HSRP between 2 access switches and 2 core switches

Similar Messages

• What are the major differences between a Access Switch and Aggregation Switch w.r.t Carrier Ethernet domain?

  In a Carrier Ethernet domain,Could someone please help me understand what's the basic difference between Access Switch and Aggregation Switch both in terms of s/w and h/w functionalities. MEF deals OAM,CFM, EVC provisioning only at the access edge switches. Do we need to repeat all these at the aggregation level? or  is it just used for routing purpose? Do we have a separate Fault Management at the aggregation level?

  Duplicate posts.  :P
  Go here:  https://supportforums.cisco.com/discussion/12137156/what-are-major-differences-between-access-switch-and-aggregation-switch-wrt

• The difference of the IEEE802.1x Auth between Cisco Routers and Catalyst switches

  Hello
  I am investigating the difference of the IEEE802.1x Auth between Routers and Switches.
  Basically dot1x auth is availlable on Catalyst Switches. however if I want to check to
  PortBased Multi-Auth , MAC address Auth and any certification Auth with this feature,
  Is it possible to integrate into Cisco Router such as Cisco 891F ?
  In my opinion Cisco891F is also available to use basic IEEE802.1x but if it compares with Catalyst switches such as Cat3560X
  I think there might be any unsupported feature on Cisco 891F.
  I appreciate any information. thank you very much in advance.
  Best Regards,
  Masanobu Hiyoshi

  Many time in interviews asked comaprison between cisco  routers and switches that i was answerless bcoz i dont have much knowledge about that.Can anyone provide me the compariosin sheet of the same.how are the cisco devices differ with each other how much Bandwidth each routres support and Etc...
  Ummmm ... The most common question I get is "what is the difference between a router and a switch".
  However, if you get a question like this, then my impression to this line of questioning are:
  1.  The candidate they are looking for has in-depth knowledge of routers and switches.  And I mean IN-DEPTH!;
  2.  They are not looking for a candidate.  They just want to stroke their ego.  There is not alot of people who can give you the "names and numbers" of routers and switches at a snap of a finger.  And if you do happen to know the answer, then and there, then expect a tougher follow-up question. 

• Principal difference between an Idoc and a Switch document.

  Hello
  what is the principal difference between an Idoc and a Switch document.
  Thanks

  Hi,
  A switch document documents a process, such as, switch of supplier, in a liberalized market and can be monitored with own transactions. The process steps are usually controlled by workflows.
  An IDoc is used to transfer data from one system to another one in a predefined package. When you import an IDoc containing a market message, a workflow can be started creating/updating switch documents.
  Kind regards,
  Fritz

• What is the difference between access specifiers and access modifiers?

  what is the difference between access specifiers and access modifiers? are they same? if not what is the difference.

  Access Specifier are used to specifiy how the member variable ,methods or class to other classes.They are public ,private and protected.
  Access Modifier:
  1.Access
  2.Non Access
  Access:
  public ,private,protected and default.
  Non Access:
  abstract,final,native,static,synchronized,transient,volatile and strictfp

• Switches for Access, Distribution, and Core Layer

  I have this case study in school and we are tasked to build a network in a school. So we've decided to use the three layer hierarchical model. I'm not sure about what switch is best for these layers but I've decided that I'll use 3750 for the Access layer, 4500E for the Distribution layer, 6500 for the Core layer. Are these the ideal switches for each layer? If not, could you suggest any switch that is better than the current? Need your suggestions or thoughts about this. Thanks in advance!

  Hi Seb, thanks for replying. My groupmates and I have already decided that we're going to have a distribution layer. So basically, is 3750 enough to be the backbone/core of the network? We're configuring the to have a Layer 3 design so that makes me choose on 3750 on distrib and core rathen than 2960 switches cause I think that's better than Layer 2 though I don't know specifically what makes it better. Do you know? So I could have a thorough explanation when I present it to my professor. As for the budget, the case study didn't give us any limit so I think layer 3 would be a better choice than layer 3. Thanks Sib, appreciate it.

• How to create a Access list on core switch to bloxk all Internet Traffic & allow some specific Internet Traffic

  Hellp Everyone,
  I am trying to create a Access-List on my Core Switch, in which I want to allow few internet website & block the rest of them.
  I want to allow the whole Intranet but few intranet websites also needs access to the internet.
  Can we create such Access-List with the above requirement.
  I tried to create the ACL on the switch but it blocks the whole internet access.
  i want to do it for a subnet not for a specific IP.
  Can someone help me in creating such access list.
  Thanks in Advance

  The exact syntax depends on your subnets and how they connect to the Internet. If you can share a simple diagram that would be much more informative.
  In general just remember that access-lists are parsed from the top down and as soon as a match is found, the processing stops. So you put the most specific rules at the top. also, once you add an access-list, there is an implicit "deny any any" at the end.
  The best approach is to create some network object-groups and then refer to them in your access list. From your description, that would be something like three object-groups - one for the Intranet (Intranet), one for the allowed servers that can use Internet (allowed_servers), and a third for the permitted Internet sites (allowed_sites).
  You would then use them as follows:
  ip access-list extended main_acl
  permit any object-group intranet any
  permit object-group allowed_servers object-group allowed_sites any
  interface vlan
  ip access-group main_acl in
  More details on the syntax and examples can be found here:
  http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_acl/configuration/15-2mt/sec-object-group-acl.html#GUID-BE5C124C-CCE0-423A-B147-96C33FA18C66

• Core switch and sub switch gateway

  I have a Layer 3 core switch(backbone) 10.18.16.0/24, and the core switch needs to connect to multiple Layer 2 sub switches.
  The Layer 2  sub switches will connect to multiple workstations. The sub switches network will be 172.20.10.0/24, 172.20.40/24 and so on.
   I use core switch IP 10.18.16.11 to connect to sub switch 172.20.10.0/24. Which gateway IP  should I use for 172.20.10.0/24 ? Should I use 172.20.10.1 or 10.18.16.11 ?
  Thank you for your help in advance.

  I am not sure what you mean by "sup switches", but usually you need a management IP/vlan segment, so you can use it to access the devices.  So if your management segment is 172.20.10.0/24 you assign an SVI to every layer-2 switch and give it an IP in this range and the gateway for all the SVIs should be on the core (172.20.10.1/24
  example:
  access switch-1 172.20.10.11/24
  access switch-2 172.20.10.12/24
  access switch-3 172.20.10.13/24
  and so on
  The default gateway for all your layer-2 switches should be the SVI on the core (172.20.10.1/24)
  HTH

• Normal config for uplinks to switches and core

  Hi all, can anyone tell me the way most people set up there uplinks between switches, and uplinks to the core, ie do you use uplink fast, backbone fast etc ?
  thanks

  Yes, we normally use uplink fast for the link from distribution layer to core layer switch; and use backbone fast between core switches.
  However, you can use Rapid STP (RSTP) now for all links. Check below for info and examples :
  http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84bc.html
  Hope this helps.

• Help me to choose Right Core switches and Edge switches as per my Spec

  Dear All
  Please help me to choose Core and Edge switches and all required hard ware and software. 
  the spec details as per below 
  Core Switches
  1. High performance, highly scalable core switch to provide multi-10GE connectivity to various segments in the network.
  2. Switch should have redundant switch fabric and routing engines or management / supervisor modules
  3.should have separate control and forwarding planes
  4.Each switch should have redundant power supplies in N+N or N+1 fashion
  5. Must allow for two spare slots once services, management, processing modules and line cards populated
  6. Easy to manage firmware- i.e. single code type enterprise/service provider) or train, and robust operating system
  7. Supports for the VRRP, NSR, GRES, BFD, STP, MSTP, RSTP, VSTP, LACP redundancy protocols
  8. Hot plugging and removal 
  9. The switch should have native switching architecture with up to sufficient performance such that the loss of one switching fabric should not lead to degraded performance
  10. Switch should support switching at least 400Mpps
  11. Switch should be able to support 40 10Gig line rate ports in a fully redundant configuration 
  12. Chassis that can scale to 700 Gbps
  13. The proposed Backbone switch should support, but not be limited to the following Layer 3 features:
  Static ip routing
  Routing information protocol (RIP) and RIP2
  Open shortest path first (OSPF)
  IGMP v1, v2 and v3
  IGMP Snooping 
  IP multicast routing protocol 
  14. The switch should support the following features at a minimum:
  Spanning Tree 802.1D, 802.1S, 802.1W
  GVRP
  802.1x single and multi-supplicant: VLAN and ACL assignment
  Dynamic ARP Inspection (DAI), DHCP snooping, IP Source gurard
  LLDP, LLDP-MED
  802.3X, 802.3ad
  Redundant Trunk Group (RTG)
  IGMP snooping 
  Unicast static, OSPF v1/v2, RIP v1/v2
  Multicast IGMPv1/v2, PIM
  Graceful Route Engine Switchover 

  I have gone through your document and I am surprised to see MORE information in the document than what you've posted.  I am so mildly suspicious about the authenticity of the document and spreadsheet you've attached.  
  So far, based on this document, the client wants a chassis that can support up to 700 Gbps backplane.  The only candidate, other than a full-blown Nexus solution, is the 6807-X.  
  Next, the document also states dual supervisor card with two spare slots.  Good luck trying to get that much empty space on a 6807-X.  This means 6509E.  You can't use a 6513E because of line-card-to-slot limitation.  
  If you look under the heading "Edge Switching", the first sentence already makes references to 6800ia switch.
  There's also a reference stating that the product should have a 100 Gbps backplane.  You can take the 6509E chassis out of the equation.  
  So you see, I am suspicious about the authenticity of the document.  I agree with mali's and devil's recommendation that if you are serious, you would be engaging Cisco SE/AM in your region.  There are only three reasons, that I can think of, why you've posted this here.  One of them is the intended purpose of this document (and the audience).

• Trunking between a router and a switch

  i used the topology and the configuration described on the pictures included on this post.. but the problem that the ping failed between the switch and the router

  The router config might not have been captured correctly coz it would not allow you to configure the subinterface with no vlan id after the encapsulation. But you can try this, define the native vlan 1 on the router's subtinterface for subnet 172.16.1.0/24. Also, what address of the router are you pinging from the switch?

• Etherchannel between a server and 2 switches

  I have a customer who has a switch with channel groups set up. Each server has 4 nics going to their 3560 and there is a channel group set up for each server. They want to add another 3560. Can I spread the channel groups across the 2 switches? So each server will have 2 connections to each switch?

  Etherchannel to one server should not be and cannot be spread across 2 switches. If the server happens to use the same MAC and IP address on all 4 ports , it would cause switches to report mac address flapping. Etherchannel is point to point technology.
  But if you want to create 2 separate etherchannel to 2 different switches , that should be fine. e.g 2 ports on a server is in 1 port channel and going to 1 switch and 2 ports in a separate channel going to a second switch is fine. One channel should not be spread across 2 different switches.
  Hope this helps.
  Salman Z.

• Running HSRP between N5k 's and vPC between N2k and server

  Dear All,
  I have the following existing setup, i would like to run HSRP between N5k1 and N5k2. Also would lilke to run vPC between N2k1,N2k2 to the server farm which are dual homed. Please find the diagram attached.
  Please advise the step by step process along with the commands to be entered. Thanks for your help

  Hi,
  If you don't have many vlans, there is no need to load balance.  Make one of the 5ks the primary for HSRP and the other one stand-by.
  here is good link on how to configure it.  Make sure to run HSRP version 2. This way you can mach the HSRP group IDs with your vlan IDs. Also give a higher priority to the active 5k and enable preemption.
  http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/unicast/7_x/cisco_n5500_layer3_ucast_cfg_rel_6x/l3_hsrp.html
  HTH

• L3 connections between Access points and WLC

  hi,
  we have a customer asking us to configure wireless system as per attached drawing.
   WLC is in Data Center which is connected to Data Center Switch ( Cisco 3850), then this DC-Switch is connected to DC-Core ( Cisco Nexus-7K).
  this Nexus-7K is connected to many campus Networks. in all campuses there is Cisco 4507 Campus Core which is connected to Nexus-7K.
  then from Campus core many distribution switches are connected.
  all Vlans for data and wifi is created in Distribution Switches. Distribution Switches are VTP Servers and many access switches with connected APs are connected back to this Distribution Switch.
  All Access Points are registered at WLC in Data Center, but wifi clients are not getting ip address from DHCP Server, as well as even if we configured static ip address at wifi clients they are not able to communicate correctly.
  please correct me if there is a mistake in this design , or we have a solution to solve this problem please let me know.
  attached topology diagram 
  thanks,
  anvar

  Hey Anvar,
  Too much details about network, to make it simple:
  1- APs and WLC can be in separate VLANs (Not a problem)
  2- As APs have joined, these two VLANs look fine for me
  If your clients can't communicate probably with static IP address
  1- From the WLC, ping default gateway for that VLAN
  2- If the WLC can reach the gateway, its wired VLAN issue that you need to investigate in the path (maybe using wired device in the same VLAN as the clients in the switch where the APs are connected)
  Now, about why the clients are not taking IP:
  1- What is your DHCP, where its located? Is it the same one for all clients?
  2- Do you have local APs or FlexConnect ?
  3- When you run the debugs for DHCP where the process breaks?
  Cheers,
  Nour

• Same wlan both locally switched and centrally switched

  Scenario:
  1 virtual wireless controller
  50 access points, some of them some local to the controller (same site), other on remote sites, all in flexconnect mode.
  Is there a way for a wlan to be locally switched for a group of ap's, essentialy those local to the controller, and centrally switched for other groups of ap's, in fact those placed on remote sites?
  I've tried configuring flexconnect groups, and ap groups, but no luck, I've found no way to override the globally configured flag "flexconnec local switching".
  I've also tried to create two identical wlans, one locally switched and the second globally switched, but the wlc refuses to activate the second one since it has the same ssid of the first one.
  Regards,
  Massimo. 

  Since you have vWLC all AP needs to be in FlexConnect mode (If you got a normal WLC you can keep HQ AP in local mode & Remote AP in Flex mode to achieve this)
  I think in your case you have to either choose "Central Switching" or "local switching" for your APs.
  Regards
  Rasika
  **** Pls rate all useful responses ****

• Switches and more Switches

  I'm currently configuring a mass of new switches, and instead of doing them one by one, I was hoping someone has a better/faster solution. I have config files to use, and a laptop. Kind of limited on tools. Can anyone point me in the right direction?

  You might want to look at something like "WINBATCH" or "expect" scripting.
  The main issue, as pointed out in the first response, its that you need console connectivity to begin with, then you can either blow the rest of the config in through Ethernet, or set up a TFTP server with a default image and load 'em up from there.
  You may want to do 'em in batches: first set the addresses up either manually or through a scripting progran (we read the configs from an Excel spreadsheet) to set up the common portions of tehe config, then blow in the config differences in a separate script/process.
  The other upside to doing that is you can have some spares with the base config, then if you need to replace a switch later, you only need to add the "delta" config.
  If you have a term server around, and are pretty clever with scritping (or the program (free) "expect") you could do a batch of 8, 16, or 32 at a time.
  You may also be able to use some of the scripting facilities of CiscoWorks if you are using that.
  Sounds like fun. We had to do a batch of 3000 Chipcom switches once. From that, a full-blown staging system was developed.
  Good Luck
  Scott