CCNP: Building Multilayer Switched Networks v5.0.1.

0
Module 1: Network Requirements
Overview
This module looks at the need for multilayer switches within Ciscos overall network design.
A review of Intelligent Information Networks (IIN) and Service-Oriented Network Architectures
(SONA) sets the groundwork for the course. Additionally, a quick overview of the characteristics of
Layer 2 and Layer 3 networks aids in identifying the reasons for using a multilayer switch.
This module begins by discussing operational problems found in non-hierarchical networks at
Layers 2 and 3 of the Open Systems Interconnection (OSI) model. The Enterprise Composite
Network Model (ECNM) is then introduced, and the features and benefits of ECNM are explained.
Issues that exist in traditionally designed networks can be resolved by applying this state-of-the-art
design to their networks.
Module 1: New Requirements
Upon completion of this module, the student will able to perform tasks related to following:
1.1 Introducing Campus Networks

1.1 Introducing Campus Networks

1.1.1 Intelligent Information Network and Service-Oriented Network
Architecture
Intelligent Information Network (IIN) encompasses these features :
Integration of networked resources and information assets that have been largely
unlinked: The current converged networks that integrate voice, video, and data require
Information Technology (IT) departments to link the IT infrastructure more closely with the
network.
Intelligence across multiple products and infrastructure layers: The intelligence built into
each component of the network is extended network-wide and applies end-to-end.
Active participation of the network in the delivery of services and applications: With added
intelligence, IIN makes it possible for the network to actively manage, monitor, and optimize
service and application delivery across the entire IT environment.
Intelligent Information Network
Intelligent Information Network (IIN) intergrates networked resources and information assets.
IIN extends intelligence across multiple products and infrastructure layers.
IIN actively participates in the delivery of services and applications.
Three phases in building an IIN are:
- Integrated transport
- Intergrated services
- Integrated applications
IIN offers much more than basic connectivity, bandwidth for users, and access to applications.
It offers end-to-end functionality and centralized, unified control that promotes true business
transparency and agility.
The IIN technology vision offers an evolutionary approach that consists of three phases in
which functionality can be added to the infrastructure as required.
Integrated transport: All trafficdata, voice, and videoconsolidates onto an IP network for
secure network convergence. By integrating data, voice, and video transport into a single,
standards-based, modular network, organizations can simplify network management and generate
enterprise-wide efficiencies. Network convergence also lays the foundation for a new class of IPenabled applications delivered through Cisco IP Communications solutions.
Integrated services: After the network infrastructure has been converged, IT resources can be
pooled and shared or virtualized to flexibly address the changing needs of the organization.
Integrated services help unify common elements, such as storage and data center server capacity.
By extending virtualization capabilities to encompass server, storage, and network elements, an
organization can transparently use all its resources more efficiently. Business continuity is also
1/11

enhanced because shared resources across the IIN provide services in the event of a local system
failure.
Integrated applications: With Application-Oriented Networking (AON) technology, Cisco has
entered the third phase of building the IIN. This phase focuses on making the network
application-aware so that it can optimize application performance and deliver networked
applications to users more efficiently. In addition to capabilities such as content caching, load
balancing, and application-level security, Cisco AON makes it possible for the network to
simplify the application infrastructure by integrating intelligent application message handling,
optimization, and security into the existing network.
Using IIN, Cisco is helping organizations address new IT challenges, such as the deployment
of service-oriented architectures (SOA), Web services, and virtualization. Cisco Service-Oriented
Network Architecture (SONA) is a framework that guides the evolution of enterprise networks to an
IIN. SONA provides the following advantages to enterprises:
Outlines the path toward the IIN
Illustrates how to build integrated systems across a fully converged IIN
Improves flexibility and increases efficiency, which results in optimized applications, processes,
and resources
Cisco SONA Framework
The Cisco Service-Oriented Network Architecture (SONA) is a an architectural framework.
SONA brings several advatages to enterprises:
- Outlines how enterprises can evolve toward the IIN
- Illustrates how to build integrated systems across a fully converged intelligent network
- Improves flexibility and increases efficiency
Cisco SONA uses the extensive product line services, proven architectures, and experience of
Cisco and its partners to help enterprises achieve their business goals.
The Cisco SONA framework shows how integrated systems can allow a dynamic, flexible
architecture, and provide for operational efficiency through standardization and virtualization. It
brings forth the notion that the network is the common element that connects and enables all
components of the IT infrastructure.
Cisco SONA outlines these three layers of the IIN:
Network infrastructure layer: Interconnects all IT resources across a converged network
foundation. The IT resources include servers, storage, and clients. The network infrastructure
layer represents how these resources exist in different places in the network, including the
campus, branch, data center, WAN and Metropolitan Area Network (MAN), and teleworker. The
objective for customers in this layer is to have anywhere and anytime connectivity.
Interactive services layer: Enables efficient allocation of resources to applications and
business processes that are delivered through the networked infrastructure. This layer comprises
these services:
o Voice and collaboration
o Mobility
o Security and identity
o Storage
o Computer
o Application networking
o Network infrastructure virtualization
o Services management
o Adaptive management
Application layer: Includes business applications and collaboration applications. The objective
for customers in this layer is to meet business requirements and achieve efficiencies by leveraging
the interactive services layer.
Cisco SONA Framework Layers
2/11

1.1.2 Cisco Network Models

Cisco provides the enterprise-wide systems architecture that helps companies protect,
optimize, and grow the infrastructure that supports their business processes. The architecture
integrates the entire networkcampus, data center, WAN, branches, and teleworkersoffering
staff secure access to the tools, processes, and services.
Cisco provides the following network models with Cisco Enterprise Architecture:
Campus architecture: Combines a core infrastructure of intelligent switching and routing with
tightly integrated productivity-enhancing technologies, including IP Communications, mobility,
and advanced security. The architecture provides the enterprise with high availability through a
resilient multilayer design, redundant hardware and software features, and automatic procedures
for reconfiguring network paths when failures occur. Multicast provides optimized bandwidth
consumption, and quality of service (QoS) prevents oversubscription to ensure that real-time
traffic, such as voice and video or critical data, is not dropped or delayed. Integrated security
protects against and mitigates the impact of worms, viruses, and other attacks on the network,
even at the port level. Cisco enterprise-wide architecture extends support for standards, such as
802.1x and Extensible Authentication Protocol (EAP). It also provides the flexibility to add IP
Security (IPSec) and Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs),
identity and access management, and VLANs to compartmentalize access. This helps improve
performance and security and decreases costs. The enterprise campus architecture will be the
focus of this course.
Data center architecture: Cohesive, adaptive network architecture that supports the
requirements for consolidation, business continuance, and security while enabling emerging
SOAs, virtualization, and on-demand computing. IT staff can easily provide departmental staff,
suppliers, or customers with secure access to applications and resources. This approach simplifies
and streamlines management, significantly reducing overhead. Redundant data centers provide
backup using synchronous and asynchronous data and application replication. The network and
devices offer server and application load balancing to maximize performance. This solution
allows enterprises to scale without major changes to the infrastructure.
Branch architecture: Enables enterprises to extend head-office applications and services, such
as security, IP Communications, and advanced application performance, to thousands of remote
locations and users, or to a small group of branches. Cisco integrates security, switching, network
analysis, caching, and converged voice and video services into a series of integrated services
routers in the branch so that enterprises can deploy new services when they are ready without
buying new equipment. This solution provides secure access to voice, mission-critical data, and
video applications anywhere, anytime. Advanced network routing, VPNs, redundant WAN links,
application content caching, and local IP telephony call processing provide a robust architecture
with high levels of resilience for all the branch offices. An optimized network leverages the WAN
and LAN to reduce traffic and save bandwidth and operational expenses. Enterprises can easily
support branch offices with the ability to centrally configure, monitor, and manage devices located
at remote sites, including tools, such as AutoQoS, that proactively resolve congestion and
bandwidth issues before they affect network performance.
Teleworker architecture: Allows enterprises to securely deliver voice and data services to
remote small or home offices over a standard broadband access service, providing a business
resiliency solution for the enterprise and a flexible work environment for employees. Centralized
management minimizes IT support costs, and robust integrated security mitigates the unique
security challenges of this environment. Integrated security and identity-based networking
services enable the enterprise to help extend campus security policies to the teleworker. Staff can
securely log into the network over an always-on VPN and gain access to authorized
applications and services from a single cost-effective platform. The productivity can further be
enhanced by adding an IP phone, providing cost-effective access to a centralized IP
communications system with voice and unified messaging services.
WAN architecture: Offers the convergence of voice, video, and data services over a single IP
communications network. This approach enables enterprises to cost-effectively span large
3/11

geographic areas. QoS, granular service levels, and comprehensive encryption options help ensure
the secure delivery of high-quality corporate voice, video, and data resources to all corporate sites,
enabling staff to work productively and efficiently from any location. Security is provided with
multiservice VPNs (IPSec and MPLS) over Layer 2 and Layer 3 WANs, as well as hub-and-spoke
and full mesh topologies.
Cisco Enterprise Architecture

1.1.3 Describing Non-Hierarchical Campus Network Issues

The simplest Ethernet network infrastructure is composed of a single collision and broadcast
domain. This type of network is referred to as a flat network because any traffic that is
transmitted within it is seen by all of the interconnected devices, even if they are not the intended
destination of the transmission. The benefit of this type of network is that it is very simple to install
and configure, so it is a good fit for home networking and small offices. The downside of a flat
network infrastructure is that it does not scale well as demands on the network increase. Following
are some of the issues with non-hierarchical networks:
Traffic collisions increase as devices are added, reducing network throughput.
Broadcast traffic increases as devices are added to the network, causing over-utilization of
network resources.
Isolating problems on a large flat network can be difficult.
Non-Hierarchical Network Devices
Large collision domain
Large broadcast domain
High latency
Difficult to troubleshoot
Figure shows the key network hardware devices in a non-hierarchical network and the
function of each.
Network Devices
Device
Function
Hub
Layer 1 device used to interconnect networking components such as PCs,
printers, hubs, and routers. This device create a single broadcast and collision
domain for all networking components to which it is connected. Hubs have been
superseded in networks by inexpensive switches.
Switch
Layer 2 device used to interconnect networking components such as PCs,
printers, hubs, and routers. In its default configuration, this device creates a single
broadcast domain for devices connected to it. Each port acts as a separate
collision domain.
Router
Layer 3 device used to create and interconnect network segments or broadcast
domains. A router must be configured before traffic can flow through it. Each
interface creates a Layer 3 segments and therefore establishes a border for the
broadcast and collision domains for all devices on that segment.

1.1.4 Describing Layer 2 Network Issues

Layer 2 switches can significantly improve performance in a carrier sense multiple access
collision detect (CSMA/CD) network when used in place of hubs. This is because each switch port
represents a single collision domain, and the device connected to that port does not have to compete
with other devices to access the media. Ideally, every host on a given network segment is connected
to its own switch port, thus eliminating all media contention as the switch manages network traffic
at Layer 2. An additional benefit of Layer 2 switching is that large broadcast domains can be broken
up into smaller segments by assigning switch ports to different VLAN segments.
For all their benefits, some drawbacks still exist in non-hierarchical switched networks:
If switches are not configured with VLANs, very large broadcast domains may be created.
If VLANs are created, traffic cannot move between VLANs using only Layer 2 devices.
4/11

 As the Layer 2 network grows, the potential for bridge loops increases. Therefore, the use of a
Spanning Tree Protocol (STP) becomes imperative.
Layer 2 Switching
Hardware-based bridging
Wire-speed performance
Collision domain per port
Traffic containment based on MAC address
Issues
No traffic between VLANs
Unbounded broadcast domain
Servers not centrally located

1.1.5 Describing Routed Network Issues

A major limitation of Layer 2 switches is that they cannot switch traffic between Layer 3
network segments (IP subnets for example). Traditionally, this was done using a router. Unlike
switches, a router acts as a broadcast boundary and does not forward broadcasts between its
interfaces. Additionally, a router provides an optimal path determination function. The router
examines each incoming packet to determine which route the packet should take through the
network. Also, the router can act as a security device, manage QoS, and apply network policy.
Although routers used in conjunction with Layer 2 switches resolve many issues, some concerns
still remain:
When security or traffic management components, such as access control lists (ACLs), are
configured on router interfaces, the network may experience delays as the router processes each
packet in software.
When routers are introduced into a switched network, end-to-end VLANs are no longer
supported because routers terminate the VLAN.
Routers are more expensive per interface than Layer 2 switches, so their placement in the
network should be well planned. Non-hierarchical networks, by their very nature, require more
interconnections and, hence, more routed interfaces.
In a non-hierarchical network, the number of router interconnections may result in peering
problems between neighboring routers.
Because traffic flows are hard to determine, it becomes difficult to predict where hardware
upgrades are needed to mitigate traffic bottlenecks.
Layer 3 Routing
Single broadcast domain per interface
ACLs can be applied between segments
Issues
High per-port cost
Layer 3 processing required
High latency over Layer 2 switching

1.1.6 Multilayer Switching

Multilayer switching is hardware-based switching and routing integrated into a single
platform. In some cases, frame (Layer 2) and packet (Layer 3) forwarding operations are handled by
the same specialized hardware ASIC and other specialized circuitry. A multilayer switch does
everything to a frame and packet that a traditional switch and router do, including the following:
Provides multiple simultaneous switching paths
Segments broadcast and failure domains
Provides destination-specific frame forwarding based on Layer 2 information
5/11

 Determines the forwarding path based on Layer 3 information

Validates the integrity of the Layer 2 frame and Layer 3 packet via checksums and other
methods
Verifies packet expiration and updates accordingly
Processes and responds to any option information
Updates forwarding statistics in the MIB
Applies security and policy controls, if required
Provides optimal path determination
Can (if it is a sophisticated modular type) support a wide variety of media types and port
densities
Has the ability to support QoS
Has the ability to support VoIP and inline power requirements
Because it is designed to handle high-performance LAN traffic, you can place a multilayer
switch anywhere within the network, thereby replacing traditional switches and routers costeffectively. In most cases, a lower cost access switch connects end users and multilayer switches are
used in the distribution and core layers of the campus network model.
Multilayer Switching
Combined functionality
- Layer 2 switching
- Layer 3 switching
- Layer 4 switching
Low latency
High-speed scalability

1.1.7 Issues with Multilayer Switches and VLANs in a Non-Hierarchical Network

Multilayer switches combine switching and routing on a single hardware platform and can
enhance overall network performance when deployed properly. Multilayer switches provide very
high-speed Layer 2 and Layer 3 functionality by caching much of the forwarding information
between sources and destinations.
However, the following issues exist when a multilayer switch is deployed in an improperly
designed network:
Because multilayer switches condense the functions of switching and routing in a single chassis,
they can create single points of failure if redundancy for these devices is not carefully planned and
implemented.
Switches in a flat network are interconnected, creating many paths between destinations. If
active, these potential redundant paths create bridging loops. To control this, the network must run
a STP. Networks that use the IEEE 802.1D protocol may experience periods of disconnection and
frame flooding during a topology change.
Multilayer switch functionality may be underutilized if a multilayer switch is simply a
replacement for the traditional role of a router in a non-hierarchical network.
Issues with Multpalyer Switches in a Non-Hierarchical Network
Single point of failure for Layer 2 and Layer 3
Underutilization of harware
Spanning tree complexity
Servers not centrally located

1.1.8 The Enterprise Composite Network Model

The Enterprise Composite Network Model (ECNM) can be used to divide the enterprise
network into physical, logical, and functional areas. These areas allow network designers and
6/11

engineers to associate specific network functionality on equipment based upon its placement and
function in the model.
The ECNM provides a modular framework for designing networks. This modularity allows
flexibility in network design and facilitates ease of implementation and troubleshooting. The
hierarchical model divides networks into the building access, building distribution, and building
core layers, as follows:
Building access layer: Grants user access to network devices. In a network campus, the
building access layer generally incorporates switched LAN devices with ports that provide
connectivity to workstations and servers. In the WAN environment, the building access layer at
remote sites may provide access to the corporate network across WAN technology.
Building distribution layer: Aggregates the wiring closets and uses switches to segment
workgroups and isolate network problems.
Building core layer: Also known as the campus backbone submodule, this layer is a high-speed
backbone and is designed to switch packets as fast as possible. Because the core is critical for
connectivity, it must provide a high level of availability and adapt to changes very quickly.
Hierarchical Campus Model
An enterprise campus is defined as one or more buildings, with multiple virtual and physical
networks, connected across a high-performance, multilayer-switched backbone. The ECNM
contains these three major functional areas:
Enterprise campus: Contains the modules required to build a hierarchical, highly robust
campus network that offers performance, scalability, and availability. This area contains the
network elements required for independent operation within a single campus, such as access from
all locations to central servers. The functional area does not offer remote connections or Internet
access.
Enterprise edge: Aggregates connectivity from the various resources external to the enterprise
network. As traffic comes into the campus, this area filters traffic from the external resources and
routes it into the enterprise campus functional area. It contains all the network elements for
efficient and secure communication between the enterprise campus and remote locations, remote
users, and the Internet. The enterprise edge would replace the Demilitarized Zone (DMZ) of most
networks.
Service provider edge: Represents connections to resources external to the campus. This area
facilitates communication to WAN and Internet service provider (ISP) technologies.
Enterprise Composite Model Function Areas

1.1.9 Benefits of the Enterprise Composite Network Model

To scale the hierarchical model, Cisco introduced ECNM, which further divides the enterprise
network into physical, logical, and functional areas. ECNM contains functional areas, each of which
has its own building access, building distribution, and building core (or campus backbone) layers.
Enterprise Composite Network Model
ECNM has these features:
It is a deterministic network with clearly defined boundaries between modules. The model also
has clear demarcation points so that the designer knows exactly where traffic is located.
It increases network scalability and eases the design task by making each module discrete.
It provides scalability by allowing enterprises to add modules easily. As network complexity
grows, designers can add new functional modules.
It offers more network integrity in network design, allowing the designer to add services and
solutions without changing the underlying network design.
Figure shows the benefits that ECNM offers for each of the submodules where it is
implemented.
Benefits of ECNM
7/11

Submodules
Building Access
Building Distribution
Campus Backbone

Performance
Critical to desktop
performance
Critical to campus
performance
Critical to overall
network performance

Scalability
Provides port density
Provides switch
modularity
Provides switch
modularity

Network management

Monitors performance

Server Farm

Critical to server
performance

Provides switch
modularity

Edge Distribution

Critical to WAN and

Internet performance

Provides switch
modularity

Availability
Important to provide
redundancy
Critical to provide
redundancy
Critical to provide
redundancy and fault
tolerance
Monitors device and
network availability
Critical to provide
redundancy and fault
tolerance
Important to provide
redundancy

1.1.10 Describing the Campus Infrastructure Module

The enterprise campus functional area includes the campus infrastructure, network
management, server farm, and edge distribution modules. Each module has a specific function
within the campus network:
Campus infrastructure module: Includes building access and building distribution
submodules. It connects users within the campus to the server farm and edge distribution
modules. The campus infrastructure module is composed of one or more floors or buildings
connected to the campus backbone submodule.
Network management module: Performs system logging, authentication, network monitoring,
and general configuration management functions.
Server farm module: Contains e-mail and corporate servers providing application, file, print, email, and Domain Name System (DNS) services to internal users.
Edge distribution module: Aggregates the connectivity from the various elements at the
enterprise edge functional area and routes the traffic into the campus backbone submodule.
Modules in the Enterprise Campus
The campus infrastructure module connects users within a campus to the server farm and edge
distribution modules. The campus infrastructure module comprises building access and building
distribution switches connected through the campus backbone to campus resources.
A campus infrastructure module includes these submodules:
Building access submodule (also known as building access layer): Contains end-user
workstations, IP phones, and Layer 2 access switches that connect devices to the building
distribution submodule. The building access submodule performs services such as support for
multiple VLANs, private VLANs, and establishment of trunk links to the building distribution
layer and IP phones. Each building access switch has connections to redundant switches in the
building distribution submodule.
Building distribution submodule (also known as building distribution layer): Provides
aggregation of building access devices, often using Layer 3 switching. The building distribution
submodule performs routing, QoS, and access control. Traffic generally flows through the
building distribution switches and onto the campus core or backbone. This submodule provides
fast failure recovery because each building distribution switch maintains two equal-cost paths in
the routing table for every Layer 3 network number. Each building distribution switch has
connections to redundant switches in the core.
Campus backbone submodule (also known as building core layer): Provides redundant and
fast-converging connectivity between buildings and the server farm and edge distribution
modules. The purpose of the campus backbone submodule is to switch traffic as fast as possible
between campus infrastructure submodules and destination resources. Forwarding decisions
8/11

should be made at the ASIC level whenever possible. Routing, ACLs, and processor-based
forwarding decisions should be avoided at the core and implemented at building distribution
devices whenever possible. High-end Layer 2 or Layer 3 switches are used at the core for high
throughput, with optimal routing, QoS, and security capabilities available when needed.
Campus Infrastructure Module

1.1.11 Reviewing Switch Configuration Interfaces

In the era of the early high-end Cisco Catalyst switches, the Cisco Catalyst operating system
(CatOS) and the command-line interface (CLI) were significantly different from the Cisco IOS
mode navigation interfaces available on all newer Cisco Catalyst platforms. The two interfaces have
different features and a different prompt and CLI syntax.
Switch Configuration Interfaces
Two interfaces are used to configure Cisco Catalyst switches
- Cisco CatOS
- Cisco IOS
Cisco CatOS was traditionally used to configure Layer 2 paarmeters on the modular switches
- Cisco Catalyst 4500, 5500, 6500 Series
- These switches now support Cisco IOS (native IOS)
Cisco IOS is standard software for most other switches and for Layer 3 configuration on the
modular switches.
Note:
Desktop Express-based switches use a Cisco Network Assist (GUI interface) not a CLI.
The original Cisco Catalyst interface is sometimes referred to as the set-based or, more
recently, Catalyst software CLI.
Cisco Catalyst Operating System (CatOS)
CatOS is used to configure Layer 2 parameters.
CatOS configuration commands are prefaced with the keyword set.
- Console (enable) set port enable 3/5
Layer 3 configuration is implemented on MSFC with Cisco IOS
Some platforms can now use Cisco IOS to configure both Layer 2 and Layer 3 (native IOS).
Cisco Catalyst 4500, 5500, and 6500 switches
In the Cisco Catalyst software, commands are executed at the switch prompt, which can be
either non-privileged (where a limited subset of user-level commands is available) or at a passwordprotected privileged mode (where all commands are available). Configuration commands are
prefaced with the keyword set.
In the example below, the Cisco Catalyst software commands execute the following:
Step 1 Show the status of a port.
Step 2 Move to enable mode, which requires a password.
Step 3 Enable the port.
Console> show port 3/5
.
.
Console> enable
Enter password:
Console(enable) set port enable 3/5
Cisco Catalyst switch platforms have had a number of different operating systems and user
interfaces. Over the years, Cisco has made great strides in converting the interface on nearly every
Cisco Catalyst platform to the Cisco IOS interface familiar to users of Cisco routing platforms.
Unlike the Cisco Catalyst software, various modes are navigated to execute specific commands.
Cisco IOS Interface
On most Catalyst switches, Cisco IOS interface is standard for
Layer 2 configuration
9/11

 Layer 3 configuration on multilayer switch

Here is an example of how switch port 3 might be enabled on an access layer switch using the
Cisco IOS interface and how its status is verified after configuration. Compare how the Cisco IOS
interface is navigated here to the previous example using Cisco Catalyst software.
Switch# config terminal
Switch(config)# interface fastethernet 0/3
Switch(config-if)# no shut
Switch(config-if)# end
Switch# show interface fastethernet 0/3
Some widely used Cisco Catalyst switch platforms that support the Cisco IOS interface are
2950, 2960, 3550, 3560, 3750, 4500*, 6500*, and 8500.
* These platforms have an option to use either Cisco IOS or Cisco Catalyst software for Layer
2 configuration.
The Catalyst software interface exists on several modular Cisco Catalyst platforms, including
the Cisco Catalyst 4500, 5500, 6000, and 6500 Series.
For example, on the Cisco Catalyst 6500, you have the option of using the Cisco Catalyst
software, Cisco Catalyst software plus Cisco IOS software, or Cisco IOS software functionality.
Cisco Catalyst 6500 Interface
Operating System
Where Installed
Purpose
Cisco Catalyst software
On Cisco switch supervisor
Cisco Catalzst software
module
interface provided to configure
Layer 2 environment only.
Cisco Catalyst software +
If switch contains routing
This allows the Layer 2 switch
Cisco IOS software
capability, where the
functionality to be separate
supervisors run Cisco Catalyst
from the Layer 3 (and above)
software, and the Multilayer
Cisco IOS functionality.
Switch Feature Card (MSFC)
or Route Switch Module
(RSM) runs Cisco IOS
software.
Native Cisco IOS
A single instance of Cisco IOS
A single Cisco IOS kernel
software is installed on the
provides all Multilayer
Cisco Catalyst Supervisor
Switching functions (Layer 2
Engine, which also controls the
and above).
MSFC
The Cisco IOS interface is used across a wide variety of Cisco Catalyst switch platforms,
particularly the fixed and stackable switches, and is therefore the interface of reference throughout
the remainder of the course. Labs may provide direction on the use of specific Cisco Catalyst
software commands, depending on the equipment provided.
Summary
The SONA framework guides the evolution of the enterprise network toward IIN. The Cisco
Enterprise Architecture, with a hierarchical network model, facilitates the deployment of converged
networks. Non-hierarchical network designs do not scale and do not provide the required security
necessary in a modern topology. Layer 2 networks do not provide adequate security or hierarchical
networking. Router-based networks provide greater security and hierarchical networking; however,
they can introduce latency issues.
Multilayer switches combine both Layer 2 and Layer 3 functionality to support the modern
campus network topology. Multilayer switches can be used in non-hierarchical networks; however,
they do not perform at the optimal level in this context.
The enterprise composite model identifies the key components and logical design for a
modern topology. Implementation of an ECNM provides a secure, robust network with high
availability. The Campus Infrastructure, as part of an ECNM, provides additional security and high
availability at all levels of the campus.
Summary
10/11

 The SONA framework guides the evolution of the enterprise network toward IIN.
Cisco Enterprise Architecture with a hierarchical network model facilitates the deployment of
converged networks.
Non-hierarchical network designs do not scale and do not provide the required security
necessary in a modern topology.
Layer 2 networks do not provide adequate security or hierarchical networking.
Router-based networks provide greater security and hierarchical networking; however, they can
introduce latency issues.
Multilayer switches combine both Layer 2 and Layer 3 functionality to support the modern
campus network topology.
Multilayer switches can be used in non-hierarchical networks; however, they do not perform at
the optimal level in this context.
The enterprise composite model identifies the key components and logical design for a modern
topology.
Implementation of an ECNM provides a secure, robust network with high availability.
The Campus Infrastructure, as part of an ECNM, provides additional security and high
availability at all levels of the campus.

11/11