Spine and Leaf Architecture

We used Cisco’s three-layer hierarchical architecture for more than a decade, but in data centers, the spine-leaf architecture is more popular nowadays. In this lesson, you will learn about the spine-leaf architecture and its advantages.

Before we do that, you need to understand how data centers evolved and the disadvantages of the three-layer hierarchical architecture.

We used Cisco's three-layer hierarchical architecture for more than a decade, but in data centers, the spine-leaf architecture is more popular nowadays. In this lesson, you will learn about the spine-leaf architecture and its advantages. Before we do that, you need to understand how data centers evo

Data Center Evolution

Let’s start with a short history lesson of how the three-layer architecture evolved throughout the years.

Three-layer hierarchical architecture

Here’s an overview of the three-layer model:

Three Layer Architecture Model Cisco

For over a decade, we used this architecture with the three layers:

  • Core
  • Distribution (aggregation)
  • Access

The access layer is where we connect our end devices. In a campus network, these are usually computers, laptops, and access points. In a data center, this is where our servers are. The distribution layer has redundant connections to access layer switches and connects to the core layer. The core layer provides fast transport between distribution layer switches.

Between the access layer and the distribution layer, we use L2 and spanning-tree (STP) to block all links except one. Between the distribution and core layer, we use routing.

For a detailed explanation, you can take a look at the campus network design lesson.

vPC

To overcome the limitations of STP, Cisco introduced virtual-port-channels (vPC) in 2010. vPCs offer active-active uplinks from the access layer switches to the distribution layer switches. vPCs allow us to use all available bandwidth.

Three Layer Architecture Model Cisco Vpc

L2 Topology

Because of virtualization, we can now pool the computing, networking, and storage resources in a pod into virtual resources. Pooling these resources often requires large L2 domains that span from the access layer up to the core layer.

Three Layer Architecture Model L2 Domain

With these large L2 domains that span across the entire network, we can create a flexible resource pool and reallocate resources where needed.

An example is our servers. Before virtualization, we had physical servers in a single pod. With virtualization, we have hypervisors in multiple pods. A virtual machine that runs on a hypervisor in pod one can move to a hypervisor in pod two without any downtime. VMWare’s VMotion can do this but requires L2 connectivity to do it.

A side effect of having resources spread out over the network instead of within a single pod is that the amount of east-west traffic increases.

Three Layer Architecture Model East West Traffic

Traffic between the two servers has to go through all layers of our network.

L3 Topology

Another option is to use routing everywhere. The advantages of a routed topology are that we can use all links for forwarding and routing protocols converge faster than STP. If we require L2 connectivity between servers in different pods, we can use a VXLAN overlay network if needed.

Three Layer Architecture Model L3 Topology

Advantages and disadvantages

The three-layer hierarchical architecture has some advantages and disadvantages. Let’s take a look.

Advantages

This model offers the following advantages:

  • Availability: When a pod goes down, the issue is usually isolated to one pod and doesn’t affect other pods.
  • Security: We use L2 between the access and distribution layers and L3 between the distribution layers and core layer. We can filter traffic on L3 so we can decide what traffic goes into or outside of a pod.
  • Scalability: When the network grows, we can easily add more distribution or access layer switches.
  • Familiarity: We used this model for over a decade, so network engineers are familiar with this design and the protocols we use.

Disadvantages

There are, however, some disadvantages, which is why the spine-leaf architecture is gaining popularity.

Here are two important disadvantages:

  • Limited bandwidth: vPCs solve the STP problem that we can only use one active link, but vPCs are limited to two active uplinks.
  • Latency: The server-to-server latency could be high, depending on the traffic path. East-west traffic between pods has to go through the distribution and core layers.

Spine and Leaf Architecture

The spine-leaf architecture was developed to overcome the limitations of the three-tier architecture. It offers high bandwidth, low latency, and non-blocking server-to-server connectivity for data centers that primarily have east-west traffic flows. Here’s what it looks like:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 707 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

521 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Forum Replies

  1. Hi Rene, excellent post. I have a question regarding vPC on your Conclusions, “vPC somehow solves this limitation of STP, but vPC can only use two active links.” - what do you mean by “only use two active links”?

  2. Hello Laura

    When configuring vPC peers, you can only connect to two devices. Specifically, Cisco states:

    You can have only two devices as vPC peers; each device can serve as a vPC peer to only one other vPC peer. The vPC peer devices can also have non-vPC links to other devices.

    Note some invalid configurations below:

    https://cdn-forum.networklessons.com/uploads/default/original/2X/3/32d2546787ce45ad6d8c2c11b706c587169f833b.png

    You can find out more info at this Cisco documentation:

    https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/

    ... Continue reading in our forum

  3. Hello Walter

    When you configure etherchannel, you are increasing the bandwidth made available and you are bypassing STP, but only for links between the same two switches. If you create etherchannel links to multiple switches, all but one of those etherchannel bundles will be blocked by STP in order to avoid L2 loops. Whether we are blocking physical links, or etherchannel bundles, the result is the same.

    Even if you create etherchannels that span multiple switches, you can only span them across two switches, using vPCs, so the same limitation applies.

    I hope this has been helpful!

    Laz

18 more replies! Ask a question or join the discussion by visiting our Community Forum