<a href="https://colab.research.google.com/github/brendanpshea/intro_to_networks/blob/main/Networks_06_Topology.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# Network Topology and Design

Computer networks form the backbone of modern communication systems, enabling devices to share resources and information across various distances. The way these networks are designed and structured plays a crucial role in determining their performance, reliability, and scalability. Before diving into specific designs, it's essential to understand what network topologies and architectures are and why they matter in network planning.

**Network topology** refers to the physical or logical layout of devices, nodes, and connections in a network. It defines how different nodes are placed and how they connect to each other. The topology you choose affects:

* Network performance and speed of data transmission between devices
* Ease of installation and configuration when setting up new networks
* Cost of implementation, including cabling and hardware requirements
* Fault tolerance and how the network responds when components fail
* Scalability and how easily the network can grow to accommodate more devices

**Network architecture** describes the comprehensive framework of a network's hardware, software, connectivity, communication protocols, and mode of transmission. While topology focuses on layout, architecture encompasses:

* The overall design principles and structure of the entire network system
* The relationship between different network components and layers
* Rules and standards that govern how data flows through the network
* Security measures and access control mechanisms

Throughout this chapter, we'll explore various network topologies and architectures, comparing their strengths and weaknesses to understand which designs work best for different scenarios and requirements.

## Network Topology Basics: What Shapes Our Networks?

Network topologies establish the fundamental blueprint for how devices communicate within a network. Think of topologies as the road maps that determine how data travels from one point to another. The choice of topology affects everything from performance to cost, reliability, and maintenance. Understanding basic topology concepts provides the foundation for making informed network design decisions.

**Physical topology** refers to the actual layout of computer networking equipment. This includes:

* The physical arrangement of devices, cables, and other hardware components
* The actual paths that signals travel between network devices
* The physical infrastructure required to support the network design

**Logical topology** describes how data flows within a network, which may differ from its physical layout:

* The path that data signals actually take between nodes
* How devices communicate with each other regardless of physical arrangement
* The protocols and rules that govern data transmission

Each topology has distinct characteristics that make it suitable for specific environments and requirements. Let's examine the key factors to consider when evaluating network topologies:

| Characteristic | Description | Why It Matters |
|----------------|-------------|----------------|
| **Reliability** | How well the network continues to function when components fail | Determines network uptime and resilience against failures |
| **Scalability** | How easily the network can grow to accommodate more devices | Affects long-term viability and expansion capabilities |
| **Cost** | Initial implementation and ongoing maintenance expenses | Impacts budget planning and total cost of ownership |
| **Performance** | Speed and efficiency of data transmission | Determines user experience and application responsiveness |
| **Complexity** | Difficulty of implementation and troubleshooting | Affects maintenance requirements and technical expertise needed |

When selecting a network topology, network administrators must balance these factors based on the specific needs of their organization, budget constraints, and future growth plans.

## Mesh Topology: Maximum Redundancy and Reliability

A mesh topology creates a network where each device connects directly to every other device, forming multiple pathways for data transmission. This interconnected web of connections offers the highest level of redundancy possible in network design. Mesh networks are particularly valuable in scenarios where reliability is critical and network downtime must be minimized.

**Full mesh topology** is a network configuration where every node has a direct, dedicated connection to every other node in the network. In this arrangement:

* If a network has n devices, each device connects to (n-1) other devices
* The total number of connections equals n(n-1)/2
* Data can travel from any point to any other point through multiple possible paths
* If one connection fails, data can automatically reroute through alternate paths

**Partial mesh topology** is a more practical variation where only some devices connect to all others, while the remaining devices connect only to those they communicate with most frequently:

* Critical devices have connections to all or most other devices
* Less essential devices may have fewer connections
* This approach balances reliability with cost and complexity
* Strategic placement of connections can still provide good redundancy

The advantages of mesh topologies include:

* Exceptional fault tolerance with multiple data paths available
* No single point of failure that could bring down the entire network
* High privacy and security as data can be routed through private connections
* Better performance as traffic can be distributed across multiple paths

The disadvantages to consider:

* Expensive to implement due to the large number of cables and ports required
* Complex to set up and manage, particularly in large networks
* Difficult to troubleshoot because of the many interconnections
* Physical implementation challenges in environments with many nodes

Mesh topologies are commonly used in:

* Critical infrastructure networks where downtime is unacceptable
* Wireless mesh networks for extensive coverage areas
* Backbone networks connecting multiple sites in an organization
* Military or government networks requiring high security and reliability

In [3]:
# @title
%%html
<?xml version="1.0" encoding="UTF-8"?>
<svg viewBox="0 0 800 400" xmlns="http://www.w3.org/2000/svg">
  <!-- Full Mesh -->
  <g transform="translate(200, 200)">
    <!-- Nodes -->
    <circle cx="-120" cy="0" r="30" fill="#4285f4" stroke="#2a56c6" stroke-width="2"/>
    <circle cx="120" cy="0" r="30" fill="#4285f4" stroke="#2a56c6" stroke-width="2"/>
    <circle cx="0" cy="-100" r="30" fill="#4285f4" stroke="#2a56c6" stroke-width="2"/>
    <circle cx="0" cy="100" r="30" fill="#4285f4" stroke="#2a56c6" stroke-width="2"/>
    <circle cx="-80" cy="-80" r="30" fill="#4285f4" stroke="#2a56c6" stroke-width="2"/>

    <!-- Lines -->
    <line x1="-120" y1="0" x2="120" y2="0" stroke="#666" stroke-width="2"/>
    <line x1="-120" y1="0" x2="0" y2="-100" stroke="#666" stroke-width="2"/>
    <line x1="-120" y1="0" x2="0" y2="100" stroke="#666" stroke-width="2"/>
    <line x1="-120" y1="0" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>
    <line x1="120" y1="0" x2="0" y2="-100" stroke="#666" stroke-width="2"/>
    <line x1="120" y1="0" x2="0" y2="100" stroke="#666" stroke-width="2"/>
    <line x1="120" y1="0" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>
    <line x1="0" y1="-100" x2="0" y2="100" stroke="#666" stroke-width="2"/>
    <line x1="0" y1="-100" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>
    <line x1="0" y1="100" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>

    <!-- Labels -->
    <text x="-120" y="0" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">A</text>
    <text x="120" y="0" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">B</text>
    <text x="0" y="-100" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">C</text>
    <text x="0" y="100" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">D</text>
    <text x="-80" y="-80" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">E</text>

    <text x="0" y="-150" text-anchor="middle" font-size="24" font-weight="bold" font-family="Arial">Full Mesh</text>
  </g>

  <!-- Partial Mesh -->
  <g transform="translate(600, 200)">
    <!-- Nodes -->
    <circle cx="-120" cy="0" r="30" fill="#34a853" stroke="#0d652d" stroke-width="2"/>
    <circle cx="120" cy="0" r="30" fill="#34a853" stroke="#0d652d" stroke-width="2"/>
    <circle cx="0" cy="-100" r="30" fill="#34a853" stroke="#0d652d" stroke-width="2"/>
    <circle cx="0" cy="100" r="30" fill="#34a853" stroke="#0d652d" stroke-width="2"/>
    <circle cx="-80" cy="-80" r="30" fill="#34a853" stroke="#0d652d" stroke-width="2"/>

    <!-- Lines (fewer connections) -->
    <line x1="-120" y1="0" x2="120" y2="0" stroke="#666" stroke-width="2"/>
    <line x1="-120" y1="0" x2="0" y2="-100" stroke="#666" stroke-width="2"/>
    <line x1="-120" y1="0" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>
    <line x1="120" y1="0" x2="0" y2="100" stroke="#666" stroke-width="2"/>
    <line x1="0" y1="-100" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>
    <line x1="0" y1="100" x2="-80" y2="-80" stroke="#666" stroke-width="2"/>

    <!-- Labels -->
    <text x="-120" y="0" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">A</text>
    <text x="120" y="0" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">B</text>
    <text x="0" y="-100" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">C</text>
    <text x="0" y="100" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">D</text>
    <text x="-80" y="-80" text-anchor="middle" dy="5" fill="white" font-weight="bold" font-family="Arial">E</text>

    <text x="0" y="-150" text-anchor="middle" font-size="24" font-weight="bold" font-family="Arial">Partial Mesh</text>
  </g>
</svg>

## Star/Hub and Spoke: Centralized Network Management

The star topology, also known as hub and spoke, features a central connection point to which all other network devices connect. This centralized design represents one of the most common network topologies implemented in modern networks, particularly in local area networks (LANs). Its straightforward design makes it relatively easy to understand and manage.

**Star topology** is a network configuration where each device connects directly to a central hub or switch. This arrangement creates a structure resembling a star with the hub at the center:

* All data in the network passes through the central hub before reaching its destination
* Each device on the network has exactly one connection to the hub
* No direct device-to-device connections exist without going through the hub first
* Adding new devices simply requires connecting them to the central hub

The central device in a star topology can be one of several types:

* **Hub**: A basic connection point that simply forwards all data it receives to all connected devices
* **Switch**: An intelligent device that forwards data only to the specific device it's addressed to
* **Router**: A sophisticated device that can connect different networks and direct traffic between them

The advantages of star topologies include:

* Easy installation and configuration with straightforward cabling requirements
* Simple addition or removal of devices without disrupting the rest of the network
* Centralized management and monitoring from a single point
* Failure of one device or cable doesn't affect other network connections
* Better performance than bus topologies as each device has its own dedicated connection

The disadvantages to consider:

* Vulnerability to central point of failure—if the hub fails, the entire network fails
* Limited by the capacity and capabilities of the central device
* Potentially higher cable costs due to the need for a separate cable to each device
* Physical limitations on how many devices can connect to a single hub

Star topologies are commonly used in:

* Office and home networks where a central router or switch serves multiple computers
* Wireless networks where an access point serves as the central hub
* Small to medium business networks where centralized management is desired

| Aspect | Star Topology | Bus Topology | Ring Topology |
|--------|---------------|--------------|---------------|
| **Central Device** | Required (hub/switch) | Not required | Not required |
| **Cable Usage** | One per device | Single shared cable | Two per device |
| **Device Failure Impact** | Only affected device | None | Can affect entire network |
| **Central Device Failure** | Entire network fails | N/A | N/A |
| **Performance** | Good—dedicated connections | Degrades with more devices | Consistent but limited |
| **Scalability** | Limited by hub ports | Limited by cable length | Limited by token passing delay |

In [4]:
# @title
# @title
import base64
from IPython.display import Image, display
import matplotlib.pyplot as plt

def mm(graph):  # Add default dimensions
    graphbytes = graph.encode("utf8")
    base64_bytes = base64.urlsafe_b64encode(graphbytes)
    base64_string = base64_bytes.decode("ascii")
    # Add width and height parameters to the URL
    url = f"https://mermaid.ink/img/{base64_string}"
    display(Image(url=url))

mm("""
%% Star Topology
graph TD
    subgraph Star_Topology
    C((Core Switch)) --- D[Desktop 1]
    C --- E[Desktop 2]
    C --- F[Desktop 3]
    C --- G[Desktop 4]
    C --- H[Printer]
    end

    style C fill:#87CEEB
    style D fill:#FFB6C1
    style E fill:#FFB6C1
    style F fill:#FFB6C1
    style G fill:#FFB6C1
    style H fill:#DDA0DD""")

## Point-to-Point Connections: Direct Communication Channels

Point-to-point connections represent the simplest form of network topology, creating a direct link between exactly two endpoints. Despite their simplicity, these connections form the foundation of many complex networks and serve critical roles in network design.

**Point-to-point topology** is a network configuration where two nodes or devices are connected directly to each other with a dedicated link, with no other devices between them. This creates a direct communication channel:

* Only two devices share the connection, providing exclusive access to the link's bandwidth
* The connection can be physical (like a cable) or logical (like a virtual private network)
* Communication is straightforward with data flowing directly from one endpoint to the other
* No routing decisions are needed as there's only one possible path for data

Point-to-point connections can be implemented in several ways:

* **Wired connections**: Using physical cables like Ethernet, fiber optic, or serial cables
* **Wireless connections**: Using technologies such as microwave, laser, or directional radio
* **Virtual connections**: Creating logical point-to-point links over shared infrastructure using protocols like PPP (Point-to-Point Protocol)

The advantages of point-to-point connections include:

* Maximum bandwidth utilization since the connection is not shared with other devices
* Enhanced security due to limited access points and simplified monitoring
* Consistent performance with predictable latency and throughput
* Simplified troubleshooting with only two endpoints to consider
* No contention for resources that might occur on shared networks

The disadvantages to consider:

* Cost inefficiency when connecting multiple devices, as each connection requires dedicated resources
* Limited scalability as adding more devices requires exponentially more connections in a full mesh
* Physical constraints and geographical limitations when connecting distant locations
* Redundancy challenges as backup connections must be separately implemented

Point-to-point connections are commonly used in:

* WAN (Wide Area Network) links connecting two offices or sites
* High-security applications requiring isolated connections
* Backbone connections between critical network infrastructure
* Dedicated high-bandwidth applications like data center interconnections
* Leased lines for guaranteed service levels between business locations

In [5]:
# @title
mm("""
%% Point-to-Point Topology
graph LR
    subgraph Point_to_Point
    A[Server A]
    B[Server B]
    A --- B
    end

    style A fill:#98FB98
    style B fill:#98FB98
""")

## Spine and Leaf Architecture: Modern Data Center Design

Spine and leaf architecture has emerged as the dominant network design pattern for modern data centers, addressing the limitations of traditional hierarchical networks. This architecture is specifically designed to support east-west traffic flows that dominate in today's virtualized and cloud computing environments.

**Spine and leaf architecture** is a two-layer network topology that connects each leaf switch to every spine switch in a full-mesh pattern. This creates a network fabric with predictable performance characteristics:

* **Spine layer**: The upper layer composed of switches that serve as the backbone of the network
* **Leaf layer**: The lower layer composed of switches that connect directly to endpoints like servers, storage, and other devices

The fundamental design principles of spine and leaf include:

* Every leaf switch connects to every spine switch, creating a non-blocking network fabric
* End devices (servers, storage, etc.) connect only to leaf switches, never directly to spine switches
* The number of hops between any two endpoints is always the same: leaf → spine → leaf
* All paths have equal cost, allowing efficient use of all available bandwidth

The advantages of spine and leaf architecture include:

* Predictable latency with a consistent number of hops between any two devices
* High scalability by simply adding more leaf or spine switches as needed
* Non-blocking bandwidth where any server can communicate with any other at full speed
* Simplified management with standardized connections and consistent traffic patterns
* Better support for east-west traffic flows common in virtualized environments

The disadvantages to consider:

* Higher initial cost due to the number of connections and switches required
* More complex than simple hierarchical designs for small deployments
* Requires high-quality switches that can handle the increased traffic demands
* Cable management challenges due to the large number of cross-connections

Spine and leaf deployments typically leverage specific technologies:

* **Equal-Cost Multi-Path (ECMP)** routing to distribute traffic across all available paths
* **Layer 3** routing down to the leaf switches to eliminate spanning tree limitations
* **BGP** or **OSPF** protocols for dynamic routing across the fabric
* **Virtual Extensible LAN (VXLAN)** for network virtualization and segmentation

This architecture is particularly well-suited for:

* Modern data centers with high virtualization and container adoption
* Cloud computing environments requiring elastic scalability
* Applications with distributed processing requiring high bandwidth between servers
* Environments where predictable performance is critical regardless of traffic patterns

In [6]:
# @title
mm("""
graph TD
    %% Define spine switches
    S1[Spine Switch 1] --- L1[Leaf Switch 1]
    S1 --- L2[Leaf Switch 2]
    S1 --- L3[Leaf Switch 3]
    S1 --- L4[Leaf Switch 4]

    S2[Spine Switch 2] --- L1
    S2 --- L2
    S2 --- L3
    S2 --- L4

    S3[Spine Switch 3] --- L1
    S3 --- L2
    S3 --- L3
    S3 --- L4

    %% Connect servers to leaf switches
    L1 --- SRV1((Server 1))
    L1 --- SRV2((Server 2))

    L2 --- SRV3((Server 3))
    L2 --- SRV4((Server 4))

    L3 --- SRV5((Server 5))
    L3 --- SRV6((Server 6))

    L4 --- FW1[Firewall]
    L4 --- RTR1[Router]

    %% Add labels for layers
    classDef spineClass fill:#f96,stroke:#333,stroke-width:2px;
    classDef leafClass fill:#6b8e23,stroke:#333,stroke-width:2px;
    classDef serverClass fill:#69c,stroke:#333,stroke-width:2px;
    classDef networkClass fill:#c69,stroke:#333,stroke-width:2px;

    class S1,S2,S3 spineClass;
    class L1,L2,L3,L4 leafClass;
    class SRV1,SRV2,SRV3,SRV4,SRV5,SRV6 serverClass;
    class FW1,RTR1 networkClass;""")

## Three-Tier Hierarchical Model: Core, Distribution, and Access Layers

The three-tier hierarchical model represents a fundamental approach to network design that has stood the test of time as a proven methodology for creating scalable, reliable enterprise networks. Developed by Cisco, this model breaks network functions into three distinct tiers or layers, each with specific responsibilities that contribute to the overall effectiveness of the network.

**Three-tier hierarchical model** is a network design framework that divides network functionality into three layers:

* **Core layer**: The high-speed backbone of the network responsible for fast transport between distribution layer devices
* **Distribution layer**: The intermediary layer that connects access and core layers while implementing policies
* **Access layer**: The edge of the network where end devices like computers, printers, and phones connect

Each layer in this model serves specific functions:

**Core Layer Functions**:
* Provides high-speed switching (often Layer 3 switching)
* Offers redundant connections for high availability
* Transports large amounts of traffic reliably and quickly
* Avoids CPU-intensive packet manipulation (like access lists or filtering)
* Designed for maximum reliability and stability

**Distribution Layer Functions**:
* Aggregates connections from the access layer
* Provides policy-based connectivity (access lists, filtering, QoS)
* Defines broadcast and multicast domains
* Implements security and network policies
* Handles routing between VLANs and route summarization

**Access Layer Functions**:
* Controls end device access to the network
* Implements port security and VLANs
* Provides PoE (Power over Ethernet) for devices like phones and cameras
* Optimizes for high port density rather than high throughput
* Applies QoS markings and trust boundaries

The benefits of adopting this model include:

* **Scalability**: Each layer can grow independently as needed
* **Redundancy**: Multiple devices at each layer provide fault tolerance
* **Performance**: Traffic flows predictably through optimized paths
* **Security**: Policies can be implemented at appropriate points in the network
* **Manageability**: Troubleshooting is simplified with clear boundaries between functions
* **Predictability**: Standardized design leads to consistent behavior

| Layer | Primary Devices | Design Focus | Typical Protocol Features |
|-------|----------------|--------------|---------------------------|
| **Core** | High-performance switches/routers | Speed, reliability | Layer 3 switching, ECMP, minimal latency |
| **Distribution** | Routers, multilayer switches | Policy enforcement, routing | ACLs, route filtering, QoS, FHRP protocols |
| **Access** | Switches, wireless access points | Port density, end-user features | Port security, VLANs, spanning tree, PoE |

This model provides a clear framework for designing networks at any scale, from small businesses to large enterprises, and has remained relevant even as networking technology has evolved over the decades.

In [7]:
# @title
mm("""graph TD
    subgraph Three_Tier
    X((Core Router))
    Y((Distribution 1))
    Z((Distribution 2))
    AA[Access Switch 1]
    AB[Access Switch 2]
    AC[Access Switch 3]
    AD[Access Switch 4]
    AE[End Device]
    AF[End Device]
    AG[End Device]
    AH[End Device]
    AI[End Device]
    X --- Y
    X --- Z
    Y --- AA
    Y --- AB
    Z --- AC
    Z --- AD
    AA --- AE
    AA --- AF
    AB --- AG
    AC --- AH
    AD --- AI
    end
    style X fill:#FFA07A
    style Y fill:#FFD700
    style Z fill:#FFD700
    style AA fill:#98FB98
    style AB fill:#98FB98
    style AC fill:#98FB98
    style AD fill:#98FB98
    style AE fill:#FFB6C1
    style AF fill:#FFB6C1
    style AG fill:#FFB6C1
    style AH fill:#FFB6C1
    style AI fill:#FFB6C1
""")

## Collapsed Core Architecture: Simplifying the Network Hierarchy

Collapsed core architecture represents a practical adaptation of the traditional three-tier hierarchical model, particularly suitable for small to medium-sized networks where the full three-tier approach might introduce unnecessary complexity or cost. This design combines two of the hierarchical layers while maintaining most of the benefits of the original model.

**Collapsed core architecture** is a network design that merges the core and distribution layers of the traditional three-tier model into a single layer, creating a two-tier network:

* **Combined core/distribution layer**: A single layer of switches that performs both the high-speed switching functions of the core and the policy implementation of the distribution layer
* **Access layer**: Remains unchanged, connecting end devices to the network

This simplified architecture is created by:

* Using more powerful switches that can handle both core and distribution functions
* Implementing all routing, policy enforcement, and high-speed switching in a single device or set of devices
* Maintaining the separation of the access layer for end-device connectivity

The advantages of collapsed core include:

* Reduced equipment costs with fewer devices to purchase and maintain
* Simplified network design with fewer interconnections to manage
* Smaller physical footprint requiring less rack space and power
* Lower latency as packets traverse fewer hops between destinations
* Easier troubleshooting with a more straightforward topology

The limitations to consider:

* Less scalability than a full three-tier design for large-scale growth
* Potential performance bottlenecks as the network grows
* Higher impact of device failures with more functionality in fewer devices
* More complex configuration on individual devices performing multiple roles

Collapsed core is best suited for:

* Small to medium-sized businesses with a single location
* Branch offices of larger organizations
* Campus networks with limited growth expectations
* Networks where budget or space constraints are significant factors

| Aspect | Traditional Three-Tier | Collapsed Core |
|--------|------------------------|----------------|
| **Number of Layers** | Three distinct layers | Two layers (combined core/distribution) |
| **Scalability** | Highly scalable for large environments | Limited to medium-sized networks |
| **Cost** | Higher equipment and maintenance costs | Lower initial and ongoing costs |
| **Complexity** | More complex to design and troubleshoot | Simpler design with fewer components |
| **Redundancy** | Higher redundancy with more devices | Fewer points of redundancy |
| **Failure Impact** | More contained impact from single device failure | Potentially broader impact from device failure |

When implementing collapsed core designs, network engineers often leverage:

* Highly redundant switch configurations with dual power supplies
* Virtual switching systems that combine multiple physical switches into a single logical device
* Advanced routing protocols that can quickly reroute traffic in case of link failures
* Quality of Service (QoS) configurations to ensure critical traffic receives priority

In [10]:
# @title
%%html
<?xml version="1.0" encoding="UTF-8"?>
<svg viewBox="0 0 900 450" xmlns="http://www.w3.org/2000/svg">
  <!-- Title -->
  <text x="450" y="30" text-anchor="middle" font-size="24" font-weight="bold" font-family="Arial">Traditional vs. Collapsed Core Architecture</text>

  <!-- Left Side - Traditional Three-Tier -->
  <text x="225" y="60" text-anchor="middle" font-size="20" font-weight="bold" font-family="Arial">Traditional Three-Tier</text>

  <!-- Background for Core Layer -->
  <rect x="50" y="80" width="350" height="80" rx="10" fill="#f8d7da" stroke="#dc3545" stroke-width="2" opacity="0.3"/>
  <text x="225" y="100" text-anchor="middle" font-size="18" font-weight="bold" font-family="Arial">Core Layer</text>

  <!-- Background for Distribution Layer -->
  <rect x="50" y="180" width="350" height="80" rx="10" fill="#fff3cd" stroke="#ffc107" stroke-width="2" opacity="0.3"/>
  <text x="225" y="200" text-anchor="middle" font-size="18" font-weight="bold" font-family="Arial">Distribution Layer</text>

  <!-- Background for Access Layer -->
  <rect x="50" y="280" width="350" height="80" rx="10" fill="#d1e7dd" stroke="#198754" stroke-width="2" opacity="0.3"/>
  <text x="225" y="300" text-anchor="middle" font-size="18" font-weight="bold" font-family="Arial">Access Layer</text>

  <!-- Core Layer Devices -->
  <rect x="125" y="120" width="80" height="30" rx="5" fill="#dc3545" stroke="#722040" stroke-width="2"/>
  <text x="165" y="140" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Core 1</text>

  <rect x="245" y="120" width="80" height="30" rx="5" fill="#dc3545" stroke="#722040" stroke-width="2"/>
  <text x="285" y="140" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Core 2</text>

  <!-- Distribution Layer Devices -->
  <rect x="85" y="220" width="80" height="30" rx="5" fill="#ffc107" stroke="#b78105" stroke-width="2"/>
  <text x="125" y="240" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Dist 1</text>

  <rect x="185" y="220" width="80" height="30" rx="5" fill="#ffc107" stroke="#b78105" stroke-width="2"/>
  <text x="225" y="240" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Dist 2</text>

  <rect x="285" y="220" width="80" height="30" rx="5" fill="#ffc107" stroke="#b78105" stroke-width="2"/>
  <text x="325" y="240" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Dist 3</text>

  <!-- Access Layer Devices -->
  <rect x="85" y="320" width="80" height="30" rx="5" fill="#198754" stroke="#0e5130" stroke-width="2"/>
  <text x="125" y="340" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Access 1</text>

  <rect x="185" y="320" width="80" height="30" rx="5" fill="#198754" stroke="#0e5130" stroke-width="2"/>
  <text x="225" y="340" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Access 2</text>

  <rect x="285" y="320" width="80" height="30" rx="5" fill="#198754" stroke="#0e5130" stroke-width="2"/>
  <text x="325" y="340" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Access 3</text>

  <!-- End Devices -->
  <g transform="translate(125, 380)">
    <circle cx="0" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="20" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="40" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
  </g>

  <g transform="translate(225, 380)">
    <circle cx="0" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="20" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="40" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
  </g>

  <g transform="translate(325, 380)">
    <circle cx="0" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="20" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="40" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
  </g>

  <!-- Connections in Traditional -->
  <!-- Core to Distribution -->
  <line x1="165" y1="150" x2="125" y2="220" stroke="#000" stroke-width="1.5"/>
  <line x1="165" y1="150" x2="225" y2="220" stroke="#000" stroke-width="1.5"/>
  <line x1="285" y1="150" x2="225" y2="220" stroke="#000" stroke-width="1.5"/>
  <line x1="285" y1="150" x2="325" y2="220" stroke="#000" stroke-width="1.5"/>

  <!-- Distribution to Access -->
  <line x1="125" y1="250" x2="125" y2="320" stroke="#000" stroke-width="1.5"/>
  <line x1="225" y1="250" x2="225" y2="320" stroke="#000" stroke-width="1.5"/>
  <line x1="325" y1="250" x2="325" y2="320" stroke="#000" stroke-width="1.5"/>

  <!-- Access to End Devices -->
  <line x1="125" y1="350" x2="125" y2="370" stroke="#000" stroke-width="1"/>
  <line x1="225" y1="350" x2="225" y2="370" stroke="#000" stroke-width="1"/>
  <line x1="325" y1="350" x2="325" y2="370" stroke="#000" stroke-width="1"/>

  <!-- Right Side - Collapsed Core -->
  <text x="675" y="60" text-anchor="middle" font-size="20" font-weight="bold" font-family="Arial">Collapsed Core</text>

  <!-- Background for Combined Core/Distribution Layer -->
  <rect x="500" y="80" width="350" height="160" rx="10" fill="#e7d9f0" stroke="#6f42c1" stroke-width="2" opacity="0.3"/>
  <text x="675" y="100" text-anchor="middle" font-size="18" font-weight="bold" font-family="Arial">Combined Core/Distribution Layer</text>

  <!-- Background for Access Layer -->
  <rect x="500" y="280" width="350" height="80" rx="10" fill="#d1e7dd" stroke="#198754" stroke-width="2" opacity="0.3"/>
  <text x="675" y="300" text-anchor="middle" font-size="18" font-weight="bold" font-family="Arial">Access Layer</text>

  <!-- Combined Layer Devices -->
  <rect x="575" y="180" width="80" height="30" rx="5" fill="#6f42c1" stroke="#4e2a84" stroke-width="2"/>
  <text x="615" y="200" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Core/Dist 1</text>

  <rect x="695" y="180" width="80" height="30" rx="5" fill="#6f42c1" stroke="#4e2a84" stroke-width="2"/>
  <text x="735" y="200" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Core/Dist 2</text>

  <!-- Access Layer Devices -->
  <rect x="535" y="320" width="80" height="30" rx="5" fill="#198754" stroke="#0e5130" stroke-width="2"/>
  <text x="575" y="340" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Access 1</text>

  <rect x="635" y="320" width="80" height="30" rx="5" fill="#198754" stroke="#0e5130" stroke-width="2"/>
  <text x="675" y="340" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Access 2</text>

  <rect x="735" y="320" width="80" height="30" rx="5" fill="#198754" stroke="#0e5130" stroke-width="2"/>
  <text x="775" y="340" text-anchor="middle" font-size="12" fill="white" font-family="Arial">Access 3</text>

  <!-- End Devices -->
  <g transform="translate(575, 380)">
    <circle cx="0" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="20" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="40" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
  </g>

  <g transform="translate(675, 380)">
    <circle cx="0" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="20" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="40" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
  </g>

  <g transform="translate(775, 380)">
    <circle cx="0" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="20" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
    <circle cx="40" cy="0" r="10" fill="#6c757d" stroke="#495057" stroke-width="1"/>
  </g>

  <!-- Connections in Collapsed Core -->
  <!-- Core/Distribution to Access -->
  <line x1="615" y1="210" x2="575" y2="320" stroke="#000" stroke-width="1.5"/>
  <line x1="615" y1="210" x2="675" y2="320" stroke="#000" stroke-width="1.5"/>
  <line x1="735" y1="210" x2="675" y2="320" stroke="#000" stroke-width="1.5"/>
  <line x1="735" y1="210" x2="775" y2="320" stroke="#000" stroke-width="1.5"/>

  <!-- Access to End Devices -->
  <line x1="575" y1="350" x2="575" y2="370" stroke="#000" stroke-width="1"/>
  <line x1="675" y1="350" x2="675" y2="370" stroke="#000" stroke-width="1"/>
  <line x1="775" y1="350" x2="775" y2="370" stroke="#000" stroke-width="1"/>

  <!-- Benefits and Limitations Callouts -->
  <text x="225" y="420" text-anchor="middle" font-size="14" font-style="italic" font-family="Arial">More scalable, better redundancy</text>
  <text x="675" y="420" text-anchor="middle" font-size="14" font-style="italic" font-family="Arial">Simpler design, lower cost</text>
</svg>

## Hybrid Topologies: Combining Designs for Optimal Performance

Hybrid network topologies take the best features from multiple traditional network designs and combine them to create customized solutions that address specific organizational requirements. Rather than adhering strictly to a single topology pattern, hybrid approaches allow network architects to tailor designs to their particular environment, balancing performance, cost, and reliability considerations.

**Hybrid topology** refers to a network design that intentionally incorporates elements from two or more basic topologies to overcome the limitations of any single approach. Common combinations include:

* **Star-Bus hybrid**: Combining the simplicity of star topology with the efficiency of bus topology
* **Star-Ring hybrid**: Merging the centralized management of star with the redundancy of ring
* **Mesh-Star hybrid**: Incorporating full mesh connections between critical devices while using star topology for end-device connections
* **Hierarchical-Mesh hybrid**: Using mesh connections at the core layer while maintaining a hierarchical structure overall

Hybrid topologies emerge in response to specific networking challenges:

* Geographic distribution of network resources across multiple locations
* Varying reliability requirements for different network segments
* Budget constraints that necessitate prioritizing redundancy for critical systems only
* Performance needs that differ across applications and departments
* Scalability concerns where some areas grow faster than others

The advantages of hybrid approaches include:

* Customized design that precisely addresses organizational requirements
* Optimized cost efficiency by implementing redundancy only where needed
* Flexibility to accommodate varying performance needs across the network
* Ability to incorporate new technologies alongside legacy systems
* Improved resilience through diversified connection methods

The challenges to consider:

* Increased complexity in design, documentation, and troubleshooting
* More specialized knowledge required for network maintenance
* Potential for inconsistent behavior across different segments
* More difficult to standardize configurations and policies
* May require more sophisticated monitoring and management tools

Real-world examples of hybrid topologies include:

* Enterprise networks with mesh connections between data centers but star connections within each location
* Campus networks using a hierarchical core-distribution-access model with redundant mesh links at the core
* Wide area networks (WANs) that combine leased lines in a star pattern with mesh VPN connections for backup
* Cloud-connected networks using direct connections for critical services and internet VPN for non-critical traffic

When implementing hybrid designs, successful network architects focus on:

* Clearly documenting the topology and rationale for design decisions
* Implementing consistent naming and addressing schemes across all segments
* Developing standardized configurations that account for different topology sections
* Creating comprehensive monitoring that provides visibility across the entire hybrid network
* Designing for future growth with flexible expansion capabilities

In [11]:
# @title
mm("""
graph TD
    %% Star-Bus Hybrid
    subgraph "Star-Bus Hybrid"
        SB_Hub((Central Hub))
        SB_Hub --- SB_S1((Switch 1))
        SB_Hub --- SB_S2((Switch 2))
        SB_Hub --- SB_S3((Switch 3))

        %% Bus segments
        SB_S1 --- SB_D1((Device 1-1))
        SB_D1 --- SB_D2((Device 1-2))
        SB_D2 --- SB_D3((Device 1-3))

        SB_S2 --- SB_D4((Device 2-1))
        SB_D4 --- SB_D5((Device 2-2))

        SB_S3 --- SB_D6((Device 3-1))
        SB_D6 --- SB_D7((Device 3-2))
    end

    %% Star-Ring Hybrid
    subgraph "Star-Ring Hybrid"
        SR_Hub((Central Hub))
        SR_Hub --- SR_S1((Switch 1))
        SR_Hub --- SR_S2((Switch 2))
        SR_Hub --- SR_S3((Switch 3))
        SR_Hub --- SR_S4((Switch 4))

        %% Ring connections between switches
        SR_S1 --- SR_S2
        SR_S2 --- SR_S3
        SR_S3 --- SR_S4
        SR_S4 --- SR_S1

        %% End devices
        SR_S1 --- SR_D1((Device 1))
        SR_S2 --- SR_D2((Device 2))
        SR_S3 --- SR_D3((Device 3))
        SR_S4 --- SR_D4((Device 4))
    end

    %% Mesh-Star Hybrid
    subgraph "Mesh-Star Hybrid"
        %% Mesh core
        MS_C1((Core 1)) --- MS_C2((Core 2))
        MS_C1 --- MS_C3((Core 3))
        MS_C2 --- MS_C3

        %% Star connections to distribution
        MS_C1 --- MS_D1((Dist 1))
        MS_C2 --- MS_D2((Dist 2))
        MS_C3 --- MS_D3((Dist 3))

        %% End devices in star
        MS_D1 --- MS_E1((End 1))
        MS_D1 --- MS_E2((End 2))
        MS_D2 --- MS_E3((End 3))
        MS_D2 --- MS_E4((End 4))
        MS_D3 --- MS_E5((End 5))
        MS_D3 --- MS_E6((End 6))
    end

    %% Hierarchical-Mesh Hybrid
    subgraph "Hierarchical-Mesh Hybrid"
        %% Mesh core
        HM_C1((Core 1)) --- HM_C2((Core 2))

        %% Distribution layer
        HM_C1 --- HM_D1((Dist 1))
        HM_C1 --- HM_D2((Dist 2))
        HM_C2 --- HM_D1
        HM_C2 --- HM_D2

        %% Access layer
        HM_D1 --- HM_A1((Access 1))
        HM_D1 --- HM_A2((Access 2))
        HM_D2 --- HM_A3((Access 3))
        HM_D2 --- HM_A4((Access 4))

        %% End devices
        HM_A1 --- HM_E1((End 1))
        HM_A2 --- HM_E2((End 2))
        HM_A3 --- HM_E3((End 3))
        HM_A4 --- HM_E4((End 4))
    end

    classDef hub fill:#f96,stroke:#333,stroke-width:2px;
    classDef switch fill:#6b8e23,stroke:#333,stroke-width:2px;
    classDef device fill:#69c,stroke:#333,stroke-width:2px;
    classDef core fill:#c69,stroke:#333,stroke-width:2px;

    class SB_Hub,SR_Hub hub;
    class SB_S1,SB_S2,SB_S3,SR_S1,SR_S2,SR_S3,SR_S4 switch;
    class SB_D1,SB_D2,SB_D3,SB_D4,SB_D5,SB_D6,SB_D7,SR_D1,SR_D2,SR_D3,SR_D4 device;
    class MS_C1,MS_C2,MS_C3,HM_C1,HM_C2 core;""")

## Traffic Flow Patterns: North-South vs. East-West Communication

Understanding traffic flow patterns is essential to designing efficient networks that can support modern applications and services. These flow patterns determine how data moves through your network and significantly impact design decisions, from hardware selection to topology choice. Two fundamental traffic flow patterns dominate network design conversations: north-south and east-west traffic.

**Traffic flow** refers to the directional movement of data packets through a network, describing the communication patterns between devices, services, and external networks. The terminology uses compass directions as a metaphor for different types of network communication:

* **North-south traffic** refers to data flowing between client devices and servers, typically crossing network boundaries
* **East-west traffic** describes data moving between servers within the same tier or data center

**North-south traffic** is characterized by:

* Communication between internal networks and external systems (like the internet)
* Client-server interactions where users access services
* Traffic that typically crosses network boundaries and security perimeters
* Data flows that often traverse multiple network layers
* Communication that requires NAT, firewalls, and security inspection

**East-west traffic** is characterized by:

* Server-to-server communication within a data center or cloud environment
* Application components talking to each other (like web servers to database servers)
* Traffic that typically stays within the same network tier
* Data flows that often remain within a single layer of the network
* Communication that may require fewer security checks between trusted systems

The evolution of traffic patterns has dramatically changed over time:

| Era | Primary Traffic Pattern | Defining Technologies | Network Design Focus |
|-----|-------------------------|------------------------|----------------------|
| **Traditional** | North-South (80%) | Client-server applications | Hierarchical three-tier designs |
| **Current** | East-West (70-80%) | Virtualization, microservices | Spine-leaf architectures |

This shift has occurred due to several factors:

* **Virtualization** creating multiple workloads on single physical servers
* **Microservices architecture** breaking applications into numerous interconnected components
* **Container technologies** enabling even more densely packed application components
* **Cloud-native applications** requiring extensive internal communication
* **Big data processing** distributing work across many server nodes

Network designs must accommodate these traffic patterns differently:

* **For north-south traffic**: Focus on security boundaries, WAN optimization, internet connectivity, and client access
* **For east-west traffic**: Prioritize low latency, high bandwidth between servers, and non-blocking architectures

Understanding your organization's specific traffic patterns is critical to:

* Selecting the appropriate network architecture (hierarchical vs. spine-leaf)
* Sizing network links correctly for anticipated traffic loads
* Placing security controls at optimal inspection points
* Efficiently planning for growth and capacity expansion
* Troubleshooting performance issues with greater insight

In [12]:
# @title
%%html
<?xml version="1.0" encoding="UTF-8"?>
<svg viewBox="0 0 800 500" xmlns="http://www.w3.org/2000/svg">
  <!-- Title -->
  <text x="400" y="40" text-anchor="middle" font-size="24" font-weight="bold" font-family="Arial">Network Traffic Flow Patterns</text>

  <!-- Center divider -->
  <line x1="400" y1="60" x2="400" y2="480" stroke="#ccc" stroke-width="2" stroke-dasharray="10,5"/>

  <!-- Headers -->
  <text x="200" y="80" text-anchor="middle" font-size="20" font-weight="bold" font-family="Arial" fill="#0066cc">North-South Traffic</text>
  <text x="600" y="80" text-anchor="middle" font-size="20" font-weight="bold" font-family="Arial" fill="#cc6600">East-West Traffic</text>

  <!-- Left Side - North-South Traffic -->
  <!-- Internet cloud -->
  <ellipse cx="200" cy="140" rx="100" ry="40" fill="#f1f3f4" stroke="#dadce0" stroke-width="2"/>
  <text x="200" y="145" text-anchor="middle" font-size="16" fill="#5f6368" font-family="Arial">Internet</text>

  <!-- Firewall -->
  <rect x="170" y="200" width="60" height="30" rx="5" fill="#ff9999" stroke="#cc0000" stroke-width="2"/>
  <text x="200" y="220" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Firewall</text>

  <!-- Core Router -->
  <rect x="170" y="250" width="60" height="30" rx="5" fill="#9999ff" stroke="#0000cc" stroke-width="2"/>
  <text x="200" y="270" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Core</text>

  <!-- Distribution Switch -->
  <rect x="170" y="300" width="60" height="30" rx="5" fill="#99ff99" stroke="#00cc00" stroke-width="2"/>
  <text x="200" y="320" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Distribution</text>

  <!-- Access Switch -->
  <rect x="170" y="350" width="60" height="30" rx="5" fill="#ffff99" stroke="#cccc00" stroke-width="2"/>
  <text x="200" y="370" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Access</text>

  <!-- Client Computers -->
  <rect x="130" y="420" width="40" height="30" rx="5" fill="#cccccc" stroke="#666666" stroke-width="2"/>
  <text x="150" y="440" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Client</text>

  <rect x="230" y="420" width="40" height="30" rx="5" fill="#cccccc" stroke="#666666" stroke-width="2"/>
  <text x="250" y="440" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Client</text>

  <!-- Connections -->
  <line x1="200" y1="180" x2="200" y2="200" stroke="#0066cc" stroke-width="3"/>
  <line x1="200" y1="230" x2="200" y2="250" stroke="#0066cc" stroke-width="3"/>
  <line x1="200" y1="280" x2="200" y2="300" stroke="#0066cc" stroke-width="3"/>
  <line x1="200" y1="330" x2="200" y2="350" stroke="#0066cc" stroke-width="3"/>
  <line x1="200" y1="380" x2="150" y2="420" stroke="#0066cc" stroke-width="3"/>
  <line x1="200" y1="380" x2="250" y2="420" stroke="#0066cc" stroke-width="3"/>

  <!-- Arrows -->
  <polygon points="200,185 196,180 204,180" fill="#0066cc"/>
  <polygon points="200,245 196,240 204,240" fill="#0066cc"/>
  <polygon points="200,295 196,290 204,290" fill="#0066cc"/>
  <polygon points="200,345 196,340 204,340" fill="#0066cc"/>
  <polygon points="154,416 150,410 158,412" fill="#0066cc"/>
  <polygon points="246,416 250,410 242,412" fill="#0066cc"/>

  <!-- Right Side - East-West Traffic -->
  <!-- Spine Switches -->
  <rect x="500" y="150" width="60" height="30" rx="5" fill="#9999ff" stroke="#0000cc" stroke-width="2"/>
  <text x="530" y="170" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Spine 1</text>

  <rect x="650" y="150" width="60" height="30" rx="5" fill="#9999ff" stroke="#0000cc" stroke-width="2"/>
  <text x="680" y="170" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Spine 2</text>

  <!-- Leaf Switches -->
  <rect x="460" y="250" width="60" height="30" rx="5" fill="#99ff99" stroke="#00cc00" stroke-width="2"/>
  <text x="490" y="270" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Leaf 1</text>

  <rect x="580" y="250" width="60" height="30" rx="5" fill="#99ff99" stroke="#00cc00" stroke-width="2"/>
  <text x="610" y="270" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Leaf 2</text>

  <rect x="700" y="250" width="60" height="30" rx="5" fill="#99ff99" stroke="#00cc00" stroke-width="2"/>
  <text x="730" y="270" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Leaf 3</text>

  <!-- Servers -->
  <rect x="460" y="350" width="60" height="30" rx="5" fill="#ffcc99" stroke="#ff9933" stroke-width="2"/>
  <text x="490" y="370" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">Web</text>

  <rect x="580" y="350" width="60" height="30" rx="5" fill="#ffcc99" stroke="#ff9933" stroke-width="2"/>
  <text x="610" y="370" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">App</text>

  <rect x="700" y="350" width="60" height="30" rx="5" fill="#ffcc99" stroke="#ff9933" stroke-width="2"/>
  <text x="730" y="370" text-anchor="middle" font-size="12" fill="#000" font-family="Arial">DB</text>

  <!-- Vertical Connections -->
  <line x1="490" y1="280" x2="490" y2="350" stroke="#009900" stroke-width="2"/>
  <line x1="610" y1="280" x2="610" y2="350" stroke="#009900" stroke-width="2"/>
  <line x1="730" y1="280" x2="730" y2="350" stroke="#009900" stroke-width="2"/>

  <!-- Spine to Leaf Connections -->
  <line x1="530" y1="180" x2="490" y2="250" stroke="#009900" stroke-width="2"/>
  <line x1="530" y1="180" x2="610" y2="250" stroke="#009900" stroke-width="2"/>
  <line x1="530" y1="180" x2="730" y2="250" stroke="#009900" stroke-width="2"/>

  <line x1="680" y1="180" x2="490" y2="250" stroke="#009900" stroke-width="2"/>
  <line x1="680" y1="180" x2="610" y2="250" stroke="#009900" stroke-width="2"/>
  <line x1="680" y1="180" x2="730" y2="250" stroke="#009900" stroke-width="2"/>

  <!-- East-West Server Traffic -->
  <path d="M 490,400 Q 545,430 610,400" stroke="#cc6600" stroke-width="3" fill="none"/>
  <path d="M 610,400 Q 665,430 730,400" stroke="#cc6600" stroke-width="3" fill="none"/>

  <!-- East-West Arrows -->
  <polygon points="600,403 610,400 600,397" fill="#cc6600"/>
  <polygon points="720,403 730,400 720,397" fill="#cc6600"/>

  <!-- Labels -->
  <text x="200" y="470" text-anchor="middle" font-size="14" font-family="Arial">Client to Server Communication</text>
  <text x="600" y="470" text-anchor="middle" font-size="14" font-family="Arial">Server to Server Communication</text>

  <!-- Legend -->
  <rect x="50" y="30" width="15" height="15" fill="#0066cc" stroke="none"/>
  <text x="75" y="42" font-size="12" font-family="Arial">North-South Traffic</text>

  <rect x="50" y="50" width="15" height="15" fill="#cc6600" stroke="none"/>
  <text x="75" y="62" font-size="12" font-family="Arial">East-West Traffic</text>
</svg>

## Comparing Network Architectures: Strengths and Limitations

Each network architecture and topology has distinct strengths and limitations that make it suitable for specific environments and use cases. Understanding these characteristics is essential for selecting the optimal design for your organization's needs. This comparative analysis examines the key attributes of the major network architectures we've explored throughout this chapter.

**Mesh Topology**

Strengths:
* Highest level of fault tolerance due to multiple redundant paths
* Excellent reliability with no single point of failure
* Dedicated bandwidth between connected devices
* Strong privacy and security through direct connections

Limitations:
* Most expensive topology to implement at scale
* Complex to set up, configure, and troubleshoot
* Requires significant cabling and port density
* Management complexity increases exponentially with network size

**Star/Hub and Spoke Topology**

Strengths:
* Simple to understand, implement, and expand
* Centralized management from a single point
* Easy to add new devices without disrupting the network
* Failure of one device doesn't affect others

Limitations:
* Single point of failure at the central hub
* Performance bottlenecks as all traffic passes through central device
* Limited by the capacity of the central hub/switch
* Higher cabling costs compared to bus topology

**Point-to-Point Topology**

Strengths:
* Maximum bandwidth for the connection with dedicated resources
* Simplest possible configuration with minimal complexity
* Highly secure and easily monitored connections
* Predictable performance with consistent latency

Limitations:
* Extremely poor scalability as network grows
* Cost-inefficient for connecting multiple devices
* No inherent redundancy without duplicating connections
* Limited flexibility for network changes

**Spine and Leaf Architecture**

Strengths:
* Excellent for east-west traffic common in modern data centers
* Non-blocking bandwidth between any two endpoints
* Consistent latency with predictable performance
* Highly scalable by adding more leaf or spine switches

Limitations:
* More expensive than traditional hierarchical networks
* Complex to properly implement and configure
* Requires Layer 3 routing skills and knowledge
* Overkill for small networks with primarily north-south traffic

**Three-Tier Hierarchical Model**

Strengths:
* Proven design with decades of implementation experience
* Clear separation of functions across network layers
* Good scalability for enterprise environments
* Efficient for traditional north-south traffic flows

Limitations:
* Multiple hops can increase latency
* Can become complex in large implementations
* Less efficient for heavy east-west traffic patterns
* Potential for bottlenecks at aggregation points

**Collapsed Core Architecture**

Strengths:
* Simplified design with fewer network devices
* Lower cost than full three-tier implementation
* Reduced physical footprint and power requirements
* Easier management with fewer devices to configure

Limitations:
* Less scalable than full three-tier design
* More significant impact from device failures
* Potential performance limitations under heavy load
* Possible configuration complexity on combined layer devices

| Architecture | Scalability | Redundancy | Cost | Complexity | Traffic Optimization |
|--------------|-------------|------------|------|------------|---------------------|
| **Mesh** | Low | Very High | Very High | High | Balanced |
| **Star** | Medium | Low | Medium | Low | North-South |
| **Point-to-Point** | Very Low | Low | High per Connection | Very Low | Dedicated |
| **Spine and Leaf** | High | High | High | Medium | East-West |
| **Three-Tier** | High | High | High | Medium | North-South |
| **Collapsed Core** | Medium | Medium | Medium | Low | North-South |
| **Hybrid** | High | Variable | Variable | High | Customized |

When selecting the appropriate architecture, consider:

* **Current needs**: The immediate requirements driving the network design
* **Future growth**: Anticipated expansion over the next 3-5 years
* **Traffic patterns**: Whether north-south or east-west traffic dominates
* **Budget constraints**: Available resources for implementation and maintenance
* **Technical expertise**: Skills available for configuration and support
* **Redundancy requirements**: Tolerance for downtime and service interruptions
* **Physical constraints**: Space, power, and cooling limitations

The optimal architecture often combines elements from multiple approaches, tailored to specific organizational requirements and constraints.

## Conclusion: Selecting the Right Network Design for Different Scenarios

Throughout this chapter, we've explored various network topologies, architectures, and traffic patterns. As we've seen, there isn't a single "perfect" network design that works optimally in all situations. Instead, network design requires thoughtful analysis of specific requirements and constraints to select the most appropriate architecture for each unique environment.

**Key design considerations** when selecting a network architecture include:

* **Organization size and type**: Different designs suit small businesses versus large enterprises
* **Geographic distribution**: Single location versus multiple sites across regions
* **Application requirements**: Latency sensitivity, bandwidth needs, and reliability demands
* **Budget constraints**: Initial capital expenditure versus ongoing operational costs
* **Growth projections**: Current needs versus anticipated future expansion
* **Technical capabilities**: Available expertise for implementation and maintenance
* **Regulatory requirements**: Security, redundancy, and compliance mandates

Different organizations typically benefit from specific network architectures based on their unique characteristics:

* **Small businesses (under 50 users)**
  * Collapsed core or simple star topologies
  * Focus on simplicity and cost-effectiveness
  * Limited redundancy requirements
  * Minimal in-house IT expertise

* **Medium businesses (50-500 users)**
  * Three-tier hierarchical or collapsed core designs
  * Balance between performance and cost
  * Moderate redundancy at critical points
  * Growing importance of security boundaries

* **Large enterprises (500+ users)**
  * Full three-tier hierarchical model with redundancy
  * Spine and leaf for data center environments
  * High availability design with no single points of failure
  * Complex security and policy implementation

* **Data centers and cloud environments**
  * Spine and leaf architecture optimized for east-west traffic
  * High-density, non-blocking performance
  * Virtualization-aware networking capabilities
  * Automation and programmability features

* **Educational institutions**
  * Hierarchical designs with clear security segmentation
  * High-density wireless capabilities
  * Seasonal capacity planning for enrollment cycles
  * Balance between openness and security

* **Healthcare organizations**
  * High reliability with redundant connections
  * Strict security segmentation for patient data
  * Support for specialized medical devices
  * Compliance with regulatory requirements

Remember that most real-world networks evolve organically over time, often incorporating elements from multiple design approaches. The most successful network architectures are those that:

* **Align with business objectives** rather than focusing solely on technical elegance
* **Anticipate future needs** while addressing current requirements
* **Balance performance, security, and cost** in ways that match organizational priorities
* **Remain flexible enough** to adapt to changing technologies and business demands
* **Document design decisions** to maintain knowledge through staff changes

As technology continues to evolve, network designs will adapt to new paradigms such as:

* **Intent-based networking** with automated implementation of business policies
* **Software-defined networking (SDN)** separating control and data planes
* **Network function virtualization (NFV)** replacing physical appliances with virtual instances
* **Zero-trust security models** that verify all users regardless of location
* **AI-driven operations** that anticipate and remediate issues proactively

By understanding the fundamental principles of network architecture covered in this chapter, you'll be equipped to evaluate emerging technologies and design approaches within the context of your organization's specific needs and constraints.

## Learn to Subnet
Click the following cell for a tutorial on how to subnet.

In [9]:
# @title
%%html
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>Subnetting Tutorial for High School Students</title>
  <style>
    html, body {
      min-width: 1200px;
      min-height: 800px;
      margin: 0;
      padding: 0;
      overflow-y: auto;
    }
    body {
      font-family: sans-serif;
      margin: 2em;
      line-height: 1.5;
    }
    table {
      border-collapse: collapse;
      margin-bottom: 1em;
      width: 100%;
    }
    td, th {
      border: 1px solid #ccc;
      padding: 0.5em;
      text-align: left;
    }
    input {
      width: 200px;
    }
    .correct {
      color: green;
    }
    .error {
      color: red;
    }
    /* Ensure the problem area expands and shows all content */
    #problem-area {
      margin-top: 1em;
      padding-bottom: 100px;
    }
    #tutorial-area, #hints {
      margin-top: 1em;
    }
    #hints {
      border: 1px solid #ccc;
      padding: 1em;
      background: #f9f9f9;
      display: none;
    }
    .list-container {
      margin: 1em 0;
    }
    .list-container ul {
      margin: 0;
      padding-left: 1.5em;
    }
    /* Make controls sticky so the buttons remain visible */
    #tutorial-controls {
      position: sticky;
      bottom: 0;
      background: #fff;
      padding: 10px;
      z-index: 10;
    }
    #tutorial-controls button {
      margin-right: 0.5em;
    }
  </style>
</head>
<body>
  <h1>Subnetting Tutorial</h1>

  <!-- Tutorial Section -->
  <div id="tutorial-area">
    <div id="tutorial-content"></div>
    <div id="tutorial-controls">
      <button id="prevButton" disabled>Previous</button>
      <button id="nextButton">Next</button>
    </div>
  </div>

  <!-- Problem Section -->
  <div id="problem-area" style="display: none;">
    <h2>Practice Problems</h2>
    <p>Solve the following problems using what you have learned about subnetting. New problems will be generated each time you answer correctly.</p>
    <div id="problem-section">
      <h3>Practice Problem <span id="problem-number">1</span></h3>
      <p id="problem-statement"></p>
      <table>
        <tr>
          <td><strong>Network ID</strong> (base address)</td>
          <td><input type="text" id="networkId" /></td>
        </tr>
        <tr>
          <td><strong>Broadcast Address</strong> (final address)</td>
          <td><input type="text" id="broadcast" /></td>
        </tr>
        <tr>
          <td><strong>First Usable IP</strong> (first address you can use)</td>
          <td><input type="text" id="firstUsable" /></td>
        </tr>
        <tr>
          <td><strong>Last Usable IP</strong> (last address you can use)</td>
          <td><input type="text" id="lastUsable" /></td>
        </tr>
      </table>
      <button id="checkButton">Check Answers</button>
      <button id="toggleHints">Show Hints</button>
      <div id="hints">
        <h4>Hints for Each Step</h4>
        <table>
          <tr>
            <th>Step</th>
            <th>Hint</th>
          </tr>
          <tr>
            <td><strong>Network ID</strong></td>
            <td>
              Convert the IP address and subnet mask into binary and perform a bitwise AND (only 1 AND 1 gives 1).
            </td>
          </tr>
          <tr>
            <td><strong>Broadcast Address</strong></td>
            <td>
              Start with the Network ID and change all bits in the host portion to 1. For example, if there are 6 host bits, 2⁶–1 = 63.
            </td>
          </tr>
          <tr>
            <td><strong>First Usable IP</strong></td>
            <td>
              It is the Network ID plus 1.
            </td>
          </tr>
          <tr>
            <td><strong>Last Usable IP</strong></td>
            <td>
              It is the Broadcast Address minus 1.
            </td>
          </tr>
        </table>
      </div>
      <p id="feedback"></p>
    </div>
  </div>

  <script>
    /***** Tutorial Section *****/
    const tutorialSteps = [
      // Step 1: What is Subnetting?
      `<h2>Step 1: What is Subnetting?</h2>
      <p>Subnetting means splitting a large network into smaller, more manageable networks. This helps organize devices and makes IP address management easier.</p>
      <p>A key tool is the <strong>subnet mask</strong>, which tells you which part of an IP address identifies the network and which part identifies the host.</p>
      <table>
        <tr>
          <th>Term</th>
          <th>Explanation</th>
        </tr>
        <tr>
          <td><strong>IP Address</strong></td>
          <td>A unique number for a device (e.g., 192.168.1.15).</td>
        </tr>
        <tr>
          <td><strong>Subnet Mask</strong></td>
          <td>Helps divide the IP into a network part and a host part (e.g., 255.255.255.192).</td>
        </tr>
      </table>`,

      // Step 2: Understanding Prefix Length and Subnet Masks
      `<h2>Step 2: Understanding Prefix Length and Subnet Masks</h2>
      <p>The <strong>prefix length</strong> (like /24 or /26) indicates how many bits are for the network; the remaining bits are for hosts.</p>
      <div class="list-container">
        <ul>
          <li><strong>/16</strong>: 255.255.0.0 (16 network bits, 16 host bits)</li>
          <li><strong>/24</strong>: 255.255.255.0 (24 network bits, 8 host bits)</li>
          <li><strong>/26</strong>: 255.255.255.192 (26 network bits, 6 host bits)</li>
          <li><strong>/28</strong>: 255.255.255.240 (28 network bits, 4 host bits)</li>
          <li><strong>/30</strong>: 255.255.255.252 (30 network bits, 2 host bits)</li>
        </ul>
      </div>
      <p>Common Subnet Masks:</p>
      <table>
        <tr>
          <th>Prefix</th>
          <th>Subnet Mask</th>
          <th>Host Bits</th>
          <th>Max Usable Hosts</th>
        </tr>
        <tr>
          <td>/16</td>
          <td>255.255.0.0</td>
          <td>16</td>
          <td>65,534</td>
        </tr>
        <tr>
          <td>/24</td>
          <td>255.255.255.0</td>
          <td>8</td>
          <td>254</td>
        </tr>
        <tr>
          <td>/26</td>
          <td>255.255.255.192</td>
          <td>6</td>
          <td>62</td>
        </tr>
        <tr>
          <td>/28</td>
          <td>255.255.255.240</td>
          <td>4</td>
          <td>14</td>
        </tr>
        <tr>
          <td>/30</td>
          <td>255.255.255.252</td>
          <td>2</td>
          <td>2</td>
        </tr>
      </table>`,

      // Step 3: Finding the Network ID (Three Examples)
      `<h2>Step 3: Finding the Network ID</h2>
      <p>The <strong>Network ID</strong> is the first address in a subnet. To calculate it, convert the IP address and subnet mask to binary, then perform a bitwise AND (only 1 AND 1 gives 1).</p>
      <h3>Example 1: /26 Subnet</h3>
      <p><strong>IP:</strong> 192.168.1.15, <strong>Subnet Mask:</strong> 255.255.255.192 (/26)</p>
      <div class="list-container">
        <ul>
          <li>Last octet: 15 → binary: 00001111</li>
          <li>Mask last octet: 192 → binary: 11000000</li>
          <li>Bitwise AND: 00001111 AND 11000000 = 00000000</li>
          <li>Network ID = 192.168.1.0</li>
        </ul>
      </div>
      <h3>Example 2: /24 Subnet</h3>
      <p><strong>IP:</strong> 10.0.5.77, <strong>Subnet Mask:</strong> 255.255.255.0 (/24)</p>
      <div class="list-container">
        <ul>
          <li>With a /24 mask, the first three octets are the network; set the last octet to 0.</li>
          <li>Network ID = 10.0.5.0</li>
        </ul>
      </div>
      <h3>Example 3: /28 Subnet</h3>
      <p><strong>IP:</strong> 172.16.100.29, <strong>Subnet Mask:</strong> 255.255.255.240 (/28)</p>
      <div class="list-container">
        <ul>
          <li>Last octet: 29 → binary: 00011101</li>
          <li>Mask last octet: 240 → binary: 11110000</li>
          <li>Bitwise AND: 00011101 AND 11110000 = 00010000 (16 in decimal)</li>
          <li>Network ID = 172.16.100.16</li>
        </ul>
      </div>`,

      // Step 4: Finding the Broadcast Address (Three Examples)
      `<h2>Step 4: Finding the Broadcast Address</h2>
      <p>The <strong>Broadcast Address</strong> is the last address in a subnet. It is calculated by taking the Network ID and filling all host bits with 1’s.</p>
      <h3>Example 1: /26 Subnet</h3>
      <p><strong>Network ID:</strong> 192.168.1.0 (6 host bits)</p>
      <div class="list-container">
        <ul>
          <li>Maximum value for 6 bits = 2⁶–1 = 63</li>
          <li>Broadcast Address = 192.168.1.0 + 63 = 192.168.1.63</li>
        </ul>
      </div>
      <h3>Example 2: /24 Subnet</h3>
      <p><strong>Network ID:</strong> 10.0.5.0 (8 host bits)</p>
      <div class="list-container">
        <ul>
          <li>Maximum value for 8 bits = 2⁸–1 = 255</li>
          <li>Broadcast Address = 10.0.5.0 + 255 = 10.0.5.255</li>
        </ul>
      </div>
      <h3>Example 3: /28 Subnet</h3>
      <p><strong>Network ID:</strong> 172.16.100.16 (4 host bits)</p>
      <div class="list-container">
        <ul>
          <li>Maximum value for 4 bits = 2⁴–1 = 15</li>
          <li>Broadcast Address = 172.16.100.16 + 15 = 172.16.100.31</li>
        </ul>
      </div>`,

      // Step 5: Determining Usable IP Addresses (Three Examples)
      `<h2>Step 5: Determining Usable IP Addresses</h2>
      <p>The <strong>usable IP addresses</strong> are those between the Network ID and the Broadcast Address.</p>
      <h3>Example 1: /26 Subnet</h3>
      <div class="list-container">
        <ul>
          <li>Network ID = 192.168.1.0 → First Usable = 192.168.1.1</li>
          <li>Broadcast Address = 192.168.1.63 → Last Usable = 192.168.1.62</li>
        </ul>
      </div>
      <h3>Example 2: /24 Subnet</h3>
      <div class="list-container">
        <ul>
          <li>Network ID = 10.0.5.0 → First Usable = 10.0.5.1</li>
          <li>Broadcast Address = 10.0.5.255 → Last Usable = 10.0.5.254</li>
        </ul>
      </div>
      <h3>Example 3: /28 Subnet</h3>
      <div class="list-container">
        <ul>
          <li>Network ID = 172.16.100.16 → First Usable = 172.16.100.17</li>
          <li>Broadcast Address = 172.16.100.31 → Last Usable = 172.16.100.30</li>
        </ul>
      </div>
      <p>You now understand how to calculate the Network ID, Broadcast Address, and usable IP range for various subnet masks. Click "Next" to begin the practice problems.</p>`
    ];

    let currentStep = 0;
    const tutorialContent = document.getElementById("tutorial-content");
    const nextButton = document.getElementById("nextButton");
    const prevButton = document.getElementById("prevButton");
    const tutorialArea = document.getElementById("tutorial-area");
    const problemArea = document.getElementById("problem-area");

    function showStep(index) {
      tutorialContent.innerHTML = tutorialSteps[index];
      prevButton.disabled = (index === 0);
      nextButton.textContent = (index === tutorialSteps.length - 1)
        ? "Proceed to Practice Problems"
        : "Next";
    }

    nextButton.addEventListener("click", function() {
      if (currentStep < tutorialSteps.length - 1) {
        currentStep++;
        showStep(currentStep);
      } else {
        tutorialArea.style.display = "none";
        problemArea.style.display = "block";
        loadProblem(); // generate the first random problem
      }
    });

    prevButton.addEventListener("click", function() {
      if (currentStep > 0) {
        currentStep--;
        showStep(currentStep);
      }
    });

    showStep(currentStep);

    /***** Random Problem Generation Functions *****/
    function ipToInt(ip) {
      let parts = ip.split('.').map(Number);
      return ((parts[0] << 24) >>> 0) | (parts[1] << 16) | (parts[2] << 8) | parts[3];
    }

    function intToIp(int) {
      return [
        (int >>> 24) & 255,
        (int >>> 16) & 255,
        (int >>> 8) & 255,
        int & 255
      ].join('.');
    }

    function prefixToMask(prefix) {
      return prefix === 0 ? 0 : (~0 << (32 - prefix)) >>> 0;
    }

    function generateRandomPrivateIP() {
      let option = Math.floor(Math.random() * 3);
      if (option === 0) {
        // 10.x.x.x
        return "10." +
          Math.floor(Math.random() * 256) + "." +
          Math.floor(Math.random() * 256) + "." +
          Math.floor(Math.random() * 256);
      } else if (option === 1) {
        // 172.16.x.x to 172.31.x.x
        return "172." +
          (16 + Math.floor(Math.random() * 16)) + "." +
          Math.floor(Math.random() * 256) + "." +
          Math.floor(Math.random() * 256);
      } else {
        // 192.168.x.x
        return "192.168." +
          Math.floor(Math.random() * 256) + "." +
          Math.floor(Math.random() * 256);
      }
    }

    function generateProblem() {
      // Choose a random prefix from our list.
      let prefixOptions = [24, 26, 28, 30];
      let prefix = prefixOptions[Math.floor(Math.random() * prefixOptions.length)];
      let ip = generateRandomPrivateIP();
      let ipInt = ipToInt(ip);
      let maskInt = prefixToMask(prefix);
      let networkInt = ipInt & maskInt;
      let broadcastInt = networkInt | (~maskInt >>> 0);
      let firstUsableInt = networkInt + 1;
      let lastUsableInt = broadcastInt - 1;
      return {
        ip: ip,
        prefix: prefix,
        answers: {
          networkId: intToIp(networkInt),
          broadcast: intToIp(broadcastInt),
          firstUsable: intToIp(firstUsableInt),
          lastUsable: intToIp(lastUsableInt)
        }
      };
    }

    /***** Practice Problems Section *****/
    let solvedCount = 0;
    let currentProblem = null;
    let problemNumberCounter = 1;

    const problemStatement = document.getElementById("problem-statement");
    const problemNumberDisplay = document.getElementById("problem-number");
    const feedback = document.getElementById("feedback");
    const checkButton = document.getElementById("checkButton");
    const toggleHints = document.getElementById("toggleHints");
    const hintsDiv = document.getElementById("hints");

    toggleHints.addEventListener("click", function() {
      if (hintsDiv.style.display === "block") {
        hintsDiv.style.display = "none";
        toggleHints.textContent = "Show Hints";
      } else {
        hintsDiv.style.display = "block";
        toggleHints.textContent = "Hide Hints";
      }
    });

    function loadProblem() {
      currentProblem = generateProblem();
      problemNumberDisplay.textContent = problemNumberCounter++;
      problemStatement.textContent = `For the node ${currentProblem.ip}/${currentProblem.prefix}, compute the following addresses:`;
      document.getElementById("networkId").value = "";
      document.getElementById("broadcast").value = "";
      document.getElementById("firstUsable").value = "";
      document.getElementById("lastUsable").value = "";
      feedback.textContent = "";
    }

    function normalize(input) {
      return input.trim();
    }

    checkButton.addEventListener("click", function() {
      let userAnswers = {
        networkId: normalize(document.getElementById("networkId").value),
        broadcast: normalize(document.getElementById("broadcast").value),
        firstUsable: normalize(document.getElementById("firstUsable").value),
        lastUsable: normalize(document.getElementById("lastUsable").value)
      };

      let correct = true;
      for (const key in currentProblem.answers) {
        if (currentProblem.answers[key] !== userAnswers[key]) {
          correct = false;
          break;
        }
      }

      if (correct) {
        solvedCount++;
        feedback.textContent = "Correct! Generating a new problem…";
        feedback.className = "correct";
        setTimeout(loadProblem, 1000);
      } else {
        feedback.textContent = "One or more answers are incorrect. Try again.";
        feedback.className = "error";
      }
    });

    // Start with a random problem when practice begins.
    loadProblem();
  </script>
</body>
</html>


0,1
Network ID (base address),
Broadcast Address (final address),
First Usable IP (first address you can use),
Last Usable IP (last address you can use),

Step,Hint
Network ID,Convert the IP address and subnet mask into binary and perform a bitwise AND (only 1 AND 1 gives 1).
Broadcast Address,"Start with the Network ID and change all bits in the host portion to 1. For example, if there are 6 host bits, 2⁶–1 = 63."
First Usable IP,It is the Network ID plus 1.
Last Usable IP,It is the Broadcast Address minus 1.
