Distrabuted Access Switch Design

Similar Messages

• SAN design : core edge and dual-homing access switch

  Hello all.
  It may sound as a dumb question (from a LAN guy) but when designing a core/edge or edge/ecore/edge design, why do we connect access switches to both core switches ? Doesn't it break the isolation of a dual fabric backbone ?
  If an access switch fails the fault (bug or anything else) will propagate to both core switches ? Am I wrong ?
  Example :
  http://www.cisco.com/en/US/prod/collateral/modules/ps5991/prod_white_paper0900aecd8044c807_ps5990_Products_White_Paper.html
  or from netrworkers sessions in 2006

  Answer also from LAN guy,
  Most likely this design diagram is due to assumption that there is no use of VSANs and SAN Multipathing drivers in host.
  Following is excerpt from same like yo posted.
  "SAN designs should always use two isolated fabrics  for high availability, with both hosts and storage connecting to both  fabrics. Multipathing software should be deployed on the hosts to manage  connectivity between the host and storage so that I/O uses both paths,  and there is non-disruptive failover between fabrics in the event of a  problem in one fabric. Fabric isolation can be achieved using either  VSANs, or dual physical switches. Both provide separation of fabric  services, although it could be argued that multiple physical fabrics  provide increased physical protection (e.g. protection against a  sprinkler head failing above a switch) and protection against equipment  failure. "

• Design for redundancy of access switch

  hello all,
  I have the following design for a site:
  Provider delivers channel with HSRP redundant routers, but access level in not redundant and represented by one switch.
  Am I correct that there is no way no provide redundancy on access level only with access switches or there are any design proposals?!

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  As Reza describes, many hosts only have a single connection to network, so that single connection is always a possible point of failure.  But there's a couple of things you can do to minimize the impact of a network infrastructure device failure.
  When working with small appliance type switches, you might have multiple smaller switches rather than one large switch.  For example, instead of having one 48 port switch, you might have two 24 ports switches, or six 8 port switches, etc..  If a switch fails, not all hosts lose connectivity.
  You can also have additional ports, ideally enough to handle lost of any one unit of hardware,  So, for example, if you have seven 8 port switches, when you only need 48 ports, if a switch fails, you only lose 1/7 of your hosts until they can be repatched into available ports on the other switches.
  If some of your hosts have multiple NICs, then there are various method to use the two NICs to avoid a single network unit failure from dropping the host.  Usually only shared servers merit that level of redundancy.

• Using a Report Filter without giving users access to "Design" mode

  I have a report in which I use the filter bar to provide my end users the ability to use a drop down menu to switch between different months worth of data.  However, I have been asked to disable the ability for users to access the Design mode.  I have been unable to come up with the right security settings to allow the report filter while disabling the Design mode.  Does anyone have any suggestions to this problem?
  BO XI 4.0 Patch 9
  Thanks very much for your help

  Hi,
  I'm familiar with your issue - described here BO4 navigate the available object in READING MODE in webi
  and also here: Hide/Disable DESIGN MODE on WebI (BI4)
  I've every reason to believe this is currently not possible. You may want to vote on the existing Enhancement Requests in Ideas Place, or create your own
  Regards,
  H

• Spanning vlans across access switches in distribution block.... please help

  Hi All
  Can someone please explain why Cisco states that in a Campus Hierarchical modle if Vlans are spanned across Access switches in a distribution block, then the Distrubution to distribution link should be Layer 2. Is this really necesary or just a recommendation, and if so why? Can't this link be a L3 link when spanning vlans across Access switches in distribution block, as I understand the benefit of having a L3 distribution to distribution link so that SPT is avoided.
  Please help

  Hello,
  The cisco recommended design is L3 links, but these is only possible if you have no vlans you need to span over the hole network.
  It depends on your topology or what you want achieve.
  If you need for one or more vlan's spanned the LAN, you need to use a layer 2 connection between all switches and between distribution too.
  In my company we have for example a few vlans for restricted areas, like device management or else, so we can't use L3 Links in the distribution area because these vlan's are terminated at the firewall. I think these is good thing.
  I would recommend you if you don't have to span one or more vlan's across the network to use L3 Links, specially in the case of redundancy way's. So you need no spanning-tree, but need to use other protocols like GLBP or else. The works faster and are not so confusing (for some people) as STP.
  best regards,
  Sebastian

• Server farm switch design

  Hi
  Pls see attachment
  Can i have the topology mentioned in the Attachment special from the access switch to the Core?is it good design ? what is your recommendation?
  thanks

  I can recommend only V-shaped design as it provides great redundancy in case of almost any failures. As you said, if etherchannel fails b/w two access switches, then the Acess-switch-1 and UP to Serverfarmswitch-1 is completely isolated from the other. I believe, even for dual attached servers also, V-shape design suits best.

• [solved] DHCP snooping in environment with core and access switches

  Hello,
  I'd like to know what steps are needed to configure DHCP snooping in my environment:
  1) two core switches Catalyst 6500 (VSS): VLAN defined here, DHCP server connected here
  2) access switches Catalyst 3750: clients connected here
  Access switches are connected to core ones via trunk ports (fiber optics).
  How many snooping databases are required?  One for core and next for each stack?

  Hi Marian,
  If your network is properly designed and connected so that clients, including DHCP clients, are attached to the access layer switches, then the DHCP Snooping should be run only on access switches. Running DHCP Snooping on core switches is not going to increase the security because the DHCP communication has already been sanitized on the access layer.
  If you intend to save the DHCP Snooping database then each switch performing the DHCP Snooping needs to have its own database if you intend to use a persistent storage for it. However, you can always have the switch to save the database to its own FLASH, alleviating the need for a centralized networked storage.
  I am not sure if this answers your question so please feel welcome to ask further.
  Best regards,
  Peter

• With STP one of the port of the access switch connecting to the backup path should be blocked

  Dear All,
  I have setup my LAN with one L3 cisco 3750 and have 2 2960 as access switch. The two access switch are connected to the L3 switch directly  and two access switch connected back to back for redundancy. There one VLAN configured between all these switches.
  When I checked the show spanning-tree one of the access switch the ports is correct as below,
  sw1#sh spa
  VLAN0005
    Spanning tree enabled protocol ieee
    Root ID    Priority    24581
               Address     0001.4353.DB5A
               Cost        4
               Port        25(GigabitEthernet1/1)
               Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
    Bridge ID  Priority    32773  (priority 32768 sys-id-ext 5)
               Address     0001.C760.93AC
               Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
               Aging Time  20
  Interface        Role Sts Cost      Prio.Nbr Type
  Gi1/1            Root FWD 4         128.25   P2p
  Gi1/2            Altn BLK 4         144.26   P2p
  whereas the in the other L2 switch both the port are in forwarding state. 
  sw2#sh spanning-tree 
  VLAN0005
    Spanning tree enabled protocol ieee
    Root ID    Priority    24581
               Address     0001.4353.DB5A
               Cost        4
               Port        25(GigabitEthernet1/1)
               Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
    Bridge ID  Priority    32773  (priority 32768 sys-id-ext 5)
               Address     0001.4256.9A77
               Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
               Aging Time  20
  Interface        Role Sts Cost      Prio.Nbr Type
  Gi1/1            Root FWD 4         128.25   P2p
  Gi1/2            Desg FWD 4         144.26   P2p
  I want the redundant port to be blocked state. I tried changing the port priority of the access switch but did not yield any result.
  Request for support.
  Easwar

  Hi Easwar,
  What you see is STP working properly, and the port roles and states are exactly as they should be. Even on a redundant link between switches, exactly one port must be a Designated port in the Forwarding state. STP never blocks a redundant link between switches on both ends. First, it is not necessary to prevent loops: as long as your Sw1 has its port in the Blocking state, it will not be using that link to forward data. Second, if there was an unmanaged switch connected between Sw1 and Sw2 with some stations attached, and both Sw1 and Sw2 had their ports in the Blocking state, the stations connected to this unmanaged switch would be entirely cut off from the network.
  Is there any particular reason why you want the port to be blocking?
  Best regards,
  Peter

• What are the major differences between a Access Switch and Aggregation Switch w.r.t Carrier Ethernet domain?

  In a Carrier Ethernet domain,Could someone please help me understand what's the basic difference between Access Switch and Aggregation Switch both in terms of s/w and h/w functionalities. MEF deals OAM,CFM, EVC provisioning only at the access edge switches. Do we need to repeat all these at the aggregation level? or  is it just used for routing purpose? Do we have a separate Fault Management at the aggregation level?

  Duplicate posts.  :P
  Go here:  https://supportforums.cisco.com/discussion/12137156/what-are-major-differences-between-access-switch-and-aggregation-switch-wrt

• How do I access LiveCycle Designer from my Adobe Acrobat X Pro?

       I am unable to access LifeCycle ES2 from my Adobe Acrobat X pro, even though I am supposed to have it as part of the software.  I have tried Forms/Edit forms, and I have looked for it through all the menus.  Several of the helps I have found for other things has me launch LifeCycle and operate from screens that LifeCycle designer provides. 
      I am using Windows XP professional.
      I would appreciate all the help I can get on this. 
  Thanks
  Mogadeet43512

  This worked!   I had to go into the system and launch it from the Designer
  9.0 folder, but thanks to your instructions I now have use of it.
  Thank You!
  Joe
  TundraSteve <[email protected]>
  09/28/2012 10:00 AM
  Please respond to
  [email protected]
  To
  Mogadeet43512 <[email protected]>
  cc
  Subject
  How do I access LiveCycle Designer from my Adobe
  Acrobat X Pro?
  Re: How do I access LiveCycle Designer from my Adobe Acrobat X Pro?
  created by TundraSteve in LiveCycle Designer - View the full discussion
  There is a terminology issue here.  From Acrobat Pro X you launch Designer
  not LiveCycle ES2.  LiveCycle is a server product.
  When you install Acrobat you have the option to install or not install
  Designer.  Look in the folder C:\Program Files (x86)\Adobe\Acrobat 10.0
  and check to see if there is a Designer 9.0 folder.  When in Acrobat you
  should be able to create a new form and it will prompt if you want to use
  Designer.  If all else fails you can always go into the Designer 9.0
  folder and launch FormDesigner.exe
  Please note that the Adobe Forums do not accept email attachments. If you
  want to embed a screen image in your message please visit the thread in
  the forum to embed the image at
  http://forums.adobe.com/message/4734785#4734785
  Replies to this message go to everyone subscribed to this thread, not
  directly to the person who posted the message. To post a reply, either
  reply to this email or visit the message page: [
  http://forums.adobe.com/message/4734785#4734785]
  To unsubscribe from this thread, please visit the message page at [
  http://forums.adobe.com/message/4734785#4734785]. In the Actions box on
  the right, click the Stop Email Notifications link.
  Start a new discussion in LiveCycle Designer by email or at Adobe
  Community
  For more information about maintaining your forum email notifications
  please go to http://forums.adobe.com/message/2936746#2936746.

• Error While Accessing Universe Designer

  Hi All,
  I am facing an strange issue - I have BO Installation on windows server - 2003.
  As a client when iam trying to access the server from diffrent location i am able to access CMC and Polestar.
  But When i am trying to access universe designer - it shows an error -
  Cannot access Repository ( uSR0013)
  [repo_proxy 13] SessionFacade::openSessionLogon with user info has failed(Transport error: Communication failure.(FWM 00001)
  (hr=#0x80042a01)
  Any suggestion.
  I am able to telnet my server ip with port 6400 and 8080.
  Thanks

  I think there is some problem because of firewalls.
  Could some one tell me what are the list of ports need to be opned for server client model.
  i asked network team to open the ports 6400 -6410 only.
  Do i need to open ports ??
  My BO server installation is default and CMS is on - 6400. and i haven't configured anything else.
  pls suggest the approach.
  Thanks

• Timed Access Switching Off??

  My settings in Timed Access seem to hold for maybe a few days at a time, but then all of a sudden when I check it, the Timed Access tab reads Not Enabled.
  No one else can be turning it off as I am the only one that knows the password.
  Has anyone else experienced Timed Access switching itself off?...It is a useless feature if I can't rely on it to stop various devices from accessing my network at various times.

  I can't find the links now that I'm specifically looking for them, but recall reading posts from several users who have posted over in the Lion forum with the same issue.
  One user reported that after he reset the AirPort Extreme to factory default settings and then manually set it up again, that things worked fine.
  it's a hassle to have to enter in all the Timed Access data again, but might be worth a shot. If you decide to try this, be sure to change the default rule in Timed Access (which allows all devices access).
  It's best to set the default rule to "No Access" then enter in the specific MAC Addresses or AirPort IDs for devices. You've probably already done this in the past, but some users forget to change the "default" rule and then wonder why things don't work as expected.
  No guarantees that this will work, of course. Up to you if you want to try.

• How to access EBO Designer in AIA 3.0

  HI,
  I have installed AIA 3.0. But when i login , i only see CAVS, Project Lifecycle and Setup. How can i access EBO Designer?
  THanks
  Manish

  Hi,
  we participate the Early Adopter Program and work with AIA EAP 3.0. I think you mean AIA 11g!? The EBO Designer will be not a part of AIA 11g and will release later. May be somebody from Oracle can get a statement.
  Kind regards,
  Marcel

• Small DC Switch Design

  Hello,
  I'm working on options for a small DC switch design.  This DC has 5
  virtual hosts with 10-20 guest vm's each.  Each server has two quad
  port gig nics with 6 of the 8 gig ports connected (3 for iSCSI and 3
  for data or management.  It also has two 3 node sans each with 2 gig
  ports per node, a host of other small servers including voice servers,
  management servers, asa firewall, and a few routers.  Total of 50-60
  ports as of right now.
  Connected to the DC is 7 other buildings each with there own 1 gig
  fiber connection serving about 3000 devices in total including
  desktops, laptops, ip phones, wireless ap's, building automation,
  alarm panels, etc....
  Right now in each of the 7 buildings has a 3560G as an aggregation
  switch connected back to the DC.  The DC also has a few 3560G's and
  3750G's for the sans and servers.  The system seems to work ok for the
  most part aside from micro bursts overwhelming the buffers on these
  switches and the etherchannel trunks between them dropping a minor
  amount of packets.  QOS is configured for the voice network and there
  are little to no complaints.
  What I would like to know (costs being the biggest factor) is what
  would be a better switch design for the current and future traffic in
  this network.  Some options I was thinking about are as follows:
  I would needs at least 96 ports.
  So option A is to go with a 4506-E bundle with 2 48 port line cards,
  sup 6l-e and a WS-X4712-SFP+E or something of the sorts.   And then
  upgrade to the enterprise services license and do all of the routing
  and switching for the DC on this one switch.  Means little redundancy
  and no failover.
  Option B was to go with the same 4506-E bundle, without the extra
  license and without the SFP line card and put in some sort of layer
  three aggregation switch, possibly an me3600x.
  Option C Is to go with the 4503-E, the SFP line card and the IP
  Enterprise services license.  And two top of rack switches, either
  2360's or 4948's.
  I would like to do some PBR on the aggregation switch, but I am unsure if the me3600x is capable of doing that.
  I have no experience in this matter so any other thoughts or
  suggestions would be appreciated.
  Thanks,
  Dan.

  Disclaimer
  The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.
  Posting
  If cost is the biggest factor, and the only notable issue now is occasional packet drops due to insufficient buffers, perhaps some buffer tuning would be something to consider.
  A really important question to answer is how important redundancy. At lower port densities (3 to 4 stack members), the switch stack is less expensive than a chassis that supports redundancy.  At very low port densities (2 to 3 stack members) the stack might be less expensive than even a non-redundant chassis.
  BTW, the 3750-E/X offers much more performance than the original 3750 series.  If offers wire-speed PPS and fabric per switch, twice the ring bandwidth and uses the ring, for unicast, much "smarter".
  Perhaps a dual WS-C3750X-12S or WS-C3750X-24S for your core with dual MEC fiber etherchannl links to your aggregation switches?  In the DC itself, you might also use 2960s to provide DC edge ports.  For growth, a dual 3750-X stack would support four 10 gig ports which could be used with 10 gig servers or 10 gig SAN or as a 10gig link to other DC switches, such as the 2960S (which support their own stacking technology).

• Stop broadcasts on edge access switches to a port

  I have a telco person wanting to put the management port of their phone switch on to the network in one of our remote offices. They say that it will not handle broadcast very well and it will cause it to reset.
  So is there a way to limit the broadcast traffic to the port the phoneswitch is connected to. Or is there another way to accomplish this.
  using switches like edge access switches 3500XL, 2900XL, 3550 etc and or small routers like 1700 series.
  Thanks.

  http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_command_reference_chapter09186a008010f968.html
  See the storm-control command reference. A 2.0 threashold will allow 2% of total bandwidth as broadcasts.