Hello everyone,
Today I will introduce you the advantages of gateway deployment in the convergence layer and access layer.
Topic
1. In a campus network, what are the advantages of deploying a gateway at the convergence layer?
2. In a campus network, what are the advantages of deploying a gateway at the access layer?
Advantages of gateway deployment at the convergence layer
Cost perspective
When the gateway is placed at the convergence layer, the performance requirements of the access equipment are relatively low, and the cost is reduced. (Access switches can only require Layer 2 switches, and the version can be a simplified version). The larger the number of access switches, the more obvious the cost advantage.
Resource perspective
The gateway is placed at the convergence layer, and VLANs on different access switches use the same IP address segment to avoid waste, reduce the interconnection address segment between access and convergence, and reduce the number of neighbors of the routing protocol.
From the perspective of local business migration and expansion
The gateway is placed at the convergence layer. Because the same VLANs on different access switches communicate with each other, the migration of the physical location (in the case of the relocation of the computer room, etc.) does not require the redeployment of a new IP address segment.
Gateway redundancy perspective
The gateway is placed on the convergence layer, and VRRP and other technologies can be run between two convergence layers to achieve gateway redundancy. If placed on the access layer, it needs to be implemented by stacking and other technologies, which have poor scalability.
Service Deployment
Remotely configure all configurations on the core gateway. Onsite engineers only need to add interfaces to a specified VLAN, configure a specified IP address on the test computer, and ping the gateway. Onsite engineers do not need to consider routing protocols.
Advantages of gateway deployment at the access layer
Isolating the broadcast domain perspective
The gateway is placed in the access layer, which can divide the broadcast domain. When the LAN has problems like the ARP virus, the affected area is controllable.
Fault location perspective
The gateway is placed at the access layer, which network segment has the same problem, and the physical location can be found directly according to the topology map.
Routing control perspective
The gateway is placed at the access layer. The routing protocol runs between the access layer and the convergence layer, and there are many ways to control the flow of traffic, such as OSPF routing (intra-domain routing> inter-domain routing> external routing 1> external routing 2), policy routing and other technologies.
Avoid loop perspective
The gateway is placed at the access layer and does not need to run spanning tree or SMART-LINK technologies.
Line efficiency perspective
The gateway is placed at the access layer, and the routing protocol can implement load sharing (flow-by-flow or packet-by-packet), while the layer 2 protocol can only implement active-standby or heterogeneous load sharing. The service exchanges between different network segments that belong to the same switch do not need to go through the aggregation switch, so the access efficiency is improved.
Risk perspective
The gateway is placed at the access layer. To achieve the same network segment, it must be connected. One access switch is physically isolated, and the risk is small. If deployed in the aggregation, the same VLAN on different access switches can communicate with each other, and the risk is high.
That is all I want to share with you!
