Simple network topology diagram

Answered Question
Sep 19th, 2007

I could have built this damn thing in the time it took me to draw this out. Anyway...

Just want to see if my logic is right with this very basic diagram. I made it as simple as possible, but I figured if I had this right, then not only am I on the right track with learning the BCMSN course, then I can easily scale this model to bigger and better topologies in the future.

A couple of things to note:

1. I didn't include a core network since I haven't taken the routing course and I am not sure how to connect a router to two distrubution layer switches and have everything work at once...

2. Assume that PVST+ is enabled for load balancing...

3. The access layer switches are connected to the distribution layer switches in NON trunking mode (i.e. regular access ports). Not that it matters much anyway since there is only one Vlan per access layer switch.

I *think* everything is right here, but I do have one question. With the SVI's being identical on both distribution layer switches, how am I to connect to a particular distribution switch via layer 3 for management. In other words, what if a station on Vlan 10 wanted to connect to Dist. switch 2 for management purposes. What IP is supposed to be used here to connect to that switch?

Attachment: 
I have this problem too.
0 votes
Correct Answer by Jon Marshall about 9 years 2 months ago

Hi

The short answer is yes, traffic will go from as1 to ds1, ds1 -> ds2 and off to the upstream router.

However i'm not sure waht you achieve by tracking the interface. Remember that ds1 and ds2 will receive routes from your router as they both have connections.

If ds1 connection to the router goes down it will still get the routes from the upstream router, just via ds2 instead of direct from the upstream router.

HTH

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Edison Ortiz Wed, 09/19/2007 - 19:11

Each distribution switch needs to have an unique IP within that subnet.

Quick question, are you planning to have an inter-switch connection between the 2 distribution switches ?

On this layout, what do you propose to be the root switch for Vlan10 and Vlan20 ? :)

rodman.frowert Thu, 09/20/2007 - 05:25

Yes, the two dist switches could be connected via a collapsed core design, or with another router facilitating a true core layer. However, I haven't taken the routing course yet so I am not sure how I would connect a router to two dist switches for redundancy....

Root Switch? Is that a rhetorical question, Edison? :-) I must have done something wrong if it is.... Looking at the diagram, I have Dist. switch 1 set for the root bridge on Vlan 10 and Dist. switch 2 set for the root bridge on Vlan 20. This not correct?

A unique IP within that subnet? This is what confuses me. When I setup the SVI on the Distribution switches for routing, that essentially sets up the IP that the Vlan clients will use for their gateway. So Dist. switch 1 and 2's config would look like:

----

[Create Vlan 10, assign to switch port]

interface Vlan 10

ip address 192.168.1.1 255.255.255.224

[Create Vlan 20, assing to switch port]

interface Vlan 20

ip address 192.168.1.33 255.255.255.224

----

So am I suppose to create ANOTHER ip on the Distribution switch inside each Vlan that is unique???

I appreciate your help, btw. Just trying to work through these problems so I can get a good handle on these theories...

Jon Marshall Wed, 09/19/2007 - 23:37

Hi

You would typically run HSRP between your 2 distribution switches so for example your vlan 10 would be

Distribution switch 1 192.168.1.2/27

Distribution switch 2 192.168.1.3/27

And the HSRP Virtual IP address for vlan 10 would be 192.168.1.1/27.

You then set the clients in vlan 10 to have a default gateway of 192.168.1.1

The other thing that is quite common is to run a layer 2 trunk between your 2 distribution switches, this will then allow HSRP to be passed between the 2 distribution switches without having to go down to the access-layer switches. And it increases your redundancy.

HTH

Jon

rodman.frowert Thu, 09/20/2007 - 06:07

Ahh...

So for Vlan 20, it would be something to the affect of:

Dist switch 1 192.168.1.34/27

Dist switch 2 192.168.1.35/27

HSRP Virtual IP for Vlan 20 is 192.168.1.33/27

But what about the root bridges? With PVST+ running, the only way Vlan 10's blocked port will begin to foward is if its root bridge failed. What if I wanted to monitor a port on Dist. switch 1 (the root bridge for Vlan 10) and that monitored interface failed? I would normally want Dist. switch 2 to take over gateway functions for Vlan 10, but because its root bridge is still working, STP will never unblock the port to get to Dist. switch 2...

rodman.frowert Thu, 09/20/2007 - 06:41

UPDATED TOPOLOGY...

Check this new topology out... I'm not sure what I was thinking last tonight. Perhaps it was too late to be doing any "thinking" at all...

I put this together using HSRP for redundancy. Although I still don't know how STP will unblock a port to the redudant router if the root bridge does not ever go down (i.e. I am simply monitoring the interface on the gateway/root bridge and the interface goes down. I then would want to begin using the reduant router but STP would keep that port blocked as the root bridge is still operational, only its monitored interface has failed...)

Attachment: 
Jon Marshall Thu, 09/20/2007 - 07:14

Hi

Okay, that looks better.

As for STP. The connection between your 2 distribution switches should not block on any vlan. One of the uplink ports will block.

Using your diagram

distribution switch on left - ds1

distribution switch on right - ds2

access-layer switch on left - as1

access-layer switch on right - as2

ds1 is STP root for vlan 10

ds2 is STP secondary for vlan 10

The link from as1 to ds1 is forwarding.

The link from as1 to ds2 is blocking.

The link between ds1 & ds2 is forwarding.

If ds1 goes then as1 -> ds2 link is moved from blocked to forwarding.

If port on as1 that connects as1 to ds1 goes, same again.

If port on ds1 that connects ds1 to as1 goes, same again.

Each time STP will find a way round because you have redundant links. Note in the last 2 cases ds1 is still the root bridge for vlan 10 but as1 goes to ds2 and then across to ds1 instead of direct to ds1.

Hope this makes sense

Jon

rodman.frowert Thu, 09/20/2007 - 07:50

Hey Jon,

Yup, that makes perfect since. But there is one more situation that could happen.

I don't have it depicted in the diagram, but say that there is a router upstream that has redundant links connected to both distribution switches. Now, say I want to track that interface (the one connected to the router) on Dist. switch 1. If that interface goes down, lets now say that the priority was decreased enough so that Dist. switch 2 is now the active router for both Vlans because its interface to the upstream router is still present and working and it now has a higher priority for Vlan 10's group...

How are the clients on Vlan 10 going to be able to access dist. switch 2 with this example? Dist.'s 1 switch one is still functioning and sending out BPDU's so STP will not re-converge; STP will say the exact same. Yet, the active router is now Dist. Switch 2. How are the clients in Vlan 10 going to have any connectivity at all??

Will Dist. switch 1 simply pass along all traffic to Dist. switch 2 in this example over the trunk link and be totally transparent to clients?

Correct Answer
Jon Marshall Thu, 09/20/2007 - 08:02

Hi

The short answer is yes, traffic will go from as1 to ds1, ds1 -> ds2 and off to the upstream router.

However i'm not sure waht you achieve by tracking the interface. Remember that ds1 and ds2 will receive routes from your router as they both have connections.

If ds1 connection to the router goes down it will still get the routes from the upstream router, just via ds2 instead of direct from the upstream router.

HTH

Jon

rodman.frowert Thu, 09/20/2007 - 08:25

Of course...

I wasn't even thinking about routing protocols...

I appreciate your help and knowledge, Jon. This forum has been a great tool in helping me studying for the BCMSN...

rodman.frowert Thu, 09/20/2007 - 11:13

One more question, and I'll leave you alone...

Say there were three vlans or even four... After it was setup properly, if there were three vlans, then one router would be performing 33% more work since it would be the virtual gateway for 2 vlans while the other is the virtual for just one. Correct? If there were four vlans then one router is the default gateway for two vlans while the other is the default gateway for the other two.

Does this sound right?

Jon Marshall Thu, 09/20/2007 - 22:52

Hi

No problem with the questions, ask as many as you like, that is what NetPro is for :-)

Basically you are right in waht you say although you also need to bear in mind whic switch is the STP root for that vlan. If the STP root and the active gateway tie up then yes with 3 vlans one switch could be doing more work. I say could because generally speaking different vlans produce different amounts of traffic so you could find that out of the 3 the two vlans on ds1 may not be as busy as the one vlan on ds2.

Bear in mind as well that Layer 3 switches are very efficient. Having 2 vlans on ds1 and one on ds2 should not be an issue.

HTH

Jon

Actions

This Discussion