11-28-2015 09:39 AM - edited 03-08-2019 02:52 AM
Hi,
If I want to say it in brief, is there any way to run router on stick secnario where there is 2 links between switch and router where these links can be in HA mode? if one of links failed, the other link would be practical.
by the way, my router hasn't any port can be configured as switchport.
you can find the the scenario in attachment.
Solved! Go to Solution.
11-30-2015 05:04 AM
Hello,
In your case, if the router and switch are close and link between them is secure, the second link is not necessarry; however, redundancy assures you that even link failure will not intrupt your network operation but at the cost of network complexity.
I checked BVI. BVI in your case is dangerous. It may cause loop because you do not have much option for spanning tree configuration on router.
I have another solution. You can achieve your goal while your network will have better performance. It sounds a little daunting to implement if you are not familiar with VRF, but try to implement it in a test enviroment before migeration.
1- terminate all VLANS on 3750. create SVIs for all VLANS. 3750 gives you better performance since you are removing one extra link.( intervlan routing is done in 3750 instead of 3945.
2- create a VRF in 3945 and 3750 for that specific VLAN.(isolation)
3- create 4 sub interfaces on two links between 3750 and 3945 (two subinterface for each link)
4- on 3750, put that specific interface VLAN and also two subinterfaces(from two different link) on the VRF
5- on 3945, put corresponding sub interfaces into VRF
6- Implement routing protocol on two links to advertise default route and subnets on two links.
7- add default route on that VRF toward Tunnels to isolate that VLAN traffic
Do not start to migerate right away if the configuration sounds good to you. Test enviroment is suggested.
Masoud
11-28-2015 08:02 PM
Hi Majid,
If your router support Etherchannel, you can configure it with 2 links. This way both the router and the switch will use both links and if one like fails the other link would pass traffic.
HTH
11-28-2015 10:27 PM
Thanks Reza,
But my router doesn't support Etherchannel, you know there is no ports can be configured in switchport mode.
11-28-2015 09:13 PM
Hello,
Az Reza mentioned, you need to configure etherchannel between your router and switch.
By the way, I have not heard anything about router 2945. Is it a typing mistake? Did you mean 3945 or 3845 instead?
There is one problem involved. Most of routers do not supports L2 etherchannel without switching module, so you need to configure L3 etherchannel and terminate your VLANs on 3750.
If you want to keep your trunk links, you need to configure routing protocols to load balance across two links or set one link as an active and other as a backup link
Hope it helps,
Masoud
11-28-2015 10:30 PM
Thanks Masoud,
Be right with you, it was kind of mistyping. i meant cisco 3945.
"you need to configure routing protocols to load balance across two links or set one link as an active and other as a backup link"
what do you mean, one link as an active and the other as a backup link?
but my senario needs to be just like Router on stick and our users gatway must be 3945 router.
what do you think about configuring BVI interface on the router?
it's maybe silly to ask, But is there anyway to configure GLBP on 2 links of a same router?!
11-29-2015 07:55 AM
Hello,
Configuration of GlBP and other sorts of silimilar protocols is not possible on only one router becase you can not have two sub interfaces with two IPs in the same range.
As for BVI, I need to take a look and get back to you.
Did you have any specific requirments to terminate vlans on 3945? You could easily do it on 3750 resulting in better performance.
Masoud
11-29-2015 07:58 AM
Thanks again Masoud,
I need to terminate a specified Vlan on the router and after that transfer the trafic of that vlan to GRE tunnel, kind of isolating that traffic.
I dont know if there is any other solution for that or no, but I think with configuring vlan on the swithing part of network and GRE on the routing part of network, my traffic is isolated from the others.
I would very appriciate to know if there is any other way for doing this.
BR,
Majid
11-29-2015 09:00 AM
I understood your point. And the reason for the second link to 3945 is redundancy? correct?
Masoud
11-29-2015 10:18 PM
Masoud,
Yes, it's a redundancy link.
Isn't there any reasonable way for doing this?
BR,
Majid
11-30-2015 05:04 AM
Hello,
In your case, if the router and switch are close and link between them is secure, the second link is not necessarry; however, redundancy assures you that even link failure will not intrupt your network operation but at the cost of network complexity.
I checked BVI. BVI in your case is dangerous. It may cause loop because you do not have much option for spanning tree configuration on router.
I have another solution. You can achieve your goal while your network will have better performance. It sounds a little daunting to implement if you are not familiar with VRF, but try to implement it in a test enviroment before migeration.
1- terminate all VLANS on 3750. create SVIs for all VLANS. 3750 gives you better performance since you are removing one extra link.( intervlan routing is done in 3750 instead of 3945.
2- create a VRF in 3945 and 3750 for that specific VLAN.(isolation)
3- create 4 sub interfaces on two links between 3750 and 3945 (two subinterface for each link)
4- on 3750, put that specific interface VLAN and also two subinterfaces(from two different link) on the VRF
5- on 3945, put corresponding sub interfaces into VRF
6- Implement routing protocol on two links to advertise default route and subnets on two links.
7- add default route on that VRF toward Tunnels to isolate that VLAN traffic
Do not start to migerate right away if the configuration sounds good to you. Test enviroment is suggested.
Masoud
11-30-2015 11:06 PM
Thanks Masoud for your great support.
12-01-2015 04:52 AM
Happy to help,
Masoud
11-29-2015 07:39 AM
Hello Majid,
I belive etherchannel can be created between 3945 and switch.
Have a look on this link for better understanding Etherchannel in 3945 and switch
Hope it Helps..
-GI
Rate if it Helps..
11-29-2015 10:19 PM
Thanks for your response,
I know Etherchannel is supported in 3945, but without HWIC-Xesw modules it's practical only in layer 3, But my scenario needs them to be configured in layer 2, becuase at the other side of the tunnel there is a C3750 switch that has been cofigured in trunk mode(layer 2).
BR,
Majid
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide