Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
765
Views
0
Helpful
5
Replies

2950 Port-channel Question?

scottcummins
Level 1
Level 1

‎07-26-2013 10:53 AM - edited ‎03-07-2019 02:37 PM

Hello All

I currently have 2(Two) 2950's set up with two portchannels, each port channel contains two ethernet ports

port-channel 1 - fa 0/47-48

port-channel 2 - fa 0/45-46

these Port-channels connect to a pair of Force 10 25s and they are usingf VRRP to connect to two firewalls

2950(1) 0/47-48 to Force 10 (1) 0/13-14

2950(1) 0/45-46 to Force 10 (2) 0/13-14

everything works fine, I just notice if I plug a laptop into one 2950 and ping the interface on the firewall, I get replies, If I mopve that laptop to the second 2950, it takes about 8 mins for the ping to pick up again. my first question is, is there an ARP configuration I can create to make this transition happen faster.

My second question is should I be using any spanning-tree protocol on these port-channels or ports assigned to the port-channels

I attached a simple diagram to show my connections

Labels:
15364745-New Network.vsd.zip
0 Helpful
5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

‎07-26-2013 11:00 AM

Hi,

So, the default gateway for your laptop is the firewall or force10 switch?

Where is VRRP configured and what device is VRRP active?

0 Helpful

scottcummins
Level 1
Level 1
In response to Reza Sharifi

‎07-26-2013 11:22 AM

Hi Reza

The Gateway is configured on the Force 10, a Virtual-Address of 172.16.2 1 and the physical Force 10's are 172.16.2.2 and 172.16.2.3. There is a single default ip route for any non VLAN trafiic to forward to 172.16.253.2 which is the LAN interface on a Sonicwall 3500 NSA. I can ping this just fine from the 2950's

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to scottcummins

‎07-26-2013 12:28 PM

Scott,

I am not familiar with force10 or Sonicwall.  Do you have the same issue if you use a single link instead of a portchannel on the 2950?

Is the link between the force10 and Sonicwall a /30?

HTH

0 Helpful

scottcummins
Level 1
Level 1
In response to Reza Sharifi

‎07-26-2013 12:34 PM

Reza

I am not usre it is an issue, I just was testing and all my failover works great. I just noticed if I simply move my laptop connection from one switch to the other, It takes about 8 mins for the ping to re-establish. I fi Do a "cleqar ARP" on the two it picks right up. SO I am just wondering if I should set the ARP on my 2950's to time out and clear after say 1 min.

My other question is if I should utilize someking of spanning-tree protocol on the port-channel interfaces or the ethernet port interfaces that are part of the port-channels, I don't have any I was just wondering if that would cause the 2950's to recognize the movement of a device from one switch to the other and "clear" the ARP Cache and direct traffic to the device on the switch it moved to

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to scottcummins

‎07-26-2013 12:54 PM

Scott,

From you description, it appear that each 2950 connects to a separate force10 switch.  If this is the case, as long as the 2950s are not connected together you don't have a physical loop (no need for spanning-tree).  Also, the 2 physical links in a portchannel are looked at as one logical connection. So if you have ONE portchannel between the force10 and 2950, there is no loop since both links are in one portchannel.

HTH

0 Helpful
Customers Also Viewed These Support Documents