please i need your help of this:--
Our network is so big (approximate 250 site), and we decide to improve our core layer, because it is situation now is not efficient,
I will give you what exactly exist now, and the future looking,
The new topology is just prepared on paper (we depend on cisco recommendations on CCNP), and we need to implement it in real, because all the hardware needed exist,
So my Question to you that if you have any notes about the new topology as physical (connected lines);if we need to add or remove line in case we dont need it, and if there is possible to help me to do the best practice configuration to reach our goal,
we will focus at begging to the switching part with just static routing, and when everything will working fine, we will translate to dynamic routing(OSPF), and without looking to the security subject in this stage.
The existing case:- image1
About the distribution switch is working at layer2, and in vtp client mode, and all GECOL sites are connected via it, depend on the type of media, for example SDH fiber by using 2800 router connected to the distribution switch in some vlan, and in the remote site another 2800 router, or we can use microwave, or dark fiber so in the remote site there is 3750 switch worked at layer3 work as sub distribution switch then there is remote sites connected via it as 3750 working as access layer.
Both server farm switches are connected as in the image1,in vtp client mode, and there task just to connect the application servers, and they are working at layer3, and they have just one route (default route to the core switch).
The core switch, working at layer 3, and in vtp mode server, and approximately all GECOL gateways exist, except if there is remote site connected via router or via switch work as router, in that case the gateways are in that device, and there is default route to the core switch.
The future topology:- image2a
2,cisco 4507 worked in layer2, as a distribution switch, they are worked in separate form, and we will divide GECOL sites to 2 parts, one part connected to first 4507sw,and the second part to the second 4507sw, the idea of this, is just to divide the load to those 2 switches, and if one switch down so the part connected via it will be isolated, until the switch be up, or we need to move all sites physically and connect them to the second 4507sw, and they will be in vtp client mode.
2,server farm switches, they will work at layer 2, and in vtp client mode, and we have 2 scenarios of this at image 2a, we will divide the application servers to 2 parts, and the idea of this to divide the load between the server farm switches., The second scenario at image2b, the application servers will be connected at shared point between the 2server farm switches, the idea of this to make full redundancy for all application servers,
2,core switches, they are working at layer 3, and about vtp mode, I don’t know if we will put only one as a server, or both of them, and HSRP will be enabled on them, and we will let core1 active for the sites connected to first 4507, and passive to the sites connected to the second 4507, and the reversible for core2, and I don’t know if GLBP or VRRP protocols are better to use,
And about spanning-tree, I don’t know if it is better to use rpvst or mst,,,,,,, and when I tried to go deeply of which switch will be the root primary bridge and secondry,, and let the idea of spanning tree work together with the idea of HSRP, I find some confuse, and also if there is any port we have to let it not participate in spanning-tree, or I have to put it in uplinkfast mode, and to deny some switches to become root even they have the ability to that,,,,, and about the aggregation I think LACP, is best.
Now I am working about all these things, and really I will appreciate any recommendations, or note to let the way is clear for me,
Thank you very much,
The spanning tree protocols recommended in the data center design are 802.1w-Rapid PVST+ and 802.1s-MST. Both 802.1w and 802.1s have the same quick convergence characteristics but differ in flexibility and operation.
Cisco also recommends using Link Aggregation Control Protocol (LACP) as the link aggregation protocol for EtherChannel configurations.
HSRP tracking of an interface can be used to control switchover of the primary default gateway between aggregation switches.
I did updated your diagram.
Hope this help.
Beyond Agg Switches things should be L3 so Spanning tree is not required on Core switches . Routing will take care of redundancy . Spanning tree is baically required where we have vlans configured in this case Farm Sw1/2. For loadbalacning purpose you can have Root to SW1 for 50 % vlan and SW 2 can be root for rest of the 50 % vlans.
So redundancy will be like this - if core 1 goes down routing will forward packet to Core 2.
if farm switch 1 goes down then switch 2 will be active.
Hope this helps.
now i will apply your explain and try to connect all the ideas
and sorry becuse the image didnt attached about my last Q
Ok Let me explain the packet flow. From server which is connected to 3750 SW3 Default gateway would be Interface Vlan Standby IP on Farm SW2/SW1.HSRP standby should be active on the Root.
For example say if you have Vlan 10,20,30,40.
10 and 20 for them Farm sw 2 can be root and for 30 and 40 say sw 1 is the root . From 3750 two links goes to Farm Switch based on root only one link will be active. Say if for 10 and 20 root is Farm SW2 then link between 3750 to sw 2 will be active.
So not we reach on Farm SW2 from here routing will take place.
As you said static as of now mean two routes will be pointing to core swicthes.
ip route 0.0.0.0 0.0.0.0 126.96.36.199
ip route 0.0.0.0 0.0.0.0 188.8.131.52
Based on CEF per flow load balancing will work. From here again routing for customer network.
Say Farm switch 2 goes down ,All vlans will be active on SW1 and root will also shift.
Say Core 1 goes down then routing will happen via Core 2.
Regarding your question as i also mentioned spanning three is not required except Farm SW1/2 and 3750 sw1/2/3.
thank you Ajay and douhanm,
i appretiate your intersting,
now i am trying to conclude all availabe scenarios to acheave the Goal, becuse i get new point, i dont know if it is correct; that :- i need understand some of Data.Center desgin course, where is CCNP not enugh to reach to the ideal design, as soon as i complete, i will post the result, and mean while realy i need any new ideas,
thank you so much,
and Happy New Year For All.
I would stay away from MST because when you add a new vlan your stp domain will converge wich is not nice in the DC, I doubt anyone uses that and whoever does does not understand how it works properly.
Sent from Cisco Technical Support iPad App
Whenever we create MST instance say instance 1 ...instance 0 will be there by default and vlans those are not mapped with instance 1 will be part of instance 0. So adding vlans in MST do not cause any recalculation unless remapped to any instance.
Verification command to see what is mapped with instance 0 would be -
show spanning-tree mst config