Re: Need guidance on Cisco 6513 install
- From: Trendkill <jpmason@xxxxxxxxx>
- Date: Sat, 31 May 2008 05:46:25 -0700 (PDT)
On May 30, 11:27 pm, clar...@xxxxxxxxx wrote:
I'm hopeful that someone can help me with this situation. I am tasked
with configuring a new 6513 switch and it must be in production by
Tuesday noon (June 3rd). We rack mounted it today and will be able to
power it up Monday morning.
Here is the problem: I have some networking and Cisco knowledge, but
don't have much experience configuring VLANs or 6500 series switches.
I've done some ongoing administration on a production 6500, but never
set one up from scratch. There is an Avaya rollout that depends on me
having this switch set up on Tuesday by noon, with the proper subnets.
We've already determined what the subnets will be. Here is the
existing environment:
Cisco 2811 router, which connects this building to our main building
via a 1 mile fiber link. This router has an available 100MB port that
I'm considering connecting to the 6513.
There is a new 3750 switch arriving Monday that will connect to the
6513 from a server room via fiber (we have all the 10GB fiber modules
for this connectivity). This 3750 must have some ports configured on
the 10.2.200.0 subnet for VoIP.
The switch itself (and other future network hardware) will be on the
10.2.1.0 subnet, and we will have future servers on 10.2.10.0 and
workstations on 10.2.100.0.
So it will be: 3750 -> 10GB fiber -> 6513 -> 100MB -> 2811 router.
The 6513 will have 3 48 port line cards installed, but the
workstations in this building (currently on 3Com switches) won't be
moved over to the 6513 for a couple more weeks. So I'm only going to
connect one of the 10/100/1000 ports to the 2811 router initially.
I would just like some overall guidance on how to go about configuring
the 3750 and 6513. Any advice would be greatly appreciated. I've
already read through most of the installation guide, but it's more for
reference.
Thanks in advance.
The best suggestion I can give is to break this into manageable parts/
pieces for you to configure. At a high level, here is a brief list of
the major areas that you need to focus on:
1. System (name, IP, contact)
2. Administrative (SNMP & Logging)
3. AAA (AAA, TACACs)
4. Layer 2/3 (Vlans, hsrp, spantree, etc)
5. Routing (Protocol & Statics)
1 and 2 are necessary but not overly important, whereas 3, 4, and 5
basically define your whole architecture. Do you have another switch
(6513) showing up for redundancy? If not, I'm surprised they wouldn't
do two 6509s or 6506's if you only have 3 line cards and since there
is no redundancy in a single switch. Regardless (no need to question
what is already defined), how is the network expected to be designed
or grow in the future?
In its most basic configuration, you need vlans for VOIP, Users,
Servers, and the link to the 2800. However, and depending how large
this network may or may not get, I would consider being ahead of the
curve in that event.
10.2.0.0 - Loopbacks of network devices
10.2.1.0 - VLAN 1 for management interfaces on switches (using vlan 1
can be debated, but you can always choose another vlan number and same
IP addresses)
10.2.2.0 - Routing Vlan
10.2.3.0 - 2nd Routing VLAN (for secondary adjacencies)
10.2.5.0 - Management interfaces for servers, appliances, etc
(including iLO, Console, etc)
The rest of the IPs I would carve up as you see fit. You could do it
by server type (wintel, linux, aix, sun, vm, etc), or you could do it
by project, or you could do a big /23 or /22 and just put all your
servers there. I like to split it up in some way to help keep the
traffic central.
As to the routing vlans, these are key to your routing config.
Whatever routing protocol you choose to run, make 'passive-interface'
the default (so that no interface will create an adjacency out of the
gate), and only allow the vlan 2 and vlan 3 interfaces to exchange
routing information. This means that every router you put into this
network going forward will have one interface in vlan 2, and one in
vlan 3, for redundancy. This is kind of moot since you only have one
'core' 6513, but whatever. In a two core environment, both switches
would have both vlans, but core 1 would be the spantree/hsrp owner for
vlan 3 (and all other odd vlans), and core 2 would be the spantree/
hsrp owner for vlan 2 (and all other even vlans). If one core
dropped, all other routers would still continue to communicate on vlan
3 uninterrupted.
Lastly, you need to consider if you are doing a layer 2 or distributed
layer 3 network model. The difference is that a layer 2 model will
create all networks/vlans on the 6513 and trunk them out to other
devices as necessary. The distributed layer 3 model is to help
distribute layer 3 routing load and take load off the backbone, and
this is done by only creating small vlans on each pair of switches,
and then creating routing adjacencies to all other pairs. This means
that vlans are not trunked, and all traffic on a vlan will stay within
a pair of switches unless it needs to go elsewhere. No more
traversing a trunk to get to your MSFC router to move to a different
vlan and then back to the same pair of switches. A more costly
solution, but in very large networks, this is a must.
As referenced above, make sure your spantree and hsrp priorities are
set properly. Even though you don't have a 2nd core, that doesn't
mean you can't plan for one. Set up hsrp (even though there is no
other hsrp partner), and this device will just be the .2 on each vlan,
and have .1 as the hsrp address. This way if another core shows up,
you don't have to break anything, you just add it in as .3 in each
network and setup hsrp. At that point you'll also want to make each
switch own some vlans. The highest priority is the hsrp 'owner', so
do something like 140 for all odd vlans on core 1, and 130 for all odd
vlans on core 2. Then 140 for all even vlans on core 2, and 130 for
all even vlans on core 1. Just helps distribute load from vlans. For
spantree, same thing, except lower wins. You'll want 8192 on the
layer 2 'owning' switch, and something slightly higher for the
failover. NO OTHER SWITCH should have either of these spantree
priorities for the same networks, put all others at 32768 or
whatever. Again I would distribute these against odd/even vlans
differently, which won't do anything while you have one core, but can
help when you add a second.
As for routing, I would consider turning up OSPF or EIGRP, and make
sure you use the passive stuff I talked about above. You only want
adjacencies where it makes sense, no need to go overboard. You would
create network statements for each 10.2 or 10.1 network, and then if
you were running eigrp, you can do a ip summary-address eigrp command
on your routing vlan interfaces (vlan 2 and vlan 3) with a summary of
your networks in this location (10.2.0.0). If you are going to use
10.2.0.0 in any other location (say 10.2.128.0), then do not do this
summary, and adjust it as necessary).
Then give your 2800 an interface in vlan 2 and/or 3, in EIGRP, make
sure someone has a default route, and redistribute connected. Also
make sure you have default information originate for whichever router
has the default.
Again, I'm sure I've missed some things, but this is the best advice I
can provide on short notice from an architectural standpoint. I'm
sure others will correct me/add on where I have missed something.
.
- References:
- Need guidance on Cisco 6513 install
- From: clarv02
- Need guidance on Cisco 6513 install
- Prev by Date: Re: Need guidance on Cisco 6513 install
- Next by Date: Re: Need guidance on Cisco 6513 install
- Previous by thread: Re: Need guidance on Cisco 6513 install
- Next by thread: Re: Need guidance on Cisco 6513 install
- Index(es):
Relevant Pages
|
Loading
