SAN design : core edge and dual-homing access switch

Similar Messages

• IronPort ESA - HA and Dual Homing

  Hello, i have a customer that want to do HA and Dual Homing implementation. I want to ask what is the best way to implement HA for IronPort ESA? As i know the cluster configuration only used so the policy can be distributed equally. And what about dual-homing scenario? Is it supported with IronPort, and how do it works ?
  Regards
  Alkuin Melvin

  What exactly do you mean by multi-homing? Ironport email appliances support configuration of multiple interfaces (physical or vlan) , to which you can then attach Listeners (SMTP processes). You could thus configure your servers to receive or send email on multiple IP addresses, depending on your network config.
  Sent from Cisco Technical Support iPad App

• Is the mac mini server the same hardware as the other mac minis (except for the quad core i7 and dual hard drives) with different software or is it configured differently?

  I have a mac mini with an i7 dual core processor. It is perceptably slower than my macbook pro with a quad core i7. Does the mac mini server have the same hardware configuation as the regular mac mini with server software or is the hardware different (aside from the i7 quad core and dual hard drives)? I want a mini with a quad core i7...

  Your assumption is correct.  The server does however only
  have the Intel HD3000 graphics like the base model with
  no option, at this time, for the discrete graphics chip.  So,
  depending on what you are using it for, that could be a deal
  breaker.  Remember that your MBP does have a discrete
  graphics chip.
  I have a 2011 Mini Server connected to a Thunderbolt display
  that gets used as an engineering workstation and general
  personal use (some photo editing, LP restoraton, general
  internet browsing).  You simply just not enable any of the
  server services.  I find the combination to work quite well
  for my purposes.  I also have a 13" 2.7 GHz i7 Macbook Pro
  which is pretty much strictly for work.  As far as CPU
  power it is pretty much equivelent to your Mini.  For the most
  part I find the Mini does outperfom my MBP.  I heavily use
  Parallels and Windows7 virtual machines, so the more cores
  the better.
  So, If you do a lot of CPU intensive stuff that is multithreaded,
  the Server may help.  If it is graphics intensive and your software
  heavily leaverages the GPU, you may actually take a hit on
  performance.

• The difference between Intel core I7 and dual core

  I have a 2.7 ghz Intel Core I7 macbook, early 2011.  Can someone tell me the difference between this machine and the new macbooks, 2.4 or 2.6 ghz, dual core?
  Thanks!

  Benchmarks:
  http://www.macworld.com/article/2057932/lab-tested-iris-graphics-provide-a-boost -to-new-13-inch-retina-macbook-pro.html

• VMware ESX and dual homing

  We are beginning to deploy VMware ESX servers for Windows production environments. How do I set up the VNICs to dual home the VM's to separate Catalyst 6500's.
  Thanks, Lisa

  Hi Steve,
  Specific to VSS by itself, that is available and shipping today, but support for the FWSM with VSS is not yet available (as you have already noted :-). I am currently hearing Q3CY08 as a possible timeframe for supporting VSS and the FWSM, but that is not written in stone. In the mean time, you could still take advantage of VSS to do the multi-chassis EtherChannel, just not with the FWSM included.
  Specific to the question on the quad mezz cards, I personally do not have any experience with this specific card, but do know that teaming/bonding software is getting better every day, but we all know that not everything works as advertised, so in that case (and actually, in every case if you think about it), any such design should be fully tested before going into production, to make sure it works as expected/desired.
  In your post you mention the 3020 (HP Cisco blade switch). That does indeed throw a bit of a wrench in the works, since as you noted, the NICs will each go to separate physical switches in the enclosure, thus making EtherChannel type solutions on the server impossible. In that case, I normally recommend a simple Active/Standby form of teaming/bonding, as it is robust and deterministic (proprietary forms of Active/Active, in my experience, are neither). If you did decide to go with pass-thru (instead of 3020) to a VSS environment, you could then take advantage of the EtherChannel type teaming, but then you introduce the headache of all of those cables from the pass-thru's, which defeats one of the more common purposes many people go to blades, reduced cabling.
  Another solution that would give you the best of both worlds in a blade enclosure (reduced cabling and EtherChannel teaming on the servers), is to look at the new 3120's just coming out. With their stacking ability, multiple switches look and act as a single logical switch (exactly like the 3750E), so when these are deployed in the enclosure and stacked, you can indeed use EtherChannel on the server NICs while still getting cable reduction for the enclosure.
  HTH, Matt

• RPVST+ at Distribution and PVST at Access Switch

  Hi. I have two Cat6506 (redundant collapsed-core config) configured w/ RPVST+ and connected to this are a series of Cat2950s configured with PVST. My question is, is this a good practice configuration of STP? (running both RPVST+ and PVST on the same topology) Will there be any problems with convergence? We recently are adding some vlans on the network and we experienced an outage for most of the vlans. The Cat6500s registered duplicate HSRP addresses. Any recommendation to fine-tune this network (considering that the Cat2950 does not support RPVST+) would be helpful. thanks.

  you can run rpvst+ and pvst+ simultaneously.
  rpvst+ has been built to interoperate with pvst+.
  an rpvst+ configured switch will revert to pvst+ in a pvst+ rootBridge scenario.
  cisco recommends a slightly different configuration in this case:
  1) run two STP instances, one for rpvst+ and one for pvst+.
  2) the rpvst+ instance must have an rpvst+ switch as the rootBridge; the pvst+ instances must have an pvst+ switch as the rootBridge.
  3) keep the pvst+ switches at the edge of the network; likewise, keep the rpvst+ switches at the core of the network.
  please see this link for more info on STP modes:
  http://www.cisco.com/en/US/products/hw/switches/ps5213/products_configuration_guide_chapter09186a0080216672.html#wp1150156
  please see the following link for much more STP info:
  http://www.cisco.com/en/US/tech/tk389/tk621/tsd_technology_support_protocol_home.html

• LAN network design - Core/access with Cisco 6513

  Hi,
  I have been tasked with setting up a new branch office, with 100+ users, a stack of servers (1Gb-based) and some wireless access points, WAN block (ASA 5520 and a couple of routers.)
  At the moment, port requirement is around 400. 
  As there's not enough space and it's only a single floor office, I'm thinking to go ahead with one of Cisco 6500 models, specifically Catalyst 6513-E, as a core and access switch. This way, there won't be any need to try to install 48-port switches around the small office area.
  I'm not too sure about the pricing at the moment. It may be a better/cheaper option to go with a couple of 3750s as core/aggregation and 2960s for access switch installed all in the same rack. If I go with small switches, it would be roughly x7 48-port access switches and one stack of two 3750s, which gives about 450-60. 
  I believe I won't utilise half of the capacity if I go ahead with 6513, however my manager wants to minimise the overhead managing this branch office hence this all-in-all one switch option has resurfaced.
  Is there anyone using this kind of similar setup in the environment? If so, can you please share your opinions?
  Also, would there be a huge difference in terms of pricing?
  Catalyst 6503-E
  Catalyst 6504-E
  Catalyst 6506-E
  Catalyst 6509-E
  Catalyst 6513-E
  Catalyst 6509-V-E
  Slots
  3
  4
  6
  9
  13
  9 vertical
  Max 10/100/1000 ports
  97
  145
  241
  385
  529
  385
  Max 1 GE ports1
  99
  147
  243
  387
  534
  387
  Max 10 GE ports2
  34
  50
  82
  130
  180
  130
  Max 40 GE ports
  8
  12
  20
  32
  44
  32
  Maximum forwarding performance (IPv4)
  150 Mpps
  210 Mpps
  330 Mpps
  510 Mpps
  720 Mpps
  510 Mpps
  Height (RU)
  4
  5
  11
  14
  19
  21
  Weight (chassis)
  33 lbs
  (15 kg)
  40 lbs
  (17.8 kg)
  50 lbs
  (22.7 kg)
  60 lbs
  (27.3 kg)
  79.1 lbs
  (35.9 kg)
  121 lbs
  (54.9 kg )
  Thanks

  Thanks a lot for your input, Joseph.
  I was just going over 4510R+E for a potential winner; It seems to have 10 slots, which gives me about 390 Gig ports, with two dual sups. Given that a single sup 8E can provide throughput as below table, I should think about going forward with a single sup.
  Given that most users will be on 100Mbps at peak time and all other miscellaneous traffic, it would come down to around 20Gbps.
  Model
  Supervisor 8E
  Supervisor 7E
  Supervisor 7LE
  Supervisor 6E
  Supervisor 6LE
  Supervisor V 10 GE
  Documentation
  Data Sheet
  Data Sheet
  Data Sheet
  Data Sheet
  Data Sheet
  Data Sheet
  Performance
  Supervisor 8E
  Supervisor 7E
  Supervisor 7LE
  Supervisor 6E
  Supervisor 6LE
  Supervisor V 10 GE
  Switching Capacity
  928 Gbps
  848 Gbps
  520 Gbps
  320 Gbps
  280 Gbps
  136 Gbps
  IPv4 Throughput
  250 Mpps
  250 Mpps
  225 Mpps
  250 Mpps
  225 Mpps
  102 Mpps
  IPv6 Throughput
  125 Mpps
  125 Mpps
  110 Mpps
  125 Mpps
  110 Mpps
  Software Switched
  Bandwidth/Slot
  48 Gbps
  48 Gbps
  48 Gbps
  24 Gbps
  24 Gbps
  6 Gbps
  Scalability
  Supervisor 8E
  Supervisor 7E
  Supervisor 7LE
  Supervisor 6E
  Supervisor 6LE
  Supervisor V 10 GE
  Number of Routes
  256K for IPv4
  128K for IPv6
  256K for IPv4
  128K for IPv6
  64K for IPv4
  32K for IPv6
  256K for IPv4
  128K for IPv6
  64K for IPv4
  32K for IPv6
  128K for IPv4
  1K for IPv6
  Number of Packet Buffers
  128K
  128K
  128K
  64K
  64K
  32K
  NetFlow Entries
  128K
  128K
  128K
  85K
  MAC Learning Rate per Second
  20K
  20K
  14K
  13K
  8K
  8K
  Dynamic Host Control Protocol (DHCP) Snoop Entries
  12K
  12K
  12K
  12K
  3K
  6K
  Number of 10/100/1000 Ports
  Up to 384 access
  Up to 384 access
  Up to 240 access
  Up to 384 access
  Up to 240 access
  Up to 384 access
  10 GE and 1 GE Uplinks
  8 10 GE / 1 GE
  4 10 GE / 1 GE
  2 10 GE / 4 1 GE
  2 10 GE / 4 1 GE (TwinGig)
  2 10 GE / 4 1 GE (TwinGig)
  2 10 GE + 4 1 GE
  1 GE Non-Blocking Fiber Ports
  192
  192
  120
  138
  120
  48
  10 GE Fiber Ports
  96
  96
  60
  30
  30

• Issue with HP Z820 64GB RAM and dual Quadro K4000's and rendering and playback performance

  I'm having major issues with performance on my system (running windows 8.1. Premiere CC 7.2.2). My friend in the office here has a Mac Pro (2013) with 6 core cpu and dual D500's and I have dual Xeon 2665's and dual K4000's.
  The problem is that he can export twice as fast as me on mercury software and almost 3 times faster on Mercury GPU. He can also add twice as many affects before his system drops frames (using same settings and video file). When I go to GPU-Z my gpu's are hardly working with GPU export selected... with software only my CPU's get to 60% load max whereas his CPU get's to about 84%. Am I missing something? I know the D500's are almost the same as W8000's (and he has two), but dual K4000's shouldn't be that far behind? And how does selecting cpu exporting get him an export time of 6 minutes compared to my 15 minutes when I have a 32 threads to work with??
  Am I doing something wrong? Have I got a setting somewhere that is causing this that I might have missed? Are dual D500's really THAT much better than dual K4000's? AND HOW is my 7k+ machine that much worse than his £3200 mac?
  Please help. I'm losing my mind here!
  Thanks
  Edit - Would just like to add that the video files we are using are pro res 422 and that I have the latest bios and latest nvidia performance drivers

  That HP Z820 should kick the Mac pros butt! For example we run Autodesk Flame systems ( 150k software) on the Z820's with Quadro 6000 cards and they fly. We also had a new mac pro in for testing a few months ago w the dual fire pro cards all decked out and it was crap next the the Z820. Of cource the new MP cant run allot of highend software because of its lack of nvidia support and the firepros lack of open GL but we did run premier and smoke etc  on it for testing. ( Although i thought it looked cool the total lack of exandability and nvida support  was to much so we sent it back). Graphic workstations need PCIe expandability and a choice in GPs.
  Anyhow here are a few observations:
  -Software being used will dertermine the hardware purchased,
  -The dual xeons at the much lower clock speed are meant to work 24/7 like a lamans endurance race, not a sprint race.  Better to get highest frequency xeons.
  -Having dual CPUs with all thoughs cores will only work with a software that is properly mulithreaded, premier is definetly not one of those softwares so you not getting any advantage.
  - the advantage to Quadro cards are much more noticable in 3d tha 2d. If your running Autodesk maya, 3ds max or the recently disscontinued XSI you would be flying compared to the W7000.
  -dual GPU cards do not preform at twice the speed. On average the second card gives about a 10 percent boost.
  -At present ( and as akways) , nividia Quadro drivers are much more uptodate and bug free compared to ATI highend cards. This will inevitably change as openCL over takes openGL, until then Quadros are the clearly superior cards for those with DEEP pockets.
  -I think you would have been far better off with a single Quadro 6000 vs dual K4000s. Also any higher end ATI firepro card would have worked since Premier now uses open CL and no longer needs openGL. Main advantage to Quadro at this point (  besides 3D ) is to be compatible with the most softwares and get the best and most optimized drivers. Firepros will work properly in far fewer softwares at this point but I can see a day over the next few years this may change but not as of yet in 2014. So his W7000 wins this sprint race in this single simple example but in most any other situations your cards will actually work and win. I like saving money like the next guy but I even purchase Quadro cards for my home use and experimenting, but Im not a gamer.
  -FYI: Cuda core count no longer is true measure. For example older Fermi cards worked at twice the frequency than the newer kepler architecture so in effect today you need double ( actually more) the amount of cuda cores to equal the older cards. Also the true compute power in the new Keplers is also much inferior to the older cards.  Its all creative advertiseing today more akin to creative accounting / smoke and mirrors. What im trying to explain is when people read the charts that show the cuda core count and say the higest is best is completely not true. It may have the most "cores" but it will not render correctly, double percision is missing, colors may pop, anti aliasing is inferior and inconsistant,  interaction ( most important) and shaders will be buggy or missing. There are very good reasons people spend money on highend Quadro cards but the charts and reviews generically speaking never understand or can even test for this stuff.
  -Even given the above scenarios your Z820 should be killing your competition. Using a decked out Z820 is way overkill for anything CC. ( Kinda like driving an F1 to get groceries.)  get your HP rep to come over and replace / test your rig. Its free and covered in your coverage.
  I am CLEARLY not a tech guy as my talent in is creation and design but I overhear the tech guys talking.

• Single Homed or Dual Homed FEX

  With the ability to do enhanced VPCs now on the FEXs is there any benefit to have a mixture of having of single attached FEXs and dual homed FEXs?
  Here are some benefits as I see them
  Single homed FEX is easier to trouble shoot as the topology is not as complex.
  A dual homed FEX will support both dual attached hosts and a single attached host. So this means we only have one topology to deal with (everything dual homed)
  Any other pros or cons?         
  Thanks

  If you have any servers with only one uplink, you want dual homed FEXes for redundancy.
  Also, it depend on the number of FEXes you are connecting to the same set of switches.  For example: the max number of FEXes that can be uplinked to a set of 6k switches is 24 if you are dual homed, but if you are single homed the max is 48 (24 per switch).
  HTH

• Fabric Extender question to a dual-homed N5k

  According to latest release notes:
  http://www.cisco.com/en/US/customer/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_4_2_1_N1_1/Nexus5000_Release_Notes_4_2_1_N1_1.html#wp144071
  "Support for a maximum of 12 Fabric Extenders dual-homed to a vPC Cisco Nexus 5000 Series switch pair and a maximum of 576 hosts connected to Fabric Extenders connected to Cisco Nexus 5000 Series switches"
  I have mixed mode so some of the FEX will only connect to one N5k despite the 2N5k will be vpc. Cisco calls this "Fabric extender straight-through topology". This is because I am running port-channel with VM on these particular FEX.
  http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/C07-572829-00_Design_N5K_N2K_vPC_DG.pdf
  question is:
  1. Can I assume 2148 is included per release notes?
  2. Can I have more than 2 ports in the portchannels in straight-through mode?
  3. Release notes show 576 host which is (12 max times 48 ports). I assume I can have more logical host meaning vm host via the port channels, right...?
  Thx

  Any Nexus 5000 can have a total of 12 FEX's connected to it physically.  If you have 12 FEX's in dual-homed mode, then that is the limit for both Nexus 5000's.  If you had 24 FEX's evenly distributed between the Nexus 5000's in straight-through mode, then that would be maximum in that configuration.  If you are mixing straight-through and dual-homed configurations, you would have to be within the 12 FEX per Nexus 5000 limit.
  The 2148 is the first FEX, so yes it is the focus of the release notes.
  The 2148 cannot have a local port-channel.  This is why you can only channel to a 2148 when using dual-homed (called Active-Active mode), one interface on each 2148, and it is tied together with a vPC configuration to make a port-channel.  The individual 2148's each only have one connection on them down to the server below.  The 2248 and 2232 do not have this restriction.
  As of 4.2(1)N1(1), 576 refers to host interfaces.  If your host has virtual hosts, you just need to make sure you are within the limit of mac addresses in the system, which is 16,000 (13,800 unicast).
  Regards,
  John Gill
  Reference:
  configuration limits -
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration_limits/limits_421/config_limits_4_2_1_chapter1.html

• Ask the Expert: Hierarchical Network Design, Includes Core, Distribution, and Access

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about hierarchical network design. 
  Recommending a network topology is required for meeting a customer's corporate network design  needs in their business and technical goals and often consists of many interrelated components. The hierarchical design made this easier like "divide and conquer" the job and develop the design in layers.
  Network design experts have developed the hierarchical network design model to help to develop a topology in discrete layers. Each layer can be focused on specific functions, to select the right systems and features for the layer.
  A typical hierarchical topology is
  A core layer of high-end routers and switches that are optimized for availability and performance.
  A distribution layer of routers and switches that implement policies.
  An access layer that connects users via lower-end switches and wireless access points.
  Ahmad Manzoor is a Senior Pre-Sales Engineer at AGCN, Pakistan. He has more than 10 years of experience in first-rate management, commercial and technical skills in the field of data communication and services lifecycle—from solution design through sales pitch, designing RFPs, architecture, and solution—all with the goal toward winning projects (creating win/win situations) of obsolete solutions.  Ahmad also has vast experience in designing end-to-end data centers, from building infrastructure design to data communication and network Infrastructure design. He has worked for several large companies in Pakistan and United Arab Emirates markets; for example, National Engineer, WATEEN Telecom, Emircom, Infotech, Global Solutions, NETS International, Al-Aberah, and AGCN, also known as Getronics, Pakistan.
  Remember to use the rating system to let Ahmad know if he has given you an adequate response. 
  Because of the volume expected during this event, Ahmad might not be able to answer every question. Remember that you can continue the conversation in the  Solutions and Architectures under the sub-community Data Center & Virtualization, shortly after the event. This event lasts through August 15, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Dear Leo,
  We are discussing the following without any product line, discussing the concept of hierarchical design, which will help you to take decision which model is better for you Two Layer or Three Layer hierarchical model.  
  Two-Layer Hierarchy
  In many networks, you need only two layers to fulfill all of the layer functions—core and aggregation
  Only one zone exists within the core, and many zones are in the aggregation layer. Examine each of the layer functions to see where it occurs in a two-layer design:
  Traffic forwarding—Ideally, all interzone traffic forwarding occurs in the core. Traffic flows from each zone within the aggregation layer up the hierarchy into the network core and then back down the hierarchy into other aggregation zones.
  Aggregation—Aggregation occurs along the core/aggregation layer border, allowing only interzone traffic to pass between the aggregation and core layers. This also provides an edge for traffic engineering services to be deployed along.
  Routing policy—Routing policy is deployed along the edge of the core and the aggregation layers, generally as routes are advertised from the aggregation layer into the core.
  User attachment—User devices and servers are attached to zones within the aggregation layer. This separation of end devices into the aggregation permits the separation of traffic between traffic through a link and traffic to a link, or device. Typically, it is best not to mix transit and destination traffic in the same area of the network.
  Controlling traffic admittance—Traffic admittance control always occurs where user and server devices are attached to the network, which is in the aggregation layer. You can also place traffic admittance controls at the aggregation points exiting from the aggregation layer into the core of the network, but this is not common.
  You can see, then, how dividing the network into layers enables you to make each layer specialized and to hide information between the layers. For instance, the traffic admittance policy implemented along the edge of the aggregation layer is entirely hidden from the network core.
  You also use the core/aggregation layer edge to hide information about the topology of routing zones from each other, through summarization. Each zone within the aggregation layer should have minimal routing information, possibly just how to make it to the network core through a default route, and no information about the topology of the network core. At the same time, the zones within the aggregation layer should summarize their reachability information into as few routing advertisements as possible at their edge with the core and hide their topology information from the network core.
  Three-Layer Hierarchy
  A three-layer hierarchy divides these same responsibilities through zones in three vertical network layers,
  Traffic Forwarding—As with a two-layer hierarchy, all interzone traffic within a three- layer hierarchy should flow up the hierarchy, through the layers, and back down the hierarchy.
  Aggregation—A three-layer hierarchy has two aggregation points:
  At the edge of the access layer going into the distribution layer
  At the edge of the distribution layer going into the core
  At the edge of the access layer, you aggregate traffic in two places: within each access zone and flowing into the distribution layer. In the same way, you aggregate interzone traffic at the distribution layer and traffic leaving the distribution layer toward the network core. The distribution layer and core are ideal places to deploy traffic engineering within a network.
  Routing policy—The routing policy is deployed within the distribution layer in a three- layer design and along the distribution/core edge. You can also deploy routing policies along the access/distribution edge, particularly route and topology summarization, to hide information from other zones that are attached to the same distribution layer zone.
  User attachment—User devices and servers are attached to zones within the access layer. This separation of end devices into the access layer permits the separation of traffic between traffic through a link and traffic to a link, or device. Typically, you do not want to mix transit and destination traffic in the same area of the network.
  Controlling traffic admittance—Traffic admittance control always occurs where user and server devices are attached to the network, which is in the access layer. You can also place traffic admittance controls at the aggregation points along the aggregation/core edge.
  As you can see, the concepts that are applied to two- and three-layer designs are similar, but you have more application points in a three-layer design.
  Now the confusion takes place in our minds where do we use Two Layer and where the Three layer hierarchical model.
  Now we are discussing that How Many Layers to Use in Network Design?
  Which network design is better: two layers or three layers? As with almost all things in network design, it all depends. Examine some of the following factors involved in deciding whether to build a two- or three-layer network:
  Network geography—Networks that cover a smaller geographic space, such as a single campus or a small number of interconnected campuses, tend to work well as two-layer designs. Networks spanning large geographic areas, such as a country, continent, or even the entire globe, often work better as three layer designs.
  Network topology depth—Networks with a compressed, or flattened, topology tend to work better as two-layer hierarchies. For instance, service provider networks cover large geographic areas, but reducing number of hops through the network is critical in providing the services they sell; therefore, they are often built on a two-layer design. Networks with substantial depth in their topologies, however, tend to work better as three-layer designs.
  Network topology design—Highly meshed networks, with many requirements for interzone traffic flows, tend to work better as two-layer designs. Simplifying the hierarchy to two levels tends to focus the design elements into meshier zones. Networks that focus traffic flows on well-placed distributed resources, or centralized resources, such as a network with a large number of remote sites connecting to a number of centralized Data Centers, tend to work better as three-layer designs.
  Policy implementation—If policies of a network tend to focus on traffic engineering, two-layer designs tend to work better. Networks that attempt to limit access to resources attached to the network and other types of policies tend to work better as three-layer designs.
  Again, however, these are simple rules of thumb. No definitive way exists to decide whether a network should have two or three layers. Likewise, you cannot point to a single factor and say, “Because of this, the network we are working on should have three layers instead of two.”
  I hope that this helps you to understand the purposes of Two Layer & Three layer Hierarchical Model.
  Best regards,
  Ahmad Manzoor

• Cisco BE6k and VCS Core/edge

  Dear all,
  There is a new Be6k High density in the testing environment.
  However, we don't have clear picture on the deploying VCS Core/edge with the CUCM in the BE6k.
  Do we install the VCS core and edge in the same BE6k server? After that, the VCS edge assign with a DMZ ip address?Or install other VCS edge from the appliance?
  How is configuration between CUCM and VCS? Since I can't any related document from the Cisco.com.
  Best Regards,
  Ben Lai

  1 Either works, you just need to make sure to properly design and configure the underlying network and the ports to which each VM will connect
  2 There´s PLENTY of information on that
  http://www.cisco.com/c/en/us/support/unified-communications/telepresence-video-communication-server-vcs/tsd-products-support-series-home.html

• [solved] DHCP snooping in environment with core and access switches

  Hello,
  I'd like to know what steps are needed to configure DHCP snooping in my environment:
  1) two core switches Catalyst 6500 (VSS): VLAN defined here, DHCP server connected here
  2) access switches Catalyst 3750: clients connected here
  Access switches are connected to core ones via trunk ports (fiber optics).
  How many snooping databases are required?  One for core and next for each stack?

  Hi Marian,
  If your network is properly designed and connected so that clients, including DHCP clients, are attached to the access layer switches, then the DHCP Snooping should be run only on access switches. Running DHCP Snooping on core switches is not going to increase the security because the DHCP communication has already been sanitized on the access layer.
  If you intend to save the DHCP Snooping database then each switch performing the DHCP Snooping needs to have its own database if you intend to use a persistent storage for it. However, you can always have the switch to save the database to its own FLASH, alleviating the need for a centralized networked storage.
  I am not sure if this answers your question so please feel welcome to ask further.
  Best regards,
  Peter

• Lync SSL certificates (One SAN for Edge and Frontend?)

  I'm in the process of generating public SSL certificates for our enterprise Lync environment. We are running a pool of frontend servers, edge servers, mediation servers, and director servers.
  My question is can I generate one UCC SAN with like 10 domains and use them for all the servers that need it or will I have to have one SAN for like the Edge servers, one SAN for the front-end servers, and one for the director servers?

  You can use one big certificate, but you may want a different subject name for different roles (specifically between the edge and front end)  Many third party cert authorities will allow you to reissue another copy of the cert to do this as long
  the names inside the cert don't change.
  For the front end, you'll want the common name (or subject name) to be the pool name:
  http://technet.microsoft.com/en-us/library/gg398094.aspx
  For the edge, you'll want the access edge name as the subject name.
  http://technet.microsoft.com/en-us/library/gg398920.aspx
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• Where are my designs stored when using Adobe CC and can i access them if i cancel ?

  where are my designs stored when using Adobe CC and can i access them if i cancel ?

  This is answered in the CC FAQ: http://www.adobe.com/products/creativecloud/faq.html