LAN design

Unanswered Question
May 19th, 2009


I have two office in the same building, it is 15/F, 65/F. Both site are connect via fiber.

Base on the vendor suggestion, there are two designs, "case A" and case B". detail please find that attached file. I would like to seek for expert advice to find out which one is better, and the pros and cons.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Tue, 05/19/2009 - 08:59


I'm assuming that the core switches are doing all the inter-vlan routing etc. and that the access-layer switches are acting purely as L2 switches ?

Also assuming the uplinks are L2 trunks ?

Please correct if either assumptions are incorrect.

Which is best depends largely on traffic flows between the access-layer switches and the 2 core switches.

There isn't enough information to choose one or the other really. If most of the traffic was from one access-layer switch to another then Case B would be a better choice than Case A. But if most of the traffic is destined for the core then Case A would be a better choice.

It depends on your vlan layout, where the servers are in relation to the access-layer switches, what actual devices make up the access-layer switches and the core switches.

If the servers are connected to the core switches and each access-layer switch contains devices that mainly talk to the servers i would prefer Case A but as i say not really enough info.


anitachoi3 Wed, 05/20/2009 - 05:29

Hi Jon,

Yes, the core switch acts as inter-vlan routing, the server farm is connect to core switch, Internet/FW gateway are connected to core switch

No, the access layer switch also acts as inter-vlan routing. e.g. there are three VLAN in the access layer switch, the inter-vlan routing should be in the same access layer switch.

there are around 3 vlan per access layer switch

there are around 3 vlan in core switch, server farm, Internet gateway, backup / testing

For the normal traffic:

Internet traffic

FTP, ssh, http ...etc will go to the core switch and then to internet gateway/FW. The bandwidth (from MRTG) is around 5M ~ 20M.

Internal traffic

internal server, Active Directory, smtp/pop server, file servers, CRM, accounting DB are sitting on the server farm. The bandwidth (from MRTG) is around 12M ~ 55M

There is no any server on 65/F.

BTW, you mention that "if most of the traffic is destined for the core then Case A would be a better choice. ". could you give me more idea why "case A" is btter. "Case A" requests 6 fiber connections.

If I connect thrid fiber to middle access layer switch, is it better?


Jon Marshall Wed, 05/20/2009 - 05:57


What are the switches in the access-layer, are they 3750's ?

Also the fiber uplinks - are they etherchannels or single connections ? And does the speed of the links differ between Case A and Case B.

Finally are your core switches interconnected ? If they aren't are then it depends on how Internet is provided.

As an example lets say the Internet router is only connected to the right hand core switch in your diagram. And then the link between the right hand core switch and the access-layer switch dies. You have now no way of getting from the access-layer to the Internet.

Obviously if core switches are interconnected or both core switches connect to your Internet router this is not an issue but it is these sort of things that need clarifying.


anitachoi3 Fri, 05/22/2009 - 07:03


the access switch may be 3500 or 3700 series.

for access layer to core layer, it may be 1G.

yes, the uplink is the same.

yes, the core switch is interconnect (stack) together.

any comment on the "case A" and "case B" ?



This Discussion