New Title: Diff btwn Layer2/3 Link (CCDA)

darkerosxx

I'm looking at this picture that shows the distribution layer multi-layer switches connected by a layer 2 trunk link because access layer layer 2 switches have a common vlan.

It says this:

Diane Teare Book wrote:

Provide a Layer 2 link between the two Building Distribution switches to avoid unexpected traffic paths and multiple convergence events.

For whatever reason, I'm having trouble wrapping my head around the difference they're pointing out between a layer 2 link and a layer 3 link, other than the obvious and that it's a trunk link. The other pictures I see that don't have a common vlan on the access layer switches use a layer 3 link between distribution switches.

So, I guess my question is, are they meaning a layer 2 link is a direct connection, while a layer 3 link is a recommended point-to-point?

Edit to add: This is tripping me out...I'm reading further and there's more reference to a layer 2/3 link. Do they just mean a layer 2 link is a MAC Address reference while a Layer 3 link is a IP reference?

Anybody know? lol

Edit again: The Diane Teare book uses these terms about 3-4 times throughout the entire book. It's driving me bonkers not understanding what she's talking about.

Paul Boz

Layer 2 links aren't routed links, they're purely switched. They're the more "traditional" inter-switch link. Examples would be trunk links between two layer 2 devices. Layer 3 links are links that have a layer 3 routing process running on them. Examples would be redundant uplinks to the core or to adjacent distribution-layer L3 switches.

Usually layer 2 trunk links are used between access and distribution switches and layer 3 routed links are used between distribution switches themselves and distribution switches and core switches. This is because there shouldn't be any shared vlans between access-layer switches. Every access-layer switch should be in its own VLAN.

darkerosxx

Thanks for the help Paul. I was thinking along those lines, but your explanation made the muddy water crystal clear for me.

ZblaJhaNi

Hi,

I have trouble to understand this too..... connectivity between Distribution switches.

Let`s say that i have shared vlans between access switches...Is this means that i have to connect distribution switches with Layer 2? If so, why?

Thanks for help

BR

CChN

Paul Boz wrote: »

This is because there shouldn't be any shared vlans between access-layer switches. Every access-layer switch should be in its own VLAN.

It's important to note that this rarely happens in practice as access devices are more often than not grouped by function as opposed to physical location. To use a played out example: sales vlan, marketing vlan, finance vlan, all spread out over multiple floors.

DevilWAH

Paul Boz wrote: »

This is because there shouldn't be any shared vlans between access-layer switches. Every access-layer switch should be in its own VLAN.

I not sure about this?

Say I have 4 switchs in a cab serving one floor of a building. one is the distribution switch and the other three are access switch.

As you say layer 2 links are often used between access and distribution, and in this case VLAns would be shared between (or could be) between these local access switchs and agratated via the distribution switch.

I agree vlans should not be shared between distribution switches or remore access switchs in a "best Practice" deployment.

Forsaken_GA

DevilWAH wrote: »

I not sure about this?

Say I have 4 switchs in a cab serving one floor of a building. one is the distribution switch and the other three are access switch.

As you say layer 2 links are often used between access and distribution, and in this case VLAns would be shared between (or could be) between these local access switchs and agratated via the distribution switch.

I agree vlans should not be shared between distribution switches or remore access switchs in a "best Practice" deployment.

End to end vlan's are considered not-best-practice in current design doctrine. Sometimes it's unavoidable, as issues of port density alone can cause a vlan to span more than one access switch, but in general, you want a vlan to be on as few switches as possible. Dealing with end to end vlans in very large networks is a special kind of pain

TesseracT

How does that work with voip? Both data and voice will have to span every access layer switch...

Fugazi1000

Add the needs of 802.1x and you actually WANT to get vlans for a specific purpose spread across access switches. Constraining to physical locations means either flexibility or security suffers.

mattsthe2

My suggestion would be to put your SVI and VTP Servers on your distro's, trunk your access switches to your distros and on the trunks limit the vlans on the trunk.

As far as connecting your distros together ive seen both L2 and a L3 links setup or just L3 links. I'm not sure what is the best method but hoping that someone answers that question.

GT-Rob

mattsthe2 wrote: »

My suggestion would be to put your SVI and VTP Servers on your distro's, trunk your access switches to your distros and on the trunks limit the vlans on the trunk.

As far as connecting your distros together ive seen both L2 and a L3 links setup or just L3 links. I'm not sure what is the best method but hoping that someone answers that question.

Depends on the network. Keeping the core L2 can be high performing, but then your dist. layer needs to run a lot of L3. The idea is the core will see the most traffic, and you want to keep that off the processor (slow) and on the hardware (fast) as much as possible. We personally move the L3 to the core but only because it was A: easy and B: our cores are very under subscribed (4 x 6509s and could probably get away with some 3750-G stacks).



Again, if you have a lot of different subnets communicating with each other on the same access or distribution segment, then you don't want to have to pass traffic up to the core all the time. It really is hard to apply a "one design fits all" to all situations.

mangesh62012

Paul Boz wrote: »

Layer 2 links aren't routed links, they're purely switched. They're the more "traditional" inter-switch link. Examples would be trunk links between two layer 2 devices. Layer 3 links are links that have a layer 3 routing process running on them. Examples would be redundant uplinks to the core or to adjacent distribution-layer L3 switches.

Usually layer 2 trunk links are used between access and distribution switches and layer 3 routed links are used between distribution switches themselves and distribution switches and core switches. This is because there shouldn't be any shared vlans between access-layer switches. Every access-layer switch should be in its own VLAN.

Nice Info Paul... it is clearing the abount L2 and L3 links in network devices.