Campus Network

Design Topology and

Virtual LANs

Introduction
What is campus network?
Is a building /group of buildings all connected into one enterprise
network that consists of many local area network.

A campus network should be designed using small

bandwidth and small broadcast domains for availability and
performance.
In LAN, all nodes belong to a single broadcast domain.
This means all nodes in the same LAN can received the same
broadcast packet even the packet is not meant for them.
We can use VLAN to obtained this objectives.

Example : Campus network

Campus network based on

hierarchical network topology
Campus access layer
Campus distribution layer
Campus core layer

Spanning tree protocol (STP)

The topology of a campus network design is often determined by STP.
STP is a protocol and algorithm, documented in IEEE802.1D.
STP is used by switches to prevent loops occurring on a network.
How it work?
The algorithm will disable unwanted links and blocking ports that could cause loop.

The network designer physically connects switches in a meshed,

redundant topology , STP creates a logical tree with no redundancy.

Ref: http://www.orbit-computer-solutions.com/Spanning-Tree-Protocol--STP-.php

What STP do?

It ensures that there is only one logical path between all
destination on the network by intentionally blocking
redundant paths that could cause a loop.
When a switch port detects a loop in the network, it
blocks one or more redundant paths to prevent loop
forming.
STP will choose one switch to be Root Bridge.
Other switches select one of its ports as Root Port ,
then a designated port is chosen on each segment and
all other ports are closed down.

Roles of the ports

Port Role

Description

Root Port

Root port is the nearest port to the root switch.

It is in forwarding state.

Designated port

It forwards data from the network segment

which connects to the root switch and data
from the switch to the network segment it
connects to.

Alternate port

For backup purpose. It will not forward any data

to the network segment it connects to.

STP example.
STP has 1 root bridge/switch and sets of
ports on other bridges/switches that
forward traffic toward the root bridge.
Bridge send bridge protocol data unit
[BPDU] frames to each other to build and
maintain spanning tree.
BPDU identify the root bridge and help
other bridges compute their lowest-cost
path to the root.
When bridge port change state bridges
send topology change notification
BPDUs.
Bridges send configuration BPDUs every
2 seconds to maintain the spanning tree.

Campus network Virtual LAN

A campus network should be designed using small bandwidth and
small broadcast domains.
A bandwidth domain (also known as Collison domain) is a set of
devices that share bandwidth and compete for access to the
bandwidth.
Example : a traditional bus topology is a single bandwidth domain.
A switch divides up bandwidth domains and is often used to
connect each device so that the network consist of many small
bandwidth domains.
Compared to hub, using switch , the bandwidth domain consists of
the switch port and the device that connects it.

Continue..
A broadcast domain is a set of devices that can all hear
each others broadcast frames.
A broadcast frame is a frame that is sent to the MAC
address FF:FF:FF:FF:FF:FF.
By defaults switches do not divide broadcast domains.
The campus access layer should use switches and
provide broadcast control hence we need to use VLAN
to accomplished this.

VLAN overview
A VLAN is an emulation of a standard LAN that allows data transfer to
take place without the traditional physical restraints placed on a
network.
VLAN standard: IEEE 802.1Q
VLAN divides a physical LAN into multiple logical broadcast domains
A VLAN is a set of LAN devices that belong to an administrative
group.
VLAN allow a large , flat , switch-based network to be divided into
separate broadcast domains.
A VLAN enabled switch floods a broadcast out only the ports that are
part of the same VLAN as the sending station.

VLAN continue
In VLAN, communication is allowed within a VLAN
No communication is allowed between VLANs.
Router need to use to allow communication between VLAN
(inter-VLAN communication)
A VLAN has become a method to subdivided physical
switch-based LANs into many logical LANs.
It allow a larger, flat, switch-based network to be divided
into separate broadcast domains.
VLAN-enabled switch floods a broadcast out only the ports
that are part of the same VLAN as the sending station.

Fundamental VLAN Designs

Switch A

Understand LAN first.

Switch A connects
stations in network A,
switch B connect
stations in network B.
When station A sends a
broadcast , station A2 &
station A3 receive the
broadcastnone from
stations in network B
received the broadcast.
Why ????

Switch B

Station A1Station A2Station A3 Station B1Station B2Station B3

Network A

Network B

A Switch with VLANs

VLAN A

Two VLANs implemented in a single

switch instead of two separate physical
LANs.
Any traffic from VLAN A will be
forwarded to all members of VLAN A
only.VLAN B will not received this!!!!
The behavior is same as in physically
separate LAN bounded by routers.

Station A1

Station B1

Station A2

Station B2

Station A3

Station B3

VLAN B

MMD2013

14

VLAN with multiple switches

Both switches contains stations that are member of VLAN A and VLAN B.
Have problem.forwarding of broadcast, multicast or unknowndestination frames from a member of a VLAN on one switch to the
members of the same VLAN on the other switch.
In this diagram all frames going from Switch A to switch B take the
same interconnection path.
Need to recognize the incoming fane belong to A or B?
How?
As the frame leaves Switch A, a special header is added to the frame VLAN tag.
The tag consist a VLAN identifier (ID) that specifies to which VLAN the frame
belong.

VLANs Span Switches

VLAN A

VLAN A

Station A1 Station A2 Station A3

Station A4 Station A5 Station A6

Switch A

Station B1

Switch B

Station B2 Station B3
VLAN B

MMD2013

Station B4

Station B5 Station B6
VLAN B

16

Inter-VLAN communication
Communications between VLANs have to be done at
layer 3 i.e. using router.
Draw diagram

VLAN Routing : Physical Connection

Each VLAN requires one unique physical link connection
with one interface of router.
Disadvantages: costly and inefficient use of resources

Use TRUNKING to improve

Multiple physical interfaces are grouped to share one
physical link.
Less cabling, cost effective and uses only one router interface

Draw diagram

VLAN-advantages
Improve network performance
Reduces unnecessary broadcast traffic

Formation of virtual groups

Isolate traffic

Simplified administration
Reduced cost- can used to create broadcast domain
Security can control broadcast domains, setup firewall,
restrict access

Disadvantages
Isolates layer 2 broadcast traffic and traffic from other
VLANs
Users at layer 2 on different VLANs cannot
communicate.
Communication between VLAN must be done via router,
layer 3-add cost

References
Huawei Tech
Top-Down Network Design (3rd Edition), Priscilla
Oppenheimer, Cisco Press Publisher, August, 2010