Named VLANs and Campus Topology

We have a campus of several groups and sub-groups and distributed accross an expanssive campus. We want to enable improved mobility (not just wireless) of users while retaining user authorizations and entitlements.
We consider implementing a named vlan structure with the groups defined at every access/distribution layer.
Does anyone know what problems this implementation might cause?

In a large campus design the traditional Cisco recommendations are for at least two VLAN's per access layer switch, which is then dual-homed to a distribution L3 switch where the VLAN's are terminated. We also recommend that the VLAN's do not extend beyond a single closet. This enables us to scale the wired switched networks very well, support fast STP convergence, and provide predictable behaviour under failure conditions. In this scenario it is advised against any end to end VLAN's, not even VLAN 1 for management.

Similar Messages

  • Deploying vlan and limiting traffic from not reaching network core

    Folks:
    I am reading CCNP Switch 642-813 official Certification Guide (isbn=978-1-58720-243-8) and I’m a little confused as to the following on page.71 –
    “You should not allow VLANs to extend beyond the Layer 2 domain of the distribution switch. In other words, the VLAN should not reach across the network’s core and into another switch block. The idea again is to keep broadcasts and unnecessary traffic movement out of the core block”.
    Can anyone offer a different way of stating this or offer a picture or a diagram? I am having a hard time visualizing what this is trying to say – is this refereeing to two different switch blocks/stacks on either side of a switch core if I were to the draw the topology flat?
    Thanks
    JJ

    JJ
    This is referring to the 3 tier design where you have a separate access layer/distribution layer and core layer.
    So imagine a campus where you have multiple buildings and a main site. All the other buildings connect to the main site and to get from one building to another they go via the main site.
    The main site would have a pair of core switches and a pair of distribution switches + access layer switches. The other buildings would have a distribution pair of switches and access layer switches. Each buildings distribution switches would connect back to the core switches usually with L3 links. In the past you used L2 links but with L3 switching you now generally route, or more precisely, L3 switch through the core.
    What that extract from your book is saying is that each building has it's own vlans and they are routed on the distribution switches in each building. Only traffic destined for a vlan or more specifically a subnet that is not within the building should be sent to the core switches which then route them to the correct place.
    What you shouldn't do is have a vlan in a building that also extends to the core and possibly to other buildings. This is because a vlan is a broadcast domain so a broadcast in a vlan would be sent to all hosts in that vlan. So if you allow a vlan to extend through the core you are allowing broadcasts from one building to go through the core to other buildings.
    The core switches should be left to L3 switch traffic between buildings and pretty much nothing else.
    There is usually no need to extend vlans to or across the core  ie. each set of vlans is terminated on the distribution switches so broadcasts are contained within each building or again more specifically within each vlan within the building.
    One other thing to note is that if you have a single building with maybe just a WAN connection the 3 tier design is not necessarily the best way to go and a common solution is a collapsed core where the core and dsitribution switches are the same physical switches. It saves on cost and within a single building there is often very little need for a high speed core.
    I have used the terms route and L3 switch interchangeabley here but technically all L3 capable switches route in hardware so to be precise it is L3 switching.
    Finally the above about a single building setup does not refer to a DC where the rules are somewhat different.
    Hope that helps and i haven't confused you more.
    Feel free to ask further if needed.
    Jon

  • Multiple Spanning Tree in a Hub and Spoke topology?

    My company is planning to implement Multiple Spanning tree into our hub and spoke topology. Is that possible?
    Should I divide up the vlans into instances based on assigned switch or assigned department?
    Thank You.

    hi, everyone,
    i have search a internet draft to describe this situation, "Using an LSA Options Bit to Prevent Looping in BGP/MPLS IP VPNs", from "http://www.ietf.org/internet-drafts/draft-ietf-ospf-2547-dnbit-03.txt"
    does anyone can tell me how can disable this function and clear the "DN" bit on a cisco router? thanks very much.

  • Vlans and trunks etc

    Can someone please tell me the main reason for having a vlan and server/clients setup, why do we need this setup, Please give simple explanation.
    thanks
    Carl

    The main reasons to break networks down into VLAN's is Security and to minimise broadcasts. With Security I mean the ability to block or restrict access between networks with the use of ACL's, firewalls etc. The general rule of thumb when deploying networks is /23 subnets (500 or so hosts) for IP-only networks and /24 subnets (250 hosts) when using multiprotocol. This way you reduce the broadcast domain and so can contain the amount of broadcasts within the each VLAN.
    The general practise now is also to deploy 2 unique VLAN's per access switch (1 Voice & 1 Data). This prevents the need to span VLAN's across multiple Access Layer switches and minimises the STP sizes and subsequently any STP issues from spanning network-wide. Designing your network this way also makes troubleshooting and understanding issues easier as you generally have very strict data paths between hosts; no trying to overlay your STP network over your Layer-3 network to see the logical & physical paths.
    I would also disagree with the previous post regarding VTP. Yes it does simply the creation of VLAN's in a large Layer-2 campus environment, but the Layer-2 environment is what we are trying to move away from. Using VTP Transparent or disabling VTP promotes better practise amongst your IT staff and prevents any VTP mishaps that are always network-wide.
    HTH
    Andy

  • Private vlan and HSRP

    Hi, guys. I have a question about Private Vlan and HSRP implement. In my network topology, there are 2 switch 6509 as core switches and Internet outlet. There are a 3750 as a distribute swtich, and 3550 as a access swtich. the topology is as below:
    | |
    7609----7609
    | |
    3750
    |
    3550
    |
    servers
    Now there are some Server will connect to 3550, and 3750 and 3550 will be treated as Layer 2 switch, that is these servers's default gateway will be on vlan interface on 7609, and I have configured HSRP between the vlan on 2 6509. My question is how to implement private vlan on 3550 with HSRP on 7609, so that these servers can have redundancy gateway, and be kept isolated between other servers.

    It looks like the 3550 do not support private VLAN.
    http://www.cisco.com/en/US/products/hw/switches/ps4324/products_tech_note09186a0080094830.shtml
    More info. on private VLAN :
    http://www.cisco.com/en/US/products/hw/switches/ps4324/products_configuration_guide_chapter09186a00802c30c4.html#wp1138148
    Did you configure the VLAN trunking between 7609, 3750 and 3550 ? Once we enable the VLAN trunking then the server can plug to the assigned VLAN and communicate to the 7609 via the trunk w/o interference w/ other VLAN. However, you have to enable the VLAN routing at 7609 to make it able to connect to other VLAN user if you want.
    Hope this helps.

  • Comparison of Installing HCM and Campus Solution 9.0 with Linux and Windows

    Folks,
    Hello. I am installing HCM and Campus Solution 9.0 Revision 5 with PeopleTools 8.53.
    PeopleSoft Internet Architecture is WebLogic11g/Tuxedo11g/OracleDatabase11g with OS Oracle Linux 5.10.
    In the process of seting up its database instance named "HRCS90" using /opt/PT8.53/setup/PsMpDbInstall/setup.sh, there is a step as below:
    Database Create Type:
    1) Demo
    2) System
    3) PeopleTools System
    Either select Demo or System, the next step "select PeopleSoft Applications" has only one item:
    1) PeopleSoft HRCS Demo Database - US English.
    When set up "HRCS90" with SQL Server 2005 and Windows Server 2003, there is one more item: PeopleSoft HRCS Database - US English.
    I don't need Demo database. I need HRCS database only because Demo database occupies much more disk space.
    The document "PeopleSoft Human Capital Management and Campus Solutions 9.0 Revision 5 Installation Guide" does not state the detailed process to set up HRCS database instance.
    I cannot find other PeopleSoft documents regarding set up HRCS database instance.
    My questions are:
    First, how much more disk space does "HRCS Demo database" occupy than "HRCS database" ? Is there "HRCS database" for Linux and Oracle Database ?
    Second, can you find PeopleSoft document regarding the process of seting up HRCS 9.0  database instance with Linux and Oracle Database ?
    Thanks.

    It could come from how you installed the software itself (options checked). Have a look to that thread, it could help.
    Nicolas.

  • I have added a 5 songs from a single album and in Ipod it comes as enigma album and in that one song is available and another album named enigma and another song. IT happens for 5 songs also. How to make all the 5 songs in one album name Enigma

    I have added a 5 songs from a single album and in Ipod it comes as enigma album and in that one song is available and another album named enigma and another song. IT happens for 5 songs also. How to make all the 5 songs in one album name Enigma???

    I am working on a friend of mine's 15g ipod(W/dock connector)and I am having the same trouble except it does it to all the songs. I have tried reseting it multiple times, but to no avail.
    I am not sure that this runs on windows XP, it is absolutly archaic (compared to my 5th gen. 30g video).
    Help?
    15g ipod (w/dock connector)   Windows XP  
      Windows XP  

  • What's the easiest way to create a new VLAN and then move all existing devices to it?

    One of our locations was implemented using VLAN1 as the main (native) VLAN. My goal is to create a new sub-interface on the router and then move all the existing switches (all Layer 2) into the new VLAN, without disrupting the network (and remotely). I am trying to determine the best way to proceed. Thanks.

    I wanted to shed a little more light on the situation. The "new" VLAN has actually been in existence since the network was initially setup. The network runs VTP and the new VLAN already has an interface on the router and already shows up on all the switches when you do a "sh vlan" command. We have about 10 VLANs in all. In reality, I am simply trying to migrate about 8 switches from VLAN1 (which they never should have been on) to the new VLAN. I know that I need to create an interface for the new VLAN on each of the switches and then swap the management IP to that interface. If I could connectly directly into each switch via the console port, this would be a simple task. However, the switches are in extremely remote locations with special circumstances, thus I have no physical access to them. This fact has me a little reluctant to making the changes, as we can't afford any mistakes that would potentially cause network downtime. I am looking for some guidance on exactly the steps to take to achieve my goal. Let's call the new vlan, VLAN2. During testing, I logged into a local switch that was on VLAN1 (that's where it had it's management address). It did have VLAN2-VLAN10 as well, via VTP. I created an interface for VLAN3 on the switch and then accessed it via VLAN3 to swap the main management interface from VLAN1 to VLAN2. The changes took, but I couldn't access it via VLAN2. I am assuming this is because the router still has VLAN1 listed as the native vlan and the VLAN2 IP address is still assigned to VLAN1 on the router. What would be the best way for me to make the required changes on the 8 switches that need swapped, without losing remote access? It wouldn't hurt if the network went down for 5 minutes or less, but we can't have a big outage. Thanks.

  • NEED HELP PLEASE Setting up 2 VLANS and a redundant WAN connection

    I have a remote branch office which is actually a huge bar/lounge. The bar wants to enable patrons to access the Internet with their wireless laptops. I want to prevent those patrons from accessing our private network, and also prevent them from traversing our static VPN tunnel back to HQ.
    The bar processes all credit cards via the T1 connection, and this has caused us to lose money every time the T1 goes down while we're open, since there is no WAN redundancy right now.
    Here is my current hardware configuration:
    1) one PIX 501 50-user 3des.
    2.) two Dell 3024
    3.) one Aironet 1100(g) AP.
    Current LAN Network: 10.35.35.0
    (internal employees only, static VPN tunneled to remote HQ network)
    Current Wireless SSID's:
    SSID1=PRIVATESSID
    SSID2=PUBLICSSID (not currently in use, waiting to figure this out)
    Current WAN: one T1 connection.
    WHAT I WOULD LIKE TO DO AND NEED HELP FIGURING OUT:
    #1a) I want to create two separate VLAN's that are able to share the WAN connection, but not be able to "see" each other.
    #1b) These VLAN's would be mapped to their respective SSID's on the AP (PRIVATESSID>10.35.35.0 and PUBLICSSID>192.168.1.0).
    #1c) The 192.168.1.0 network should not be able to traverse the static tunnel between the branch site and HQ.
    #2) I would like to install a backup WAN connection such as a modem 56k dial-up to an ISP or a cable modem to an ISP. In case the primary T1 goes down, I would like the router to automatically dial out over the modem conection and route all Internet bound traffic over that backup WAN connection, until the primary comes back online.
    Question 1:
    I'm assuming I need a router to do the intervlan routing. Could this router also do the on-demand WAN backup dialing to an ISP via analog modem?
    What IOS version and flavor (IP base, IP+, etc.) would I need? What is the cheapest router I can do all that with (i.e. 2620/2621/1720/3600 series)? What WIC's or NM's would I need?
    Question Two:
    I would like to prioritize PRIVATESSID's traffic over PUBLICSSID's traffic, which I know I can do on the access point. Can I do this on the router so that any 10.35.35.0 traffic takes priority over any 192.168.1.0 traffic?
    Question Three
    If the primary T1 WAN connection goes down, I don't want the router to re-route the 192.168.1.0 traffic over the backup 56k dial-up WAN connection. That traffic can wait until the T1 comes back up.
    Any help you can provide would be very much appreciated.

    Assuming your access points can place SSID into separate vlans and support 802.1q trunks then I can attempt to answer your questions. There are seperate secuity issues with both SSID for protection and VLANs for seperation but in your case in may be minimal.
    q1
    Any cisco router that will run 802.1q trunking will work. Since you are looking at older routers you will need IP+ to get it. Even 2610's will support 802.1q on their 10m ethernet at the correct code level but 10m and 802.1q is sorta nonstandard. Since your backup is only 56k you can use the internal modem port as a dial backup. A wic-2a/s will also work if you prefer not to use the modem port. You will need some wic to run your t1 line. If you are planning to leave the t1 on another router it makes the next 2 questions much harder.
    q2
    This is fairly simple and depends on your ios level. "priority queing" is supported on even the older software. I assume you do not control the far end of the t1 line since it sounds as if this goes to a ISP.
    You will need to have them do the QoS since most issues with the internet are inbound and not outbound. You can only control outbound traffic.
    q3
    If the T1 is on the same router then this is fairly simple. You can just put a floating static default route in that will cause the dialer to come up if the the t1 goes down. There is no easy way to protect against the line being up but no traffic passing. This is also why it would be best to have the t1 on the same router. If its not you will need to get very creative to solve this. You could build a GRE tunnel to a remote location and montior the tunnel or run a routing protcol over the tunnel. In the newest software you could use SAA and policy routing to force the traffic over the dialer but the router must support ios 12.4.
    3a. You mentioned a cable modem as a backup. That can be much easier sometimes since it is all routing and no dialer interfaces with nasty modem issues. This does not make the issue of the t1 not on the same router easier.

  • What are the physical topology and logical topology in sharepoint

    Hi
    what are the physical topology  and logical topology in sharepoint
    how to define  the physical topology  and logical topology in
    sharepoint
    adil

    Here are the example topologies for SharePoint:
    Traditional - 
    http://www.microsoft.com/en-us/download/details.aspx?id=30377
    Streamlined - 
    http://www.microsoft.com/en-us/download/details.aspx?id=37000
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • I upgraded my new iPad (iPad 3) to IOS 6 and everything went well except Siri won't launch apps. When asked say "launch Facebook" Siri responds with "it doesn't look like you have an app named Facebook" and I get the same results when trying to launch any

    I upgraded my new iPad (iPad 3) to IOS 6 and everything went well except Siri won’t launch apps. When asked say “launch Facebook” Siri responds with “it doesn’t look like you have an app named Facebook” and I get the same results when trying to launch any app. Siri works for everything else it just won’t launch apps. Any ideas? Thanks.

    I have this same problem... Seems like nobody else does. Siri won't launch any apps for me, including native apps.

  • Setting Up VLAN and QoS for VOIP on SG200-18

    We recently purchased the SG200-18 smart switch to replace a Netgear unmanaged switch. We're moving our phone service to VOIP through our local ISP as well. 
    I've currently got the VOIP phone plugged into Port 17 on the SG200-18 (it's a Grandstream cordless VOIP phone).
    I want to put the VOIP phone on a separate VLAN from the rest of the network and optimize the QoS settings so that the VOIP phone has exceptional audio quality even during intense network traffic.
    Here's my questions:
    1. Do I need to adjust anything on the type of port for Port 17 (since it looks like some form of Combo port)?
    2. How do I go about isolating the VOIP phone on it's own VLAN (I'm seeing VLAN and Voice VLAN settings, not sure which one to use; I tried setting a VLAN and broke Internet connectivity to the phone until I went in and removed it)?
    3. Do I need to adjust any QoS settings on the switch to better optimize the VOIP phone?
    A couple of additional questions about the GS200-18 in general:
    1. Do I need to adjust any of the System Time Settings on the switch? I'm in Central Time.
    2. Do I need to adjust any of the Green Ethernet/Energy Saving settings or should I stick with the defaults?
    Also, a couple of "getting started" side questions to Cisco:
    1. I've registered a My Cisco account. What do I need to do to register my switch with Cisco and associate it with my My Cisco account?
    2. What are the benefits of taking out a Cisco Small Business Support Contract, and about how much would it cost on the SG200-18 (I ordered it from Provantage)? I'm curious to see if it's worth the money.
    Here's my "specs":
    Switch: SG200-18
    VOIP phone: Grandstream DP715 and 710 expandable handsets
    Plugged into: Port 17 on the SG200-18
    ISP: Local ISP (Direclynx)
    Connection type: 3M down/500k up DSL, moving to a wireless connection coming up which will give us faster speeds
    VOIP backend provider: VOIP Innovations
    Router: Apple Airport Extreme AC model (I run all Macs and iOS devices and OS X Server on the network, so using the Apple router makes setup easier, since it doesn't QoS, trying to QoS and VLAN at the switch level)
    Thanks everyone!

    Hello,
    Lots of different questions here so I'll try to make sure I don't miss anything.
    1. Do I need to adjust anything on the type of port for Port 17 (since it looks like some form of Combo port)?
       The way the combo ports work is you can either use the SFP slot for a fiber connection or the copper ethernet port, but not both at the same time.  Other then that they just function as normal network ports.
    2. How do I go about isolating the VOIP phone on it's own VLAN (I'm seeing VLAN and Voice VLAN settings, not sure which one to use; I tried setting a VLAN and broke Internet connectivity to the phone until I went in and removed it)?
       It sounds like you created the VLAN correctly and assigned the phone, however there wasn't anything doing any routing for that VLAN.  You would need to have a VLAN capable router or a layer 3 switch so that something would act as the default gateway for the voice VLAN and route the traffic for you.  Since there was nothing like this your phone lost it's connectivity to the internet when you placed it in the new VLAN.  I don't think the Airport is VLAN capable, but we will come back to that.
    3. Do I need to adjust any QoS settings on the switch to better optimize the VOIP phone?
       Once you have a seperate VLAN setup for the phone properly you only have to tell the switch what your Auto Voice VLAN is going to be and it will automatically apply recommended QoS settings for the Voice VLAN and prioritize the voice traffic.  There are ways to do this manually and even with the phone in the same VLAN however the are considerably more complicated.
    1. Do I need to adjust any of the System Time Settings on the switch? I'm in Central Time.
       The system time isn't always very important.  You can set the correct time zone, however you should know the switch does not have a battery in it to keep track of time, so if/when it reboots or loses power the clock will reset.  If you would like the switch to maintain accurate time you should setup an NTP server so the time is automatically updated from the internet.  The switch will keep your timezone settings once you save them.  Time is mostly important for logging and things like that, so you can configure it if you like but it is not necessary.
    2. Do I need to adjust any of the Green Ethernet/Energy Saving settings or should I stick with the defaults?
       Green ethernet simply reduces the power usage of the switch slightly, so unless you are having odd issues where ports are disconnecting, I would just leave them at the defaults.
    1. I've registered a My Cisco account. What do I need to do to register my switch with Cisco and associate it with my My Cisco account?
       There isn't really a way to associate your Small Business devices with your Cisco account.  If you ever call in for technical support we will use your Cisco account and your serial number to create a support case, but even then they aren't linked together.  If you decide to buy a support contract, that will be linked to your switch's S/N and your Cisco ID, so in a way that would associate them together.  Devices being associated with Cisco accounts is something more common with Enterprise equipment, and mainly has to do with technical support cases.
    2. What are the benefits of taking out a Cisco Small Business Support Contract, and about how much would it cost on the SG200-18 (I ordered it from Provantage)? I'm curious to see if it's worth the money.
       There are a few advantages to a Support Contact.  Your switch comes with a Limited Lifetime warranty that includes 1 year of technical support and return to factory hardware.  With a service contract you get 3 years of technical support and next business day Advanced Replacement of the switch if it need to be replaced.  I just did a quick google search, and it looks like a contract (part #CON-SBS-SVC2) costs about $50.
    So there are a few other things to consider however.
    As a frame of reference the average VOIP call uses about 64 - 128 kbps max.
    Since you don't have a VLAN capable router or a layer 3 switch, a separate voice VLAN may not be an option.   You also mention that the Apple Airport does not do QoS, meaning we will only be prioritizing the voice traffic while it is on the switch.  When it is passed off to the Airport to be routed out to the internet all of the QoS settings will be lost, and normal network traffic will get the same priority as voice, since that is all up to the Airport.
    With one phone the hassle of getting more equipment and setting up advanced QoS isn't really worth it, especially if the link to the internet isn't going to be participating in QoS.
    One last thing I wanted to mention is you are switching to a wireless internet connection.  I would ask them how their latency and jitter is, as these two network statistics greatly effect voice quality, and usually wireless performs worse when it comes to voice traffic.
    I hope this information helps, if you have any more questions just let me know.
    Thank you for choosing Cisco,
    Christopher Ebert - Network Support Engineer 
    Cisco Small Business Support Center

  • I keep getting a popup named AppHostInfoFinder, and I can't get rid of it???? HELP

    I keep getting a popup named AppHostInfoFinder, and I can't get rid of it???? HELP

    Hi..
    Try this thread >  apphostinfoupdater quit unexpectedly

  • Oracle RAC Interconnect, PowerVM VLANs, and the Limit of 20

    Hello,
    Our company has a requirement to build a multitude of Oracle RAC clusters on AIX using Power VM on 770s and 795 hardware.
    We presently have 802.1q trunking configured on our Virtual I/O Servers, and have currently consumed 12 of 20 allowed VLANs for a virtual ethernet adapter. We have read the Oracle RAC FAQ on Oracle Metalink and it seems to otherwise discourage the use of sharing these interconnect VLANs between different clusters. This puts us in a scalability bind; IBM limits VLANs to 20 and Oracle says there is a one-to-one relationship between VLANs and subnets and RAC clusters. We must assume we have a fixed number of network interfaces available and that we absolutely have to leverage virtualized network hardware in order to build these environments. "add more network adapters to VIO" isn't an acceptable solution for us.
    Does anyone know if Oracle can afford any flexibility which would allow us to host multiple Oracle RAC interconnects on the same 802.1q trunk VLAN? We will independently guarantee the bandwidth, latency, and redundancy requirements are met for proper Oracle RAC performance, however we don't want a design "flaw" to cause us supportability issues in the future.
    We'd like it very much if we could have a bunch of two-node clusters all sharing the same private interconnect. For example:
    Cluster 1, node 1: 192.168.16.2 / 255.255.255.0 / VLAN 16
    Cluster 1, node 2: 192.168.16.3 / 255.255.255.0 / VLAN 16
    Cluster 2, node 1: 192.168.16.4 / 255.255.255.0 / VLAN 16
    Cluster 2, node 2: 192.168.16.5 / 255.255.255.0 / VLAN 16
    Cluster 3, node 1: 192.168.16.6 / 255.255.255.0 / VLAN 16
    Cluster 3, node 2: 192.168.16.7 / 255.255.255.0 / VLAN 16
    Cluster 4, node 1: 192.168.16.8 / 255.255.255.0 / VLAN 16
    Cluster 4, node 2: 192.168.16.9 / 255.255.255.0 / VLAN 16
    etc.
    Whereas the concern is that Oracle Corp will only support us if we do this:
    Cluster 1, node 1: 192.168.16.2 / 255.255.255.0 / VLAN 16
    Cluster 1, node 2: 192.168.16.3 / 255.255.255.0 / VLAN 16
    Cluster 2, node 1: 192.168.17.2 / 255.255.255.0 / VLAN 17
    Cluster 2, node 2: 192.168.17.3 / 255.255.255.0 / VLAN 17
    Cluster 3, node 1: 192.168.18.2 / 255.255.255.0 / VLAN 18
    Cluster 3, node 2: 192.168.18.3 / 255.255.255.0 / VLAN 18
    Cluster 4, node 1: 192.168.19.2 / 255.255.255.0 / VLAN 19
    Cluster 4, node 2: 192.168.19.3 / 255.255.255.0 / VLAN 19
    Which eats one VLAN per RAC cluster.

    Thank you for your answer!!
    I think I roughly understand the argument behind a 2-node RAC and a 3-node or greater RAC. We, unfortunately, were provided with two physical pieces of hardware to virtualize to support production (and two more to support non-production) and as a result we really have no place to host a third RAC node without placing it within the same "failure domain" (I hate that term) as one of the other nodes.
    My role is primarily as a system engineer, and, generally speaking, our main goals are eliminating single points of failure. We may be misusing 2-node RACs to eliminate single points of failure since it seems to violate the real intentions behind RAC, which is used more appropriately to scale wide to many nodes. Unfortunately, we've scaled out to only two nodes, and opted to scale these two nodes up, making them huge with many CPUs and lots of memory.
    Other options, notably the active-passive failover cluster we have in HACMP or PowerHA on the AIX / IBM Power platform is unattractive as the standby node drives no resources yet must consume CPU and memory resources so that it is prepared for a failover of the primary node. We use HACMP / PowerHA with Oracle and it works nice, however Oracle RAC, even in a two-node configuration, drives load on both nodes unlike with an active-passive clustering technology.
    All that aside, I am posing the question to both IBM, our Oracle DBAs (whom will ask Oracle Support). Typically the answers we get vary widely depending on the experience and skill level of the support personnel we get on both the Oracle and IBM sides... so on a suggestion from a colleague (Hi Kevin!) I posted here. I'm concerned that the answer from Oracle Support will unthinkingly be "you can't do that, my script says to tell you the absolute most rigid interpretation of the support document" while all the time the same document talks of the use of NFS and/or iSCSI storage eye roll
    We have a massive deployment of Oracle EBS and honestly the interconnect doesn't even touch 100mbit speeds even though the configuration has been checked multiple times by Oracle and IBM and with the knowledge that Oracle EBS is supposed to heavily leverage RAC. I haven't met a single person who doesn't look at our environment and suggest jumbo frames. It's a joke at this point... comments like "OMG YOU DON'T HAVE JUMBO FRAMES" and/or "OMG YOU'RE NOT USING INFINIBAND WHATTA NOOB" are commonplace when new DBAs are hired. I maintain that the utilization numbers don't support this.
    I can tell you that we have 8Gb fiber channel storage and 10Gb network connectivity. I would probably assume that there were a bottleneck in the storage infrastructure first. But alas, I digress.
    Mainly I'm looking for a real-world answer to this question. Aside from violating every last recommendation and making oracle support folk gently weep at the suggestion, are there any issues with sharing interconnects between RAC environments that will prevent it's functionality and/or reduce it's stability?
    We have rapid spanning tree configured, as far as I know, and our network folks have tuned the timers razor thin. We have Nexus 5k and Nexus 7k network infrastructure. The typical issues you'd fine with standard spanning tree really don't affect us because our network people are just that damn good.

  • 1242AG Bridge, VLAN and Multiple SSIDs

    I have two buildings that I'm trying to configure a bridge in between them using 2 1242AG APs.
    Building A
    PCOFFICE SSID on VLAN 200 Radio G
    ROOT_1 SSID on Native VLAN 1 Radio A
    Root Bridge
    Building B
    FDAPC SSID on Native VLAN 1 Radio G
    ROOT_1 SSID on Native VLAN 1 Radio A
    We are using directional antenna.  I know they are lined up properly because I have them both down and in front of me.  I'm getting an error on the Building B AP that says "
    No SSID with VLAN configured. Dot11Radio1 not started." and I'm unable to get this to work.  The bridge was working before I added the VLAN and encryption/WPA information for the PCOFFICE and FDAPC SSIDs
    Any assistance would be amazing.  Thanks!  Please see attached files for configurations.  I know the switch is configured properly because I had this working before and forgot to save the damn configuration off the devices.  I'm not having to do it over from scratch.

    That did not work.
    I've managed to fix the ROOT_1 and FDAPC... now I'm having an issue where I can attempt to connect to the PCOFFICE SSID but I'm unable to get a DHCP address from the server.
    Here is the config for the AP with PCOFFICE on it and the switch.
    SWITCH
    interface GigabitEthernet3/2
    switchport trunk allowed vlan 1,200
    switchport mode trunk
    interface Vlan1
    ip address 192.168.3.4 255.255.255.0
    interface Vlan200
    ip address 192.168.30.2 255.255.255.0
    ip helper-address 192.168.3.98
    ip default-network 192.168.3.0
    ip route 0.0.0.0 0.0.0.0 192.168.3.1
    no ip http server
    ACCESS POINT
    version 12.3
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname AP1_ROOT_AP
    enable secret 5 REMOVED
    ip subnet-zero
    no aaa new-model
    dot11 vlan-name VLAN1 vlan 1
    dot11 vlan-name pcCopper vlan 200
    dot11 ssid PCOFFICE
       vlan 200
       authentication open
       authentication key-management wpa
       guest-mode
       wpa-psk ascii 7 REMOVED
    dot11 ssid ROOT_1
       vlan 1
       authentication open
       authentication key-management wpa
       infrastructure-ssid optional
       wpa-psk ascii 7 REMOVED
    dot11 network-map
    dot11 arp-cache optional
    power inline negotiation prestandard source
    username Cisco password 7 REMOVED
    username admin privilege 15 password 7 REMOVED
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers tkip
    encryption vlan 200 mode ciphers tkip
    ssid PCOFFICE
    speed basic-2.0 5.5 11.0 12.0 18.0 24.0 36.0 48.0 54.0
    no power client local
    power client 17
    power local cck 17
    power local ofdm 17
    channel 2462
    station-role root access-point
    antenna receive right
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 port-protected
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    interface Dot11Radio0.200
    encapsulation dot1Q 200
    no ip route-cache
    bridge-group 200
    bridge-group 200 subscriber-loop-control
    bridge-group 200 block-unknown-source
    no bridge-group 200 source-learning
    no bridge-group 200 unicast-flooding
    bridge-group 200 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    encryption mode ciphers tkip
    encryption vlan 1 mode ciphers tkip
    ssid ROOT_1
    dfs band 3 block
    speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
    no power client local
    power client 11
    power local 11
    channel 5180
    station-role root bridge
    antenna receive right
    antenna transmit right
    interface Dot11Radio1.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    hold-queue 160 in
    interface FastEthernet0.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface FastEthernet0.200
    encapsulation dot1Q 200
    no ip route-cache
    bridge-group 200
    bridge-group 200 spanning-disabled
    interface BVI1
    ip address 192.168.3.241 255.255.255.0
    no ip route-cache
    ip default-gateway 192.168.3.1
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    control-plane
    bridge 1 route ip
    line con 0
    line vty 0 4
    login local

Maybe you are looking for

  • BP Download from R/3 with wrong Tax Codes

    Dear Experts, actually I face a problem, that during the Business Partner download from R/3 the BDoc runs on an error,because of the Tax_number_check. In oure R/3 they deactivated the Tax_number_check for BPs. Now my question is,where can I change th

  • How to trigger an ABAP program in a Process chain

    Hello Forum, 1. In a process chain, if a program fails, how can we re-run it? 2. If the process preceeding the ABAP program fails, how can we start the program? 3. If an Infospoke fails in a process chain, how can we trigger that? Thank you, Its my p

  • Cannot play movies in safari anymore

    Since the new IOS 8 update i am no longer able to play any movie that pops up in the safari browser. It is almost like all support for media players has been removed. it worked fine in IOS 7. Is there settings that need to be changed or is this somet

  • Asset Table

    hi plz give me the Table name of Asset Which is linked between asset original document & settlement document.

  • Production order start date gets incremented by 1 day

    Hi, I have a scenario where in when the Planned Order gets converted to Production Order the Start date gets incremented by 1 day. If the planned order date is 11.02.2009 after converting to Prod Order it shows the start date as 12.02.2009. Can any p