08-01-2006 05:51 AM - edited 03-03-2019 04:19 AM
Hello to all cisco ppl. This is my first "post" so plz be gentle.
I have 2 WS-C6503-E with ios v12.2(18).
I have allready setup etherchannel and i post here the configurations of the switches to tell me if they r correct,make suggestions and other.
My target is high availability,bandwith,security.
Ok let's go
Switch 1
ip-routing
ip slb Serverfarm www
predictor leastconns
real 201.xxx.xxx.2
inservice
real 201.xxx.xxx.3
inservice
ip slb Serverfarm dns
predictor leastcons
real 200.xxx.xxx.19
inservice
real 200.xxx.xxx.20
inservice
real 200.xxx.xxx.21
inservice
real 200.xxx.xxx.22
inservice
ip slb Serverfarm mail
predictor leastconns
real 201.xxx.xxx.33
inservice
real 201.xxx.xxx.34
inservice
ip slb vserver virtual_www
virtual 200.xxx.xxx.4 tcp 0
serverfarm www
no advertise
inservce standby w_vlan
ip slb vserver virtual_dns
virtual 200.xxx.xxx.23
serverfarm dns
no advertise
inservice standby d_vlan
ip slb vserver virtual_mail
virtual 200.xxx.xxx.35
serverfarm dns
no advertise
inservice standby m_vlan
interface gigabitethernet range 2/18
switchport
switchport mode access
switchport access vlan 12
no ip address
speed 1000
duplex full
spanning-tree portfast
interface range gigabitethernet 2/20-21
switchport
switchport mode access
switchport access vlan 13
no ip address
speed 1000
duplex full
spanning-tree portfast
interface gigabitethernet range 2/16
switchport
switchport mode access
switchport access vlan 14
no ip address
speed 1000
duplex full
spanning-tree portfast
interface vlan 12
ip address 200.xxx.xxx.10 255.255.255.240
ip route-cache flow
standby 12 ip 200.xxx.xxx.11
standby 12 priority 150
standby 12 preempt
standby 12 name w_vlan
interface vlan 13
ip address 200.xxx.xxx.26 255.255.255.240
ip route-cache flow
standby 13 ip 200.xxx.xxx.27
standby 13 priority 150
standby 13 preempt
standby 13 name d_vlan
interface vlan 14
ip address 200.xxx.xxx.38 255.255.255.240
ip route-cache flow
standby 13 ip 200.xxx.xxx.35
standby 13 priority 150
standby 13 preempt
standby 13 name m_vlan
Switch 2
The slb conf is the same.
interface gigabitethernet range 2/19
switchport
switchport mode access
switchport access vlan 12
no ip address
speed 1000
duplex full
spanning-tree portfast
interface range gigabitethernet 2/22-23
switchport
switchport mode access
switchport access vlan 13
no ip address
speed 1000
duplex full
spanning-tree portfast
interface gigabitethernet range 2/17
switchport
switchport mode access
switchport access vlan 14
no ip address
speed 1000
duplex full
spanning-tree portfast
interface vlan 12
ip address 200.xxx.xxx.12 255.255.255.240
ip route-cache flow
standby 12 ip 200.xxx.xxx.11
standby 12 priority 150
standby 12 preempt
standby 12 name w_vlan
interface vlan 13
ip address 200.xxx.xxx.28 255.255.255.240
ip route-cache flow
standby 13 ip 200.xxx.xxx.27
standby 13 priority 150
standby 13 preempt
standby 13 name d_vlan
interface vlan 14
ip address 200.xxx.xxx.39 255.255.255.240
ip route-cache flow
standby 13 ip 200.xxx.xxx.35
standby 13 priority 150
standby 13 preempt
standby 13 name m_vlan
Okei. Will inter-vlan routing work or do i need to add :
router eigrp
network 200.xxx.xxx.xxx
Thanx from advance.
08-01-2006 05:54 AM
InterVlan should be work since your VLAN interfaces are connected L3 interfaces on your multilayer switch.
If you don't need advertise your VLANs you don't need EIGRP, anyway if you want to access to VLANs from other subnets, which is not directly connected to this swicth you need EIGRP (or other dynamic routing protocol)
bye
FCS
Please rate me if I helped.
08-01-2006 06:00 AM
just issue command "ip routing" on switch2, in HSRP configuration you have confiuger the all vlan interface with the same Priority so just change the priority of one siwthc or you can have load balncinging also ...all other configuration looks okay...
rate this post if it helps
regards
Devang
08-01-2006 06:12 AM
Yes i must change the priorities in the second switch.
Do i need to issue ip routing command on the second switch too ?
I also use spanning-tree and mls.
1)Since the ip's r public i don't need to advertise them, is this correct ?
2)The ip's on the virtual servers could be anything i like e.g 192.168.1.x ?
08-01-2006 06:16 AM
Yes, you need enable routing (ip routing) on your second switch also. Anyway no traffic will traverse between VLANs.
bye
FCS
Please rate me if I helped.
08-01-2006 06:22 AM
U mean i will cannot ping servers from vlan 12 to vlan 13 ?
08-01-2006 06:22 AM
hi...
yes first of all change your priority for HSRP so one will become active and other standby...
yes "ip routing" enable the routing on multilayer switches...
about public IPs its depends... but yes you have to advertise in your local topology so each and every host can reachble to each other...
and as per SLB concern you need to assing IP addresses to the actul server and virtual IP reperesneting the all the actul server... client send the requrest to Virtual IP address ... and that request heandle by the SLB switch and send the request to the appropriate server on the basis of your SLB configuration...SLB is some wht like NAT and PAT... so you have to be carefull during the assignment of your Virtual IP address and make sure you have advertise your Virtual IP address so any client from internal network as well as form other network can reach to the server...
hope this will helps you
rate this post if it helps
regards
Devang
08-01-2006 06:27 AM
Okay, on switch 2
interface vlan 12
ip address 200.xxx.xxx.12 255.255.255.240
ip route-cache flow
standby 12 ip 200.xxx.xxx.11
standby 12 priority 200
standby 12 preempt
standby 12 name w_vlan
interface vlan 13
ip address 200.xxx.xxx.28 255.255.255.240
ip route-cache flow
standby 13 ip 200.xxx.xxx.27
standby 13 priority 200
standby 13 preempt
standby 13 name d_vlan
interface vlan 14
ip address 200.xxx.xxx.39 255.255.255.240
ip route-cache flow
standby 14 ip 200.xxx.xxx.35
standby 14 priority 200
standby 14 preempt
standby 14 name m_vlan
Ι will also delete the no advertise command so hosts from different vlans can ping each other.
08-01-2006 06:46 AM
yes now its look okay... actully if you configure the different vlan interface and not enable "ip routing" then no vlan can communicate as ip routing enable the layer-3 routing on switches... so after fireing this ip routing command you can make communication between two different vlan...
hope this helps you
remember to rate all the posts..
regards
Devang
08-01-2006 08:03 AM
What default gw the servers in the vlans must have ?
08-01-2006 08:16 AM
you can configure server with the default gateway as the virtual interface IP address...
regards
Devang
rate this post if it helps
08-01-2006 09:24 PM
Hi
Just to point out arent the Vlan interfaces on the same subnet.vlan should have differnet subnets i assume.
Thanks
Mahmood
08-02-2006 12:03 AM
well i choose 200.xxx.xxx.0/240 for vlan 12,13,14. What is wrong of that ?
Also if i have mls commands like
mls flow ip full
mls qos
mls verify ip length mimimum
mls verify ip length maximim
is it necessary to issue ip routing command to have inter vlan communication ?
08-02-2006 02:17 AM
yes... what ever IP address you use in your VLAN you need to enable routing inorder to make you intervlan routing working properly...
so please enter command...
"ip routing"
regards
Devang
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: