I have two 6500 core switches in failover (HSRP) config. Both switches have IDSM-2 modules.I have about 5 VLANs to monitor using IDSM in-line. Since IDSM has two interfaces to monitor trafic, I have to create 8 VLANs and do VLAN pairing in order to monitor these 4 VLANs.
What are the options available for me to have redundancy in case of one IDSM module failure ?
Make sure that The PFC2 supports a maximum of 16 unique HSRP group numbers. You can use the same HSRP group numbers in different VLANs. If you configure more than 16 HSRP groups, this restriction prevents use of the VLAN number as the HSRP group number.
For the further description and configuring the redundancy following URL may help you
The IDSM will bridge the VLANS. The SVI is in one VLAN and the clients are in another. If the IDSM fails, mac/arp learning will not take place 'through' the failed IDSM. If there is a trunk between the two core switches, the MAC will be learnt via:
Access Sw >> Core2 >> Core1.
However all traffic would still continue to flow (albeit with an added l2-hop). This would need to be tested tough as it dependant on your particular setup and design.
There is no way to track multi-chassis IDSM-2 failure AFAIK. For the same chassis, you can use Etherchannel to load balance the two IDSMs. I'm not sure if VSS supports the modules yet (even tough I remember reading about blade support for VSS...but not sure which modules).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :