cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1747
Views
0
Helpful
5
Replies

Cat 6509-E VSS VS40 (quad SUPs) dual active detection setup question

2colin-cant
Level 1
Level 1

Hi folks,

 

I have a little design question in regards to Catalyst 650X VSS VS4O (quad supervisors) in regards to the dual active detection.


I have seen that the recommendation is to use ePAgP utilizing an access switch as well as doing a separate dual active detection link.

As I do not wish to use an access switch I would like to do one of the following showed below.


Option 1: having a DAD link from chassis to chassis connecting the direct neighboring SUP.

 

Option 2: Having a full mesh of DAD links between all SUPs

 

Option 3: Having a full mesh of DAD links between all SUPs configured a port-channels. (is this a valid option)

Catalyst 6500 VSS VS4O Quad sup setup

 

is this the correct config speaking for option 2 ?

interface GigabitEthernet1/5/1
 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

interface GigabitEthernet2/5/1
 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

 

interface GigabitEthernet1/5/2
 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

interface GigabitEthernet2/5/2
 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

 

interface GigabitEthernet1/5/3
 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

interface GigabitEthernet2/5/3
 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

 

thanks

 

Colin

 

5 Replies 5

Gustavo Novais
Level 1
Level 1

Hi Colin,

I think you're mixing two aspects of the equation:

- quad-sup SSO is meant to guarantee full uptime redundancy of the full VSS pair and assure no chassis loss in case of a single sup failure.

- dual-active detection is meant to guarantee that if the VSL link across the VSS members goes down, isolating the boxes, (but they are still impersonating a single entity ) one of the boxes "removes" itself from the network in order to avoid network issues  related to dessynchronisation of state on these two boxes, towards the rest of the network.

 

That said, you do not need to place the dual active detection link on the supervisors (it can be on any linecard), as its purpose is only to serve as a redundant link for detection in case the VSL goes down.

Unlike the peer-keepalive link in Nexus, you do not need to have a dual-active detection method enabled to form the VSS pair, so the use case for having it redundant is, frankly, quite debatable...

Im my view, I'd use one link on a separate linecard from the VSL links. I don't really see the need for both links across chassis, and especially not within the same chassis. The situation where you have your VSL link down (4 links) and your dual-active detection link is also down is extremelly unlikely with a single link.

Are the boxes located in different rooms, or is there any significative distance that would heighten the probability of this situation to occur?

 

My .02$

 

Gustavo

 

 

 

Hi Gustavo,

thanks once again for you expertise, as always your comments are greatly appreciated!

 

I just wanted to update this thread, as I assume other people will ask the same/similar question in regards to VS4O setups.

Its true to have several ports as Dual-Active-Detection. I have not tried configuring the DAD link as Port-Channel, but several DAD ports will do the job too

This is how I have implemented it recently:

 

SUP2T's:

 

 

 

 

Hi,

For me i have aready a switch 6509 sup 2 in my network.it's aready configured for network interconnection.For now, i want to add an other 6509 sup 2t with the first in vss.Can you please give me the steps for configure vss.Also,we can help me for upgrade a switch with 2 supervisor.

Thank you for your help.

2colin-cant
Level 1
Level 1

Hi Gustavo,

thanks for your explanation, allow me one last question, could I potentially create a port-channel for the DAD link spreading over two line cards?

not that this makes any sense as long as VSL is up, I am just asking out of curiousity if this actually would work.

 

int po X

 description VSS Dual-active detection
 no switchport
 no ip address
 no cdp enable
 dual-active fast-hello

 

int gi1/9/48

channel-group X mode on

 

int gi2/9/48

channel-group X mode on

 

 

The chassis are located next to each other in the DC, so there is no special requirements. I most likely will use a copper port, chassis to chassis.

 

Thanks Colin

 

 

Hi Colin,

I just configured a VSS w/ fast-hello for detection and one of the messages was that if enabling the fast-hello method on that interface, the switch would remove all extraneous configuration.

Couldn't try with a Port-channel, but it seems like you can have more than one wDAD link

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: