Hello All. I'm looking for some feedback on a network design. We're replacing our 2821 with a 4507 and I have some questions about the best way to implement this. I've attach a simple diagram that shows our current config and the proposed new config. We currently have a 2950-12 that is connected to a second 2950-12 via fiber GB, using GBIC interfaces. The second 2950 is connected to the 2821 via copper int. I have a 4507 with the following modules:
Mod Ports Card Type Model Serial No.
1 2 Supervisor IV 1000BaseX (GBIC) WS-X4515
3 24 10/100/1000BaseT (RJ45) WS-X4424-GB-RJ45
4 6 1000BaseX (GBIC) WS-X4306-GB
My initial thought was remove the 2950 currently connected to the 2821 and run the 2 fiber connects directly to Gi4/1 & Gi 4/2 on the 4306 blade. I would then configure these ports as an etterchannel in trunk mode to support our VLANs and configure VLAN interfaces as necessary. Int Gi3/1 would be configured in routed mode as the default gateway for 0.0.0.0. Have I overlooked anything in this configuration? Is this the best practice configuration?
All feed back is welcome.
Etherchannel is bad at redundancy so you may want to go with HSRP so that if one link goes down the entire link doesn't die (as would happen with etherchannel)
Removing the 2950 is a good call because its not doing anything but adding latency and an additional point of failure. You could probably even work it so that the WAN link goes directly into the 4507, freeing up more hardware, reducing latency and simplifying the design.
If the links from the 2950 switch are L2 then it should be etherchannel. How are you going to run HSRP on the same switch ie. you can't.
If a link fails in an etherchannel bundle then the other links stay up, that's the whole point of etherchannel.
As for removing the ASA you may want to check whether that is the company WAN or the internet. If it's the internet you definitely wouldn't want to remove the ASA.