larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

Art of Network Architecture, The: Business-Driven Design

Best Value Purchase

Book + eBook Bundle

  • Your Price: $79.04
  • List Price: $131.98
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Individual Purchases


  • Your Price: $58.39
  • List Price: $72.99
  • Usually ships in 24 hours.

eBook (Watermarked)

  • Your Price: $47.19
  • List Price: $58.99
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

  • About
  • Description
  • Sample Content
  • Updates


  • The first business-centered, business-driven guide to architecting and evolving networks
  • Teaches to ask the right business questions upfront, to evaluate business and application requirements from a network designer’s perspective
  • Three chapter-length case studies: designing an L3VPN core, outsourcing to cloud services, and supporting BYOD
  • Written by three of the world’s most experienced and successful network architects
  • This book will come with power points of the book's figures to assist in classroom use.

  • Copyright 2014
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 352
  • Edition: 1st
  • Book
  • ISBN-10: 1-58714-375-5
  • ISBN-13: 978-1-58714-375-5

The Art of Network Architecture

Business-Driven Design

The business-centered, business-driven guide to architecting and evolving networks

The Art of Network Architecture is the first book that places business needs and capabilities at the center of the process of architecting and evolving networks. Two leading enterprise network architects help you craft solutions that are fully aligned with business strategy, smoothly accommodate change, and maximize future flexibility.

Russ White and Denise Donohue guide network designers in asking and answering the crucial questions that lead to elegant, high-value solutions. Carefully blending business and technical concerns, they show how to optimize all network interactions involving flow, time, and people.

The authors review important links between business requirements and network design, helping you capture the information you need to design effectively. They introduce today’s most useful models and frameworks, fully addressing modularity, resilience, security, and management. Next, they drill down into network structure and topology, covering virtualization, overlays, modern routing choices, and highly complex network environments.

In the final section, the authors integrate all these ideas to consider four realistic design challenges: user mobility, cloud services, Software Defined Networking (SDN), and today’s radically new data center environments.

• Understand how your choices of technologies and design paradigms will impact your business

• Customize designs to improve workflows, support BYOD, and ensure business continuity

• Use modularity, simplicity, and network management to prepare for rapid change

• Build resilience by addressing human factors and redundancy

• Design for security, hardening networks without making them brittle

• Minimize network management pain, and maximize gain

• Compare topologies and their tradeoffs

• Consider the implications of network virtualization, and walk through an MPLS-based L3VPN example

• Choose routing protocols in the context of business and IT requirements

• Maximize mobility via ILNP, LISP, Mobile IP, host routing, MANET, and/or DDNS

• Learn about the challenges of removing and changing services hosted in cloud environments

• Understand the opportunities and risks presented by SDNs

• Effectively design data center control planes and topologies

Online Sample Chapter

The Art of Network Architecture: Applying Modularity

Sample Pages

Download the sample pages (includes Chapter 7 and Index)

Table of Contents

Introduction xx

Part I Framing the Problem

Chapter 1 Business and Technology 1

Business Drives Technology 2

The Business Environment 2

The Big Picture 3

The Competition 4

The Business Side of the Network 5

Technologies and Applications 5

Network Evaluation 6

The Network’s Customers 6

Internal Users 7

External Users 8

Guest Users 9

Technology Drives Business 9

Part II Business-Driven Design

Chapter 2 Designing for Change 11

Organic Growth and Decline 12

Mergers, Acquisitions, and Divestments 14

Centralizing Versus Decentralizing 15

Chapter 3 Improving Business Operations 19

Workflow 19

Matching Data Flow and Network Design 20

Person-to-Person Communication 21

Person-to-Machine Communication 21

Machine-to-Machine Communication 22

Bringing It All Together 23


BYOD Options 24

BYOD Design Considerations 27

BYOD Policy 28

Business Continuity 29

Business Continuity Versus Disaster Recovery 29

Business Continuity Planning 30

Business Continuity Design Considerations 31

Summary 33

Part III Tools of the Trade

Chapter 4 Models 35

The Seven-Layer Model 36

Problems with the Seven-Layer Model 38

The Four-Layer Model 38

Iterative Layering Model 39

Connection-Oriented and Connectionless 41

A Hybrid Model 42

The Control Plane 43

What Am I Trying to Reach? 43

Where Is It? 44

How Do I Get There? 45

Other Network Metadata 46

Control Plane Relationships 46

Routing 46

Quality of Service 48

Network Measurement and Management 49

Interaction Between Control Planes 49

Reactive and Proactive 51

The Waterfall Model 53

Places in the Network 54

Summary 56

Chapter 5 Underlying Support 57

Questions You Should Ask 57

What Happens When the Link Fails? 57

What Types of Virtualization Can Be Run Over This Link? 58

How Does the Link Support Quality of Service? 59

Marking Packets 59

Queues and Rate Limiters 59

Speeds and Feeds Versus Quality of Service 60

Spanning Tree 61


TRILL Operation 62

TRILL in the Design Landscape 64

TRILL and the Fabrics 65

Final Thoughts on the Physical Layer 65

Chapter 6 Principles of Modularity 67

Why Modularize? 68

Machine Level Information Overload 68

Machine Level Information Overload Defined 69

Reducing Machine Information Level Overload 71

Separating Complexity from Complexity 72

Human Level Information Overload 73

Clearly Assigned Functionality 74

Repeatable Configurations 75

Mean Time to Repair and Modularization 75

How Do You Modularize? 77

Topology and Reachability 77

Aggregating Topology Information at Router B 78

Aggregating Reachability Information at Router B 78

Filtering Routing Information at Router B 79

Splitting Failure Domains Horizontally and Vertically 79

Modularization and Optimization 81

Summary 82

Chapter 7 Applying Modularity 83

What Is Hierarchical Design? 83

A Hub-and-Spoke Design Pattern 84

An Architectural Methodology 85

Assign Each Module One Function 85

All Modules at a Given Level Should Share Common Functionality 86

Build Solid Redundancy at the Intermodule Level 87

Hide Information at Module Edges 88

Typical Hierarchical Design Patterns 89

Virtualization 90

What Is Virtualization? 90

Virtualization as Vertical Hierarchy 93

Why We Virtualize 93

Communities of Interest 94

Network Desegmentation 94

Separation of Failure Domains 94

Consequences of Network Virtualization 95

Final Thoughts on Applying Modularity 96

Chapter 8 Weathering Storms 97

Redundancy as Resilience 98

Network Availability Basics 98

Adding Redundancy 99

MTTR, Resilience, and Redundancy 100

Limits on Control Plane Convergence 100

Feedback Loops 102

The Interaction Between MTTR and Redundancy 103

Fast Convergence Techniques 104

Detecting the Topology Change 104

Propagating Information About the Change 105

Calculating the New Best Path 106

Switching to the New Best Path 107

The Impact of Fast Convergence 107

Fast Reroute 108

P/Q Space 109

Loop-Free Alternates 110

Remote Loop-Free Alternates 110

Not-Via Fast Reroute 111

Maximally Redundant Trees 113

Final Thoughts on Fast Reroute 115

The Human Side of Resilience 115

Chapter 9 Securing the Premises 117

The OODA Loop 118

Observe 119

Orient 122

Decide 124

Act 125

Brittleness 125

Building Defense In 126

Modularization 128

Modularity, Failure Domains, and Security 128

Modularity, Complexity, and Security 128

Modularity, Functionality, and Security 129

Resilience 129

Some Practical Considerations 129

Close a Door, Open a Door 129

Beware of Virtualization 131

Social Engineering 131

Summary 132

Chapter 10 Measure Twice 133

Why Manage? 133

Justifying the Cost of the Network 134

Planning 135

Decreasing the Mean Time to Repair 136

Increasing the Mean Time Between Mistakes 136

Management Models 137

Fault, Configuration, Accounting, Performance, and Security 137

Observe, Orient, Decide, and Act (OODA) 138

Deploying Management 140

Loosen the Connection Between Collection and Management 140

Sampling Considerations 141

Where and What 142

End-to-End/Network 142

Interface/Transport 143

Failure Domain/Control Plane 143

Bare Necessities 144

Summary 145

Part IV Choosing Materials

Chapter 11 The Floor Plan 147

Rings 147

Scaling Characteristics 147

Resilience Characteristics 149

Convergence Characteristics 151

Generalizing Ring Convergence 154

Final Thoughts on Ring Topologies 155

Full Mesh 155

Clos Networks 157

Clos and the Control Plane 159

Clos and Capacity Planning 160

Partial Mesh 161

Disjoint Parallel Planes 162

Advantages of Disjoint Topologies 163

Added Complexity 164

The Bottom Line 164

Divergent Data Planes 165

Cubes 166

Toroid Topologies 167

Summary 169

Chapter 12 Building the Second Floor 171

What Is a Tunnel? 171

Is MPLS Tunneling? 173

Fundamental Virtualization Questions 175

Data Plane Interaction 176

Control Plane Considerations 177

Control Plane Interaction 177

Scaling 178

Multicast 179

Security in a Virtual Topology 180

MPLS-Based L3VPNs 182

Operational Overview 182

Fundamental Questions 185

The Maximum Transmission Unit 185

Quality of Service 186

Control Plane Interaction 186

Scaling 187

Multicast 188

Security in MPLS-Based L3VPNs 188

MPLS-Based L3VPN Summary 188


Operational Overview 189

Fundamental Questions 190

Control Plane Interaction 190

Scaling 190

VXLAN Summary 191

Summary 191

Chapter 13 Routing Choices 193

Which Routing Protocol? 194

How Fast Does the Routing Protocol Converge? 194

Is the Routing Protocol Proprietary? 196

How Easy Is the Routing Protocol to Configure and Troubleshoot? 197

Which Protocol Degrades in a Way That Works with the Business? 198

Which Protocol Works Best on the Topology the Business Usually Builds? 199

Which Protocol is Right? 200

IPv6 Considerations 202

What Is the Shape of the Deployment? 202

How Does Your Deployment Grow? 202

Topological Deployment 203

Virtual Topology Deployment 203

Where Are the Policy Edges? 203

Routing Protocol Interaction with IPv6 204

IS-IS Interaction with IPv6 204

OSPF Interaction with IPv6 205

EIGRP Interaction with IPv6 206

Deploying BGP 206

Why Deploy BGP? 207

Complexity of Purpose 207

Complexity of Place 208

Complexity of Policy 208

BGP Deployment Models 209

iBGP Edge-to-Edge (Overlay Model) 209

iBGP Core 210

eBGP Edge-to-Edge (Core and Aggregation Model) 211

Summary 212

Chapter 14 Considering Complexity 213

Control Plane State 213

Concepts of Control Plane State 214

Network Stretch 215

Configuration State 217

Control Plane Policy Dispersion 218

Data Plane State 220

Reaction Time 223

Managing Complexity Trade-offs 225

Part V Current and Future Trends

Chapter 15 Network in Motion 227

The Business Case for Mobility 228

A Campus Bus Service 228

A Mobile Retail Analysis Team 229

Shifting Load 230

Pinning the Hard Problems into Place 230

Mobility Requires State 231

Mobility Requires Speed 231

State Must Be Topologically Located 232

State and the Network Layers 233

IP-Centric Mobility Solutions 234

Identifier-Locator Network Protocol (ILNP) 235

Locator Identifier Separation Protocol (LISP) 237

Mobile IP 238

Host Routing 239

Mobile Ad-Hoc Networks (MANET) 240

Dynamic DNS 242

Final Thoughts on Mobility Solutions 243

Remote Access Solutions 244

Separate Network Access from Application Access 244

Consider Cloud-Based Solutions 245

Keep Flexibility as a Goal 246

Consider Total Cost 248

Consider Making Remote Access the Norm 248

What Solution Should You Deliver? 249

Chapter 16 On Psychologists, Unicorns, and Clouds 251

A Cloudy History 252

This Time It’s Different 254

What Does It Cost? 255

What Are the Risks? 256

What Problems Can Cloud Solve Well? 257

What Services Is Cloud Good at Providing? 258

Storage 258

Content Distribution 259

Database Services 260

Application Services 260

Network Services 260

Deploying Cloud 261

How Hard Is Undoing the Deployment? 261

How Will the Service Connect to My Network? 261

How Does Security Work? 262

Systemic Interactions 262

Flying Through the Cloud 262

Components 263

Looking Back Over the Clouds 264

Chapter 17 Software-Defined Networks 265

Understanding SDNs 265

A Proposed Definition 265

A Proposed Framework 266

The Distributed Model 267

The Augmented Model 268

The Hybrid Model 269

The Replace Model 271

Offline Routing/Online Reaction 272

OpenFlow 274

Objections and Considerations 276

Conclusion 281

Software-Defined Network Use Cases 281

SDNs in a Data Center 281

What OpenFlow Brings to the Table 281

Challenges to the OpenFlow Solution 283

SDNs in a Wide-Area Core 283

Final Thoughts on SDNs 285

Chapter 18 Data Center Design 287

Data Center Spine and Leaf Fabrics 287

Understanding Spine and Leaf 288

The Border Leaf 291

Sizing a Spine and Leaf Fabric 291

Speed of the Fabric 291

Number of Edge Ports 292

Total Fabric Bandwidth 293

Why No Oversubscription? 294

The Control Plane Conundrum 295

Why Not Layer 2 Alone? 295

Where Should Layer 3 Go? 296

Software-Defined Networks as a Potential Solution 298

Network Virtualization in the Data Center 299

Thoughts on Storage 299

Modularity and the Data Center 300

Summary 301

9781587143755 TOC 3/12/2014

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive:

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020