Network Design Principles (IPv6)

This topic covers the following subjects:

■ Network design principles: This section reviews the three pillars needed to design enterprise networks: modularity, hierarchy, and resiliency. The subsequent sections extend these concepts by segmenting the enterprise network into multiple blocks. The subsequent sections go into details of each of these modules.

■ Enterprise core network design: This section reviews the need for a core layer and the design considerations for this layer.

■ Enterprise campus network design: This section reviews different design options in the campus network for the access-distribution blocks.

■ Enterprise network services design: This section outlines the need for network services as enterprises look into going from a native IPv4 deployment to a dual-stack IPv4/IPv6 design.

■ Enterprise data center network design: This section reviews the network designs used in a data center network and the features configured in each layer. This section examines the designs used in a storage-area network.

■ Enterprise edge network design: This section discusses the network design and services of the enterprise edge network, which include head-office WAN aggregation, Internet access, and branch network.

Early computer networks used a flat topology in which devices were added when and where required. These flat network topologies were easier to design, implement, and maintain as long as the number of network devices were small. Adding more and more hosts to this network raised significant challenges in terms of troubleshooting network problems for lack of fault isolation. These flat networks also posed design challenges when it came to connecting a large number of hosts.

Given the challenges with flat networks, enterprises went through iterations of network designs that would not only help them scale as their organizations grew but also provide fault domain isolation. As a result, the network designs became more modular, hierarchical, and resilient. These three concepts hence became the foundation of any good network design.

This topic outlines the three pillars of a good network design—modularity, hierarchy, and resiliency—and extends these concepts to segment the enterprise network into simpler multiple building blocks, including enterprise core, campus, network services, data center, and edge (Internet, remote Access, WAN, and branch). The topic also describes design considerations for each of these building blocks, enabling network designers and architects to carefully review the various design options and extend these design principles in their own enterprise network designs.

Business applications have evolved over the years from the simplest form of client/server to more user interactive. These business applications now leverage technologies such as voice, video, and wireless. The adoption of collaborative, interactive applications has created a significant shift in the perception and the requirements of the enterprise network. The evolving business landscape now requires the enterprise network to provide the following:

■ User experience for collaboration applications: The use of collaboration, real-time communication, single-sign-on, and mobility applications is growing, with a positive and engaging user experience being one of the top priorities.

■ Supporting diverse end-user device types: Enterprises have seen an increased adoption of wireless devices (including Wi-Fi-enabled laptops and smartphones) and thin-client terminals in addition to the traditional personal computers (PC) and IP phones.

■ Network resiliency and improved convergence times: Business operations that adjust to globalization and continue to operate 24 hours a day, 365 days a year require a resilient network infrastructure that ensures access to business applications during a network upgrade or failure.

■ Pervasive security: Over the years, security threats have grown in number and complexity, requiring the network security to evolve and support distributed and dynamic application environments. The need for flexible partner and guest access is increasing as business partnerships evolve.

The enterprise network is the infrastructure that interconnects end users and devices. It can span a single floor in a building, multiple floors in a building, or multiple buildings spread across a geographic area. The network is a high-speed fabric that provides basic connectivity and offers a resilient, secure, easy-to-manage network services fabric needed to run business-critical applications. The enterprise network is designed keeping three principles in mind:

■ Modularity

■ Hierarchy

■ Resiliency

The following sections describe each principle in detail.


Modularity is one of the fundamental principles of a structured network that defines the enterprise network as an assembly of multiple building blocks designed separately using a systematic approach and applying hierarchy and redundancy where appropriate.

Increased modularity in a network design has self-contained network blocks to support a specific function or set of functions. Therefore, an outage, upgrade, or any change in one module will be limited to its own boundaries. With a modular network design, network services can be selected on a per-module basis but would need to be validated as part of the overall network design. As shown in Figure 2-1, the enterprise network consists of the following modules:

■ Enterprise core: The enterprise core module is the network backbone that interconnects the campus, data center, edge, and network services modules. Without the core, all other modules would be isolated, requiring that the core of the network provide nonstop 24x7x365 service. The core layer should be designed to have appropriate levels of redundancy and fault tolerance to ensure immediate data-flow recovery in the event of network component failure. Along with fault tolerance, the network core design should also provide fast convergence and load balancing to make optimum use of all the network elements within the core.

■ Enterprise campus: The campus module contains all network elements for independent operation, providing network connectivity between the end users, devices, and the enterprise core. This module can be further broken into multiple layers based on the required functionality and services. An enterprise can also have more than one campus block within the same geographical location, depending on the number of users within the location.

■ Enterprise data center: The data center module consists of three key elements: compute (servers), network (Ethernet switches), and storage (Fibre Channel) devices. The data center module has large compute devices in the form of server farms that host business applications. These server farms typically connect to both the Ethernet switching infrastructure and to the Fibre Channel storage network, although the use of a unified storage connection technology such as Fibre Channel over Ethernet (FCoE) is rapidly growing in popularity. The data center network enables users to connect to the business applications hosted on the server farms. The storage network can include Fibre Channel switches that interconnect Fibre Channel hosts, iSCSI devices to the server farms, and/or products that support the Cisco Unified Fabric solution, which supports collapsing Fibre Channel and Ethernet onto the same infrastructure.

Modular Network Design Example

Figure 2-1 Modular Network Design Example

■ Enterprise edge: The enterprise edge module includes the Internet, remote access VPN, and WAN modules that connect the enterprise to a service provider network. The enterprise edge contains all the network elements for efficient and secure communications between the enterprise campus and remote locations, business partners, mobile users, and the Internet. The edge module aggregates the connectivity from various remote sites, filters traffic, and routes the traffic into the enterprise campus.

■ Network services: The network services module is relatively a new concept in the enterprise network. The network services module includes both IPv4 and IPv6 services required for unified communication, mobility, and user authentication. Most enterprises typically do not have a dedicated network services block defined, but it is integrated well within the data center. However, the network service module does provide a significant advantage to enterprises deploying IPv6 but cannot fully deploy a dual-stack IPv4/IPv6 network on day one. Those enterprises need to temporarily build and overlay the network as an interim solution to interconnect IPv6 hosts over a non-IPv6-enabled network. By consolidating these services within a single network services module, architects would not require running multiple tunnels across the entire network during the migration to dual-stack.

The smaller building blocks of a modular network design are easy to manage and provide the following benefits:

■ Ease of management: With a modular network design, each module can be managed separately, and specific tools can be used to manage all network entities within each module. By having self-contained functionalities in each module, the manageability of each module is contained.

■ Fault isolation and troubleshooting: These functional modules provide boundaries that can be aligned with functional or organizational support structures.

■ Improved flexibility: Modularity facilitates changes as network devices are required for upgrade. The cost of making an upgrade is contained to a small subset of devices or a user segment requiring the enhanced functionality.

■ Reduced operational expenses (OpEx): The modules break down the network into smaller components that are simpler and easier to understand. Simplicity helps expedite the design implementation and reduces training for network operations. Easy validation of network designs can be done because of clear, discrete functionality at every layer.

■ Simplified product selection: Modularity enables you to map the purchase of the appropriate network device to the appropriate network layer, thereby avoiding the need to spend capital on unnecessary features.

Because each module is independent of each other, an outage, upgrade, or any change in one module will be limited to its own boundaries.


Hierarchy is one of the key pillars for a good network design. Each module described in the previous section requires having hierarchy and resiliency built into the network design. For the business environment and underlying communication to continue to evolve, the network designs must be adaptive enough to roll out new end devices and applications, or increase capacity without going through a major forklift upgrade. This network design flexibility has evolved from the traditional flat networks to a hierarchical topology with discrete layers, where each layer has a specific role that enables the network architect to choose the right platform and enables the required functionalities for that layer. These layers have functional characteristics and provide boundaries to failure domains. Each layer has unique functions and separate modules for providing network services.

Hierarchical Network Design

Figure 2-2 Hierarchical Network Design

A typical enterprise campus has three layers (as shown in Figure 2-2):

■ The core layer provides optimal transport between sites and interconnects the different distribution layer resources along with providing connectivity to the data center resources and Internet access through the edge network.

■ The distribution layer connects network services to the access layer and implements policies regarding security, traffic loading, and routing.

■ The access layer provides connectivity to the end users and devices.

A hierarchical network design provides a number of advantages, even though the costs of having such a design can be expensive compared to the flat network topologies. These advantages augment the functionality of the network and appropriateness of the model to address network design goals. Key benefits of the hierarchical network design include

■ Scalability: By having a hierarchical network design, it is easier for the network architects to replicate each of the modules as the enterprise network grows. As shown in the previous models, scalability is frequently limited in network designs that do not use the three-tier model. Although there might still be limitations in the hierarchical model, the separation of functions within the network provides natural expansion points without significantly impacting other portions of the network.

■ Flexibility: The structured hierarchical design inherently provides a high degree of flexibility because it enables staged or gradual changes to each module in the network independently of the other modules. Changes in core transport can be made independently of the distribution layer. Changes in the design or capacity of the distribution layer can be implemented in a phased or incremental manner. Additionally, as a part of the overall hierarchical design, the introduction of the services block module into the architecture is specifically intended to address the need to implement services in a controlled fashion. Key areas to consider for a hierarchical network design include the following:

■ Control plane flexibility: Enable migration between Layer 2 (Spanning Tree) and Layer 3 (routing) protocols.

■ Forwarding plane flexibility: The capability to support the introduction and use of IPv6 as a parallel requirement alongside IPv4.

■ User group flexibility: Enable network access and associated services within the network to support administration involving acquisition, partnering, or outsourcing of business functions.

■ Traffic management and control flexibility: Collaborative applications evolution requires campus designs to provide a simplified mechanism for flow monitoring and troubleshooting.

■ Flexible security architecture: The security architecture should adapt to the changing traffic patterns being driven by new applications deployed.

■ Easier implementation: As the hierarchical model divides the network into logical and physical sections, it is easier for architects to deploy network entities without disrupting the existing infrastructure. For example, in a campus design, new access switches can be deployed and connected to the distribution without any network disruption to the existing access switches and users connected to those access switches.

■ Easier troubleshooting: It is easier to troubleshoot network issues in a hierarchical network design given that the faults are isolated within a single domain. For example, a routing loop at the distribution block would impact only the connected access switches and not other distribution blocks.

■ Ease of manageability and capacity planning: Capacity planning is generally easier in the hierarchical model because the need for capacity usually increases as data moves toward the core. Hierarchically designed networks are usually easier to manage because of these other benefits. Predictable data flows, scalability, independent implementations, and simpler troubleshooting all simplify the management of the network.

The enterprise campus and data center sections discuss the three layers of the hierarchical model in more detail.


In addition to building modular and hierarchical network designs, it is important for network architects to consider resiliency along every step of the network design. Integrating resiliency to avoid single points of failure is key for ensuring high availability and business continuity. The coordinated use of resiliency capabilities within the switch, link, and network designs is required across all the different modules and layers that have been discussed previously. For example, enabling redundant supervisors in the access layer can ensure business continuity even when the active supervisor fails. This helps ensure that there is no impact to network convergence on the distribution layer (for both Layer 2 and routed access deployments).

Adding resiliency to the design might require the use of new features, but it is often just a matter of how you choose to implement your hierarchy and how you configure the basic Layer 2 and Layer 3 topologies.

The following sections now take the three guiding principles—modularity, hierarchy, and resiliency—to discuss network designs for each of the different modules: enterprise core, enterprise campus, enterprise network services, enterprise data center, and enterprise edge (head office WAN, Internet access, and branch network).

Next post:

Previous post: