IDSM redundancy

nkariyawasam · ‎12-03-2008

I have two 6500 core switches in failover (HSRP) config. Both switches have IDSM-2 modules.I have about 5 VLANs to monitor using IDSM in-line. Since IDSM has two interfaces to monitor trafic, I have to create 8 VLANs and do VLAN pairing in order to monitor these 4 VLANs.

What are the options available for me to have redundancy in case of one IDSM module failure ?

amritpatek · ‎12-10-2008

Make sure that The PFC2 supports a maximum of 16 unique HSRP group numbers. You can use the same HSRP group numbers in different VLANs. If you configure more than 16 HSRP groups, this restriction prevents use of the VLAN number as the HSRP group number.

For the further description and configuring the redundancy following URL may help you

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/redund.html

Farrukh Haroon · ‎12-14-2008

The IDSM will bridge the VLANS. The SVI is in one VLAN and the clients are in another. If the IDSM fails, mac/arp learning will not take place 'through' the failed IDSM. If there is a trunk between the two core switches, the MAC will be learnt via:

Access Sw >> Core2 >> Core1.

However all traffic would still continue to flow (albeit with an added l2-hop). This would need to be tested tough as it dependant on your particular setup and design.

There is no way to track multi-chassis IDSM-2 failure AFAIK. For the same chassis, you can use Etherchannel to load balance the two IDSMs. I'm not sure if VSS supports the modules yet (even tough I remember reading about blade support for VSS...but not sure which modules).

Regards

Farrukh