Segurança Em Redes De Comunicações

Designing the Access Layer

High availability

Default gateway redundancy using multiple connections from access switches to redundant distribution layer switches.

Redundant power supplies.

Other considerations

Convergence

The access layer should provide seamless convergence of voice into the data network and provide roaming wireless LAN (WLAN).

Security

For additional security against unauthorized access to the network, the access layer should provide tools such as IEEE 802.1X, port security, DHCP snooping and dynamic ARP inspection (DAI).

Quality of service (QoS)

The access layer should allow prioritization of critical network traffic using traffic classification and queuing as close to the ingress of the network as possible.

IP multicast

The access layer should support efficient network and bandwidth management using features such as Internet Group Management Protocol (IGMP) snooping.

Uses a combination of Layer 2 and multilayer switching to segment workgroups and isolate network problems, preventing them from impacting the core layer.

Connects network services to the access layer and implements QoS, security, traffic loading balancing, and implements routing policies.

Major design concerns: high availability, load balancing, QoS, and provisioning.

In some networks, offers a default route to access layer routers and runs dynamic routing protocols when communicating with core routers.

The distribution layer it is usually used to terminate VLANs from access layer switches.

To further improve routing protocol performance, summarizes routes from the access layer.

To implement policy-based connectivity performs tasks such as controlled routing and filtering and QoS.

Avoid Daisy Chaining

When using a L3 link between Distribution layer switches.

  • In Access layer, any path from a switch should not require another switch from the Access layer.

  • In Distribution layer, any path between Distribution layer switches should not require a switch from the Access layer.

When using a L2 link between Distribution layer switches.

  • Daisy chain is acceptable, however.

    • Could overload some Access layer switches.

    • Could increase STP convergence in case of failure.

PreviousModular Network DesignNextDesigning the Core Layer

Last updated