sg300 interconnect with 2 3650 switches

MrKen4040 · ‎03-20-2016

Hi Cisco Community,

I'm not sure which community to post in, but if it's not the correct one, then I will re-post in the correct one.

I'll try to best explain what my challenge is.

We have the following VLANs for the SG300 switches (layer 3 mode) , and also is the DHCP for the VLANs

VLAN20- workstations

VLAN21- wifi

VLAN22 -servers

VLAN23- reserved

VLAN24- voip

VLAN25- VPN (client)

VLAN26- reserved

VLAN27- mgmt

This SG300 will be connecting to 2 x 3650 switches that are setup with HSRP. Currently, the only configuration on these switches are the port channels and one VLAN 10 , which is 10.191.27.2 (SW1) , 10.191.27.3 (SW2)

What would be the best way to get the SG300 to talk and pass VLAN20, 21,and 22 to both of the 3650 switches?
Would I need 2 available ports from the SG300 to connect to each 3650?

Since there are 2 reserved VLANs , 23, 26, can VLAN 23 be created on the 3650 switches and have them connect that way and then the 3650 will pass the traffic onto the 2 1941 routers?

Network layout: SG300-1(switch)-2901-1(router)-ISP

SG300-1(switch)-3650-1(switch,port23)-3650-2(switch,port23)

3650-1(switch,port1)-1941(router,port1)--ISP (line1, MPLS)
3650-2(switch,port2)-1941(router,port2) --ISP (line1, MPLS)

Thank you and appreciate any feedback.

Mark Malone · ‎03-21-2016

Hi

You cant have both links active at the same time it would cause a loop , you could only have both active if the switches were VSS or they were using vpc fabric path technology

basically STP will block one of the trunks going to one of the 3560 switches to prevent a loop in traffic

you can have the ports as identical connecting to each 3560 but one will go down automatically and if the other fails STP will re-open that port , default route on each 3560 point int to 1941

As well instead of using HSRP look at GLBP as you can have 2 active routers instead of 1 redundant and then I would also load balance across both MPLS circuits , if its BGP uise LP and MED to manipulate the links or if statics just use cef LB

MrKen4040 · ‎03-21-2016

Hi Mark,

Thank you for responding to my question so quickly. There is a few terminologies from your post that I will need to research on, VSS, VPC, STP, GLBP, LP, MED, CEF LB to further understand.

But how would you tackle the VLANs situation? I would like to create VLAN 10 on the SG300 to match the 3650, but since 10.191.27.xxx is already taken by VLAN 27, I can't add the same subnet to VLAN 10, (10.191.27.xxx) right? Do I have to basically rename VLAN 27 to VLAN 10 to match up? Also, to pass other VLANs across from SG300 to the 3650, do I setup a port on the SG300 in trunk mode and just tag other VLANs?
By the way, on VLAN 20 (wkstations), VLAN 24 (IP Phones) tagged. Ports 1-18 on the SG300 is set as general mode to take advantage of the auto voice feature.

Thanks again.

Mark Malone · ‎03-22-2016

Hi

I would make the sg300 layer 2 and just connect 1 link to each 3560 switch , and make each link a trunk and allow all vlans on each trunk connected to the 3560 switches , just add a default gateway to the sg300, then automatically one link will shut down due to spanning tree to prevent a loop in traffic , this is the easiest way to set it up

you can then have vlan 10 at layer 2 with no ip address just trunked up to the 2 3560s with them having the layer 3 vlan 10 interfaces for failover

hope that makes sense just come back with whatever your unsure off