A (2 Tier Topology Architecture) is called a “collapsed core” when the distribution layer and core layer functions are implemented by a single device and in this case, we are looking at both switching (layer 2)and routing(layer 3). The primary reason for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model. This architecture is used by small enterprises that can not use 3 Tier architecture. Another name for a 2 Tier Architecture is Two-Layered Hierarchical Model or Collapsed Core Model which is more common. There are only two layers in this architecture which can be scaled up to three layers should the need arises. These two layers are :
Distribution Layer (Core + Distribution Layer) =Collapsed Core Layer
The primary function of the distribution layer is to aggregate access layer switches in each building or campus and provides a boundary between the Layer 2 domain of the access layer and the core’s Layer 3 domain. Distribution switches usually have high-speed fiber (and less often copper) ports. Traditionally, VLAN’s or subnet’s default gateway functions were provided by distribution layer switches. For this reason, different types of security enforcement, such as inter-VLAN ACLs were implemented on this layer. In modern networks, however, it is also common to see access layer switches configured as default gateways for VLANs.
This boundary provides two key functions for the LAN:
- On the Layer 2 side, the distribution layer creates a boundary for Spanning Tree Protocol (STP), limiting propagation of Layer 2 faults,
- on the Layer 3 side, the distribution layer provides a logical point to summarize IP routing information when it enters the core of the network. The summarization reduces IP routing tables for easier troubleshooting.
Access Layer
Access tier provides connectivity for the end-users. The access layer requires high-port density capable to deliver Power-over-Ethernet (POE). Switches at the access layer connect to the distribution layer switches and should not be connected to each other. As access switches have direct visibility into devices that connect to them, security access checks, such as 802.1x authentication, and QoS traffic classification are usually performed at this tier.
The layer is commonly referred as the network edge and it’s where end-user devices or endpoints connect to the network. It device connectivity using wired and wireless access technologies such as Gigabit Ethernet and 802.11n and 802.11ac wireless.
The different types of endpoints that connect to the access layer includes personal computers (PCs), IP phones, printers, wireless access points, personal telepresence devices, and IP video surveillance cameras. Wireless access points and IP phones are prime examples of devices that can be used to extend the access layer one more layer out from the access switch.
Access layer can be segmented for example by using Vlans so that different devices can be placed into different logical networks for performance, management and security reasons.
Also, note that the access layer switches are NOT interconnected and communication between endpoints on different access layer switches occurs through the distribution layer. The access layer plays a big role in ensuring that the network is protected from malicious attacks being the connection point for endpoints.
Layer 2 access layer (STP based)
Traditional LAN designs use a Layer 2 access layer Switch for hosts and a Layer 3 distribution layer router for packet distribution. The distribution layer is the Layer 3 IP gateway for access layer hosts. It is recommended to restrict a VLAN to a single access layer switch to eliminate topology loops, which are common points of failure in LANs, even when STP is enabled in the network and it comes at the cost of network flexibility because all hosts within a VLAN are restricted to a single access switch. Some organizations require that the same Layer 2 VLAN be extended to multiple access layer switches to accommodate an application or a service. The looped design causes STP to block links, which reduces the bandwidth from the rest of the network and can cause slower network convergence.
Example
Two-tier design (collapsed core)
Smaller campus networks may have multiple departments spread across multiple floors within a building. In these environments, a core layer may not be needed, and collapsing the core function into the distribution layer can be a cost-effective solution
Q&A
Distribution layer