The network diagram shows a Layer-2 diagram, the difference between this network design and the layer-1 design is that the Hubs (Layer-1) have been changed with Switches (Layer-2) and the colours now represent collision domains only (imagine each connected end-device with different link colours). That is because each switch port creates a separate collision domain thereby improving performance in a CSMA/CD LAN network (i.e. network segmentation).
Why use this design
With the relative inexpensive cost of switches these days it has become ideal to have every connected device on a separate switch port (10/100 or 10/100/1000) giving devices their own collision domains. This increases performance on the network by having each connected device on a separate collision domain. These factors mean that the above network design has become the stock standard production network for SOHO, SMB, Mid-Size and even Enterprise networks.
It scales better and easier, provides better performance with todays breed of software that demand more constant communication between Server and Client and allows for more options post-installation like QoS and Voice (Layer-3 Switches and a CME Router for a SMB install).
Why this design works
As mentioned a switch gives the inherit ability to break up collission domains but additionally through the use of virtual local area networks (VLANs) a switch can also break broadcast domains. VLANs also offer added security, and is one of the first steps to Voice on an IP network.
Why this design doesn’t work
If the design incorporates VLANs, communication between VLANs (inter-vlan) is impossible without a Layer-3 device on the network (router-on-a-stick) and trunk links between the switches.
Router-on-a-stick is the concept of routing traffic between two networks across the same network link (fastethernet or better). This concept basically encompasses two pieces of equipment a router and one or many switches. The basic configuration for 1 router and 1 switch is below.
The switch configuration for the VLANs will look something like this in global configuration mode create some VLANs:
switch(config)#vlan 100 name Sales
switch(config)#vlan 200 name Marketing
switch(config)#vlan 300 name Accounting
The switch interface connection will look something liks this:
switch(config)#!Remember to fill in the correct interface number for x/x/x
switch(config)#interface fastethernet x/x/x
switch(config-if)#description Switch to Router Trunk Link
switch(config-if)#switchport trunk encapsulation dot1q
switch(config-if)#switchport mode trunk
The router interface and sub-interface configuration will look something like this:
router(config)#interface fastethernet 0
router(config-if)#no ip address
router(config-if)#interface fastethernet 0/0.1
router(config-if)#description Native VLAN
router(config-if)#encapsulation dot1q 1 native
router(config-if)#interface fastethernet 0/0.100
router(config-if)#description Sales VLAN
router(config-if)#encapsulation dot1q 100
router(config-if)#ip address 192.168.1.1 255.255.255.0
router(config-if)#interface fastethernet 0/0.200
router(config-if)#description Marketing VLAN
router(config-if)#encapsulation dot1q 200
router(config-if)#ip address 192.168.2.1 255.255.255.0
router(config-if)#interface fastethernet 0/0.300
router(config-if)#description Accounting VLAN
router(config-if)#encapsulation dot1q 300
router(config-if)#ip address 192.168.2.1 255.255.255.0
That is Router-on-a-stick further future posts will deal with the different sections outlined above like creating VLANs, configuring 802.1q (dot1q), switchports, subinterfaces, etc. Just give me time, work and study make for little time in a day. Some further reading can be found here on the subject, its in bullet form and short hand but very usable and complete.
More negatives to this design would be that a connected device cannot be a member of more than one VLAN at any one time. It would be nice in certain situations to have it differently but that is not the case.
As the Layer 2 network increases in size the chances of bridging loops increase. Using the Spanning Tree Protocol (STP) fixes this problem.
This design as with all others if implemented incorrectly has many limitations in that when failure occurs (layer-2 or layer-3) a large part of the network still goes down; the objective in design is to minimize the impact of that failure on the rest of the enterprise network. This design doesn’t allow for explicit failure domains to be created with clearly defined network boundries; additionally broadcast and unicast (basic switch operation is if an unknown layer-2 destination MAC is requested flooding on all except one is the procedure. This means that although this design is better than the flat layer-1 design, it has many inherit problems.
NOTE: *I use the word drawback carefully as this is in one aspect a feature of security.
Devices in this design
A Router is a layer-3 device that is used to interconnect network segments or broadcast domains. Routers must be configured to work and don’t work out the box. Each interface on a router segments collision and broadcast domains for devices on that network attached to that interface.
A Switch is a layer-2 device that is used to interconnect network components (workstations, servers, printers, other hubs, switches, routers, etc). Out the box a switch creates a single broadcast domain but can create multiple broadcast domains (VLANs). Each port on a switch is a separate collision domain.
Notes and Notices:
This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.