cisco's three-layered Model.
Description of Cisco layers
Core layer
The core layer is literally the internet backbone, the simplest yet most critical layer. The primary purpose of the core is to provide fault isolation and backbone connectivity; in other words, the core must be highly reliable and switch traffic as fast as possible. Therefore, on one hand, the core must provide the appropriate level of redundancy to allow fault tolerance in case of hardware or software failure or upgrade; on the other hand, the high-end switches and high-speed cables are implemented to achieve High data transfer rate and Low latency period.
The core means to be simple and provides a very limited set of services. Architects and engineers shouldn't implement complex policy services or attach user/server connections directly at this layer.
Examples of core layer Cisco equipment include [2]:
- Cisco switches such as 7000, 7200, 7500, and 12000 (for WAN use)
- Catalyst switches such as 6000, 5000, and 4000 (for LAN use)
- T-1 and E-1 lines, Frame relay connections, ATM networks, Switched Multimegabit Data Service (SMDS)
Distribution layer
The distribution layer acts as an interface between the access layer and the core layer. The primary function of the distribution layer is to provide routing, filtering, and WAN access and to determine how packets can access the core, if needed [3].
While core layer and access layer are special purpose layers[4], the distribution layer on the other hand serves multiple purposes. It is an aggregation point for all of the access layer switches and also participates in the core routing design. This layer includes LAN-based routers and OSI layer 3 switches. It ensures that packets are properly routed between subnets and VLANs.
Access layer
The access layer is sometimes referred to as the desktop layer. The network resources the workgroup and users needed will be available locally.
The access layer is the edge of the entire network, where a wide variety of types of consumer devices such as PCs, printers, cameras attach to the wired portion of the network, various services are provided, and dynamic configuration mechanisms implemented. As a result, the access layer is most feature-rich layer of the Cisco three-layered model.
The following table lists examples of the types of services and capabilities that need to be defined and supported in the access layer of the network.
Examples of Types of Service and Capabilities[1] Service Requirements Service Features Discovery and Configuration Services 802.1AF, CDP, LLDP, LLDP-MED Security Services IBNS (802.1X), (CISF): port security, DHCP snooping, DAI, IPSG Network Identity and Access 802.1X, MAB, Web-Auth 802.1X, MAB, Web-Auth QoS marking, policing, queuing, deep packet inspection NBAR, etc. Intelligent Network Control Services PVST+, Rapid PVST+, EIGRP, OSPF, DTP, PAgP/LACP, UDLD, FlexLink, Portfast, UplinkFast, BackboneFast, LoopGuard, BPDUGuard, Port Security, RootGuard Physical Infrastructure Services Power over Ethernet References
Categories:
Wikimedia Foundation. 2010.