1.1 The Hierarchical Network Design Model
1.1.4 Distribution layer example
The following rules will protect the core from unnecessary or unauthorized traffic. Distribution-layer routers need fewer interfaces and less switching speed than their counterparts in the core because they should handle less traffic. Nevertheless, a lightning-fast core is useless if a bottleneck at the distribution layer prevents user traffic from accessing core links. For this reason, Cisco offers robust, powerful distribution routers, such as the 4000, 4500, and, most recently, the 3600 series router. These routers are modular, so interfaces can be added and removed depending on need, although the smaller chassis of these series are much more limiting than those of the 7000, 7200, and 7500 series.

Exactly how will these distribution-layer routers bring policy to the network? You can configure them to use a combination of access lists, route summarization, distribution lists, route maps, and other rules to define how a router should deal with traffic and routing updates. Many of these techniques are covered later in this course.

The figure shows two 3620 routers have been added at Core A (in the same wiring closet as the 7507). This means that you can use high-speed LAN links to make the connections between our distribution routers and the core router. Depending on the size of the network, these links may be part of the campus backbone and will most likely be fiber running 100 or 1000 Mbps. In this example, Dist-1 and Dist-2 are part of Core A's campus backbone. Dist-1 serves remote sites, while Dist-2, serves access routers at Site A. If Site A employs VLANs throughout the campus, Dist-2 may be responsible for routing between them.

Both Dist-1 and Dist-2 use access lists to prevent unwanted traffic from reaching the core. In addition, these routers summarize their routing tables in updates to Core A, keeping Core A's routing table as small and efficient as possible.