Solved

Cisco 6509 Virtual Switching System implementation

Posted on 2011-09-09
6
1,422 Views
Last Modified: 2012-05-12
Presently at the distribution layer, i have a Catalyst 6509_1 switch paired with a Catalyst 4507 Switch. Both run HSRP protocol between them.
I have Catalyst 2960 and 3560 switches at the access layer. Each access layer is dual-homed to the distribution layer switches.
The Catalyst 4507R is standby for some vlans, while the Catalyst 6509 is active for other vlans
Now i intend to implement Cisco Virtual Switching System (VSS) at the distribution layer.
I have purchased an extra 6509_2 to pair the existing Catalyst 6509_1 switch.I intend to replace the existing Catalyst 4507 switch with the new 6509_2. The existing 4507R switch would eventually become an access layer switch, just like the existing Catalyst 2960s and 3560s.
So i will be mirroring all the configs on the configs on the 4507 onto the new 6509_2. So these two 6509s would be running HSRP between each other prior to migrating to VSS. I am trying to manage the changes over a period of time, in an attempt to avoid wholesale changes at once.
My purchase also includes two VS-S720-10G supervisor engine modules for the purpose of VSS.
One VS-S720-10G would be used in the new 6509_2 chassis, while the other would replace the existing supervisor engine in the existing Catalyst 6509_1 switch, as the existing supervisor does not support VSS.
I have read a number of cisco documentation on VSS technology and configurations over the past weeks.As the implementation approaches, i cant help but double-check with you experts.
My queries are outlined as thus:

1. Are there any gotchas i need to be aware of during this implementation? I'd appreciate any firsthand experience.
2. What is the best method to ensure that Catalyst 6509_1 becomes the Active VSS Switch? because i read that the first switch to come back up after reboot becomes the active switch.

    I understand that with VSS, all previous HSRP configurations can be removed. There is where my confusion lies. Take for e.g for vlan 50, there is an SVI defined on each 6509 switch with a virtual ip address of 192.168.50.253, while 6509_1 and 6509_2 have SVI ips of 192.168.50.1 and 192.168.50.2 respectively.
3.  After implenting VSS, do i have to remove the 192.168.50.1 and 192.168.50.2 ips from 6509_1 and 6509_2.
4.  should i leave the Virtual IP of 192.168.50.253 running on both 6509_1 and 6509_2?
5.  I understand that after VSS, the configurations from 6509_1 and 6509_2 are synchronized.      does this merge the the hsrp configurations as well, hence no need to make changes on  existing HSRP configurations on both switches.
6.  In the event that i need to make uplink connections from the VSS pair to two Cisco 12406 routers i.e 12406_1 and 12406_2, do i dual-home each 6509 to the two Cisco12406? or just connect 6509_1 to 12406_1 and then 6509_2 to 12406_2? Note that the Cisco 12406 routers are edge routers onto the MPLS network.
7.  If i decide to run OSPF protocol between the VSS pair and the Cisco 12406 routers, what would be the place of nsf in all these?
8. Is there any IOS issues i should beware of. Although i expect the new VS-S720-10G supervisor cards to arrive with VSS-compatible IOS.

I know this is a bit of a bother, but i would appreciate answers to the questions above. Also, if you have any ideas which you think might be of help, please do not hesitate to get them across.

Thanks in anticipation

Regards

0
Comment
Question by:salvatorepp
  • 2
  • 2
  • 2
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
Comment Utility
1 & 2) There is no active. There is only one switch. So don't think of it as two switches. Think of it as one switch with lots of ports.

3) don't understand the question.

4) there won't be HSRP anymore.

5) There won't be HSRP anymore. ;-)

6) Dual home would be best.

7) I don't think there would be a need for NSF since a chassis failure is handled internally by VSS.

8) not that I know of.
0
 
LVL 8

Expert Comment

by:SeeMeShakinMyHead
Comment Utility
do you have intentions on running l3 links to the 6509 VSS or are you running l2 trunks to the VSS's?
0
 

Author Comment

by:salvatorepp
Comment Utility
@ SeeMeShakinMyHead, I intend to run L2 trunks to the VSS.

@ DonJohnson. My number 3 question had to do with existing HSRP. I wanted to know if implementing woutd take away the existing HSRP configurations or i would have to manually remove the existing SVI ip addresses on each VSS pair.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:salvatorepp
Comment Utility
@ DonJohnson,.......Maybe what i intend to ask is that - Does conversion from standalone to VSS take away all existng configurations in two switches i.e does it become like a new switch with all existing IP addressing details blown away?
or to put it more appropriately, what does one see when he logs into a switch thats just been converted into VSS. do you see your old configs or is it like a fresh box?
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 250 total points
Comment Utility
I can't say for sure. I've never "converted" standalone switches to VSS.

Here's a rather good document on the concept.

http://www.cisco.com/en/US/products/ps9336/products_tech_note09186a0080a7c74c.shtml

But I would imagine like any of configuration migration, it's probably filled with missing lines in the new configuration file.

Personally, rather than perform a "conversion" and then go looking for any mistakes or errors in the process, I would just start from scratch.
0
 
LVL 8

Assisted Solution

by:SeeMeShakinMyHead
SeeMeShakinMyHead earned 250 total points
Comment Utility
I agree.  And since the interfaces will change from 4/1 to 1/4/1 and 2/4/1, it may lose interface configurations, but I wouldn't think it would lose any other configs.  Just document the config files for all devices and cabling and create a revert plan in case time runs out for the migration.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now