I am currently working on a Lab setup which would eventually become a CoE lab after some point of time.
I have attached a ppt which shows the current BOM in distribution/service layer. Based on the hardware i have worked out a model in which setup is being planned to be implemented/installed.
I have got 2 6509 with VSS compatible sup hence i m going for VSS between the switch pair.
In addition to that i have got 4 FWSMs there comes my doubt whether to have 4 of them in the chassis since it will become 4 FWSM blades in one logical chassis. I have gone through the IOS/software version compatibility to have these services modules with VSS so IOS/software version is not a worry here. Just to incorporate the best practices being followed and challenges if we go with 4 FWSM blades in vss mode.
Also with this i have 2 ACE modules since i am bit of alien to ACE modules i m finding bit difficult to find a breakthrough on whether to go with Active/Standby or Active/Active FO.
Since it's a lab setup it has around 12 zones (security zones) with server, storage, authentication occupying each zones and others fall under management (server/network etc.,)
Pls do revert back if you require more info about the setup.
Any help on this will be appreciated.
In VSS setup, only 6700 series modules with Centralized Forwarding card (CFC) and
6700 series modules with Distributed Forwarding Card (DFC) 3C or DFC3CXL are supported.
So your module WS-6148A-GE-TX is not supported on VSS.
I will recommend to go with Active/Standby as it is easier to troubleshoot and configure.
Thx for ur response.It really helps me to get started with my lab setup.
This is just the BOM and vague details which i recieved from the team. Yet to see the gears or started configuring the gears yet.
Though an HLD was prepared for this lab setup there are no proper references related to FO (in FWSM or ACE modules) mentioned in the doc and the team which wrote the doc is busy with other project abroad.
I opted to go in with multiple contexts to have 2 different contexts active in 2 FWSM modules and 2 other modules backing them up.
But not sure with the ACE module, whether to run the same in Active/Standby state.
Any suggestions or inputs on that section (ACE) will be helpful.
I would recommend to run Active/Standby on both the FWSM and the ACE.
So all the context (FWSM + ACE) are active on Switch 1 and standby on Switch 2. To make sure your standby FWSM and ACE are working you could have the Admin context active on Switch 2. It's a bit like Active/Active.
In this way, it is much easier to troubleshoot and configure contexts as you know the traffic flow and on which switch are the active contexts.