This document provides guidance on how to design a local area network (LAN) for a Business Ready Branch or autonomous Business Ready Office where corporate services such as voice, video, and data are converged onto a single office network. Because of the numerous combinations of features, platforms, and customer requirements that make up a branch office design, this version of the design guide focuses on various LAN designs for voice and data services. This document also includes design guidance on the LAN side of the office network using features such as and Cisco Catalyst Integrated Security. . | LAN Baseline Architecture Branch Office Network Reference Design Guide This document provides guidance on how to design a local area network LAN for a Business Ready Branch or autonomous Business Ready Office where corporate services such as voice video and data are converged onto a single office network. Because of the numerous combinations of features platforms and customer requirements that make up a branch office design this version of the design guide focuses on various LAN designs for voice and data services. This document also includes design guidance on the LAN side of the office network using features such as and Cisco Catalyst Integrated Security. Contents Hardware and Software Options 2 Access Switches 2 Distribution Switches 3 Integrating with the Edge Layer 3 Branch LAN Design Options 5 Small Office Design 6 Scalability and High Availability 10 Security and Manageability 10 Medium Office Design 10 Scalability and High Availability 12 Security and Manageability 12 Large Office Design 13 Conventional Design 13 Integrated Routing and Switching Design 15 Integrated Stackable EtherSwitch Services Module Design 20 LAN Infrastructure Configuration Details 21 Cisco Systems Corporate Headquarters Cisco Systems Inc. 170 West Tasman Drive San Jose CA 95134-1706 USA Copyright 2006 Cisco Systems Inc. All rights reserved. Contents VLAN Configuration 22 Voice and Data VLAN 23 Port Security 24 for Data VLAN 25 QoS Configuration on Access Ports 26 Cisco Catalyst 2950 Partially Trusted Model 27 Cisco Catalyst 3550 Partially Trusted Model 28 Catalyst 2970 3560 3750 Partially Trusted Model 30 EtherChannel and Trunking 31 Spanning Tree 33 Spanning Tree for Dual EtherSwitch Services Module Topology 34 HSRP Configuration for Dual EtherSwitch Services Module Topology 36 HSRP Configuration for Switch 1 Voice VLAN 36 HSRP Configuration for Switch 1 Data VLAN 36 HSRP Configuration for Switch 2 Voice VLAN 37 HSRP Configuration for Switch 2 Data VLAN 37 Layer 3 .