| |
This document is maintained by Art Houle.
NOTE: (12/2/05) This page is currently under revision.
|
|
|
| 1.0 |
Network architecture and its influence on switch needs. The necessary switch functionality at FSU varies with the switch use within the network. Most switches connect end-users or small servers on a LAN back to the core of the Network where routing happens. The routing boundary isolates LAN broadcasts and provides alternate link connectivity to the rest of campus and to The Internet. Routing is currently done in the core switches but may in the future include the building entrance switches. |
| 1.1 |
For discussion of switch functionality, This document separates the basic features of switches from the additional features needed for high-end performance, and building entrances, and core switches, and computer-lab switches. |
| 2.0 |
Basic switch operation. All switches should support all of these functions. |
| 2.1 |
Wire speed capability on all ports. |
| 2.2 |
Able to auto detect or force duplex. |
| 2.3 |
Able to auto detect or force speed for 10/100/1000TX (copper) ports. |
| 2.4 |
Spanning-tree: |
| 2.4.1 |
802.1d = spanning tree - detects and stops loops on a LAN |
| 2.4.2 |
802.1w = rapid spanning tree - speeds link up initialization to enable IPX |
| 2.4.3 |
802.1s = multiple instance spanning tree - for trunked vlans |
| 2.4.4 |
per VLAN spanningtree (PVST) |
| 2.5 |
IGMP snooping (or CGMP) for multicast |
| 2.6 |
802.1q - VLAN trunking to manage LANs |
| 2.7 |
High port density for distribution closets (24 or 48 10/100TX in one box) |
| 2.8 |
User login by name must have 2 password levels minimum. One level for looking and a second level for making configuration changes. Different levels will be configured for different users. |
| 2.9 |
Must use encrypted passwords. |
| 2.10 |
Must support HTTPS for GUI interface or SSH and (optional telnet) for CLI interface. |
| 2.11 |
SNMP monitoring capability including bytes,packets,errors per port. (default MIB-2 = .1.3.6.1.2.1) |
| 2.12 |
OS upgrades via tftp or rcp or other on-line procedure. |
| 2.13 |
Mirror or span a port to monitor traffic. |
| 3.0 |
Switches that will serve computational intense areas. It is envisioned that these switches would connect directly back to the core routers and not be part of a LAN serving a whole department. |
| 3.1 |
Large frame capability at 9000 byte MTU. The future MTU target is 64000Bytes. Note that all devices on a LAN require the same MTU. |
| 3.2 |
Gigabit Ethernet capable ports |
| 4.0 |
Building entrance switches will need L3 routing in the future if we ever deploy redundant boxes in the core. They will also be able to control multiple LANs for multiple departments in one building and deploy QOS features. |
| 4.1 |
Two GBIC or mini-GBIC uplinks. |
| 4.2 |
rate-limit (or policy-limit) per port |
| 4.3 |
Layer 3 routing with dual links in preparation for dual boxes in the core is designed to support fail-over. (Note: We may use HSRP in the core and not need layer3 routing in the building entrance switches.) |
| 4.4 |
Broadcast control rate limits certain types of traffic. |
| 4.5 |
ACL for to restrict access by IP address. |
| 5.0 |
Core switches. |
| 5.1 |
layer 3 routing: |
| 5.1.1 |
ip protocols: encrypted OSPF, BGP4, and static routing. |
| 5.1.2 |
PIM-SM, MSDP, MBGP, IGMP to support multicast |
| 5.1.3 |
IPX, SAP/SPX, Appletalk (currently required, to be phased out) |
| 5.1.4 |
IPv6 |
| 5.1.5 |
route-distribution maps |
| 5.2 |
A single 'show config' should display all non-default settings. |
| 5.3 |
An OS that supports saving multiple configs and multiple OS binaries. |
| 5.4 |
sflow (RFC3176) or netflow sends flow information to external computers for analysis of campus network traffic. |
| 5.5 |
broadcast control rate limits certain types of traffic. |
| 5.6 |
ACL for telnet/SSH access, QOS, traffic access, route maps, etc. |
| 5.7 |
VLAN or physical port control |
| 5.8 |
QOS feature set: |
| 5.8.1 |
identify/classify traffic by source or destination TCP port or ip address |
| 5.8.2 |
rate-limit or 'police' identified traffic |
| 5.8.3 |
Set or trust DSCP value. |
| 5.8.4 |
multiple queues per port in and out. |
| 5.8.5 |
WRR queuing |
| 5.9 |
Syslog |
| 5.10 |
NTP |
| 5.11 |
Redundant power supplies. |
| 5.12 |
Interface support 100FX, GBIC or mini-GBIC at GigE, 10GigE |
| 5.13 |
DHCP forwarding (helper address) |
| 5.14 |
Hot standby/redundant controllers capability. |
| 6.0 |
IP telephony support (future). This would be needed in all switches except classrooms and labs and computationally intensive switches. |
| 6.1 |
802.1p - prioritize traffic by QOS |
| 6.2 |
a priority queue for IP telephone |
