09-19-2007 06:04 PM - edited 03-05-2019 06:35 PM
I could have built this damn thing in the time it took me to draw this out. Anyway...
Just want to see if my logic is right with this very basic diagram. I made it as simple as possible, but I figured if I had this right, then not only am I on the right track with learning the BCMSN course, then I can easily scale this model to bigger and better topologies in the future.
A couple of things to note:
1. I didn't include a core network since I haven't taken the routing course and I am not sure how to connect a router to two distrubution layer switches and have everything work at once...
2. Assume that PVST+ is enabled for load balancing...
3. The access layer switches are connected to the distribution layer switches in NON trunking mode (i.e. regular access ports). Not that it matters much anyway since there is only one Vlan per access layer switch.
I *think* everything is right here, but I do have one question. With the SVI's being identical on both distribution layer switches, how am I to connect to a particular distribution switch via layer 3 for management. In other words, what if a station on Vlan 10 wanted to connect to Dist. switch 2 for management purposes. What IP is supposed to be used here to connect to that switch?
Solved! Go to Solution.
09-20-2007 08:02 AM
Hi
The short answer is yes, traffic will go from as1 to ds1, ds1 -> ds2 and off to the upstream router.
However i'm not sure waht you achieve by tracking the interface. Remember that ds1 and ds2 will receive routes from your router as they both have connections.
If ds1 connection to the router goes down it will still get the routes from the upstream router, just via ds2 instead of direct from the upstream router.
HTH
Jon
09-19-2007 07:11 PM
Each distribution switch needs to have an unique IP within that subnet.
Quick question, are you planning to have an inter-switch connection between the 2 distribution switches ?
On this layout, what do you propose to be the root switch for Vlan10 and Vlan20 ? :)
09-20-2007 05:25 AM
Yes, the two dist switches could be connected via a collapsed core design, or with another router facilitating a true core layer. However, I haven't taken the routing course yet so I am not sure how I would connect a router to two dist switches for redundancy....
Root Switch? Is that a rhetorical question, Edison? :-) I must have done something wrong if it is.... Looking at the diagram, I have Dist. switch 1 set for the root bridge on Vlan 10 and Dist. switch 2 set for the root bridge on Vlan 20. This not correct?
A unique IP within that subnet? This is what confuses me. When I setup the SVI on the Distribution switches for routing, that essentially sets up the IP that the Vlan clients will use for their gateway. So Dist. switch 1 and 2's config would look like:
----
[Create Vlan 10, assign to switch port]
interface Vlan 10
ip address 192.168.1.1 255.255.255.224
[Create Vlan 20, assing to switch port]
interface Vlan 20
ip address 192.168.1.33 255.255.255.224
----
So am I suppose to create ANOTHER ip on the Distribution switch inside each Vlan that is unique???
I appreciate your help, btw. Just trying to work through these problems so I can get a good handle on these theories...
09-19-2007 11:37 PM
Hi
You would typically run HSRP between your 2 distribution switches so for example your vlan 10 would be
Distribution switch 1 192.168.1.2/27
Distribution switch 2 192.168.1.3/27
And the HSRP Virtual IP address for vlan 10 would be 192.168.1.1/27.
You then set the clients in vlan 10 to have a default gateway of 192.168.1.1
The other thing that is quite common is to run a layer 2 trunk between your 2 distribution switches, this will then allow HSRP to be passed between the 2 distribution switches without having to go down to the access-layer switches. And it increases your redundancy.
HTH
Jon
09-20-2007 06:07 AM
Ahh...
So for Vlan 20, it would be something to the affect of:
Dist switch 1 192.168.1.34/27
Dist switch 2 192.168.1.35/27
HSRP Virtual IP for Vlan 20 is 192.168.1.33/27
But what about the root bridges? With PVST+ running, the only way Vlan 10's blocked port will begin to foward is if its root bridge failed. What if I wanted to monitor a port on Dist. switch 1 (the root bridge for Vlan 10) and that monitored interface failed? I would normally want Dist. switch 2 to take over gateway functions for Vlan 10, but because its root bridge is still working, STP will never unblock the port to get to Dist. switch 2...
09-20-2007 06:41 AM
UPDATED TOPOLOGY...
Check this new topology out... I'm not sure what I was thinking last tonight. Perhaps it was too late to be doing any "thinking" at all...
I put this together using HSRP for redundancy. Although I still don't know how STP will unblock a port to the redudant router if the root bridge does not ever go down (i.e. I am simply monitoring the interface on the gateway/root bridge and the interface goes down. I then would want to begin using the reduant router but STP would keep that port blocked as the root bridge is still operational, only its monitored interface has failed...)
09-20-2007 07:14 AM
Hi
Okay, that looks better.
As for STP. The connection between your 2 distribution switches should not block on any vlan. One of the uplink ports will block.
Using your diagram
distribution switch on left - ds1
distribution switch on right - ds2
access-layer switch on left - as1
access-layer switch on right - as2
ds1 is STP root for vlan 10
ds2 is STP secondary for vlan 10
The link from as1 to ds1 is forwarding.
The link from as1 to ds2 is blocking.
The link between ds1 & ds2 is forwarding.
If ds1 goes then as1 -> ds2 link is moved from blocked to forwarding.
If port on as1 that connects as1 to ds1 goes, same again.
If port on ds1 that connects ds1 to as1 goes, same again.
Each time STP will find a way round because you have redundant links. Note in the last 2 cases ds1 is still the root bridge for vlan 10 but as1 goes to ds2 and then across to ds1 instead of direct to ds1.
Hope this makes sense
Jon
09-20-2007 07:50 AM
Hey Jon,
Yup, that makes perfect since. But there is one more situation that could happen.
I don't have it depicted in the diagram, but say that there is a router upstream that has redundant links connected to both distribution switches. Now, say I want to track that interface (the one connected to the router) on Dist. switch 1. If that interface goes down, lets now say that the priority was decreased enough so that Dist. switch 2 is now the active router for both Vlans because its interface to the upstream router is still present and working and it now has a higher priority for Vlan 10's group...
How are the clients on Vlan 10 going to be able to access dist. switch 2 with this example? Dist.'s 1 switch one is still functioning and sending out BPDU's so STP will not re-converge; STP will say the exact same. Yet, the active router is now Dist. Switch 2. How are the clients in Vlan 10 going to have any connectivity at all??
Will Dist. switch 1 simply pass along all traffic to Dist. switch 2 in this example over the trunk link and be totally transparent to clients?
09-20-2007 08:02 AM
Hi
The short answer is yes, traffic will go from as1 to ds1, ds1 -> ds2 and off to the upstream router.
However i'm not sure waht you achieve by tracking the interface. Remember that ds1 and ds2 will receive routes from your router as they both have connections.
If ds1 connection to the router goes down it will still get the routes from the upstream router, just via ds2 instead of direct from the upstream router.
HTH
Jon
09-20-2007 08:25 AM
Of course...
I wasn't even thinking about routing protocols...
I appreciate your help and knowledge, Jon. This forum has been a great tool in helping me studying for the BCMSN...
09-20-2007 09:12 AM
Glad to have helped and appreciate the rating.
Jon
09-20-2007 11:13 AM
One more question, and I'll leave you alone...
Say there were three vlans or even four... After it was setup properly, if there were three vlans, then one router would be performing 33% more work since it would be the virtual gateway for 2 vlans while the other is the virtual for just one. Correct? If there were four vlans then one router is the default gateway for two vlans while the other is the default gateway for the other two.
Does this sound right?
09-20-2007 10:52 PM
Hi
No problem with the questions, ask as many as you like, that is what NetPro is for :-)
Basically you are right in waht you say although you also need to bear in mind whic switch is the STP root for that vlan. If the STP root and the active gateway tie up then yes with 3 vlans one switch could be doing more work. I say could because generally speaking different vlans produce different amounts of traffic so you could find that out of the 3 the two vlans on ds1 may not be as busy as the one vlan on ds2.
Bear in mind as well that Layer 3 switches are very efficient. Having 2 vlans on ds1 and one on ds2 should not be an issue.
HTH
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: