Hello All- We will be bringing up a second 6500 in our core for redundancy. Both 6500s have identical hardware and software; redundant SUP720s (WS-SUP720-3B) and a FWSM. We will also be upgrading the IOS on both as we would like to implement HSRP v2. Current IOS code version is 12.2(18)SXF7 which it appears limits my choices for upgrade (no ISSU/eFSU). I would like to start a discussion with this knowledgeable group so that we can avoid any gotchas along the way.
I plan on splitting SPT root between the two and using both as secondary to the other. We will use HSRP for L3 VLANs. We use OSPF as our RP.
I have been reading through the threads a bit, these in particular:
I share a lot of the same concerns, especially downtime. I am also reading through the design guides, but want to get specific input particular to my environment. Please feel free to suggest links for reading and anything else you may feel is helpful.
We have L3 on both the switch/MSFC and the FWSM. Have built a script for the HSRP groups (assuming HSRP v2). Do not know much about your statement "load balance the gateways" -- can you talk a bit more about that?
Also am looking for comments on IOS version to upgrade to. We have a pretty straightforward vanilla config. Modules below:
Mod Ports Card Type Model --- ----- -------------------------------------- ------------------ ----------- 1 6 Firewall Module WS-SVC-FWM-1 2 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-45AF 4 24 CEF720 24 port 1000mb SFP WS-X6724-SFP 5 8 Network Analysis Module WS-SVC-NAM-2 6 48 48-port 10/100 mb RJ45 WS-X6148-45AF 7 2 Supervisor Engine 720 (Active) WS-SUP720-3B 8 2 Supervisor Engine 720 (Hot) WS-SUP720-3B 9 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-45AF 10 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE 11 8 CEF720 8 port 10GE with DFC WS-X6708-10GE 12 8 Intrusion Detection System WS-SVC-IDSM-2
13 48 CEF720 48 port 1000mb SFP WS-X6748-SFP
WS-X6148-45AF is going away and the line cards will be shuffled a bit to accomodate a new additional WS-X6748-SFP.
If you have limited number of vlans, I would not worry about load balancing the gateways, as that would make the deign more complicated, because now you have to remember which box is the HSRP/VRRP master for which vlan and also remember which device is the Root per vlan. If you have a lots of vlans, load balancing the gateway makes scene. As for your IOS question, the latest on CCO is SXI5. I have tested SXI4a and it seems to be pretty stable. One more thing, since you are planning to upgrade your IOS, make sure you upgrade to a non-modular IOS, as Cisco slowly phasing out modular IOS on the 6500 series. ISSU/eFSU is supported in newer IOS, but that really applies if you are using redundant sup or VSS.
I went through the software advisor and it suggested the lated IOS code I could use was 12.2(18)SXF16. The feature set we need is Advanced IP Services SSH. Can someone verify that the line cards I have will be supported by SXI4a or SXI5 (SXI4 has a bug which may affect us)? I will probably just get a TAC case open to answer this. We are definitely not going to be using a modular image.
We have ~150 VLANs on our network, one of whhich is heavy-use video, and another is high-traffic audio. The others are a mixed bag.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...