Switching infrastructure design

Answered Question
Jun 9th, 2009
User Badges:

I'm in the process of designing a new switching environment, I've attached a diagram, and was hoping to get some ideas on building redundancy while leveraging all available bandwidth on redundant uplinks. I thought about using MST from the access layer switches to the distribution layer switches to load balance by having different vlans take different paths to the core, but am getting hungup on the concept when considering how I'm going to route layer traffic from the access layer. I need to put routes on the access layer switches so users connected to them can get outside their own vlan, but I don't really want to send them to the core 4510 if they are trying to get to a network and host that is on another access layer switch. But if I make the default route one of the distribution switches, that will undo any load balancing MST would have provided and cause the access layer switch to be an island in the event it's link to its distribution layer gateway is down. That leads me to using HSRP on both the distribution layer switches, but how will that interact with MST? If I use HSRP at the distribution layer and create 2 separate groups to break up the load, could I remove MST as the load balancing method from the design? Are their any other options that might be good here?


thank you,


Bill



Correct Answer by Jon Marshall about 7 years 9 months ago

Bill


If the uplinks are L2 then any routes you add to the access-layer switches are purely so you can remotely manage the access-layer switches. In fact you generally use the "ip default-gateway x.x.x.x" command on a L2 access-layer switch. This is not added for the clients.


It doesn't matter what you add to the access-layer switch in terms of routes/default-gateways, these are not used by the clients at all. They are only used by the switch itself. A L2 switch simply forwards traffic from the client - it doesn't care about the IP address the client is sending the packet to.


If a client wants to talk to another client on a different vlan the traffic goes from the client across the L2 uplink to the client's default-gateway which is the L3 vlan interface on the distro switches - assuming that is where you are doing the inter-vlan routing.


In answer to your question -


Yes you can use MST to load-balance across the links. Just make sure that the HSRP active gateway for a particular vlan is on the same distro switch as the MST primary root for that vlan.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Tue, 06/09/2009 - 11:56
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Bill


Could you just clarify something.


You talk of adding routes to the access-layer switches and then talk of using MST between the access-layer switches and the distro switches.


MST is L2 so that can be used if the uplinks from the access-layer switches were L2.


Adding routes to access-layer switches would be needed if the uplinks were L3.


So which is it - are the uplinks from the access-layer switches to the distro switches L2 or L3.


Jon

WILLIAM STEGMAN Tue, 06/09/2009 - 12:09
User Badges:

They're nothing right now. Everything is still in a lab environment. These access layer switches will probably all have multiple vlans configured on their ports. The uplinks to the distributin layer will be layer 2, just plain trunk ports. It's always been my experience that I needed to configure a default route on an access layer switch pointing to a layer 3 device so those hosts connected could get out of their vlan. For example, if you're a host connected to vlan 100, I would create a vlan int in the same network range, say 192.168.100.1, and use that as a client's gateway. But the access layer switch doesn't know how to get to 192.168.100.1. I would point it to the multilayer switch on the same common segment, say the native vlan. So the multilayer switch would be 192.168.1.1, and the access layer switch would have an address on the native vlan as well, 192.168.1.2 for example. It sounds like there may be a better way?

Correct Answer
Jon Marshall Tue, 06/09/2009 - 12:16
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Bill


If the uplinks are L2 then any routes you add to the access-layer switches are purely so you can remotely manage the access-layer switches. In fact you generally use the "ip default-gateway x.x.x.x" command on a L2 access-layer switch. This is not added for the clients.


It doesn't matter what you add to the access-layer switch in terms of routes/default-gateways, these are not used by the clients at all. They are only used by the switch itself. A L2 switch simply forwards traffic from the client - it doesn't care about the IP address the client is sending the packet to.


If a client wants to talk to another client on a different vlan the traffic goes from the client across the L2 uplink to the client's default-gateway which is the L3 vlan interface on the distro switches - assuming that is where you are doing the inter-vlan routing.


In answer to your question -


Yes you can use MST to load-balance across the links. Just make sure that the HSRP active gateway for a particular vlan is on the same distro switch as the MST primary root for that vlan.


Jon

WILLIAM STEGMAN Tue, 06/09/2009 - 12:29
User Badges:

That helps clear things up considerably for me. I've been using an incorrect assumption for a while, but what you're saying makes perfect sense. Thank you very much Jon.

Jon Marshall Tue, 06/09/2009 - 12:32
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Bill


No problem, glad to have helped.


Jon

Actions

This Discussion