cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
455
Views
30
Helpful
9
Replies
Highlighted
Beginner

Migrate from Router on a stick configuration to Inter-vlan routing using L3 switches.

I am planning on migrating my campus network design from a traditional router on a stick configuration into Inter-vlan routing using L3 switches.

What are things i have to look out for? pitfalls? Is there a real advantage of switching over?  

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

Hello
The obvious would be Network Address Translation, only high end switches support it so you need to accommodate this in your migration>
Attached is a basic staged approach to migrate from a ROS devcie onto a L3 switch VSS/VPC/stack core based on the assumption the ROS device is running dynamic routing and this is enabled for its WAN facing interconnection between itself and the ISP/WAN device also for the LAN interface (sub-interfaces /vlans) which is interconnected to a Lan hanoff switch/stack for the inter-vlan routing.
The ISP/WAN device is advertising a default route into the ROS device.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

View solution in original post

9 REPLIES 9
Highlighted
Engager

 

I think we will need more info like size of organization, amount and type of traffic, topology, types and models of router and switch you picked for SVI L3 routing. What amount of traffic or load your router currently has as well as existing L3 switch or future role of L3 switch does (besides routing).  What is current router doing (protocols, features, roles).

I would say my major concern is will L3 switch be able to handle routing in addition to its current role. Note that you can add more Ram into a router but I don't think you can do the same for switches (at least not for c2900s-3850s). So, once you picked L3 switch, you will have to make sure it can handle the load. 

 

Regards, ML
**Please Rate All Helpful Responses **

Highlighted

Thank you Martin. Sorry i should have included them in the first post.
Here are the specs:

1x - ISR4331 
2x - Cisco 3850 currently stacked ( Should i break the stack?)
2x - Nexus 3K for Datacenter
12x - Cisco 2960x Access Switch
About 300 Users and 100+ VMs

Thank you!
Highlighted

Hello @IS34lyf ,

generally speaking the big advatange of moving to L3 switch inter VLAN routing is performance

A software based router like yours ISR4331 has a forwarding capability less then 1 Gbps in aggregate.

Your C3850 stack that you don't need to split , with L3 routing is able to perform tens of Gbps of inter Vlan routing.

 

There are functions that can be performed only by ISR 4331 and specifically NAT for internet access.

For the migration the best choice is to create a new Vlan to be used as logical link between the C3850 stack and the ISR 4331 and to have this new Vlan permitted on the trunk link between the router and the C3850.

Then you need to create SVI interface for each Vlan and you should shut down the corresponding sub-interface on the router.

Warning: if not using HSRP or other protocols the MAC address of the SVI will be different then that of router sub interface. This is actually the greatest impact on the network : all hosts in the Vlan need to learn the new MAC address using the ARP protocol.

A possible trick is to configure under the SVI the same MAC of the router subif to avoid this

interface Vlan X

mac xxyy.llmm.zzkk

 

Hope to help

Giuseppe

Highlighted
VIP Advocate

Hi,

 

I hope you selected the right hardware, software version for your network. The most important thing you will require, After office hours works and network downtime. I hope it is a new switch and still not connected in the network and you must perform Prototype Tests/installation.

 

1. Upgrade the switch to the right version. If required activate the license. 

2 Create layer 2 vlan and Layer 3 SVI's on the switch as it was configured on the router (copy of subinterfaces). 

3. Assigned VLAN's to the correct ports and uplink ports. 

3. Verify for enabling IP routing on the Switch. "IP routing".

4. Are you using in FHRP protocols such as HSRP/VRRP? If than planned to migrate if required. Better to add switches in stacks if possible.

5. Are you using any Security protocols or ACLs for intervlan routing? If yes than migrate to the switch.

6. add default route toward the router or NATing device and also configure, VLAN, SVI, and port for your NATing device.

7. Take a confirm downtime and replace the router.

 

If you still have any questions then share your router configuration.

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution If this comment will make help you!
Highlighted

Thank you for all the helpful insights. Definitely adding all these to my plan. 

 

Can this migration be done in phases? 

Highlighted

Hi,

What is your mean by phases? are you thinking to migrate the first 2 VLANs and letter on reset of VLANs? If yes, then it is possible and there will be a requirement of adding some static and default routing on the router (exiting) and new switches. That is complicated and not advisable.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution If this comment will make help you!
Highlighted

Hello


@Deepak kumar wrote:

Hi,

What is your mean by phases? are you thinking to migrate the first 2 VLANs and letter on reset of VLANs? If yes, then it is possible and there will be a requirement of adding some static and default routing on the router (exiting) and new switches. That is complicated and not advisable.


Not sure i understand your question - Are you saying a staged approached migration on a LAN core isn’t advisable - Can you elaborate on this?
Basically you have two options when it comes to this type of migration
1) An all in one change - which would incur a long outage to the client and possibly if for some reason something doesn’t work you have may have to backout the whole change causing even more down time

or

2) A staged migration of which I have explained, this provides the added benefit of minimal outage to a client and its more deterministic.

 



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted
VIP Mentor

Hello
The obvious would be Network Address Translation, only high end switches support it so you need to accommodate this in your migration>
Attached is a basic staged approach to migrate from a ROS devcie onto a L3 switch VSS/VPC/stack core based on the assumption the ROS device is running dynamic routing and this is enabled for its WAN facing interconnection between itself and the ISP/WAN device also for the LAN interface (sub-interfaces /vlans) which is interconnected to a Lan hanoff switch/stack for the inter-vlan routing.
The ISP/WAN device is advertising a default route into the ROS device.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

View solution in original post

Highlighted

Thank you for everyone's responses and I take everything into consideration. I would most likely take the slower approach since this is a bigger project than i thought it would be.