Data Center Redundancy

Hi, dear experts!
I) My  Input data is (read please, or see attach):
- I have one active data center (main office), one backup data center (backup office), and several branch offices and many corporate internet users
- Each of the offices has redundant internet connection: Main office via ISP1 and ISP2, backup office via ISP3 and ISP4.
- Standby data center duplicates corporates services (such as Exchange, Sharepoint, FileStorage).
- Main office and backup office are long-distanced from each other (about 800 km), and interconnected via 1Gb fiberoptic.
II) My tasks are:
1. Provide redundant network  connection for local ofiice users to corporate services.
2. Provide redundant network connection for branch offices and internet users to corporate services.
III) My ideas are:
1. Accordingly to the 1-st task. Here I suppose to use load balancers in redundant configuration.
2. Accordingly to the 2-nd task. To my mind there are two scenarios.
2.1 First scenario. To built a DMVPN topology using main and backup offices as a hubs, and branch offices as a spokes.
2.2 Second scenario. To by provider independet IPv4-adress block and ASN, to advertise main and backup office networks in internet.
IV) My questions are:
-What scenario according to the 2-nd task is better: using a DMVPN-topology or using an ASN-redundancy?
-Is it possible to avoid assymetric routing problems in case of using a an ASN-redundancy?
Thank you!

I think Global loadblancer device will solve your both issue or there is an other solution for 2nd question,
to use BGP confedration, that means use two private ASN internaly one in each DC, and put them both DC in one confedration, use one public ASN with all your  ISP's.
Regards,

Similar Messages

  • Deploying Cisco Overlay Transport Virtualization (OTV) in Data Center Networks

    Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to plan, design, and implement Cisco Overlay Transport Virtualization (OTV) in your Data Center Network with Cisco experts Anees Mohamed Abdulla and Pranav Doshi.
    Anees Mohamed Abdulla is a network consulting engineer for Cisco Advanced Services, where he has been delivering plan, design, and implementation services for enterprise-class data center networks with leading technologies such as vPC, FabricPath, and OTV. He has 10 years of experience in the enterprise data center networking area and has carried various roles within Cisco such as LAN switching content engineer and LAN switching TAC engineer. He holds a bachelor's degree in electronics and communications and has a CCIE certification 18764 in routing and switching. 
    Pranav Doshi is a network consulting engineer for Cisco Advanced Services, where he has been delivering plan, design, and implementation services for enterprise-class data center networks with leading technologies such as vPC, FabricPath, and OTV. Pranav has experience in the enterprise data center networking area and has carried various roles within Cisco such as LAN switching TAC engineer and now network consulting engineer. He holds a bachelor's degree in electronics and communications and a master's degree in electrical engineering from the University of Southern California.
    Remember to use the rating system to let Anees and Pranav know if you have received an adequate response.  
    Because of the volume expected during this event, Anees and Pranav might not be able to answer each question. Remember that you can continue the conversation on the Data Center, sub-community forum shortly after the event. This event lasts through August 23, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

    Hi Dennis,
        All those Layer 2 extension technologies require STP to be extended between Data Centers if you need to have multiple paths between Data Centers. OTV does not extend STP rather it has its own mechanism (AED election) to avoid loop when multiple paths are enabled. It means any STP control plane issue, we don't carry to the other Data Center.
        OTV natively suppresses Unknown Unicast Flooding across the OTV overlay. Unknown unicast flooding is a painful problem in layer 2 network and difficult to troubleshoot to identify the root cause if you don't have proper network monitoring tool.
       It has ARP optimization which eliminates flooding ARP packets across Data Center by responding locally with cached ARP messages. One of the common issues I have seen in Data Center is some server or device in the network sends continuous ARP packets which hits Control plane in the Aggregation layer which in turn causes network connectivity issue.
    The above three points proves the Layer 2 domain isolation between data centers. If you have redundant Data Centers with Layer 2 extended without OTV, the above explained layer 2 issue which happens in one Data Center carries the same failure to the second data center which creates the question of what is the point of having two different Data Centers if we can not isolate the failure domain.
      OTV natively supports HSRP localization with few command lines. This is a very important requirement in building Active/Active Data Center.
    Even though your question is related to L2TP, OTV deserves the comparison with VPLS and those comparison will also be applicable for L2TP. The below link explains in detail...
    http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/white_paper_c11-574984.html
    Thanks,
    Anees.

  • Ask the Expert: Scaling Data Center Networks with Cisco FabricPath

    With Hatim Badr and Iqbal Syed
    Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about the Cisco FabricPath with Cisco technical support experts Hatim Badr and Iqbal Syed. Cisco FabricPath is a Cisco NX-OS Software innovation combining the plug-and-play simplicity of Ethernet with the reliability and scalability of Layer 3 routing. Cisco FabricPath uses many of the best characteristics of traditional Layer 2 and Layer 3 technologies, combining them into a new control-plane and data-plane implementation that combines the immediately operational "plug-and-play" deployment model of a bridged spanning-tree environment with the stability, re-convergence characteristics, and ability to use multiple parallel paths typical of a Layer 3 routed environment. The result is a scalable, flexible, and highly available Ethernet fabric suitable for even the most demanding data center environments. Using FabricPath, you can build highly scalable Layer 2 multipath networks without the Spanning Tree Protocol. Such networks are particularly suitable for large virtualization deployments, private clouds, and high-performance computing (HPC) environments.
    This event will focus on technical support questions related to the benefits of Cisco FabricPath over STP or VPC based architectures, design options with FabricPath, migration to FabricPath from STP/VPC based networks and FabricPath design and implementation best practices.
    Hatim Badr is a Solutions Architect for Cisco Advanced Services in Toronto, where he supports Cisco customers across Canada as a specialist in Data Center architecture, design, and optimization projects. He has more than 12 years of experience in the networking industry. He holds CCIE (#14847) in Routing & Switching, CCDP and Cisco Data Center certifications.
    Iqbal Syed is a Technical Marketing Engineer for the Cisco Nexus 7000 Series of switches. He is responsible for product road-mapping and marketing the Nexus 7000 line of products with a focus on L2 technologies such as VPC & Cisco FabricPath and also helps customers with DC design and training. He also focuses on SP customers worldwide and helps promote N7K business within different SP segments. Syed has been with Cisco for more than 10 years, which includes experience in Cisco Advanced Services and the Cisco Technical Assistance Center. His experience ranges from reactive technical support to proactive engineering, design, and optimization. He holds CCIE (#24192) in Routing & Switching, CCDP, Cisco Data Center, and TOGAF (v9) certifications.
    Remember to use the rating system to let Hatim and Iqbal know if you have received an adequate response.  
    They might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community Unified Computing discussion forum shortly after the event. This event lasts through Dec 7, 2012.. Visit this support forum often to view responses to your questions and the questions of other Cisco Support Community members.

    Hi Sarah,
    Thank you for your question.
    Spanning Tree Protocol is used to build a loop-free topology. Although Spanning Tree Protocol serves a critical function in these Layer 2 networks, it is also frequently the cause of a variety of problems, both operational and architectural.
    One important aspect of Spanning Tree Protocol behavior is its inability to use parallel forwarding paths. Spanning Tree Protocol forms a forwarding tree, rooted at a single device, along which all data-plane traffic must flow. The addition of parallel paths serves as a redundancy mechanism, but adding more than one such path has little benefit because Spanning Tree Protocol blocks any additional paths
    In addition, rooting the forwarding path at a single device results in suboptimal forwarding paths, as shown below, Although a direct connection may exist, it cannot be used because only one active forwarding path is allowed.
    Virtual PortChannel (vPC) technology partially mitigates the limitations of Spanning Tree Protocol. vPC allows a single Ethernet device to connect simultaneously to two discrete Cisco Nexus switches while treating these parallel connections as a single logical PortChannel interface. The result is active-active forwarding paths and the removal of Spanning Tree Protocol blocked links, delivering an effective way to use two parallel paths in the typical Layer 2 topologies used with Spanning Tree Protocol.
    vPC provides several benefits over a standard Spanning Tree Protocol such as elimination of blocker ports and both vPC switches can behave as active default gateway for first-hop redundancy protocols such as Hot Standby Router Protocol (HSRP): that is, traffic can be routed by either vPC peer switch.
    At the same time, however, many of the overall design constraints of a Spanning Tree Protocol network remain even when you deploy vPC such as
    1.     Although vPC provides active-active forwarding, only two active parallel paths are possible.
    2.     vPC offers no means by which VLANs can be extended, a critical limitation of traditional Spanning Tree Protocol designs.
    With Cisco FabricPath, you can create a flexible Ethernet fabric that eliminates many of the constraints of Spanning Tree Protocol. At the control plane, Cisco FabricPath uses a Shortest-Path First (SPF) routing protocol to determine reachability and selects the best path or paths to any given destination in the Cisco FabricPath domain. In addition, the Cisco FabricPath data plane introduces capabilities that help ensure that the network remains stable, and it provides scalable, hardware-based learning and forwarding capabilities not bound by software or CPU capacity.
    Benefits of deploying an Ethernet fabric based on Cisco FabricPath include:
    • Simplicity, reducing operating expenses
    – Cisco FabricPath is extremely simple to configure. In fact, the only necessary configuration consists of distinguishing the core ports, which link the switches, from the edge ports, where end devices are attached. There is no need to tune any parameter to get an optimal configuration, and switch addresses are assigned automatically.
    – A single control protocol is used for unicast forwarding, multicast forwarding, and VLAN pruning. The Cisco FabricPath solution requires less combined configuration than an equivalent Spanning Tree Protocol-based network, further reducing the overall management cost.
    – A device that does not support Cisco FabricPath can be attached redundantly to two separate Cisco FabricPath bridges with enhanced virtual PortChannel (vPC+) technology, providing an easy migration path. Just like vPC, vPC+ relies on PortChannel technology to provide multipathing and redundancy without resorting to Spanning Tree Protocol.
    Scalability based on proven technology
    – Cisco FabricPath uses a control protocol built on top of the powerful Intermediate System-to-Intermediate System (IS-IS) routing protocol, an industry standard that provides fast convergence and that has been proven to scale up to the largest service provider environments. Nevertheless, no specific knowledge of IS-IS is required in order to operate a Cisco FabricPath network.
    – Loop prevention and mitigation is available in the data plane, helping ensure safe forwarding that cannot be matched by any transparent bridging technology. The Cisco FabricPath frames include a time-to-live (TTL) field similar to the one used in IP, and a Reverse Path Forwarding (RPF) check is also applied.
    • Efficiency and high performance
    – Because equal-cost multipath (ECMP) can be used the data plane, the network can use all the links available between any two devices. The first-generation hardware supporting Cisco FabricPath can perform 16-way ECMP, which, when combined with 16-port 10-Gbps port channels, represents a potential bandwidth of 2.56 terabits per second (Tbps) between switches.
    – Frames are forwarded along the shortest path to their destination, reducing the latency of the exchanges between end stations compared to a spanning tree-based solution.
        – MAC addresses are learned selectively at the edge, allowing to scale the network beyond the limits of the MAC addr

  • Query on DNS setup for Active Directory for a new data center

    I have third party DNS appliances providing DNS Service for Active Directory (Windows 2008 R2) and there are also secondary DNS servers, which are MS DNS server with a secondary zone configured, for redundancy. I have to setup a new data center
    and move servers/services to this data center. In this scenario, can I install a new Microsoft DNS server with a secondary zone and use this as the primary DNS Server for all the member servers at this new location ? I am aware that this new DNS server will
    not be able to make any updates to the secondary zone and for that purpose, is there anyway to redirect such requests to the DNS appliances in my current data center across the WAN ? I am trying to avoid purchasing a new DNS appliance for the new data center
    and want to know what are the alternatives I have.
     

    im not entirely sure by your setup, as normally you would use AD integrated zones for DNS in an AD environment - although there are other options as you have already setup.
    the fact the zone is a secondary zone in DNS server terms doesn't mean you can't point your clients to it as their primary dns server. They will quite happily resolve names using a secondary server.
    so as long as your dns devices are correctly setup to support the additional secondary zone I see no reason why you couldn't do this.
    Regards,
    Denis Cooper
    MCITP EA - MCT
    Help keep the forums tidy, if this has helped please mark it as an answer
    My Blog
    LinkedIn:

  • Collapsed Data Center Tier - Best Practice

    Hey guys,
    I'm working with a company who's doing a Data Center build-out. This is not a huge build out and I don't believe I really need a 2 tier design (access, core/aggregation). I'm looking for a 1 tier design. I say this because they only really have one rack of hosts - and we are not connected to a WAN or campus network - we are a dev shop (albeit a pretty damn big dev shop) who hosts internet sites and web applications to the public. 
    My network design relies heavily on VRF's. I treat every web application published to the internet as it's town "tenant" with one leaked route which is my managment network so I have any management servers ( continues deployment, monitoring, etc...) sitting in this subnet that is leaked. Each VRF has their own route to a virtual firewall context of their own and out to the internet. 
    Right now we are in a managed datacenter. I'm going to be building out their own switching environment utilizing the above design and moving away from the managed data center. That being said I need to pick the correct switches for this 1 tier design. I need a good amount of 10gbe port density (124 ports minimum). I was thinking about going with 4 5672UP or 4 C3064TQ-10GT - these will work as both my access and core (about 61 servers, one fiber uplink to my corporate network, and one fiber uplink to a firewall running multiple device contexts via multiple vlans) 
    That being said - With the use of VRFs, VLAN, and MP-BGP (used to leak my routes) what is the best redundancy topology for this design. If I was using catalyst 6500's I would do VSS and be done with it - but I don't believe vPC on the nexus switches traffic and is really more for a two tier model (vPC on two cores, aggregation/access switch connects up to both cores but it looks like one.) What I need to accomplish sounds to me that I'm going to be doing this the old fashion way , running a port channel between each switch, and hopefully using a non STP method to avoid loops. 
    Am I left with any other options? 

    ISP comes into the collapsed core after a router. A specific firewall interface (firewall is in multi context mode) sits on the "outside" vlan specific to each VRF. 

  • Data Center Design: Nexus 7K with VDC-core/VDC-agg model

    Dear all,
    I'm doing with a collapsed VDC-core/VDC-agg model on the same chassis with 2  Redundant Cisco Nexus 7010 and a pair of Cisco 6509 used as a Service  Chassis without VSS. Each VDC Core have redundant link to 2 PE based on  Cisco 7606.
    After reading many design document of Cisco, I'm asking  what is the need of a Core Layer in a Data Center especially if it is  small or medium size with only 1 aggregation layer and dedicated for a Virtualized Multi-Tenanted environement? What is driving to have a core layer?
    Thanx

    If your data center is small enough to not require a core, then its fine to run with a collapsed core (distribution + core as the same device).  For a redundant design you need to uplink all your distribution switches to each of your cores.  If you have no cores, then you need full mess at your distribution layer (for full redundancy).
    Lets say you have only 4 distribution pairs...so 8 switches  For full redundancy each one needs uplink to each other.  This means you need 28 total ports used to connect all the switches together (n(n-1)/2).  Thats also assuming 1 link to each device.  However if you had redundant cores, the number of links used for uplinks reduces to 21 total links (this includes links between each distribution switch in a site, and link between the two cores).  So here you see your only saving 7 links.  Here your not gaining much by adding a core.
    However if you have 12 distribution pairs...so 24 switches.  Full redundancy means you have 276 links dedicated for this.  If you add a core, this drops to 61 links.  Here you see the payoff.

  • Data Center Network Design

    I'm looking at a couple options for a small network in a data center.  I seem to be getting hung up on all the different options.  One of the options I'm looking at is end or row using both 2960Ss and Blade Center chassis switches with each physical server dual homed into a 2960, each ESX server dual homed into a blade switch and each of the switches with a Layer 2 10Gb uplink (20 total with etherchannel) to one of two 4900Ms.  The 4900Ms would then have a layer 2 uplink between them to accomodate VLANs that span the access layer switches.  This would be an inverted U topology.  That's simple enough, and maybe that is where I should leave it, but there is the now available stacking feature of 2960s that has me wondering if there is another option available with dual homing a stack.  Is there such a beast?  Would it be better to stack 2960s, or even 3750s, so as to make each end of row with 2 redundant switches appear as one logical stack, and then uplink that stack to an aggregate multilayer switch such as a pair of 4900Ms?  Or might that limit me to keeping VLANs within a stack and end or row?
    thank you,
    Bill

    Hi Bill-
    First, I personally would not use the 2960S for the data center, no matter the size. That switch was purposely built for user access and has some limitations. Also, depending on what you need to accomplish will determine your design. I recently did a design similar to what you are describing. We ended up putting 3750X's at the top of rack as a stack. This allows for etherchannel to your servers with both server NICs being active. From there we uplinked to a pair of 6509's in VSS. From a layer 2 point of view this was about as simple as it gets; 1 switch connected to another switch connected to a server. No spanning tree! If you can't afford stackable switches, you may want to look at routing at the top of rack. However you will lose functionality like moving VLAN's between racks, relying on server NIC software for active/passive links and the moving of VM's could be limited.

  • Should Data Center WAE point to GLBP IP address?

    I will be connecting a Data Center WAE-7341 to a distribution layer made up of two 6509s. The 6509s currently have a /30 L3 connection between the two of them on routed ports. I plan on changing that to a /29 SVI connection (changing the ports to switchports) and connecting the 7341 to one of the 6509s' ports configed in the same vlan. (Eventually I'll connect a second, redundant 7341 to the other 6509, same vlan, for redundancy.)
    Should I make the connection between the two 6509s a GLBP config, and have the 7341's gateway the virtual IP - but still config WCCP router-list to point to the real IP address? Or should I keep GLBP out of the picture by not configuring it, and pointing the 7341's gateway to the IP address on the 6509 it is connected to - the same as the router-list IP?

    Registration
    Do NOT use a virtual gateway address (HSRP, VRRP, GLBP)
    If you dont specify an IP in the router list is will use the default gateway by default.
    If you do use the VIP as the default route, you may see a negative influence when the edge fails over. The DRE cache will be lost as the connection gets reset and initiated on the 2nd WAE. unless your connected to both A and B side routers from Each WAE.

  • Welcome to the Solutions and Architectures Data Center & Virtualization Community

    Welcome to the Solutions and Architectures Data Center & Virtualization Community. We encourage everyone to share their knowledge  and start conversations related to Data Center and Virtualization  Solutions and architectures.All topics are welcome, including  Servers – Unified Computing, Data Center Security, Data Center  Switching, Data Center Management and Automation, Storage Networking,  Application Networking Services and solutions to solve business  problems.
    Remember,  just like in the workplace,  be courteous to your fellow forum  participants. Please refrain from  using disparaging or obscene language  or posting advertisements.
    Cheers,
    Dan Bruhn 

    Hi,
    I have a question...
    I going to install two Nexus 7009 with three N7K-F248XP-25  modules on each one, I am planning to create 3 VDC, but at the initial configuration the system does not show the ethernets ports of these modules, even with the show inventory and show module I can see tah the modules are recognized and its status is OK. There is something that I have to do before start to configure these modules...? enable some feature or license in order to see the ports with show running CLI...?

  • Welcome to the Enterprise Data Center Networking Discussion

    Welcome to the Cisco Networking Professionals Connection Network Infrastructure Forum. This conversation will provide you the opportunity to discuss general issues surrounding Enterprise Data Center Networking. We encourage everyone to share their knowledge and start conversations on issues such as Mainframe connectivity, SNA Switching Services, DLSw+, managing SNA/IP and any other topic concerning Enterprise Data Center Networking.
    Remember, just like in the workplace, be courteous to your fellow forum participants. Please refrain from using disparaging or obscene language or posting advertisements.
    We encourage you to tell your fellow networking professionals about the site!
    If you would like us to send them a personal invitation simply send their names and e-mail addresses along with your name to us at [email protected]

    Hi together,
    Since the release of SAP NetWeaver 2004s to 'Unrestricted Shipment' as of 6th of June 2006, we have renamed the forum 'SAP NetWeaver2004s Ramp-Up' to 'BI in SAP NetWeaver2004s'.
    The forum should continue to adress BI issues particular to the release SAP NetWeaver 2004s. Please post general BI, project, etc. question to the other existing BI forums.
    The SAP NetWeaver BI organisation will also use this forum to communicate / roll-out information particular to the release of SAP NetWeaver 2004s (in addtion to the FAQs and other material on the SAP Service Marketplace and information in other areas of the SDN).
      Cheers
         SAP NetWeaver BI Organisation

  • Windows server 2012 Data Center with VDI configuration error message ( The remote session was disconnected because there are no remote desktop license servers available)

    Dears,
    I have two windows server 2012 Data Center and I configured (Virtual Desktop Interface)VDI on it's.
    All my clients connected on both of servers by used Remote Desktop sessions ,5 months since.
    Currently,when the clients is connected on the both of servers they received the following error:
    "The remote session was disconnected because there are no remote desktop license servers available to provide license"
    Kindly note, I installed windows Licenses Server Data Center on the both of servers. 
    Regards.

    Hi,
    Please let us know if you have purchased RDS CALs and install it in your RD licensing server.
    Also, on RD Session host servers, please make sure that you have specified the license mode and point them to the RD licensing server.
    Remote Desktop Services Client Access Licenses (RDS CALs)
    http://technet.microsoft.com/en-us/library/cc753650.aspx
    RD Licensing Configuration on Windows Server 2012
    http://blogs.technet.com/b/askperf/archive/2013/09/20/rd-licensing-configuration-on-windows-server-2012.aspx
    Hope this helps.
    Jeremy Wu
    TechNet Community Support

  • When trying to start my Windows server 2008 R2 Data Center, I am getting "ramdisk device creation failed due to insufficient memory",

    I have the following:-
    VMWare workstation version 9 , with windows server 2008 R2 data center installed.
    - I have installed the windows 2008 R2 inside the VM using an iso image.
    - The host is windows 7.
    I use to work well with the VM, but after adding a new VM to the same workstation . I start getting the following error when starting my old VM
    ramdisk device creation failed sue to insufficient memory.
    And on the windows boot manger screen they mentioned to :-
    inset my windows installation dis and restart my PC.
    click “repair your computer”
    but not sure if this will fix the problem , baring in mind that the RAM assigned to the VM
     is 24 GB & 80 GB hard disk.
    The error is 
    Link.
    so can any one advice what is causing this error?
    Thanks

    You might start by checking the RAM.
    http://windows.microsoft.com/en-US/windows7/Diagnosing-memory-problems-on-your-computer
    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

  • Please shed some light on Data Center design

    Hi,
        I want you guys to recommend what the design should be. I'm familiar with HP blade system. Let me clarify the existing device.
    1. HP Blade with Flex Fabric. It supports FCOE.
    2. MDS SAN switch for the storage
    3. Network Switch for IP network.
    4. HP Storage.
        HP Blade has 2 interface types for IP Network(Network Switch) and Fiberchannel(SAN).
       What is the benifit for using Nexus switch and FCOE for my exising devices. What should be a new design with Nexus switch? Please guide me ideas.
    THX
    Toshi 

    Hi, Toshi:
    Most of these chat boards have become quite boring. Troubleshooting OSPF LSA problems is old news. But I do pop my head in every now and then. Also, there are so many other companies out there doing exciting things in the data center. You have Dell, Brocade, Arista, Juniper, etc. So one runs the risk of developing a myopic view of the world of IT by lingering around this board for too long.
    If you want to use the new B22 FEX for the HP c7000 blade chassis, you certainly can. That means the Nexus will receive the FCoE traffic and leverage its FCF functionality; either separate the Ethernet and FC traffic there, or create a VE-port instantiation with another FCF for multihop deployments. Good luck fighting the SAN team with that one! Another aspect of using the HP B22 is the fact that the FEX is largely plug and play, so you dont have to manage the Flex Fabric switches.
    HTH

  • URGENT: QoS Design on Data Center MPLS - MediaNet Question...

    Hello,
    I am posting this in hopes I can get some guidance from anyone who has done this in the field.  We have a large enterprise customer with 21 sites all around the world, they have Verizon MPLS and are experiencing QoS related issues on their WAN regarding Video/Voice.  We have proposed remediating their network acccording to the Enterprise QoS SRND 3.3 and the new MediaNet SRND to account for Video and TP QoS (     
    http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html )
    Here is the problem/question that was proposed in our presales meeting and I honestly don't know where to look for an answer... I am not asking for anyone to design a solution for me, just merely point me in the right direction:
    The Data Center has a ~40MB MPLS Connection ( full mesh ) into the cloud ( Verizon )
    Site A has a 8MB connection
    Site B has a 4MB connection
    I know on the Service policy and the interfaces at SiteA and SiteB I can assign "Bandwidth xxxx" and use ~95% of the bandwidth to do queuing and shaping/policing ect.  I am not concerned with SiteA and SiteB, that I think I can handle...
    Question was posed from the customer, "How can we ensure at the DataCenter level the 40MB MPLS is "chopped" up so that only 8MB of the total speed goes to SiteA ALONG with an attached QoS policy designed for that specific site, as well as ensure only 4MB goes to SiteB with an attached QoS policy.
    So I am looking for a way to allocate bandwith per site on the DC 40MB connection going into the cloud ( so that SiteB cannot use more than 4MB ) and attach a MediaNet specific QoS Service policy to that site.  The customer does not have seperate MPLS circuits for each site, they all come into the DC on 40MB shared ethernet connection ( no VC, or dedicated circuits to other sites ). 
    Any thoughts on if this is possible? 
    Thanks!
    Alex

    This is an example I have seen and I hope that is useful to you.
    Site A
    Subnet: 172.16.1.0/24
    Site B
    Subnet:172.16.2.0/24
    HeadOffice:
    ip access-list extended Site_A
    permit ip any 172.16.1.0 0.0.0.255
    ip access-list extended Site_B
    permit ip any 172.16.2.0 0.0.0.255
    class-map match-any Site_A
    match access-group name Site_A
    class-map match-any Site_B
    match access-group name Site_B
    policy-map To_Spokes
    class Site_A
    shape average 8000000
    service-policy Sub_Policy(Optional)
    class Site_B
      shape average 4000000
      service-policy Sub_Policy(Optional)
    class class-default
      shape average 28000000
      service-policy Sub_Policy(Optional)
    Interface G0/0
    Description To MPLS cloud
    bandwidth 40000000
    service-policy output To_Spokes
    interface G0/1
      Description To HeadOffice
    bandwidth 40000000
    service-policy output To_Spokes
    It would be greatly appreciated if someone can correct this or improve it as I am still learning.
    Please see the netflow graph from one of our routers using a similar policy as above.

  • Data Center Aggregation/Access SW Nexus

    i have a design scinario for backup email data center, some difficulties faced when trying to match the requirements to Boxes.
    the design required a Nexus 5548UP with addition to 2x Virtualized Data center switches, also it required 12 x CPU license for VM Virtual Network Switch. i suggested to add Nexus 1000 series but the consern is can i use it without adding Nexus 2k . if i have to use N2k and N1k what is the best configuration scinario?

    Hi Shakeeb,
    I don't understand your question very well, but I will try clarify some points.
    You don't need a Nexus 2000 if you have enough ports available in your Nexus 5500, even if you will use nexus 1000v.
    In this scenario what I recommend to you is connect the both Nexus 5548 each other and create a vpc with upstreams routers and downstream blades and storage.
    Richard

Maybe you are looking for

  • How to mount my raid now?

    Hello, I had my raid working somehow through my fstab, but I did an upgrade yesterday and now it's not working and everything looks different now.... here is lsblck sdb           8:16   0   1.8T  0 disk  └─md126       9:126  0   1.8T  0 raid1   └─md1

  • EDI : ME22 Issue

    Hi experts,                                                                                When I change the PO in ME22 it is adding an error message to my PO Messages like 'No IDoc items belonging to purchasing document found ' .Path is Header--> Me

  • IPhone freeze after restore

    I restore the iphone 2 days ago, and the itune try to download the 1.02 iphone firmware for restore, but it kept download ... showing like 110mb/97mb. ( suppose it will stop at 97mb, 100%). So i turn to use another computer which had the firmware dow

  • Scanning files by modified date

    I created a copy of a users home folder on a backup drive, and I think some of those copied/backup files may have been used instead of the 'real' ones on the 'real' home folder. Is there a way through spotlight or terminal/UNIX to scan that folder fo

  • Oracle 8i for AIX

    I have the database files for the above. These are not backup files, but the files from a storage device that was connected to a server running AIX. The server crashed completely and no recent backups are available. Can i read the database files if i