SlideShare a Scribd company logo

VSS_Final

P
Pratik Bhide

Virtual Switching System (VSS) allows two physical switches to be combined into one logical switch, eliminating spanning tree blocking and increasing bandwidth. Key aspects of VSS include the virtual switch link (VSL) that carries control traffic, protocols like LMP and RRP that manage the VSL and determine the active and standby roles, and stateful switchover (SSO) for redundancy. VSS provides a loop-free topology to spanning tree and acts as a single logical node, simplifying management and recovery from failures.

1 of 10
Download to read offline
VSS – Virtual Switching Systems Content  What is VSS  Advantages of VSS  Deployment areas for VSS  VSS Terminology o Virtual Switch Domain o Switch Identifier o Virtual Switch Link (VSL  Link Management Protocol (LMP)  What is Control Link  LMP Heart Beat  Role Resolution Protocol  What happens when you create VSS or reload both the chassis  What is Capacity Planning for the VSL Bundle o Is additional capacity planning for VSL links required  Redundancy and software upgrade of VSS o Can we have redundant supervisor modules within a sigle chassis for VSS  How are the in-chassis active (ICA) and in-chassis standby (ICS) elected o What happens when the Active VSS Chassis fails o What happens if the VSL link fails or what is dual-active scenario o What is Route Processor Redundancy (RPR) o What is Route Processor Redundancy+ (RPR+) o What is meant by (Stateful Switch Over) SSO o What is Non Stop Forwarding (NSF) with Stateful Switch Over (SSO) o What is Fast Software Upgrade (FSU) of a VSS o What is Enhanced Fast Software Upgrade (eFSU) of a VSS  STP Operation with VSS o BPDU o Root Switch o Loop Guard o Port Fast on Trunks o PortFast and BPDU Guard o BPDU Filter  VSS Hardware Requirements - Chassis and Modules
What is VSS Virtual Switching System (VSS) is a method to combine two physical switches into one logical switch to achieve physical redundancy, Spanning-Tree blocking elimination, and increased bandwidth. VSS was first available in Cisco 6500 but it has recently been introduced to Cisco 4500 and 4500X. Advantages of VSS  Loop-free topology with the use of MEC and unified control plane  CiscoWorks LAN Management System (LMS) 3.0 can be used to centrally manage a Cisco Catalyst 6500 virtual switch as a single entity.  VSS increases operational efficiency by simplifying the network, reducing switch management overhead by at least 50 percent.  VSS eliminates L2/L3 protocol reconvergence if a virtual switch member fails, resulting in deterministic subsecond virtual switch recovery.  Eliminating unicast flooding caused by asymmetrical routing in traditional campus designs.  Elimination of FHRP Configuration - default gateway is now replaced by a single logical node where the interface VLAN IP address is available in both the physical chassis.
Deployment areas for VSS  Campus or data center core/distribution layer  Data center access (server connectivity) VSS Terminology  Virtual Switch Domain - A unique domain ID identifies two switches that are intended to be part of the same VSS pair that defines the VSS domain. The domain ID can have a value ranging from 1 to 255 and must be unique when multiple VSS pairs are connected together  Switch Identifier - A VSS comprises of pair of physical switches and requires a switch ID to identify each chassis with a unique number. The switch ID can be either 1 or 2 and must be unique on each member chassis. This number is used as part of the interface naming to ensure that the interface name remains the same regardless of the virtual switch role (active or hot- standby switch).  Virtual Switch Link (VSL) - The VSL serves as logical connection that carries critical system control information such as hot-standby supervisor programming, line card status, Distributed Forwarding Card (DFC) card programming, system management, diagnostics, and more. The VSL link is treated as a systems control link and encapsulates all traffic into a special system header called the Virtual Switch Header (VSH).VSL link initialization and maintenance are done through the VSL Protocol (VSLP) framework, which consists of two protocols: Link Management Protocol
(LMP) and Role Resolution Protocol (RRP). LMP manages link integrity, while RRP determines the role of each switch member in the virtual switch domain. o Link Management Protocol (LMP) - LMP operates independently on each member switch in the same Virtual Switch Domain (VSD). When all VSL interfaces are down, LMP destroys the peer group and notifies RRP to take an appropriate action.The active switch will detach all the interfaces associated with the hot-standby switch. At the same time the hot-standby switch performs switchover, assumes the active role, and detaches all interfaces associated with the previously active switch. During the bootup process, the first VSL link that establishes LMP relationship (state-machine) will be selected as the control link.  What is Control Link- The VSL bundle is special purpose EtherChannel that can have up to eight members. Only one link out of a configured member is selected as the control link and that control link is the only link that can carry the inter-chassis control plane.The control link carries the inter-switch External Out-of-Band Channel (EOBC) control traffic that includes the Switch Control Packet (SCP) for line card communication, Inter-process Communication Packets (IPC), and Inter-Card Communication (ICC) for communicating the protocol database and state—as well as updates to the hot-standby supervisor.  LMP Heart Beat - The LMP heart beat—also referred as the LMP hello timer— plays a key role in maintaining the integrity of VSS by checking peer switch availability and connectivity. Both VSS members execute independent, deterministic SSO switchover actions if they fail to detect the LMP hello message within configured hold-timer settings on the last bundled VSL link. o Role Resolution Protocol - RRP protocol is used to determine the SSO role (active, hot- standby, or RPR), and to negotiate switch priority and preemption of virtual switch. RRP also checks the software version on each switch which must be the same in order to form a VSS. The RRP protocol is initialized once Link Management Protocol (LMP) is fully established on at least one VSL port. The LMP control link is selected by RRP protocol to negotiate the SSO role and switch priority. Each switch member forms local RRP peer group instance and communicate over the control link of the VSL bundle instead running on every VSL lTink
What happens when you create VSS or reload both the chassis When you create or restart a VSS, the peer chassis negotiate their roles. One chassis becomes the VSS active chassis, and the other chassis becomes the VSS standby. The VSS active chassis controls the VSS. It runs the Layer 2 and Layer 3 control protocols for the switching modules on both chassis. The VSS active chassis also provides management functions for the VSS, such as module online insertion and removal (OIR) and the console interface. The VSS active and VSS standby chassis perform packet forwarding for ingress data traffic on their locally hosted interfaces. However, the VSS standby chassis sends all control traffic to the VSS active chassis for processing. What is Capacity Planning for the VSL Bundle In normal condition, the traffic load over the VSL bundle consist of network control-plane and inter- chassis control-plane traffic. In normal condition, both types of the traffic loads are very light and are sent with strict priority. Capacity planning and link sizing for VSS is almost identical to a traditional multilayer design in which the link(s) between two nodes should be able to carry traffic load equivalent of planned capacity during failure conditions Failure of all uplinks connected to a member of VSS to the core . In this failure, all upstream traffic traverses the VSL bundle. Failure of all downstream link(s) to access-layer switches from one switch member In this failure all downstream and the inter-access traffic traverses the VSL bundle. The minimum VSL bundle bandwidth should be at least equal to the uplinks connected to a single physical switch. Additional capacity planning for VSL links is required due to following considerations:  Designing the network with single-homed devices connectivity (no MEC) will force at least half of the downstream traffic to flow over the VSL link.  Remote SPAN from one switch member to other.  If the VSS is carrying the services hardware, such as FWSM, WiSM, IDS, and so on, then all traffic that is intended to pass via the services blades may be carried over the VSL.
Redundancy and software upgrade of VSS Can we have redundant supervisor modules within a sigle chassis for VSS With VS4O the VSS is configured with two supervisor modules per chassis. The second supervisor module within the chassis can be described as an in-chassis standby supervisor (ICS) and the active one is called as in-chassis active supervisor (ICA). Within each local chassis the two supervisor modules use Stateful Switchover (SSO) technology to establish an “SSO active” and “SSO standby hot” control plane redundancy relationship.  How are the in-chassis active (ICA) and in-chassis standby (ICS) elected During a normal bootup sequence, the supervisor module in the lowest slot number will become the ICA. If a supervisor module is inserted after a previous supervisor module has already established itself as the ICA, then the second supervisor module will assume the ICS role.. What happens when the Active VSS Chassis fails The VSS standby chassis monitors the VSS active chassis using the VSL. If it detects failure, the VSS standby chassis initiates a switchover and takes on the VSS active role. When the failed chassis recovers, it takes on the VSS standby role. What happens if the VSL link fails or what is dual-active scenario If the VSL fails, the VSS standby chassis cannot determine the state of the VSS active chassis. To ensure that switchover occurs without delay, the VSS standby chassis assumes the VSS active chassis has failed and initiates switchover to take over the VSS active role.If the original VSS active chassis is still
operational, both chassis are now VSS active. This situation is called a dual-active scenario.The VSS must detect a dual-active scenario and take recovery action or it can have adverse affects on network stability, because both chassis use the same IP addresses, SSH keys, and STP bridge ID. Three ways in which you can detect dual-active scenario  Enhanced PagP  IP Bidirectional forwarding detection  Dual active fast hellos What is Route Processor Redundancy (RPR) If a VSS does not meet the requirements for SSO redundancy, the VSS will use route processor redundancy (RPR). In RPR mode, the VSS active supervisor engine does not synchronize configuration changes or state information with the VSS standby. The VSS standby supervisor engine is only partially initialized and the switching modules on the VSS standby supervisor are not powered up. If a switchover occurs, the VSS standby supervisor engine completes its initialization and powers up the switching modules. Traffic is disrupted for the normal reboot time of the chassis. The RPR switchover time is 1 or more minutes. What is Route Processor Redundancy+ (RPR+) RPR+ is an enhancement to RPR in which the standby supervisor is completely booted and line cards do not reload upon switchover. The running configuration is synchronized between the active and the standby supervisors. The RPR+ switchover time is 30 or more seconds. What is meant by (Stateful Switch Over) SSO SSO expands the RPR+ capabilities to provide transparent failover of certain Layer 2 protocols and certain Cisco IOS Software applications when a supervisor switchover occurs. SSO technology is essentially a group of Cisco IOS Software processes that provide for supervisor module redundancy. The VSS uses a dedicated physical link, called the Virtual Switch Link (VSL), between the two chassis to synchronize the supervisor modules in each chassis.VS4O enables the supervisor module to maintain two different redundancy relationships: one primary redundancy relationship, which is always across chassis and is maintained for the overall VSS, and a secondary redundancy relationship maintained within the local chassis.
What is Non Stop Forwarding (NSF) with Stateful Switch Over (SSO) NSF works in conjunction with SSO to help ensure Layer 3 integrity following a switchover. It allows a router experiencing the failure of an active supervisor to continue forwarding data packets along known routes while the routing protocol information is recovered and validated. Data-plane forwarding can continue to occur even though peering arrangements with neighbor routers have been lost on the restarting router. The main purpose of NSF is to continue forwarding IP packets following a supervisor engine switchover. Cisco NSF is supported by the BGP, OSPF, EIGRP, and IS-IS protocols for routing and is supported by Cisco Express Forwarding (CEF) for forwarding. Cisco NSF always runs with SSO and provides redundancy for Layer 3 traffic. NSF works with SSO to minimize the amount of time that a network is unavailable to its users following a switchover. What is Fast Software Upgrade (FSU) of a VSS The FSU of a VSS is similar to the RPR-based standalone chassis. While the standalone chassis upgrade is initiated by reloading the standby supervisor engine, the VSS upgrade is initiated by reloading the standby chassis. During the FSU procedure, a software version mismatch between the active and the standby chassis causes the system to boot in RPR redundancy mode, which is stateless and causes a hard reset of the all modules. As a result, the FSU procedure requires system downtime corresponding to the RPR switchover time. What is Enhanced Fast Software Upgrade (eFSU) of a VSS eFSU is an enhanced software upgrade procedure.eFSU enables an increase in network availability by reducing the downtime caused by software upgrades. During an eFSU, the VSS standby chassis, including the supervisor engine and modules, is upgraded and brought up in a stateful switchover (SSO) mode. The eFSU process then forces a switchover and performs the same upgrade on the other chassis, which becomes the new VSS standby.
STP Operation with VSS One of the benefits of VSS-based design is that it allows the STP be active in the entire Layer-2 domain. The VSS simply offers a loop-free topology to STP.  BPDU - The active switch is responsible for generating the BPDU. The source MAC address of every BPDU frame is derived from a line card upon which the STP port (MEC) is terminated. This source MAC address can change dynamically due to a node/line or card/port failure.However, this failure does not cause STP topology recomputation in the network because the network is loop-free and the STP bridge-ID/priority remains the same.  Root Switch - The root of the STP should always be the VSS. Use Root Guard on a link of VSS- facing access-layer switch  Loop Guard - The VSS-enabled with MEC design does not offer a looped topology to STP protocol. As a result, Loop Guard might not be a particularly useful feature in the VSS-enabled network because all ports are forwarding and none are blocking.  Port Fast on Trunks - In the VSS-enabled design, the use of the port-fast capability on trunks is safe because VSS topologies are inherently loop free, thereby eliminating the possibility of temporary loops being created by port-fast feature on a trunk.  PortFast and BPDU Guard - it is critically important to keep the edge port from participating in the STP.  BPDU Filter - The improper use of the BPDU Filter feature can cause loops in the network. Just as in a traditional multilayer design, avoid using BPDU filtering in VSS-enabled network. Instead, use BPDU Guard.
VSS Hardware Requirements - Chassis and Modules Table 4-1 describes the hardware requirements for the VSS chassis and modules. VSS Hardware Requirements Count Requirements Chassis 2 The VSS is available on chassis that support VS-S720-10G supervisor engines and WS-X6708-10G switching modules. Note The two chassis need not be identical. Supervisor Engines 2 The VSS requires Supervisor Engine 720 with 10-Gigabit Ethernet ports. You must use either two VS-S720-10G-3C or two VS-S720-10G-3CXL supervisor engine modules. The two supervisor engines must match exactly. Switching Modules 2+ The VSS requires 67xx series switching modules. The VSS does not support classic, CEF256, or dCEF256 switching modules. In virtual switch mode, unsupported switching modules remain powered off. VSL Hardware Requirements The VSL EtherChannel supports only 10-Gigabit Ethernet ports. The 10-Gigabit Ethernet port can be located on the supervisor engine module or on one of the following switching modules: • WS-X6708-10G-3C or WS-X6708-10G-3CXL • WS-X6716-10G-3C or WS-X6716-10G-3CXL • WS-X6716-10T-3C or WS-X6716-10T-3CXL

Recommended

Vss vs.vpc
Vss vs.vpcVss vs.vpc
Vss vs.vpc
IT Tech
 
vPC_Final
vPC_FinalvPC_Final
vPC_FinalPratik Bhide
 
Vlan lab
Vlan labVlan lab
Vlan lab
tmim8
 
Router commands
Router commandsRouter commands
Router commandsAkshay Bhardwaj
 
EtherChannel PAgP and LACP modes
EtherChannel PAgP and LACP modesEtherChannel PAgP and LACP modes
EtherChannel PAgP and LACP modes
NetProtocol Xpert
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet
3Anetwork com
 
Cisco nexus series
Cisco nexus seriesCisco nexus series
Cisco nexus series
Anwesh Dixit
 
Ether channel fundamentals
Ether channel fundamentalsEther channel fundamentals
Ether channel fundamentalsEdgardo Scrimaglia
 

Recommended

Vss vs.vpc
Vss vs.vpcVss vs.vpc
Vss vs.vpc
IT Tech
 
vPC_Final
vPC_FinalvPC_Final
vPC_FinalPratik Bhide
 
Vlan lab
Vlan labVlan lab
Vlan lab
tmim8
 
Router commands
Router commandsRouter commands
Router commandsAkshay Bhardwaj
 
EtherChannel PAgP and LACP modes
EtherChannel PAgP and LACP modesEtherChannel PAgP and LACP modes
EtherChannel PAgP and LACP modes
NetProtocol Xpert
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet
3Anetwork com
 
Cisco nexus series
Cisco nexus seriesCisco nexus series
Cisco nexus series
Anwesh Dixit
 
Ether channel fundamentals
Ether channel fundamentalsEther channel fundamentals
Ether channel fundamentalsEdgardo Scrimaglia
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Bruno Teixeira
 
VPC PPT @NETWORKERSHOME
VPC PPT @NETWORKERSHOMEVPC PPT @NETWORKERSHOME
VPC PPT @NETWORKERSHOME
networkershome
 
Ether Channel High Speed Data Transmission
Ether Channel High Speed Data TransmissionEther Channel High Speed Data Transmission
Ether Channel High Speed Data Transmission
Netwax Lab
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
Ccnp3 lab 3_4_en
Ccnp3 lab 3_4_enCcnp3 lab 3_4_en
Ccnp3 lab 3_4_en
Omar Herrera
 
VLAN
VLANVLAN
VLAN
ISMT College
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdf
Networkershome
 
Packet Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocolPacket Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocol
Rafat Khandaker
 
ccna cheat_sheet
ccna cheat_sheetccna cheat_sheet
ccna cheat_sheet
Guntaka Reddy
 
CISCO HSRP VRRP GLBP
CISCO HSRP VRRP GLBPCISCO HSRP VRRP GLBP
CISCO HSRP VRRP GLBP
YACINE MESSAOUI
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commands
Robin Rohit
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Canada
 
Chapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routingChapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routing
teknetir
 
Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorialIT Tech
 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined Access
Robb Boyd
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
Muhd Mu'izuddin
 
CCNA 2 Routing and Switching v5.0 Chapter 3
CCNA 2 Routing and Switching v5.0 Chapter 3CCNA 2 Routing and Switching v5.0 Chapter 3
CCNA 2 Routing and Switching v5.0 Chapter 3
Nil Menon
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlan
Logitrain
 
Chapter 3 link aggregation
Chapter 3 link aggregationChapter 3 link aggregation
Chapter 3 link aggregation
Josue Wuezo
 
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service ProvidersCisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Bruno Teixeira
 
CISCO Exact Questions By: Konard
CISCO Exact Questions By: KonardCISCO Exact Questions By: Konard
CISCO Exact Questions By: Konard
Eng. Emad Al-Atoum
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
ThousandEyes
 

More Related Content

What's hot

Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Bruno Teixeira
 
VPC PPT @NETWORKERSHOME
VPC PPT @NETWORKERSHOMEVPC PPT @NETWORKERSHOME
VPC PPT @NETWORKERSHOME
networkershome
 
Ether Channel High Speed Data Transmission
Ether Channel High Speed Data TransmissionEther Channel High Speed Data Transmission
Ether Channel High Speed Data Transmission
Netwax Lab
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
Ccnp3 lab 3_4_en
Ccnp3 lab 3_4_enCcnp3 lab 3_4_en
Ccnp3 lab 3_4_en
Omar Herrera
 
VLAN
VLANVLAN
VLAN
ISMT College
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdf
Networkershome
 
Packet Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocolPacket Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocol
Rafat Khandaker
 
ccna cheat_sheet
ccna cheat_sheetccna cheat_sheet
ccna cheat_sheet
Guntaka Reddy
 
CISCO HSRP VRRP GLBP
CISCO HSRP VRRP GLBPCISCO HSRP VRRP GLBP
CISCO HSRP VRRP GLBP
YACINE MESSAOUI
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commands
Robin Rohit
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Canada
 
Chapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routingChapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routing
teknetir
 
Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorialIT Tech
 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined Access
Robb Boyd
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
Muhd Mu'izuddin
 
CCNA 2 Routing and Switching v5.0 Chapter 3
CCNA 2 Routing and Switching v5.0 Chapter 3CCNA 2 Routing and Switching v5.0 Chapter 3
CCNA 2 Routing and Switching v5.0 Chapter 3
Nil Menon
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlan
Logitrain
 
Chapter 3 link aggregation
Chapter 3 link aggregationChapter 3 link aggregation
Chapter 3 link aggregation
Josue Wuezo
 
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service ProvidersCisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Bruno Teixeira
 

What's hot (20)

Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
 
VPC PPT @NETWORKERSHOME
VPC PPT @NETWORKERSHOMEVPC PPT @NETWORKERSHOME
VPC PPT @NETWORKERSHOME
 
Ether Channel High Speed Data Transmission
Ether Channel High Speed Data TransmissionEther Channel High Speed Data Transmission
Ether Channel High Speed Data Transmission
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
 
Ccnp3 lab 3_4_en
Ccnp3 lab 3_4_enCcnp3 lab 3_4_en
Ccnp3 lab 3_4_en
 
VLAN
VLANVLAN
VLAN
 
Free CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdfFree CCNP switching workbook by networkershome pdf
Free CCNP switching workbook by networkershome pdf
 
Packet Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocolPacket Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocol
 
ccna cheat_sheet
ccna cheat_sheetccna cheat_sheet
ccna cheat_sheet
 
CISCO HSRP VRRP GLBP
CISCO HSRP VRRP GLBPCISCO HSRP VRRP GLBP
CISCO HSRP VRRP GLBP
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commands
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
 
Chapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routingChapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routing
 
Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorial
 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined Access
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
 
CCNA 2 Routing and Switching v5.0 Chapter 3
CCNA 2 Routing and Switching v5.0 Chapter 3CCNA 2 Routing and Switching v5.0 Chapter 3
CCNA 2 Routing and Switching v5.0 Chapter 3
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlan
 
Chapter 3 link aggregation
Chapter 3 link aggregationChapter 3 link aggregation
Chapter 3 link aggregation
 
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service ProvidersCisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
 

Viewers also liked

CISCO Exact Questions By: Konard
CISCO Exact Questions By: KonardCISCO Exact Questions By: Konard
CISCO Exact Questions By: Konard
Eng. Emad Al-Atoum
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
ThousandEyes
 
IPsec vpn topology over GRE tunnels
IPsec vpn topology over GRE tunnelsIPsec vpn topology over GRE tunnels
IPsec vpn topology over GRE tunnels
Mustafa Khaleel
 
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wikiIp sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wikiHuy Eav
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Global Online Trainings
 
Ip sec training
Ip sec trainingIp sec training
Ip sec training
Wahyu Nasution
 
Alu xgpon solution for pt telkom akses 20130830+
Alu xgpon solution for pt telkom akses 20130830+Alu xgpon solution for pt telkom akses 20130830+
Alu xgpon solution for pt telkom akses 20130830+
Wahyu Nasution
 
Cisco trouble shooting
Cisco trouble shootingCisco trouble shooting
Cisco trouble shooting
Hamid Younesi
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPN
NetProtocol Xpert
 
Checkpoint ccsa r76
Checkpoint ccsa r76Checkpoint ccsa r76
Checkpoint ccsa r76
Vaibhav Agrawal
 
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
NetProtocol Xpert
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpn
sharetech
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
Ben Rothke
 
IPsec
IPsecIPsec
IPsec
Ivandro Ismael
 
Ipsec vpn v0.1
Ipsec vpn v0.1Ipsec vpn v0.1
Ipsec vpn v0.1
Sankaranarayanan Subramanian
 
Palo Alto
Palo AltoPalo Alto
Palo Alto
Hajar Otmani
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to site
IT Tech
 

Viewers also liked (20)

CISCO Exact Questions By: Konard
CISCO Exact Questions By: KonardCISCO Exact Questions By: Konard
CISCO Exact Questions By: Konard
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
 
IPsec vpn topology over GRE tunnels
IPsec vpn topology over GRE tunnelsIPsec vpn topology over GRE tunnels
IPsec vpn topology over GRE tunnels
 
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wikiIp sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online Course
 
IPSec_VPN_Final_
IPSec_VPN_Final_IPSec_VPN_Final_
IPSec_VPN_Final_
 
Ip sec training
Ip sec trainingIp sec training
Ip sec training
 
Firewall
FirewallFirewall
Firewall
 
Alu xgpon solution for pt telkom akses 20130830+
Alu xgpon solution for pt telkom akses 20130830+Alu xgpon solution for pt telkom akses 20130830+
Alu xgpon solution for pt telkom akses 20130830+
 
Cisco trouble shooting
Cisco trouble shootingCisco trouble shooting
Cisco trouble shooting
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPN
 
Checkpoint ccsa r76
Checkpoint ccsa r76Checkpoint ccsa r76
Checkpoint ccsa r76
 
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpn
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
 
IPsec
IPsecIPsec
IPsec
 
Ipsec vpn v0.1
Ipsec vpn v0.1Ipsec vpn v0.1
Ipsec vpn v0.1
 
Palo Alto
Palo AltoPalo Alto
Palo Alto
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to site
 

Similar to VSS_Final

Switching
SwitchingSwitching
Switching
CYBERINTELLIGENTS
 
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application NoteLiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
ActionPacked Networks
 
CCNP Switching Chapter 9
CCNP Switching Chapter 9CCNP Switching Chapter 9
CCNP Switching Chapter 9
Chaing Ravuth
 
Nexus 1000v
Nexus 1000vNexus 1000v
Nexus 1000v
Krunal Shah
 
Vlan configuration in medium sized network
Vlan configuration in medium sized networkVlan configuration in medium sized network
Vlan configuration in medium sized network
Arnold Derrick Kinney
 
Switching
SwitchingSwitching
Switching
CYBERINTELLIGENTS
 
ENCOR_Capitulo 4.pptx
ENCOR_Capitulo 4.pptxENCOR_Capitulo 4.pptx
ENCOR_Capitulo 4.pptx
ManuelRojas960410
 
ENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptxENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptx
ManuelRojas960410
 
VMware vSphere Networking deep dive
VMware vSphere Networking deep diveVMware vSphere Networking deep dive
VMware vSphere Networking deep dive
Sanjeev Kumar
 
VMware vSphere Networking deep dive
VMware vSphere Networking deep diveVMware vSphere Networking deep dive
VMware vSphere Networking deep dive
Vepsun Technologies
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV 
NetProtocol Xpert
 
Switching Types
Switching TypesSwitching Types
Switching Types
Kishore Kumar
 
Subnetting Properly subnet addressing blocks to accommodate the sit.pdf
Subnetting Properly subnet addressing blocks to accommodate the sit.pdfSubnetting Properly subnet addressing blocks to accommodate the sit.pdf
Subnetting Properly subnet addressing blocks to accommodate the sit.pdf
ebrahimbadushata00
 
Quick Guide VLANs
Quick Guide VLANsQuick Guide VLANs
Quick Guide VLANs
CCNAResources
 
Chapter 8 .vlan.pdf
Chapter 8 .vlan.pdfChapter 8 .vlan.pdf
Chapter 8 .vlan.pdf
manojkumar595505
 
Vpc notes
Vpc notesVpc notes
Vpc notes
Krunal Shah
 
VMware vSphere 4.1 deep dive - part 2
VMware vSphere 4.1 deep dive - part 2VMware vSphere 4.1 deep dive - part 2
VMware vSphere 4.1 deep dive - part 2
Louis Göhl
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Lilesh Pathe
 
VMware vSphere 6.0 - Troubleshooting Training - Day 2
VMware vSphere 6.0 - Troubleshooting Training - Day 2VMware vSphere 6.0 - Troubleshooting Training - Day 2
VMware vSphere 6.0 - Troubleshooting Training - Day 2
Sanjeev Kumar
 

Similar to VSS_Final (20)

Switching
SwitchingSwitching
Switching
 
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application NoteLiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
 
CCNP Switching Chapter 9
CCNP Switching Chapter 9CCNP Switching Chapter 9
CCNP Switching Chapter 9
 
Nexus 1000v
Nexus 1000vNexus 1000v
Nexus 1000v
 
Vlan configuration in medium sized network
Vlan configuration in medium sized networkVlan configuration in medium sized network
Vlan configuration in medium sized network
 
Switching
SwitchingSwitching
Switching
 
ENCOR_Capitulo 4.pptx
ENCOR_Capitulo 4.pptxENCOR_Capitulo 4.pptx
ENCOR_Capitulo 4.pptx
 
ENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptxENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptx
 
VMware vSphere Networking deep dive
VMware vSphere Networking deep diveVMware vSphere Networking deep dive
VMware vSphere Networking deep dive
 
VMware vSphere Networking deep dive
VMware vSphere Networking deep diveVMware vSphere Networking deep dive
VMware vSphere Networking deep dive
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV 
 
Switching Types
Switching TypesSwitching Types
Switching Types
 
Switching Types
Switching TypesSwitching Types
Switching Types
 
Subnetting Properly subnet addressing blocks to accommodate the sit.pdf
Subnetting Properly subnet addressing blocks to accommodate the sit.pdfSubnetting Properly subnet addressing blocks to accommodate the sit.pdf
Subnetting Properly subnet addressing blocks to accommodate the sit.pdf
 
Quick Guide VLANs
Quick Guide VLANsQuick Guide VLANs
Quick Guide VLANs
 
Chapter 8 .vlan.pdf
Chapter 8 .vlan.pdfChapter 8 .vlan.pdf
Chapter 8 .vlan.pdf
 
Vpc notes
Vpc notesVpc notes
Vpc notes
 
VMware vSphere 4.1 deep dive - part 2
VMware vSphere 4.1 deep dive - part 2VMware vSphere 4.1 deep dive - part 2
VMware vSphere 4.1 deep dive - part 2
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
 
VMware vSphere 6.0 - Troubleshooting Training - Day 2
VMware vSphere 6.0 - Troubleshooting Training - Day 2VMware vSphere 6.0 - Troubleshooting Training - Day 2
VMware vSphere 6.0 - Troubleshooting Training - Day 2
 

VSS_Final

  • 1. VSS – Virtual Switching Systems Content  What is VSS  Advantages of VSS  Deployment areas for VSS  VSS Terminology o Virtual Switch Domain o Switch Identifier o Virtual Switch Link (VSL  Link Management Protocol (LMP)  What is Control Link  LMP Heart Beat  Role Resolution Protocol  What happens when you create VSS or reload both the chassis  What is Capacity Planning for the VSL Bundle o Is additional capacity planning for VSL links required  Redundancy and software upgrade of VSS o Can we have redundant supervisor modules within a sigle chassis for VSS  How are the in-chassis active (ICA) and in-chassis standby (ICS) elected o What happens when the Active VSS Chassis fails o What happens if the VSL link fails or what is dual-active scenario o What is Route Processor Redundancy (RPR) o What is Route Processor Redundancy+ (RPR+) o What is meant by (Stateful Switch Over) SSO o What is Non Stop Forwarding (NSF) with Stateful Switch Over (SSO) o What is Fast Software Upgrade (FSU) of a VSS o What is Enhanced Fast Software Upgrade (eFSU) of a VSS  STP Operation with VSS o BPDU o Root Switch o Loop Guard o Port Fast on Trunks o PortFast and BPDU Guard o BPDU Filter  VSS Hardware Requirements - Chassis and Modules
  • 2. What is VSS Virtual Switching System (VSS) is a method to combine two physical switches into one logical switch to achieve physical redundancy, Spanning-Tree blocking elimination, and increased bandwidth. VSS was first available in Cisco 6500 but it has recently been introduced to Cisco 4500 and 4500X. Advantages of VSS  Loop-free topology with the use of MEC and unified control plane  CiscoWorks LAN Management System (LMS) 3.0 can be used to centrally manage a Cisco Catalyst 6500 virtual switch as a single entity.  VSS increases operational efficiency by simplifying the network, reducing switch management overhead by at least 50 percent.  VSS eliminates L2/L3 protocol reconvergence if a virtual switch member fails, resulting in deterministic subsecond virtual switch recovery.  Eliminating unicast flooding caused by asymmetrical routing in traditional campus designs.  Elimination of FHRP Configuration - default gateway is now replaced by a single logical node where the interface VLAN IP address is available in both the physical chassis.
  • 3. Deployment areas for VSS  Campus or data center core/distribution layer  Data center access (server connectivity) VSS Terminology  Virtual Switch Domain - A unique domain ID identifies two switches that are intended to be part of the same VSS pair that defines the VSS domain. The domain ID can have a value ranging from 1 to 255 and must be unique when multiple VSS pairs are connected together  Switch Identifier - A VSS comprises of pair of physical switches and requires a switch ID to identify each chassis with a unique number. The switch ID can be either 1 or 2 and must be unique on each member chassis. This number is used as part of the interface naming to ensure that the interface name remains the same regardless of the virtual switch role (active or hot- standby switch).  Virtual Switch Link (VSL) - The VSL serves as logical connection that carries critical system control information such as hot-standby supervisor programming, line card status, Distributed Forwarding Card (DFC) card programming, system management, diagnostics, and more. The VSL link is treated as a systems control link and encapsulates all traffic into a special system header called the Virtual Switch Header (VSH).VSL link initialization and maintenance are done through the VSL Protocol (VSLP) framework, which consists of two protocols: Link Management Protocol
  • 4. (LMP) and Role Resolution Protocol (RRP). LMP manages link integrity, while RRP determines the role of each switch member in the virtual switch domain. o Link Management Protocol (LMP) - LMP operates independently on each member switch in the same Virtual Switch Domain (VSD). When all VSL interfaces are down, LMP destroys the peer group and notifies RRP to take an appropriate action.The active switch will detach all the interfaces associated with the hot-standby switch. At the same time the hot-standby switch performs switchover, assumes the active role, and detaches all interfaces associated with the previously active switch. During the bootup process, the first VSL link that establishes LMP relationship (state-machine) will be selected as the control link.  What is Control Link- The VSL bundle is special purpose EtherChannel that can have up to eight members. Only one link out of a configured member is selected as the control link and that control link is the only link that can carry the inter-chassis control plane.The control link carries the inter-switch External Out-of-Band Channel (EOBC) control traffic that includes the Switch Control Packet (SCP) for line card communication, Inter-process Communication Packets (IPC), and Inter-Card Communication (ICC) for communicating the protocol database and state—as well as updates to the hot-standby supervisor.  LMP Heart Beat - The LMP heart beat—also referred as the LMP hello timer— plays a key role in maintaining the integrity of VSS by checking peer switch availability and connectivity. Both VSS members execute independent, deterministic SSO switchover actions if they fail to detect the LMP hello message within configured hold-timer settings on the last bundled VSL link. o Role Resolution Protocol - RRP protocol is used to determine the SSO role (active, hot- standby, or RPR), and to negotiate switch priority and preemption of virtual switch. RRP also checks the software version on each switch which must be the same in order to form a VSS. The RRP protocol is initialized once Link Management Protocol (LMP) is fully established on at least one VSL port. The LMP control link is selected by RRP protocol to negotiate the SSO role and switch priority. Each switch member forms local RRP peer group instance and communicate over the control link of the VSL bundle instead running on every VSL lTink
  • 5. What happens when you create VSS or reload both the chassis When you create or restart a VSS, the peer chassis negotiate their roles. One chassis becomes the VSS active chassis, and the other chassis becomes the VSS standby. The VSS active chassis controls the VSS. It runs the Layer 2 and Layer 3 control protocols for the switching modules on both chassis. The VSS active chassis also provides management functions for the VSS, such as module online insertion and removal (OIR) and the console interface. The VSS active and VSS standby chassis perform packet forwarding for ingress data traffic on their locally hosted interfaces. However, the VSS standby chassis sends all control traffic to the VSS active chassis for processing. What is Capacity Planning for the VSL Bundle In normal condition, the traffic load over the VSL bundle consist of network control-plane and inter- chassis control-plane traffic. In normal condition, both types of the traffic loads are very light and are sent with strict priority. Capacity planning and link sizing for VSS is almost identical to a traditional multilayer design in which the link(s) between two nodes should be able to carry traffic load equivalent of planned capacity during failure conditions Failure of all uplinks connected to a member of VSS to the core . In this failure, all upstream traffic traverses the VSL bundle. Failure of all downstream link(s) to access-layer switches from one switch member In this failure all downstream and the inter-access traffic traverses the VSL bundle. The minimum VSL bundle bandwidth should be at least equal to the uplinks connected to a single physical switch. Additional capacity planning for VSL links is required due to following considerations:  Designing the network with single-homed devices connectivity (no MEC) will force at least half of the downstream traffic to flow over the VSL link.  Remote SPAN from one switch member to other.  If the VSS is carrying the services hardware, such as FWSM, WiSM, IDS, and so on, then all traffic that is intended to pass via the services blades may be carried over the VSL.
  • 6. Redundancy and software upgrade of VSS Can we have redundant supervisor modules within a sigle chassis for VSS With VS4O the VSS is configured with two supervisor modules per chassis. The second supervisor module within the chassis can be described as an in-chassis standby supervisor (ICS) and the active one is called as in-chassis active supervisor (ICA). Within each local chassis the two supervisor modules use Stateful Switchover (SSO) technology to establish an “SSO active” and “SSO standby hot” control plane redundancy relationship.  How are the in-chassis active (ICA) and in-chassis standby (ICS) elected During a normal bootup sequence, the supervisor module in the lowest slot number will become the ICA. If a supervisor module is inserted after a previous supervisor module has already established itself as the ICA, then the second supervisor module will assume the ICS role.. What happens when the Active VSS Chassis fails The VSS standby chassis monitors the VSS active chassis using the VSL. If it detects failure, the VSS standby chassis initiates a switchover and takes on the VSS active role. When the failed chassis recovers, it takes on the VSS standby role. What happens if the VSL link fails or what is dual-active scenario If the VSL fails, the VSS standby chassis cannot determine the state of the VSS active chassis. To ensure that switchover occurs without delay, the VSS standby chassis assumes the VSS active chassis has failed and initiates switchover to take over the VSS active role.If the original VSS active chassis is still
  • 7. operational, both chassis are now VSS active. This situation is called a dual-active scenario.The VSS must detect a dual-active scenario and take recovery action or it can have adverse affects on network stability, because both chassis use the same IP addresses, SSH keys, and STP bridge ID. Three ways in which you can detect dual-active scenario  Enhanced PagP  IP Bidirectional forwarding detection  Dual active fast hellos What is Route Processor Redundancy (RPR) If a VSS does not meet the requirements for SSO redundancy, the VSS will use route processor redundancy (RPR). In RPR mode, the VSS active supervisor engine does not synchronize configuration changes or state information with the VSS standby. The VSS standby supervisor engine is only partially initialized and the switching modules on the VSS standby supervisor are not powered up. If a switchover occurs, the VSS standby supervisor engine completes its initialization and powers up the switching modules. Traffic is disrupted for the normal reboot time of the chassis. The RPR switchover time is 1 or more minutes. What is Route Processor Redundancy+ (RPR+) RPR+ is an enhancement to RPR in which the standby supervisor is completely booted and line cards do not reload upon switchover. The running configuration is synchronized between the active and the standby supervisors. The RPR+ switchover time is 30 or more seconds. What is meant by (Stateful Switch Over) SSO SSO expands the RPR+ capabilities to provide transparent failover of certain Layer 2 protocols and certain Cisco IOS Software applications when a supervisor switchover occurs. SSO technology is essentially a group of Cisco IOS Software processes that provide for supervisor module redundancy. The VSS uses a dedicated physical link, called the Virtual Switch Link (VSL), between the two chassis to synchronize the supervisor modules in each chassis.VS4O enables the supervisor module to maintain two different redundancy relationships: one primary redundancy relationship, which is always across chassis and is maintained for the overall VSS, and a secondary redundancy relationship maintained within the local chassis.
  • 8. What is Non Stop Forwarding (NSF) with Stateful Switch Over (SSO) NSF works in conjunction with SSO to help ensure Layer 3 integrity following a switchover. It allows a router experiencing the failure of an active supervisor to continue forwarding data packets along known routes while the routing protocol information is recovered and validated. Data-plane forwarding can continue to occur even though peering arrangements with neighbor routers have been lost on the restarting router. The main purpose of NSF is to continue forwarding IP packets following a supervisor engine switchover. Cisco NSF is supported by the BGP, OSPF, EIGRP, and IS-IS protocols for routing and is supported by Cisco Express Forwarding (CEF) for forwarding. Cisco NSF always runs with SSO and provides redundancy for Layer 3 traffic. NSF works with SSO to minimize the amount of time that a network is unavailable to its users following a switchover. What is Fast Software Upgrade (FSU) of a VSS The FSU of a VSS is similar to the RPR-based standalone chassis. While the standalone chassis upgrade is initiated by reloading the standby supervisor engine, the VSS upgrade is initiated by reloading the standby chassis. During the FSU procedure, a software version mismatch between the active and the standby chassis causes the system to boot in RPR redundancy mode, which is stateless and causes a hard reset of the all modules. As a result, the FSU procedure requires system downtime corresponding to the RPR switchover time. What is Enhanced Fast Software Upgrade (eFSU) of a VSS eFSU is an enhanced software upgrade procedure.eFSU enables an increase in network availability by reducing the downtime caused by software upgrades. During an eFSU, the VSS standby chassis, including the supervisor engine and modules, is upgraded and brought up in a stateful switchover (SSO) mode. The eFSU process then forces a switchover and performs the same upgrade on the other chassis, which becomes the new VSS standby.
  • 9. STP Operation with VSS One of the benefits of VSS-based design is that it allows the STP be active in the entire Layer-2 domain. The VSS simply offers a loop-free topology to STP.  BPDU - The active switch is responsible for generating the BPDU. The source MAC address of every BPDU frame is derived from a line card upon which the STP port (MEC) is terminated. This source MAC address can change dynamically due to a node/line or card/port failure.However, this failure does not cause STP topology recomputation in the network because the network is loop-free and the STP bridge-ID/priority remains the same.  Root Switch - The root of the STP should always be the VSS. Use Root Guard on a link of VSS- facing access-layer switch  Loop Guard - The VSS-enabled with MEC design does not offer a looped topology to STP protocol. As a result, Loop Guard might not be a particularly useful feature in the VSS-enabled network because all ports are forwarding and none are blocking.  Port Fast on Trunks - In the VSS-enabled design, the use of the port-fast capability on trunks is safe because VSS topologies are inherently loop free, thereby eliminating the possibility of temporary loops being created by port-fast feature on a trunk.  PortFast and BPDU Guard - it is critically important to keep the edge port from participating in the STP.  BPDU Filter - The improper use of the BPDU Filter feature can cause loops in the network. Just as in a traditional multilayer design, avoid using BPDU filtering in VSS-enabled network. Instead, use BPDU Guard.
  • 10. VSS Hardware Requirements - Chassis and Modules Table 4-1 describes the hardware requirements for the VSS chassis and modules. VSS Hardware Requirements Count Requirements Chassis 2 The VSS is available on chassis that support VS-S720-10G supervisor engines and WS-X6708-10G switching modules. Note The two chassis need not be identical. Supervisor Engines 2 The VSS requires Supervisor Engine 720 with 10-Gigabit Ethernet ports. You must use either two VS-S720-10G-3C or two VS-S720-10G-3CXL supervisor engine modules. The two supervisor engines must match exactly. Switching Modules 2+ The VSS requires 67xx series switching modules. The VSS does not support classic, CEF256, or dCEF256 switching modules. In virtual switch mode, unsupported switching modules remain powered off. VSL Hardware Requirements The VSL EtherChannel supports only 10-Gigabit Ethernet ports. The 10-Gigabit Ethernet port can be located on the supervisor engine module or on one of the following switching modules: • WS-X6708-10G-3C or WS-X6708-10G-3CXL • WS-X6716-10G-3C or WS-X6716-10G-3CXL • WS-X6716-10T-3C or WS-X6716-10T-3CXL