My network architecture is a campus 3-layer hierarchical design. We have 6500 switches deployed throughout the entire network at the access layer with NAC layer 2 OOB in place. Several end users have multiple nodes that require access to the network and the physical cabling to each space is limited. To accommodate these users some Engineers have suggested to deploy 2960 switches in the office space and share a connection to an access port on the 6500 access switch in the building floor network room. Is this a recommended solution? How will this solution affect CEF and hardware switching in the 6500? Is security an issue? What about Spanning Tree? This solution seems silly to me. Can someone provide a technical response to this solution?
We have wireless in place as a DMZ for guests now. This may be an option for additional access?
I will try to simplify my concerns.
I have a typical Core, Distribution, Access topolgy throughout my campus. Every access switch is trunked to distribution. We have Engineers that propose to add 2960 switches to acces ports in the access layer. This clearly disrupts all best practices. WTF? Why not install one cable to every office and connect to a 2960 with a access link to a L2 access port on another access switch? Cheap and easy? I am talking about daisy-chaining a 2960 access port with a 6500 acess port. Is this picture clear? Does this justify a hub? How does my network benefit by using a 6500 Sup720 in the access layer? We have no QoS in place.
You seem to have come to this forum looking for a specific answer and are unhappy that you are not hearing what you want.
Where does it say that you cannot have multiple switches in the access-layer. If the engineers were proposing to connect the 2960 directly to your core then yes that does not make sense. But i haven't heard of not being able to have multiple switches in the access-layer.
I am talking about daisy-chaining a 2960 access port with a 6500 acess port. Is this picture clear?
Crystal clear, as it has been since the first post. The simple facts are these -
1) You have a need for more ports than you can currently supply
2) You have 6500 in the access-layer which so far you have not actually specified what benefit they give you. Just having 6500 switches in the access-layer does not preclude having other switches in the access-layer as well.
3) Adding a 2960 switch will only affect those users connected to it so clearly you still get all the benefits for all the other users directly connected to the 6500 switches, although i say again, you haven't actually specified any benefits.
Why not install one cable to every office and connect to a 2960 with a access link to a L2 access port on another access switch?
Because that's not a scalable design and it clearly would be an administrative nightmare.
How does my network benefit by using a 6500 Sup720 in the access layer? We have no QoS in place.
I don't know and more to the point you can't tell me.
I am not trying to be unhelpful really, i try my best to help people on these forums but you are not giving any solid reasons as to why it is such a bad idea. You have a fixed idea that it is a bad thing to do but you cannot provide any real technical reasons why it is. Personally if given the choice i would have more cable runs as you would but that's not really the point. If there are benefits to the users being directly connected to the 6500s then spell them out, make it clear to the users who would go via the 2960 that they may lose some of these benefits and that is the compromise they must make.
The business doesn't care about Cisco's 3 tier architecture. All they want is to be able to do their primary work.
If you can show that introducing a 2960 compromises the stability of your network and that this could then lead to lost business you have your case for more cable drops.
If you can specify the benefits lost by adding a 2960 to the access-layer ditto
The hardest thing about designing networks is knowing when to give and when not to give. If you give all the time you end up with a mess as you rightly point out. If you never give you have the most lovely textbook 3 tier Cisco network design, regardless of whether it actually meets the companies needs.