Follow the IT trend front five step deployment million Mega Campus network

Campus Network is a platform to carry various network applications. Along with the digital campus, network teaching and other applications of the in-depth development, as well as network video, such as the rapid development of network applications, some servers have also begun to widely use gigabit NIC, which makes the backbone of the campus network upgrade to million trillion become an urgent demand.

Here's how to deploy a mega campus network in terms of structure, performance, access, IP, and application five.

Analysis of Campus network structure

The core layer of the use of million-gigabit switch can greatly improve the core data exchange capabilities, and the entire campus network not only need to ensure that each access point sufficient bandwidth, but also need to have a manageable and secure network services, so as to enable the entire campus network to play the greatest function, become the whole campus of the central

In the core layer, the million-gigabit core switch through the million-gigabit link with two of the convergence layer of the million gigabit on the switch to form a Wan Shao network design, once one of the million-gigabit link problems, the other will immediately automatically enabled. In the link design, the key area network is guaranteed to be stable and reliable.

In the larger bandwidth demand of the teaching venues or libraries, such as the deployment of the million-gigabit backbone switch, need to be equipped with a number of expansion slots to meet future expansion needs, and realize the million-gigabit line-speed forwarding. The gigabit switches are deployed elsewhere in the convergence layer. In addition, the network equipment also needs to support the hardware IPv6, prepares for the future smooth transition.

In the access layer, the network access switches all adopt secure intelligent access switch to provide powerful security features, so that common viruses and attacks in the access layer to protect.

Performance analysis of Campus network

The high performance of gigabit network needs to be guaranteed in the core layer first, therefore, the advanced, throughput and reliability of the core switch is one of the most important links of the campus network. Gigabit core switches need to support at least 3.2Tbps backplane processing capacity, and has more than 1190Mbps packet forwarding capabilities, but also the adoption of a second-generation crossbar architecture to overcome the limitations of the first generation of crossbar architecture technology, so as to achieve quality improvement.

In addition, the core switches need to use ACL (access control) to achieve virus protection, security filtering and other functions. In the implementation of the ACL of the core switch, the hardware ASIC chip is needed to achieve the goal of ensuring the safety without affecting the network performance, and simultaneously realizing the data port level synchronous processing Acl/qos of the whole machine. Through the wire card chip line speed forwarding l2/l3/multicast data, realizes from the line card to the port full distributed hardware design, the effective shunt, alleviates the line card ASIC chip load pressure, greatly promotes the switch the overall data processing ability, satisfies the business rapid growth the need, To maintain the high performance of the network without blocking switching and network security protection, to achieve a full range of multiple data traffic processing speed.

In terms of reliability, the core equipment requires power redundancy, switching engine redundancy, and the module needs to have hot-plug function to prevent device-level single point of failure.

Analysis of campus Network access authentication

The former campus network in the design of the foothold is to allow each user to access the network without hindrance, while minimizing the failure rate. Now, while ensuring accessibility, the campus network pays more attention to the authentication of the access user, and the unauthorized network access and access need to be banned. At present, in the implementation of the authentication function, the most commonly used is 802.1X technology, and the former commonly used Web portal or PPPoE authentication methods, has been phased out.

Because the campus network user access type is relatively complex, including living quarters and teaching area of fixed access, room access, access to the library and wireless access and other means. Network administrators can flexibly bind to multiple elements, such as account number, IP address, MAC address, switch, switch port and so on, to meet the needs of complex applications.

In the aspect of authentication strategy, we can take the authentication billing message and the business data streaming technology. After the certification passed, the business data flow was bypassed. In this way, the user avoids the exchange of the message and the RADIUS server in the whole Internet process, and the switch does not need to process the authentication billing message, thus ensuring the network performance. In the realization of the authentication and billing technology, each port of each access switch is equivalent to an authenticator, which realizes the distribution authentication, eliminates the single point of failure, and overcomes the performance bottleneck caused by the traditional gateway equipment authentication and billing.