The primary purpose of the Twoaie: Network Rack is to gain a greater understanding of how to design, build, configure, monitor, and maintain a complex network — starting with the Hierarchical Topology — this is very much work in progress, and is subject to change as my knowledge, and experience, of hardware, software, and networking concepts grows.
The majority of my network projects includes, or revolves around, the 20U, 600×600mm, Twoaie: Network Rack. It has been structured around the Hierarchical (Tiered) Topology — a hybrid network that integrates the Star and Bus Topologies within the design — also known as the Tree Topology, that organise the network equipment into distinct layers: Access: Tier 1 (Bottom), Distribution: Tier 2 (Middle), and Core: Tier 3 (Top), for efficient data flow and organisation within the network.
This design improves performance, scalability, and management of complex networks by defining clear, logical roles, and functions of each layer. I wrote a blog post, Twoaie: Network Rack Layout, that details the arrangement of the nodes, appliances, and other network equipment within the rack.
Core Layer: Tier 3 (Top)
The sole purpose of the Core Layer — the high-speed backbone of the network — is to facilitate fast packet switching and ensure efficient communication between distribution blocks, using high-capacity routers and switches. It should never perform complex processing such as evaluating and enforcing Access Control Lists (ACLs) to control and filter network traffic based on predefined rules; that belongs in the Distribution Layer: Tier 2 (Middle).
The Core Layer of the Twoaie: Network Rack consists of the following:
- Aerag: Antenna Array
- Grinney: Gateway Cluster
- Fendeil: Appliance Cluster
- Cree: Core Router in RU 14
- Slock: Core Switch in RU 12
I have already written an overview about the Aerag: Antenna Array, comprising of two Poynting MIMO-4-4-V2 Antennas, that connects to two Teltonika TRB501 Units in the Grinney: Gateway Cluster in RU 18, and the Fendeil: Appliance Cluster in RU 17-16, that consists of two Protectli VP4650 Appliances configured in the dual roles of an Edge Router and Perimeter Firewall.
Cree: Core Router
The role of the Cree: Core Router in RU 14, is to connect different networks and manage traffic between them. It runs primarily at Layer 3, with a focus on high-speed data transmission and traffic exchange without complex processing. It does not access ports — that is managed by the Access Layer: Tier 1 (Bottom) — and should never be encumbered with policy processing.
For the Cree: Core Router I settled on a MikroTik CCR2116-12G-4S+ as it (1) has a powerful 16-core ARM CPU, designed specifically to handle high-performance networking tasks, (2) 16 GB RAM, for efficient handling of multiple data connections and high-bandwidth activities, to ensure stability and performance in busy network environments, (3) supports Layer 3 hardware offloading for enhanced performance and throughput by reducing the reliance on the CPU for processing tasks, (4) twelve Gigabit Ethernet ports, (5) four 10GbE SFP+ ports.
NOTE: In the first instance I will be connecting nodes and appliances to the Gigabit Ethernet ports of the Cree: Core Router, but later I will reconfigure it so they connect 10GbE SFP+ ports.
Slock: Core Switch
The role of the Slock: Core Switch in RU 12, is primarily responsible for high-speed data transmission and routing within the network. Like the Cree: Core Router, the Slock: Core Switch runs purely at Layer 3, has no access ports, and should never be burdened with policy processing. Its configuration is lean: IP routing, dynamic routing protocol, and uplinks only.
For the same reasons as the Cree: Core Router, I have selected a MikroTik CCR2116-12G-4S+ to configure it in the role of a Core Switch. Both the Cree: Core Router, and Slock: Core Switch are essential for ensuring efficient data flow, but they serve distinct roles in network architecture.
Distribution Layer: Tier 2 (Middle)
The Distribution Layer: Tier 2 (Middle) is where the intelligence of the network lives — Routing, Filtering, Quality of Service (QoS) Policies, and Virtual Local Area Network (VLAN) Management — acting as a smart intercessor between the Access Layer: Tier 1 (Bottom) and Core Layer: Tier 3 (Top).
The Aggregation Switch in the Distribution Layer: Tier 2 (Middle is crucial for controlling traffic and enforcing security measures within the network, as it aggregate traffic between the Access Layer: Tier 1 (Bottom) and the Core Layer: Tier 3 (Top). It serves as the communication point, providing routing, filtering, and policy-based connectivity.
Cohummid: Aggregation Switch
The Cohummid: Aggregation Switch in RU 10, needs to be powerful to handle high data traffic efficiently, as it consolidates multiple connections and ensures optimal performance in the network.
I chose a MikroTik CCR2116-12G-4S+ to configure in the role of an Aggregation Switch — a Layer 3 Multilayer Switch — as it can operate at high speeds and supports advanced features such as link aggregation, that can combine multiple Ethernet Links for increased bandwidth, and redundancy. This is also where (Virtual Router Redundancy Protocol (VRRP) is configured for default gateway redundancy.
Access Layer: Tier 1 (Bottom)
The Access Layer: Tier 1 (Bottom) is where end-user devices — desktops, laptops, printers, scanners, servers, network attached storage, IP phones, and wireless access points — connect to the network. Its primary role is to provide reliable and secure access while managing who and what can connect to the network.
User devices connected to the Access Layer: Tier 1 (Bottom) use different protocols to discover each other, prevent loops, and exchange data. Various services and security policies are also configured and enforced at this layer.
Scain: Access Switch and Oirr: Access Switch
End devices connect to the Local Area Network (LAN) through an Access Switch that forwards traffic between connected devices and the rest of the LAN. There are two Access Switches in the Twoaie: Network Rack.
In RU 8 and RU 6 are two MikroTik CRS418-8P-8G-2S+RM that will be configured in the role of Access Switches — Scain: Access Switch and Oirr: Access Switch — that will have responsibility for connecting end-user devices to the network, to provide high port density and lower throughput per port compared to the Core and Distribution Switches.
The MikroTik CRS418-8P-8G-2S+RM is ideal to be configured as an Access Switch because it has a quad-core 2.2 GHz CPU, 1GB RAM, sixteen Gigabit Ethernet Ports, of which eight are PoE-out Ports — to manage Access Points — and two 10G SPF+ Cages. It also supports Layer 2 Switching — focusing on connecting end devices within the same Local Area Network (LAN) — it also allows for VLAN configuration, including Layer 3 Switching for routing between VLANs, and other network management features through RouterOS.
I could have purchased a couple of MikroTik CSS Series which have been designed specifically as a switches, but they run on SwOS, which does not support a Command Line Interface (CLI); it can only be configured through the web browser. RouterOS on the other hand, supports CLI , which allows me to configure and manage the Switches from a SSH Session, which is my preferred method using my Assistive Technology Stack. Unlike the MikroTik CSS Series, the MikroTik CRS Series can run either RouterOS (default), or SwOS.
Tastey: NAS Unit and Stoyr: NAS Unit
In RU 4-1 of the Twoaie: Network Rack are the Tastey: NAS Unit (Synology DS218j), and Stoyr: NAS Unit (Synology DS220+) which are also in the Access Layer: Tier 1 (Bottom). Having the Network Attached Storage (NAS) Units in the network rack helps to centralise data storage and makes them easily accessible to multiple devices on the network. It also provides better organisation, airflow, and protection for the NAS Unit.
Both NAS Units have been configured to be accessed via a SSH Session so I can use the command line, a text-editor (Vim), with my Assistive Technology Stack to read, create, edit, and delete the documentation stored on these devices