Traffic Traversing VSL

Answered Question
Sep 23rd, 2010

We just bought some new toys,  2 x 6506 with VSS sups

they are connected by 2 x 10gig links

I keep reading in the documentation that traffic should never traverse the VSL links , because you use etherchannels everywhere,  but what if you have devices where etherchannel is not possible etc , why is it a problem traversing the VSS links when we need to? the sups are using very little of the 20 gigs

I am designing my network so that vss link doesnt get used , i just need to know there wont be a problem if there is a few that need it.

do i need to make extra etherchannel between the 2 switches for these leaks? ( the sup has 2 x sfp gig-e spare)

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 6 years 2 months ago

ukglobecast wrote:

Thanks very much John for confirming

I will put any single homed things to go via etherchanneled switches.

Could i pick your brain on something else ---I have 2 ASA5540s on active/standby , what is the best way to implement this in a VSS environment  Just one on each vss switch ? the firewalls are currently  dot1q trunks.

Rob

Never deployed it but i would recommned connecting one ASA to one of the chassis and the other ASA to the other chassis simply because if there is a chassis failure you would still have a firewall up and running.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Thu, 09/23/2010 - 10:03

ukglobecast wrote:

We just bought some new toys,  2 x 6506 with VSS sups

they are connected by 2 x 10gig links

I keep reading in the documentation that traffic should never traverse the VSL links , because you use etherchannels everywhere,  but what if you have devices where etherchannel is not possible etc , why is it a problem traversing the VSS links when we need to? the sups are using very little of the 20 gigs

I am designing my network so that vss link doesnt get used , i just need to know there wont be a problem if there is a few that need it.

do i need to make extra etherchannel between the 2 switches for these leaks? ( the sup has 2 x sfp gig-e spare)

Rob

The VSL will pass data traffic as well as VSL control packets so you don't need a separate etherchannel but as you say you should do your utmost to avoid having to use the VSL  for data traffic.

To be honest you shouldn't really be connecting any singly honed devices into the VSS pair anyway. If you have servers that only have on NIC you would be better off having these on a separate switch and then running an etherchannel from that switch across the VSS pair.

Jon

Julio Garcia Thu, 09/23/2010 - 10:11

Thanks very much John for confirming

I will put any single homed things to go via etherchanneled switches.

Could i pick your brain on something else ---I have 2 ASA5540s on active/standby , what is the best way to implement this in a VSS environment  Just one on each vss switch ? the firewalls are currently  dot1q trunks.

Correct Answer
Jon Marshall Thu, 09/23/2010 - 10:16

ukglobecast wrote:

Thanks very much John for confirming

I will put any single homed things to go via etherchanneled switches.

Could i pick your brain on something else ---I have 2 ASA5540s on active/standby , what is the best way to implement this in a VSS environment  Just one on each vss switch ? the firewalls are currently  dot1q trunks.

Rob

Never deployed it but i would recommned connecting one ASA to one of the chassis and the other ASA to the other chassis simply because if there is a chassis failure you would still have a firewall up and running.

Jon

Actions

This Discussion