Design any network — local to global, simple to expert.
Enterprise LAN/WAN, Campus, Data Center, Service Provider / ISP / Telecom (BGP, MP-BGP, OSPF, ISIS, PBR, Segment Routing, MPLS L3VPN, EVPN, SRv6), Cloud and Hybrid — all in one place. Pick a curated template, edit it as your own, or describe what you want and let AI build it with selectable models.
Classic 3-Tier Campus (Core / Distribution / Access)
Campus · simple
Traditional core/distribution/access campus with HSRP and OSPF area 0.
Cisco SD-Access Campus Fabric
Campus · advanced
Modern fabric campus with LISP control plane, VXLAN data plane, ISE micro-segmentation.
Zero-Trust Enterprise LAN with Micro-Segmentation
Enterprise LAN · advanced
Identity-based segmentation with NGFW east-west inspection.
Cisco Catalyst SD-WAN — Multi-Branch
Branch / SD-WAN · intermediate
vManage/vBond/vSmart with hub-and-spoke + selective full mesh, dual transports.
Carrier MPLS L3VPN with PE/CE
Enterprise WAN · advanced
Provider edge MPLS VPN with VRFs per customer, MP-BGP VPNv4.
Dual-Provider MPLS + Internet WAN
Enterprise WAN · intermediate
Active/active WAN edge with PBR for app steering.
VXLAN-EVPN Spine-Leaf Data Center
Data Center · advanced
Modern leaf-spine with VXLAN EVPN, anycast gateway, multi-tenant VRFs.
Cisco ACI Multi-Pod
Data Center · expert
ACI Multi-Pod with IPN, stretched APIC cluster across 2 sites.
Service Provider ISIS + Segment Routing MPLS Core
Service Provider · expert
ISIS underlay with SR-MPLS, BGP-LS to controller, TI-LFA fast-reroute.
SRv6 + EVPN Next-Gen Backbone
Service Provider · expert
IPv6-native SRv6 backbone with EVPN services, no MPLS.
ISP Broadband Aggregation (BNG/BRAS)
ISP Access · advanced
BNG/BRAS for PPPoE/IPoE subscribers with RADIUS, QoS hierarchies.
ISP Peering Edge — Transit + IXP
ISP Access · advanced
Transit BGP, IXP peering, route-server sessions, RPKI validation.
5G Standalone Mobile Core (Telecom)
Telecom Core · expert
5G SA with UPF/SMF/AMF on a SR-MPLS DC fabric.
AWS Landing Zone (Multi-Account, TGW)
Public Cloud · advanced
AWS Control Tower + Transit Gateway hub with shared services, inspection VPC.
Azure Virtual WAN — Global Hub
Public Cloud · advanced
Azure vWAN secured hubs with Firewall Manager and ExpressRoute.
Hybrid Multi-Cloud (AWS + Azure + On-Prem DC)
Hybrid Cloud · expert
Cloud on-ramp via Megaport/Equinix, consistent BGP policy across clouds.
Industrial OT Network (Purdue Model)
IoT / OT · advanced
Purdue levels 0-5 with industrial DMZ, Cisco Cyber Vision visibility.
SMB Single-Site (Router + Switch + Wi-Fi)
Enterprise LAN · simple
One-router, one-switch SMB site with guest Wi-Fi.
Branch Office (Router + Firewall)
Branch / SD-WAN · simple
Branch with router-on-a-stick and edge firewall, IPsec to HQ.
VXLAN-EVPN Multi-Site DCI with Border Gateways
Data Center · expert
Two VXLAN-EVPN fabrics stretched via NX-OS Multi-Site Border Gateways over a Layer-3 DCI.
Seamless MPLS — Inter-AS Option C across Access/Aggregation/Core
Service Provider · expert
End-to-end LSPs from access nodes to PEs using Inter-AS Option C and BGP-LU.
Global SASE + Zero-Trust Hybrid Multi-Cloud
Hybrid Cloud · expert
SASE PoPs + ZTNA fronting on-prem DCs, AWS, Azure and GCP with consistent identity-based policy.
5G Network Slicing with MEC and SR Transport
Telecom Core · expert
End-to-end 5G slices (eMBB / URLLC / mMTC) over SR/SRv6 with edge UPFs at MEC sites.
Finance Active/Active Dual-DC with Stretched EVPN + Anycast Services
Data Center · expert
Two metro DCs (<5ms) running active/active with anycast app frontends and stretched tenant VRFs.
Data Center CLOS Leaf-Spine with VXLAN-EVPN
Data Center · advanced
Standard CLOS fabric with eBGP underlay and MP-BGP EVPN overlay.
DMVPN Hub-and-Spoke WAN (Phase 3)
Branch / SD-WAN · intermediate
Dual-hub DMVPN Phase 3 with NHRP shortcut switching and IPsec.
Service Provider MPLS L3VPN Backbone
Service Provider · advanced
Carrier MPLS core with PE/P/RR roles, L3VPN, TE tunnels and FRR.
AWS Multi-VPC with Transit Gateway
Public Cloud · intermediate
Hub-and-spoke multi-VPC connectivity through Transit Gateway with on-prem DX.
Kubernetes On-Prem with Calico BGP Peering
Data Center · advanced
K8s clusters peering pod CIDRs to ToR leaves via BGP for native routing.
OT/ICS Purdue-Model Segmented Network
IoT / OT · advanced
Purdue Levels 0-5 with IDMZ and unidirectional gateways for safety-critical control.
5G Multi-Access Edge Compute (MEC) Site
Service Provider · expert
Edge UPF + MEC compute co-located at aggregation site for low-latency apps.
Small Branch with Dual-ISP Failover
Branch / SD-WAN · simple
Single edge router/firewall, two ISPs, IP SLA tracking and policy-based failover.
Collapsed-Core Small Data Center
Data Center · simple
Two-switch collapsed core/aggregation with ToR access for small DC footprints.
Enterprise SD-WAN Hub-and-Spoke
Enterprise WAN · intermediate
Centralized SD-WAN with two regional hubs and many branch spokes over dual transports.
Azure Virtual WAN Hub-and-Spoke
Public Cloud · advanced
Azure vWAN hub with secured firewall and multiple spoke VNets across regions.
Service Provider Metro Ethernet Ring (G.8032)
Service Provider · intermediate
ERPS-protected metro ring delivering E-Line/E-LAN services to enterprise customers.
ISP Broadband Access with BNG
ISP Access · advanced
PPPoE/IPoE broadband subscribers terminated on redundant BNGs with RADIUS AAA.
Multi-Cloud Transit with On-Prem DC
Hybrid Cloud · expert
Transit overlay connecting AWS, Azure, GCP and on-prem DC with consistent segmentation.
Smart Building IoT Network
IoT / OT · intermediate
Converged IP network for HVAC, lighting, access control, cameras with strong segmentation.
Telecom IMS Core for VoLTE/VoNR
Telecom Core · expert
Geo-redundant IMS core (P/I/S-CSCF, HSS, MGCF) for VoLTE and VoNR voice services.
Zero-Trust Campus with NAC and Microsegmentation
Campus · advanced
Identity-based access with dot1x, MACsec on uplinks, VXLAN-EVPN fabric and SGT policy.
Editable canvas
Edit the AI-generated diagram, save your own version locally, then export to PNG/SVG/PDF or import to the DC Designer.