12-03-2013 06:34 AM - edited 03-07-2019 04:54 PM
Hello
I have (2) warehouses physically next to each other.
Each warehouse has it's own WAN link
My Vlan design is the same across all my sites where each site has (Vlan 10 - 15) using a site specific subnet ip scheme.
I am now going to run a fiber link between my (2) warehouses and can create a trunk between the sites.
I am pretty sure of the answer but I think I am going to have to re-vlan one of the warehouses so I can add each sites vlans to the trunk.
That seems like a mid-major overhaul to one of the sites
Does anyone have any experience with this type of design and provide some guidance on steps to follow?
Solved! Go to Solution.
12-10-2013 01:25 PM
edited to move to bottom of the post.
12-10-2013 11:40 AM
JD
There is an alternative to using static routes or running a routing protocol.
If you add a vlan 112 L3 interface on the Atlanta switch it would work because then you have a directly connected route in the routing table. So the Atlanta switch can then route the packet onto vlan 112 and then it is L2 switched across the trunk link to Houston. You would need to create L3 vlan interfaces for all the Houston vlans on the Atlanta switch and vice versa.
You would then run HSRP between these interfaces but you would need to make sure the HSRP active interface for all Atlanta vlans was the Atlanta switch and the same for Houston. What could happen for example is if vlan 112 had it's HSRP active gateway in Atlanta and it wanted to send traffic to another vlan in Houston then the packet would have to go across the fibre link to it's HSRP active gateway in Atlanta, be routed, and then sent back across the link.
So you can find if the HSRP gateways are not setup properly you can overutilise the 200Mb link.
As to which is best, it's difficult to say. When you move a server you are going to get the scenario i described above anyway with either setup. The only way to avoid this is to use something like MHSRP where you have 2 HSRP active addresses but that would mean changing the default gateway on the server (but not the IP/subnet mask) when it moved between buildings.
Jon
12-10-2013 01:27 PM
JD
Firstly, as mentioned before you need to make sure that the HSRP active gateway is in the right building ie. Atlanta switch is HSRP active for each vlan in Atlanta and vice versa.
So using 10.11.1.0/24 as an example.
You already have a L3 vlan interface for vlan 10 on your Atlanta switch. The IP address assigned to the L3 vlan interface will be set as the default gateway for clients in vlan 10 so we will use that as the VIP. There will be some slight downtime in prod while you do this so it needs to be done out of hours. Lets say the IP on the L3 vlan interface is 10.11.1.1
2 spare IPs = 10.11.1.2 and 10.11.1.3
Atlanta switch
===========
int vlan 10
ip address 10.11.1.2 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 
standby 
standby 
Houston switch
============
you need create a L3 vlan interface for vlan 10 (because there won't be one)
int vlan 10
ip address 10.11.1.3 255.255.255.0
no shut
and then add this line for HSRP -
standby 
you do not need the priority as it is 100 by default and you don't need preempt either.  
For each of the Atlanta L3 vlan interfaces you need to do the same ie.
1) add HSRP config to Atlanta L3 vlan
2) create a L3 vlan interface on the Houston switch and then assign it an IP and configure HSRP.
When you do the Houston end you need to do it in reverse ie.
1) add HSRP config to existing Houston switch L3 vlan interfaces. So the HSRP config would have the priority set to 110 and preempt set.
2) create the L3 vlan interface on the Atlanta switch, assign an IP and configure HSRP without priority/preempt.
I would try doing vlan 10 and vlan 112 and then you should be able to ping between these 2 vlans.
Once you have configured both switches with HSRP for the same vlan you should do a "sh standby brief" and this will show you whether the 2 switches are seeing each others HSRP packets.
Like i say because you need to change the physical IP on the existing L3 vlan interface there will be slight downtime so do out of key hours.
If you need clarification on any of the above just ask.
Jon
12-10-2013 02:06 PM
Thanks, Jon. a couple of things... How do you know there already is a L3 in Atlanta? I'd like to check it out. Also, I may be getting confused here, but if I run this command, I'm affecting the default gateway that my clients on the 10.11.1.x use?:
int vlan 10
ip address 10.11.1.2 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 
standby 
standby 
10.11.1.1 is the gateway that my clients on the 10.11.1.x network use is their nic settings as their default gateway in this scenrario, right? I ask, because in our actual network, we use 10.11.1.2 as our DG, so I want to make that I adjust the config changes accordingly.
And if this works on vlan 10, then I need to redo this with all vlans? (each with their respective IPs).
Also, if is doesn't work on vlan 10 (for whatever reason) how do I back out my changes and restore the config to how it was before (without reloading the switch).
12-10-2013 02:22 PM
JD
Thanks, Jon. a couple of things... How do you know there already is a L3 in Atlanta?
If you look at your routing table for Atlanta you can see vlan 10 has a directly connected interface so that means there is a L3 interface for that vlan. Do a "sh ip int brief | include Vlan" and you will see.
Also, I may be getting confused here, but if I run this command, I'm affecting the default gateway that my clients on the 10.11.1.x use?:
You are but only for a brief moment while HSRP is configured. You need to use the actual address in use now as the VIP in the HSRP config. The VIP is the IP in the "standby 
And if this works on vlan 10, then I need to redo this with all vlans? (each with their respective IPs).
Yes you do on both switches. And it is worth reiterating that you must make the correct switch HSRP active for it's own vlans. See previous post for explanation and again please come back if you need to.
Also, if is doesn't work on vlan 10 (for whatever reason) how do I back out my changes and restore the config to how it was before (without reloading the switch).
For vlan 10 on the Atlanta switch you can simply remove all the HSRP config and reassign the VIP IP to the physical interface and on the Houston switch shutdown the L3 vlan 10 interface because it wasn't in use before. For vlan 112 you would do the opposite ie. remove the HSRP config from the vlan 112 switch and reassign the VIP to the physical interface and on the Atlanta switch shutdown the L3 vlan 112 interface because it wasn't in use before.
There should be no need to reload either of the switches.
Jon
12-11-2013 08:07 AM
Jon, thanks for your help.
I havn't made the change yet. I wanted to ask if you could look over the changes I plan on making and see if my interpretation is correct.
The vlan's that are primary in atlanta are 10, 192 and 172. Gateways end in .2 (10.11.1.2, 192.168.40.2, 172.16.1.2). The vlans for Houston are 112, 41, 772 (10.11.2.2, 192.168.41.2, 172.16.2.2).
I found two extra open IP's in each range. Please see below the commands I plan to run, and let me know if they look right to you. Also, I'm assuming that it is best to do one HSRP at time. ie, if I do the hsrp in ATL, I should immediatly do it in HOU for said vlan... or does it not matter?
Atlanta switch
===========
int vlan 10 <-- trusted
ip address 10.11.1.4 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 1 ip 10.11.1.2 <-- this is the original IP which is now the VIP and is the default gateway of the clients
standby 1 priority 110 <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 10
standby 1 preempt
int vlan 192 <-- Web
ip address 192.168.40.4 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 2 ip 192.168.40.2 <-- this is the original IP which is now the VIP and is the default gateway of the clients
standby 2 priority 110 <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 192
standby 2 preempt
int vlan 172 <-- Transit
ip address 172.16.1.4 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 3 ip 172.16.1.2 <-- this is the original IP which is now the VIP and is the default gateway of the clients
standby 3 priority 110 <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 172
standby 3 preempt
int vlan 112 <--DR Trusted
ip address 10.11.2.7 255.255.255.0
no shut
standby 4 ip 10.11.2.2 --> then add this line for HSRP -
int vlan 41 <--DR web
ip address 192.168.41.4 255.255.255.0
no shut
standby 5 ip 192.168.41.2 --> then add this line for HSRP -
int vlan 772 <-- DR Transit
ip address 172.16.2.4 255.255.255.0
no shut
standby 6 ip 172.16.2.2 --> then add this line for HSRP -
Houston switch
============
you need create a L3 vlan interface for vlan 10 (because there won't be one)
int vlan 10
ip address 10.11.1.6 255.255.255.0
no shut
standby 1 ip 10.11.1.2 --> then add this line for HSRP -
int vlan 192
ip address 192.168.40.5 255.255.255.0
no shut
standby 2 ip 192.168.40.2 --> then add this line for HSRP -
int vlan 172
ip address 172.16.1.6 255.255.255.0
no shut
standby 3 ip 172.16.1.2 --> then add this line for HSRP -
int vlan 112 <-- DR trusted
ip address 10.11.2.6 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 4 ip 10.11.2.2 <-- this is the original IP which is now the VIP and is the default gateway of the clients
standby 4 priority 110 <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 112
standby 4 preempt
int vlan 41 <-- DR Web
ip address 192.168.41.3 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 5 ip 192.168.41.2 <-- this is the original IP which is now the VIP and is the default gateway of the clients
standby 5 priority 110 <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 41
standby 5 preempt
int vlan 772 <-- DR Transit
ip address 172.16.2.3 255.255.255.0 <-- note the IP address assigned to the interface has changed
standby 6 ip 172.16.2.2 <-- this is the original IP which is now the VIP and is the default gateway of the clients
standby 6 priority 110 <-- the default priority is 100. Using 110 makes this the active HSRP switch for vlan 772
standby 6 preempt
Again, many thanks.
i forgot to mention that this how my vlans look now:
ATL:
garfield#sh ip int brief
Interface IP-Address OK? Method Status Pro
Vlan1 unassigned YES NVRAM up up
Vlan10 10.11.1.2 YES NVRAM up up
Vlan72 unassigned YES NVRAM up up
Vlan172 172.16.1.2 YES NVRAM up up
Vlan192 192.168.40.2 YES NVRAM up up
Vlan222 unassigned YES manual up up
Vlan310 10.3.3.3 YES manual up up
HOU:
calvin#sh ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up up
Vlan5 192.168.130.2 YES NVRAM up up
Vlan10 unassigned YES NVRAM up up
Vlan41 192.168.41.2 YES NVRAM up up
Vlan70 unassigned YES NVRAM up up
Vlan112 10.11.2.2 YES NVRAM up up
Vlan172 unassigned YES NVRAM up up
Vlan192 unassigned YES NVRAM up up
Vlan222 unassigned YES NVRAM up up
Vlan722 172.16.2.2 YES NVRAM up up
Message was edited by: Jorge Diaz
12-11-2013 10:56 AM
JD
That all looks good.
In terms of the order to do them. You need to do them so that you ensure the right switch becomes active first ie. Altanta becomes active for it's own vlans and the same for Houston. What i would do is -
1) On the Altanta switch change the config for vlans 10, 172 & 192. This will involve a quick blip so connectivity will be lost temporarily. But it is short.
2) On the Houston switch change the config for vlans 41, 112, 772. Again there will be a loss of connectivity but it is very short.
Once you have done this then you can do the rest at your leisure with no downtime because the active gateway is already up and running due to 1) and 2) above.
What you should not do is create the new L3 vlan interfaces first ie. for Atlanta you should not create L3 vlan interfaces for the Houston vlans before doing 1). If you do this there could be problems eg. -
you create a L3 vlan on Atlanta for vlan 41 with an HSRP VIP of 192.168.41.2 but you are already using this address on the existing Houston L3 vlan interface (because you haven't changed it yet). So both switches will think they are responsible for 192.168.41.2.
Does the above make sense ?
I suggest though, that you pick one vlan and do the config at both ends, again making sure you config the active switch first. This is to make sure it is all working and if it isn't it will be a lot easier to back out of. If you do this you can then run
"sh standby brief" on both switches. If you picked vlan 10, for example, you should see from the output of the command that Atlanta is the active switch for this HSRP group and Houston is standby. On the Houston switch it should show Atlanta as active.
Jon
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide