[c-nsp] Failover with 3550-SMI
Marco Matarazzo
marmata at libero.it
Fri Nov 26 06:49:32 EST 2004
Ouch! You're very right, I read the document some time ago, but completely
forgot about it!
I see that you used 20 instances without problems... probably I'll never do
more than 30 on those, so I think it can ben done!
But I'll need to upgrade to EMI... :(
Did you ever tried something as in solution 3?
Thanks!
]\/[arco
----- Original Message -----
From: "Brian Turnbow" <b.turnbow at twt.it>
To: "Marco Matarazzo" <marmata at libero.it>; <cisco-nsp at puck.nether.net>
Sent: Friday, November 26, 2004 12:09 PM
Subject: RE: [c-nsp] Failover with 3550-SMI
If you don't configure a group , the 3550 puts you in the group 0 by
default.
You can configure 16 instances in each group but there are a lot of
limitations regarding which vlans ecc.
Take a look at
http://www.cisco.com/en/US/products/hw/switches/ps646/products_qanda_item09186a00801cb707.shtml
For more info. Cisco recommends no more than 64 HSRP sessions on a 3550,
I've never tried that many but 20 works ok.
As for a 7200 with just a few instances I had no CPU impact but I've never
tried that many instances, maybe someone else on the list has.
Hope this helps
Brian
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Marco Matarazzo
Sent: venerdì 26 novembre 2004 10.52
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Failover with 3550-SMI
Hi Brian,
> Ther ewas a discussion not to long ago on this list about using
> private ip
address between routers for running HSRP,
> take a look in the archives. Basically the HSRP'd address is the
> public IP
used as the default and the 2 router (or switches)
> use private ip's to communicate. That way you don't waste space.
I had a look at the archives before posting, and, also if I imagine it could
be a debugging nightmare, I will certainly consider to use private addresses
for HSRP addresses... but actually I'm more concerned with the number of
HSRP instances... how much impact 50 or 60 HSRP instances can have on an
NPE400? And on a 3550-48?
> As for the solutions 1 and 2 give you full redundancy whereas with
> number
3 the router becomes your single point of failure.
This could be eliminated by using another router, if the customer is really
concerned. And still keeps everything very manageable.
> The 3550's only support 16 HSRP groups so be carefull if you need more
> the
3750s will do more (32 I think)
To what I understand, HSRP groups only allow you to have load balancing. So
you can give priority to a certain group on some ports, and another group on
some other ports. So there's no router that takes all the traffic while the
other is simply idle. In a two router setup, I should only need two groups,
don't I?
Cheers,
]\/[arco
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Marco Matarazzo
Sent: giovedì 25 novembre 2004 15.19
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Failover with 3550-SMI
Hi all,
I manage a colo-like network, quite simple:
Two borders (7206/NPE400/256Mb) each talking eBGP with two upstreams (double
feed each upstream) and iBGP between them.
Those two 7206 trunk each into a different 2950T-24, that are also connected
together. Then finally a couple of 3550-48-SMI, each connected with both
switches, that talk RIPv2 with the borders (they announce the connected
routes, and take the default gw from the borders). All the ports are layer3
(except the links to the switches that are layer2, configured for spanning
tree).
In this setup I can only see the 3550 as Single Points of Failure.
Now some customers want dual ethernet for failover. I can see three
scenarios:
1) Put them on the two 3550 layer2 ports, and route the vlan directly on the
border, using HSRP on the border for default gateway failover.
2) Upgrade the 3550-SMI to EMI, and run HSRP between the two customers
facing interfaces.
3) Don't upgrade the 3550, add little router to the customer and advertise
the default route to this router via RIP.
Is there something I overlooked? Could I use some other failover method?
Which of the three would you use? I prefer the third solution, as it keeps
the border and the distribution completely separated, and it seems more
manageable. But that's also the most waste of IP space (need two additionals
/30). Number 1 could also be feasible, but if number of customers wanting
dual ethernet rises, I think that 30 or 40 HSRP istances together with two
full BGP feeds and three downstreams, netflow, RIP and some access-lists
could kill the router (transit traffic is 40Mbps, router is as 25/30% CPU).
Number 2 is expensive (the upgrade to smi to emi), and again, could
theorically a 3550 handle 48 HSRP instances easily?
Thanks!
]\/[arco
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list