Re: Need Config For 802.1Q Trunk STP/HSRP Backup

j.viola · ‎06-11-2002

Will have 2 3548 switches on each floor of bldg. - one for East side; one for West.

Each will have GB fiber 802.1Q trunk to one of two 2948G-L3 routers. Other fiber GB trunk would go to other 3548; i.e. linking East to West and vice versa. Would like to configure so that all "West" trunks go to one 2948G-L3, all "East" to other.

My question is what is best way to configure the "East to West" links, so that if main GB fiber down to router failed, that STP would activate the backup link and have the second router handle the traffic?

And is STP really the best way to go?

TIA.

steven-dunn · ‎06-13-2002

Try to deploy PVST+

depending on the way your VLANs are setup, and where your root bridge per VLAN is. Default STP costs will set the East to West link in blocking mode hence east will go to one switch and west will go to the other. STP can do the rest. Ensure your active HSRP router is the root of the STP VLAN.

Hope this helps.

j.viola · ‎06-14-2002

Well, actually, I set up a test environment: By running "Uplinkfast" on the Closet switches, both the port to the Router, and the East/West link are Forwarding. But by allowing only the 2 "floor" VLANs on the trunks, The East/West link only passes traffic if the link to the router fails. I am kinda running PVST in that each floor has its own VLAN for the WEST side, and another for the EAST.

I actually want to have BOTH Routers active at the same time - one for East; one for West. Only if a router failed would the other be required to handle both East and West..

My question is: what is the best way to configure the 2948G-L3 router to do this? I was thinking to assign the West VLAN's IP to the trunk as the Primary addresses, and assign the East IP addresses as Secondary addresses.

Would this work? ( Besides also using HSRP to force all traffic to the good router)

jackson.a · ‎06-17-2002

Have you got a limited amount of fibre between floor or small number of ports on the "core" switches ? If not, then :

Connect each closet switch to both of the core switches - uplinkfast work's best in a "triangular" 3 switch design and fails over in approx 1 second. In the layer 2 design you have described the failover would not be much better than standard STP. Use PVST as previous suggested.

Set one of the core switches to be STP root priority for VLAN's used in the west

and as STP backup for switches in the east.

On corresponding router set this to be HSRP primary for these VLAN's. All "west" switches would forward through this device.

On the second core switch set it to be STP root priority for VLAN's used in the east and as STP back for switches in the west

On the second router set this to be HSRP primary for these VLAN's and failover to the first router.

(Cisco documentation explains that it is better to have layer2(STP) and layer3(HSRP) failing over in the same "direction".

This shouldl achieve you goal of "load-balancing" the VLAN's/routing across both core switches.

j.viola · ‎06-17-2002

Thanks alot for your suggestions.

In my test set up, STP took 50 seconds to failover. So I added Portfast to the "Closet" Switches (and NOT on the L3 switch) and failover took just a few seconds. Definitely the way to go!