LAN Switch Topologies for the New CCNP

Part 3 in the 2010 CCNP Lab Series

You need at least a pair of  "switches", and you really need more. But there are multiple options for what you buy to do switching with for the lab, and those choices impact the topology you end up using. Today I'll break it down, looking at STP, VTP, Layer 3 switches, and switching modules in routers. All I'll pose the question to you fans of 4 switches instead of 3 for your CCNP lab: Why?

Let's start with the straightforward part. The most obvious topics that drive us towards multiple switches are Spanning Tree Protocol (STP) and VLAN Trunking Protocol (VTP), with STP being the more important of the two (in my opinion.) Recently, I did a short series on an STP lab, where I discussed tradeoffs between a 2 and 3 switch topology for STP testing. One of my motivations for that short series was so I could just refer back to the conclusions from that series when I got around to this post. So, combining literal conclusions and my personal recommmendation:

1)    You can test most every STP geature with a pair of LAN switches.

2)    If you're serious about CCNP, you need at least 3.

Why at least 3 switches? With 2 switches, STP is just too basic, too boring, and not challenging enough with just two switches. Even with multiple links, with some portchannels, between the two switches, it's still too boring. Sure, you can test all features, but the STP path is always either local to one switch, or goes to the one other switch - all you have to do is figure out which link is in STP forwarding state and which is listed in the MAC address table for a particular destination.

Additionally, while VTP can also be tested with 2 switches, you really need 3 to do the more interesting free play scenarios. Create 1 server, 1 client, and 1 transparent. Create 2 servers and 1 client, and do an experiment to show the client actually updating the server. (This last one's probably a corner case for CCNP, but I find it interesting - look here to the book page for my CCIE book, and click "downloads", for a write-up posted on my CCIE book's page.)

The 3 switch topo would work well with (at least) 1 portchannel and 1 other trunk between each pair of switches. The STP tiebreakers and show command output differs a bit comparing portchannels and physical interfaces. Also, it gives more room to practice forcing the STP path using all the tools available - explicit cost config, change the root, lower the link speeds to affect STP cost defaults, shutdown one of the portchannel links, look for all the tiebreakers and try to find ways to override them. The figure requires 9 crossover cables, but I'd probably go ahead and get 12-15 of them in case you want to go 3 links to a portchannel, or add another single-link trunk.

If you go for 4 switches, then you probably still want a portchannel and non-portchannel trunk between each pair:

This topology matches Cisco's campus design theory, in with each access switch with links to 2 different distribution switches. In effect, it acts like 2 different triangles that match the 3 switch model. With this design, you can tune STP like you would in real life, such that some VLANs (maybe all odd VLANs) use the path through D1 as the best STP path, and the other VLANs use the path through D2. Or, change it to make switch A1 always use D1 as the preferred STP path, and A2 always use D2 as the preferred path.

Which brings me to the end of the basics here, and to a poll. In that STP lab/topo series a month or two back, I did a poll where a lot of folks preferred 4 switches. So, let's say that you were $ conscious, but you'd spend the $ if you saw a benefit for CCNP prep. Which of the following reasons would you see as worth it for a 4th switch, if it was say... $75 US?

Next page over, I'll look at the layer 3 perspective.

Why do you need layer 3 switches in your CCNP lab? Well, the list is surprisingly short:

1)    To learn how to configure the switched virtual interface (SVI) interfaces - the layer 3 VLAN interfaces - which differs slightly from router configuration

2)    To practice HSRP/VRRP as you would normally see it in real life (Most medium to larger campus LANs use layer 3 switches, with default gateways being the layer 3 switches.)

So, the easy solution for practicing these two items is to purchase a pair of layer 3 switches. You can do all the other layer 2 testing with these as well. In today's used switch market, when you care about $, that usually means 3550's with the right software on them. In that case, you can have the same topology shown before, but with D1 and D2 acting as layer 3 switches, running HSRP or VRRP, and being the default gateway for hosts.

However, other alternatives exist. First, you can test HSRP and VRRP with routers. So, you could just ignore the layer 3 SVI configuration on the switches, practice HSRP and VRRP with routers, and buy layer 2 only switches. Why? The layer 2 only switches are often a little more than $100 cheaper. In this case, you'd need a topology like this one, and you could practice everything for CCNP switching topics except layer 3 switching config:

Finally, you could go with yet a 3rd option: using Ethernet switch modules in some types of routers. For instance, the NM-16ESW Network Module is a 16 port Ethernet switch. It does VTP, STP, and allows the configuration of SVI interfaces - in other words, the configuration of layer 3 VLAN interfaces with the "interface vlan x" command. When pricing an entire lab, buying routers that support NM-16ESW cards, and using them instead of some switches, may be more cost effective.

Caveat: I've heard from many folks over the years that 3640's with NM-16ESW's work well. However, I've personally never configured one of these modules, so buyer beware. You can do some research starting with this link. If any of you out there have recently used these switch modules on routers, please comment and let us know how it went for you.

As for a topology, you could then use these NM-16ESW cards instead of normal switches for all your switching practice, with a topology like this:

One of the particularly interesting ideas with this topo is that Dynamips supports router IOS versions that in turn support NM-16ESW cards. Again, I've not personally used this feature, but many folks posting here and other places in the past have had success in doing the layer 3 switching configuration on Dynamips virtual routers that have virtual NM-16ESW cards. 

So, what would you do differently? What would you add? Share your ideas with the rest of the community. And thanks to all of you for joining in the discussion!


Some of my most popular recent posts:

2010 CCNP Lab Series ñ Overview

Best Troubleshooting Approach to TSHOOT Exam

1, 2, 3 or More - How Many Cisco Switches in Your Lab?

The New ROUTE exam: More Difficult than the Old BSCI?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2010 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)