Solved

Configure Core Switch

Posted on 2013-01-10
14
750 Views
Last Modified: 2013-01-15
Assuming I have  4 Layer switches configure with several VLANs on each switch and each switch is configured with IP ROUTING command, and each switch is trunked to the Core Switch

***Now,how should I configure the Core Switch so that all VLANs in all switches (all PCs in the network)can talk to each other?

Thanks
0
Comment
Question by:jskfan
  • 6
  • 4
  • 3
  • +1
14 Comments
 
LVL 9

Expert Comment

by:gt2847c
ID: 38764351
Several questions:

Is there a reason why you've distributed your routing to the edge switches rather than the core?

Are the VLANs on each edge switch unique or shared across the collection of edge switches?

Do your edge switches support a routing protocol (no brand/model was specified, so don't know the capabilities)?

Any requirements to consider other than all PCs can talk with each other?
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38764367
To recap
You have a Switch 1 that is acting as a Core Switch and Distribution Switch
You have 4 Switches 2 - 5 that are Access layer switches

I would recommend configuring VTP
- Make the Core switch the vtp server
- make the Access switches vtp clients

Create your vlans on the core switch and turn routing on

This will make the vlans talk to each other.
You can use ACLs to isolate vlans you think needs privacy eg Voice Vlan

I think you're on the right path except that I won't recommend combining Access Layer switches and Distribution together. Core and Distribution is a much better topology and let Access switches just be Access
0
 

Author Comment

by:jskfan
ID: 38765985
Example:

L3Switches:
SW1= Vlan11,12,13,14,15
SW2= Vlan16,17,18,19,20
SW3=Vlan21,22,23,24,25
SW4=VLan26,27,28,29,30

CORESWITCH= in the Middle., all 4 Switches are Trunked to it.

-Each L3 switch is configured with IP Routing and SVI. So Vlans within each switch talk to each other without going to the Core Switch and get back.
However if SW1 Vlan 11 wants to talk to SW4 Vlan 28, it needs to go through Core Switch.

**VLANs on each edge switch are unique , not shared on other switches, so no need for VTP.
**L3 Switches support IP Routing
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38766028
That's fine if that's what works for you. You have a higher surface attack with that configuration, but it is totally fine as long as it meets your network needs for now.

Take a look at this link for Cisco's recommended best practices with Switch topologies.
http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/VSS30dg/VSS-dg_ch3.html

Cisco's 3 Layer Switch Topology
0
 
LVL 9

Assisted Solution

by:Sandeep Gupta
Sandeep Gupta earned 30 total points
ID: 38766327
you can create subinterface for each vlans in your core switch.
0
 
LVL 9

Expert Comment

by:gt2847c
ID: 38767057
Several ways you can run this.  I'm going to make an assumption that you are on Cisco, so if this is not the case, the setup or terminology may be a little different.

Single uplink between core and edge:
Configure port on core switch as routed port and assign IP address using a /30 subnet.  
Configure port on edge switch as routed port and assign IP address in same /30 subnet
If you are using copper uplinks, make sure the ports are configured as auto MDIX or you use a crossover cable.  Depending on your license you can either run static routes or routing protocol to distribute routing information.  With static, the edge switch should get a default route to the core.  The core switch should get the routes for the VLANs on the edge.  If you're licensed for OSPF/EIGRP on the core and edge switches, then you can skip the statics and just let the routing protocol handle it.  Alternatively, configure a common VLAN between core and edge switch and create a VLAN interface on both core and edge.  Route as above

Multiple uplink between core and edge:
If you are licensed for a routing protocol, you can run multiple "serial style" links between edge and core as first example above and allow the routing protocol to handle multiple equal cost paths.  Static routing will not be a good choice here as it doesn't always work well with equal cost paths (uses a hash function based on source/destination and under certain circumstances will tend to favor one link and not give you full throughput).
  Alternatively, configure multiple links as an Etherchannel and use VLAN interfaces.

Common VLAN:
Create a VLAN common to all edge switches and create a VLAN interface on each.  Choose a subnet large enough to handle all the switches like a /28 (14 addresses) or /27 (30 addresses)  which will leave space for future growth.  Use the core switch as switching fabric and leave the edge switches to do most of the routing with the possible exception of a default route assigned to the core.  This would work best with a dynamic routing protocol and would be the most administrative work using static routing.

Typically the easiest setup of the above would be VLAN interfaces and Etherchannel.  This allows more flexibility if you want to add links and less routing/address assignment to be done.

With all of the above, trunk ports are not required as you're not sharing multiple VLANs across the environment.  You only need to setup trunk ports to carry multi-VLAN traffic.
0
 

Author Comment

by:jskfan
ID: 38773384
Core Switch
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:jskfan
ID: 38773398
I attached the Diagram above:

let me see if my guessing is right:

A- Since our Network is not too big.. I guess we can skip Distribution section, just from Access Switches to Core Switch. Correct?

**1** As I described it above,  6 switches have been configured with Vlans and Vlan interfaces, some of switches have common vlans.
I guess , the connection bewteen all swicthes to the core switch got to be a Trunk... Correct???

**2** is the Core Switch the one that needs to be the Root Bridge ??

**3** Do I need to recreate all existing Vlans (on all swicthes) manually or using VTP  in the Core Switch?

**4** Do I need to create Vlan Interfaces on the Core Swicth( for all Vlans and assign them IP address on the same subnet as the interface Vlans on other switches?

**5** Do I need to enter "IP Routing" at the global config of the Core Switch

If I missing any step, please advise.

Thank you
0
 
LVL 18

Accepted Solution

by:
Akinsd earned 235 total points
ID: 38773415
A- Since our Network is not too big.. I guess we can skip Distribution section, just from Access Switches to Core Switch. Correct?
Ok but not recommended.
Better to make the Core switch the Core and Distribution.

**1** As I described it above,  6 switches have been configured with Vlans and Vlan interfaces, some of switches have common vlans.
I guess , the connection bewteen all swicthes to the core switch got to be a Trunk... Correct???
Correct (multiple vlans on each switch)

**2** is the Core Switch the one that needs to be the Root Bridge ??
Correct

**3** Do I need to recreate all existing Vlans (on all swicthes) manually or using VTP  in the Core Switch?
With your current configuration - Not recommended

Recommended configuration
Configure VTP domain
Make core switch the VTP server
Make all switches VTP client.
Create all vlans on the core switch
Configure allowed VLANs to filter vlans per switch
Configure IP routing on core switch

**4** Do I need to create Vlan Interfaces on the Core Swicth( for all Vlans and assign them IP address on the same subnet as the interface Vlans on other switches?
Yes
Each vlan needs a gateway. Without gateway, they are completely segregated.

**5** Do I need to enter "IP Routing" at the global config of the Core Switch
Yes, if you correct your configuration.
0
 

Author Comment

by:jskfan
ID: 38773452
<<Configure allowed VLANs to filter vlans per switch>>

What do you mean ?
0
 

Author Comment

by:jskfan
ID: 38773473
and what does Distribution do different than Core ?? I thought it does the same, it is just used in  big networks kind of ( Access---Core(distribution)--Core)
0
 
LVL 9

Assisted Solution

by:gt2847c
gt2847c earned 235 total points
ID: 38774578
Per Cisco's definition:

Core - High-speed switching
Distribution - Policy-based connectivity
Access - local and remote workgroup access

They way you have described your network, you've sort of mixed the various layers.  If there were design reasons for doing this (non-redundant core switch/local survivability of edge workgroup, etc), this may not be an issue for you .  Otherwise, it would be worth considering making some changes to the design to make it easier to manage and more scalable.  In a campus or large building design, it's more common to have the core switch doing the routing and management (collapsed Core/Distribution in the model) and let the edge switches do layer 2.  It makes routing less complex.  Additionally, doing it in this manner allows you to easily move VLANs around which can be handy if you do a re-org as reconfiguring networks is less time consuming in this model.  You can also manage your L3 access lists (if you have any) in one place rather than having to go to multiple edge switches.

Just my $0.02 worth, but I don't generally recommend the VTP client/server model as there are some situations that can get you into trouble.  Per Cisco's site:

There are some disadvantages to the use of VTP. You must balance the ease of VTP administration against the inherent risk of a large STP domain and the potential instability and risks of STP. The greatest risk is an STP loop through the entire campus. When you use VTP, there are two things to which you must pay close attention:

-Remember the configuration revision and how to reset it each time that you insert a new switch in your network so that you do not bring down the entire network.

-Avoid as much as possible to have a VLAN that spans the entire network.

With a network such as yours, it's probably just as easy to configure the VLANs on the switches yourself.  You can then filter VLANs by using the VLAN allow list on the trunk ports to allow only intended VLANs to the edge switches.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38775078
When you have 1 main switch
That switch is your Access, Distribution and Core

With multiple switches in 1 site
Access switches connect directly to end devices, maybe even in a multiple vlan.
The distribution switch links the switches together (like in your case.)
In this situation, you distribution is also the core as it has no other up link.
Distribution distributes making it the best place to implement routing, as distribution can only occur when routing is in place.
Remember that the main advantage of running routes on switches is because of speed. They route faster than conventional routers due to CEF and ASIC

Multiple switches in multiple sites.
Access switches connect to distribution for each site.
All the distribution switches in each site are then linked together with the core switch.
0
 

Author Closing Comment

by:jskfan
ID: 38777361
Thank you Guys!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now