Design Zone for Data Centers

Data Center Infrastructure Design Guide 2.1--Readme File

  • Viewing Options

  • PDF (182.3 KB)
  • Feedback
Data Center Infrastructure Design Guide 2.1— Readme File

Table Of Contents

Data Center Infrastructure Design Guide 2.1—
Readme File

What is Included in this DG Release?

Data Center Infrastructure Design Guide 2.1—
Readme File

What is Included in this DG Release?

This design guide (DG) provides guidelines for designing and building the data center switching infrastructure.

Table 1 lists the technologies used in the data center infrastructure design documented in version 2 of this design guide. This table provides a quick glance of the topics and lists the timeframe (current or future) of documentation availability for each technology.

Table 1 Cisco Data Center Technologies and DG Status 

In this DG?

Cisco Catalyst 6500 WS-X6708-10G-3C

8 port 10 GigE line card for the Catalyst 6500 Series switch

6708 notations have been added to reflect the increased port density. Testing is scheduled for a future DG release. The data sheet is available at:


Cisco Catalyst 6500 next generation hardware—Sup720 and 6700 Series line cards.

This DG is based on lab testing using the Sup720 and 6700 Series line cards in the Cisco Catalyst 6500 platform in core, aggregation, and access layer switches.

Native 12.2.18 SXD3 was used in the lab environment.


Application Control Engine (ACE)

The ACE module introduces a next generation load balancer and security services module that permits higher performance and active-active designs. The ACE module is not an available product at the time of this writing.



Firewall Services Module (FWSM) Release 3.1

Release 3.1 of the FWSM software introduces several new capabilities including Private VLAN support and active-standby context groups, which permit load balancing of contexts across an FWSM redundant pair.

Release 3.1 is not available at the time of this writing.



Data center security


See the data center security DG at the following URL:


Cisco CatOS-IOS hybrid

Hybrid CatOS-IOS software in the Cisco Catalyst 6500 platform

This DG is based on the Cisco Native IOS solutions only in the Cisco Catalyst 6500 and 4948-10GE-based products.


Pervasive 10GE

This design guide focuses on the use of 10GE technology as a primary technology used in access layer uplinks, aggregation, and core connections.



Server fabric switching— Infiniband

Designing for HPC or database clusters using Infiniband technology


Service module integration (for example, FWSM, IDS, CSM, NAM, and SSLSM)

Integration of service modules and appliances into the data center infrastructure

Service modules are examined for interoperability and placement guidelines. Detailed design and configuration guides can be found at the following URL:


1RU access layer design

Using 1RU switches in the access layer design best practices

Testing is focused on the Cisco Catalyst 4948-10GE 1RU switch.



Designing for proper cabling, cooling/airflow, and power configurations



Network Management

Using the NAM, CVDM, CiscoWorks, Netflow, or other management/configuration tools



Geographically dispersed clustering (also known as stretch clusters)

Designing in support of extending Layer 2 domains to support HA clustering across metro or wide area networks



CPU protection from STP loop conditions

Design best practices in limiting the impact of failures related to spanning tree loop conditions



Spanning tree—Using 802.1w Rapid PVST+ and 802.1s MST

Designing scalable spanning tree domains using 802.1w and 802.1s and related features



Layer 2 access design

Designs using L2 looped and loop-free access layer topologies



Layer 3 access design

Designs using L3 access layer topologies



Service layer switch design

How to move service modules out of the aggregation layer and into a separate service switch chassis for CSM and SSL modules



Distributed Forwarding Card placement and benefits

Where to use DFC3 daughter cards to improve distributed switching performance in the data center

Covered in multi-tier and server cluster architecture chapters


Enterprise campus segmentation

The need to isolate/segment multiple logical network environments on the same physical network for administration, security, or other purposes.

This is covered outside of this DG document.


Use of NSF/SSO for high availability in the data center

Where to use redundant supervisors in the data center architecture, and designing to support required failover times



Table 2 lists the technologies used in the data center infrastructure design documented in the previous v1.1. Note that version 2.1 builds on the v1.1 and v 2.0 design recommendations and it is not intended to be a replacement.

Table 2 Technologies used in the Data Center Infrastructure Design Documented in DG v1.1 


Layer 3 data center design

Using OSPF and EIGRP in the data center design

Layer 3 security

Using dynamic routing protocol authentication

Use of VTP in Layer 2 designs

Why not to use VTP in the data center

Choosing a spanning tree protocol

Explains the differences between 802.1w, Rapid PVST+ and MST and when to use each

Using LoopGuard and UDLD


Using PortFast and TrunkFast


Layer 2 security

Explains VLAN hopping, MAC flooding, ARP spoofing, and spanning tree vulnerabilities

Default gateway design

Reviews configurations for HSRP in the data center

ARP table tuning

Tuning the ARP table size to optimize traffic characteristics

NIC teaming design

Covers the various NIC teaming methods and connectivity options

Mainframe OSA and OSPF design

Explains mainframe connectivity options when using the OSA interface and covers IP addressing and OSPF configurations

PortFast and BPDU Guard

When to use PortFast and BPDU Guard on server ports

Port security

Covers server port security options

Server port configurations

Examples of server port switch configurations

Network management configuration

Configuring user names and passwords, VTY access, SNMP, and logging

VLAN configuration

Configuring VTP, MAC address reduction, and other VLAN features

Spanning tree configuration

How to configure Rapid PVST+, MST, and protection from loops with UDLD and LoopGuard

Switch-to-switch trunk configuration

EtherChannel and trunking configuration between the aggregation layer switches