Virtual Switching System (VSS) allows two physical switches to be combined into one logical switch, eliminating spanning tree blocking and increasing bandwidth. Key aspects of VSS include the virtual switch link (VSL) that carries control traffic, protocols like LMP and RRP that manage the VSL and determine the active and standby roles, and stateful switchover (SSO) for redundancy. VSS provides a loop-free topology to spanning tree and acts as a single logical node, simplifying management and recovery from failures.
Highly Focussed on CCIE Learning .11 Full CCIE DC Racks for your CCIE Needs .Demo available for our Online Classes and Online CCIE DC Racks .Take Demo and Decide yourself .World Class Racks based in New Jersey ,USA and Bangalore India
Ether Channel High Speed Data TransmissionNetwax Lab
EtherChannel is a port link aggregation technology or port-channel architecture used primarily on Cisco
switches. It allows grouping of several physical Ethernet links to create one logical Ethernet link for the
purpose of providing fault-tolerance and high-speed links between switches, routers and servers. An
EtherChannel can be created from between two and eight active Fast, Gigabit or 10-Gigabit Ethernet
ports, with an additional one to eight inactive (failover) ports which become active as the other active
ports fail. EtherChannel is primarily used in the backbone network, but can also be used to connect end
user machines.
Free CCNP switching workbook by networkershome pdfNetworkershome
ccnp workbook and lab manual by NETWORKERS HOME. NETWORKERS HOME understand the importance of CCNP switching workbook when it comes Cisco certification which is why we offered free CCNP switching workbook.
1) Describe the three primary options for enabling inter-VLAN routing.
2) Configure legacy inter-VLAN routing.
3) Configure router-on-a-stick inter-VLAN routing.
4) Troubleshoot common inter-VLAN configuration issues.
5) Troubleshoot common IP addressing issues in an inter-VLAN-routed environment.
6) Configure inter-VLAN routing using Layer 3 switching.
7) Troubleshoot inter-VLAN routing in a Layer 3-switched environment.
Watch the replay: http://cs.co/90028sLgC
We’re going to make this as simple as Cisco’s new Software-Defined Access makes building and managing more secure enterprise networks:
Do you want to streamline device provisioning and host onboarding? Automate policy and segmentation? Get performance insights you didn’t think possible? Of course you do.
Register for the workshop today to get performance insights you didn’t think possible.
Resources:
Watch the New Era of Networking playlist: http://cs.co/90058sI1U
Troubleshooting Remote Workers and VPNsThousandEyes
Your sales team is in the field, executives are on the road and other employees are often working from home. This means that your help desk and ops teams spend hours validating problems or leave unsolvable tickets open. Endpoint Agent continuously collects performance data about internal or SaaS applications that are used by your remote workers, including metrics about Wi-Fi and VPN connections. This webinar covers how monitoring remote employee connectivity can boost productivity and how Endpoint Agent measures performance through VPNs and on remote networks.
Highly Focussed on CCIE Learning .11 Full CCIE DC Racks for your CCIE Needs .Demo available for our Online Classes and Online CCIE DC Racks .Take Demo and Decide yourself .World Class Racks based in New Jersey ,USA and Bangalore India
Ether Channel High Speed Data TransmissionNetwax Lab
EtherChannel is a port link aggregation technology or port-channel architecture used primarily on Cisco
switches. It allows grouping of several physical Ethernet links to create one logical Ethernet link for the
purpose of providing fault-tolerance and high-speed links between switches, routers and servers. An
EtherChannel can be created from between two and eight active Fast, Gigabit or 10-Gigabit Ethernet
ports, with an additional one to eight inactive (failover) ports which become active as the other active
ports fail. EtherChannel is primarily used in the backbone network, but can also be used to connect end
user machines.
Free CCNP switching workbook by networkershome pdfNetworkershome
ccnp workbook and lab manual by NETWORKERS HOME. NETWORKERS HOME understand the importance of CCNP switching workbook when it comes Cisco certification which is why we offered free CCNP switching workbook.
1) Describe the three primary options for enabling inter-VLAN routing.
2) Configure legacy inter-VLAN routing.
3) Configure router-on-a-stick inter-VLAN routing.
4) Troubleshoot common inter-VLAN configuration issues.
5) Troubleshoot common IP addressing issues in an inter-VLAN-routed environment.
6) Configure inter-VLAN routing using Layer 3 switching.
7) Troubleshoot inter-VLAN routing in a Layer 3-switched environment.
Watch the replay: http://cs.co/90028sLgC
We’re going to make this as simple as Cisco’s new Software-Defined Access makes building and managing more secure enterprise networks:
Do you want to streamline device provisioning and host onboarding? Automate policy and segmentation? Get performance insights you didn’t think possible? Of course you do.
Register for the workshop today to get performance insights you didn’t think possible.
Resources:
Watch the New Era of Networking playlist: http://cs.co/90058sI1U
Troubleshooting Remote Workers and VPNsThousandEyes
Your sales team is in the field, executives are on the road and other employees are often working from home. This means that your help desk and ops teams spend hours validating problems or leave unsolvable tickets open. Endpoint Agent continuously collects performance data about internal or SaaS applications that are used by your remote workers, including metrics about Wi-Fi and VPN connections. This webinar covers how monitoring remote employee connectivity can boost productivity and how Endpoint Agent measures performance through VPNs and on remote networks.
Checkpoint Firewall Training designed comprehensive technical course with IT professionals. Get Best Checkpoint Firewall Online course at Global Trainings.
For more details contact us @: +91 40 6050 1418
CHECKPOINT FIREWALL ONLINE TRAINING COURSE CONTENT
INTRODUCTION ABOUT THE CHECKPOINT FIREWALL TRAINING
Introduction to the Checkpoint firewall
Modular nature of the Checkpoint firewall
Functionalities of the Management
The FW-1 & GUI modules
CHECKPOINT INSTALLATION TYPES
The Hardware platform
Checkpoint Rule base concepts – Checkpoint Firewall Training
The IP spoofing
INSTALLATION OF THE CHECKPOINT ON SPLAT
Initial configuration of the Splat
Web access to the Checkpoint-Checkpoint Firewall Training
Download & Installation of smart console
ACCESSING THE CHECKPOINT THROUGH SMARTDASHBOARD
Checkpoint objects description
Anti-spoofing configuration-Checkpoint Firewall Training
NAT Configuration
FILTER CONFIGURATION
The URL Filtering
The Antivirus inspection
Content Analysis
CHECKPOINT FIREWALL TRAINING USER AUTHENTICATION
The User Authentication
The Session Authentication
The Client Authentication
IPSEC VPN
Byte Code Cyber Security Provide India's Best Training in Check Point Technology area. We provide CCSA & CCSE training on latest Security Platform R-76 Gaia,
best ccsa in delhi,best ccsa in india,best ccsa program in gurgaon, best training institute in gurgaon, ccsa delhi, ccsa delhi ncr, ccsa gurgaon, ccsa in delhi, ccsa in delhi ncr, ccsa in gurgaon, ccsa program in delhi, ccsa program in gurgaon, checkpoint in delhi, checkpoint in delhi ncr, checkpoint in gurgaon, training institute in delhi,firewall course in delhi, firewall training in delhi, firewall training gurgaon,checkpoint firewall training in gurgaon,checkpoint firewall,checkpoint blades training, best checkpoint firewall training,ccsa checkpoint gurgaon,ccsa certification course,ccsa certificaiton fee,checkpoint ccsa certificaiton fee.
Spanning Tree Protocol (STP) is a mechanism which provides loop-free paths within a pure layer 2 topology. STP allows for link redundancy by temporarily blocking ports in order to have a single path. Upon the detection of a link, or port failure, STP will re-converge to leverage the other unused port. This prevents broadcast storms and the duplication of packets from floating around in the network endlessly. There are multiple flavors of STP, each with their own features and nuances, which includes: Per VLAN Spanning Tree Protocol Plus (PVST+), Rapid Per VLAN Spanning Tree Protocol Plus (Rapid PVST+), and Multiple Spanning Tree Protocol (MSTP).
With LiveAction 2.6 and greater, users have higher levels of situational awareness and visibility on their switched network infrastructure by providing a topological representation of each Spanning Tree instance, as well as providing alerts on the transitioning port state events. This helps network administrators to act quickly and identify the insertion of rogue and/or misconfigured switches promptly. Similarly, the STP path representation can be used to identify suboptimal layer 2 paths in a switched network. This application note provides instructions on enabling the STP functionality within LiveAction and will cover the aforementioned use case.
Subnetting Properly subnet addressing blocks to accommodate the sit.pdfebrahimbadushata00
Subnetting: Properly subnet addressing blocks to accommodate the site\'s VLAN sizes. You will
not need to implement VLANs here; rather, you will create the correct sizing to properly
accommodate the devices stated per the xACME educational topology. Carefully consider the
challenges faced when structuring subnets too large and/or too small during your design. The
starting Worchester site addressing range is 10.20.0.0 /16 (per the xACME educational topology
diagram). Formatting per subnet should follow the format below and should be clearly stated and
placed within a table.
NetID
mask/CIDR values
broadcast
usable range
No additional device configurations required to complete
Existing VLANs
-
Remote locations vary in terms of size and requirements. Some implementations will require
current site router/switch-running configurations, which will be provided. All sites will use the
following four VLANs, but you will need to configure only what is asked per site (some
assumptions will be made).
Existing VLANs, per xACME:Faculty VLAN
used by faculty on-site for all office locations (non-instructional communications)
total devices per site will vary
Administrative VLAN
used by staff on-site for business administrative communications
total devices per site will vary
Academic VLAN
used by faculty and students for classroom labs and instructional communications
total devices per site will vary
Server VLAN
used by IT staff for all technology/management communications
total devices per site will vary
The types of devices per site will be the same; however, the number of deployed devices may
vary (all documented in the xAcme educational topology).
Routers Per Site:
Switches Per Site:
Note:Device type will not impact your configuration commands and implementation of ALL
required technologies will use Cisco IOS commands/concepts learned in our TestOut lecture(s).
Standard switchports will be configured and used as trunk OR access ports, and DCE ends
should be noted when configuring serial ports per router.Cisco 2800 Series Integrated
ServicesInterfaces Ports Available4 Fast Ethernet Interfaces
(Per Router)2 Serial Interfaces
(Per Router)fa0/0s0/0/0fa0/1s0/0/1fa1/0fa1/1 Acme Educational Topology Public Address
Range 165.128.63.0 /26 Private Network 10.0.0.0 /8 Boston Site Administrative VLA structional
VLAN Device List 4 Devices 34 Devices Network 10.10.0.0 Switches: Catalyst 6500 Series
Server VLAN Faculty VLAN Devices 5 Devices 96 Gigabit Ports fa010 Mod 220 Total Hosts
Module 2.gl1j1 gl n Stub Area Module 3 gi2u1-g gi012 Boston, MA Module 4 31-g 3/24 Site
Router 2 Router 2800 Series Integrated Services Sacramento. SWTch1 Sacramento SWRch2 Sac
3 024 ta0A0 Pot Contuurations uper Router 4 Fast Ethernet erfaces Sacramento Site 010
Network 10.50.0.0 2- fa011 fa 100 42 Total Hosts 65.128.63. Stub Area Boston, 2 Serial
Interfaces Route Boston, MA Site Router 3 DCE Sacramento, CA 0.255.25 48 30 0,255 .252 130
Internet Faculty VLAN Worchester Site 21 Devices Network.
This is a level 200 - 300 presentation.
It assumes:
Good understanding of vCenter 4, ESX 4, ESXi 4.
Preferably hands-on
We will only cover the delta between 4.1 and 4.0
Overview understanding of related products like VUM, Data Recovery, SRM, View, Nexus, Chargeback, CapacityIQ, vShieldZones, etc
Good understanding of related storage, server, network technology
Target audience
VMware Specialist: SE + Delivery from partners
1. An introduction of LAN.
2. An introduction of VLAN.
3. Properties of VLAN.
4. Types of VLAN.
5. VLAN Identification Method
6. VLAN Trunking Protocol.
7. Inter-VLAN routing.
VMware vSphere 6.0 - Troubleshooting Training - Day 2
VSS_Final
1. VSS – Virtual Switching Systems
Content
What is VSS
Advantages of VSS
Deployment areas for VSS
VSS Terminology
o Virtual Switch Domain
o Switch Identifier
o Virtual Switch Link (VSL
Link Management Protocol (LMP)
What is Control Link
LMP Heart Beat
Role Resolution Protocol
What happens when you create VSS or reload both the chassis
What is Capacity Planning for the VSL Bundle
o Is additional capacity planning for VSL links required
Redundancy and software upgrade of VSS
o Can we have redundant supervisor modules within a sigle chassis for VSS
How are the in-chassis active (ICA) and in-chassis standby (ICS) elected
o What happens when the Active VSS Chassis fails
o What happens if the VSL link fails or what is dual-active scenario
o What is Route Processor Redundancy (RPR)
o What is Route Processor Redundancy+ (RPR+)
o What is meant by (Stateful Switch Over) SSO
o What is Non Stop Forwarding (NSF) with Stateful Switch Over (SSO)
o What is Fast Software Upgrade (FSU) of a VSS
o What is Enhanced Fast Software Upgrade (eFSU) of a VSS
STP Operation with VSS
o BPDU
o Root Switch
o Loop Guard
o Port Fast on Trunks
o PortFast and BPDU Guard
o BPDU Filter
VSS Hardware Requirements - Chassis and Modules
2. What is VSS
Virtual Switching System (VSS) is a method to combine two physical switches into one logical switch to
achieve physical redundancy, Spanning-Tree blocking elimination, and increased bandwidth. VSS was
first available in Cisco 6500 but it has recently been introduced to Cisco 4500 and 4500X.
Advantages of VSS
Loop-free topology with the use of MEC and unified control plane
CiscoWorks LAN Management System (LMS) 3.0 can be used to centrally manage a Cisco
Catalyst 6500 virtual switch as a single entity.
VSS increases operational efficiency by simplifying the network, reducing switch management
overhead by at least 50 percent.
VSS eliminates L2/L3 protocol reconvergence if a virtual switch member fails, resulting in
deterministic subsecond virtual switch recovery.
Eliminating unicast flooding caused by asymmetrical routing in traditional campus designs.
Elimination of FHRP Configuration - default gateway is now replaced by a single logical node
where the interface VLAN IP address is available in both the physical chassis.
3. Deployment areas for VSS
Campus or data center core/distribution layer
Data center access (server connectivity)
VSS Terminology
Virtual Switch Domain - A unique domain ID identifies two switches that are intended to be part
of the same VSS pair that defines the VSS domain. The domain ID can have a value ranging from
1 to 255 and must be unique when multiple VSS pairs are connected together
Switch Identifier - A VSS comprises of pair of physical switches and requires a switch ID to
identify each chassis with a unique number. The switch ID can be either 1 or 2 and must be
unique on each member chassis. This number is used as part of the interface naming to ensure
that the interface name remains the same regardless of the virtual switch role (active or hot-
standby switch).
Virtual Switch Link (VSL) - The VSL serves as logical connection that carries critical system
control information such as hot-standby supervisor programming, line card status, Distributed
Forwarding Card (DFC) card programming, system management, diagnostics, and more. The VSL
link is treated as a systems control link and encapsulates all traffic into a special system header
called the Virtual Switch Header (VSH).VSL link initialization and maintenance are done through
the VSL Protocol (VSLP) framework, which consists of two protocols: Link Management Protocol
4. (LMP) and Role Resolution Protocol (RRP). LMP manages link integrity, while RRP determines
the role of each switch member in the virtual switch domain.
o Link Management Protocol (LMP) - LMP operates independently on each member
switch in the same Virtual Switch Domain (VSD). When all VSL interfaces are down, LMP
destroys the peer group and notifies RRP to take an appropriate action.The active switch
will detach all the interfaces associated with the hot-standby switch. At the same time
the hot-standby switch performs switchover, assumes the active role, and detaches all
interfaces associated with the previously active switch. During the bootup process, the
first VSL link that establishes LMP relationship (state-machine) will be selected as the
control link.
What is Control Link- The VSL bundle is special purpose EtherChannel that can
have up to eight members. Only one link out of a configured member is
selected as the control link and that control link is the only link that can carry
the inter-chassis control plane.The control link carries the inter-switch External
Out-of-Band Channel (EOBC) control traffic that includes the Switch Control
Packet (SCP) for line card communication, Inter-process Communication Packets
(IPC), and Inter-Card Communication (ICC) for communicating the protocol
database and state—as well as updates to the hot-standby supervisor.
LMP Heart Beat - The LMP heart beat—also referred as the LMP hello timer—
plays a key role in maintaining the integrity of VSS by checking peer switch
availability and connectivity. Both VSS members execute independent,
deterministic SSO switchover actions if they fail to detect the LMP hello
message within configured hold-timer settings on the last bundled VSL link.
o Role Resolution Protocol - RRP protocol is used to determine the SSO role (active, hot-
standby, or RPR), and to negotiate switch priority and preemption of virtual switch. RRP
also checks the software version on each switch which must be the same in order to
form a VSS. The RRP protocol is initialized once Link Management Protocol (LMP) is fully
established on at least one VSL port. The LMP control link is selected by RRP protocol to
negotiate the SSO role and switch priority. Each switch member forms local RRP peer
group instance and communicate over the control link of the VSL bundle instead
running on every VSL lTink
5. What happens when you create VSS or reload both the chassis
When you create or restart a VSS, the peer chassis negotiate their roles. One chassis becomes the VSS
active chassis, and the other chassis becomes the VSS standby. The VSS active chassis controls the VSS. It
runs the Layer 2 and Layer 3 control protocols for the switching modules on both chassis. The VSS active
chassis also provides management functions for the VSS, such as module online insertion and removal
(OIR) and the console interface.
The VSS active and VSS standby chassis perform packet forwarding for ingress data traffic on their locally
hosted interfaces. However, the VSS standby chassis sends all control traffic to the VSS active chassis for
processing.
What is Capacity Planning for the VSL Bundle
In normal condition, the traffic load over the VSL bundle consist of network control-plane and inter-
chassis control-plane traffic. In normal condition, both types of the traffic loads are very light and are
sent with strict priority. Capacity planning and link sizing for VSS is almost identical to a traditional
multilayer design in which the link(s) between two nodes should be able to carry traffic load equivalent
of planned capacity during failure conditions
Failure of all uplinks connected to a member of VSS to the core . In this failure, all upstream traffic
traverses the VSL bundle.
Failure of all downstream link(s) to access-layer switches from one switch member In this failure all
downstream and the inter-access traffic traverses the VSL bundle. The minimum VSL bundle bandwidth
should be at least equal to the uplinks connected to a single physical switch.
Additional capacity planning for VSL links is required due to following considerations:
Designing the network with single-homed devices connectivity (no MEC) will force at least half
of the downstream traffic to flow over the VSL link.
Remote SPAN from one switch member to other.
If the VSS is carrying the services hardware, such as FWSM, WiSM, IDS, and so on, then all traffic
that is intended to pass via the services blades may be carried over the VSL.
6. Redundancy and software upgrade of VSS
Can we have redundant supervisor modules within a sigle chassis for VSS
With VS4O the VSS is configured with two supervisor modules per chassis. The second supervisor
module within the chassis can be described as an in-chassis standby supervisor (ICS) and the active one
is called as in-chassis active supervisor (ICA). Within each local chassis the two supervisor modules use
Stateful Switchover (SSO) technology to establish an “SSO active” and “SSO standby hot” control plane
redundancy relationship.
How are the in-chassis active (ICA) and in-chassis standby (ICS) elected
During a normal bootup sequence, the supervisor module in the lowest slot number will become the
ICA. If a supervisor module is inserted after a previous supervisor module has already established itself
as the ICA, then the second supervisor module will assume the ICS role..
What happens when the Active VSS Chassis fails
The VSS standby chassis monitors the VSS active chassis using the VSL. If it detects failure, the VSS
standby chassis initiates a switchover and takes on the VSS active role. When the failed chassis recovers,
it takes on the VSS standby role.
What happens if the VSL link fails or what is dual-active scenario
If the VSL fails, the VSS standby chassis cannot determine the state of the VSS active chassis. To ensure
that switchover occurs without delay, the VSS standby chassis assumes the VSS active chassis has failed
and initiates switchover to take over the VSS active role.If the original VSS active chassis is still
7. operational, both chassis are now VSS active. This situation is called a dual-active scenario.The VSS must
detect a dual-active scenario and take recovery action or it can have adverse affects on network
stability, because both chassis use the same IP addresses, SSH keys, and STP bridge ID.
Three ways in which you can detect dual-active scenario
Enhanced PagP
IP Bidirectional forwarding detection
Dual active fast hellos
What is Route Processor Redundancy (RPR)
If a VSS does not meet the requirements for SSO redundancy, the VSS will use route processor
redundancy (RPR). In RPR mode, the VSS active supervisor engine does not synchronize configuration
changes or state information with the VSS standby. The VSS standby supervisor engine is only partially
initialized and the switching modules on the VSS standby supervisor are not powered up. If a switchover
occurs, the VSS standby supervisor engine completes its initialization and powers up the switching
modules. Traffic is disrupted for the normal reboot time of the chassis. The RPR switchover time is 1 or
more minutes.
What is Route Processor Redundancy+ (RPR+)
RPR+ is an enhancement to RPR in which the standby supervisor is completely booted and line cards do
not reload upon switchover. The running configuration is synchronized between the active and the
standby supervisors. The RPR+ switchover time is 30 or more seconds.
What is meant by (Stateful Switch Over) SSO
SSO expands the RPR+ capabilities to provide transparent failover of certain Layer 2 protocols and
certain Cisco IOS Software applications when a supervisor switchover occurs. SSO technology is
essentially a group of Cisco IOS Software processes that provide for supervisor module redundancy. The
VSS uses a dedicated physical link, called the Virtual Switch Link (VSL), between the two chassis to
synchronize the supervisor modules in each chassis.VS4O enables the supervisor module to maintain
two different redundancy relationships: one primary redundancy relationship, which is always across
chassis and is maintained for the overall VSS, and a secondary redundancy relationship maintained
within the local chassis.
8. What is Non Stop Forwarding (NSF) with Stateful Switch Over (SSO)
NSF works in conjunction with SSO to help ensure Layer 3 integrity following a switchover. It allows a
router experiencing the failure of an active supervisor to continue forwarding data packets along known
routes while the routing protocol information is recovered and validated. Data-plane forwarding can
continue to occur even though peering arrangements with neighbor routers have been lost on the
restarting router. The main purpose of NSF is to continue forwarding IP packets following a supervisor
engine switchover. Cisco NSF is supported by the BGP, OSPF, EIGRP, and IS-IS protocols for routing and is
supported by Cisco Express Forwarding (CEF) for forwarding. Cisco NSF always runs with SSO and
provides redundancy for Layer 3 traffic. NSF works with SSO to minimize the amount of time that a
network is unavailable to its users following a switchover.
What is Fast Software Upgrade (FSU) of a VSS
The FSU of a VSS is similar to the RPR-based standalone chassis. While the standalone chassis upgrade is
initiated by reloading the standby supervisor engine, the VSS upgrade is initiated by reloading the
standby chassis. During the FSU procedure, a software version mismatch between the active and the
standby chassis causes the system to boot in RPR redundancy mode, which is stateless and causes a
hard reset of the all modules. As a result, the FSU procedure requires system downtime corresponding
to the RPR switchover time.
What is Enhanced Fast Software Upgrade (eFSU) of a VSS
eFSU is an enhanced software upgrade procedure.eFSU enables an increase in network availability by
reducing the downtime caused by software upgrades. During an eFSU, the VSS standby chassis,
including the supervisor engine and modules, is upgraded and brought up in a stateful switchover (SSO)
mode. The eFSU process then forces a switchover and performs the same upgrade on the other chassis,
which becomes the new VSS standby.
9. STP Operation with VSS
One of the benefits of VSS-based design is that it allows the STP be active in the entire Layer-2 domain.
The VSS simply offers a loop-free topology to STP.
BPDU - The active switch is responsible for generating the BPDU. The source MAC address of
every BPDU frame is derived from a line card upon which the STP port (MEC) is terminated. This
source MAC address can change dynamically due to a node/line or card/port failure.However,
this failure does not cause STP topology recomputation in the network because the network is
loop-free and the STP bridge-ID/priority remains the same.
Root Switch - The root of the STP should always be the VSS. Use Root Guard on a link of VSS-
facing access-layer switch
Loop Guard - The VSS-enabled with MEC design does not offer a looped topology to STP
protocol. As a result, Loop Guard might not be a particularly useful feature in the VSS-enabled
network because all ports are forwarding and none are blocking.
Port Fast on Trunks - In the VSS-enabled design, the use of the port-fast capability on trunks is
safe because VSS topologies are inherently loop free, thereby eliminating the possibility of
temporary loops being created by port-fast feature on a trunk.
PortFast and BPDU Guard - it is critically important to keep the edge port from participating in
the STP.
BPDU Filter - The improper use of the BPDU Filter feature can cause loops in the network. Just
as in a traditional multilayer design, avoid using BPDU filtering in VSS-enabled network. Instead,
use BPDU Guard.
10. VSS Hardware Requirements - Chassis and Modules
Table 4-1 describes the hardware requirements for the VSS chassis and modules.
VSS Hardware
Requirements
Count Requirements
Chassis 2 The VSS is available on chassis that support VS-S720-10G supervisor engines
and WS-X6708-10G switching modules.
Note The two chassis need not be identical.
Supervisor Engines 2 The VSS requires Supervisor Engine 720 with 10-Gigabit Ethernet ports. You
must use either two VS-S720-10G-3C or two VS-S720-10G-3CXL supervisor
engine modules.
The two supervisor engines must match exactly.
Switching Modules 2+ The VSS requires 67xx series switching modules.
The VSS does not support classic, CEF256, or dCEF256 switching modules. In
virtual switch mode, unsupported switching modules remain powered off.
VSL Hardware Requirements
The VSL EtherChannel supports only 10-Gigabit Ethernet ports. The 10-Gigabit Ethernet port can be
located on the supervisor engine module or on one of the following switching modules:
• WS-X6708-10G-3C or WS-X6708-10G-3CXL
• WS-X6716-10G-3C or WS-X6716-10G-3CXL
• WS-X6716-10T-3C or WS-X6716-10T-3CXL