Solved

Connection lost to some servers

Posted on 2014-09-15
10
213 Views
Last Modified: 2014-09-24
Dear Experts,

I installed two switches ; UP switch and Down switch ; as shown on the diagram attached, I configured both switches with VRRP between the two switches , these switches are connected to two core switches ; core 1 and core 2; core 2 should be the backup of core 1.
Both UP and Down switches are connected to a rack with many servers inside, these servers have IP's in networks 10.2.17.0 , and the gateway of servers is 10.2.17.1 which is configured on UP switch for vlan 1.
When someone try to connect ping to server on the rack some servers loose connection and the extended ping oscillates between reply and request timed out.
I attached the diagram and configuration of both switches, I need also to know if VRRP is configured correctly because it is the first time I'm doing it in production network?

Thanks In Advance,
Diagram.pdf
Down.docx
UP.docx
0
Comment
Question by:oamal2001
  • 5
  • 4
10 Comments
 
LVL 32

Expert Comment

by:aleghart
ID: 40326351
Why are you connecting only your edge switches?  Why don't you connect your cores together, then redundant path from each edge switch to each core?

From this diagram (connections) it looks like your "core" is something like an internet or WAN router, not a core.
0
 

Author Comment

by:oamal2001
ID: 40326633
Hi,

Sorry I forgot the redundant link between the core switches, I modified the diagram and attached it.
I need to add that when I try to ping from down switch to networks 10.2.17.0, 10.2.18.0 and 10.2.20.0 I cannot ping.

Thanks,
Diagram.pdf
0
 
LVL 32

Expert Comment

by:aleghart
ID: 40327185
If your cores are connected, then your edge switches do not need to be connected to each other.  They connect only to the cores.

I guess I'm asking, why are your running VRRP/HSRP on edge switches instead of the cores?

Cross-connect Core1 and Core2 with VRRP/HSRP
Connect(trunk) SwDown to Core1.
Connect(trunk) SwDown to Core2.
Connect(trunk) SwUp to Core1.
Connect(trunk) SwUp to Core2.
Do not connect SwDown to SwUp.

Maybe I'm misreading something.  I'm no architect.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:oamal2001
ID: 40327290
The VRRP between the two down and UP switches are required because they will handle a critical system, and all servers will be connected to both switches, I'm responsible of these switches , I cannot access the core switches.
I need to know if this design can be implemented to work fine or not.

Thanks,
0
 
LVL 32

Expert Comment

by:aleghart
ID: 40327446
Yes.  You're collapsed differently.  Your design is not collapsing core+distribution (my assumption, sorry...didn't realise that you can't control the cores).  Your design is collapsing access+distribution.  This collapsed layer is your boundary between L2 & L3.  This boundary is the place to have VRRP/HSRP.

Your addressing is a little confusing.  
Your SwDN doesn't have an IPv4 address for vlan 1.  SwUP is holding the .1 address.  The virtual IP is .3
My numbering would be something like this:

interface vlan 1
ip address 10.1.1.1 (virtual IP shared by both switches)
ip address 10.1.1.2 (SwUP)
ip address 10.1.1.3 (SwDN)

interface vlan 2
ip address 10.1.2.1 (virtual IP shared by both switches)
ip address 10.1.2.2 (SwUP)
ip address 10.1.2.3 (SwDN)

interface vlan 3
ip address 10.1.3.1 (virtual IP shared by both switches)
ip address 10.1.3.2 (SwUP)
ip address 10.1.3.3 (SwDN)

This makes it easier for all vlans...the gateway address for the subnet is always the .1 address.

I'm not sure if it's inadvertent, but your current vlan addressing are publicly routable address spaces.
12.0.0.1 belongs to AT&T Services
20.0.0.1 belongs to Computer Sciences Corp
Any misconfiguration or routing problem, and traffic will go to default route (0.0.0.0) which would be expected to jump to your core and out to the internet.

I fight that problem all the time...somebody "designed" with IP addresses that are _not_ private, non-routable IP addresses.  Anything that isn't handled explicitly by a created route will jump to the nearest internet connection.

I hope this makes sense.
0
 

Author Comment

by:oamal2001
ID: 40327482
What about address 10.2.17.1, I need to make this address the gateway for all servers which connected to both switches.

Thanks,
0
 
LVL 32

Accepted Solution

by:
aleghart earned 250 total points
ID: 40327496
10.0.0.0/8 (anything that starts with "10.") is private address space.
0
 

Author Comment

by:oamal2001
ID: 40327508
Kindly, How to configure 10.2.17.1 on the switches to be the default gateway connected to them?
Thanks,
0
 

Author Comment

by:oamal2001
ID: 40328856
HI ,

I configured one of the switches to disable spanning tree with no spanning tree, does this affect?

Thanks,
0
 
LVL 3

Assisted Solution

by:Johneil1
Johneil1 earned 250 total points
ID: 40340831
"Kindly, How to configure 10.2.17.1 on the switches to be the default gateway connected to them?
Thanks,"

--If you would like for the IP above to be a DG for your servers....then i would not use the management VLAN1 and create a new SVI (e.g. VLAN 10) with the interface IP of 10.2.17.1 and then place servers in that vlan.

This LINK may help you. with quoted text above. Let me know what you need for the other stuff.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Web site adult filtering solutions for a small LAN network 27 150
Wireless antenna advice/design 6 66
cutting over to a new network 9 126
null0 7 37
Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question