Ok, I'll preface this by telling everybody that I _know_ how poor a configuration this is, and this is why I've been brought on; to redesign the network and make the transition as smooth as possible.
Network currently consists of flat vlan (Vlan1) with 1200 webhosting servers; each with 5-256 IP's. All IP's are bound to Vlan1 on a Hybrid 6506/MSFC, hosts are connected through 2900-5505's.
I am looking to take multiple c3550 (or other, upon suggestion) and segment the network into 3-4 sections. Every server port will belong to a VLAN, aggregate via dot1q to the 3550, and then route to the core layer3 w/ no trunking.
The issue which has come up is this. On an existing 3550 I have a number of SVI's with /29+ IP's bound, as well as a Vlan1 with a number of (30ish) /29+ allocations. This was done in the hopes of moving the Vlan1 /29's to the dedicated SVI once their home switch is trunked and assigned VLANs.
After hitting approx 30 VLSM secondary IP's on Vlan1, I am exhausting the InAcl TCAM Mask resources (currently 208); as soon as this happens the switch is nailed at 90-99% CPU and begins dropping packets.
Below is my current tcam stat:
dnow-vlan-agg-001#sh tcam inacl 1 stat
Ingress ACL TCAM#1: Number of active labels: 36
Ingress ACL TCAM#1: Number of masks allocated: 199, available: 9
Ingress ACL TCAM#1: Number of entries allocated: 823, available: 841
There are no custom ACL's on the switch, just standard SVI's, FE dot1q trunks and TACACS.
I have tried sdm prefer routing to no avail (this actually left me with fewer mask resources)
Also, the end goal here is to have approximately 500 servers per 3550, trunked via the 5500's (~500 SVI's per 3550)
Can anybody provide recommendations or warnings on the broken configuration or planned configuration; from what's happening now I'm thinking that it's not going to work.
I noticed in some tech-docs that the 3550T's appear to have a higher mask resource limitation, so that may be a way to go. Really hitting a wall here and would appreciate any suggestions.
The only replies I've had were from a CCIE, asking me to forward any useful information I got from my posts to him, and from a peer in the industry who basically said the 3550's will die after approximately 350 VLANS, when using them to aggregate SVIs.
Not terribly encouraging, but I'm looking towards an older model 6500 to hopefull accomodate my needs.
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...