Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Need info on VSS with FWSM & ACE Design/Implementation

I am currently working on a Lab setup which would eventually become a CoE lab after some point of time.

I have attached a ppt which shows the current BOM in distribution/service layer. Based on the hardware i have worked out a model in which setup is being planned to be implemented/installed.

I have got 2 6509 with VSS compatible sup hence i m going for VSS between the switch pair.

In addition to that i have got 4 FWSMs there comes my doubt whether to have 4 of them in the chassis since it will become 4 FWSM blades in one logical chassis. I have gone through the IOS/software version compatibility to have these services modules with VSS so IOS/software version is not a worry here. Just to incorporate the best practices being followed and challenges if we go with 4 FWSM blades in vss mode.

Also with this i have 2 ACE modules since i am bit of alien to ACE modules i m finding bit difficult to find a breakthrough on whether to go with Active/Standby or Active/Active FO.

Since it's a lab setup it has around 12 zones (security zones) with server, storage, authentication occupying each zones and others fall under management (server/network etc.,)

Pls do revert back if you require more info about the setup.

Any help on this will be appreciated.

TIA

Edwin

5 REPLIES
New Member

Re: Need info on VSS with FWSM & ACE Design/Implementation

Hi Edwin,

In VSS setup, only 6700 series modules with Centralized Forwarding card (CFC) and

6700 series modules with Distributed Forwarding Card (DFC) 3C or DFC3CXL are supported.

So your module WS-6148A-GE-TX is not supported on VSS.

I will recommend to go with Active/Standby as it is easier to troubleshoot and configure.

Rgds,

Christophe

Re: Need info on VSS with FWSM & ACE Design/Implementation

Hi Chritophe

Thx for ur response.It really helps me to get started with my lab setup.

This is just the BOM and vague details which i recieved from the team. Yet to see the gears or started configuring the gears yet.

Though an HLD was prepared for this lab setup there are no proper references related to FO (in FWSM or ACE modules) mentioned in the doc and the team which wrote the doc is busy with other project abroad.

I opted to go in with multiple contexts to have 2 different contexts active in 2 FWSM modules and 2 other modules backing them up.

But not sure with the ACE module, whether to run the same in Active/Standby state.

Any suggestions or inputs on that section (ACE) will be helpful.

Thx

Edwin

New Member

Re: Need info on VSS with FWSM & ACE Design/Implementation

I would recommend to run Active/Standby on both the FWSM and the ACE.

So all the context (FWSM + ACE) are active on Switch 1 and standby on Switch 2. To make sure your standby FWSM and ACE are working you could have the Admin context active on Switch 2. It's a bit like Active/Active.

In this way, it is much easier to troubleshoot and configure contexts as you know the traffic flow and on which switch are the active contexts.

Rgds,

Christophe

Re: Need info on VSS with FWSM & ACE Design/Implementation

Hi Christphe

Is the VSS limited/compatible only with 67XX series line cards or even with WS-X6548-GE-TX with WS-F6K-DFC3?

Thx

Edwin

New Member

Re: Need info on VSS with FWSM & ACE Design/Implementation

Hi Edwin,

Requirements for VSS are 6700 series modules.

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/prod_qas0900aecd806ed74b.html

Rgds,

Christophe

958
Views
4
Helpful
5
Replies