Tuning Network

Unanswered Question
Oct 3rd, 2010
User Badges:

Hello Dears,


How i can tune my Network i have 2 Cisco 6500 Catalyst Switches on Core Layer and Catalyst 3550 Access switches in my Network. I have completed with spanning tree,port fast,root guard,bpdu-guard, I want to do more tuning with  additonal features that will help to Run my Network smooth.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sumitava123 Sun, 10/03/2010 - 23:27
User Badges:

HI Estela ,


You can configure VSS on the core if u have 720-10g sup and MEC to ur 3550 switches. This increases the efficiency and availability to great extent.


Sumit

Mahesh Gohil Mon, 10/04/2010 - 01:02
User Badges:
  • Silver, 250 points or more

HI Estela ,


You can also use port security feaure on your access switches for tight security. This will restrict no. of mac-address learned from user and

enhance your network for security.


also configure errdisabble recovery options so that port can be unblocked after some time .


Regards

Mahesh

estelamathew Mon, 10/04/2010 - 05:13
User Badges:

Hello Dear's,


Thanks Sumit,


The SUP is not VSS enabled ,


Dear Mahesh ,


I have already done with port-seucrity.


Any more hints from Experts. Ur help will be appreciated.

Jon Marshall Mon, 10/04/2010 - 05:18
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Estela


This is a very openended question. It really depends on what you mean by network running smoothly. Is it not running smoothly at the moment ?


Also without more details of the topology and configuraton it's difficult to know exactly what to suggest. Are you running L2 uplinks from your access switches ? Are you running RSTP or PVST+. Have you "load-balanced" the uplinks so that odd vlans have STP root and HSRP active on one core switch and even vlans have STP root and HSRP active on the other switch ?


Jon

estelamathew Thu, 10/07/2010 - 01:01
User Badges:

Dear Jon,


Question:This is a very openended question. It really depends on what you mean by  network running smoothly. Is it not running smoothly at the moment ?

Answer: IT is running smoothly, But the customer want to do health check of the Netowrk How can i do it,though the setup is very professional done,as per ur statements below.


HOW TO DO A HEALTH CHECK OF NETWORK PLS ADVICE,


Are you running L2 uplinks from your access switches ?

Yes


Are you running RSTP or PVST+

RSTP


Have you "load-balanced" the uplinks so that odd vlans have STP root and  HSRP active on one core switch and even vlans have STP root and HSRP  active on the other switch ?


I have a FWSM,so i dont thing i need a HSRP here.Core_1 is STP root and Core-2 is in secondary I cannot load-balance because only 1 FWSM is active and the other is in standby.


Please suggest whatelse can be done.

estelamathew Thu, 10/07/2010 - 14:11
User Badges:

Hello Dear's,


Please advice, for the above mail,


What ONE CAN DO TO DO NETWORK HEALTH CHECK.


Thanks,

Jon Marshall Thu, 10/07/2010 - 14:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Estela


Perhaps it would help if you asked the customer what they meant by a health check. If the network is running smoothly then what do they want audited ?


It could be they are looking at the security of the network in which case there are penetration testing firms you can hire that will run security assessments on your network.


It could be that they are looking to see how redundant the network is ie. what happens if an FWSM fails or a supervisor fails etc. You can walk them through the design to show them all the redundant links etc.. but the only way you can really test it is to fail certain device(s), modules etc. and see what happens but obviously this has to be done in a scheduled outage and be prepared for it not to work as smoothly as the design suggests it should. Perhaps also they want to look at any single points of failure (if any) in the network and the impact this could have on the business.


There is no one answer to your question which i suspect is why people are not responding that much. It is too vague to answer without some idea of what you are auditing for.


Jon

estelamathew Thu, 10/07/2010 - 15:19
User Badges:

Thanks Jon,


U r exactly correct this is what i told to customer for Health Check but he is not accepting, Anyway can u suggest me whatelse i can do for tuning (additional features) in my network apart from the above mail.


From switching and Security point of view.


Thanks

Actions

This Discussion