Pages

Showing posts with label Cat 6500. Show all posts
Showing posts with label Cat 6500. Show all posts

Tuesday, May 25, 2010

HSRP on SVI (Vlan interface)


Initial Configuration

Create 4 VLANs, 10,20,30,40
Trunk between the 3 Switches
or you can follow the configuration from previous lab for the 3 Switches click here

create SVI for VLAN 10 on CORE1 and CORE2

CORE1(config)#int vlan 10
CORE1(config-if)#ip add 10.10.10.1 255.255.255.0
CORE1(config-if)#no shut

CORE2(config)#int vlan 10
CORE2(config-if)#ip add 10.10.10.2 255.255.255.0
CORE2(config-if)#no shut

configure connectivity between CORE1 and R1
on CORE1 convert L2 into L3 port to assign IP address to it

CORE1(config)#int gi1/48
CORE1(config-if)#no switchport
CORE1(config-if)#ip add 192.168.1.1 255.255.255.252
CORE1(config-if)#no shut

R1(config)#int gi0/1
R1(config-if)#ip add 192.168.1.2 255.255.255.252
R1(config-if)#no shut

configure connectivity between CORE2 and R1, CORE2 using SVI
create new VLAN and it's SVI on CORE2 for this connection, assign as access port

 CORE2(config)#int gi7/48
CORE2(config-if)#switchport
CORE2(config-if)#switchport mode access
CORE2(config-if)#switchport access vlan 19

CORE2(config)#int vlan 19
CORE2(config-if)#ip add 192.168.2.1 255.255.255.0
CORE2(config-if)#no shut

configure Routing on CORE1, CORE2 and R1


HSRP

now we'll create HSRP for VLAN 10

on CORE1
CORE1(config)#int vlan 10
CORE1(config-if)#standby 10 ip 10.10.10.99

on CORE2
CORE2(config)#int vlan 10
CORE2(config-if)#standby 10 ip 10.10.10.99

 it's that simple, show standby to make sure HSRP is working

CORE1#sh stand
Vlan10 - Group 10
  Local state is Active, priority 100 default priority is 100
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.732
  Virtual IP address is 10.10.10.99 configured
  Active router is local this is primary router
  Standby router is 10.10.10.2 expires in 8.696 router 10.10.10.2 is standby
  Virtual mac address is 0000.0c07.ac0a
  2 state changes, last state change 00:01:55
  IP redundancy name is "hsrp-Vl10-10" (default)

CORE2#sh stand
Vlan10 - Group 10
  Local state is Standby, priority 100
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 0.506
  Virtual IP address is 10.10.10.99 configured
  Active router is 10.10.10.1, priority 100 expires in 9.408
  Standby router is local
  1 state changes, last state change 00:04:06
  IP redundancy name is "hsrp-Vl10-10" (default)

manipulate priority to control active/standby router, the higher the value, the higher the chance to become an active
we'll make CORE2 (router 10.10.10.2) to be the active

CORE2(config-if)#standby 10 priority 150

CORE2#sh stand
Vlan10 - Group 10
  Local state is Standby, priority 150 priority already higher
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.955
  Virtual IP address is 10.10.10.99 configured
  Active router is 10.10.10.1, priority 100 expires in 8.748
  Standby router is local but this router still on standby, this is because HSRP not 'dynamically' change, add another line to force change base on priority

CORE2(config-if)#standby 10 preempt

immediately you'll see active router change

3d19h: %STANDBY-6-STATECHANGE: Vlan10 Group 10 state Active -> Speak


Manipulating HSRP to load balancing

basically we'll create 2 gateway, and you need to divide your host into two group and each point to one gateway

here I'll just paste the running config

CORE1
interface Vlan10
 ip address 10.10.10.1 255.255.255.0
 standby 1 ip 10.10.10.10
 standby 1 priority 150
 standby 1 preempt
 standby 2 ip 10.10.10.20
 standby 2 preempt
end

CORE2
interface Vlan10
 ip address 10.10.10.2 255.255.255.0
 standby 1 ip 10.10.10.10
 standby 1 preempt
 standby 2 ip 10.10.10.20
 standby 2 priority 150
 standby 2 preempt
end

from show standby you'll see that Group 1 active on CORE1 and Group 2 active on CORE2

CORE1#sh stand
Vlan10 - Group 1
  Local state is Active, priority 150, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.609
  Virtual IP address is 10.10.10.10 configured
  Active router is local
  Standby router is 10.10.10.2 expires in 9.520
  Virtual mac address is 0000.0c07.ac01
  2 state changes, last state change 00:09:22
  IP redundancy name is "hsrp-Vl10-1" (default)
Vlan10 - Group 2
  Local state is Standby, priority 100, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 2.233
  Virtual IP address is 10.10.10.20 configured
  Active router is 10.10.10.2, priority 150 expires in 8.268
  Standby router is local
  4 state changes, last state change 00:05:46
  IP redundancy name is "hsrp-Vl10-2" (default)

CORE2#sh stand
Vlan10 - Group 1
  Local state is Standby, priority 100, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.560
  Virtual IP address is 10.10.10.10 configured
  Active router is 10.10.10.1, priority 150 expires in 7.608
  Standby router is local
  1 state changes, last state change 00:06:01
  IP redundancy name is "hsrp-Vl10-1" (default)
Vlan10 - Group 2
  Local state is Active, priority 150, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 0.550
  Virtual IP address is 10.10.10.20 configured
  Active router is local
  Standby router is 10.10.10.1 expires in 8.980
  Virtual mac address is 0000.0c07.ac02
  4 state changes, last state change 00:06:20
  IP redundancy name is "hsrp-Vl10-2" (default)

try shutdown SVI 10 on CORE2

CORE2(config)#int vlan 10
CORE2(config-if)#shut

CORE1 will be the active router for both Group
CORE1#sh stand
Vlan10 - Group 1
  Local state is Active, priority 150, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 0.057
  Virtual IP address is 10.10.10.10 configured
  Active router is local
  Standby router is unknown
  Virtual mac address is 0000.0c07.ac01
  2 state changes, last state change 00:14:45
  IP redundancy name is "hsrp-Vl10-1" (default)
Vlan10 - Group 2
  Local state is Active, priority 100, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 2.199
  Virtual IP address is 10.10.10.20 configured
  Active router is local
  Standby router is unknown
  Virtual mac address is 0000.0c07.ac02
  5 state changes, last state change 00:00:18
  IP redundancy name is "hsrp-Vl10-2" (default)


but what happen if connection on R1 down, how HSRP gonna detect that? we can use track

on CORE1 we'll keep track port Gi1/48
CORE1(config-if)#stand 1 track gigabitEthernet 1/48

on CORE2, keep track on SVI 10
CORE2(config-if)#stand 2 track vlan 19

shutdown SVI 19 to see the effect, then show standby
CORE2(config)#int vla 19
CORE2(config-if)#shut

Vlan10 - Group 2
  Local state is Active, priority 140 (confgd 150), may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.184
  Virtual IP address is 10.10.10.20 configured
  Active router is local but why this is still local
  Standby router is 10.10.10.1 expires in 9.232
  Virtual mac address is 0000.0c07.ac02
  6 state changes, last state change 00:07:27
  IP redundancy name is "hsrp-Vl10-2" (default)
  Priority tracking 1 interface or object, 0 up:
    Interface or object        Decrement  State
    Vlan19                        10                Down  (administratively down) because, notice here, decrement only 10, latest value, 140, is still higher than the other side, so make sure the different between this two is no more than 10 to see the right effect

I think you should know where to adjust the priority ;) Happy Switching
7 comments:
Labels: , , , , ,

Saturday, May 22, 2010

spanning tree MST on Cat 6500, 4500, 3500

use the same network from previous lab, just remove the 3560 and Po64

let's focus on the two link between CORE1 and CORE2, and take VLAN 10, 20 as an example

before we go tot MST, there's something i forgot to mention on previous lab, this is one way to do the load balancing without using Etherchannel

CORE1#sh span vl 20
...
Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi1/1            Desg FWD 4         128.1    P2p
Gi1/2            Desg FWD 4         128.2    P2p
Gi1/3            Desg FWD 19        128.3    P2p

CORE2#sh span vl 20
...
Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi7/1            Root FWD 4         128.769  P2p
Gi7/2            Altn BLK 4         128.770  P2p
Gi7/5            Desg FWD 19        128.773  P2p

result for VLAN 10 also should be the same, so here's what we gonna do, we want to split VLAN 10 to use Gi7/1 and VLAN 20 to use Gi7/2,

and please take a close looks on port priority (in green), because we gonna manipulate this value the get the result

CORE1#sh span vlan 10
...
Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi1/1            Desg FWD 4          16.1    P2p
Gi1/2            Desg FWD 4         128.2    P2p
Gi1/3            Desg FWD 19        128.3    P2p


CORE1#sh span vlan 20
....
Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi1/1            Desg FWD 4         128.1    P2p
Gi1/2            Desg FWD 4          16.2    P2p
Gi1/3            Desg FWD 19        128.3    P2p

now the cost has changed, let's check on CORE2, VLAN 20 should have a different Root port by now

---------------- ---- --- --------- -------- --------------------------------
Gi7/1            Altn BLK 4         128.769  P2p
Gi7/2            Root FWD 4         128.770  P2p
Gi7/5            Desg FWD 19        128.773  P2p

now we go to MST

we'll  create
  • a region REG1
  • instance 1, VLAN 10, 30, Root no CORE1
  • instance 2, VLAN 20, 40, Root on CORE2
CORE1(config)#spanning-tree mode mst
CORE1(config)#spanning-tree mst configuration
CORE1(config-mst)#revision 1
CORE1(config-mst)#name REG1
CORE1(config-mst)#instance 1 vlan 10, 30
CORE1(config-mst)#exit
CORE1(config)#spanning-tree mst 1 priority 8192

CORE1(config)#spanning-tree mst conf
CORE1(config-mst)#instance 2 vlan 20, 40
CORE1(config)#spanning-tree mst 2 prio 16384

run almost the same conf on CORE2, just change the priority for instance 1 and 2 to change the Root for each instance

CORE2(config)#spanning-tree mode mst
CORE2(config)#spanning-tree mst conf
CORE2(config-mst)#revision 1
CORE2(config-mst)#name REG1
CORE2(config-mst)#instance 1 vlan 10, 30
CORE2(config-mst)#exit
CORE2(config)#spanning-tree mst 1 priority 16384

CORE2(config)#spanning-tree mst conf
CORE2(config-mst)#instance 2 vlan 20, 40
CORE2(config-mst)#exi
CORE2(config)#spanning-tree mst 2 priority 8192

on Dist1, just run both of the instance


DIST1(config)#span mode mst
DIST1(config)#span mst conf
DIST1(config-mst)#rev 1
DIST1(config-mst)#name REG1
DIST1(config-mst)#inst 1 vlan 10, 30
DIST1(config-mst)#inst 2 vlan 20, 40

let's check is it working, by right, VLAN 10 Root is CORE1, 20 is CORE2

CORE2#sh span vl 10

MST1
  Spanning tree enabled protocol mstp
  Root ID    Priority    8193 bridge prio for VLAN 10 is 8193
             Address     0019.0787.3000
             Cost        20000
             Port        769 (GigabitEthernet7/1) via this port (CORE1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    16385  (priority 16384 sys-id-ext 1)
             Address     0019.a908.ac00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi7/1            Root FWD 20000     128.769  P2p
Gi7/2            Altn BLK 20000     128.770  P2p  An alternate port is the next best path available back to the root bridge shall the root port fail
Gi7/5            Desg FWD 200000    128.773  P2p

CORE2#sh span vla 20

MST2
  Spanning tree enabled protocol mstp
  Root ID    Priority    8194
             Address     0019.a908.ac00
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8194   (priority 8192 sys-id-ext 2)
             Address     0019.a908.ac00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi7/1            Desg FWD 20000     128.769  P2p
Gi7/2            Desg FWD 20000     128.770  P2p
Gi7/5            Desg FWD 200000    128.773  P2p Root bridge ports are all in FWD state


on DIST1

DIST1#sh span root

                                        Root    Hello Max Fwd
MST Instance           Root ID          Cost    Time  Age Dly  Root Port
---------------- -------------------- --------- ----- --- ---  ------------
MST0             32768 0018.19b2.58c0         0    2   20  15
MST1              8193 0019.0787.3000    200000    2   20  15  Fa4/3 root port for instance 1 (VLAN 10, 30)
MST2              8194 0019.a908.ac00    200000    2   20  15  Fa4/5 this is for instance 2

to confirm this, check which switch on Fa4/3 and Fa4/5

DIST1#sh cdp ne

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
CORE2            Fas 4/5           159             R S I  WS-C6509- Gig 7/5 now confirm that Instance 2 root is CORE2
CORE1            Fas 4/3           173             R S I  WS-C6509- Gig 1/3
 
happy Switching ;)
No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)