Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
473
Views
5
Helpful
11
Replies

access -layer 3

bluesea2010
Level 5
Level 5

‎04-18-2022 02:34 AM

Hi,

I am planning layer 3 connectivity between core and access  

 

core access.JPG

 

What is the pros and cons  of connecting between  two core switches each other (layer 3 and layer 2 ) 

or Do I need require a connection between two core switches ? 

Thanks 

0 Helpful
11 Replies 11

Georg Pauwen
VIP
VIP

‎04-18-2022 03:00 AM

Hello, 

 

your question is very general, but typically, if you have two core switches, you would want something like VSS (which 'combines' both core switches into one.

 

What is the end goal of your design, what do you want to accomplish ?

0 Helpful

bluesea2010
Level 5
Level 5
In response to Georg Pauwen

‎04-18-2022 03:28 AM

Hi @Georg Pauwen 

I don't want vss , it act as independent  two switches . the goal is to reduce the no of  uplink ports . 

Thanks 

 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to bluesea2010

‎04-18-2022 04:07 AM

@bluesea2010 wrote:

the goal is to reduce the no of  uplink ports

Oh, FFS!Oh, FFS!

 

bluesea2010
Level 5
Level 5
In response to Leo Laohoo

‎04-18-2022 09:00 AM

Hi @Leo Laohoo 

What I mean 

I have another  same core block   in another  location . There was no port  remaining  to connect  in between core   after all uplink  and downlink connected 

 

Thanks 

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to bluesea2010

‎04-18-2022 06:44 AM

"I don't want vss , it act as independent two switches . the goal is to reduce the no of uplink ports ."

Well whether using independent core devices, VSS (or vPC), and/or using L2 or L3, assuming you want redundancy, you're going to want two uplinks, so it doesn't make any difference.

"What is the pros and cons of connecting between two core switches each other (layer 3 and layer 2 )"

The usual/best pro for L3, often is, better usage of you inter device links, as links don't get blocked by STP.

The usual/best pro for L2, often is (and mentioned by other posters), being able to have a VLAN across multiple devices.

BTW, in modern networks, I'm not much of a fan of having VLANs spanning devices, but a hybrid structure, when using L2 at edge and L3 at next "up" later, is to restrict VLANs to just each edge device.  This works very nicely when the next "up" later is just one device, whether physical or virtual.  (Oh my, just one "up" device?  Sure, sometimes a single physical "up" device can provide lots of "redundancy" except for the chassis, itself.)

"or Do I need require a connection between two core switches ?"

Usually a good idea for either L2 or L3.

Consider, in your topology, how some traffic might need to flow when an access switch loses one of its uplinks.

0 Helpful

Flavio Miranda
VIP
VIP

‎04-18-2022 03:31 AM

Hi

 L3 between Core and Access allows you to not  rely in Spanning tree any more. This way, instead of one, you now have two active uplinks from the Access to the Core. Le´ts say you have switches with 10G interface, you can achieve 20G uplink.

The problem about this scenario is that you can not extend your vlans. Exteding vlans is a very common practice in corporate environment.

You may have vlan 100 in one floor and now you want the same vlan 100 in a different floor with same DHCP range and gateway.

With L3 on the Access you can´t do that. You can, of course, create the same vlan 100 but it will have a different DHCP escope and gateway.

 

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎04-18-2022 03:32 AM

 

It does depend on your overall network topology ie. you show only two access layer switches but how many are there going to be and is this a campus or DC design. 

 

You don't necessarily need an interconnect between your core switches but that assumes every access layer switch has connectvity to each core switch which may or may not be the case here. 

 

Difficult to say based on the limited information you have provided. 

 

Jon

0 Helpful

bluesea2010
Level 5
Level 5
In response to Jon Marshall

‎04-18-2022 09:08 AM

hi @Jon Marshall @Flavio Miranda 

 

The below solution will work ? . I mean an active standby firewall deployed , If any failover happened  how the traffic will flow 

core access-FW.JPG

Thanks

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to bluesea2010

‎04-18-2022 10:12 AM

Hi,

Looking at the diagram you posted, access-layer redundancy is fine, and so is the redundancy between the firewalls and cores. The issue is core layer redundancy. Since there are no links between the core switches if, for example, the link between the core switch on the left and the active firewall fails, the traffic has nowhere to go. So, if you add a link between the core switches and configure all the devices correctly, the failover/redundancy should work just fine.

HTH

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎04-18-2022 06:27 AM

reduce the uplinks (so you looking more troubles)

 

if they are the same location, stack it.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

MHM Cisco World
VIP
VIP

‎04-19-2022 03:42 PM

BRKCRS-3036.pdf

 

please find this CiscoLive PPT, it have many many detail about L3 Access.
take Look.
good Luck Friend 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card