cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1375
Views
4
Helpful
5
Replies

Need info on VSS with FWSM & ACE Design/Implementation

spremkumar
Level 9
Level 9

I am currently working on a Lab setup which would eventually become a CoE lab after some point of time.

I have attached a ppt which shows the current BOM in distribution/service layer. Based on the hardware i have worked out a model in which setup is being planned to be implemented/installed.

I have got 2 6509 with VSS compatible sup hence i m going for VSS between the switch pair.

In addition to that i have got 4 FWSMs there comes my doubt whether to have 4 of them in the chassis since it will become 4 FWSM blades in one logical chassis. I have gone through the IOS/software version compatibility to have these services modules with VSS so IOS/software version is not a worry here. Just to incorporate the best practices being followed and challenges if we go with 4 FWSM blades in vss mode.

Also with this i have 2 ACE modules since i am bit of alien to ACE modules i m finding bit difficult to find a breakthrough on whether to go with Active/Standby or Active/Active FO.

Since it's a lab setup it has around 12 zones (security zones) with server, storage, authentication occupying each zones and others fall under management (server/network etc.,)

Pls do revert back if you require more info about the setup.

Any help on this will be appreciated.

TIA

Edwin

5 Replies 5

ccardon
Level 1
Level 1

Hi Edwin,

In VSS setup, only 6700 series modules with Centralized Forwarding card (CFC) and

6700 series modules with Distributed Forwarding Card (DFC) 3C or DFC3CXL are supported.

So your module WS-6148A-GE-TX is not supported on VSS.

I will recommend to go with Active/Standby as it is easier to troubleshoot and configure.

Rgds,

Christophe

Hi Chritophe

Thx for ur response.It really helps me to get started with my lab setup.

This is just the BOM and vague details which i recieved from the team. Yet to see the gears or started configuring the gears yet.

Though an HLD was prepared for this lab setup there are no proper references related to FO (in FWSM or ACE modules) mentioned in the doc and the team which wrote the doc is busy with other project abroad.

I opted to go in with multiple contexts to have 2 different contexts active in 2 FWSM modules and 2 other modules backing them up.

But not sure with the ACE module, whether to run the same in Active/Standby state.

Any suggestions or inputs on that section (ACE) will be helpful.

Thx

Edwin

I would recommend to run Active/Standby on both the FWSM and the ACE.

So all the context (FWSM + ACE) are active on Switch 1 and standby on Switch 2. To make sure your standby FWSM and ACE are working you could have the Admin context active on Switch 2. It's a bit like Active/Active.

In this way, it is much easier to troubleshoot and configure contexts as you know the traffic flow and on which switch are the active contexts.

Rgds,

Christophe

Hi Christphe

Is the VSS limited/compatible only with 67XX series line cards or even with WS-X6548-GE-TX with WS-F6K-DFC3?

Thx

Edwin

Hi Edwin,

Requirements for VSS are 6700 series modules.

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/prod_qas0900aecd806ed74b.html

Rgds,

Christophe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco