The Building Distribution layer aggregates the Building Access layer, segments workgroups, and isolates segments from failures and broadcast storms. This layer implements many policies based on access lists and QoS settings. The Building Distribution layer can protect the Campus Core network from any impact of Building Access layer problems by implementing all the organization’s policies.

When implementing the Building Distribution layer, consider the following questions:

■ How many devices will each Building Distribution switch handle?

■ What type and level of redundancy are required?

■ How many uplinks are needed?

■ What speed do the uplinks need to be to the building core switches?

■ What cabling is currently available in the wiring closet, and what cabling options exist for uplink connectivity?

■ As network services are introduced, can the network continue to deliver high performance for all its applications, such as video on demand, IP multicast, or IP telephony?

The network designer must pay special attention to the following network characteristics:

■ Performance: Building Distribution switches should provide wire-speed performance on all ports. This feature is important because of Building Access layer aggregation on one side and high-speed connectivity of the Campus Core module on the other side. Future expansions with additional ports or modules can result in an overloaded switch if it is not selected properly.

■ Redundancy: Redundant Building Distribution layer switches and redundant connections to the Campus Core should be implemented. Using equal-cost redundant connections to the core supports fast convergence and avoids routing black holes. Network bandwidth and capacity should be engineered to withstand node or link failure.

When redundant switches cannot be implemented in the Campus Core and Building Distribution layers, redundant supervisors and the Stateful Switchover (SSO) and Nonstop Forwarding (NSF) technologies can provide significant resiliency improvements. These technologies result in 1 to 3 seconds of outage in a failover, which is less than the time needed to replace a supervisor and recover its configuration. Depending on the switch platform, fullimage In Service Software Upgrade (ISSU) technology might be available such that the complete Cisco IOS software image can be upgraded without taking the switch or network out of service, maximizing network availability.

■ Infrastructure services: Building Distribution switches should not only support fast multilayer switching, but should also incorporate network services such as high availability, QoS, security, and policy enforcement. Expanding and/or reconfiguring distribution layer devices must be easy and efficient. These devices must support the required management features.

The following are best-practice recommendations for optimal Building Distribution layer design:

■ Use first-hop redundancy protocols.

■ Deploy Layer 3 routing protocols between the Building Distribution switches and Campus Core switches.

■ If required, Building Distribution switches should support VLANs that span multiple Building Access layer switches.