Got it

What are the advantages of when gateways are used at access and aggregation layer??

Created: Feb 24, 2021 18:55:49Latest reply: Feb 26, 2021 05:15:43 107 4 0 0 0
  HiCoins as reward: 0 (problem unresolved)

What are the advantages of when gateways are used at access and aggregation layer??

Where to deploy Gateways on access or aggregation layer, state advantage and dis advantages.

Can anyone Help to answer in detail???

  • x
  • convention:

Featured Answers
DDSN
Admin Created Feb 25, 2021 00:40:51

Hi UsamaKhalid,

The following table lists the comparison between the deploy gateway at the access layer and the aggregation layer.


Gateways are deployed at the access layer.

Gateways are deployed at the aggregation layer.

Cost

Layer 3 switches are required at the access layer. The cost of a Layer 3 switch is higher than that of a   Layer 2 switch. When a large number of access switches are required on   the network

The cost will be greatly increased.

Access switches use only   Layer 2 switching.

The cost is low.

Routing control

Layer 3 routing can be controlled through routing policies and policy-based routing. Different services can be transmitted on different links.

Layer 2 routing on access switches depends on the Layer 2 loop prevention technology, which is difficult to control.

Link efficiency

Load balancing is performed based on routes. Multiple uplinks are available for the same service on an access switch. When a switch is connected to different broadcast domains, only the local switch needs to forward packets, improving link efficiency.

Load balancing is implemented based on MSTP instances. Only one uplink is available for services in the same VLAN on an access switch. To implement communication between different broadcast domains on the same switch, aggregation switch Layer 3 forwarding is required. The link efficiency is low.

Redundancy

The implementation is complex.   Access switches need to be stacked, and hosts need to use two NICs to connect to two switches.

The implementation is simple.   VRRP is used to implement gateway redundancy.

broadcast domain

The broadcast domain is controlled by a single access switch and is small. Reduces link bandwidth and device performance consumption because the flooding scope of received unknown unicast, broadcast, and multicast frames is small. This mode is more secure. If an ARP attack occurs on the network, the impact scope is small.   However, when a host is migrated to another access switch, IP   address parameters need to be modified.

A broadcast domain can cover multiple access switches. A broadcast domain is large and has poor security.   If an ARP attack occurs on the network, the impact scope is large. However,   when the host is migrated to another access switch in the same broadcast domain, the IP address parameters do not need to be modified.

Maintenance

Routing protocols need to run between the access layer and the aggregation layer. Therefore, the network architecture is complex and difficult to maintain (complex routing protocols and route selection control policies need to be maintained).

No routing protocol is required between the access layer and the aggregation layer. Only the STP   protocol needs to be enabled. The network architecture is simple and maintenance is easy.

The gateways of the campus network and office network are generally deployed at the aggregation layer (distributed and easy to expand and migrate). The gateways of the data center and the production network (confidential network) are generally deployed on the access network (centralized, low risk, and high security).

I hope it helps!


View more
  • x
  • convention:

All Answers
ariase88
ariase88 Admin Created Feb 24, 2021 18:56:09

Thanks for contacting the Huawei community!

We are checking your question and will provide an answer to you shortly...
View more
  • x
  • convention:

Herediano
Herediano Created Feb 24, 2021 19:22:15

Hi,

You can find a detailed explanation in the following link:
https://forum.huawei.com/enterprise/en/access-aggregation-core-layer/thread/656387-863

View more
  • x
  • convention:

DDSN
DDSN Admin Created Feb 25, 2021 00:40:51

Hi UsamaKhalid,

The following table lists the comparison between the deploy gateway at the access layer and the aggregation layer.


Gateways are deployed at the access layer.

Gateways are deployed at the aggregation layer.

Cost

Layer 3 switches are required at the access layer. The cost of a Layer 3 switch is higher than that of a   Layer 2 switch. When a large number of access switches are required on   the network

The cost will be greatly increased.

Access switches use only   Layer 2 switching.

The cost is low.

Routing control

Layer 3 routing can be controlled through routing policies and policy-based routing. Different services can be transmitted on different links.

Layer 2 routing on access switches depends on the Layer 2 loop prevention technology, which is difficult to control.

Link efficiency

Load balancing is performed based on routes. Multiple uplinks are available for the same service on an access switch. When a switch is connected to different broadcast domains, only the local switch needs to forward packets, improving link efficiency.

Load balancing is implemented based on MSTP instances. Only one uplink is available for services in the same VLAN on an access switch. To implement communication between different broadcast domains on the same switch, aggregation switch Layer 3 forwarding is required. The link efficiency is low.

Redundancy

The implementation is complex.   Access switches need to be stacked, and hosts need to use two NICs to connect to two switches.

The implementation is simple.   VRRP is used to implement gateway redundancy.

broadcast domain

The broadcast domain is controlled by a single access switch and is small. Reduces link bandwidth and device performance consumption because the flooding scope of received unknown unicast, broadcast, and multicast frames is small. This mode is more secure. If an ARP attack occurs on the network, the impact scope is small.   However, when a host is migrated to another access switch, IP   address parameters need to be modified.

A broadcast domain can cover multiple access switches. A broadcast domain is large and has poor security.   If an ARP attack occurs on the network, the impact scope is large. However,   when the host is migrated to another access switch in the same broadcast domain, the IP address parameters do not need to be modified.

Maintenance

Routing protocols need to run between the access layer and the aggregation layer. Therefore, the network architecture is complex and difficult to maintain (complex routing protocols and route selection control policies need to be maintained).

No routing protocol is required between the access layer and the aggregation layer. Only the STP   protocol needs to be enabled. The network architecture is simple and maintenance is easy.

The gateways of the campus network and office network are generally deployed at the aggregation layer (distributed and easy to expand and migrate). The gateways of the data center and the production network (confidential network) are generally deployed on the access network (centralized, low risk, and high security).

I hope it helps!


View more
  • x
  • convention:

UsamaKhalid
UsamaKhalid Created Feb 26, 2021 05:15:43

Thank you very much it's really helpfull.
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.