Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Core, distribution, and access layer
Message from firstname.lastname@example.org
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
We are beginning a project to upgrade our core and distribution layers on campus. So items that are looking at is the ability to dual home buildings to the distribution layer.
Our current environment is cisco cat6509s for the core layer 3 and cat6509s for the distribution layer that homes the building.
One item we currently use is each distribution router/switch has a cisco firewall service module that we use in transparent mode to create 'zones' for staff, student, services, infrastructure devices, etc. Endpoints are placed on the network in the appropriate zone using Clean Access server.
The challenge we are looking at is how we would utilize something like Cisco Nexus in the distribution layer that would allow us to dual home buildings with the vPC feature, but this leaves us with the FW layer that does not fit cleanly in this topology.
So what I am looking for input from the group is:
1. Do you dual-home buildings, and if so, to the same distribution layer device or multiple? Does history of uptime and time to repair the single linked buildings come into consideration?
2. If you dual home, do you have layer 3 at the building, or do you ether-channel or spanning tree?
3. Do you provide segmented vlans for users, and if so, how do you apply the policy between them?
Any other lessons learned would also be interesting to me too!
Thanks for your time,
University of Notre Dame