09-01-2009 01:47 PM - edited 03-04-2019 05:55 AM
Dear All,
Please find attached my current office network layout.
1. Only one core switch 4507
2. Only one fiber uplink to each floor from the core switch.rest are switches are being interconnected using cross cables.
3. For 5th and 9th floor uplink redundancy we have fiber link between 5th & 9th floor switch.
Now we are planning to implement IP phones in the network. so management has decided to add one more core switch and fiber uplink to all the switches. so in this senario what would be the best redundant design setup we can have in our network.
Kindly help me to finish the design diagram with all mentioned devices.
Thanks
Solved! Go to Solution.
09-06-2009 04:08 AM
Hello Shibu,
no problems
1) I would connect the two core switches with two fiber pairs and I would configure a L2 trunk etherchannel.
If you have only one port free a single L2 trunk can be enough.
2) yes it is the right decision it allows you to have a hierarchical network with a core layer and an access layer: no access layer device relies on another access layer device to reach the core and this is good.
Hope to help
Giuseppe
09-02-2009 05:03 AM
Hello Shibu,
nice to know that management has realised that a second core switch is needed.
>> nd fiber uplink to all the switches.
If possible you should have two fiber uplinks for each access layer switch:
one fiber link connected to core1
one fiber link connected to core2
so looking at your picture you should have other 10-3 = 7 fiber pairs deployed in the building.
core1 and core2 have to be the primary root bridge and secondary root bridge for all vlans as proposed in previous thread.
notice that each access layer for a given vlan will use only one uplink: STP protocol blocks one link.
To have both uplinks used in some way you should load share the root bridge role between core1 and core2 on a per vlan basis.
Cisco PVST+ allows this running one STP instance for each defined vlan.
If you cannot connect all switches to both core switches have at least two interswitch links between the switches in daisy chain but this is not recommended.
Note:
sorry for not having followed up previous thread but I was going in a vacation period.
Hope to help
Giuseppe
09-06-2009 01:00 AM
Dear Giuseppe,
Thanks for your concern . i am Sorry for the late written reply. i was on leave for last 3 days.
I am hereby attaching a new proposed diagram keeping your advice.
1. Which is the best way to interconnect the Core switches? i put a fiber connection between those two.is it a right decision?
2.i have removed all cross connection between switches and put all fiber connection. is it right ?
Waiting for your valuable comments on this.
Thanks
09-06-2009 01:08 AM
Thanks for your concern . i am Sorry for the late written reply. i was on leave for last 3 days.
I am hereby attaching a new proposed diagram keeping your advice.
1. Which is the best way to interconnect the Core switches? i put a fiber connection between those two.is it a right decision?
2.i have removed all cross connection between switches and put all fiber connection. is it right ?
Waiting for your valuable comments on this.
Thanks
09-06-2009 04:08 AM
Hello Shibu,
no problems
1) I would connect the two core switches with two fiber pairs and I would configure a L2 trunk etherchannel.
If you have only one port free a single L2 trunk can be enough.
2) yes it is the right decision it allows you to have a hierarchical network with a core layer and an access layer: no access layer device relies on another access layer device to reach the core and this is good.
Hope to help
Giuseppe
09-06-2009 05:40 AM
Dear Giuseppe,
Thanks a lot for the suggestion and guidance.
1. Can i have some (running)configuration samples for this type senario. Ex. HSRP or VRRP configs between Core switches,Spanning-tree RSTP,etherchannel,voice vlan
2. Read that RSTP would be the ideal choice for this type setup..is it right?
Thanks a lot for your valuable reply
Thanks
Shibu
09-06-2009 06:38 AM
Dear Giuseppe,
Thanks a lot for the suggestion and guidance.
1. Can i have some (running)configuration samples for this type senario. Ex. HSRP or VRRP configs between Core switches,Spanning-tree RSTP,etherchannel,voice vlan
2. Read that RSTP would be the ideal choice for this type setup..is it right?
Thanks a lot for your valuable reply
Thanks
Shibu
09-07-2009 10:28 PM
Dear Giuseppe,
If you have any working configuration regarding this please send to me.
Thanks
Shibu
09-08-2009 05:11 AM
Hello Shibu,
thanks for your kind remarks
Let's see together a configuration example
a)
spanning-tree
core1
spanning-tree mode rapid-pvst
spanning-tree vlan 1-3,5-6,8,11,13-14,20-21,200,612,614-615 priority 0
spanning-tree vlan 4,7,9-10,15-16,22-23,100,225,619 priority 1
! these commands say to use Rapid PVST
! core1 is the root bridge for vlans
! where priority is set to 0
! core2 is the root bridge for the other
! vlans where core1 has priority 1
core2 config:
spanning-tree mode rapid-pvst
spanning-tree vlan 1-3,5-6,8,11,13-14,20-21,200,612,614-615 priority 1
spanning-tree vlan 4,7,9-10,15-16,22-23,100,225,619 priority 0
! as you see the priority values are
! exchanged
spanning-tree mode rapid has to be given in all switches
b)
HSRP
good rules says core1 has to be the HSRP active router for the client vlans for which it is the STP root bridge
for example let's consider vlan200
core1:
int vlan200
ip address 10.113.200.2 255.255.255.0
standby 200 ip 10.113.200.1
standby 200 priority 105
standby 200 preempt
standby 200 authentication idsvq
on core2 SVI vlan200 will be configured as:
int vlan200
ip address 10.113.200.3 255.255.255.0
standby 200 ip 10.113.200.1
standby 200 priority 100
standby 200 preempt
standby 200 authentication idsvq
for vlan4 where core2 is root bridge the opposite is needed
int vlan4
ip address 10.113.4.2 255.255.255.0
standby 4 ip 10.113.4.1
standby 200 priority 100
standby 200 preempt
standby 200 authentication segr4
on core2
int vlan4
ip address 10.113.4.3 255.255.255.0
standby 4 ip 10.113.4.1
standby 200 priority 105
standby 200 preempt
standby 200 authentication segr4
note1:
it is good to use a different authentication key for different groups.
note2:
on multilayer devices other then C6500 you can and you need to reuse HSRP group numbers on different vlans to achieve scalability.
note3:
tracking of interface to internet router can be used (if an internet facing router is present)
Hope to help
Giuseppe
09-08-2009 10:32 PM
Dear Giuseppe,
Thanks a lot..!!! highly appreciated.
Thanks
Shibu
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide