So as we've looked at many, many campus networks around the world we've developed several rules that we would like you to consider as you're rethinking your design. The first rule is minimizing the number of network devices in any path. The second design consideration is to use a hub and spoke or star configuration as your design pattern. We want you to segment your network with routers at the core and this will break apart your network into multiple independent segments. We want you to provide services that all users use near the core of your network. And we want you to think carefully about where to firewall and where to NAT. Now we'll look at each one of these in greater detail. The first rule: minimize the number of network devices in the path. So we want you to build these hub and spoke network sometimes called a star network and you see that here as the top diagram where you have a aggregation device and every other device in the network is connected directly to that. And we do not want you to build these daisy chain networks sometimes called cascaded networks where you have a device, then you connect another device and then it's simpler to connect a third device simply to the original device. This we see several different places in campus networks where one building on campus has an internet connection and the building adjacent to it says "Hey. I hear you have some internet can I get some?" And pretty soon there's a Cat 5 running through the bushes to the adjacent building and then the building next to that says "Hey. I hear you have some internet. Can I get some?" And pretty soon there's a Cat 5 running through the bushes and it goes building to building to building. We also see this inside of a building where we maybe have internet on one floor and we want to put the internet on the floor above that and so we just simply drop some Cat 5 cable down to the switch below and we're going And then somebody on the floor above that says "Hey. I hear you have some internet. Can I get some?" And they'll simply run some Cat 5 or Cat 6 cable down to the switch on the adjacent floor and you end up getting these cascaded network elements where if one of them in the path fails, then everybody past that is out of service. So this is a hub and spoke design we're going to use this design pattern in two separate places. One is on your campus between buildings. We are going to run fiber optic cabling from your central location out to each remote building in a hub and spoke fashion. We are not going to run fiber from one building to the next to the next to the next even though that might be easier. Inside of each building we're going to run unshielded twisted pair cabling, either Cat 5, Cat5e, Cat6, and we'll talk about that later and maybe even fiber from a main rack to all other racks. We also will do the same from an individual rack out to station outlets in people's offices. So hub and spoke at the campus level. The hub of the campus at the campus level is going to be called the core that will be your central location where you have a small server room and our best practice will be to route at the core. We will talk about that in a little bit. Routing at the core segments the network into multiple independent segments and it limits the amount of broadcasts hub and spoke inside of buildings. We're going to run... where fiber enters the building that is going to be the service entrance. From that service entrance we will run up to each individual network rack. Each building will be at least one IP subnet. And we want a plan for no more than 250 computers inside of each building. If the building is larger, has more than 250 computers, we would recommend you segment even multiple different subnets. For example, if you have some large computer labs, maybe the computer labs should be on a separate ip subnet than the rest of the building. Inside of a building the network should only be switched. The VLANs and the separate subnets will be routed at the core, at your central location and those VLANS will be carried to the building, inside of each building, is simply going to be a switched Layer 2 network. And often this in-building portion of the network is called the edge of your network. And we must note, take careful note: always buy switches that are managed. You cannot do this with unmanaged switches. You cannot provide multiple VLANs with unmanaged switches. So, for example, if you had that computer lab that you wanted on a separate network, then your faculty and you wanted the faculty on a separate network than your Voice-Over-I-P telephones, you cannot do that with unmanaged network switches.

© Produced by Philip Smith and the Network Startup Resource Center, through the University of Oregon.

Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
This is a human-readable summary of (and not a substitute for) the license. Disclaimer. You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material The licensor cannot revoke these freedoms as long as you follow the license terms. Under the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.