new redundancy design needed

Unanswered Question
Jan 9th, 2010

Dears ,

I have a network having as given in the attached diagram

.cisco 7206vxR running as a router on stick and we have many vlans connected through 2960 switch . I want to upgrade my network by using my existing hardwares . Could you please suggest me a proper solution ?  .



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Giuseppe Larosa Sat, 01/09/2010 - 07:44

Hello Haris,

unless you add a multilayer switch you will have a single point of failure that is represented by the C7206VXR.

Spanning-tree protocol will handle layer2 redudancy. For each vlan traffic will flow from the router to the root bridge.

Another point of attention is how to be able to have the router connect to both switches.

Here a possible trick can be integrated routing and bridging  IRB this will cause STP to run also on the router.

bridge N protocol ieee

bridge N route ip

int BVI N

ip address 10.10.N.2

standby N ip 10.10.N.1

standby N pri 100

standby N preempt

no shut

int vlan N

no ip addresss

bridge-group N

int g0/0

no ip address

int gi0/0.N

enc dot1q N

int g0/1

no ip address

int gi0/.N

enc dot1q N

this has to be done for each vlan.

this because you cannot configure two vlan subinterfaces with overlapping IP addresses on a router.

The best solution would be to have two routers or to add a multilayer switch capable of providing L3 services.

in this case the slight change can be that of adding an HSRP group in each vlan  to provide default gateway redundancy.

Each access layer switch has to be connected with two uplinks one to current switch and the other one to the other switch.

If you add a multilayer switch it will be more performant then the C7206VXR so it is good to have it master of each HSRP group

int vlan N

ip address 10.10.N.3

standby N ip 10.10.N.1

standby N pri 105

standby N preempt

Also towards the servers you should deploy an HSRP group and one link of the server has to be connected directly to new layer3 switch.

Hope to help


Haris P Sat, 01/09/2010 - 08:35

Dear Giuseppe ,

Many thanks for your prompt reply ....

I have few more questions if I'm going for the suggested solution by u

1.Which multlayer switch will be suitable for me  ? 4500 or 3550 ?

2.also I'm planning to run bandwidth limitation for certain Vlans . If I do HSRP whether I will be able to do Bandwidth restriction for a specific VLAN ?



Giuseppe Larosa Sat, 01/09/2010 - 09:12

Hello Haris,

a Cisco 3550 should be enough or a C3560 or a C3750.

a C4500 is modular.

With HSRP only one device acts as default gateway for a vlan at any given time.

The suggestion is to have all vlans including the vlan to the server active on the multilayer switch this should allow you to control the BW usage.

Hope to help


Reza Sharifi Sat, 01/09/2010 - 10:17

Hello Haris,

In addition to Giuseppe comments and if you have the budget, you should use 2960G switches at the access layer, that will give you 10/100/1000 at the edge.

Most laptops and desktops come with Gig interfaces these days.  This will take a few years before going to 10 Gig at the desktop level.




This Discussion