Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Redundancy Design Help - Existing Core (6506E in VSS) with New Core 6800 in VSS

Dear All,

This is regarding redundancy between two cores with VSS.


Present Setup - Attached here

1. Two 6506E in VSS

2. FWSM Module

3. 4506E in access layer.

Two uplinks from each access switch are connecting to each core and gateway for user is configured in FWSM.


New Setup

1. Two 6807 in VSS

2. New 4506 in Layer.


Now, I need to achieve full redudancy, in case present core (VSS) is down then traffic should go via new core (VSS). So we will connect four uplinks from each access switches to both core, two uplinks on present core and two uplinks on new core so physically we can achieve redundancy.

Now, issue here is gateway, if present core is down then no gateway is available for users. So need solution for this.


One solution is ..

Remove FWSM and configure vlan interface on switch which will be the gateway and run HSRP between present and new core.


I need some solution with FWSM. If we add two modules in new core, but how we can achieve redundancy? Please help.


Thank You,



VIP Super Bronze

Hi,This design will require


This design will require serious testing. I have never seen or deployed 2 VSS cores for access switches, as one VSS core will provide enough redundancy specially since you are using 6800 and/or 4500 series switches. They can be deployed with multiple power supplies, fan trays, sups, etc..

The other thing you have to remember is if you have 2 sets of VSS for the core and you are running VRRP or HSRP between them, you now have to use STP, as you have a physical loop. The whole idea behind VSS is not to use STP, VRRP or HSRP, but your scenario will put all those back in to the design.


New Member

Dear Reza,Thank for your

Dear Reza,

Thank for your reply. 

I agree with you to regarding VSS. But this is customer requirement to give full redundancy.


As per my thinking, there are two uplinks to each core from access so we will create portchannel from each access switch to each core so we have two port channel from access layer to core and run hsrp between two core. In this case we dont have to worry about STP. What do you suggest?


With FWSM, we can not achieve this redundancy.


Thank You,


CreatePlease to create content