Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4114
Views
45
Helpful
10
Replies

Catalyst 6500-E migration to Nexus 7706 in the Core. VSS TO VPC

Go to solution
amalitol81
Level 1
Level 1

‎12-07-2017 07:06 AM - edited ‎03-01-2019 08:41 AM

Hello Community,

 

I need to migrate a pair of Cisco Catalyst 6500-E to Nexus 7706 to replace the Core. I have several issues in my environment because there are many (SVI) interfaces vlan configured in the 6500 SW that are the default gateways of all User and Server networks vlans. I've read that I can't no use this configuration in nexus. I should use HSRP, but my manager wants to use GLBP to keep the active-active for each vlan. Maybe I also need to create a VRF for each vlan. The communication between users VLANs and Servers VLAN is allowing by this interfaces VLANs configured on the Catalyst (they are directly connected and the 6500 functions as a router). How can I configure the same on the new Nexus to keep the function of the network with out issues ? See the diagram bellow.

 

 

 

 

 

2 people had this problem
Labels:
Preview file
44 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎12-07-2017 07:31 AM

Hi there,

Create a L2 trunk between your 6500 and N7K for all the VLANs you want to route, and configure the VSS and one of the 7Ks as a HSRP group for each VLAN. The N7K should have a lower priority. At this point start migrating your L2 links from the VSS onto the N7K's; this will incur downtime.

Once the links have been physically moved onto the N7K, shutdown the SVIs on the VSS, causing the N7K to become the active forwarded for the HSRP group. You can then migrate the VSS SVI IP onto the other N7K, so that the N7K controls the standby group.

 

Tell your manager that there is no need to use GLBP as both chassis act an active-active FHRP gateway.

 

cheers,

Seb.

View solution in original post

10 Replies 10

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎12-07-2017 07:31 AM

Hi there,

Create a L2 trunk between your 6500 and N7K for all the VLANs you want to route, and configure the VSS and one of the 7Ks as a HSRP group for each VLAN. The N7K should have a lower priority. At this point start migrating your L2 links from the VSS onto the N7K's; this will incur downtime.

Once the links have been physically moved onto the N7K, shutdown the SVIs on the VSS, causing the N7K to become the active forwarded for the HSRP group. You can then migrate the VSS SVI IP onto the other N7K, so that the N7K controls the standby group.

 

Tell your manager that there is no need to use GLBP as both chassis act an active-active FHRP gateway.

 

cheers,

Seb.

Go to solution
amalitol81
Level 1
Level 1
In response to Seb Rupik

‎12-07-2017 09:25 AM

Hi Seb, 

 

Thank you for your quick response. I just want to understand what you mean deeper.

 

1. I'm going to create this L2 trunk between the 6500 and N7K for all the VLANs I want to route. So, I need to create an HSRP Group in my VSS for each vlan and the same thing in 1 of my N7K. In that case I need to add a virtual IP different that my current default GW (10.20.X.1) and create an interface Vlan IP on the nexus for each vlan. Am I ok ? 

 

Do I need to create this L2 trunks between BOTH 6500 and just 1 N7K ? 

 

Thank you very much in advance,

 

Regards,

 

 

 

 

 

0 Helpful

Go to solution
Rick1776
Level 5
Level 5
In response to amalitol81

‎12-08-2017 11:40 AM

1.)Yes you can have both switches participate in HSRP with the lower proieity as Seb pointed out they would use the same DFGW address.

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to amalitol81

‎12-09-2017 12:32 PM - edited ‎12-09-2017 02:50 PM

Hi there,

For each SVI on your VSS you will need to make the current IP address the virtual IP address for that particular HSRP group and assign new IP addresses for both the VSS and N7K SVIs. This way you don't need to worry about editing DHCP scopes or tracking down hosts with statically configured interfaces.

 

Regarding the L2 link, I've seen a core migration take 1 year+ (!), so it would be pertinent to configure a pair of physical links as a port-channel/ vPC between the VSS and the N7Ks for the sake of resilience, making sure that the vPC peer-link is carrying those VLANs too.

 

cheers,

Seb.

Go to solution
amalitol81
Level 1
Level 1
In response to Seb Rupik

‎12-09-2017 08:40 PM

Hi there,

 

Thank you Seb and Rick for your response and explanation. I presented this solution to my Manager, but he still wants to use GLBP because in our network all the devices are configured as Active-Active and the HSRP is a Hot-Standby protocol, where the traffic will be managed by just one nexus until the other fail.... (could be a link or the device itself). I have read but a lot of documentation and everywhere shows that the best way is using HSRP. How can I explain him the reasons to use HSRP instead of GLBP... Do you have something to help me with that ?

 

Thanks in advance for your time and consideration,

 

Regards, 

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to amalitol81

‎12-10-2017 02:01 AM

Hello again,

Show you manager any Nexus reference for "vPC + HSRP" :

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/unicast/config/cisco_nexus7000_unicast_routing_config_guide_8x/configuring_hsrp.html#concept_15F4E528252F4E6C926BF80C279FD4EB

vPC forwards traffic through both the active HSRP router and the standby HSRP router.

From a control plane perspective HSRP on the vPC is the same as on any other IOS device, but it is the dataplane where it differs. With both switches routing (albeit limited to two...by the nature of vPC) is behaves just like GLBP.

 

cheers,

Seb.

Go to solution
amalitol81
Level 1
Level 1
In response to Seb Rupik

‎12-11-2017 07:04 AM

Thank you guys,

 

You made a great job. I found this article, regarding the ACTIVE-ACTIVE configuration when you use HSRP and vPC on Cisco Nexus. 

http://www.ciscozine.com/nexus-vpc-hsrp-vrrp-active-active/ 

 

Kind Regards,

 

 

0 Helpful

Go to solution
amalitol81
Level 1
Level 1
In response to Seb Rupik

‎12-11-2017 07:04 AM

Thank you guys,

 

You made a great job. I found this article, regarding the ACTIVE-ACTIVE configuration when you use HSRP and vPC on Cisco Nexus. 

http://www.ciscozine.com/nexus-vpc-hsrp-vrrp-active-active/  

 

Kind Regards,

 

 

0 Helpful

Go to solution
CHEN LI
Level 1
Level 1
In response to Seb Rupik

‎06-24-2019 12:57 AM

Hi Seb,
Thank you for your answer. But I have a question on timing of downtime. You said after we set a lower priority on N7k, it will incur downtime. At this time, 6500 is primary while N7k is still the secondary. I think when we shutdown all the SVI on VSS. N7k become a primary and this is where incurs downtime . What do you think. Thank you

Salute
Chen
0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to CHEN LI

‎06-30-2019 11:56 PM

Hi Chen,

You have omitted some of the original statement, "...At this point start migrating your L2 links from the VSS; this will incur downtime."

You are correct that when you shutdown the VSS SVIs the N7K will become the active HSRP router and depending on your timers you will have have loss of off-link routing for up to 4 seconds. However this interruption is minor compared to physically moving cables/ fibres!

 

cheers,

Seb.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents