Question

EtherChannel - Load Balancing on a Cisco 3560 – Need help - Please read!

Asked by: wtango

Hello all,
I need help configuring a Cisco 3560 switch. Here’s the situation, the switch is located at the datacenter. It should be the main gateway. It suppose to have two fiber channels incoming from the ISP (1G each), and one fiber going to another geographical location of the data center (another gage). I would like to create a virtual (EtherChannel if that’s the appropriate solution) on both the main incoming fiber channels from our ISP. These two ports should handle to different networks (class B and C). The networks should talk to each other and should be accessible to and from the world.
How does it work?
If each is 1G does that mean that the combined logical line will be 2G?
Do I need to configure anything to make it load balanced?
How can I configure it (exact CLI)?
Can I use CNA?
Does the ISP need to configure something on their hand?

The 3rd fiber channel should go to a different Cisco switch on a different gerographical location (2970). Should I configure the FC port in a special way since there is a nother Cisco switch on the other side?

Last time I tried to configure the FCs (without EtherChannel) the networks (class B and C) could see each other and when they did, they couldn’t see the world. I was told I should activate IP routing.
How many VLANs should I create?
Should I create a single VLAN for the 2 networks and a VLAN for each single fiber that goes to the ISP?
How does EtherChannel change the VLAN structure?

I was reading about unicast, broadcast filtering, should I activate this filters to protect myself from denial of service? What is the right % I should use?

I was using CLI the first time I configured it, now I have started working with the CNA. Is that a good enough substitute?

This is the first time really that I am configuring something like that. Any help would be greatly appreciated!

Cheers,
WT.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2005-07-24 at 22:48:26ID21502814
Tags

cisco

,

etherchannel

,

3560

,

load

,

balancing

Topics

Miscellaneous Networking

,

Networking Hardware Firewalls

,

Enterprise Firewalls

Participating Experts
2
Points
500
Comments
11

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Etherchannel on Cisco switches
    can etherchannel span 2 boxes? Can you have port gig0/1 on switch A and port gig0/1 on switch B belong to etherchannel 1 if A and B are connected and terminate at C.
  2. etherchannel on cisco 3548 switch?
    searching around and i havent been able to find that the cisco 3548 switch supports etherchannels. is that indicating that it does not? if so, what is the next version that does?
  3. Connect Cisco 2800 series router to fiber
    Our building is in the process of getting a fiber circuit pulled in from the street. We are being told, that in order to connect our CAT5 ethernet equipment to the fiber from the street, a fiber to coax to ethernet cable has to be used. We have a Cisco 2821 currently runnin...
  4. configuring etherchannel
    hi we currently have 4 100mb cisco 3500 48 port switches. i am changing them to 4 cisco 2960 48 port gig switches shortly. i want to connect the switches to each other via 2 port etherchannel. am i right in saying then that this will give me 2 Gig links between the switche...
  5. Cisco Switches - configuring Etherchannel
    I have two Cisco switches that I would like to configure with two trunk links using Etherchannel. I would like to achieve 2 gigs of bandwidth between the switches. Switch1 is a Cisco 2960G The ports I would like to use are G0/47 G0/48 Switch2 is a Cisco 3550 The ports...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: pseudocyberPosted on 2005-07-25 at 02:15:26ID: 14516703

So, you're getting fiber from your ISP and you're pluggig it straight into a 3560 in you Data Center.  You're getting a Class B network AND a Class C network from your ISP?!?  What exactly are you getting from your ISP - are you sure you're gitting 2 GigE connections?  That's A LOT of Bandwidth from an ISP ...

You really should get a seperate firewall - like a PIX.  Your Internet connection should feed through your firewall - actually it could go into a switch/router before your firewall where you could do some basic screening and then into your firewall for more advanced rules.

Then, I could see an Etherchannel from your firewall(s) to your core network.

The way you describe it now, I don't really see the benefit of doing Etherchannel - you have to do it on BOTH sides of the connection - it just takes two or more connections and "bonds" them together to appear to be one.  So, it would be applicable to your other Cisco switch - but you only mention one connection over to it.  However it's not really applicable to an ISP.

 

by: wtangoPosted on 2005-07-25 at 09:48:53ID: 14519441

Hi pseudocyber,
You are correct. I am getting two FC from my ISP, they are each 1G. I know it’s a lot, but that’s what we use :o)

Also, we are getting two networks from them, a class B and C networks. No PIX sorry. I was thinking of creating a single FC port from the two incoming ports, redundant and all, configure the two networks, and then create ACLs, which will be the first line of defense.

Right now our ISP/datacenter does the routing for us. We want to take this task from them using the 3560 which has basic routing capabilities.

Why do u think I shouldn’t use EtherChannel on the two incoming FC? I am basically trying to create one super connection from the two, like a 2 G connection, or take the load from one and use the second as a balancer.

Cheers,
WT.

 

by: cschuettPosted on 2005-07-25 at 10:05:55ID: 14519617

What he is saying is that you need to have the ISP set up the EtherChannel on their side as well.  That's not complicated on a 3560.  

Something like this would do:
Switch# configure terminal
Switch(config)# interface range gigabitethernet2/0/1 -2
Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 10
Switch(config-if-range)# channel-group 5 mode desirable non-silent
Switch(config-if-range)# end

From: http://www.cisco.com/en/US/customer/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00801cdea1.html

But I really must question your decision to use a 3560 as a router.  It's not.  It's a switch.  Switchs switch and routers route.  If your organization is big enough to have 2G of bandwidth, it can afford a router.  A nice 3570 should do the trick.  It can also do some basic firewalling (althought if you can afford 2G, you can afford a PIX).  

You really need the router to communicate between the two networks (did you really get a class B?  That's insane.)  Seriously, if you've got 2G of bandwidth and a class B, you need a router.  A switch can't (shouldn't) handle something like that.

Good luck.  

 

by: wtangoPosted on 2005-07-25 at 10:45:37ID: 14520067

Heheheh you are right man! And my bad I just looked at it again, and it’s a class C and another half a class C, not B! My mistake… Your reaction made me look at it again… Don’t know why I said B.

But still, I see your point. I am thinking of leaving the routing capabilities on their end, ACLs on our end, EtherChannel the 2Gs, and call it a day.

Also, I am currently on 12.2.(20)SE3, I want to go to 12.2(25)SEC, which is the latest one. Should I updates all the previous versions released between my current version and the latest or should I go directly to the (25)SEC?

Cheers,
WT.

p.s. 1G… you should see the speeds I am getting man ;)

 

by: cschuettPosted on 2005-07-25 at 10:56:12ID: 14520178

That makes a lot more sense ;)  I would take it a step further and ask, do you need that many public IPs?  Generally speaking, I would give a /27, maybe /26 to a customer of an ISP.  Anything after that, and they can NAT it, but that's neither here nor there.  

If the question is between them doing the routing, and you doing the routing on a switch, I would recommend letting them do the routing and I hate giving up control like that.  I just hate switches routing even more.  Call me a purist ;)  ACLs on your end is a good idea though.  It can't hurt (unless you config it wrong ;)).  

No reason to to go previous versions between updates.  Just tftp the new IOS down and reboot.  Piece of cake really.  Get a tftp server (I use Pumpkin) and do a copy tftp flash on the switch.  It'll prompt you for everything after that.  

And I can imagine the speeds you're getting ;)  

 

by: wtangoPosted on 2005-07-25 at 11:17:56ID: 14520401

Perfect! Thanks for all the insight information man, I appreciate it. About the IPs I couldn’t agree with you more, I am a fairly new employee here, and the whole network was configured way before my time. I am working on changing it though….

I will leave the question open for a day or two, because I want to finish configuring it, and send u guys a copy of the running config so you could tell me what you think about it.

Many thanks,
WT.

 

by: wtangoPosted on 2005-07-25 at 11:19:42ID: 14520418

Ohh and u said I should use a 3570 Router and a PIX? Any resellers you can recommend? I want to get price quotes and start having things moving forward.

Cheers,
WT.

 

by: cschuettPosted on 2005-07-25 at 11:23:00ID: 14520445

Sounds like the same boat I'm in with inherited networks.  Always lots of fun ;)  

I would find a local company as a reseller.  CDW is also pretty good, but there are some things (mostly VoIP) that they can't sell.  They have good pricing though.  Depends on how big you plan on getting, but Cisco will usually send a sales rep down if you're going to be buying some stuff from them.  A good sized router and PIX should qualify.  You're probably too late to catch it, but their quarter ends at the end of July so they always offer deals to boost their sales for the quarter.  

Good luck!

 

by: wtangoPosted on 2005-07-25 at 15:42:46ID: 14522542

My boss just scared me, am I really looking at an expansive router when I have dual gigs connectivity or more? Do u have a specific model in mind? I am waiting to hear from the Cisco guys. I was looking at the 2800 series.

 

by: wtangoPosted on 2005-07-25 at 17:24:03ID: 14523026

Quick question, I am trying to download the latest IOS, but am a little bit confused as to which one to download. What is the difference between IP BASE and IP SERVICES? Could find anything in the Cisco website.

Here are the files I found for the 3560:
c3560-ipbase-mz.122-25.SEC.bin
IP BASE W/O CRYPTO

c3560-ipbase-tar.122-25.SEC.tar
IP BASE W/O CRYPTO WITH WEB BASED DEV MGR

c3560-ipservices-mz.122-25.SEC.bin
IP SERVICES W/O CRYPTO

c3560-ipservices-tar.122-25.SEC.tar
IP SERVICES W/O CRYPTO WITH WEB BASED DEV MGR

 

by: wtangoPosted on 2005-08-10 at 12:17:41ID: 14645442

OK I know its been a while, and I apologize for keeping you waiting, but I have been busy with storage stuff. Our requirements have changed; I found out that our ISP wouldn’t support the use of EtherChannel to our 3560! So, its either we take routing to our side, which will probably take place in the long run, or we work with what we have!

In the short run, since our ISP will only support BGP Idnt + Loopback address. Is there away to still have the 2 1Gb connection into one?! If not then my option is to go 2 single fibers that goes in with no load balancing or anything right?

Thanks,
WT.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...