Hi Seb,

Thanks for the reply. I am already clear with the configuration part..but my actual query is..there will be a physical connection between SW1 and SW2 and one connection from SW1 to the Router, these connections are called the physical up links connected via Ethernet Cables.

Now if I need a fail over between these Switches using Ether channel should I connect two up links between SW1 and SW2 and configure those ports with Ether channel?? 

And a third connection between SW2 and the Router shouldn't be required I guess logically, as I am connecting SW2 to SW1 which in turn connects to the Router

If you have spare switchports available you should always connect (critical) infrastructure with at least two links bundled into a port-channel this provides resiliency in case of link failure.

Regarding the failover between SW1 and SW2, since the devices are connected inline, failover is the wrong term to use as you have no redundant path for the LAN users to reach the router. 

A true failover between SW1 and SW2, would as you suggest, require a link between the Router and SW2.

The problem you have now depends on whether your router is a genuine router (ie no L2 function) or a multi-layer switch. If it is a router you will not be able to create a redundant link without introducing a third switch between the router an SW1 and SW2.  

If it is a multilayer switch (or a low-end router) you should be able to create SVIs, and instead of using a routed port-channel you would create a pair of layer2 port-channels going to each switch. STP would ensure that one of the switches (ideally through configuration SW2) would put the port-channel in a blocking state. During a SW1 failover, SW2 would transition the port-channel into a forwarding state and the LAN operation could continue.

cheers,

Seb.

In case if it is a Router as per your suggestion, I hope the scenario would be more like the figure denoted below

SW1 and SW2 both connected to SW3 through Ether channel .

SW1 and SW2 connected to each other through Ether channel.

SW3 connected to the Router.

If SW1 fails due to some power issue and goes down, users connected to SW2 will still be able to reach the Router whereas SW1 users won't be able to reach the Router. 

Is this what I had denoted is right as per your suggestion??

Cause in an Interview when I was asked about the Redundancy method for Router I replied back as HSRP. Then they asked me what was the method for Failover between two L2 devices for which I couldn't answer. Later when I was searching on the Internet, I came across the concept of Ether Channel as the method for Failover between L2 devices. Is my conclusion right?? or else is there any other method for L2 fail over???

Hello again,

Yes, your diagram illustrates a topology providing Layer2 redundant paths. As you point out devices connected to SW1 would loose connectivity in the event of a SW1 outage, but SW2 would continue one STP had re-converged.

The Layer 2 redundancy your interviewer was eluding to was most likely Layer 2 resiliency. This would be achieved using VPC (Nexus) or VSS with MEC (Catalyst), and only of use to devices with two or more upstream interfaces, typically severs.

https://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/configuration_guide_c07-543563.html

https://www.cisco.com/c/dam/en/us/products/collateral/interfaces-modules/network-modules/white_paper_c11_429338.pdf

Essentially a downstream device is connected to two physically separate chassis which operate as one logical unit. All uplinks are forwarding and it the event of one upstream chassis failing the Layer2 operation can continue.

If you interviewer was really after a Layer 2 Redundant solution (ie a backup path), then a server connected to two physically and logically separate switches, would require the server itself to be configure in Active-Passive. As soon as one directly attached switch fails it would start forwarding frames out of the now Active interface.

Cheers,

Seb.

Those links were very informative.

So as per those concepts, does it mean that L2 redundancy could be achieved with only Nexus Switches? Say for instance if I have two Catalyst Switches, couldn't I achieve anything using those types of Switches?

And to my understanding so far L2 redundancy is something that is suitable for Servers and not for other Workstations connected to my Switch. Correct me if I am wrong..

Hello again,

VSS is available on Catalyst core switches (eg, 4500, 6500, 6800).

If you are talking about access-layer catalyst switches (2960, 3750, 3850) then you can provide a degree of Layer 2 resiliency and redundancy by using them in a stacked configuration and attached the end device to two (or more) of the stacked switches via a port-channel. Of course, if the stack goes down, then all links will be lost; in the this scenario vPC and VSS is superior.

You are correct in thinking this technology benefits servers the most. TBH not many workstations have two wired interfaces.

It is worth noting at this stage that as far as connecting servers with optimum resiliency, Nexus vPC is preferred. I say this from a scalability and cost point of view as the Nexus family have switches which can provide vPC at the access layer via FEX modules. As opposed to VSS where you need to connect directly to a big old chassis; in this instant per port cost will always be more.

cheers,

Seb.

So can I mention the concept of VPC in Nexus if asked in any Interview regarding fail over between L2 devices ?

Thank you so much for your guidance...Would like to keep in touch with you..Are you in any Social platforms like Linkedin, FB ???

Sure, you should be able to find me on linkedin.