Solved

Configure Core Switch

Posted on 2013-01-10
14
795 Views
Last Modified: 2013-01-15
Assuming I have  4 Layer switches configure with several VLANs on each switch and each switch is configured with IP ROUTING command, and each switch is trunked to the Core Switch

***Now,how should I configure the Core Switch so that all VLANs in all switches (all PCs in the network)can talk to each other?

Thanks
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
  • +1
14 Comments
 
LVL 9

Expert Comment

by:gt2847c
ID: 38764351
Several questions:

Is there a reason why you've distributed your routing to the edge switches rather than the core?

Are the VLANs on each edge switch unique or shared across the collection of edge switches?

Do your edge switches support a routing protocol (no brand/model was specified, so don't know the capabilities)?

Any requirements to consider other than all PCs can talk with each other?
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38764367
To recap
You have a Switch 1 that is acting as a Core Switch and Distribution Switch
You have 4 Switches 2 - 5 that are Access layer switches

I would recommend configuring VTP
- Make the Core switch the vtp server
- make the Access switches vtp clients

Create your vlans on the core switch and turn routing on

This will make the vlans talk to each other.
You can use ACLs to isolate vlans you think needs privacy eg Voice Vlan

I think you're on the right path except that I won't recommend combining Access Layer switches and Distribution together. Core and Distribution is a much better topology and let Access switches just be Access
0
 

Author Comment

by:jskfan
ID: 38765985
Example:

L3Switches:
SW1= Vlan11,12,13,14,15
SW2= Vlan16,17,18,19,20
SW3=Vlan21,22,23,24,25
SW4=VLan26,27,28,29,30

CORESWITCH= in the Middle., all 4 Switches are Trunked to it.

-Each L3 switch is configured with IP Routing and SVI. So Vlans within each switch talk to each other without going to the Core Switch and get back.
However if SW1 Vlan 11 wants to talk to SW4 Vlan 28, it needs to go through Core Switch.

**VLANs on each edge switch are unique , not shared on other switches, so no need for VTP.
**L3 Switches support IP Routing
0
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

 
LVL 18

Expert Comment

by:Akinsd
ID: 38766028
That's fine if that's what works for you. You have a higher surface attack with that configuration, but it is totally fine as long as it meets your network needs for now.

Take a look at this link for Cisco's recommended best practices with Switch topologies.
http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/VSS30dg/VSS-dg_ch3.html

Cisco's 3 Layer Switch Topology
0
 
LVL 9

Assisted Solution

by:Sandeep Gupta
Sandeep Gupta earned 30 total points
ID: 38766327
you can create subinterface for each vlans in your core switch.
0
 
LVL 9

Expert Comment

by:gt2847c
ID: 38767057
Several ways you can run this.  I'm going to make an assumption that you are on Cisco, so if this is not the case, the setup or terminology may be a little different.

Single uplink between core and edge:
Configure port on core switch as routed port and assign IP address using a /30 subnet.  
Configure port on edge switch as routed port and assign IP address in same /30 subnet
If you are using copper uplinks, make sure the ports are configured as auto MDIX or you use a crossover cable.  Depending on your license you can either run static routes or routing protocol to distribute routing information.  With static, the edge switch should get a default route to the core.  The core switch should get the routes for the VLANs on the edge.  If you're licensed for OSPF/EIGRP on the core and edge switches, then you can skip the statics and just let the routing protocol handle it.  Alternatively, configure a common VLAN between core and edge switch and create a VLAN interface on both core and edge.  Route as above

Multiple uplink between core and edge:
If you are licensed for a routing protocol, you can run multiple "serial style" links between edge and core as first example above and allow the routing protocol to handle multiple equal cost paths.  Static routing will not be a good choice here as it doesn't always work well with equal cost paths (uses a hash function based on source/destination and under certain circumstances will tend to favor one link and not give you full throughput).
  Alternatively, configure multiple links as an Etherchannel and use VLAN interfaces.

Common VLAN:
Create a VLAN common to all edge switches and create a VLAN interface on each.  Choose a subnet large enough to handle all the switches like a /28 (14 addresses) or /27 (30 addresses)  which will leave space for future growth.  Use the core switch as switching fabric and leave the edge switches to do most of the routing with the possible exception of a default route assigned to the core.  This would work best with a dynamic routing protocol and would be the most administrative work using static routing.

Typically the easiest setup of the above would be VLAN interfaces and Etherchannel.  This allows more flexibility if you want to add links and less routing/address assignment to be done.

With all of the above, trunk ports are not required as you're not sharing multiple VLANs across the environment.  You only need to setup trunk ports to carry multi-VLAN traffic.
0
 

Author Comment

by:jskfan
ID: 38773384
Core Switch
0
 

Author Comment

by:jskfan
ID: 38773398
I attached the Diagram above:

let me see if my guessing is right:

A- Since our Network is not too big.. I guess we can skip Distribution section, just from Access Switches to Core Switch. Correct?

**1** As I described it above,  6 switches have been configured with Vlans and Vlan interfaces, some of switches have common vlans.
I guess , the connection bewteen all swicthes to the core switch got to be a Trunk... Correct???

**2** is the Core Switch the one that needs to be the Root Bridge ??

**3** Do I need to recreate all existing Vlans (on all swicthes) manually or using VTP  in the Core Switch?

**4** Do I need to create Vlan Interfaces on the Core Swicth( for all Vlans and assign them IP address on the same subnet as the interface Vlans on other switches?

**5** Do I need to enter "IP Routing" at the global config of the Core Switch

If I missing any step, please advise.

Thank you
0
 
LVL 18

Accepted Solution

by:
Akinsd earned 235 total points
ID: 38773415
A- Since our Network is not too big.. I guess we can skip Distribution section, just from Access Switches to Core Switch. Correct?
Ok but not recommended.
Better to make the Core switch the Core and Distribution.

**1** As I described it above,  6 switches have been configured with Vlans and Vlan interfaces, some of switches have common vlans.
I guess , the connection bewteen all swicthes to the core switch got to be a Trunk... Correct???
Correct (multiple vlans on each switch)

**2** is the Core Switch the one that needs to be the Root Bridge ??
Correct

**3** Do I need to recreate all existing Vlans (on all swicthes) manually or using VTP  in the Core Switch?
With your current configuration - Not recommended

Recommended configuration
Configure VTP domain
Make core switch the VTP server
Make all switches VTP client.
Create all vlans on the core switch
Configure allowed VLANs to filter vlans per switch
Configure IP routing on core switch

**4** Do I need to create Vlan Interfaces on the Core Swicth( for all Vlans and assign them IP address on the same subnet as the interface Vlans on other switches?
Yes
Each vlan needs a gateway. Without gateway, they are completely segregated.

**5** Do I need to enter "IP Routing" at the global config of the Core Switch
Yes, if you correct your configuration.
0
 

Author Comment

by:jskfan
ID: 38773452
<<Configure allowed VLANs to filter vlans per switch>>

What do you mean ?
0
 

Author Comment

by:jskfan
ID: 38773473
and what does Distribution do different than Core ?? I thought it does the same, it is just used in  big networks kind of ( Access---Core(distribution)--Core)
0
 
LVL 9

Assisted Solution

by:gt2847c
gt2847c earned 235 total points
ID: 38774578
Per Cisco's definition:

Core - High-speed switching
Distribution - Policy-based connectivity
Access - local and remote workgroup access

They way you have described your network, you've sort of mixed the various layers.  If there were design reasons for doing this (non-redundant core switch/local survivability of edge workgroup, etc), this may not be an issue for you .  Otherwise, it would be worth considering making some changes to the design to make it easier to manage and more scalable.  In a campus or large building design, it's more common to have the core switch doing the routing and management (collapsed Core/Distribution in the model) and let the edge switches do layer 2.  It makes routing less complex.  Additionally, doing it in this manner allows you to easily move VLANs around which can be handy if you do a re-org as reconfiguring networks is less time consuming in this model.  You can also manage your L3 access lists (if you have any) in one place rather than having to go to multiple edge switches.

Just my $0.02 worth, but I don't generally recommend the VTP client/server model as there are some situations that can get you into trouble.  Per Cisco's site:

There are some disadvantages to the use of VTP. You must balance the ease of VTP administration against the inherent risk of a large STP domain and the potential instability and risks of STP. The greatest risk is an STP loop through the entire campus. When you use VTP, there are two things to which you must pay close attention:

-Remember the configuration revision and how to reset it each time that you insert a new switch in your network so that you do not bring down the entire network.

-Avoid as much as possible to have a VLAN that spans the entire network.

With a network such as yours, it's probably just as easy to configure the VLANs on the switches yourself.  You can then filter VLANs by using the VLAN allow list on the trunk ports to allow only intended VLANs to the edge switches.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38775078
When you have 1 main switch
That switch is your Access, Distribution and Core

With multiple switches in 1 site
Access switches connect directly to end devices, maybe even in a multiple vlan.
The distribution switch links the switches together (like in your case.)
In this situation, you distribution is also the core as it has no other up link.
Distribution distributes making it the best place to implement routing, as distribution can only occur when routing is in place.
Remember that the main advantage of running routes on switches is because of speed. They route faster than conventional routers due to CEF and ASIC

Multiple switches in multiple sites.
Access switches connect to distribution for each site.
All the distribution switches in each site are then linked together with the core switch.
0
 

Author Closing Comment

by:jskfan
ID: 38777361
Thank you Guys!
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing VLAN information 3 49
VoIP Polycom Phones not working 30 70
Edge switch problems cisco 2960 25 82
Turning Verizon Fios Router into a Bridge? 28 126
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question