Solved: Re: Improving Design

emcclend · ‎02-17-2018

Currently I have 2 6509's connected via L3 HSRP and L2 port channel, that are being used as a core/distribution/access switch. I also have 6509's being used as L2 access switches and each connected back to the cores. The concern that I have is for my VLAN 5 which my serves are on. My ESXi server have multiple connection split across each core, so no problem for redundancy. However my standard W2K12 servers are only connected to one core or the other as they have only 1 NIC. My question is how can I improve this design in the future. My thought was to put VLAN 5 on its own access switch and just leaving the 6509's as core/distribution switches. I may be have the option to use either a 4507 or stacked 3850's.

I may be replacing the 6509's in the future too, but I was wondering what would be the better design?

Unnikrishnan A K · ‎02-17-2018

Hi,
I will suggest to split the network into two parts. 1. Server 2. Users
stacked or L-3 HSRP & L-2 port channel switches can be used for connecting servers.
in the case of W2k12 servers, either you have to work with hardware team for installing an additional NIC card for bonding or using load balancing to share the load with 2 servers ( it will provide server redundancy)
For Users part, a collapsed core will suffice. Stacked or L-3 HSRP & L-2 port channel switches as core/distribution, and all access switches are connecting to it.

In between server and user part, I will strongly recommend a firewall.
In my experience, mixing the servers and users network to same switch network will cause unwanted results.for example in case of a layer-2 loop in user network, the same will affect the server part also.
keep core as STP root and VTP transparent mode.

these are my view, just consider this too..

~Unni

View solution in original post

Julio E. Moisa · ‎02-17-2018

Hi

You could use a Switches stacked for the servers so you could connect this stack to the Core/Distribution switches keeping the STP root on them or if you are using VSS. I dont have a lot of experience with servers but you could consider NIC teaming as well.

Hope it is useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Unnikrishnan A K · ‎02-17-2018

Hi,
1. how many users/vlans/access switches are there in your network?
2. how many hardware servers?
3. other than switches, any firewall/security devices available?

these info will help for better design.

~Unni

emcclend · ‎02-17-2018

1. how many users/vlans/access switches are there in your network?

About 1200 users, 18 user vlans, 1 primary server vlan, 1 test server vlan . Each user vlans has an access switch as it is seperated by floor. The server vlan is also on the primary 6509 cores.

2. how many hardware servers?

About 20 physical 5 of which are ESXi host Only ESXi host have multiple NIC connections. We also have multiple tape units and redundant connections for SAN .
3. other than switches, any firewall/security devices available?

Just switches for now.

Unnikrishnan A K · ‎02-17-2018

Hi,
I will suggest to split the network into two parts. 1. Server 2. Users
stacked or L-3 HSRP & L-2 port channel switches can be used for connecting servers.
in the case of W2k12 servers, either you have to work with hardware team for installing an additional NIC card for bonding or using load balancing to share the load with 2 servers ( it will provide server redundancy)
For Users part, a collapsed core will suffice. Stacked or L-3 HSRP & L-2 port channel switches as core/distribution, and all access switches are connecting to it.

In between server and user part, I will strongly recommend a firewall.
In my experience, mixing the servers and users network to same switch network will cause unwanted results.for example in case of a layer-2 loop in user network, the same will affect the server part also.
keep core as STP root and VTP transparent mode.

these are my view, just consider this too..

~Unni