Established LAN design practices were created for an environment of limited switch performance. Today's high-capacity switches allow new design approaches, thus reducing cost and complexity in campus and data center LANs.

• The largest LAN switches currently on the market can support almost 1,000 1-Gbps Ethernet ports and/or 1 Tbps of switching capacity.
• Current generations of LAN switches can deliver rich networking features without compromising throughput.
• Reducing the number of tiers in the LAN reduces cost and improves performance and reliability.

• Review all LAN designs to determine whether it is possible to reduce the number of switch tiers.
• Ensure the resulting configurations are fully resilient, as failures will have a higher impact.
• When selecting high port count core switches, ensure that there is adequate switch fabric capacity.

Existing LAN design practices are based on a number of assumptions about LAN switch capabilities that are no longer valid. Significant savings can be realized and efficiencies can be gained by reducing the number of tiers in the LAN switching network.

Although it may seem contradictory to speak of "traditional" approaches when describing an activity as relatively young as designing switched LANs, there are a number of respects in which established practices dominate thinking in LAN design. One of the most pervasive is the concept of the "three-tier network." This approach describes three distinct functions embodied in different tiers of the network, comprising:

• Access (connecting the users or servers)
• Aggregation (concentrating traffic and applying functions, such as Layer 3 switching and access control lists)
• Core (delivering high-capacity switching with minimal features; see Figure 1)

At the time when three-tier LAN design was developed, this model was necessary, as LAN switching technology was struggling to deliver the switching performance required by most enterprises, so dividing functions between tiers was used as a means to improve performance. For example, backbone switches were barely fast enough for most core applications, and would slow down unacceptably if required to perform complex routing or filtering functions, which were often performed in software. Therefore, these functions were offloaded onto a larger number of aggregation switches, leaving the core switches able to perform simple switching, thus maximizing their performance. With this design approach, the largest networks required multiple tiers of core switching to further increase scale, typically with different functionality in each tier. Some of the reference designs created using this approach, and still used as templates today, have as many as five tiers of switches, each comprising multiple devices. In these configurations, there are often nearly as many Ethernet ports used to interconnect switches as there are ports used to connect to the users or servers.

As this approach became established, LAN switch vendors sought to enrich the "services" provided in the aggregation tier to include not just routing access control lists and other low-level packet manipulation, but other functions, such as firewalls and traffic analysis, often delivered in the form of service blades that could be added to all the aggregation tier switches. In extreme cases, vendors would add service blades in every tier, supposedly to improve services/security; however, in reality, this was a needless duplication of functionality.

In the past three years or so, the dynamics of the LAN switch market have changed. While enterprises' traffic needs have grown, LAN switch capacity has grown much faster. In addition, more-complex functionality is now embedded in silicon, rather than being performed in software, allowing it to be delivered at "wire speed" across all ports on a switch, without affecting switching performance. The largest enterprise LAN switches are now able to support more than a terabit per second of switching, and can support almost 1,000 1-Gbps Ethernet ports or more than 200 10-Gbps ports. These newer switches tend not to have the additional service blades found in previous generations of products.

Many organizations still design their networks using the same practices as they did when switches were performance-limited. In some cases, the aggregation tier is being kept in place simply to have somewhere to house service modules, such as firewalls, in a complete reversal of the original logic, where the necessary aggregation switches were a convenient location for additional functions.

A new approach to LAN design is now possible based on the new market conditions. The three-tier concept can be discarded, because all switch ports can typically deliver rich functionality without impacting performance. As a result, a much leaner topology can be used with, for example, a single tier of switches used for small configurations; two tiers able to fulfill the majority of enterprise campus and data center needs; and three tiers only necessary in the very largest networks (see Figure 2). The first tier of switches may be blade server switches or top-of-rack switches.

Since all switches can be used to deliver the full range of switching functions, it is also possible to design asymmetric networks where some devices connect directly to the core switches, while others connect to an intermediate tier. This is particularly useful in the data center, where, for example, some high-performance servers might connect directly to the core with 10-Gbps links, while lower-capacity servers could connect to access switches using 1-Gbps links (see Figure 3). In addition, virtualized service platforms, such as application delivery controllers, can be directly connected to the core switches.

A design with fewer tiers need not compromise redundancy, as core switches will typically be deployed as redundant pairs and may have resilience features, such as redundant power supplies, control and switching fabrics. In the data center, the access tier will also typically be deployed in a dual redundant configuration, with servers dual-homed to two switches.

The other functions, such as firewalls and load balancing, which were previously delivered by service blades in aggregation switches, can be reconfigured to be delivered by dedicated virtualized platforms acting as resource pools.

The primary benefit of this new leaner approach to LAN design is the reduced capital cost and maintenance costs arising from the reduction in the number of switches and links in the network. In addition, the lighter configuration will have lower power space and cooling requirements, which is especially valuable in data center networks.

To see the potential cost impact, let's use a hypothetical example of a network supporting 4,800 x 10/100 Mbps Ethernet user ports. These would be connected to 100 x 48 port edge switches, each requiring 4 x 1 Gbps uplinks, for a total of 400 x 1 Gbps uplinks. A traditional three-tier design might connect these to an intermediate tier of eight aggregation switches (four redundant pairs), each supporting 50 of the uplinks and requiring (at least) two 10-Gbps uplinks, one to each of a redundant pair of core switches. Connecting the edge switches directly to the core will save the enterprise from having to buy the eight aggregation switch chassis, with their 16 x 10 Gbps uplink ports and the corresponding 16 x 10 Gbps ports on the core switches. The 400 1-Gbps ports will still be needed, but will be located in the core, rather than the aggregation switches. For 3Q09 market average prices, the saving of the 32 x 10 Gbps ports alone would be $56,000, compared with $102,000 for the user ports and $38,000 for the 1-Gbps ports. This equates to an approximate savings of 28% of the capital cost of the network. Similar reductions in power and maintenance costs could be expected.

By reducing the number of switch tiers, traffic will have fewer switches to traverse, so latency will be reduced, improving application performance. The simpler configuration should also make network management easier, with fewer devices to configure and fewer ports and cables to troubleshoot, as well as simplified routing and virtual LAN (VLAN) configurations.

With a smaller number of switches in the network, the impact of any failures is more severe. Although it is typical to configure core switches as resilient pairs, a leaner architecture, a fast failover mechanism and proper testing to ensure it is performing as expected will be critical. Similarly, the routing and other configuration details, although simplified, will need to be carefully controlled.

There may also be situations, especially in distributed campus environments where additional layers of switches are needed, because of the limited availability of cabling between remote buildings and the core locations.

Adopting this new leaner approach to LAN design is relatively straightforward when building new LANs or undertaking a complete equipment refresh. Enterprises should review all proposed LAN designs to see if it is possible to fulfill the requirement with fewer tiers of switches.

For existing LANs, in a few cases, it might be possible to redesign an existing network without requiring new equipment, but, in most cases, it will not be possible to reconfigure existing equipment, and new investment will be needed. In this case, enterprises should determine the necessary incremental investment in equipment and determine if this cost would outweigh the potential savings in maintenance and power.

To reduce costs and power/cooling, while increasing performance and agility, consolidate low-density Ethernet switches into high-capacity "terabit class" switches.