Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3361
Views
4
Helpful
10
Replies

L2 Redundancy between Routers and L3 Switches

Go to solution
Saman Shamim
Level 1
Level 1

‎12-20-2013 03:58 PM - edited ‎03-07-2019 05:12 PM

EDITED

Hi,

Currently I have a partial-mesh point to point L3 links between the two routers and two L3 switches. I have played with OSPF costs so only S1-R1 path is in use in normal situation. If a device or link failure happens, things will change accordingly:

L3-OSPF.JPG

The links need to be changed to L2 as I need to VLAN tag the traffic between the routers and the switches to send them to separate VRF routing tables at L3. That's the only reason that we want to switch to L2. The question is how I can achieve this and keep redundancy especially on the routers. I'm trying to avoid introducing other network devices to this topology as much as possible. The switches are 3750X and the routers are 2900 series (so no VPC).

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Saman Shamim

‎12-26-2013 03:18 PM

My understanding is that the Ehterchannel ports on the router should connect to the same switch (unlike VPC). This is against my design where I want to have both link and device redudndacy. Is that right?

I'm not sure you have much choice if you want to terminate the L3 vlan interfaces on the routers.

If you want two ethernet interfaces on a router in the same subnet you can bridge them together by using a bridge group but i don't know whether you could then place the BVI into a specific VRF. I suspect it would not be supported or there might be features missing if it is supported.

Other than that the only ways i can see to do this are -

1) set up your 3750s as a stack and run an etherchannel from each router to both members of the stack. The downside of this is as you say traffic from R1 would use both links but this is not so important if the switches are stacked.

In addition it sounds as though you are not stacking them at the moment ie. they are running HSRP between them so it sounds like they are standalone switches interconnected via a L2 trunk.

2)  If the switches are standalone then run an etherchannel from S1 to R1 and an etherchannel from S2 to R2. You still get link failure protection because you are running an etherchannel but it is not quite the same as your diagram eg. if R1 fails in your diagram then S1 can use R2 but using etherchannel if R1 failed S1 does not have a direct connection to S2.

However assuming a L2 trunk interconnect between the switches S1 still has a path to R2 via S2.

Jon

View solution in original post

0 Helpful
10 Replies 10

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎12-21-2013 05:10 AM

I don't think this will work because there is no L2 interconnect internally within the router between the gi1 and gi2 interfaces. So the trunk links terminate on the gi interfaces on the router and there is no L2 switching between the interfaces.

I don't really understand what you are trying to achieve. If you have L3 switches why use subinterfaces on the router. If S1 and S2 are L3 then simply use routed point to point links to the router and exchange routes.

If the switches are L2 only you could bridge between gi1 and gi2 on the router for a redundant gateway.

Perhaps if you could explain a bit more about what you are trying to achieve ?

Jon

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Jon Marshall

‎12-21-2013 12:21 PM

I agree with Jon that the suggestion in the original post will not work. I have a different alternative to suggest to achieve what I believe is desired by the original poster. Depending on the model of router and version of code it may be possible to configure Ether Channel on the 2 physical interfaces of the router. Cisco has introduced support for Ether Channel on ISR routers. You put the physical interfaces into the Port Channel with no IP address on the physical interface and you configure the IP address on the port channel interface. See this link for more information and some examples

http://www.cisco.com/en/US/prod/collateral/routers/ps5855/prod_white_paper0900aecd806f698a.pdf

I believe that this could accomplish what the original poster is asking about.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Saman Shamim
Level 1
Level 1
In response to Richard Burts

‎12-22-2013 06:21 PM

Richard, I see one problem with Ether Channel that it will load balance the traffic to both switches. S1 and S2 are running HSRP between each other and that means the internal LAN cloud is using only one of them as its gateway. So the outbound traffic is always LAN to S1 to R1 until a failure happens. I'd like to keep the traffic symmetric, so incoming traffic should be like: R1 to S1 to LAN.    

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Saman Shamim

‎12-23-2013 01:53 AM

edited

0 Helpful

Go to solution
Saman Shamim
Level 1
Level 1

‎12-22-2013 06:07 PM

Edited

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎12-22-2013 06:28 PM

Perhaps I am misunderstanding your post. It seems to me that the Etherchannel feature does satisfy your requirements. And according to this link EtherChannel does work on 2900 routers.

https://supportforums.cisco.com/thread/2242273

HTH

Rick

HTH

Rick

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎12-23-2013 01:54 AM

If you are running IP services on the 3750X switches then then they support VRF-Lite so you could create the VRFs there.

Jon

0 Helpful

Go to solution
Saman Shamim
Level 1
Level 1

‎12-26-2013 12:54 PM

Richards,

My understanding is that the Ehterchannel ports on the router should connect to the same switch (unlike VPC). This is against my design where I want to have both link and device redudndacy. Is that right?

Jon,

I think I'm clear about that part. I mean If link and device redundancy wasn’t a requirement, then configuration would be fairly straightforward. I would have two VRF-lites on the 3750X switches and the router would have a config like the following figure.

Path-Isolation-2.JPG

 

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Saman Shamim

‎12-26-2013 03:18 PM

My understanding is that the Ehterchannel ports on the router should connect to the same switch (unlike VPC). This is against my design where I want to have both link and device redudndacy. Is that right?

I'm not sure you have much choice if you want to terminate the L3 vlan interfaces on the routers.

If you want two ethernet interfaces on a router in the same subnet you can bridge them together by using a bridge group but i don't know whether you could then place the BVI into a specific VRF. I suspect it would not be supported or there might be features missing if it is supported.

Other than that the only ways i can see to do this are -

1) set up your 3750s as a stack and run an etherchannel from each router to both members of the stack. The downside of this is as you say traffic from R1 would use both links but this is not so important if the switches are stacked.

In addition it sounds as though you are not stacking them at the moment ie. they are running HSRP between them so it sounds like they are standalone switches interconnected via a L2 trunk.

2)  If the switches are standalone then run an etherchannel from S1 to R1 and an etherchannel from S2 to R2. You still get link failure protection because you are running an etherchannel but it is not quite the same as your diagram eg. if R1 fails in your diagram then S1 can use R2 but using etherchannel if R1 failed S1 does not have a direct connection to S2.

However assuming a L2 trunk interconnect between the switches S1 still has a path to R2 via S2.

Jon

0 Helpful

Go to solution
Saman Shamim
Level 1
Level 1
In response to Jon Marshall

‎12-26-2013 04:24 PM

Thanks for your answer. I'm trying to see if I can secure a pair of stack switches and have a design like the following figure. Otherwise, I'll redesign my network according to L2 and Etherchannel redundancy limitations.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card