01-28-2014 09:16 PM - edited 03-04-2019 10:11 PM
Hi,
I was wondering if anyone knew whether or not you can connect an ASR1000 to two separate switches using the same VLAN? If this was an ISR G2 I could have used a BVI interface or installed a switch card and used VLANs. BVI and VLAN doesn't seem to exist. A BDI sounds like it could work however I was having problems getting mac-resolution to work using it. At this stage all I need to know is the design and feature to use for this type of design with an ASR.
Basic topology is:
____ASR____
| |
DMZ SW #1 ----- DMZ SW #2
| |
Firewall #1 Firewall #2
| |
Core #1 ------ Core #2
NOTE: DMZ switches aren't stacked so I can't use a port-channel.
Is it possible to connect an ASR like this and have it function? I'm pretty new to the IOS XE platform so any advice is welcome!
02-04-2014 09:47 PM
The answer is it can't be done.
The best option is to stack the switches and run LACP from ASR to Switches. I can't do this as the switches won't stack.
Another option is to run the switches in L3 mode and have separate VLANs between DMZ switch and ASR. i.e. DMZ SW 1 to ASR = 10.1.1.x/24 and DMZ SW2 to ASR = 10.1.2.x/24 and use L3 routing failover.
For me, I am going to cut back to a single DMZ switch as that works in the topology/customer I am working with (single DMZ switch + single ASR router).
Worked with Cisco design team to validate this.
09-21-2018 10:15 AM
Is this now supported?
09-21-2018 02:31 PM
Hello
Are the ASA fws in a HA setting ?
Are the cores switches stack or applicable to be stacked
Just to validate the ISR can run individual or aggregated but really would like to know what are you trying to accomplish with this design?
09-21-2018 08:29 PM
09-22-2018 12:43 AM
Hello
Looking at you hardware setup, possible to:
ASR performing dynamic routing between WAN and FWs,
DMZ switches l2 handoffs between ASR and FWS
FW's in High Availability paring between ASR with Core switch(s)- (stacked)
Cores switchs performing L3 inter-lvan routing and have a default route pointing toward ASA HA virtual next-hop
No requirement for BDI...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide