Network Design with Collapse Distro & Core

Mr Cole · ‎09-24-2024

I have been task to turn a immature network into something that looks more standardized. I wanted to create a Network Design with Collapse Distro & Core with a single WAN connection and two core/distro switches.

Question 1.) For FHRP, what connection should take place between the two core/distro switches. Trunk or routed?

Question 2.) For load balancing between the network. Should I put even Vlans STP Root on one core/distro switch and odd STP Root on the other core/distro switch? Also, how can I achieve load balancing to a single Wan connection that has a single port? I am assuming all traffic will be going through a single core/distro switch.

Any help on this would be great. I'm taking the steps from a network admin to more of a senior role in my career, so I'm here to soak up as much knowledge as I can.

MHM Cisco World · ‎09-24-2024

https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCI_SRND_2_5a_book/DCInfra_2a.html

check this link

MHM

MHM Cisco World · ‎09-24-2024

In link there is reference example check it

MHM

Joseph W. Doherty · ‎09-24-2024

Q1 FHRP requires L2 between gateways and for redundancy you usually have a L2 loop broken by STP, that often includes a L2 link between gateway devices. If you have multiple edge switches, you can loop through them, without needing the gateways' L2 interconnect, but that's not common practice.

Q2 you could split load that way but if using Cisco devices, are you familiar with GLBP?

Your question about LB to a WAN single port, to me, is unclear. Could you further describe the topology.

BTW, might your collapsed core support a pair of devices operating as a single logical device?

Mr Cole · ‎09-24-2024

Q2 how would you LB the layer 2?

the WAN connection is a single port

Joseph W. Doherty · ‎09-24-2024

But what's the topology?

Joseph W. Doherty · ‎09-25-2024

BTW, reason I'm asking about topology, there are several ways the single WAN port could logically be connected to your core. Classically, the L3 switch would use a routed port and a p2p subnet.

However, router could also be connected to an access or trunk port. The VLAN(s) it has a connection to could be exclusive to switch<>router or could be host subnet(s).

Outbound, if you LB at LAN gateways, you've LBed to the WAN, although half that traffic will move between cores.

WAN ingress LB is very dependent on logical topology and/or STP.

As others have noted stackable switches avoid many L2/L3 topology issues but the commonly used Etherchannel (with stacking) has its own LB issues.

Also BTW, with wire-speed L3 switches, we don't worry about overloading forwarding capacity, but link overloading is still a consideration but often easier addressed with higher bandwidth or multiple links then doing LB via L2/L3 topology (like alternating HSRP gateways by VLAN). I.e. even without stackable switches, you're going down a design path that's a PIA for little to no benefit on modern switches.

Mr Cole · ‎09-25-2024

I trying coming up with a proper topology.

Joseph W. Doherty · ‎09-25-2024

@Mr Cole wrote:

I trying coming up with a proper topology.

Ah, that wasn't clear in you original posting.

How much flexibility do you have? For example, have you equipment you already have that you must use, or can you obtain new devices? If the latter, do you have a budget?

If you have existing equipment, what do you actually have?

What's the cable plant like?

How large a network are we discussing? I.e. number of hosts, number of servers, kinds of servers, kinds of network applications?

This is just for one site? Internet connectivity too?

You describe your existing network as "immature", how so? You also noted you wanted to make the revised network more "standardized", going by what "standards"?

The more information you provide, often makes for better suggestions, recommendations, and guidance.

girish_gavandi · ‎09-24-2024

Mr. Cole,

Why would you want to have FHRP design? When you can have Stackwise Virtual (SVL) available on Catalyst 9K platforms. Or if your distribution switches are any of the older 6500/6800 switches you can use VSS. Eliminates STP issues, enables MEC at the access switch side and uplink bandwidth can be equal to the connected link.

Also, please mention what devices are you using in your new network? What are the driving factors for this FHRP design?

Regards,

Girish

Giuseppe Larosa · ‎09-24-2024

Hello @Mr Cole ,

1) for FHRP you should have an L2 802.1Q trunk between the switches carrying all user facing VLANs

2) >> Also, how can I achieve load balancing to a single Wan connection that has a single port? I am assuming all traffic will be going through a single core/distro switch.

if the IP subnet is not a /30 or it can be changed to something that accomodates multiple hosts you could use a small DMZ switch to connect the two core switches and the WAN CPE to it.

But the best option would be to get a second WAN circuit and a second CPE router to achieve fault tolerance at link and node level.

As noted by @girish_gavandi most of modern Catalyst 9x00 support stack or SVL that can be helpful avoiding to use FHRP and to simplify STP topology and SVL or VSS allow also to use all the uplinks between access layer switches and the the two core switches.

In some platforms SVL requires appropriate license level Network Advantage and DNA Advantage.

Hope to help

Giuseppe