General Design Questions and Best Practices

Unanswered Question
Apr 8th, 2009

Hi, I have read through a few of the posts referencing similar queries. The topology I am referencing is a V-shaped topology (dual homed to both Core/DL Switches). Just want to confirm if the requirement is to span vlan's across a pair of access switches and the access switches connect into a collapsed Core/Distribution Layer than is it more viable to have a L2 link between the DL/Core Switch? The reason I am asking this is because most of the times I prefer to have this link as a Pure L3 link. Just trying to understand what the benefit would be of a L2 link.

Also since this is a looped topology an uplink from 1 of the access switches will be blocking hence it seems that GLBP would not provide any benefit. Is that a correct assumption?

Would it better to just do a loop free U or Inverted U topology instead however in this case it seems that the link between the Access Switches (U)would have to be sized appropriately with redundancy because a failure could be a disaster. Same would be for the Inverted-U but instead of the Access the DL link would have to sized.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
lamav Wed, 04/08/2009 - 20:19

Vikram:

Different people have different philosophies and approaches, so you can discuss this on here for days on end. :-)

I''ll give you my take on it and I will try to be as succinct as possible.

If you have a collapsed core and are going to have to perform inter-vlan routing there, and you also need to span the vlan across the access switches, I would definitely stay away from a looped topology. I would dual- home the access switch and configure only an L3 connection between the core switches. You can get L2 adjacency via the uplinks, both of which will be forwarding since the topology is loop-free.

Moreover, if you run HSRP between the core switches, only one of the L2 uplinks from the access layer will be utilized, even though STP will preserve all ports in a forwarding state. The reason is that the access switch will learn the MAC address of the HSRP VIP from the active router that responds to ARP requests through the link that faces it.

So, if switch A1 has gi1/0/1 facing switch C1 and gi1/0/2 facing C2, and C2 is the active HSRP router for a particular vlan, A1 will have an entry for the HSRP VIP MAC address for that vlan hanging off of gi1/0/2.

If your access switches host more than one vlan, and the HSRP primary is alternated between C1 and C2, you will be able to utilize both uplinks, one for each vlan.

If you use GLBP, however, and you have C1 and C2 acting as AVFs for different hosts, then the loop free topology will allow you to maximize uplink bandwidth by using both uplinks at once for each vlan.

So, you are right, if you have a looped topology and STP kills one of the uplinks for a particular vlan, GLBP wont buy you much. In fact, it may cause your design to break. Imagine if the uplink port on C2 that faces A1 is blocked because of STP. Then imagine if an ARP request reaches C1, which is the AVG, and then C1 returns C2's MAC address, how will the host ever be able to reach C2?

In summary, I would dual-home the access switches to the collapsed core, configure only an L3 crosslink between the core switches, and run GLBP if you think it's appropriate for your environment.

HTH

Victor

vdadlaney Thu, 04/09/2009 - 04:39

Hi Victor,

Thx for replying. The way you are specifying is the way I have it configured however it still is a looped topology. As soon as you span vlan's across 2 access switches and dual home the access switches it becomes a loop. Maybe I have misunderstood but the way I have it is 2 x access switches have 2 uplinks 1 to each core switch. These links are trunks that carry all the vlan's since the Core's host the SVI interfaces for those vlans hence being the Gateway of Last Resort. If u imagine the physical topology from the perspective of 1 Access Switch than its a V-shaped toplogy. Imagine this for both Access Switches and the same VLANs existing on both Access Switches. Therby creating a loop. Please correct me if this wasn't what you were referring to. Thx

lamav Thu, 04/09/2009 - 04:57

Yup, good point. You would have to confine the vlan to one access switch.

vdadlaney Thu, 04/09/2009 - 06:11

Unfortunately that is not an option. I can limit the VLANs to a maximum of 2 Switches however to provide redundancy to the servers the vlan needs to span 2 Access Layer switches. So coming back to my original query I was looking for feedback on what would be the reason if any to have a L2 Trunk link between the Collapsed Core/DLs as opposed to making this link a Routed L3. I generally prefer to make it a L3 Routed link however just want to get the pros and cons. Appreciate the help. Thx

Jon Marshall Thu, 04/09/2009 - 12:29

Not sure what you are looking for. Victor gave a very good answer to your initial question.

If you can limit a vlan to each access-layer switch then a L3 routed connection between your distro switches is a real advantage.

But you say you can't so really take your pick. If i was in your situation i would just use a L2 trunk between your distro switches because you really don't get much benefit from using a L3 connection.

Jon

vdadlaney Fri, 04/10/2009 - 09:00

Hi Jon,

I was trying to get feedback on any issues that anyone might have faced in a similar situation.

In addition say if the toplogy is changed to a loop-free U than has anyone noticed any issues with GLBP being used as far as assymetric return path traffic. Thx

Actions

This Discussion