Hmmm... Our experience with Bay switches has been quite positive,
though we wouldn't let a Bay router in the door without adjusting
it with a hammer and Bay access servers only squeak thru because
they're really Annexes.
Anyway, we've used secondaries going into etherswitches with no
problem, our current setup has 19 secondaries on one 7500 fastethernet,
going into a non-vlan'd switch, 26 scondaries on another that has
two or three vlan's, they used to all be one one, but it got a little
crazy when there was a problem with the colo ethernet switch tree.
The A#1 switch problem is auto-detect failure or misconfiguration
where you mismatch 100HDX & 100FDX ports, there have been occasional
problems with input-only interfaces or misbehaved boxes trying to
proxy-arp the world. Starting from scratch per-customer vlans and
tagged sub-if's on the router seems really tempting.
I don't know why they wouldn't implement subinterface SNMP, there'
the same problem with SMDS, no way to measure traffice w/o putting
in a bunch of do-nothing rate-limits. If you want more reason
for frustration, note that the CAT5500 RSM vlan implementation
does provide a separate interface & counters per-vlan. 8-(
> From cisco-nsp-request@puck.nether.net Thu Oct 28 14:29:47 1999
> Resent-Date: Thu, 28 Oct 1999 14:35:48 -0400
> Received-Date: Thu, 28 Oct 1999 14:13:11 -0400
> Delivered-To: <cisco-nsp@iagnet.net>
> X-Sender: (Unverified)
> X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.1
> Date: Thu, 28 Oct 1999 14:07:03 -0400
> To: cisco-nsp@iagnet.net
> From: Kai Schlichting <kai@pac-rim.net>
> Subject: Re: [nsp] questiont seondary ip address command
> In-Reply-To: <Pine.GSO.3.96.991028131506.7435H-100000@kds1>
> Mime-Version: 1.0
> Content-Type: text/plain; charset="us-ascii"
> Resent-From: cisco-nsp@puck.nether.net
> X-Mailing-List: <cisco-nsp@puck.nether.net> archive/latest/1672
> X-Loop: cisco-nsp@puck.nether.net
> Precedence: list
> Resent-Sender: cisco-nsp-request@puck.nether.net
>
> At 01:16 PM 10/28/99 -0400, Tatsuya Kawasaki wrote:
> >I was told that secondray ip address command is not recommend for
> >perm. network.
> >Does anyone have used command for perm. network and experiencing some
> >problem?
> >
> >Tatsuya
>
> yes. I had an issue with 11.1.17CC on a 7204 with FastEther (single),
> connected to a BayStack350T switch with several configured VLANs.
> I served the different VLANs from a switch port that was member of
> all VLANs (in Cisco-speak: trunk port, except that the Bay doesn't
> require trunking), with the FastEtherX/0 port having secondary
> IP's for every VLAN.
>
> In some instances my inter-VLAN traffic going through the router would
> mysteriously drop to a measly <500Kbps (!), despite the router not
> breaking into sweat (cpu load: 2-4%). This also happened with
> some traffic coming out of a VLAN and hitting another (SerialX/X)
> interface on that 7204 - e.g.: not being re-sent out of the FastEther.
>
> I was too busy with upgrades and running a production network to play
> with this - the problem went away since I replaced the BaySwitch (f'ing
> unreliable pieces of sh*t ! One doesn't do IP MC right, the next one
> craps out if you load it with >20Mbps, the last one forgot it's management
> IP address every 24 hours!) with a 2926 (ok, that's quadruple price
> per port unfortunately, but at least its known to work), and do full
> VLAN trunking with ISL and FastEther subinterfaces. Everything's fine
> since then.
>
> Now someone tell me: why oh why did Cisco , in their infinite wisdom,
> chose to not show FastEthernet (ISL) subinterfaces as full interfaces
> via SNMP, as opposed to say: Frame Relay sub-interfaces ? I now
> have to add up and count VLAN traffic across the 2926 switch. Argh.
>
> Note that I consulted a CCIE friend of mine about this problem, and he
> was rather concerned. Didn't seem to be a regular occurrence, so this
> might work in your favor.
>
> bye,Kai
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:07 EDT