Implement VSS on 6509 Switches

Thanks sir for your reply.
I will do some research on line cards compatibility and will get back to you.

As far as the implementation is concerned, this is my first vss installation how I can start ? What are the preliminary steps I need to do ? Do I have to remove HSRP Configuration ?
What precautions I need to take to avoid downtime for clients ?
I'd appreciate if you can provide a step by step guide.


Thanks

So far I see WS-X6708-10GE and WS-X6548-GE-TX are not compatible with SUP2T.
We've purchased WS-X6708-10GE only a year ago :(

Stick with the SUP720 then. It'll still give 1.4Tb across the backplane.

Ok.
Can you please suggest on  this

Another issue The VSS and SUP720  requires 67xx series switching modules.
The only module I may have issue with is the 65xx series modules and that i.e. WS-X6548-GE-TX

If, as you said in one of your previous questions, you plan to move to 3 layer network architecture you should consider cost/benefit ration, and future plans for network growth. Main benefit using VSS lies in collapsed core design.
Please read - VSS - Q&A
If those switches will be your core layer you should use dynamic routing instead of switching between distribution and core layer. If you use dynamic routing there layer and configure equal path cost on links between core and distribution layer (sure you will do that) you already have redundancy for traffic if one of core switches fails. As long as both switches are up and running - all traffic will be load balanced across equal path links. If one core switches fails all traffic will be redirected to the other switch. Both switches, if dynamic routing protocol is configured, will have "identical routing tables" so in the case that other core switch fails there will be no downtime, all traffic will be redirected to switch that is up and running.

Where, in 3 network architecture design and those switches become core switches, VSS fits in to improve network characteristics for invested money?

If you will stick to collapsed core design VSS could be good investment.
However, current number of buildings you have there and number of links between building and core suggest that you should go for 3 layer network architecture as soon as you can.

If you use VSS both switches don't hold identical routing tables. They are one switch. There is only one routing table (unless you use VRF).

VSS has benefits to both a collapsed-core and three-tiered network. There's more to it than just being better for a collapsed-core.

As long as your stacks use unique VLANs (so no VLAN appears on more than one stack, you're fine to carry on as you are. L3 would make traffic-flow more efficient though, but I doubt it'd make much difference here to be honest.

@Craig Beck - sure you have right to stick to your opinion, just as I have right to stick with mine.

My opinion is that in default campus network high availability design like below (red connections are routed links)
Topology taken from here
it would simply would be wasted money for something that does not have enough benefits in topology, so that money could be better invested elsewhere (e.g distribution & access switches).

@predrag - same to you.  You're obviously entitled to your opinion.

With respect though, what does routing give you here that MEC wouldn't in terms of resiliency?  To implement routing that actually did anything beneficial here you have to implement a distribution layer.  That's extra expense for no real benefit in this scenario.  That would be a waste of money.  Nothing I've suggested is wasting any money whatsoever, even if you only concentrate on the benefits I've already noted.

I don't think you realise that there is no distribution layer here, or I don't think you'd be suggesting this?

Of course, there are design guides which show the benefits of a L3 architecture, but that's overkill here.  You can throw as many design guides as you like at me - I've seen them all and implemented most of them, numerous times.

I still don't agree (and I never will) that, as you put it...

Main benefit using VSS lies in collapsed core design.

...that's simply not true.  VSS is used in three-tiered networks all over the world.  It's not simply a collapsed-core architecture.

To implement routing that actually did anything beneficial here you have to implement a distribution layer.

That's what 3 layer topology usually means, to implement distribution level. My first post above - first sentence.

I don't think you realise that there is no distribution layer here, or I don't think you'd be suggesting this?

Just to make sure are we talking about the same thing. You think that above topology doesn't have distribution level???

No, I'm talking about Samir's particular setup, not the generic design-guide image you posted which is wholly irrelevant to this question.  Your topology in that diagram has a distribution layer, I know that.  Samir's network doesn't, which is the focus of this thread.

You are talking about VSS in a three-tiered deployment by referring to that guide.  Samir's setup has a collapsed-core with no distribution layer.  To implement what you're referring to, Samir would have to spend more money than he needs to on implementing a distribution layer that will offer no real benefit.

To be clear, you're talking about moving to three-tiered network, while we're talking about implementing VSS now. VSS can be used in both scenarios. My disagreement with you was that VSS doesn't only have benefits in a collapsed-core.

design-guide image you posted which is wholly irrelevant to this question

What I take into count Samir - previously and looks like you are not.

Well, the problem Samir currently have (at least I see it that way) is that in adding new links - each adding links from one building to another can be itself very pricey, and adding more links between buildings can fast get out of hands (be free to correct me if I am wrong). And in the future growth can take more money than implementing distribution layer itself. That's why I suggested topology change in the first place. The biggest issue here is we still have no idea (at least I don't) how many hosts are there. If there are less than 5000 hosts collapsed core is making way much more sense especially if there will be no fast company growth. But since he was implementing new building 6 or 12 months ago (if I remember correctly) and now expansion again looks like company will soon need more resources, and at this rate of growth they will have to change topology. (I am not aware of companies planes also). But at current rate growth, my opinion is the sooner they do it - less painful it will be.
Adding all switches directly to core, to me, does not makes any sense at all, especially if each building has it own VLANs (don't know this either). STP is still not even close to be problem in his topology so one switch attached to each switch there should not be a problem at all (daisy chains are forbidden :) ). My opinion is that he should attach new switches to already existing ones in the buildings, but it is not my decision and he already made up his mind. I can only suggest what I think should be done.

If you will stick to collapsed core design VSS could be good investment.
However, current number of buildings you have there and number of links between building and core suggest that you should go for 3 layer network architecture as soon as you can.

Also, I did not stated that there are no benefits using VSS in layer 3 topology, but that greater gain is actually when VSS is actually implemented in distribution level. (for resolving STP, FHRP issues etc)....
Looks to me, we are talking about different things, even if we read the same once.

What I take into count Samir - previously and looks like you are not.

:-)

You suggested that.  It's not something Samir asked for.

For now we have decided to connect the switches to our core directly and implement VSS. As per Predrag's suggestion, we will plan to redesign the network to add the 3 tier layers. Core, Distribution and Layer.

See, I have taken into account what Samir said.  He's clearly connecting switches to the core directly at the moment and implementing VSS, so your focus should be on this, not on something that is not happening now.  On that basis, like I said, the design-guide image you posted which is wholly irrelevant to this question.

Adding all switches directly to core, to me, does not makes any sense at all, especially if each building has it own VLANs (don't know this either).

Connecting the switches to the core is the only choice.  Daisy-chaining is a last-resort.  I don't see why you don't agree, given that there is no distribution layer here?

STP is still not even close to be problem in his topology so one switch attached to each switch there should not be a problem at all (daisy chains are forbidden :) ).

STP is an issue in the current topology as there are multiple links back to the core from nearly all access switches and there is a L2 trunk between the cores.  Converting to VSS nearly completely mitigates STP issues as it completely removes the L2 link between the cores and allows for the use of Multi-Chassis EtherChannel between VSS and access switches.

My opinion is that he should attach new switches to already existing ones in the buildings, but it is not my decision and he already made up his mind. I can only suggest what I think should be done.

The access switches are 3560G so you can't stack them, therefore daisy-chain is the only way to 'attach' new switches to the existing ones.  Maybe you didn't take that into account? ;-)

Also, it's important to note that the requirement is to provide switchports for extra services such as IPTV, CCTV and wireless...

we have few upcoming projects to add  IPTV, CCTV and WAPs.

...which will demand lots of bandwidth.  Connecting switches in a daisy-chain will saturate the links to the whole segment so it makes even more sense to connect directly to the core.  It will also simplify multicast and QoS.  Did you forget those bits too?? :-)

Thanks Predrag and craigeck for your wonderful and brainstorming suggestions

I think we should just focus on implementing VSS
Changing the design to three teir layer requires another thread and discussion which I think will help others as well

Currently we have 3500 users and as business expand for any building we will add the distribution layer and L3 link to our existing core

I guess we should keeping going now our discussion with VSS.

Also, I did not stated that there are no benefits using VSS in layer 3 topology, but that greater gain is actually when VSS is actually implemented in distribution level.

Predrag, that's not what you said - ever.

You clearly said that main benefit of VSS lies in collapsed-core design...

If, as you said in one of your previous questions, you plan to move to 3 layer network architecture you should consider cost/benefit ration, and future plans for network growth. Main benefit using VSS lies in collapsed core design.

That's simply not true.  VSS is not better for collapsed-core, nor is it better for three-tiered design.

I agree, Samir, we should concentrate on the VSS.  That is what this thread is about :-)

Thanks craigbeck

I hope Predrag agrees with us as well :)

In collapsed core - distribution and core are on the same switch. Ergo

Main benefit using VSS lies in collapsed core design.

is

that greater gain is actually when VSS is actually implemented in distribution level

for the reasons above.
Implementing VSS if you have separate core layer will not improve STP, FSRP (since those are not in present there)...
:)
And I agree ...
:-x

At this moment having separate core and disribution layer will be very expensive for such as

- Purchasing Distribution Switches for each building
- Installing new fiber links from access switches to distribution switches and from DSW to Core Layer.

Why I don't find any reason to implement three tier layer at this moment because we are healthcare organization with 4 buildings merged together and remaining 3 segregate buildings ( each segregate building has approx 70 user).

For first 3 building we are same using same VLAN, but we already have distribution 3750x switches for other 3 building ( 2 of them connected through Wireless Bridge) and 1 is connected through Fiber on L3 links.

Doing all together will be very be costly.


-

Great
But I am not able to decide which supervisor I need to purchase

As I read SUP2T and SUP720 is not compatible with our 10G and 6548 line cards

Please correct me if am wrong.

Installing new fiber links from access switches to distribution switches and from DSW to Core Layer.

Just the opposite. That's the basic idea about savings. This should cost you nothing, or close to nothing. You already have fiber links installed between buildings, you should use those to connect distribution switches. Only installation in buildings may need adjustments.

Actually installing a distribution layer means consolidating the links between access and core to some extent while still providing adequate bandwidth to everything that connects to your distribution layer.  You need to connect the access switches to the distribution switches, so that bit may be simple enough using the fibre you already have in each building, but the problem you might get is that the fibre between the core and access switches that will be used to connect the core to the new distribution layer might not be able to service a faster link speed.

It's not worth connecting all of the switches to a distribution layer if you're not going to provide at least the same bandwidth that the switches each had previously, unless you're moving servers, etc, to a location closer to the access switches.  I would be wanting to connect the core to distribution at 10G.  You should never connect core to distribution at the same speed as your access switchports.

No, Samir, you are correct.  The 65xx cards are not compatible.  You need the 67xx series cards (WS-X6748-GE-TX).

If you recently purchased the cards, Cisco or your distributor may offer you a buy-back on them.

It's not worth connecting all of the switches to a distribution layer if you're not going to provide at least the same bandwidth

Only half of the links are currently in use, equal cost routing can use all links at the same time simultaneously. So, with half of the current links you can have same bandwidth as before. By default Cisco uses 4 links for load balance, and typical maximum is 16.

65xx are 10 years old
What about my  WS-X6708-10GE  is it compatible I see that even this module not compatible SUP720 and SUP2T either

Hi Team,

Kindly post an article explaining the basics of VSS or an article that explains the deployment of the same (CBT nuggets type).

Hi,
I'm still not able to find if the line card WS-X6708-10GE compatible with SUP720 or SUP2T

Thanks

I want to follow up on this ticket

The WS-X6708-10G can be used to create a VSL, so yes it will work with VSS.

Sir
You mean I don't need to purchase VSS supervisor engine ?

But x6708 is not compatible with SUP720B or SUP2T
X6908 is compatible

Where are you reading that, Samir?  The 6708 is compatible with the SUP720 but not the SUP2T because of the DFC.

http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/product_data_sheet09186a00801dce34.html

Sorry for the confusion, its clear now so I need to replace only WS-X6548-GE-TX as they are not compatible SUB720B.

Can you please advise the final list I need to in my purchasing list like tranreciever, modules and Fiber Cable type?

Thanks

The hardware is clear.
and now related with migration how do I get started
I assume the following
- Install the new supervisor engine in Core 2 while keep the current engine as it is
- Copy the IOS to new engine, can I same the IOS installed on current engine.

I am confused what I need to do first with HSRP, STP configuration and running on the cores

Thanks

Hi just following up

No problem we can manage the maintenance window, that was very informative document

- Can we insert the new supervisor engine while the current engine is live and working
- Before, proceeding do I need remove the HSRP and STP configuration
- How the current configuration will be handled from the current engine to new ?

hi, just following up again :)

Sir,
thanks for your reply again.
I was just wondering if I remove the current supervisor engine and replace with new, the current configuration will be lost.
I followed the link you have posted about how to migrate to vss but i dont know see anything related how to start with replacement of engine.

I assume the following steps, please correct if am wrong

- Isolate Core SW2  completely  from the network by shutting down all interfaces, even the link currently connected to Core SW1
- Insert the flash card to the new engine
- Copy the IOS and startup config to new engine. update boot var to boot from the new supervisor IOS
- Remove the current sup720-2b engine from the slot.
- Reload the switch
- Configure VSS on Switch 2 and convert to VSS
- Configure the interfaces connected to downstream with Port Channel
- Remove HSRP Configuration
- Configure Switch2-VSS as stp for all vlans
- Enable Interfaces
- Verify all connecivity.
- After Switch-2 is verified and follow the steps for Switch-1.

Just want to follow if I had listed the steps correctly

Another point, how to move all vlans to new supervisor engine??

Thank you craigbeck for your help and support.
@ Predgrag for  participating in this thread and giving you valuable suggestion.