How to build an exchange network? Experience Introduction!

The establishment of an enterprise network or campus network can be divided into two major parts: Resource subnet and Communication Subnet. Resource subnets include user terminal devices such as PCs and external and internal server zones in the network. The Communication Subnet includes transmission devices and transmission media in the network. First, let's focus on the Communication Subnet. Transmission devices mainly include switches and routers in the enterprise network or campus network, or some network devices such as firewalls.

Nowadays, the most common way to build a network is to use a layered approach. That is, the network is divided into three layers, the access layer, the aggregation layer and the core layer. Each layer has different functions. The access layer switch provides end-user access. The core layer switch forwards user data at high speed. The aggregation layer isolates the access layer and core layer and aggregates user data. First, let's look at the access layer. This layer generally uses a layer-2 switch. To save costs and meet the availability principle, L2 switches can meet the requirements of the access layer. The aggregation layer and core layer generally use three or more switches. In this layer-3 network model, it can be divided into switching and routing. Between the aggregation layer and the access layer, data communication primarily relies on exchange, and routes are used after the three layers. On the Internet, we also use third-party gateways to help with routing. In LAN switching, which technologies should we implement to meet the network requirements of our users?

The first is VLAN technology. VLAN is short for Virtual LAN. VLAN is used to isolate broadcast domains and reduce the broadcast traffic in the exchange network. VLAN is used to divide logical user groups for flexible networking. Additionally, VLANs can effectively isolate different business departments to meet certain security requirements. The PVLAN technology is also available in VLAN. Generally, VLAN is sufficient. The principle of networking is that the fewer technologies used, the better. What technologies should be added according to your actual needs. To achieve the purpose of carrying all VLAN traffic, we must implement the TRUNK technology. TRUNK, also known as VLAN relay lines, is primarily used to interconnect switches to transmit traffic from different VLANs. To form a TRUNK, we have two more protocols available. One is CISCO's private protocol ISL, and the other is the international standard 802.1Q. in actual engineering, the most common is 802.1Q for trunk, because 802.1Q can be compatible with devices of different vendors.

In Cisco, VTP is the VLAN relay protocol, which is used to synchronize VLANs. That is to say, we have created many VLANs in a vswitch. Through the role of VTP, we can transmit the VLAN information to other switches in the same exchange network, make them learn and create the same VLAN. in international standards, the protocol that produces the same effect is GVRP. such technology should be available or not needed based on actual conditions.

We connected the switch network and adopted VLAN and TRUNK to achieve high availability of the switch network. In addition to high availability, we must also achieve high reliability, security, manageability, and scalability. In order to achieve high reliability, We must redundant Key Device Links in the switching network. Redundancy is designed to solve single point of failure and ensure high network reliability. Generally, the convergence layer or the core layer is redundant, that is, the dual-star topology is used. The implementation of redundancy will bring about the problem of switching network loops. In order to solve the loop, we have to adopt STP technology. STP is the Spanning Tree Protocol, which aims to generate a non-circular forwarding path in the exchange network. Through STP, we can also perform load balancing on user data, which will be summarized in the next Analysis of STP. STP can also be used as the master-slave backup, but its primary and backup functions are not transparent to users and may cause certain problems.

Our user's PC is connected to the Internet through the gateway, so we can perform redundancy on the gateway and perform active/standby backup. Here we should adopt HSRP technology. HSRP is the hot backup gateway redundancy protocol. Its function is to immediately replace and implement the gateway function when a layer-3 switch that acts as the user gateway fails. The HSRP operation project is transparent to users. The principle and operation process of HSRP will be summarized later. VLANs can communicate internally, but cannot communicate between VLANs and the Internet. Therefore, we must implement inter-VLAN routing. Sometimes, in order to control specific traffic, we can use the ACL on the switch. We need to use the NAT technology to convert public IP addresses and private IP addresses. In a LAN, in addition to implementing the exchange technology, we also need to implement the routing technology. Data Forwarding relies on layer-2 switching and layer-3 switching. Layer-3 switching is a route. The route table is required again. How did the route table come from? It is manually configured based on our understanding of the network topology. This is a static route, and more is a dynamic route. In dynamic routing, there are also RIP, OSPF, and other routing protocols. The role of these protocols is to generate route tables for each network in a vro or L3 switch. A complete enterprise network should include the local LAN of the corporation, the local LAN of each branch, and the WAN of the corporation and its branches. The establishment of the local LAN of the branch is the same as that of the local LAN of the headquarters, but the size is slightly smaller.

Routing Switching is the foundation. Of course, in addition to ensuring LAN connectivity, the Routing Switching technology can also implement certain security mechanisms in the Routing Switching. Network security is mainly implemented at the boundary. Some common security technologies include ACL, firewall and intrusion detection and defense systems. Before building a network, we should think about whether future advanced applications can be seamlessly integrated into the current network. This is to consider the scalability of the network. The above technologies are scalable. Scalability mainly depends on the network devices used to build a network and what kind of products are used. After a network is built, we need to manage and maintain it well. Good rules and regulations are essential. It can reduce unnecessary problems. How can we effectively manage the network? Of course, our network engineers manage and maintain through SNMP-based network management software. Choosing a good network management software is also a necessary topic.

As mentioned above, I should mention VLAN, TRUNK, VTP, GVRP, STP, HSRP, VRRP, and inter-VLAN routing. The routing protocol also includes Static Routing and dynamic routing. Dynamic Routing also includes RIP, VPN, and OSPF. In the future network, there will also be IS-IS, BGP, and multicast protocol PIM. These are important routing protocols. It is essential and valuable for learning and research. In the days to come, I will elaborate on these exchange routing technologies separately. We should summarize their concepts, application scenarios, advantages and disadvantages, working principles, and specific implementation configurations.

• • Topic: VLAN Technology