I am involved in fixing a issue with the Vlan and stuffs with the 3 Cisco switch which sits in the core and rest of the other 25 switches which connects Cisco are 3com and HPs.
As we see in the attached diagram, they have 3 switches without proper VTP setup. I can see 3500 being enabled as server without any domain name. The other 3750 and 2950 are in Transparent mode and have the same domain name. So, I guess the VTP is not propagating properly.
The network is having 3 connection to the outside world. One is they have their own PIX firewall, next they have a link with other corporate office and from their they connect with the outside world. They have other set of legacy servers and stuffs which then connects to the outside world using ATM. Even though they have their own PIX, I found most of the traffic takes the other corporate office link for the outside world.
I see Vlan 10, 20, 25, 30, 40, 50 and 55 on 3750 Switch and Vlan 25, 55, 60, 70, 80 and 90 on 3550 switch. In this Vlan 25 and 55 is having the same range of IP address like 10.10.25.0/24 and 10.10.55.0/24. All the servers are located in Vlan 25.
1. In the morning hours when I did ping t I can see the round about time is 800 900 micro seconds when is ping a pc which is connected on the ATMs end. The traffic doesnt take the ATM but it takes the corporate link.
2. I connected my laptop to Vlan 25 and asked to do a tracerouter from the ATM links end. Then got the output of the tracerouter, I can see the packet reaches thro the other corporate link and junps inbetween the layer 3 switches 10 times. I understand there is a routing loop, but I went thro the config nothing is there.
3. They have used OSPF in one of the switches for inter vlan routing and ip routing on the other switch.
4. They say the delay is minimal when the internal systems takes the ATM link for an particular application which runs at the other end of the ATM link. So, as a temporary fix they are asking to push all the internal traffic to use the ATM link if they need to process that particular application. If possible can any one suggest me.
Since, all the applications are up and running and in production, the higher heads needs to avoids any downtime. They wants every thing to be fixed on the fly without affecting the production. I am literally confused and even surprised to see such a big concern doesnt even have proper documentation.
Regarding the VTP configurations. The default VTP domain is NULL or empty. If 2 switches are configured for VTP in transparent mode "they don't actively participate" in the VTP process as the client - server model.
If you need to adjust the way the traffic is forwarded you can either modify the metrics of the routing protocol to ensure that the ATM link has a betther "cost" or you can institute PBR - Policy Based Routing.
From your diagram, I see a firewall in place. Will routing traffic via the ATM link bypass the established security policy?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...