Traffic Traversing VSL

Answered Question
Sep 23rd, 2010
User Badges:
  • Bronze, 100 points or more

We just bought some new toys,  2 x 6506 with VSS sups


they are connected by 2 x 10gig links



I keep reading in the documentation that traffic should never traverse the VSL links , because you use etherchannels everywhere,  but what if you have devices where etherchannel is not possible etc , why is it a problem traversing the VSS links when we need to? the sups are using very little of the 20 gigs


I am designing my network so that vss link doesnt get used , i just need to know there wont be a problem if there is a few that need it.


do i need to make extra etherchannel between the 2 switches for these leaks? ( the sup has 2 x sfp gig-e spare)

Correct Answer by Jon Marshall about 6 years 10 months ago

ukglobecast wrote:


Thanks very much John for confirming



I will put any single homed things to go via etherchanneled switches.




Could i pick your brain on something else ---I have 2 ASA5540s on active/standby , what is the best way to implement this in a VSS environment  Just one on each vss switch ? the firewalls are currently  dot1q trunks.


Rob


Never deployed it but i would recommned connecting one ASA to one of the chassis and the other ASA to the other chassis simply because if there is a chassis failure you would still have a firewall up and running.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Thu, 09/23/2010 - 10:03
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

ukglobecast wrote:


We just bought some new toys,  2 x 6506 with VSS sups


they are connected by 2 x 10gig links



I keep reading in the documentation that traffic should never traverse the VSL links , because you use etherchannels everywhere,  but what if you have devices where etherchannel is not possible etc , why is it a problem traversing the VSS links when we need to? the sups are using very little of the 20 gigs


I am designing my network so that vss link doesnt get used , i just need to know there wont be a problem if there is a few that need it.


do i need to make extra etherchannel between the 2 switches for these leaks? ( the sup has 2 x sfp gig-e spare)


Rob


The VSL will pass data traffic as well as VSL control packets so you don't need a separate etherchannel but as you say you should do your utmost to avoid having to use the VSL  for data traffic.


To be honest you shouldn't really be connecting any singly honed devices into the VSS pair anyway. If you have servers that only have on NIC you would be better off having these on a separate switch and then running an etherchannel from that switch across the VSS pair.


Jon

Julio Garcia Thu, 09/23/2010 - 10:11
User Badges:
  • Bronze, 100 points or more

Thanks very much John for confirming



I will put any single homed things to go via etherchanneled switches.




Could i pick your brain on something else ---I have 2 ASA5540s on active/standby , what is the best way to implement this in a VSS environment  Just one on each vss switch ? the firewalls are currently  dot1q trunks.

Correct Answer
Jon Marshall Thu, 09/23/2010 - 10:16
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

ukglobecast wrote:


Thanks very much John for confirming



I will put any single homed things to go via etherchanneled switches.




Could i pick your brain on something else ---I have 2 ASA5540s on active/standby , what is the best way to implement this in a VSS environment  Just one on each vss switch ? the firewalls are currently  dot1q trunks.


Rob


Never deployed it but i would recommned connecting one ASA to one of the chassis and the other ASA to the other chassis simply because if there is a chassis failure you would still have a firewall up and running.


Jon

Actions

This Discussion