Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3572
Views
10
Helpful
21
Replies

Stackwise Virtual switch from 10 Gbps to 100 Gbps links

patoberli
VIP Alumni
VIP Alumni

‎07-22-2021 02:23 AM

Hi all

I have a StackWise Virtual setup with two Cat 9500-24Y4C running 16.12.x, where the virtual link currently is built from 4x 10 Gbps links. I would like to switch this now to 100 Gbps links, ideally without any interruption. 

The guide says I can't mix different link speeds 

All the ports used for configuring a StackWise Virtual Link (SVL) must share the same speed. For example, you cannot configure a 10G or a 40G port to form an SVL, simultaneously.

I haven't yet tested the commands, as this is a production network and I don't have a lab to test this. 

Currently I think I would need to power off the second switch, remove the old "stackwise-virtual link 1" from the interfaces and then add it to the new ones and power up the second again? Would that work or will that kill the network because switch2 doesn't know it should use the 100 Gbps interfaces instead of the 10 Gbps ones and thus not form the stack?

Could I maybe create a second domain between the two and add the 100 Gbps links to that one? 

 

What would be the smoothest way to switch this?

 

Besides this, I currently don't have a Dual-active detection link between the two switches. If I add this, do I need to reload the whole stack, or would it be enough to first reload one switch, wait until it's running again and then reload the other one, so that I don't get an outage?

 

Thanks

Patrick

Labels:
0 Helpful
21 Replies 21

balaji.bandi
Hall of Fame
Hall of Fame

‎07-22-2021 05:24 AM

Personally you do not need 100GB Links between switches, (only business like to waste money and 100GB ports on this).

 

if you really want to change this links, that is only way you see that mentioned turn off secondary device and reconfigure new ports and turn back to slave device back to form a Stackwise virtual. (make sure you do this in maintenance window)

 

Adding DAD link not rquired to reboot or any downtime required. you can add any time.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to balaji.bandi

‎07-22-2021 06:47 AM

Thanks, this is very interesting.
In my case I probably need it, because our internal firewalls (active/standby setup) are attached. Each firewall is attached to one of each switch (separated by rooms, for room redundancy), so most traffic must anyway go through switch-1. Might not be the perfect setup I guess, need to reconsider attaching them to distribution switches that are attached to the C9500.
The new firewall makes up to 40 Gbps, although attached by 4x 10 Gbps, but still might consider switching to 100 Gbps. The C9500 attached new switches are with 100 Gbps and the new servers are attached by up to 25 Gbps. So I fear the virtual link might become a bottle neck in very specific scenarios.
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to patoberli

‎07-22-2021 09:23 AM

Sure this is your busines case and justfiication we understand the requirement, if the business can able to make decision, go for it.

 

Let us know how it goes.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Manoj Reddy
Level 1
Level 1
In response to balaji.bandi

‎07-22-2021 11:19 AM

Hi,

 

Please help me answering the below questions:

 

Have gone through your requirement, but i can see this is in Dis switch layer you have the switches that are connected in different rooms for redundant power and for other reasons, but don't it connected Core switch?

 

If core switch is available, why the firewalls are connected to Dis layer switch?

 

Also, it's better to enable the DAD and you use the below commands:

interface TwentyFiveGigE XXX
stackwise-virtual dual-active-detection

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to patoberli

‎07-22-2021 11:46 AM - edited ‎07-22-2021 11:48 AM

Hi,

So I fear the virtual link might become a bottle neck in very specific scenarios.

The only time you utilize the virtual stack links between the switches a lot is when an access switch is only uplinked to one of the core switches. If all access switches are connected to both switches, which they should be because that is the correct design, you hardly ever use the inter-links between the switches. So, 4x10 gig is plenty of bandwidth for the inter-link.

HTH 

patoberli
VIP Alumni
VIP Alumni
In response to Reza Sharifi

‎07-23-2021 12:20 AM

Thanks. 

In my case the Active/Standby firewalls are currently directly connected to the stack, Active to the Switch1 and Standby to the Switch2. Those are the only devices that aren't attached to both Switches. As I'm now anyway also installing a new firewall, I'm reconsidering this (in the past the idea was to have room outage redundancy, nothing more, also the old firewall only had copper interfaces, so it wasn't possible to connect it to the other room). I just now remembered why I had the old firewall not connected to the other room, the new one only has fiber interfaces though. 

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to balaji.bandi

‎07-26-2021 01:13 AM

Just made the DAD link, it seems to require a reboot:

9500R-SWV#show stackwise-virtual dual-active-detection 
In dual-active recovery mode: No
Recovery Reload: Enabled

Dual-Active-Detection Configuration:
-------------------------------------
Switch  Dad port                        Status
------  ------------                    ---------

Distributed Stack DAD Configuration After Reboot:
------------------------------------------------
Switch  Dad port                        Status
------  --------                        ------
1       TwentyFiveGigE1/0/3             down   
2       TwentyFiveGigE2/0/3             down
0 Helpful

Manoj Reddy
Level 1
Level 1
In response to patoberli

‎07-27-2021 08:30 AM

Hi @patoberli Yes pls reboot the switch to update the changes

Please let us know the update

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to Manoj Reddy

‎07-27-2021 08:53 AM

I'm right now upgrading the software from 16.12.4 to 17.3.4. I'm using the not supported ISSU command, but it looks like it's working. It did rollback on the first try, because I had two "unkown" command in my configuration:

et-analytics 
vtp interface vlan1234

I've removed them and doing another try just now this moment. So far it looks good.

 

The Dual-Active link is since the first try online though

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to patoberli

‎07-27-2021 09:18 AM

And the interruption less (ISSU) upgrade went fine the second try

0 Helpful

Manoj Reddy
Level 1
Level 1
In response to patoberli

‎07-27-2021 12:39 PM

Ok, everything is fine now and looking for any help, pls let me know @patoberli 

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to balaji.bandi

‎07-28-2021 04:25 AM

Regarding the shut down, reconfigure and power on, will the Secondary copy the new configuration from the Primary while booting up? Or will that cause some configuration conflict? 

0 Helpful

Manoj Reddy
Level 1
Level 1
In response to patoberli

‎07-28-2021 12:14 PM

Hi @patoberli 

Good question!!

For DAD link you need to reboot both the switches 

Please do that and let me know the update

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to Manoj Reddy

‎07-29-2021 12:23 AM

Hi @Manoj Reddy
I've rebooted the switches (while doing the (not supported) ISSU upgrade from 16.12.4 to 17.3.4) and the DAD link is active and working now.
The question is now, what is the best way to swap the stackwise links without causing a configuration mismatch.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card