Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Redundant switch second time

Reply
Thread Tools

Redundant switch second time

 
 
John Strow
Guest
Posts: n/a
 
      03-01-2008
Hi,

I'm having some difficulty to figure out how to achieve full redundancy on
parts of my network. At this moment I have 2 routers 2821 in standby
configuration (HSRP) and 2 PIX firewall in failover configuration with one
switch between them. Client requires duplicate switches as well. Any idea
how to achieve this? Any document out there?

Firewall Failover

| sw1 | <-----------> | sw1a | Internet
^ ^
| |
v v
| fw1 | <---sync----> | fw1a | Firewall Failover
^ ^
| |
v v
| sw2 | <----------> | sw2a | LAN
^ ^
| |
v v
| RT1 | <----------> | RT1a | Router Standby (HSRP)

Much Appreciated


 
Reply With Quote
 
 
 
 
Merv
Guest
Posts: n/a
 
      03-02-2008

add a set of outsider routers and then you could do this

BGP Across a PIX Firewall

http://www.cisco.com/en/US/tech/tk36...8009487d.shtml
 
Reply With Quote
 
 
 
 
Thrill5
Guest
Posts: n/a
 
      03-02-2008
Which parts are you concerned with? From your description and diagram,
everything looks redundant already.

"John Strow" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I'm having some difficulty to figure out how to achieve full redundancy on
> parts of my network. At this moment I have 2 routers 2821 in standby
> configuration (HSRP) and 2 PIX firewall in failover configuration with one
> switch between them. Client requires duplicate switches as well. Any idea
> how to achieve this? Any document out there?
>
> Firewall Failover
>
> | sw1 | <-----------> | sw1a | Internet
> ^ ^
> | |
> v v
> | fw1 | <---sync----> | fw1a | Firewall Failover
> ^ ^
> | |
> v v
> | sw2 | <----------> | sw2a | LAN
> ^ ^
> | |
> v v
> | RT1 | <----------> | RT1a | Router Standby (HSRP)
>
> Much Appreciated
>
>



 
Reply With Quote
 
John Strow
Guest
Posts: n/a
 
      03-02-2008
That should be the goal, but how to achieve it?




"Thrill5" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed). ..
> Which parts are you concerned with? From your description and diagram,
> everything looks redundant already.
>
> "John Strow" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Hi,
>>
>> I'm having some difficulty to figure out how to achieve full redundancy
>> on
>> parts of my network. At this moment I have 2 routers 2821 in standby
>> configuration (HSRP) and 2 PIX firewall in failover configuration with
>> one
>> switch between them. Client requires duplicate switches as well. Any idea
>> how to achieve this? Any document out there?
>>
>> Firewall Failover
>>
>> | sw1 | <-----------> | sw1a | Internet
>> ^ ^
>> | |
>> v v
>> | fw1 | <---sync----> | fw1a | Firewall Failover
>> ^ ^
>> | |
>> v v
>> | sw2 | <----------> | sw2a | LAN
>> ^ ^
>> | |
>> v v
>> | RT1 | <----------> | RT1a | Router Standby (HSRP)
>>
>> Much Appreciated
>>
>>

>
>



 
Reply With Quote
 
Merv
Guest
Posts: n/a
 
      03-03-2008

> That should be the goal, but how to achieve it?


Meaning how to configure the setup ?
 
Reply With Quote
 
John Strow
Guest
Posts: n/a
 
      03-04-2008
Yes that's right

"Merv" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
>> That should be the goal, but how to achieve it?

>
> Meaning how to configure the setup ?



 
Reply With Quote
 
Merv
Guest
Posts: n/a
 
      03-04-2008
1. HSRP facing inside LAN

2. OSPF between routers and PIX inside interface

3. PIX default route pointing to ISP

 
Reply With Quote
 
Merv
Guest
Posts: n/a
 
      03-04-2008
On Mar 4, 4:35 am, Merv <(E-Mail Removed)> wrote:
> 1. HSRP facing inside LAN
>
> 2. OSPF between routers and PIX inside interface
>
> 3. PIX default route pointing to ISP


4. PIX advertise default router to inside routers vis OSPF
 
Reply With Quote
 
Vincent C Jones
Guest
Posts: n/a
 
      03-04-2008
Merv wrote:

> On Mar 4, 4:35 am, Merv <(E-Mail Removed)> wrote:
>> 1. HSRP facing inside LAN
>>
>> 2. OSPF between routers and PIX inside interface
>>
>> 3. PIX default route pointing to ISP

>
> 4. PIX advertise default router to inside routers vis OSPF


This will work until the link to one of your ISPs goes down and the does not
take the Ethernet I/F of PIX down with it. Then you have half your packets
being shipped out into oblivion.

If you really want to do this with no single point of failure, you also need
a mechanism to detect that one of your ISPs is down. You'll also need a
total of six switches, four routers and two firewalls, although you may
choose to combine some of those functional blocks into multipurpose
appliances, as long as your combos are vertical and not horizontal.

good luck and have fun!
--
Vincent C Jones, Consultant Expert advice and a helping hand
Networking Unlimited, Inc. for those who want to manage and
Tenafly, NJ Phone: 201 568-7810 control their networking destiny
http://www.networkingunlimited.com
 
Reply With Quote
 
Merv
Guest
Posts: n/a
 
      03-05-2008
see Cisco Doc "Data Center Networking: Internet Edge Design
Architectures"


http://cco.cisco.com/en/US/solutions...008014ee4e.pdf


take a look at page 3-41 of that document


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Redundant switch another try John Strow Cisco 1 03-07-2008 02:24 PM
Cisco C2948G catalyst switch - second time John Strow Cisco 2 04-19-2007 03:21 AM
Does the Cisco 2926 switch have redundant power? slax Cisco 1 01-20-2005 08:09 PM
redundant switches / redundant server NICs Stuart Kendrick Cisco 4 08-10-2004 08:54 PM
redundant switch uplinks on a 7206? Bill F Cisco 11 02-14-2004 10:43 AM



Advertisments