Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Two  VTP servers and MST instances and HSRP load sharing

Posted on 2012-09-09
4
Medium Priority
?
1,233 Views
Last Modified: 2012-09-25
Hi,

I would like to place a  few basic typical scenarios questions as we are proposing a solution to our customer

We have cisco 4506 switches and 24 Access Switches and two 3560 distribution switches

WE have proposed a solution as followes :

a) each switch belong to each VLAN , so total 24 vlans

b) Among 24 access-switches , 12 access switches are connected to one distribution and remaining 12 access-switches connected to other distribution switches

c) two distributions connected to two Core-Switches and interconnectivity also exists for link level redundancy

d) We are planning to give HSRP redundancy between two core-switches and Loadbalancing also means for 12 vlans , one core switch will be master and other 12 vlans the second core-switch will be master

e) If any core-switch gets down , all the traffic has to pass from the Next core-switch

I hope you would understood from the above discription , if you are not pls reply back so the will try to send visio diagram

My requirement is

a) Can we confgure two VTP servers on each core switch for the respetive VLANs means
    for 12 vlans one core-switch will be Server and other 12 vlans , the next core switch will be VTP server ,

b)  if one core switch gets down , the  vlan information has to propagate from other  core-switch

c) can we configure MST instances for each 12 vlans or what are the STP parameters we can configure in the network

d) How to configure HSRP redunadancy with load sharing

e) What about a ASA firewall configuration which is at above core switches

Pls reply so that we are going to implement shortly


Regards
Ramu
0
Comment
Question by:RAMU CH
  • 2
  • 2
4 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 2000 total points
ID: 38382673
Among 24 access-switches , 12 access switches are connected to one distribution and remaining 12 access-switches connected to other distribution switches

You didn't ask, but I see a huge problem here. If the distribution switch fails, you will lose connectivity to 12 access switches. Better to connect the access switches to both distribution switches.

a) Can we confgure two VTP servers on each core switch for the respetive VLANs means for 12 vlans one core-switch will be Server and other 12 vlans , the next core switch will be VTP server ,

You could. It would require two VTP domains.

b)  if one core switch gets down , the  vlan information has to propagate from other  core-switch

That wouldn't happen if you went with two VTP domains.

c) can we configure MST instances for each 12 vlans or what are the STP parameters we can configure in the network

Since you've effectively got two paths, I would create two MST instances and associate 12 VLANs with one and the remaining 12 VLANs with the other.

d) How to configure HSRP redunadancy with load sharing

You could create two HSRP groups (one for the first 12 VLANs and the other for the remaining 12) and make one core active for one and the other core active for the other.

e) What about a ASA firewall configuration which is at above core switches

What about it?
0
 
LVL 1

Author Comment

by:RAMU CH
ID: 38385323
Thanks for the Reply..

Can i try it in GNS-3 simulator?

TWO core-Switches and ASA Firewall Inside interface connected to one access-switch

                                                   ASA FW
                                                      |
                                                  Access-Switch
                                               |                    |
                                 Core-sw-1  --HSRP-------   Core-Sw-2

Questions :

1) If i create two VTP doamins , will the End devices (Systems) can communicate each other
     means from one vtp domain system to other domain system..As per our requirement, communication should happen

2) It i create two VTP domains , what about the Firewall inside route pointing to which ip address , is it a HSRP virtual IP address

3) can i make one core-switch as Root bridge for 12 vlans and other core-sw as a root bridge for other 12 vlans, in a two VTP domains

My main query how will it communicates between inter vtp domain end devices , if it is not then what would be the solution ..

Regards
Ram
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38386246
Regarding GNS, no. It's really a routing emulator. The switching is simulated.

1) Yes. VTP doesn't have anything to do with how the traffic flows. But it's just a bad design with no advantages, only disadvantages.

2) You could do either (physical or virtual).

3) Yes. But VTP doesn't have anything to do with it. VTP is ONLY for the propagation of the VLAN database.

If you could articulate what you're trying to accomplish with this "two VTP domain" idea, it would help.
0
 
LVL 1

Author Closing Comment

by:RAMU CH
ID: 38435418
Tks
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month15 days, 21 hours left to enroll

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question