SVI'S/HSRP/VLAN Design question

subspace3subspace3 Registered Users Posts: 3 ■□□□□□□□□□


Hi all, I'm currently studying CCNA, and have some questions about some CCNP concepts, hopefully you guys can help shed some light.
I'm writing about the design above and need some clarification on SVI's and HSRP. Currently all I've learn about is the router on a stick method and subinterfaces for inter VLAN routing. With the design above, there are 3 user departments which I've decided to use separate VLAN's on each of the access switches and hence separate subnets as I was thinking if the same 3 subnets for the departments where spread across all the access switches, this would cause problems with inter VLAN routing, have I got this right?

Secondly, I've decided on the left distro switch (multilayer switch) to be the stp root for vlans 1-6 and the right distro as the root for vlans 7-12, which each of the others as secondary root for redundancy.
Assuming this is all ok, and that the links to the distro will be trunk links, can 3 SVI's be assigned to one port on the left distro switch and also the right distro switch for the access switch connecting to it? Obviously these would match the VLAN ID's and subnets present on each of the access switches and hence be the default gateway for each of these VLANS?

e.g DISTRO 1 VLAN 1 ip address 192.168.1.1
DISTRO 2 VLAN 1 ip address 192.168.1.1

I'm also assuming this would work for any number of access switches to the distro as long as all the SVI's have unique VLAN ID's?

Concerning HSRP, I want to provide backup for connections to the WAN. I've read that the hosts most have the default gateway IP of the virtual IP used in HSRP. How would this work? Would I just Assign the default gateway ip for the distribution switches as this virtual HSRP IP instead?

Would the connections from the distro switches to the routers above be L3 routed ports, and I'd have to run EIGRP on the distro switches so that the ALL the VLAN subnets for the access switches are in the routing table and therefore paths into the network possible from the wan?

A lot of questions I know, If some one can explain this to me in a way I can understand ill appreciate it soo much ill even send the best explanation £5 via paypal!

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Why not just have the 'sales' VLAN be the same VLAN and span all access switches?

    You can't apply the same IP to each distro switch unless you use HSRP (or VRRP, GBLP). What happens when a host arps and they both start responding?

    You don't really need HSRP for the WAN connectivity. You can just have primary and secondary routes. HSRP would be better served on your distro switches providing redundant gateways for the hosts. That is what it is designed for.

    Yes, L3 links to the routers would be good. You can do L2 trunks there too but no reason to really.

    What I would do in this scenario is have the left side router and distro switch as the primary for everything and the left side as the backup. Make the left side root and active for HSRP and the other side backup/scondary.
    An expert is a man who has made all the mistakes which can be made.
  • subspace3subspace3 Registered Users Posts: 3 ■□□□□□□□□□
    Thanks for the reply.I'm probably wrong but I thought having the same VLAN span multiple switches was not best practice. If say a host on the sales VLAN, wants to communicate with another host on the same VLAN but connected to a different switch, wouldn't that result in excessive arp broadcast packets sent to all switches connected to the distro switch?

    Also if the sales vlan wanted to contact the admin vlan, with the same subnet for each VLAN (subnet 1 sales, subnet 2 admin) spanning all the access switches, wouldnt that result in the distro switches unable to forward the packets on as they'd have multiple ports matching the same network address to reach the admin VLAN?

    In regards to the having two ip's the same on separate SVI's on the two distro switches, wouldn't STP solve this? Since the arp will be sent to its root switch? Although I'm guessing it would broadcast the arp out all other ports also so the 2nd distro switch would get the arp and reply also?

    It was my tutor who suggested using HSRP for the wan connection, having two connections to the wan with only one being used, then if the first router fails, the backup kicks in. Yeah I've read HSRP is used for the hosts default gateways so was confused when the tutor said this!

    I only know the very basics of HSRP, I'm thinking ill have to read up on it to understand how to do this as running it and STP confuses me.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Having VLANs span multiple switches is a common practice. Is it best practice? Depends on your needs. I wouldn't suggest to span multiple switch blocks unless necessary. In a network as small as you have set up here it would not cause any performance issue.

    Are you not going to put a L2 trunk between the distro switches to have redundancy for your host gateways? You should, and if you do this you can't have the same IP assigned ot both. STP can't help you there.

    HSRP would technically work there, but you would then need L2 trunks to the switches so the routers can communicate state at L2. It's just not needed at that point as routing can handle that for you. Hosts do not participate in routing which is why they need a redundant gateway that can take over the same gateway IP in the event of a failure.
    An expert is a man who has made all the mistakes which can be made.
  • subspace3subspace3 Registered Users Posts: 3 ■□□□□□□□□□
    So if it were a larger network design, my idea would be ok as it improves performance? Is this how it is implemented in larger networks?

    Yeah I'm guessing ill have to use a l2 trunk between the distro switches. Would my way work if I used a different ip address but on the same subnet for the SVI on the other switch? Although this would present a problem having two default gateway addresses, so yes your right HSRP is the way to go here.
  • proctorgambleproctorgamble Registered Users Posts: 2 ■□□□□□□□□□
    Hi guys,

    I was wondering a lot about HSRP since I am studying now for CCNP Switch. One point that crossed my mind is the router-on-stick and HSRP. Since we know that we assign in each subinterface a separate address for each VLAN how can we configure HSRP between two routers then?

    In each lab with HSRP, there is only 1 VLAN so there is no problem to configure HSRP. I saw that You mentioned that HSRP was designed for L3 switches and there is no point to configure them between routers. If I did correctly understand, than this is the answer to my question.

    Also, how router-on-stick works with VRRP?

    THANKS
  • networker050184networker050184 Mod Posts: 11,962 Mod
    subspace3 wrote: »
    So if it were a larger network design, my idea would be ok as it improves performance? Is this how it is implemented in larger networks?

    Yeah I'm guessing ill have to use a l2 trunk between the distro switches. Would my way work if I used a different ip address but on the same subnet for the SVI on the other switch? Although this would present a problem having two default gateway addresses, so yes your right HSRP is the way to go here.

    You need to design the network for the applications that will be flowing over it. It's best practice to keep broadcast domains as small as possible, but without knowing the needs of the traffic that will be on the network you can't really make sound design descisions.
    An expert is a man who has made all the mistakes which can be made.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Hi guys,

    I was wondering a lot about HSRP since I am studying now for CCNP Switch. One point that crossed my mind is the router-on-stick and HSRP. Since we know that we assign in each subinterface a separate address for each VLAN how can we configure HSRP between two routers then?

    In each lab with HSRP, there is only 1 VLAN so there is no problem to configure HSRP. I saw that You mentioned that HSRP was designed for L3 switches and there is no point to configure them between routers. If I did correctly understand, than this is the answer to my question.

    Also, how router-on-stick works with VRRP?

    THANKS


    HSRP is for gateway redundancy due to the fact that hosts can not dynamically change their default gateway so you need a way to assign that gateway to more than one device. Routers can dynamically route so on a router to router connection this isn't needed.

    You can do HSRP between two routers running router on a stick, but just remember they need L2 connectivity to maintain state.
    An expert is a man who has made all the mistakes which can be made.
  • proctorgambleproctorgamble Registered Users Posts: 2 ■□□□□□□□□□
    THNX,
    although, I am little bit confused with Your statement,

    Routers can dynamically route so on a router to router connection this isn't needed.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    If you have a connection like the OP's above there is no need for HSRP between the distro switches and WAN routers. The routers can dynamically pick a new path unlike a host that has a statically configured gateway IP.
    An expert is a man who has made all the mistakes which can be made.
Sign In or Register to comment.