chipsch
asked on
ASA 5505 redundant Inside Links
Since the 5505 doesn't support redundant interfaces I am having some design problems with making the 5505 redundant to the inside of the network. General layout is that there are several 5505's that tie into a single 6500. I would like for them to tie into a second 6500 hundred for the same subnet, i.e. vlan 10 on both interfaces on the inside. I know the 5505 doesn't support spanning-tree also. Also there is nothing layer 3 on the inside other than the inside interface gateway of the ASA itself via a SVI. Would the best option be to tie those 5505's into another switch that multi-homes into the 6509s? The goal here is two keep it so that if a single 6500 fails all services stay up and online.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I could give it a try but all of the documentation says that the ASA itself doesn't support spanning-tree. Will post back with results later.
But the other end should support it. So let's see if that is enough.
Just don't try it during peak hours ;)
Just don't try it during peak hours ;)
ASKER
Oh no I am going to use a lab one and set it up when I can find the time. I don't ever make unsure changes or proof of concept tasks in production. But thanks for the reminder :)
You're welcome, sometimes you don't know what people might do ;)
Good luck & let me know.
Good luck & let me know.
ASKER
So finally got a chance to throw a quick test together for this. While the ASA doesn't support spanning-tree itself the switch seems to figure it out well enough. See below output.
VLAN0504
Spanning tree enabled protocol rstp
Root ID Priority 33272
Address 000a.4191.4d00
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 33272 (priority 32768 sys-id-ext 504)
Address 000a.4191.4d00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------
Fa0/23 Desg FWD 19 128.23 P2p
Fa0/24 Back BLK 19 128.24 P2p
Thanks erniebeek, works like a charm.
VLAN0504
Spanning tree enabled protocol rstp
Root ID Priority 33272
Address 000a.4191.4d00
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 33272 (priority 32768 sys-id-ext 504)
Address 000a.4191.4d00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------
Fa0/23 Desg FWD 19 128.23 P2p
Fa0/24 Back BLK 19 128.24 P2p
Thanks erniebeek, works like a charm.
ASKER
Thanks for the advice.
ASKER