R&M Data Center Handbook
R&M Data Center Handbook
R&M Data Center Handbook
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
www.datacenter.rdm.com<br />
3.3.2. Access Layer<br />
The Access Layer creates the connection to terminal devices such as PCs, printers and IP phones, and arranges<br />
access to the remainder of the network. This layer can include routers, switches, bridges, hubs and wireless<br />
access points for wireless LAN. The primary purpose of the Access Layer is to provide a mechanism which<br />
controls how devices are connected to the network and which devices are allowed to communicate in the network.<br />
For this reason, LAN switches in this layer must support features like port security, VLANs, Power over Ethernet<br />
(PoE) and other necessary functionalities. Switches in this layer are often also known as Edge Switches.<br />
Multiple access switches can often be stacked with one another into one virtual switch, which can then be<br />
managed and configured through one master device, since the stack is managed as one object.<br />
Manufacturers sometimes also offer complete sets of security features for connection and access control. One<br />
example of this is a user authentication system at the switch port in accordance with IEEE802.1x, so only<br />
authorized users have access to the network, while malicious data traffic is prevented from spreading.<br />
New Low Latency Switches specifically address the need for I/O consolidation in the Access Layer, for example in<br />
densely packed server racks. Cabling and management are simplified dramatically and power consumption and<br />
running costs drop while availability increases. These switches already support Fibre Channel over Ethernet<br />
(FCoE) and thus the construction of a Unified Fabric. Unified Fabric combines server and storage networks into<br />
one common platform that can be uniformly administered, which paves the way for extensive virtualization of all<br />
services and resources in the data center.<br />
Product example from Cisco<br />
3.3.3. Aggregation / Distribution Layer<br />
The Aggregation Layer, also known as the Distribution Layer, combines the data that was received from the<br />
switches in the Access Layer before they are forwarded on to the Core Layer to be routed to the final receiver.<br />
This layer controls the flow of network data with the help of guidelines and establishes the broadcast domains by<br />
carrying out the routing functions between VLANs (virtual LANs) that are defined in the Access Layer. This routing<br />
typically occurs in this layer, since Aggregation Switches have higher processing capacities than switches in the<br />
Access Layer. Aggregation Switches therefore relieve Core Switches of the need to carry out this routing function.<br />
Core Switches are already used to capacity for forwarding on very large volumes of data. The data on a switch<br />
can be subdivided into separate sub-networks through the use of VLANs. For example, data in a university can be<br />
subdivided by addressee into data for individual departments, for students and for visitors.<br />
In addition, Aggregation Switches also support ACLs (Access Control Lists) which are able to control how data are<br />
transported through the network. An ACL allows the switch to reject specific data types and to accept others. This<br />
way they can control which network devices may communicate in the network. The use of ACLs is processorintensive,<br />
since the switch must examine each individual packet to determine whether it corresponds to one of the<br />
ACL rules defined for the switch. This examination is carried out in the Aggregation Layer, since the switches in<br />
that layer generally have processing capacities that can manage the additional load. Aggregation Switches are<br />
usually high-performance devices that offer high availability and redundancy in order to ensure network reliability.<br />
Besides, the use of ACLs in this layer is comparatively simple. So instead of using ACLs on every Access Switch<br />
in the network, they are configured on Aggregation Switches, of which there are fewer, making ACL administration<br />
significantly easier.<br />
Combining lines contributes to the avoidance of bottlenecks, which is high importantly in this layer. If multiple<br />
switch ports are combined, data throughput can then be multiplied by their number (e.g. 8 x 10 Gbit/s = 80 Gbit/s).<br />
The term Link Aggregation is used in accordance with IEEE 802.1ad to describe switch ports that are combined<br />
(parallel switching), a process called EtherChannel by Cisco and also trunking by other providers.<br />
Due to the functions they provide, Aggregation Switches are severely loaded by the network. It is important to<br />
emphasize that these switches support redundancy, for purposes of their availability. The loss of one Aggregation<br />
Switch can have significant repercussions on the rest of the network, since all data from the Access Layer are<br />
forwarded to these switches. Aggregation Switches are therefore generally implemented in pairs so as to ensure<br />
their availability. In addition, it is recommended that switches be used here that support redundant network<br />
components that can be replaced during continuous operation.<br />
R&M <strong>Data</strong> <strong>Center</strong> <strong>Handbook</strong> V2.0 © 08/2011 Reichle & De-Massari AG Page 55 of 156
Change language