VSS Feedback

Unanswered Question
Jul 31st, 2012
User Badges:

Hi,

we plan to implement VSS on our datacenters (C6509/Sup720), in order to remove L2 loops (currently, access layer are C3750 stacks, which could evoluate for N5K/N2K).

I would like to have some feedbacks about VSS stability. Some years ago, I have seen some bugs with this technology in another company, so I am still not totally comfortable  to use it in the datacenter.

What are your feedback about it?

Thanks by advance.

P.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Lee Smitherman Tue, 07/31/2012 - 03:49
User Badges:

Installed a VSS 6509 Pair around 18 months - 24 months ago, we did order 4x720 Sup`s but only used a single in each switch as the Dual Sup support had only just been released and we were a little nervous about using it. We kept the others in each chassis as a cold standby.

The 6509 had multiple 40GB(4x10GB) MEC`s to HP C7000 Chassis devices(With Cisco 3120`s) supporting a large Citrix/ESX Environment and to be honest worked very very well. On a couple of occasions we lost a CPU(hardware Issue) in one of the 6509 Chassis`s(Master), however things kept on running and the business didn`t even notice. Swapping out the dead card and bringing the other switch back into prod was also seamless. I loved the single management of the pair of chassis`s as well as the ability to use MEC to other devices, all worked very very well.


When we first setup the 6509`s we patched lots of devices into all of the cards on both switches and ran some extensive tests while we pulled cards, rebooted switches etc and all worked well, with only the occasional ping dropping etc.

Also setting up Dual active detection is advisable incase you loose your VSL links.

I would use it again, given the chance, would also like to hear any experiences with Dual Sup`s in VSS Pairs.

Lee

Reza Sharifi Tue, 07/31/2012 - 18:32
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

I would use it again, given the chance, would also like to hear any experiences with Dual Sup`s in VSS Pairs.

Dual Sup in each chassis with SSO in not suported yet.  I am told, it is going to be supported by the end of this year or early 2013. BTW, it was supposed be supported long time ago, but it has not happened yet.



HTH

philippe.lapere Tue, 07/31/2012 - 22:58
User Badges:

One question: if we lose a sup card in the chassis: depsite the VSS and even if the VLS link is build between line cards (so not between sup cards), do we totally lose the chassis which lost the sup card, depsite the VSL? (I guess yes ...)

Lee Smitherman Wed, 08/01/2012 - 00:39
User Badges:

Hi,


this was alien to me at first but yes,  if you loose that sup in the chassis, the WHOLE chassis goes down and all interfaces connected to that chassis(servers etc).  Thats why its very important in a VSS environment to ensure EVERYTHING is dual homed.  With the use of MEC`s etc its not to difficult to achieve.  Key for us was to educate the server guys who can be a little slack at times that everything they plug in must be dual homed if they want their servers to stay communicable during network issues.


Lee.

Edison Ortiz Tue, 07/31/2012 - 10:40
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

VSS is a very mature technology. You shouldn't encounter major problems albeit occasional bugs but that's BAU (Business As Usual).


Regards,


Edison

aukhadiev Wed, 08/01/2012 - 02:52
User Badges:
  • Bronze, 100 points or more


What can I say... It works... I can not remember any major problems for the (c6500 uptime is 2 years, 2 weeks, 1 day, 11 hours, 20 minutes)


mahmoodmkl Thu, 08/02/2012 - 19:28
User Badges:
  • Gold, 750 points or more

Hi


just llok into the distance between the chassis as i have seen issues with it if they are far from each other



Sent from Cisco Technical Support iPhone App

Mehdi Talei Fri, 02/01/2013 - 08:11
User Badges:

Hello mahmoodmkl,


What kind of issues did you encounter with distance between two chassis? I am going to implement the same architecture (two chassis in different sites) and would like to know what kind of issues are waiting for me.


Thanks

smalep Wed, 08/29/2012 - 09:45
User Badges:

Hi,


We have been using several VSS's in different locations for several years.  I included two good links.  I would suggest connecting your VSL links so that at least one uses the Supervisor module, but make sure they don't only use your Supervisor.  Spread the VSL links out so one uses the Supervisor and one uses a port on the 8-port 10 gig line card (6708).  The reason is that if you do have a chassis reset the Supervisor comes up first, long before the actually line cards power up.  A typical reboot of a chassis in a VSS, where everything is powered and fully back online takes approx 10 minutes.  The Supervisor is back up in less than 5 min.   

Also, don't forget the ports on a 6704 cannot be used for a VSL link.


The business case for the VSS is that you are able to maintain full redundancy while using all the bandwidth of that redundacy if you dual home to the VSS using an etherchannel from your edge switch.



http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/VSS30dg/VSS-dg_ch4.html


http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/prod_qas0900aecd806ed74b.html


Overall we are glad we went with VSS and it has prevented many potentially large and significant outages that if we did not have VSS in place would have caused major impact to our business.


Thanks,

P

graham smart Wed, 08/29/2012 - 10:30
User Badges:

We have two datacenters running it now.


It does have its moments as any tech does but on the whole its nice and stable. Just remember to have everything dual homed.


Plus you get to double your uplink speeds by using port-channels now

parisdooz12 Wed, 08/29/2012 - 10:57
User Badges:

Hi,


I don't really understand the reason to use the VSL on both supervision card and linecard. In the Cisco documentation I found, the 2 cases were given (case #1: 2 links between the 2 supervisor cards; case #2: 1 link bewteen sup & 1 link between 6708), with no specific advice for one solution specificaly. I don't see what is the impact of the sup card comes up 1st. (in our datacente, we have only 6704 and no need of 6708)


Thanks

P.

smalep Wed, 08/29/2012 - 11:04
User Badges:

Hi,


The issue is that the two 10gig ports on the Supervisor according to the information from CiscoLive 2012,  share a single ASIC,  they suggested that any issue with the ASIC will impact ALL the VSL traffic as opposed to have VSL diversity across multiple cards. Certainly it is only a best practice recommendation from Cisco and not and absolute requirement.


Obviously if you do not have any other line cards that you can use to participate in a VSL then you only option is two use both 10gig ports on the Supervisor module.


Thanks,

P

Leo Laohoo Wed, 08/29/2012 - 15:35
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

VSS and Nexus 5500+FEX 2K ... Hmmmm ... Depends on what you are trying to do.


Yes, I agree.  VSS technology has matured to the extent that it's going to be pushed down to the 4500R+E (Sup7E).  But that's not the important issue.


Nexus is a different beast and there are some things that the Nexus solution will excell that the 6500 VSS can't.  One of them is the amount of 10 Gbps interfaces available.


The Nexus solution is bent to provide loss-less 10 Gbps from the switch to the SAN servers.  If you want to terminate ALOT of 10 Gbps then Nexus is the way to go.  If you want to terminate A FEW 10 Gbps then 6500 is a place to go.

The Nexus 7K is now offering 40 Gbps and 100 Gbps (non-blocking, 1:1 oversubscription rate).


One more thing, if you HAVE NOT purchased the Sup720, then consider the newer supervisor card, the Sup2T.  In some cases, you'll be able to get discounts that'll make the price of the Sup2T equal to the Sup720.

parisdooz12 Wed, 08/29/2012 - 16:23
User Badges:

I still have C6509 with sup720-10G. Access layer are C3750 with etherchannels.


My objective: make (deployment objectives: 3 or 4 monthes) the current architecture to be ready for 10G: few future blade racks connected in 10G - perhaps 2 or 3 in 2013, 3 x C3750X stacks connected with etherchannels, about 10 x C3750G stacks which are end of support in 2014 and could be change, in 1 or 2 year, by N2K or C3750X-10G stacks (so a final need of 16 x 10Gbps ports (C3750X scenario as access layer) or 50 x 10 Gbps (N2K scenario).

40G & 100G are not really needs (the only need could be inter-datacenter connecion, but we have 2 x 10Gbps which can evoluate to 4 x 10G, in etherchannel between the 2 sites)


I thought to these 3 scenarios (deployment objectives: 3 or 4 monthes):

1) Keep C6509 for L3 - migrated in VSS)  and add N5K-96 as an intermediate L2 layer between C6509.

2) Change C6509 for N7k => this solution is a lot more expensive than solution #1 (twice more)

3) Change sup720 for sup2T, at least to take benefit of 6908 cards (if I am not wrong, 8 non blocking ports)  => not really interesting in comparison of solution #2 (a bit less expensive, but a lot less capabilities).


I thought to solution #1 to be the most efficient in terms of cost and evolutivity. It will permit to connect blade racks and migrate C3750X currently connected by etherchannel in 2013, then migrate C3750G in 2014.

My only concern with C6509 is that I now notice with experience that it is a bit weak in some cases of abnormal flows and so, fine tuning of protection features (copp, reate-limiters, etc...)  is necessary, which not always easy to do and not always efficient. I guess Nexus is more robust, with less tuning needs.

graham smart Sat, 12/08/2012 - 05:59
User Badges:

STP

You will still need it configured. ( Default config normally fine )

The reason for this is just to be sure if someone chains switches or does something silly, you still dont loop your network. This would be bad.

So default RPVST or MST would be fine in most cases.


HSRP

You dont need it.

Your vlans etc will just have one interface ( vlan 10 for example would just have an IP address. no standby etc. )


The reason for this i sbecause BOTH switches act as one logical switch.. There is no switch to pair for HSRP.. ( Unless maybe you paired two VSS's in the same environment.. But that would simply be overkill no?

Leo Laohoo Sat, 12/08/2012 - 14:24
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

about 10 x C3750G stacks which are end of support in 2014 and could be change

Sorry for the late response.  Contact your Cisco AM/SE in switching or wireless (yes, wireless).  Tell them that you want to replace your EoS 3750G with something else and they might let you in a little "secret" slated for release in January 2013.


If they don't want to play "ball" then mention the number "3 8   5  0".


40G & 100G are not really needs

Don't consider 40 Gbps.  It's no longer in the picture and has served it's purpose (stop-gap until the price of 100 Gbps becomes less laughable).   100 Gbps in 5 years?  You bet your a$$!



2) Change C6509 for N7k => this solution is a lot more expensive than solution #1 (twice more)


Talk to your Cisco AM/SE in switching.  Mention the phrase "Technology Migration Platform" and "Nexus 7K" in one sentence.


Just be wary that the Catalyst 3K cannot support full VRF/MPLS.  They only support VRF-lite (aka VRF with Jenny Craig).


Nexus 7K has just released a new (and vastly improved) F2 card so this can get mighty interesting with design. 

Actions

This Discussion

Related Content