Link Search Menu Expand Document
calendar_month 07-Mar-24

LAN Topologies

The Aruba ESP Campus LAN Topologies section describes the campus LAN topologies used in the design of a typical Aruba ESP campus.

Table of contents

Two-Tier Campus LAN

The two-tier wired architecture includes access switches or switch stacks connected to a dual-switch collapsed core. The access switches provide layer 2 services to connected endpoints and connect to core switches providing both layer 2 and layer 3 services.

The two-tier design is well suited for small buildings with few wiring closets and access switches. It also works well in larger environments when the fiber cables from each wiring closet are homed in a single location. The following figure illustrates this design.

Two-Tier Collapsed Core

Collapsed Core Layer

Use Aruba CX switches that support VSX redundancy to provide access switches and other devices the option of connecting over a redundant, MC-LAG layer 2 connection.

A foundation for establishing a network overlay can be built within the two-tier topology by configuring OSPF peering between each access and core switch and adding a loopback interface to each access switch in the OSPF backbone area.

Access Layer

Use Aruba CX switches that support VSF stacking for simplified growth in the network closet. In layer 2 access designs, use uplink ports on different VSF stack members, one into each MC-LAG configured aggregation switch. This ensures efficient, fault-tolerant layer 2 bandwidth up from the access layer.

Enable Aruba ESP Colorless Ports by configuring port policies to allow 802.1x dynamic authentication and network configuration.

Enable layer 2 protection mechanisms such as Loop Protection, BPDU Filter, Root Guard, and BPDU Protection.

To simplify the network as much as possible, all routing is performed on the core devices.

Three-Tier Campus LAN

Organizations move to a three-tier network design for the following primary reasons:

  • Network growth producing cross-campus traffic beyond the capacity of a single collapsed core.
  • Network growth beyond a small number of access aggregation points.
  • Network growth beyond a few building aggregation points.

The three-tier campus design is recommended for large networks with thousands of users or where the physical wiring layout is not suited for a two-tier design. Layer 3 services for wired network hosts are moved from the core to VSX pairs of aggregation switches. A pair of core switches joins the aggregation switches together using high-speed layer 3 links and multiple equal-cost multipath (ECMP). Additional capacity between pairs of aggregation switches is added by increasing the number of links between the core and aggregation switches. The access switches remain layer 2 only. The figure below illustrates this design.

Three-Tier Redundant Core

When connecting a gateway cluster or other layer 2 device directly to the core, use Aruba CX switches that support VSX in order to take advantage of MC-LAG.

When high volumes of wireless endpoints are connected to a gateway cluster, deploy a services aggregation block off the core to isolate the unique demands of bridging wireless to wired traffic. This offloads layer 2 connections from core switches allowing a layer-3-only standalone core, increasing resiliency at the most critical point in the network. The figure below illustrates this design.

Three-Tier Standalone Core

Core Layer

Use Aruba CX switches with sufficient ports of appropriate speeds to service the full bandwidth demands of the campus aggregation layer.

The core layer of the LAN is the most critical part of the campus network and standalone cores. The core layer reduces network complexity by carrying only routed traffic. The standalone core uses separate switches, acting independently of one another, with dual ECMP connections to all aggregation switches. ECMP is an advanced routing strategy in which next-hop packet forwarding occurs over multiple paths with identical routing metric calculations.

When considering core topologies, it is important to use point-to-point links because link up/down changes propagate almost immediately to the underlying protocols. Topologies with redundant ECMP links are the most deterministic and convergence is measured in milliseconds.

Aggregation Layer

Use Aruba CX switches that support VSX redundancy with sufficient ports of appropriate speeds to service the full bandwidth demands of the campus access layer. In layer 2 access designs, use VSX MC-LAG to provide efficient layer 2 connectivity to the devices.

In most designs, the aggregation layer of the LAN limits cable distance to access devices, isolates the network core from layer 2 traffic, and provides layer 3 services to access VLANs. In campus designs using layer 3 access, routing moves to the edge switches and the aggregation devices fulfill a simpler, transit-only function.

Consider running OSPF to provide loopback reachability to access layer devices even in networks relying on layer 2 access. Enabling loopback reachability to all devices in the campus LAN ensures the ability to leverage a growing range of options for network automation and orchestration.

Access Layer

Use Aruba CX switches that support VSF stacking for simplified growth in the network closet. In layer 2 access designs, use uplink ports on different VSF stack members, one into each MC-LAG-configured aggregation switch. This ensures efficient, fault-tolerant layer 2 bandwidth up from the access layer.

Enable Aruba ESP Colorless Ports by configuring port policies to allow 802.1x dynamic authentication and network configuration.

Enable layer 2 protection mechanisms such as Loop Protection, BPDU Filter, Root Guard, and BPDU Protection.

To reduce load on the network core, all routing is performed on the aggregation devices.


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.