L2 or L3 link between two 6509 switches

Unanswered Question

Hi,

Right now we have one 6509 switch with MSFC2 that serves as a core switch and server farm switch. All access switches have a L2 trunk link to the 6509. All servers also connect to the same switch.

I am planning to upgrade to sup720 and add another 6509 for redundancy. All new access switches will have dual L3 link to two 6509 switches. Servers will have dual NIC to connect to both 6509.

Look like the only choice that I have is to configure a L2 trunk link and HSRP for the server subnet between two 6509. Dual NIC will be in the same VLAN.

can I configure a L3 link between two 6509 and still have dual home servers?

I really appreciate for any information or feed back if you have a similar setup.

Thanks

PH

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Edison Ortiz Fri, 07/27/2007 - 11:44

You sure can but keep in mind, you will have to maintain each switch's Vlan information, since L3 links won't send VTP information.

Jon Marshall Fri, 07/27/2007 - 13:31

Hi

I'm not sure this will work without additional configuration. Are you using the reundandant NIC in failover mode, ie the second connection is only used if the first goes down.

You have a server on the 192.168.1.0/24 network which is vlan 10. It is dual honed to both 6500 switches.

Now lets say the default gateway for that server is 192.168.1.1. For the redundancy of the server to work you need the same default gateway on both switches.

So on each 6500 you have

interface vlan 10

ip address 192.168.1.1 255.255.255.0

But your access switches are connected at layer 3 so they see two equal cost paths to the 192.168.1.0 network via 6500 switch 1 and 6500 switch 2.

So traffic will not only go to the 6500 which has the active server NIC but it also goes to the 6500 with the redundant server NIC. Because you have a L3 link between your 6500's you can't switch across the link to the active NIC.

Now i suppose you could look to influence your routing protocol metric so the active server switch is preferred but this is making it more complicated than it needs to be.

The prolem is that you have you servers patched directly into your 6500's. Either think about moving you servers onto access switches or use a L2 etherchannl trunk between your 6500's.

Personally i would go with a L2 trunk. STP is still restricted to that pair of switches as your access layer is connected via L3 links.

HTH

Jon

carlos.morillo Fri, 07/27/2007 - 15:35

You can configure both; one L3 to support the dual connectivity from the dist/access switches and one L2 to support the dual connected server farm.

About the servers; what type of dual conectivity are you configuring, active/standby or load balanced?

For gateway redundancy configure GLBP between the server farm vlan interfaces in each switch.

Since you will be enabling L2 at the core don't forget to tune all the STP and/or VTP settings.

--

Carlos

Atlanta, GA

the real issue here is how you provide access from clients to your servers. if clients are able to balance themselves between two different IP addresses (or if you have a load balancing system), you can run L3 between your 6509 devices. at any rate, for true redundancy, you would not want to do this.

be easy on yourself: run l2 between the cores, span the necessary VLANs and then route between access and core (requires L3 capabilities at access layer).

only when you are traversing through different layers (or if your core is the size of an ISP or enterprise company) should you be routing vs. l2 switching.

if you are concerned with isolating servers from each other, simply create different VLANs for them.

setup on core layer:

-span vlans between core

--set one core as root for certain vlans, set other core as root for other vlans in order to load-balance at layer-2 level

-configure HSRP / VRRP / GLBP for default gateway addresses on cores (active gateway host should be same as the root for each vlan/subnet))

with this config, you can even balance nicely between data traffic & voice traffic/etc., by separating the cores' roles in terms of HSRP/l2 root roles.

Actions

This Discussion