Quick Cisco question

[iaind]

Quick question - what's the reccomended approach to provide rendundancy on uplinks (configured as VLAN trunks) on non stackable Cisco switches (3560s specifically)?

Can I just plug the uplinks in a "loop" and let the switches figure it out, or is that asking for trouble?

 

[paradigm]

Spanning Tree Protocol should resolve any loopbacks in the topology.

 

[bigredshark]

Quick question - what's the reccomended approach to provide rendundancy on uplinks (configured as VLAN trunks) on non stackable Cisco switches (3560s specifically)?

Can I just plug the uplinks in a "loop" and let the switches figure it out, or is that asking for trouble?

Asking for trouble IMO, spanning tree is a rubbish protocol at the best of times. My favorite is what cisco call 'flexlinks' (other manufacturers have different names). It's reliable, predictable and fast to failover. We use it for all our standalone units...

configured using (substitute your interfaces)

>int g0/1
>switchport backup int g0/2

then 'sh int switch back' gives status...

bcs-c15-a1.lon7#sh int switchport back

Switch Backup Interface Pairs:

Active Interface Backup Interface State
------------------------------------------------------------------------
GigabitEthernet0/17 GigabitEthernet0/18 Active Up/Backup Standby

Nice and easy

 

[paradigm]

Oooh, never knew about "flexlinks", might have to do some reading.

 

[bigredshark]

Oooh, never knew about "flexlinks", might have to do some reading.

I think they'll finally kill spanning tree myself, they have some extra features available too

- You can prefer different links for different vlans for load balancing.
- You can enable preemption so it'll fail back to the primary link when it's available again (makes network layout nice and predictable)
- You can enable mac mvoe notification to neighbouring switches so you avoid the stale mac address issue

It fails over in sub 50ms (regardless of numebr of vlans/mac whatever) which is fairly impressive and it's stupidly simple.

Brocade call the same thing 'protected link groups' and Juniper call it 'Redundant Trunk Groups' (RTG)

Word of warning, for some unknown reason it requires fairly recent switches and IOS - 2950s don't support it for instance, odd considering it's simplicity but that's the way it is...

 

[iaind]

So if I've got

Switch 1
|
Switch 2
|
Switch 3


Lets assume the uplinks are all on port 1 of each switch

If I added an uplink from switch 1 to switch 3, using port 48 on both - I'd add "switchport backup gi0/1" to port 48 on both switch 1 and 3?

 

[iaind]

Word of warning, for some unknown reason it requires fairly recent switches and IOS - 2950s don't support it for instance, odd considering it's simplicity but that's the way it is...

Ours are 3650s with 12.2(25) and a single 3750 with 12.1(19)....good enough?

 

[bigredshark]

Ours are 3650s with 12.2(25) and a single 3750 with 12.1(19)....good enough?

Mmmm, a 3560 you mean? I would think so, they're the slightly more capable relation of 2960 and of a similar age so should work, we don't use them so I can't comment. Certainly 3750s and 2960s work for sure.

12.2.25 should be OK I think...

 

[bigredshark]

So if I've got

Switch 1
|
Switch 2
|
Switch 3


Lets assume the uplinks are all on port 1 of each switch

If I added an uplink from switch 1 to switch 3, using port 48 on both - I'd add "switchport backup gi0/1" to port 48 on both switch 1 and 3?

Umm, I'm thinking quickly as I'm half way out the door but it sounds like it'll work to me....it's a slightly unstructured (ok, very) topology which would more traditionally be seen with spanning tree but it should be OK.

 

[Laser402]

So if I've got

Switch 1
|
Switch 2
|
Switch 3


Lets assume the uplinks are all on port 1 of each switch

If I added an uplink from switch 1 to switch 3, using port 48 on both - I'd add "switchport backup gi0/1" to port 48 on both switch 1 and 3?

Wouldnt that knock out one of the links?

I would have thought, on port0/1 you would set port0/48 as the backup then it would keep it as standby until port0/1 goes down? otherwise STP will disable either port 1 or 48 to stop a loop forming?

 

[iaind]

Ah, so the backup line is saying "port x is my backup" not "I'm a backup for port x"?

Basically switch 3 is my server switch (thats the 3750), 1 and 2 are both desktop switches - I want to ensure users on switch 1 can access the servers if switch 2 fails.

 

[Laser402]

Ah, so the backup line is saying "port x is my backup" not "I'm a backup for port x"?

Basically switch 3 is my server switch (thats the 3750), 1 and 2 are both desktop switches - I want to ensure users on switch 1 can access the servers if switch 2 fails.

Switch# configure terminal

Switch(conf)# interface fastethernet0/1

Switch(conf-if)# switchport backup interface fastethernet0/2

Switch(conf-if)# end

Switch# show interface switchport backup

Switch Backup Interface Pairs:


Active Interface Backup Interface State

------------------------------------------------------------------------------------------
-------------

FastEthernet0/1 FastEthernet0/2 Active Up/Backup Standby

FastEthernet0/3 FastEthernet0/4 Active Up/Backup Standby

Port-channel1 GigabitEthernet0/1 Active Up/Backup Standby

-

Straight from Cisco Site, so Yes, configure the backup port on the primary port you would like to use.

 

[bigredshark]

Or, if you can spare the ports, given the server switch needs to be working - why not loose the ring config and link both desktop switches to the server switch, maybe using ether-channel which will give you resiliency and extra bandwidth.

Just an idea...

 

[iaind]

That makes a lot more sense!

I could then just move the uplink that goes between 1 and 2 to 3

Don't think etherchanel will be worth it for me, the odds of a single cable/interface failing is pretty remote and I wouldnt benefit from the extra bandwidth - the desktop switches just run SCCP voice and ICA sessions, even with all 48 ports at full pelt, I doubt I'd come close to the limits of a single gbit uplink.

Sometimes it does just take another pair of eyes to spot the obvious solution

 

[bigredshark]

Fair enough, if you do have spare ports though keep in mind all it'll cost you is a cable and ports do fail (I see a handful a year on our cisco units, from maybe 6500 cisco ports deployed in total, rare but you do see a few - that and a few dead PSUs in the 2960 and 3750s)