Resolution to the Challenge – Part 2 with Mohamed Sobair

 

A Campus LAN Design – Part 2

 

On the previous blog, “Second Design Challenge with Virgilio Spaziani” I proposed a network design challenge, and I hope you had fun with it. Now it’s time for its solution walk-through using the methodology described on the “Now What?” blog.

 

 

 

List all of the explicit and implicit business and technical requirements in this challenge

Below are the business requirements to resolve the challenge. It’s very important to recognize them as they will drive you to select the more “right” answers.

  1. support multicast application
  2. make the core routing table as small as possible
  3. guarantee symmetrical routing across the Access-Distribution trunk
  4. convergence under 1 sec for the Access-Distribution switching block

 

List all of the explicit and implicit constraints in this challenge:

  1. use EIGRP as Distribution-Core protocol
  2. use Layer 2 switches on access layer
  3. not to use QoS on access layer
  4. use PIM SSM for multicast
  5. use the proposed addressing plan
  6. use the proposed switching block scheme
  7. not to use STP to make Layer 2 path decisions

 

Compare and contrast all options side-by-side against the requirements and constraints

 

Step 1.

Since a decision needs to be made, the table below helps by summarizing all of the requirements and all the proposed solutions to resolve the first step of the challenge.

Each solution meets requirements 1, 2 and 3, as well as constraints 1, 3, 4, 5 and 6, so those are not listed here. Let’s analyze the remaining requirements and constraints.

 

RequirementsRSTP – Layer 2 Loop Free + SummarizationRSTP – Layer 2 LoopedLayer 3 AccessFlexLink
convergence under 1 sec for the Access-Distribution switching blockYesYesYesYes
use Layer 2 switches on access layerYesYesNoYes
not to use STP to make Layer 2 path decisionsYesNoYesYes

 

Justify the option chosen (why correct) and the options not chosen (why incorrect)

In design, there may be more than one way to fulfill requirements, and the design options that meet all requirements and constraints in this challenge are RSTP – Layer 2 Loop Free + Summarization and FlexLink. This is a similar to a branch question where two options are correct, and the children questions depend on your selection on the parent.

 

RSTP – Layer 2 Loop Free + Summarization (why correct)

Convergence under 1 sec for the Access-Distribution switching block

In certain circumstances RSTP can converge in less than 1 second. This solution is not based on RSTP timers, however, since RSTP is not used as the path selection mechanism.

Use Layer 2 switches on access layer

This solution matches the requirement.

Not to use STP to make Layer 2 path decisions

STP is used in this solution but not as the path selection mechanism, only to prevent switching loops on access and distribution devices due to potential human error.

 

RSTP – Layer 2 Looped (why incorrect)

Convergence under 1 sec for the Access-Distribution switching block

In certain circumstances, RSTP can converge in less than 1 second.

Use Layer 2 switches on access layer

This solution matches the requirement.

Not to use STP to make Layer 2 path decisions

This solution is based on STP for the path selection, therefore this requirement is not met.

 

Layer 3 Access (why incorrect)

Convergence under 1 sec for the Access-Distribution switching block

EIGRP can meet a sub-second convergence.

Use Layer 2 switches on access layer

This solution doesn’t meet the requirements by definition.

Not to use STP to make Layer 2 path decisions

EIGRP is used for path selection, not STP.

 

FlexLink (why correct)

Convergence under 1 sec for the Access-Distribution switching block

FlexLink failover is under 1 second in certain platforms.

Use Layer 2 switches on access layer

This solution meets the requirement.

Not to use STP to make Layer 2 path decisions

FlexLink disables STP on the FlexLink ports.

 

 

Step 2:

Justify the options chosen (why correct) and the options not chosen (why incorrect)

 

Blog20-Figure 1.jpg

Figure 1: If you chose “RSTP – Layer 2 Loop Free + Summarization”, the checkboxes are set like this.

Blog20-Figure 2.jpg

Figure 2: If you chose “FlexLink”, the checkboxes are set like this.

 

Support multicast application

RP unchecked at all devices - PIM SSM doesn’t require RP placement.

Multicast routing checked on Core and Distribution devices - For the forwarding plane.  Access devices are pure Layer 2 switches.

PIM SSM checked at Core and Distributions devices - PIM SSM needs to be setup on each Layer 3 device. As receivers are outside of the campus LAN, multicast traffic needs to be sent through the Core to these receivers.

IGMP Snooping unchecked at all devices - Not required because there aren’t receivers in any switch block.

Private VLAN Edge checked at the Access devices – Let’s calculate the Layer 2 access throughput; 4 sources and 15 video channels for each source times 2 Mbps the total is 120 Mbps, which brings congestion in the direction of the other sources thus degrading the feedback traffic. A usual solution could be to apply some QoS strategy, but with the constraint 3 an alternative can be to use Private VLAN Edge (protected ports) on each multicast source interface to avoid congestion on other sources interfaces.

 

Make the core routing table as small as possible

EIGRP checked on Core and Distribution devices – To enable the IGP of choice on the Layer 3 devices. Access devices are Layer 2, no need for IGP there.

EIGRP Summary odd switch routes (low metric) checked on the Distribution ODD device and EIGRP Summary even switch routes (low metric) checked on the Distribution EVEN device – Summarization at the Distribution will allow for a smaller Core routing table, making the routing table small at the Core, and will contribute to the symmetrical routing on trunks requirement (see below).

EIGRP Summary odd switch routes (high metric) checked on Distribution EVEN device and EIGRP Summary even switch routes (high metric) checked on Distribution ODD device – This summarization will be needed to generate ODD summary on EVEN distribution and vice-versa, otherwise each distribution device will advertise the specific routes causing asymmetrical routing and core routing tables not as small.

The IP addressing scheme allows for an efficient address summarization:

Switch block 1 can be summarized as 10.0.0.0/12

Switch block 2 can be summarized as 10.16.0.0/12

Switch block 3 can be summarized as 10.32.0.0/12

Switch block 4 can be summarized as 10.48.0.0/12

Note: For the FlexLink solution you can guarantee symmetrical routing without metric manipulation, but summarization is still needed to solve this requirement. Moreover, if we don’t use any manual pruning on trunks, in case of link failure between the ODD and EVEN distribution switches without metric manipulation, a HSRP “split brain scenario” may happen.

 

Convergence under 1 second for the Access-Distribution switching block

BFD checked on the Distribution devices – BFD allows for sub-second convergence, and should be associated with HSRP for the switch block convergence. BFD on access switches is not needed because they are back-to-back fiber connected to distribution switches.

Note: For the FlexLink solution BFD on HSRP is needed to protect in case of distribution switch failure. HSRP adjacency is built on the link between the ODD and EVEN distribution switches and is not affected by a change state on the access-distribution trunk link.

Rapid PVSTP+ checked on Access and Distribution devices – STP is not used as a path selection protocol here, but can be used to prevent switching loops on access and distribution devices due to human error.

Note: For the FlexLink solution it’s a good practice not to disable Rapid PVSTP+ but rather to use it like a protection mechanism for human error.

 

The idea behind this challenge was to exemplify that more than one solution can meet the stated requirements and constraints. These two solutions look similar, but they work differently on how they react in case of failure, how they differently converge, the impact on the configuration management in each case, to mention a few. In a real life situation we can discuss both solutions with our customer and partners to understand if there are more considerations to understand advantages of one solution over the other. I hope this challenge was insightful and that you had a good time with it. I look forward to you sharing your thoughts, questions, or comments below.

 

About the Author

pic Virgilio.png

 

 

 

Virgilio Spaziani is CCDE #20140003 and triple CCIE #35471 (R&S, SP, and Security). He’s a network designer and a Cisco official instructor based in Switzerland. He loves to solve complex network requirements using easy network designs, to teach complex technologies using easy examples.

 

 

 

 

Here are a few additional ways for us to engage and keep the conversation going: