Solved: pvst with multiple root bridges

Roberto Kippins · ‎02-26-2014

Hi i just want to verify if i am going right now i have two 3550,s that are routing traffick to some asa5505 firewals but at the same time i want vlan 100 and 200 to use one of the 3350 as the root bridge and the other two vlans to use the other 3550 as their root but since the 3550' are routing where would i configure the interface vl for each vlan so the hosts can use as their gateway or i should say which switch should i configure the interface vlan should i do it on one switch or i would have to do 2 on one switch on 2 on the other.

glen.grant · ‎02-26-2014

You would create them on both and use hsrp and make the hsrp active side the side where the root bridge for the particular vlan is located.

View solution in original post

Furose M · ‎02-26-2014

If you are not going to use hsrp/VRRP, you will only achieve layer 2 redundancy and the routing is always going to happen in 1 switch.

My suggestion would be:

configure the switch which is Root for a specific VLAN as HSRP/VRRP active / master.. this way you would achieve the perfect layer 2 and layer 3 redundancy.

View solution in original post

glen.grant · ‎02-26-2014

You would create them on both and use hsrp and make the hsrp active side the side where the root bridge for the particular vlan is located.

Roberto Kippins · ‎02-26-2014

so ill use all the .1 ip address as the virtual ip makes sense ill try this out and repost thanks

Furose M · ‎02-26-2014

If you are not going to use hsrp/VRRP, you will only achieve layer 2 redundancy and the routing is always going to happen in 1 switch.

My suggestion would be:

configure the switch which is Root for a specific VLAN as HSRP/VRRP active / master.. this way you would achieve the perfect layer 2 and layer 3 redundancy.

Roberto Kippins · ‎02-27-2014

okay i have everyting setup and we can browse the internet and so forth on all vlans but just one more problem i need to have sorted out the hosts on one vlan cant ping another host on a different vlan but they can ping all the vlan interfaces and the hsrp virtual ip addresses on all vlans cant access any shared folders either i need this to work because i have servers and need to be accessed over the network

Jon Marshall · ‎02-28-2014

Roberto

If the hosts have their default gateways set correctly to their respective HSRP VIP for their vlan then check the hosts to see if they are running a host firewall.

Jon

Roberto Kippins · ‎02-28-2014

they have firewalls and used to ping eachother when they were on the same subnet.

Jon Marshall · ‎02-28-2014

So the clients and servers definitely have the right default gateways set ie. the HSRP VIP for their vlan ?

Can post from one of the 3550 switches -

1) "sh standby brief"

2) "sh int trunk"

Also from the same switch can you -

1) choose a client in vlan that cannot ping a server in another vlan

2) from the same switch as above can you do an extended ping to the client using the source IP of the L3 vlan interface for the server vlan and see if it works.

Jon

Roberto Kippins · ‎02-28-2014

ok well no matter which vlan i connect a host it cant ping hosts in any other vlan but can ping all teh vlan interfaces and vip's

Jon Marshall · ‎02-28-2014

Roberto

There's not much i can say to this because you didn't post any of the outputs i asked for and didn't answer the question about the default gateways being used by the clients/servers.

Jon

Roberto Kippins · ‎03-01-2014

hey thanks guys i just rebooted the switches and everything is now working fine thanks for all your help