[c-nsp] Adding a second switch for redundancy

Bruce Pinsky bep at whack.org
Tue Sep 19 23:26:41 EDT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eric Kagan wrote:
>> Eric Kagan wrote:
>>> I am trying to lab the following - Several routers plugged 
>> in to two 
>>> seperate switches for redundancy.  Catalyst 3524XL/3550.  7200/7500 
>>> routers
>>> - 
>>>
>>>
>>> Design A (works fine - diagram below)
>>>
>>> 5 routers plugged in to a 3550 (configured as Layer 2 
>> ports).  We are 
>>> running EIGRP on the routers.
>>>
>>>
>>>
>>> Design B (EIGRP Errors - diagram below)
>>>
>>> We added 2nd FE cards to the routers
>>> We plugged them in to the new switch
>>> We assigned a new / separate subnet for the interfaces.
>>>
>>> When we bring them up, we get EIGRP flaps. (log clip below) 
>> Are there 
>>> EIGRP settings that need to be changed for having 2 FE's 
>> from the same 
>>> routers in different switches ?  Do the switches need to be 
>> trunked ?
>>> Thanks
>>> Eric
>>>
>>>
>>>
>>> Design A: (working - single switch, multiple routers)
>>>
>>>
>>> -----------------
>>> |  Cat 3550-A   |
>>> -----------------
>>>   |   |   |   | ----- 1.1.1.0 /24 (EIGRP)
>>>   R   R   R   R
>>>
>>>
>>> Design B: (problem)
>>>
>>>
>>> -----------------
>>> |  Cat 3550-A   |
>>> -----------------
>>>   |   |   |   | ----- 1.1.1.0 /24 (EIGRP)
>>>   R   R   R   R
>>>   |   |   |   | ----- 2.1.1.0 /24 (EIGRP)
>>> -----------------
>>> |  Cat 3550-B   |
>>> -----------------
>>>
>> Well, assuming that 3550-A and 3550-B are not connected in 
>> any way, I wouldn't think there would be any problem.
> 
> The 2 switches are not directly connected in any way.  They are completely
> separate from each other.
>  
>> Is there more info here than is implied in simple ASCII art?  
> 
> Not really - its pretty simple.  The routers do have HSRP and MPLS running
> since I am using our actual production configs on the lab routers.
> 
>> Config snippet would be helpful...
> 
> Clips from 2 routers and both switches for those router - 
> 
> Thanks
> Eric
> 
> R1 - (BGP Border router)
> 
> interface FastEthernet0/0
>  ip address 2.1.1.12 255.255.255.0
>  no ip unreachables
>  ip flow ingress
>  load-interval 30
>  duplex full
>  no clns route-cache
> !
> interface GigabitEthernet4/0
>  ip address 1.1.1.1.12 255.255.255.0
              ^^^^^^^^^^^
Is this a cut and paste or typo???

>  no ip redirects
>  negotiation auto
>  no clns route-cache
>  standby 2 ip 1.1.1.1
>  standby 2 priority 105
>  standby 2 preempt
> !
> router eigrp 65555
>  redistribute connected
>  redistribute static metric 10000 100 255 1 1500
>  network 1.1.1.0 0.0.0.255
>  network 2.1.1.0 0.0.0.255
>  no auto-summary
> 
> 
> R2 - (PE/VPN Agg)
> 
> interface FastEthernet0/0
>  ip address 1.1.1.10 255.255.255.0
>  no ip unreachables
>  ip flow ingress
>  load-interval 30
>  duplex full
>  tag-switching mtu 1524
>  tag-switching ip
>  no clns route-cache
>  standby 2 ip 1.1.1.1
>  standby 2 preempt
> !
> interface FastEthernet6/0
>  ip address 2.1.1.10 255.255.255.0
>  ip flow ingress
>  duplex full
>  mpls label protocol ldp
>  tag-switching mtu 1524
>  tag-switching ip
>  no clns route-cache
> !
> router eigrp 65555
>  redistribute connected
>  redistribute static
>  network 1.1.1.0 0.0.0.255
>  network 2.1.1.0 0.0.0.255
>  no auto-summary
> 
> 
> Sw1 - 
> 
> interface FastEthernet0/13
>  description connected to R2
>  switchport mode dynamic desirable
>  no ip address
>  duplex full
>  speed 100
> !
> interface GigabitEthernet0/1
>  description connected to R1 PA-GE (G4/0)
>  switchport mode dynamic desirable
>  no ip address
> !

Hmm, on Switch 2 you have access vlan set on the two interfaces.  Not on
switch 1 though.

Are you using these switches as L2 devices or L3?  On switch 1 with
"switchport mode dynamic" you are saying these are tagged trunk interfaces.
  The router interfaces aren't configured as trunks.  On switch 2 with
"switchport access vlan2" you are saying these are nontagged access interfaces.

> interface Vlan1
>  ip address 1.1.1.4 255.255.255.0
> !

Do you have these SVIs configured with IP addresses for mgmt purposes or
something else?

> router eigrp 65555
>  network 1.1.1.0 0.0.0.255
>  network 2.1.1.0 0.0.0.255
>  no auto-summary
>  eigrp log-neighbor-changes
> 

Looks like this switch is supposed to be running EIGRP too?

> 
> sw2 - 
> 
> !
> interface FastEthernet0/1
>  description connected to R1 (F0/0)
>  duplex full
>  switchport access vlan 2
> !
> interface FastEthernet0/5
>  description connected to R2-f6/0
>  mtu 1548
>  duplex full
>  switchport access vlan 2
> !
> interface VLAN1
>  no ip address
>  no ip directed-broadcast
>  no ip route-cache
>  shutdown
> !
> interface VLAN2
>  ip address 2.1.1.4 255.255.255.0
>  no ip directed-broadcast
>  no ip route-cache 
> 
> 

This switch looks more like I would expect out of a basic L2 device.


- --
=========
bep

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFELTxE1XcgMgrtyYRApHUAKDEN0R1TdlYxiFn3KZmxLsSpdsywQCfXHBh
lKadM098JilGyEn7u7BP+dM=
=qbLk
-----END PGP SIGNATURE-----

More information about the cisco-nsp mailing list