0

Scenario: Greenfield network rebuild for a SMB distributed over ~10 small campuses with 1 fairly large central campus spread over ~ 100 Miles. You have almost no Cap-ex budget restriction (within reason).

Question: What are the pros and cons of using L3 switches all the way to the access layer (instead of L3 routing at the core with L2 at the access and distribution levels) mainly in terms of network defensibility, but also resiliency and management?

Initial thoughts:

  1. Using L3 switches at the edge of the network allows one to create very small broadcast domains Which is a big win for resiliency and a moderate win for defensibility.
  2. Convergence will be very fast for the routed access layer model
  3. Routed access layer requires forethought due to the creation of VLAN islands
  4. Data path separation could be an issue (MPLS\VPN?) in the routed access layer model.
  5. Routed Access layer would allow one to turn on ECMP everywhere for load balancing
DarkMatter
  • 2,671
  • 2
  • 5
  • 23
  • 1
    Did you try to ask this question on https://networkengineering.stackexchange.com/. Probably the pros an cons are related to manage the network, however is always desirable to isolate zone or using MPLS, VLANS o VxLan depending on your requirements. – camp0 Feb 05 '19 at 20:56
  • @camp0 In this case I specifically want the perspective of other security professionals. – DarkMatter Feb 08 '19 at 18:38

0 Answers0