Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

data center Design

hi,

if  you need to design a large campus area network with two 6500 and edge  switches and distribution switches what will be the best design

1. is it better to etherchannel two 6500 at the core OR is it better to run routing protocol between both the cores

2. is it better to etherchannel core switches to distrubution or run routing protocol between them ?

3. is it better to etherchannel distrubution switches to access switches or run routing protocol between them?

basically i want to know where to run routing protocol between in the cisco 3 layer architecture ?

thanks

2 ACCEPTED SOLUTIONS

Accepted Solutions
Silver

Re: data center Design

Look good but I want to suggest minor changes

-----------1. use two 6500 as core and run routing protcol (either ospf or eigrp)

I am not sure about the price range of Nexus 7Ks, if they are in the same range as 6500 I will sugget to go with 7Ks.If they are not then try to buy 6500 s with VSS-SUP modules.

--------------------2. a. use two 3750 as distrubution / aggregation as run routing  protocol between 6500 and 3750 (dual connecting to each 3750 from each  core)

    b. run a port channel between two cisco 3750 (layer 2)

3. use cisco 2960 as layer 2 between distribtuion and access (hsrp on 3750 to access layer)?

If you are planning on using 3750G or 3750X switches for distribution/aggregation layer, then you can stack those  switches and connect the servers or users directly to the 3750s and completely eliminate the access layer.------This will act as distribution/aggregation/access layer

------------------also where will i terminate the firewalls ? or the core or on distrubution ?

You can connect the firewall between your Core switches and exit router

HTH

Siddhartha
Cisco Employee

data center Design

You can enable HSRP, but it would function just like if you enabled HSRP on 1 router.  So no issues there, but if you don't have an HSRP peer its just providing an extra IP address.

22 REPLIES
Hall of Fame Super Gold

data center Design

New Member

data center Design

yes i thought i posted in the wrong place...i thought you would provide me an asnwere instead of just sayng duplicate post !!!!!

Hall of Fame Super Gold

data center Design

i thought you would provide me an asnwere instead of just sayng duplicate post !!!!!

Delete one of the two (duplicate threads) and I'll post something technical to your issue.

PS:  It's night time now.  So I'll post when I wake up tomorrow.

New Member

data center Design

sorry how do i delete a thread..never had to do this before..

Hall of Fame Super Gold

data center Design

Go to the other thread you've posted.  Upper right-hand corner under the Actions window there's an option to DELETE.

Hall of Fame Super Gold

data center Design

I've requested the OTHER thread be deleted. 

Hall of Fame Super Gold

Re: data center Design

1. is it better to etherchannel two 6500 at the core OR is it better to run routing protocol between both the cores

2. is it better to etherchannel core switches to distrubution or run routing protocol between them ?

BOTH.  You can run either a Layer 2 or Layer 3 etherchannel.  So it doesn't matter.  But deploying an etherchannel (1 Gbps, 10 Gbps, 40 Gbps, 100 Gbps) is a no-brainer.

Whether or not you want to run Layer 2 or Layer 3 etherchannel, in my opinion, depends on the desig and the size of your network.  If you have a clean sheet of paper then I'd think 20 years in the future.  I'll enable Layer 3 (IPv6 if possible) to all my switches.  Layer 3 etherchannel and fibre optic to the uplink.

New Member

data center Design

so on the core you say to run layer 2 or layer 3 etherchannel - ok say if i am gong with layer 3 etherchannel then do i run any routing protocol between them ?

2. considering its a big network - then  i run routing between core and distribution switches ?

3. and do i run layer 2 between distribution and access layer ?

Hall of Fame Super Gold

data center Design

3. and do i run layer 2 between distribution and access layer ?

If I was designing a network, I'd run Layer 3 etherchannel, PERIOD.

The main point-of-contention is the COST.  If I was to deploy a Layer 3 all the way down to the access layer then I need to have a switch that will support routing.

Whether or not you should run Layer 2 or Layer 3 is all up to you and how to push a business case about this.

New Member

data center Design

what is cisco best practise?

Silver

data center Design

According to Ciso best practices VLAN localization is the best option, this will lead to 2 designs

1.Routed distribution layer

2. routing upto access layer.

Option 2 is costlier than option 1 and buliding a routed 3750 stack is an example of option 2.

"------1. is it better to etherchannel two 6500 at the core OR is it better to run routing protocol between both the cores"

If you configure any VLANs on the core (Collapsed core distribution model)  then you would need layer 2 ether channell for HSRP but its not a best practice.So a layer 3 ether channel with routing protocol ( either EIGRP or OSPF)

"-------2. is it better to etherchannel core switches to distrubution or run routing protocol between them ?"

Cisco recommends to create a layer 3 distribution block for each IDF (or for building based on your design) and a layer 3 distribution block for the Data Center (based on the size of your datacenter you can add its own core switches)

So a layer 3 ether channel with routing protocol( EIGRP or OSPF ) between core and distribution switches.

"-------3. is it better to etherchannel distrubution switches to access switches or run routing protocol between them?"

If you go with option1-routed distribution and layer 2 access layer then you will need a layer 3 ether ether channel (EIGRP or OSPF) betwwen 2 distribution switches for routing redundancy and layer 2 ether channel for HSRP and layer 2 redundancy.You can connect each access layer switch with both the distribution switches and STP to avoid loops.

If you go with option 2 -Routed access layer then there won't be any STP and you will run routed links between distribution and access layer. You can uses a pair of 4506 switches or 3750 stack switches for this whole stack acts as a Distribution/access layer.

Siddhartha
Bronze

Re: data center Design

I would recommend that you keep it simple.  If your going to run L3, then I wouldn't recommend L3 etherchannels.  Routing protocols are pretty fast at detecting failures, and if you concerned with increasing the speed, use BFD on the direct links.  Equal Cost Multipath (ECMP) is capable of using multiple equal cost L3 links for traffic distribution.

So, here's what I would recommend:

1.  Do you need VLAN's to be accessible on multiple access switches?

If no, then use multiple L3 links to the access and use OSPF/ISIS (and possibly BFD) to ECMP over all of the links.  By using individual L3 links, you can also connect to multiple distribution switches.

If yes, then use L2 port-channel or vPC (multi-chassis port-channel) from distribution to access.

2.  Always use individual L3 links in the Core and the distribution if possible.

Again, if you have multiple links, and you add port-channels, and then add routing protocols, it get's more complicated, and more things can break.  Let the routing protocols do there job.

Dan

New Member

data center Design

so this is what my understanding is from the posts above. please correct me if i am wrong

considering the cost is not an issue and business is willing to invest in what ever devices we want .

i will go by the cisco 3 layer architecture:

1. use two 6500 as core and run routing protcol (either ospf or eigrp)

2. a. use two 3750 as distrubution / aggregation as run routing protocol between 6500 and 3750 (dual connecting to each 3750 from each core)

    b. run a port channel between two cisco 3750 (layer 2)

3. use cisco 2960 as layer 2 between distribtuion and access (hsrp on 3750 to access layer)?

will this work ?

also where will i terminate the firewalls ? or the core or on distrubution ?

Thanks

Silver

Re: data center Design

Look good but I want to suggest minor changes

-----------1. use two 6500 as core and run routing protcol (either ospf or eigrp)

I am not sure about the price range of Nexus 7Ks, if they are in the same range as 6500 I will sugget to go with 7Ks.If they are not then try to buy 6500 s with VSS-SUP modules.

--------------------2. a. use two 3750 as distrubution / aggregation as run routing  protocol between 6500 and 3750 (dual connecting to each 3750 from each  core)

    b. run a port channel between two cisco 3750 (layer 2)

3. use cisco 2960 as layer 2 between distribtuion and access (hsrp on 3750 to access layer)?

If you are planning on using 3750G or 3750X switches for distribution/aggregation layer, then you can stack those  switches and connect the servers or users directly to the 3750s and completely eliminate the access layer.------This will act as distribution/aggregation/access layer

------------------also where will i terminate the firewalls ? or the core or on distrubution ?

You can connect the firewall between your Core switches and exit router

HTH

Siddhartha
New Member

data center Design

thanks for this.

1. just wondering if i am going to use routing protocol between the 6500 (not nexus ) then why do i need a vss sup module as i will not be vss this ?

2. all the servers, do they connect back to distrubution or access layer ?

3. and the firewalls you mentioned, do they connect directly to the core or distribution layer ?

Silver

data center Design

----------------1. just wondering if i am going to use routing protocol between the  6500 (not nexus ) then why do i need a vss sup module as i will not be  vss this ?

You are right. Since you are using layer 3 links between core and distribution you won't get any benifit other than single point of management.

----------------2. all the servers, do they connect back to distrubution or access layer ?

How big is your data center?

If its small, you can use 3750s as the core for the entire data center and for the access layer you can use 3560G or 2960 switches and connect servers to the access layer switches.

if datacenter is mediam in size and expecting growth in next 5 years then I would suggest atleast go with 5020 or 5548s at the core of the data center and use 2Ks to connect servers.

---------------3. and the firewalls you mentioned, do they connect directly to the core or distribution layer ?

What do you want to achieve with the firewalls?

Siddhartha
New Member

data center Design

so,

1. i dont need vss if i am using routing between two core's, isnt it ?

2. firewall - its mainly to reach outside world - but just wondering if it should be connected to core or to distribution layer

how will you design if you have to connect about 100 datacenter servers (can webservers, dmz, application servers ) with an external internet connection through a firewall ? what devices will you use ?

its jsut for my learning and not on an production environment - so would like to know cisco best practice.

Thanks

Silver

data center Design

------------1. i dont need vss if i am using routing between two core's, isnt it ?

                   YES

2. firewall - its mainly to reach outside world - but just wondering if it should be connected to core or to distribution layer

One interface of the firewall goes to the end router that connects to your ISP, one of the other 2 interfaces goes to LAN (core switch) and the other one goes to DMZ (webservers)

---------------how  will you design if you have to connect about 100 datacenter servers  (can webservers, dmz, application servers ) with an external internet  connection through a firewall ? what devices will you use ?

Its really based on the BUDGET

Medium size company (100 Servers) 

2 - 6500s CORE of the entire comany ( with 10G cpable Sup engine)- helps you to expand in future

2 - 5548s Core of the data center--  1G/ 10Gig layer 3  uplinks to core (6500s) --This will give layer 2 expandability in DC

Nexus 2Ks for the 1G server connectivity

Siddhartha
New Member

data center Design

just 1 last question

if i enable vss, can i have hsrp as well (i know if you enable vss, its logicaly 1 switch but just wondering if hsrp can be enabled and any problems caused by this ?)

Thanks

Cisco Employee

data center Design

You can enable HSRP, but it would function just like if you enabled HSRP on 1 router.  So no issues there, but if you don't have an HSRP peer its just providing an extra IP address.

New Member

data center Design

thanks for this

1555
Views
0
Helpful
22
Replies
CreatePlease login to create content