Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a faulttolerant default gateway, and has been described in detail in RFC 2281.
The protocol establishes a framework between network routers in order to achieve default gateway
failover if the primary gateway becomes inaccessible, in close association with a rapid-converging
routing protocol like EIGRP or OSPF. By multicasting packets, HSRP sends its hello messages to the
multicast address 224.0.0.2 (all routers) for version 1, or 224.0.0.102 for version 2, using UDP port 1985,
to other HSRP-enabled routers, defining priority between the routers.
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
The session specifically covers the requirements and approaches for deploying the Underlay, Overlay as well as the inter-Fabric connectivity of Data Center Networks or Fabrics. Within the VXLAN BGP-EVPN based Overlay, we focus on the insights like forwarding and control plane functions which are critical to the simplicity operation of the architecture in achieving scale, small failure domains and consistent configuration. To complete the overlay view on VXLAN BGP-EVPN, we are going to the insides of BGP and its EVPN address-familiy and extend to about how multiple DC Fabric can be interconnected within, either as stretched Fabrics or with true DCI. The session concludes with a brief overview of manageability functions, network orchestration capabilities and multi-tenancy details. This Advanced session is intended for network, design and operation engineers from Enterprises to Service Providers.
Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a faulttolerant default gateway, and has been described in detail in RFC 2281.
The protocol establishes a framework between network routers in order to achieve default gateway
failover if the primary gateway becomes inaccessible, in close association with a rapid-converging
routing protocol like EIGRP or OSPF. By multicasting packets, HSRP sends its hello messages to the
multicast address 224.0.0.2 (all routers) for version 1, or 224.0.0.102 for version 2, using UDP port 1985,
to other HSRP-enabled routers, defining priority between the routers.
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
The session specifically covers the requirements and approaches for deploying the Underlay, Overlay as well as the inter-Fabric connectivity of Data Center Networks or Fabrics. Within the VXLAN BGP-EVPN based Overlay, we focus on the insights like forwarding and control plane functions which are critical to the simplicity operation of the architecture in achieving scale, small failure domains and consistent configuration. To complete the overlay view on VXLAN BGP-EVPN, we are going to the insides of BGP and its EVPN address-familiy and extend to about how multiple DC Fabric can be interconnected within, either as stretched Fabrics or with true DCI. The session concludes with a brief overview of manageability functions, network orchestration capabilities and multi-tenancy details. This Advanced session is intended for network, design and operation engineers from Enterprises to Service Providers.
Highly Focussed on CCIE Learning .11 Full CCIE DC Racks for your CCIE Needs .Demo available for our Online Classes and Online CCIE DC Racks .Take Demo and Decide yourself .World Class Racks based in New Jersey ,USA and Bangalore India
Segment routing is a network technology focused on addressing the pain points of existing IP and Multiprotocol Label Switching (MPLS) networks in terms of simplicity, scale, and ease of operation. It’s a foundation for application engineered routing because it prepares the networks for new business models where applications can direct network behavior.
Segment routing seeks the right balance between distributed intelligence and centralized optimization and programming. It was built for the software-defined networking (SDN) era.
Segment routing enables enhanced packet forwarding behavior. It enables a network to transport unicast packets through a specific forwarding path, other than the normal shortest path that a packet usually takes. This capability benefits many use cases, and you can build those specific paths based on application requirements.
Segment routing uses the source routing paradigm. A node, usually a router but it can also be a switch, a trusted server, or a virtual forwarder running on a hypervisor, steers a packet through an ordered list of instructions, called segments. A segment can represent any instruction, topological or service-based. A segment can have a local semantic to a segment-routing node or global within a segment-routing network. Segment routing allows you to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the segment-routing network. To be aligned with modern IP networks, segment routing supports equal-cost multipath (ECMP) by design, and the forwarding within a segment-routing network uses all possible paths, when desired.
Building a redundant CloudStack management cluster - Vladimir MelnikShapeBlue
Building a redundant CloudStack management cluster. Building and maintaining an open-source-driven clustered environment for Apache CloudStack management server with GNU Linux, HAProxy, HeartBeat, Bind, OpenLDAP and other tools.
Highly Focussed on CCIE Learning .11 Full CCIE DC Racks for your CCIE Needs .Demo available for our Online Classes and Online CCIE DC Racks .Take Demo and Decide yourself .World Class Racks based in New Jersey ,USA and Bangalore India
Segment routing is a network technology focused on addressing the pain points of existing IP and Multiprotocol Label Switching (MPLS) networks in terms of simplicity, scale, and ease of operation. It’s a foundation for application engineered routing because it prepares the networks for new business models where applications can direct network behavior.
Segment routing seeks the right balance between distributed intelligence and centralized optimization and programming. It was built for the software-defined networking (SDN) era.
Segment routing enables enhanced packet forwarding behavior. It enables a network to transport unicast packets through a specific forwarding path, other than the normal shortest path that a packet usually takes. This capability benefits many use cases, and you can build those specific paths based on application requirements.
Segment routing uses the source routing paradigm. A node, usually a router but it can also be a switch, a trusted server, or a virtual forwarder running on a hypervisor, steers a packet through an ordered list of instructions, called segments. A segment can represent any instruction, topological or service-based. A segment can have a local semantic to a segment-routing node or global within a segment-routing network. Segment routing allows you to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the segment-routing network. To be aligned with modern IP networks, segment routing supports equal-cost multipath (ECMP) by design, and the forwarding within a segment-routing network uses all possible paths, when desired.
Building a redundant CloudStack management cluster - Vladimir MelnikShapeBlue
Building a redundant CloudStack management cluster. Building and maintaining an open-source-driven clustered environment for Apache CloudStack management server with GNU Linux, HAProxy, HeartBeat, Bind, OpenLDAP and other tools.
The Cisco IP Phone 8800 Key Expansion Module adds extra programmable buttons to the phone. The programmable buttons can be set up as phone speed-dial buttons, or phone feature buttons.
Cisco catalyst 9200 series platform spec, licenses, transition guideIT Tech
The Cisco Catalyst 9200 Series switches are Cisco’s latest addition to the fixed enterprise switching access platform, and are built for security, resiliency, and programmability.
The 900 ISRs offer easy management and pro-visioning capabilities through Cisco Configuration Professional Express, Cisco DNA Center, and Cisco IOS Software, with full visibility into and control of network configurations and applications.
Hpe pro liant gen9 to gen10 server transition guideIT Tech
HPE ProLiant Gen10 servers offer a secure, high-performing, and highly affordable platform to run Big Data workloads and the most demanding applications.
They provide a complete infrastructure that supports both your business objectives and your business growth.
Cisco ISR 4461 is the newest number of Cisco 4000 Family Integrated Services Router. Now the Cisco 4000 Family contains the following platforms: the 4461 ISR, 4451 ISR, 4431 ISR, 4351 ISR, 4331 ISR, 4321 ISR and 4221 ISR.
New nexus 400 gigabit ethernet (400 g) switchesIT Tech
Cisco unveils new 400 Gigabit Ethernet (400G) switches.
Meeting modern data center network challenges demands high scale and high bandwidth. Large cloud and data center customers require a flexible, reliable solution that efficiently manages, troubleshoots and analyzes their IT infrastructure. They need security, automation, visibility, analytics and assurance. Yes, the new Cisco Nexus 400G Switches can help large cloud and data center customers stay ahead of these demands.
Tested cisco isr 1100 delivers the richest set of wi-fi featuresIT Tech
Cisco ISR 1000 offers a branch-in-a-box solution with various types of uplink connectivity, multiple Power over Ethernet (PoE) and PoE+ capable Gigabit-Ethernet ports, and built-in Cisco Mobility Express Solution for WLAN access and SD-WAN capability.
Aruba’s modern, programmable switches easily integrate with our industry leading network management solutions, either cloud-based Aruba Central or on premise Aruba AirWave.
Cisco IOS XE opens a completely new paradigm in network configuration, operation, and monitoring through network automation. Cisco’s automation solution is open, standards-based, and extensible across the entire lifecycle of a network device. The various automation mechanisms are outlined here.
Cisco's wireless solutions can be broadly classified into Standalone systems that operate Cisco Aironet Access Points individually and Controller-based systems that centrally manage multiple Cisco Aironet Access Points using a Cisco Wireless Controller. Multiple expansion modes are also supported in Controller-based systems.
Four reasons to consider the all in-one isr 1000IT Tech
For SMBs, Cisco’s 1000 Series Integrated Services Routers (ISR 1000) provides an affordable solution for switching, routing, and wireless all in one device.
The difference between yellow and white labeled ports on a nexus 2300 series fexIT Tech
What is the Difference between Yellow and White Labeled Ports on a Nexus 2300 Series FEX?
The Cisco Nexus 2300 platform provides two types of ports: ports for end-host attachment (host interfaces) and uplink ports (fabric interfaces). Both yellow and white colored fabric interfaces can be used to provide connectivity to the upstream parent Cisco Nexus switch. There is no difference between yellow labeled and white labeled uplink ports.
The Cisco 892F ISRs have an SFP port that supports auto-media-detection, auto-failover, and remote fault indication (RFI), as described in the IEEE 802.3ah specification.
The Nexus 7000 Series switches form the core data center networking fabric. There are multiple chassis options from the Nexus 7000 and Nexus 7700 product family. The Nexus 7000 and the Nexus 7700 switches offer a comprehensive set of features for the data center network.
1. The Virtual Switching System (VSS) allows two Cisco Catalyst 6500 or 4500 chassis to
bond together so that is seen as a single virtual switch to the rest of the network.
Other devices will see the VSS configured 6500 as a single device which means it’s
possible to use multi chassis ether channel and protocols like spanning-tree will only
see a single switch.
Some other features are NSF (Non Stop Forwarding)/SSO (Stateful Switchover) which
means that when a single chassis fails the other one will take over without any
downtime since the routing table / CEF table etc. are stored in both chassis’
supervisors.
Another cool feature is EFSU (Enhanced Fast Software Upgrade) which allows you to
upgrade the IOS version without any downtime.
In this tutorial I will be using two Cisco Catalyst 6504 switches with 720-10G VSS
supervisors to show you how to configure VSS and verify that it’s working.
Right now I have two 6500s that are running in “standalone”. In order to bond these
two using VSS we will have to do the following:
Configure a virtual switch domain on both switches and configure one switch
as “switch 1″ and the other one as “switch 2″.
Configure the virtual switch links.
Execute the conversion command which will reboot the switches.
Before we configure anything let’s verify what modules my 6500s have and see if
they are running the same IOS or not!
Verification
We should start by taking a look at the modules in our 6500s and the IOS versions
that we are using, just to be sure that we use supported hardware and software.
SW1-VSS#show module
Mod Ports Card Type
Model
Serial No.
--- ----- -------------------------------------- ------------------ ----------1
5
Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G
SAL11111111
2
4
CEF720 4 port 10-Gigabit Ethernet
WS-X6704-10GE
SAL11111111
3
48
CEF720 48 port 10/100/1000mb Ethernet
WS-X6748-GE-TX
SAL11111111
2. Mod MAC addresses
Hw
Fw
Sw
Status
--- ---------------------------------- ------ ------------ ------------ ------1 588d.09e6.d0b9 to 588d.09e6.d0c0 1.3 12.2(50r)SYS 15.0(1)SY2
Ok
2 001a.a10e.833c to 001a.a10e.833f 2.5 12.2(14r)S5 15.0(1)SY2
Ok
3 0002.fcc1.1bd0 to 0002.fcc1.1bff
1.2 12.2(14r)S5 15.0(1)SY2 Ok
Mod Sub-Module
Model
Serial
Hw
Status
---- --------------------------- ------------------ ----------- ------- ------1 Policy Feature Card 4
VS-F6K-PFC4
SAL11111111 1.2
Ok
1 CPU Daughterboard
VS-F6K-MSFC5
SAL11111111 1.4
Ok
2 Centralized Forwarding Card WS-F6700-CFC
SAD11111111 3.1
Ok
3 Centralized Forwarding Card WS-F6700-CFC
SAD11111111 1.1
Ok
Mod Online Diag Status
---- ------------------1 Pass
2 Pass
3 Pass
And this is what switch 2 looks like:
SW2-VSS#show module
*Aug 13 18:37:25.727: %SYS-5-CONFIG_I: Configured from console by console
Mod Ports Card Type
Model
Serial No.
--- ----- -------------------------------------- ------------------ ----------1
5
Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G
SAL22222222
2
4
CEF720 4 port 10-Gigabit Ethernet
WS-X6704-10GE
SAL22222222
3
48
CEF720 48 port 10/100/1000mb Ethernet
WS-X6748-GE-TX
SAD22222222
Mod MAC addresses
Hw
Fw
Sw
Status
--- ---------------------------------- ------ ------------ ------------ ------1 588d.09e6.cc7d to 588d.09e6.cc84
1.3 12.2(50r)SYS 15.0(1)SY1
Ok
2 001a.6c68.73e0 to 001a.6c68.73e3
2.5 12.2(14r)S5 15.0(1)SY1
Ok
3 000d.6551.041a to 000d.6551.0449
1.2 12.2(14r)S5 15.0(1)SY1
Ok
3. Mod Sub-Module
Model
Serial
Hw
Status
---- --------------------------- ------------------ ----------- ------- ------1 Policy Feature Card 4
VS-F6K-PFC4
SAL22222222 1.2
Ok
1 CPU Daughterboard
VS-F6K-MSFC5
SAL22222222 1.4
Ok
2 Centralized Forwarding Card WS-F6700-CFC
SAL22222222 3.1
Ok
3 Centralized Forwarding Card WS-F6700-CFC
SAD22222222 1.1
Ok
Mod Online Diag Status
---- ------------------1 Pass
2 Pass
3 Pass
Both switches have the VS-SUP2T-10G supervisor that we will use for VSS. Let’s also
check the IOS version:
SW1-VSS#show version
Cisco IOS Software, s2t54 Software (s2t54-ADVENTERPRISEK9-M), Version 15.0(1)SY2,
RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
sw2:
SW2-VSS#show version
Cisco IOS Software, s2t54 Software (s2t54-ADVENTERPRISEK9-M), Version 15.0(1)SY2,
RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Both switches are running IOS 15.0(1)SY2 so it’s looking good. Now we can move on
to the configuration.
Configure Virtual Switch Domain
Configuring the virtual switch domain is nothing more but grouping the two switches
using an ID. This ID can be a value between 1 and 255 and has to be the same on
both switches. Here’s what it looks like:
I have two 6500s, one called “SW1-VSS” and the other one is called “SW2-VSS”. I will
configure them both to use virtual switch domain 1.
Let’s configure the virtual switch domain ID and switch numbers:
SW1-VSS(config)#switch virtual domain 1
Domain ID 1 config will take effect only
after the exec command 'switch convert mode virtual' is issued
4. SW1-VSS(config-vs-domain)#switch 1
SW2-VSS(config)#switch virtual domain 1
Domain ID 1 config will take effect only
after the exec command 'switch convert mode virtual' is issued
SW2-VSS(config-vs-domain)#switch 2
Both switches are configured to use virtual domain 1, SW1-VSS has been configured
as “switch 1″ and SW2-VSS as “switch 2″. The next step is to assign a priority to
determine what switch will become active or standby.
SW1-VSS(config-vs-domain)#switch 1 priority 110
SW1-VSS(config-vs-domain)#switch 2 priority 100
SW2-VSS(config-vs-domain)#switch 1 priority 110
SW2-VSS(config-vs-domain)#switch 2 priority 100
The higher the priority the more likely you will become the active switch. Switch 1
will have a priority of 110 and switch 2 a priority of 100. This means SW1-VSS will
become the active switch.
Configure Virtual Switch Link
The virtual switch link is used to exchange configuration and stateful information
between the two physical switches. You can use a single physical interface for VSL or
create an etherchannel for redundancy. VSL will add a “virtual switch header” on
each frame when it is sent on this link, basically it looks like this:
Not all interfaces are supported for VSL. In my example I’m using the Ten Gigabit
interfaces on the Supervisors. To make sure we have redundancy I’ll create an
etherchannel using the Ten 1/4 and Ten 1/5 interfaces on the 6500s:
SW1-VSS(config)#interface port-channel 1
SW1-VSS(config-if)#no shutdown
SW1-VSS(config-if)#switch virtual link 1
SW1-VSS(config-if)#exit
SW1-VSS(config)#int range ten 1/4 - 5
SW1-VSS(config-if-range)#channel-group 1 mode on
SW1-VSS(config-if-range)#no shut
SW2-VSS(config)#interface port-channel 2
SW2-VSS(config-if)#no shutdown
SW2-VSS(config-if)#switch virtual link 2
SW2-VSS(config-if)#exit
SW2-VSS(config)#int range ten 1/4 - 5
SW2-VSS(config-if-range)#channel-group 2 mode on
SW2-VSS(config-if-range)#no shutdown
As you can see above we have a basic etherchannel configuration but I used
5. the switch vrtual link command to tell the switch that the etherchannel is a VSL
interface. Let’s verify that our etherchannel is working between the two switches:
SW1-VSS#show etherchannel summary | incl Po1
1
Po1(RU)
Te1/4(P)
Te1/5(P)
SW2-VSS#show etherchannel summary | incl Po2
2
Po2(RU)
Te1/4(P)
Te1/5(P)
We are now ready to convert the 6500s to VSS.
Execute Conversion
The final step in configuring VSS is to execute the conversion. Once we do this the
switches will reload and 3 things will happen:
The configurations of both switches will be merged into a single
configuration.
The
interface numbers will be renumbered from slot/port to
switch-number/slot/port.
Negotiation to determine which switch is active or standby.
This is how we execute the conversion:
SW1-VSS#switch convert mode virtual
This command will convert all interface names
to naming convention "interface-type switch-number/slot/port",
save the running config to startup-config and
reload the switch.
NOTE: Make sure to configure one or more dual-active detection methods
once the conversion is complete and the switches have come up in VSS mode.
Do you want to proceed? [yes/no]: yes
Converting interface names
Building configuration...
SW2-VSS#switch convert mode virtual
This command will convert all interface names
to naming convention "interface-type switch-number/slot/port",
save the running config to startup-config and
reload the switch.
NOTE: Make sure to configure one or more dual-active detection methods
once the conversion is complete and the switches have come up in VSS mode.
Do you want to proceed? [yes/no]: yes
Converting interface names
6. Building configuration...
The switches will now reboot and you will see this on the console:
SW1-VSS#
System detected Virtual Switch configuration...
Interface TenGigabitEthernet 1/1/4 is member of PortChannel 1
Interface TenGigabitEthernet 1/1/5 is member of PortChannel 1
SW2-VSS#
System detected Virtual Switch configuration...
Interface TenGigabitEthernet 2/1/4 is member of PortChannel 2
Interface TenGigabitEthernet 2/1/5 is member of PortChannel 2
And you will see the negotiation between active and standby:
SW1-VSS#
%PFREDUN-6-ACTIVE: Initializing as ACTIVE processor for this switch
%VSL_BRINGUP-6-MODULE_UP: VSL module in slot 1 switch 1 brought up
%VSLP-5-RRP_ROLE_RESOLVED: Role resolved as ACTIVE by VSLP
%VSL-5-VSL_CNTRL_LINK: New VSL Control Link 1/1/4
SW2-VSS#
%PFREDUN-6-ACTIVE: Initializing as ACTIVE processor for this switch
%VSL_BRINGUP-6-MODULE_UP: VSL module in slot 1 switch 2 brought up
%VSLP-5-RRP_ROLE_RESOLVED: Role resolved as STANDBY by VSLP
%VSL-5-VSL_CNTRL_LINK: New VSL Control Link 2/1/4
The two switches rebooted and during the boot process the switches will detect
which interfaces are used for the virtual switch link. The switches will then negotiate
on the VSL to see which one becomes active or standby. As expected SW1-VSS is the
active switch.
After booting you’ll see that the console of SW2-VSS is no longer responding, we
can’t use it anymore for configuration. All configurations have to be done from the
active switch now.
VSS is now up and running! Since the two switches have bonded to become one
logical switch, it’s best to create a new hostname:
SW1-VSS(config)#hostname SW-VSS
I’ll call it “SW-VSS”. We are now done with the configuration but it’s a good idea to
verify our configuration.
7. Verification
The active switch is used to control both switches so some commands have been
changed. For example “show run” can now be used to check the running
configuration from both switches:
SW-VSS#show run switch 1
Building configuration...
Current configuration : 4283 bytes
!
[output omitted]
SW-VSS#show run switch 2
Building configuration...
Current configuration : 4223 bytes
!
[output omitted]
By adding “switch <id>” you can check the running configuration from switch 1 or 2.
There’s also some special VSS commands that we can use:
SW-VSS#show switch virtual
Switch mode
: Virtual Switch
Virtual switch domain number : 1
Local switch number
:1
Local switch operational role: Virtual Switch Active
Peer switch number
:2
Peer switch operational role : Virtual Switch Standby
The show switch virtual command tells us that this switch is active and the other one
is standby. We can also take a closer look at the VSL:
SW-VSS#show switch virtual link
VSL Status : UP
VSL Uptime : 28 minutes
VSL SCP Ping : Pass
VSL ICC Ping : Pass
VSL Control Link : Te1/1/4
VSL Encryption : Configured Mode - Off, Operational Mode - Off
This is how you can check the VSL etherchannel:
SW-VSS#show interfaces vsl
VSL Port-channel: Po1
Port: Te1/1/4
Port: Te1/1/5
8. And there’s a useful command that gives you more information about the switch
roles and priorities:
SW-VSS#show switch virtual role
RRP information for Instance 1
-------------------------------------------------------------------Valid Flags Peer
Preferred Reserved
Count
Peer
Peer
-------------------------------------------------------------------TRUE
V
1
1
1
Switch
Switch
Status
Priority
Role
Local Remote
Number
Oper(Conf)
SID
SID
-------------------------------------------------------------------LOCAL 1
UP
110(110)
ACTIVE
0
0
REMOTE 2
UP
100(100)
STANDBY
2921
12
Peer 0 represents the local switch
Flags : V - Valid
In dual-active recovery mode: No
That’s all for now. I hope this has been helpful to understand configure VSS. If you
have any questions feel free to leave a comment!
More Cisco Switch Reviews, Tips and Guides you can see
http://blog.router-switch.com/category/reviews/cisco-switches/