Make like a Network Design and LEAF

For as long as I have been a network engineer (almost twenty years), all networks were hierarchical. Most models were three layers deep, but there were four layer networks and collapsed two-layer networks eventually as well. Just like everything else in the data center the network has also evolved. Nowadays the model has evolved to Leaf-Spine.

Let us take a closer look at the hierarchical model. Historically the hierarchical model was comprised of Core Layer, Aggregation Layer, and Access Layer.


The core layer provided routing throughout the data center, to the Internet and to remote sites throughout the enterprise. The middle layer is the aggregation, or distribution layer. This intermediate layer joins the core to the access layer. The access layer is the layer to which all hosts connect. The Aggregation layer is always redundantly connected. The aggregation layer services access layer switches and in turn services the core. This existing model worked well for many years. It was redundant and resilient, but did have limitations such as loops that may be prevented by using Spanning Tree Protocol (STP).

Today the 3-tier hierarchy has been replaced by the leaf-spine methodology.  In the leaf-spine model, access or leaf switches are all fully meshed to a series of spine switches.


The mesh in a leaf-spine network requires that all access layer switches are but one hop away from each other. Leaf-spine can be layer two or layer three (routed or switched). In layer two leaf-spine implementations, the SPF protocol has been replaced by other protocols such as Trill or SPB. If you use a Layer three implementation of leaf-spine, then the OSPF (open shortest path first) protocol is used. The leaf-spine architecture lends itself well to virtualized environments such as VXLAN. Therefore, the combination of leaf-spine and VXLAN allow you as a provider to implement multitenancy. Overall this methodology is more scalable and flexible.

There are a couple drawbacks to leaf-spine if you are hesitant. One issue arises out of the sheer number of cables needed to implement this design. It uses a lot of physical plant and takes up space in the rack. The other major issue is associated with layer three routing. VLANs are completely segmented on leaf switches so this can create challenges to how users access resources and information.

The future beckons for the leaf-spine architecture in favor of the three-tier hierarchical architecture. Look into leaf-spine and decide if the improved flexible approach works for your organization. Cisco has a helpful whitepaper here: HP/Aruba also addresses leaf-spine architecture in a helpful post here: CCSI can help transition you to a leaf-spine when your organization is ready to make the move.

John Busso

Author Bio: John Busso is a Senior Network Engineer/Mobility Specialist at CCSI. He has almost 20 years experience providing secure voice and data solutions. John has been a Subject Matter Expert for Enterprise Mobile Solutions such as Guest WiFi and BYOD, providing vision for diverse clients.

John has been an Adjunct Professor and trainer. He holds numerous Industry certifications, including CISSP CWNP, CCNP, ACMP and ITIL. His experience includes working with retail, TNL-Couriers, DC’s and Airports, Healthcare, Education, DOD, Local Government, Financial, Non-Profit-Public WiFi, Entertainment and Hospitality industries. His expertise is in mobility, security, WLAN, WAN, LAN, VoWiFi, RFID, RTLS, WIPS, WIDS, DAS, licensed/unlicensed PTP and PTMP networks. Connect with John on Twitter via @JohnBusso.

The post Make like a Network Design and LEAF appeared first on CCSI.

*** This is a Security Bloggers Network syndicated blog from CCSI authored by John Busso. Read the original post at: