Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

New Network Design

Hi all,

At the moment our network infrastructure is made up of 6 x 3560-E's and 2 x Cisco ASA 5510, running in Active/Standby. The 3560's are interconnected via 2Gbs EtherChannel port groups as we were hitting bandwidth limits on the 1Gb ports. We have about 16 VLAN's running that are setup on sub-interfaces on the ASA's and trunked through to the switches. We have a whole load of Citrix XenServer's with bonded NIC's connected to the switches (ETH0 in Sw1, ETH1 in Sw2 for example).

We have recently purchased 2 x 4500-X to implement as Layer3 core switches, and drop the gateway level from the ASA's to these.

The main factor that i'm unsure of is what would be best to implement for resiliency on the core? Obviously the gateway IP for each VLAN that we'll be taking from the ASA can only run on one of the 4500's unless we can setup something like HSRP or VSS, both of which i'm not too clued up on....

I've attached a couple of diagrams to show how we have it setup at present, and what my planned design is. Just for clarification, each 3560 will be connected to the 4500's via 10Gb SFP+ connections.

Everyone's tags (6)

New Network Design


Nowadays the way forward would be to deploy this as VSS

So logically the 2 x 4500X become ONE switch, the links to the 3560s become MECs.

Spanningtree is no longer an issue/factor

Have look here:-

Keeping to the traditional HSRP will work too.

Please rate useful posts.

Regards, Alex. Please rate useful posts.