cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1355
Views
3
Helpful
7
Replies

Best Practice VSS and HSRP setup

Dear Gentlmen, 

I 've two core switches, 6509-E with Sup 2T version 15.2(1)SY1a, connected to each other using L2 trunk port channel,  My plan to connect two distribution switches  VSS 4500-X switches to both of the core switches as in the following setup " Each core switch has his own IP" and both of the switches are having the same IP. 

CORE 1 (6509)-------L2  Trunk port channel------Core 2 (6509) 

   ( int T1/1)                                                            ( int T1/1)

     |                                                                          |

     |                                                                          |

   (int  T1/1/1)                                                       ( int T2/1/1)                                                                   

    VSS1 (4500-x)------VSL port channel----------VSS2 ( 4500X)

While most important  I don't want to change any physical connectivity and don't want to convert the core switches into VSS setup

1- Can I run L3 port channel in interfaces T1/1/1 & T2/1/1 which has one IP in the same sub net of the core switches, And if yes what are the best practices so I use HSRP or GLBP in the core switches ? 

2- If the above is not possible, Shouldn't I use both 4500-X in VSS setup and do the following setup instead and loose the feature of the port channel so I use single trunk and HSRP or GLBP in all the four switches? 

CORE 1 (6509)-------L2  Trunk port channel------Core 2 (6509) 

   ( int T1/1)                                                            ( int T1/1)

     |                                                                          |

     |                                                                          |

   (int  T1/1/1)                                                       ( int T/1/1)                                                                   

 (4500-x-1 )------L2 trunk port channel---------- ( 4500X-2 )

Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
VIP Expert

Hi,

Hi,

If the plan is to have all vlans terminate on the distribution switches than it is easier to use the 4500x and build them as VSS.  This way you don't need to worry about HSRP, VRRP, etc.. You than need 2 layer-3 Portchannels, one connecting one 6509 to both vss 4500x chassis and another one for connecting the other 6509 to both vss chassis.

HTH

View solution in original post

Highlighted
Beginner

We have a setup similar to

We have a setup similar to what you describe.  In our case, the 4500-X VSS is a pure Layer 3 switch - no VLANs at all.  All connections to the 4500-X are Layer 3 port-channels, with one port-channel member on each switch in the 4500-X VSS, for redundancy.  The 4500-X is running EIGRP and peers with the Layer 3 switches directly adjacent to it.

But I think that the OP may be talking about using the 4500-X as a Layer 2 VSS switch, and the VLANs would be routed at the core switches, which is why he is asking about HSRP/GLBP.  While that can be done, you will need Layer 2 trunk connections from the 4500-X-VSS to the two core switches, and then one of the two uplinks will be in blocking mode because of Spanning Tree.

If the OP is talking about the reverse option, where the Layer 2 VLANs would be routed by the 4500-X VSS, then once again, the connections between the 4500-X VSS switches and the core switches would need to be Layer 2 trunks, and Spanning Tree would also block one uplink path.  But since the VSS is, in effect, a single switch, you would have one SVI per VLAN, so you would not need to set up HSRP/VRRP.

-rb

View solution in original post

7 REPLIES 7
Highlighted
VIP Expert

Hi,

Hi,

If the plan is to have all vlans terminate on the distribution switches than it is easier to use the 4500x and build them as VSS.  This way you don't need to worry about HSRP, VRRP, etc.. You than need 2 layer-3 Portchannels, one connecting one 6509 to both vss 4500x chassis and another one for connecting the other 6509 to both vss chassis.

HTH

View solution in original post

Highlighted
Beginner

We have a setup similar to

We have a setup similar to what you describe.  In our case, the 4500-X VSS is a pure Layer 3 switch - no VLANs at all.  All connections to the 4500-X are Layer 3 port-channels, with one port-channel member on each switch in the 4500-X VSS, for redundancy.  The 4500-X is running EIGRP and peers with the Layer 3 switches directly adjacent to it.

But I think that the OP may be talking about using the 4500-X as a Layer 2 VSS switch, and the VLANs would be routed at the core switches, which is why he is asking about HSRP/GLBP.  While that can be done, you will need Layer 2 trunk connections from the 4500-X-VSS to the two core switches, and then one of the two uplinks will be in blocking mode because of Spanning Tree.

If the OP is talking about the reverse option, where the Layer 2 VLANs would be routed by the 4500-X VSS, then once again, the connections between the 4500-X VSS switches and the core switches would need to be Layer 2 trunks, and Spanning Tree would also block one uplink path.  But since the VSS is, in effect, a single switch, you would have one SVI per VLAN, so you would not need to set up HSRP/VRRP.

-rb

View solution in original post

Highlighted

I meant the HSRP to be

I meant the HSRP to be configured a SVI-1 in the core 6509 1 and SVI-2 in the core switch-2 , What do you think as a best practice to keep one of these link in spanning tree block mode and configure the HSRP in both core switches or we do EIGRP between three routers ( Core1,core 2, VSS switches), However how can I consider for example te1/1/1 and te2/1/1 in both VSS chasis in one L3 port channel while from the other side of the core switches are configured as a sinle in trunk in each core... Do you mean to configure the interfaces t1/1/1 and te2/1/1 in one access vlan, And then configure SVI representing both interfaces and from the other side single trunk links ? 

Highlighted

What if I can't connect two

What if I can't connect two connections between each core switch to the two VSS chasis ? s the distance is very far from each core switch to the VSS, Can I run single trunk link ? 

Highlighted
VIP Expert

If the distance is very far,

If the distance is very far, you can use single-mode optics with single mode fiber. depending on the fiber you have in place but usually if the distance is above 300 or 400 meters then you need to use single-mode.

HTH 

Highlighted

Ya, But I mean from design

Ya, But I mean from design perspective, Can I connect single trunk from each core switch to one of the VSS "One Leg"  switches instead of the cross design. 

Highlighted
VIP Expert

For VSS, the recommendation

For VSS, the recommendation is to always connect to both VSS switches and not just one.

HTH

CreatePlease to create content
Content for Community-Ad