[c-nsp] Adding a second switch for redundancy
Eric Kagan
ekagan at axsne.com
Wed Sep 20 07:19:55 EDT 2006
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Eric Kagan wrote:
> >> Eric Kagan wrote:
> >>> I am trying to lab the following - Several routers plugged
> >> in to two
> >>> seperate switches for redundancy. Catalyst 3524XL/3550.
> 7200/7500
> >>> routers
> >>> -
> >>>
> >>>
> >>> Design A (works fine - diagram below)
> >>>
> >>> 5 routers plugged in to a 3550 (configured as Layer 2
> >> ports). We are
> >>> running EIGRP on the routers.
> >>>
> >>>
> >>>
> >>> Design B (EIGRP Errors - diagram below)
> >>>
> >>> We added 2nd FE cards to the routers
> >>> We plugged them in to the new switch
> >>> We assigned a new / separate subnet for the interfaces.
> >>>
> >>> When we bring them up, we get EIGRP flaps. (log clip below)
> >> Are there
> >>> EIGRP settings that need to be changed for having 2 FE's
> >> from the same
> >>> routers in different switches ? Do the switches need to be
> >> trunked ?
> >>> Thanks
> >>> Eric
> >>>
> >>>
> >>>
> >>> Design A: (working - single switch, multiple routers)
> >>>
> >>>
> >>> -----------------
> >>> | Cat 3550-A |
> >>> -----------------
> >>> | | | | ----- 1.1.1.0 /24 (EIGRP)
> >>> R R R R
> >>>
> >>>
> >>> Design B: (problem)
> >>>
> >>>
> >>> -----------------
> >>> | Cat 3550-A |
> >>> -----------------
> >>> | | | | ----- 1.1.1.0 /24 (EIGRP)
> >>> R R R R
> >>> | | | | ----- 2.1.1.0 /24 (EIGRP)
> >>> -----------------
> >>> | Cat 3550-B |
> >>> -----------------
> >>>
> >> Well, assuming that 3550-A and 3550-B are not connected in
> >> any way, I wouldn't think there would be any problem.
> >
> > The 2 switches are not directly connected in any way. They are
> > completely separate from each other.
> >
> >> Is there more info here than is implied in simple ASCII art?
> >
> > Not really - its pretty simple. The routers do have HSRP and MPLS
> > running since I am using our actual production configs on the lab
> > routers.
> >
> >> Config snippet would be helpful...
> >
> > Clips from 2 routers and both switches for those router -
> >
> > Thanks
> > Eric
> >
> > R1 - (BGP Border router)
> >
> > interface FastEthernet0/0
> > ip address 2.1.1.12 255.255.255.0
> > no ip unreachables
> > ip flow ingress
> > load-interval 30
> > duplex full
> > no clns route-cache
> > !
> > interface GigabitEthernet4/0
> > ip address 1.1.1.1.12 255.255.255.0
> ^^^^^^^^^^^
> Is this a cut and paste or typo???
Typo. Should be 1.1.1.12. I didn't have access to the lab so I pulled the
data off the routers and modified them.
>
> > no ip redirects
> > negotiation auto
> > no clns route-cache
> > standby 2 ip 1.1.1.1
> > standby 2 priority 105
> > standby 2 preempt
> > !
> > router eigrp 65555
> > redistribute connected
> > redistribute static metric 10000 100 255 1 1500
> > network 1.1.1.0 0.0.0.255
> > network 2.1.1.0 0.0.0.255
> > no auto-summary
> >
> >
> > R2 - (PE/VPN Agg)
> >
> > interface FastEthernet0/0
> > ip address 1.1.1.10 255.255.255.0
> > no ip unreachables
> > ip flow ingress
> > load-interval 30
> > duplex full
> > tag-switching mtu 1524
> > tag-switching ip
> > no clns route-cache
> > standby 2 ip 1.1.1.1
> > standby 2 preempt
> > !
> > interface FastEthernet6/0
> > ip address 2.1.1.10 255.255.255.0
> > ip flow ingress
> > duplex full
> > mpls label protocol ldp
> > tag-switching mtu 1524
> > tag-switching ip
> > no clns route-cache
> > !
> > router eigrp 65555
> > redistribute connected
> > redistribute static
> > network 1.1.1.0 0.0.0.255
> > network 2.1.1.0 0.0.0.255
> > no auto-summary
> >
> >
> > Sw1 -
> >
> > interface FastEthernet0/13
> > description connected to R2
> > switchport mode dynamic desirable
> > no ip address
> > duplex full
> > speed 100
> > !
> > interface GigabitEthernet0/1
> > description connected to R1 PA-GE (G4/0)
> > switchport mode dynamic desirable
> > no ip address
> > !
>
> Hmm, on Switch 2 you have access vlan set on the two
> interfaces. Not on switch 1 though.
On Sw1 they are both in default VLAN1
>
> Are you using these switches as L2 devices or L3? On switch
> 1 with "switchport mode dynamic" you are saying these are
> tagged trunk interfaces.
Sw 1 is a c3550 with L3 capability but for these routers it should be L2
only. There are a few ports configured as L3 but they are different subnets
/ purposes completely.
> The router interfaces aren't configured as trunks. On
> switch 2 with "switchport access vlan2" you are saying these
> are nontagged access interfaces.
Yes, no trunking from any of the routers on these FE's
>
> > interface Vlan1
> > ip address 1.1.1.4 255.255.255.0
> > !
>
> Do you have these SVIs configured with IP addresses for mgmt
> purposes or something else?
Mgt only
>
> > router eigrp 65555
> > network 1.1.1.0 0.0.0.255
> > network 2.1.1.0 0.0.0.255
> > no auto-summary
> > eigrp log-neighbor-changes
> >
>
> Looks like this switch is supposed to be running EIGRP too?
Yes, since there are a few L3 ports on the switch. Could this be causing
the problem ?
>
> >
> > sw2 -
> >
> > !
> > interface FastEthernet0/1
> > description connected to R1 (F0/0)
> > duplex full
> > switchport access vlan 2
> > !
> > interface FastEthernet0/5
> > description connected to R2-f6/0
> > mtu 1548
> > duplex full
> > switchport access vlan 2
> > !
> > interface VLAN1
> > no ip address
> > no ip directed-broadcast
> > no ip route-cache
> > shutdown
> > !
> > interface VLAN2
> > ip address 2.1.1.4 255.255.255.0
> > no ip directed-broadcast
> > no ip route-cache
> >
> >
>
> This switch looks more like I would expect out of a basic L2 device.
Yes, it's a 3500XL L2 only switch. If the 3550 switch with L3 and EIGRP is
causing the issue I could move to a true L2 core and move the 3550 out as an
edge device.
>From the responses so far, it seems the design "concept" is okay and no
EIGRP commands have to be changed or modified - is that correct ?
Thanks
Eric
More information about the cisco-nsp
mailing list