Resolve IDC basic network solution

◆ System Structure

For data centers with only basic requirements, the network structure can adopt a three-tier system structure.

On the first layer, devices on the Internet connection layer have the following features: High-Speed Routing Switching capability, which provides a Gbps level of system capacity, enables access requests and content traffic to be transferred and controlled between IDCs and multiple ISP networks. Provides comprehensive support for various advanced routing protocols (such as BGP) to implement routing information exchange and routing policies. Provides a wide range of interface types. Provides multiple network ports and corresponding link protocols.

The second layer is the allocation layer. In the IDC with basic requirements, the allocation layer does not need to provide high-level exchange capability, but needs to provide high-speed and high-performance Layer-2 and layer-3 Exchange. At the same time, IGP protocol, IP-based traffic balancing, and redundancy are run on the upstream link, and can be used as the default gateway of the server group at the same time.

On the third layer, the access layer directly accesses the server group to provide traffic convergence on the second layer. In addition, Server clusters of different users are isolated by VLAN and/or PrivateVLAN.

◆ Background Management Platform

As a back-end management platform that provides network and business management, it includes IDC control center (IDC Network Management Center) and IDC customer center (users update and maintain their servers) dynamic business replication zone (user data backup ).

Its security and ease of operation are both required. A secondary network structure can be used. The first-level switch (Cat4800, Cat3500, Cat2900) is used to connect the server to the backend management platform network. The second-level switch uses two large-capacity, high-performance switches 6500 to aggregate all the first-level switches. Connect to the business centers at the same time. The advantage of this network structure is that PrivateVLAN can simplify the network design, reduce the waste of IP addresses, and enable different user groups to enjoy the same service and completely independent from each other.

A one-way firewall is placed between the backend management platform and the front-end core layer to ensure the security of network traffic data.

◆ Device Selection

For data centers with basic requirements, the following device configurations are available:

The Internet connection layer has two important configuration principles. First, use the Cisco7200/7500/12000 series. Among them, Cisco7200/7500 provides a large number of medium/Low Speed ports and a small number of high-speed ports; Cisco12000 series provides a large number of high-speed interfaces, while ensuring linear growth in performance when new network interfaces are added.

Second, choose ipvst6000/6500 series products and configure the layer-3 switching sub-module (MSFC ). Run the routing protocol between the uplink and the IDC network. The Catalyst6000/6500 FlexWan module also provides a variety of medium/high speed WAN interfaces. This configuration is suitable for IDCs with a small number of ISP network interconnection requirements.

The allocation layer usually uses layer-3 switches with large capacity and Server Load balancer functions. Use ipvst6000/6500 (MSFC + SLB ). Use a Gigabit Ethernet short-distance port to connect to the first and third-layer devices. For small networks, choose the ipvst4000 series switch and three-layer switch engine.

The access layer usually uses a Layer 2 Gigabit Switch. It is commonly used for the Catalyst3500/2900 series products. Because the access layer equipment and the customer server are placed in the same or adjacent racks, you should select a model with different access interfaces (10/1000 M Ethernet) based on the size of different customer Server clusters.

1. Bottleneck in IDC management KVM leads data center management
2. Siteview)