Dual-homed servers connected directly to redundant CSSs

Similar Messages

• Configuring Dual-homed servers for redundancy to 6509s

  I am looking for assitance in properly configuring dual-homed servers for redundancy to two CatOS based 6509s. My search for information on how to do this has been unsuccessful to date, so any help you can provide would be most appreciated.
  Do I need any special hardware/software on the 6509s and/or on the servers?
  Thanks, in advance.
  John

  A lot depends on the kind of servers you have and the NIC teaming algorithms they support. Usually two or more NICs can be teamed in either a fault tolerant configuration (with one primary NIC) or in transmit load balancing configuration. Both these configurations allow the NICs to be connected to separate L2 switches so in case your servers do support such kind of teaming all you need is to have both NICs in the same VLAN and ensure L2 connectivity between the Catalyst 6509s. I recommend you research this from the server perspective also and like everything else test it before production deployment.

• BGP in Dual Homing setup not failing over correctly

  Hi all,
  we have dual homed BGP connections to our sister company network but the failover testing is failing.
  If i shutdown the WAN interface on the primary router, after about 5 minutes, everything converges and fails over fine.
  But, if i shut the LAN interface down on the primary router, we never regain connectivity to the sister network.
  Our two ASR's have an iBGP relationship  and I can see that after a certain amount of time, the BGP routes with a next hop of the primary router get flushed from BGP and the prefferred exit path is through the secondary router. This bit works OK, but i believe that the return traffic is still attempting to return over the primary link...
  To add to this, we have two inline firewalls on each link which are only performing IPS, no packet filtering.
  Any pointers would be great.
  thanks
  Mario                

  Hi John,
  right... please look at the output below which is the partial BGP table during a link failure...
  10.128.0.0/9 is the problematic summary that still keeps getting advertised out when we do not want it to during a failure....
  now there are prefixes in the BGP table which fall within that large summary address space. But I am sure that they are all routes that are being advertised to us from the eBGP peer...
  *> 10.128.0.0/9     0.0.0.0                            32768 i
  s> 10.128.56.16/32  172.17.17.241                 150      0 2856 64619 i
  s> 10.128.56.140/32 172.17.17.241                 150      0 2856 64619 i
  s> 10.160.0.0/21    172.17.17.241                 150      0 2856 64611 i
  s> 10.160.14.0/24   172.17.17.241                 150      0 2856 64611 i
  s> 10.160.16.0/24   172.17.17.241                 150      0 2856 64611 i
  s> 10.200.16.8/30   172.17.17.241                 150      0 2856 65008 ?
  s> 10.200.16.12/30  172.17.17.241                 150      0 2856 65006 ?
  s> 10.255.245.0/24  172.17.17.241                 150      0 2856 64548 ?
  s> 10.255.253.4/32  172.17.17.241                 150      0 2856 64548 ?
  s> 10.255.253.10/32 172.17.17.241                 150      0 2856 64548 ?
  s> 10.255.255.8/30  172.17.17.241                 150      0 2856 6670 ?
  s> 10.255.255.10/32 172.17.17.241                 150      0 2856 ?
  s> 10.255.255.12/30 172.17.17.241                 150      0 2856 6670 ?
  s> 10.255.255.14/32 172.17.17.241                 150      0 2856 ?
  i would not expect summary addresses to still be advertised if the specific prefixes are coming from eBGP... am i wrong?
  thanks for everything so far...
  Mario De Rosa

• Dual-homed server to two Cat4948 switches

  Hello everyone,
  I have a picture above which I want to realize. The main point is a dual-homed server connected to two switches.
  At server OS needed to configure NIC teaming which uses LACP. But how I can do it at Catalyst 4948?
  Which technology I able to use to multi-switch etherchannel?
  If I need one more link between Cat4948, then I can do.

  The exact load sharing options available to you will probably depend on the server type / vendor. The settings are applicable to the Network Adapters but you usually use the configuration utility provided by the respective vendor. I would suggest you do a quick google search on your particular server model. An example is:
  http://www.brianmadden.com/blogs/guestbloggers/archive/2006/04/19/hp-proliant-network-adapter-teaming-explained.aspx
  Atif

• Redundancy with dual nic servers

  Hi I have 2 11500's configured with box-to-box redundancy. I have a number of app servers each with dual nic's (which are Teamed) and which are connected directly to the CSS's. Nic 1 in each goes to the master CSS1 and is therefore live. Nic2 goes to standby CSS2.The CSS's are connected two 4500 switches to the public.I am monitoring the links to the 4500's,if i switch off the master CCS1,we fail over and the servers all connect via nic2 to the new master CCS2. But when the link to the 4500 from the CSS1 Master goes down the CSS'S failover but the nic2's do not connect to the CCS2 because Nic 1 in each server has not failed ie they still see CSS1 as up. Is there a workaround to this problem ?
  Thanks
  J

  I know of no way to link CSS interfaces so that if the uplink goes down, the the other ports are shutdown. There may be another way to configure the adapter teaming or failover on the server side. I know some OS's send out test frames from one adapter to the other to verify network integrity.
  What I'd recommend is that you setup a VLAN on your 4500's for the server's physical connections, and uplink that to a "backend" interface on the CSS. This can be done with the CSS in either a router or bridge configuration, but I'd recommend router mode.

• Single Homed or Dual Homed FEX

  With the ability to do enhanced VPCs now on the FEXs is there any benefit to have a mixture of having of single attached FEXs and dual homed FEXs?
  Here are some benefits as I see them
  Single homed FEX is easier to trouble shoot as the topology is not as complex.
  A dual homed FEX will support both dual attached hosts and a single attached host. So this means we only have one topology to deal with (everything dual homed)
  Any other pros or cons?         
  Thanks

  If you have any servers with only one uplink, you want dual homed FEXes for redundancy.
  Also, it depend on the number of FEXes you are connecting to the same set of switches.  For example: the max number of FEXes that can be uplinked to a set of 6k switches is 24 if you are dual homed, but if you are single homed the max is 48 (24 per switch).
  HTH

• N5K - N2K Image Upgrade Single vs Dual Homed

  Hi,
  The upgrade distuptive behaviour is not explained well in the following documentation link . Especially about single homed FEX topology.
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/upgrade/503_N1_1/n5k_upgrade_downgrade_503.html
  1. I have just upgraded a dual homed Active / Active N2K to N5K environment as below. The downtime was exactly explained as above URL, just the time to reload the FEXs. Which was about 1.5 minutes or so...
  Or should we NOT reload all the FEXs almost simultaneously by manual command (as mentioned in the upgrade guide) in this topology, in order to minimize the downtime ?
  2.However I am curious if there would be any downtime in a single homed FEX topology as below. My guess is there would be just the downtime for the edge server to distribute the traffic to the other N2K.
  I guess if the downtime is really a biggy,  then the second topology is easier to manage.
  Comments area very much appreciated.
  Dumlu

  I am not able to see the images you attached, could you please try reinserting them?
  Also if I am understanding your question correctly, you are wanting to know if there will be downtime, if you upgrade a N5K with a 2K single homed. I assume you meaning something similar to this?
  If so, yes the single home fex would be reloaded per the document it states: "Upgrade the first vPC switch (vPC primary switch) -  during this upgrade, the switch will be reloaded. When the switch is  reloaded, any dual-homed FEX will not be reloaded.  Only singled-homed FEXs are reloaded. Servers connected to these  dual-homed FEXs retain network connectivity via the second (vPC  secondary) switch"

• How to connect directly to FMS server

  Hi,
  Is it possible to connect directly to FMS server with NetConnection
  and connect to video with NetStream ?
  I see that in debug mode can see the RTMPS connection of FMS server,
  So I try successfully connect to this RTMPS connection,
  But I don't know what is the STREAM NAME of the video (WebcamPublisher).
  Thanks,
  Eyal.

  Hi Nigel,
  I developed the ChatVideo (http://www.chatvideo.co.il) that use the Adobe LiveCycle Collaboration Service.
  Now I want to develop a version to iPhone.
  To do this I used WOWZA servers - I set up the WOWZA server to edge and he take the stream from the Adobe FMS origin server,
  And on the fly the WOWZA server produce M3U8 link that can view in the iPhone.
  Are you know a other way to do this?
  Thanks,
  Eyal.

• How to replace Nexus5596 with dual-homing N2K

  What is the correct process to replace a FEX parent switch with dual-homing fex?
  Traffic should not be interrupted.        

  Hi
  Do you have VPC between Parent Switches & are you running VPC on dual homed FEX fabric ports. ?
  If yes Below is the procedure,
  1)  boot the replacement switch without VPC, peer-links & FEX ports connected to it.
  2)  Make sure it has same Software version matches with the peer switch.
  3)  enable Pre-Provisioning for slots with appropriate FEX model.
  , here find the guide:
  http://www.cisco.com/en/US/partner/docs/switches/datacenter/nexus5000/sw/system_management/521_n1_1/b_5k_System_Mgmt_Config_521N11_chapter_0100.html#task_05BB53AD7AFB49CF9A8E4A5C6C37CB38
  So, on the replacement switch you will pre-provision the Fabric Extender and configure the ports so it will be ready when you add the module to the RMA SW.
  Please make sure you put the appropriate FEX model on the provision slot, otherwise, when connected it will not come Online
  Example, FEX 110:
  N5K(config)# slot 110
  N5K(config-slot)#provision model N2K-C2248T
  4) Now  keep all ports at Shut down state Then Configure Entire switch that includes FEX host ports, FEX Fabric Ports & VPC peer-link, VPC Domain Configuration.
  keep FEX host ports in shut state.
  5)  keep VPC Role priority on existing switch lower than , new switch
  6) Connect Peer-link ports to Peer switch & wait till VPC Comes up-
  7) Then connect Fabric ports from FEX to the pre-configured ports on replacement switch
  After it comes online Unshut FEX host ports.
  I got similar steps here as well
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/operations/n5k_vpc_ops.html#wp425197
  NOTE: I followed same process however, few ping drops were seen....arnd ( 5- 6 ping loss) only on few hosts...
  Mazhar

• Can Flex 4.6 connect directly with a MS WCF

  Can Flex 4.6 connect directly with a MS WCF without having to use a 3rd party tool like WebOrb.  I have several basic httpprotocal wcf services that I want to move to a mobile app with Flex. Any feed back or insight will be appriceated.

  The correct answer to this question appears to be that Apple's terms of service *do not* prohibit the loading of swf's on IOS from remote servers dynamically at runtime.  They prohibit the loading of swf's that *contain executable ActionScript code*. 
  I loaded a PPT into Adobe Connect and then retrieved the resultant slide swf's from the Connect server.  I took these swf's and loaded them into my iPad app, dynamically at runtime, from a remote server.  The swf's loaded and animations played.  I made no changes to my code.  I'm just using a plain old SWFLoader object.
  Loading swf's dynamically at runtime from remote servers into IOS works - if you make the swf's right.  How to do that I'm not sure.

• RDS Gateway Best practices Dual-Homed?

  Good Day,
  I am wondering what is a typical amount of time others see when end users launch a RemoteApp session that goes through the RDS Gateway.
  Our two RDS Gateway servers (entire environment is W2k12R2) seem slow to me. They are both Dual-Homed and with a Nic on the DMZ and Internal side of the network. Maybe I would be better off disabling the Internal Nics and reconfiguring the firewall rules
  so that everything routes through the DMZ nic?
  Steve J.

  Hi Steve,
  Thank you for posting in Windows Server Forum.
  Best practice for any server is depends on your environment scenario as you need to decide whether to place the gateway in DMZ or allow 443 to be opened to the internal network. Placing the RDS Gateway in DMZ is more secure, you can have more information from
  beneath article.
  RD Gateway deployment in a perimeter network & Firewall rules
  http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment-in-a-perimeter-network-firewall-rules.aspx
  For more detail and understand RD Gateway refer this article.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Dual-homed FEX

  Looking for some guidance with a problem. I have 3 Nexus 2248T switches dual homed to 2 Nexus 5672 in the core. (See Attachment)
  Problem: on one of the FEX I have an Exchange NLB cluster. Several of our systems that require POP3 mail to communicate messaging have experience connectivity issues (unable to send mail) and require the connection to be hard coded to one of the IP Address in a cluster server instead of the NLB address. 
  Configuration: I have not setup Spanning-tree on the trunk ports from the 5672s and am showing that BPDU guard is disabled for the edge ports.
  Nexus5672-1# sh spanning-tree summary totals 
  Switch is in rapid-pvst mode 
  Root bridge for: none
  Port Type Default                        is disable
  Edge Port [PortFast] BPDU Guard Default  is disabled
  Edge Port [PortFast] BPDU Filter Default is disabled
  Bridge Assurance                         is enabled
  Loopguard Default                        is disabled
  Pathcost method used                     is short
  STP-Lite                                 is enabled
  Question: I am thinking I missed the "boat" on the configuration and need to include spanning-tree at the port level to correct the problem. Any advice please?

  You don't need spanning tree config at the FEX level.  You just need spanning tree on the 5762 devices to determine what device is the root and what device is the backup root.
  HTH

• Nexus 2K FEX dual-homed to two Nexus 5K Configuration

  Hi.
  I am trying to look for Nexus 5K config when the nexus2K FEX is dual-homed into it.
  What will be the configuration on both 5K especiall the pinning?
  Assuming one N2K 10G port is connected to N5K-1 and another N2K 10G port connected to N5K-2?
  N5Ks are also configured as dual-sided vpc with two N7K.
  thanks

  N5k-1 ====vpc peer==== N5k-2
  \  E1/10                     E1/10  /
        \      Fex-100           /
  N5k-1 & N5k-2 config:
  ===============
  Interface po100
  switchport mode fex-fabric
  fex associat 100
  vpc 100
  int e1/10
  switchport mode fex-fabric
  channel-group 100

• Fabric Extender question to a dual-homed N5k

  According to latest release notes:
  http://www.cisco.com/en/US/customer/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_4_2_1_N1_1/Nexus5000_Release_Notes_4_2_1_N1_1.html#wp144071
  "Support for a maximum of 12 Fabric Extenders dual-homed to a vPC Cisco Nexus 5000 Series switch pair and a maximum of 576 hosts connected to Fabric Extenders connected to Cisco Nexus 5000 Series switches"
  I have mixed mode so some of the FEX will only connect to one N5k despite the 2N5k will be vpc. Cisco calls this "Fabric extender straight-through topology". This is because I am running port-channel with VM on these particular FEX.
  http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/C07-572829-00_Design_N5K_N2K_vPC_DG.pdf
  question is:
  1. Can I assume 2148 is included per release notes?
  2. Can I have more than 2 ports in the portchannels in straight-through mode?
  3. Release notes show 576 host which is (12 max times 48 ports). I assume I can have more logical host meaning vm host via the port channels, right...?
  Thx

  Any Nexus 5000 can have a total of 12 FEX's connected to it physically.  If you have 12 FEX's in dual-homed mode, then that is the limit for both Nexus 5000's.  If you had 24 FEX's evenly distributed between the Nexus 5000's in straight-through mode, then that would be maximum in that configuration.  If you are mixing straight-through and dual-homed configurations, you would have to be within the 12 FEX per Nexus 5000 limit.
  The 2148 is the first FEX, so yes it is the focus of the release notes.
  The 2148 cannot have a local port-channel.  This is why you can only channel to a 2148 when using dual-homed (called Active-Active mode), one interface on each 2148, and it is tied together with a vPC configuration to make a port-channel.  The individual 2148's each only have one connection on them down to the server below.  The 2248 and 2232 do not have this restriction.
  As of 4.2(1)N1(1), 576 refers to host interfaces.  If your host has virtual hosts, you just need to make sure you are within the limit of mac addresses in the system, which is 16,000 (13,800 unicast).
  Regards,
  John Gill
  Reference:
  configuration limits -
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration_limits/limits_421/config_limits_4_2_1_chapter1.html

• Nexus 5548 SPAN Destination- Dual Homed FEX

  I understand that order to setup a SPAN monitor session, only 5K local ports can be destination ports.  Our FEX are dual homed, so I know we have to have the monitor session configured on both 5K's.  We are wanting to connect an Infinistream sniffer to the destination port.  What I am confused about is do we also have to have 2 destination ports, one on each 5K connecting to the Infinsitream or can we just use one?

  You cannot set more than one destination to a monitor session.  You can have multiple source interfaces, but only one destination.  Try this:
  destination interface e2/14
  You will need to create two more separate monitoring session with the same source interfaces but set the destination to the other two interfaces.
  HQ-N5k-2(config-if-range)# monitor session 1
  HQ-N5k-2(config-monitor)# source interface e1/17 both
  HQ-N5k-2(config-monitor)# destination interface e2/14
  HQ-N5k-2(config-if-range)# monitor session 2
  HQ-N5k-2(config-monitor)# source interface e1/17 both
  HQ-N5k-2(config-monitor)# destination interface e2/15
  HQ-N5k-2(config-if-range)# monitor session 3
  HQ-N5k-2(config-monitor)# source interface e1/17 both
  HQ-N5k-2(config-monitor)# destination interface e2/16
  Please rate if helpful