Options
Vss
jason_lunde
Member Posts: 567
in CCNP
So I had posted a while back about Cisco's 6509 Virtual Switching System. My coworker and I managed to get a couple 6509's with sup's (VS720-10GE), and some line cards, as well as some 3750's, and 3560's in the lab. We ended up created a scaled-down exact replica of our environment (which is currently the core 6500's running HSRP with pretty much all the SVI's sitting on them). We successfully migrated our test env. to VSS around 8 times in total...and hopefully tested everything that had to do with it. We were...well very impressed with the technology. Heres what we did to minimize downtime, and the steps we took. All-in-all, downtime was minimal if not non-existent. We did have a couple packets lost during some of the HSRP failovers however..
1)upgraded the ios on core-2, rebooted (other took over HSRP active roles)
2)upgraded the ios on core-1 rebooted (other took over HSRP active roles)
3)Performed VSS configs on cores 1 & 2, set up VSL port-channel between the two
4)Rebooted core-1 into VSS mode (core-2 took over HSRP roles)
5)Core 1 came back up (took back over HSRP roles)...verified
6)Rebooted core-2 into VSS mode (core-1 took over HSRP roles)
Once this step was complete the switches were in a VSS configuration
7)Wrote a script to strip HSRP configs and reassign virtual IP's as the primary IPs on those interfaces
8 )Set up a p2p dual-active (fast-hello) recovery link beteen the two WS6708 line cards on the cores (we later found out what happens if this is not configured and the VSL link is broken....both cores go into "active" mode...the multi-chassis etherchannels go CRAZY, and the entire network (cores & dists) go into err-disabled state for port-channel misconfigs! If it is configured one core goes active and the other goes into recovery-mode and shuts down all its interfaces).
9)Configure multi-chassis etherchannels between the cores and distribution switches. This was the part where we actually saw a few "bumps" as interfaces were placed into new port channels.
So the joy of the lab was that we could simply kill the active switch and test how it interrupted the network. Amazingly...throughput from end-to-end was not even interrupted. Core-2 (hot-standy) would fail over using SSO and NSF as if they were redundant sups in the same chassis! It was truly amazing...and I just thought I would post a tidbit here. I am planning on sticking a config doc out on my blog in the future once I have it finished though.
1 question for you all though. Do you all have a preferred etherchannel load-balancing algorithm that you use? Our production is currently on source-mac...but I am think of changing it to src-dst-ip. Any thoughts?
VSS sources:
Should Have Gone With Cisco Blog Archive Cisco Virtual Switching Systems (VSS)
Catalyst 6500 Release 12.2SXH and Later Software Configuration Guide - Configuring Virtual Switching Systems [Cisco Catalyst 6500 Series Switches] - Cisco Systems
The Case for Migrating CMU's Distribution Layer to VSS
1)upgraded the ios on core-2, rebooted (other took over HSRP active roles)
2)upgraded the ios on core-1 rebooted (other took over HSRP active roles)
3)Performed VSS configs on cores 1 & 2, set up VSL port-channel between the two
4)Rebooted core-1 into VSS mode (core-2 took over HSRP roles)
5)Core 1 came back up (took back over HSRP roles)...verified
6)Rebooted core-2 into VSS mode (core-1 took over HSRP roles)
Once this step was complete the switches were in a VSS configuration
7)Wrote a script to strip HSRP configs and reassign virtual IP's as the primary IPs on those interfaces
8 )Set up a p2p dual-active (fast-hello) recovery link beteen the two WS6708 line cards on the cores (we later found out what happens if this is not configured and the VSL link is broken....both cores go into "active" mode...the multi-chassis etherchannels go CRAZY, and the entire network (cores & dists) go into err-disabled state for port-channel misconfigs! If it is configured one core goes active and the other goes into recovery-mode and shuts down all its interfaces).
9)Configure multi-chassis etherchannels between the cores and distribution switches. This was the part where we actually saw a few "bumps" as interfaces were placed into new port channels.
So the joy of the lab was that we could simply kill the active switch and test how it interrupted the network. Amazingly...throughput from end-to-end was not even interrupted. Core-2 (hot-standy) would fail over using SSO and NSF as if they were redundant sups in the same chassis! It was truly amazing...and I just thought I would post a tidbit here. I am planning on sticking a config doc out on my blog in the future once I have it finished though.
1 question for you all though. Do you all have a preferred etherchannel load-balancing algorithm that you use? Our production is currently on source-mac...but I am think of changing it to src-dst-ip. Any thoughts?
VSS sources:
Should Have Gone With Cisco Blog Archive Cisco Virtual Switching Systems (VSS)
Catalyst 6500 Release 12.2SXH and Later Software Configuration Guide - Configuring Virtual Switching Systems [Cisco Catalyst 6500 Series Switches] - Cisco Systems
The Case for Migrating CMU's Distribution Layer to VSS