Solved

To use Layer-2 or Layer-3 link between core switches

Posted on 2009-07-08
9
972 Views
Last Modified: 2012-05-07
Hi,

I am designing a network for a client and have a question regarding the design. They are a pretty small company and they currently have one Layer-3 3560G switch, I plan to get another and use a 2Gb etherchannel between them. Then I'll connect these core 3560G's to the access switches using a layer-2 trunk link.

My question is whether I use layer-2 or layer-3 communications between the 3560G's? If any experts can explain the pro's and con's of both of these then maybe that can help me make a decision. I was initially planning to use layer-3 routed links but after reading about spanning tree and PVST, I am now leaning more towards using a switched connection.

Of course, if you think that there is a better design I would be very happy to listen to your advice. Maybe to use layer-3 links to the access switches???

I have attached a diagram of what I plan to do.

Thanks a lot

Ally
New-Network-EE.jpg
0
Comment
Question by:ally0000
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 24802651
As with many design questions, there are not always "right" or "wrong" ways.

The quick answer in does a broadcast domain (IP subnet or VLAN) need to exist beyond a 3750 access switch? If it does, then you need to make the access-core links layer 2. If there are multiple VLANs on the access switch, then it needs to be a layer 2 trunk.

If you do not need a broadcast domain to exist beyond an access switch, then you can make the links layer 3.
0
 

Author Comment

by:ally0000
ID: 24803410
Hi,

There will only be workstations into the access switches and not more subnets or VLAN's. Would layer 2 not be faster and more efficient from the core to the access switches?

Also, what about the link between the 3560G core switches?

Thanks
0
 

Author Comment

by:ally0000
ID: 24804583
The main answer I need from this question is regarding the link between the 2 core switches....should they be a layer-2 etherchannel or a layer-3 routed link? What would be the benefits of layer-2 over layer-3 and vice-versa?

There are no VLAN's beyond the access switches and there are VLAN's on the access switches

Hope that's clear....thanks

0
 
LVL 3

Accepted Solution

by:
Magim_IT earned 250 total points
ID: 24811811
Hi,

This is a ideal design whereas physical connectivity is concern, below are my suggestions
1.      Both the 3560 can be in routing mode or non routing mode (switching mode), will act as core switches (L3)
2.      All 3750 will be in non routing mode, act as access switches (L2)
3.      All the links shown in the diagram will be trunks (this will enable you to make future changes without any downtime and make your network more scalable compare to routed links, the switching is always faster than routing)
4.      Links connected to both 3560 will be L2 etherchannel (truck)
5.      Dont forget to enable spanning tree so at a time only one link will be forwarding mode. For such small network PVST is not needed
If you want to use these as L3 links,
1.      Your network will be slow
2.      You will create unnecessary hops in your LAN
3.      Will create load on your switch because of routing protocol
4.      Management is complex
5.      Any change may cause downtime
6.      You cannot extend one VLAN from one to other switch (incase you are making the link as L3 links)
 
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 5

Assisted Solution

by:JanSc
JanSc earned 250 total points
ID: 24811820
Simply stated:

Use trunk between swicthes for layer 2, and use HRSP for L3 failover. Thats the way Cisco advices (many years ago)
You will have full L2 redundancy, using RSTP, towards the access layer and have Hot-standby for layer 3, per vlan. If you want to you can even have load balanced link-aggregation towards your access layer, when 3750 are stacked using stack cable.

On the other hand: Why not swap a few switches. Build a new core, based on 3750 and stackwise. Then L2 and L3 are fault tolerant and load-balanced. The 3560 can be reused for access-layer then,
0
 

Author Comment

by:ally0000
ID: 24812158
Thanks for the advice from you both, excellent stuff.

JanSc, I have amended my design to use the 3750's in the core and agree that is a better solution using the stackwise technology. When you said that this would make L2 and L3 fault tolerant and load-balanced, can you please explain the L3 part a little more.

The access switches are L2 are therefore use STP for fault tolerance however I am not sure how the L3 part is relevant? Do you mean that the L3 fault tolerance when these L3 switches connect to the other network devices further down the network path that I have not drawn in, for clairity?

Thanks a lot, great stuff.
0
 
LVL 5

Expert Comment

by:JanSc
ID: 24812273
OK,

2 switches stacked together gives fault toerance L2 solution. Since the 3750 has L3 routing capabilities as well, stackwise gives L3 routing over the stack of 2 or more (max 8) switches.
So, when 1 switch fails, the other ones will route L3 traffic. This is the superior way to create a redundant IP gateway for your lan.

When using the 3560 for routing (L3), only one switch will become the active router. HSRP (hot-standby-routing-protocol) will check if the routing function is available, and when not the other switch will take over. Both switches have their own IP adress, and share a HSRP adress, virtual one, as gateway for the lan.
BTW: this has nothing to do with STP, RSTP or whatsoever on L2.

Using 3750 stack technology can even bring you load-balanced connections towards the access-layer. When you stack the 3750's in the access layer, they become "one switch", same as the core switch.
Now you can link the core to the access in a one-on-one relation, using trunks (dynamic LACP is handy, and perfect solution). RSTP and STP give active-passive links towards access layer, so only one part is used. I hate to invest in dead copper or fiber ports...., therefore a stacking technology gives me a better feeling. All you have to do is buy stack cables, (or 3Com 4500 switches, since they can stack through cheap copper ports on cheap switches. 3750 in access layer is overdone most times)



I think you don't need L3 in access-layer, so only core has L3 function.

clear? If not, let me know.
0
 
LVL 3

Expert Comment

by:Magim_IT
ID: 24812421
As JanSc said, If you are using 3750 stack at core then you can also configure etherchannel for links between core and access, you will get more throughput and can make use of the redundant link.
0
 

Author Comment

by:ally0000
ID: 24812439
Thanks guys, the answers are exactly what I need....Ally
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
There are times where you would like to have access to information that is only available from a different network. This network could be down the hall, or across country. If each of the network sites have access to the internet, you can create a ne…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now