cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3523
Views
0
Helpful
17
Replies

IP/VLAN planning for Routed Access Design

mohankumarm
Level 1
Level 1

Hello,

We are currently designing a complete Layer 3 to the edge solution for our customers. The network design is a combination of a collapsed core (Core to access) as well as a three layer model (Core/Distro/Access) for connectivity to the Data Centre, Internet and Wireless Blocks.

The core of the network contains two 6509E switches interconnected on a Layer 3 Port channel (no VSS). Access Layer switches (3750 Stacks) connect to the core switches over p2p routed links (Collapsed core part of the design). Distribution layer switches provide connectivity to the Data centre, Internet and Wireless Blocks.(three layer model.

All IP addressing is being planned for assignment from the private RFC 1918 address block(10.0.0.0/8) for both Infrastructure and Access layer VLANs for users.

Clarifications required for the following:

1) There are about 15 VLANs to be configured in about 20 access switches and configuring unique VLAN's on all the access switches in the respective subnets will make the design very complex and difficult to manage. Therefore, the same VLAN ids will be used on all the access switches but the IP subnets on each of these VLAN's will be different across the Layer  3 access edge domain.

For eg.

Switch 1 containing VLAN 10 will be assigned 10.X.0.0/26

Switch 2 containing VLAN 10 will be assigned 10.X.4.0/26

X in the second octect refers to the location of the switch and the third octet is chosen so that it does not clash with the other IP addresses in similar VLANs. Similar IP addressing design for the other VLAN's as well.

Is this is a correct address assignment for the Layer 3 access design? or is it better to have another level of hierarchy in the third octet, to have say the IDF number the switch belongs to. What is the best practise for IP/VLAN assignment on the access switches?

2) All the access switches and the distribution switches will be implemented with EIGRP stub and advertising only the connected routes with the EIGRP summary disabled( no auto-summary), so that all specific connected LAN routes are advertised to the core. In this case, is it required to manually summarise routes advertised from the distribution to the core for the distribution block only as we have been advised not to summarise any of the routes that is advertised from both the access as well as distribution layers.

3) Can the point-to-point Layer 3 links (/31) between the core and access/distribution layer be addressed on one large /21 subnet(10.x.0.0/21) in the private IP block or can this be addressed using individual /31 subnets allocated from the IP address from the respective blocks(10.10.0.0/31, 10.20.0/31 etc)

Thanks in advance.

Best Regards.

17 Replies 17

Mohan

Thanks for that. Yes i assumed that you still needed to manually configure a summary.

One last point. If any of the distro switches are interconnected via a L3 port-channel then don't forget to summarise between the distro switches. I'm guessing that the distro switches are interconnected via L2 trunks so you wouldn't need to worry but just wanted to make sure.

Jon

No worries, Jon will do. But the interconnected distro switches in this scenario are the primary and secondary sites for the respective DC, wireless and Internet blocks and this is by means of L2 trunks i think ( will have to confirm this).        As there is no interconnection between any of the Wireless/DC blocks, i think no need to worry here.

Hi John,

We have a scenario where the Wireless Distro switches are running over VSS ( Sup720-10GE), and the switches have uplinks to two different  core switches (/31 links) and downstream links are connected to a pair of Wireless Controllers. To avoid a dual-active scenario in case of a VSL link failure, would like to check which of the following approach will be a bettter design:

1) Configure Layer 3 Etherchannels between the VSS switches and core switches by configuring Layer 3 Port channels facing the core switch links.(MEC configuration) and running EIGRP stub on the Layer 3 Etherchannel OR

2) Use additional links between teh VSS switches for Fast Hello or BFD.

Additionally, is it required to run EIGRP on the VSL links?

Thanks and Regards,

Mohan

Review Cisco Networking for a $25 gift card