Solved: One LAN switches design question

Wai wai · ‎09-02-2011

Let say in a setup there are two standalone Cisco 6509 core switch (core 1 & core 2), connected each other with an etherchannel link between them. Vlans interface (vlan 10,20,30,40) has been created in both core switches with HSRP's configured in the vlan interface to provide gateway redundancy, currently all vlan's active gateway are in core 1 while core 2 acts as a standby state.

There are also 6 access switches in the network, each access switch with one uplink connected to core 1 and core 2 respectively to provide redundacy. All access switches have all the vlan 10,20,30 and 40 workstations associated and configured with them.

So obviously the Cisco 6509 is the idea place to become the STP root bridge in the setup, i am thinking that

1) manually configured core 1 as the root brigdes for all vlan's

core1(config)# spanning-tree vlan 10-40 root primary

core2(config)# spanning-tree vlan 10-40 root secondary

or

2) manually configured and separate the root brigdes in core 1 & core 2

core1(config)# spanning-tree vlan 10-20 root primary

core1(config)# spanning-tree vlan 30-40 root secondary

core2(config)# spanning-tree vlan 30-40 root primary

core2(config)# spanning-tree vlan 10-20 root secondary

So which one is the better choice and best practices in this case to achieve the best performance, or there is no significant different between them

Btw, the Cisco 6509 core swithes and the access switches are all running on spanning tree pvst mode. Thanks in advance

Best regards

Wai

IAN WHITMORE · ‎09-02-2011

To be honest we had the exact same setup with 60 user access switches (each one 48 port and 98% capacity) and 63 VLANs and the 6509 switch CPU was at 1-2% with a SUP720. At peak times I sometimes saw it go to 5% !!

We started load balancing L2 and L3 but due to network issue with linux servers and bonding (dman the server guys) we reverted to option 1. Never had a problem since.

So you should be OK.

HTH,

Ian

View solution in original post

Thorsten997 · ‎09-02-2011

In my opinion the best solution is to configure VSS (Virtual Switch System) on these cat6500 switches. Then they will seem as one switch with both data plane active. Also your topology will became hub-and-spoke and you can configure Multichassis Etherchannel (MEC) on links connecting to access switches.

IAN WHITMORE · ‎09-02-2011

If VSS isn't an option, I would say that in this LAN setup with so few switches and hosts there really is no significant gain in balancing the L2 traffic. Could also make troubleshooting any potential problems harder.

I would stick with option 1 in your case.

Don't forget root guard on your switches. And make your HSRP active switch the same as the root of the spanning-tree so your L2 and L3 go the same way. Otherwise L2 traffic will go to one core switch which will then switch it to the other core switch for L3 routing and then possibly pass it back again. Been there, done that!

Regards,

Ian

Wai wai · ‎09-02-2011

Dear Ian,

How about if there are more access switches connected and around 20 Vlans in this environment, would it make a different?

And thanks for remind on the L2 L3 traffic, since all active vlan interfaces are on core 1 in this situation, might as well stick with option 1

IAN WHITMORE · ‎09-02-2011

To be honest we had the exact same setup with 60 user access switches (each one 48 port and 98% capacity) and 63 VLANs and the 6509 switch CPU was at 1-2% with a SUP720. At peak times I sometimes saw it go to 5% !!

We started load balancing L2 and L3 but due to network issue with linux servers and bonding (dman the server guys) we reverted to option 1. Never had a problem since.

So you should be OK.

HTH,

Ian

Wai wai · ‎09-02-2011

Thanks Ian, glad to hear that