A 13-section interactive reference guide covering the complete enterprise networking stack. Includes three-layer hierarchical model vs spine-leaf architecture, OSI model with protocol mapping, Ethernet standards and VLAN/STP design, OSPF and BGP routing protocols, network security (ACLs, firewalls, VPN, NAT), Wi-Fi 6 design and channel planning, IP addressing and DHCP, SD-WAN vs MPLS, data center VXLAN/EVPN fabric, network management and automation, cloud networking (AWS/Azure/GCP), documentation standards, and a comprehensive quick-reference table.
Each section targets a core enterprise networking discipline: hierarchical network architecture (3-tier campus and spine-leaf data center), OSI model with real-world protocol mapping, Ethernet switching (VLANs 802.1Q, STP/RSTP loop prevention, port security), routing protocols (OSPF cost calculations, BGP path attributes and best-path selection, EIGRP), network security (ACLs, stateful and NGFW firewalls, IPsec/SSL VPN, NAT/PAT), wireless LAN design (802.11ax Wi-Fi 6 features, channel planning, cell sizing), IP addressing (subnetting, VLSM, IPv6, DHCP DORA), SD-WAN architecture versus MPLS, data center networking (VXLAN EVPN BGP fabric, Uptime Institute tiers, PUE), network management (SNMPv3, NetFlow/IPFIX, automation with Ansible/Terraform), cloud networking (AWS VPC, Azure VNet, GCP global VPC, multi-cloud), documentation standards (IPAM with NetBox, naming conventions, change management), and a master quick-reference covering port numbers, OSPF costs, subnetting, and BGP tie-breaking.
Use the Prev / Next buttons at the bottom, or press the arrow keys on your keyboard. Click the ☰ menu button in the top-right to open the table of contents and jump to any section. The gold progress bar at the top tracks your position through all 13 sections.
OSPF cost calculations depend on the reference bandwidth setting. The default reference bandwidth of 100 Mbps causes GigabitEthernet and 10GigabitEthernet to both get cost=1, removing meaningful differentiation. Always set auto-cost reference-bandwidth 10000 on all OSPF routers for accurate cost calculation on modern networks. BGP best-path selection follows a deterministic tiebreaking order — understanding this sequence is essential for traffic engineering in multi-homed enterprise and service provider environments.
Modern enterprise networks increasingly blend on-premises infrastructure with cloud VPCs and SD-WAN overlays. AWS VPC, Azure VNet, and GCP VPC all provide logically isolated networks, but differ in scope (GCP VPC is global vs. regional for AWS/Azure) and connectivity options. SD-WAN overlays can extend consistent policy and QoS across MPLS, broadband, and cloud-native connections. For hybrid cloud architectures, Transit Gateway (AWS) or Virtual WAN (Azure) provide hub-and-spoke aggregation of multiple VPCs and on-premises connections.
The three-tier model (core → distribution → access) is optimized for campus networks where most traffic flows north-south (client to server). The spine-leaf model is optimized for data centers where east-west traffic (server to server) dominates. In spine-leaf, every leaf switch connects to every spine switch, providing equal-cost paths (2 hops between any two servers) and linear scalability — adding capacity means adding leaf switches.
OSPF assigns a cost to each interface based on the formula: cost = reference bandwidth / interface bandwidth. The default reference bandwidth is 100 Mbps, so a FastEthernet interface (100 Mbps) gets cost 1, GigabitEthernet (1 Gbps) also gets cost 1 (rounded down), and serial links get higher costs. For accurate cost differentiation on high-speed networks, change the reference bandwidth: 'auto-cost reference-bandwidth 10000' makes 10G = cost 1, 1G = cost 10, 100M = cost 100.
SD-WAN is typically recommended when: broadband internet is available at branch sites (replacing expensive MPLS), when you need application-aware routing (route video/voice over best-performing link), when you have many branch sites (operational cost of SD-WAN scales better), or when you need to add LTE/5G as a backup transport. MPLS is still preferred when you need SLA-guaranteed low-latency connectivity (e.g., for real-time industrial systems) and cannot tolerate internet variability.
VXLAN (Virtual Extensible LAN) is a network overlay protocol that encapsulates Layer 2 Ethernet frames inside Layer 3 UDP packets. It solves the 4,094 VLAN limit by using a 24-bit VNI (Virtual Network Identifier) supporting 16 million segments. In spine-leaf data centers, VXLAN with BGP EVPN provides a scalable, standards-based fabric: EVPN handles MAC/IP learning and distribution (replacing flood-and-learn), while VXLAN provides the data plane encapsulation for host-to-host communication across routed underlay links.