Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2995
Views
0
Helpful
13
Replies

router on stick with redundant links between switch and rotuer

Go to solution
Majid Jalinousi
Level 1
Level 1

‎11-28-2015 09:39 AM - edited ‎03-08-2019 02:52 AM

Hi,

If I want to say it in brief, is there any way to run router on stick secnario where there is 2 links between switch and router where these links can be in HA mode? if one of links failed, the other link would be practical.

by the way, my router hasn't any port can be configured as switchport.

you can find the the scenario in attachment.

Labels:
Preview file
68 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Majid Jalinousi

‎11-30-2015 05:04 AM

Hello,

In your case, if the router and switch are close and link between them is secure, the second link is not necessarry; however, redundancy assures you that even link failure will not intrupt your network operation but at the cost of network complexity.

I checked BVI. BVI in your case is dangerous. It may cause loop because you do not have much option for spanning tree configuration on router.

I have another solution. You can achieve your goal while your network will have better performance. It sounds a little daunting to implement if you are not familiar with VRF, but try to implement it in a test enviroment before migeration.

1- terminate all VLANS on 3750. create SVIs for all VLANS. 3750 gives you better performance since you are removing one extra link.( intervlan routing is done in 3750 instead of 3945.

2- create a VRF in 3945 and 3750 for that specific VLAN.(isolation)

3- create 4 sub interfaces on two links between 3750 and 3945 (two subinterface for each link)

4- on 3750, put that specific interface VLAN and also two subinterfaces(from two different link) on the VRF

5- on 3945, put corresponding sub interfaces into VRF

6- Implement routing protocol on two links to advertise default route and subnets on two links.

7- add default route on that VRF toward Tunnels to isolate that VLAN traffic

Do not start to migerate right away if the configuration sounds good to you. Test enviroment is suggested.

Masoud

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎11-28-2015 08:02 PM

Hi Majid,

If your router support Etherchannel, you can configure it with 2 links.  This way both the router and the switch will use both links and if one like fails the other link would pass traffic.

HTH

0 Helpful

Go to solution
Majid Jalinousi
Level 1
Level 1
In response to Reza Sharifi

‎11-28-2015 10:27 PM

Thanks Reza,

But my router doesn't support Etherchannel, you know there is no ports can be configured in switchport mode.

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni

‎11-28-2015 09:13 PM

Hello,

Az Reza mentioned, you need to configure etherchannel between your router and switch.

By the way, I have not heard anything about router 2945. Is it a typing mistake? Did you mean 3945 or 3845 instead?

There is one problem involved. Most of routers do not supports L2 etherchannel without switching module, so you need to configure L3 etherchannel and terminate your VLANs on 3750.

If you want to keep your trunk links, you need to configure routing protocols to load balance across two links or set one link as an active and other as a backup link

Hope it helps,

Masoud

0 Helpful

Go to solution
Majid Jalinousi
Level 1
Level 1
In response to Masoud Pourshabanian

‎11-28-2015 10:30 PM

Thanks Masoud,

Be right with you, it was kind of mistyping. i meant cisco 3945.

"you need to configure routing protocols to load balance across two links or set one link as an active and other as a backup link"

what do you mean, one link as an active and the other as a backup link?

but my senario needs to be just like Router on stick and our users gatway must be 3945 router.

what do you think about configuring BVI interface on the router?

it's maybe silly to ask, But is there anyway to configure GLBP on 2 links of a same router?!

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Majid Jalinousi

‎11-29-2015 07:55 AM

Hello,

Configuration of GlBP and other sorts of silimilar protocols is not possible on only one router becase you can not have two sub interfaces with two  IPs in the same range.

As for BVI, I need to take a look and get back to you.

Did you have any specific requirments to terminate vlans on 3945? You could easily do it on 3750 resulting in better performance.

Masoud

0 Helpful

Go to solution
Majid Jalinousi
Level 1
Level 1
In response to Masoud Pourshabanian

‎11-29-2015 07:58 AM

Thanks again Masoud,

I need to terminate a specified Vlan on the router and after that transfer the trafic of that vlan to GRE tunnel, kind of isolating that traffic.

I dont know if there is any other solution for that or no, but I think with configuring vlan on the swithing part of network and GRE on the routing part of network, my traffic is isolated from the others.

I would very appriciate to know if there is any other way for doing this.

BR,

Majid

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Majid Jalinousi

‎11-29-2015 09:00 AM

I understood your point. And the reason for the second link to 3945 is redundancy? correct?

Masoud

0 Helpful

Go to solution
Majid Jalinousi
Level 1
Level 1
In response to Masoud Pourshabanian

‎11-29-2015 10:18 PM

Masoud,

Yes, it's a redundancy link.

Isn't there any reasonable way for doing this?

BR,

Majid

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Majid Jalinousi

‎11-30-2015 05:04 AM

Hello,

In your case, if the router and switch are close and link between them is secure, the second link is not necessarry; however, redundancy assures you that even link failure will not intrupt your network operation but at the cost of network complexity.

I checked BVI. BVI in your case is dangerous. It may cause loop because you do not have much option for spanning tree configuration on router.

I have another solution. You can achieve your goal while your network will have better performance. It sounds a little daunting to implement if you are not familiar with VRF, but try to implement it in a test enviroment before migeration.

1- terminate all VLANS on 3750. create SVIs for all VLANS. 3750 gives you better performance since you are removing one extra link.( intervlan routing is done in 3750 instead of 3945.

2- create a VRF in 3945 and 3750 for that specific VLAN.(isolation)

3- create 4 sub interfaces on two links between 3750 and 3945 (two subinterface for each link)

4- on 3750, put that specific interface VLAN and also two subinterfaces(from two different link) on the VRF

5- on 3945, put corresponding sub interfaces into VRF

6- Implement routing protocol on two links to advertise default route and subnets on two links.

7- add default route on that VRF toward Tunnels to isolate that VLAN traffic

Do not start to migerate right away if the configuration sounds good to you. Test enviroment is suggested.

Masoud

0 Helpful

Go to solution
Majid Jalinousi
Level 1
Level 1
In response to Masoud Pourshabanian

‎11-30-2015 11:06 PM

Thanks Masoud for your great support.

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Majid Jalinousi

‎12-01-2015 04:52 AM

Happy to help,

Masoud

0 Helpful

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

‎11-29-2015 07:39 AM

Hello Majid,

I belive etherchannel can be created between 3945 and switch.

Have a look on this link for better understanding Etherchannel in 3945 and switch

Hope it Helps..

-GI

Rate if it Helps..

0 Helpful

Go to solution
Majid Jalinousi
Level 1
Level 1
In response to Ganesh Hariharan

‎11-29-2015 10:19 PM

Thanks for your response,

I know Etherchannel is supported in 3945, but without HWIC-Xesw modules it's practical only in layer 3, But my scenario needs them to be configured in layer 2, becuase at the other side of the tunnel there is a C3750 switch that has been cofigured in trunk mode(layer 2).

BR,

Majid

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card